HAProxy 2.7-dev6 was released on 2022/09/17. It added 108 new commits
after version 2.7-dev5.

This cycle was mostly focused on debugging improvements to help developers
extract information from bug reports:
  - the "show sess all" output will now dump the mux states;
  - task profiling will now report call statistics per calling place
  - the "flags" utility can now decode 8 new fields among which HTX
    states and different mux flags
  - more QUIC traces

In addition to this, a new anonymizing mechanism was added to help bug
reporters share outputs and configs. When anonymized mode is enabled on
the CLI, some commands such as "show sess", "show servers" etc will have
a number of fields replaced with a small hash (24 bits). This includes
identifiers (e.g. proxy/server names), IP addresses and host names. These
are the fields that most users waste time redacting in these outputs when
asked for extra info. For the config file, a new "-dC" command-line option
dumps the config file after tokenizing. With a key in argument it also
hashes arguments of a number of commands in a way that allows to easily
match them against the dumps, and will drop arguments past the 3rd one,
since it looks like most of the time we need options and basic definitions.
All of this is still in its early stage and is expected to evolve. For
example I'd like "server" and "bind" lines to appear complete, only
without addresses and names. We'll see along forthcoming reports how
well this works and what needs to be improved but the hope is that it
will already lower the effort on the reporter's side and reduce the
number of round-trips required to figure a problem's cause.

Aside debugging, the HTTP client was improved to support creating specific
proxies when non-standard options are needed.

Another great news is that support was added for the very latest LibreSSL
(still in development), which joined the large band of alternate stacks
who adopted the de-facto standard QUIC interface that OpenSSL remains the
only one to refuse to integrate. The good news here is that till now only
QuicTLS was usable for us, but that's a voluntary effort and nobody knows
how long its maintainers will be willing to maintain it, and it's still
not packaged in distros. LibreSSL is maintained, mostly compatible with
OpenSSL and was/is shipped with certain OS and distros. So until OpenSSL
changes their mind and finally accepts to listen to their users, this
could constitute an acceptable mid-term solution to enable QUIC with some
maintained library. We'll see how all this evolves.

And as usual, a bunch of bugs were fixed (but not that many this time).

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/2.7/src/
   Git repository   : https://git.haproxy.org/git/haproxy.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy.git
   Changelog        : https://www.haproxy.org/download/2.7/src/CHANGELOG
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages

Complete changelog :
Amaury Denoyelle (4):
      BUG/MEDIUM: mux-quic: fix crash on early app-ops release
      CLEANUP: mux-quic: remove stconn usage in h3/hq
      BUG/MINOR: mux-quic: do not remotely close stream too early
      CLEANUP: exclude udp-perturb with .gitignore

Aurelien DARRAGON (7):
      BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
      MINOR: listener: small API change
      MINOR: proxy/listener: support for additional PAUSED state
      BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
      CLEANUP: listener: function comment typo in stop_listener()
      BUG/MINOR: listener: null pointer dereference suspected by coverity
      BUG/MEDIUM: server: segv when adding server with hostname from CLI

Brad Smith (2):
      MINOR: Revert part of clarifying samples support per os commit
      BUILD: makefile: enable crypt(3) for NetBSD

Christopher Faulet (6):
      MINOR: http-check: Remove support for headers/body in "option httpchk" 
      BUG/MINOR: h1: Support headers case adjustment for TCP proxies
      BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is 
      REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
      REORG: mux-h1: extract flags and enums into mux_h1-t.h
      MINOR: flags/mux-h1: decode H1C and H1S flags

Emeric Brun (1):
      BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.

Erwan Le Goas (6):
      MINOR: anon: add new macros and functions to anonymize contents
      MINOR: anon: store the anonymizing key in the global structure
      MINOR: anon: store the anonymizing key in the CLI's appctx
      MINOR: cli: anonymize commands 'show sess' and 'show sess all'
      MINOR: cli: anonymize 'show servers state' and 'show servers conn'
      MINOR: config: add command-line -dC to dump the configuration file

Frédéric Lécaille (14):
      BUG/MINOR: quic: Retransmitted frames marked as acknowledged
      BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines
      BUG/MINOR: quic: Possible crash when verifying certificates
      MINOR: quic: Add traces about sent or resent TX frames
      MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid()
      BUG/MINOR: quic: Wrong connection ID to thread ID association
      BUG/MINOR: quic: Speed up the handshake completion only one time
      BUG/MINOR: quic: Trace fix about packet number space information.
      BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal"
      MINOR: h3: Add the quic_conn object to h3 traces
      MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument
      MINOR: h3: Send the h3 settings with others streams (requests)
      MINOR: dev/udp: Apply the corruption to both directions
      BUILD: udp-perturb: Add a make target for udp-perturb tool

Ilya Shipitsin (1):
      CI: cirrus-ci: bump FreeBSD image to 13-1

Mathias Weiersmueller (1):
      DOC: fix TOC in starter guide for subsection 3.3.8. Statistics

Matthias Wirth (1):
      BUG/MINOR: signals/poller: ensure wakeup from signals

William Lallemand (14):
      BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl
      BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb
      BUILD: quic: temporarly ignore chacha20_poly1305 for libressl
      BUILD: quic: enable early data only with >= openssl 1.1.1
      BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx
      BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx()
      MINOR: quic: add QUIC support when no client_hello_cb
      BUG/MINOR: signals/poller: set the poller timeout to 0 when there are 
      REGTESTS: log: test the log-forward feature
      REGTESTS: ssl/log: test the log-forward with SSL
      MEDIUM: httpclient: httpclient_create_proxy() creates a proxy for 
      MEDIUM: httpclient: allow to use another proxy
      MINOR: httpclient: export httpclient_create_proxy()
      MEDIUM: quic: separate path for rx and tx with set_encryption_secrets

Willy Tarreau (50):
      BUG/MINOR: task: always reset a new tasklet's call date
      BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet
      MINOR: task: permanently enable latency measurement on tasklets
      CLEANUP: task: rename ->call_date to ->wake_date
      BUG/MINOR: sched: properly account for the CPU time of dying tasks
      MINOR: sched: store the current profile entry in the thread context
      BUG/MINOR: stream/sched: take into account CPU profiling for the last call
      MINOR: tasks: do not keep cpu and latency times in struct task
      MINOR: tools: add generic pointer hashing functions
      CLEANUP: activity: make memprof use the generic ptr_hash() function
      CLEANUP: activity: make taskprof use ptr_hash()
      MINOR: debug: add struct ha_caller to describe a calling location
      CLEANUP: debug: use struct ha_caller for memstat
      DEBUG: task: define a series of wakeup types for tasks and tasklets
      DEBUG: task: use struct ha_caller instead of arrays of file:line
      DEBUG: applet: instrument appctx_wakeup() to log the caller's location
      DEBUG: task: simplify the caller recording in DEBUG_TASK
      CLEANUP: task: move tid and wake_date into the common part
      CLEANUP: sched: remove duplicate code in run_tasks_from_list()
      CLEANUP: activity: make the number of sched activity entries more 
      DEBUG: resolvers: unstatify process_resolvers() to make it appear in 
      DEBUG: quic: export the few task handlers that often appear in task dumps
      MEDIUM: tasks/activity: combine the called function with the caller
      MINOR: tasks/activity: improve the caller-callee activity hash
      MINOR: activity/cli: support aggregating task profiling outputs
      MINOR: activity/cli: support sorting task profiling by total CPU time
      DEV: flags: fix usage message to reflect available options
      DEV: flags: add missing CO_FL_FDLESS connection flag
      MINOR: flags: add a new file to host flag dumping macros
      MINOR: flags: implement a macro used to dump enums inside masks
      MINOR: flags/channel: use flag dumping for channel flags and analysers
      MINOR: flags/connection: use flag dumping for connection flags
      MINOR: flags/stconn: use flag dumping for stconn and sedesc flags
      MINOR: flags/stream: use flag dumping for stream error type
      MINOR: flags/stream: use flag dumping for stream flags
      MINOR: flags/task: use flag dumping for task state
      MINOR: flags/http_ana: use flag dumping for txn flags
      DEV: flags: remove the now unused SHOW_FLAG() definition
      DEV: flags: remove the now useless intermediary functions
      MINOR: flags/htx: use flag dumping to show htx and start-line flags
      MINOR: flags/http_ana: use flag dumping to show http msg states
      BUILD: flags: fix build warning in some macros used by show_flags
      BUILD: flags: fix the fallback macros for missing stdio
      CLEANUP: pollers: remove dead code in the polling loop
      MINOR: flags/fd: decode FD flags states
      REORG: mux-h2: extract flags and enums into mux_h2-t.h
      MINOR: flags/mux-h2: decode H2C and H2S flags
      BUG/MEDIUM: captures: free() an error capture out of the proxy lock
      BUILD: fd: fix a build warning on the DWCAS
      SCRIPTS: announce-release: update some URLs to https

cui fliter (1):
      CLEANUP: quic,ssl: fix tiny typos in C comments


Reply via email to