Changes since version 1.5-dev17 : Baptiste Assmann (3): DOC: typo and minor fixes in compression paragraph MINOR: config: http-request configuration error message misses new keywords DOC: minor typo fix in documentation Emeric Brun (1): BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured. Emmanuel Hocdet (1): MEDIUM: ssl: add bind-option "strict-sni" Lukas Tribus (2): DOC: simplify bind option "interface" explanation DOC: tfo: bump required kernel to linux-3.7 Marc-Antoine Perennou (3): MEDIUM: New cli option -Ds for systemd compatibility MEDIUM: add haproxy-systemd-wrapper MEDIUM: add systemd service Michael Scherer (1): BUG/MEDIUM: remove supplementary groups when changing gid Sean Carey (1): BUG/MEDIUM: config: fix parser crash with bad bind or server address Simon Horman (7): BUG/MINOR: Correct logic in cut_crlf() CLEANUP: checks: Make desc argument to set_server_check_status const CLEANUP: dumpstats: Make cli_release_handler() static MEDIUM: server: Break out set weight processing code MEDIUM: server: Allow relative weights greater than 100% MEDIUM: server: Tighten up parsing of weight string MEDIUM: checks: Add agent health check Thierry Fournier (1): BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot Willy Tarreau (63): BUG/MINOR: time: frequency counters are not totally accurate BUG/MINOR: http: don't process abortonclose when request was sent BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw() BUG/MEDIUM: checks: ignore late resets after valid responses DOC: fix bogus recommendation on usage of gpc0 counter BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request MINOR: signal: don't block SIGPROF by default OPTIM: epoll: make use of EPOLLRDHUP OPTIM: splice: detect shutdowns and avoid splice() == 0 OPTIM: splice: assume by default that splice is working correctly BUG/MINOR: log: temporary fix for lost SSL info in some situations BUG/MEDIUM: peers: only the last peers section was used by tables BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser BUG/MINOR: config: free peer's address when exiting upon parsing error BUG/MINOR: config: check the proper variable when parsing log minlvl BUG/MEDIUM: checks: ensure the health_status is always within bounds BUG/MINOR: cli: show sess should always validate s->listener BUG/MINOR: log: improper NULL return check on utoa_pad() CLEANUP: http: remove a useless null check CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener() BUG/MEDIUM: signal: signal handler does not properly check for signal bounds BUG/MEDIUM: tools: off-by-one in quote_arg() BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage BUG/MINOR: unix: remove the 'level' field from the ux struct CLEANUP: http: don't try to deinitialize http compression if it fails before init CLEANUP: config: slowstart is never negative CLEANUP: config: maxcompcpuusage is never negative BUG/MEDIUM: log: emit '-' for empty fields again BUG/MEDIUM: checks: fix a race condition between checks and observe layer7 BUILD: fix a warning emitted by isblank() on non-c99 compilers BUILD: improve the makefile's support for libpcre MEDIUM: halog: add support for counting per source address (-ic) MEDIUM: tools: make str2sa_range support all address syntaxes MEDIUM: config: make use of str2sa_range() instead of str2sa() MEDIUM: config: use str2sa_range() to parse server addresses MEDIUM: config: use str2sa_range() to parse peers addresses MINOR: tests: add a config file to ease address parsing tests. MINOR: ssl: add a global tunable for the max SSL/TLS record size BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux BUILD/MINOR: syscall: add definition of NR_accept4 for ARM MINOR: config: report missing peers section name BUG/MEDIUM: tools: fix bad character handling in str2sa_range() BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket MINOR: tools: prepare str2sa_range() to return an error message BUG/MEDIUM: checks: don't call connect() on unsupported address families MINOR: tools: prepare str2sa_range() to accept a prefix MEDIUM: tools: make str2sa_range() parse unix addresses too MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses MEDIUM: config: use a single str2sa_range() call to parse bind addresses MEDIUM: config: use str2sa_range() to parse log addresses CLEANUP: tools: remove str2sun() which is not used anymore. MEDIUM: config: add complete support for str2sa_range() in dispatch MEDIUM: config: add complete support for str2sa_range() in server addr MEDIUM: config: add complete support for str2sa_range() in 'server' MEDIUM: config: add complete support for str2sa_range() in 'peer' MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc' CLEANUP: minor cleanup in str2sa_range() and str2ip() CLEANUP: config: do not use multiple errmsg at once MEDIUM: tools: support specifying explicit address families in str2sa_range() MAJOR: listener: support inheriting a listening fd from the parent MAJOR: tools: support environment variables in addresses