Changes since version 2.4.17 : Brad Smith (1): BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX Christian Ruppert (1): BUILD: Makefile: Add Lua 5.4 autodetect Christopher Faulet (34): MEDIUM: http-ana: Add a proxy option to restrict chars in request header names REGTESTS: abortonclose: Fix some race conditions BUG/MEDIUM: config: Reset outline buffer size on realloc error in readcfgfile() BUG/MINOR: check: Reinit the buffer wait list at the end of a check BUG/MEDIUM: resolvers: Don't defer resolutions release in deinit function BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs REGTESTS: abortonclose: Add a barrier to not mix up log messages REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler REGTESTS: http_abortonclose: Extend supported versions REGTESTS: restrict_req_hdr_names: Extend supported versions BUG/MEDIUM: mailers: Set the object type for check attached to an email alert BUG/MINOR: trace: Test server existence for health-checks to get proxy BUG/MINOR: checks: Properly handle email alerts in trace messages REGTESTS: healthcheckmail: Update the test to be functionnal again REGTESTS: healthcheckmail: Relax health-check failure condition BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule BUG/MINOR: http-act: Properly generate 103 responses when several rules are used BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream REGTEESTS: filters: Fix CONNECT request in random-forwarding script BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send REGTESTS: Fix some scripts to be compatible with 2.4 and prior David CARLIER (1): BUILD/MINOR: cpuset fix build for FreeBSD 13.1 David Carlier (2): BUILD: fix build warning on solaris based systems with __maybe_unused. MINOR: tools: add get_exec_path implementation for solaris based systems. Emeric Brun (7): BUG/MEDIUM: peers: fix segfault using multiple bind on peers sections BUG/MEDIUM: peers: prevent unitialized multiple listeners on peers section DOC: peers: clarify when entry expiration date is renewed. DOC: peers: fix port number and addresses on new peers section format MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD BUG/MEDIUM: ssl/fd: unexpected fd close using async engine MINOR: fd: Add BUG_ON checks on fd_insert() Ilya Shipitsin (3): CI: determine actual LibreSSL version dynamically CI: determine actual OpenSSL version dynamically CI: re-enable gcc asan builds Remi Tricot-Le Breton (2): BUG/MINOR: ssl: Fix crash when no private key is found in pem BUG/MINOR: ssl: Do not look for key in extra files if already in pem Thayne McCombs (1): BUG/MEDIUM: sample: Fix adjusting size in word converter Tim Duesterhus (3): BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str BUG/MEDIUM: http: Properly reject non-HTTP/1.x protocols REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2) William Lallemand (3): BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list BUG/MINOR: peers: fix possible NULL dereferences at config parsing MEDIUM: mworker: set the iocb of the socketpair without using fd_insert() Willy Tarreau (15): BUG/MINOR: cfgparse: abort earlier in case of allocation error BUG/MINOR: peers: fix error reporting of "bind" lines SCRIPTS: add make-releases-json to recreate a releases.json file in download dirs SCRIPTS: make publish-release try to launch make-releases-json DOC: peers: indicate that some server settings are not usable DOC: intro: adjust the numbering of paragrams to keep the output ordered BUILD: compiler: implement unreachable for older compilers too BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs BUG/MINOR: server: do not enable DNS resolution on disabled proxies BUG/MINOR: cli/stats: add missing trailing LF after "show info json" MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames BUG/MINOR: peers/config: always fill the bind_conf's argument BUG/MEDIUM: tools: avoid calling dlsym() in static builds BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2) BUG/MINOR: tools: fix statistical_prng_range()'s output range