Hi, HAProxy 2.5-dev7 was released on 2021/09/12. It added 39 new commits after version 2.5-dev6.
This version is essentially released to flush the pipe of pending fixes for 2.5-dev. It contains the fix for CVE-2021-40346, plus a few other ones related to option abortonclose. The infamous global names array for the variables was finally eliminated (which led me to break OpenTracing but Miroslav fixed it by temporarily disabling the support for variables there). Now the "ifexist" restrictions in Lua or SPOE only apply to the "proc" scope, so that all ephemeral variables are not affected by this restriction and are easiler to deal with. Variables under the scope "proc" that are declared in the config are marked "permanent" so that they continue to work like before and do not need to be explicitly created first. This leads me to think that the "ifexist" argument of the Lua's set_var() could possibly be turned on by default so that existing code using variables is made safe by default without having to be modified, but could accept an explicit zero in the argument to enforce creation of random names under the "proc" scope. But I could be wrong, I think that those using them know better than me. Thanks to these cleanups and a few other ones that allowed not to take the variables lock when not needed, the cost of variables manipulation has significantly dropped to the point that the request rate on a 16-thread machine using 12 variables almost doubled. A new "grace" global keyword was added to replace the per-proxy one that was removed in 2.5. Some users needed something to maintain the process alive for a few extra seconds after signal delivery, for the very same reason that drove this keyword to be added a long time ago (i.e. no reload, process is always totally stopped but watched by an external agent). It's a good compromise in my opinion and even does the job better than before without the previous trouble of half-closed listeners. And the rest are mostly cleanups. As a reminder, if you have sensitive changes pending please post them before the 15th so that we can get all the tricky stuff reviewed and merged before the 30th. I'm aware that some developers will possibly be busy preparing their talk for the conference that comes in two months, so I expect a bit less bandwidth for reviews and fixes in the upcoming weeks. By the way, by "sensitive changes", I mean anything that may significantly affect build or stability of non-experimental stuff, as well as a change of configuration. The variables stuff I just merged qualifies, for example. I'll try to get some minimalistic thread-group support by then, but with absolutely no guarantees given all the stuff that remains to be done. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Wiki : https://github.com/haproxy/wiki/wiki Sources : http://www.haproxy.org/download/2.5/src/ Git repository : http://git.haproxy.org/git/haproxy.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy.git Changelog : http://www.haproxy.org/download/2.5/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Christopher Faulet (7): Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive" BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload MINOR: htx: Skip headers with no value when adding a header list to a message CLEANUP: mux-h1: Remove condition rejecting upgrade requests with payload BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached BUG/MEDIUM: http-ana: Reset channels analysers when returning an error BUG/MINOR: filters: Set right FLT_END analyser depending on channel Miroslav Zagorac (5): BUILD: opentracing: exclude the use of haproxy variables for the OpenTracing context BUG/MINOR: opentracing: enable the use of http headers without a set value CLEANUP: opentracing: use the haproxy function to generate uuid MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn' CLEANUP: opentracing: simplify the condition on the empty header Tim Duesterhus (3): CLEANUP: Add haproxy/xxhash.h to avoid modifying import/xxhash.h CLEANUP: Move XXH3 macro from haproxy/compat.h to haproxy/xxhash.h BUG/MEDIUM lua: Add missing call to RESET_SAFE_LJMP in hlua_filter_new() Tim Düsterhus (1): CLEANUP: ebmbtree: Replace always-taken elseif by else Willy Tarreau (22): BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB CLEANUP: htx: remove comments about "must be < 256 MB" BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer MINOR: proxy: add a global "grace" directive to postpone soft-stop MINOR: vars: rename vars_init() to vars_init_head() CLEANUP: vars: rename sample_clear_stream() to var_unset() REORG: vars: remerge sample_store{,_stream}() into var_set() MEDIUM: vars: make the ifexist variant of set-var only apply to the proc scope MINOR: vars: add a VF_CREATEONLY flag for creation MINOR: vars: support storing empty sample data with a variable MINOR: vars: store flags into variables and add VF_PERMANENT MEDIUM: vars: make var_clear() only reset VF_PERMANENT variables MEDIUM: vars: pre-create parsed SCOPE_PROC variables as permanent ones MINOR: vars: preset a random seed to hash variables names MEDIUM: vars: replace the global name index with a hash CLEANUP: vars: remove the now unused var_names array MINOR: vars: centralize the lock/unlock into static inlines OPTIM: vars: only takes the variables lock on shared entries OPTIM: vars: remove internal bookkeeping for vars_global_size OPTIM: vars: do not keep variables usage stats if no limit is set CI: Github Actions: temporarily disable Opentracing CI: Github Actions: re-enable Opentracing [email protected] (1): BUILD: fix dragonfly build again on __read_mostly ---
