Changes since version 2.6.7 : Amaury Denoyelle (15): BUG/MEDIUM: h3: reject request with invalid header name BUG/MEDIUM: h3: reject request with invalid pseudo header MINOR: http: extract content-length parsing from H2 BUG/MEDIUM: h3: parse content-length and reject invalid messages BUG/MINOR: quic: properly handle alloc failure in qc_new_conn() BUG/MINOR: mux-quic: remove qcs from opening-list on free BUG/MINOR: mux-quic: handle properly alloc error in qcs_new() BUG/MEDIUM: h3: fix cookie header parsing BUG/MINOR: h3: fix memleak on HEADERS parsing failure BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list BUG/MINOR: mux-quic: ignore remote unidirectional stream close BUG/MINOR: mux-quic: fix transfer of empty HTTP response MINOR: mux-quic: add traces for flow-control limit reach BUG/MINOR: h3: properly handle connection headers Aurelien DARRAGON (8): MINOR: stats: provide ctx for dumping functions MINOR: stats: introduce stats field ctx BUG/MINOR: stats: fix show stat json buffer limitation BUG/MINOR: proxy: free orgto_hdr_name in free_proxy() REGTEST: fix the race conditions in json_query.vtc REGTEST: fix the race conditions in add_item.vtc REGTEST: fix the race conditions in digest.vtc REGTEST: fix the race conditions in hmac.vtc Bertrand Jacquin (1): BUG/MEDIUM: tests: use tmpdir to create UNIX socket Cedric Paillet (2): BUG/MINOR: promex: create haproxy_backend_agg_server_status MINOR: promex: introduce haproxy_backend_agg_check_status Christopher Faulet (18): BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action BUG/MEDIIM: stconn: Flush output data before forwarding close to write side DOC: promex: Add missing backend metrics REGTESTS: fix the race conditions in iff.vtc BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned DOC: config: fix alphabetical ordering of http-after-response rules DOC: config: remove duplicated "http-response sc-set-gpt0" directive BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action BUG/MINOR: promex: Don't forget to consume the request on error BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state Daniel Corbett (1): DOC: config: fix "Address formats" chapter syntax Ilya Shipitsin (3): CI: github: split ssl lib selection based on git branch CI: github: remove redundant ASAN loop CI: github: split matrix for development and stable branches Manu Nicolas (1): CLEANUP: htx: fix a typo in an error message of http_str_to_htx Paul Barnetta (1): BUG/MINOR: mux-fcgi: Correctly set pathinfo Remi Tricot-Le Breton (7): BUG/MEDIUM: ssl: Verify error codes can exceed 63 BUG/MINOR: ssl: Fix potential overflow BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain BUG/MINOR: http: Memory leak of http redirect rules' format string BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params) BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0) BUG/MINOR: jwt: Wrong return value checked William Lallemand (14): CI: github: reintroduce openssl 1.1.1 BUILD: peers: peers-t.h depends on stick-table-t.h MINOR: mworker: display an alert upon a wait-mode exit BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task REGTESTS: startup: check maxconn computation BUG/MINOR: startup: don't use internal proxies to compute the maxconn CI: github: set ulimit -n to a greater value REGTESTS: startup: activate automatic_maxconn.vtc REGTESTS: startup: change the expected maxconn to 11000 REGTESTS: startup: add alternatives values in automatic_maxconn.vtc REGTESTS: startup: disable automatic_maxconn.vtc DOC: management: add details on "Used" status DOC: management: add details about @system-ca in "show ssl ca-file" Willy Tarreau (15): BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir OPTIM: pool: split the read_mostly from read_write parts in pool_head BUILD: makefile: build the features list dynamically BUILD: makefile: sort the features list BUG/MINOR: stick-table: report the correct action name in error message BUG/MEDIUM: peers: make "show peers" more careful about partial initialization BUG/MINOR: http-ana: make set-status also update txn->status BUG/MINOR: listeners: fix suspend/resume of inherited FDs DOC: config: fix wrong section number for "protocol prefixes" DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@" DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes BUG/MINOR: listener: close tiny race between resume_listener() and stopping BUG/MINOR: mux-h2: make sure to produce a log on invalid requests BUG/MINOR: mux-h2: add missing traces on failed headers decoding BUILD: hpack: include global.h for the trash that is needed in debug mode Youfu Zhang (1): BUG/MAJOR: fcgi: Fix uninitialized reserved bytes scientiamobile (1): LICENSE: wurfl: clarify the dummy library license.