Changes since version 2.6.6 : Amaury Denoyelle (41): CLEANUP: mux-quic: remove usage of non-standard ull type CLEANUP: quic: remove global var definition in quic_tls header BUG/MINOR: quic: adjust quic_tls prototypes CLEANUP: quic: fix headers CLEANUP: quic: remove unused function prototype CLEANUP: quic: remove duplicated varint code from xprt_quic.h CLEANUP: quic: create a dedicated quic_conn module BUG/MINOR: mux-quic: ignore STOP_SENDING for locally closed stream MINOR: quic: limit usage of ssl_sock_ctx in favor of quic_conn MINOR: mux-quic: check quic-conn return code on Tx CLEANUP: quic: fix indentation MEDIUM: quic: retrieve frontend destination address BUG/MINOR: quic: set IP_PKTINFO socket option for QUIC receivers only CLEANUP: quic: remove unused rxbufs member in receiver CLEANUP: quic: improve naming for rxbuf/datagrams handling MINOR: quic: implement datagram cleanup for quic_receiver_buf BUILD: ssl_sock: fix null dereference for QUIC build BUG/MINOR: quic: fix buffer overflow on retry token generation MINOR: quic: add version field on quic_rx_packet MINOR: quic: extend pn_offset field from quic_rx_packet MINOR: quic: define first packet flag MINOR: quic: extract connection retrieval MINOR: quic: split and rename qc_lstnr_pkt_rcv() MINOR: quic: refactor packet drop on reception MINOR: quic: extend Retry token check function BUG/MINOR: mux-quic: complete flow-control for uni streams MINOR: quic: do not crash on unhandled sendto error MINOR: quic: display unknown error sendto counter on stat page MINOR: quic: remove unnecessary quic_session_accept() BUG/MINOR: quic: fix subscribe operation BUG/MINOR: quic: fix race condition on datagram purging BUILD: quic: fix dubious 0-byte overflow on qc_release_lost_pkts MINOR: ncbuf: complete doc for ncb_advance() BUG/MEDIUM: quic: fix unsuccessful handshakes on ncb_advance error BUG/MEDIUM: quic: fix memleak for out-of-order crypto data MINOR: quic: complete traces/debug for handshake DOC: configuration: fix quic prefix typo MINOR: quic: report error if force-retry without cluster-secret MINOR: global: generate random cluster.secret if not defined DOC: quic: add note on performance issue with listener contention BUG/MEDIUM: quic: fix datagram dropping on queueing failed Aurelien DARRAGON (12): BUG/MINOR: hlua: fixing hlua_http_msg_del_data behavior BUG/MINOR: hlua: fixing hlua_http_msg_insert_data behavior BUG/MINOR: hlua: _hlua_http_msg_delete incorrect behavior when offset is used BUG/MINOR: hlua: hlua_channel_insert_data() behavior conflicts with documentation DOC: configuration: missing 'if' in tcp-request content example BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting BUG/MEDIUM: wdt/clock: properly handle early task hangs BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance BUG/MINOR: log: fix parse_log_message rfc5424 size check DOC: configuration.txt: add default_value for table_idle signature DOC: configuration.txt: fix typo in table_idle signature Christopher Faulet (29): REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies BUG/MINOR: stream: Perform errors handling in right order in stream_new() BUG/MEDIUM: stconn: Reset SE descriptor when we fail to create a stream BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree DOC: config: Fix pgsql-check documentation to make user param mandatory BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth() BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands BUG/MEDIUM: httpclient: Don't set EOM flag on an empty HTX message MINOR: httpclient/lua: Don't set req_payload callback if body is empty BUG/MINOR: log: Preserve message facility when the log target is a ring buffer BUG/MINOR: ring: Properly parse connect timeout BUG/MEDIUM: compression: handle rewrite errors when updating response headers BUG/MINOR: sink: Only use backend capability for the sink proxies BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers BUG/MAJOR: stick-table: don't process store-response rules for applets BUG/MINOR: http-htx: Fix error handling during parsing http replies BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure BUG/MINOR: resolvers: Set port before IP address when processing SRV records BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task BUG/MEDIUM: raw-sock: Don't report connection error if something was received BUILD: peers: Remove unused variables BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action BUILD: http-htx: Silent build error about a possible NULL start-line BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk() BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out Emeric Brun (1): BUG/MEDIUM: peers: messages about unkown tables not correctly ignored Erwan Le Goas (1): BUG/MINOR: config: don't count trailing spaces as empty arg (v2) Fatih Acar (1): BUG/MINOR: checks: update pgsql regex on auth packet Frédéric Lécaille (10): MINOR: quic: New quic_cstream object implementation MINOR: quic: Extract CRYPTO frame parsing from qc_parse_pkt_frms() MINOR: quic: Use a non-contiguous buffer for RX CRYPTO data BUG/MINOR: quic: Stalled 0RTT connections with big ClientHello TLS message MINOR: quic: Split the secrets key allocation in two parts BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk() BUILD: quic: QUIC mux build fix for 32-bit build BUILD: quic: Fix build for m68k cross-compilation BUG/MAJOR: quic: Crash upon retransmission of dgrams with several packets BUG/MAJOR: quic: Crash after discarding packet number spaces Ilya Shipitsin (5): CI: SSL: use proper version generating when "latest" semantic is used CI: SSL: temporarily stick to LibreSSL=3.5.3 CI: add monthly gcc cross compile jobs CI: switch to the "latest" LibreSSL CI: enable QUIC for LibreSSL builds Mickael Torres (1): BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers Miroslav Zagorac (1): BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file Olivier Houchard (2): BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure BUG/MEDIUM: lua: handle stick table implicit arguments right. Remi Tricot-Le Breton (3): BUG/MINOR: ssl: Memory leak of DH BIGNUM fields BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer BUG/MINOR: ssl: ocsp structure not freed properly in case of error Thierry Fournier (2): BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf BUG/MEDIUM: httpclient: segfault when the httpclient parser fails Tim Duesterhus (2): CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in matrix.py CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition William Lallemand (12): DOC: management: httpclient can resolve server names in URLs BUG/MEDIUM: httpclient/lua: crash when the lua task timeout before the httpclient BUG/MEDIUM: httpclient: check if the httpclient was released in the IO handler REGTESTS: httpclient/lua: test the lua task timeout with the httpclient CI: github: dump the backtrace of coredumps in the alpine container BUILD: Makefile: add "USE_SHM_OPEN" on the linux-musl target DOC: management: add forgotten "show startup-logs" DOC: lua: add a note about compression w/ httpclient BUG/MINOR: ssl: don't initialize the keylog callback when not required MINOR: ssl: enhance ca-file error emitting MINOR: ssl: forgotten newline in error messages on ca-file BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init Willy Tarreau (17): BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns BUG/MINOR: backend: only enforce turn-around state when not redispatching BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os MINOR: fd: add a new function to only raise RLIMIT_NOFILE MINOR: init: do not try to shrink existing RLIMIT_NOFIlE BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os BUG/MEDIUM: config: count line arguments without dereferencing the output CLEANUP: quic/receiver: remove the now unused tx_qring list BUG/MAJOR: stick-tables: do not try to index a server name for applets BUG/MINOR: server: make sure "show servers state" hides private bits BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task CI: emit the compiler's version in the build reports DOC: config: fix alphabetical ordering of global section BUG/MEDIUM: ring: fix creation of server in uninitialized ring BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns BUILD: listener: fix build warning on global_listener_rwlock without threads wrightlaw (1): BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction