Changes since version 2.2-dev0 : Christopher Faulet (14): BUG/MINOR: h1: Don't test the host header during response parsing BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive BUG/MINOR: stats: Fix HTML output for the frontends heading BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state MINOR: http-htx: Add some htx sample fetches for debugging purpose REGTEST: Add an HTX reg-test to check an edge case BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream Emmanuel Hocdet (6): MINOR: ssl: deduplicate ca-file MINOR: ssl: compute ca-list from deduplicate ca-file MINOR: ssl: deduplicate crl-file BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2 BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0 BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 Ilya Shipitsin (1): BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH Julien Pivotto (2): DOC: Fix ordered list in summary DOC: proxies: HAProxy only supports 3 connection modes Lukas Tribus (1): BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility Mathias Weiersmueller (1): DOC: clarify matching strings on binary fetches Olivier Houchard (6): BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity(). BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting. BUG/MEDIUM: kqueue: Make sure we report read events even when no data. BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. BUG/MEDIUM: ssl: Revamp the way early data are handled. BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd Rosen Penev (1): BUG/MINOR: ssl: openssl-compat: Fix getm_ defines Tim Duesterhus (3): CLEANUP: ssl: Clean up error handling DOC: Clarify behavior of server maxconn in HTTP mode MINOR: sample: Validate the number of bits for the sha2 converter William Dauchy (2): BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only CLEANUP: dns: resolution can never be null William Lallemand (7): DOC: ssl/cli: set/commit/abort ssl cert BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights BUG/MINOR: ssl/cli: don't overwrite the filters variable MINOR: ssl/cli: 'show ssl cert' give information on the certificates BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2 REGTEST: ssl: test the "set ssl cert" CLI command REGTEST: run-regtests: implement #REQUIRE_BINARIES Willy Tarreau (43): DOC: this is development again MINOR: version: this is development again, update the status SCRIPTS: update create-release to fix the changelog on new branches BUILD/MINOR: trace: fix use of long type in a few printf format strings DOC: move the "group" keyword at the right place MEDIUM: init: prevent process and thread creation at runtime BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible BUG/MEDIUM: listener/thread: fix a race when pausing a listener MINOR: debug: replace popen() with pipe+fork() in "debug dev exec" MEDIUM: init: set NO_NEW_PRIVS by default when supported BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state BUG/MINOR: listener/threads: always use atomic ops to clear the FD events BUG/MINOR: listener: also clear the error flag on a paused listener BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() MINOR: listener: make the wait paths cleaner and more reliable MINOR: listener: split dequeue_all_listener() in two REORG: listener: move the global listener queue code to listener.c DOC: document the listener state transitions BUG/MAJOR: dns: add minimalist error processing on the Rx path BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. DOC: listeners: add a few missing transitions BUG/MINOR: tasks: only requeue a task if it was already in the queue MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups DOC: remove references to the outdated architecture.txt BUG/MINOR: log: fix minor resource leaks on logformat error path BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers BUG/MINOR: listener: do not immediately resume on transient error BUG/MINOR: server: make "agent-addr" work on default-server line BUG/MINOR: listener: fix off-by-one in state name check BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() DOC: clarify the fact that replace-uri works on a full URI BUG/MINOR: sample: fix the closing bracket and LF in the debug converter BUG/MINOR: sample: always check converters' arguments MINOR: debug: support logging to various sinks MINOR: http: add a new "replace-path" action MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute REGTEST: make the "set ssl cert" require version 2.1 BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry BUG/MINOR: state-file: do not store duplicates in the global tree BUG/MINOR: state-file: do not leak memory on parse errors