{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":128791889,"defaultBranch":"master","name":"haproxy","ownerLogin":"haproxy","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2018-04-09T15:17:42.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/38220289?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1716987778.0","currentOid":""},"activityList":{"items":[{"before":"f8418d3ade267e5ab28808c17af297fd1ea932a7","after":"ba958fb230d4add678913f18eb520d9d5935c968","ref":"refs/heads/master","pushedAt":"2024-05-31T16:57:33.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory\n\nIn GH issue #2586 @Bbulatov reported a theoretical null-deref in\nenv_expand() in case there's no memory anymore to expand an environment\nvariable. The function should return NULL in this case so that the only\ncaller (str2sa_range) sees it. In practice it may only happen during\nboot thus is harmless but better fix it since it's easy. This can be\nbackported to all versions where this applies.","shortMessageHtmlLink":"BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-m…"}},{"before":"f3e6dfdc9286f7fb86b6a54a6852cac9d1a61f0f","after":"f8418d3ade267e5ab28808c17af297fd1ea932a7","ref":"refs/heads/master","pushedAt":"2024-05-31T11:46:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"ADMIN: acme.sh: remove the old acme.sh code\n\nRemove the acme.sh script since it was merged in\nhttps://github.com/acmesh-official/acme.sh/pull/4581\n\nSo people don't try to download a script which is not up to date with\nthe current acme.sh master.","shortMessageHtmlLink":"ADMIN: acme.sh: remove the old acme.sh code"}},{"before":"485b206f61c3b03caa0d21f9e16465b1c298003b","after":"f3e6dfdc9286f7fb86b6a54a6852cac9d1a61f0f","ref":"refs/heads/master","pushedAt":"2024-05-30T15:04:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: VTest: accelerate package install a bit\n\nlet's check and install only package is required","shortMessageHtmlLink":"CI: VTest: accelerate package install a bit"}},{"before":"09db70d021d71992377c7f0c03974d65008d569e","after":"485b206f61c3b03caa0d21f9e16465b1c298003b","ref":"refs/heads/master","pushedAt":"2024-05-30T11:54:19.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: replace the README by a markdown version\n\nThis patch removes the old README file and replaces it with a more\nmodern markdown version which allows clickable links on the github page.\n\nIt also adds some of the Github Actions worfklow Status.\n\nThis patch includes the HAProxy png in the doc directory.","shortMessageHtmlLink":"DOC: replace the README by a markdown version"}},{"before":"1eb0f22ee1b64d75c8535b5a48f96b6ead91a341","after":"09db70d021d71992377c7f0c03974d65008d569e","ref":"refs/heads/master","pushedAt":"2024-05-29T20:37:45.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: use USE_PCRE2 instead of USE_PCRE\n\nUSE_PCRE2 is recommended, I guess USE_PCRE is left unintentionally","shortMessageHtmlLink":"CI: use USE_PCRE2 instead of USE_PCRE"}},{"before":"5590ada4731a1f75004675680b4bdca61fa4c507","after":"1eb0f22ee1b64d75c8535b5a48f96b6ead91a341","ref":"refs/heads/master","pushedAt":"2024-05-29T13:02:58.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"[RELEASE] Released version 3.1-dev0\n\nReleased version 3.1-dev0 with the following main changes :\n    - MINOR: version: mention that it's development again","shortMessageHtmlLink":"[RELEASE] Released version 3.1-dev0"}},{"before":"8452a3f7c9e76a9648387882a83a13eee6e9b24f","after":"5590ada4731a1f75004675680b4bdca61fa4c507","ref":"refs/heads/master","pushedAt":"2024-05-29T12:45:48.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"[RELEASE] Released version 3.0.0\n\nReleased version 3.0.0 with the following main changes :\n    - MINOR: sample: implement the uptime sample fetch\n    - CI: scripts: fix build of vtest regarding option -C\n    - CI: scripts: build vtest using multiple CPUs\n    - MINOR: log: rename 'log-format tag' to 'log-format alias'\n    - DOC: config: document logformat item naming and typecasting features\n    - BUILD: makefile: yearly reordering of objects by build time\n    - BUILD: fd: errno is also needed without poll()\n    - DOC: config: fix two typos \"RST_STEAM\" vs \"RST_STREAM\"\n    - DOC: config: refer to the non-deprecated keywords in ocsp-update on/off\n    - DOC: streamline http-reuse and connection naming definition\n    - REGTESTS: complete http-reuse test with pool-conn-name\n    - DOC: config: add %ID logformat alias alternative\n    - CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp\n    - BUG/MINOR: ssl/ocsp: init callback func ptr as NULL\n    - CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat\n    - BUG/MINOR: activity: fix Delta_calls and Delta_bytes count\n    - CI: github: upgrade the WolfSSL job to 5.7.0\n    - DOC: install: update quick build reminders with some missing options\n    - DOC: install: update the range of tested openssl version to cover 3.3\n    - DEV: patchbot: prepare for new version 3.1-dev\n    - MINOR: version: mention that it's 3.0 LTS now.","shortMessageHtmlLink":"[RELEASE] Released version 3.0.0"}},{"before":"40cd5cc0e215ea5f649725385e052fab2ba38181","after":"8452a3f7c9e76a9648387882a83a13eee6e9b24f","ref":"refs/heads/master","pushedAt":"2024-05-29T08:26:12.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: install: update the range of tested openssl version to cover 3.3\n\nOpenSSL 3.3 is known to work since it's tested on the CI, to let's add\nit to the list of known good versions.","shortMessageHtmlLink":"DOC: install: update the range of tested openssl version to cover 3.3"}},{"before":"d5e43caaf541fa3d26f33fc399cf4d5b02e19282","after":"40cd5cc0e215ea5f649725385e052fab2ba38181","ref":"refs/heads/master","pushedAt":"2024-05-28T17:26:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: github: upgrade the WolfSSL job to 5.7.0\n\nWolfSSL 5.70 was released in March 2024,  let's upgrade our CI job to\nthis version.","shortMessageHtmlLink":"CI: github: upgrade the WolfSSL job to 5.7.0"}},{"before":"decb7c90dfbd90c53f6e098d783daa701699c64c","after":"d5e43caaf541fa3d26f33fc399cf4d5b02e19282","ref":"refs/heads/master","pushedAt":"2024-05-28T17:26:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: activity: fix Delta_calls and Delta_bytes count\n\nThanks to the commit 5714aff4a6bf\n\"DEBUG: pool: store the memprof bin on alloc() and update it on free()\", the\namount of memory allocations and memory \"frees\" is shown now on the same line,\ncorresponded to the caller name. This is very convenient to debug memory leaks\n(haproxy should run with -dMcaller option).\n\nThe implicit drawback of this solution is that we count twice same free_calls\nand same free_tot (bytes) values in cli_io_handler_show_profiling(), when\nwe've calculed tot_free_calls and tot_free_bytes, by adding them to the these\ntotalizators for p_alloc, malloc and calloc allocator types. See the details\nabout why this happens in a such way in __pool_free() implementation and\nalso in the commit message for 5714aff4a6bf.\n\nThis double addition of free counters falses 'Delta_calls' and 'Delta_bytes',\nsometimes we even noticed that they show negative values.\n\nSame problem was with the calculation of average allocated buffer size for\nlines, where we show simultaneously the number of allocated and freed bytes.","shortMessageHtmlLink":"BUG/MINOR: activity: fix Delta_calls and Delta_bytes count"}},{"before":"84380965a504a2a25450378de638df891c75d569","after":"decb7c90dfbd90c53f6e098d783daa701699c64c","ref":"refs/heads/master","pushedAt":"2024-05-28T17:25:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat\n\nValentine noticed this ugly SSL_CTX_get_tlsext_status_cb() macro\ndefinition inside ssl_sock.c that is dedicated to openssl-1.0.2 only.\nIt would be better placed in openssl-compat.h, which is what this\npatch does. It also addresses a missing pair of parenthesis and\nremoves an invalid extra semicolon.","shortMessageHtmlLink":"CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat"}},{"before":null,"after":"b1be86c89f61a2939585c750d5b07d3740d90a18","ref":"refs/heads/20240528-wolfssl","pushedAt":"2024-05-28T17:19:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: github: upgrade the WolfSSL job to 5.7.0\n\nWolfSSL 5.70 was released in March 2024,  let's upgrade our CI job to\nthis version.","shortMessageHtmlLink":"CI: github: upgrade the WolfSSL job to 5.7.0"}},{"before":"f9740230fcb1c41e67491c1e8de16e80cc66cc77","after":"84380965a504a2a25450378de638df891c75d569","ref":"refs/heads/master","pushedAt":"2024-05-28T16:15:01.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: ssl/ocsp: init callback func ptr as NULL\n\nIn ssl_sock_load_ocsp() it is better to initialize local scope variable\n'callback' function pointer as NULL, while we are declaring it. According to\nSSL_CTX_get_tlsext_status_cb() API, then we will provide a pointer to this\n'on stack' variable in order to check, if the callback was already set before:\n\nOpenSSL 1.x.x and 3.x.x:\n  long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));\n  long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));\n\nWolfSSL 5.7.0:\n  typedef int(*tlsextStatusCb)(WOLFSSL* ssl, void*);\n  WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb);\n  WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb);\n\nWhen this func ptr variable stays uninitialized, haproxy comipled with ASAN\ncrushes in ssl_sock_load_ocsp():\n\n  ./haproxy -d -f haproxy.cfg\n  ...\n  AddressSanitizer:DEADLYSIGNAL\n  =================================================================\n  ==114919==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x5eab8951bb32 bp 0x7ffcdd6d8410 sp 0x7ffcdd6d82e0 T0)\n  ==114919==The signal is caused by a READ memory access.\n  ==114919==Hint: address points to the zero page.\n    #0 0x5eab8951bb32 in ssl_sock_load_ocsp /home/vk/projects/haproxy/src/ssl_sock.c:1248:22\n    #1 0x5eab89510d65 in ssl_sock_put_ckch_into_ctx /home/vk/projects/haproxy/src/ssl_sock.c:3389:6\n  ...\n\nThis happens, because callback variable is allocated on the stack. As not\nbeing explicitly initialized, it may contain some garbage value at runtime,\ndue to the linked crypto library update or recompilation.\n\nSo, following ssl_sock_load_ocsp code, SSL_CTX_get_tlsext_status_cb() may\nfail, callback will still contain its initial garbage value,\n'if (!callback) {...' test will put us on the wrong path to access some\nocsp_cbk_arg properties via its pointer, which won't be set and like this\nwe will finish with segmentation fault.\n\nMust be backported in all stable versions. All versions does not have\nthe ifdef, the previous cleanup patch is useful starting from the 2.7\nversion.","shortMessageHtmlLink":"BUG/MINOR: ssl/ocsp: init callback func ptr as NULL"}},{"before":"cb64719f668f0a4f34dff344df04c3d5de426dd1","after":"6e5caf4c00df513945ecb232d19456b5462fba54","ref":"refs/heads/20240528-ocsp-cleanup","pushedAt":"2024-05-28T16:03:17.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUG/MINOR: ssl/ocsp: init callback func ptr as NULL\n\nIn ssl_sock_load_ocsp() it is better to initialize local scope variable\n'callback' function pointer as NULL, while we are declaring it. According to\nSSL_CTX_get_tlsext_status_cb() API, then we will provide a pointer to this\n'on stack' variable in order to check, if the callback was already set before:\n\nOpenSSL 1.x.x and 3.x.x:\n  long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));\n  long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));\n\nWolfSSL 5.7.0:\n  typedef int(*tlsextStatusCb)(WOLFSSL* ssl, void*);\n  WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb);\n  WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb);\n\nWhen this func ptr variable stays uninitialized, haproxy comipled with ASAN\ncrushes in ssl_sock_load_ocsp():\n\n  ./haproxy -d -f haproxy.cfg\n  ...\n  AddressSanitizer:DEADLYSIGNAL\n  =================================================================\n  ==114919==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x5eab8951bb32 bp 0x7ffcdd6d8410 sp 0x7ffcdd6d82e0 T0)\n  ==114919==The signal is caused by a READ memory access.\n  ==114919==Hint: address points to the zero page.\n    #0 0x5eab8951bb32 in ssl_sock_load_ocsp /home/vk/projects/haproxy/src/ssl_sock.c:1248:22\n    #1 0x5eab89510d65 in ssl_sock_put_ckch_into_ctx /home/vk/projects/haproxy/src/ssl_sock.c:3389:6\n  ...\n\nThis happens, because callback variable is allocated on the stack. As not\nbeing explicitly initialized, it may contain some garbage value at runtime,\ndue to the linked crypto library update or recompilation.\n\nSo, following ssl_sock_load_ocsp code, SSL_CTX_get_tlsext_status_cb() may\nfail, callback will still contain its initial garbage value,\n'if (!callback) {...' test will put us on the wrong path to access some\nocsp_cbk_arg properties via its pointer, which won't be set and like this\nwe will finish with segmentation fault.\n\nMust be backported in every stable version.","shortMessageHtmlLink":"BUG/MINOR: ssl/ocsp: init callback func ptr as NULL"}},{"before":null,"after":"cb64719f668f0a4f34dff344df04c3d5de426dd1","ref":"refs/heads/20240528-ocsp-cleanup","pushedAt":"2024-05-28T15:53:35.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"MINOR: ssl/ocsp: init callback func ptr as NULL\n\nIn ssl_sock_load_ocsp() it is better to initialize local scope variable\n'callback' function pointer as NULL, while we are declaring it. According to\nSSL_CTX_get_tlsext_status_cb() API, then we will provide a pointer to this\n'on stack' variable in order to check, if the callback was already set before:\n\nOpenSSL 1.x.x and 3.x.x:\n  long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx, int (**callback)(SSL *, void *));\n  long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx, int (*callback)(SSL *, void *));\n\nWolfSSL 5.7.0:\n  typedef int(*tlsextStatusCb)(WOLFSSL* ssl, void*);\n  WOLFSSL_API int wolfSSL_CTX_get_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb* cb);\n  WOLFSSL_API int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, tlsextStatusCb cb);\n\nWhen this func ptr variable stays uninitialized, haproxy comipled with ASAN\ncrushes in ssl_sock_load_ocsp():\n\n  ./haproxy -d -f haproxy.cfg\n  ...\n  AddressSanitizer:DEADLYSIGNAL\n  =================================================================\n  ==114919==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x5eab8951bb32 bp 0x7ffcdd6d8410 sp 0x7ffcdd6d82e0 T0)\n  ==114919==The signal is caused by a READ memory access.\n  ==114919==Hint: address points to the zero page.\n    #0 0x5eab8951bb32 in ssl_sock_load_ocsp /home/vk/projects/haproxy/src/ssl_sock.c:1248:22\n    #1 0x5eab89510d65 in ssl_sock_put_ckch_into_ctx /home/vk/projects/haproxy/src/ssl_sock.c:3389:6\n  ...\n\nThis happens, because callback variable is allocated on the stack. As not\nbeing explicitly initialized, it may contain some garbage value at runtime,\ndue to the linked crypto library update or recompilation.\n\nSo, following ssl_sock_load_ocsp code, SSL_CTX_get_tlsext_status_cb() may\nfail, callback will still contain its initial garbage value,\n'if (!callback) {...' test will put us on the wrong path to access some\nocsp_cbk_arg properties via its pointer, which won't be set and like this\nwe will finish with segmentation fault.","shortMessageHtmlLink":"MINOR: ssl/ocsp: init callback func ptr as NULL"}},{"before":"b0e1f77fead8d925d036e92561bea0d6937b9adf","after":"f9740230fcb1c41e67491c1e8de16e80cc66cc77","ref":"refs/heads/master","pushedAt":"2024-05-28T13:45:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: config: add %ID logformat alias alternative\n\nunique-id sample fetch may be used instead of %ID alias but it wasn't\nmentioned explicitly in the doc.","shortMessageHtmlLink":"DOC: config: add %ID logformat alias alternative"}},{"before":"8c09c7f39f2c49b2cfa6218051d1cf3356a16dd1","after":"b0e1f77fead8d925d036e92561bea0d6937b9adf","ref":"refs/heads/master","pushedAt":"2024-05-28T13:03:28.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"REGTESTS: complete http-reuse test with pool-conn-name\n\nAdd new test cases in http_reuse_conn_hash vtest. Ensure new server\nparameter \"pool-conn-name\" is used as expected for idle connection name,\nboth alone and mixed with a SNI.","shortMessageHtmlLink":"REGTESTS: complete http-reuse test with pool-conn-name"}},{"before":"652a6f18b217a8cca906448e57e84403a3a0a3cb","after":"8c09c7f39f2c49b2cfa6218051d1cf3356a16dd1","ref":"refs/heads/master","pushedAt":"2024-05-28T11:58:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: streamline http-reuse and connection naming definition\n\nWith the introduction of \"pool-conn-name\", documentation related to\nhttp-reuse was rendered more complex than already, notably with multiple\ncross-references between \"pool-conn-name\" and \"sni\" server keywords.\n\nTook the opportunity to improve all http-reuse related documentation.\nFirst, \"http-reuse\" keyword general purpose has been greatly expanded\nand reordered.\n\nThen, \"pool-conn-name\" and \"sni\" have been clarified, in particular the\nrelation between them, with the foremost being an advanced usage to the\ndefault SSL SNI case in the context of http-reuse. Also update\nattach-srv rule documentation as its name parameter is directly linked\nto both \"pool-conn-name\" and \"sni\".","shortMessageHtmlLink":"DOC: streamline http-reuse and connection naming definition"}},{"before":"2ed3531619f545af13ea987aff3af9101e350b9a","after":"652a6f18b217a8cca906448e57e84403a3a0a3cb","ref":"refs/heads/master","pushedAt":"2024-05-27T18:15:45.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: config: refer to the non-deprecated keywords in ocsp-update on/off\n\nThe doc for \"ocsp-update [ off | on ]\" was still referring to\n\"tune.ssl.ocsp-update.*\" instead of \"ocsp-update.*\". No backport\nneeded.","shortMessageHtmlLink":"DOC: config: refer to the non-deprecated keywords in ocsp-update on/off"}},{"before":"725fa0ecd255160090681788be34024925e7815d","after":"2ed3531619f545af13ea987aff3af9101e350b9a","ref":"refs/heads/master","pushedAt":"2024-05-27T17:52:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: config: fix two typos \"RST_STEAM\" vs \"RST_STREAM\"\n\nThese were added in 3.0-dev11 by commit 068ce2d5d2 (\"MINOR: stconn:\nAdd samples to retrieve about stream aborts\"), no backport needed.","shortMessageHtmlLink":"DOC: config: fix two typos \"RST_STEAM\" vs \"RST_STREAM\""}},{"before":"141bc5ba0dd03749b04184ce41477f63ee533926","after":"725fa0ecd255160090681788be34024925e7815d","ref":"refs/heads/master","pushedAt":"2024-05-27T17:16:05.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"BUILD: fd: errno is also needed without poll()\n\nWhen building without USE_POLL, fd.c fails on errno because that one is\nonly included when USE_POLL is set. Let's move it outside of the ifdef.","shortMessageHtmlLink":"BUILD: fd: errno is also needed without poll()"}},{"before":"7e943cdf2733387b408d489e0d31542dfd362ff6","after":"141bc5ba0dd03749b04184ce41477f63ee533926","ref":"refs/heads/master","pushedAt":"2024-05-27T15:04:40.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"DOC: config: document logformat item naming and typecasting features\n\nThe ability to give a name to a logformat_node (known as logformat item in\nthe documentation) implemented in 2ed6068f2a (\"MINOR: log: custom name for\nlogformat node\") wasn't documented.\n\nThe same goes for the ability to force the logformat_node's output type to\na specific type implemented in 1448478d62 (\"MINOR: log: explicit\ntypecasting for logformat nodes\")\n\nLet's quickly describe such new usages at the start of the custom log\nformat section.","shortMessageHtmlLink":"DOC: config: document logformat item naming and typecasting features"}},{"before":"7743debda6e7fff21abfa5b3a928487d47ec61af","after":null,"ref":"refs/heads/fix-vtest","pushedAt":"2024-05-27T10:17:18.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"}},{"before":"0a00302fabef8f8c35b84894309e7c1da534c85d","after":"7e943cdf2733387b408d489e0d31542dfd362ff6","ref":"refs/heads/master","pushedAt":"2024-05-27T10:17:03.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: scripts: build vtest using multiple CPUs\n\nNow that vtest supports make -j, let's use it to save a bit of time\n(the build time is ~6s per test by default).","shortMessageHtmlLink":"CI: scripts: build vtest using multiple CPUs"}},{"before":"ca76c0d14aa991b3d084bf06961712001bf9b659","after":"7743debda6e7fff21abfa5b3a928487d47ec61af","ref":"refs/heads/fix-vtest","pushedAt":"2024-05-27T10:14:29.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: scripts: build vtest using multiple CPUs\n\nNow that vtest supports make -j, let's use it to save a bit of time\n(the build time is ~6s per test by default).","shortMessageHtmlLink":"CI: scripts: build vtest using multiple CPUs"}},{"before":"2bc008ca28391050d0ed9cf87e23edd8ba410345","after":"ca76c0d14aa991b3d084bf06961712001bf9b659","ref":"refs/heads/fix-vtest","pushedAt":"2024-05-27T10:06:35.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: scripts: build vtest using multiple CPUs\n\nNow that vtest supports make -j, let's use it to save a bit of time\n(the build time is ~6s per test by default).","shortMessageHtmlLink":"CI: scripts: build vtest using multiple CPUs"}},{"before":"16548844a9b78889ec93371c3213bf77a8400905","after":"2bc008ca28391050d0ed9cf87e23edd8ba410345","ref":"refs/heads/fix-vtest","pushedAt":"2024-05-27T10:01:38.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: scripts: build vtest using multiple CPUs\n\nNow that vtest supports make -j, let's use it to save a bit of time\n(the build time is ~6s by default).","shortMessageHtmlLink":"CI: scripts: build vtest using multiple CPUs"}},{"before":null,"after":"16548844a9b78889ec93371c3213bf77a8400905","ref":"refs/heads/fix-vtest","pushedAt":"2024-05-27T09:55:37.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"CI: scripts: fix build of vtest regarding option -C\n\nOn Linux, GNU make emits \"w\" at the beginning of the MAKEFLAGS\nvariable if -C is passed, which happens since vtest d6d228bcb3.\nIn fact it emits any of the command line flags without the leading\n'-' in this case. gmake doesn't do that on BSD apparently. It's\ndocumented under Options/Recursion in the GNU make doc. There's\nalso MFLAGS that could work but it does not contain the variables\ndefinitions. So let's just avoid the -C that we don't really need.\n\nThis needs to be backported to stable versions.","shortMessageHtmlLink":"CI: scripts: fix build of vtest regarding option -C"}},{"before":"f76e73511addd075f556449b0ebf33c9f7a5184b","after":"0a00302fabef8f8c35b84894309e7c1da534c85d","ref":"refs/heads/master","pushedAt":"2024-05-27T09:08:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"MINOR: sample: implement the uptime sample fetch\n\n'uptime' returns the uptime of the current HAProxy worker in seconds.","shortMessageHtmlLink":"MINOR: sample: implement the uptime sample fetch"}},{"before":"45a187304e03d411eab209140b389db9c343f4f4","after":"f76e73511addd075f556449b0ebf33c9f7a5184b","ref":"refs/heads/master","pushedAt":"2024-05-24T15:58:46.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"haproxy-mirror","name":null,"path":"/haproxy-mirror","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38239150?s=80&v=4"},"commit":{"message":"[RELEASE] Released version 3.0-dev13\n\nReleased version 3.0-dev13 with the following main changes :\n    - CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf\n    - MINOR: ssl: check parameter in ckch_conf_cmp()\n    - BUG/MINOR: ring: free ring's allocated area not ring's usable area when using maps\n    - DOC: configuration: rework the crt-store load documentation\n    - DEBUG: tools: add vma_set_name() helper\n    - DEBUG: shctx: name shared memory using vma_set_name()\n    - DEBUG: sink: add name hint for memory area used by memory-backed sinks\n    - DEBUG: pollers: add name hint for large memory areas used by pollers\n    - DEBUG: errors: add name hint for startup-logs memory area\n    - DEBUG: fd: add name hint for large memory areas\n    - MEDIUM: ssl: don't load file by discovering them in crt-store\n    - DOC: configuration: update the crt-list documentation\n    - DOC: configuration: add the supported crt-store options in crt-list\n    - BUG/MEDIUM: proto: fix fd leak in <proto>_connect_server\n    - MINOR: sock: set conn->err_code in case of EPERM\n    - BUG/MINOR: http-ana: Don't crush stream termination condition on internal error\n    - MAJOR: spoe: Let the SPOE back into the game\n    - BUG/MINOR: connection: parse PROXY TLV for LOCAL mode\n    - BUG/MINOR: server: free PROXY v2 TLVs on srv drop\n    - MINOR: rhttp: add log on connection allocation failure\n    - BUG/MEDIUM: rhttp: fix preconnect on single-thread\n    - BUG/MINOR: rhttp: prevent listener suspend\n    - BUG/MINOR: rhttp: fix task_wakeup state\n    - MINOR: session: define flag to explicitely release listener on free\n    - MEDIUM: rhttp: create session for active preconnect\n    - MINOR: rhttp: support PROXY emission on preconnect\n    - MINOR: connection: support PROXY v2 TLV emission without stream\n    - MINOR: traces: enumerate the list of levels/verbosities when not found\n    - BUG/MINOR: sock: fix sock_create_server_socket\n    - MINOR: proto: fix coding style\n    - BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)\n    - REGTESTS: scripts: allow to change the vtest timeout\n    - BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305\n    - CI: scripts/build-ssl.sh: loudly fail on unsupported platforms\n    - BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream\n    - MINOR: mux-quic: Set abort info for SC-less QCS on STOP_SENDING frame\n    - CI: scripts/build-ssl: add a DESTDIR and TMPDIR variable\n    - CI: scripts/buil-ssl: cleanup the boringssl and quictls build\n    - MINOR: config: add thread-hard-limit to set an upper bound to nbthread\n    - BUILD: quic: fix unused variable warning when threads are disabled\n    - BUG/MEDIUM: stick-tables: Fix race with peers when trashing oldest entries\n    - BUG/MEDIUM: stick-tables: Fix race with peers when killing a sticky session\n    - BUG/MEDIUM: stick-tables: make sure never to create two same remote entries\n    - CLEANUP: stick-tables: remove a few unneeded tests for use_wrlock\n    - MINOR: stick-tables: remove the uneeded read lock in stksess_free()\n    - CLEANUP: tools: fix vma_set_name() function comment\n    - DEBUG: tools: add vma_set_name_id() helper\n    - DEBUG: pollers/fd: add thread id suffix to per-thread memory areas name hints\n    - DOC: config: fix aes_gcm_enc() description text\n    - BUILD: trace: fix warning on null dereference\n    - MEDIUM: config: prevent communication with privileged ports\n    - MAJOR: config: prevent QUIC with clients privileged port by default\n    - BUG/MINOR: quic: adjust restriction for stateless reset emission\n    - MINOR: quic: clarify doc for quic_recv()\n    - MINOR: server: generalize sni expr parsing\n    - MINOR: server: define pool-conn-name keyword\n    - MEDIUM: connection: use pool-conn-name instead of sni on reuse\n    - BUG/MINOR: rhttp: initialize session origin after preconnect reversal\n    - BUG/MEDIUM: server/dns: preserve server's port upon resolution timeout or error\n    - BUG/MINOR: http-htx: Support default path during scheme based normalization\n    - BUG/MINOR: server: Don't reset resolver options on a new default-server line\n    - DOC: quic: specify that connection migration is not supported\n    - DOC: config: fix incorrect section reference about custom log format\n    - DOC: config: uniformize the naming and description of custom log format args\n    - DOC: config: clarify the fact that custom log format is not just for logging\n    - REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs","shortMessageHtmlLink":"[RELEASE] Released version 3.0-dev13"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEWTxD1gA","startCursor":null,"endCursor":null}},"title":"Activity · haproxy/haproxy"}