Hi, HAProxy 2.8-dev13 was released on 2023/05/24. It added 43 new commits after version 2.8-dev12.
Things have been quite calm since dev12. Along a discussion with Christopher and Amaury we figured that one combination of flags indicating the conditions in which a stream ended that we thought impossible did in fact exist with QUIC, where it's possible to abort an upload without stopping the download, so that required an in-depth analysis of all places consuming these flags combinations to make sure we could declare this combination officially supported and document it. These patches were marked as medium because that's always tricky but the analysis was exhaustive and we're confident in the change, it clarifies certain conditions and was extensively tested. Speaking of QUIC, a few minor bugs on error paths were addressed, and comments were added at various places to help understand some BUG_ON(). Fred also added a number of event counters that had been missing over the last few troubleshooting sessions. Tristan observed a slight performance regression recently that we could not reproduce even under latency/limited bandwidth and that is still under scrutiny. He could narrow it down to a small set of patches to examine. We hope to get it figured and fixed soon but it's not sensitive enough to hold the release. Aurélien cleaned up some Lua places to better document which ones could be interrupted by a longjmp, and spotted a small bug there, which seems to have little impact, but which was fixed anyway. Some cleanups were done in the makefile, first because Thierry noticed that it was recently broken for GNU make before 3.82 (3.81 is still very common), and second to avoid causing a full rebuild each time "make something" is called (help, version, reg-test etc). Also while re-running the tests on my small FreeBSD machine I figured I had never committed the tiny BSD makefile that's meant to prevent "make" from spitting ugly syntax errors. Now instead it will invite the user to use "gmake". During these tests it was found that TCC was recently broken again. It seems I'm the only one using it, and since I now have access to a fast enough build farm, I tend to use it less often. So this was fixed. Amaury cleaned up and committed a convenient Lua script he's been using for a while to automatically produce an SSL key log file from a stream. That's convenient for debugging or during development as you don't have to process logs and rebuild the file, it's updated on the fly (see dev/sslkeylogger if you're interested, but don't do that in production as it writes to the file system and is probably not even thread-safe). And the rest are essentially doc updates. I think we're good for a release in the middle of next week, likely on Wednesday since the last few -dev releases slipped to wednesday due to bugs and days off. Till the release we'll mostly focus on doc updates and regressions and a bit less on non-critical bugs that already affected older versions so that we do our best not to add new regressions in this version. This means that regressions you'd find when testing this version will be considered with a higher priority, so please re-check, and also have a look at the doc and do not hesitate to report any anomaly you'd spot. Now back to working on the full changelog... Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/2.8/src/ Git repository : https://git.haproxy.org/git/haproxy.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy.git Changelog : https://www.haproxy.org/download/2.8/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages Willy --- Complete changelog : Amaury Denoyelle (9): CLEANUP: mux-quic/h3: complete BUG_ON with comments MINOR: quic: remove return val of quic_aead_iv_build() MINOR: quic: use WARN_ON for encrypt failures BUG/MINOR: quic: handle Tx packet allocation failure properly MINOR: quic: fix alignment of oneline show quic MINOR: mux-quic: set both EOI EOS for stream fin MINOR: mux-quic: only set EOS on RESET_STREAM recv MINOR: mux-quic: report error on stream-endpoint earlier DEV: add a Lua helper script for SSL keys logging Aurelien DARRAGON (6): MINOR: hlua: hlua_smp2lua_str() may LJMP MINOR: hlua: hlua_smp2lua() may LJMP MINOR: hlua: hlua_arg2lua() may LJMP DOC: hlua: document hlua_lua2arg() function DOC: hlua: document hlua_lua2smp() function BUG/MINOR: hlua: unsafe hlua_lua2smp() usage Christopher Faulet (5): MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone BUG/MINOR: mux-h2: Check H2_SF_BODY_TUNNEL on H2S flags and not demux frame ones MINOR: mux-h2: Set H2_SF_ES_RCVD flag when decoding the HEADERS frame MINOR: mux-h2: Add a function to propagate termination flags from h2s to SE BUG/MEDIUM: mux-h2: Propagate termination flags when frontend SC is created Daniel Epperson (1): DOC: add size format section to manual Frédéric Lécaille (8): MINOR: quic: Add low level traces (addresses, DCID) BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token()) BUG/MINOR: quic: Missing Retry token length on receipt MINOR: quic: Align "show quic" command help information CLEANUP: quic: Indentation fix quic_rx_pkt_retrieve_conn() CLEANUP: quic: Useless tests in qc_rx_pkt_handle() MINOR: quic: Add some counters at QUIC connection level MINOR: quic: Add a counter for sent packets Ilya Shipitsin (1): BUILD: quic: re-enable chacha20_poly1305 for libressl Mariam John (1): DOC/MINOR: config: Fix typo in description for `ssl_bc` in configuration.txt Willy Tarreau (12): MEDIUM: stconn: make the SE_FL_ERR_PENDING to ERROR transition systematic DOC: internal: add a bit of documentation for the stconn closing conditions BUILD: makefile: fix build issue on GNU make < 3.82 CLEANUP: makefile: don't display a dummy features list without a target BUILD: makefile: do not erase build options for some build options BUILD: makefile: commit the tiny FreeBSD makefile stub BUILD: makefile: fix build options when building tools first BUILD: ist: do not put a cast in an array declaration BUILD: ist: use the literal declaration for ist_lc/ist_uc under TCC BUILD: compiler: systematically set USE_OBSOLETE_LINKER with TCC DOC: install: update reference to known supported versions SCRIPTS: publish-release: update the umask to keep group write access ---