Changes since version 2.2.33 : Amaury Denoyelle (2): BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1 SCRIPTS: git-show-backports: do not truncate git-show output Aurelien DARRAGON (10): BUG/MINOR: log: fix lf_text_len() truncate inconsistency BUG/MINOR: tools/log: invalid encode_{chunk,string} usage BUG/MINOR: log: invalid snprintf() usage in sess_build_logline() BUG/MEDIUM: fd: prevent memory waste in fdtab array CLEANUP: hlua: use hlua_pusherror() where relevant DOC: management: rename show stats domain cli "dns" to "resolvers" BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct() DOC: lua: fix yield-dependent methods expected contexts BUG/MINOR: stktable: fix big-endian compatiblity in smp_to_stkey() BUG/MEDIUM: hlua/cli: fix cli applet UAF in hlua_applet_wakeup() Christopher Faulet (24): BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header BUG/MINOR: stats: Don't state the 303 redirect response is chunked BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread BUG/MINOR: cli: Atomically inc the global request counter between CLI commands BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution BUG/MEDIUM: mux-h2: Don't send RST_STREAM frame for streams with no ID BUG/MINOR: http_ana: Report -1 for %Tr for invalid response only DOC: config: Slightly improve the %Tr documentation BUG/MEDIUM: mux-h2: Increase max number of headers when encoding HEADERS frames BUG/MEDIUM: mux-h2: Check the number of headers in HEADERS frame after decoding BUG/MEDIUM: http-ana: Reset request flag about data sent to perform a L7 retry BUG/MINOR: h1-htx: Use default reason if not set when formatting the response BUG/MINOR: spoe: Check the shared waiting queue to shut applets during stopping BUG/MINOR: spoe: Allow applet creation when closing the last one during stopping REGTESTS: Fix truncated.vtc to send 0-CRLF BUG/MINOR: cli: Wait for the last ACK when FDs are xferred from the old worker BUG/MEDIUM: filters: Handle filters registered on data with no payload callback BUG/MINOR: fcgi: Don't set the status to 302 if it is already set BUG/MINOR: cli: Fix a possible infinite loop in _getsocks() BUG/MINOR: stats-json: Define JSON_INT_MAX as a signed integer Emeric Brun (2): BUG/MINOR: peers: fix expire learned from a peer not converted from ms to ticks BUG/MEDIUM: peers: prevent learning expiration too far in futur from unsync node Ilia Shipitsin (2): BUG/MINOR: fcgi-app: handle a possible strdup() failure BUG/MINOR: namespace: handle a possible strdup() failure Ilya Shipitsin (1): CI: introduce scripts/build-vtest.sh for installing VTest Lukas Tribus (1): DOC: option redispatch should mention persist options Valentine Krasnobaeva (8): BUG/MINOR: ssl/ocsp: init callback func ptr as NULL BUG/MINOR: haproxy: only tid 0 must not sleep if got signal DOC/MINOR: management: add missed -dR and -dv options BUG/MINOR: cfgparse-global: fix allowed args number for setenv BUG/MINOR: mworker: fix mworker-max-reloads parser BUG/MINOR: signal: register default handler for SIGINT in signal_init() BUG/MINOR: ssl: put ssl_sock_load_ca under SSL_NO_GENERATE_CERTIFICATES BUG/MINOR: cfgparse: fix NULL ptr dereference in cfg_parse_peers William Lallemand (8): DOC: configuration: clarify ciphersuites usage DOC: configuration: clarify ciphersuites usage (V2) BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration DOC: configuration: fix alphabetical order of bind options BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0 BUG/MEDIUM: ssl: chosing correct certificate using RSA-PSS with TLSv1.3 BUG/MEDIUM: htx: wrong count computation in htx_xfer_blks() TESTS: ist: fix wrong array size Willy Tarreau (19): BUG/MEDIUM: connection: report connection errors even when no mux is installed BUG/MEDIUM: evports: do not clear returned events list on signal BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets BUG/MINOR: h1: fix detection of upper bytes in the URI BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned BUILD: fd: errno is also needed without poll() BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning CI: scripts: fix build of vtest regarding option -C BUG/MINOR: trace: automatically start in waiting mode with "start " REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load BUG/MINOR: polling: fix time reporting when using busy polling DOC: config: improve the http-keep-alive section BUG/MEDIUM: checks: make sure to always apply offsets to now_ms in expiration BUG/MINOR: peers: make sure to always apply offsets to now_ms in expiration MINOR: cli: export cli_io_handler() to ease symbol resolution BUG/MEDIUM: sample: fix risk of overflow when replacing multiple regex back-refs BUILD: makefile: silence deprecated declarations when using OpenSSL