Hi,
HAProxy 2.5.9 was released on 2022/09/22. It added 65 new commits
after version 2.5.8.
Here is the unsorted list of main issues fixed in this released, cut-pasted
from the 2.6.5 and 2.6.6 announces:
* There was an issue with the log-forward section, where a missing
initialization due to code duplication caused some settings from "bind"
lines to be ignored (ssl, thread, a few such things). There was the same
issue with ring. The sink initialization was performed too early.
* It was possible to trigger the watchdog because of an extreme contention
on the proxy's lock while the libc was in malloc()/free(). It was mainly
due to the errors capture. A call to free() was under the lock with no
special reason. The object is now released outside of the proxy's lock.
* Some ugly crashes saying "offset > buf->data" were reported when using
the DNS (e.g. issue #1781), and it was found that it was using
uninitialized fields in a structure. A pool_zalloc() was used to paper
over it, since it's not even impossible that others fields are affected
and that this part requires a deep breath before being dived into.
* There was a logic bug in processing of option
http-restrict-req-hdr-names that could cause deletion of a wrong header
or a crash when facing multiple forbidden chars. This was reported in
issue #1822, analysed and fixed by Mateusz Malek.
* Server-side idle connections were often left in TIME_WAIT due to an
undesired shutdown() being performed before closing them, resulting in
more outgoing ports being used than really necessary.
* Aborting pipelined HTTP/1.1 transfers could sometimes result in a high
CPU usage until the timeout stroke.
* An old bug in the H2 mux may cause spurious stream resets when uploading
and downloading at the same time from the same stream, due to the window
update frames having to be delayed when the output is full, and sent
later after the stream ID was reset. Those using POST to servers might
have experienced such occasional issues and might want to check for any
improvement there. This was reported in issue #1830 and diagnosed by
David le Blanc.
* During atomic map updates of entries based on prefix length ("_ip" and
"_beg"), if a new finer entry was added and matched an input before
being committed, it was naturally ignored, but the lookup would continue
with next keys without rechecking the key, possibly returning an
incorrect match. This was reported by Miroslav in issue #1802.
* Tim reported in issue #1799 that upon reload, and old process that
failed to synchronize its tables with the new one could loop for a while
without any pause and waste a lot of CPU doing this.
* Reloading peers could compete on the local one and slow down or block
the replication.
* Reloading peers could interrupt a resync in progress if the retry timer
triggered before the end.
* The recently added assertion in fd_delete() already spotted a long
existing bug on reload, where the FD that was used by the pipe of an
exiting thread could be instantly reused as a socket by another thread
and be incorrectly inserted in the table. Most of the time it remained
unnoticed as these were mostly health checks on a reloading process, but
since the assertion a few users started to see logs of a crash of the
exiting process. This was reported both by Christian Ruppert in issue
#1807 and by Cedric Paillet.
* Pause or resume a proxy from lua code could lead to some race because
these operations were performed outside the proxy's lock. To fix the
issue and prevent any trouble, the proxy's API was slightly refactored
to be sure the proxy's lock is always acquired by low-level functions.
* There was an undesired sharing of data between default-servers that
could lead to double-frees concretized by crashes when checking the
config. This was reported in issue #1804 by Fabiano Nunes.
* When a server had numerous requests waiting in queue, it was possible
for a thread to spend its time picking requests from this queue while
all other threads were working at refilling it, and the time spent doing
this was unbounded, which could 1) add high processing latencies, and 2)
even trigger the watchdog if the thread worked too long. Willy could
trigger the watchdog a few times on a 48-thread machine. He think it's
the same issue that was reported 2 years ago by Jaroslaw Rzeszotko in
issue #880.
* The ring section's "size" parser was too lax and would take "1M" for "1"
without even issuing a warning... Also error messages regarding
incorrect values would copy the input string instead of the parsed
value, providing no way to diagnose.
* It was possible to crash HAProxy when adding a server with hostname from
the CLI. In itself, it is not an issue but the server is created with no
address and an operation was not guarded against NULL addresses.
* There was a bug in the SPOE. In sync or pipelining modes, an unhealthy
SPOA could led HAProxy to create a huge number of applets to process
queued messages, slowing down all processing.
* Willy managed to trigger an error on reload where the old process died
saying "t->tid >= 0 && t->tid != tid". This is caused by the deinit code
that needs to stop stuff initialized on other threads, and as such it
violates some consistency checks. The check was relaxed to ignore the
stopping condition.
* Characters escaping process in log messages was not correctly processing
strings coming from sample fetches truncating the output string.
* Using HAProxy built with PCRE2_JIT with a lib built without would fail
to match. Now it will fall back to the regular match.
* Agent-check could be delayed by ~200ms due to TCP QUICKACK being
disabled by default.
* Reading from the rings could also occasionally freeze at high rate if
the reader had to stop due to a buffer full while the writer had already
stopped due to a ring full.
* In Lua, it was possible to hand reading HTTP payload (by line or not)
from an HTTP applet because we relied on a transiant HTX flags to detect
the end of the message instead of relying on the channel flag.
* Some ca-file elements could leak during "commit ssl ca-file".
* On the CLI, no error was returned when an empty ca-file was added. This
could be a problem is the file was malformated and did not contain any
PEM header.
* A 60s delay could be experienced after stopping HAProxy. This was
happening when a signal was received before entering the poller and
without any activity on the process. In mworker mode, if a worker exited
and the SIGCHLD signal was delivered at the right time to the master,
this one could be stuck for 60s. The timeout is now set to 0 in this
specific case.
The following improvements were also backported:
* Headers case adjustment in H1 is now available for TCP proxies. It was
an issue for HTTP health-checks on backend side or for TCP connections
upgraded to HTTP on frontend side.
* The stats applet was reported paused frontends as OPEN. Now, these
frontends are reported as PAUSED.
* Encrypted password in Userlists are now supported on NetBSD
Thanks everyone for your help and your contributions! The 2.4.19 will be
released the next week.
Please find the usual URLs below :
Site index : https://www.haproxy.org/
Documentation : https://docs.haproxy.org/
Wiki : https://github.com/haproxy/wiki/wiki
Discourse : https://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Sources : https://www.haproxy.org/download/2.5/src/
Git repository : https://git.haproxy.org/git/haproxy-2.5.git/
Git Web browsing : https://git.haproxy.org/?p=haproxy-2.5.git
Changelog : https://www.haproxy.org/download/2.5/src/CHANGELOG
Pending bugs : https://www.haproxy.org/l/pending-bugs
Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs
Code reports : https://www.haproxy.org/l/code-reports
Latest builds : https://www.haproxy.org/l/dev-packages
---
Complete changelog :
Aurelien DARRAGON (6):
BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
MINOR: listener: small API change
MINOR: proxy/listener: support for additional PAUSED state
BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
BUG/MEDIUM: server: segv when adding server with hostname from CLI
BUG/MINOR: log: improper behavior when escaping log data
Brad Smith (1):
BUILD: makefile: enable crypt(3) for NetBSD
Christopher Faulet (20):
MINOR: peers: Use a dedicated reconnect timeout when stopping the local
peer
BUG/MEDIUM: peers: limit reconnect attempts of the old process on reload
BUG/MINOR: peers: Use right channel flag to consider the peer as connected
BUG/MEDIUM: dns: Properly initialize new DNS session
MINOR: server: Constify source server to copy its settings
REORG: server: Export srv_settings_cpy() function
BUG/MEDIUM: proxy: Perform a custom copy for default server settings
BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after
connect
REGTESTS: Fix prometheus script to perform HTTP health-checks
BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
BUG/MEDIUM: peers: Don't start resync on reload if local peer is not
up-to-date
BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
BUG/MINOR: h1: Support headers case adjustment for TCP proxies
REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
Emeric Brun (3):
BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
Ilya Shipitsin (1):
CI: cirrus-ci: bump FreeBSD image to 13-1
Mateusz Malek (1):
BUG/MEDIUM: http-ana: fix crash or wrong header deletion by
http-restrict-req-hdr-names
Mathias Weiersmueller (1):
DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
Matthias Wirth (1):
BUG/MINOR: signals/poller: ensure wakeup from signals
William Lallemand (10):
DEBUG: fd: split the fd check
BUG/MINOR: ssl/cli: error when the ca-file is empty
BUG/MINOR: resolvers: return the correct value in
resolvers_finalize_config()
DOC: configuration: do-resolve doesn't work with a port in the string
BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
BUG/MINOR: signals/poller: set the poller timeout to 0 when there are
signals
REGTESTS: log: test the log-forward feature
REGTESTS: ssl/log: test the log-forward with SSL
Willy Tarreau (21):
BUG/MEDIUM: queue/threads: limit the number of entries dequeued at once
MINOR: ebtree: add ebmb_lookup_shorter() to pursue lookups
BUG/MEDIUM: pattern: only visit equivalent nodes when skipping versions
BUG/MINOR: ring/cli: fix a race condition between the writer and the
reader
BUG/MINOR: sink: fix a race condition between the writer and the reader
BUILD: cfgparse: always defined _GNU_SOURCE for sched.h and crypt.h
BUG/MEDIUM: poller: use fd_delete() to release the poller pipes
BUG/MEDIUM: task: relax one thread consistency check in task_unlink_wq()
BUILD: debug: silence warning on gcc-5
BUG/MEDIUM: ring: fix too lax 'size' parser
BUILD: http: silence an uninitialized warning affecting gcc-5
BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of
input
BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
BUG/MINOR: task: always reset a new tasklet's call date
BUG/MEDIUM: captures: free() an error capture out of the proxy lock
BUILD: fd: fix a build warning on the DWCAS
SCRIPTS: announce-release: update some URLs to https
--
Christopher Faulet
