Changes since version 2.3.5 : Amaury Denoyelle (3): MINOR: check: do not ignore a connection header for http-check send BUG/MINOR: backend: hold correctly lock when killing idle conn BUG/MINOR: stats: fix compare of no-maint url suffix Baptiste Assmann (1): BUG/MINOR: resolvers: new callback to properly handle SRV record errors Christopher Faulet (18): BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints() BUG/MINOR: server: Fix server-state-file-name directive CLEANUP: deinit: release global and per-proxy server-state variables on deinit BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL BUG/MINOR: server: Remove RMAINT from admin state when loading server state BUG/MINOR: sample: Always consider zero size string samples as unsafe BUG/MEDIUM: spoe: Resolve the sink if a SPOE logs in a ring buffer BUG/MINOR: http-rules: Always replace the response status on a return action BUG/MINOR: server: Init params before parsing a new server-state line BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line BUG/MEDIUM: mux-h1: Fix handling of responses to CONNECT other than 200-ok BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records BUG/MEDIUM: resolvers: Reset address for unresolved servers CLEANUP: muxes: Remove useless if condition in show_fd function Dragan Dosen (2): BUG/MINOR: sample: secure convs that accept base64 string and var name as args BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe Emeric Brun (1): CLEANUP: channel: fix comment in ci_putblk. Eric Salama (1): BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup() Ilya Shipitsin (4): BUILD: ssl: fix typo in HAVE_SSL_CTX_ADD_SERVER_CUSTOM_EXT macro BUILD: ssl: guard SSL_CTX_add_server_custom_ext with special macro BUILD: ssl: guard SSL_CTX_set_msg_callback with SSL_CTRL_SET_MSG_CALLBACK macro BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions Olivier Houchard (1): BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ(). Tim Duesterhus (1): MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes William Dauchy (2): BUG/MINOR: server: re-align state file fields number DOC: tune: explain the origin of block size for ssl.cachesize William Lallemand (1): BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert" Willy Tarreau (12): BUG/MINOR: intops: fix mul32hi()'s off-by-one BUG/MEDIUM: config: don't pick unset values from last defaults section BUG/MINOR: stats: revert the change on ST_CONVDONE BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines BUG/MINOR: session: atomically increment the tracked sessions counter BUG/MINOR: checks: properly handle wrapping time in __health_adjust() BUG/MEDIUM: checks: don't needlessly take the server lock in health_adjust() DOC: explain the relation between pool-low-conn and tune.idle-pool.shared BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop BUG/MEDIUM: cli/shutdown sessions: make it thread-safe BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal BUG/MINOR: fd: properly wait for !running_mask in fd_set_running_excl()