Hi, HAProxy 2.0.1 was released on 2019/06/26. It added 27 new commits after version 2.0.0.
This new version fixes several annoying bugs with various visible effects. Among others, two majors bugs have been fixed. The first one is a regression on stick-tables. HAProxy was unable to start when a stick-table was used in "if/unless" ACL condition. An error claimed the stick-table name was missing. The second major bug is in the H1 multiplexer. The area of a trash chunk was easily able to be released by error when an outgoing HTTP message was formatted. So it is a pretty old bug and it is strange we never spotted it before. But it led to a memory corruption and thus to a wide variety of bugs. Several bugs in the HTX was fixed. One of them concerned the H2. When cookie headers were grouped during the conversion of an H2 request into an HTX message, the HTX message was not fully updated. When it happened, most of time the connection hung. Another bug concerned the way 1xx informational messages was emitted by HAProxy. An EOM was mistakenly added in these HTX messages. It was totally valid on HAProxy-1.9. But in 2.0, these messages are part of the response and must never have EOM block. This unexpected error was not correctly caught, blocking the connection. Now, when HAProxy generates such transitional responses, it does not emit EOM block. And if an unexpected error happens during H1 output formatting, a fatal error is triggered and the connection is closed. On the H1 multiplexer, parsing errors when a too big message was received were not correctly caught, blocking connections. It was due to an optimization to allow zero copy transfers. In the H2 multiplexer, the frame padding was not correctly handled in two ways, leading in both cases to protocol errors. Olivier fixed a bug on the connection's layer when the PROXY protocol was used. The xprt handshake was not always present to send the PROXY protocol header, leading to an infinite loop. He also fixed a bug in the SSL that was able to crash HAProxy. In the function ssl_subscribe(), before doing anything, we must be sure to have an xprt context. Finally he fixed a bug on stream-interfaces. The flag SI_FL_ERR was unconditionally set when an error was detected on the connection or on the conn-stream. But it must only be set when the stream-interface is connected or is attempting a connection. A segfault was fixed in the leastconn LB algorithm because of an unsafe test outside the LB lock. Thanks to Tim Duesterhus, HAProxy now set the header "Vary" in compressed responses. William fixed two bugs in the master-worker. The first was a segfault when the master switched to wait mode because the thread and the fdtab deinit functions were called. The second was about the master cli that was unable to send commands to several workers. Finally, as always, some small other bugs were fixed here and there. Thanks to everyone to report and/or fixed bugs, or just for testing this new major release. Of course, we encourage everyone to upgrade. Several bugs considered as fixed are a bit hard or a bit long to reproduce. So we hope this release is better than the last one. But please continue to report any issue you'll meet! Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/2.0/src/ Git repository : http://git.haproxy.org/git/haproxy-2.0.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git Changelog : http://www.haproxy.org/download/2.0/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ --- Complete changelog : Christopher Faulet (14): BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages MINOR: htx: Add the function htx_change_blk_value_len() BUG/MEDIUM: htx: Fully update HTX message when the block value is changed BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted BUG/MINOR: memory: Set objects size for pools in the per-thread cache BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages BUG/MINOR: mux-h1: Make format errors during output formatting fatal Frédéric Lécaille (1): BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. Olivier Houchard (3): BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON. BUG/MEDIUM: connections: Always add the xprt handshake if needed. BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx. Tim Duesterhus (4): BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse BUG/MINOR: spoe: Fix memory leak if failing to allocate memory BUG/MINOR: log: Detect missing sampling ranges in config William Lallemand (2): BUG/MEDIUM: mworker: don't call the thread and fdtab deinit BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore Willy Tarreau (3): BUILD: mworker: silence two printf format warnings around getpid() BUILD: makefile: use :space: instead of digits to count commits BUILD: makefile: do not rely on shell substitutions to determine git version -- Christopher Faulet