Changes since version 2.5-dev0 : Alex (1): DOC: use the req.ssl_sni in examples Alexandar Lazic (1): DOC/MINOR: move uuid in the configuration to the right alphabetical order Amaury Denoyelle (16): BUG/MAJOR: server: prevent deadlock when using 'set maxconn server' MINOR: errors: allow empty va_args for diag variadic macro REORG: errors: split errors reporting function from log.c CLEANUP: server: fix cosmetic of error message on sni parsing MEDIUM: errors: implement user messages buffer MINOR: log: do not discard stderr when starting is over MEDIUM: errors: implement parsing context type MINOR: errors: use user messages context in print_message MINOR: log: display exec path on first warning MINOR: errors: specify prefix "config" for parsing output MINOR: log: define server user message format REORG: server: use parsing ctx for server parsing REORG: config: use parsing ctx for server config check MINOR: server: use parsing ctx for server init addr MINOR: server: use ha_alert in server parsing functions BUG: errors: remove printf positional args for user messages context Christopher Faulet (23): BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response MINOR: h1-htx: Update h1 parsing functions to return result as a size_t MEDIUM: h1-htx: Adapt H1 data parsing to copy wrapping data in one call MINOR: mux-h1/mux-fcgi: Don't needlessly loop on data parsing MINOR: h1-htx: Move HTTP chunks parsing into a dedicated function MEDIUM: h1-htx: Split function to parse a chunk and the loop on the buffer MEDIUM: h1-htx: Add a function to parse contiguous small chunks MINOR: h1-htx: Use a correlation table to speed-up small chunks parsing MINOR: buf: Add function to realign a buffer with a specific head position MINOR: muxes/h1-htx: Realign input buffer using b_slow_realign_ofs() CLEANUP: mux-h1: Rename functions parsing input buf and filling output buf Revert "MEDIUM: http-ana: Deal with L7 retries in HTTP analysers" BUG/MINOR: http-ana: Send the right error if max retries is reached on L7 retry BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts MINOR: http-ana: Perform L7 retries because of status codes in response analyser CLEANUP: http-ana: Remove useless if statement about L7 retries BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry MINOR: backend: Don't release SI endpoint anymore in connect_server() BUG/MINOR: vars: Be sure to have a session to get checks variables CLEANUP: mux-fcgi: Don't needlessly store result of data/trailers parsing MINOR: http-ana: Use -1 status for client aborts during queuing and connect REGTESTS: Fix http_abortonclose.vtc to support -1 status for some client aborts Dragan Dosen (2): MINOR: map/acl: print the count of all the map/acl entries in "show map/acl" CLEANUP: pattern: remove export of non-existent function pattern_delete() Ilya Shipitsin (3): CI: introduce scripts/build-vtest.sh for installing VTest CI: github actions: add OpenTracing builds CI: github actions: add OpenSSL-3.0.0 builds Mark Mullan (1): DOC: intro: Fix typo in starter guide Maximilian Mader (2): CLEANUP: tools: Make errptr const in `parse_line()` MINOR: haproxy: Add `-cc` argument Miroslav Zagorac (3): BUILD/MINOR: opentracing: fixed build when using clang Revert "BUG/MINOR: opentracing: initialization after establishing daemon mode" BUG/MEDIUM: opentracing: initialization before establishing daemon and/or chroot mode Remi Tricot-Le Breton (45): CLEANUP: ssl: Move ssl_store related code to ssl_ckch.c MINOR: ssl: Allow duplicated entries in the cafile_tree MEDIUM: ssl: Chain ckch instances in ca-file entries MINOR: ssl: Add reference to default ckch instance in bind_conf MINOR: ssl: Add helper functions to create/delete cafile entries MEDIUM: ssl: Add a way to load a ca-file content from memory MINOR: ssl: Add helper function to add cafile entries MINOR: ssl: Ckch instance rebuild and cleanup factorization in CLI handler MEDIUM: ssl: Add "set+commit ssl ca-file" CLI commands REGTESTS: ssl: Add new ca-file update tests MINOR: ssl: Add "abort ssl ca-file" CLI command MINOR: ssl: Add a cafile_entry type field MINOR: ssl: Refactorize the "show certificate details" code MEDIUM: ssl: Add "show ssl ca-file" CLI command MEDIUM: ssl: Add "new ssl ca-file" CLI command MINOR: ssl: Add "del ssl ca-file" CLI command REGTESTS: ssl: Add "new/del ssl ca-file" tests DOC: ssl: Add documentation about CA file hot update commands DOC: internals: update the SSL architecture schema MINOR: ssl: Chain instances in ca-file entries MEDIUM: ssl: Add "set+commit ssl crl-file" CLI commands MEDIUM: ssl: Add "new+del crl-file" CLI commands MINOR: ssl: Add "abort ssl crl-file" CLI command MEDIUM: ssl: Add "show ssl crl-file" CLI command REGTESTS: ssl: Add "new/del ssl crl-file" tests REGTESTS: ssl: Add "set/commit ssl crl-file" test DOC: ssl: Add documentation about CRL file hot update commands BUILD/MINOR: ssl: Fix compilation with SSL enabled BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 CLEANUP: ssl: Fix coverity issues found in CA file hot update code BUG/MEDIUM: ebtree: Invalid read when looking for dup entry BUG/MINOR: server: Missing calloc return value check in srv_parse_source BUG/MINOR: peers: Missing calloc return value check in peers_register_table BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list BUG/MINOR: http: Missing calloc return value check while parsing redirect rule BUG/MINOR: http: Missing calloc return value check in make_arg_list BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future Tim Duesterhus (4): MINOR: cfgparse: Fail when encountering extra arguments in macro CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests CLEANUP: cfgparse: Remove duplication of `MAX_LINE_ARGS + 1` CI: Make matrix.py executable and add shebang William Lallemand (3): BUILD: fix compilation for OpenSSL-3.0.0-alpha17 CI: github actions: -Wno-deprecated-declarations with OpenSSL 3.0.0 BUILD: make tune.ssl.keylog available again Willy Tarreau (2): CLEANUP: backend: fix incorrect comments on locking conditions for lb functions SCRIPTS: opentracing: enable parallel builds in build-ot.sh