Hi, HAProxy 1.9.1 was released on 2019/01/08. It added 90 new commits after version 1.9.0.
One of them fixes a security issue discovered by Tim Düsterhus (CVE-2018-20615) : BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used An incorrect frame length check is performed on HEADERS frame having the PRIORITY flag, possibly resulting in a read-past-bound which can cause a crash depending how the frame is crafted. All 1.9 and 1.8 versions are affected. As a result, all HTTP/2 users must either upgrade or temporarily disable HTTP/2 by commenting the "npn h2" and "alpn h2" statements on their related "bind" lines. This version also collects a number of significant bug fixes that were reported since the release, among which : - risk of crashes when using HTTP reuse with more than 5 servers for a given session ; - occasional zombie connections when objects retrieved from the cache were compressed during delivery ; - some chunked-encoding inconsistencies between H1 on one side and H2 on the other one in HTX mode ; - a few other HTX issues I honestly don't remember in details - a small number of lost event issues affecting the H1 and H2 muxes, possibly resulting in occasional timeouts and/or zombie connections Lukas' update to redispatch connection failures when using consistent hash was merged as well as eventhough it was not really a bug, it was at least a counter-intuitive behaviour. An annoying limitation was also reported and addressed : health checks currently cannot use the H2 mux to send HTTP requests to H2 servers, but since the ALPN string is set per server, it wasn't possible to force these checks to at least rely on HTTPS instead. A new "check-alpn" directive was added to allow to specify the ALPN string to advertise for checks to address this. A number of updates were merged to the regression testing suite since it helps us a lot to reproduce bugs and improve reliability. What's nice is that www.haproxy.org has been running on this code since the release with only very minor glitches (a few tens of zombie connections a week due to the compression+cache issue etc) and doesn't show any sign of trouble anymore after these fixes. I intend to issue 1.9.2 soon (possibly next week) with a small bunch of additional minor fixes that I didn't want to mix with this version. In addition I managed to implement the long-missing support for H2 CONTINUATION frames and trailers which are sufficiently low risk to be backported. Thanks to these, h2spec now reports zero error, and gRPC works out of the box through HAProxy :-) Thus unless someone steps up with a good objection to these being backported into 1.9, we'll do it. Anyway, please don't forget to update! Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Sources : http://www.haproxy.org/download/1.9/src/ Git repository : http://git.haproxy.org/git/haproxy-1.9.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-1.9.git Changelog : http://www.haproxy.org/download/1.9/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Alex Zorin (1): MINOR: payload: add sample fetch for TLS ALPN Christopher Faulet (36): BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() BUG/MINOR: compression/htx: Don't compress responses with unknown body length BUG/MINOR: compression/htx: Don't add the last block of data if it is empty MINOR: channel: Add the function channel_add_input MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown BUG/MAJOR: htx: Return the good block address after a defrag BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done REGTEST: Require the option LUA to run lua tests REGTEST: script: Process script arguments before everything else REGTEST: script: Evaluate the varnishtest command to allow quoted parameters REGTEST: script: Add the option --clean to remove previous log direcotries REGTEST: script: Add the option --debug to show logs on standard ouput REGTEST: script: Add the option --keep-logs to keep all log directories REGTEST: script: Add the option --use-htx to enable the HTX in regtests REGTEST: script: Print only errors in the results report REGTEST: Add option to use HTX prefixed by the macro 'no-htx' REGTEST: script: Add support of alternatives in requited options list REGTEST: Add a basic test for the compression BUG/MINOR: cache/htx: Be sure to count partial trailers MINOR: stream/htx: Add info about the HTX structs in "show sess all" command MINOR: stream: Add the subscription events of SIs in "show sess all" command MINOR: mux-h1: Add the subscription events in "show fd" command MINOR: htx: Add an helper function to get the max space usable for a block MINOR: channel/htx: Add HTX version for some helper functions BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done MEDIUM: mux-h1: Clarify how shutr/shutw are handled BUG/MINOR: compression: Disable it if another one is already in progress BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams BUG/MINOR: cache: Disable the cache if any compression filter precedes it MINOR: htx: Add a function to truncate all blocks after a specific offset MINOR: channel/htx: Add the HTX version of channel_truncate/erase BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer Frédéric Lécaille (8): REGTEST: A basic test for "http-buffer-request" REGTEST: Add a reg test for health-checks over SSL/TLS. REGTEST: Make reg-tests target support argument. REGTEST: Fix a typo about barrier type. REGTEST: Be less Linux specific with a syslog regex. REGTEST: Missing enclosing quotes for ${tmpdir} macro. REGTEST: Exclude freebsd target for some reg tests. REGTEST: Add some informatoin to test results. Jarno Huuskonen (2): DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...) DOC: http-request cache-use / http-response cache-store expects cache name Jérôme Magnin (2): BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() BUG/MINOR: htx: send the proper authenticate header when using http-request auth Nikhil Agrawal (1): BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error Olivier Houchard (17): BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free(). BUG/MAJOR: connections: Close the connection before freeing it. BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE. BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full. BUG/MEDIUM: server: Also copy "check-sni" for server templates. BUG/MEDIUM: servers: Don't try to reuse connection if we switched server. BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream. BUG/MAJOR: servers: Use the list api correctly to avoid crashes. BUG/MAJOR: servers: Correctly use LIST_ELEM(). BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list. BUG/MEDIUM: servers: Flag the stream_interface on handshake error. MEDIUM: servers: Be smarter when switching connections. MINOR: ssl: Add ssl_sock_set_alpn(). MEDIUM: checks: Add check-alpn. MEDIUM: mux_h1: Implement h1_show_fd. BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv(). BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized. PiBa-NL (1): REGTEST: mailers: add new test for 'mailers' section Thierry FOURNIER (2): BUG/MINOR: lua: bad args are returned for Lua actions BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred Willy Tarreau (20): BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames MINOR: mux-h2: only increase the connection window with the first update REGTESTS: remove the expected window updates from H2 handshakes BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max BUG/MEDIUM: mux-h2: always restart reading if data are available BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers() BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2 MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests MINOR: lb: allow redispatch when using consistent hash MINOR: stream/htx: add the HTX flags output in "show sess all" MINOR: stream/cli: fix the location of the waiting flag in "show sess all" MINOR: stream/cli: report more info about the HTTP messages on "show sess all" BUG/MEDIUM: cli: make "show sess" really thread-safe DOC: regtest: make it clearer what the purpose of the "broken" series is BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used ---