Hi, HAProxy 2.4-dev12 was released on 2021/03/13. It added 73 new commits after version 2.4-dev11.
This week's activity was no doubt dominated by the long series of DNS fixes which also mechanically postponed 2.3.7. It just happens that when Baptiste and Christopher started to look there together, they found bugs hooked to the long string they were pulling and whose end they couldn't see. The good news is that 19 patches later, all identified issues are fixed, and there are well-identified plans to make all this more solid by design for the mid-term (mostly post-2.4 but we'll then see if certain low-risk changes deserve being backported). Thus just like I said last week, "2.3.7 should be done early next week". Other possible bugs were addressed by William, where listeners are not necessarily present when the client is an applet (peers, spoe, Lua) and where we need to be extra careful when updating counters. It was too hard to say whether those could be triggered but apparently there was at least one way consisting in adding TCP rules to an SPOE backend if I understood right, so technically this proves the code path did exist. Minor config-time issues were addressed on the state file and the checks (these ones will be backported). The cleanups continued, this time with some variable arrays, more use of "ist" instead of (ptr,len) couples, "stats" vs "cli" and "sess" vs "strm" renaming, adding a few "const" for the default proxy in the keyword parser functions, tasklet handlers being more in line with task handlers. Some small usability improvements that I already wanted in 2.0 finally landed in 2.4: now for most config directives, tcp/http actions, server and bind keywords, when a keyword doesn't match, instead of yelling "unknown keyword" optionally followed by the huge list of all those supported, we'll try to suggest a similar-looking one. This is quite important for the global section and its collection of tunables that noone knows how to spell, and for the occasional doubts between underscores and dashes in names. It was not done for options yet (probably forgotten) nor for converters/samples, but for these ones I'd rather avoid, or the risk of seeing users use the wrong function instead of reading the doc is high. Finally, the CLI got a similar approach, and instead of listing the 50+ actions on every error, it will only list those which start by the exact same words that exist, followed by some fuzzy matching on the last ones. For the next one, I'd like to get back to defining more convenient integer types like "uint" or "ulong" as we discussed a while ago, switch some init functions to initcalls, make some progress on the ".if"/".endif" (only Ilya and Tim responded, but that's fine), and also to count the number of pending SSL handshakes per listener to help progressively throttling at the input when it's already visible that the CPU cannot cope with handshakes. With the rain an wind here it's even possible that I start on this soon :-) Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Wiki : https://github.com/haproxy/wiki/wiki Sources : http://www.haproxy.org/download/2.4/src/ Git repository : http://git.haproxy.org/git/haproxy.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy.git Changelog : http://www.haproxy.org/download/2.4/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Baptiste Assmann (1): MINOR: resolvers: new function find_srvrq_answer_record() Bertrand Jacquin (1): MINOR: build: force CC to set a return code when probing options Christopher Faulet (22): BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached BUG/MINOR: tcpcheck: Update .health threshold of agent inside an agent-check BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters BUG/MINOR: tcpcheck: Fix double free on error path when parsing tcp/http-check Revert "BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record" BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error BUG/MINOR: resolvers: Reset server address on DNS error only on status change BUG/MINOR: resolvers: Unlink DNS resolution to set RMAINT on SRV resolution BUG/MEDIUM: resolvers: Don't set an address-less server as UP BUG/MEDIUM: resolvers: Fix the loop looking for an existing ADD item BUG/MINOR; resolvers: Ignore DNS resolution for expired SRV item BUG/MEDIUM: resolvers: Trigger a DNS resolution if an ADD item is obsolete MINOR: resolvers: Use a function to remove answers attached to a resolution MINOR: resolvers: Purge answer items when a SRV resolution triggers an error MINOR: resolvers: Add function to change the srv status based on SRV resolution MINOR: resolvers: Directly call srvrq_update_srv_state() when possible BUG/MEDIUM: resolvers: Don't release resolution from a requester callbacks BUG/MEDIUM: resolvers: Skip DNS resolution at startup if SRV resolution is set MINOR: resolvers: Use milliseconds for cached items in resolver responses MINOR: resolvers: Don't try to match immediatly renewed ADD items CLEANUP: resolvers: Use ha_free() in srvrq_resolution_error_cb() CLEANUP: resolvers: Perform unsafe loop on requester list when possible Daniel Corbett (1): BUG/MINOR: sample: Rename SenderComID/TargetComID to SenderCompID/TargetCompID Emeric Brun (2): BUG/MEDIUM: resolvers: handle huge responses over tcp servers. BUG/MEDIUM: stick-tables: fix ref counter in table entry using multiple http tracksc. Frédéric Lécaille (1): BUG/MINOR: connection: Missing QUIC initialization Ilya Shipitsin (1): CLEANUP: assorted typo fixes in the code and comments Tim Duesterhus (5): CLEANUP: connection: Use `VAR_ARRAY` in `struct tlv` definition CLEANUP: connection: Remove useless test for NULL before calling `pool_free()` CLEANUP: connection: Use istptr / istlen for proxy_unique_id MINOR: connection: Use a `struct ist` to store proxy_authority CLEANUP: connection: Consistently use `struct ist` to process all TLV types William Lallemand (1): BUG/MEDIUM: session: NULL dereference possible when accessing the listener Willy Tarreau (38): BUILD: task: fix build at -O0 with threads disabled BUILD: bug: refine HA_LINK_ERROR() to only be used on gcc and derivatives CLEANUP: config: make the cfg_keyword parsers take a const for the defproxy BUILD: connection: do not use VAR_ARRAY in struct tlv CLEANUP: stream: rename a few remaining occurrences of "stream *sess" CLEANUP: config: also address the cfg_keyword API change in the compression code BUG/MEDIUM: ssl: properly remove the TASK_HEAVY flag at end of handshake MINOR: task: give the scheduler a bit more flexibility in the runqueue size OPTIM: task: automatically adjust the default runqueue-depth to the threads BUILD: atomic/arm64: force the register pairs to use in __ha_cas_dw() BUG/MINOR: server-state: properly handle the case where the base is not set BUG/MINOR: server-state: use the argument, not the global state CLEANUP: tcp-rules: add missing actions in the tcp-request error message CLEANUP: vars: make the error message clearer on missing arguments for set-var CLEANUP: http-rules: remove the unexpected comma before the list of action keywords CLEANUP: actions: the keyword must always be const from the rule MINOR: tools: add simple word fingerprinting to find similar-looking words MINOR: cfgparse: add cfg_find_best_match() to suggest an existing word MINOR: cfgparse: suggest correct spelling for unknown words in proxy sections MINOR: cfgparse: suggest correct spelling for unknown words in global section MINOR: cfgparse/server: try to fix spelling mistakes on server lines MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords MINOR: actions: add a function to suggest an action ressembling a given word MINOR: http-rules: suggest approaching action names on mismatch MINOR: tcp-rules: suggest approaching action names on mismatch BUG/MINOR: cfgparse/server: increment the extra keyword counter one at a time BUG/MINOR: cli: make sure "help", "prompt", "quit" are enabled at master level CLEANUP: cli: fix misleading comment and better indent the access level flags MINOR: cli: set the ACCESS_MASTER* bits on the master bind_conf MINOR: cli: test the appctx level for master access instead of comparing pointers MINOR: cli: print the error message in the parser function itself MINOR: cli: filter the list of commands to the matching part MEDIUM: cli: apply spelling fixes for known commands before listing them MINOR: tools: add the ability to update a word fingerprint MINOR: cli: apply the fuzzy matching on the whole command instead of words CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS CLEANUP: cli: rename the last few "stats_" to "cli_" CLEANUP: task: make sure tasklet handlers always indicate their statuses ---