Hi, HAProxy 3.0-dev4 was released on 2024/02/23. It added 63 new commits after version 3.0-dev3.
A bunch of major bugs and recent regressions were addressed in dev4; dev3 broke the stats page when using compression, and sometimes also caused some stats responses to be truncated over HTTP/1. It just shows that changes are progressing and that live testing is very useful. Another batch of fixes will be of interest to those running highly dynamic environments. We had reports of the "del server" CLI command interacting badly with idle connections at high traffic rates, as well as with the Prometheus exporter. Both were found and fixed. It's nice to see usages evolve to adopt such more dynamic mechanisms. Some crashes with the OCSP updater were addressed, however we've got a report of a BUG_ON() triggering on the old quitting process upon reload after some manual updates, that for now we were not able to reproduce. Do not hesitate to tell us if you notice something similar. A few QUIC issues were addressed, including a case of crash and some issues affecting how the Cubic window and packet losses interact, that could cause suboptimal downloads over lossy or reodered networks. A new setting, "tune.quic.reorder-ratio" was added to let the user adjust the size of holes over the in-flight window before we declare a loss. Normally QUIC users should observe much better performance now, even with the default setting (50%), which was sufficient for us to observe x10-20 at 3% losses. The send path was improved and cleaned up, by using exclusively sendmsg() and avoiding some copies where possible. It's likely that some CPU savings could be observed. A change was made in two steps on the CLI. Two years ago, while fixing a bug, I accidentally opened the possibility to randomly accept several lines of commands in non-interactive mode. It solely depends on the timing, but short commands emitted like printf "cmd1\ncmd2\n" has high chances of working while long ones will generally be cut because the processing ends as soon as an empty buffer is found. It's pretty visible when sending map or ACL updates, where large updates almost never complete and stop at random places. This was now fixed by no longer accepting a second command after the "\n" (as documented), and due to the risk that some users had frequent enough success with this practice to have adopted it, we also emit a warning when this is detected, and the warning will be backported so that the bad behavior can be detected in time by these users, offering them enough time to fix offending scripts. Finally a first batch of the log-format infrastructure updates was merged. It currently allows to pass a name before a field, this will be used later for output encoding and/or field masking, but it's purposely not documented yet as it cannot be used yet. However in the very unlikely event you'd happen to detect any parsing error or change in the output format, please report it as this would be totally unexpected. The rest is as usual, small cleanups and doc updates. Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/3.0/src/ Git repository : https://git.haproxy.org/git/haproxy.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy.git Changelog : https://www.haproxy.org/download/3.0/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages Willy --- Complete changelog : Amaury Denoyelle (19): BUG/MINOR: quic: reject unknown frame type MINOR: quic: handle all frame types on reception BUG/MINOR: quic: reject HANDSHAKE_DONE as server BUG/MINOR: qpack: reject invalid increment count decoding BUG/MINOR: qpack: reject invalid dynamic table capacity BUG/MEDIUM: quic: fix transient send error with listener socket DOC: quic: fix recommandation for bind on multiple address MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support OPTIM: quic: improve slightly qc_snd_buf() internal MINOR: quic: move IP_PKTINFO on send on a dedicated function MINOR: quic: remove sendto() usage variant MINOR: quic: only use sendmsg() syscall variant BUG/MINOR: quic: initialize msg_flags before sendmsg BUG/MINOR: ist: allocate nul byte on istdup BUG/MINOR: stats: drop srv refcount on early release BUG/MAJOR: promex: fix crash on deleted server BUG/MAJOR: server: fix stream crash due to deleted server BUG/MEDIUM: mux-quic: do not crash on qcs_destroy for connection error BUG/MINOR: quic: fix output of show quic Aurelien DARRAGON (12): MINOR: log: custom name for logformat node MINOR: sample: add type_to_smp() helper function MINOR: log: explicit typecasting for logformat nodes MINOR: log: simplify last_isspace in sess_build_logline() MINOR: log: simplify quotes handling in sess_build_logline() MINOR: log: print metadata prefixes separately in sess_build_logline() MINOR: log: automate string array construction in sess_build_logline() CLEANUP: proxy/log: remove unused proxy flag CLEANUP: log: fix process_send_log() indentation CLEANUP: log: use free_logformat_list() in parse_logformat_string() MINOR: log: add free_logformat_node() helper function BUG/MINOR: log: fix potential lf->name memory leak Christopher Faulet (22): BUG/MAJOR: mux-h1: Fix zero-copy forwarding when sending chunks of unknown size MINOR: stats: Use a dedicated function to check if output is almost full BUG/MEDIUM: applet: Add a flag to state an applet is using zero-copy forwarding BUG/MEDIUM: stconn/applet: Block 0-copy forwarding if producer needs more room MINOR: applet: Remove uselelss test on SE_FL_SHR/SHW flags MEDIUM: applet: Add notion of shutdown for write for applets MINOR: cli: No longer check SC for shutdown to interrupt wait command BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up CLEANUP: stconn: Move SE flags set by app layer at the end of the bitfield MINOR: stconn: Rename SE_FL_MAY_FASTFWD and reorder bitfield MINOR: stconn: Add SE flag to announce zero-copy forwarding on consumer side MINOR: muxes: Announce support for zero-copy forwarding on consumer side BUG/MAJOR: stconn: Check support for zero-copy forwarding on both sides MINOR: muxes/applet: Simplify checks on options to disable zero-copy forwarding BUG/MEDIUM: applet: Immediately free appctx on early error BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data BUG/MEDIUM: mux-h1: Don't emit 0-CRLF chunk in h1_done_ff() when iobuf is empty MINOR: cli: Remove useless loop on commands to find unescaped semi-colon BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands Frederic Lecaille (5): BUG/MEDIUM: quic: Wrong K CUBIC calculation. MINOR: quic: Update K CUBIC calculation (RFC 9438) MINOR: quic: Dynamic packet reordering threshold MINOR: quic: Add a counter for reordered packets DOC: quic: Missing tuning setting in "Global parameters" Miroslav Zagorac (1): MINOR: ssl: Call callback function after loading SSL CRL data Nicolas CARPi (1): DOC/MINOR: userlists: mention solutions to high cpu with hashes Remi Tricot-Le Breton (1): BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing Willy Tarreau (2): BUILD: applet: fix build on some 32-bit archs BUG/MINOR: ist: only store NUL byte on succeeded alloc ---
