stable-bot: WARNING: 31 bug fixes in queue for next release - 1.8
Hi, This is a friendly bot that watches fixes pending for the next haproxy-stable release! One such e-mail is sent periodically once patches are waiting in the last maintenance branch, and an ideal release date is computed based on the severity of these fixes and their merge date. Responses to this mail must be sent to the mailing list. Last release 1.8.23 was issued on 2019/11/25. There are currently 31 patches in the queue cut down this way: - 2 MAJOR, first one merged on 2019/12/10 - 9 MEDIUM, first one merged on 2019/12/05 - 20 MINOR, first one merged on 2019/12/05 Thus the computed ideal release date for 1.8.24 would be 2019/12/24, which was six weeks ago. The current list of patches in the queue is: - MAJOR : dns: add minimalist error processing on the Rx path - MAJOR : hashes: fix the signedness of the hash inputs - MEDIUM : listener/threads: fix a remaining race in the listener's accept() - MEDIUM : ssl: Don't set the max early data we can receive too early. - MEDIUM : session: do not report a failure when rejecting a session - MEDIUM : kqueue: Make sure we report read events even when no data. - MEDIUM : listener/thread: fix a race when pausing a listener - MEDIUM : proto_udp/threads: recv() and send() must not be exclusive. - MEDIUM : cli: _getsocks must send the peers sockets - MEDIUM : pipe: fix a use-after-free in case of pipe creation error - MEDIUM : mworker: remain in mworker mode during reload - MINOR : sample: always check converters' arguments - MINOR : listener/threads: always use atomic ops to clear the FD events - MINOR : mworker: properly pass SIGTTOU/SIGTTIN to workers - MINOR : ssl: certificate choice can be unexpected with openssl >= 1.1.1 - MINOR : sample: fix the closing bracket and LF in the debug converter - MINOR : listener: do not immediately resume on transient error - MINOR : stream: don't mistake match rules for store-request rules - MINOR : stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - MINOR : dns: Make dns_query_id_seed unsigned - MINOR : proxy: make soft_stop() also close FDs in LI_PAUSED state - MINOR : dns: allow srv record weight set to 0 - MINOR : listener: fix off-by-one in state name check - MINOR : server: make "agent-addr" work on default-server line - MINOR : connection: fix ip6 dst_port copy in make_proxy_line_v2 - MINOR : http-rules: Remove buggy deinit functions for HTTP rules - MINOR : log: fix minor resource leaks on logformat error path - MINOR : listener: also clear the error flag on a paused listener - MINOR : http_act: don't check capture id in backend - MINOR : tcp-rules: Fix memory releases on error path during action parsing - MINOR : pattern: handle errors from fgets when trying to load patterns --- The haproxy stable-bot is freely provided by HAProxy Technologies to help improve the quality of each HAProxy release. If you have any issue with these emails or if you want to suggest some improvements, please post them on the list so that the solutions suiting the most users can be found.
stable-bot: WARNING: 62 bug fixes in queue for next release - 1.9
Hi, This is a friendly bot that watches fixes pending for the next haproxy-stable release! One such e-mail is sent periodically once patches are waiting in the last maintenance branch, and an ideal release date is computed based on the severity of these fixes and their merge date. Responses to this mail must be sent to the mailing list. Last release 1.9.13 was issued on 2019/11/25. There are currently 62 patches in the queue cut down this way: - 4 MAJOR, first one merged on 2019/12/10 - 22 MEDIUM, first one merged on 2019/12/05 - 36 MINOR, first one merged on 2019/11/25 Thus the computed ideal release date for 1.9.14 would be 2019/12/23, which was seven weeks ago. The current list of patches in the queue is: - MAJOR : memory: Don't forget to unlock the rwlock if the pool is empty. - MAJOR : hashes: fix the signedness of the hash inputs - MAJOR : task: add a new TASK_SHARED_WQ flag to fix foreing requeuing - MAJOR : dns: add minimalist error processing on the Rx path - MEDIUM : memory_pool: Update the seq number in pool_flush(). - MEDIUM : mux_h1: Don't call h1_send if we subscribed(). - MEDIUM : kqueue: Make sure we report read events even when no data. - MEDIUM : pipe: fix a use-after-free in case of pipe creation error - MEDIUM : stream-int: don't subscribed for recv when we're trying to flush data - MEDIUM : listener/threads: fix a remaining race in the listener's accept() - MEDIUM : http-ana: Truncate the response when a redirect rule is applied - MEDIUM : tasks: Make sure we switch wait queues in task_set_affinity(). - MEDIUM : mux-h2: fix missing test on sending_list in previous patch - MEDIUM : proto_udp/threads: recv() and send() must not be exclusive. - MEDIUM : session: do not report a failure when rejecting a session - MEDIUM : mux-h2: make sure we don't emit TE headers with anything but "trailers" - MEDIUM : checks: Make sure we set the task affinity just before connecting. - MEDIUM : fd/threads: fix a concurrency issue between add and rm on the same fd - MEDIUM : mux-h1: Never reuse H1 connection if a shutw is pending - MEDIUM : 0rtt: Only consider the SSL handshake. - MEDIUM : stream: address a very rare unhandled connection issue - MEDIUM : memory: Add a rwlock before freeing memory. - MEDIUM : ssl: Don't set the max early data we can receive too early. - MEDIUM : listener/thread: fix a race when pausing a listener - MEDIUM : cli: _getsocks must send the peers sockets - MEDIUM : mworker: remain in mworker mode during reload - MINOR : listener: do not immediately resume on transient error - MINOR : mux-h1: Fix conditions to know whether or not we may receive data - MINOR : h1: Report the right error position when a header value is invalid - MINOR : ssl: we may only ignore the first 64 errors - MINOR : listener: fix off-by-one in state name check - MINOR : listener/threads: always use atomic ops to clear the FD events - MINOR : cache: Fix leak of cache name in error path - MINOR : stream: don't mistake match rules for store-request rules - MINOR : server: make "agent-addr" work on default-server line - MINOR : tcp-rules: Fix memory releases on error path during action parsing - MINOR : sample: always check converters' arguments - MINOR : log: fix minor resource leaks on logformat error path - MINOR : listener: also clear the error flag on a paused listener - MINOR : checks: refine which errno values are really errors. - MINOR : proxy: Fix input data copy when an error is captured - MINOR : mux-h2: use a safe list_for_each_entry in h2_send() - MINOR : tasks: only requeue a task if it was already in the queue - MINOR : connection: fix ip6 dst_port copy in make_proxy_line_v2 - MINOR : mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN - MINOR : 51d: Fix bug when HTX is enabled - MINOR : http-htx: Don't make http_find_header() fail if the value is empty - MINOR : http_act: don't check capture id in backend - MINOR : ssl: openssl-compat: Fix getm_ defines - MINOR : sample: fix the closing bracket and LF in the debug converter - MINOR : pattern: handle errors from fgets when trying to load patterns - MINOR : proxy: make soft_stop() also close FDs in LI_PAUSED state - MINOR : stream: init variables when the list is empty - MINOR : http-ana/filters: Wait end of the http_end callback for all filters - MINOR : stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - MINOR : dns: Make dns_query_id_seed unsigned - MINOR : ssl: openssl-compat: 1.9 uses OPENSSL_VERSION, not HA_OPENSSL_VERSION - MINOR : ssl: certificate choice can be unexpected with openssl >= 1.1.1 - MINOR : dns: allow srv record weight set to 0 -
stable-bot: WARNING: 41 bug fixes in queue for next release - 2.0
Hi, This is a friendly bot that watches fixes pending for the next haproxy-stable release! One such e-mail is sent periodically once patches are waiting in the last maintenance branch, and an ideal release date is computed based on the severity of these fixes and their merge date. Responses to this mail must be sent to the mailing list. Last release 2.0.12 was issued on 2019/12/21. There are currently 41 patches in the queue cut down this way: - 2 MAJOR, first one merged on 2020/01/20 - 17 MEDIUM, first one merged on 2020/01/09 - 22 MINOR, first one merged on 2020/01/09 Thus the computed ideal release date for 2.0.13 would be 2020/02/03, which was one week ago. The current list of patches in the queue is: - MAJOR : memory: Don't forget to unlock the rwlock if the pool is empty. - MAJOR : hashes: fix the signedness of the hash inputs - MEDIUM : mux_h1: Don't call h1_send if we subscribed(). - MEDIUM : mux-h2: make sure we don't emit TE headers with anything but "trailers" - MEDIUM : pipe: fix a use-after-free in case of pipe creation error - MEDIUM : memory: Add a rwlock before freeing memory. - MEDIUM : mux-h2: fix missing test on sending_list in previous patch - MEDIUM : memory_pool: Update the seq number in pool_flush(). - MEDIUM : session: do not report a failure when rejecting a session - MEDIUM : ssl: Don't forget to free ctx->ssl on failure. - MEDIUM : connections: Don't forget to unlock when killing a connection. - MEDIUM : cli: _getsocks must send the peers sockets - MEDIUM : connections: Hold the lock when wanting to kill a connection. - MEDIUM : checks: Only attempt to do handshakes if the connection is ready. - MEDIUM : mworker: remain in mworker mode during reload - MEDIUM : 0rtt: Only consider the SSL handshake. - MEDIUM : http-ana: Truncate the response when a redirect rule is applied - MEDIUM : connection: add a mux flag to indicate splice usability - MEDIUM : mux-h2: don't stop sending when crossing a buffer boundary - MINOR : stream-int: Don't trigger L7 retry if max retries is already reached - MINOR : ssl: we may only ignore the first 64 errors - MINOR : checks: refine which errno values are really errors. - MINOR : connection: fix ip6 dst_port copy in make_proxy_line_v2 - MINOR : channel: inject output data at the end of output - MINOR : http_act: don't check capture id in backend - MINOR : cli/mworker: can't start haproxy with 2 programs - MINOR : dns: Make dns_query_id_seed unsigned - MINOR : cache: Fix leak of cache name in error path - MINOR : stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - MINOR : mux-h2: use a safe list_for_each_entry in h2_send() - MINOR : http-ana/filters: Wait end of the http_end callback for all filters - MINOR : tcp-rules: Fix memory releases on error path during action parsing - MINOR : tcpchecks: fix the connect() flags regarding delayed ack - MINOR : pattern: handle errors from fgets when trying to load patterns - MINOR : stktable: report the current proxy name in error messages - MINOR : proxy: Fix input data copy when an error is captured - MINOR : http-rules: Remove buggy deinit functions for HTTP rules - MINOR : 51d: Fix bug when HTX is enabled - MINOR : stream: don't mistake match rules for store-request rules - MINOR : dns: allow srv record weight set to 0 - MINOR : h1: Report the right error position when a header value is invalid --- The haproxy stable-bot is freely provided by HAProxy Technologies to help improve the quality of each HAProxy release. If you have any issue with these emails or if you want to suggest some improvements, please post them on the list so that the solutions suiting the most users can be found.
stable-bot: WARNING: 54 bug fixes in queue for next release - 2.1
Hi, This is a friendly bot that watches fixes pending for the next haproxy-stable release! One such e-mail is sent periodically once patches are waiting in the last maintenance branch, and an ideal release date is computed based on the severity of these fixes and their merge date. Responses to this mail must be sent to the mailing list. Last release 2.1.2 was issued on 2019/12/21. There are currently 54 patches in the queue cut down this way: - 2 MAJOR, first one merged on 2020/01/20 - 20 MEDIUM, first one merged on 2020/01/09 - 32 MINOR, first one merged on 2020/01/07 Thus the computed ideal release date for 2.1.3 would be 2020/02/03, which was one week ago. The current list of patches in the queue is: - MAJOR : memory: Don't forget to unlock the rwlock if the pool is empty. - MAJOR : hashes: fix the signedness of the hash inputs - MEDIUM : pipe: fix a use-after-free in case of pipe creation error - MEDIUM : 0rtt: Only consider the SSL handshake. - MEDIUM : ssl/cli: 'commit ssl cert' wrong SSL_CTX init - MEDIUM : http-ana: Truncate the response when a redirect rule is applied - MEDIUM : mux-h2: make sure we don't emit TE headers with anything but "trailers" - MEDIUM : ssl: Don't forget to free ctx->ssl on failure. - MEDIUM : memory: Add a rwlock before freeing memory. - MEDIUM : netscaler: Don't forget to allocate storage for conn->src/dst. - MEDIUM : connections: Don't forget to unlock when killing a connection. - MEDIUM : connection: add a mux flag to indicate splice usability - MEDIUM : cli: _getsocks must send the peers sockets - MEDIUM : memory_pool: Update the seq number in pool_flush(). - MEDIUM : mux_h1: Don't call h1_send if we subscribed(). - MEDIUM : mux-h2: fix missing test on sending_list in previous patch - MEDIUM : tasks: Use the MT macros in tasklet_free(). - MEDIUM : session: do not report a failure when rejecting a session - MEDIUM : mworker: remain in mworker mode during reload - MEDIUM : connections: Hold the lock when wanting to kill a connection. - MEDIUM : checks: Only attempt to do handshakes if the connection is ready. - MEDIUM : mux-h2: don't stop sending when crossing a buffer boundary - MINOR : h1: Report the right error position when a header value is invalid - MINOR : channel: inject output data at the end of output - MINOR : ssl: we may only ignore the first 64 errors - MINOR : ssl/cli: free the previous ckch content once a PEM is loaded - MINOR : 51d: Fix bug when HTX is enabled - MINOR : pattern: handle errors from fgets when trying to load patterns - MINOR : proxy: Fix input data copy when an error is captured - MINOR : ssl: increment issuer refcount if in chain - MINOR : stream: don't mistake match rules for store-request rules - MINOR : stream-int: Don't trigger L7 retry if max retries is already reached - MINOR : connection: fix ip6 dst_port copy in make_proxy_line_v2 - MINOR : tcp-rules: Fix memory releases on error path during action parsing - MINOR : dns: Make dns_query_id_seed unsigned - MINOR : http_act: don't check capture id in backend - MINOR : ssl: ssl_sock_load_issuer_file_into_ckch memory leak - MINOR : cli/mworker: can't start haproxy with 2 programs - MINOR : ssl/cli: ocsp_issuer must be set w/ "set ssl cert" - MINOR : ssl: ssl_sock_load_ocsp_response_from_file memory leak - MINOR : ssl: clear the SSL errors on DH loading failure - MINOR : tcpchecks: fix the connect() flags regarding delayed ack - MINOR : stktable: report the current proxy name in error messages - MINOR : stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - MINOR : checks: refine which errno values are really errors. - MINOR : ssl: ssl_sock_load_sctl_from_file memory leak - MINOR : http-rules: Remove buggy deinit functions for HTTP rules - MINOR : ssl: ssl_sock_load_pem_into_ckch is not consistent - MINOR : mux-h2: use a safe list_for_each_entry in h2_send() - MINOR : ssl: typo in previous patch - MINOR : ssl: Possible memleak when allowing the 0RTT data buffer. - MINOR : ssl: memory leak w/ the ocsp_issuer - MINOR : http-ana/filters: Wait end of the http_end callback for all filters - MINOR : cache: Fix leak of cache name in error path --- The haproxy stable-bot is freely provided by HAProxy Technologies to help improve the quality of each HAProxy release. If you have any issue with these emails or if you want to suggest some improvements, please post them on the list so that the solutions suiting the most users can be found.
[PATCH] add workaround to cirrus-ci
Hello, I attached a workaround to recent cirrus-ci failures. also, few improvements. Cheers, Ilya Shipitcin From bbefa0574b0e3b8e872422f9419a458928a433d0 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 8 Feb 2020 13:30:54 +0500 Subject: [PATCH] cirrus-ci: workaround "pkg install" bug there's a bug https://github.com/freebsd/pkg/issues/902 adding "pkg update -f && pkg upgrade -y" is workaround. also, add ERR=1 to make, also switch to "snap" images to unify openssl package naming. also, added freebsd-13 build --- .cirrus.yml | 13 - 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 4143e687b..1a07c80c7 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -1,21 +1,16 @@ FreeBSD_task: freebsd_instance: matrix: - image_family: freebsd-12-1 + image_family: freebsd-13-0-snap + image_family: freebsd-12-1-snap image_family: freebsd-11-3-snap only_if: $CIRRUS_BRANCH =~ 'master|next' install_script: -- case `uname -r` in -11.3*) - export SSL=openssl;; -12.1*) - export SSL=openssl111;; - esac -- pkg install -y $SSL git gmake lua53 socat +- pkg update -f && pkg upgrade -y && pkg install -y openssl git gmake lua53 socat script: - git clone https://github.com/VTest/VTest.git ../vtest - make -C ../vtest -- gmake CC=clang V=1 TARGET=freebsd USE_ZLIB=1 USE_PCRE=1 USE_OPENSSL=1 USE_LUA=1 LUA_INC=/usr/local/include/lua53 LUA_LIB=/usr/local/lib LUA_LIB_NAME=lua-5.3 +- gmake CC=clang V=1 ERR=1 TARGET=freebsd USE_ZLIB=1 USE_PCRE=1 USE_OPENSSL=1 USE_LUA=1 LUA_INC=/usr/local/include/lua53 LUA_LIB=/usr/local/lib LUA_LIB_NAME=lua-5.3 - ./haproxy -vv - ldd haproxy - env VTEST_PROGRAM=../vtest/vtest gmake reg-tests || (for folder in /tmp/*regtest*/vtc.*; do cat $folder/INFO $folder/LOG; done && exit 1) -- 2.24.1
