Hi, HAProxy 2.2.7 was released on 2021/01/08. It added 60 new commits after version 2.2.6.
Here come the bugs that were fixed since 2.2.6: - Gilchrist Dadaglo fixed a number of issues in the SPOA Python example, particularly on the error handling path. I seem to understand that most of them are related to risks of memory leaks. If you wrote some code using them as a form of documentation, please have a look at the recent changes there to see if you need to fix your code as well. - Emeric fixed an issue in the rings that happens only when their contents are forwarded over TCP (e.g. TCP logging). An incorrect refcounting on connection error could result in unpredictable behaviour (typically a blocking of transmission or misaligned or corrupted data being sent). - Olivier fixed a problem affecting users of ARM-based Macs, whose assembler takes the semi-colon as a comment instead of an instruction delimiter, causing the CAS to fail and loop forever. - Christopher fixed a delay issue affecting tunnels, where MSG_MORE was accidently left set, possibly delaying sending incomplete packets by up to 200ms. - Christopher also addressed a race condition affecting leastconn if a server's weight is changed to zero at the same moment the server is repositionned in the tree. In fact it's only an issue for 1.8 but the code was not correct in more recent versions either, but they're just more robust :-) - Tim fixed a missing call to the H2 mux's wakeup function in some cases. The bug could in theory cause some delays on long responses having no otherwise traffic, but could not be observed. - Amaury fixed two crashes related to idle connections, one happening at cleanup time if a server was configured to have no idle conns, and another one happening on startup with a disabled backend. - William fixed an incomplete removal of SSL certificate when issuing "commit ssl cert", leaving SNIs and maybe a few other settings alive. - Baptiste fixed a DNS bug when SRV records return multiple entries for the same host using Additional Records, in this case only the first one would be taken from the AR. - Thierry addressed a handful of low-importance Lua issues that were found during a code review. - Christopher found that the "keep-alive" timeout was not considered by muxes, only the client timeout was, because it used to be handled at the stream level while it should now move down to the mux (which his fix does). - the "concat" converter could corrupt its output if a non-string variable was used in the middle (e.g. an integer). - Christopher addressed a use-after-free issue affecting the H1 mux in 2.4 in combination with pipelining. The same construct exists in 2.3 and 2.2 though no code path was found to be able to trigger it. Better fix it anyway. - tcpchecks could report some wrong states sometimes, and could use larger timeouts than desired because they would refresh it on each read. That's roughly all for bugs. Two minor features were backported, one is William Dauchy's new "build_info" field in the prometheus exporter, which reports the exact haproxy version for those who need to adjust their behavior depending on the version, and the second is the new "url_enc" converter which eases encoding of anything to be placed used in a query string (e.g. for a redirect that will be decoded using url_dec). And there were the usual amount of build fixes and doc updates. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Wiki : https://github.com/haproxy/wiki/wiki Sources : http://www.haproxy.org/download/2.2/src/ Git repository : http://git.haproxy.org/git/haproxy-2.2.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.2.git Changelog : http://www.haproxy.org/download/2.2/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Amaury Denoyelle (2): BUG/MINOR: srv: do not init address if backend is disabled BUG/MINOR: srv: do not cleanup idle conns if pool max is null Baptiste Assmann (1): BUG/MINOR: dns: SRV records ignores duplicated AR records Christian Ruppert (1): BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h Christopher Faulet (12): BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections BUG/MINOR: http-check: Use right condition to consider HTX message as full BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules BUG/MINOR: tools: make parse_time_err() more strict on the timer validity BUG/MINOR: tools: Reject size format not starting by a digit BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule DOC: Add maintainers for the Prometheus exporter David Carlier (2): BUILD/MINOR: haproxy DragonFlyBSD affinity build update. DOC: email change of the DeviceAtlas maintainer Emeric Brun (1): BUG/MAJOR: ring: tcp forward on ring can break the reader counter. Gilchrist Dadaglo (8): BUG/MAJOR: spoa/python: Fixing return None DOC: spoa/python: Fixing typo in IP related error messages DOC: spoa/python: Rephrasing memory related error messages DOC: spoa/python: Fixing typos in comments BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments BUG/MEDIUM: spoa/python: Fixing references to None Ilya Shipitsin (3): BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error Olivier Houchard (1): MINOR: atomic: don't use ; to separate instruction on aarch64. Phil Scherer (1): DOC/MINOR: Fix formatting in Management Guide Pierre Cheynier (1): CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric Thayne McCombs (2): DOC: fix some spelling issues over multiple files SCRIPTS: announce-release: fix typo in help message Thierry Fournier (8): BUG/MINOR: lua: missing "\n" in error message BUG/MINOR: lua: lua-load doesn't check its parameters BUG/MINOR: lua: Post init register function are not executed beyond the first one BUG/MINOR: lua: Some lua init operation are processed unsafe MINOR: actions: Export actions lookup functions MINOR: actions: add a function returning a service pointer from its name MINOR: cli: add a function to look up a CLI service description BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times Tim Duesterhus (3): BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails William Dauchy (3): MINOR: converter: adding support for url_enc BUILD: Makefile: exclude broken tests by default MINOR: contrib/prometheus-exporter: export build_info William Lallemand (1): BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert" Willy Tarreau (10): REGTESTS: make use of HAPROXY_ARGS and pass -dM by default BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well CONTRIB: halog: fix build issue caused by %L printf format CONTRIB: halog: mark the has_zero* functions unused CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps CONTRIB: debug: address "poll" utility build on non-linux platforms BUILD: plock: remove dead code that causes a warning in gcc 11 SCRIPTS: improve announce-release to support different tag and versions SCRIPTS: make announce release support preparing announces before tag exists BUG/MINOR: sample: fix concat() converter's corruption with non-string variables ---