Hi,

HAProxy 2.6.19 was released on 2024/09/19. It added 64 new commits
after version 2.6.18.

Following the 2.8.11 release, it is now the turn to the 2.6. This release covers
the same period. So, fixed bugs are more or less the same, excluding those not
concerning the 2.6:

  * The SSL stack is now always completely initialized. Due to a change of
    API in 3.x the old call was deprecated and used to emit a warning, but
    it was later found to still be required in some cases.  This has been
    cooking in 2.9 for 6 months now and is considered OK.

  * HTTP applets (stats, cache and promex) were starting to process the
    request and reply without worrying about whether the request analysis
    was finished or not. In the vast majority of cases, it is not an issue
    because the request analysis is indeed finished in the same time the
    applet on server side is created. But if a filter delayed the request
    analysis, it might happens. In that case, some undefined and hardly
    predictible behaviors were able to be experienced, like responses sent
    too early or even crashes. Among others, the compression filter was
    pretty sensitive in this case because it is mandatory to filter the
    request before the response. To fix the issue, there is now a check in
    backend HTTP applets to wait for the end of the request analysis.

  * The hard limit on the number of file descriptors now defaults to about 1
    million, in order to match what has been done for a very long time on
    many distros, and that recently changed to 1 billion on some of them,
    causing a huge startup time (or even a watchdog at boot) and a massive
    memory usage.

  * The SSL library functions used to validate a JWT token would leave an
    error in the SSL stack, that will later be mistaken for an error on
    another connection and cause it to be closed. "jwt_verify" converter was
    fixed when called with a HMAC algorithm (HS256, HS384, HS512). In that
    case, the converter must not try to load a file because the key should
    hold a secret. It is especially important for runtime uses, like lua for
    instance. But note, for dynamic calls, this remains an issue for other
    algorithms because there is nothing to prevent I/O disk.

  * A time-of-check/time-of-use (TOCTOU) issue in the queue processing makes
    it rare but possible to leave a server with no connection yet not take
    any traffic. It's more likely to happen with maxconn 1, very hard at 2
    and almost impossible at 3 or above. In addition, A flag is now used to
    be sure only one thread is dequeuing session at once instead of relying
    on a trylock to do so. No 2.6 release was affected, but 2.9/3.0 versions
    were buggy because of TOCTOU fix.

  * Empty transfer-encoding headers in H1 are now properly blocked since
    they may be used to try to build an attack against vulnerable
    implementations.

  * An issue in SPOE that can cause a thread to refrain from creating an
    applet to connect outside, causing failures on requests processed on
    this thread.

  * It was possible to crash the process when performing an implicit
    protocol upgrade (TCP to HTTP due to a transition from a TCP front to an
    HTTP back) if an error happened on the connection just before the
    transition.

  * Unhandled aborts were fixed in the H2 multiplexer. The end of
    message could be reported twice for tunneled streams, leaving the second
    one blocked at the channel level because of the first one.

  * Several bugs were fixed on QUIC:

    - An incorrect computation was performed when encoding a STREAM frame in
      a single packet leading to datagrams smaller than expected, resulting
      in suboptimal for bandwidth.

    - A few assorted minor fixes (possible crash on resource allocation
      error, slight loss of precision in Cubic parameters calculations etc).

    - It was possible to freeze a connection because of 0-RTT undeciphered
      content.

    - The MAX_STREAM ID value was not properly checked and it was possible
      to send too big value. It is now fixed. Thanks to this patch, this
      also ensure that the peer cannot open a stream with an invalid ID as
      this would cause a flow-control violation instead.

    - Some issues with the QUIC traces were fixed.

  * On H3, when a response is formatted to be sent to the client, the
    handling of responses with a too long header list was fixed to no longer
    abort the process but to return proper error. In addition, the syntax
    checks on :method and :scheme H3 headers were insufficient. This was
    fixed too.

  * Some bugs related to pattern expressions handling loaded from file were
    fixed.

  * When a listen() failed for TCP and Unix sockets, the file descriptor was
    not removed from the fdtab[] array, leading to a possible crash because
    of a BUG_ON() when this FD was reused. The FD is now properly removed
    from fdtab[] in that case.

  * Description of the command line options -dR and -dV were missing in the
    management documentation. It is now fixed. Documentation about "show
    stat" CLI command was also updated to reflect the renaming of "dns"
    counters to "resolvers". More details about the master-worker was added
    in the configuration manual and the "maxconn" description was improved,
    as well as info about http-keep-alive timeout and other timeouts.

Thanks  everyone for your help !

Please find the usual URLs below :
   Site index       : https://www.haproxy.org/
   Documentation    : https://docs.haproxy.org/
   Wiki             : https://github.com/haproxy/wiki/wiki
   Discourse        : https://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : https://www.haproxy.org/download/2.6/src/
   Git repository   : https://git.haproxy.org/git/haproxy-2.6.git/
   Git Web browsing : https://git.haproxy.org/?p=haproxy-2.6.git
   Changelog        : https://www.haproxy.org/download/2.6/src/CHANGELOG
   Dataplane API    : 
https://github.com/haproxytech/dataplaneapi/releases/latest
   Pending bugs     : https://www.haproxy.org/l/pending-bugs
   Reviewed bugs    : https://www.haproxy.org/l/reviewed-bugs
   Code reports     : https://www.haproxy.org/l/code-reports
   Latest builds    : https://www.haproxy.org/l/dev-packages


---
Complete changelog :
Amaury Denoyelle (10):
      BUG/MINOR: quic: fix computed length of emitted STREAM frames
      SCRIPTS: git-show-backports: do not truncate git-show output
      BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
      BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
      BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
      BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
      BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
      BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
      BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
      BUG/MINOR: h3: properly reject too long header responses

Aurelien DARRAGON (7):
      BUG/MEDIUM: cli: fix cli_output_msg() regression
      DOC: management: rename show stats domain cli "dns" to "resolvers"
      BUG/MINOR: hlua: report proper context upon error in 
hlua_cli_io_handler_fct()
      REGTESTS: add a test to ensure map-ordering is preserved
      BUG/MINOR: pattern: prevent const sample from being tampered in 
pat_match_beg()
      BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
      BUG/MINOR: cfgparse-listen: fix option httpslog override warning message

Christopher Faulet (12):
      BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the 
signature
      BUG/MINOR: h1: Fail to parse empty transfer coding names
      BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
      BUG/MEDIUM: h1: Reject empty Transfer-encoding header
      BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current 
thread
      BUG/MINOR: server: Don't warn fallback IP is used during init-addr 
resolution
      BUG/MINOR: cli: Atomically inc the global request counter between CLI 
commands
      BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no 
longer ready
      BUG/MEDIUM: cli: Always release back endpoint between two commands on the 
mcli
      BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
      BUG/MEDIUM: cache/stats: Wait to have the request before sending the 
response
      BUG/MEDIUM: promex: Wait to have the request before sending the response

Frederic Lecaille (2):
      MINOR: quic: Add a counter for reordered packets
      BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)

Frédéric Lécaille (1):
      MINOR: quic: Add packet loss and maximum cc window to "show quic"

Ilia Shipitsin (1):
      BUG/MINOR: fcgi-app: handle a possible strdup() failure

Nathan Wehrman (1):
      DOC: config: correct the table for option tcplog

Valentine Krasnobaeva (9):
      DOC/MINOR: management: add missed -dR and -dv options
      MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)
      BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
      DOC: configuration: update maxconn description
      BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
      BUG/MINOR: proto_tcp: keep error msg if listen() fails
      BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
      BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
      BUG/MINOR: pattern: pat_ref_set: return 0 if err was found

William Lallemand (7):
      DOC: configuration: fix alphabetical order of bind options
      DOC: configuration: more details about the master-worker mode
      MEDIUM: ssl: initialize the SSL stack explicitely
      BUG/MINOR: jwt: don't try to load files with HMAC algorithm
      BUG/MINOR: jwt: fix variable initialisation
      DOC: configuration: issuers-chain-path not compatible with OCSP
      REGTESTS: mcli: test the pipelined commands on master CLI

Willy Tarreau (14):
      MINOR: mux-h2/traces: explicitly show the error/refused stream states
      MINOR: queue: add a function to check for TOCTOU after queueing
      BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
      DOC: config: improve the http-keep-alive section
      BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
      CLEANUP: trace: remove the QUIC-specific ifdefs
      BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
      BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
      BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
      BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
      BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
      REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
      BUG/MINOR: polling: fix time reporting when using busy polling
      BUG/MEDIUM: queue: implement a flag to check for the dequeuing

--
Christopher Faulet


Reply via email to