Hi, Here finally comes the long awaited 1.7.10 after 4.5 months being too busy with 1.8 to test 1.7! No less than 54 commits were added on top of 1.7.9 to fix the quite long list of pending issues.
As some may remember, we faced a long series of issues affecting HTTP response forwarding in various corner cases including tunnel mode and closed requests or responses, leading to either timeouts, spinning CPU, memory leaks or session leaks, and more importantly, each fix led to a different new issue being uncovered. One of the benefits of this long series of issues, even if it was not fun for us to troubleshoot them, is that it made us discover a large number of remaining ones either participating to the aforementionned bugs or simply living next to them, sometimes simply hidden by the same common causes. 4 months and many fixes later, I'm reasonably confident in saying that these issues are over so it's about time to release what I hope to be the really first really trustable version of the 1.7 branch! I'm not going to rehash here the full list of fixes (first because I don't remember in details about all of them), please see the changelog for this. However I've run quite a number of tests, including those used to diagnose such bugs and their fixes, some present in commit messages, and the usual few from the tests/ directory and everything worked as expected. For this reason I'm encouraging all users of 1.7 to upgrade if they're still having occasional issues with it (and I'm pretty sure some have switched from 1.7.9 to 1.8 in the mean time). Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Sources : http://www.haproxy.org/download/1.7/src/ Git repository : http://git.haproxy.org/git/haproxy-1.7.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-1.7.git Changelog : http://www.haproxy.org/download/1.7/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Aleksandar Lazic (1): CONTRIB: halog: Add help text for -s switch in halog program Baptiste Assmann (1): BUG/MEDIUM: tcp/http: set-dst-port action broken Ben51Degrees (1): DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. Bin Wang (1): BUG/MAJOR: stream-int: don't re-arm recv if send fails Christopher Faulet (10): BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode BUG/MEDIUM: http: Close streams for connections closed before a redirect BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo BUG/MINOR: compression: Check response headers before http-response rules eval BUG/MEDIUM: http: Return an error when url_dec sample converter failed BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL BUG/MINOR: dns: Fix CLI keyword declaration BUG/MINOR: mailers: Fix a memory leak when email alerts are released BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line BUG/MINOR: listener: Allow multiple "process" options on "bind" lines David Carlier (2): BUG/MINOR: log: fixing small memory leak in error code path. BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data Davor Ocelic (1): DOC/MINOR: intro: typo, wording, formatting fixes Dragan Dosen (3): DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12 BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12 BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution Emmanuel Hocdet (2): BUG/MINOR: ssl: ocsp response with 'revoked' status is correct BUG/MINOR: ssl: OCSP_single_get0_status can return -1 Eric Salama (1): BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() Frederik Deweerdt (1): BUG/MEDIUM: ssl: fix OCSP expiry calculation Ilya Shipitsin (1): BUG/MINOR: contrib/halog: fixing small memory leak Lukas Tribus (2): DOC: 1.7 is stable BUG/MINOR: cli: restore "set ssl tls-key" command Olivier Houchard (3): MINOR: server: Handle weight increase in consistent hash. BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. Patrick Starr (1): DOC: fix some typos Ryan O'Hara (2): CONTRIB: iprange: Fix compiler warning in iprange.c CONTRIB: halog: Fix compiler warnings in halog.c Thierry FOURNIER (1): BUG/MINOR: Lua: The socket may be destroyed when we try to access. Willy Tarreau (20): BUG/MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH BUG/MEDIUM: lua: HTTP services must take care of body-less status codes BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service BUG/MEDIUM: epoll: ensure we always consider HUP and ERR BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O BUG/MINOR: tcp-check: don't quit with pending data in the send buffer BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers! BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment MINOR: tcp-check: make tcpcheck_main() take a check, not a connection MINOR: checks: don't create then kill a dummy connection before tcp-checks BUG/MINOR: cli: do not perform an invalid action on "set server check-port" BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore MEDIUM: http: always reject the "PRI" method BUG/MAJOR: stream: ensure analysers are always called upon close BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks BUG/MINOR: stream: fix tv_request calculation for applets BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses BUG/MEDIUM: http: don't automatically forward request close ---
