Hi, HAProxy 2.0.29 was released on 2022/05/13. It added 41 new commits after version 2.0.28.
Here are the issues fixed by this release: * An internal issue leading to truncated messages was fixed. When data were mixed with an error report, connection errors could be handled too early by the stream-interface. Now connection errors are only considered by the stream-interface during the connection establishment. After that, it relies on the conn-stream to be notified of any error. * An issue in the pass-through multiplexer, exposed by the previous fix, and that may lead to a loop at 100% CPU was fixed. Connection error was not properly reported to the conn-stream on the sending path. * Still on the pass-through multiplexer, a fix of the previous release was reverted because it introduced a regression in legacy HTTP mode. A crash could be experienced when a keep-alive backend connection was reused. While the fix is valid for higher versions, it is not applicable for this one. * A major issue in the DNS part was fixed. A concurrency issue that could lead to a crash when a DNS request was failing. Because of some missing locks on dgram structure, it was possible to set the UDP socket FD to -1 on a thread while it as used to access to fdtab array on another thread. * Two issues in the H1 multiplexer were fixed. First, Connection error was reported to early, when there were still pending data for the stream. Because of this bug, last pending data could be truncated. Now the connection error is reported only if there is no pending data. The second issue is a problem about full buffer detection during the trailers parsing. Because of this bug, it was possible to block the message parsing till the timeout expiration. The same bug was fixed about processing of EOM block. * Some issues in the H2 multiplexers were fixed. First the GOAWAY frame is no longer sent if SETTINGS were not sent. Then, as announced, the "timeout http-keep-alive" and "timeout http-request" are now respected and work as documented, so that it will finally be possible to force such connections to be closed when no request comes even if they're seeing control traffic such as PING frames. This can typically happen in some server-to-server communications whereby the client application makes use of PING frames to make sure the connection is still alive. * A crash of HAproxy was fixed. It happened when HAproxy was compiled without the PCRE/PCRE2 support if it tried to replace part of the uri while the path is invalid or not specified. * Some bugs in CLI commands were fixed. "show resolvers" and "show cli sockets" commands were not properly yielding and some locks were missing in "show map" command. It is very unlikely to have ever hit one of these bugs, but not impossible though. In addition, expired entries were displayed in "show cache" output. These entries are now evicted instead of being listed. * The watchdog could be erroneously triggered because an unitialized value was not tested. It was possible to encounter this issue in the master just after loading the configuration. * It was reported the maximum line length on the server-state file was too small. It was increased to 2kB. * Some shared pools were not properly released on exit. * An improvement which is not related to the code, with the precious help of Tim and Cyril, we could finally set up an automatic generation of the HTML documentation. It's performed daily and published on github pages at http://docs.haproxy.org. Thanks everyone for your help and your contributions! Please find the usual URLs below : Site index : http://www.haproxy.org/ Documentation : http://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/2.0/src/ Git repository : http://git.haproxy.org/git/haproxy-2.0.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git Changelog : http://www.haproxy.org/download/2.0/src/CHANGELOG Pending bugs : http://www.haproxy.org/l/pending-bugs Reviewed bugs : http://www.haproxy.org/l/reviewed-bugs Code reports : http://www.haproxy.org/l/code-reports Latest builds : http://www.haproxy.org/l/dev-packages --- Complete changelog : Christopher Faulet (7): Revert "BUG/MAJOR: mux-pt: Always destroy the backend connection on detach" BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid BUG/MEDIUM: mux-h1: Don't request more room on partial trailers BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags BUG/MINOR: cache: Disable cache if applet creation fails REGTESTS: fix the race conditions in be2dec.vtc ad field.vtc CLEANUP: mux-h1: Fix comments and error messages for global options Emeric Brun (1): BUG/MAJOR: dns: multi-thread concurrency issue on UDP socket Ilya Shipitsin (3): CI: github actions: switch to LibreSSL-3.5.1 CI: github actions: update LibreSSL to 3.5.2 BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x Lukas Tribus (1): DOC: reflect H2 timeout changes Tim Duesterhus (2): CI: Update to actions/checkout@v3 CI: Update to actions/cache@v3 William Lallemand (4): BUG/MINOR: tools: fix url2sa return value with IPv4 BUILD: dns: fix backport of previous dns fix BUG/MINOR: tools: url2sa reads too far when no port nor path BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized Willy Tarreau (22): BUG/MEDIUM: mux-h1: only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf BUG/MEDIUM: stream-int: do not rely on the connection error once established MEDIUM: mux-h2: slightly relax timeout management rules BUG/MEDIUM: mux-h2: make use of http-request and keep-alive timeouts BUG/MAJOR: mux_pt: always report the connection error to the conn_stream BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent BUG/MINOR: cache: do not display expired entries in "show cache" BUG/MINOR: mux-h2: do not use timeout http-keep-alive on backend side BUG/MINOR: mux-h2: use timeout http-request as a fallback for http-keep-alive SCRIPTS: announce-release: update the doc's URL DOC: lua: update a few doc URLs SCRIPTS: announce-release: add shortened links to pending issues DOC: remove my name from the config doc BUG/MINOR: pools: make sure to also destroy shared pools in pool_destroy_all() BUILD: proto_uxst: do not set unused flag BUILD: sockpair: do not set unused flag SCRIPTS: announce-release: add URL of dev packages BUG/MINOR: mux-h2: mark the stream as open before processing it not after BUG/MEDIUM: cli: make "show cli sockets" really yield BUG/MINOR: map/cli: protect the backref list during "show map" errors BUG/MINOR: map/cli: make sure patterns don't vanish under "show map"'s init DOC: fix typo "ant" for "and" in INSTALL vigneshsp (1): BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes). -- Christopher Faulet