Changes since version 2.8.9 : Amaury Denoyelle (14): BUG/MINOR: backend: use cum_sess counters instead of cum_conn BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3 BUG/MINOR: qpack: fix error code reported on QPACK decoding failure BUG/MINOR: connection: parse PROXY TLV for LOCAL mode MEDIUM: config: prevent communication with privileged ports BUG/MINOR: quic: adjust restriction for stateless reset emission DOC: quic: specify that connection migration is not supported BUG/MINOR: quic: prevent crash on qc_kill_conn() BUG/MEDIUM: server: fix dynamic servers initial settings BUG/MEDIUM: quic: fix connection freeze on post handshake MINOR: session: rename private conns elements BUG/MAJOR: server: do not delete srv referenced by session BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1 BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe Aurelien DARRAGON (16): BUG/MINOR: log: fix lf_text_len() truncate inconsistency BUG/MINOR: tools/log: invalid encode_{chunk,string} usage BUG/MINOR: log: invalid snprintf() usage in sess_build_logline() CLEANUP: log: lf_text_len() returns a pointer not an integer DOC: lua: fix filters.txt file location MINOR: log: add dup_logsrv() helper function BUG/MINOR: log: keep the ref in dup_logger() BUG/MINOR: log: smp_rgs array issues with inherited global log directives BUG/MEDIUM: fd: prevent memory waste in fdtab array BUG/MINOR: hlua: use CertCache.set() from various hlua contexts CLEANUP: hlua: use hlua_pusherror() where relevant BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage BUG/MINOR: hlua: prevent LJMP in hlua_traceback() BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume() Christopher Faulet (15): BUG/MINOR: cli: Report an error to user if command or payload is too big BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered BUG/MEDIUM: applet: Fix applet API to put input data in a buffer BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached BUG/MINOR: stconn: Fix sc_mux_strm() return value BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header BUG/MINOR: stats: Don't state the 303 redirect response is chunked BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream BUG/MINOR: http-htx: Support default path during scheme based normalization BUG/MINOR: server: Don't reset resolver options on a new default-server line Damien Claisse (1): BUG/MINOR: server: fix slowstart behavior Frederic Lecaille (3): MINOR: net_helper: Add support for floats/doubles. BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only) Ilia Shipitsin (1): BUILD: clock: improve check for pthread_getcpuclockid() Ilya Shipitsin (1): CI: revert kernel addr randomization introduced in 3a0fc864 Remi Tricot-Le Breton (1): BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding Valentine Krasnobaeva (4): BUG/MINOR: haproxy: only tid 0 must not sleep if got signal CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp BUG/MINOR: ssl/ocsp: init callback func ptr as NULL BUG/MINOR: activity: fix Delta_calls and Delta_bytes count William Lallemand (4): BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf DOC: configuration: update the crt-list documentation BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration Willy Tarreau (20): BUG/MINOR: listener: always assign distinct IDs to shards BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented BUG/MEDIUM: peers/trace: fix crash when listing event types BUG/MEDIUM: evports: do not clear returned events list on signal BUG/MINOR: sock: handle a weird condition with connect() BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets BUG/MINOR: h1: fix detection of upper bytes in the URI BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned BUG/MEDIUM: stick-tables: properly mark stktable_data as packed BUILD: stick-tables: better mark the stktable_data as 32-bit aligned BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305 BUILD: quic: fix unused variable warning when threads are disabled DOC: config: fix incorrect section reference about custom log format REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs CI: scripts: fix build of vtest regarding option -C BUILD: fd: errno is also needed without poll() BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory BUG/MEDIUM: quic: don't blindly rely on unaligned accesses