From: Willy Tarreau <w@1wt.eu>
Date: Sat, 16 Oct 2021 13:24:22 +0000 (+0200)
Subject: [RELEASE] Released version 2.5-dev10
X-Git-Tag: v2.5-dev10^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2b1b4dd14d455ea49a52811b28b2ad32b7e00d5;p=thirdparty%2Fhaproxy.git

[RELEASE] Released version 2.5-dev10

Released version 2.5-dev10 with the following main changes :
    - MINOR: initcall: Rename __GLOBL and __GLOBL1.
    - MINOR: rules: add a new function new_act_rule() to allocate act_rules
    - MINOR: rules: add a file name and line number to act_rules
    - MINOR: stream: report the current rule in "show sess all" when known
    - MINOR: stream: report the current filter in "show sess all" when known
    - CLEANUP: stream: Properly indent current_rule line in "show sess all"
    - BUG/MINOR: lua: Fix lua error handling in `hlua_config_prepend_path()`
    - CI: github: switch to OpenSSL 3.0.0
    - REGTESTS: ssl: Fix references to removed option in test description
    - MINOR: ssl: Add ssllib_name_startswith precondition
    - REGTESTS: ssl: Fix ssl_errors test for OpenSSL v3
    - REGTESTS: ssl: Reenable ssl_errors test for OpenSSL only
    - REGTESTS: ssl: Use mostly TLSv1.2 in ssl_errors test
    - MEDIUM: mux-quic: rationalize tx buffers between qcc/qcs
    - MEDIUM: h3: properly manage tx buffers for large data
    - MINOR: mux-quic: standardize h3 settings sending
    - CLEANUP: h3: remove dead code
    - MINOR: mux-quic: implement standard method to detect if qcc is dead
    - MEDIUM: mux-quic: defer stream shut if remaining tx data
    - MINOR: mux: remove last occurences of qcc ring buffer
    - MINOR: quic: handle CONNECTION_CLOSE frame
    - REGTESTS: ssl: re-enable set_ssl_cert_bundle.vtc
    - MINOR: ssl: add ssl_fc_is_resumed to "option httpslog"
    - MINOR: http: Add http_auth_bearer sample fetch
    - MINOR: jwt: Parse JWT alg field
    - MINOR: jwt: JWT tokenizing helper function
    - MINOR: jwt: Insert public certificates into dedicated JWT tree
    - MINOR: jwt: jwt_header_query and jwt_payload_query converters
    - MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity
    - REGTESTS: jwt: Add tests for the jwt_verify converter
    - BUILD: jwt: fix declaration of EVP_KEY in jwt-h.h
    - MINOR: proto_tcp: use chunk_appendf() to ouput socket setup errors
    - MINOR: proto_tcp: also report the attempted MSS values in error message
    - MINOR: inet: report the faulty interface name in "bind" errors
    - MINOR: protocol: report the file and line number for binding/listening errors
    - MINOR: protocol: uniformize protocol errors
    - MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
    - BUG/MEDIUM: resolver: make sure to always use the correct hostname length
    - BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
    - MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
    - MEDIUM: listeners: split the thread mask between receiver and bind_conf
    - MINOR: listeners: add clone_listener() to duplicate listeners at boot time
    - MEDIUM: listener: add the "shards" bind keyword
    - BUG/MEDIUM: resolvers: use correct storage for the target address
    - MINOR: resolvers: merge address and target into a union "data"
    - BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
    - BUG/MEDIUM: jwt: fix base64 decoding error detection
    - BUG/MINOR: jwt: use CRYPTO_memcmp() to compare HMACs
    - DOC: jwt: fix a typo in the jwt_verify() keyword description
    - BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection
    - BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
    - BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
    - DOC: config: Move 'tcp-response content' at the right place
    - BUG/MINOR: proxy: Use .disabled field as a bitfield as documented
    - MINOR: proxy: Introduce proxy flags to replace disabled bitfield
    - MINOR: sample/arg: Be able to resolve args found in defaults sections
    - MEDIUM: proxy: Warn about ambiguous use of named defaults sections
    - MINOR: proxy: Be able to reference the defaults section used by a proxy
    - MINOR: proxy: Add PR_FL_READY flag on fully configured and usable proxies
    - MINOR: config: Finish configuration for referenced default proxies
    - MINOR: config: No longer remove previous anonymous defaults section
    - MINOR: tcpcheck: Support 2-steps args resolution in defaults sections
    - MEDIUM: rules/acl: Parse TCP/HTTP rules and acls defined in defaults sections
    - MEDIUM: tcp-rules: Eval TCP rules defined in defaults sections
    - MEDIUM: http-ana: Eval HTTP rules defined in defaults sections
    - BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
    - REGTESTS: Add scripts to test support of TCP/HTTP rules in defaults sections
    - DOC: config: Add documentation about TCP/HTTP rules in defaults section
    - DOC: config: Rework and uniformize how TCP/HTTP rules are documented
    - BUG/MINOR: proxy: Release ACLs and TCP/HTTP rules of default proxies
    - BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
    - BUG/MINOR: sample: fix backend direction flags consecutive to last fix
    - BUG/MINOR: listener: fix incorrect return on out-of-memory
    - BUG/MINOR: listener: add an error check for unallocatable trash
    - CLEANUP: listeners: remove unreachable code in clone_listener()
---

diff --git a/CHANGELOG b/CHANGELOG
index 25f79eeb45..7e51de896d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,83 @@
 ChangeLog :
 ===========
 
+2021/10/16 : 2.5-dev10
+    - MINOR: initcall: Rename __GLOBL and __GLOBL1.
+    - MINOR: rules: add a new function new_act_rule() to allocate act_rules
+    - MINOR: rules: add a file name and line number to act_rules
+    - MINOR: stream: report the current rule in "show sess all" when known
+    - MINOR: stream: report the current filter in "show sess all" when known
+    - CLEANUP: stream: Properly indent current_rule line in "show sess all"
+    - BUG/MINOR: lua: Fix lua error handling in `hlua_config_prepend_path()`
+    - CI: github: switch to OpenSSL 3.0.0
+    - REGTESTS: ssl: Fix references to removed option in test description
+    - MINOR: ssl: Add ssllib_name_startswith precondition
+    - REGTESTS: ssl: Fix ssl_errors test for OpenSSL v3
+    - REGTESTS: ssl: Reenable ssl_errors test for OpenSSL only
+    - REGTESTS: ssl: Use mostly TLSv1.2 in ssl_errors test
+    - MEDIUM: mux-quic: rationalize tx buffers between qcc/qcs
+    - MEDIUM: h3: properly manage tx buffers for large data
+    - MINOR: mux-quic: standardize h3 settings sending
+    - CLEANUP: h3: remove dead code
+    - MINOR: mux-quic: implement standard method to detect if qcc is dead
+    - MEDIUM: mux-quic: defer stream shut if remaining tx data
+    - MINOR: mux: remove last occurences of qcc ring buffer
+    - MINOR: quic: handle CONNECTION_CLOSE frame
+    - REGTESTS: ssl: re-enable set_ssl_cert_bundle.vtc
+    - MINOR: ssl: add ssl_fc_is_resumed to "option httpslog"
+    - MINOR: http: Add http_auth_bearer sample fetch
+    - MINOR: jwt: Parse JWT alg field
+    - MINOR: jwt: JWT tokenizing helper function
+    - MINOR: jwt: Insert public certificates into dedicated JWT tree
+    - MINOR: jwt: jwt_header_query and jwt_payload_query converters
+    - MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity
+    - REGTESTS: jwt: Add tests for the jwt_verify converter
+    - BUILD: jwt: fix declaration of EVP_KEY in jwt-h.h
+    - MINOR: proto_tcp: use chunk_appendf() to ouput socket setup errors
+    - MINOR: proto_tcp: also report the attempted MSS values in error message
+    - MINOR: inet: report the faulty interface name in "bind" errors
+    - MINOR: protocol: report the file and line number for binding/listening errors
+    - MINOR: protocol: uniformize protocol errors
+    - MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
+    - BUG/MEDIUM: resolver: make sure to always use the correct hostname length
+    - BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
+    - MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
+    - MEDIUM: listeners: split the thread mask between receiver and bind_conf
+    - MINOR: listeners: add clone_listener() to duplicate listeners at boot time
+    - MEDIUM: listener: add the "shards" bind keyword
+    - BUG/MEDIUM: resolvers: use correct storage for the target address
+    - MINOR: resolvers: merge address and target into a union "data"
+    - BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
+    - BUG/MEDIUM: jwt: fix base64 decoding error detection
+    - BUG/MINOR: jwt: use CRYPTO_memcmp() to compare HMACs
+    - DOC: jwt: fix a typo in the jwt_verify() keyword description
+    - BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection
+    - BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
+    - BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
+    - DOC: config: Move 'tcp-response content' at the right place
+    - BUG/MINOR: proxy: Use .disabled field as a bitfield as documented
+    - MINOR: proxy: Introduce proxy flags to replace disabled bitfield
+    - MINOR: sample/arg: Be able to resolve args found in defaults sections
+    - MEDIUM: proxy: Warn about ambiguous use of named defaults sections
+    - MINOR: proxy: Be able to reference the defaults section used by a proxy
+    - MINOR: proxy: Add PR_FL_READY flag on fully configured and usable proxies
+    - MINOR: config: Finish configuration for referenced default proxies
+    - MINOR: config: No longer remove previous anonymous defaults section
+    - MINOR: tcpcheck: Support 2-steps args resolution in defaults sections
+    - MEDIUM: rules/acl: Parse TCP/HTTP rules and acls defined in defaults sections
+    - MEDIUM: tcp-rules: Eval TCP rules defined in defaults sections
+    - MEDIUM: http-ana: Eval HTTP rules defined in defaults sections
+    - BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
+    - REGTESTS: Add scripts to test support of TCP/HTTP rules in defaults sections
+    - DOC: config: Add documentation about TCP/HTTP rules in defaults section
+    - DOC: config: Rework and uniformize how TCP/HTTP rules are documented
+    - BUG/MINOR: proxy: Release ACLs and TCP/HTTP rules of default proxies
+    - BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
+    - BUG/MINOR: sample: fix backend direction flags consecutive to last fix
+    - BUG/MINOR: listener: fix incorrect return on out-of-memory
+    - BUG/MINOR: listener: add an error check for unallocatable trash
+    - CLEANUP: listeners: remove unreachable code in clone_listener()
+
 2021/10/08 : 2.5-dev9
     - head-truc
     - REGTESTS: lua: test the httpclient:get() feature
diff --git a/VERDATE b/VERDATE
index f24e0d560d..2045b1dc0b 100644
--- a/VERDATE
+++ b/VERDATE
@@ -1,2 +1,2 @@
 $Format:%ci$
-2021/10/08
+2021/10/16
diff --git a/VERSION b/VERSION
index bad14b8471..67d55be52e 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-dev9
+2.5-dev10
diff --git a/doc/configuration.txt b/doc/configuration.txt
index a05bfa694f..db6656c7d2 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -4,7 +4,7 @@
                          ----------------------
                               version 2.5
                              willy tarreau
-                              2021/10/08
+                              2021/10/16
 
 
 This document covers the configuration language as implemented in the version