mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-12-12 13:11:11 +01:00

Go to file

Willy Tarreau aa259f5b42 [RELEASE] Released version 3.3-dev10

Released version 3.3-dev10 with the following main changes :
    - BUG/MEDIUM: connections: Only avoid creating a mux if we have one
    - BUG/MINOR: sink: retry attempt for sft server may never occur
    - CLEANUP: mjson: remove MJSON_ENABLE_RPC code
    - CLEANUP: mjson: remove MJSON_ENABLE_PRINT code
    - CLEANUP: mjson: remove MJSON_ENABLE_NEXT code
    - CLEANUP: mjson: remove MJSON_ENABLE_BASE64 code
    - CLEANUP: mjson: remove unused defines and math.h
    - BUG/MINOR: http-ana: Reset analyse_exp date after 'wait-for-body' action
    - CLEANUP: mjson: remove unused defines from mjson.h
    - BUG/MINOR: acme: avoid overflow when diff > notAfter
    - DEV: patchbot: use git reset+checkout instead of pull
    - MINOR: proxy: explicitly permit abortonclose on frontends and clarify the doc
    - REGTESTS: fix h2_desync_attacks to wait for the response
    - REGTESTS: http-messaging: fix the websocket and upgrade tests not to close early
    - MINOR: proxy: only check abortonclose through a dedicated function
    - MAJOR: proxy: enable abortonclose by default on HTTP proxies
    - MINOR: proxy: introduce proxy_abrt_close_def() to pass the desired default
    - MAJOR: proxy: enable abortonclose by default on TLS listeners
    - MINOR: h3/qmux: Set QC_SF_UNKNOWN_PL_LENGTH flag on QCS when headers are sent
    - MINOR: stconn: Add two fields in sedesc to replace the HTX extra value
    - MINOR: h1-htx: Increment body len when parsing a payload with no xfer length
    - MINOR: mux-h1: Set known input payload length during demux
    - MINOR: mux-fcgi: Set known input payload length during demux
    - MINOR: mux-h2: Use <body_len> H2S field for payload without content-length
    - MINOR: mux-h2: Set known input payload length of the sedesc
    - MINOR: h3: Set known input payload length of the sedesc
    - MINOR: stconn: Move data from kip to kop when data are sent to the consumer
    - MINOR: filters: Reset knwon input payload length if a data filter is used
    - MINOR: hlua/http-fetch: Use <kip> instead of HTX extra field to get body size
    - MINOR: cache: Use the <kip> value to check too big objects
    - MINOR: compression: Use the <kip> value to check body size
    - MEDIUM: mux-h1: Stop to use HTX extra value when formatting message
    - MEDIUM: htx: Remove the HTX extra field
    - MEDIUM: acme: don't insert acme account key in ckchs_tree
    - BUG/MINOR: acme: memory leak from the config parser
    - CI: cirrus-ci: bump FreeBSD image to 14-3
    - BUG/MEDIUM: ssl: take care of second client hello
    - BUG/MINOR: ssl: always clear the remains of the first hello for the second one
    - BUG/MEDIUM: stconn: Properly forward kip to the opposite SE descriptor
    - MEDIUM: applet: Forward <kip> to applets
    - DEBUG: mux-h1: Dump <kip> and <kop> values with sedesc info
    - BUG/MINOR: ssl: leak in ssl-f-use
    - BUG/MINOR: ssl: leak crtlist_name in ssl-f-use
    - BUILD: makefile: disable tail calls optimizations with memory profiling
    - BUG/MEDIUM: apppet: Improve spinning loop detection with the new API
    - BUG/MINOR: ssl: Free global_ssl structure contents during deinit
    - BUG/MINOR: ssl: Free key_base from global_ssl structure during deinit
    - MEDIUM: jwt: Remove certificate support in jwt_verify converter
    - MINOR: jwt: Add new jwt_verify_cert converter
    - MINOR: jwt: Do not look into ckch_store for jwt_verify converter
    - MINOR: jwt: Add new "jwt" certificate option
    - MINOR: jwt: Add specific error code for known but unavailable certificate
    - DOC: jwt: Add doc about "jwt_verify_cert" converter
    - MINOR: ssl: Dump options in "show ssl cert"
    - MINOR: jwt: Add new "add/del/show ssl jwt" CLI commands
    - REGTEST: jwt: Test new CLI commands
    - BUG/MINOR: ssl: Potential NULL deref in trace macro
    - MINOR: regex: use a thread-local match pointer for pcre2
    - BUG/MEDIUM: pools: fix bad freeing of aligned pools in UAF mode
    - MEDIUM: pools: detect() when munmap() fails in UAF mode
    - TESTS: quic: useless param for b_quic_dec_int()
    - BUG/MEDIUM: pools: fix crash on filtered "show pools" output
    - BUG/MINOR: pools: don't report "limited to the first X entries" by default
    - BUG/MAJOR: lb-chash: fix key calculation when using default hash-key id
    - BUG/MEDIUM: stick-tables: Don't forget to dec count on failure.
    - BUG/MINOR: quic: check applet_putchk() for 'show quic' first line
    - TESTS: quic: fix uninit of quic_cc_path const member
    - BUILD: ssl: can't build when using -DLISTEN_DEFAULT_CIPHERS
    - BUG/MAJOR: quic: uninitialized quic_conn_closed struct members
    - BUG/MAJOR: quic: do not reset QUIC backends fds in closing state
    - BUG/MINOR: quic: SSL counters not handled
    - DOC: clarify the experimental status for certain features
    - MINOR: config: remove experimental status on tune.disable-fast-forward
    - MINOR: tree-wide: add missing TAINTED flags for some experimental directives
    - MEDIUM: config: warn when expose-experimental-directives is used for no reason
    - BUG/MEDIUM: threads/config: drop absent threads from thread groups
    - REGTESTS: remove experimental from quic/retry.vtc

2025-10-18 11:24:05 +02:00

.github

CI: github: build halog on the vtest job

2025-09-26 16:29:29 +02:00

addons

MINOR: applet: Add a flag to know an applet is using HTX buffers

2025-08-25 11:11:05 +02:00

admin

ADMIN: reload: introduce -vv mode

2025-09-29 19:29:10 +02:00

dev

DEV: patchbot: use git reset+checkout instead of pull

2025-10-08 04:38:35 +02:00

doc

[RELEASE] Released version 3.3-dev10

2025-10-18 11:24:05 +02:00

examples

MINOR: mailers: warn if mailers are configured but not actually used

2025-06-27 16:41:18 +02:00

include

BUG/MINOR: quic: SSL counters not handled

2025-10-17 12:13:43 +02:00

reg-tests

REGTESTS: remove experimental from quic/retry.vtc

2025-10-17 20:55:43 +02:00

scripts

CI: scripts: build curl with ECH support

2025-09-25 17:05:46 +02:00

src

BUG/MEDIUM: threads/config: drop absent threads from thread groups

2025-10-17 20:36:00 +02:00

tests

TESTS: quic: add unit-tests for QUIC TX part

2025-09-08 14:49:03 +02:00

.cirrus.yml

CI: cirrus-ci: bump FreeBSD image to 14-3

2025-10-09 14:06:48 +02:00

.gitattributes

MINOR: Configure the cpp userdiff driver for *.[ch] in .gitattributes

2021-02-22 18:17:57 +01:00

.gitignore

MINOR: tevt/dev: Add term_events tool

2025-01-31 10:41:50 +01:00

.mailmap

DOC: update Tim's address in .mailmap

2021-09-16 09:14:14 +02:00

.travis.yml

MEDIUM: mworker: remove USE_SYSTEMD requirement for -Ws

2024-11-20 12:07:38 +01:00

BRANCHES

DOC: clarify the experimental status for certain features

2025-10-17 18:41:13 +02:00

BSDmakefile

BUILD: makefile: commit the tiny FreeBSD makefile stub

2023-05-24 17:17:36 +02:00

CHANGELOG

[RELEASE] Released version 3.3-dev10

2025-10-18 11:24:05 +02:00

CONTRIBUTING

CLEANUP: assorted typo fixes in the code and comments

2025-04-02 11:12:20 +02:00

INSTALL

BUILD: makefile: bump the default minimum linux version to 4.17

2025-09-05 09:44:56 +02:00

LICENSE

LICENSE: add licence exception for OpenSSL

2012-09-07 13:52:26 +02:00

MAINTAINERS

MAJOR: spoe: Let the SPOE back into the game

2024-05-22 09:04:38 +02:00

Makefile

BUILD: makefile: disable tail calls optimizations with memory profiling

2025-10-10 13:45:19 +02:00

README.md

DOC: change the link to the FreeBSD CI in README.md

2024-06-03 15:21:29 +02:00

SUBVERS

BUILD: use format tags in VERDATE and SUBVERS files

2013-12-10 11:22:49 +01:00

VERDATE

[RELEASE] Released version 3.3-dev10

2025-10-18 11:24:05 +02:00

VERSION

[RELEASE] Released version 3.3-dev10

2025-10-18 11:24:05 +02:00

README.md

HAProxy

HAProxy is a free, very fast and reliable reverse-proxy offering high availability, load balancing, and proxying for TCP and HTTP-based applications.

Installation

The INSTALL file describes how to build HAProxy. A list of packages is also available on the wiki.

Getting help

The discourse and the mailing-list are available for questions or configuration assistance. You can also use the slack or IRC channel. Please don't use the issue tracker for these.

The issue tracker is only for bug reports or feature requests.

Documentation

The HAProxy documentation has been split into a number of different files for ease of use. It is available in text format as well as HTML. The wiki is also meant to replace the old architecture guide.

Please refer to the following files depending on what you're looking for:

INSTALL for instructions on how to build and install HAProxy
BRANCHES to understand the project's life cycle and what version to use
LICENSE for the project's license
CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory:

doc/intro.txt for a quick introduction on HAProxy
doc/configuration.txt for the configuration's reference manual
doc/lua.txt for the Lua's reference manual
doc/SPOE.txt for how to use the SPOE engine
doc/network-namespaces.txt for how to use network namespaces under Linux
doc/management.txt for the management guide
doc/regression-testing.txt for how to use the regression testing suite
doc/peers.txt for the peers protocol reference
doc/coding-style.txt for how to adopt HAProxy's coding style
doc/internals for developer-specific documentation (not all up to date)

License

HAProxy is licensed under GPL 2 or any later version, the headers under LGPL 2.1. See the LICENSE file for a more detailed explanation.

Languages

C 98%

Shell 0.9%

Makefile 0.5%

Lua 0.2%

Python 0.2%