HAProxy 2.2.15 was released on 2021/07/16. It added 90 new commits
after version 2.2.14.

This release is very similar to the 2.3.11/2.3.12. To sum up, most
noticeable bugs fixed in this release are:

  * A possible deadlock if "set maxconn server" command was used when there
    was a pending connection ready to be dequeued.

  * A possible infinite loop in process_stream() when a connection error was
    reported while the stream was waiting for a retry.

  * A possible race between free() and pool_alloc() in the pools lockless

  * A bug in the HTX defragmentation leading to crash. The bug might be
    encountered in the HTTP compression filter or in HTTP header

  * An old bug preventing the dequeuing for servers with a very low maxconn
    because the load balancing was not skipped when a new connection was
    picked from the proxy's or server's queue.

  * A bug in the sock part leading to high CPU usage because some early
    connection failures might be missed.

  * A thread-safety issue with the SHCTX code when compiled with
    USE_PRIVATE_CACHE mode. It was not using any locks.

  * Most of resolvers performance issues and several other bugs in this area.

  * An issue with the abortonclose option. It was not working since a while.

  * A bug in the HTTP compression leading to truncated or corrupted

  * A bug with synchronous connect in tcpcheck when several connections come
    one after the other.

  * "url_ip"/"url_port" sample fetches not properly handling url parsing

In addition, the http-ignore-probes is now respected for H2
connections. When this option is set, no errors are reported anymore when
connections are aborted during preface. And the FCGI multiplexer was
slightly improved to send a relative path instead of a normalized URI to an
application and to expose SERVER_SOFTWARE parameter by default. Finally, as
a consequence of the bug fixed in the pools, the code was simplified. The
lockless implementation is used everywhere, resulting in the removal of the
very old locked implementation that was kept for non-capable
architectures. As a result, threads will now be faster on less common
architectures (e.g. i686, MIPS, PPC64, ...). The rest is less visible but
contains, as usual, cleanups, small fixes here and there, improvements...

It is strongly advised to update to this version. Thanks everyone for your
help and your contributions!

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Wiki             : https://github.com/haproxy/wiki/wiki
   Sources          : http://www.haproxy.org/download/2.2/src/
   Git repository   : http://git.haproxy.org/git/haproxy-2.2.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-2.2.git
   Changelog        : http://www.haproxy.org/download/2.2/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Alex (1):
      DOC: use the req.ssl_sni in examples

Alexandar Lazic (1):
      DOC/MINOR: move uuid in the configuration to the right alphabetical order

Amaury Denoyelle (5):
      BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port
      BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
      BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
      BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
      REGTESTS: fix maxconn update with agent-check

Christopher Faulet (35):
      BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers
      BUG/MINOR: stream: Decrement server current session counter on L7 retry
      BUG/MINOR: stream: Reset stream final state and si error type on L7 retry
      BUG/MINOR: checks: Handle synchronous connect when a tcpcheck is started
      BUG/MINOR: checks: Reschedule check on observe mode only if fastinter is 
      MINOR: channel: Rely on HTX version if appropriate in channel_may_recv()
      BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may 
      MINOR: conn-stream: Force mux to wait for read events if abortonclose is 
      MEDIUM: mux-h1: Don't block reads when waiting for the other side
      BUG/MEDIUM: mux-h1: Properly report client close if abortonclose option 
is set
      REGTESTS: Add script to test abortonclose option
      BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
      BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response
      BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A 
      BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry
      BUG/MEDIUM: compression: Add a flag to know the filter is still 
processing data
      BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded
      BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default
      DOC: lua: Add a warning about buffers modification in HTTP
      MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
      DOC: config: Add missing actions in "tcp-request session" documentation
      BUG/MINOR: tcpcheck: Fix numbering of implicit HTTP send/expect rules
      BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
      BUG/MINOR: server/cli: Fix locking in function processing "set server" 
      BUG/MINOR: resolvers: Always attach server on matching record on 
      BUG/MINOR: resolvers: Reset server IP when no ip is found in the response
      MINOR: resolvers: Reset server IP on error in 
      BUG/MEDIUM: resolvers: Make 1st server of a template take part to SRV 
      Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" 
      BUG/MINOR: server-state: load SRV resolution only if params match the 
      BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is 
      MINOR: resolvers: Clean server in a dedicated function when removing a 
SRV item
      MINOR: resolvers: Remove server from named_servers tree when removing a 
SRV item
      BUG/MEDIUM: resolvers: Add a task on servers to check SRV resolution 
      BUG/MINOR: resolvers: Use resolver's lock in resolv_srvrq_expire_task()

Daniel Black (1):
      DOC: config: use CREATE USER for mysql-check

Dirkjan Bussink (1):
      BUG/MINOR: checks: return correct error code for srv_parse_agent_check

Emeric Brun (9):
      BUG/MEDIUM: dns: reset file descriptor if send returns an error
      BUG/MEDIUM: dns: send messages on closed/reused fd if fd was detected 
      BUG/MINOR: resolvers: answser item list was randomly purged or errors
      MEDIUM: resolvers: add a ref on server to the used A/AAAA answer item
      MEDIUM: resolvers: add a ref between servers and srv request or used SRV 
      BUG/MAJOR: resolvers: segfault using server template without SRV RECORDs
      BUG/MINOR: stick-table: fix several printf sign errors dumping tables
      DOC: stick-table: add missing documentation about gpt0 stored type
      BUG/MINOR: peers: fix data_type bit computation more than 32 data_types

Remi Tricot-Le Breton (15):
      BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
      BUG/MINOR: server: Missing calloc return value check in srv_parse_source
      BUG/MINOR: peers: Missing calloc return value check in 
      BUG/MINOR: ssl: Missing calloc return value check in 
      BUG/MINOR: http: Missing calloc return value check in 
      BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare
      BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy
      BUG/MINOR: http: Missing calloc return value check while parsing 
      BUG/MINOR: http: Missing calloc return value check while parsing 
tcp-request rule
      BUG/MINOR: compression: Missing calloc return value check in 
      BUG/MINOR: worker: Missing calloc return value check in 
      BUG/MINOR: http: Missing calloc return value check while parsing redirect 
      BUG/MINOR: http: Missing calloc return value check in make_arg_list
      BUG/MINOR: proxy: Missing calloc return value check in 
      BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the 

Thierry Fournier (1):
      MINOR: hlua: Add error message relative to the Channel manipulation and 
HTTP mode

William Lallemand (1):
      BUG/MINOR: ssl/cli: fix a lock leak when no memory available

Willy Tarreau (20):
      REGTESTS: add minimal CLI "add map" tests
      BUG/MEDIUM: cli: prevent memory leak on write errors
      MINOR: pools/debug: slightly relax DEBUG_DONT_SHARE_POOLS
      BUG/MINOR: stream: properly clear the previous error mask on L7 retries
      BUG/MINOR: lua/vars: prevent get_var() from allocating a new name
      BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
      BUG/MINOR: ssl: use atomic ops to update global shctx stats
      BUG/MINOR: mworker: fix typo in chroot error message
      BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue
      MINOR: mux-h2: obey http-ignore-probes during the preface
      BUG/MEDIUM: sock: make sure to never miss early connection failures
      BUG/MINOR: cli: fix server name output in "show fd"
      DOC: peers: fix the protocol tag name in the doc
      BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush()
      MINOR: pools: do not maintain the lock during pool_flush()
      MEDIUM: pools: use a single pool_gc() function for locked and lockless
      BUG/MAJOR: pools: fix possible race with free() in the lockless variant
      CLEANUP: pools: remove now unused seq and pool_free_list
      BUG/MAJOR: pools: fix incomplete backport of lockless pool fix
      BUG/MAJOR: pools: second fix for incomplete backport of lockless pool fix

Christopher Faulet

Reply via email to