Am 22.06.2018 um 16:42 schrieb William Lallemand: > Hi, > > HAProxy 1.8.10 was released on 2018/06/22. It added 40 new commits > after version 1.8.9.
The image is also updated. https://hub.docker.com/r/me2digital/haproxy18/ ### $ docker run --rm --entrypoint /usr/local/sbin/haproxy me2digital/haproxy18 -vv HA-Proxy version 1.8.10-ec17d7a 2018/06/22 Copyright 2000-2018 Willy Tarreau <wi...@haproxy.org> Build options : TARGET = linux2628 CPU = generic CC = gcc CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -fno-strict-overflow -Wno-unused-label OPTIONS = USE_LINUX_SPLICE=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_REGPARM=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_TFO=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200 Built with OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017 Running on OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2 Built with Lua version : Lua 5.3.4 Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Encrypted password support via crypt(3): yes Built with multi-threading support. Built with PCRE version : 8.32 2012-11-30 Running on PCRE version : 8.32 2012-11-30 PCRE library supports JIT : yes Built with zlib version : 1.2.7 Running on zlib version : 1.2.7 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with network namespace support. Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available filters : [SPOE] spoe [COMP] compression [TRACE] trace ### Best regards aleks > This version fixes several bugs that were crashing haproxy, when using > http-request set-map with a wrong type or with the cirpherlist capture. > Some deadlocks and crashes were also fixed that were provoked by the lua. > > There was also an issue with the poller which was using 100% of the CPU. > > It fixes several issues where haproxy was not leaving anymore when asked for a > soft stop, or a reload in master-worker mode. These issues were amplified with > the use of nbthread. > > The SPOP version has been upgraded to 2.0. Due to an inconsistency in the > examples and the reference implementation the 1.0 version is not supported > anymore. This new version is basically the 1.0 with a bugfix. If your SPOP > agent does not work anymore, you must upgrade the version and fix the SPOP > flags. See commits c4dcaff, 48d02d0, 633f3bf in the master. > > Thanks to all people who reported and helped fix those issues. > > Users are encouraged to update. > > Please find the usual URLs below : > Site index : http://www.haproxy.org/ > Discourse : http://discourse.haproxy.org/ > Sources : http://www.haproxy.org/download/1.8/src/ > Git repository : http://git.haproxy.org/git/haproxy-1.8.git/ > Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git > Changelog : http://www.haproxy.org/download/1.8/src/CHANGELOG > Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ > > > --- > Complete changelog : > Christopher Faulet (9): > BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode > flags > BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode > flags > BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in > sync mode > MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for > 1.0 > BUG/MINOR: contrib/spoa_example: Don't reset the status code during > disconnect > BUG/MINOR: contrib/mod_defender: Don't reset the status code during > disconnect > BUG/MINOR: contrib/modsecurity: Don't reset the status code during > disconnect > BUG/MEDIUM: threads: Use the sync point to check active jobs and exit > MINOR: threads: Be sure to remove threads from all_threads_mask on exit > > Daniel Corbett (2): > BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file > BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters > > David Carlier (1): > DOC: contrib/modsecurity: few typo fixes > > Dragan Dosen (2): > BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame > BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame > > Frédéric Lécaille (1): > BUG/MINOR: lua: Segfaults with wrong usage of types. > > Kevin Zhu (1): > DOC: SPOE.txt: fix a typo > > Olivier Houchard (4): > BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check > failure. > BUG/MEDIUM: fd: Only check update_mask against all_threads_mask. > BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless > reload. > BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). > > Thierry FOURNIER (11): > BUG/MEDIUM: spoe: Flags are not encoded in network order > BUG/MEDIUM: lua/socket: Length required read doesn't work > MINOR: task/notification: Is notifications registered ? > BUG/MEDIUM: lua/socket: wrong scheduling for sockets > BUG/MAJOR: lua: Dead lock with sockets > BUG/MEDIUM: lua/socket: Notification error > BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock > BUG/MEDIUM: lua/socket: Buffer error, may segfault > MINOR: lua: Increase debug information > BUG/MAJOR: ssl: Random crash with cipherlist capture > BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot > > William Lallemand (5): > BUG/MEDIUM: cache: don't cache when an Authorization header is present > BUG/MEDIUM: threads: handle signal queue only in thread 0 > BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing > BUG/MINOR: signals: ha_sigmask macro for multithreading > BUG/MAJOR: map: fix a segfault when using http-request set-map > > Willy Tarreau (3): > BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn > computation > BUG/BUILD: threads: unbreak build without threads > BUG/BUILD: fd: fix typo causing a warning when threads are disabled > > sada (1): > BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 > arguments. > > --- >
