Changes since version 1.6-dev0 : Andrew Latham (1): DOC: Address issue where documentation is excluded due to a gitignore rule. Apollon Oikonomopoulos (1): BUG/MEDIUM: systemd: set KillMode to 'mixed' Arcadiy Ivanov (1): BUILD: fix "make install" to support spaces in the install dirs Baptiste Assmann (3): BUG/MINOR: config: http-request replace-header arg typo BUG: config: error in http-response replace-header number of arguments DOC: missing track-sc* in http-request rules Christian Ruppert (1): BUG/MEDIUM: regex: fix pcre_study error handling Conrad Hoffmann (2): BUG/MINOR: Fix search for -p argument in systemd wrapper. MEDIUM: Improve signal handling in systemd wrapper. Cyril Bonté (9): DOC: fix typo in Unix Socket commands BUG/MEDIUM: checks: external checks can't change server status to UP BUG/MEDIUM: checks: segfault with external checks in a backend section BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported BUG/MINOR: config: don't propagate process binding for dynamic use_backend BUG/MINOR: log: fix request flags when keep-alive is enabled BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks Dan Dubovik (1): BUG/MEDIUM: backend: Update hash to use unsigned int throughout Dave McCowan (2): BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header MEDIUM: connection: add new bit in Proxy Protocol V2 Emeric Brun (8): BUG/MINOR: ssl: rejects OCSP response without nextupdate. BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses. BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice. BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer. MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs MINOR: ssl: add statement to force some ssl options in global. BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM. Godbach (2): BUG/MINOR: server: move the directive #endif to the end of file BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped James Westby (1): DOC: expand the docs for the provided stats. Jan Seda (1): BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure. Kristoffer Grönlund (1): MINOR: systemd: Check configuration before start Lukas Tribus (4): BUILD: ssl: handle boringssl in openssl version detection BUILD: ssl: disable OCSP when using boringssl BUILD: ssl: don't call get_rfc2409_prime when using boringssl MINOR: ssl: don't use boringssl's cipher_list Marco Corte (1): MINOR: stats: fix minor typo in HTML page Matt Robenolt (1): MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper Olivier (1): DOC: clearly state that the "show sess" output format is not fixed Olivier Doucet (1): MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() Remi Gacogne (2): BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list. Simon Horman (2): BUG/MEDIUM: Consistently use 'check' in process_chk MEDIUM: Add external check Sárközi, László (1): MINOR: deinit: fix memory leak Thierry FOURNIER (3): MINOR: http: export the function 'smp_fetch_base32' BUG/MEDIUM: http: tarpit timeout is reset MINOR: sample: add "json" converter Willy Tarreau (78): BUG/MAJOR: session: revert all the crappy client-side timeout changes BUG/MINOR: logs: properly initialize and count log sockets BUG/MEDIUM: http: fetch "base" is not compatible with set-header BUG/MINOR: counters: do not untrack counters before logging BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() MINOR: stick-table: make stktable_fetch_key() indicate why it failed BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents BUILD: remove TODO from the spec file and add README MINOR: log: make MAX_SYSLOG_LEN overridable at build time MEDIUM: log: support a user-configurable max log line length DOC: provide an example of how to use ssl_c_sha1 BUILD: checks: external checker needs signal.h BUILD: checks: kill a minor warning on Solaris in external checks BUILD: http: fix isdigit & isspace warnings on Solaris BUG/MINOR: listener: set the listener's fd to -1 after deletion BUG/MEDIUM: unix: failed abstract socket binding is retryable MEDIUM: listener: implement a per-protocol pause() function MEDIUM: listener: support rebinding during resume() BUG/MEDIUM: unix: completely unbind abstract sockets during a pause() DOC: explicitly mention the limits of abstract namespace sockets DOC: minor fix on {sc,src}_kbytes_{in,out} DOC: fix alphabetical sort of converters MEDIUM: stick-table: implement lookup from a sample fetch MEDIUM: stick-table: add new converters to fetch table data MINOR: samples: add two converters for the date format BUG/MAJOR: http: correctly rewind the request body after start of forwarding DOC: remove references to CPU=native in the README DOC: mention that "compression offload" is ignored in defaults section DOC: mention that Squid correctly responds 400 to PPv2 header BUILD: fix dependencies between config and compat.h MINOR: session: export the function 'smp_fetch_sc_stkctr' MEDIUM: stick-table: make it easier to register extra data types BUG/MINOR: http: base32+src should use the big endian version of base32 MINOR: sample: allow IP address to cast to binary MINOR: sample: add new converters to hash input MINOR: sample: allow integers to cast to binary BUILD: report commit ID in git versions as well CLEANUP: session: move the stick counters declarations to stick_table.h MEDIUM: http: add the track-sc* actions to http-request rules BUG/MEDIUM: connection: fix proxy v2 header again! BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs MINOR: log: add a new field "%lc" to implement a per-frontend log counter BUG/MEDIUM: http: fix inverted condition in pat_match_meth() BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg() BUG/MEDIUM: acl: correctly compute the output type when a converter is used CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer MEDIUM: http: enable header manipulation for 101 responses BUG/MEDIUM: config: propagate frontend to backend process binding again. MEDIUM: config: properly propagate process binding between proxies MEDIUM: config: make the frontends automatically bind to the listeners' processes MEDIUM: config: compute the exact bind-process before listener's maxaccept MEDIUM: config: only warn if stats are attached to multi-process bind directives MEDIUM: config: report it when tcp-request rules are misplaced DOC: indicate in the doc that track-sc* can wait if data are missing MINOR: config: detect the case where a tcp-request content rule has no inspect-delay MEDIUM: systemd-wrapper: support multiple executable versions and names BUG/MEDIUM: remove debugging code from systemd-wrapper BUG/MEDIUM: http: adjust close mode when switching to backend BUG/MINOR: config: don't propagate process binding on fatal errors. BUG/MEDIUM: check: rule-less tcp-check must detect connect failures BUG/MINOR: tcp-check: report the correct failed step in the status DOC: indicate that weight zero is reported as DRAIN BUG/MEDIUM: config: avoid skipping disabled proxies BUG/MINOR: config: do not accept more track-sc than configured BUG/MEDIUM: backend: fix URI hash when a query string is present BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR BUG/MAJOR: cli: explicitly call cli_release_handler() upon error BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8 BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets BUG/BUILD: revert accidental change in the makefile from latest SSL fix BUG/MEDIUM: ssl: force a full GC in case of memory shortage MEDIUM: ssl: add support for smaller SSL records MINOR: session: release a few other pools when stopping MINOR: task: release the task pool when stopping