Changes since version 3.4-dev12 : Amaury Denoyelle (6): BUG/MINOR: httpclient-cli: fix uninit variable in error label MINOR: connection: define conn_select_mux_fe() MINOR: connection: define conn_select_mux_be() MINOR: connection/mux_quic: add MUX field for QMux handshake MINOR: proxy/server: reject TCP ALPN h3 without experimental MEDIUM: ssl: allow h3/QMux negotiation without explicit proto Christopher Faulet (6): BUG/MINOR: server: Properly handle init-state value during haproxy startup BUG/MINOR: httpclient-cli: Destroy http-client context if failing to start it BUG/MEDIUM: h1: Skip all h2c values from Upgrade headers during parsing BUG/MINOR: h1: Don't mask websocket protocol if multiple protocols used MINOR: haterm: Don't init haterm master pipe if not used CLEANUP: haterm: Remove "(too old kernel)" from warning message during init Olivier Houchard (2): MINOR: mux: Rename the "token" from mux_proto_list to mux_proto MEDIUM: connections: Use both mux_proto and alpn to pick a mux Remi Tricot-Le Breton (1): BUG/MINOR: jws: Add missing return value check (EVP_PKEY_get_bn_param) Willy Tarreau (38): BUG/MINOR: backend: correct parameter value validation in get_server_ph_post() BUG/MINOR: config/dns: properly fail on duplicate nameserver name detection BUG/MEDIUM: dns: fix long loops in additional records parse on name failure BUG/MEDIUM: resolvers: fix name compression pointer validation in resolv_read_name() BUG/MEDIUM: dns: fix memory leak of sockaddr in dns_session_init() error path CLEANUP: proxy: fix tiny mistakes in parse error messages CLEANUP: dns: fix misleading error messages in dns_stream_init() BUG/MINOR: server: better handling of OOM in srv_set_fqdn() BUG/MINOR: servers: use proper source of pool_conn_name in srv_settings_cpy() BUG/MEDIUM: server/cli: unlock server lock on failure in cli_parse_set_server BUG/MINOR: resolvers: fix dangling list pointer in resolvers_new() error paths BUG/MINOR: dns: fix dangling dgram pointer on dns_dgram_init() failure path BUG/MINOR: proxy: use proxy_drop() in parse_new_proxy() error path CLEANUP: resolvers: properly initialize the sample in resolv_action_do_resolve() BUG/MINOR: resolvers: report the expression error in the do-resolve() action parser BUG/MINOR: resolvers: fix leaked dgram and dns_ring struct in parse_resolve_conf() BUG/MINOR: resolvers: fix leaked fields on cfg_parse_resolvers() error paths BUG/MINOR: resolvers: fix missing task_idle destruction in resolvers_destroy() CLEANUP: proxy: fix duplicate declaration of cli_find_frontend in proxy.h CLEANUP: address a few typos and copy-paste errors in httpclient and dns DOC: internal: add a few rules about internal core principles BUG/MINOR: session/trace: use distinct flags for SESS_EV_END and _ERR CLEANUP: stick-table: uniformize the different action_inc_gpc*() REGTESTS: do not run quic/tls13_ssl_crt-list_filters in quic openssl compat mode REGTESTS: quic/issuers_chain_path: do not forget to enable QUIC compat mode BUG/MINOR: sock: store the connection error status BUG/MINOR: check: properly report errno in chk_report_conn_err() CLEANUP: tcpcheck: mention that we're a bit far for a sync errno BUG/MINOR: jwt: fix possible memory leak in convert_ecdsa_sig() error path CLEANUP: jwe: fix theoretical overflow in AAD length calculation DOC: config: further clarify that resolvers "default" exists MINOR: proxy: remove the experimental status on dynamic backends BUG/MEDIUM: limits: properly account for global.maxpipes in compute_ideal_maxconn() BUG/MINOR: jws: fix OpenSSL 3.0 version check from > to >= BUG/MINOR: server: accept server IDs above 2^31 and clarify error message BUG/MINOR: backend: fix balance hash calculation when using hash-type none MINOR: server: support hash-key id32 for a cleaner distribution MINOR: backend: support hash-key guid for a stabler distribution