Hi,
HAProxy 2.2.9 was released on 2021/02/06. It added 51 new commits
after version 2.2.8.
It's basically the same as what was integrated into 2.3.5, plus a few
older fixes that were left under observation in 2.3 for 3 versions. This
explains why this change log will look familiar to those having read the
2.3 one. There's no critical bug in this one but fixes for a few problematic
ases that either have been there for a while or resulted from recent
ncomplete fixes:
- an issue in filters (compression, spoe, etc) could block response
headers in empty responses with no content-length ;
- there was a risk of temporary CLOSE_WAIT on aborted H2 connections since
the recent fixes for truncated responses. Note that these ones would
vanish on timeout anyway, hence it was more annoying than dramatic ;
- the CLI's "abort ssl cert" would purge the old instead of new SSL info;
- errors on connections would not prevent SSL handshake from being
performed, leading to wasted CPU cycles that could sometimes maintain
the load artificially high during contention ;
- Lua's core.get_info() got broken in previous version due to the missing
definition of INF_BUILD_INFO in stats ;
- there was a small risk of crash in tcpchecks when using multiple
connections ;
- the previous fix for DNS SRV records was incorrect and had to be
reverted in 2.3.4 as it was sometimes causing a bad pointer
dereference and crashing. The code was rechecked and the correct
fix merged again ;
- an alignment issue in the XXHash code affecting ARMv6/v7 running
in 32-bit mode on 64-bit kernels was addressed ; it could cause
bus errors and crashes in 32-bit chroots or containers when using
the pattern LRU cache ;
- a few other really minor issues were addressed
- "server" definitions in "frontend" sections were mistakenly not
rejected during parsing, but would generally result in random crashes
later due to uninitialised fields. They are now properly rejected.
- two older fixes for rare crashes that had been left baking in 2.3 for
3 months now were finally backported
In addition, the maximum HTTP/1 chunk size was extended from 2 GB to 4 PB
since there was no more compelling reason to limit ourselves to 32 bits
storage anymore. Last, some of the "show fd" output improvements were
backported as they significantly help when reporting bugs.
Please find the usual URLs below :
Site index : http://www.haproxy.org/
Discourse : http://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Wiki : https://github.com/haproxy/wiki/wiki
Sources : http://www.haproxy.org/download/2.2/src/
Git repository : http://git.haproxy.org/git/haproxy-2.2.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy-2.2.git
Changelog : http://www.haproxy.org/download/2.2/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
---
Complete changelog :
Adis Nezirovic (1):
BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition
Amaury Denoyelle (1):
BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
Baptiste Assmann (1):
BUG/MINOR: dns: SRV records ignores duplicated AR records (v2)
Bertrand Jacquin (3):
MINOR: build: discard echoing in help target
BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
Christopher Faulet (8):
BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities
MINOR: server: Forbid server definitions in frontend sections
BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is
unknown
MINOR: h1: Raise the chunk size limit up to (2^52 - 1)
BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
MINOR: config: Deprecate and ignore tune.chksize global option
BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback
context
David CARLIER (1):
BUG/MINOR: threads: Fixes the number of possible cpus report for Mac.
Frédéric Lécaille (4):
MINOR: peers: Add traces for peer control messages.
BUG/MINOR: peers: Possible appctx pointer dereference.
BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command.
MINOR: contrib: Make the wireshark peers dissector compile for more
distribs.
Jan Wagner (1):
DOC: fix "smp_size" vs "sample_size" in "log" directive arguments
Olivier Houchard (1):
BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
Tim Duesterhus (1):
DOC: Improve documentation of the various hdr() fetches
William Lallemand (3):
BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file()
BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
BUILD: Makefile: move REGTESTST_TYPE default setting
Willy Tarreau (26):
BUILD: peers: fix build warning about unused variable
BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd"
helper
BUG/MEDIUM: mux-h2: fix read0 handling on partial frames
CLEANUP: tools: make resolve_sym_name() take a const pointer
CLEANUP: cli: make "show fd" use a const connection to access other fields
MINOR: cli: make "show fd" also report the xprt and xprt_ctx
MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps.
MINOR: ssl: provide a "show fd" helper to report important SSL information
MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves
them
MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber
when known
MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber
when known
MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm
subscriber when known
MINOR: cli: give the show_fd helpers the ability to report a suspicious
entry
MINOR: cli/show_fd: report some easily detectable suspicious states
MINOR: ssl/show_fd: report some FDs as suspicious when possible
MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls
MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls
DOC: management: fix "show resolvers" alphabetical ordering
BUG/MEDIUM: ssl: check a connection's status before computing a handshake
BUG/MINOR: xxhash: make sure armv6 uses memcpy()
BUG/MEDIUM: mux-h2: handle remaining read0 cases
BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED
MINOR: cli/show_fd: report local and report ports when known
BUG/MAJOR: connection: reset conn->owner when detaching from session list
MINOR: task: remove __tasklet_remove_from_tasklet_list()
BUG/MEDIUM: task: close a possible data race condition on a tasklet's
list link
---
