From: Willy Tarreau Date: Wed, 14 May 2025 15:01:46 +0000 (+0200) Subject: [RELEASE] Released version 3.2-dev16 X-Git-Tag: v3.2-dev16^0 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=17df04ff0980a57991909492cd7f1ec454758dbe;p=thirdparty%2Fhaproxy.git [RELEASE] Released version 3.2-dev16 Released version 3.2-dev16 with the following main changes : - BUG/MEDIUM: mux-quic: fix crash on invalid fctl frame dereference - DEBUG: pool: permit per-pool UAF configuration - MINOR: acme: add the global option 'acme.scheduler' - DEBUG: pools: add a new integrity mode "backup" to copy the released area - MEDIUM: sock-inet: re-check IPv6 connectivity every 30s - BUG/MINOR: ssl: doesn't fill conf->crt with first arg - BUG/MINOR: ssl: prevent multiple 'crt' on the same ssl-f-use line - BUG/MINOR: ssl/ckch: always free() the previous entry during parsing - MINOR: tools: ha_freearray() frees an array of string - BUG/MINOR: ssl/ckch: always ha_freearray() the previous entry during parsing - MINOR: ssl/ckch: warn when the same keyword was used twice - BUG/MINOR: threads: fix soft-stop without multithreading support - BUG/MINOR: tools: improve parse_line()'s robustness against empty args - BUG/MINOR: cfgparse: improve the empty arg position report's robustness - BUG/MINOR: server: dont depend on proxy for server cleanup in srv_drop() - BUG/MINOR: server: perform lbprm deinit for dynamic servers - MINOR: http: add a function to validate characters of :authority - BUG/MEDIUM: h2/h3: reject some forbidden chars in :authority before reassembly - MINOR: quic: account Tx data per stream - MINOR: mux-quic: account Rx data per stream - MINOR: quic: add stream format for "show quic" - MINOR: quic: display QCS info on "show quic stream" - MINOR: quic: display stream age - BUG/MINOR: cpu-topo: fix group-by-cluster policy for disordered clusters - MINOR: cpu-topo: add a new "group-by-ccx" CPU policy - MINOR: cpu-topo: provide a function to sort clusters by average capacity - MEDIUM: cpu-topo: change "performance" to consider per-core capacity - MEDIUM: cpu-topo: change "efficiency" to consider per-core capacity - MEDIUM: cpu-topo: prefer grouping by CCX for "performance" and "efficiency" - MEDIUM: config: change default limits to 1024 threads and 32 groups - BUG/MINOR: hlua: Fix Channel:data() and Channel:line() to respect documentation - DOC: config: Fix a typo in the "term_events" definition - BUG/MINOR: spoe: Don't report error on applet release if filter is in DONE state - BUG/MINOR: mux-spop: Don't report error for stream if ACK was already received - BUG/MINOR: mux-spop: Make the demux stream ID a signed integer - BUG/MINOR: mux-spop: Don't open new streams for SPOP connection on error - MINOR: mux-spop: Don't set SPOP connection state to FRAME_H after ACK parsing - BUG/MEDIUM: mux-spop: Remove frame parsing states from the SPOP connection state - BUG/MEDIUM: mux-spop: Properly handle CLOSING state - BUG/MEDIUM: spop-conn: Report short read for partial frames payload - BUG/MEDIUM: mux-spop: Properly detect truncated frames on demux to report error - BUG/MEDIUM: mux-spop; Don't report a read error if there are pending data - DEBUG: mux-spop: Review some trace messages to adjust the message or the level - DOC: config: move address formats definition to section 2 - DOC: config: move stick-tables and peers to their own section - DOC: config: move the extraneous sections out of the "global" definition - CI: AWS-LC(fips): enable unit tests - CI: AWS-LC: enable unit tests - CI: compliance: limit run on forks only to manual + cleanup - CI: musl: enable unit tests - CI: QuicTLS (weekly): limit run on forks only to manual dispatch - CI: WolfSSL: enable unit tests --- diff --git a/CHANGELOG b/CHANGELOG index 0afb236de..df60dff41 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,60 @@ ChangeLog : =========== +2025/05/14 : 3.2-dev16 + - BUG/MEDIUM: mux-quic: fix crash on invalid fctl frame dereference + - DEBUG: pool: permit per-pool UAF configuration + - MINOR: acme: add the global option 'acme.scheduler' + - DEBUG: pools: add a new integrity mode "backup" to copy the released area + - MEDIUM: sock-inet: re-check IPv6 connectivity every 30s + - BUG/MINOR: ssl: doesn't fill conf->crt with first arg + - BUG/MINOR: ssl: prevent multiple 'crt' on the same ssl-f-use line + - BUG/MINOR: ssl/ckch: always free() the previous entry during parsing + - MINOR: tools: ha_freearray() frees an array of string + - BUG/MINOR: ssl/ckch: always ha_freearray() the previous entry during parsing + - MINOR: ssl/ckch: warn when the same keyword was used twice + - BUG/MINOR: threads: fix soft-stop without multithreading support + - BUG/MINOR: tools: improve parse_line()'s robustness against empty args + - BUG/MINOR: cfgparse: improve the empty arg position report's robustness + - BUG/MINOR: server: dont depend on proxy for server cleanup in srv_drop() + - BUG/MINOR: server: perform lbprm deinit for dynamic servers + - MINOR: http: add a function to validate characters of :authority + - BUG/MEDIUM: h2/h3: reject some forbidden chars in :authority before reassembly + - MINOR: quic: account Tx data per stream + - MINOR: mux-quic: account Rx data per stream + - MINOR: quic: add stream format for "show quic" + - MINOR: quic: display QCS info on "show quic stream" + - MINOR: quic: display stream age + - BUG/MINOR: cpu-topo: fix group-by-cluster policy for disordered clusters + - MINOR: cpu-topo: add a new "group-by-ccx" CPU policy + - MINOR: cpu-topo: provide a function to sort clusters by average capacity + - MEDIUM: cpu-topo: change "performance" to consider per-core capacity + - MEDIUM: cpu-topo: change "efficiency" to consider per-core capacity + - MEDIUM: cpu-topo: prefer grouping by CCX for "performance" and "efficiency" + - MEDIUM: config: change default limits to 1024 threads and 32 groups + - BUG/MINOR: hlua: Fix Channel:data() and Channel:line() to respect documentation + - DOC: config: Fix a typo in the "term_events" definition + - BUG/MINOR: spoe: Don't report error on applet release if filter is in DONE state + - BUG/MINOR: mux-spop: Don't report error for stream if ACK was already received + - BUG/MINOR: mux-spop: Make the demux stream ID a signed integer + - BUG/MINOR: mux-spop: Don't open new streams for SPOP connection on error + - MINOR: mux-spop: Don't set SPOP connection state to FRAME_H after ACK parsing + - BUG/MEDIUM: mux-spop: Remove frame parsing states from the SPOP connection state + - BUG/MEDIUM: mux-spop: Properly handle CLOSING state + - BUG/MEDIUM: spop-conn: Report short read for partial frames payload + - BUG/MEDIUM: mux-spop: Properly detect truncated frames on demux to report error + - BUG/MEDIUM: mux-spop; Don't report a read error if there are pending data + - DEBUG: mux-spop: Review some trace messages to adjust the message or the level + - DOC: config: move address formats definition to section 2 + - DOC: config: move stick-tables and peers to their own section + - DOC: config: move the extraneous sections out of the "global" definition + - CI: AWS-LC(fips): enable unit tests + - CI: AWS-LC: enable unit tests + - CI: compliance: limit run on forks only to manual + cleanup + - CI: musl: enable unit tests + - CI: QuicTLS (weekly): limit run on forks only to manual dispatch + - CI: WolfSSL: enable unit tests + 2025/05/09 : 3.2-dev15 - BUG/MEDIUM: stktable: fix sc_*() BUG_ON() regression with ctx > 9 - BUG/MINOR: acme/cli: don't output error on success diff --git a/VERDATE b/VERDATE index 877264ece..7bd55087b 100644 --- a/VERDATE +++ b/VERDATE @@ -1,2 +1,2 @@ $Format:%ci$ -2025/05/09 +2025/05/14 diff --git a/VERSION b/VERSION index 0bb4eb2fa..6a0516453 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2-dev15 +3.2-dev16 diff --git a/doc/configuration.txt b/doc/configuration.txt index d2d7e2cfe..65c674cf4 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -3,7 +3,7 @@ Configuration Manual ---------------------- version 3.2 - 2025/05/09 + 2025/05/14 This document covers the configuration language as implemented in the version