From f57a29a1cd4c301986a895772312d70c2fedf955 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 2 Jun 2017 15:59:51 +0200 Subject: [PATCH] [RELEASE] Released version 1.8-dev2 Released version 1.8-dev2 with the following main changes : - CLEANUP: server: moving netinet/tcp.h inclusion - DOC: changed "block"(deprecated) examples to http-request deny - DOC: add few comments to examples. - DOC: update sample code for PROXY protocol - DOC: mention lighttpd 1.4.46 implements PROXY - MINOR server: Restrict dynamic cookie check to the same proxy. - DOC: stick-table is available in frontend sections - BUG/MINOR: server : no transparent proxy for DragonflyBSD - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() - BUILD/MINOR: tools: fix build warning in debug_hexdump() - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character - BUG/MINOR: arg: don't try to add an argument on failed memory allocation - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() - BUG/MEDIUM: servers: unbreak server weight propagation - MINOR: lua: ensure the memory allocator is used all the time - MINOR: cli: Add a command to send listening sockets. - MINOR: global: Add an option to get the old listening sockets. - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. - MINOR: doc: document the -x flag - MINOR: proxy: Don't close FDs if not our proxy. - MINOR: socket transfer: Set a timeout on the socket. - MINOR: systemd wrapper: add support for passing the -x option. - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. - CLEANUP: logs: typo: simgle => single - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() - MEDIUM: config: don't check config validity when there are fatal errors - BUG/MAJOR: Use -fwrapv. - BUG/MINOR: server: don't use "proxy" when px is really meant. - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed - BUG/MINOR: server: missing default server 'resolvers' setting duplication. - MINOR: server: Extract the code responsible of copying default-server settings. - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. - MINOR: server: Add 'server-template' new keyword supported in backend sections. - MINOR: server: Add server_template_init() function to initialize servers from a templates. - DOC: Add documentation for new "server-template" keyword. - DOC: add layer 4 links/cross reference to "block" keyword. - DOC: errloc/errorloc302/errorloc303 missing status codes. - BUG/MEDIUM: lua: memory leak - CLEANUP: lua: remove test - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances - BUG/MINOR: change header-declared function to static inline - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common - MINOR: Add binary encoding request header sample fetch - MINOR: proto-http: Add sample fetch wich returns all HTTP headers - MINOR: Add ModSecurity wrapper as contrib - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. - DOC: update RFC references - CONTRIB: tcploop: add action "X" to execute a command - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. - BUG/MINOR: contrib/mod_security: fix build on FreeBSD - BUG/MINOR: checks: don't send proxy protocol with agent checks - MINOR: ssl: add prefer-client-ciphers - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx - MEDIUM: ssl: calculate the real min/max TLS version and find holes - MINOR: ssl: support TLSv1.3 for bind and server - MINOR: ssl: show methods supported by openssl - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. - CLEANUP: retire obsoleted USE_GETSOCKNAME build option - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). - MINOR: sample: Add b64dec sample converter - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything - MINOR: cli: add ACCESS_LVL_MASK to store the access level - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound - MEDIUM: ssl: add basic support for OpenSSL crypto engine - MAJOR: ssl: add openssl async mode support - MEDIUM: ssl: handle multiple async engines - MINOR: boringssl: basic support for OCSP Stapling - MEDIUM: mworker: replace systemd mode by master worker mode - MEDIUM: mworker: handle reload and signals - MEDIUM: mworker: wait mode on reload failure - MEDIUM: mworker: try to guess the next stats socket to use with -x - MEDIUM: mworker: exit-on-failure option - MEDIUM: mworker: workers exit when the master leaves - DOC: add documentation for the master-worker mode - MEDIUM: systemd: Type=forking in unit file - MAJOR: systemd-wrapper: get rid of the wrapper - MINOR: log: Add logurilen tunable. - CLEANUP: server.c: missing prototype of srv_free_dns_resolution - MINOR: dns: smallest DNS fqdn size - MINOR: dns: functions to manage memory for a DNS resolution structure - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() - REORG: dns: dns_option structure, storage of hostname_dn - MINOR: dns: new snr_check_ip_callback function - MAJOR: dns: save a copy of the DNS response in struct resolution - MINOR: dns: implement a LRU cache for DNS resolutions - MINOR: dns: make 'ancount' field to match the number of saved records - MINOR: dns: introduce roundrobin into the internal cache (WIP) - MAJOR/REORG: dns: DNS resolution task and requester queues - BUILD: ssl: fix build with OPENSSL_NO_ENGINE - MINOR: Add Mod Defender integration as contrib - CLEANUP: str2mask return code comment: non-zero -> zero. - MINOR: tools: make debug_hexdump() use a const char for the string - MINOR: tools: make debug_hexdump() take a string prefix - CLEANUP: connection: remove unused CO_FL_WAIT_DATA --- CHANGELOG | 103 ++++++++++++++++++++++++++++++++++++++++++ README | 2 +- VERDATE | 2 +- VERSION | 2 +- doc/configuration.txt | 2 +- examples/haproxy.spec | 5 +- 6 files changed, 111 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 40d24d445..bdeec3264 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,109 @@ ChangeLog : =========== +2017/06/02 : 1.8-dev2 + - CLEANUP: server: moving netinet/tcp.h inclusion + - DOC: changed "block"(deprecated) examples to http-request deny + - DOC: add few comments to examples. + - DOC: update sample code for PROXY protocol + - DOC: mention lighttpd 1.4.46 implements PROXY + - MINOR server: Restrict dynamic cookie check to the same proxy. + - DOC: stick-table is available in frontend sections + - BUG/MINOR: server : no transparent proxy for DragonflyBSD + - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() + - BUILD/MINOR: tools: fix build warning in debug_hexdump() + - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. + - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character + - BUG/MINOR: arg: don't try to add an argument on failed memory allocation + - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses + - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error + - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() + - BUG/MEDIUM: servers: unbreak server weight propagation + - MINOR: lua: ensure the memory allocator is used all the time + - MINOR: cli: Add a command to send listening sockets. + - MINOR: global: Add an option to get the old listening sockets. + - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. + - MINOR: doc: document the -x flag + - MINOR: proxy: Don't close FDs if not our proxy. + - MINOR: socket transfer: Set a timeout on the socket. + - MINOR: systemd wrapper: add support for passing the -x option. + - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. + - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. + - CLEANUP: logs: typo: simgle => single + - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() + - MEDIUM: config: don't check config validity when there are fatal errors + - BUG/MAJOR: Use -fwrapv. + - BUG/MINOR: server: don't use "proxy" when px is really meant. + - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed + - BUG/MINOR: server: missing default server 'resolvers' setting duplication. + - MINOR: server: Extract the code responsible of copying default-server settings. + - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. + - MINOR: server: Add 'server-template' new keyword supported in backend sections. + - MINOR: server: Add server_template_init() function to initialize servers from a templates. + - DOC: Add documentation for new "server-template" keyword. + - DOC: add layer 4 links/cross reference to "block" keyword. + - DOC: errloc/errorloc302/errorloc303 missing status codes. + - BUG/MEDIUM: lua: memory leak + - CLEANUP: lua: remove test + - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances + - BUG/MINOR: change header-declared function to static inline + - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common + - MINOR: Add binary encoding request header sample fetch + - MINOR: proto-http: Add sample fetch wich returns all HTTP headers + - MINOR: Add ModSecurity wrapper as contrib + - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. + - DOC: update RFC references + - CONTRIB: tcploop: add action "X" to execute a command + - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. + - BUG/MINOR: contrib/mod_security: fix build on FreeBSD + - BUG/MINOR: checks: don't send proxy protocol with agent checks + - MINOR: ssl: add prefer-client-ciphers + - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. + - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx + - MEDIUM: ssl: calculate the real min/max TLS version and find holes + - MINOR: ssl: support TLSv1.3 for bind and server + - MINOR: ssl: show methods supported by openssl + - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server + - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. + - CLEANUP: retire obsoleted USE_GETSOCKNAME build option + - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). + - MINOR: sample: Add b64dec sample converter + - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything + - MINOR: cli: add ACCESS_LVL_MASK to store the access level + - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs + - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound + - MEDIUM: ssl: add basic support for OpenSSL crypto engine + - MAJOR: ssl: add openssl async mode support + - MEDIUM: ssl: handle multiple async engines + - MINOR: boringssl: basic support for OCSP Stapling + - MEDIUM: mworker: replace systemd mode by master worker mode + - MEDIUM: mworker: handle reload and signals + - MEDIUM: mworker: wait mode on reload failure + - MEDIUM: mworker: try to guess the next stats socket to use with -x + - MEDIUM: mworker: exit-on-failure option + - MEDIUM: mworker: workers exit when the master leaves + - DOC: add documentation for the master-worker mode + - MEDIUM: systemd: Type=forking in unit file + - MAJOR: systemd-wrapper: get rid of the wrapper + - MINOR: log: Add logurilen tunable. + - CLEANUP: server.c: missing prototype of srv_free_dns_resolution + - MINOR: dns: smallest DNS fqdn size + - MINOR: dns: functions to manage memory for a DNS resolution structure + - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() + - REORG: dns: dns_option structure, storage of hostname_dn + - MINOR: dns: new snr_check_ip_callback function + - MAJOR: dns: save a copy of the DNS response in struct resolution + - MINOR: dns: implement a LRU cache for DNS resolutions + - MINOR: dns: make 'ancount' field to match the number of saved records + - MINOR: dns: introduce roundrobin into the internal cache (WIP) + - MAJOR/REORG: dns: DNS resolution task and requester queues + - BUILD: ssl: fix build with OPENSSL_NO_ENGINE + - MINOR: Add Mod Defender integration as contrib + - CLEANUP: str2mask return code comment: non-zero -> zero. + - MINOR: tools: make debug_hexdump() use a const char for the string + - MINOR: tools: make debug_hexdump() take a string prefix + - CLEANUP: connection: remove unused CO_FL_WAIT_DATA + 2017/04/03 : 1.8-dev1 - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos - BUG/MINOR: stats: make field_str() return an empty string on NULL diff --git a/README b/README index 559612cb9..f9f799408 100644 --- a/README +++ b/README @@ -3,7 +3,7 @@ ---------------------- version 1.8 willy tarreau - 2017/04/03 + 2017/06/02 1) How to build it diff --git a/VERDATE b/VERDATE index 5d3a225a0..c7f1bc4c7 100644 --- a/VERDATE +++ b/VERDATE @@ -1,2 +1,2 @@ $Format:%ci$ -2017/04/03 +2017/06/02 diff --git a/VERSION b/VERSION index d6715468e..7b7573bb9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.8-dev1 +1.8-dev2 diff --git a/doc/configuration.txt b/doc/configuration.txt index b002f409d..969734c69 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -4,7 +4,7 @@ ---------------------- version 1.8 willy tarreau - 2017/04/03 + 2017/06/02 This document covers the configuration language as implemented in the version diff --git a/examples/haproxy.spec b/examples/haproxy.spec index 99bb209a5..6f639554e 100644 --- a/examples/haproxy.spec +++ b/examples/haproxy.spec @@ -1,6 +1,6 @@ Summary: HA-Proxy is a TCP/HTTP reverse proxy for high availability environments Name: haproxy -Version: 1.8-dev1 +Version: 1.8-dev2 Release: 1 License: GPL Group: System Environment/Daemons @@ -74,6 +74,9 @@ fi %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/%{name} %changelog +* Fri Jun 2 2017 Willy Tarreau +- updated to 1.8-dev2 + * Mon Apr 3 2017 Willy Tarreau - updated to 1.8-dev1