HAProxy 2.8-dev13 was released on 2023/05/24. It added 43 new commits
after version 2.8-dev12.

Things have been quite calm since dev12. Along a discussion with
Christopher and Amaury we figured that one combination of flags
indicating the conditions in which a stream ended that we thought
impossible did in fact exist with QUIC, where it's possible to abort an
upload without stopping the download, so that required an in-depth
analysis of all places consuming these flags combinations to make sure
we could declare this combination officially supported and document it.
These patches were marked as medium because that's always tricky but the
analysis was exhaustive and we're confident in the change, it clarifies
certain conditions and was extensively tested.

Speaking of QUIC, a few minor bugs on error paths were addressed, and
comments were added at various places to help understand some BUG_ON().
Fred also added a number of event counters that had been missing over
the last few troubleshooting sessions. Tristan observed a slight
performance regression recently that we could not reproduce even under
latency/limited bandwidth and that is still under scrutiny. He could
narrow it down to a small set of patches to examine.  We hope to get it
figured and fixed soon but it's not sensitive enough to hold the

Aurélien cleaned up some Lua places to better document which ones could
be interrupted by a longjmp, and spotted a small bug there, which seems
to have little impact, but which was fixed anyway.

Some cleanups were done in the makefile, first because Thierry noticed
that it was recently broken for GNU make before 3.82 (3.81 is still
very common), and second to avoid causing a full rebuild each time
"make something" is called (help, version, reg-test etc). Also while
re-running the tests on my small FreeBSD machine I figured I had never
committed the tiny BSD makefile that's meant to prevent "make" from
spitting ugly syntax errors. Now instead it will invite the user to
use "gmake".

During these tests it was found that TCC was recently broken again. It
seems I'm the only one using it, and since I now have access to a fast
enough build farm, I tend to use it less often. So this was fixed.

Amaury cleaned up and committed a convenient Lua script he's been using
for a while to automatically produce an SSL key log file from a stream.
That's convenient for debugging or during development as you don't have
to process logs and rebuild the file, it's updated on the fly (see
dev/sslkeylogger if you're interested, but don't do that in production
as it writes to the file system and is probably not even thread-safe).

And the rest are essentially doc updates.

I think we're good for a release in the middle of next week, likely on
Wednesday since the last few -dev releases slipped to wednesday due to
bugs and days off. Till the release we'll mostly focus on doc updates
and regressions and a bit less on non-critical bugs that already affected
older versions so that we do our best not to add new regressions in this
version. This means that regressions you'd find when testing this version
will be considered with a higher priority, so please re-check, and also
have a look at the doc and do not hesitate to report any anomaly you'd

Now back to working on the full changelog...

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/2.8/src/
   Git repository   : https://git.haproxy.org/git/haproxy.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy.git
   Changelog        : https://www.haproxy.org/download/2.8/src/CHANGELOG
   Dataplane API    : 
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages

Complete changelog :
Amaury Denoyelle (9):
      CLEANUP: mux-quic/h3: complete BUG_ON with comments
      MINOR: quic: remove return val of quic_aead_iv_build()
      MINOR: quic: use WARN_ON for encrypt failures
      BUG/MINOR: quic: handle Tx packet allocation failure properly
      MINOR: quic: fix alignment of oneline show quic
      MINOR: mux-quic: set both EOI EOS for stream fin
      MINOR: mux-quic: only set EOS on RESET_STREAM recv
      MINOR: mux-quic: report error on stream-endpoint earlier
      DEV: add a Lua helper script for SSL keys logging

Aurelien DARRAGON (6):
      MINOR: hlua: hlua_smp2lua_str() may LJMP
      MINOR: hlua: hlua_smp2lua() may LJMP
      MINOR: hlua: hlua_arg2lua() may LJMP
      DOC: hlua: document hlua_lua2arg() function
      DOC: hlua: document hlua_lua2smp() function
      BUG/MINOR: hlua: unsafe hlua_lua2smp() usage

Christopher Faulet (5):
      MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone
      BUG/MINOR: mux-h2: Check H2_SF_BODY_TUNNEL on H2S flags and not demux 
frame ones
      MINOR: mux-h2: Set H2_SF_ES_RCVD flag when decoding the HEADERS frame
      MINOR: mux-h2: Add a function to propagate termination flags from h2s to 
      BUG/MEDIUM: mux-h2: Propagate termination flags when frontend SC is 

Daniel Epperson (1):
      DOC: add size format section to manual

Frédéric Lécaille (8):
      MINOR: quic: Add low level traces (addresses, DCID)
      BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token())
      BUG/MINOR: quic: Missing Retry token length on receipt
      MINOR: quic: Align "show quic" command help information
      CLEANUP: quic: Indentation fix quic_rx_pkt_retrieve_conn()
      CLEANUP: quic: Useless tests in qc_rx_pkt_handle()
      MINOR: quic: Add some counters at QUIC connection level
      MINOR: quic: Add a counter for sent packets

Ilya Shipitsin (1):
      BUILD: quic: re-enable chacha20_poly1305 for libressl

Mariam John (1):
      DOC/MINOR: config: Fix typo in description for `ssl_bc` in 

Willy Tarreau (12):
      MEDIUM: stconn: make the SE_FL_ERR_PENDING to ERROR transition systematic
      DOC: internal: add a bit of documentation for the stconn closing 
      BUILD: makefile: fix build issue on GNU make < 3.82
      CLEANUP: makefile: don't display a dummy features list without a target
      BUILD: makefile: do not erase build options for some build options
      BUILD: makefile: commit the tiny FreeBSD makefile stub
      BUILD: makefile: fix build options when building tools first
      BUILD: ist: do not put a cast in an array declaration
      BUILD: ist: use the literal declaration for ist_lc/ist_uc under TCC
      BUILD: compiler: systematically set USE_OBSOLETE_LINKER with TCC
      DOC: install: update reference to known supported versions
      SCRIPTS: publish-release: update the umask to keep group write access


Reply via email to