Changes since version 2.1-dev1 : Baptiste Assmann (2): MINOR: cache: add method to cache hash MINOR: cache: allow caching of OPTIONS request Christopher Faulet (74): MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf() BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies BUG/MINOR: cache/htx: Make maxage calculation HTX aware BUG/MINOR: hlua: Make the function txn:done() HTX aware MINOR: proto_htx: Directly call htx_check_response_for_cacheability() MINOR: proto_htx: Rely on the HTX function to apply a redirect rules MINOR: proto_htx: Add the function htx_return_srv_error() MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing DOC: htx: Update comments in HTX files CLEANUP: htx: Remove the unsued function htx_add_blk_type_size() MINOR: htx: Deduce the number of used blocks from tail and head values MINOR: htx: Use an array of char to store HTX blocks MINOR: htx: Slightly update htx_dump() to report better messages DOC: htx: Add internal documentation about the HTX MAJOR: http: Deprecate and ignore the option "http-use-htx" MEDIUM: mux-h2: Remove support of the legacy HTTP mode CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones MEDIUM: http_fetch: Remove code relying on HTTP legacy mode MINOR: config: Remove tests on the option 'http-use-htx' MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new() MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets MINOR: cache: Remove tests on the option 'http-use-htx' MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx' CLEANUP: proxy: Remove the flag PR_O2_USE_HTX MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore MEDIUM: backend: Remove code relying on the HTTP legacy mode MEDIUM: hlua: Remove code relying on the legacy HTTP mode MINOR: http_act: Remove code relying on the legacy HTTP mode MEDIUM: cache: Remove code relying on the legacy HTTP mode MEDIUM: compression: Remove code relying on the legacy HTTP mode MINOR: flt_trace: Remove code relying on the legacy HTTP mode MINOR: stats: Remove code relying on the legacy HTTP mode MAJOR: filters: Remove code relying on the legacy HTTP mode MINOR: stream: Remove code relying on the legacy HTTP mode MAJOR: http: Remove the HTTP legacy code MINOR: hlua: Remove useless test on TX_CON_WANT_* flags MINOR: proto_http: Remove unused http txn flags MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN CLEANUP: proto_http: Group remaining flags of the HTTP transaction CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT CLEANUP: proto_http: Remove unecessary includes and comments CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA MINOR: proxy: Remove support of the option 'http-tunnel' DOC: config: Update as a result of the legacy HTTP removal MEDIUM: config: Remove parsing of req* and rsp* directives MINOR: proxy: Remove the unused list of block rules MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists DOC: config: Remove unsupported req* and rsp* keywords MINOR: global: Preset tune.max_http_hdr to its default value MINOR: http: Don't store raw HTTP errors in chunks anymore BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_* MINOR: config: Warn only if the option http-use-htx is used with "no" prefix BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach() BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error BUG/MINOR: http_htx: Support empty errorfiles MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class MINOR: hlua: Don't set request analyzers on response channel for lua actions MINOR: hlua: Add a flag on the lua txn to know in which context it can be used BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready BUG/MINOR: htx: Fix free space addresses calculation during a block expansion BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased Emmanuel Hocdet (10): MINOR: ssl: use STACK_OF for chain certs MINOR: ssl: add extra chain compatibility MINOR: ssl: check private key consistency in loading MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch MINOR: ssl: clean ret variable in ssl_sock_load_ckchn BUILD: ssl: BoringSSL add EVP_PKEY_base_id BUG/MINOR: ssl: fix ressource leaks on error BUG/MINOR: ssl: fix 0-RTT for BoringSSL MINOR: ssl: ssl_fc_has_early should work for BoringSSL Frédéric Lécaille (1): BUG/MEDIUM: stick-table: Wrong stick-table backends parsing. Ilya Shipitsin (1): BUILD: travis-ci: enable daily Coverity scan Jérôme Magnin (3): DOC: management: document reuse and connect counters in the CSV format DOC: management: document cache_hits and cache_lookups in the CSV format REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc Olivier Houchard (10): BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed. BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send. MEDIUM: h1: Don't try to subscribe if we managed to read data. MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request. MAJOR: fd: Get rid of the fd cache. MEDIUM: pollers: Remember the state for read and write for each threads. BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2 BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete(). BUG/MEDIUM: pollers: Clear the poll_send bits as well. Richard Russo (1): BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion Tim Duesterhus (1): DOC: Add 'Question.md' issue template, discouraging asking questions William Lallemand (9): MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file() MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file() MEDIUM: ssl: split the loading of the certificates MEDIUM: ssl: lookup and store in a ckch_node tree MEDIUM: ssl: load DH param in struct cert_key_and_chain BUG/BUILD: ssl: fix build with openssl < 1.0.2 BUG/MEDIUM: ssl: does not try to free a DH in a ckch BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle BUG/MEDIUM: ssl: open the right path for multi-cert bundle Willy Tarreau (71): BUG/MINOR: dns: remove irrelevant dependency on a client connection MINOR: applet: make appctx use their own pool BUG/MEDIUM: http/htx: unbreak option http_proxy BUG/MINOR: backend: do not try to install a mux when the connection failed BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop MINOR: connection: add conn_get_src() and conn_get_dst() MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping MINOR: ssl: switch to conn_get_dst() to retrieve the destination address MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst} MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy() MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses MINOR: http/htx: use conn_get_dst() to retrieve the destination address MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses MINOR: http: check the source address via conn_get_src() in sample fetch functions CLEANUP: connection: remove the now unused conn_get_{from,to}_addr() MINOR: connection: add new src and dst fields MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to} MINOR: ssl-sock: use conn->dst instead of &conn->addr.to MINOR: lua: switch to conn->dst for a connection's target address MINOR: peers: use conn->dst for the peer's target address MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst} MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst} MINOR: proxy: switch to conn->src in error snapshots MINOR: session: use conn->src instead of conn->addr.from MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst} MINOR: unix: use conn->dst for the target address in ->connect() MINOR: sockpair: use conn->dst for the target address in ->connect() MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to} MINOR: checks: replace conn->addr.to with conn->dst MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst} MINOR: http: convert conn->addr.from to conn->src in sample fetches MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst} MINOR: connection: create a new pool for struct sockaddr_storage MEDIUM: connection: make sure all address producers allocate their address MAJOR: connection: remove the addr field MINOR: connection: don't use clear_addr() anymore, just release the address MINOR: stream: add a new target_addr entry in the stream structure MAJOR: stream: store the target address into s->target_addr MINOR: peers: now remove the remote connection setup code MEDIUM: lua: do not allocate the remote connection anymore MEDIUM: backend: always release any existing prior connection in connect_server() MEDIUM: backend: remove impossible cases from connect_server() BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff BUG/MINOR: proxy: always lock stop_proxy() BUILD: threads: add the definition of PROTO_LOCK BUG/MINOR: log: make sure writev() is not interrupted on a file output DOC: improve the wording in CONTRIBUTING about how to document a bug fix BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() MEDIUM: mux-h2: don't try to read more than needed BUG/MINOR: debug: fix a small race in the thread dumping code MINOR: wdt: also consider that waiting in the thread dumper is normal REGTESTS: checks: make 4be_1srv_health_checks more reliable BUG/MINOR: stream-int: make sure to always release empty buffers after sending BUG/MINOR: stream-int: also update analysers timeouts on activity BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data() BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition BUG/MINOR: mux-h2: always send stream window update before connection's BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak CLEANUP: mux-h2: move the demuxed frame check code in its own function BUG/MINOR: pools: don't mark the thread harmless if already isolated BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it CLEANUP: buffer: replace b_drop() with b_free() CLEANUP: task: move the cpu_time field to the task-only part