haproxy

mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-25 15:51:24 +02:00

History

Willy Tarreau a01f45e3ce BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used

Tim D�sterhus reported a possible crash in the H2 HEADERS frame decoder
when the PRIORITY flag is present. A check is missing to ensure the 5
extra bytes needed with this flag are actually part of the frame. As per
RFC7540#4.2, let's return a connection error with code FRAME_SIZE_ERROR.

Many thanks to Tim for responsibly reporting this issue with a working
config and reproducer. This issue was assigned CVE-2018-20615.

This fix must be backported to 1.9 and 1.8.

2019-01-08 13:20:59 +01:00

51d.c

CLEANUP: Fix typo in the 51d subsystem

2018-12-02 18:41:54 +01:00

acl.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

action.c

MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_*

2017-10-31 11:36:12 +01:00

activity.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

applet.c

MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}()

2018-11-18 21:41:47 +01:00

arg.c

MEDIUM: chunks: make the chunk struct's fields match the buffer struct

2018-07-19 16:23:43 +02:00

auth.c

MINOR: initcall: apply initcall to all register_build_opts() calls

2018-11-26 19:50:32 +01:00

backend.c

BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized.

2019-01-04 17:08:47 +01:00

base64.c

CLEANUP: Fix a typo in the base64 subsystem

2018-12-02 18:42:08 +01:00

buffer.c

MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()

2018-11-26 19:50:32 +01:00

cache.c

BUG/MINOR: cache: Disable the cache if any compression filter precedes it

2019-01-08 11:32:23 +01:00

cfgparse-global.c

MINOR: config: round up global.tune.bufsize to the next multiple of 2 void*

2018-12-12 06:19:42 +01:00

cfgparse-listen.c

MEDIUM: sessions: Don't keep an infinite number of idling connections.

2018-12-15 23:50:10 +01:00

cfgparse.c

MEDIUM: sessions: Don't keep an infinite number of idling connections.

2018-12-15 23:50:10 +01:00

channel.c

MINOR: channel: Add the function channel_add_input

2019-01-02 20:12:44 +01:00

checks.c

MEDIUM: checks: Add check-alpn.

2018-12-21 19:54:16 +01:00

chunk.c

MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()

2018-11-26 19:50:32 +01:00

cli.c

MINOR: cli/show_fd: report that a connection is back or not

2018-12-19 18:40:58 +01:00

compression.c

MEDIUM: init: use initcall for all fixed size pool creations

2018-11-26 19:50:32 +01:00

connection.c

CLEANUP: connection: rename subscription events values and event field

2018-12-19 14:09:21 +01:00

da.c

MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread*

2018-11-26 19:50:32 +01:00

dns.c

BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error

2018-12-21 11:36:44 +01:00

ev_epoll.c

MINOR: polling: add an option to support busy polling

2018-11-22 19:47:30 +01:00

ev_kqueue.c

MINOR: polling: add an option to support busy polling

2018-11-22 19:47:30 +01:00

ev_poll.c

MINOR: poller: move the call of tv_update_date() back to the pollers

2018-11-22 18:57:37 +01:00

ev_select.c

MINOR: poller: move the call of tv_update_date() back to the pollers

2018-11-22 18:57:37 +01:00

fd.c

BUG/MEDIUM: threads: don't close the thread waker pipe if not init

2018-12-15 23:33:32 +01:00

filters.c

BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams

2019-01-08 11:32:23 +01:00

flt_http_comp.c

BUG/MINOR: compression: Disable it if another one is already in progress

2019-01-08 11:31:56 +01:00

flt_spoe.c

MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()

2018-11-26 19:50:32 +01:00

flt_trace.c

CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions

2018-12-11 17:15:13 +01:00

freq_ctr.c

BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes

2017-10-31 18:01:18 +01:00

frontend.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

h1.c

BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing

2019-01-04 16:23:03 +01:00

h2.c

MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers

2019-01-03 18:45:38 +01:00

haproxy.c

BUILD: add a new file "version.c" to carry version updates

2019-01-04 18:20:32 +01:00

hash.c

MINOR: hash: add new function hash_crc32c

2018-03-21 05:04:01 +01:00

hathreads.c

BUILD: thread: properly report multi-thread support

2018-12-15 16:48:14 +01:00

hdr_idx.c

CLEANUP: pools: rename all pool functions and pointers to remove this "2"

2017-11-24 17:49:53 +01:00

hlua_fcn.c

CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions

2018-12-11 17:15:13 +01:00

hlua.c

BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred

2019-01-07 10:54:19 +01:00

hpack-dec.c

BUG/CRITICAL: hpack: fix improper sign check on the header index value

2018-09-20 11:45:56 +02:00

hpack-enc.c

BUG/MAJOR: hpack: fix length check for short names encoding

2018-12-16 09:38:30 +01:00

hpack-huff.c

BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits

2017-12-03 21:08:39 +01:00

hpack-tbl.c

BUG/CRITICAL: hpack: fix improper sign check on the header index value

2018-09-20 11:45:56 +02:00

http_acl.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

http_act.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

http_conv.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

http_fetch.c

MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX

2018-12-14 16:03:39 +01:00

http_htx.c

REORG: h1: merge types+proto into common/h1.h

2018-12-11 17:15:13 +01:00

http_msg.c

REORG: h1: move legacy http functions to http_msg.c

2018-12-11 17:15:13 +01:00

http_rules.c

MINOR: http: Make new "early-hint" http-request action really be parsed.

2018-11-12 21:08:55 +01:00

http.c

MEDIUM: proto_htx: Convert all HTTP error messages into HTX

2018-12-01 17:37:27 +01:00

htx.c

MINOR: htx: Add a function to truncate all blocks after a specific offset

2019-01-08 12:06:55 +01:00

i386-linux-vsys.c

MEDIUM: listener: add support for linux's accept4() syscall

2012-10-08 20:11:03 +02:00

lb_chash.c

MINOR: lb: allow redispatch when using consistent hash

2019-01-02 20:22:17 +01:00

lb_fas.c

BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations

2018-08-21 19:44:53 +02:00

lb_fwlc.c

MINOR: lb: make the leastconn algorithm more accurate

2018-12-14 08:33:28 +01:00

lb_fwrr.c

CLEANUP: Fix typo in the fwrr subsystem

2018-12-02 18:40:53 +01:00

lb_map.c

BUG/MINOR: lb-map: fix unprotected update to server's score

2018-12-02 19:22:55 +01:00

listener.c

MINOR: config: make sure to associate the proper mux to bind and servers

2018-12-02 13:29:35 +01:00

log.c

BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals

2019-01-02 20:12:02 +01:00

lru.c

MINOR: lru: new function to delete <nb> least recently used keys

2016-01-11 07:31:35 +01:00

mailers.c

MEDIUM: Add parsing of mailers section

2015-02-03 00:24:16 +01:00

map.c

CLEANUP: Fix typos in the map management functions

2018-12-02 18:40:38 +01:00

memory.c

MEDIUM: memory: make the pool cache an array and not a thread_local

2018-11-26 19:50:32 +01:00

mux_h1.c

MEDIUM: mux-h1: Clarify how shutr/shutw are handled

2019-01-08 11:31:16 +01:00

mux_h2.c

BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used

2019-01-08 13:20:59 +01:00

mux_pt.c

CLEANUP: connection: rename conn->mux_ctx to conn->ctx

2018-12-19 14:13:07 +01:00

namespace.c

MINOR: initcall: apply initcall to all register_build_opts() calls

2018-11-26 19:50:32 +01:00

pattern.c

MEDIUM: init: use self-initializing spinlocks and rwlocks

2018-11-26 19:50:32 +01:00

payload.c

MINOR: payload: add sample fetch for TLS ALPN

2019-01-01 09:15:01 +01:00

peers.c

MEDIUM: mux: provide the session to the init() and attach() method.

2018-12-15 23:50:09 +01:00

pipe.c

MEDIUM: init: use initcall for all fixed size pool creations

2018-11-26 19:50:32 +01:00

proto_http.c

BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.

2018-12-28 16:33:13 +01:00

proto_htx.c

BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer

2019-01-08 12:06:55 +01:00

proto_sockpair.c

CLEANUP: Fix typos in the socket pair protocol subsystem

2018-12-02 18:40:33 +01:00

proto_tcp.c

CLEANUP: Fix typos in the proto_tcp subsystem

2018-12-02 18:39:05 +01:00

proto_udp.c

CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept()

2016-04-14 11:18:22 +02:00

proto_uxst.c

BUG/MEDIUM: mworker: avoid leak of client socket

2018-11-27 19:34:00 +01:00

protocol.c

MEDIUM: protocol: use a custom AF_MAX to help protocol parser

2018-09-12 07:12:27 +02:00

proxy.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

queue.c

CLEANUP: Fix a typo in the queue subsystem

2018-12-02 18:40:11 +01:00

raw_sock.c

MINOR: connection: realign empty buffers in muxes, not transport layers

2018-12-14 10:51:23 +01:00

regex.c

MINOR: initcall: apply initcall to all register_build_opts() calls

2018-11-26 19:50:32 +01:00

sample.c

BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.

2018-12-07 15:31:43 +01:00

server.c

MEDIUM: checks: Add check-alpn.

2018-12-21 19:54:16 +01:00

session.c

MEDIUM: sessions: Keep track of which connections are idle.

2018-12-28 19:16:03 +01:00

sha1.c

IMPORT: sha1: import SHA1 functions

2017-10-25 04:45:48 +02:00

shctx.c

CLEANUP: Fix typos in the shctx subsystem

2018-12-02 18:40:29 +01:00

signal.c

CLEANUP: Fix a typo in the signal subsystem

2018-12-02 18:39:52 +01:00

ssl_sock.c

MEDIUM: checks: Add check-alpn.

2018-12-21 19:54:16 +01:00

standard.c

MINOR: tools: preset the port of fd-based "sockets" to zero

2018-12-15 15:40:12 +01:00

stats.c

BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped

2019-01-07 16:32:10 +01:00

stick_table.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

stream_interface.c

BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()

2019-01-03 18:45:00 +01:00

stream.c

MINOR: stream/cli: report more info about the HTTP messages on "show sess all"

2019-01-07 10:38:10 +01:00

task.c

MEDIUM: tasks: check the global task mask instead of the thread number

2018-12-14 15:49:45 +01:00

tcp_rules.c

MEDIUM: init: convert all trivial registration calls to initcalls

2018-11-26 19:50:32 +01:00

time.c

REORG: time/activity: move activity measurements to activity.{c,h}

2018-11-22 11:48:41 +01:00

trace.c

CONTRIB: trace: try to display the function's return value on exit

2017-10-24 19:54:25 +02:00

uri_auth.c

CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning

2017-11-24 17:19:12 +01:00

vars.c

MEDIUM: init: use initcall for all fixed size pool creations

2018-11-26 19:50:32 +01:00

version.c

BUILD: add a new file "version.c" to carry version updates

2019-01-04 18:20:32 +01:00

wurfl.c

MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread*

2018-11-26 19:50:32 +01:00

xxhash.c

CLEANUP: fix 2 typos in the xxhash subsystem

2018-11-18 22:23:15 +01:00