That's great! Will HAProxy adopt TLS 1.3 soon?
On Tue, Dec 13, 2016 at 7:39 AM, Willy Tarreau <w...@1wt.eu> wrote: > Hi, > > HAProxy 1.7.1 was released on 2016/12/13. It added 28 new commits > after version 1.7.0. > > It addresses a few issues related to how buffers are allocated under > low memory condition consecutive to the applet scheduling changes > introduced before 1.6 was released (Christopher found a nest of pre-1.6 > bugs in this area when trying to stress SPOE and each time he would fix > one, another would pop up), and a few other issues specific to 1.7 : > > - CONNECT method was broken since the introduction in filters in > 1.7-dev2 or so. It seems like nobody deploys a development version > in front of an outgoing proxy (which I can easily understand) > > - "show stat resolvers" and "show tls-keys" were wrong after the move > out of cli.c (typo in return value) > > - "show stat" on a proxy with no LB algo (transparent or redispatch) > could crash by trying to dereference the algo name which was null. > Now it will report "none" or "unknown". > > - fixed LibreSSL support > > The rest is pretty minor and mostly doc cleanups and spelling fixes. Given > that the two "major" bugs and half of the medium ones also affect 1.6, > expect 1.6.11 in the next few weeks. It's important to note that while > marked "major", they only manifest under strong memory pressure. > > Please find the usual URLs below : > Site index : http://www.haproxy.org/ > Discourse : http://discourse.haproxy.org/ > Sources : http://www.haproxy.org/download/1.7/src/ > Git repository : http://git.haproxy.org/git/haproxy-1.7.git/ > Git Web browsing : http://git.haproxy.org/?p=haproxy-1.7.git > Changelog : http://www.haproxy.org/download/1.7/src/CHANGELOG > Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ > > Willy > --- > Complete changelog : > > Ben Shillito (1): > DOC: Added 51Degrees conv and fetch functions to documentation. > > Christopher Faulet (12): > BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used > BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for > tunneled txn > BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and > IS_DATA_FILTER > BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and > XFER_DATA analyzers > BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in > tunnel mode > DOC: Add undocumented argument of the trace filter > DOC: Fix some typo in SPOE documentation > BUG/MINOR: cli: be sure to always warn the cli applet when input buffer > is full > MINOR: applet: Count number of (active) applets > MINOR: task: Rename run_queue and run_queue_cur counters > BUG/MEDIUM: stream: Save unprocessed events for a stream > BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled > > Dragan Dosen (1): > BUG/MINOR: cli: allow the backslash to be escaped on the CLI > > Luca Pizzamiglio (1): > BUILD/MEDIUM: Fixing the build using LibreSSL > > Marcin Deranek (1): > MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id > > Matthieu Guegan (1): > BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a > redirect > > Ruoshan Huang (1): > DOC: Fix map table's format > > Thierry FOURNIER / OZON.IO (3): > BUG/MEDIUM: variables: some variable name can hide another ones > DOC: lua: Documentation about some entry missing > MINOR: Do not forward the header "Expect: 100-continue" when the option > http-buffer-request is set > > Tim Düsterhus (1): > DOC: Spelling fixes > > Willy Tarreau (7): > BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos > BUG/MINOR: stats: make field_str() return an empty string on NULL > BUG/MAJOR: stream: fix session abort on resource shortage > BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" > DOC: mention that req_tot is for both frontends and backends > BUG/MINOR: stats: fix be/sessions/max output in html stats > [RELEASE] Released version 1.7.1 > >