summaryrefslogtreecommitdiffstats
path: root/CHANGELOG
blob: 626b673149764a92dc908160d878115836e74686 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
5462
5463
5464
5465
5466
5467
5468
5469
5470
5471
5472
5473
5474
5475
5476
5477
5478
5479
5480
5481
5482
5483
5484
5485
5486
5487
5488
5489
5490
5491
5492
5493
5494
5495
5496
5497
5498
5499
5500
5501
5502
5503
5504
5505
5506
5507
5508
5509
5510
5511
5512
5513
5514
5515
5516
5517
5518
5519
5520
5521
5522
5523
5524
5525
5526
5527
5528
5529
5530
5531
5532
5533
5534
5535
5536
5537
5538
5539
5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
5566
5567
5568
5569
5570
5571
5572
5573
5574
5575
5576
5577
5578
5579
5580
5581
5582
5583
5584
5585
5586
5587
5588
5589
5590
5591
5592
5593
5594
5595
5596
5597
5598
5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
5633
5634
5635
5636
5637
5638
5639
5640
5641
5642
5643
5644
5645
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
5657
5658
5659
5660
5661
5662
5663
5664
5665
5666
5667
5668
5669
5670
5671
5672
5673
5674
5675
5676
5677
5678
5679
5680
5681
5682
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692
5693
5694
5695
5696
5697
5698
5699
5700
5701
5702
5703
5704
5705
5706
5707
5708
5709
5710
5711
5712
5713
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
5734
5735
5736
5737
5738
5739
5740
5741
5742
5743
5744
5745
5746
5747
5748
5749
5750
5751
5752
5753
5754
5755
5756
5757
5758
5759
5760
5761
5762
5763
5764
5765
5766
5767
5768
5769
5770
5771
5772
5773
5774
5775
5776
5777
5778
5779
5780
5781
5782
5783
5784
5785
5786
5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
5801
5802
5803
5804
5805
5806
5807
5808
5809
5810
5811
5812
5813
5814
5815
5816
5817
5818
5819
5820
5821
5822
5823
5824
5825
5826
5827
5828
5829
5830
5831
5832
5833
5834
5835
5836
5837
5838
5839
5840
5841
5842
5843
5844
5845
5846
5847
5848
5849
5850
5851
5852
5853
5854
5855
5856
5857
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
5889
5890
5891
5892
5893
5894
5895
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
5917
5918
5919
5920
5921
5922
5923
5924
5925
5926
5927
5928
5929
5930
5931
5932
5933
5934
5935
5936
5937
5938
5939
5940
5941
5942
5943
5944
5945
5946
5947
5948
5949
5950
5951
5952
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
5976
5977
5978
5979
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
6001
6002
6003
6004
6005
6006
6007
6008
6009
6010
6011
6012
6013
6014
6015
6016
6017
6018
6019
6020
6021
6022
6023
6024
6025
6026
6027
6028
6029
6030
6031
6032
6033
6034
6035
6036
6037
6038
6039
6040
6041
6042
6043
6044
6045
6046
6047
6048
6049
6050
6051
6052
6053
6054
6055
6056
6057
6058
6059
6060
6061
6062
6063
6064
6065
6066
6067
6068
6069
6070
6071
6072
6073
6074
6075
6076
6077
6078
6079
6080
6081
6082
6083
6084
6085
6086
6087
6088
6089
6090
6091
6092
6093
6094
6095
6096
6097
6098
6099
6100
6101
6102
6103
6104
6105
6106
6107
6108
6109
6110
6111
6112
6113
6114
6115
6116
6117
6118
6119
6120
6121
6122
6123
6124
6125
6126
6127
6128
6129
6130
6131
6132
6133
6134
6135
6136
6137
6138
6139
6140
6141
6142
6143
6144
6145
6146
6147
6148
6149
6150
6151
6152
6153
6154
6155
6156
6157
6158
6159
6160
6161
6162
6163
6164
6165
6166
6167
6168
6169
6170
6171
6172
6173
6174
6175
6176
6177
6178
6179
6180
6181
6182
6183
6184
6185
6186
6187
6188
6189
6190
6191
6192
6193
6194
6195
6196
6197
6198
6199
6200
6201
6202
6203
6204
6205
6206
6207
6208
6209
6210
6211
6212
6213
6214
6215
6216
6217
6218
6219
6220
6221
6222
6223
6224
6225
6226
6227
6228
6229
6230
6231
6232
6233
6234
6235
6236
6237
6238
6239
6240
6241
6242
6243
6244
6245
6246
6247
6248
6249
6250
6251
6252
6253
6254
6255
6256
6257
6258
6259
6260
6261
6262
6263
6264
6265
6266
6267
6268
6269
6270
6271
6272
6273
6274
6275
6276
6277
6278
6279
6280
6281
6282
6283
6284
6285
6286
6287
6288
6289
6290
6291
6292
6293
6294
6295
6296
6297
6298
6299
6300
6301
6302
6303
6304
6305
6306
6307
6308
6309
6310
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6325
6326
6327
6328
6329
6330
6331
6332
6333
6334
6335
6336
6337
6338
6339
6340
6341
6342
6343
6344
6345
6346
6347
6348
6349
6350
6351
6352
6353
6354
6355
6356
6357
6358
6359
6360
6361
6362
6363
6364
6365
6366
6367
6368
6369
6370
6371
6372
6373
6374
6375
6376
6377
6378
6379
6380
6381
6382
6383
6384
6385
6386
6387
6388
6389
6390
6391
6392
6393
6394
6395
6396
6397
6398
6399
6400
6401
6402
6403
6404
6405
6406
6407
6408
6409
6410
6411
6412
6413
6414
6415
6416
6417
6418
6419
6420
6421
6422
6423
6424
6425
6426
6427
6428
6429
6430
6431
6432
6433
6434
6435
6436
6437
6438
6439
6440
6441
6442
6443
6444
6445
6446
6447
6448
6449
6450
6451
6452
6453
6454
6455
6456
6457
6458
6459
6460
6461
6462
6463
6464
6465
6466
6467
6468
6469
6470
6471
6472
6473
6474
6475
6476
6477
6478
6479
6480
6481
6482
6483
6484
6485
6486
6487
6488
6489
6490
6491
6492
6493
6494
6495
6496
6497
6498
6499
6500
6501
6502
6503
6504
6505
6506
6507
6508
6509
6510
6511
6512
6513
6514
6515
6516
6517
6518
6519
6520
6521
6522
6523
6524
6525
6526
6527
6528
6529
6530
6531
6532
6533
6534
6535
6536
6537
6538
6539
6540
6541
6542
6543
6544
6545
6546
6547
6548
6549
6550
6551
6552
6553
6554
6555
6556
6557
6558
6559
6560
6561
6562
6563
6564
6565
6566
6567
6568
6569
6570
6571
6572
6573
6574
6575
6576
6577
6578
6579
6580
6581
6582
6583
6584
6585
6586
6587
6588
6589
6590
6591
6592
6593
6594
6595
6596
6597
6598
6599
6600
6601
6602
6603
6604
6605
6606
6607
6608
6609
6610
6611
6612
6613
6614
6615
6616
6617
6618
6619
6620
6621
6622
6623
6624
6625
6626
6627
6628
6629
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
6644
6645
6646
6647
6648
6649
6650
6651
6652
6653
6654
6655
6656
6657
6658
6659
6660
6661
6662
6663
6664
6665
6666
6667
6668
6669
6670
6671
6672
6673
6674
6675
6676
6677
6678
6679
6680
6681
6682
6683
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
6702
6703
6704
6705
6706
6707
6708
6709
6710
6711
6712
6713
6714
6715
6716
6717
6718
6719
6720
6721
6722
6723
6724
6725
6726
6727
6728
6729
6730
6731
6732
6733
6734
6735
6736
6737
6738
6739
6740
6741
6742
6743
6744
6745
6746
6747
6748
6749
6750
6751
6752
6753
6754
6755
6756
6757
6758
6759
6760
6761
6762
6763
6764
6765
6766
6767
6768
6769
6770
6771
6772
6773
6774
6775
6776
6777
6778
6779
6780
6781
6782
6783
6784
6785
6786
6787
6788
6789
6790
6791
6792
6793
6794
6795
6796
6797
6798
6799
6800
6801
6802
6803
6804
6805
6806
6807
6808
6809
6810
6811
6812
6813
6814
6815
6816
6817
6818
6819
6820
6821
6822
6823
6824
6825
6826
6827
6828
6829
6830
6831
6832
6833
6834
6835
6836
6837
6838
6839
6840
6841
6842
6843
6844
6845
6846
6847
6848
6849
6850
6851
6852
6853
6854
6855
6856
6857
6858
6859
6860
6861
6862
6863
6864
6865
6866
6867
6868
6869
6870
6871
6872
6873
6874
6875
6876
6877
6878
6879
6880
6881
6882
6883
6884
6885
6886
6887
6888
6889
6890
6891
6892
6893
6894
6895
6896
6897
6898
6899
6900
6901
6902
6903
6904
6905
6906
6907
6908
6909
6910
6911
6912
6913
6914
6915
6916
6917
6918
6919
6920
6921
6922
6923
6924
6925
6926
6927
6928
6929
6930
6931
6932
6933
6934
6935
6936
6937
6938
6939
6940
6941
6942
6943
6944
6945
6946
6947
6948
6949
6950
6951
6952
6953
6954
6955
6956
6957
6958
6959
6960
6961
6962
6963
6964
6965
6966
6967
6968
6969
6970
6971
6972
6973
6974
6975
6976
6977
6978
6979
6980
6981
6982
6983
6984
6985
6986
6987
6988
6989
6990
6991
6992
6993
6994
6995
6996
6997
6998
6999
7000
7001
7002
7003
7004
7005
7006
7007
7008
7009
7010
7011
7012
7013
7014
7015
7016
7017
7018
7019
7020
7021
7022
7023
7024
7025
7026
7027
7028
7029
7030
7031
7032
7033
7034
7035
7036
7037
7038
7039
7040
7041
7042
7043
7044
7045
7046
7047
7048
7049
7050
7051
7052
7053
7054
7055
7056
7057
7058
7059
7060
7061
7062
7063
7064
7065
7066
7067
7068
7069
7070
7071
7072
7073
7074
7075
7076
7077
7078
7079
7080
7081
7082
7083
7084
7085
7086
7087
7088
7089
7090
7091
7092
7093
7094
7095
7096
7097
7098
7099
7100
7101
7102
7103
7104
7105
7106
7107
7108
7109
7110
7111
7112
7113
7114
7115
7116
7117
7118
7119
7120
7121
7122
7123
7124
7125
7126
7127
7128
7129
7130
7131
7132
7133
7134
7135
7136
7137
7138
7139
7140
7141
7142
7143
7144
7145
7146
7147
7148
7149
7150
7151
7152
7153
7154
7155
7156
7157
7158
7159
7160
7161
7162
7163
7164
7165
7166
7167
7168
7169
7170
7171
7172
7173
7174
7175
7176
7177
7178
7179
7180
7181
7182
7183
7184
7185
7186
7187
7188
7189
7190
7191
7192
7193
7194
7195
7196
7197
7198
7199
7200
7201
7202
7203
7204
7205
7206
7207
7208
7209
7210
7211
7212
7213
7214
7215
7216
7217
7218
7219
7220
7221
7222
7223
7224
7225
7226
7227
7228
7229
7230
7231
7232
7233
7234
7235
7236
7237
7238
7239
7240
7241
7242
7243
7244
7245
7246
7247
7248
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
7264
7265
7266
7267
7268
7269
7270
7271
7272
7273
7274
7275
7276
7277
7278
7279
7280
7281
7282
7283
7284
7285
7286
7287
7288
7289
7290
7291
7292
7293
7294
7295
7296
7297
7298
7299
7300
7301
7302
7303
7304
7305
7306
7307
7308
7309
7310
7311
7312
7313
7314
7315
7316
7317
7318
7319
7320
7321
7322
7323
7324
7325
7326
7327
7328
7329
7330
7331
7332
7333
7334
7335
7336
7337
7338
7339
7340
7341
7342
7343
7344
7345
7346
7347
7348
7349
7350
7351
7352
7353
7354
7355
7356
7357
7358
7359
7360
7361
7362
7363
7364
7365
7366
7367
7368
7369
7370
7371
7372
7373
7374
7375
7376
7377
7378
7379
7380
7381
7382
7383
7384
7385
7386
7387
7388
7389
7390
7391
7392
7393
7394
7395
7396
7397
7398
7399
7400
7401
7402
7403
7404
7405
7406
7407
7408
7409
7410
7411
7412
7413
7414
7415
7416
7417
7418
7419
7420
7421
7422
7423
7424
7425
7426
7427
7428
7429
7430
7431
7432
7433
7434
7435
7436
7437
7438
7439
7440
7441
7442
7443
7444
7445
7446
7447
7448
7449
7450
7451
7452
7453
7454
7455
7456
7457
7458
7459
7460
7461
7462
7463
7464
7465
7466
7467
7468
7469
7470
7471
7472
7473
7474
7475
7476
7477
7478
7479
7480
7481
7482
7483
7484
7485
7486
7487
7488
7489
7490
7491
7492
7493
7494
7495
7496
7497
7498
7499
7500
7501
7502
7503
7504
7505
7506
7507
7508
7509
7510
7511
7512
7513
7514
7515
7516
7517
7518
7519
7520
7521
7522
7523
7524
7525
7526
7527
7528
7529
7530
7531
7532
7533
7534
7535
7536
7537
7538
7539
7540
7541
7542
7543
7544
7545
7546
7547
7548
7549
7550
7551
7552
7553
7554
7555
7556
7557
7558
7559
7560
7561
7562
7563
7564
7565
7566
7567
7568
7569
7570
7571
7572
7573
7574
7575
7576
7577
7578
7579
7580
7581
7582
7583
7584
7585
7586
7587
7588
7589
7590
7591
7592
7593
7594
7595
7596
7597
7598
7599
7600
7601
7602
7603
7604
7605
7606
7607
7608
7609
7610
7611
7612
7613
7614
7615
7616
7617
7618
7619
7620
7621
7622
7623
7624
7625
7626
7627
7628
7629
7630
7631
7632
7633
7634
7635
7636
7637
7638
7639
7640
7641
7642
7643
7644
7645
7646
7647
7648
7649
7650
7651
7652
7653
7654
7655
7656
7657
7658
7659
7660
7661
7662
7663
7664
7665
7666
7667
7668
7669
7670
7671
7672
7673
7674
7675
7676
7677
7678
7679
7680
7681
7682
7683
7684
7685
7686
7687
7688
7689
7690
7691
7692
7693
7694
7695
7696
7697
7698
7699
7700
7701
7702
7703
7704
7705
7706
7707
7708
7709
7710
7711
7712
7713
7714
7715
7716
7717
7718
7719
7720
7721
7722
7723
7724
7725
7726
7727
7728
7729
7730
7731
7732
7733
7734
7735
7736
7737
7738
7739
7740
7741
7742
7743
7744
7745
7746
7747
7748
7749
7750
7751
7752
7753
7754
7755
7756
7757
7758
7759
7760
7761
7762
7763
7764
7765
7766
7767
7768
7769
7770
7771
7772
7773
7774
7775
7776
7777
7778
7779
7780
7781
7782
7783
7784
7785
7786
7787
7788
7789
7790
7791
7792
7793
7794
7795
7796
7797
7798
7799
7800
7801
7802
7803
7804
7805
7806
7807
7808
7809
7810
7811
7812
7813
7814
7815
7816
7817
7818
7819
7820
7821
7822
7823
7824
7825
7826
7827
7828
7829
7830
7831
7832
7833
7834
7835
7836
7837
7838
7839
7840
7841
7842
7843
7844
7845
7846
7847
7848
7849
7850
7851
7852
7853
7854
7855
7856
7857
7858
7859
7860
7861
7862
7863
7864
7865
7866
7867
7868
7869
7870
7871
7872
7873
7874
7875
7876
7877
7878
7879
7880
7881
7882
7883
7884
7885
7886
7887
7888
7889
7890
7891
7892
7893
7894
7895
7896
7897
7898
7899
7900
7901
7902
7903
7904
7905
7906
7907
7908
7909
7910
7911
7912
7913
7914
7915
7916
7917
7918
7919
7920
7921
7922
7923
7924
7925
7926
7927
7928
7929
7930
7931
7932
7933
7934
7935
7936
7937
7938
7939
7940
7941
7942
7943
7944
7945
7946
7947
7948
7949
7950
7951
7952
7953
7954
7955
7956
7957
7958
7959
7960
7961
7962
7963
7964
7965
7966
7967
7968
7969
7970
7971
7972
7973
7974
7975
7976
7977
7978
7979
7980
7981
7982
7983
7984
7985
7986
7987
7988
7989
7990
7991
7992
7993
7994
7995
7996
7997
7998
7999
8000
8001
8002
8003
8004
8005
8006
8007
8008
8009
8010
8011
8012
8013
8014
8015
8016
8017
8018
8019
8020
8021
8022
8023
8024
8025
8026
8027
8028
8029
8030
8031
8032
8033
8034
8035
8036
8037
8038
8039
8040
8041
8042
8043
8044
8045
8046
8047
8048
8049
8050
8051
8052
8053
8054
8055
8056
8057
8058
8059
8060
8061
8062
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
8105
8106
8107
8108
8109
8110
8111
8112
8113
8114
8115
8116
8117
8118
8119
8120
8121
8122
8123
8124
8125
8126
8127
8128
8129
8130
8131
8132
8133
8134
8135
8136
8137
8138
8139
8140
8141
8142
8143
8144
8145
8146
8147
8148
8149
8150
8151
8152
8153
8154
8155
8156
8157
8158
8159
8160
8161
8162
8163
8164
8165
8166
8167
8168
8169
8170
8171
8172
8173
8174
8175
8176
8177
8178
8179
8180
8181
8182
8183
8184
8185
8186
8187
8188
8189
8190
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
8213
8214
8215
8216
8217
8218
8219
8220
8221
8222
8223
8224
8225
8226
8227
8228
8229
8230
8231
8232
8233
8234
8235
8236
8237
8238
8239
8240
8241
8242
8243
8244
8245
8246
8247
8248
8249
8250
8251
8252
8253
8254
8255
8256
8257
8258
8259
8260
8261
8262
8263
8264
8265
8266
8267
8268
8269
8270
8271
8272
8273
8274
8275
8276
8277
8278
8279
8280
8281
8282
8283
8284
8285
8286
8287
8288
8289
8290
8291
8292
8293
8294
8295
8296
8297
8298
8299
8300
8301
8302
8303
8304
8305
8306
8307
8308
8309
8310
8311
8312
8313
8314
8315
8316
8317
8318
8319
8320
8321
8322
8323
8324
8325
8326
8327
8328
8329
8330
8331
8332
8333
8334
8335
8336
8337
8338
8339
8340
8341
8342
8343
8344
8345
8346
8347
8348
8349
8350
8351
8352
8353
8354
8355
8356
8357
8358
8359
8360
8361
8362
8363
8364
8365
8366
8367
8368
8369
8370
8371
8372
8373
8374
8375
8376
8377
8378
8379
8380
8381
8382
8383
8384
8385
8386
8387
8388
8389
8390
8391
8392
8393
8394
8395
8396
8397
8398
8399
8400
8401
8402
8403
8404
8405
8406
8407
8408
8409
8410
8411
8412
8413
8414
8415
8416
8417
8418
8419
8420
8421
8422
8423
8424
8425
8426
8427
8428
8429
8430
8431
8432
8433
8434
8435
8436
8437
8438
8439
8440
8441
8442
8443
8444
8445
8446
8447
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8459
8460
8461
8462
8463
8464
8465
8466
8467
8468
8469
8470
8471
8472
8473
8474
8475
8476
8477
8478
8479
8480
8481
8482
8483
8484
8485
8486
8487
8488
8489
8490
8491
8492
8493
8494
8495
8496
8497
8498
8499
8500
8501
8502
8503
8504
8505
8506
8507
8508
8509
8510
8511
8512
8513
8514
8515
8516
8517
8518
8519
8520
8521
8522
8523
8524
8525
8526
8527
8528
8529
8530
8531
8532
8533
8534
8535
8536
8537
8538
8539
8540
8541
8542
8543
8544
8545
8546
8547
8548
8549
8550
8551
8552
8553
8554
8555
8556
8557
8558
8559
8560
8561
8562
8563
8564
8565
8566
8567
8568
8569
8570
8571
8572
8573
8574
8575
8576
8577
8578
8579
8580
8581
8582
8583
8584
8585
8586
8587
8588
8589
8590
8591
8592
8593
8594
8595
8596
8597
8598
8599
8600
8601
8602
8603
8604
8605
8606
8607
8608
8609
8610
8611
8612
8613
8614
8615
8616
8617
8618
8619
8620
8621
8622
8623
8624
8625
8626
8627
8628
8629
8630
8631
8632
8633
8634
8635
8636
8637
8638
8639
8640
8641
8642
8643
8644
8645
8646
8647
8648
8649
8650
8651
8652
8653
8654
8655
8656
8657
8658
8659
8660
8661
8662
8663
8664
8665
8666
8667
8668
8669
8670
8671
8672
8673
8674
8675
8676
8677
8678
8679
8680
8681
8682
8683
8684
8685
8686
8687
8688
8689
8690
8691
8692
8693
8694
8695
8696
8697
8698
8699
8700
8701
8702
8703
8704
8705
8706
8707
8708
8709
8710
8711
8712
8713
8714
8715
8716
8717
8718
8719
8720
8721
8722
8723
8724
8725
8726
8727
8728
8729
8730
8731
8732
8733
8734
8735
8736
8737
8738
8739
8740
8741
8742
8743
8744
8745
8746
8747
8748
8749
8750
8751
8752
8753
8754
8755
8756
8757
8758
8759
8760
8761
8762
8763
8764
8765
8766
8767
8768
8769
8770
8771
8772
8773
8774
8775
8776
8777
8778
8779
8780
8781
8782
8783
8784
8785
8786
8787
8788
8789
8790
8791
8792
8793
8794
8795
8796
8797
8798
8799
8800
8801
8802
8803
8804
8805
8806
8807
8808
8809
8810
8811
8812
8813
8814
8815
8816
8817
8818
8819
8820
8821
8822
8823
8824
8825
8826
8827
8828
8829
8830
8831
8832
8833
8834
8835
8836
8837
8838
8839
8840
8841
8842
8843
8844
8845
8846
8847
8848
8849
8850
8851
8852
8853
8854
8855
8856
8857
8858
8859
8860
8861
8862
8863
8864
8865
8866
8867
8868
8869
8870
8871
8872
8873
8874
8875
8876
8877
8878
8879
8880
8881
8882
8883
8884
8885
8886
8887
8888
8889
8890
8891
8892
8893
8894
8895
8896
8897
8898
8899
8900
8901
8902
8903
8904
8905
8906
8907
8908
8909
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
8933
8934
8935
8936
8937
8938
8939
8940
8941
8942
8943
8944
8945
8946
8947
8948
8949
8950
8951
8952
8953
8954
8955
8956
8957
8958
8959
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
8981
8982
8983
8984
8985
8986
8987
8988
8989
8990
8991
8992
8993
8994
8995
8996
8997
8998
8999
9000
9001
9002
9003
9004
9005
9006
9007
9008
9009
9010
9011
9012
9013
9014
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
9029
9030
9031
9032
9033
9034
9035
9036
9037
9038
9039
9040
9041
9042
9043
9044
9045
9046
9047
9048
9049
9050
9051
9052
9053
9054
9055
9056
9057
9058
9059
9060
9061
9062
9063
9064
9065
9066
9067
9068
9069
9070
9071
9072
9073
9074
9075
9076
9077
9078
9079
9080
9081
9082
9083
9084
9085
9086
9087
9088
9089
9090
9091
9092
9093
9094
9095
9096
9097
9098
9099
9100
9101
9102
9103
9104
9105
9106
9107
9108
9109
9110
9111
9112
9113
9114
9115
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
9167
9168
9169
9170
9171
9172
9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
9198
9199
9200
9201
9202
9203
9204
9205
9206
9207
9208
9209
9210
9211
9212
9213
9214
9215
9216
9217
9218
9219
9220
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
9232
9233
9234
9235
9236
9237
9238
9239
9240
9241
9242
9243
9244
9245
9246
9247
9248
9249
9250
9251
9252
9253
9254
9255
9256
9257
9258
9259
9260
9261
9262
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
9278
9279
9280
9281
9282
9283
9284
9285
9286
9287
9288
9289
9290
9291
9292
9293
9294
9295
9296
9297
9298
9299
9300
9301
9302
9303
9304
9305
9306
9307
9308
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
9323
9324
9325
9326
9327
9328
9329
9330
9331
9332
9333
9334
9335
9336
9337
9338
9339
9340
9341
9342
9343
9344
9345
9346
9347
9348
9349
9350
9351
9352
9353
9354
9355
9356
9357
9358
9359
9360
9361
9362
9363
9364
9365
9366
9367
9368
9369
9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407
9408
9409
9410
9411
9412
9413
9414
9415
9416
9417
9418
9419
9420
9421
9422
9423
9424
9425
9426
9427
9428
9429
9430
9431
9432
9433
9434
9435
9436
9437
9438
9439
9440
9441
9442
9443
9444
9445
9446
9447
9448
9449
9450
9451
9452
9453
9454
9455
9456
9457
9458
9459
9460
9461
9462
9463
9464
9465
9466
9467
9468
9469
9470
9471
9472
9473
9474
9475
9476
9477
9478
9479
9480
9481
9482
9483
9484
9485
9486
9487
9488
9489
9490
9491
9492
9493
9494
9495
9496
9497
9498
9499
9500
9501
9502
9503
9504
9505
9506
9507
9508
9509
9510
9511
9512
9513
9514
9515
9516
9517
9518
9519
9520
9521
9522
9523
9524
9525
9526
9527
9528
9529
9530
9531
9532
9533
9534
9535
9536
9537
9538
9539
9540
9541
9542
9543
9544
9545
9546
9547
9548
9549
9550
9551
9552
9553
9554
9555
9556
9557
9558
9559
9560
9561
9562
9563
9564
9565
9566
9567
9568
9569
9570
9571
9572
9573
9574
9575
9576
9577
9578
9579
9580
9581
9582
9583
9584
9585
9586
9587
9588
9589
9590
9591
9592
9593
9594
9595
9596
9597
9598
9599
9600
9601
9602
9603
9604
9605
9606
9607
9608
9609
9610
9611
9612
9613
9614
9615
9616
9617
9618
9619
9620
9621
9622
9623
9624
9625
9626
9627
9628
9629
9630
9631
9632
9633
9634
9635
9636
9637
9638
9639
9640
9641
9642
9643
9644
9645
9646
9647
9648
9649
9650
9651
9652
9653
9654
9655
9656
9657
9658
9659
9660
9661
9662
9663
9664
9665
9666
9667
9668
9669
9670
9671
9672
9673
9674
9675
9676
9677
9678
9679
9680
9681
9682
9683
9684
9685
9686
9687
9688
9689
9690
9691
9692
9693
9694
9695
9696
9697
9698
9699
9700
9701
9702
9703
9704
9705
9706
9707
9708
9709
9710
9711
9712
9713
9714
9715
9716
9717
9718
9719
9720
9721
9722
9723
9724
9725
9726
9727
9728
9729
9730
9731
9732
9733
9734
9735
9736
9737
9738
9739
9740
9741
9742
9743
9744
9745
9746
9747
9748
9749
9750
9751
9752
9753
9754
9755
9756
9757
9758
9759
9760
9761
9762
9763
9764
9765
9766
9767
9768
9769
9770
9771
9772
9773
9774
9775
9776
9777
9778
9779
9780
9781
9782
9783
9784
9785
9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800
9801
9802
9803
9804
9805
9806
9807
9808
9809
9810
9811
9812
9813
9814
9815
9816
9817
9818
9819
9820
9821
9822
9823
9824
9825
9826
9827
9828
9829
9830
9831
9832
9833
9834
9835
9836
9837
9838
9839
9840
9841
9842
9843
9844
9845
9846
9847
9848
9849
9850
9851
9852
9853
9854
9855
9856
9857
9858
9859
9860
9861
9862
9863
9864
9865
9866
9867
9868
9869
9870
9871
9872
9873
9874
9875
9876
9877
9878
9879
9880
9881
9882
9883
9884
9885
9886
9887
9888
9889
9890
9891
9892
9893
9894
9895
9896
9897
9898
9899
9900
9901
9902
9903
9904
9905
9906
9907
9908
9909
9910
9911
9912
9913
9914
9915
9916
9917
9918
9919
9920
9921
9922
9923
9924
9925
9926
9927
9928
9929
9930
9931
9932
9933
9934
9935
9936
9937
9938
9939
9940
9941
9942
9943
9944
9945
9946
9947
9948
9949
9950
9951
9952
9953
9954
9955
9956
9957
9958
9959
9960
9961
9962
9963
9964
9965
9966
9967
9968
9969
9970
9971
9972
9973
9974
9975
9976
9977
9978
9979
9980
9981
9982
9983
9984
9985
9986
9987
9988
9989
9990
9991
9992
9993
9994
9995
9996
9997
9998
9999
10000
10001
10002
10003
10004
10005
10006
10007
10008
10009
10010
10011
10012
10013
10014
10015
10016
10017
10018
10019
10020
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
10038
10039
10040
10041
10042
10043
10044
10045
10046
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
10072
10073
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
10095
10096
10097
10098
10099
10100
10101
10102
10103
10104
10105
10106
10107
10108
10109
10110
10111
10112
10113
10114
10115
10116
10117
10118
10119
10120
10121
10122
10123
10124
10125
10126
10127
10128
10129
10130
10131
10132
10133
10134
10135
10136
10137
10138
10139
10140
10141
10142
10143
10144
10145
10146
10147
10148
10149
10150
10151
10152
10153
10154
10155
10156
10157
10158
10159
10160
10161
10162
10163
10164
10165
10166
10167
10168
10169
10170
10171
10172
10173
10174
10175
10176
10177
10178
10179
10180
10181
10182
10183
10184
10185
10186
10187
10188
10189
10190
10191
10192
10193
10194
10195
10196
10197
10198
10199
10200
10201
10202
10203
10204
10205
10206
10207
10208
10209
10210
10211
10212
10213
10214
10215
10216
10217
10218
10219
10220
10221
10222
10223
10224
10225
10226
10227
10228
10229
10230
10231
10232
10233
10234
10235
10236
10237
10238
10239
10240
10241
10242
10243
10244
10245
10246
10247
10248
10249
10250
10251
10252
10253
10254
10255
10256
10257
10258
10259
10260
10261
10262
10263
10264
10265
10266
10267
10268
10269
10270
10271
10272
10273
10274
10275
10276
10277
10278
10279
10280
10281
10282
10283
10284
10285
10286
10287
10288
10289
10290
10291
10292
10293
10294
10295
10296
10297
10298
10299
10300
10301
10302
10303
10304
10305
10306
10307
10308
10309
10310
10311
10312
10313
10314
10315
10316
10317
10318
10319
10320
10321
10322
10323
10324
10325
10326
10327
10328
10329
10330
10331
10332
10333
10334
10335
10336
10337
10338
10339
10340
10341
10342
10343
10344
10345
10346
10347
10348
10349
10350
10351
10352
10353
10354
10355
10356
10357
10358
10359
10360
10361
10362
10363
10364
10365
10366
10367
10368
10369
10370
10371
10372
10373
10374
10375
10376
10377
10378
10379
10380
10381
10382
10383
10384
10385
10386
10387
10388
10389
10390
10391
10392
10393
10394
10395
10396
10397
10398
10399
10400
10401
10402
10403
10404
10405
10406
10407
10408
10409
10410
10411
10412
10413
10414
10415
10416
10417
10418
10419
10420
10421
10422
10423
10424
10425
10426
10427
10428
10429
10430
10431
10432
10433
10434
10435
10436
10437
10438
10439
10440
10441
10442
10443
10444
10445
10446
10447
10448
10449
10450
10451
10452
10453
10454
10455
10456
10457
10458
10459
10460
10461
10462
10463
10464
10465
10466
10467
10468
10469
10470
10471
10472
10473
10474
10475
10476
10477
10478
10479
10480
10481
10482
10483
10484
10485
10486
10487
10488
10489
10490
10491
10492
10493
10494
10495
10496
10497
10498
10499
10500
10501
10502
10503
10504
10505
10506
10507
10508
10509
10510
10511
10512
10513
10514
10515
10516
10517
10518
10519
10520
10521
10522
10523
10524
10525
10526
10527
10528
10529
10530
10531
10532
10533
10534
10535
10536
10537
10538
10539
10540
10541
10542
10543
10544
10545
10546
10547
10548
10549
10550
10551
10552
10553
10554
10555
10556
10557
10558
10559
10560
10561
10562
10563
10564
10565
10566
10567
10568
10569
10570
10571
10572
10573
10574
10575
10576
10577
10578
10579
10580
10581
10582
10583
10584
10585
10586
10587
10588
10589
10590
10591
10592
10593
10594
10595
10596
10597
10598
10599
10600
10601
10602
10603
10604
10605
10606
10607
10608
10609
10610
10611
10612
10613
10614
10615
10616
10617
10618
10619
10620
10621
10622
10623
10624
10625
10626
10627
10628
10629
10630
10631
10632
10633
10634
10635
10636
10637
10638
10639
10640
10641
10642
10643
10644
10645
10646
10647
10648
10649
10650
10651
10652
10653
10654
10655
10656
10657
10658
10659
10660
10661
10662
10663
10664
10665
10666
10667
10668
10669
10670
10671
10672
10673
10674
10675
10676
10677
10678
10679
10680
10681
10682
10683
10684
10685
10686
10687
10688
10689
10690
10691
10692
10693
10694
10695
10696
10697
10698
10699
10700
10701
10702
10703
10704
10705
10706
10707
10708
10709
10710
10711
10712
10713
10714
10715
10716
10717
10718
10719
10720
10721
10722
10723
10724
10725
10726
10727
10728
10729
10730
10731
10732
10733
10734
10735
10736
10737
10738
10739
10740
10741
10742
10743
10744
10745
10746
10747
10748
10749
10750
10751
10752
10753
10754
10755
10756
10757
10758
10759
10760
10761
10762
10763
10764
10765
10766
10767
10768
10769
10770
10771
10772
10773
10774
10775
10776
10777
10778
10779
10780
10781
10782
10783
10784
10785
10786
10787
10788
10789
10790
10791
10792
10793
10794
10795
10796
10797
10798
10799
10800
10801
10802
10803
10804
10805
10806
10807
10808
10809
10810
10811
10812
10813
10814
10815
10816
10817
10818
10819
10820
10821
10822
10823
10824
10825
10826
10827
10828
10829
10830
10831
10832
10833
10834
10835
10836
10837
10838
10839
10840
10841
10842
10843
10844
10845
10846
10847
10848
10849
10850
10851
10852
10853
10854
10855
10856
10857
10858
10859
10860
10861
10862
10863
10864
10865
10866
10867
10868
10869
10870
10871
10872
10873
10874
10875
10876
10877
10878
10879
10880
10881
10882
10883
10884
10885
10886
10887
10888
10889
10890
10891
10892
10893
10894
10895
10896
10897
10898
10899
10900
10901
10902
10903
10904
10905
10906
10907
10908
10909
10910
10911
10912
10913
10914
10915
10916
10917
10918
10919
10920
10921
10922
10923
10924
10925
10926
10927
10928
10929
10930
10931
10932
10933
10934
10935
10936
10937
10938
10939
10940
10941
10942
10943
10944
10945
10946
10947
10948
10949
10950
10951
10952
10953
10954
10955
10956
10957
10958
10959
10960
10961
10962
10963
10964
10965
10966
10967
10968
10969
10970
10971
10972
10973
10974
10975
10976
10977
10978
10979
10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
10990
10991
10992
10993
10994
10995
10996
10997
10998
10999
11000
11001
11002
11003
11004
11005
11006
11007
11008
11009
11010
11011
11012
11013
11014
11015
11016
11017
11018
11019
11020
11021
11022
11023
11024
11025
11026
11027
11028
11029
11030
11031
11032
11033
11034
11035
11036
11037
11038
11039
11040
11041
11042
11043
11044
11045
11046
11047
11048
11049
11050
11051
11052
11053
11054
11055
11056
11057
11058
11059
11060
11061
11062
11063
11064
11065
11066
11067
11068
11069
11070
11071
11072
11073
11074
11075
11076
11077
11078
11079
11080
11081
11082
11083
11084
11085
11086
11087
11088
11089
11090
11091
11092
11093
11094
11095
11096
11097
11098
11099
11100
11101
11102
11103
11104
11105
11106
11107
11108
11109
11110
11111
11112
11113
11114
11115
11116
11117
11118
11119
11120
11121
11122
11123
11124
11125
11126
11127
11128
11129
11130
11131
11132
11133
11134
11135
11136
11137
11138
11139
11140
11141
11142
11143
11144
11145
11146
11147
11148
11149
11150
11151
11152
11153
11154
11155
11156
11157
11158
11159
11160
11161
11162
11163
11164
11165
11166
11167
11168
11169
11170
11171
11172
11173
11174
11175
11176
11177
11178
11179
11180
11181
11182
11183
11184
11185
11186
11187
11188
11189
11190
11191
11192
11193
11194
11195
11196
11197
11198
11199
11200
11201
11202
11203
11204
11205
11206
11207
11208
11209
11210
11211
11212
11213
11214
11215
11216
11217
11218
11219
11220
11221
11222
11223
11224
11225
11226
11227
11228
11229
11230
11231
11232
11233
11234
11235
11236
11237
11238
11239
11240
11241
11242
11243
11244
11245
11246
11247
11248
11249
11250
11251
11252
11253
11254
11255
11256
11257
11258
11259
11260
11261
11262
11263
11264
11265
11266
11267
11268
11269
11270
11271
11272
11273
11274
11275
11276
11277
11278
11279
11280
11281
11282
11283
11284
11285
11286
11287
11288
11289
11290
11291
11292
11293
11294
11295
11296
11297
11298
11299
11300
11301
11302
11303
11304
11305
11306
11307
11308
11309
11310
11311
11312
11313
11314
11315
11316
11317
11318
11319
11320
11321
11322
11323
11324
11325
11326
11327
11328
11329
11330
11331
11332
11333
11334
11335
11336
11337
11338
11339
11340
11341
11342
11343
11344
11345
11346
11347
11348
11349
11350
11351
11352
11353
11354
11355
11356
11357
11358
11359
11360
11361
11362
11363
11364
11365
11366
11367
11368
11369
11370
11371
11372
11373
11374
11375
11376
11377
11378
11379
11380
11381
11382
11383
11384
11385
11386
11387
11388
11389
11390
11391
11392
11393
11394
11395
11396
11397
11398
11399
11400
11401
11402
11403
11404
11405
11406
11407
11408
11409
11410
11411
11412
11413
11414
11415
11416
11417
11418
11419
11420
11421
11422
11423
11424
11425
11426
11427
11428
11429
11430
11431
11432
11433
11434
11435
11436
11437
11438
11439
11440
11441
11442
11443
11444
11445
11446
11447
11448
11449
11450
11451
11452
11453
11454
11455
11456
11457
11458
11459
11460
11461
11462
11463
11464
11465
11466
11467
11468
11469
11470
11471
11472
11473
11474
11475
11476
11477
11478
11479
11480
11481
11482
11483
11484
11485
11486
11487
11488
11489
11490
11491
11492
11493
11494
11495
11496
11497
11498
11499
11500
11501
11502
11503
11504
11505
11506
11507
11508
11509
11510
11511
11512
11513
11514
11515
11516
11517
11518
11519
11520
11521
11522
11523
11524
11525
11526
11527
11528
11529
11530
11531
11532
11533
11534
11535
11536
11537
11538
11539
11540
11541
11542
11543
11544
11545
11546
11547
11548
11549
11550
11551
11552
11553
11554
11555
11556
11557
11558
11559
11560
11561
11562
11563
11564
11565
11566
11567
11568
11569
11570
11571
11572
11573
11574
11575
11576
11577
11578
11579
11580
11581
11582
11583
11584
11585
11586
11587
11588
11589
11590
11591
11592
11593
11594
11595
11596
11597
11598
11599
11600
11601
11602
11603
11604
11605
11606
11607
11608
11609
11610
11611
11612
11613
11614
11615
11616
11617
11618
11619
11620
11621
11622
11623
11624
11625
11626
11627
11628
11629
11630
11631
11632
11633
11634
11635
11636
11637
11638
11639
11640
11641
11642
11643
11644
11645
11646
11647
11648
11649
11650
11651
11652
11653
11654
11655
11656
11657
11658
11659
11660
11661
11662
11663
11664
11665
11666
11667
11668
11669
11670
11671
11672
11673
11674
11675
11676
11677
11678
11679
11680
11681
11682
11683
11684
11685
11686
11687
11688
11689
11690
11691
11692
11693
11694
11695
11696
11697
11698
11699
11700
11701
11702
11703
11704
11705
11706
11707
11708
11709
11710
11711
11712
11713
11714
11715
11716
11717
11718
11719
11720
11721
11722
11723
11724
11725
11726
11727
11728
11729
11730
11731
11732
11733
11734
11735
11736
11737
11738
11739
11740
11741
11742
11743
11744
11745
11746
11747
11748
11749
11750
11751
11752
11753
11754
11755
11756
11757
11758
11759
11760
11761
11762
11763
11764
11765
11766
11767
11768
11769
11770
11771
11772
11773
11774
11775
11776
11777
11778
11779
11780
11781
11782
11783
11784
11785
11786
11787
11788
11789
11790
11791
11792
11793
11794
11795
11796
11797
11798
11799
11800
11801
11802
11803
11804
11805
11806
11807
11808
11809
11810
11811
11812
11813
11814
11815
11816
11817
11818
11819
11820
11821
11822
11823
11824
11825
11826
11827
11828
11829
11830
11831
11832
11833
11834
11835
11836
11837
11838
11839
11840
11841
11842
11843
11844
11845
11846
11847
11848
11849
11850
11851
11852
11853
11854
11855
11856
11857
11858
11859
11860
11861
11862
11863
11864
11865
11866
11867
11868
11869
11870
11871
11872
11873
11874
11875
11876
11877
11878
11879
11880
11881
11882
11883
11884
11885
11886
11887
11888
11889
11890
11891
11892
11893
11894
11895
11896
11897
11898
11899
11900
11901
11902
11903
11904
11905
11906
11907
11908
11909
11910
11911
11912
11913
11914
11915
11916
11917
11918
11919
11920
11921
11922
11923
11924
11925
11926
11927
11928
11929
11930
11931
11932
11933
11934
11935
11936
11937
11938
11939
11940
11941
11942
11943
11944
11945
11946
11947
11948
11949
11950
11951
11952
11953
11954
11955
11956
11957
11958
11959
11960
11961
11962
11963
11964
11965
11966
11967
11968
11969
11970
11971
11972
11973
11974
11975
11976
11977
11978
11979
11980
11981
11982
11983
11984
11985
11986
11987
11988
11989
11990
11991
11992
11993
11994
11995
11996
11997
11998
11999
12000
12001
12002
12003
12004
12005
12006
12007
12008
12009
12010
12011
12012
12013
12014
12015
12016
12017
12018
12019
12020
12021
12022
12023
12024
12025
12026
12027
12028
12029
12030
12031
12032
12033
12034
12035
12036
12037
12038
12039
12040
12041
12042
12043
12044
12045
12046
12047
12048
12049
12050
12051
12052
12053
12054
12055
12056
12057
12058
12059
12060
12061
12062
12063
12064
12065
12066
12067
12068
12069
12070
12071
12072
12073
12074
12075
12076
12077
12078
12079
12080
12081
12082
12083
12084
12085
12086
12087
12088
12089
12090
12091
12092
12093
12094
12095
12096
12097
12098
12099
12100
12101
12102
12103
12104
12105
12106
12107
12108
12109
12110
12111
12112
12113
12114
12115
12116
12117
12118
12119
12120
12121
12122
12123
12124
12125
12126
12127
12128
12129
12130
12131
12132
12133
12134
12135
12136
12137
12138
12139
12140
12141
12142
12143
12144
12145
12146
12147
12148
12149
12150
12151
12152
12153
12154
12155
12156
12157
12158
12159
12160
12161
12162
12163
12164
12165
12166
12167
12168
12169
12170
12171
12172
12173
12174
12175
12176
12177
12178
12179
12180
12181
12182
12183
12184
12185
12186
12187
12188
12189
12190
12191
12192
12193
12194
12195
12196
12197
12198
12199
12200
12201
12202
12203
12204
12205
12206
12207
12208
12209
12210
12211
12212
12213
12214
12215
12216
12217
12218
12219
12220
12221
12222
12223
12224
12225
12226
12227
12228
12229
12230
12231
12232
12233
12234
12235
12236
12237
12238
12239
12240
12241
12242
12243
12244
12245
12246
12247
12248
12249
12250
12251
12252
12253
12254
12255
12256
12257
12258
12259
12260
12261
12262
12263
12264
12265
12266
12267
12268
12269
12270
12271
12272
12273
12274
12275
12276
12277
12278
12279
12280
12281
12282
12283
12284
12285
12286
12287
12288
12289
12290
12291
12292
12293
12294
12295
12296
12297
12298
12299
12300
12301
12302
12303
12304
12305
12306
12307
12308
12309
12310
12311
12312
12313
12314
12315
12316
12317
12318
12319
12320
12321
12322
12323
12324
12325
12326
12327
12328
12329
12330
12331
12332
12333
12334
12335
12336
12337
12338
12339
12340
12341
12342
12343
12344
12345
12346
12347
12348
12349
12350
12351
12352
12353
12354
12355
12356
12357
12358
12359
12360
12361
12362
12363
12364
12365
12366
12367
12368
12369
12370
12371
12372
12373
12374
12375
12376
12377
12378
12379
12380
12381
12382
12383
12384
12385
12386
12387
12388
12389
12390
12391
12392
12393
12394
12395
12396
12397
12398
12399
12400
12401
12402
12403
12404
12405
12406
12407
12408
12409
12410
12411
12412
12413
12414
12415
12416
12417
12418
12419
12420
12421
12422
12423
12424
12425
12426
12427
12428
12429
12430
12431
12432
12433
12434
12435
12436
12437
12438
12439
12440
12441
12442
12443
12444
12445
12446
12447
12448
12449
12450
12451
12452
12453
12454
12455
12456
12457
12458
12459
12460
12461
12462
12463
12464
12465
12466
12467
12468
12469
12470
12471
12472
12473
12474
12475
12476
12477
12478
12479
12480
12481
12482
12483
12484
12485
12486
12487
12488
12489
12490
12491
12492
12493
12494
12495
12496
12497
12498
12499
12500
12501
12502
12503
12504
12505
12506
12507
12508
12509
12510
12511
12512
12513
12514
12515
12516
12517
12518
12519
12520
12521
12522
12523
12524
12525
12526
12527
12528
12529
12530
12531
12532
12533
12534
12535
12536
12537
12538
12539
12540
12541
12542
12543
12544
12545
12546
12547
12548
12549
12550
12551
12552
12553
12554
12555
12556
12557
12558
12559
12560
12561
12562
12563
12564
12565
12566
12567
12568
12569
12570
12571
12572
12573
12574
12575
12576
12577
12578
12579
12580
12581
12582
12583
12584
12585
12586
12587
12588
12589
12590
12591
12592
12593
12594
12595
12596
12597
12598
12599
12600
12601
12602
12603
12604
12605
12606
12607
12608
12609
12610
12611
12612
12613
12614
12615
12616
12617
12618
12619
12620
12621
12622
12623
12624
12625
12626
12627
12628
12629
12630
12631
12632
12633
12634
12635
12636
12637
12638
12639
12640
12641
12642
12643
12644
12645
12646
12647
12648
12649
12650
12651
12652
12653
12654
12655
12656
12657
12658
12659
12660
12661
12662
12663
12664
12665
12666
12667
12668
12669
12670
12671
12672
12673
12674
12675
12676
12677
12678
12679
12680
12681
12682
12683
12684
12685
12686
12687
12688
12689
12690
12691
12692
12693
12694
12695
12696
12697
12698
12699
12700
12701
12702
12703
12704
12705
12706
12707
12708
12709
12710
12711
12712
12713
12714
12715
12716
12717
12718
12719
12720
12721
12722
12723
12724
12725
12726
12727
12728
12729
12730
12731
12732
12733
12734
12735
12736
12737
12738
12739
12740
12741
12742
12743
12744
12745
12746
12747
12748
12749
12750
12751
12752
12753
12754
12755
12756
12757
12758
12759
12760
12761
12762
12763
12764
12765
12766
12767
12768
12769
12770
12771
12772
12773
12774
12775
12776
12777
12778
12779
12780
12781
12782
12783
12784
12785
12786
12787
12788
12789
12790
12791
12792
12793
12794
12795
12796
12797
12798
12799
12800
12801
12802
12803
12804
12805
12806
12807
12808
12809
12810
12811
12812
12813
12814
12815
12816
12817
12818
12819
12820
12821
12822
12823
12824
12825
12826
12827
12828
12829
12830
12831
12832
12833
12834
12835
12836
12837
12838
12839
12840
12841
12842
12843
12844
12845
12846
12847
12848
12849
12850
12851
12852
12853
12854
12855
12856
12857
12858
12859
12860
12861
12862
12863
12864
12865
12866
12867
12868
12869
12870
12871
12872
12873
12874
12875
12876
12877
12878
12879
12880
12881
12882
12883
12884
12885
12886
12887
12888
12889
12890
12891
12892
12893
12894
12895
12896
12897
12898
12899
12900
12901
12902
12903
12904
12905
12906
12907
12908
12909
12910
12911
12912
12913
12914
12915
12916
12917
12918
12919
12920
12921
12922
12923
12924
12925
12926
12927
12928
12929
12930
12931
12932
12933
12934
12935
12936
12937
12938
12939
12940
12941
12942
12943
12944
12945
12946
12947
12948
12949
12950
12951
12952
12953
12954
12955
12956
12957
12958
12959
12960
12961
12962
12963
12964
12965
12966
12967
12968
12969
12970
12971
12972
12973
12974
12975
12976
12977
12978
12979
12980
12981
12982
12983
12984
12985
12986
12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
13025
13026
13027
13028
13029
13030
13031
13032
13033
13034
13035
13036
13037
13038
13039
13040
13041
13042
13043
13044
13045
13046
13047
13048
13049
13050
13051
13052
13053
13054
13055
13056
13057
13058
13059
13060
13061
13062
13063
13064
13065
13066
13067
13068
13069
13070
13071
13072
13073
13074
13075
13076
13077
13078
13079
13080
13081
13082
13083
13084
13085
13086
13087
13088
13089
13090
13091
13092
13093
13094
13095
13096
13097
13098
13099
13100
13101
13102
13103
13104
13105
13106
13107
13108
13109
13110
13111
13112
13113
13114
13115
13116
13117
13118
13119
13120
13121
13122
13123
13124
13125
13126
13127
13128
13129
13130
13131
13132
13133
13134
13135
13136
13137
13138
13139
13140
13141
13142
13143
13144
13145
13146
13147
13148
13149
13150
13151
13152
13153
13154
13155
13156
13157
13158
13159
13160
13161
13162
13163
13164
13165
13166
13167
13168
13169
13170
13171
13172
13173
13174
13175
13176
13177
13178
13179
13180
13181
13182
13183
13184
13185
13186
13187
13188
13189
13190
13191
13192
13193
13194
13195
13196
13197
13198
13199
13200
13201
13202
13203
13204
13205
13206
13207
13208
13209
13210
13211
13212
13213
13214
13215
13216
13217
13218
13219
13220
13221
13222
13223
13224
13225
13226
13227
13228
13229
13230
13231
13232
13233
13234
13235
13236
13237
13238
13239
13240
13241
13242
13243
13244
13245
13246
13247
13248
13249
13250
13251
13252
13253
13254
13255
13256
13257
13258
13259
13260
13261
13262
13263
13264
13265
13266
13267
13268
13269
13270
13271
13272
13273
13274
13275
13276
13277
13278
13279
13280
13281
13282
13283
13284
13285
13286
13287
13288
13289
13290
13291
13292
13293
13294
13295
13296
13297
13298
13299
13300
13301
13302
13303
13304
13305
13306
13307
13308
13309
13310
13311
13312
13313
13314
13315
13316
13317
13318
13319
13320
13321
13322
13323
13324
13325
13326
13327
13328
13329
13330
13331
13332
13333
13334
13335
13336
13337
13338
13339
13340
13341
13342
13343
13344
13345
13346
13347
13348
13349
13350
13351
13352
13353
13354
13355
13356
13357
13358
13359
13360
13361
13362
13363
13364
13365
13366
13367
13368
13369
13370
13371
13372
13373
13374
13375
13376
13377
13378
13379
13380
13381
13382
13383
13384
13385
13386
13387
13388
13389
13390
13391
13392
13393
13394
13395
13396
13397
13398
13399
13400
13401
13402
13403
13404
13405
13406
13407
13408
13409
13410
13411
13412
13413
13414
13415
13416
13417
13418
13419
13420
13421
13422
13423
13424
13425
13426
13427
13428
13429
13430
13431
13432
13433
13434
13435
13436
13437
13438
13439
13440
13441
13442
13443
13444
13445
13446
13447
13448
13449
13450
13451
13452
13453
13454
13455
13456
13457
13458
13459
13460
13461
13462
13463
13464
13465
13466
13467
13468
13469
13470
13471
13472
13473
13474
13475
13476
13477
13478
13479
13480
13481
13482
13483
13484
13485
13486
13487
13488
13489
13490
13491
13492
13493
13494
13495
13496
13497
13498
13499
13500
13501
13502
13503
13504
13505
13506
13507
13508
13509
13510
13511
13512
13513
13514
13515
13516
13517
13518
13519
13520
13521
13522
13523
13524
13525
13526
13527
13528
13529
13530
13531
13532
13533
13534
13535
13536
13537
13538
13539
13540
13541
13542
13543
13544
13545
13546
13547
13548
13549
13550
13551
13552
13553
13554
13555
13556
13557
13558
13559
13560
13561
13562
13563
13564
13565
13566
13567
13568
13569
13570
13571
13572
13573
13574
13575
13576
13577
13578
13579
13580
13581
13582
13583
13584
13585
13586
13587
13588
13589
13590
13591
13592
13593
13594
13595
13596
13597
13598
13599
13600
13601
13602
13603
13604
13605
13606
13607
13608
13609
13610
13611
13612
13613
13614
13615
13616
13617
13618
13619
13620
13621
13622
13623
13624
13625
13626
13627
13628
13629
13630
13631
13632
13633
13634
13635
13636
13637
13638
13639
13640
13641
13642
13643
13644
13645
13646
13647
13648
13649
13650
13651
13652
13653
13654
13655
13656
13657
13658
13659
13660
13661
13662
13663
13664
13665
13666
13667
13668
13669
13670
13671
13672
13673
13674
13675
13676
13677
13678
13679
13680
13681
13682
13683
13684
13685
13686
13687
13688
13689
13690
13691
13692
13693
13694
13695
13696
13697
13698
13699
13700
13701
13702
13703
13704
13705
13706
13707
13708
13709
13710
13711
13712
13713
13714
13715
13716
13717
13718
13719
13720
13721
13722
13723
13724
13725
13726
13727
13728
13729
13730
13731
13732
13733
13734
13735
13736
13737
13738
13739
13740
13741
13742
13743
13744
13745
13746
13747
13748
13749
13750
13751
13752
13753
13754
13755
13756
13757
13758
13759
13760
13761
13762
13763
13764
13765
13766
13767
13768
13769
13770
13771
13772
13773
13774
13775
13776
13777
13778
13779
13780
13781
13782
13783
13784
13785
13786
13787
13788
13789
13790
13791
13792
13793
13794
13795
13796
13797
13798
13799
13800
13801
13802
13803
13804
13805
13806
13807
13808
13809
13810
13811
13812
13813
13814
13815
13816
13817
13818
13819
13820
13821
13822
13823
13824
13825
13826
13827
13828
13829
13830
13831
13832
13833
13834
13835
13836
13837
13838
13839
13840
13841
13842
13843
13844
13845
13846
13847
13848
13849
13850
13851
13852
13853
13854
13855
13856
13857
13858
13859
13860
13861
13862
13863
13864
13865
13866
13867
13868
13869
13870
13871
13872
13873
13874
13875
13876
13877
13878
13879
13880
13881
13882
13883
13884
13885
13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
13896
13897
13898
13899
13900
13901
13902
13903
13904
13905
13906
13907
13908
13909
13910
13911
13912
13913
13914
13915
13916
13917
13918
13919
13920
13921
13922
13923
13924
13925
13926
13927
13928
13929
13930
13931
13932
13933
13934
13935
13936
13937
13938
13939
13940
13941
13942
13943
13944
13945
13946
13947
13948
13949
13950
13951
13952
13953
13954
13955
13956
13957
13958
13959
13960
13961
13962
13963
13964
13965
13966
13967
13968
13969
13970
13971
13972
13973
13974
13975
13976
13977
13978
13979
13980
13981
13982
13983
13984
13985
13986
13987
13988
13989
13990
13991
13992
13993
13994
13995
13996
13997
13998
13999
14000
14001
14002
14003
14004
14005
14006
14007
14008
14009
14010
14011
14012
14013
14014
14015
14016
14017
14018
14019
14020
14021
14022
14023
14024
14025
14026
14027
14028
14029
14030
14031
14032
14033
14034
14035
14036
14037
14038
14039
14040
14041
14042
14043
14044
14045
14046
14047
14048
14049
14050
14051
14052
14053
14054
14055
14056
14057
14058
14059
14060
14061
14062
14063
14064
14065
14066
14067
14068
14069
14070
14071
14072
14073
14074
14075
14076
14077
14078
14079
14080
14081
14082
14083
14084
14085
14086
14087
14088
14089
14090
14091
14092
14093
14094
14095
14096
14097
14098
14099
14100
14101
14102
14103
14104
14105
14106
14107
14108
14109
14110
14111
14112
14113
14114
14115
14116
14117
14118
14119
14120
14121
14122
14123
14124
14125
14126
14127
14128
14129
14130
14131
14132
14133
14134
14135
14136
14137
14138
14139
14140
14141
14142
14143
14144
14145
14146
14147
14148
14149
14150
14151
14152
14153
14154
14155
14156
14157
14158
14159
14160
14161
14162
14163
14164
14165
14166
14167
14168
14169
14170
14171
14172
14173
14174
14175
14176
14177
14178
14179
14180
14181
14182
14183
14184
14185
14186
14187
14188
14189
14190
14191
14192
14193
14194
14195
14196
14197
14198
14199
14200
14201
14202
14203
14204
14205
14206
14207
14208
14209
14210
14211
14212
14213
14214
14215
14216
14217
14218
14219
14220
14221
14222
14223
14224
14225
14226
14227
14228
14229
14230
14231
14232
14233
14234
14235
14236
14237
14238
14239
14240
14241
14242
14243
14244
14245
14246
14247
14248
14249
14250
14251
14252
14253
14254
14255
14256
14257
14258
14259
14260
14261
14262
14263
14264
14265
14266
14267
14268
14269
14270
14271
14272
14273
14274
14275
14276
14277
14278
14279
14280
14281
14282
14283
14284
14285
14286
14287
14288
14289
14290
14291
14292
14293
14294
14295
14296
14297
14298
14299
14300
14301
14302
14303
14304
14305
14306
14307
14308
14309
14310
14311
14312
14313
14314
14315
14316
14317
14318
14319
14320
14321
14322
14323
14324
14325
14326
14327
14328
14329
14330
14331
14332
14333
14334
14335
14336
14337
14338
14339
14340
14341
14342
14343
14344
14345
14346
14347
14348
14349
14350
14351
14352
14353
14354
14355
14356
14357
14358
14359
14360
14361
14362
14363
14364
14365
14366
14367
14368
14369
14370
14371
14372
14373
14374
14375
14376
14377
14378
14379
14380
14381
14382
14383
14384
14385
14386
14387
14388
14389
14390
14391
14392
14393
14394
14395
14396
14397
14398
14399
14400
14401
14402
14403
14404
14405
14406
14407
14408
14409
14410
14411
14412
14413
14414
14415
14416
14417
14418
14419
14420
14421
14422
14423
14424
14425
14426
14427
14428
14429
14430
14431
14432
14433
14434
14435
14436
14437
14438
14439
14440
14441
14442
14443
14444
14445
14446
14447
14448
14449
14450
14451
14452
14453
14454
14455
14456
14457
14458
14459
14460
14461
14462
14463
14464
14465
14466
14467
14468
14469
14470
14471
14472
14473
14474
14475
14476
14477
14478
14479
14480
14481
14482
14483
14484
14485
14486
14487
14488
14489
14490
14491
14492
14493
14494
14495
14496
14497
14498
14499
14500
14501
14502
14503
14504
14505
14506
14507
14508
14509
14510
14511
14512
14513
14514
14515
14516
14517
14518
14519
14520
14521
14522
14523
14524
14525
14526
14527
14528
14529
14530
14531
14532
14533
14534
14535
14536
14537
14538
14539
14540
14541
14542
14543
14544
14545
14546
14547
14548
14549
14550
14551
14552
14553
14554
14555
14556
14557
14558
14559
14560
14561
14562
14563
14564
14565
14566
14567
14568
14569
14570
14571
14572
14573
14574
14575
14576
14577
14578
14579
14580
14581
14582
14583
14584
14585
14586
14587
14588
14589
14590
14591
14592
14593
14594
14595
14596
14597
14598
14599
14600
14601
14602
14603
14604
14605
14606
14607
14608
14609
14610
14611
14612
14613
14614
14615
14616
14617
14618
14619
14620
14621
14622
14623
14624
14625
14626
14627
14628
14629
14630
14631
14632
14633
14634
14635
14636
14637
14638
14639
14640
14641
14642
14643
14644
14645
14646
14647
14648
14649
14650
14651
14652
14653
14654
14655
14656
14657
14658
14659
14660
14661
14662
14663
14664
14665
14666
14667
14668
14669
14670
14671
14672
14673
14674
14675
14676
14677
14678
14679
14680
14681
14682
14683
14684
14685
14686
14687
14688
14689
14690
14691
14692
14693
14694
14695
14696
14697
14698
14699
14700
14701
14702
14703
14704
14705
14706
14707
14708
14709
14710
14711
14712
14713
14714
14715
14716
14717
14718
14719
14720
14721
14722
14723
14724
14725
14726
14727
14728
14729
14730
14731
14732
14733
14734
14735
14736
14737
14738
14739
14740
14741
14742
14743
14744
14745
14746
14747
14748
14749
14750
14751
14752
14753
14754
14755
14756
14757
14758
14759
14760
14761
14762
14763
14764
14765
14766
14767
14768
14769
14770
14771
14772
14773
14774
14775
14776
14777
14778
14779
14780
14781
14782
14783
14784
14785
14786
14787
14788
14789
14790
14791
14792
14793
14794
14795
14796
14797
14798
14799
14800
14801
14802
14803
14804
14805
14806
14807
14808
14809
14810
14811
14812
14813
14814
14815
14816
14817
14818
14819
14820
14821
14822
14823
14824
14825
14826
14827
14828
14829
14830
14831
14832
14833
14834
14835
14836
14837
14838
14839
14840
14841
14842
14843
14844
14845
14846
14847
14848
14849
14850
14851
14852
14853
14854
14855
14856
14857
14858
14859
14860
14861
14862
14863
14864
14865
14866
14867
14868
14869
14870
14871
14872
14873
14874
14875
14876
14877
14878
14879
14880
14881
14882
14883
14884
14885
14886
14887
14888
14889
14890
14891
14892
14893
14894
14895
14896
14897
14898
14899
14900
14901
14902
14903
14904
14905
14906
14907
14908
14909
14910
14911
14912
14913
14914
14915
14916
14917
14918
14919
14920
14921
14922
14923
14924
14925
14926
14927
14928
14929
14930
14931
14932
14933
14934
14935
14936
14937
14938
14939
14940
14941
14942
14943
14944
14945
14946
14947
14948
14949
14950
14951
14952
14953
14954
14955
14956
14957
14958
14959
14960
14961
14962
14963
14964
14965
14966
14967
14968
14969
14970
14971
14972
14973
14974
14975
14976
14977
14978
14979
14980
14981
14982
14983
14984
14985
14986
14987
14988
14989
14990
14991
14992
14993
14994
14995
14996
14997
14998
14999
15000
15001
15002
15003
15004
15005
15006
15007
15008
15009
15010
15011
15012
15013
15014
15015
15016
15017
15018
15019
15020
15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
15120
15121
15122
15123
15124
15125
15126
15127
15128
15129
15130
15131
15132
15133
15134
15135
15136
15137
15138
15139
15140
15141
15142
15143
15144
15145
15146
15147
15148
15149
15150
15151
15152
15153
15154
15155
15156
15157
15158
15159
15160
15161
15162
15163
15164
15165
15166
15167
15168
15169
15170
15171
15172
15173
15174
15175
15176
15177
15178
15179
15180
15181
15182
15183
15184
15185
15186
15187
15188
15189
15190
15191
15192
15193
15194
15195
15196
15197
15198
15199
15200
15201
15202
15203
15204
15205
15206
15207
15208
15209
15210
15211
15212
15213
15214
15215
15216
15217
15218
15219
15220
15221
15222
15223
15224
15225
15226
15227
15228
15229
15230
15231
15232
15233
15234
15235
15236
15237
15238
15239
15240
15241
15242
15243
15244
15245
15246
15247
15248
15249
15250
15251
15252
15253
15254
15255
15256
15257
15258
15259
15260
15261
15262
15263
15264
15265
15266
15267
15268
15269
15270
15271
15272
15273
15274
15275
15276
15277
15278
15279
15280
15281
15282
15283
15284
15285
15286
15287
15288
15289
15290
15291
15292
15293
15294
15295
15296
15297
15298
15299
15300
15301
15302
15303
15304
15305
15306
15307
15308
15309
15310
15311
15312
15313
15314
15315
15316
15317
15318
15319
15320
15321
15322
15323
15324
15325
15326
15327
15328
15329
15330
15331
15332
15333
15334
15335
15336
15337
15338
15339
15340
15341
15342
15343
15344
15345
15346
15347
15348
15349
15350
15351
15352
15353
15354
15355
15356
15357
15358
15359
15360
15361
15362
15363
15364
15365
15366
15367
15368
15369
15370
15371
15372
15373
15374
15375
15376
15377
15378
15379
15380
15381
15382
15383
15384
15385
15386
15387
15388
15389
15390
15391
15392
15393
15394
15395
15396
15397
15398
15399
15400
15401
15402
15403
15404
15405
15406
15407
15408
15409
15410
15411
15412
15413
15414
15415
15416
15417
15418
15419
15420
15421
15422
15423
15424
15425
15426
15427
15428
15429
15430
15431
15432
15433
15434
15435
15436
15437
15438
15439
15440
15441
15442
15443
15444
15445
15446
15447
15448
15449
15450
15451
15452
15453
15454
15455
15456
15457
15458
15459
15460
15461
15462
15463
15464
15465
15466
15467
15468
15469
15470
15471
15472
15473
15474
15475
15476
15477
15478
15479
15480
15481
15482
15483
15484
15485
15486
15487
15488
15489
15490
15491
15492
15493
15494
15495
15496
15497
15498
15499
15500
15501
15502
15503
15504
15505
15506
15507
15508
15509
15510
15511
15512
15513
15514
15515
15516
15517
15518
15519
15520
15521
15522
15523
15524
15525
15526
15527
15528
15529
15530
15531
15532
15533
15534
15535
15536
15537
15538
15539
15540
15541
15542
15543
15544
15545
15546
15547
15548
15549
15550
15551
15552
15553
15554
15555
15556
15557
15558
15559
15560
15561
15562
15563
15564
15565
15566
15567
15568
15569
15570
15571
15572
15573
15574
15575
15576
15577
15578
15579
15580
15581
15582
15583
15584
15585
15586
15587
15588
15589
15590
15591
15592
15593
15594
15595
15596
15597
15598
15599
15600
15601
15602
15603
15604
15605
15606
15607
15608
15609
15610
15611
15612
15613
15614
15615
15616
15617
15618
15619
15620
15621
15622
15623
15624
15625
15626
15627
15628
15629
15630
15631
15632
15633
15634
15635
15636
15637
15638
15639
15640
15641
15642
15643
15644
15645
15646
15647
15648
15649
15650
15651
15652
15653
15654
15655
15656
15657
15658
15659
15660
15661
15662
15663
15664
15665
15666
15667
15668
15669
15670
15671
15672
15673
15674
15675
15676
15677
15678
15679
15680
15681
15682
15683
15684
15685
15686
15687
15688
15689
15690
15691
15692
15693
15694
15695
15696
15697
15698
15699
15700
15701
15702
15703
15704
15705
15706
15707
15708
15709
15710
15711
15712
15713
15714
15715
15716
15717
15718
15719
15720
15721
15722
15723
15724
15725
15726
15727
15728
15729
15730
15731
15732
15733
15734
15735
15736
15737
15738
15739
15740
15741
15742
15743
15744
15745
15746
15747
15748
15749
15750
15751
15752
15753
15754
15755
15756
15757
15758
15759
15760
15761
15762
15763
15764
15765
15766
15767
15768
15769
15770
15771
15772
15773
15774
15775
15776
15777
15778
15779
15780
15781
15782
15783
15784
15785
15786
15787
15788
15789
15790
15791
15792
15793
15794
15795
15796
15797
15798
15799
15800
15801
15802
15803
15804
15805
15806
15807
15808
15809
15810
15811
15812
15813
15814
15815
15816
15817
15818
15819
15820
15821
15822
15823
15824
15825
15826
15827
15828
15829
15830
15831
15832
15833
15834
15835
15836
15837
15838
15839
15840
15841
15842
15843
15844
15845
15846
15847
15848
15849
15850
15851
15852
15853
15854
15855
15856
15857
15858
15859
15860
15861
15862
15863
15864
15865
15866
15867
15868
15869
15870
15871
15872
15873
15874
15875
15876
15877
15878
15879
15880
15881
15882
15883
15884
15885
15886
15887
15888
15889
15890
15891
15892
15893
15894
15895
15896
15897
15898
15899
15900
15901
15902
15903
15904
15905
15906
15907
15908
15909
15910
15911
15912
15913
15914
15915
15916
15917
15918
15919
15920
15921
15922
15923
15924
15925
15926
15927
15928
15929
15930
15931
15932
15933
15934
15935
15936
15937
15938
15939
15940
15941
15942
15943
15944
15945
15946
15947
15948
15949
15950
15951
15952
15953
15954
15955
15956
15957
15958
15959
15960
15961
15962
15963
15964
15965
15966
15967
15968
15969
15970
15971
15972
15973
15974
15975
15976
15977
15978
15979
15980
15981
15982
15983
15984
15985
15986
15987
15988
15989
15990
15991
15992
15993
15994
15995
15996
15997
15998
15999
16000
16001
16002
16003
16004
16005
16006
16007
16008
16009
16010
16011
16012
16013
16014
16015
16016
16017
16018
16019
16020
16021
16022
16023
16024
16025
16026
16027
16028
16029
16030
16031
16032
16033
16034
16035
16036
16037
16038
16039
16040
16041
16042
16043
16044
16045
16046
16047
16048
16049
16050
16051
16052
16053
16054
16055
16056
16057
16058
16059
16060
16061
16062
16063
16064
16065
16066
16067
16068
16069
16070
16071
16072
16073
16074
16075
16076
16077
16078
16079
16080
16081
16082
16083
16084
16085
16086
16087
16088
16089
16090
16091
16092
16093
16094
16095
16096
16097
16098
16099
16100
16101
16102
16103
16104
16105
16106
16107
16108
16109
16110
16111
16112
16113
16114
16115
16116
16117
16118
16119
16120
16121
16122
16123
16124
16125
16126
16127
16128
16129
16130
16131
16132
16133
16134
16135
16136
16137
16138
16139
16140
16141
16142
16143
16144
16145
16146
16147
16148
16149
16150
16151
16152
16153
16154
16155
16156
16157
16158
16159
16160
16161
16162
16163
16164
16165
16166
16167
16168
16169
16170
16171
16172
16173
16174
16175
16176
16177
16178
16179
16180
16181
16182
16183
16184
16185
16186
16187
16188
16189
16190
16191
16192
16193
16194
16195
16196
16197
16198
16199
16200
16201
16202
16203
16204
16205
16206
16207
16208
16209
16210
16211
16212
16213
16214
16215
16216
16217
16218
16219
16220
16221
16222
16223
16224
16225
16226
16227
16228
16229
16230
16231
16232
16233
16234
16235
16236
16237
16238
16239
16240
16241
16242
16243
16244
16245
16246
16247
16248
16249
16250
16251
16252
16253
16254
16255
16256
16257
16258
16259
16260
16261
16262
16263
16264
16265
16266
16267
16268
16269
16270
16271
16272
16273
16274
16275
16276
16277
16278
16279
16280
16281
16282
16283
16284
16285
16286
16287
16288
16289
16290
16291
16292
16293
16294
16295
16296
16297
16298
16299
16300
16301
16302
16303
16304
16305
16306
16307
16308
16309
16310
16311
16312
16313
16314
16315
16316
16317
16318
16319
16320
16321
16322
16323
16324
16325
16326
16327
16328
16329
16330
16331
16332
16333
16334
16335
16336
16337
16338
16339
16340
16341
16342
16343
16344
16345
16346
16347
16348
16349
16350
16351
16352
16353
16354
16355
16356
16357
16358
16359
16360
16361
16362
16363
16364
16365
16366
16367
16368
16369
16370
16371
16372
16373
16374
16375
16376
16377
16378
16379
16380
16381
16382
16383
16384
16385
16386
16387
16388
16389
16390
16391
16392
16393
16394
16395
16396
16397
16398
16399
16400
16401
16402
16403
16404
16405
16406
16407
16408
16409
16410
16411
16412
16413
16414
16415
16416
16417
16418
16419
16420
16421
16422
16423
16424
16425
16426
16427
16428
16429
16430
16431
16432
16433
16434
16435
16436
16437
16438
16439
16440
16441
16442
16443
16444
16445
16446
16447
16448
16449
16450
16451
16452
16453
16454
16455
16456
16457
16458
16459
16460
16461
16462
16463
16464
16465
16466
16467
16468
16469
16470
16471
16472
16473
16474
16475
16476
16477
16478
16479
16480
16481
16482
16483
16484
16485
16486
16487
16488
16489
16490
16491
16492
16493
16494
16495
16496
16497
16498
16499
16500
16501
16502
16503
16504
16505
16506
16507
16508
16509
16510
16511
16512
16513
16514
16515
16516
16517
16518
16519
16520
16521
16522
16523
16524
16525
16526
16527
16528
16529
16530
16531
16532
16533
16534
16535
16536
16537
16538
16539
16540
16541
16542
16543
16544
16545
16546
16547
16548
16549
16550
16551
16552
16553
16554
16555
16556
16557
16558
16559
16560
16561
16562
16563
16564
16565
16566
16567
16568
16569
16570
16571
16572
16573
16574
16575
16576
16577
16578
16579
16580
16581
16582
16583
16584
16585
16586
16587
16588
16589
16590
16591
16592
16593
16594
16595
16596
16597
16598
16599
16600
16601
16602
16603
16604
16605
16606
16607
16608
16609
16610
16611
16612
16613
16614
16615
16616
16617
16618
16619
16620
16621
16622
16623
16624
16625
16626
16627
16628
16629
16630
16631
16632
16633
16634
16635
16636
16637
16638
16639
16640
16641
16642
16643
16644
16645
16646
16647
16648
16649
16650
16651
16652
16653
16654
16655
16656
16657
16658
16659
16660
16661
16662
16663
16664
16665
16666
16667
16668
16669
16670
16671
16672
16673
16674
16675
16676
16677
16678
16679
16680
16681
16682
16683
16684
16685
16686
16687
16688
16689
16690
16691
16692
16693
16694
16695
16696
16697
16698
16699
16700
16701
16702
16703
16704
16705
16706
16707
16708
16709
16710
16711
16712
16713
16714
16715
16716
16717
16718
16719
16720
16721
16722
16723
16724
16725
16726
16727
16728
16729
16730
16731
16732
16733
16734
16735
16736
16737
16738
16739
16740
16741
16742
16743
16744
16745
16746
16747
16748
16749
16750
16751
16752
16753
16754
16755
16756
16757
16758
16759
16760
16761
16762
16763
16764
16765
16766
16767
16768
16769
16770
16771
16772
16773
16774
16775
16776
16777
16778
16779
16780
16781
16782
16783
16784
16785
16786
16787
16788
16789
16790
16791
16792
16793
16794
16795
16796
16797
16798
16799
16800
16801
16802
16803
16804
16805
16806
16807
16808
16809
16810
16811
16812
16813
16814
16815
16816
16817
16818
16819
16820
16821
16822
16823
16824
16825
16826
16827
16828
16829
16830
16831
16832
16833
16834
16835
16836
16837
16838
16839
16840
16841
16842
16843
16844
16845
16846
16847
16848
16849
16850
16851
16852
16853
16854
16855
16856
16857
16858
16859
16860
16861
16862
16863
16864
16865
16866
16867
16868
16869
16870
16871
16872
16873
16874
16875
16876
16877
16878
16879
16880
16881
16882
16883
16884
16885
16886
16887
16888
16889
16890
16891
16892
16893
16894
16895
16896
16897
16898
16899
16900
16901
16902
16903
16904
16905
16906
16907
16908
16909
16910
16911
16912
16913
16914
16915
16916
16917
16918
16919
16920
16921
16922
16923
16924
16925
16926
16927
16928
16929
16930
16931
16932
16933
16934
16935
16936
16937
16938
16939
16940
16941
16942
16943
16944
16945
16946
16947
16948
16949
16950
16951
16952
16953
16954
16955
16956
16957
16958
16959
16960
16961
16962
16963
16964
16965
16966
16967
16968
16969
16970
16971
16972
16973
16974
16975
16976
16977
16978
16979
16980
16981
16982
16983
16984
16985
16986
16987
16988
16989
16990
16991
16992
16993
16994
16995
16996
16997
16998
16999
17000
17001
17002
17003
17004
17005
17006
17007
17008
17009
17010
17011
17012
17013
17014
17015
17016
17017
17018
17019
17020
17021
17022
17023
17024
17025
17026
17027
17028
17029
17030
17031
17032
17033
17034
17035
17036
17037
17038
17039
17040
17041
17042
17043
17044
17045
17046
17047
17048
17049
17050
17051
17052
17053
17054
17055
17056
17057
17058
17059
17060
17061
17062
17063
17064
17065
17066
17067
17068
17069
17070
17071
17072
17073
17074
17075
17076
17077
17078
17079
17080
17081
17082
17083
17084
17085
17086
17087
17088
17089
17090
17091
17092
17093
17094
17095
17096
17097
17098
17099
17100
17101
17102
17103
17104
17105
17106
17107
17108
17109
17110
17111
17112
17113
17114
17115
17116
17117
17118
17119
17120
17121
17122
17123
17124
17125
17126
17127
17128
17129
17130
17131
17132
17133
17134
17135
17136
17137
17138
17139
17140
17141
17142
17143
17144
17145
17146
17147
17148
17149
17150
17151
17152
17153
17154
17155
17156
17157
17158
17159
17160
17161
17162
17163
17164
17165
17166
17167
17168
17169
17170
17171
17172
17173
17174
17175
17176
17177
17178
17179
17180
17181
17182
17183
17184
17185
17186
17187
17188
17189
17190
17191
17192
17193
17194
17195
17196
17197
17198
17199
17200
17201
17202
17203
17204
17205
17206
17207
17208
17209
17210
17211
17212
17213
17214
17215
17216
17217
17218
17219
17220
17221
17222
17223
17224
17225
17226
17227
17228
17229
17230
17231
17232
17233
17234
17235
17236
17237
17238
17239
17240
17241
17242
17243
17244
17245
17246
17247
17248
17249
17250
17251
17252
17253
17254
17255
17256
17257
17258
17259
17260
17261
17262
17263
17264
17265
17266
17267
17268
17269
17270
17271
17272
17273
17274
17275
17276
17277
17278
17279
17280
17281
17282
17283
17284
17285
17286
17287
17288
17289
17290
17291
17292
17293
17294
17295
17296
17297
17298
17299
17300
17301
17302
17303
17304
17305
17306
17307
17308
17309
17310
17311
17312
17313
17314
17315
17316
17317
17318
17319
17320
17321
17322
17323
17324
17325
17326
17327
17328
17329
17330
17331
17332
17333
17334
17335
17336
17337
17338
17339
17340
17341
17342
17343
17344
17345
17346
17347
17348
17349
17350
17351
17352
17353
17354
17355
17356
17357
17358
17359
17360
17361
17362
17363
17364
17365
17366
17367
17368
17369
17370
17371
17372
17373
17374
17375
17376
17377
17378
17379
17380
17381
17382
17383
17384
17385
17386
17387
17388
17389
17390
17391
17392
17393
17394
17395
17396
17397
17398
17399
17400
17401
17402
17403
17404
17405
17406
17407
17408
17409
17410
17411
17412
17413
17414
17415
17416
17417
17418
17419
17420
17421
17422
17423
17424
17425
17426
17427
17428
17429
17430
17431
17432
17433
17434
17435
17436
17437
17438
17439
17440
17441
17442
17443
17444
17445
17446
17447
17448
17449
17450
17451
17452
17453
17454
17455
17456
17457
17458
17459
17460
17461
17462
17463
17464
17465
17466
17467
17468
17469
17470
17471
17472
17473
17474
17475
17476
17477
17478
17479
17480
17481
17482
17483
17484
17485
17486
17487
17488
17489
17490
17491
17492
17493
17494
17495
17496
17497
17498
17499
17500
17501
17502
17503
17504
17505
17506
17507
17508
17509
17510
17511
17512
17513
17514
17515
17516
17517
17518
17519
17520
17521
17522
17523
17524
17525
17526
17527
17528
17529
17530
17531
17532
17533
17534
17535
17536
17537
17538
17539
17540
17541
17542
17543
17544
17545
17546
17547
17548
17549
17550
17551
17552
17553
17554
17555
17556
17557
17558
17559
17560
17561
17562
17563
17564
17565
17566
17567
17568
17569
17570
17571
17572
17573
17574
17575
17576
17577
17578
17579
17580
17581
17582
17583
17584
17585
17586
17587
17588
17589
17590
17591
17592
17593
17594
17595
17596
17597
17598
17599
17600
17601
17602
17603
17604
17605
17606
17607
17608
17609
17610
17611
17612
17613
17614
17615
17616
17617
17618
17619
17620
17621
17622
17623
17624
17625
17626
17627
17628
17629
17630
17631
17632
17633
17634
17635
17636
17637
17638
17639
17640
17641
17642
17643
17644
17645
17646
17647
17648
17649
17650
17651
17652
17653
17654
17655
17656
17657
17658
17659
17660
17661
17662
17663
17664
17665
17666
17667
17668
17669
17670
17671
17672
17673
17674
17675
17676
17677
17678
17679
17680
17681
17682
17683
17684
17685
17686
17687
17688
17689
17690
17691
17692
17693
17694
17695
17696
17697
17698
17699
17700
17701
17702
17703
17704
17705
17706
17707
17708
17709
17710
17711
17712
17713
17714
17715
17716
17717
17718
17719
17720
17721
17722
17723
17724
17725
17726
17727
17728
17729
17730
17731
17732
17733
17734
17735
17736
17737
17738
17739
17740
17741
17742
17743
17744
17745
17746
17747
17748
17749
17750
17751
17752
17753
17754
17755
17756
17757
17758
17759
17760
17761
17762
17763
17764
17765
17766
17767
17768
17769
17770
17771
17772
17773
17774
17775
17776
17777
17778
17779
17780
17781
17782
17783
17784
17785
17786
17787
17788
17789
17790
17791
17792
17793
17794
17795
17796
17797
17798
17799
17800
17801
17802
17803
17804
17805
17806
17807
17808
17809
17810
17811
17812
17813
17814
17815
17816
17817
17818
17819
17820
17821
17822
17823
17824
17825
17826
17827
17828
17829
17830
17831
17832
17833
17834
17835
17836
17837
17838
17839
17840
17841
17842
17843
17844
17845
17846
17847
17848
17849
17850
17851
17852
17853
17854
17855
17856
17857
17858
17859
17860
17861
17862
17863
17864
17865
17866
17867
17868
17869
17870
17871
17872
17873
17874
17875
17876
17877
17878
17879
17880
17881
17882
17883
17884
17885
17886
17887
17888
17889
17890
17891
17892
17893
17894
17895
17896
17897
17898
17899
17900
17901
17902
17903
17904
17905
17906
17907
17908
17909
17910
17911
17912
17913
17914
17915
17916
17917
17918
17919
17920
17921
17922
17923
17924
17925
17926
17927
17928
17929
17930
17931
17932
17933
17934
17935
17936
17937
17938
17939
17940
17941
17942
17943
17944
17945
17946
17947
17948
17949
17950
17951
17952
17953
17954
17955
17956
17957
17958
17959
17960
17961
17962
17963
17964
17965
17966
17967
17968
17969
17970
17971
17972
17973
17974
17975
17976
17977
17978
17979
17980
17981
17982
17983
17984
17985
17986
17987
17988
17989
17990
17991
17992
17993
17994
17995
17996
17997
17998
17999
18000
18001
18002
18003
18004
18005
18006
18007
18008
18009
18010
18011
18012
18013
18014
18015
18016
18017
18018
18019
18020
18021
18022
18023
18024
18025
18026
18027
18028
18029
18030
18031
18032
18033
18034
18035
18036
18037
18038
18039
18040
18041
18042
18043
18044
18045
18046
18047
18048
18049
18050
18051
18052
18053
18054
18055
18056
18057
18058
18059
18060
18061
18062
18063
18064
18065
18066
18067
18068
18069
18070
18071
18072
18073
18074
18075
18076
18077
18078
18079
18080
18081
18082
18083
18084
18085
18086
18087
18088
18089
18090
18091
18092
18093
18094
18095
18096
18097
18098
18099
18100
18101
18102
18103
18104
18105
18106
18107
18108
18109
18110
18111
18112
18113
18114
18115
18116
18117
18118
18119
18120
18121
18122
18123
18124
18125
18126
18127
18128
18129
18130
18131
18132
18133
18134
18135
18136
18137
18138
18139
18140
18141
18142
18143
18144
18145
18146
18147
18148
18149
18150
18151
18152
18153
18154
18155
18156
18157
18158
18159
18160
18161
18162
18163
18164
18165
18166
18167
18168
18169
18170
18171
18172
18173
18174
18175
18176
18177
18178
18179
18180
18181
18182
18183
18184
18185
18186
18187
18188
18189
18190
18191
18192
18193
18194
18195
18196
18197
18198
18199
18200
18201
18202
18203
18204
18205
18206
18207
18208
18209
18210
18211
18212
18213
18214
18215
18216
18217
18218
18219
18220
18221
18222
18223
18224
18225
18226
18227
18228
18229
18230
18231
18232
18233
18234
18235
18236
18237
18238
18239
18240
18241
18242
18243
18244
18245
18246
18247
18248
18249
18250
18251
18252
18253
18254
18255
18256
18257
18258
18259
18260
18261
18262
18263
18264
18265
18266
18267
18268
18269
18270
18271
18272
18273
18274
18275
18276
18277
18278
18279
18280
18281
18282
18283
18284
18285
18286
18287
18288
18289
18290
18291
18292
18293
18294
18295
18296
18297
18298
18299
18300
18301
18302
18303
18304
18305
18306
18307
18308
18309
18310
18311
18312
18313
18314
18315
18316
18317
18318
18319
18320
18321
18322
18323
18324
18325
18326
18327
18328
18329
18330
18331
18332
18333
18334
18335
18336
18337
18338
18339
18340
18341
18342
18343
18344
18345
18346
18347
18348
18349
18350
18351
18352
18353
18354
18355
18356
18357
18358
18359
18360
18361
18362
18363
18364
18365
18366
18367
18368
18369
18370
18371
18372
18373
18374
18375
18376
18377
18378
18379
18380
18381
18382
18383
18384
18385
18386
18387
18388
18389
18390
18391
18392
18393
18394
18395
18396
18397
18398
18399
18400
18401
18402
18403
18404
18405
18406
18407
18408
18409
18410
18411
18412
18413
18414
18415
18416
18417
18418
18419
18420
18421
18422
18423
18424
18425
18426
18427
18428
18429
18430
18431
18432
18433
18434
18435
18436
18437
18438
18439
18440
18441
18442
18443
18444
18445
18446
18447
18448
18449
18450
18451
18452
18453
18454
18455
18456
18457
18458
18459
18460
18461
18462
18463
18464
18465
18466
18467
18468
18469
18470
18471
18472
18473
18474
18475
18476
18477
18478
18479
18480
18481
18482
18483
18484
18485
18486
18487
18488
18489
18490
18491
18492
18493
18494
18495
18496
18497
18498
18499
18500
18501
18502
18503
18504
18505
18506
18507
18508
18509
18510
18511
18512
18513
18514
18515
18516
18517
18518
18519
18520
18521
18522
18523
18524
18525
18526
18527
18528
18529
18530
18531
18532
18533
18534
18535
18536
18537
18538
18539
18540
18541
18542
18543
18544
18545
18546
18547
18548
18549
18550
18551
18552
18553
18554
18555
18556
18557
18558
18559
18560
18561
18562
18563
18564
18565
18566
18567
18568
18569
18570
18571
18572
18573
18574
18575
18576
18577
18578
18579
18580
18581
18582
18583
18584
18585
18586
18587
18588
18589
18590
18591
18592
18593
18594
18595
18596
18597
18598
18599
18600
18601
18602
18603
18604
18605
18606
18607
18608
18609
18610
18611
18612
18613
18614
18615
18616
18617
18618
18619
18620
18621
18622
18623
18624
18625
18626
18627
18628
18629
18630
18631
18632
18633
18634
18635
18636
18637
18638
18639
18640
18641
18642
18643
18644
18645
18646
18647
18648
18649
18650
18651
18652
18653
18654
18655
18656
18657
18658
18659
18660
18661
18662
18663
18664
18665
18666
18667
18668
18669
18670
18671
18672
18673
18674
18675
18676
18677
18678
18679
18680
18681
18682
18683
18684
18685
18686
18687
18688
18689
18690
18691
18692
18693
18694
18695
18696
18697
18698
18699
18700
18701
18702
18703
18704
18705
18706
18707
18708
18709
18710
18711
18712
18713
18714
18715
18716
18717
18718
18719
18720
18721
18722
18723
18724
18725
18726
18727
18728
18729
18730
18731
18732
18733
18734
18735
18736
18737
18738
18739
18740
18741
18742
18743
18744
18745
18746
18747
18748
18749
18750
18751
18752
18753
18754
18755
18756
18757
18758
18759
18760
18761
18762
18763
18764
18765
18766
18767
18768
18769
18770
18771
18772
18773
18774
18775
18776
18777
18778
18779
18780
18781
18782
18783
18784
18785
18786
18787
18788
18789
18790
18791
18792
18793
18794
18795
18796
18797
18798
18799
18800
18801
18802
18803
18804
18805
18806
18807
18808
18809
18810
18811
18812
18813
18814
18815
18816
18817
18818
18819
18820
18821
18822
18823
18824
18825
18826
18827
18828
18829
18830
18831
18832
18833
18834
18835
18836
18837
18838
18839
18840
18841
18842
18843
18844
18845
18846
18847
18848
18849
18850
18851
18852
18853
18854
18855
18856
18857
18858
18859
18860
18861
18862
18863
18864
18865
18866
18867
18868
18869
18870
18871
18872
18873
18874
18875
18876
18877
18878
18879
18880
18881
18882
18883
18884
18885
18886
18887
18888
18889
18890
18891
18892
18893
18894
18895
18896
18897
18898
18899
18900
18901
18902
18903
18904
18905
18906
18907
18908
18909
18910
18911
18912
18913
18914
18915
18916
18917
18918
18919
18920
18921
18922
18923
18924
18925
18926
18927
18928
18929
18930
18931
18932
18933
18934
18935
18936
18937
18938
18939
18940
18941
18942
18943
18944
18945
18946
18947
18948
18949
18950
18951
18952
18953
18954
18955
18956
18957
18958
18959
18960
18961
18962
18963
18964
18965
18966
18967
18968
18969
18970
18971
18972
18973
18974
18975
18976
18977
18978
18979
18980
18981
18982
18983
18984
18985
18986
18987
18988
18989
18990
18991
18992
18993
18994
18995
18996
18997
18998
18999
19000
19001
19002
19003
19004
19005
19006
19007
19008
19009
19010
19011
19012
19013
19014
19015
19016
19017
19018
19019
19020
19021
19022
19023
19024
19025
19026
19027
19028
19029
19030
19031
19032
19033
19034
19035
19036
19037
19038
19039
19040
19041
19042
19043
19044
19045
19046
19047
19048
19049
19050
19051
19052
19053
19054
19055
19056
19057
19058
19059
19060
19061
19062
19063
19064
19065
19066
19067
19068
19069
19070
19071
19072
19073
19074
19075
19076
19077
19078
19079
19080
19081
19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
19130
19131
19132
19133
19134
19135
19136
19137
19138
19139
19140
19141
19142
19143
19144
19145
19146
19147
19148
19149
19150
19151
19152
19153
19154
19155
19156
19157
19158
19159
19160
19161
19162
19163
19164
19165
19166
19167
19168
19169
19170
19171
19172
19173
19174
19175
19176
19177
19178
19179
19180
19181
19182
19183
19184
19185
19186
19187
19188
19189
19190
19191
19192
19193
19194
19195
19196
19197
19198
19199
19200
19201
19202
19203
19204
19205
19206
19207
19208
19209
19210
19211
19212
19213
19214
19215
19216
19217
19218
19219
19220
19221
19222
19223
19224
19225
19226
19227
19228
19229
19230
19231
19232
19233
19234
19235
19236
19237
19238
19239
19240
19241
19242
19243
19244
19245
19246
19247
19248
19249
19250
19251
19252
19253
19254
19255
19256
19257
19258
19259
19260
19261
19262
19263
19264
19265
19266
19267
19268
19269
19270
19271
19272
19273
19274
19275
19276
19277
19278
19279
19280
19281
19282
19283
19284
19285
19286
19287
19288
19289
19290
19291
19292
19293
19294
19295
19296
19297
19298
19299
19300
19301
19302
19303
19304
19305
19306
19307
19308
19309
19310
19311
19312
19313
19314
19315
19316
19317
19318
19319
19320
19321
19322
19323
19324
19325
19326
19327
19328
19329
19330
19331
19332
19333
19334
19335
19336
19337
19338
19339
19340
19341
19342
19343
19344
19345
19346
19347
19348
19349
19350
19351
19352
19353
19354
19355
19356
19357
19358
19359
19360
19361
19362
19363
19364
19365
19366
19367
19368
19369
19370
19371
19372
19373
19374
19375
19376
19377
19378
19379
19380
19381
19382
19383
19384
19385
19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
19484
19485
19486
19487
19488
19489
19490
19491
19492
19493
19494
19495
19496
19497
19498
19499
19500
19501
19502
19503
19504
19505
19506
19507
19508
19509
19510
19511
19512
19513
19514
19515
19516
19517
19518
19519
19520
19521
19522
19523
19524
19525
19526
19527
19528
19529
19530
19531
19532
19533
19534
19535
19536
19537
19538
19539
19540
19541
19542
19543
19544
19545
19546
19547
19548
19549
19550
19551
19552
19553
19554
19555
19556
19557
19558
19559
19560
19561
19562
19563
19564
19565
19566
19567
19568
19569
19570
19571
19572
19573
19574
19575
19576
19577
19578
19579
19580
19581
19582
19583
19584
19585
19586
19587
19588
19589
19590
19591
19592
19593
19594
19595
19596
19597
19598
19599
19600
19601
19602
19603
19604
19605
19606
19607
19608
19609
19610
19611
19612
19613
19614
19615
19616
19617
19618
19619
19620
19621
19622
19623
19624
19625
19626
19627
19628
19629
19630
19631
19632
19633
19634
19635
19636
19637
19638
19639
19640
19641
19642
19643
19644
19645
19646
19647
19648
19649
19650
19651
19652
19653
19654
19655
19656
19657
19658
19659
19660
19661
19662
19663
19664
19665
19666
19667
19668
19669
19670
19671
19672
19673
19674
19675
19676
19677
19678
19679
19680
19681
19682
19683
19684
19685
19686
19687
19688
19689
19690
19691
19692
19693
19694
19695
19696
19697
19698
19699
19700
19701
19702
19703
19704
19705
19706
19707
19708
19709
19710
19711
19712
19713
19714
19715
19716
19717
19718
19719
19720
19721
19722
19723
19724
19725
19726
19727
19728
19729
19730
19731
19732
19733
19734
19735
19736
19737
19738
19739
19740
19741
19742
19743
19744
19745
19746
19747
19748
19749
19750
19751
19752
19753
19754
19755
19756
19757
19758
19759
19760
19761
19762
19763
19764
19765
19766
19767
19768
19769
19770
19771
19772
19773
19774
19775
19776
19777
19778
19779
19780
19781
19782
19783
19784
19785
19786
19787
19788
19789
19790
19791
19792
19793
19794
19795
19796
19797
19798
19799
19800
19801
19802
19803
19804
19805
19806
19807
19808
19809
19810
19811
19812
19813
19814
19815
19816
19817
19818
19819
19820
19821
19822
19823
19824
19825
19826
19827
19828
19829
19830
19831
19832
19833
19834
19835
19836
19837
19838
19839
19840
19841
19842
19843
19844
19845
19846
19847
19848
19849
19850
19851
19852
19853
19854
19855
19856
19857
19858
19859
19860
19861
19862
19863
19864
19865
19866
19867
19868
19869
19870
19871
19872
19873
19874
19875
19876
19877
19878
19879
19880
19881
19882
19883
19884
19885
19886
19887
19888
19889
19890
19891
19892
19893
19894
19895
19896
19897
19898
19899
19900
19901
19902
19903
19904
19905
19906
19907
19908
19909
19910
19911
19912
19913
19914
19915
19916
19917
19918
19919
19920
19921
19922
19923
19924
19925
19926
19927
19928
19929
19930
19931
19932
19933
19934
19935
19936
19937
19938
19939
19940
19941
19942
19943
19944
19945
19946
19947
19948
19949
19950
19951
19952
19953
19954
19955
19956
19957
19958
19959
19960
19961
19962
19963
19964
19965
19966
19967
19968
19969
19970
19971
19972
19973
19974
19975
19976
19977
19978
19979
19980
19981
19982
19983
19984
19985
19986
19987
19988
19989
19990
19991
19992
19993
19994
19995
19996
19997
19998
19999
20000
20001
20002
20003
20004
20005
20006
20007
20008
20009
20010
20011
20012
20013
20014
20015
20016
20017
20018
20019
20020
20021
20022
20023
20024
20025
20026
20027
20028
20029
20030
20031
20032
20033
20034
20035
20036
20037
20038
20039
20040
20041
20042
20043
20044
20045
20046
20047
20048
20049
20050
20051
20052
20053
20054
20055
20056
20057
20058
20059
20060
20061
20062
20063
20064
20065
20066
20067
20068
20069
20070
20071
20072
20073
20074
20075
20076
20077
20078
20079
20080
20081
20082
20083
20084
20085
20086
20087
20088
20089
20090
20091
20092
20093
20094
20095
20096
20097
20098
20099
20100
20101
20102
20103
20104
20105
20106
20107
20108
20109
20110
20111
20112
20113
20114
20115
20116
20117
20118
20119
20120
20121
20122
20123
20124
20125
20126
20127
20128
20129
20130
20131
20132
20133
20134
20135
20136
20137
20138
20139
20140
20141
20142
20143
20144
20145
20146
20147
20148
20149
20150
20151
20152
20153
20154
20155
20156
20157
20158
20159
20160
20161
20162
20163
20164
20165
20166
20167
20168
20169
20170
20171
20172
20173
20174
20175
20176
20177
20178
20179
20180
20181
20182
20183
20184
20185
20186
20187
20188
20189
20190
20191
20192
20193
20194
20195
20196
20197
20198
20199
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20213
20214
20215
20216
20217
20218
20219
20220
20221
20222
20223
20224
20225
20226
20227
20228
20229
20230
20231
20232
20233
20234
20235
20236
20237
20238
20239
20240
20241
20242
20243
20244
20245
20246
20247
20248
20249
20250
20251
20252
20253
20254
20255
20256
20257
20258
20259
20260
20261
20262
20263
20264
20265
20266
20267
20268
20269
20270
20271
20272
20273
20274
20275
20276
20277
20278
20279
20280
20281
20282
20283
20284
20285
20286
20287
20288
20289
20290
20291
20292
20293
20294
20295
20296
20297
20298
20299
20300
20301
20302
20303
20304
20305
20306
20307
20308
20309
20310
20311
20312
20313
20314
20315
20316
20317
20318
20319
20320
20321
20322
20323
20324
20325
20326
20327
20328
20329
20330
20331
20332
20333
20334
20335
20336
20337
20338
20339
20340
20341
20342
20343
20344
20345
20346
20347
20348
20349
20350
20351
20352
20353
20354
20355
20356
20357
20358
20359
20360
20361
20362
20363
20364
20365
20366
20367
20368
20369
20370
20371
20372
20373
20374
20375
20376
20377
20378
20379
20380
20381
20382
20383
20384
20385
20386
20387
20388
20389
20390
20391
20392
20393
20394
20395
20396
20397
20398
20399
20400
20401
20402
20403
20404
20405
20406
20407
20408
20409
20410
20411
20412
20413
20414
20415
20416
20417
20418
20419
20420
20421
20422
20423
20424
20425
20426
20427
20428
20429
20430
20431
20432
20433
20434
20435
20436
20437
20438
20439
20440
20441
20442
20443
20444
20445
20446
20447
20448
20449
20450
20451
20452
20453
20454
20455
20456
20457
20458
20459
20460
20461
20462
20463
20464
20465
20466
20467
20468
20469
20470
20471
20472
20473
20474
20475
20476
20477
20478
20479
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
20510
20511
20512
20513
20514
20515
20516
20517
20518
20519
20520
20521
20522
20523
20524
20525
20526
20527
20528
20529
20530
20531
20532
20533
20534
20535
20536
20537
20538
20539
20540
20541
20542
20543
20544
20545
20546
20547
20548
20549
20550
20551
20552
20553
20554
20555
20556
20557
20558
20559
20560
20561
20562
20563
20564
20565
20566
20567
20568
20569
20570
20571
20572
20573
20574
20575
20576
20577
20578
20579
20580
20581
20582
20583
20584
20585
20586
20587
20588
20589
20590
20591
20592
20593
20594
20595
20596
20597
20598
20599
20600
20601
20602
20603
20604
20605
20606
20607
20608
20609
20610
20611
20612
20613
20614
20615
20616
20617
20618
20619
20620
20621
20622
20623
20624
20625
20626
20627
20628
20629
20630
20631
20632
20633
20634
20635
20636
20637
20638
20639
20640
20641
20642
20643
20644
20645
20646
20647
20648
20649
20650
20651
20652
20653
20654
20655
20656
20657
20658
20659
20660
20661
20662
20663
20664
20665
20666
20667
20668
20669
20670
20671
20672
20673
20674
20675
20676
20677
20678
20679
20680
20681
20682
20683
20684
20685
20686
20687
20688
20689
20690
20691
20692
20693
20694
20695
20696
20697
20698
20699
20700
20701
20702
20703
20704
20705
20706
20707
20708
20709
20710
20711
20712
20713
20714
20715
20716
20717
20718
20719
20720
20721
20722
20723
20724
20725
20726
20727
20728
20729
20730
20731
20732
20733
20734
20735
20736
20737
20738
20739
20740
20741
20742
20743
20744
20745
20746
20747
20748
20749
20750
20751
20752
20753
20754
20755
20756
20757
20758
20759
20760
20761
20762
20763
20764
20765
20766
20767
20768
20769
20770
20771
20772
20773
20774
20775
20776
20777
20778
20779
20780
20781
20782
20783
20784
20785
20786
20787
20788
20789
20790
20791
20792
20793
20794
20795
20796
20797
20798
20799
20800
20801
20802
20803
20804
20805
20806
20807
20808
20809
20810
20811
20812
20813
20814
20815
20816
20817
20818
20819
20820
20821
20822
20823
20824
20825
20826
20827
20828
20829
20830
20831
20832
20833
20834
20835
20836
20837
20838
20839
20840
20841
20842
20843
20844
20845
20846
20847
20848
20849
20850
20851
20852
20853
20854
20855
20856
20857
20858
20859
20860
20861
20862
20863
20864
20865
20866
20867
20868
20869
20870
20871
20872
20873
20874
20875
20876
20877
20878
20879
20880
20881
20882
20883
20884
20885
20886
20887
20888
20889
20890
20891
20892
20893
20894
20895
20896
20897
20898
20899
20900
20901
20902
20903
20904
20905
20906
20907
20908
20909
20910
20911
20912
20913
20914
20915
20916
20917
20918
20919
20920
20921
20922
20923
20924
20925
20926
20927
20928
20929
20930
20931
20932
20933
20934
20935
20936
20937
20938
20939
20940
20941
20942
20943
20944
20945
20946
20947
20948
20949
20950
20951
20952
20953
20954
20955
20956
20957
20958
20959
20960
20961
20962
20963
20964
20965
20966
20967
20968
20969
20970
20971
20972
20973
20974
20975
20976
20977
20978
20979
20980
20981
20982
20983
20984
20985
20986
20987
20988
20989
20990
20991
20992
20993
20994
20995
20996
20997
20998
20999
21000
21001
21002
21003
21004
21005
21006
21007
21008
21009
21010
21011
21012
21013
21014
21015
21016
21017
21018
21019
21020
21021
21022
21023
21024
21025
21026
21027
21028
21029
21030
21031
21032
21033
21034
21035
21036
21037
21038
21039
21040
21041
21042
21043
21044
21045
21046
21047
21048
21049
21050
21051
21052
21053
21054
21055
21056
21057
21058
21059
21060
21061
21062
21063
21064
21065
21066
21067
21068
21069
21070
21071
21072
21073
21074
21075
21076
21077
21078
21079
21080
21081
21082
21083
21084
21085
21086
21087
21088
21089
21090
21091
21092
21093
21094
21095
21096
21097
21098
21099
21100
21101
21102
21103
21104
21105
21106
21107
21108
21109
21110
21111
21112
21113
21114
21115
21116
21117
21118
21119
21120
21121
21122
21123
21124
21125
21126
21127
21128
21129
21130
21131
21132
21133
21134
21135
21136
21137
21138
21139
21140
21141
21142
21143
21144
21145
21146
21147
21148
21149
21150
21151
21152
21153
21154
21155
21156
21157
21158
21159
21160
21161
21162
21163
21164
21165
21166
21167
21168
21169
21170
21171
21172
21173
21174
21175
21176
21177
21178
21179
21180
21181
21182
21183
21184
21185
21186
21187
21188
21189
21190
21191
21192
21193
21194
21195
21196
21197
21198
21199
21200
21201
21202
21203
21204
21205
21206
21207
21208
21209
21210
21211
21212
21213
21214
21215
21216
21217
21218
21219
21220
21221
21222
21223
21224
21225
21226
21227
21228
21229
21230
21231
21232
21233
21234
21235
21236
21237
21238
21239
21240
21241
21242
21243
21244
21245
21246
21247
21248
21249
21250
21251
21252
21253
21254
21255
21256
21257
21258
21259
21260
21261
21262
21263
21264
21265
21266
21267
21268
21269
21270
21271
21272
21273
21274
21275
21276
21277
21278
21279
21280
21281
21282
21283
21284
21285
21286
21287
21288
21289
21290
21291
21292
21293
21294
21295
21296
21297
21298
21299
21300
21301
21302
21303
21304
21305
21306
21307
21308
21309
21310
21311
21312
21313
21314
21315
21316
21317
21318
21319
21320
21321
21322
21323
21324
21325
21326
21327
21328
21329
21330
21331
21332
21333
21334
21335
21336
21337
21338
21339
21340
21341
21342
21343
21344
21345
21346
21347
21348
21349
21350
21351
21352
21353
21354
21355
21356
21357
21358
21359
21360
21361
21362
21363
21364
21365
21366
21367
21368
21369
21370
21371
21372
21373
21374
21375
21376
21377
21378
21379
21380
21381
21382
21383
21384
21385
21386
21387
21388
21389
21390
21391
21392
21393
21394
21395
21396
21397
21398
21399
21400
21401
21402
21403
21404
21405
21406
21407
21408
21409
21410
21411
21412
21413
21414
21415
21416
21417
21418
21419
21420
21421
21422
21423
21424
21425
21426
21427
21428
21429
21430
21431
21432
21433
21434
21435
21436
21437
21438
21439
21440
21441
21442
21443
21444
21445
21446
21447
21448
21449
21450
21451
21452
21453
21454
21455
21456
21457
21458
21459
21460
21461
21462
21463
21464
21465
21466
21467
21468
21469
21470
21471
21472
21473
21474
21475
21476
21477
21478
21479
21480
21481
21482
21483
21484
21485
21486
21487
21488
21489
21490
21491
21492
21493
21494
21495
21496
21497
21498
21499
21500
21501
21502
21503
21504
21505
21506
21507
21508
21509
21510
21511
21512
21513
21514
21515
21516
21517
21518
21519
21520
21521
21522
21523
21524
21525
21526
21527
21528
21529
21530
21531
21532
21533
21534
21535
21536
21537
21538
21539
21540
21541
21542
21543
21544
21545
21546
21547
21548
21549
21550
21551
21552
21553
21554
21555
21556
21557
21558
21559
21560
21561
21562
21563
21564
21565
21566
21567
21568
21569
21570
21571
21572
21573
21574
21575
21576
21577
21578
21579
21580
21581
21582
21583
21584
21585
21586
21587
21588
21589
21590
21591
21592
21593
21594
21595
21596
21597
21598
21599
21600
21601
21602
21603
21604
21605
21606
21607
21608
21609
21610
21611
21612
21613
21614
21615
21616
21617
21618
21619
21620
21621
21622
21623
21624
21625
21626
21627
21628
21629
21630
21631
21632
21633
21634
21635
21636
21637
21638
21639
21640
21641
21642
21643
21644
21645
21646
21647
21648
21649
21650
21651
21652
21653
21654
21655
21656
21657
21658
21659
21660
21661
21662
21663
21664
21665
21666
21667
21668
21669
21670
21671
21672
21673
21674
21675
21676
21677
21678
21679
21680
21681
21682
21683
21684
21685
21686
21687
21688
21689
21690
21691
21692
21693
21694
21695
21696
21697
21698
21699
21700
21701
21702
21703
21704
21705
21706
21707
21708
21709
21710
21711
21712
21713
21714
21715
21716
21717
21718
21719
21720
21721
21722
21723
21724
21725
21726
21727
21728
21729
21730
21731
21732
21733
21734
21735
21736
21737
21738
21739
21740
21741
21742
21743
21744
21745
21746
21747
21748
21749
21750
21751
21752
21753
21754
21755
21756
21757
21758
21759
21760
21761
21762
21763
21764
21765
21766
21767
21768
21769
21770
21771
21772
21773
21774
21775
21776
21777
21778
21779
21780
21781
21782
21783
21784
21785
21786
21787
21788
21789
21790
21791
21792
21793
21794
21795
21796
21797
21798
21799
21800
21801
21802
21803
21804
21805
21806
21807
21808
21809
21810
21811
21812
21813
21814
21815
21816
21817
21818
21819
21820
21821
21822
21823
21824
21825
21826
21827
21828
21829
21830
21831
21832
21833
21834
21835
21836
21837
21838
21839
21840
21841
21842
21843
21844
21845
21846
21847
21848
21849
21850
21851
21852
21853
21854
21855
21856
21857
21858
21859
21860
21861
21862
21863
21864
21865
21866
21867
21868
21869
21870
21871
21872
21873
21874
21875
21876
21877
21878
21879
21880
21881
21882
21883
21884
21885
21886
21887
21888
21889
21890
21891
21892
21893
21894
21895
21896
21897
21898
21899
21900
21901
21902
21903
21904
21905
21906
21907
21908
21909
21910
21911
21912
21913
21914
21915
21916
21917
21918
21919
21920
21921
21922
21923
21924
21925
21926
21927
21928
21929
21930
21931
21932
21933
21934
21935
21936
21937
21938
21939
21940
21941
21942
21943
21944
21945
21946
21947
21948
21949
21950
21951
21952
21953
21954
21955
21956
21957
21958
21959
21960
21961
21962
21963
21964
21965
21966
21967
21968
21969
21970
21971
21972
21973
21974
21975
21976
21977
21978
21979
21980
21981
21982
21983
21984
21985
21986
21987
21988
21989
21990
21991
21992
21993
21994
21995
21996
21997
21998
21999
22000
22001
22002
22003
22004
22005
22006
22007
22008
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22019
22020
22021
22022
22023
22024
22025
22026
22027
22028
22029
22030
22031
22032
22033
22034
22035
22036
22037
22038
22039
22040
22041
22042
22043
22044
22045
22046
22047
22048
22049
22050
22051
22052
22053
22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
22064
22065
22066
22067
22068
22069
22070
22071
22072
22073
22074
22075
22076
22077
22078
22079
22080
22081
22082
22083
22084
22085
22086
22087
22088
22089
22090
22091
22092
22093
22094
22095
22096
22097
22098
22099
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22111
22112
22113
22114
22115
22116
22117
22118
22119
22120
22121
22122
22123
22124
22125
22126
22127
22128
22129
22130
22131
22132
22133
22134
22135
22136
22137
22138
22139
22140
22141
22142
22143
22144
22145
22146
22147
22148
22149
22150
22151
22152
22153
22154
22155
22156
22157
22158
22159
22160
22161
22162
22163
22164
22165
22166
22167
22168
22169
22170
22171
22172
22173
22174
22175
22176
22177
22178
22179
22180
22181
22182
22183
22184
22185
22186
22187
22188
22189
22190
22191
22192
22193
22194
22195
22196
22197
22198
22199
22200
22201
22202
22203
22204
22205
22206
22207
22208
22209
22210
22211
22212
22213
22214
22215
22216
22217
22218
22219
22220
22221
22222
22223
22224
22225
22226
22227
22228
22229
22230
22231
22232
22233
22234
22235
22236
22237
22238
22239
22240
22241
22242
22243
22244
22245
22246
22247
22248
22249
22250
22251
22252
22253
22254
22255
22256
22257
22258
22259
22260
22261
22262
22263
22264
22265
22266
22267
22268
22269
22270
22271
22272
22273
22274
22275
22276
22277
22278
22279
22280
22281
22282
22283
22284
22285
22286
22287
22288
22289
22290
22291
22292
22293
22294
22295
22296
22297
22298
22299
22300
22301
22302
22303
22304
22305
22306
22307
22308
22309
22310
22311
22312
22313
22314
22315
22316
22317
22318
22319
22320
22321
22322
22323
22324
22325
22326
22327
22328
22329
22330
22331
22332
22333
22334
22335
22336
22337
22338
22339
22340
22341
22342
22343
22344
22345
22346
22347
22348
22349
22350
22351
22352
22353
22354
22355
22356
22357
22358
22359
22360
22361
22362
22363
22364
22365
22366
22367
22368
22369
22370
22371
22372
22373
22374
22375
22376
22377
22378
22379
22380
22381
22382
22383
22384
22385
22386
22387
22388
22389
22390
22391
22392
22393
22394
22395
22396
22397
22398
22399
22400
22401
22402
22403
22404
22405
22406
22407
22408
22409
22410
22411
22412
22413
22414
22415
22416
22417
22418
22419
22420
22421
22422
22423
22424
22425
22426
22427
22428
22429
22430
22431
22432
22433
22434
22435
22436
22437
22438
22439
22440
22441
22442
22443
22444
22445
22446
22447
22448
22449
22450
22451
22452
22453
22454
22455
22456
22457
22458
22459
22460
22461
22462
22463
22464
22465
22466
22467
22468
22469
22470
22471
22472
22473
22474
22475
22476
22477
22478
22479
22480
22481
22482
22483
22484
22485
22486
22487
22488
22489
22490
22491
22492
22493
22494
22495
22496
22497
22498
22499
22500
22501
22502
22503
22504
22505
22506
22507
22508
22509
22510
22511
22512
22513
22514
22515
22516
22517
22518
22519
22520
22521
22522
22523
22524
22525
22526
22527
22528
22529
22530
22531
22532
22533
22534
22535
22536
22537
22538
22539
22540
22541
22542
22543
22544
22545
22546
22547
22548
22549
22550
22551
22552
22553
22554
22555
22556
22557
22558
22559
22560
22561
22562
22563
22564
22565
22566
22567
22568
22569
22570
22571
22572
22573
22574
22575
22576
22577
22578
22579
22580
22581
22582
22583
22584
22585
22586
22587
22588
22589
22590
22591
22592
22593
22594
22595
22596
22597
22598
22599
22600
22601
22602
22603
22604
22605
22606
22607
22608
22609
22610
22611
22612
22613
22614
22615
22616
22617
22618
22619
22620
22621
22622
22623
22624
22625
22626
22627
22628
22629
22630
22631
22632
22633
22634
22635
22636
22637
22638
22639
22640
22641
22642
22643
22644
22645
22646
22647
22648
22649
22650
22651
22652
22653
22654
22655
22656
22657
22658
22659
22660
22661
22662
22663
22664
22665
22666
22667
22668
22669
22670
22671
22672
22673
22674
22675
22676
22677
22678
22679
22680
22681
22682
22683
22684
22685
22686
22687
22688
22689
22690
22691
22692
22693
22694
22695
22696
22697
22698
22699
22700
22701
22702
22703
22704
22705
22706
22707
22708
22709
22710
22711
22712
22713
22714
22715
22716
22717
22718
22719
22720
22721
22722
22723
22724
22725
22726
22727
22728
22729
22730
22731
22732
22733
22734
22735
22736
22737
22738
22739
22740
22741
22742
22743
22744
22745
22746
22747
22748
22749
22750
22751
22752
22753
22754
22755
22756
22757
22758
22759
22760
22761
22762
22763
22764
22765
22766
22767
22768
22769
22770
22771
22772
22773
22774
22775
22776
22777
22778
22779
22780
22781
22782
22783
22784
22785
22786
22787
22788
22789
22790
22791
22792
22793
22794
22795
22796
22797
22798
22799
22800
22801
22802
22803
22804
22805
22806
22807
22808
22809
22810
22811
22812
22813
22814
22815
22816
22817
22818
22819
22820
22821
22822
22823
22824
22825
22826
22827
22828
22829
22830
22831
22832
22833
22834
22835
22836
22837
22838
22839
22840
22841
22842
22843
22844
22845
22846
22847
22848
22849
22850
22851
22852
22853
22854
22855
22856
22857
22858
22859
22860
22861
22862
22863
22864
22865
22866
22867
22868
22869
22870
22871
22872
22873
22874
22875
22876
22877
22878
22879
22880
22881
22882
22883
22884
22885
22886
22887
22888
22889
22890
22891
22892
22893
22894
22895
22896
22897
22898
22899
22900
22901
22902
22903
22904
22905
22906
22907
22908
22909
22910
22911
22912
22913
22914
22915
22916
22917
22918
22919
22920
22921
22922
22923
22924
22925
22926
22927
22928
22929
22930
22931
22932
22933
22934
22935
22936
22937
ChangeLog :
===========

2024/06/10 : 3.0.1
    - BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
    - BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
    - BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
    - DOC: configuration: add an example for keywords from crt-store
    - BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
    - BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
    - MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
    - BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
    - BUG/MINOR: quic: prevent crash on qc_kill_conn()
    - CLEANUP: hlua: use hlua_pusherror() where relevant
    - BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
    - BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
    - BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
    - BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
    - CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
    - BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
    - BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
    - BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
    - BUG/MINOR: quic: fix computed length of emitted STREAM frames
    - BUG/MINOR: quic: ensure Tx buf is always purged
    - BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
    - BUG/MAJOR: mux-h1:  Properly copy chunked input data during zero-copy nego
    - BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag

2024/05/29 : 3.0.0
    - MINOR: sample: implement the uptime sample fetch
    - CI: scripts: fix build of vtest regarding option -C
    - CI: scripts: build vtest using multiple CPUs
    - MINOR: log: rename 'log-format tag' to 'log-format alias'
    - DOC: config: document logformat item naming and typecasting features
    - BUILD: makefile: yearly reordering of objects by build time
    - BUILD: fd: errno is also needed without poll()
    - DOC: config: fix two typos "RST_STEAM" vs "RST_STREAM"
    - DOC: config: refer to the non-deprecated keywords in ocsp-update on/off
    - DOC: streamline http-reuse and connection naming definition
    - REGTESTS: complete http-reuse test with pool-conn-name
    - DOC: config: add %ID logformat alias alternative
    - CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp
    - BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
    - CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat
    - BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
    - CI: github: upgrade the WolfSSL job to 5.7.0
    - DOC: install: update quick build reminders with some missing options
    - DOC: install: update the range of tested openssl version to cover 3.3
    - DEV: patchbot: prepare for new version 3.1-dev
    - MINOR: version: mention that it's 3.0 LTS now.

2024/05/24 : 3.0-dev13
    - CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf
    - MINOR: ssl: check parameter in ckch_conf_cmp()
    - BUG/MINOR: ring: free ring's allocated area not ring's usable area when using maps
    - DOC: configuration: rework the crt-store load documentation
    - DEBUG: tools: add vma_set_name() helper
    - DEBUG: shctx: name shared memory using vma_set_name()
    - DEBUG: sink: add name hint for memory area used by memory-backed sinks
    - DEBUG: pollers: add name hint for large memory areas used by pollers
    - DEBUG: errors: add name hint for startup-logs memory area
    - DEBUG: fd: add name hint for large memory areas
    - MEDIUM: ssl: don't load file by discovering them in crt-store
    - DOC: configuration: update the crt-list documentation
    - DOC: configuration: add the supported crt-store options in crt-list
    - BUG/MEDIUM: proto: fix fd leak in <proto>_connect_server
    - MINOR: sock: set conn->err_code in case of EPERM
    - BUG/MINOR: http-ana: Don't crush stream termination condition on internal error
    - MAJOR: spoe: Let the SPOE back into the game
    - BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
    - BUG/MINOR: server: free PROXY v2 TLVs on srv drop
    - MINOR: rhttp: add log on connection allocation failure
    - BUG/MEDIUM: rhttp: fix preconnect on single-thread
    - BUG/MINOR: rhttp: prevent listener suspend
    - BUG/MINOR: rhttp: fix task_wakeup state
    - MINOR: session: define flag to explicitely release listener on free
    - MEDIUM: rhttp: create session for active preconnect
    - MINOR: rhttp: support PROXY emission on preconnect
    - MINOR: connection: support PROXY v2 TLV emission without stream
    - MINOR: traces: enumerate the list of levels/verbosities when not found
    - BUG/MINOR: sock: fix sock_create_server_socket
    - MINOR: proto: fix coding style
    - BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)
    - REGTESTS: scripts: allow to change the vtest timeout
    - BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
    - CI: scripts/build-ssl.sh: loudly fail on unsupported platforms
    - BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream
    - MINOR: mux-quic: Set abort info for SC-less QCS on STOP_SENDING frame
    - CI: scripts/build-ssl: add a DESTDIR and TMPDIR variable
    - CI: scripts/buil-ssl: cleanup the boringssl and quictls build
    - MINOR: config: add thread-hard-limit to set an upper bound to nbthread
    - BUILD: quic: fix unused variable warning when threads are disabled
    - BUG/MEDIUM: stick-tables: Fix race with peers when trashing oldest entries
    - BUG/MEDIUM: stick-tables: Fix race with peers when killing a sticky session
    - BUG/MEDIUM: stick-tables: make sure never to create two same remote entries
    - CLEANUP: stick-tables: remove a few unneeded tests for use_wrlock
    - MINOR: stick-tables: remove the uneeded read lock in stksess_free()
    - CLEANUP: tools: fix vma_set_name() function comment
    - DEBUG: tools: add vma_set_name_id() helper
    - DEBUG: pollers/fd: add thread id suffix to per-thread memory areas name hints
    - DOC: config: fix aes_gcm_enc() description text
    - BUILD: trace: fix warning on null dereference
    - MEDIUM: config: prevent communication with privileged ports
    - MAJOR: config: prevent QUIC with clients privileged port by default
    - BUG/MINOR: quic: adjust restriction for stateless reset emission
    - MINOR: quic: clarify doc for quic_recv()
    - MINOR: server: generalize sni expr parsing
    - MINOR: server: define pool-conn-name keyword
    - MEDIUM: connection: use pool-conn-name instead of sni on reuse
    - BUG/MINOR: rhttp: initialize session origin after preconnect reversal
    - BUG/MEDIUM: server/dns: preserve server's port upon resolution timeout or error
    - BUG/MINOR: http-htx: Support default path during scheme based normalization
    - BUG/MINOR: server: Don't reset resolver options on a new default-server line
    - DOC: quic: specify that connection migration is not supported
    - DOC: config: fix incorrect section reference about custom log format
    - DOC: config: uniformize the naming and description of custom log format args
    - DOC: config: clarify the fact that custom log format is not just for logging
    - REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs

2024/05/18 : 3.0-dev12
    - CI: drop asan.log umbrella completely
    - BUG/MINOR: log: fix leak in add_sample_to_logformat_list() error path
    - BUG/MINOR: log: smp_rgs array issues with inherited global log directives
    - MINOR: rhttp: Don't require SSL when attach-srv name parsing
    - REGTESTS: ssl: be more verbose with ocsp_compat_check.vtc
    - DOC: Update UUID references to RFC 9562
    - MINOR: hlua: add hlua_nb_instruction getter
    - MEDIUM: hlua: take nbthread into account in hlua_get_nb_instruction()
    - BUG/MEDIUM: server: clear purgeable conns before server deletion
    - BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3
    - BUG/MINOR: qpack: fix error code reported on QPACK decoding failure
    - BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
    - BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
    - SCRIPTS: run-regtests: fix a few occurrences of extended regexes
    - BUG/MINOR: ssl_sock: fix xprt_set_used() to properly clear the TASK_F_USR1 bit
    - MINOR: dynbuf: provide a b_dequeue() variant for multi-thread
    - BUG/MEDIUM: muxes: enforce buf_wait check in takeover()
    - BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found
    - BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme
    - BUG/MAJOR: h1: Be stricter on request target validation during message parsing
    - MINOR: qpack: prepare error renaming
    - MINOR: h3/qpack: adjust naming for errors
    - MINOR: h3: adjust error reporting on sending
    - MINOR: h3: adjust error reporting on receive
    - MINOR: mux-quic: support glitches
    - MINOR: h3: report glitch on RFC violation
    - BUILD: stick-tables: better mark the stktable_data as 32-bit aligned
    - MINOR: ssl: rename tune.ssl.ocsp-update.mode in ocsp-update.mode
    - REGTESTS: update the ocsp-update tests
    - BUILD: stats: remove non portable getline() usage
    - MEDIUM: ssl: add ocsp-update.mindelay and ocsp-update.maxdelay
    - BUILD: log: get rid of non-portable strnlen() func
    - BUG/MEDIUM: fd: prevent memory waste in fdtab array
    - CLEANUP: compat: make the MIN/MAX macros more reliable
    - Revert: MEDIUM: evports: permit to report multiple events at once"
    - BUG/MINOR: stats: Don't state the 303 redirect response is chunked
    - MINOR: mux-h1: Add a flag to ignore the request payload
    - REORG: mux-h1: Group H1S_F_BODYLESS_* flags
    - CLEANUP: mux-h1: Remove unused H1S_F_ERROR_MASK mask value
    - MEDIUM: mux-h1: Support C-L/T-E header suppressions when sending messages
    - MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf
    - MEDIUM: ssl/crtlist: loading crt-store keywords from a crt-list
    - CLEANUP: ssl/ocsp: remove the deprecated parsing code for "ocsp-update"
    - MINOR: ssl: pass ckch_store instead of ckch_data to ssl_sock_load_ocsp()
    - MEDIUM: ssl: ckch_conf_parse() uses -1/0/1 for off/default/on
    - MINOR: ssl: handle PARSE_TYPE_INT and PARSE_TYPE_ONOFF in ckch_store_load_files()
    - MINOR: ssl/ocsp: use 'ocsp-update' in crt-store
    - MINOR: ssl: ckch_conf_clean() utility function for ckch_conf
    - MEDIUM: ssl: add ocsp-update.disable global option
    - MEDIUM: ssl/cli: handle crt-store keywords in crt-list over the CLI
    - MINOR: ssl: ckch_conf_cmp() compare multiple ckch_conf structures
    - MEDIUM: ssl: temporarily load files by detecting their presence in crt-store
    - REGTESTS: ocsp-update: change the reg-test to support the new crt-store mode
    - DOC: capabilities: fix chapter header rendering

2024/05/10 : 3.0-dev11
    - BUILD: clock: improve check for pthread_getcpuclockid()
    - CI: add Illumos scheduled workflow
    - CI: netbsd: limit scheduled workflow to parent repo only
    - OPTIM: log: resolve logformat options during postparsing
    - BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
    - REGTEST: add tests for acl() sample fetch
    - BUG/MINOR: acl: support built-in ACLs with acl() sample
    - BUG/MINOR: cfgparse: use curproxy global var from config post validation
    - MEDIUM: stconn/muxes: Add an abort reason for SE shutdowns on muxes
    - MINOR: mux-h2: Set the SE abort reason when a RST_STREAM frame is received
    - MEDIUM: mux-h2: Forward h2 client cancellations to h2 servers
    - MINOR: mux-quic: Set tha SE abort reason when a STOP_SENDING frame is received
    - MINOR: stconn: Add samples to retrieve about stream aborts
    - MINOR: mux-quic: Add .ctl callback function to get info about a mux connection
    - MINOR: muxes: Add ctl commands to get info on streams for a connection
    - MINOR: connection: Add samples to retrieve info on streams for a connection
    - BUG/MEDIUM: log/ring: broken syslog octet counting
    - BUG/MEDIUM: mux-quic: fix crash on STOP_SENDING received without SD
    - DOC: lua: fix filters.txt file location
    - MINOR: dynbuf: pass a criticality argument to b_alloc()
    - MINOR: dynbuf: add functions to help queue/requeue buffer_wait fields
    - MINOR: dynbuf: use the b_queue()/b_requeue() functions everywhere
    - MEDIUM: dynbuf: make the buffer_wq an array of list heads
    - CLEANUP: tinfo: better align fields in thread_ctx
    - MINOR: dynbuf: provide a b_dequeue() function to detach a bw from the queue
    - MEDIUM: dynbuf: generalize the use of b_dequeue() to detach buffer_wait
    - MEDIUM: dynbuf/stream: re-enable queueing upon failed buffer allocation
    - MEDIUM: dynbuf/stream: do not allocate the buffers in the callback
    - MEDIUM: applet: make appctx_buf_available() only wake the applet up, not allocate
    - MINOR: applet: set the blocking flag in the buffer allocation function
    - MINOR: applet: adjust the allocation criticity based on the requested buffer
    - MINOR: dynbuf/mux-h1: use different criticalities for buffer allocations
    - MEDIUM: dynbuf/mux-h1: do not allocate the buffers in the callback
    - MEDIUM: dynbuf: refrain from offering a buffer if more critical ones are waiting
    - MINOR: stconn: report that a buffer allocation succeeded
    - MINOR: stream: report that a buffer allocation succeeded
    - MINOR: applet: report about buffer allocation success
    - MINOR: mux-h1: report that a buffer allocation succeeded
    - MEDIUM: stream: allocate without queuing when retrying
    - MEDIUM: channel: allocate without queuing when retrying
    - MEDIUM: mux-h1: allocate without queuing when retrying
    - MEDIUM: dynbuf: implement emergency buffers
    - MEDIUM: dynbuf: use emergency buffers upon failed memory allocations

2024/05/04 : 3.0-dev10
    - BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
    - REGTESTS: cache: Add test on 'vary' other than accept-encoding
    - BUG/MINOR: stats: replace objt_* by __objt_* macros
    - CLEANUP: tools/cbor: rename cbor_encode_ctx struct members
    - MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx
    - BUG/MINOR: log: fix global lf_expr node options behavior
    - CLEANUP: log: add a macro to know if a lf_node is configurable
    - MINOR: httpclient: allow to use absolute URI with new flag HC_F_HTTPROXY
    - MINOR: ssl: introduce ocsp_update.http_proxy for ocsp-update keyword
    - BUG/MINOR: log/encode: consider global options for key encoding
    - BUG/MINOR: log/encode: fix potential NULL-dereference in LOGCHAR()
    - BUG/MINOR: log: fix global lf_expr node options behavior (2nd try)
    - MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx (again)
    - BUG/MEDIUM: log: don't ignore disabled node's options
    - BUG/MINOR: stconn: don't wake up an applet waiting on buffer allocation
    - MINOR: sock: rename sock to sock_fd in sock_create_server_socket
    - MEDIUM: proto_uxst: take in account server namespace
    - MEIDUM: unix sock: use my_socketat to create bind socket
    - MINOR: sock_set_mark: take sock family in account
    - MEDIUM: proto: make common fd checks in sock_create_server_socket
    - MINOR: sock: add EPERM case in sock_handle_system_err
    - MINOR: capabilities: add cap_sys_admin support
    - CLEANUP: ssl: clean the includes in ssl_ocsp.c
    - CLEANUP: ssl: move the global ocsp-update options parsing to ssl_ocsp.c
    - MINOR: stats: fix visual alignment for stat_cols_px definition
    - MINOR: stats: convert req_tot as generic column
    - MINOR: stats: prepare stats-file support for values other than FN_COUNTER
    - MINOR: counters: move freq-ctr from proxy/server into counters struct
    - MINOR: stats: support rate in stats-file
    - MINOR: stats: convert rate as generic column for proxy stats
    - MINOR: counters: move last_change into counters struct
    - MINOR: stats: support age in stats-file
    - MINOR: stats: convert age as generic column for proxy stat
    - CLEANUP: ssl: rename new_ckch_store_load_files_path() to ckch_store_new_load_files_path()
    - MINOR: ssl: rename ocsp_update.http_proxy into ocsp-update.httpproxy
    - REORG: stats: define stats-proxy source module
    - MINOR: stats: extract proxy clear-counter in a dedicated function
    - REGTESTS: stats: add test stats-file counters preload
    - CI: netbsd: adjust packages after NetBSD-10 released
    - CLEANUP: assorted typo fixes in the code and comments
    - REGTESTS: replace REQUIRE_VERSION by version_atleast
    - MEDIUM: log: optimizing tmp->type handling in sess_build_logline()
    - BUG/MINOR: log: prevent double spaces emission in sess_build_logline()
    - OPTIM: log: declare empty buffer as global variable
    - OPTIM: log: use thread local lf_buildctx to stop pushing it on the stack
    - OPTIM: log: use lf_buildctx's buffer instead of temporary stack buffers
    - OPTIM: log: speedup date printing in sess_build_logline() when no encoding is used

2024/04/27 : 3.0-dev9
    - BUILD: ssl: use %zd for sizeof() in ssl_ckch.c
    - MINOR: backend: use be_counters for health down accounting
    - BUG/MINOR: backend: use cum_sess counters instead of cum_conn
    - BUG/MINOR: stats: fix stot metric for listeners
    - REGTESTS: use -dI for insecure fork by default in the regtest scripts
    - MINOR: stats: rename proxy stats
    - MINOR: stats: rename ambiguous stat_l and stat_count
    - MINOR: stats: rename info stats
    - MINOR: stats: use stricter naming stats/field/line
    - MINOR: stats: use STAT_F_* prefix for flags
    - BUG/MEDIUM: applet: Let's applets decide if they have more data to deliver
    - BUILD: stick-tables: silence build warnings when threads are disabled
    - MINOR: tools: Rename `ha_generate_uuid` to `ha_generate_uuid_v4`
    - MINOR: Add `ha_generate_uuid_v7`
    - MINOR: Add support for UUIDv7 to the `uuid` sample fetch
    - MEDIUM: shctx: Naming shared memory context
    - BUG/MINOR: h1: fix detection of upper bytes in the URI
    - MINOR: intops: add a pair of functions to check multi-byte ranges
    - TESTS: add a unit test for the multi-byte range checks
    - CLEANUP: h1: make use of the multi-byte matching functions
    - REGTESTS: ssl: Remove "sleep" calls from ocsp auto update test
    - BUG/MEDIUM: peers: Automatically start to learn on local peer
    - BUG/MEDIUM: peers: Reprocess peer state after all session shutdowns
    - MINOR: peers: Remove unused PEERS_F_RESYNC_REQUESTED flag
    - MINOR: peers: Don't set TEACH flags on a peer from the sync task
    - MINOR: peers: Use a peer flag to block the applet waiting ack of the sync task
    - BUG/MEDIUM: peers: Wait for sync task ack when a resynchro is finished
    - MINOR: peers: Remove unused PEERS_F_RESYNC_PROCESS flag
    - MINOR: applet: Add a function to know the side where an applet was created
    - MEDIUM: peers: Simplify the peer flags dealing with the connection state
    - MEDIUM: peers: Use true states for the peer applets as seen from outside
    - MEDIUM: peers: Use true states for the learn state of a peer
    - MINOR: peers: Start learning for local peer before receiving messages
    - MINOR: peers: Rename PEERS_F_TEACH_COMPLETE to PEERS_F_LOCAL_TEACH_COMPLETE
    - MINOR: peers: Reorder and slightly rename PEER flags
    - MINOR: peers: Reorder and rename PEERS flags
    - REORG: peers: Move peer and peers flags in the corresponding header file
    - DEV: flags/peers: Decode PEER and PEERS flags
    - MINOR: peers: Add comment on processing functions of the sync task
    - MINOR: peers: Use a static variable to wait a resync on reload
    - BUG/MEDIUM: peers: Use atomic operations on peers flags when necessary
    - REORG: peers: Rename all occurrences to 'ps' variable
    - BUG/MINOR: peers: Don't wait for a remote resync if there no remote peer
    - MINOR: stats: update ambiguous "metrics" naming to "stat_cols"
    - MINOR: stats: introduce a more expressive stat definition method
    - MINOR: stats: implement automatic metric generation from stat_col
    - MINOR: stats: hide some columns in output
    - MEDIUM: stats: convert counters to new column definition
    - MINOR: stats: define stats-file output format support
    - MEDIUM: stats: implement dump stats-file CLI
    - MINOR: ist: define iststrip() new function
    - MINOR: guid: define guid_is_valid_fmt()
    - MINOR: stats: apply stats-file on process startup
    - MINOR: stats: parse header lines from stats-file
    - MINOR: stats: parse values from stats-file
    - MEDIUM: stats: define stats-file keyword
    - BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null
    - CLEANUP: log: remove unused checks for encode_{chunk,string}
    - MINOR: log: store lf_expr nodes inside substruct
    - MINOR: log: global lf_expr node options
    - CLEANUP: log: simplify complex values usages in sess_build_logline()
    - MINOR: log: skip custom logformat_node name if empty
    - MINOR: log: add lf_int() wrapper to print integers
    - MINOR: log: add lf_rawtext{_len}() functions
    - MEDIUM: log: pass date strings to lf_rawtext()
    - MEDIUM: log: write raw strings using lf_rawtext()
    - MEDIUM: log: use lf_rawtext for lf_ip() and lf_port() hex strings
    - MINOR: log: explicitly handle %ts and %tsc as text strings
    - MINOR: log: use LOG_VARTEXT_{START,END} to enclose text strings
    - MINOR: log: make all lf_* sess build helper static
    - MINOR: log: merge lf_encode_string() and lf_encode_chunk() logic
    - MEDIUM: log: lf_* build helpers now take a ctx argument
    - MINOR: log: expose node typecast in lf_buildctx struct
    - MINOR: log: postpone conversion for sample expressions in sess_build_logline()
    - MINOR: log: add LOG_OPT_NONE flag
    - MINOR: log: add no_escape_map to bypass escape with _lf_encode_bytes()
    - MINOR: log: add +bin logformat node option
    - MINOR: log: add +json encoding option
    - MINOR: tools: add cbor encode helpers
    - MINOR: log: add +cbor encoding option
    - MINOR: log: support true cbor binary encoding
    - CLEANUP: dynbuf: move the reserve and limit parsers to dynbuf.c
    - MINOR: list: add a macro to detect that a list contains at most one element
    - MINOR: cli/wait: rename the condition "srv-unused" to "srv-removable"

2024/04/19 : 3.0-dev8
    - BUG/MINOR: cli: Don't warn about a too big command for incomplete commands
    - BUG/MINOR: listener: always assign distinct IDs to shards
    - BUG/MINOR: log: fix lf_text_len() truncate inconsistency
    - BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
    - BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
    - CLEANUP: log: lf_text_len() returns a pointer not an integer
    - MINOR: quic: simplify qc_send_hdshk_pkts() return
    - MINOR: quic: uniformize sending methods for handshake
    - MINOR: quic: improve sending API on retransmit
    - MINOR: quic: use qc_send_hdshk_pkts() in handshake IO cb
    - MEDIUM: quic: remove duplicate hdshk/app send functions
    - OPTIM: quic: do not call qc_send() if nothing to emit
    - OPTIM: quic: do not call qc_prep_pkts() if everything sent
    - BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
    - BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
    - BUILD: makefile: warn about unknown USE_* variables
    - BUILD: makefile: support USE_xxx=0 as well
    - BUG/MINOR: guid: fix crash on invalid guid name
    - BUILD: atomic: fix peers build regression on gcc < 4.7 after recent changes
    - BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
    - BUILD: cache: fix non-inline vs inline declaration mismatch to silence a warning
    - BUILD: debug: make DEBUG_STRICT=1 the default
    - BUILD: pools: make DEBUG_MEMORY_POOLS=1 the default option
    - CI: update the build options to get rid of unneeded DEBUG options
    - BUILD: makefile: get rid of the config CFLAGS variable
    - BUILD: makefile: allow to use CFLAGS to append build options
    - BUILD: makefile: drop the SMALL_OPTS settings
    - BUILD: makefile: move -O2 from CPU_CFLAGS to OPT_CFLAGS
    - BUILD: makefile: get rid of the CPU variable
    - BUILD: makefile: drop the ARCH variable and better document ARCH_FLAGS
    - BUILD: makefile: extract ARCH_FLAGS out of LDFLAGS
    - BUILD: makefile: move the fwrapv option to STD_CFLAGS
    - BUILD: makefile: make the ERR variable also support 0
    - BUILD: makefile: add FAILFAST to select the -Wfatal-errors behavior
    - BUILD: makefile: extract -Werror/-Wfatal-errors from automatic CFLAGS
    - BUILD: makefile: split WARN_CFLAGS from SPEC_CFLAGS
    - BUILD: makefile: rename SPEC_CFLAGS to NOWARN_CFLAGS
    - BUILD: makefile: do not pass warnings to VERBOSE_CFLAGS
    - BUILD: makefile: also drop DEBUG_CFLAGS
    - CLEANUP: makefile: make the output of the "opts" target more readable
    - DOC: install: clarify the build process by splitting it into subsections
    - BUG/MINOR: server: fix slowstart behavior
    - BUG/MEDIUM: cache/stats: Handle inbuf allocation failure in the I/O handler
    - MINOR: ssl: add the section parser for 'crt-store'
    - DOC: configuration: Add 3.12 Certificate Storage
    - REGTESTS: ssl: test simple case of crt-store
    - MINOR: ssl: rename ckchs_load_cert_file to new_ckch_store_load_files_path
    - MINOR: ssl/crtlist: alloc ssl_conf only when a valid keyword is found
    - BUG/MEDIUM: stick-tables: fix the task's next expiration date
    - CLEANUP: stick-tables: always respect the to_batch limit when trashing
    - BUG/MEDIUM: peers/trace: fix crash when listing event types
    - BUG/MAJOR: stick-tables: fix race with peers in entry expiration
    - DEBUG: pool: improve decoding of corrupted pools
    - REORG: pool: move the area dump with symbol resolution to tools.c
    - DEBUG: pools: report the data around the offending area in case of mismatch
    - MINOR: listener/protocol: add proto name in alerts
    - MINOR: proto_quic: add proto name in alert
    - BUG/MINOR: lru: fix the standalone test case for invalid revision
    - DOC: management: fix typos
    - CI: revert kernel addr randomization introduced in 3a0fc864
    - MINOR: ring: clarify the usage of ring_size() and add ring_allocated_size()
    - BUG/MAJOR: ring: use the correct size to reallocate startup_logs
    - MINOR: ring: always check that the old ring fits in the new one in ring_dup()
    - CLEANUP: ssl: remove dead code in cfg_parse_crtstore()
    - MINOR: ssl: supports crt-base in crt-store
    - MINOR: ssl: 'key-base' allows to load a 'key' from a specific path
    - MINOR: net_helper: Add support for floats/doubles.
    - BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses
    - MINOR: peers: Split resync process function to separate running/stopping states
    - MINOR: peers: Add 2 peer flags about the peer learn status
    - MINOR: peers: Add flags to report the peer state to the resync task
    - MINOR: peers: sligthly adapt part processing the stopping signal
    - MINOR: peers: Add functions to commit peer changes from the resync task
    - BUG/MINOR: peers: Report a resync was explicitly requested from a thread-safe manner
    - BUG/MAJOR: peers: Update peers section state from a thread-safe manner
    - MEDIUM: peers: Only lock one peer at a time in the sync process function
    - MINOR: peer: Restore previous peer flags value to ease debugging
    - BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
    - BUILD: cache: fix a build warning with gcc < 7
    - BUILD: xxhash: silence a build warning on Solaris + gcc-5.5
    - CI: reduce ASAN log redirection umbrella size
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MEDIUM: evports: do not clear returned events list on signal
    - MEDIUM: evports: permit to report multiple events at once
    - MEDIUM: ssl: support aliases in crt-store
    - BUG/MINOR: ssl: check on forbidden character on wrong value
    - BUG/MINOR: ssl: fix crt-store load parsing
    - BUG/MEDIUM: applet: Fix applet API to put input data in a buffer
    - BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame
    - BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached
    - BUILD: linuxcap: Properly declare prepare_caps_from_permitted_set()
    - BUG/MEDIUM: peers: fix localpeer regression with 'bind+server' config style
    - MINOR: peers: stop relying on srv->addr to find peer port
    - MEDIUM: ssl: support a named crt-store section
    - MINOR: stats: remove implicit static trash_chunk usage
    - REORG: stats: extract HTML related functions
    - REORG: stats: extract JSON related functions
    - MEDIUM: ssl: crt-base and key-base local keywords for crt-store
    - MINOR: stats: Get the right prototype for stats_dump_html_end().
    - MAJOR: ssl: use the msg callback mecanism for backend connections
    - MINOR: ssl: implement keylog fetches for backend connections
    - BUG/MINOR: stconn: Fix sc_mux_strm() return value
    - MINOR: mux-pt: Test conn flags instead of sedesc ones to perform a full close
    - MINOR: stconn/connection: Move shut modes at the SE descriptor level
    - MINOR: stconn: Rewrite shutdown functions to simplify the switch statements
    - MEDIUM: stconn: Use only one SC function to shut connection endpoints
    - MEDIUM: stconn: Explicitly pass shut modes to shut applet endpoints
    - MEDIUM: stconn: Use one function to shut connection and applet endpoints
    - MEDIUM: muxes: Use one callback function to shut a mux stream
    - BUG/MINOR: sock: handle a weird condition with connect()
    - BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
    - BUG/MEDIUM: peers: Don't set PEERS_F_RESYNC_PROCESS flag on a peer
    - BUG/MEDIUM: peers: Fix state transitions of a peer
    - MINOR: init: use RLIMIT_DATA instead of RLIMIT_AS
    - CI: modernize macos matrix

2024/04/06 : 3.0-dev7
    - BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
    - BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
    - MEDIUM: ssl: Add 'tune.ssl.ocsp-update.mode' global option
    - REGTESTS: ssl: Add OCSP update compatibility tests
    - REGTESTS: ssl: Add functional test for global ocsp-update option
    - BUG/MINOR: server: reject enabled for dynamic server
    - BUG/MINOR: server: fix persistence cookie for dynamic servers
    - MINOR: server: allow cookie for dynamic servers
    - REGTESTS: Fix script about OCSP update compatibility tests
    - BUG/MINOR: cli: Report an error to user if command or payload is too big
    - MINOR: sc_strm: Add generic version to perform sync receives and sends
    - MEDIUM: stream: Use generic version to perform sync receives and sends
    - MEDIUM: buf: Add b_getline() and b_getdelim() functions
    - MEDIUM: applet: Handle applets with their own buffers in put functions
    - MEDIUM: cli/applet: Stop to test opposite SC in I/O handler of CLI commands
    - MINOR: applet: Always use applet API to set appctx flags
    - BUG/MEDIUM: applet: State appctx have more data if its EOI/EOS/ERROR flag is set
    - MAJOR: cli: Update the CLI applet to handle its own buffers
    - MINOR: applet: Let's applets .snd_buf function deal with full input buffers
    - MINOR: stconn: Add a connection flag to notify sending data are the last ones
    - MAJOR: cli: Use a custom .snd_buf function to only copy the current command
    - DOC: config: balance 'first' not usable in LOG mode
    - BUG/MINOR: log/balance: detect if user tries to use unsupported algo
    - MINOR: lbprm: implement true "sticky" balance algo
    - MEDIUM: log/balance: leverage lbprm api for log load-balancing
    - BUG/BUILD: debug: fix unused variable error
    - MEDIUM: lb-chash: Deterministic node hashes based on server address
    - BUG/MEDIUM: stick-tables: fix a small remaining race in expiration task
    - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (4)
    - REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests (2)
    - CLEANUP: Reapply ist.cocci (3)
    - CLEANUP: Reapply strcmp.cocci (2)
    - CLEANUP: Reapply xalloc_cast.cocci
    - CLEANUP: Reapply ha_free.cocci
    - CI: vtest: show coredumps if any
    - REGTESTS: ssl: disable ssl/ocsp_auto_update.vtc
    - BUG/MINOR: backend: properly handle redispatch 0
    - MINOR: quic: HyStart++ implementation (RFC 9406)
    - BUG/MEDIUM: stconn: Don't forward shutdown to SE if iobuf is not empty
    - BUG/MEDIUM: stick-table: use the update lock when reading tables from peers
    - BUG/MAJOR: applet: fix a MIN vs MAX usage in appctx_raw_rcv_buf()
    - OPTIM: peers: avoid the locking dance around peer_send_teach_process_msgs()
    - BUILD: quic: 32 bits compilation issue (QUIC_MIN() usage)
    - BUG/MEDIUM: server/lbprm: fix crash in _srv_set_inetaddr_port()
    - MEDIUM: mworker: get rid of libsystemd
    - BUILD: systemd: fix build error on non-systemd systems with USE_SYSTEMD=1
    - BUG/MINOR: bwlim/config: fix missing '\n' after error messages
    - MINOR: stick-tables: mark the seen stksess with a flag "seen"
    - OPTIM: stick-tables: check the stksess without taking the read lock
    - MAJOR: stktable: split the keys across multiple shards to reduce contention
    - CI: extend Fedora Rawhide, add m32 mode
    - BUG/MINOR: stick-tables: Missing stick-table key nullity check
    - BUILD: systemd: enable USE_SYSTEMD by default with TARGET=linux-glibc
    - MINOR: systemd: Include MONOTONIC_USEC field in RELOADING=1 message
    - BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
    - MEDIUM: log: rename logformat var to logformat tag
    - MINOR: log: expose logformat_tag struct
    - MEDIUM: log: carry tag context in logformat node
    - MEDIUM: tree-wide: add logformat expressions wrapper
    - MINOR: proxy: add PR_FL_CHECKED flag
    - MAJOR: log: implement proper postparsing for logformat expressions
    - MEDIUM: log: add compiling logic to logformat expressions
    - MEDIUM: proxy/log: leverage lf_expr API for logformat preparsing
    - MINOR: guid: introduce global UID module
    - MINOR: guid: restrict guid format
    - MINOR: proxy: implement GUID support
    - MINOR: server: implement GUID support
    - MINOR: listener: implement GUID support
    - DOC: configuration: grammar fixes for strict-sni
    - BUG/MINOR: init: relax LSTCHK_NETADM checks for non root
    - MEDIUM: capabilities: check process capabilities sets
    - CLEANUP: global: remove LSTCHK_CAP_BIND
    - BUG/MEDIUM: quic: don't blindly rely on unaligned accesses

2024/03/26 : 3.0-dev6
    - MINOR: mux-h2: always use h2c_report_glitch()
    - MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
    - MINOR: quic: simplify rescheduling for handshake
    - MINOR: quic: remove qc_treat_rx_crypto_frms()
    - DOC: configuration: clarify ciphersuites usage (V2)
    - MINOR: tools: use public interface for FreeBSD get_exec_path()
    - BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
    - BUG/MINOR: ssl: do not set the aead_tag flags in sample_conv_aes_gcm()
    - BUG/MINOR: server: fix first server template not being indexed
    - MEDIUM: ssl: initialize the SSL stack explicitely
    - MEDIUM: ssl: allow to change the OpenSSL security level from global section
    - CLEANUP: ssl: remove useless #ifdef in openssl-compat.h
    - CI: github: add -DDEBUG_LIST to the default builds
    - BUG/MINOR: hlua: segfault when loading the same filter from different contexts
    - BUG/MINOR: hlua: missing lock in hlua_filter_new()
    - BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
    - DEBUG: lua: precisely identify if stream is stuck inside lua or not
    - MINOR: hlua: use accessors for stream hlua ctx
    - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
    - MINOR: debug: enable insecure fork on the command line
    - CI: github: add -dI to haproxy arguments
    - BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
    - BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
    - MINOR: session: rename private conns elements
    - BUG/MAJOR: server: do not delete srv referenced by session
    - BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
    - BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
    - MAJOR: spoe: Deprecate the SPOE filter
    - MINOR: cfgparse: Add a global option to expose deprecated directives
    - MINOR: spoe: Add SPOE filters in the exposed deprecated directives
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: temporarily adjust kernel entropy to work with ASAN/clang
    - BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
    - BUG/MINOR: session: ensure conn owner is set after insert into session
    - BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1
    - BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe
    - BUG/MAJOR: ocsp: Separate refcount per instance and per store
    - REGTESTS: ssl: Add OCSP related tests
    - BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
    - BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
    - MEDIUM: ssl: Change output of ocsp-update log
    - MINOR: ssl: Change level of ocsp-update logs
    - CLEANUP: ssl: Remove undocumented ocsp fetches
    - REGTESTS: ssl: Add checks on ocsp-update log format
    - MINOR: connection: implement conn_release()
    - MINOR: connection: extend takeover with release option
    - MEDIUM: server: close idle conn on server deletion
    - MEDIUM: mux: prepare for takeover on private connections
    - MEDIUM: server: close private idle connection before server deletion
    - BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
    - BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
    - BUILD: server: fix build regression on old compilers (<= gcc-4.4)
    - OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
    - MINOR: debug: add "debug dev trace" to flood with traces
    - MINOR: atomic: add a read-specific variant of __ha_cpu_relax()
    - MINOR: applet: add new function applet_append_line()
    - MINOR: log/applet: add new function syslog_applet_append_event()
    - MEDIUM: ring/sink: use applet_append_line()/syslog_applet_append_event() for readers
    - REORG: dns/ring: split the ring between the generic one and the DNS one
    - MEDIUM: ring: move the ring reader code to ring_dispatch_messages()
    - MEDIUM: sink: move the generic ring forwarder code use ring_dispatch_messages()
    - MEDIUM: log/sink: make the log forwarder code use ring_dispatch_messages()
    - MINOR: buf: add b_add_ofs() to add a count to an absolute position
    - MINOR: buf: add b_rel_ofs() to turn an absolute offset into a relative one
    - MINOR: buf: add b_putblk_ofs() to copy a block at a specific position
    - MINOR: buf: add b_getblk_ofs() that works relative to area and not head
    - MINOR: ring: make the ring reader use only absolute offsets
    - MINOR: ring: reserve one special value for the readers count
    - MINOR: vecpair: add new vector pair based data manipulation mechanisms
    - MINOR: vecpair: add necessary functions to use vecpairss from/to ring APIs
    - MINOR: ring: rename totlen vs msglen in ring_write()
    - MINOR: ring: add ring_data() to report the amount of data in a ring
    - MINOR: ring: add ring_size() to return the ring's size
    - MINOR: ring: add ring_dup() to copy a ring into another one
    - MINOR: ring: also add ring_area(), ring_head(), ring_tail()
    - MINOR: ring: make callers use ring_data() and ring_size(), not ring->buf
    - MINOR: errors: use ring_dup() to duplicate the startup_logs
    - MINOR: ring: use ring_size(), ring_area(), ring_head() and ring_tail()
    - MINOR: ring: add a flag to indicate a mapped file
    - MAJOR: ring: insert an intermediary ring_storage level
    - MINOR: ring: resize only under thread isolation
    - MINOR: ring: allow to reduce a ring size
    - MEDIUM: ring: replace the buffer API in ring_write() with the vec<->ring API
    - MEDIUM: ring: change the ring reader to use the new vector-based API now
    - MEDIUM: ring: remove the struct buffer from the ring
    - MEDIUM: ring: align the head and tail fields in the ring_storage structure
    - MINOR: ring: make the reader check the readers count before inc/dec
    - MEDIUM: ring: lock the tail's readers counters before proceeding with the changes
    - MEDIUM: ring: protect the reader's positions against writers
    - MEDIUM: ring: use the topmost bit of the tail as a lock
    - MEDIUM: move the ring's lock to only protect the readers list
    - MEDIUM: ring: unlock the ring's tail earlier
    - MINOR: ring: don't take the readers lock if there are no readers
    - MEDIUM: ring/applet: turn the wait_entry list to an mt_list instead
    - MEDIUM: ring: protect the initialization of the initial reader offset
    - MINOR: ring: make sure ring_dispatch waits when facing a changing message
    - MAJOR: ring: drop the now unneeded lock
    - OPTIM: ring: don't even try to update offset when failed to read
    - OPTIM: ring: have only one thread at a time wake up all readers
    - MINOR: ring: keep a few frequently used pointers in the local stack
    - MINOR: ring: add the definition of a ring waiting cell
    - MINOR: ring: make the number of queues configurable
    - MAJOR: ring: implement a waiting queue in front of the ring
    - MEDIUM: ring: significant boost in the loop by checking the ring queue ptr first
    - MEDIUM: ring: improve speed in the queue waiting loop on x86_64
    - MINOR: ring: simplify the write loop a little bit
    - CLEANUP: ring: further simplify the write loop
    - MINOR: ring: it's not x86 but all non-ARMv8.1 which needs the read before OR
    - MINOR: ring: avoid writes to cells during copy
    - OPTIM: ring: use relaxed stores to release the threads
    - CLEANUP: ring: use only curr_cell and not next_cell in the main write loop
    - BUILD: ssl: fix build error on older compilers with openssl-3.2
    - BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
    - BUG/MAJOR: ring: free the ring storage not the ring itself when using maps

2024/03/09 : 3.0-dev5
    - BUG/MEDIUM: applet: Fix HTX .rcv_buf callback function to release outbuf buffer
    - BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
    - BUG/MEDIUM: server: fix dynamic servers initial settings
    - BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
    - LICENSE: event_hdl: fix GPL license version
    - LICENSE: http_ext: fix GPL license version
    - BUG/MEDIUM: mux-h1: Fix again 0-copy forwarding of chunks with an unknown size
    - BUG/MINOR: mux-h1: Properly report when mux is blocked during a nego
    - MINOR: mux-h1: Move checks performed before a shutdown in a dedicated function
    - MINOR: mux-h1: Move all stuff to detach a stream in an internal function
    - MAJOR: mux-h1: Drain requests on client side before shut a stream down
    - MEDIUM: htx/http-ana: No longer close connection on early HAProxy response
    - MINOR: quic: filter show quic by address
    - MINOR: quic: specify show quic output fields
    - MINOR: quic: add MUX output for show quic
    - CLEANUP: mux-h2: Fix h2s_make_data() comment about the return value
    - DOC: configuration: clarify ciphersuites usage
    - BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
    - BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
    - MINOR: hlua: Be able to disable logging from lua
    - BUG/MINOR: tools: seed the statistical PRNG slightly better
    - BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
    - BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
    - BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
    - BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
    - BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
    - BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
    - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
    - BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
    - MINOR: hlua: use SEND_ERR to report errors in hlua_event_runner()
    - CLEANUP: hlua: txn class functions may LJMP
    - BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
    - BUILD: thread: move lock label definitions to thread-t.h
    - BUILD: tree-wide: fix a few missing includes in a few files
    - BUILD: buf: make b_ncat() take a const for the source
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: fix typo in naming for variable "unused"
    - CI: run more smoke tests on config syntax to check memory related issues
    - CI: enable monthly build only test on netbsd-9.3
    - CI: skip scheduled builds on forks
    - BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
    - BUG/MEDIUM: quic: fix connection freeze on post handshake
    - BUG/MINOR: mux-quic: fix crash on aborting uni remote stream
    - CLEANUP: log: fix obsolete comment for add_sample_to_logformat_list()
    - CLEANUP: tree-wide: use proper ERR_* return values for PRE_CHECK fcts
    - BUG/MINOR: cfgparse: report proper location for log-format-sd errors
    - MINOR: vars: export var_set and var_unset functions
    - MINOR: Add aes_gcm_enc converter
    - BUG/MEDIUM: quic: fix handshake freeze under high traffic
    - MINOR: quic: always use ncbuf for rx CRYPTO
    - BUILD: ssl: define EVP_CTRL_AEAD_GET_TAG for older versions
    - DOC: design: write first notes about ring-v2
    - OPTIM: sink: try to merge "dropped" messages faster
    - OPTIM: sink: drop the sink lock used to count drops
    - DEV: haring: make haring not depend on the struct ring itself
    - DEV: haring: split the code between ring and buffer
    - DEV: haring: automatically use the advertised ring header size
    - BUILD: solaris: fix compilation errors

2024/02/23 : 3.0-dev4
    - BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
    - BUG/MEDIUM: quic: Wrong K CUBIC calculation.
    - MINOR: quic: Update K CUBIC calculation (RFC 9438)
    - MINOR: quic: Dynamic packet reordering threshold
    - MINOR: quic: Add a counter for reordered packets
    - BUG/MAJOR: mux-h1: Fix zero-copy forwarding when sending chunks of unknown size
    - MINOR: stats: Use a dedicated function to check if output is almost full
    - BUG/MEDIUM: applet: Add a flag to state an applet is using zero-copy forwarding
    - BUG/MEDIUM: stconn/applet: Block 0-copy forwarding if producer needs more room
    - MINOR: applet: Remove uselelss test on SE_FL_SHR/SHW flags
    - MEDIUM: applet: Add notion of shutdown for write for applets
    - MINOR: cli: No longer check SC for shutdown to interrupt wait command
    - BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
    - BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
    - CLEANUP: stconn: Move SE flags set by app layer at the end of the bitfield
    - MINOR: stconn: Rename SE_FL_MAY_FASTFWD and reorder bitfield
    - MINOR: stconn: Add SE flag to announce zero-copy forwarding on consumer side
    - MINOR: muxes: Announce support for zero-copy forwarding on consumer side
    - BUG/MAJOR: stconn: Check support for zero-copy forwarding on both sides
    - MINOR: muxes/applet: Simplify checks on options to disable zero-copy forwarding
    - BUG/MINOR: quic: reject unknown frame type
    - MINOR: quic: handle all frame types on reception
    - BUG/MINOR: quic: reject HANDSHAKE_DONE as server
    - BUG/MINOR: qpack: reject invalid increment count decoding
    - BUG/MINOR: qpack: reject invalid dynamic table capacity
    - DOC/MINOR: userlists: mention solutions to high cpu with hashes
    - DOC: quic: Missing tuning setting in "Global parameters"
    - BUG/MEDIUM: applet: Immediately free appctx on early error
    - BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
    - BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
    - BUG/MEDIUM: quic: fix transient send error with listener socket
    - MINOR: log: custom name for logformat node
    - MINOR: sample: add type_to_smp() helper function
    - MINOR: log: explicit typecasting for logformat nodes
    - MINOR: log: simplify last_isspace in sess_build_logline()
    - MINOR: log: simplify quotes handling in sess_build_logline()
    - MINOR: log: print metadata prefixes separately in sess_build_logline()
    - MINOR: log: automate string array construction in sess_build_logline()
    - DOC: quic: fix recommandation for bind on multiple address
    - MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
    - OPTIM: quic: improve slightly qc_snd_buf() internal
    - MINOR: quic: move IP_PKTINFO on send on a dedicated function
    - MINOR: quic: remove sendto() usage variant
    - MINOR: quic: only use sendmsg() syscall variant
    - BUILD: applet: fix build on some 32-bit archs
    - BUG/MINOR: quic: initialize msg_flags before sendmsg
    - BUG/MEDIUM: mux-h1: Don't emit 0-CRLF chunk in h1_done_ff() when iobuf is empty
    - CLEANUP: proxy/log: remove unused proxy flag
    - CLEANUP: log: fix process_send_log() indentation
    - CLEANUP: log: use free_logformat_list() in parse_logformat_string()
    - MINOR: log: add free_logformat_node() helper function
    - BUG/MINOR: log: fix potential lf->name memory leak
    - BUG/MINOR: ist: allocate nul byte on istdup
    - BUG/MINOR: stats: drop srv refcount on early release
    - BUG/MAJOR: promex: fix crash on deleted server
    - BUG/MAJOR: server: fix stream crash due to deleted server
    - BUG/MEDIUM: mux-quic: do not crash on qcs_destroy for connection error
    - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
    - BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
    - BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands
    - BUG/MINOR: quic: fix output of show quic
    - MINOR: ssl: Call callback function after loading SSL CRL data
    - BUG/MINOR: ist: only store NUL byte on succeeded alloc

2024/02/10 : 3.0-dev3
    - DOC: configuration: clarify http-request wait-for-body
    - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
    - MINOR: h3: add traces for stream sending function
    - BUG/MEDIUM: h3: do not crash on invalid response status code
    - BUG/MEDIUM: qpack: allow 6xx..9xx status codes
    - BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
    - CLEANUP: log: deinitialization of the log buffer in one function
    - BUG/MINOR: h1: Don't support LF only at the end of chunks
    - BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
    - MINOR: ssl: add HAVE_SSL_0RTT constant
    - MINOR: ssl: rename HA_OPENSSL_HAVE_0RTT_SUPPORT constant to HAVE_SSL_0RTT_QUIC
    - MEDIUM: ssl/quic: always compile the ssl_conf.early_data test
    - DOC: httpclient: add dedicated httpclient section
    - BUG/MINOR: h1-htx: properly initialize the err_pos field
    - BUG/MEDIUM: h1: always reject the NUL character in header values
    - CLEANUP: h1: remove unused function h1_measure_trailers()
    - BUG/MINOR: ssl/quic: fix 0RTT define
    - MINOR: mux-quic: prepare for earlier flow control update
    - MINOR: mux-quic: define a flow control related type
    - MEDIUM: mux-quic: limit stream flow control on snd_buf
    - MEDIUM: mux-quic: limit conn flow control on snd_buf
    - MINOR: mux-quic: remove unneeded sent-offset fields
    - MINOR: mux-quic: check fctl during STREAM frame build
    - MAJOR: mux-quic: remove intermediary Tx buffer
    - MEDIUM: mux-quic: simplify sending API
    - MEDIUM: mux-quic: release Tx buf on too small room
    - MEDIUM: mux-quic: properly handle conn Tx buf exhaustion
    - MINOR: mux-quic: realign Tx buffer if possible
    - CLEANUP: connection: remove obsolete comment in header file
    - OPTIM: connection: progressive hash for conn_calculate_hash()
    - MINOR: tcp_act: fix alphabetical ordering of tcp request content actions
    - MINOR: tcp-act: Rename "set-{mark,tos}" to "set-fc-{mark,tos}"
    - MINOR: hlua: Rename set_{tos, mark} to set_fc_{tos, mark}
    - MEDIUM: tcp-act: <expr> support for set-fc-{mark,tos} actions
    - MEDIUM: tcp-act/backend: support for set-bc-{mark,tos} actions
    - MINOR: stats: Be able to access to registered stats modules from anywhere
    - MEDIUM: stats: Be able to access a specific field into a stats module
    - MINOR: promex: Add a param to override the description when a metric is dumped
    - MINOR: promex: Add info in the promex context to dump extra counters
    - MEDIUM: promex: Dump frontends extra counters if requested
    - MEDIUM: promex: Dump backends extra counters if requested
    - MEDIUM: promex: Dump servers extra counters if requested
    - MEDIUM: promex: Dump listeners extra counters if requested
    - DOC: promex: Add documentation about extra-counters
    - MINOR: promex: Always limit the number of labels dumped for each metric
    - MEDIUM: promex: Simplify the context using generic pointers for restart points
    - MINOR: promex: Remove unsued htx parameter when a metric is dumped
    - MEDIUM: promex: Add a registration mechanism to support modules
    - MEDIUM: promex: Dump metrics of registered modules with a way to filter them
    - MEDIUM: promex/stick-table: Dump stick-table metrics via a promex module
    - MEDIUM: promex/resolvers: Dump resolvers metrics via a promex module
    - MINOR: promex: Rename dump functions to use the right wording
    - MINOR: promex: Always pass the final name and description to promex_dmp_ts()
    - MEDIUM: promex: Add support for filters on metric names
    - REGTESTS: promex: Adapt script to be less verbose
    - MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding
    - MINOR: debug: make sure calls to ha_crash_now() are never merged
    - MINOR: debug: make ABORT_NOW() store the caller's line number when using abort
    - BUG/MINOR: diag: always show the version before dumping a diag warning
    - BUG/MINOR: diag: run the final diags before quitting when using -c
    - MINOR: acl: add extra diagnostics about suspicious string patterns
    - BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
    - BUILD: quic: Variable name typo inside a BUG_ON().
    - DOC: config: fix typo for '%ms' log format alternative
    - DOC: config: fix ordering for "txn.*" fetches
    - MINOR: stream: add "txn.redispatch" fetch
    - BUILD: debug: remove leftover parentheses in ABORT_NOW()
    - MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
    - BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
    - MINOR: debug: support passing an optional message in ABORT_NOW()
    - MINOR: debug: add an optional message argument to the BUG_ON() family
    - DEBUG: make the "debug dev {debug|warn|check}" command print a message
    - CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438)
    - BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
    - MINOR: quic: Stop using 1024th of a second.
    - CI: github: abandon asan matrix.py helper
    - CI: ssl: add yet another OpenSSL download fallback
    - DOC: install: clarify WolfSSL chroot requirements
    - MINOR: task: Move wait_event in the task header file
    - MINOR: stconn: Be able to detect applets using HTX
    - MINOR: stconn: Explicitly use an appctx to attach a stconn on it
    - MINOR: stconn: Be prepared to handle error when a SC is attached to an applet
    - MINOR: applet: Add dedicated IN/OUT buffers for appctx
    - MINOR: applet: Add traces to debug receive/send and block/wake events
    - MINOR: applet: Add support for callback functions to exchange data with channels
    - MINOR: applet: Implement default functions to exchange data with channels
    - MEDIUM: stconn: Add functions to handle applets I/O from the SC layer
    - MEDIM: applet: Add the applet handler based on IN/OUT buffers
    - MINOR: applet: Show IN/OUT buffers in trace messages when used
    - MINOR: applet: Add flags on the appctx and stop abusing its state
    - MINIOR: applet: Add flags to deal with ends of input, ends of stream and errors
    - MINOR: applet: Remove appctx state field to only used the flags
    - MINOR: applet: Add an appctx flag to report shutdown to applets
    - MEDIUM: applet: Use appctx flags to report EOS/EOI/ERROR to SE
    - MINOR: applet: Add callback function to deal with zero-copy forwarding
    - MEDIUM: applet: Add support for zero-copy forwarding from an applet
    - MINOR: applet: Automatically handle applets having more data for the stream
    - MEDIUM: stats: Don't interrupt processing on partial post
    - MAJOR: stats: Update HTTP stats applet to handle its own buffers
    - MEDIUM: cache: Temporarily remove zero-copy forwarding support
    - MAJOR: cache: Update HTTP cache applet to handle its own buffers
    - MAJOR: cache: Send cached objects using zero-copy forwarding
    - MINOR: stconn: Add support for flags during zero-copy forwarding negotiation
    - MINOR: mux-h1: Be able to define the length of a chunk size when it is prepended
    - MEDIUM: stconn: Nofify requested size during zero-copy forwarding nego is exact
    - MINOR: mux-h1: Stop zero-copy forwarding during nego for too big requested size
    - MEDIUM: mux-h1: Support zero-copy forwarding for chunks with an unknown size
    - MAJOR: stats: Send stats dump over HTTP using zero-copy forwarding
    - MEDIUM: applet: Simplify a bit API to exchange data with applets
    - MINOR: cache: Remove unsed .data_sent field from the cache applet context
    - MINOR: applet: Use an option to disable zero-copy forwarding for all applets
    - MINOR: applet: Identify applets using their own buffers via a flag
    - BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
    - MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid
    - BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
    - BUG/MEDIUM: ocsp: Separate refcount per instance and per store
    - BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
    - BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
    - REGTESTS: ssl: Add OCSP related tests
    - REGTESTS: ssl: Fix empty line in cli command input
    - DOC: install: recommend pcre2
    - DOC: config: fix misplaced "txn.conn_retries"
    - DOC: config: fix typos for "bytes_{in,out}"
    - DOC: config: fix misplaced "bytes_{in,out}"
    - DOC: config: add more custom log format table alternatives
    - MINOR: stream: rename "txn.redispatch" to "txn.redispatched"
    - MINOR: sample: implement bc_{be,srv}_queue samples
    - BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
    - MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
    - MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
    - DOC: internal: update missing data types in peers-v2.0.txt
    - MEDIUM: stick-tables: add a new stored type for glitch_cnt and glitch_rate
    - MINOR: session: add the necessary functions to update the per-session glitches
    - MEDIUM: mux-h2: update session trackers with number of glitches
    - BUG/MINOR: server/cli: add missing LF at the end of certain notice/error lines
    - BUG/MINOR: vars/cli: fix missing LF after "get var" output
    - BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
    - MINOR: cli: make sure to always print a pending message after release()
    - MINOR: cli: always reset the applet task's timeout
    - MINOR: cli: add a new "wait" command to wait for a certain delay
    - BUG/MINOR: applet: Always release empty appctx buffers after processing
    - MINOR: server: split the server deletion code in two parts
    - MINOR: cli/wait: make the wait command support a more detailed help message
    - MINOR: cli/wait: also support an unrecoverable failure status
    - MINOR: cli/wait: also pass up to 4 arguments to the external conditions
    - MINOR: cli/wait: add a condition to wait on a server to become unused
    - CI: Update to actions/cache@v4
    - BUILD: address a few remaining calloc(size, n) cases
    - BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()

2024/01/26 : 3.0-dev2
    - MINOR: ot: logsrv struct becomes logger
    - MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
    - CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec()
    - DEV: patchbot: produce a verdict for too long commit messages
    - CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec() (part 2)
    - CLEANUP: quic: Double quic_dgram_parse() prototype declaration.
    - BUG/MINOR: map: list-based matching potential ordering regression
    - REGTESTS: add a test to ensure map-ordering is preserved
    - DOC: config: fix typo about map_*_key converters
    - DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
    - MINOR: map: mapfile ordering also matters for tree-based match types
    - DEV: phash: add a trivial perfect hash generator for integers
    - OPTIM: http: simplify http_get_status_idx() using a hash
    - CLEANUP: http: avoid duplicating literals in find_http_meth()
    - MINOR: http: add infrastructure to choose status codes for err / fail
    - MEDIUM: http_act: check status codes against the bit fields for err/fail
    - MEDIUM: http: add the ability to redefine http-err-codes and http-fail-codes
    - CI: codespell: ignore some words in URLs
    - CI: codespell: add more words to whitelist
    - CLEANUP: fix spelling of "occured" in src/h3.c
    - BUILD: quic: missing include for quic_tp
    - BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
    - MEDIUM: ssl: allow multiple fallback certificate to allow ECDSA/RSA selection
    - MEDIUM: ssl: generate '*' SNI filters for default certificates
    - MEDIUM: ssl: does not use default_ctx for 'generate-certificate' option
    - REORG: ssl: move 'generate-certificates' code to ssl_gencert.c
    - DOC: configuration: update configuration on how to have multiple default certs
    - MEDIUM: ssl: implements 'default-crt' keyword for bind Lines
    - CI: github: update wolfSSL to 5.6.6
    - DOC: INSTALL: require at least WolfSSL 5.6.6
    - DEV: h2: add support for multiple flags in mkhdr
    - DEV: h2: support hex-encoded data sequences in mkhdr
    - BUG/MINOR: mux-h2: also count streams for refused ones
    - BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
    - MINOR: vars: fix indentation in var_clear_buffer()
    - DOC: configuration: fix set-dst in actions keywords matrix
    - BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
    - MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc
    - MINOR: mux-h2: add a counter of "glitches" on a connection
    - MINOR: connection: add a new mux_ctl to report number of connection glitches
    - MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
    - MINOR: connection: add sample fetches to report per-connection glitches
    - BUILD: stick-table: fix build error on 32-bit platforms
    - MINOR: quic: Transport parameters encoding without version_information
    - MINOR: quic: Enable early data at SSL session level (aws-lc)
    - MINOR: ssl_sock: Early data disabled during SSL_CTX switching (aws-lc)
    - MINOR: quic: Correctly wait for the completion of handshakes with early data (aws-lc)
    - BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
    - BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
    - BUILD: quic: fix build error when using the compatibility layer
    - BUILD: quic: Fix build error when building QUIC against wolfssl.
    - BUILD: quic: Fix build error when building QUIC against libressl.
    - BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var()
    - CLEANUP: hlua: fix indent, remove extra return in hlua_core_get_var()
    - BUG/MEDIUM: cache: Fix crash when deleting secondary entry
    - BUG/MINOR: quic: newreno QUIC congestion control algorithm no more available
    - CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
    - MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
    - MINOR: quic: extract qc_stream_buf free in a dedicated function
    - BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
    - CLEANUP: fix spelling of "elemt"
    - CI: extend spell check white list
    - CI: enable spell check on git push
    - BUILD: makefile: also define cmd_CXX to pretty-print C++ build commands
    - BUILD/MEDIUM: deviceatlas: addon build rework.
    - DOC: deviceatlas: update to be in line with the v3 api.
    - BUILD/MEDIUM: deviceatlas: updating the addon part.
    - BUILD: deviceatlas: remove unneeded depenency on libcurl / libzip
    - BUILD: deviceatlas: fix empty "-I" left on CFLAGS
    - Revert "CI: enable spell check on git push"

2024/01/06 : 3.0-dev1
    - MINOR: channel: Use dedicated functions to deal with STREAMER flags
    - MEDIUM: applet: Handle channel's STREAMER flags on applets size
    - MINOR: applets: Use channel's field to compute amount of data received
    - MEDIUM: cache: Save body size of cached objects and track it on delivery
    - MEDIUM: cache: Add support for endp-to-endp fast-forwarding
    - MINOR: cache: Add global option to enable/disable zero-copy forwarding
    - MINOR: pattern: Use reference name as filename to read patterns from a file
    - MEDIUM: pattern: Add support for virtual and optional files for patterns
    - DOC: config: Add section about name format for maps and ACLs
    - DOC: management/lua: Update commands about map and acl
    - MINOR: promex: Add support for specialized front/back/li/srv metric names
    - MINOR: promex: Export active/backup metrics per-server
    - BUG/MINOR: ssl: Double free of OCSP Certificate ID
    - MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
    - BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
    - BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
    - DOC: configuration: typo req.ssl_hello_type
    - MINOR: hq-interop: add fastfwd support
    - CLEANUP: mux_quic: rename ffwd function with prefix qmux_strm_
    - MINOR: mux-quic: add traces for 0-copy/fast-forward
    - BUG/MINOR: mworker/cli: fix set severity-output support
    - CLEANUP: mworker/cli: add comments about pcli_find_and_exec_kw()
    - BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
    - BUILD: ssl: update types in wolfssl cert selection callback
    - MINOR: ssl: activate the certificate selection callback for WolfSSL
    - CI: github: switch to wolfssl git-c4b77ad for new PR
    - BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
    - BUG/MINOR: ext-check: cannot use without preserve-env
    - CLEANUP: mux-quic: remove unused prototype
    - MINOR: mux-quic: clean up qcs Rx buffer allocation API
    - MINOR: mux-quic: clean up qcs Tx buffer allocation API
    - CLEANUP: mux-quic: clean up app ops callback definitions
    - MINOR: mux-quic: factorize QC_SF_UNKNOWN_PL_LENGTH set
    - MINOR: h3: complete traces for sending
    - MINOR: h3: adjust zero-copy sending related code
    - MINOR: hq-interop: use zero-copy to transfer single HTX data block
    - BUG/MEDIUM: quic: QUIC CID removed from tree without locking
    - BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
    - BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
    - BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
    - CLEANUP: mux-h1: Fix a trace message about C-L header addition
    - BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
    - BUG/MEDIUM: mux-quic: report early error on stream
    - DOC: config: add arguments to sample fetch methods in the table
    - DOC: config: also add arguments to the converters in the table
    - BUG/MINOR: resolvers: default resolvers fails when network not configured
    - SCRIPTS: mk-patch-list: produce a list of patches
    - DEV: patchbot: add the AI-based bot to pre-select candidate patches to backport
    - BUG/MEDIUM: mux-h2: Switch pending error to error if demux buffer is empty
    - BUG/MEDIUM: mux-h2: Only Report H2C error on read error if demux buffer is empty
    - BUG/MEDIUM: mux-h2: Don't report error on SE if error is only pending on H2C
    - BUG/MEDIUM: mux-h2: Don't report error on SE for closed H2 streams
    - DOC: config: Update documentation about local haproxy response
    - DEV: patchbot: use checked buttons as reference instead of internal table
    - DEV: patchbot: allow to show/hide backported patches
    - MINOR: h3: remove quic_conn only reference
    - BUG/MINOR: server: Use the configured address family for the initial resolution
    - MINOR: mux-quic: remove qcc_shutdown() from qcc_release()
    - MINOR: mux-quic: use qcc_release in case of init failure
    - MINOR: mux-quic: adjust error code in init failure
    - MINOR: h3: add traces for connection init stage
    - BUG/MINOR: h3: properly handle alloc failure on finalize
    - MINOR: h3: use INTERNAL_ERROR code for init failure
    - BUG/MAJOR: stconn: Disable zero-copy forwarding if consumer is shut or in error
    - MINOR: stats: store the parent proxy in stats ctx (http)
    - BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
    - MEDIUM: proxy: set PR_O_HTTP_UPG on implicit upgrades
    - MINOR: proxy: monitor-uri works with tcp->http upgrades
    - OPTIM: server: eb lookup for server_find_by_name()
    - OPTIM: server: ebtree lookups for findserver_unique_* functions
    - MINOR: server/event_hdl: add server_inetaddr struct to facilitate event data usage
    - MINOR: server/event_hdl: update _srv_event_hdl_prepare_inetaddr prototype
    - BUG/MINOR: server/event_hdl: propagate map port info through inetaddr event
    - MINOR: server: ensure connection cleanup on server addr changes
    - CLEANUP: server/event_hdl: remove purge_conn hint in INETADDR event
    - MEDIUM: server: merge srv_update_addr() and srv_update_addr_port() logic
    - CLEANUP: server: remove unused server_parse_addr_change_request() function
    - CLEANUP: resolvers: remove duplicate func prototype
    - MINOR: resolvers: add unique numeric id to nameservers
    - MEDIUM: server: make server_set_inetaddr() updater serializable
    - MINOR: server/event_hdl: expose updater info through INETADDR event
    - MINOR: server: add dns hint in server_inetaddr_updater struct
    - MEDIUM: server/dns: clear RMAINT when addr resolves again
    - BUG/MINOR: server/dns: use server_set_inetaddr() to unset srv addr from DNS
    - BUG/MEDIUM: server/dns: perform svc_port updates atomically from SRV records
    - MEDIUM: peers: use server as stream target
    - CLEANUP: peers: remove unused sock_init_arg struct member
    - CLEANUP: peers: remove unused "proto" and "xprt" struct members
    - MINOR: peers: rely on srv->addr and remove peer->addr
    - DOC: config: add context hint for server keywords
    - MINOR: stktable: add table_process_entry helper function
    - MINOR: stktable: use {show,set,clear} table with ptr
    - MINOR: map: add map_*_key converters to provide the matching key
    - DOC: fix typo for fastfwd QUIC option
    - BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
    - MEDIUM: mux-quic: add BUG_ON if sending on locally closed QCS
    - BUG/MINOR: mux-quic: disable fast-fwd if connection on error
    - BUG/MINOR: quic: Wrong keylog callback setting.
    - BUG/MINOR: quic: Missing call to TLS message callbacks
    - MINOR: h3: check connection error during sending
    - BUG/MINOR: h3: close connection on header list too big
    - BUG/MINOR: h3: close connection on sending alloc errors
    - BUG/MINOR: h3: disable fast-forward on buffer alloc failure
    - Revert "MINOR: mux-quic: Disable zero-copy forwarding for send by default"
    - MINOR: stktable: stktable_data_ptr() cannot fail in table_process_entry()
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: use semantic version compare for determing "latest" OpenSSL
    - CLEANUP: server: remove ambiguous check in srv_update_addr_port()
    - CLEANUP: resolvers: remove unused RSLV_UPD_OBSOLETE_IP flag
    - CLEANUP: resolvers: remove some more unused RSLV_UDP flags
    - MEDIUM: server: simplify snr_set_srv_down() to prevent confusions
    - MINOR: backend: export get_server_*() functions
    - MINOR: tcpcheck: export proxy_parse_tcpcheck()
    - MEDIUM: udp: allow to retrieve the frontend destination address
    - MINOR: global: export a way to list build options
    - MINOR: debug: add features and build options to "show dev"
    - BUG/MINOR: server: fix server_find_by_name() usage during parsing
    - REGTESTS: check attach-srv out of order declaration
    - CLEANUP: quic: Remaining useless code into server part
    - BUILD: quic: Missing quic_ssl.h header protection
    - BUG/MEDIUM: h3: fix incorrect snd_buf return value
    - MINOR: h3: do not consider missing buf room as error on trailers
    - BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
    - BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego
    - BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
    - MINOR: mux-h2: support limiting the total number of H2 streams per connection
    - CLEANUP: mux-h2: remove the printfs from previous commit on h2 streams limit.
    - DEV: h2: add the ability to emit literals in mkhdr
    - DEV: h2: add the preface as well in supported output types
    - DEV: h2: support passing raw data for a frame
    - IMPORT: ebtree: implement and use flsnz_long() to count bits
    - IMPORT: ebtree: switch the sizes and offsets to size_t and ssize_t
    - IMPORT: ebtree: rework the fls macros to better deal with arch-specific ones
    - IMPORT: ebtree: make string_equal_bits turn back to unsigned char
    - IMPORT: ebtree: use unsigned ints for flznz()
    - IMPORT: ebtree: make string_equal_bits() return an unsigned

2023/12/05 : 3.0-dev0
    - exact copy of 2.9.0

2023/12/05 : 2.9.0
    - DOC: config: add missing colon to "bytes_out" sample fetch keyword (2)
    - BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
    - DOC: config: add matrix entry for "max-session-srv-conns"
    - DOC: config: fix monitor-fail typo
    - DOC: config: add context hint for proxy keywords
    - DEBUG: stream: Report lra/fsb values for front end back SC in stream dump
    - REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
    - BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
    - DOC: Clarify the differences between field() and word()
    - BUG/MINOR: server/event_hdl: properly handle AF_UNSPEC for INETADDR event
    - BUILD: http_htx: silence uninitialized warning on some gcc versions
    - MINOR: acme.sh: don't use '*' in the filename for wildcard domain
    - MINOR: global: Use a dedicated bitfield to customize zero-copy fast-forwarding
    - MINOR: mux-pt: Add global option to enable/disable zero-copy forwarding
    - MINOR: mux-h1: Add global option to enable/disable zero-copy forwarding
    - MINOR: mux-h2: Add global option to enable/disable zero-copy forwarding
    - MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding
    - MINOR: mux-quic: Disable zero-copy forwarding for send by default
    - DOC: config: update the reminder on the HTTP model and add some terminology
    - DOC: config: add a few more differences between HTTP/1 and 2+
    - DOC: config: clarify session vs stream
    - DOC: config: fix typo abandonned -> abandoned
    - DOC: management: fix two latest typos (optionally, exception)
    - BUG/MEDIUM: peers: fix partial message decoding
    - DOC: management: update stream vs session

2023/11/30 : 2.9-dev12
    - BUG/MINOR: global: Fix tune.disable-(fast-forward/zero-copy-forwarding) options
    - DOC: config: removing "log-balance" references
    - MINOR: server/event_hdl: add SERVER_INETADDR event
    - MINOR: tools: use const for read only pointers in ip{cmp,cpy}
    - MINOR: server/ip: centralize server ip updates
    - MINOR: backend: remove invalid mode test for "hash-balance-factor"
    - Revert "MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode"
    - MINOR: proxy: add free_logformat_list() helper function
    - MINOR: proxy: add free_server_rules() helper function
    - MINOR: log/backend: prevent "use-server" rules use with LOG mode
    - MINOR: log/balance: set lbprm tot_weight on server on queue/dequeue
    - DOC: config: specify supported sections for "max-session-srv-conns"
    - DOC: config: fix timeout check inheritance restrictions
    - REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
    - DOC: lua: add sticktable class reference from Proxy.stktable
    - DOC: lua: fix Proxy.get_mode() output
    - DOC: lua: add "syslog" to Proxy.get_mode() output
    - MEDIUM: ssl: implement rsa/ecdsa selection with WolfSSL
    - MINOR: ssl: replace 'trash.area' by 'servername' in ssl_sock_switchctx_cbk()
    - MINOR: ssl: move certificate selection in a dedicate function
    - MEDIUM: ssl: use ssl_sock_chose_sni_ctx() in the clienthello callback
    - MINOR: mworker/cli: implement hard-reload over the master CLI
    - BUG/MEDIUM: mux-h1: Properly ignore trailers when a content-length is announced
    - MINOR: task/profiling: do not record task_drop_running() as a caller
    - OPTIM: pattern: save memory and time using ebst instead of ebis
    - BUILD: map: fix build warning
    - MINOR: trace: define simple -dt argument
    - MINOR: trace: parse level in a function
    - MINOR: trace: parse verbosity in a function
    - MINOR: trace: support -dt optional format
    - OPTIM: mux-h2/zero-copy: don't allocate more buffers per connections than streams
    - BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
    - BUG/MEDIUM: stconn: Don't perform zero-copy FF if opposite SC is blocked
    - BUG/MEDIUM: mux-h2: Remove H2_SF_NOTIFIED flag for H2S blocked on fast-forward
    - CLEANUP: quic: Remove dead definitions/declarations
    - REORG: quic: Move some QUIC CLI code to its C file
    - REORG: quic: Add a new module to handle QUIC connection IDs
    - REORG: quic: QUIC connection types header cleaning
    - BUILD: quic: Missing RX header inclusions
    - REORG: quic: Move CRYPTO data buffer defintions to QUIC TLS module
    - REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS
    - REORG: quic: Move several inlined functions from quic_conn.h
    - REORG: quic: Move QUIC SSL BIO method related functions to quic_ssl.c
    - REORG: quic: Move the QUIC DCID parser to quic_sock.c
    - REORG: quic: Rename some functions used upon ACK receipt
    - REORG: quic: Move QUIC path definitions/declarations to quic_cc module
    - REORG: quic: Move qc_handle_conn_migration() to quic_conn.c
    - REORG: quic: Move quic_build_post_handshake_frames() to quic_conn module
    - REORG: quic: Move qc_may_probe_ipktns() to quic_tls.h
    - REORG: quic: Move qc_pkt_long() to quic_rx.h
    - REORG: quic: Rename some (quic|qc)_conn* objects to quic_conn_closed
    - REORG: quic: Move NEW_CONNECTION_ID frame builder to quic_cid
    - REORG: quic: Move ncbuf related function from quic_rx to quic_conn
    - REORG: quic: Add a new module for QUIC retry
    - BUILD: quic: Several compiler warns fixes after retry module creation
    - REORG: quic: Move qc_notify_send() to quic_conn
    - REORG: quic: Add a new module for retransmissions
    - REORG: quic: Remove qc_pkt_insert() implementation
    - REORG: quic: Move quic_increment_curr_handshake() to quic_sock
    - BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
    - MEDIUM: cli: allow custom pattern for payload
    - CLEANUP: mworker/cli: use a label to return errors
    - MINOR: mworker/cli: implements the customized payload pattern for master CLI
    - DOC: management: add documentation about customized payload pattern
    - BUG/MEDIUM: server/event_hdl: memory overrun in _srv_event_hdl_prepare_inetaddr()
    - MINOR: event_hdl: add global tunables
    - BUG/MAJOR: server/addr: fix a race during server addr:svc_port updates
    - MEDIUM: log/balance: support FQDN for UDP log servers
    - BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
    - BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
    - BUG/MEDIUM: mux-quic: Stop zero-copy FF during nego if input is not empty
    - CLEANUP: log: Fix %rc comment in sess_build_logline()
    - BUG/MINOR: h3: fix TRAILERS encoding
    - BUG/MINOR: h3: always reject PUSH_PROMISE
    - MINOR: h3: use correct error code for missing SETTINGS
    - MINOR: http-fetch: Add a sample to retrieve the server status code
    - DOC: config: Improve 'status' sample documentation
    - MINOR: http-fetch: Add a sample to get the transaction status code
    - MEDIUM: http-ana: Set termination state before returning haproxy response
    - MINOR: stream: Expose session terminate state via a new sample fetch
    - MINOR: stream: add a sample fetch to get the number of connection retries
    - MINOR: stream: Expose the stream's uniq_id via a new sample fetch
    - MINOR: muxes: Rename mux_ctl_type values to use MUX_CTL_ prefix
    - MINOR: muxes: Add a callback function to send commands to mux streams
    - MINOR: muxes: Implement ->sctl() callback for muxes and return the stream id
    - MINOR: Add sample fetches to get the frontend and backend stream ID
    - BUG/MEDIUM: cli: Don't look for payload pattern on empty commands
    - DOC: config: Add argument for tune.lua.maxmem
    - DOC: config: fix mention of request slot in http-response capture
    - DOC: config: fix remaining mention of @reverse for attach-srv action
    - DOC: config: fix missing characters in set-spoe-group action
    - DOC: config: reorganize actions into their own section
    - BUG/MINOR: acme.sh: update the deploy script
    - MINOR: rhttp: mark reverse HTTP as experimental
    - CLEANUP: quic_cid: remove unused listener arg
    - BUG/MINOR: quic_tp: fix preferred_address decoding
    - MINOR: quic_tp: use in_addr/in6_addr for preferred_address
    - MINOR: acme.sh: use the master CLI for hot update
    - DOC: config: move the cache-use and cache-store actions to the proper section
    - DOC: config: fix alphabetical ordering of converter keywords
    - DOC: config: add missing colon to "bytes_out" sample fetch keyword
    - DOC: config: add an index of converter keywords
    - DOC: config: add an index of sample fetch keywords
    - BUG/MINOR: config: Stopped parsing upon unmatched environment variables
    - DEBUG: unstatify a few functions that are often present in backtraces
    - BUILD: server: shut a bogus gcc warning on certain ubuntu

2023/11/24 : 2.9-dev11
    - BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
    - BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
    - BUILD: cache: fix build error on older compilers
    - BUG/MAJOR: quic: complete thread migration before tcp-rules
    - BUG/MEDIUM: quic: Possible crash for connections to be killed
    - MINOR: quic: remove unneeded QUIC specific stopping function
    - MINOR: acl: define explicit HTTP_3.0
    - DEBUG: connection/flags: update flags for reverse HTTP
    - BUILD: log: silence a build warning when threads are disabled
    - MINOR: quic: Add traces to debug frames handling during retransmissions
    - BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
    - BUG/MINOR: quic: Possible leak of TX packets under heavy load
    - BUG/MINOR: quic: Possible RX packet memory leak under heavy load
    - BUG/MINOR: server: do not leak default-server in defaults sections
    - DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo
    - MINOR: debug: start to create a new struct post_mortem
    - MINOR: debug: add OS/hardware info to the post_mortem struct
    - MINOR: debug: report in port_mortem whether a container was detected
    - MINOR: debug: report in post_mortem if the container techno used is docker
    - MINOR: debug: detect CPU model and store it in post_mortem
    - MINOR: debug: report any detected hypervisor in post_mortem
    - MINOR: debug: collect some boot-time info related to the process
    - MINOR: debug: copy the thread info into the post_mortem struct
    - MINOR: debug: dump the mapping of the libs into post_mortem
    - MINOR: debug: add the ability to enter components in the post_mortem struct
    - MINOR: init: add info about the main program to the post_mortem struct
    - DOC: management: document "show dev"
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: limit codespell checks to main repo, not forks
    - DOC: 51d: updated 51Degrees repo URL for v3.2.10
    - DOC: install: update the list of openssl versions
    - MINOR: ext-check: add an option to preserve environment variables
    - BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward send
    - MINOR: rhttp: rename proto_reverse_connect
    - MINOR: rhttp: large renaming to use rhttp prefix
    - MINOR: rhttp: add count of active conns per thread
    - MEDIUM: rhttp: support multi-thread active connect
    - MINOR: listener: allow thread kw for rhttp bind
    - DOC: rhttp: replace maxconn by nbconn
    - MINOR: log/balance: rename "log-sticky" to "sticky"
    - MEDIUM: mux-quic: Add consumer-side fast-forwarding support
    - MAJOR: h3: Implement zero-copy support to send DATA frame

2023/11/18 : 2.9-dev10
    - CLEANUP: Re-apply xalloc_size.cocci (3)
    - BUG/MEDIUM: stconn: Report send activity during mux-to-mux fast-forward
    - BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
    - MINOR: stconn: Don't queue stream task in past in sc_notify()
    - BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
    - BUG/MINOR: stconn: Sanitize report for read activity
    - CLEANUP: htx: Properly indent htx_reserve_max_data() function
    - DOC: stconn: Improve comments about lra and fsb usage
    - BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
    - BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
    - BUG/MEDIUM: mux-h1: Be sure xprt support splicing to use it during fast-forward
    - MINOR: proto_reverse_connect: use connect timeout
    - BUG/MINOR: mux-h1: Release empty ibuf during data fast-forwarding
    - BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
    - MEDIUM: stktable/cli: simplify entry key handling
    - MINOR: stktable/cli: support v6tov4 and v4tov6 conversions
    - BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
    - BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
    - BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
    - BUG/MINOR: pool: check one other random bucket on alloc conflict
    - BUG/MEDIUM: pool: try once to allocate from another bucket if empty
    - MEDIUM: stconn/muxes: Loop on data fast-forwarding to forward at least a buffer
    - MINOR: stconn/mux-h2: Use a iobuf flag to report EOI to consumer side during FF
    - MEDIUM: quic: Heavy task mode during handshake
    - MEDIUM: quic: Heavy task mode with non contiguously bufferized CRYPTO data
    - MINOR: quic: release the TLS context asap from quic_conn_release()
    - MINOR: quic: Add idle timer task pointer to traces
    - BUG/MINOR: quic: idle timer task requeued in the past
    - CLEANUP: quic: Indentation fix in qc_do_build_pkt()
    - MINOR: quic: Avoid zeroing frame structures
    - BUG/MEDIUM: quic: Too short Initial packet sent (enc. level allocation failed)
    - BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
    - BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
    - BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
    - BUG/MEDIUM: quic: Possible crashes during secrets allocations (heavy load)
    - BUG/MEDIUM: stconn: Don't update stream expiration date if already expired
    - MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path()
    - MINOR: errors: does not check MODE_STARTING for log emission
    - MEDIUM: errors: move the MODE_QUIET test in print_message()
    - DOC: management: -q is quiet all the time
    - MEDIUM: mworker: -W is mandatory when using -S
    - BUG/MEDIUM: mux-h1: Exit early if fast-forward is not supported by opposite SC
    - MEDIUM: quic: adjust address validation
    - MINOR: quic: reduce half open counters scope
    - MEDIUM: quic: limit handshake per listener
    - MEDIUM: quic: define an accept queue limit
    - BUG/MINOR: quic: fix retry token check inconsistency
    - MINOR: task/debug: explicitly support passing a null caller to wakeup functions
    - MINOR: task/debug: make task_queue() and task_schedule() possible callers
    - OPTIM: mux-h2: don't allocate more buffers per connections than streams
    - BUG/MINOR: quic: remove dead code in error path
    - MEDIUM: quic: respect closing state even on soft-stop
    - MEDIUM: quic: release conn socket before using quic_cc_conn
    - DOC: config: use the word 'backend' instead of 'proxy' in 'track' description
    - BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
    - MINOR: tools: make str2sa_range() directly return type hints
    - BUG/MEDIUM: server: invalid address (post)parsing checks
    - BUG/MINOR: sink: don't learn srv port from srv addr
    - CLEANUP: sink: bad indent in sink_new_from_logger()
    - CLEANUP: sink: useless leftover in sink_add_srv()
    - BUG/MINOR: quic: Useless use of non-contiguous buffer for in order CRYPTO data
    - MINOR: server: always initialize pp_tlvs for default servers
    - BUG/MEDIUM: proxy: always initialize the default settings after init
    - MEDIUM: startup: 'haproxy -c' is quiet when valid
    - BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length
    - BUG/MINOR: log: keep the ref in dup_logger()
    - BUG/MINOR: quic: fix crash on qc_new_conn alloc failure
    - BUG/MINOR: quic: fix decrement of half_open counter on qc alloc failure
    - BUG/MEDIUM: quic: fix FD for quic_cc_conn
    - DOC: config: Fix name for tune.disable-zero-copy-forwarding global param
    - REGTESTS: startup: -conf-OK requires -V with current VTest
    - BUG/MEDIUM: quic: Non initialized CRYPTO data stream deferencing
    - MINOR: quic: Add a max window parameter to congestion control algorithms
    - MINOR: quic: Maximum congestion control window for each algo
    - DOC: quic: Wrong syntax for "quic-cc-algo" keyword.
    - DOC: quic: Maximum congestion control window configuration
    - BUG/MINOR: quic: maximum window limits do not match the doc
    - BUG/MEDIUM: connection: report connection errors even when no mux is installed
    - BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
    - MINOR: connection: Add a CTL flag to notify mux it should wait for reads again
    - MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
    - BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
    - MINOR: stconn: Use SC to detect frontend connections in sc_conn_recv()
    - REGTESTS: http: Improve script testing abortonclose option
    - MINOR: activity: report profiling duration and age in "show profiling"
    - BUG/MEDIUM: mworker: set the master variable earlier
    - BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
    - MINOR: connection: update rhttp flags usage
    - BUG/MINOR: mux_h2: reject passive reverse conn if error on add to idle
    - MINOR: server: force add to idle on reverse
    - MINOR: shctx: Set last_append to NULL when reserving block in hot list
    - MEDIUM: shctx: Move list between hot and avail list in O(1)
    - MEDIUM: shctx: Simplify shctx_row_reserve_hot loop
    - MINOR: shctx: Remove explicit 'from' param from shctx_row_data_append
    - MEDIUM: cache: Use dedicated cache tree lock alongside shctx lock
    - MINOR: cache: Remove expired entry delete in "show cache" command
    - MINOR: cache: Add option to avoid removing expired entries in lookup function
    - MEDIUM: cache: Use rdlock on cache in cache_use
    - MEDIUM: shctx: Remove 'hot' list from shared_context
    - MINOR: cache: Use dedicated trash for "show cache" cli command
    - MEDIUM: cache: Switch shctx spinlock to rwlock and restrict its scope
    - MEDIUM: cache: Add refcount on cache_entry
    - MEDIUM: shctx: Descend shctx_lock calls into the shctx_row_reserve_hot
    - MINOR: shctx: Add new reserve_finish callback call to shctx_row_reserve_hot
    - MAJOR: cache: Delay cache entry delete in reserve_hot function
    - MINOR: shctx: Remove redundant arg from free_block callback
    - MINOR: shctx: Remove 'use_shared_mem' variable
    - DOC: cache: Specify when function expects a cache lock
    - BUG/MEDIUM: stconn: Update fsb date on partial sends
    - MINOR: htx: Use a macro for overhead induced by HTX
    - MINOR: channel: Add functions to get info on buffers and deal with HTX streams
    - BUG/MINOR: stconn: Fix streamer detection for HTX streams
    - BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
    - BUG/MINOR: stconn/applet: Report send activity only if there was output data
    - BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends
    - BUG/MINOR: shctx: Remove old HA_SPIN_INIT
    - REGTESTS: try to activate again the seamless reload test with the master CLI
    - MINOR: proxy: Add "handshake" new timeout (frontend side)
    - MEDIUM: quic: Add support for "handshake" timeout setting.
    - MINOR: quic: Dump the expiration date of the idle timer task
    - BUG/MINOR: quic: Malformed CONNECTION_CLOSE frame
    - MEDIUM: session: handshake timeout (TCP)
    - DOC: proxy: Add "handshake" timeout documentation.
    - MINOR: quic: Rename "handshake" timeout to "client-hs"
    - CLEANUP: haproxy: remove old comment from 1.1 from the file header
    - BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
    - BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
    - BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
    - MINOR: rhttp: remove the unused outgoing connect() function
    - MINOR: backend: without ->connect(), allow to pick another thread's connection
    - BUG/MINOR: stream/cli: report correct stream age in "show sess"
    - MINOR: stream/cli: add an optional "older" filter for "show sess"
    - MINOR: stream/cli: add another filter "susp" to "show sess"
    - MINOR: stktable: add stktable_deinit function
    - BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
    - CLEANUP: backend: removing unused LB param
    - MEDIUM: lbprm: store algo params on 32bits
    - MEDIUM: log/balance: merge tcp/http algo with log ones
    - Revert "MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http()"
    - Revert "MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode"
    - Revert "MINOR: stktable: "stick" requires TCP or HTTP mode"
    - Revert "MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode"
    - Revert "MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode"
    - Revert "MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode"
    - Revert "MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode"
    - Revert "MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode"
    - Revert "MINOR: flt_http_comp: "compression" requires TCP or HTTP mode"
    - Revert "MINOR: filter: "filter" requires TCP or HTTP mode"
    - MINOR: log/backend: ensure log exclusive params are not used in other modes
    - MINOR: log/backend: prevent tcp-{request,response} use with LOG mode
    - MINOR: log/backend: prevent stick table and stick rules with LOG mode
    - MINOR: log/backend: prevent "http-send-name-header" use with LOG mode
    - MINOR: log/backend: prevent "dynamic-cookie-key" use with LOG mode
    - REGTESTS: http: add a test to validate chunked responses delivery

2023/11/04 : 2.9-dev9
    - DOC: internal: filters: fix reference to entities.pdf
    - BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
    - MINOR: lua: Add flags to configure logging behaviour
    - MINOR: lua: change tune.lua.log.stderr default from 'on' to 'auto'
    - BUG/MINOR: backend: fix wrong BUG_ON for avail conn
    - BUG/MAJOR: backend: fix idle conn crash under low FD
    - MINOR: backend: refactor insertion in avail conns tree
    - DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
    - BUG/MEDIUM: server/log: "mode log" after server keyword causes crash
    - MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
    - BUG/MEDIUM: server: "proto" not working for dynamic servers
    - MINOR: server: add helper function to detach server from proxy list
    - DEBUG: add a tainted flag when ha_panic() is called
    - DEBUG: lua: add tainted flags for stuck Lua contexts
    - DEBUG: pools: detect that malloc_trim() is in progress
    - BUG/MINOR: quic: do not consider idle timeout on CLOSING state
    - MINOR: frontend: implement a dedicated actconn increment function
    - BUG/MINOR: ssl: use a thread-safe sslconns increment
    - MEDIUM: quic: count quic_conn instance for maxconn
    - MEDIUM: quic: count quic_conn for global sslconns
    - BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
    - REGTESTS: ssl: update the filters test for TLSv1.3 and sigalgs
    - BUG/MINOR: mux-quic: fix early close if unset client timeout
    - BUG/MEDIUM: ssl: segfault when cipher is NULL
    - BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
    - MEDIUM: systemd: be more verbose about the reload
    - MINOR: sample: Add fetcher for getting all cookie names
    - BUG/MINOR: proto_reverse_connect: support SNI on active connect
    - MINOR: proxy/stktable: add resolve_stick_rule helper function
    - BUG/MINOR: stktable: missing free in parse_stick_table()
    - BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
    - MINOR: stktable: stktable_init() sets err_msg on error
    - MINOR: stktable: check if a type should be used as-is
    - MEDIUM: stktable/peers: "write-to" local table on peer updates
    - CI: github: update wolfSSL to 5.6.4
    - DOC: install: update the wolfSSL required version
    - MINOR: server: Add parser support for set-proxy-v2-tlv-fmt
    - MINOR: connection: Send out generic, user-defined server TLVs
    - BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
    - MINOR: mux-h2: always use h2_send() in h2_done_ff(), not h2_process()
    - OPTIM: mux-h2: call h2_send() directly from h2_snd_buf()
    - BUG/MINOR: server: remove some incorrect free() calls on null elements

2023/10/20 : 2.9-dev8
    - MINOR: ssl: add an explicit error when 'ciphersuites' are not supported
    - BUILD: ssl: enable 'ciphersuites' for WolfSSL
    - BUILD: ssl: add 'ssl_c_r_dn' fetch for WolfSSL
    - BUILD: ssl: add 'secure_memcmp' converter for WolfSSL and awslc
    - BUILD: ssl: enable keylog for awslc
    - CLEANUP: ssl: remove compat functions for openssl < 1.0.0
    - BUILD: ssl: enable keylog for WolfSSL
    - REGTESTS: pki: add a pki for SSL tests
    - REGTESTS: ssl: update common.pem with the new pki
    - REGTESTS: ssl: disable ssl_dh.vtc for WolfSSL
    - REGTESTS: wolfssl: temporarly disable some failing reg-tests
    - CI: ssl: add wolfssl to build-ssl.sh
    - CI: ssl: add git id support for wolfssl download
    - CI: github: add a wolfssl entry to the CI
    - CI: github: update wolfssl to git revision d83f2fa
    - CI: github: add awslc 1.16.0 to the push CI
    - BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
    - REORG: quic: cleanup traces definition
    - BUG/MINOR: quic: reject packet with no frame
    - BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
    - BUG/MINOR: mux-quic: support initial 0 max-stream-data
    - BUG/MINOR: h3: strengthen host/authority header parsing
    - CLEANUP: connection: drop an uneeded leftover cast
    - BUG/MAJOR: connection: make sure to always remove a connection from the tree
    - BUG/MINOR: quic: fix qc.cids access on quic-conn fail alloc
    - BUG/MINOR: quic: fix free on quic-conn fail alloc
    - BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
    - BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
    - MEDIUM: tree-wide: logsrv struct becomes logger
    - MEDIUM: log: introduce log target
    - DOC: config: log <address> becomes log <target> in "log" related doc
    - MEDIUM: sink/log: stop relying on AF_UNSPEC for rings
    - MINOR: log: support explicit log target as argument in __do_send_log()
    - MINOR: log: remove the logger dependency in do_send_log()
    - MEDIUM: log/sink: simplify log header handling
    - MEDIUM: sink: inherit from caller fmt in ring_write() when rings didn't set one
    - MINOR: sink: add sink_new_from_srv() function
    - MAJOR: log: introduce log backends
    - MINOR: log/balance: support for the "sticky" lb algorithm
    - MINOR: log/balance: support for the "random" lb algorithm
    - MINOR: lbprm: support for the "none" hash-type function
    - MINOR: lbprm: compute the hash avalanche in gen_hash()
    - MINOR: sample: add sample_process_cnv() function
    - MEDIUM: log/balance: support for the "hash" lb algorithm
    - REGTEST: add a test for log-backend used as a log target
    - MINOR: server: introduce "log-bufsize" kw
    - BUG/MEDIUM: stconn: Report a send activity everytime data were sent
    - BUG/MEDIUM: applet: Report a send activity everytime data were sent
    - BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
    - MINOR: support for http-response set-timeout
    - BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
    - DEBUG: pool: store the memprof bin on alloc() and update it on free()
    - BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
    - CLEANUP: hlua: Remove dead-code on error path in hlua_socket_new()
    - BUG/MEDIUM: mux-h1: do not forget TLR/EOT even when no data is sent
    - BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header
    - BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
    - MEDIUM: stconn/channel: Move pipes used for the splicing in the SE descriptors
    - MINOR: stconn: Start to introduce mux-to-mux fast-forwarding notion
    - MINOR: stconn: Extend iobuf to handle a buffer in addition to a pipe
    - MINOR: connection: Add new mux callbacks to perform data fast-forwarding
    - MINOR: stconn: Temporarily remove kernel splicing support
    - MINOR: mux-pt: Temporarily remove splicing support
    - MINOR: mux-h1: Temporarily remove splicing support
    - MINOR: connection: Remove mux callbacks about splicing
    - MEDIUM: stconn: Add mux-to-mux fast-forward support
    - MINOR: mux-h1: Use HTX extra field only for responses with known length
    - MEDIUM: mux-h1: Properly handle state transitions of chunked outgoing messages
    - MEDIUM: raw-sock: Specifiy amount of data to send via snd_pipe callback
    - MINOR: mux-h1: Add function to add size of a chunk to an outgoind message
    - MEDIUM: mux-h1: Simplify zero-copy on sending path
    - MEDIUM: mux-h1: Simplify payload formatting based on HTX blocks on sending path
    - MEDIUM: mux-h1: Add fast-forwarding support
    - MINOR: h2: Set the BODYLESS_RESP flag on the HTX start-line if necessary
    - MEDIUM: mux-h2: Add consumer-side fast-forwarding support
    - MEDIUM: channel: don't look at iobuf to report an empty channel
    - MINOR: tree-wide: Only rely on co_data() to check channel emptyness
    - REGTESTS: Reenable HTTP tests about splicing
    - CLEAN: mux-h1: Remove useless __maybe_unused attribute on h1_make_chunk()
    - MEDIUM: mux-pt: Add fast-forwarding support
    - MINOR: global: Add an option to disable the zero-copy forwarding
    - BUILD: mux-h1: Fix build without kernel splicing support
    - REORG: stconn/muxes: Rename init step in fast-forwarding
    - MINOR: dgram: allow to set rcv/sndbuf for dgram sockets as well
    - BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
    - BUG/MINOR: trace: fix trace parser error reporting
    - BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
    - BUG/MEDIUM: peers: Fix synchro for huge number of tables
    - MINOR: cfgparse: forbid mixing reverse and standard listeners
    - MINOR: listener: add nbconn kw for reverse connect
    - MINOR: server: convert @reverse to rev@ standard format
    - MINOR: cfgparse: rename "rev@" prefix to "rhttp@"
    - REGTESTS: remove maxconn from rhttp bind line
    - MINOR: listener: forbid most keywords for reverse HTTP bind
    - MINOR: sample: Added support for Arrays in sample_conv_json_query in sample.c
    - MINOR: mux-h2/traces: explicitly show the error/refused stream states
    - MINOR: mux-h2/traces: clarify the "rejected H2 request" event
    - BUG/MINOR: mux-h2: commit the current stream ID even on reject
    - BUG/MINOR: mux-h2: update tracked counters with req cnt/req err

2023/10/06 : 2.9-dev7
    - MINOR: support for http-request set-timeout client
    - BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
    - CLEANUP: freq_ctr: make all freq_ctr readers take a const
    - CLEANUP: stream: make the dump code not depend on the CLI appctx
    - MINOR: stream: split stats_dump_full_strm_to_buffer() in two
    - CLEANUP: stream: use const filters in the dump function
    - CLEANUP: stream: make strm_dump_to_buffer() take a const stream
    - MINOR: stream: make strm_dump_to_buffer() take an arbitrary buffer
    - MINOR: stream: make strm_dump_to_buffer() show the list of filters
    - MINOR: stream: make stream_dump() always multi-line
    - MINOR: streams: add support for line prefixes to strm_dump_to_buffer()
    - MEDIUM: stream: now provide full stream dumps in case of loops
    - MINOR: debug: use the more detailed stream dump in panics
    - CLEANUP: stream: remove the now unused stream_dump() function
    - Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
    - MINOR: stream: fix output alignment of stuck thread dumps
    - BUG/MINOR: proto_reverse_connect: fix FD leak on connection error
    - BUG/MINOR: tcp_act: fix attach-srv rule ACL parsing
    - MINOR: connection: define error for reverse connect
    - MINOR: connection: define mux flag for reverse support
    - MINOR: tcp_act: remove limitation on protocol for attach-srv
    - BUG/MINOR: proto_reverse_connect: fix FD leak upon connect
    - BUG/MAJOR: plock: fix major bug in pl_take_w() introduced with EBO
    - Revert "MEDIUM: sample: Small fix in function check_operator for eror reporting"
    - DOC: sample: Add a comment in 'check_operator' to explain why 'vars_check_arg' should ignore the 'err' buffer
    - DEV: sslkeylogger: handle file opening error
    - MINOR: quic: define quic-socket bind setting
    - MINOR: quic: handle perm error on bind during runtime
    - MINOR: backend: refactor specific source address allocation
    - MINOR: proto_reverse_connect: support source address setting
    - BUILD: pool: Fix GCC error about potential null pointer dereference
    - MINOR: hlua: Set context's appctx when the lua socket is created
    - MINOR: hlua: Don't preform operations on a not connected socket
    - MINOR: hlua: Save the lua socket's timeout in its context
    - MINOR: hlua: Save the lua socket's server in its context
    - MINOR: hlua: Test the hlua struct first when the lua socket is connecting
    - BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
    - DEBUG: mux-h1: Fix event label from trace messages about payload formatting
    - BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
    - BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
    - BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
    - REGTESTS: filters: Don't set C-L header in the successful response to CONNECT
    - MINOR: mux-h1: Add flags if outgoing msg contains a header about its payload
    - MINOR: mux-h1: Rely on H1S_F_HAVE_CHNK to add T-E in outgoing messages
    - BUG/MEDIUM: mux-h1: Add C-L header in outgoing message if it was removed
    - BUG/MEDIUM: mux-h1; Ignore headers modifications about payload representation
    - BUG/MINOR: h1-htx: Keep flags about C-L/T-E during HEAD response parsing
    - MINOR: h1-htx: Declare successful tunnel establishment as bodyless
    - BUILD: quic: allow USE_QUIC to work with AWSLC
    - CI: github: add USE_QUIC=1 to aws-lc build
    - BUG/MINOR: hq-interop: simplify parser requirement
    - MEDIUM: cache: Add "Origin" header to secondary cache key
    - MINOR: haproxy: permit to register features during boot
    - MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode
    - MINOR: stktable: "stick" requires TCP or HTTP mode
    - MINOR: filter: "filter" requires TCP or HTTP mode
    - MINOR: backend/balance: "balance" requires TCP or HTTP mode
    - MINOR: flt_http_comp: "compression" requires TCP or HTTP mode
    - MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode
    - MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode
    - MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode
    - MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode
    - MINOR: proxy: dynamic-cookie CLIs require TCP or HTTP mode
    - MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode
    - MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http()
    - MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode
    - DOC: config: unify "log" directive doc
    - MINOR: sink/log: fix some typos around postparsing logic
    - MINOR: sink: remove useless check after sink creation
    - MINOR: sink: don't rely on p->parent in sink appctx
    - MINOR: sink: don't rely on forward_px to init sink forwarding
    - MINOR: sink: refine forward_px usage
    - MINOR: sink: function to add new sink servers
    - BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
    - BUG/MEDIUM: actions: always apply a longest match on prefix lookup

2023/09/22 : 2.9-dev6
    - BUG/MINOR: quic: fdtab array underflow access
    - DEBUG: pools: always record the caller for uncached allocs as well
    - DEBUG: pools: pass the caller pointer to the check functions and macros
    - DEBUG: pools: make pool_check_pattern() take a pointer to the pool
    - DEBUG: pools: inspect pools on fatal error and dump information found
    - BUG/MEDIUM: quic: quic_cc_conn ->cntrs counters unreachable
    - DEBUG: pools: also print the item's pointer when crashing
    - DEBUG: pools: also print the value of the tag when it doesn't match
    - DEBUG: pools: print the contents surrounding the expected tag location
    - MEDIUM: pools: refine pool size rounding
    - BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
    - BUG/MINOR: hlua/init: coroutine may not resume itself
    - BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
    - BUG/MINOR: promex: fix backend_agg_check_status
    - BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
    - MAJOR: import: update mt_list to support exponential back-off
    - CLEANUP: pools: simplify the pool expression when no pool was matched in dump
    - MINOR: samples: implement bytes_in and bytes_out samples
    - DOC: configuration: add %[req.ver] sample to %HV
    - BUG/MINOR: quic: Leak of frames to send.
    - DOC: configuration: add %[query] to %HQ
    - BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
    - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
    - BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
    - Revert "MAJOR: import: update mt_list to support exponential back-off"
    - BUG/MINOR: server: add missing free for server->rdr_pfx
    - REGTESTS: ssl: skip OCSP test w/ WolfSSL
    - REGTESTS: ssl: skip generate-certificates test w/ wolfSSL
    - MINOR: logs: clarify the check of the log range
    - MINOR: log: remove the unused curr_idx in struct smp_log_range
    - CLEANUP: logs: rename a confusing local variable "curr_rg" to "smp_rg"
    - MINOR: logs: use a single index to store the current range and index
    - MEDIUM: logs: atomically check and update the log sample index
    - CLEANUP: ring: rename the ring lock "RING_LOCK" instead of "LOGSRV_LOCK"
    - BUG/MEDIUM: http-ana: Try to handle response before handling server abort
    - MEDIUM: tools/ip: v4tov6() and v6tov4() rework
    - MINOR: pattern/ip: offload ip conversion logic to helper functions
    - MINOR: pattern: fix pat_{parse,match}_ip() function comments
    - MINOR: pattern/ip: simplify pat_match_ip() function
    - BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
    - MINOR: hlua: Add support for the "http-after-res" action
    - BUG/MINOR: proto_reverse_connect: fix preconnect with startup name resolution
    - MINOR: proto_reverse_connect: prevent transparent server for pre-connect
    - CI: cirrus-ci: display gdb bt if any
    - MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments
    - MEDIUM: sample: Small fix in function check_operator for eror reporting
    - MINOR: quic: handle external extra CIDs generator.
    - BUG/MINOR: proto_reverse_connect: set default maxconn
    - MINOR: proto_reverse_connect: refactor preconnect failure
    - MINOR: proto_reverse_connect: remove unneeded wakeup
    - MINOR: proto_reverse_connect: emit log for preconnect

2023/09/08 : 2.9-dev5
    - BUG/MEDIUM: mux-h2: fix crash when checking for reverse connection after error
    - BUILD: import: guard plock.h against multiple inclusion
    - BUILD: pools: import plock.h to build even without thread support
    - BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate
    - BUG/MINOR: stream: protect stream_dump() against incomplete streams
    - DOC: config: mention uid dependency on the tune.quic.socket-owner option
    - MEDIUM: capabilities: enable support for Linux capabilities
    - CLEANUP/MINOR: connection: Improve consistency of PPv2 related constants
    - MEDIUM: connection: Generic, list-based allocation and look-up of PPv2 TLVs
    - MEDIUM: sample: Add fetch for arbitrary TLVs
    - MINOR: sample: Refactor fc_pp_authority by wrapping the generic TLV fetch
    - MINOR: sample: Refactor fc_pp_unique_id by wrapping the generic TLV fetch
    - MINOR: sample: Add common TLV types as constants for fc_pp_tlv
    - MINOR: ssl_sock: avoid iterating realloc(+1) on stored context
    - DOC: ssl: add some comments about the non-obvious session allocation stuff
    - CLEANUP: ssl: keep a pointer to the server in ssl_sock_init()
    - MEDIUM: ssl_sock: always use the SSL's server name, not the one from the tid
    - MEDIUM: server/ssl: place an rwlock in the per-thread ssl server session
    - MINOR: server/ssl: maintain an index of the last known valid SSL session
    - MINOR: server/ssl: clear the shared good session index on failure
    - MEDIUM: server/ssl: pick another thread's session when we have none yet
    - MINOR: activity: report the current run queue size
    - BUG/MINOR: checks: do not queue/wake a bounced check
    - MINOR: checks: start the checks in sleeping state
    - MINOR: checks: pin the check to its thread upon wakeup
    - MINOR: check: remember when we migrate a check
    - MINOR: check/activity: collect some per-thread check activity stats
    - MINOR: checks: maintain counters of active checks per thread
    - MINOR: check: also consider the random other thread's active checks
    - MEDIUM: checks: search more aggressively for another thread on overload
    - MEDIUM: checks: implement a queue in order to limit concurrent checks
    - MINOR: checks: also consider the thread's queue for rebalancing
    - DEBUG: applet: Properly report opposite SC expiration dates in traces
    - BUG/MEDIUM: stconn: Update stream expiration date on blocked sends
    - BUG/MINOR: stconn: Don't report blocked sends during connection establishment
    - BUG/MEDIUM: stconn: Wake applets on sending path if there is a pending shutdown
    - BUG/MEDIUM: stconn: Don't block sends if there is a pending shutdown
    - BUG/MINOR: quic: Possible skipped RTT sampling
    - MINOR: quic: Add a trace to quic_release_frm()
    - BUG/MAJOR: quic: Really ignore malformed ACK frames.
    - BUG/MINOR: quic: Unchecked pointer to packet number space dereferenced
    - BUG/MEDIUM: connection: fix pool free regression with recent ppv2 TLV patches
    - BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer
    - BUG/MINOR: stream: further protect stream_dump() against incomplete sessions
    - DOC: configuration: update examples for req.ver
    - MINOR: properly mark the end of the CLI command in error messages
    - BUILD: ssl: Build with new cryptographic library AWS-LC
    - REGTESTS: ssl: skip ssl_dh test with AWS-LC
    - BUILD: bug: make BUG_ON() void to avoid a rare warning
    - BUILD: checks: shut up yet another stupid gcc warning
    - MINOR: cpuset: add ha_cpuset_isset() to check for the presence of a CPU in a set
    - MINOR: cpuset: add ha_cpuset_or() to bitwise-OR two CPU sets
    - MINOR: cpuset: centralize a reliable bound cpu detection
    - MEDIUM: threads: detect incomplete CPU bindings
    - MEDIUM: threads: detect excessive thread counts vs cpu-map
    - BUILD: quic: Compilation issue on 32-bits systems with quic_may_send_bytes()
    - BUG/MINOR: quic: Unchecked pointer to Handshake packet number space
    - MINOR: global: export the display_version() symbol
    - MEDIUM: mworker: display a more accessible message when a worker crash
    - MINOR: httpclient: allow to configure the retries
    - MINOR: httpclient: allow to configure the timeout.connect
    - BUG/MINOR: quic: Wrong RTT adjusments
    - BUG/MINOR: quic: Wrong RTT computation (srtt and rrt_var)
    - BUG/MINOR: stconn: Don't inhibit shutdown on connection on error
    - BUG/MEDIUM: applet: Fix API for function to push new data in channels buffer
    - BUG/MEDIUM: stconn: Report read activity when a stream is attached to front SC
    - BUG/MEDIUM: applet: Report an error if applet request more room on aborted SC
    - BUG/MEDIUM: stconn/stream: Forward shutdown on write timeout
    - NUG/MEDIUM: stconn: Always update stream's expiration date after I/O
    - BUG/MINOR: applet: Always expect data when CLI is waiting for a new command
    - BUG/MINOR: ring/cli: Don't expect input data when showing events
    - BUG/MINOR: quic: Dereferenced unchecked pointer to Handshke packet number space
    - BUG/MINOR: hlua/action: incorrect message on E_YIELD error
    - MINOR: http_ana: position the FINAL flag for http_after_res execution
    - CI: scripts: add support to build-ssl.sh to download and build AWS-LC
    - CI: add support to matrix.py to determine the latest AWS-LC release
    - CI: Update matrix.py so all code is contained in functions.
    - CI: github: Add a weekly CI run building with AWS-LC
    - MINOR: ring: add a function to compute max ring payload
    - BUG/MEDIUM: ring: adjust maxlen consistency check
    - MINOR: sink: simplify post_sink_resolve function
    - MINOR: log/sink: detect when log maxlen exceeds sink size
    - MINOR: sink: inform the user when logs will be implicitly truncated
    - MEDIUM: sink: don't perform implicit truncations when maxlen is not set
    - MINOR: log: move log-forwarders cleanup in log.c
    - MEDIUM: httpclient/logs: rely on per-proxy post-check instead of global one
    - MINOR: log: add dup_logsrv() helper function
    - MEDIUM: log/sink: make logsrv postparsing more generic
    - MEDIUM: fcgi-app: properly postresolve logsrvs
    - MEDIUM: spoe-agent: properly postresolve log rings
    - MINOR: sink: add helper function to deallocate sink struct
    - MEDIUM: sink/ring: introduce high level ring creation helper function
    - MEDIUM: sink: add sink_finalize() function
    - CLEANUP: log: remove unnecessary trim in __do_send_log
    - MINOR: cache: Change hash function in default normalizer used in case of "vary"
    - MINOR: tasks/stats: report the number of niced tasks in "show info"
    - CI: Update to actions/checkout@v4
    - MINOR: ssl: add support for 'curves' keyword on server lines
    - BUG/MINOR: quic: Wrong cluster secret initialization
    - CLEANUP: quic: Remove useless free_quic_tx_pkts() function.
    - MEDIUM: init: initialize the trash earlier
    - MINOR: tools: add function read_line_to_trash() to read a line of a file
    - MINOR: cfgparse: use read_line_from_trash() to read from /sys
    - MEDIUM: cfgparse: assign NUMA affinity to cpu-maps
    - MINOR: cpuset: dynamically allocate cpu_map
    - REORG: cpuset: move parse_cpu_set() and parse_cpumap() to cpuset.c
    - CI: musl: highlight section if there are coredumps
    - CI: musl: drop shopt in workflow invocation

2023/08/25 : 2.9-dev4
    - DEV: flags/show-sess-to-flags: properly decode fd.state
    - BUG/MINOR: stktable: allow sc-set-gpt(0) from tcp-request connection
    - BUG/MINOR: stktable: allow sc-add-gpc from tcp-request connection
    - DOC: typo: fix sc-set-gpt references
    - SCRIPTS: git-show-backports: automatic ref and base detection with -m
    - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (3)
    - DOC: jwt: Add explicit list of supported algorithms
    - BUILD: Makefile: add the USE_QUIC option to make help
    - BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
    - BUILD: Makefile: realigned USE_* options in make help
    - DEV: makefile: fix POSIX compatibility for "range" target
    - IMPORT: plock: also support inlining the int code
    - IMPORT: plock: always expose the inline version of the lock wait function
    - IMPORT: lorw: support inlining the wait call
    - MINOR: threads: inline the wait function for pthread_rwlock emulation
    - MINOR: atomic: make sure to always relax after a failed CAS
    - MINOR: pools: use EBO to wait for unlock during pool_flush()
    - BUILD/IMPORT: fix compilation with PLOCK_DISABLE_EBO=1
    - MINOR: quic+openssl_compat: Do not start without "limited-quic"
    - MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
    - BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
    - BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
    - MINOR: pattern: do not needlessly lookup the LRU cache for empty lists
    - IMPORT: xxhash: update xxHash to version 0.8.2
    - MINOR: proxy: simplify parsing 'backend/server'
    - MINOR: connection: centralize init/deinit of backend elements
    - MEDIUM: connection: implement passive reverse
    - MEDIUM: h2: reverse connection after SETTINGS reception
    - MINOR: server: define reverse-connect server
    - MINOR: backend: only allow reuse for reverse server
    - MINOR: tcp-act: parse 'tcp-request attach-srv' session rule
    - REGTESTS: provide a reverse-server test
    - MINOR: tcp-act: define optional arg name for attach-srv
    - MINOR: connection: use attach-srv name as SNI reuse parameter on reverse
    - REGTESTS: provide a reverse-server test with name argument
    - MINOR: proto: define dedicated protocol for active reverse connect
    - MINOR: connection: extend conn_reverse() for active reverse
    - MINOR: proto_reverse_connect: parse rev@ addresses for bind
    - MINOR: connection: prepare init code paths for active reverse
    - MEDIUM: proto_reverse_connect: bootstrap active reverse connection
    - MINOR: proto_reverse_connect: handle early error before reversal
    - MEDIUM: h2: implement active connection reversal
    - MEDIUM: h2: prevent stream opening before connection reverse completed
    - REGTESTS: write a full reverse regtest
    - BUG/MINOR: h2: fix reverse if no timeout defined
    - CI: fedora: fix "dnf" invocation syntax
    - BUG/MINOR: hlua_fcn: potentially unsafe stktable_data_ptr usage
    - DOC: lua: fix Sphinx warning from core.get_var()
    - DOC: lua: fix core.register_action typo
    - BUG/MINOR: ssl_sock: fix possible memory leak on OOM
    - MEDIUM: map/acl: Improve pat_ref_set() efficiency (for "set-map", "add-acl" action perfs)
    - MEDIUM: map/acl: Improve pat_ref_set_elt() efficiency (for "set-map", "add-acl"action perfs)
    - MEDIUM: map/acl: Accelerate several functions using pat_ref_elt struct ->head list
    - MEDIUM: map/acl: Replace map/acl spin lock by a read/write lock.
    - DOC: map/acl: Remove the comments about map/acl performance issue
    - DOC: Explanation of be_name and be_id fetches
    - MINOR: connection: simplify removal of idle conns from their trees
    - MINOR: server: move idle tree insert in a dedicated function
    - MAJOR: connection: purge idle conn by last usage

2023/08/12 : 2.9-dev3
    - BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX
    - BUG/MEDIUM: h3: Properly report a C-L header was found to the HTX start-line
    - MINOR: sample: add pid sample
    - MINOR: sample: implement act_conn sample fetch
    - MINOR: sample: accept_date / request_date return %Ts / %tr timestamp values
    - MEDIUM: sample: implement us and ms variant of utime and ltime
    - BUG/MINOR: sample: check alloc_trash_chunk() in conv_time_common()
    - DOC: configuration: describe Td in Timing events
    - MINOR: sample: implement the T* timer tags from the log-format as fetches
    - DOC: configuration: add sample fetches for timing events
    - BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets
    - MINOR: quic: Export QUIC traces code from quic_conn.c
    - MINOR: quic: Export QUIC CLI code from quic_conn.c
    - MINOR: quic: Move TLS related code to quic_tls.c
    - MINOR: quic: Add new "QUIC over SSL" C module.
    - MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements
    - CLEANUP: quic: Defined but no more used function (quic_get_tls_enc_levels())
    - MINOR: quic: Split QUIC connection code into three parts
    - CLEANUP: quic: quic_conn struct cleanup
    - MINOR: quic; Move the QUIC frame pool to its proper location
    - BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full
    - BUG/MEDIUM: h3: Be sure to handle fin bit on the last DATA frame
    - DOC: configuration: rework the custom log format table
    - BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
    - CLEANUP: acl: remove cache_idx from acl struct
    - REORG: cfgparse: extract curproxy as a global variable
    - MINOR: acl: add acl() sample fetch
    - BUILD: cfgparse: keep a single "curproxy"
    - BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends
    - MEDIUM: stream: Reset response analyse expiration date if there is no analyzer
    - BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used
    - BUG/MEDIUM: quic: consume contig space on requeue datagram
    - BUG/MINOR: http-client: Don't forget to commit changes on HTX message
    - CLEANUP: stconn: Move comment about sedesc fields on the field line
    - REGTESTS: http: Create a dedicated script to test spliced bodyless responses
    - REGTESTS: Test SPLICE feature is enabled to execute script about splicing
    - BUG/MINOR: quic: reappend rxbuf buffer on fake dgram alloc error
    - BUILD: quic: fix wrong potential NULL dereference
    - MINOR: h3: abort request if not completed before full response
    - BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement
    - CLEANUP: quic: Remove quic_path_room().
    - MINOR: quic: Amplification limit handling sanitization.
    - MINOR: quic: Move some counters from [rt]x quic_conn anonymous struct
    - MEDIUM: quic: Send CONNECTION_CLOSE packets from a dedicated buffer.
    - MINOR: quic: Use a pool for the connection ID tree.
    - MEDIUM: quic: Allow the quic_conn memory to be asap released.
    - MINOR: quic: Release asap quic_conn memory (application level)
    - MINOR: quic: Release asap quic_conn memory from ->close() xprt callback.
    - MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
    - REORG: http: move has_forbidden_char() from h2.c to http.h
    - BUG/MAJOR: h3: reject header values containing invalid chars
    - MINOR: mux-h2/traces: also suggest invalid header upon parsing error
    - MINOR: ist: add new function ist_find_range() to find a character range
    - MINOR: http: add new function http_path_has_forbidden_char()
    - MINOR: h2: pass accept-invalid-http-request down the request parser
    - REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
    - BUG/MINOR: h1: do not accept '#' as part of the URI component
    - BUG/MINOR: h2: reject more chars from the :path pseudo header
    - BUG/MINOR: h3: reject more chars from the :path pseudo header
    - REGTESTS: http-rules: verify that we block '#' by default for normalize-uri
    - DOC: clarify the handling of URL fragments in requests
    - BUG/MAJOR: http: reject any empty content-length header value
    - BUG/MINOR: http: skip leading zeroes in content-length values
    - BUG/MEDIUM: mux-h1: fix incorrect state checking in h1_process_mux()
    - BUG/MEDIUM: mux-h1: do not forget EOH even when no header is sent
    - BUILD: mux-h1: shut a build warning on clang from previous commit
    - DEV: makefile: add a new "range" target to iteratively build all commits
    - CI: do not use "groupinstall" for Fedora Rawhide builds
    - CI: get rid of travis-ci wrapper for Coverity scan
    - BUG/MINOR: quic: mux started when releasing quic_conn
    - BUG/MINOR: quic: Possible crash in quic_cc_conn_io_cb() traces.
    - MINOR: quic: Add a trace for QUIC conn fd ready for receive
    - BUG/MINOR: quic: Possible crash when issuing "show fd/sess" CLI commands
    - BUG/MINOR: quic: Missing tasklet (quic_cc_conn_io_cb) memory release (leak)
    - BUG/MEDIUM: quic: fix tasklet_wakeup loop on connection closing
    - BUG/MINOR: hlua: fix invalid use of lua_pop on error paths
    - MINOR: hlua: add hlua_stream_ctx_prepare helper function
    - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
    - MAJOR: threads/plock: update the embedded library again
    - MINOR: stick-table: move the task_queue() call outside of the lock
    - MINOR: stick-table: move the task_wakeup() call outside of the lock
    - MEDIUM: stick-table: change the ref_cnt atomically
    - MINOR: stick-table: better organize the struct stktable
    - MEDIUM: peers: update ->commitupdate out of the lock using a CAS
    - MEDIUM: peers: drop then re-acquire the wrlock in peer_send_teachmsgs()
    - MEDIUM: peers: only read-lock peer_send_teachmsgs()
    - MEDIUM: stick-table: use a distinct lock for the updates tree
    - MEDIUM: stick-table: touch updates under an upgradable read lock
    - MEDIUM: peers: drop the stick-table lock before entering peer_send_teachmsgs()
    - MINOR: stick-table: move the update lock into its own cache line
    - CLEANUP: stick-table: slightly reorder the stktable struct
    - BUILD: defaults: use __WORDSIZE not LONGBITS for MAX_THREADS_PER_GROUP
    - MINOR: tools: make ptr_hash() support 0-bit outputs
    - MINOR: tools: improve ptr hash distribution on 64 bits
    - OPTIM: tools: improve hash distribution using a better prime seed
    - OPTIM: pools: use exponential back-off on shared pool allocation/release
    - OPTIM: pools: make pool_get_from_os() / pool_put_to_os() not update ->allocated
    - MINOR: pools: introduce the use of multiple buckets
    - MEDIUM: pools: spread the allocated counter over a few buckets
    - MEDIUM: pools: move the used counter over a few buckets
    - MEDIUM: pools: move the needed_avg counter over a few buckets
    - MINOR: pools: move the failed allocation counter over a few buckets
    - MAJOR: pools: move the shared pool's free_list over multiple buckets
    - MINOR: pools: make pool_evict_last_items() use pool_put_to_os_no_dec()
    - BUILD: pools: fix build error on clang with inline vs forceinline

2023/07/21 : 2.9-dev2
    - BUG/MINOR: quic: Possible leak when allocating an encryption level
    - BUG/MINOR: quic: Missing QUIC connection path member initialization
    - BUILD: quic: Compilation fixes for some gcc warnings with -O1
    - DOC: ssl: Fix typo in 'ocsp-update' option
    - DOC: ssl: Add ocsp-update troubleshooting clues and emphasize on crt-list only aspect
    - BUG/MINOR: tcp_sample: bc_{dst,src} return IP not INT
    - MEDIUM: acl/sample: unify sample conv parsing in a single function
    - MINOR: sample: introduce c_pseudo() conv function
    - MEDIUM: sample: add missing ADDR=>? compatibility matrix entries
    - MINOR: sample: fix ipmask sample definition
    - MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR
    - MEDIUM: sample: introduce 'same' output type
    - BUG/MINOR: quic: Possible crash in "show quic" dumping packet number spaces
    - BUG/MINOR: cache: A 'max-age=0' cache-control directive can be overriden by a s-maxage
    - BUG/MEDIUM: sink: invalid server list in sink_new_from_logsrv()
    - BUG/MINOR: http_ext: unhandled ERR_ABORT in proxy_http_parse_7239()
    - BUG/MINOR: sink: missing sft free in sink_deinit()
    - BUG/MINOR: ring: size warning incorrectly reported as fatal error
    - BUG/MINOR: ring: maxlen warning reported as alert
    - BUG/MINOR: log: LF upsets maxlen for UDP targets
    - MINOR: sink/api: pass explicit maxlen parameter to sink_write()
    - BUG/MEDIUM: log: improper use of logsrv->maxlen for buffer targets
    - BUG/MINOR: log: fix missing name error message in cfg_parse_log_forward()
    - BUG/MINOR: log: fix multiple error paths in cfg_parse_log_forward()
    - BUG/MINOR: log: free errmsg on error in cfg_parse_log_forward()
    - BUG/MINOR: sink: invalid sft free in sink_deinit()
    - BUG/MINOR: sink: fix errors handling in cfg_post_parse_ring()
    - BUG/MINOR: server: set rid default value in new_server()
    - MINOR: hlua_fcn/mailers: handle timeout mail from mailers section
    - BUG/MINOR: sink/log: properly deinit srv in sink_new_from_logsrv()
    - EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script
    - BUG/MINOR: hlua_fcn/queue: use atomic load to fetch queue size
    - BUG/MINOR: config: Remove final '\n' in error messages
    - BUG/MINOR: config: Lenient port configuration parsing
    - BUG/MEDIUM: quic: token IV was not computed using a strong secret
    - BUG/MINOR: quic: retry token remove one useless intermediate expand
    - BUG/MEDIUM: quic: missing check of dcid for init pkt including a token
    - BUG/MEDIUM: quic: timestamp shared in token was using internal time clock
    - CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt
    - BUG/MINOR: hlua: hlua_yieldk ctx argument should support pointers
    - BUG/MEDIUM: hlua_fcn/queue: bad pop_wait sequencing
    - DOC: config: Fix fc_src description to state the source address is returned
    - BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters
    - BUG/MINOR: http: Return the right reason for 302
    - MEDIUM: ssl: new sample fetch method to get curve name
    - CI: add naming convention documentation
    - CI: explicitely highlight VTest result section if there's something
    - BUG/MINOR: quic: Unckecked encryption levels availability
    - BUILD: quic: fix warning during compilation using gcc-6.5
    - BUG/MINOR: hlua: add check for lua_newstate
    - BUG/MINOR: h1-htx: Return the right reason for 302 FCGI responses
    - MINOR: lua: Allow reading "proc." scoped vars from LUA core.
    - MINOR: cpuset: add cpu_map_configured() to know if a cpu-map was found
    - BUG/MINOR: config: do not detect NUMA topology when cpu-map is configured
    - BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct
    - BUG/MINOR: init: set process' affinity even in foreground
    - CLEANUP: cpuset: remove the unused proc_t1 field in cpu_map
    - CLEANUP: config: make parse_cpu_set() return documented values
    - BUG/MINOR: server: Don't warn on server resolution failure with init-addr none
    - MINOR: peers: add peers keyword registration
    - MINOR: quic: Stop storing the TX encoded transport parameters
    - MINOR: quic: Dynamic allocation for negotiated Initial TLS cipher context.
    - MINOR: quic: Release asap the negotiated Initial TLS context.
    - MINOR: quic: Add traces to qc_may_build_pkt()
    - MEDIUM: quic: Packet building rework.
    - CLEANUP: quic: Remove a useless TLS related variable from quic_conn_io_cb().
    - MEDIUM: quic: Handshake I/O handler rework.
    - MINOR: quic: Add traces for qc_frm_free()
    - MINOR: quic: add trace about pktns packet/frames releasing
    - BUG/MINOR: quic: Missing parentheses around PTO probe variable.
    - MINOR: quic: Ping from Initial pktns before reaching anti-amplification limit
    - BUG/MINOR: server-state: Ignore empty files
    - BUG/MINOR: server-state: Avoid warning on 'file not found'
    - BUG/MEDIUM: listener: Acquire proxy's lock in relax_listener() if necessary
    - MINOR: quic: QUIC openssl wrapper implementation
    - MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
    - MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
    - MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
    - MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
    - MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
    - MINOR: quic: Export some KDF functions (QUIC-TLS)
    - MINOR: quic: Make ->set_encryption_secrets() be callable two times
    - MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
    - MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
    - MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
    - MINOR: quic: Useless call to SSL_CTX_set_quic_method()
    - MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
    - MINOR: quic: Missing encoded transport parameters for QUIC OpenSSL wrapper
    - MINOR: quic: Add "limited-quic" new tuning setting
    - DOC: quic: Add "limited-quic" new tuning setting
    - DOC: install: Document how to build a limited support for QUIC

2023/07/02 : 2.9-dev1
    - BUG/MINOR: stats: Fix Lua's `get_stats` function
    - MINOR: stats: protect against future stats fields omissions
    - BUG/MINOR: stream: do not use client-fin/server-fin with HTX
    - BUG/MINOR: quic: Possible crash when SSL session init fails
    - CONTRIB: Add vi file extensions to .gitignore
    - BUG/MINOR: spoe: Only skip sending new frame after a receive attempt
    - BUG/MINOR: peers: Improve detection of config errors in peers sections
    - REG-TESTS: stickiness: Delay haproxys start to properly resolv variables
    - DOC: quic: fix misspelled tune.quic.socket-owner
    - DOC: config: fix jwt_verify() example using var()
    - DOC: config: fix rfc7239 converter examples (again)
    - BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line
    - BUG/MINOR: proxy: add missing interface bind free in free_proxy
    - BUG/MINOR: proxy/server: free default-server on deinit
    - BUG/MEDIUM: hlua: Use front SC to detect EOI in HTTP applets' receive functions
    - BUG/MINOR: ssl: log message non thread safe in SSL Hanshake failure
    - BUG/MINOR: quic: Wrong encryption level flags checking
    - BUG/MINOR: quic: Address inversion in "show quic full"
    - BUG/MINOR: server: inherit from netns in srv_settings_cpy()
    - BUG/MINOR: namespace: missing free in netns_sig_stop()
    - BUG/MINOR: quic: Missing initialization (packet number space probing)
    - BUG/MINOR: quic: Possible crash in quic_conn_prx_cntrs_update()
    - BUG/MINOR: quic: Possible endless loop in quic_lstnr_dghdlr()
    - MINOR: quic: Remove pool_zalloc() from qc_new_conn()
    - MINOR: quic: Remove pool_zalloc() from qc_conn_alloc_ssl_ctx()
    - MINOR: quic: Remove pool_zalloc() from quic_dgram_parse()
    - BUG/MINOR: quic: Missing transport parameters initializations
    - BUG/MEDIUM: mworker: increase maxsock with each new worker
    - BUG/MINOR: quic: ticks comparison without ticks API use
    - BUG/MINOR: quic: Missing TLS secret context initialization
    - DOC: Add tune.h2.be.* and tune.h2.fe.* options to table of contents
    - DOC: Add tune.h2.max-frame-size option to table of contents
    - DOC: Attempt to fix dconv parsing error for tune.h2.fe.initial-window-size
    - REGTESTS: h1_host_normalization : Add a barrier to not mix up log messages
    - MEDIUM: mux-h1: Split h1_process_mux() to make code more readable
    - REORG: mux-h1: Rename functions to emit chunk size/crlf in the output buffer
    - MINOR: mux-h1: Add function to append the chunk size to the output buffer
    - MINOR: mux-h1: Add function to prepend the chunk crlf to the output buffer
    - MEDIUM: filters/htx: Don't rely on HTX extra field if payload is filtered
    - MEDIIM: mux-h1: Add splicing support for chunked messages
    - REGTESTS: Add a script to test the kernel splicing with chunked messages
    - CLEANUP: mux-h1: Remove useless __maybe_unused statement
    - BUG/MINOR: http_ext: fix if-none regression in forwardfor option
    - REGTEST: add an extra testcase for ifnone-forwardfor
    - BUG/MINOR: mworker: leak of a socketpair during startup failure
    - BUG/MINOR: quic: Prevent deadlock with CID tree lock
    - MEDIUM: ssl: handle the SSL_ERROR_ZERO_RETURN during the handshake
    - BUG/MINOR: ssl: SSL_ERROR_ZERO_RETURN returns CO_ER_SSL_EMPTY
    - BUILD: mux-h1: silence a harmless fallthrough warning
    - BUG/MEDIUM: quic: error checking buffer large enought to receive the retry tag
    - MINOR: ssl: allow to change the server signature algorithm on server lines
    - MINOR: ssl: allow to change the client-sigalgs on server lines
    - BUG/MINOR: config: fix stick table duplicate name check
    - BUG/MINOR: quic: Missing random bits in Retry packet header
    - BUG/MINOR: quic: Wrong Retry paquet version field endianess
    - BUG/MINOR: quic: Wrong endianess for version field in Retry token
    - IMPORT: slz: implement a synchronous flush() operation
    - MINOR: compression/slz: add support for a pure flush of pending bytes
    - MINOR: quic: Move QUIC TLS encryption level related code (quic_conn_enc_level_init())
    - MINOR: quic: Move QUIC encryption level structure definition
    - MINOR: quic: Implement a packet number space identification function
    - MINOR: quic: Move packet number space related functions
    - MEDIUM: quic: Dynamic allocations of packet number spaces
    - CLEANUP: quic: Remove qc_list_all_rx_pkts() defined but not used
    - MINOR: quic: Add a pool for the QUIC TLS encryption levels
    - MEDIUM: quic: Dynamic allocations of QUIC TLS encryption levels
    - MINOR: quic: Reduce the maximum length of TLS secrets
    - CLEANUP: quic: Remove two useless pools a low QUIC connection level
    - MEDIUM: quic: Handle the RX in one pass
    - MINOR: quic: Remove call to qc_rm_hp_pkts() from I/O callback
    - CLEANUP: quic: Remove server specific about Initial packet number space
    - MEDIUM: quic: Release encryption levels and packet number spaces asap
    - CLEANUP: quic: Remove a useless test about discarded pktns (qc_handle_crypto_frm())
    - MINOR: quic: Move the packet number space status at quic_conn level
    - MINOR: quic: Drop packet with type for discarded packet number space.
    - BUILD: quic: Add a DISGUISE() to please some compiler to qc_prep_hpkts() 1st parameter
    - BUILD: debug: avoid a build warning related to epoll_wait() in debug code

2023/05/31 : 2.9-dev0
    - MINOR: version: mention that it's development again

2023/05/31 : 2.8.0
    - MINOR: compression: Improve the way Vary header is added
    - BUILD: makefile: search for SSL_INC/wolfssl before SSL_INC
    - MINOR: init: pre-allocate kernel data structures on init
    - DOC: install: add details about WolfSSL
    - BUG/MINOR: ssl_sock: add check for ha_meth
    - BUG/MINOR: thread: add a check for pthread_create
    - BUILD: init: print rlim_cur as regular integer
    - DOC: install: specify the minimum openssl version recommended
    - CLEANUP: mux-quic: remove unneeded fields in qcc
    - MINOR: mux-quic: remove nb_streams from qcc
    - MINOR: quic: fix stats naming for flow control BLOCKED frames
    - BUG/MEDIUM: mux-quic: only set EOI on FIN
    - BUG/MEDIUM: threads: fix a tiny race in thread_isolate()
    - DOC: config: fix rfc7239 converter examples
    - DOC: quic: remove experimental status for QUIC
    - CLEANUP: mux-quic: rename functions for mux_ops
    - CLEANUP: mux-quic: rename internal functions
    - BUG/MINOR: mux-h2: refresh the idle_timer when the mux is empty
    - DOC: config: Fix bind/server/peer documentation in the peers section
    - BUILD: Makefile: use -pthread not -lpthread when threads are enabled
    - CLEANUP: doc: remove 21 totally obsolete docs
    - DOC: install: mention the common strict-aliasing warning on older compilers
    - DOC: install: clarify a few points on the wolfSSL build method
    - MINOR: quic: Add QUIC connection statistical counters values to "show quic"
    - EXAMPLES: update the basic-config-edge file for 2.8
    - MINOR: quic/cli: clarify the "show quic" help message
    - MINOR: version: mention that it's LTS now.

2023/05/24 : 2.8-dev13
    - DOC: add size format section to manual
    - CLEANUP: mux-quic/h3: complete BUG_ON with comments
    - MINOR: quic: remove return val of quic_aead_iv_build()
    - MINOR: quic: use WARN_ON for encrypt failures
    - BUG/MINOR: quic: handle Tx packet allocation failure properly
    - MINOR: quic: fix alignment of oneline show quic
    - MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone
    - MEDIUM: stconn: make the SE_FL_ERR_PENDING to ERROR transition systematic
    - DOC: internal: add a bit of documentation for the stconn closing conditions
    - DOC/MINOR: config: Fix typo in description for `ssl_bc` in configuration.txt
    - BUILD: quic: re-enable chacha20_poly1305 for libressl
    - MINOR: mux-quic: set both EOI EOS for stream fin
    - MINOR: mux-quic: only set EOS on RESET_STREAM recv
    - MINOR: mux-quic: report error on stream-endpoint earlier
    - BUILD: makefile: fix build issue on GNU make < 3.82
    - BUG/MINOR: mux-h2: Check H2_SF_BODY_TUNNEL on H2S flags and not demux frame ones
    - MINOR: mux-h2: Set H2_SF_ES_RCVD flag when decoding the HEADERS frame
    - MINOR: mux-h2: Add a function to propagate termination flags from h2s to SE
    - BUG/MEDIUM: mux-h2: Propagate termination flags when frontend SC is created
    - DEV: add a Lua helper script for SSL keys logging
    - CLEANUP: makefile: don't display a dummy features list without a target
    - BUILD: makefile: do not erase build options for some build options
    - MINOR: quic: Add low level traces (addresses, DCID)
    - BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token())
    - BUG/MINOR: quic: Missing Retry token length on receipt
    - MINOR: quic: Align "show quic" command help information
    - CLEANUP: quic: Indentation fix quic_rx_pkt_retrieve_conn()
    - CLEANUP: quic: Useless tests in qc_rx_pkt_handle()
    - MINOR: quic: Add some counters at QUIC connection level
    - MINOR: quic: Add a counter for sent packets
    - MINOR: hlua: hlua_smp2lua_str() may LJMP
    - MINOR: hlua: hlua_smp2lua() may LJMP
    - MINOR: hlua: hlua_arg2lua() may LJMP
    - DOC: hlua: document hlua_lua2arg() function
    - DOC: hlua: document hlua_lua2smp() function
    - BUG/MINOR: hlua: unsafe hlua_lua2smp() usage
    - BUILD: makefile: commit the tiny FreeBSD makefile stub
    - BUILD: makefile: fix build options when building tools first
    - BUILD: ist: do not put a cast in an array declaration
    - BUILD: ist: use the literal declaration for ist_lc/ist_uc under TCC
    - BUILD: compiler: systematically set USE_OBSOLETE_LINKER with TCC
    - DOC: install: update reference to known supported versions
    - SCRIPTS: publish-release: update the umask to keep group write access

2023/05/17 : 2.8-dev12
    - BUILD: mjson: Fix warning about unused variables
    - MINOR: spoe: Don't stop disabled proxies
    - BUG/MEDIUM: filters: Don't deinit filters for disabled proxies during startup
    - BUG/MINOR: hlua_fcn/queue: fix broken pop_wait()
    - BUG/MINOR: hlua_fcn/queue: fix reference leak
    - CLEANUP: hlua_fcn/queue: make queue:push() easier to read
    - BUG/MINOR: quic: Buggy acknowlegments of acknowlegments function
    - DEBUG: list: add DEBUG_LIST to purposely corrupt list heads after delete
    - MINOR: stats: report the total number of warnings issued
    - MINOR: stats: report the number of times the global maxconn was reached
    - BUG/MINOR: mux-quic: do not prevent shutw on error
    - BUG/MINOR: mux-quic: do not free frame already released by quic-conn
    - BUG/MINOR: mux-quic: no need to subscribe for detach streams
    - MINOR: mux-quic: add traces for stream wake
    - MINOR: mux-quic: do not send STREAM frames if already subscribe
    - MINOR: mux-quic: factorize send subscribing
    - MINOR: mux-quic: simplify return path of qc_send()
    - MEDIUM: quic: streamline error notification
    - MEDIUM: mux-quic: adjust transport layer error handling
    - MINOR: stats: report the listener's protocol along with the address in stats
    - BUG/MEDIUM: mux-fcgi: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR
    - BUG/MEDIUM: mux-fcgi: Don't request more room if mux is waiting for more data
    - MINOR: stconn: Add a cross-reference between SE descriptor
    - BUG/MINOR: proxy: missing free in free_proxy for redirect rules
    - MINOR: proxy: add http_free_redirect_rule() function
    - BUG/MINOR: http_rules: fix errors paths in http_parse_redirect_rule()
    - CLEANUP: http_act: use http_free_redirect_rule() to clean redirect act
    - MINOR: tree-wide: use free_acl_cond() where relevant
    - CLEANUP: acl: discard prune_acl_cond() function
    - BUG/MINOR: cli: don't complain about empty command on empty lines
    - MINOR: cli: add an option to display the uptime in the CLI's prompt
    - MINOR: master/cli: also implement the timed prompt on the master CLI
    - MINOR: cli: make "show fd" identify QUIC connections and listeners
    - MINOR: httpclient: allow to disable the DNS resolvers of the httpclient
    - BUILD: debug: fix build issue on 32-bit platforms in "debug dev task"
    - MINOR: ncbuf: missing malloc checks in standalone code
    - DOC: lua: fix core.{proxies,frontends,backends} visibility
    - EXAMPLES: fix race condition in lua mailers script
    - BUG/MINOR: errors: handle malloc failure in usermsgs_put()
    - BUG/MINOR: log: fix memory error handling in parse_logsrv()
    - BUG/MINOR: quic: Wrong redispatch for external data on connection socket
    - MINOR: htx: add function to set EOM reliably
    - MINOR: mux-quic: remove dedicated function to handle standalone FIN
    - BUG/MINOR: mux-quic: properly handle buf alloc failure
    - BUG/MINOR: mux-quic: handle properly recv ncbuf alloc failure
    - BUG/MINOR: quic: do not alloc buf count on alloc failure
    - BUG/MINOR: mux-quic: differentiate failure on qc_stream_desc alloc
    - BUG/MINOR: mux-quic: free task on qc_init() app ops failure
    - MEDIUM: session/ssl: return the SSL error string during a SSL handshake error
    - CI: enable monthly Fedora Rawhide clang builds
    - MEDIUM: mworker/cli: does not disconnect the master CLI upon error
    - MINOR: stconn: Remove useless test on sedesc on detach to release the xref
    - MEDIUM: proxy: stop emitting logs for internal proxies when stopping
    - MINOR: ssl: add new sample ssl_c_r_dn
    - BUG/MEDIUM: mux-h2: make sure control frames do not refresh the idle timeout
    - BUILD: ssl: ssl_c_r_dn fetches uses  functiosn only available since 1.1.1
    - BUG/MINOR: mux-quic: handle properly Tx buf exhaustion
    - BUG/MINOR: h3: missing goto on buf alloc failure
    - BUILD: ssl: get0_verified chain is available on libreSSL
    - BUG/MINOR: makefile: use USE_LIBATOMIC instead of USE_ATOMIC
    - MINOR: mux-quic: add trace to stream rcv_buf operation
    - MINOR: mux-quic: properly report end-of-stream on recv
    - MINOR: mux-quic: uninline qc_attach_sc()
    - BUG/MEDIUM: mux-quic: fix EOI for request without payload
    - MINOR: checks: make sure spread-checks is used also at boot time
    - BUG/MINOR: tcp-rules: Don't shortened the inspect-delay when EOI is set
    - REGTESTS: log: Reduce response inspect-delay for last_rule.vtc
    - DOC: config: Clarify conditions to shorten the inspect-delay for TCP rules
    - CLEANUP: server: remove useless tmptrash assigments in srv_update_status()
    - BUG/MINOR: server: memory leak in _srv_update_status_op() on server DOWN
    - CLEANUP: check; Remove some useless assignments to NULL
    - CLEANUP: stats: update the trash chunk where it's used
    - MINOR: clock: measure the total boot time
    - MINOR: stats: report the boot time in "show info"
    - BUG/MINOR: checks: postpone the startup of health checks by the boot time
    - MINOR: clock: provide a function to automatically adjust now_offset
    - BUG/MINOR: clock: automatically adjust the internal clock with the boot time
    - CLEANUP: fcgi-app; Remove useless assignment to NULL
    - REGTESTS: log: Reduce again response inspect-delay for last_rule.vtc
    - CI: drop Fedora m32 pipeline in favour of cross matrix
    - MEDIUM: checks: Stop scheduling healthchecks during stopping stage
    - MEDIUM: resolvers: Stop scheduling resolution during stopping stage
    - BUG/MINOR: hlua: SET_SAFE_LJMP misuse in hlua_event_runner()
    - BUG/MINOR: debug: fix pointer check in debug_parse_cli_task()

2023/05/11 : 2.8-dev11
    - BUILD: debug: do not check the isolated_thread variable in non-threaded builds
    - BUILD: quic: fix build warning when threads are disabled
    - CI: more granular failure on generating build matrix
    - CLEANUP: quic: No more used q_buf structure
    - CLEANUP: quic: Rename several <buf> variables in quic_frame.(c|h)
    - CLEANUP: quic: Typo fix for quic_connection_id pool
    - BUG/MINOR: quic: Wrong key update cipher context initialization for encryption
    - BUG/MEDIUM: cache: Don't request more room than the max allowed
    - MEDIUM: stconn: Be sure to always be able to unblock a SC that needs room
    - EXAMPLES: fix IPV6 support for lua mailers script
    - BUILD: ssl: buggy -Werror=dangling-pointer since gcc 13.0
    - DOC: stconn: Update comments about ABRT/SHUT for stconn structure
    - BUG/MEDIUM: stats: Require more room if buffer is almost full
    - DOC: configuration: add info about ssl-engine for 2.6
    - BUG/MINOR: mux-quic: fix transport VS app CONNECTION_CLOSE
    - BUG/MEDIUM: mux-quic: wakeup tasklet to close on error
    - DEV: flags: add a script to decode most flags in the "show sess all" output
    - BUG/MINOR: quic: Possible crash when dumping version information
    - BUG/MINOR: config: make compression work again in defaults section
    - BUG/MEDIUM: stream: Forward shutdowns when unhandled errors are caught
    - MEDIUM: stream: Resync analyzers at the end of process_stream() on change
    - DEV: flags: add missing stream flags to show-sess-to-flags
    - DEV: flags/show-sess-to-flags: only retrieve hex digits from hex fields
    - DEV: flags/show-sess-to-flags: add support for color output
    - CLEANUP: src/listener.c: remove redundant NULL check

2023/05/07 : 2.8-dev10
    - BUG/MINOR: stats: fix typo in `TotalSplicedBytesOut` field name
    - REGTESTS: add success test, "set server" via fqdn
    - MINOR: ssl: disable CRL checks with WolfSSL when no CRL file
    - BUG/MINOR: stream/cli: fix stream age calculation in "show sess"
    - MINOR: debug: clarify "debug dev stream" help message
    - DEBUG: cli: add "debug dev task" to show/wake/expire/kill tasks and tasklets
    - BUG/MINOR: ssl/sample: x509_v_err_str converter output when not found
    - REGTESTS: ssl: simplify X509_V code check in ssl_client_auth.vtc
    - BUILD: cli: fix build on Windows due to isalnum() implemented as a macro
    - MINOR: activity: use a single macro to iterate over all fields
    - MINOR: activity: show the line header inside the SHOW_VAL macro
    - MINOR: activity: iterate over all fields in a main loop for dumping
    - MINOR: activity: allow "show activity" to restart dumping on any line
    - MINOR: activity: allow "show activity" to restart in the middle of a line
    - DEV: haring: automatically disable DEBUG_STRICT
    - DEV: haring: update readme to suggest using the same build options for haring
    - BUG/MINOR: debug: fix incorrect profiling status reporting in show threads
    - MINOR: debug: permit the "debug dev loop" to run under isolation
    - BUG/MEDIUM: mux-h2: Properly handle end of request to expect data from server
    - BUG/MINOR: mux-quic: prevent quic_conn error code to be overwritten
    - MINOR: mux-quic: add trace event for local error
    - MINOR: mux-quic: wake up after recv only if avail data
    - MINOR: mux-quic: adjust local error API
    - MINOR: mux-quic: report local error on stream endpoint asap
    - MINOR: mux-quic: close connection asap on local error
    - BUG/MINOR: debug: do not emit empty lines in thread dumps
    - BUG/MINOR: mux-h2: Also expect data when waiting for a tunnel establishment
    - BUG/MINOR: time: fix NS_TO_TV macro
    - MEDIUM: debug: simplify the thread dump mechanism
    - MINOR: debug: write panic dump to stderr one thread at a time
    - MINOR: debug: make "show threads" properly iterate over all threads
    - CLEANUP: debug: remove the now unused ha_thread_dump_all_to_trash()
    - MINOR: ssl: allow to change the server signature algorithm
    - MINOR: ssl: allow to change the signature algorithm for client authentication
    - MINOR: cli: Use applet API to write output message
    - MINOR: stats: Use the applet API to write data
    - MINOR: peers: Use the applet API to send message
    - MINOR: stconn: Add a field to specify the room needed by the SC to progress
    - MEDIUM: tree-wide: Change sc API to specify required free space to progress
    - BUG/MEDIUM: stconn: Unblock SC from stream if there is enough room to progrees
    - MEDIUM: applet: Check room needed to unblock opposite SC when data was consumed
    - MEDIUM: stconn: Check room needed to unblock SC on fast-forward
    - MEDIUM: stconn: Check room needed to unblock opposite SC when data was sent
    - MINOR: hlua_fcn: fix Server.is_draining() return type
    - MINOR: hlua_fcn: add Server.is_backup()
    - MINOR: hlua_fcn: add Server.is_dynamic()
    - MINOR: hlua_fcn: add Server.tracking()
    - MINOR: hlua_fcn: add Server.get_trackers()
    - MINOR: hlua_fcn: add Server.get_proxy()
    - MINOR: hlua_fcn: add Server.get_pend_conn() and Server.get_cur_sess()
    - MINOR: hlua_fcn: add Proxy.get_srv_act() and Proxy.get_srv_bck()
    - DOC: lua/event: add ServerEvent class header
    - MINOR: server/event_hdl: publish macro helper
    - MINOR: server/event_hdl: add SERVER_STATE event
    - OPTIM: server: publish UP/DOWN events from STATE change
    - MINOR: hlua: expose SERVER_STATE event
    - MINOR: server/event_hdl: add SERVER_ADMIN event
    - MINOR: hlua: expose SERVER_ADMIN event
    - MINOR: checks/event_hdl: SERVER_CHECK event
    - MINOR: hlua/event_hdl: expose SERVER_CHECK event
    - MINOR: mailers/hlua: disable email sending from lua
    - MINOR: hlua: expose proxy mailers
    - EXAMPLES: add lua mailers script to replace tcpcheck mailers
    - BUG/MINOR: hlua: spinning loop in hlua_socket_handler()
    - MINOR: server: fix message report when IDRAIN is set and MAINT is cleared
    - CLEANUP: hlua: hlua_register_task() may longjmp
    - REGTESTS: use lua mailer script for mailers tests
    - MINOR: hlua: declare hlua_{ref,pushref,unref} functions
    - MINOR: hlua: declare hlua_gethlua() function
    - MINOR: hlua: declare hlua_yieldk() function
    - MINOR: hlua_fcn: add Queue class
    - EXAMPLES: mailqueue for lua mailers script
    - MINOR: quic: add format argument for "show quic"
    - MINOR: quic: implement oneline format for "show quic"
    - MINOR: config: allow cpu-map to take commas in lists of ranges
    - CLEANUP: fix a few reported typos in code comments
    - DOC: fix a few reported typos in the config and install doc

2023/04/28 : 2.8-dev9
    - MINOR: quic: Move traces at proto level
    - BUG/MINOR: quic: Possible memory leak from TX packets
    - BUG/MINOR: quic: Possible leak during probing retransmissions
    - BUG/MINOR: quic: Useless probing retransmission in draining or killing state
    - BUG/MINOR: quic: Useless I/O handler task wakeups (draining, killing state)
    - CLEANUP: quic: rename frame types with an explicit prefix
    - CLEANUP: quic: rename frame variables
    - CLEANUP: quic: Remove useless parameters passes to qc_purge_tx_buf()
    - CLEANUP: quic: Rename <buf> variable to <token> in quic_generate_retry_token()
    - CLEANUP: quic: Rename <buf> variable into quic_padding_check()
    - CLEANUP: quic: Rename <buf> variable into quic_rx_pkt_parse()
    - CLEANUP: quic: Rename <buf> variable for several low level functions
    - CLEANUP: quic: Make qc_build_pkt() be more readable
    - CLEANUP: quic: Rename quic_get_dgram_dcid() <buf> variable
    - CLEANUP: quic: Rename several <buf> variables at low level
    - CLEANUP: quic: Rename <buf> variable into quic_packet_read_long_header()
    - CLEANUP: quic: Rename <buf> variable into qc_parse_hd_form()
    - CLEANUP: quic: Rename several <buf> variables into quic_sock.c
    - DEBUG: crash using an invalid opcode on x86/x86_64 instead of an invalid access
    - DEBUG: crash using an invalid opcode on aarch64 instead of an invalid access
    - DEV: h2: add a script "mkhdr" to build h2 frames from scratch
    - DEV: h2: support reading frame payload from a file
    - MINOR: acme.sh: add the deploy script for acme.sh in admin directory
    - BUG/MEDIUM: mux-quic: do not emit RESET_STREAM for unknown length
    - BUG/MEDIUM: mux-quic: improve streams fairness to prevent early timeout
    - BUG/MINOR: quic: prevent buggy memcpy for empty STREAM
    - MINOR: mux-quic: do not set buffer for empty STREAM frame
    - MINOR: mux-quic: do not allocate Tx buf for empty STREAM frame
    - MINOR: quic: finalize affinity change as soon as possible
    - BUG/MINOR: quic: fix race on quic_conns list during affinity rebind
    - CI: switch to Fastly CDN to download LibreSSL
    - BUILD: ssl: switch LibreSSL to Fastly CDN
    - BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date'
    - BUG/MINOR: spoe: use "date" not "now" in debug messages
    - BUG/MINOR: activity: show wall-clock date, not internal date in show activity
    - BUG/MINOR: opentracing: use 'date' instead of 'now' in debug output
    - Revert "BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date'"
    - BUG/MINOR: calltrace: fix 'now' being used in place of 'date'
    - BUG/MINOR: trace: show wall-clock date, not internal date in show activity
    - BUG/MINOR: hlua: return wall-clock date, not internal date in core.now()
    - BUG/MEDIUM: spoe: Don't start new applet if there are enough idle ones
    - BUG/MINOR: stconn: Fix SC flags with same value
    - BUG/MINOR: resolvers: Use sc_need_room() to wait more room when dumping stats
    - BUG/MEDIUM: tcpcheck: Don't eval custom expect rule on an empty buffer
    - BUG/MINOR: stats: report the correct start date in "show info"
    - MINOR: time: add conversions to/from nanosecond timestamps
    - MINOR: time: replace calls to tv_ms_elapsed() with a linear subtract
    - MINOR: spoe: switch the timeval-based timestamps to nanosecond timestamps
    - MEDIUM: tree-wide: replace timeval with nanoseconds in tv_accept and tv_request
    - MINOR: stats: use nanoseconds, not timeval to compute uptime
    - MINOR: activity: use nanoseconds, not timeval to compute uptime
    - MINOR: checks: use a nanosecond counters instead of timeval for checks->start
    - MINOR: clock: do not use now.tv_sec anymore
    - MEDIUM: clock: replace timeval "now" with integer "now_ns"
    - MINOR: clock: replace the timeval start_time with start_time_ns
    - MINOR: sample: Add bc_rtt and bc_rttvar
    - MINOR: quic: use real sending rate measurement
    - MINOR: proxy: factorize send rate measurement

2023/04/23 : 2.8-dev8
    - BUG/MEDIUM: cli: Set SE_FL_EOI flag for '_getsocks' and 'quit' commands
    - BUG/MEDIUM: cli: Eat output data when waiting for appctx shutdown
    - BUG/MEDIUM: http-client: Eat output data when waiting for appctx shutdown
    - BUG/MEDIUM: stats: Eat output data when waiting for appctx shutdown
    - BUG/MEDIUM: log: Eat output data when waiting for appctx shutdown
    - BUG/MEDIUM: dns: Kill idle DNS sessions during stopping stage
    - BUG/MINOR: resolvers: Wakeup DNS idle task on stopping
    - BUG/MEDIUM: resolvers: Force the connect timeout for DNS resolutions
    - MINOR: hlua: Stop to check the SC state when executing a hlua cli command
    - BUG/MEDIUM: mux-h1: Report EOI when a TCP connection is upgraded to H2
    - BUG/MEDIUM: mux-h2: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR
    - MINOR: quic: Trace fix in quic_pto_pktns() (handshaske status)
    - BUG/MINOR: quic: Wrong packet number space probing before confirmed handshake
    - MINOR: quic: Modify qc_try_rm_hp() traces
    - MINOR: quic: Dump more information at proto level when building packets
    - MINOR: quic: Add a trace for packet with an ACK frame
    - MINOR: activity: add a line reporting the average CPU usage to "show activity"
    - BUG/MINOR: stick_table: alert when type len has incorrect characters
    - MINOR: thread: keep a bitmask of enabled groups in thread_set
    - MINOR: fd: optimize fd_claim_tgid() for use in fd_insert()
    - MINOR: fd: add a lock bit with the tgid
    - MINOR: fd: implement fd_migrate_on() to migrate on a non-local thread
    - MINOR: receiver: reserve special values for "shards"
    - MINOR: bind-conf: support a new shards value: "by-group"
    - BUG/MEDIUM: fd: don't wait for tmask to stabilize if we're not in it.
    - MINOR: quic: Add packet loss and maximum cc window to "show quic"
    - BUG/MINOR: quic: Ignored less than 1ms RTTs
    - MINOR: quic: Add connection flags to traces
    - BUG/MEDIUM: quic: Code sanitization about acknowledgements requirements
    - BUG/MINOR: quic: Possible wrapped values used as ACK tree purging limit.
    - BUG/MINOR: quic: SIGFPE in quic_cubic_update()
    - MINOR: quic: Display the packet number space flags in traces
    - MINOR: quic: Remove a useless test about probing in qc_prep_pkts()
    - BUG/MINOR: quic: Wrong Application encryption level selection when probing
    - CI: bump "actions/checkout" to v3 for cross zoo matrix
    - CI: enable monthly test on Fedora Rawhide
    - BUG/MINOR: stream: Fix test on SE_FL_ERROR on the wrong entity
    - BUG/MEDIUM: stream: Report write timeouts before testing the flags
    - BUG/MEDIUM: stconn: Do nothing in sc_conn_recv() when the SC needs more room
    - MINOR: stream: Uninline and export sess_set_term_flags() function
    - MINOR: filters: Review and simplify errors handling
    - REGTESTS: fix the race conditions in log_uri.vtc
    - MINOR: channel: Forwad close to other side on abort
    - MINOR: stream: Introduce stream_abort() to abort on both sides in same time
    - MINOR: stconn: Rename SC_FL_SHUTR_NOW in SC_FL_ABRT_WANTED
    - MINOR: channel/stconn: Replace channel_shutr_now() by sc_schedule_abort()
    - MINOR: stconn: Rename SC_FL_SHUTW_NOW in SC_FL_SHUT_WANTED
    - MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown()
    - MINOR: stconn: Rename SC_FL_SHUTR in SC_FL_ABRT_DONE
    - MINOR: channel/stconn: Replace sc_shutr() by sc_abort()
    - MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE
    - MINOR: channel/stconn: Replace sc_shutw() by sc_shutdown()
    - MINOR: tree-wide: Replace several chn_cons() by the corresponding SC
    - MINOR: tree-wide: Replace several chn_prod() by the corresponding SC
    - BUG/MINOR: cli: Don't close when SE_FL_ERR_PENDING is set in cli analyzer
    - MINOR: stconn: Stop to set SE_FL_ERROR on sending path
    - MEDIUM: stconn: Forbid applets with more to deliver if EOI was reached
    - MINOR: stconn: Don't clear SE_FL_ERROR when endpoint is reset
    - MINOR: stconn: Add a flag to ack endpoint errors at SC level
    - MINOR: backend: Set SC_FL_ERROR on connection error
    - MINOR: stream: Set SC_FL_ERROR on channels' buffer allocation error
    - MINOR: tree-wide: Test SC_FL_ERROR with SE_FL_ERROR from upper layer
    - MEDIUM: tree-wide: Stop to set SE_FL_ERROR from upper layer
    - MEDIUM: backend: Stop to use SE flags to detect connection errors
    - MEDIUM: stream: Stop to use SE flags to detect read errors from analyzers
    - MEDIUM: stream: Stop to use SE flags to detect endpoint errors
    - MEDIUM: stconn: Rely on SC flags to handle errors instead of SE flags
    - BUG/MINOR: stconn: Don't set SE_FL_ERROR at the end of sc_conn_send()
    - BUG/MINOR: quic: Do not use ack delay during the handshakes
    - CLEANUP: use "offsetof" where appropriate
    - MINOR: ssl: remove OpenSSL 1.0.2 mention into certificate loading error
    - BUG/MEDIUM: http-ana: Properly switch the request in tunnel mode on upgrade
    - BUG/MEDIUM: log: Properly handle client aborts in syslog applet
    - MINOR: stconn: Add a flag to report EOS at the stream-connector level
    - MINOR: stconn: Propagate EOS from a mux to the attached stream-connector
    - MINOR: stconn: Propagate EOS from an applet to the attached stream-connector
    - MINOR: mux-h2: make the initial window size configurable per side
    - MINOR: mux-h2: make the max number of concurrent streams configurable per side
    - BUG/MINOR: task: allow to use tasklet_wakeup_after with tid -1
    - CLEANUP: quic: remove unused QUIC_LOCK label
    - CLEANUP: quic: remove unused scid_node
    - CLEANUP: quic: remove unused qc param on stateless reset token
    - CLEANUP: quic: rename quic_connection_id vars
    - MINOR: quic: remove uneeded tasklet_wakeup after accept
    - MINOR: quic: adjust Rx packet type parsing
    - MINOR: quic: adjust quic CID derive API
    - MINOR: quic: remove TID ref from quic_conn
    - MEDIUM: quic: use a global CID trees list
    - MINOR: quic: remove TID encoding in CID
    - MEDIUM: quic: handle conn bootstrap/handshake on a random thread
    - MINOR: quic: do not proceed to accept for closing conn
    - MINOR: protocol: define new callback set_affinity
    - MINOR: quic: delay post handshake frames after accept
    - MEDIUM: quic: implement thread affinity rebinding
    - BUG/MINOR: quic: transform qc_set_timer() as a reentrant function
    - MINOR: quic: properly finalize thread rebinding
    - MAJOR: quic: support thread balancing on accept
    - MINOR: listener: remove unneeded local accept flag
    - BUG/MINOR: http-ana: Update analyzers on both sides when switching in TUNNEL mode
    - CLEANUP: backend: Remove useless debug message in assign_server()
    - CLEANUP: cli: Remove useless debug message in cli_io_handler()
    - BUG/MEDIUM: stconn: Propagate error on the SC on sending path
    - MINOR: config: add "no-alpn" support for bind lines
    - REGTESTS: add a new "ssl_alpn" test to test ALPN negotiation
    - DOC: add missing documentation for "no-alpn" on bind lines
    - MINOR: ssl: do not set ALPN callback with the empty string
    - MINOR: ssl_crtlist: dump "no-alpn" on "show crtlist" when "no-alpn" was set
    - MEDIUM: config: set useful ALPN defaults for HTTPS and QUIC
    - BUG/MEDIUM: quic: prevent crash on Retry sending
    - BUG/MINOR: cfgparse: make sure to include openssl-compat
    - MINOR: clock: add now_mono_time_fast() function
    - MINOR: clock: add now_cpu_time_fast() function
    - MEDIUM: hlua: reliable timeout detection
    - MEDIUM: hlua: introduce tune.lua.burst-timeout
    - CLEANUP: hlua: avoid confusion between internal timers and tick based timers
    - MINOR: hlua: hook yield on known lua state
    - MINOR: hlua: safe coroutine.create()
    - BUG/MINOR: quic: Stop removing ACK ranges when building packets
    - MINOR: quic: Do not allocate too much ack ranges
    - BUG/MINOR: quic: Unchecked buffer length when building the token
    - BUG/MINOR: quic: Wrong Retry token generation timestamp computing
    - BUG/MINOR: mux-quic: fix crash with app ops install failure
    - BUG/MINOR: mux-quic: properly handle STREAM frame alloc failure
    - BUG/MINOR: h3: fix crash on h3s alloc failure
    - BUG/MINOR: quic: prevent crash on qc_new_conn() failure
    - BUG/MINOR: quic: consume Rx datagram even on error
    - CLEANUP: errors: fix obsolete function comments
    - CLEANUP: server: fix update_status() function comment
    - MINOR: server/event_hdl: add proxy_uuid to event_hdl_cb_data_server
    - MINOR: hlua/event_hdl: rely on proxy_uuid instead of proxy_name for lookups
    - MINOR: hlua/event_hdl: expose proxy_uuid variable in server events
    - MINOR: hlua/event_hdl: fix return type for hlua_event_hdl_cb_data_push_args
    - MINOR: server/event_hdl: prepare for upcoming refactors
    - BUG/MINOR: event_hdl: don't waste 1 event subtype slot
    - CLEANUP: event_hdl: updating obsolete comment for EVENT_HDL_CB_DATA
    - CLEANUP: event_hdl: fix comment typo about _sync assertion
    - MINOR: event_hdl: dynamically allocated event data members
    - MINOR: event_hdl: provide event->when for advanced handlers
    - MINOR: hlua/event_hdl: timestamp for events
    - DOC: lua: restore 80 char limitation
    - BUG/MINOR: server: incorrect report for tracking servers leaving drain
    - MINOR: server: explicitly commit state change in srv_update_status()
    - BUG/MINOR: server: don't miss proxy stats update on server state transitions
    - BUG/MINOR: server: don't miss server stats update on server state transitions
    - BUG/MINOR: server: don't use date when restoring last_change from state file
    - MINOR: server: central update for server counters on state change
    - MINOR: server: propagate server state change to lb through single function
    - MINOR: server: propagate lb changes through srv_lb_propagate()
    - MINOR: server: change adm_st_chg_cause storage type
    - MINOR: server: srv_append_status refacto
    - MINOR: server: change srv_op_st_chg_cause storage type
    - CLEANUP: server: remove unused variables in srv_update_status()
    - CLEANUP: server: fix srv_set_{running, stopping, stopped} function comment
    - MINOR: server: pass adm and op cause to srv_update_status()
    - MEDIUM: server: split srv_update_status() in two functions
    - MINOR: server/event_hdl: prepare for server event data wrapper
    - MINOR: quic: support migrating the listener as well
    - MINOR: quic_sock: index li->per_thr[] on local thread id, not global one
    - MINOR: listener: support another thread dispatch mode: "fair"
    - MINOR: receiver: add a struct shard_info to store info about each shard
    - MINOR: receiver: add RX_F_MUST_DUP to indicate that an rx must be duped
    - MEDIUM: proto: duplicate receivers marked RX_F_MUST_DUP
    - MINOR: proto: skip socket setup for duped FDs
    - MEDIUM: config: permit to start a bind on multiple groups at once
    - MINOR: listener: make accept_queue index atomic
    - MEDIUM: listener: rework thread assignment to consider all groups
    - MINOR: listener: use a common thr_idx from the reference listener
    - MINOR: listener: resync with the thread index before heavy calculations
    - MINOR: listener: make sure to avoid ABA updates in per-thread index
    - MINOR: listener: always compare the local thread as well
    - MINOR: Make `tasklet_free()` safe to be called with `NULL`
    - CLEANUP: Stop checking the pointer before calling `tasklet_free()`
    - CLEANUP: Stop checking the pointer before calling `pool_free()`
    - CLEANUP: Stop checking the pointer before calling `task_free()`
    - CLEANUP: Stop checking the pointer before calling `ring_free()`
    - BUG/MINOR: cli: clarify error message about stats bind-process
    - CI: cirrus-ci: bump FreeBSD image to 13-1
    - REGTESTS: remove unsupported "stats bind-process" keyword
    - CI: extend spellchecker whitelist, add "clen" as well
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: sock_inet: use SO_REUSEPORT_LB where available
    - BUG/MINOR: tools: check libssl and libcrypto separately
    - BUG/MINOR: config: fix NUMA topology detection on FreeBSD
    - BUILD: sock_inet: forward-declare struct receiver
    - BUILD: proto_tcp: export the correct names for proto_tcpv[46]
    - CLEANUP: protocol: move the l3_addrlen to plug a hole in proto_fam
    - CLEANUP: protocol: move the nb_receivers to plug a hole in protocol
    - REORG: listener: move the bind_conf's thread setup code to listener.c
    - MINOR: proxy: make proxy_type_str() recognize peers sections
    - MEDIUM: peers: call bind_complete_thread_setup() to finish the config
    - MINOR: protocol: add a flags field to store info about protocols
    - MINOR: protocol: move the global reuseport flag to the protocols
    - MINOR: listener: automatically adjust shards based on support for SO_REUSEPORT
    - MINOR: protocol: add a function to check if some features are supported
    - MINOR: sock: add a function to check for SO_REUSEPORT support at runtime
    - MINOR: protocol: perform a live check for SO_REUSEPORT support
    - MINOR: listener: do not restrict CLI to first group anymore
    - MINOR: listener: add a new global tune.listener.default-shards setting
    - MEDIUM: listener: switch the default sharding to by-group

2023/04/08 : 2.8-dev7
    - BUG/MINOR: stats: Don't replace sc_shutr() by SE_FL_EOS flag yet
    - BUG/MEDIUM: mux-h2: Be able to detect connection error during handshake
    - BUG/MINOR: quic: Missing padding in very short probe packets
    - MINOR: proxy/pool: prevent unnecessary calls to pool_gc()
    - CLEANUP: proxy: remove stop_time related dead code
    - DOC/MINOR: reformat configuration.txt's "quoting and escaping" table
    - MINOR: http_fetch: Add support for empty delim in url_param
    - MINOR: http_fetch: add case insensitive support for smp_fetch_url_param
    - MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val
    - REGTESTS : Add test support for case insentitive for url_param
    - BUG/MEDIUM: proxy/sktable: prevent watchdog trigger on soft-stop
    - BUG/MINOR: backend: make be_usable_srv() consistent when stopping
    - BUG/MINOR: ssl: Remove dead code in cli_parse_update_ocsp_response
    - BUG/MINOR: ssl: Fix potential leak in cli_parse_update_ocsp_response
    - BUG/MINOR: ssl: ssl-(min|max)-ver parameter not duplicated for bundles in crt-list
    - BUG/MINOR: quic: Wrong use of now_ms timestamps (cubic algo)
    - MINOR: quic: Add recovery related information to "show quic"
    - BUG/MINOR: quic: Wrong use of now_ms timestamps (newreno algo)
    - BUG/MINOR: quic: Missing max_idle_timeout initialization for the connection
    - MINOR: quic: Implement cubic state trace callback
    - MINOR: quic: Adjustments for generic control congestion traces
    - MINOR: quic: Traces adjustments at proto level.
    - MEDIUM: quic: Ack delay implementation
    - BUG/MINOR: quic: Wrong rtt variance computing
    - MINOR: cli: support filtering on FD types in "show fd"
    - MINOR: quic: Add a fake congestion control algorithm named "nocc"
    - CI: run smoke tests on config syntax to check memory related issues
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: exclude doc/{design-thoughts,internals} from spell check
    - BUG/MINOR: quic: Remaining useless statements in cubic slow start callback
    - BUG/MINOR: quic: Cubic congestion control window may wrap
    - MINOR: quic: Add missing traces in cubic algorithm implementation
    - BUG/MAJOR: quic: Congestion algorithms states shared between the connection
    - BUG/MINOR: ssl: Undefined reference when building with OPENSSL_NO_DEPRECATED
    - BUG/MINOR: quic: Remove useless BUG_ON() in newreno and cubic algo implementation
    - MINOR: http-act: emit a warning when a header field name contains forbidden chars
    - DOC: config: strict-sni allows to start without certificate
    - MINOR: quic: Add trace to debug idle timer task issues
    - BUG/MINOR: quic: Unexpected connection closures upon idle timer task execution
    - BUG/MINOR: quic: Wrong idle timer expiration (during 20s)
    - BUILD: quic: 32bits compilation issue in cli_io_handler_dump_quic()
    - BUG/MINOR: quic: Possible wrong PTO computing
    - BUG/MINOR: tcpcheck: Be able to expect an empty response
    - BUG/MEDIUM: stconn: Add a missing return statement in sc_app_shutr()
    - BUG/MINOR: stream: Fix test on channels flags to set clientfin/serverfin touts
    - MINOR: applet: Uninline appctx_free()
    - MEDIUM: applet/trace: Register a new trace source with its events
    - CLEANUP: stconn: Remove remaining debug messages
    - BUG/MEDIUM: channel: Improve reports for shut in co_getblk()
    - BUG/MEDIUM: dns: Properly handle error when a response consumed
    - MINOR: stconn: Remove unecessary test on SE_FL_EOS before receiving data
    - MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it
    - MINOR: stconn/channel: Move CF_SEND_DONTWAIT into the SC and rename it
    - MINOR: stconn/channel: Move CF_NEVER_WAIT into the SC and rename it
    - MINOR: stconn/channel: Move CF_EXPECT_MORE into the SC and rename it
    - MINOR: mux-pt: Report end-of-input with the end-of-stream after a read
    - BUG/MINOR: mux-h1: Properly report EOI/ERROR on read0 in h1_rcv_pipe()
    - CLEANUP: mux-h1/mux-pt: Remove useless test on SE_FL_SHR/SE_FL_SHW flags
    - MINOR: mux-h1: Report an error to the SE descriptor on truncated message
    - MINOR: stconn: Always ack EOS at the end of sc_conn_recv()
    - MINOR: stconn/applet: Handle EOI in the applet .wake callback function
    - MINOR: applet: No longer set EOI on the SC
    - MINOR: stconn/applet: Handle EOS in the applet .wake callback function
    - MEDIUM: cache: Use the sedesc to report and detect end of processing
    - MEDIUM: cli: Use the sedesc to report and detect end of processing
    - MINOR: dns: Remove the test on the opposite SC state to send requests
    - MEDIUM: dns: Use the sedesc to report and detect end of processing
    - MEDIUM: spoe: Use the sedesc to report and detect end of processing
    - MEDIUM: hlua/applet: Use the sedesc to report and detect end of processing
    - MEDIUM: log: Use the sedesc to report and detect end of processing
    - MEDIUM: peers: Use the sedesc to report and detect end of processing
    - MINOR: sink: Remove the tests on the opposite SC state to process messages
    - MEDIUM: sink: Use the sedesc to report and detect end of processing
    - MEDIUM: stats: Use the sedesc to report and detect end of processing
    - MEDIUM: promex: Use the sedesc to report and detect end of processing
    - MEDIUM: http_client: Use the sedesc to report and detect end of processing
    - MINOR: stconn/channel: Move CF_EOI into the SC and rename it
    - MEDIUM: tree-wide: Move flags about shut from the channel to the SC
    - MINOR: tree-wide: Simplifiy some tests on SHUT flags by accessing SCs directly
    - MINOR: stconn/applet: Add BUG_ON_HOT() to be sure SE_FL_EOS is never set alone
    - MINOR: server: add SRV_F_DELETED flag
    - BUG/MINOR: server/del: fix srv->next pointer consistency
    - BUG/MINOR: stats: properly handle server stats dumping resumption
    - BUG/MINOR: sink: free forward_px on deinit()
    - BUG/MINOR: log: free log forward proxies on deinit()
    - MINOR: server: always call ssl->destroy_srv when available
    - MINOR: server: correctly free servers on deinit()
    - BUG/MINOR: hlua: hook yield does not behave as expected
    - MINOR: hlua: properly handle hlua_process_task HLUA_E_ETMOUT
    - BUG/MINOR: hlua: enforce proper running context for register_x functions
    - MINOR: hlua: Fix two functions that return nothing useful
    - MEDIUM: hlua: Dynamic list of frontend/backend in Lua
    - MINOR: hlua_fcn: alternative to old proxy and server attributes
    - MEDIUM: hlua_fcn: dynamic server iteration and indexing
    - MEDIUM: hlua_fcn/api: remove some old server and proxy attributes
    - CLEANUP: hlua: fix conflicting comment in hlua_ctx_destroy()
    - MINOR: hlua: add simple hlua reference handling API
    - MINOR: hlua: fix return type for hlua_checkfunction() and hlua_checktable()
    - BUG/MINOR: hlua: fix reference leak in core.register_task()
    - BUG/MINOR: hlua: fix reference leak in hlua_post_init_state()
    - BUG/MINOR: hlua: prevent function and table reference leaks on errors
    - CLEANUP: hlua: use hlua_ref() instead of luaL_ref()
    - CLEANUP: hlua: use hlua_pushref() instead of lua_rawgeti()
    - CLEANUP: hlua: use hlua_unref() instead of luaL_unref()
    - MINOR: hlua: simplify lua locking
    - BUG/MEDIUM: hlua: prevent deadlocks with main lua lock
    - MINOR: hlua_fcn: add server->get_rid() method
    - MINOR: hlua: support for optional arguments to core.register_task()
    - DOC: lua: silence "literal block ends without a blank line" Sphinx warnings
    - DOC: lua: silence "Unexpected indentation" Sphinx warnings
    - BUG/MINOR: event_hdl: fix rid storage type
    - BUG/MINOR: event_hdl: make event_hdl_subscribe thread-safe
    - MINOR: event_hdl: global sublist management clarification
    - BUG/MEDIUM: event_hdl: clean soft-stop handling
    - BUG/MEDIUM: event_hdl: fix async data refcount issue
    - MINOR: event_hdl: normal tasks support for advanced async mode
    - MINOR: event_hdl: add event_hdl_async_equeue_isempty() function
    - MINOR: event_hdl: add event_hdl_async_equeue_size() function
    - MINOR: event_hdl: pause/resume for subscriptions
    - MINOR: proxy: add findserver_unique_id() and findserver_unique_name()
    - MEDIUM: hlua/event_hdl: initial support for event handlers
    - MINOR: hlua/event_hdl: per-server event subscription
    - EXAMPLES: add basic event_hdl lua example script
    - MINOR: http-ana: Add a HTTP_MSGF flag to state the Expect header was checked
    - BUG/MINOR: http-ana: Don't switch message to DATA when waiting for payload
    - BUG/MINOR: quic: Possible crashes in qc_idle_timer_task()
    - MINOR: quic: derive first DCID from client ODCID
    - MINOR: quic: remove ODCID dedicated tree
    - MINOR: quic: remove address concatenation to ODCID
    - BUG/MINOR: mworker: unset more internal variables from program section
    - BUG/MINOR: errors: invalid use of memprintf in startup_logs_init()
    - MINOR: applet: Use unsafe version to get stream from SC in the trace function
    - BUG/MUNOR: http-ana: Use an unsigned integer for http_msg flags
    - MINOR: compression: Make compression offload a flag
    - MINOR: compression: Prepare compression code for request compression
    - MINOR: compression: Store algo and type for both request and response
    - MINOR: compression: Count separately request and response compression
    - MEDIUM: compression: Make it so we can compress requests as well.
    - BUG/MINOR: lua: remove incorrect usage of strncat()
    - CLEANUP: tcpcheck: remove the only occurrence of sprintf() in the code
    - CLEANUP: ocsp: do no use strpcy() to copy a path!
    - CLEANUP: tree-wide: remove strpcy() from constant strings
    - CLEANUP: opentracing: remove the last two occurrences of strncat()
    - BUILD: compiler: fix __equals_1() on older compilers
    - MINOR: compiler: define a __attribute__warning() macro
    - BUILD: bug.h: add a warning in the base API when unsafe functions are used
    - BUG/MEDIUM: listeners: Use the right parameters for strlcpy2().

2023/03/28 : 2.8-dev6
    - BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
    - MINOR: ssl: Change the ocsp update log-format
    - MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command
    - BUG/MINOR: ssl: Fix double free in ocsp update deinit
    - MINOR: ssl: Accept certpath as param in "show ssl ocsp-response" CLI command
    - MINOR: ssl: Add certificate path to 'show ssl ocsp-response' output
    - BUG/MEDIUM: proxy: properly stop backends on soft-stop
    - BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
    - DEBUG: cli/show_fd: Display connection error code
    - DEBUG: ssl-sock/show_fd: Display SSL error code
    - BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
    - BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
    - BUG/MINOR: quic: Missing STREAM frame length updates
    - BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
    - BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
    - MINOR: buffer: add br_count() to return the number of allocated bufs
    - MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
    - BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
    - BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
    - BUG/MINOR: quic: Missing STREAM frame data pointer updates
    - MINOR: stick-table: add sc-add-gpc() to http-after-response
    - MINOR: doc: missing entries for sc-add-gpc()
    - BUG/MAJOR: qpack: fix possible read out of bounds in static table
    - OPTIM: mux-h1: limit first read size to avoid wrapping
    - MINOR: mux-h2: set CO_SFL_MSG_MORE when sending multiple buffers
    - MINOR: ssl-sock: pass the CO_SFL_MSG_MORE info down the stack
    - MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames)
    - BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing
    - BUG/MEDIUM: stream: do not try to free a failed stream-conn
    - BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd
    - BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path
    - BUG/MEDIUM: stconn: don't set the type before allocation succeeds
    - BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure
    - MINOR: dynbuf: set POOL_F_NO_FAIL on buffer allocation
    - MINOR: pools: preset the allocation failure rate to 1% with -dMfail
    - BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s
    - BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation
    - BUG/MINOR: quic: wake up MUX on probing only for 01RTT
    - BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup
    - BUILD: thread: implement thread_harmless_end_sig() for threadless builds
    - BUILD: thread: silence a build warning when threads are disabled
    - MINOR: debug: support dumping the libs addresses when running in verbose mode
    - BUG/MINOR: illegal use of the malloc_trim() function if jemalloc is used
    - BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF
    - BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset
    - MINOR: mux-quic: complete traces for qcs emission
    - MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv
    - MINOR: mux-quic: add flow-control info to minimal trace level
    - MINOR: pools: make sure 'no-memory-trimming' is always used
    - MINOR: pools: intercept malloc_trim() instead of trying to plug holes
    - MEDIUM: pools: move the compat code from trim_all_pools() to malloc_trim()
    - MINOR: pools: export trim_all_pools()
    - MINOR: pattern: use trim_all_pools() instead of a conditional malloc_trim()
    - MINOR: tools: relax dlopen() on malloc/free checks
    - MEDIUM: tools: further relax dlopen() checks too consider grouped symbols
    - BUG/MINOR: pools: restore detection of built-in allocator
    - MINOR: pools: report a replaced memory allocator instead of just malloc_trim()
    - BUG/MINOR: h3: properly handle incomplete remote uni stream type
    - BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown
    - MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled
    - MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn
    - MINOR: mux-quic: close on qcs allocation failure
    - MINOR: mux-quic: close on frame alloc failure
    - BUG/MINOR: syslog: Request for more data if message was not fully received
    - BUG/MEDIUM: stats: Consume the request except when parsing the POST payload
    - DOC: config: set-var() dconv rendering issues
    - BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription
    - BUG/MINOR: applet/new: fix sedesc freeing logic
    - BUG/MINOR: quic: Missing STREAM frame type updated
    - BUILD: da: extends CFLAGS to support API v3 from 3.1.7 and onwards.
    - BUG/MINOR: ssl: Stop leaking `err` in ssl_sock_load_ocsp()

2023/03/10 : 2.8-dev5
    - MINOR: ssl: rename confusing ssl_bind_kws
    - BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
    - BUG/MEDIUM: http-ana: Detect closed SC on opposite side during body forwarding
    - BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
    - MINOR: global: Add an option to disable the data fast-forward
    - MINOR: haproxy: Add an command option to disable data fast-forward
    - REGTESTS: Remove unsupported feature command in http_splicing.vtc
    - BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
    - BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
    - BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
    - MINOR: threads: add flags to know if a thread is started and/or running
    - MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
    - BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
    - BUG/MINOR: mworker: prevent incorrect values in uptime
    - MINOR: h3: add traces on decode_qcs callback
    - BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
    - MINOR: quic: Add new traces about by connection RX buffer handling
    - MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
    - BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
    - MINOR: quic: Simplication for qc_set_timer()
    - MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
    - MINOR: quic: Add traces to qc_kill_conn()
    - MINOR: quic: Make qc_dgrams_retransmit() return a status.
    - BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
    - MINOR: quic: Add a trace to identify connections which sent Initial packet.
    - MINOR: quic: Add <pto_count> to the traces
    - BUG/MINOR: quic: Do not probe with too little Initial packets
    - BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
    - BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
    - BUG/MINOR: quic: Missing padding for short packets
    - MINOR: quic: adjust request reject when MUX is already freed
    - BUG/MINOR: quic: also send RESET_STREAM if MUX released
    - BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
    - BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
    - MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
    - MINOR: mux-quic: define qc_shutdown()
    - MINOR: mux-quic: define qc_process()
    - MINOR: mux-quic: implement client-fin timeout
    - MEDIUM: mux-quic: properly implement soft-stop
    - MINOR: quic: mark quic-conn as jobs on socket allocation
    - MEDIUM: quic: trigger fast connection closing on process stopping
    - MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
    - MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
    - BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
    - DEBUG: stream: Add a BUG_ON to never exit process_stream with an expired task
    - DOC: config: Fix description of options about HTTP connection modes
    - MINOR: proxy: Only consider backend httpclose option for server connections
    - BUG/MINOR: haproxy: Fix option to disable the fast-forward
    - DOC: config: Add the missing tune.fail-alloc option from global listing
    - MINOR: cfgcond: Implement strstr condition expression
    - MINOR: cfgcond: Implement enabled condition expression
    - REGTESTS: Skip http_splicing.vtc script if fast-forward is disabled
    - REGTESTS: Fix ssl_errors.vtc script to wait for connections close
    - BUG/MINOR: mworker: stop doing strtok directly from the env
    - BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
    - BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
    - MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
    - BUG/MINOR: cache: Cache response even if request has "no-cache" directive
    - BUG/MINOR: cache: Check cache entry is complete in case of Vary
    - MINOR: compiler: add a TOSTR() macro to turn a value into a string
    - BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
    - BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
    - MEDIUM: channel: Remove CF_READ_NOEXP flag
    - MAJOR: channel: Remove flags to report READ or WRITE errors
    - DEBUG: stream/trace: Add sedesc flags in trace messages
    - MINOR: channel/stconn: Move rto/wto from the channel to the stconn
    - MEDIUM: channel/stconn: Move rex/wex timer from the channel to the sedesc
    - MEDIUM: stconn: Don't requeue the stream's task after I/O
    - MEDIUM: stconn: Replace read and write timeouts by a unique I/O timeout
    - MEDIUM: stconn: Add two date to track successful reads and blocked sends
    - MINOR: applet/stconn: Add a SE flag to specify an endpoint does not expect data
    - MAJOR: stream: Use SE descriptor date to detect read/write timeouts
    - MINOR: stream: Dump the task expiration date in trace messages
    - MINOR: stream: Report rex/wex value using the sedesc date in trace messages
    - MINOR: stream: Use relative expiration date in trace messages
    - MINOR: stconn: Always report READ/WRITE event on shutr/shutw
    - CLEANUP: stconn: Remove old read and write expiration dates
    - MINOR: stconn: Set half-close timeout using proxy settings
    - MINOR: stconn: Remove half-closed timeout
    - REGTESTS: cache: Use rxresphdrs to only get headers for 304 responses
    - MINOR: stconn: Add functions to set/clear SE_FL_EXP_NO_DATA flag from endpoint
    - BUG/MINOR: proto_ux: report correct error when bind_listener fails
    - BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
    - MINOR: proto_uxst: add resume method
    - MINOR: listener/api: add lli hint to listener functions
    - MINOR: listener: add relax_listener() function
    - MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping
    - MINOR: listener: make sure we don't pause/resume bypassed listeners
    - BUG/MEDIUM: listener: fix pause_listener() suspend return value handling
    - BUG/MINOR: listener: fix resume_listener() resume return value handling
    - BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener()
    - MINOR: listener: pause_listener() becomes suspend_listener()
    - BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume
    - BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
    - MEDIUM: proto_ux: properly suspend named UNIX listeners
    - MINOR: proto_ux: ability to dump ABNS names in error messages
    - MINOR: haproxy: always protocol unbind on startup error path
    - BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
    - BUG/MINOR: ring: do not realign ring contents on resize
    - MEDIUM: ring: make the offset relative to the head/tail instead of absolute
    - CLEANUP: ring: remove the now unused ring's offset
    - MINOR: config: add HAPROXY_BRANCH environment variable
    - BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
    - BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
    - BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
    - BUG/MINOR: stream: Remove BUG_ON about the task expiration in process_stream()
    - MINOR: stream: Handle stream's timeouts in a dedicated function
    - MEDIUM: stream: Eventually handle stream timeouts when exiting process_stream()
    - MINOR: stconn: Report a send activity when endpoint is willing to consume data
    - BUG/MEDIUM: stconn: Report a blocked send if some output data are not consumed
    - MEDIUM: mux-h1: Don't expect data from server as long as request is unfinished
    - MEDIUM: mux-h2: Don't expect data from server as long as request is unfinished
    - MEDIUM: mux-quic: Don't expect data from server as long as request is unfinished
    - DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
    - DOC: config: Replace TABs by spaces
    - BUG/MINOR: fd: used the update list from the fd's group instead of tgid
    - BUG/MEDIUM: fd: make fd_delete() support being called from a different group
    - CLEANUP: listener: only store conn counts for local threads
    - MINOR: tinfo: make thread_set functions return nth group/mask instead of first
    - MEDIUM: quic: improve fatal error handling on send
    - MINOR: quic: consider EBADF as critical on send()
    - BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
    - BUG/MINOR: mux-h1: Don't report an error on an early response close
    - BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
    - BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
    - BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip()
    - REGTEST: added tests covering smp_fetch_hdr_ip()
    - MINOR: quic: simplify return path in send functions
    - MINOR: quic: implement qc_notify_send()
    - MINOR: quic: purge txbuf before preparing new packets
    - MEDIUM: quic: implement poller subscribe on sendto error
    - MINOR: quic: notify on send ready
    - BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
    - BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
    - BUG/MEDIUM: http-ana: Don't close request side when waiting for response
    - BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
    - MINOR: ssl: Destroy ocsp update http_client during cleanup
    - MINOR: ssl: Reinsert ocsp update entries later in case of unknown error
    - MINOR: ssl: Add ocsp update success/failure counters
    - MINOR: ssl: Store specific ocsp update errors in response and update ctx
    - MINOR: ssl: Add certificate's path to certificate_ocsp structure
    - MINOR: ssl: Add 'show ssl ocsp-updates' CLI command
    - MINOR: ssl: Add sample fetches related to OCSP update
    - MINOR: ssl: Use dedicated proxy and log-format for OCSP update
    - MINOR: ssl: Reorder struct certificate_ocsp members
    - MINOR: ssl: Increment OCSP update replay delay in case of failure
    - MINOR: ssl: Add way to dump ocsp response in base64
    - MINOR: ssl: Add global options to modify ocsp update min/max delay
    - REGTESTS: ssl: Fix ocsp update crt-lists
    - REGTESTS: ssl: Add test for new ocsp update cli commands
    - MINOR: ssl: Add ocsp-update information to "show ssl crt-list"
    - BUG/MINOR: ssl: Fix ocsp-update when using "add ssl crt-list"
    - MINOR: ssl: Replace now.tv_sec with date.tv_sec in ocsp update task
    - BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
    - BUG/MEDIUM: quic: properly handle duplicated STREAM frames
    - BUG/MINOR: cli: fix CLI handler "set anon global-key" call
    - MINOR: http_ext: adding some documentation, forgot to inline function
    - BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
    - MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
    - BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
    - BUG/MINOR: quic: v2 Initial packets decryption failed
    - MINOR: quic: Add traces about QUIC TLS key update
    - BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
    - BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
    - BUG/MINOR: quic: Do not resend already acked frames
    - BUG/MINOR: quic: Missing detections of amplification limit reached
    - MINOR: quic: Send PING frames when probing Initial packet number space
    - BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
    - BUG/MAJOR: fd/thread: fix race between updates and closing FD
    - BUG/MEDIUM: dns: ensure ring offset is properly reajusted to head
    - BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
    - MINOR: quic: Do not accept wrong active_connection_id_limit values
    - MINOR: quic: Store the next connection IDs sequence number in the connection
    - MINOR: quic: Typo fix for ACK_ECN frame
    - MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
    - MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
    - MINOR: quic: Add spin bit support
    - MINOR: quic: Add transport parameters to "show quic"
    - BUG/MEDIUM: sink/forwarder: ensure ring offset is properly readjusted to head
    - BUG/MINOR: dns: fix ring offset calculation on first read
    - BUG/MINOR: dns: fix ring offset calculation in dns_resolve_send()
    - MINOR: jwt: Add support for RSA-PSS signatures (PS256 algorithm)
    - MINOR: h3: add traces on h3_init_uni_stream() error paths
    - MINOR: quic: create a global list dedicated for closing QUIC conns
    - MINOR: quic: handle new closing list in show quic
    - MEDIUM: quic: release closing connections on stopping
    - BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
    - MINOR: fd/cli: report the polling mask in "show fd"
    - CLEANUP: sock: always perform last connection updates before wakeup
    - MINOR: quic: Do not stress the peer during retransmissions of lost packets
    - BUG/MINOR: init: properly detect NUMA bindings on large systems
    - BUG/MINOR: thread: report thread and group counts in the correct order
    - BUG/MAJOR: fd/threads: close a race on closing connections after takeover
    - MINOR: debug: add random delay injection with "debug dev delay-inj"
    - BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
    - BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
    - MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
    - DOC: config: fix typo "dependeing" in bind thread description
    - DOC/CLEANUP: fix typos

2023/02/14 : 2.8-dev4
    - BUG/MINOR: stats: fix source buffer size for http dump
    - BUG/MEDIUM: stats: fix resolvers dump
    - BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
    - BUG/MINOR: stats: fix show stats field ctx for servers
    - BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
    - MINOR: quic: Update version_information transport parameter to draft-14
    - BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
    - BUG/MEDIUM: thread: fix extraneous shift in the thread_set parser
    - BUG/MEDIUM: listener/thread: bypass shards setting on failed thread resolution
    - BUG/MINOR: ssl/crt-list: warn when a line is malformated
    - BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
    - BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation
    - BUG/MEDIUM: cache: use the correct time reference when comparing dates
    - MEDIUM: clock: force internal time to wrap early after boot
    - BUILD: ssl/ocsp: ssl_ocsp-t.h depends on ssl_sock-t.h
    - MINOR: ssl/ocsp: add a function to check the OCSP update configuration
    - MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function
    - BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
    - BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
    - BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
    - MINOR: quic: implement a basic "show quic" CLI handler
    - MINOR: quic: display CIDs and state in "show quic"
    - MINOR: quic: display socket info on "show quic"
    - MINOR: quic: display infos about various encryption level on "show quic"
    - MINOR: quic: display Tx stream info on "show quic"
    - MINOR: quic: filter closing conn on "show quic"
    - BUG/MINOR: quic: fix filtering of closing connections on "show quic"
    - BUG/MEDIUM: stconn: Don't needlessly wake the stream on send during fast-forward
    - BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
    - BUG/MINOR: mworker: fix uptime for master process
    - BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
    - BUG/MEDIUM: stconn: stop to enable/disable reads from streams via si_update_rx
    - BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list
    - DOC: proxy-protocol: fix wrong byte in provided example
    - MINOR: ssl-ckch: Stop to test CF_WRITE_ERROR to commit CA/CRL file
    - MINOR: bwlim: Remove useless test on CF_READ_ERROR to detect the last packet
    - BUG/MINOR: http-ana: Fix condition to set LAST termination flag
    - BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
    - BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
    - BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
    - BUG/CRITICAL: http: properly reject empty http header field names

2023/02/04 : 2.8-dev3
    - BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
    - DEV: haring: add a new option "-r" to automatically repair broken files
    - BUG/MINOR: ssl: Fix leaks in 'update ssl ocsp-response' CLI command
    - MINOR: ssl: Remove debug fprintf in 'update ssl ocsp-response' cli command
    - MINOR: connection: add a BUG_ON() to detect destroying connection in idle list
    - MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
    - BUG/MINOR: h3: fix GOAWAY emission
    - BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
    - BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
    - BUG/MINOR: log: release global log servers on exit
    - BUG/MINOR: ring: release the backing store name on exit
    - BUG/MINOR: sink: free the forwarding task on exit
    - CLEANUP: trace: remove the QUIC-specific ifdefs
    - MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active
    - MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback
    - MINOR: trace: add the long awaited TRACE_PRINTF()
    - MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
    - MEDIUM: mux-h2/trace: add tracing support for headers
    - CLEANUP: mux-h2/trace: shorten the name of the header enc/dec functions
    - DEV: hpack: fix `trash` build regression
    - MINOR: http_htx: add http_append_header() to append value to header
    - MINOR: http_htx: add http_prepend_header() to prepend value to header
    - MINOR: sample: add ARGC_OPT
    - MINOR: proxy: introduce http only options
    - MINOR: proxy/http_ext: introduce proxy forwarded option
    - REGTEST: add ifnone-forwardfor test
    - MINOR: proxy: move 'forwardfor' option to http_ext
    - MINOR: proxy: move 'originalto' option to http_ext
    - MINOR: http_ext: introduce http ext converters
    - MINOR: http_ext: add rfc7239_is_valid converter
    - MINOR: http_ext: add rfc7239_field converter
    - MINOR: http_ext: add rfc7239_n2nn converter
    - MINOR: http_ext: add rfc7239_n2np converter
    - REGTEST: add RFC7239 forwarded header tests
    - OPTIM: http_ext/7239: introduce c_mode to save some space
    - MINOR: http_ext/7239: warn the user when fetch is not available
    - MEDIUM: proxy/http_ext: implement dynamic http_ext
    - MINOR: cfgparse/http_ext: move post-parsing http_ext steps to http_ext
    - DOC: config: fix option spop-check proxy compatibility
    - BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
    - DOC: config: 'http-send-name-header' option may be used in default section
    - BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
    - BUG/MINOR: http_ext/7239: ipv6 dumping relies on out of scope variables
    - BUG/MEDIUM: h3: do not crash if no buf space for trailers
    - OPTIM: h3: skip buf realign if no trailer to encode
    - MINOR: mux-quic/h3: define stream close callback
    - BUG/MEDIUM: h3: handle STOP_SENDING on control stream
    - BUG/MINOR: h3: reject RESET_STREAM received for control stream
    - MINOR: h3: add missing traces on closure
    - BUG/MEDIUM: ssl: wrong eviction from the session cache tree
    - BUG/MINOR: h3: fix crash due to h3 traces
    - BUG/MINOR: h3: fix crash due to h3 traces
    - BUG/MEDIUM: thread: consider secondary threads as idle+harmless during boot
    - BUG/MINOR: stats: use proper buffer size for http dump
    - BUILD: makefile: fix PCRE overriding specific lib path
    - MINOR: quic: remove fin from quic_stream frame type
    - MINOR: quic: ensure offset is properly set for STREAM frames
    - MINOR: quic: define new functions for frame alloc
    - MINOR: quic: refactor frame deallocation
    - MEDIUM: quic: implement a retransmit limit per frame
    - MINOR: quic: add config for retransmit limit
    - OPTIM: htx: inline the most common memcpy(8)
    - CLEANUP: quic: no need for atomics on packet refcnt
    - MINOR: stats: add by HTTP version cumulated number of sessions and requests
    - BUG/MINOR: quic: Possible stream truncations under heavy loss
    - BUG/MINOR: quic: Too big PTO during handshakes
    - MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
    - BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
    - MINOR: quic: When probing Handshake packet number space, also probe the Initial one
    - BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
    - MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
    - BUG/MINOR: quic: Unchecked source connection ID
    - MEDIUM: listener: move the analysers mask to the bind_conf
    - MINOR: listener: move maxseg and tcp_ut to bind_conf
    - MINOR: listener: move maxaccept from listener to bind_conf
    - MINOR: listener: move the backlog setting from listener to bind_conf
    - MINOR: listener: move the maxconn parameter to the bind_conf
    - MINOR: listener: move the ->accept callback to the bind_conf
    - MINOR: listener: remove the useless ->default_target field
    - MINOR: listener: move the nice field to the bind_conf
    - MINOR: listener: move the NOLINGER option to the bind_conf
    - MINOR: listener: move the NOQUICKACK option to the bind_conf
    - MINOR: listener: move the DEF_ACCEPT option to the bind_conf
    - MINOR: listener: move TCP_FO to bind_conf
    - MINOR: listener: move the ACC_PROXY and ACC_CIP options to bind_conf
    - MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf
    - MINOR: listener: get rid of LI_O_TCP_L4_RULES and LI_O_TCP_L5_RULES
    - CLEANUP: listener: remove the now unused options field
    - MINOR: listener: remove the now useless LI_F_QUIC_LISTENER flag
    - CLEANUP: config: remove test for impossible case regarding bind thread mask
    - MINOR: thread: add a simple thread_set API
    - MEDIUM: listener/config: make the "thread" parser rely on thread_sets
    - CLEANUP: config: stop using bind_tgroup and bind_thread
    - CLEANUP: listener/thread: remove now unused bind_conf's bind_tgroup/bind_thread
    - CLEANUP: listener/config: remove the special case for shards==1
    - MEDIUM: config: restrict shards, not bind_conf to one group each
    - BUG/MEDIUM: quic: do not split STREAM frames if no space
    - BUILD: thread: fix build warnings with older gcc compilers

2023/01/22 : 2.8-dev2
    - CLEANUP: htx: fix a typo in an error message of http_str_to_htx
    - DOC: config: added optional rst-ttl argument to silent-drop in action lists
    - BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command
    - BUG/MINOR: ssl: Crash during cleanup because of ocsp structure pointer UAF
    - MINOR: ssl: Create temp X509_STORE filled with cert chain when checking ocsp response
    - MINOR: ssl: Only set ocsp->issuer if issuer not in cert chain
    - MINOR: ssl: Release ssl_ocsp_task_ctx.cur_ocsp when destroying task
    - MINOR: ssl: Detect more OCSP update inconsistencies
    - BUG/MINOR: ssl: Fix OCSP_CERTID leak when same certificate is used multiple times
    - MINOR: ssl: Limit ocsp_uri buffer size to minimum
    - MINOR: ssl: Remove mention of ckch_store in error message of cli command
    - MINOR: channel: Don't test CF_READ_NULL while CF_SHUTR is enough
    - REORG: channel: Rename CF_READ_NULL to CF_READ_EVENT
    - REORG: channel: Rename CF_WRITE_NULL to CF_WRITE_EVENT
    - MEDIUM: channel: Use CF_READ_EVENT instead of CF_READ_PARTIAL
    - MEDIUM: channel: Use CF_WRITE_EVENT instead of CF_WRITE_PARTIAL
    - MINOR: channel: Remove CF_READ_ACTIVITY
    - MINOR: channel: Remove CF_WRITE_ACTIVITY
    - MINOR: channel: Remove CF_ANA_TIMEOUT and report CF_READ_EVENT instead
    - MEDIUM: channel: Remove CF_READ_ATTACHED and report CF_READ_EVENT instead
    - MINOR: channel: Stop to test CF_READ_ERROR flag if CF_SHUTR is enough
    - MINOR: channel/applets: Stop to test CF_WRITE_ERROR flag if CF_SHUTW is enough
    - DOC: management: add details on "Used" status
    - DOC: management: add details about @system-ca in "show ssl ca-file"
    - BUG/MINOR: mux-quic: fix transfer of empty HTTP response
    - MINOR: mux-quic: add traces for flow-control limit reach
    - MAJOR: mux-quic: rework stream sending priorization
    - MEDIUM: h3: send SETTINGS before STREAM frames
    - MINOR: mux-quic: use send-list for STOP_SENDING/RESET_STREAM emission
    - MINOR: mux-quic: use send-list for immediate sending retry
    - BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
    - BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc
    - BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
    - BUG/MINOR: ssl: Remove unneeded pointer check in ocsp cli release function
    - BUG/MINOR: ssl: Missing ssl_conf pointer check when checking ocsp update inconsistencies
    - DEV: tcploop: add minimal support for unix sockets
    - BUG/MEDIUM: listener: duplicate inherited FDs if needed
    - BUG/MINOR: ssl: OCSP minimum update threshold not properly set
    - MINOR: ssl: Treat ocsp-update inconsistencies as fatal errors
    - MINOR: ssl: Do not wake ocsp update task if update tree empty
    - MINOR: ssl: Reinsert updated ocsp response later in tree in case of http error
    - REGTEST: ssl: Add test for 'update ssl ocsp-response' CLI command
    - OPTIM: global: move byte counts out of global and per-thread
    - BUG/MEDIUM: peers: make "show peers" more careful about partial initialization
    - BUG/MINOR: promex: Don't forget to consume the request on error
    - MINOR: http-ana: Add a function to set HTTP termination flags
    - MINOR: http-ana: Use http_set_term_flags() in most of HTTP analyzers
    - BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
    - MINOR: http-ana: Use http_set_term_flags() when waiting the request body
    - BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
    - MAJOR: http-ana: Review error handling during HTTP payload forwarding
    - CLEANUP: http-ana: Remove HTTP_MSG_ERROR state
    - BUG/MEDIUM: mux-h2: Don't send CANCEL on shutw when response length is unkown
    - MINOR: htx: Add an HTX value for the extra field is payload length is unknown
    - BUG/MINOR: http-ana: make set-status also update txn->status
    - BUG/MINOR: listeners: fix suspend/resume of inherited FDs
    - DOC: config: fix wrong section number for "protocol prefixes"
    - DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@"
    - DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes
    - MINOR: listener: also support "quic+" as an address prefix
    - CLEANUP: stconn: always use se_fl_set_error() to set the pending error
    - BUG/MEDIUM: stconn: also consider SE_FL_EOI to switch to SE_FL_ERROR
    - MINOR: quic: Useless test about datagram destination addresses
    - MINOR: quic: Disable the active connection migrations
    - MINOR: quic: Add "no-quic" global option
    - MINOR: sample: Add "quic_enabled" sample fetch
    - MINOR: quic: Replace v2 draft definitions by those of the final 2 version
    - BUG/MINOR: mux-fcgi: Correctly set pathinfo
    - DOC: config: fix "Address formats" chapter syntax
    - BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)
    - BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7
    - Revert "BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7"
    - BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
    - BUG/MINOR: listener: close tiny race between resume_listener() and stopping
    - BUG/MINOR: h3: properly handle connection headers
    - MINOR: h3: extend function for QUIC varint encoding
    - MINOR: h3: implement TRAILERS encoding
    - BUG/MINOR: bwlim: Check scope for period expr for set-bandwitdh-limit actions
    - MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
    - BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions
    - MINOR: h3: implement TRAILERS decoding
    - BUG/MEDIUM: fd/threads: fix again incorrect thread selection in wakeup broadcast
    - BUG/MINOR: thread: always reload threads_enabled in loops
    - MINOR: threads: add a thread_harmless_end() version that doesn't wait
    - BUG/MEDIUM: debug/thread: make the debug handler not wait for !rdv_requests
    - BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
    - BUG/MINOR: mux-h2: add missing traces on failed headers decoding
    - BUILD: hpack: include global.h for the trash that is needed in debug mode
    - BUG/MINOR: jwt: Wrong return value checked
    - BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
    - MEDIUM: quic-sock: fix udp source address for send on listener socket

2023/01/07 : 2.8-dev1
    - MEDIUM: 51d: add support for 51Degrees V4 with Hash algorithm
    - MINOR: debug: support pool filtering on "debug dev memstats"
    - MINOR: debug: add a balance of alloc - free at the end of the memstats dump
    - LICENSE: wurfl: clarify the dummy library license.
    - MINOR: event_hdl: add event handler base api
    - DOC/MINOR: api: add documentation for event_hdl feature
    - MEDIUM: ssl: rename the struct "cert_key_and_chain" to "ckch_data"
    - MINOR: quic: remove qc from quic_rx_packet
    - MINOR: quic: complete traces in qc_rx_pkt_handle()
    - MINOR: quic: extract datagram parsing code
    - MINOR: tools: add port for ipcmp as optional criteria
    - MINOR: quic: detect connection migration
    - MINOR: quic: ignore address migration during handshake
    - MINOR: quic: startup detect for quic-conn owned socket support
    - MINOR: quic: test IP_PKTINFO support for quic-conn owned socket
    - MINOR: quic: define config option for socket per conn
    - MINOR: quic: allocate a socket per quic-conn
    - MINOR: quic: use connection socket for emission
    - MEDIUM: quic: use quic-conn socket for reception
    - MEDIUM: quic: move receive out of FD handler to quic-conn io-cb
    - MINOR: mux-quic: rename duplicate function names
    - MEDIUM: quic: requeue datagrams received on wrong socket
    - MINOR: quic: reconnect quic-conn socket on address migration
    - MINOR: quic: activate socket per conn by default
    - BUG/MINOR: ssl: initialize SSL error before parsing
    - BUG/MINOR: ssl: initialize WolfSSL before parsing
    - BUG/MINOR: quic: fix fd leak on startup check quic-conn owned socket
    - BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
    - MINOR: server: add srv->rid (revision id) value
    - MINOR: stats: add server revision id support
    - MINOR: server/event_hdl: add support for SERVER_ADD and SERVER_DEL events
    - MINOR: server/event_hdl: add support for SERVER_UP and SERVER_DOWN events
    - BUG/MEDIUM: checks: do not reschedule a possibly running task on state change
    - BUG/MINOR: checks: make sure fastinter is used even on forced transitions
    - CLEANUP: assorted typo fixes in the code and comments
    - MINOR: mworker: display an alert upon a wait-mode exit
    - BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
    - BUG/MEDIUM: mworker: create the mcli_reload socketpairs in case of upgrade
    - BUG/MINOR: checks: restore legacy on-error fastinter behavior
    - MINOR: check: use atomic for s->consecutive_errors
    - MINOR: stats: properly handle ST_F_CHECK_DURATION metric
    - MINOR: mworker: remove unused legacy code in mworker_cleanlisteners
    - MINOR: peers: unused code path in process_peer_sync
    - BUG/MINOR: init/threads: continue to limit default thread count to max per group
    - CLEANUP: init: remove useless assignment of nbthread
    - BUILD: atomic: atomic.h may need compiler.h on ARMv8.2-a
    - BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir
    - BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task
    - CLEANUP: pools: move the write before free to the uaf-only function
    - CLEANUP: pool: only include pool-os from pool.c not pool.h
    - REORG: pool: move all the OS specific code to pool-os.h
    - CLEANUP: pools: get rid of CONFIG_HAP_POOLS
    - DEBUG: pool: show a few examples in -dMhelp
    - MINOR: pools: make DEBUG_UAF a runtime setting
    - BUG/MINOR: promex: create haproxy_backend_agg_server_status
    - MINOR: promex: introduce haproxy_backend_agg_check_status
    - DOC: promex: Add missing backend metrics
    - BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
    - REGTESTS: fix the race conditions in iff.vtc
    - CI: github: reintroduce openssl 1.1.1
    - BUG/MINOR: quic: properly handle alloc failure in qc_new_conn()
    - BUG/MINOR: quic: handle alloc failure on qc_new_conn() for owned socket
    - CLEANUP: mux-quic: remove unused attribute on qcs_is_close_remote()
    - BUG/MINOR: mux-quic: remove qcs from opening-list on free
    - BUG/MINOR: mux-quic: handle properly alloc error in qcs_new()
    - CI: github: split ssl lib selection based on git branch
    - REGTESTS: startup: check maxconn computation
    - BUG/MINOR: startup: don't use internal proxies to compute the maxconn
    - REGTESTS: startup: change the expected maxconn to 11000
    - CI: github: set ulimit -n to a greater value
    - REGTESTS: startup: activate automatic_maxconn.vtc
    - MINOR: sample: add param converter
    - CLEANUP: ssl: remove check on srv->proxy
    - BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters
    - BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
    - REGTESTS: startup: add alternatives values in automatic_maxconn.vtc
    - BUG/MEDIUM: h3: reject request with invalid header name
    - BUG/MEDIUM: h3: reject request with invalid pseudo header
    - MINOR: http: extract content-length parsing from H2
    - BUG/MEDIUM: h3: parse content-length and reject invalid messages
    - CI: github: remove redundant ASAN loop
    - CI: github: split matrix for development and stable branches
    - BUG/MEDIUM: mux-h1: Don't release H1 stream upgraded from TCP on error
    - BUG/MINOR: mux-h1: Fix test instead a BUG_ON() in h1_send_error()
    - MINOR: http-htx: add BUG_ON to prevent API error on http_cookie_register
    - BUG/MEDIUM: h3: fix cookie header parsing
    - BUG/MINOR: h3: fix memleak on HEADERS parsing failure
    - MINOR: h3: check return values of htx_add_* on headers parsing
    - MINOR: ssl: Remove unneeded buffer allocation in show ocsp-response
    - MINOR: ssl: Remove unnecessary alloc'ed trash chunk in show ocsp-response
    - BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
    - MINOR: stats: provide ctx for dumping functions
    - MINOR: stats: introduce stats field ctx
    - BUG/MINOR: stats: fix show stat json buffer limitation
    - MINOR: stats: make show info json future-proof
    - BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset
    - BUILD: 51d: fix build issue with recent compilers
    - REGTESTS: startup: disable automatic_maxconn.vtc
    - BUILD: peers: peers-t.h depends on stick-table-t.h
    - BUG/MEDIUM: tests: use tmpdir to create UNIX socket
    - BUG/MINOR: mux-h1: Report EOS on parsing/internal error for not running stream
    - BUG/MINOR:: mux-h1: Never handle error at mux level for running connection
    - BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats
    - OPTIM: pool: split the read_mostly from read_write parts in pool_head
    - MINOR: pool: make the thread-local hot cache size configurable
    - MINOR: freq_ctr: add opportunistic versions of swrate_add()
    - MINOR: pool: only use opportunistic versions of the swrate_add() functions
    - REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL
    - BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list
    - BUG/MEDIUM: quic: properly take shards into account on bind lines
    - BUG/MINOR: quic: do not allocate more rxbufs than necessary
    - MINOR: ssl: Add a lock to the OCSP response tree
    - MINOR: httpclient: Make the CLI flags public for future use
    - MINOR: ssl: Add helper function that extracts an OCSP URI from a certificate
    - MINOR: ssl: Add OCSP request helper function
    - MINOR: ssl: Add helper function that checks the validity of an OCSP response
    - MINOR: ssl: Add "update ssl ocsp-response" cli command
    - MEDIUM: ssl: Add ocsp_certid in ckch structure and discard ocsp buffer early
    - MINOR: ssl: Add ocsp_update_tree and helper functions
    - MINOR: ssl: Add crt-list ocsp-update option
    - MINOR: ssl: Store 'ocsp-update' mode in the ckch_data and check for inconsistencies
    - MEDIUM: ssl: Insert ocsp responses in update tree when needed
    - MEDIUM: ssl: Add ocsp update task main function
    - MEDIUM: ssl: Start update task if at least one ocsp-update option is set to on
    - DOC: ssl: Add documentation for ocsp-update option
    - REGTESTS: ssl: Add tests for ocsp auto update mechanism
    - MINOR: ssl: Move OCSP code to a dedicated source file
    - BUG/MINOR: ssl/ocsp: check chunk_strcpy() in ssl_ocsp_get_uri_from_cert()
    - CLEANUP: ssl/ocsp: add spaces around operators
    - BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
    - BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
    - BUG/MINOR: ssl/ocsp: httpclient blocked when doing a GET
    - MINOR: httpclient: don't add body when istlen is empty
    - MEDIUM: httpclient: change the default log format to skip duplicate proxy data
    - BUG/MINOR: httpclient/log: free of invalid ptr with httpclient_log_format
    - MEDIUM: mux-quic: implement shutw
    - MINOR: mux-quic: do not count stream flow-control if already closed
    - MINOR: mux-quic: handle RESET_STREAM reception
    - MEDIUM: mux-quic: implement STOP_SENDING emission
    - MINOR: h3: use stream error when needed instead of connection
    - CI: github: enable github api authentication for OpenSSL tags read
    - BUG/MINOR: mux-quic: ignore remote unidirectional stream close
    - CI: github: use the GITHUB_TOKEN instead of a manually generated token
    - BUILD: makefile: build the features list dynamically
    - BUILD: makefile: move common options-oriented macros to include/make/options.mk
    - BUILD: makefile: sort the features list
    - BUILD: makefile: initialize all build options' variables at once
    - BUILD: makefile: add a function to collect all options' CFLAGS/LDFLAGS
    - BUILD: makefile: start to automatically collect CFLAGS/LDFLAGS
    - BUILD: makefile: ensure that all USE_* handlers appear before CFLAGS are used
    - BUILD: makefile: clean the wolfssl include and lib generation rules
    - BUILD: makefile: make sure to also ignore SSL_INC when using wolfssl
    - BUILD: makefile: reference libdl only once
    - BUILD: makefile: make sure LUA_INC and LUA_LIB are always initialized
    - BUILD: makefile: do not restrict Lua's prepend path to empty LUA_LIB_NAME
    - BUILD: makefile: never force -latomic, set USE_LIBATOMIC instead
    - BUILD: makefile: add an implicit USE_MATH variable for -lm
    - BUILD: makefile: properly report USE_PCRE/USE_PCRE2 in features
    - CLEANUP: makefile: properly indent ifeq/ifneq conditional blocks
    - BUILD: makefile: rework 51D to split v3/v4
    - BUILD: makefile: support LIBCRYPT_LDFLAGS
    - BUILD: makefile: support RT_LDFLAGS
    - BUILD: makefile: support THREAD_LDFLAGS
    - BUILD: makefile: support BACKTRACE_LDFLAGS
    - BUILD: makefile: support SYSTEMD_LDFLAGS
    - BUILD: makefile: support ZLIB_CFLAGS and ZLIB_LDFLAGS
    - BUILD: makefile: support ENGINE_CFLAGS
    - BUILD: makefile: support OPENSSL_CFLAGS and OPENSSL_LDFLAGS
    - BUILD: makefile: support WOLFSSL_CFLAGS and WOLFSSL_LDFLAGS
    - BUILD: makefile: support LUA_CFLAGS and LUA_LDFLAGS
    - BUILD: makefile: support DEVICEATLAS_CFLAGS and DEVICEATLAS_LDFLAGS
    - BUILD: makefile: support PCRE[2]_CFLAGS and PCRE[2]_LDFLAGS
    - BUILD: makefile: refactor support for 51DEGREES v3/v4
    - BUILD: makefile: support WURFL_CFLAGS and WURFL_LDFLAGS
    - BUILD: makefile: make all OpenSSL variants use the same settings
    - BUILD: makefile: remove the special case of the SSL option
    - BUILD: makefile: only consider settings from enabled options
    - BUILD: makefile: also list per-option settings in 'make opts'
    - BUG/MINOR: debug: don't mask the TH_FL_STUCK flag before dumping threads
    - MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn()
    - BUG/MINOR: ssl: Missing goto in error path in ocsp update code
    - BUG/MINOR: stick-table: report the correct action name in error message
    - CI: Improve headline in matrix.py
    - CI: Add in-memory cache for the latest OpenSSL/LibreSSL
    - CI: Use proper `if` blocks instead of conditional expressions in matrix.py
    - CI: Unify the `GITHUB_TOKEN` name across matrix.py and vtest.yml
    - CI: Explicitly check environment variable against `None` in matrix.py
    - CI: Reformat `matrix.py` using `black`
    - MINOR: config: add environment variables for default log format
    - REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests
    - REGTESTS: Remove REQUIRE_VERSION=2.0 from all tests
    - REGTESTS: Remove tests with REQUIRE_VERSION_BELOW=1.9
    - BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
    - BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
    - DOC: config: fix alphabetical ordering of http-after-response rules
    - MINOR: http-rules: Add missing actions in http-after-response ruleset
    - DOC: config: remove duplicated "http-response sc-set-gpt0" directive
    - BUG/MINOR: proxy: free orgto_hdr_name in free_proxy()
    - REGTEST: fix the race conditions in json_query.vtc
    - REGTEST: fix the race conditions in add_item.vtc
    - REGTEST: fix the race conditions in digest.vtc
    - REGTEST: fix the race conditions in hmac.vtc
    - BUG/MINOR: fd: avoid bad tgid assertion in fd_delete() from deinit()
    - BUG/MINOR: http: Memory leak of http redirect rules' format string
    - MEDIUM: stick-table: set the track-sc limit at boottime via tune.stick-counters
    - MINOR: stick-table: implement the sc-add-gpc() action

2022/12/01 : 2.8-dev0
    - MINOR: version: mention that it's development again

2022/12/01 : 2.7.0
    - MINOR: ssl: forgotten newline in error messages on ca-file
    - BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init
    - DOC: config: provide some configuration hints for "http-reuse"
    - DOC: config: refer to section about quoting in the "add_item" converter
    - DOC: halog: explain how to use -ac and -ad in the help message
    - DOC: config: clarify the fact that SNI should not be used in HTTP scenarios
    - DOC: config: mention that a single monitor-uri rule is supported
    - DOC: config: explain how default matching method for ACL works
    - DOC: config: clarify the fact that "retries" is not just for connections
    - BUILD: halog: fix missing double-quote at end of help line
    - DOC: config: clarify the -m dir and -m dom pattern matching methods
    - MINOR: activity: report uptime in "show activity"
    - REORG: activity/cli: move the "show activity" handler to activity.c
    - DEV: poll: add support for epoll
    - DEV: tcploop: centralize the polling code into wait_for_fd()
    - DEV: tcploop: add support for POLLRDHUP when supported
    - DEV: tcploop: do not report an error on POLLERR
    - DEV: tcploop: add optional support for epoll
    - SCRIPTS: announce-release: add a link to the data plane API
    - CLEANUP: stick-table: fill alignment holes in the stktable struct
    - MINOR: stick-table: store a per-table hash seed and use it
    - MINOR: stick-table: show the shard number in each entry's "show table" output
    - CLEANUP: ncbuf: remove ncb_blk args by value
    - CLEANUP: ncbuf: inline small functions
    - CLEANUP: ncbuf: use standard BUG_ON with DEBUG_STRICT
    - BUG/MINOR: quic: Endless loop during retransmissions
    - MINOR: mux-h2: add the expire task and its expiration date in "show fd"
    - BUG/MINOR: peers: always initialize the stksess shard value
    - REGTESTS: fix peers-related regtests regarding "show table"
    - BUG/MEDIUM: mux-h1: Close client H1C on EOS when there is no output data
    - MINOR: stick-table: change the API of the function used to calculate the shard
    - CLEANUP: peers: factor out the key len calculation in received updates
    - BUG/MINOR: peers: always update the stksess shard number on incoming updates
    - CLEANUP: assorted typo fixes in the code and comments
    - MINOR: mux-h1: add the expire task and its expiration date in "show fd"
    - MINOR: debug: improve error handling on the memstats command parser
    - BUILD: quic: allow build with USE_QUIC and USE_OPENSSL_WOLFSSL
    - CLEANUP: anon: clarify the help message on "debug dev hash"
    - MINOR: debug: relax access restrictions on "debug dev hash" and "memstats"
    - SCRIPTS: run-regtests: add a version check
    - MINOR: version: mention that it's stable now

2022/11/24 : 2.7-dev10
    - MEDIUM: tcp-act: add parameter rst-ttl to silent-drop
    - BUG/MAJOR: quic: Crash upon retransmission of dgrams with several packets
    - MINOR: cli: print parsed command when not found
    - BUG/MAJOR: quic: Crash after discarding packet number spaces
    - CLEANUP: quic: replace "choosen" with "chosen" all over the code
    - MINOR: cli/pools: store "show pools" results into a temporary array
    - MINOR: cli/pools: add sorting capabilities to "show pools"
    - MINOR: cli/pools: add pool name filtering capability to "show pools"
    - DOC: configuration: fix quic prefix typo
    - MINOR: quic: report error if force-retry without cluster-secret
    - MINOR: global: generate random cluster.secret if not defined
    - BUG/MINOR: resolvers: do not run the timeout task when there's no resolution
    - BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns
    - MINOR: server/idle: make the next_takeover index per-tgroup
    - BUILD: listener: fix build warning on global_listener_rwlock without threads
    - BUG/MAJOR: sched: protect task during removal from wait queue
    - BUILD: sched: fix build with DEBUG_THREAD with the previous commit
    - DOC: quic: add note on performance issue with listener contention
    - BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance
    - BUG/MINOR: log: fix parse_log_message rfc5424 size check
    - CLEANUP: arg: remove extra check in make_arg_list arg escaping
    - CLEANUP: tools: extra check in utoa_pad
    - MINOR: h1: Consider empty port as invalid in authority for CONNECT
    - MINOR: http: Considere empty ports as valid default ports
    - BUG/MINOR: http-htx: Normalized absolute URIs with an empty port
    - BUG/MINOR: h1: Replace authority validation to conform RFC3986
    - REG-TESTS: http: Add more tests about authority/host matching
    - BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
    - BUG/MEDIUM: mux-h1: Don't release H1C on timeout if there is a SC attached
    - BUG/MEDIUM: mux-h1: Subscribe for reads on error on sending path
    - BUILD: http-htx: Silent build error about a possible NULL start-line
    - DOC: configuration.txt: add default_value for table_idle signature
    - BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()
    - BUG/MEDIUM: mux-h1: Remove H1C_F_WAIT_NEXT_REQ flag on a next request
    - BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out
    - MINOR: mux-h1: Remove H1C_F_WAIT_NEXT_REQ in functions handling errors
    - MINOR: mux-h1: Avoid useless call to h1_send() if no error is sent
    - DOC: configuration.txt: fix typo in table_idle signature
    - BUILD: stick-tables: fix build breakage in xxhash on older compilers
    - BUILD: compiler: include compiler's definitions before ours
    - BUILD: quic: global.h is needed in cfgparse-quic
    - CLEANUP: tools: do not needlessly include xxhash nor cli from tools.h
    - BUILD: flags: really restrict the cases where flags are exposed
    - BUILD: makefile: minor reordering of objects by build time
    - BUILD: quic: silence two invalid build warnings at -O1 with gcc-6.5
    - BUILD: quic: use openssl-compat.h instead of openssl/ssl.h
    - MEDIUM: ssl: add minimal WolfSSL support with OpenSSL compatibility mode
    - MINOR: sample: make the rand() sample fetch function use the statistical_prng
    - MINOR: auth: silence null dereference warning in check_user()
    - CLEANUP: peers: fix format string for status messages (int signedness)
    - CLEANUP: qpack: fix format string in debugging code (int signedness)
    - CLEANUP: qpack: properly use the QPACK macros not HPACK ones in debug code
    - BUG/MEDIUM: quic: fix datagram dropping on queueing failed

2022/11/18 : 2.7-dev9
    - BUILD: quic: QUIC mux build fix for 32-bit build
    - BUILD: scripts: disable tests build on QuicTLS build
    - BUG/MEDIUM: httpclient: segfault when the httpclient parser fails
    - BUILD: ssl_sock: fix null dereference for QUIC build
    - BUILD: quic: Fix build for m68k cross-compilation
    - BUG/MINOR: quic: fix buffer overflow on retry token generation
    - MINOR: quic: add version field on quic_rx_packet
    - MINOR: quic: extend pn_offset field from quic_rx_packet
    - MINOR: quic: define first packet flag
    - MINOR: quic: extract connection retrieval
    - MINOR: quic: split and rename qc_lstnr_pkt_rcv()
    - MINOR: quic: refactor packet drop on reception
    - MINOR: quic: extend Retry token check function
    - BUG/MINOR: log: Preserve message facility when the log target is a ring buffer
    - BUG/MINOR: ring: Properly parse connect timeout
    - BUG/MEDIUM: httpclient/lua: crash when the lua task timeout before the httpclient
    - BUG/MEDIUM: httpclient: check if the httpclient was released in the IO handler
    - REGTESTS: httpclient/lua: test the lua task timeout with the httpclient
    - CI: github: dump the backtrace of coredumps in the alpine container
    - BUILD: Makefile: add "USE_SHM_OPEN" on the linux-musl target
    - DOC: lua: add a note about compression w/ httpclient
    - CLEANUP: mworker/cli: rename the status function to loadstatus
    - MINOR: mworker/cli: does no try to dump the startup-logs w/o USE_SHM_OPEN
    - MINOR: list: fixing typo in MT_LIST_LOCK_ELT
    - DOC/MINOR: list: fixing MT_LIST_LOCK_ELT macro documentation
    - MINOR: list: adding MT_LIST_APPEND_LOCKED macro
    - BUG/MINOR: mux-quic: complete flow-control for uni streams
    - BUG/MEDIUM: compression: handle rewrite errors when updating response headers
    - MINOR: quic: do not crash on unhandled sendto error
    - MINOR: quic: display unknown error sendto counter on stat page
    - MINOR: peers: Support for peer shards
    - MINOR: peers: handle multiple resync requests using shards
    - BUG/MINOR: sink: Only use backend capability for the sink proxies
    - BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers
    - MINOR: ssl: add the SSL error string when failing to load a certificate
    - MINOR: ssl: add the SSL error string before the chain
    - MEDIUM: ssl: be stricter about chain error
    - BUG/MAJOR: stick-table: don't process store-response rules for applets
    - MINOR: quic: remove unnecessary quic_session_accept()
    - BUG/MINOR: quic: fix subscribe operation
    - BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting
    - MINOR: ssl: dump the SSL string error when SSL_CTX_use_PrivateKey() failed.
    - MINOR: quic: add counter for interrupted reception
    - BUG/MINOR: quic: fix race condition on datagram purging
    - CI: add monthly gcc cross compile jobs
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: ssl: remove dead code in ssl_sock_load_pem_into_ckch()
    - BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file
    - BUG/MINOR: ssl: Memory leak of DH BIGNUM fields
    - BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
    - BUG/MINOR: ssl: ocsp structure not freed properly in case of error
    - CI: switch to the "latest" LibreSSL
    - CI: enable QUIC for LibreSSL builds
    - BUG/MEDIUM: ssl: Verify error codes can exceed 63
    - MEDIUM: ssl: {ca,crt}-ignore-err can now use error constant name
    - MINOR: ssl: x509_v_err_str converter transforms an integer to a X509_V_ERR name
    - CLEANUP: cli: rename dynamic error printing state
    - MINOR: cli: define usermsgs print context
    - MINOR: server: clear prefix on stderr logs after add server
    - BUG/MINOR: ssl: bind_conf is uncorrectly accessed when using QUIC
    - BUILD: ssl_utils: fix build on gcc versions before 8
    - BUILD: debug: remove unnecessary quotes in HA_WEAK() calls
    - CI: emit the compiler's version in the build reports
    - IMPORT: xxhash: update xxHash to version 0.8.1
    - IMPORT: slz: declare len to fix debug build when optimal match is enabled
    - IMPORT: slz: mention the potential header in slz_finish()
    - IMPORT: slz: define and use a __fallthrough statement for switch/case
    - BUILD: compiler: add a macro to detect if another one is set and equals 1
    - BUILD: compiler: add a default definition for __has_attribute()
    - BUILD: compiler: define a __fallthrough statement for switch/case
    - BUILD: sample: use __fallthrough in smp_is_rw() and smp_dup()
    - BUILD: quic: use __fallthrough in quic_connect_server()
    - BUILD: ssl/crt-list: use __fallthrough in cli_io_handler_add_crtlist()
    - BUILD: ssl: use __fallthrough in cli_io_handler_commit_{cert,cafile_crlfile}()
    - BUILD: ssl: use __fallthrough in cli_io_handler_tlskeys_files()
    - BUILD: hlua: use __fallthrough in hlua_post_init_state()
    - BUILD: stream: use __fallthrough in stats_dump_full_strm_to_buffer()
    - BUILD: tcpcheck: use __fallthrough in check_proxy_tcpcheck()
    - BUILD: stats: use __fallthrough in stats_dump_proxy_to_buffer()
    - BUILD: peers: use __fallthrough in peer_io_handler()
    - BUILD: hash: use __fallthrough in hash_djb2()
    - BUILD: tools: use __fallthrough in url_decode()
    - BUILD: args: use __fallthrough in make_arg_list()
    - BUILD: acl: use __fallthrough in parse_acl_expr()
    - BUILD: spoe: use __fallthrough in spoe_handle_appctx()
    - BUILD: logs: use __fallthrough in build_log_header()
    - BUILD: check: use __fallthrough in __health_adjust()
    - BUILD: http_act: use __fallthrough in parse_http_del_header()
    - BUILD: h1_htx: use __fallthrough in h1_parse_chunk()
    - BUILD: vars: use __fallthrough in var_accounting_{diff,add}()
    - BUILD: map: use __fallthrough in cli_io_handler_*()
    - BUILD: compression: use __fallthrough in comp_http_payload()
    - BUILD: stconn: use __fallthrough in various shutw() functions
    - BUILD: prometheus: use __fallthrough in promex_dump_metrics() and IO handler()
    - CLEANUP: ssl: remove printf in bind_parse_ignore_err
    - BUG/MINOR: ssl:  crt-ignore-err memory leak with 'all' parameter
    - BUG/MINOR: ssl: Fix potential overflow
    - CLEANUP: stick-table: remove the unused table->exp_next
    - OPTIM: stick-table: avoid atomic ops in stktable_requeue_exp() when possible
    - BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
    - MEDIUM: http-ana: remove set-cookie2 support
    - BUG/MEDIUM: wdt/clock: properly handle early task hangs
    - MINOR: deinit: add a "quick-exit" option to bypass the deinit step
    - OPTIM: ebtree: make ebmb_insert_prefix() keep a copy the new node's pfx
    - OPTIM: ebtree: make ebmb_insert_prefix() keep a copy the new node's key
    - MINOR: ssl: ssl_sock_load_cert_chain() display error strings
    - MINOR: ssl: reintroduce ERR_GET_LIB(ret) == ERR_LIB_PEM in ssl_sock_load_pem_into_ckch()
    - BUG/MINOR: http-htx: Fix error handling during parsing http replies
    - BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure
    - BUG/MINOR: resolvers: Set port before IP address when processing SRV records
    - BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy
    - BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once
    - BUG/MINOR: ssl: SSL_load_error_strings might not be defined
    - MINOR: pool/debug: create a new pool_alloc_flag() macro
    - MINOR: dynbuf: switch allocation and release to macros to better track users
    - BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers
    - REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses
    - DOC: config: fix alphabetical ordering of global section
    - MINOR: trace: split the CLI "trace" parser in CLI vs statement
    - MEDIUM: trace: create a new "trace" statement in the "global" section
    - BUG/MEDIUM: ring: fix creation of server in uninitialized ring
    - BUILD: quic: fix dubious 0-byte overflow on qc_release_lost_pkts
    - BUILD: makefile: mark poll and tcploop targets as phony
    - BUILD: makefile: properly pass CC to sub-projects
    - BUILD: makefile: move default verbosity settings to include/make/verbose.mk
    - BUILD: makefile: use $(cmd_MAKE) in quiet mode
    - BUILD: makefile: move the compiler option detection stuff to compiler.mk
    - DEV: poll: make the connect() step an action as well
    - DEV: poll: strip the "do_" prefix from reported function names
    - DEV: poll: indicate the FD's side in front of its value
    - BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes
    - MINOR: mux-h1: Remove usless code inside shutr callback
    - CLEANUP: mux-h1; Rename H1S_F_ERROR flag into H1S_F_ERROR_MASK
    - REORG: mux-h1: Reorg the H1C structure
    - CLEANUP: mux-h1: Rename H1C_F_ST_ERROR and H1C_F_ST_SILENT_SHUT flags
    - MINOR: mux-h1: Add a dedicated enum to deal with H1 connection state
    - MEDIUM: mux-h1: Handle H1C states via its state field instead of H1C_F_ST_*
    - MINOR: mux-h1: Don't handle subscribe for reads in h1_process_demux()
    - CLEANUP: mux-h1: Rename H1C_F_ERR_PENDING into H1C_F_ABRT_PENDING
    - MINOR: mux-h1: Add flag on H1 stream to deal with internal errors
    - MEDIUM: mux-h1: Rely on the H1C to deal with shutdown for reads
    - CLEANUP: mux-h1: Reorder H1 connection flags to avoid holes
    - MEDIUM: mux-h1: Don't report a final error whe a message is aborted
    - MEDIUM: mux-pt: Don't always set a final error on SE on the sending path
    - MEDIUM: mux-h2: Introduce flags to deal with connection read/write errors
    - CLEANUP: mux-h2: Remove unused fields in h2c structures
    - MEDIUM: mux-fcgi: Introduce flags to deal with connection read/write errors
    - MINOR: sconn: Set SE_FL_ERROR only when there is no more data to read
    - MINOR: mux-h1: Rely on a H1S flag to know a WS key was found or not
    - DOC: lua-api: Remove warning about the lua filters
    - BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
    - CLEANUP: listener: Remove useless task_queue from manage_global_listener_queue
    - BUG/MINOR: mux-h1: Fix error handling when H1S allocation failed on client side
    - DOC: internal: commit notes about polling states and flags
    - DOC: internal: commit notes about polling states and flags on connect()
    - CLEANUP: mux-h1: Don't test h1c in h1_shutw_conn()
    - BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
    - BUG/MEDIUM: raw-sock: Don't report connection error if something was received
    - BUG/MINOR: ssl: don't initialize the keylog callback when not required
    - BUILD: Makefile: enable USE_SHM_OPEN by default on freebsd
    - BUG/MEDIUM: peers: messages about unkown tables not correctly ignored
    - MINOR: cfgparse: Always check the section position
    - MEDIUM: thread: Restric nbthread/thread-group(s) to very first global sections
    - BUILD: peers: Remove unused variables
    - MINOR: ncbuf: complete doc for ncb_advance()
    - BUG/MEDIUM: quic: fix unsuccessful handshakes on ncb_advance error
    - BUG/MEDIUM: quic: fix memleak for out-of-order crypto data
    - MINOR: quic: complete traces/debug for handshake

2022/10/14 : 2.7-dev8
    - BUG/MINOR: checks: update pgsql regex on auth packet
    - DOC: config: Fix pgsql-check documentation to make user param mandatory
    - CLEANUP: mux-quic: remove usage of non-standard ull type
    - CLEANUP: quic: remove global var definition in quic_tls header
    - BUG/MINOR: quic: adjust quic_tls prototypes
    - CLEANUP: quic: fix headers
    - CLEANUP: quic: remove unused function prototype
    - CLEANUP: quic: remove duplicated varint code from xprt_quic.h
    - CLEANUP: quic: create a dedicated quic_conn module
    - BUG/MINOR: mux-quic: ignore STOP_SENDING for locally closed stream
    - BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure
    - BUG/MEDIUM: lua: handle stick table implicit arguments right.
    - BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os
    - MINOR: fd: add a new function to only raise RLIMIT_NOFILE
    - MINOR: init: do not try to shrink existing RLIMIT_NOFIlE
    - BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth()
    - BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os
    - BUG/MINOR: hlua: hlua_channel_insert_data() behavior conflicts with documentation
    - MINOR: quic: limit usage of ssl_sock_ctx in favor of quic_conn
    - MINOR: mux-quic: check quic-conn return code on Tx
    - CLEANUP: quic: fix indentation
    - MEDIUM: quic: retrieve frontend destination address
    - CLEANUP: Reapply ist.cocci (2)
    - CLEANUP: Reapply strcmp.cocci
    - CLEANUP: quic/receiver: remove the now unused tx_qring list
    - BUG/MINOR: quic: set IP_PKTINFO socket option for QUIC receivers only
    - MINOR: hlua: some luaL_checktype() calls were not guarded with MAY_LJMP
    - DOC: configuration: missing 'if' in tcp-request content example
    - MINOR: hlua: removing ambiguous lua_pushvalue with 0 index
    - BUG/MAJOR: stick-tables: do not try to index a server name for applets
    - MINOR: plock: support disabling exponential back-off
    - MINOR: freq_ctr: use the thread's local time whenever possible
    - MEDIUM: stick-table: switch the table lock to rwlock
    - MINOR: stick-table: do not take an exclusive lock when downing ref_cnt
    - MINOR: stick-table: move the write lock inside stktable_touch_with_exp()
    - MEDIUM: stick-table: only take the lock when needed in stktable_touch_with_exp()
    - MEDIUM: stick-table: make stksess_kill_if_expired() avoid the exclusive lock
    - MEDIUM: stick-table: return inserted entry in __stktable_store()
    - MEDIUM: stick-table: free newly allocated stkess if it couldn't be inserted
    - MEDIUM: stick-table: switch to rdlock in stktable_lookup() and lookup_key()
    - MEDIUM: stick-table: make stktable_get_entry() look up under a read lock
    - MEDIUM: stick-table: do not take a lock to update t->current anymore.
    - MEDIUM: stick-table: make stktable_set_entry() look up under a read lock
    - MEDIUM: stick-table: requeue the expiration task out of the exclusive lock
    - MINOR: stick-table: split stktable_store() between key and requeue
    - MEDIUM: stick-table: always use atomic ops to requeue the table's task
    - MEDIUM: stick-table: requeue the wakeup task out of the write lock
    - BUG/MINOR: stick-table: fix build with DEBUG_THREAD
    - REORG: mux-fcgi: Extract flags and enums into mux_fcgi-t.h
    - MINOR: flags/mux-fcgi: Decode FCGI connection and stream flags
    - BUG/MEDIUM: mux-h1: Add connection error handling when reading/sending on a pipe
    - BUG/MEDIUM: mux-h1: Handle abort with an incomplete message during parsing
    - BUG/MINOR: server: make sure "show servers state" hides private bits
    - MINOR: checks: use the lighter PRNG for spread checks
    - MEDIUM: checks: spread the checks load over random threads
    - CI: SSL: use proper version generating when "latest" semantic is used
    - CI: SSL: temporarily stick to LibreSSL=3.5.3
    - MINOR: quic: New quic_cstream object implementation
    - MINOR: quic: Extract CRYPTO frame parsing from qc_parse_pkt_frms()
    - MINOR: quic: Use a non-contiguous buffer for RX CRYPTO data
    - BUG/MINOR: quic: Stalled 0RTT connections with big ClientHello TLS message
    - MINOR: quic: Split the secrets key allocation in two parts
    - CLEANUP: quic: remove unused rxbufs member in receiver
    - CLEANUP: quic: improve naming for rxbuf/datagrams handling
    - MINOR: quic: implement datagram cleanup for quic_receiver_buf
    - MINOR: ring: ring_cast_from_area() cast from an allocated area
    - MINOR: buffers: split b_force_xfer() into b_cpy() and b_force_xfer()
    - MINOR: logs: startup-logs can use a shm for logging the reload
    - MINOR: mworker/cli: reload command displays the startup-logs
    - MEDIUM: quic: respect the threads assigned to a bind line
    - DOC: management: update the "reload" command of the master CLI
    - BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk()
    - BUG/MEDIUM: httpclient: Don't set EOM flag on an empty HTX message
    - MINOR: httpclient/lua: Don't set req_payload callback if body is empty
    - DOC/CLEANUP: lua-api: some minor corrections
    - DOC: lua-api: updating toolbox link
    - DOC/CLEANUP: lua-api: removing duplicate core.proxies attribute
    - DOC: management: add forgotten "show startup-logs"
    - DOC: management: "show startup-logs" for master CLI
    - CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in matrix.py
    - CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition

2022/10/03 : 2.7-dev7
    - BUG/MEDIUM: mux-quic: fix nb_hreq decrement
    - CLEANUP: httpclient: deleted unused variables
    - MINOR: httpclient: enabled the use of SNI presets
    - OPTIM: hpack-huff: reduce the cache footprint of the huffman decoder
    - BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers
    - REORG: mux-quic: extract traces in a dedicated source file
    - REORG: mux-quic: export HTTP related function in a dedicated file
    - MINOR: mux-quic: refactor snd_buf
    - BUG/MEDIUM: mux-quic: properly trim HTX buffer on snd_buf reset
    - BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error
    - BUG/MINOR: log: improper behavior when escaping log data
    - CLEANUP: tools: removing escape_chunk() function
    - MINOR: clock: split local and global date updates
    - MINOR: pollers: only update the local date during busy polling
    - MINOR: clock: do not update the global date too often
    - REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
    - MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands
    - BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction
    - MINOR: list: documenting mt_list_for_each_entry_safe() macro
    - CLEANUP: list: Fix mt_list_for_each_entry_safe indentation
    - BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf
    - MINOR: hlua: Allow argument on lua-lod(-per-thread) directives
    - BUG/MINOR: anon: memory illegal accesses in tools.c with hash_anon and hash_ipanon
    - MEDIUM: mworker/cli: keep the connection of the FD that ask for a reload
    - BUG/MINOR: hlua: fixing ambiguous sizeof in hlua_load_per_thread
    - MINOR: mworker/cli: replace close() by fd_delete()
    - MINOR: mworker: store and shows loading status
    - MINOR: mworker: mworker_cli_proxy_new_listener() returns a bind_conf
    - MINOR: mworker: stores the mcli_reload bind_conf
    - MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status
    - DOC: management: describe the new reload command behavior
    - CLEANUP: list: fix again some style issues in the recent comments
    - BUG/MINOR: stream: Perform errors handling in right order in stream_new()
    - BUG/MEDIUM: stconn: Reset SE descriptor when we fail to create a stream
    - BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree
    - DOC: management: add timeout on the "reload" command
    - BUG/MINOR: ring: fix the size check in ring_make_from_area()
    - BUG/MINOR: config: don't count trailing spaces as empty arg
    - Revert "BUG/MINOR: config: don't count trailing spaces as empty arg"
    - BUG/MINOR: hlua: fixing hlua_http_msg_del_data behavior
    - BUG/MINOR: hlua: fixing hlua_http_msg_insert_data behavior
    - MINOR: cli: Add anonymization on a missed element for 'show sess all'
    - MINOR: cli: remove error message with 'set anon on|off'
    - MINOR: tools: modify hash_ipanon in order to use it in cli
    - MINOR: cli: use hash_ipanon to anonymized address
    - MINOR: cli: Add an anonymization on a missed element in 'show server state'
    - MINOR: config: correct errors about argument number in condition in cfgparse.c
    - MINOR: config: Add other keywords when dump the anonymized configuration file
    - MINOR: config: Add option line when the configuration file is dumped
    - MINOR: cli: correct commentary and replace 'set global-key' name
    - MINOR: tools: Impprove hash_ipanon to support dgram sockets and port offsets
    - MINOR: tools: Impprove hash_ipanon to not hash FD-based addresses
    - BUG/MINOR: hlua: _hlua_http_msg_delete incorrect behavior when offset is used
    - DOC: management: httpclient can resolve server names in URLs
    - BUG/MINOR: hlua: prevent crash when loading numerous arguments using lua-load(per-thread)
    - DOC/CLEANUP: lua-api: removing duplicate date functions doc
    - MINOR: hlua: ambiguous lua_pushvalue with 0 index
    - BUG/MINOR: config: don't count trailing spaces as empty arg (v2)
    - BUG/MEDIUM: config: count line arguments without dereferencing the output
    - BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns
    - BUG/MINOR: config: insufficient syntax check of the global "maxconn" value
    - BUG/MINOR: backend: only enforce turn-around state when not redispatching

2022/09/17 : 2.7-dev6
    - MINOR: Revert part of clarifying samples support per os commit
    - BUILD: makefile: enable crypt(3) for NetBSD
    - BUG/MINOR: quic: Retransmitted frames marked as acknowledged
    - BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines
    - MINOR: http-check: Remove support for headers/body in "option httpchk" version
    - BUG/MINOR: h1: Support headers case adjustment for TCP proxies
    - BUG/MINOR: quic: Possible crash when verifying certificates
    - BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl
    - BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb
    - BUILD: quic: temporarly ignore chacha20_poly1305 for libressl
    - BUILD: quic: enable early data only with >= openssl 1.1.1
    - BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx
    - BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx()
    - MINOR: quic: add QUIC support when no client_hello_cb
    - MINOR: quic: Add traces about sent or resent TX frames
    - MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid()
    - BUG/MINOR: quic: Wrong connection ID to thread ID association
    - BUG/MINOR: task: always reset a new tasklet's call date
    - BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet
    - MINOR: task: permanently enable latency measurement on tasklets
    - CLEANUP: task: rename ->call_date to ->wake_date
    - BUG/MINOR: sched: properly account for the CPU time of dying tasks
    - MINOR: sched: store the current profile entry in the thread context
    - BUG/MINOR: stream/sched: take into account CPU profiling for the last call
    - MINOR: tasks: do not keep cpu and latency times in struct task
    - MINOR: tools: add generic pointer hashing functions
    - CLEANUP: activity: make memprof use the generic ptr_hash() function
    - CLEANUP: activity: make taskprof use ptr_hash()
    - MINOR: debug: add struct ha_caller to describe a calling location
    - CLEANUP: debug: use struct ha_caller for memstat
    - DEBUG: task: define a series of wakeup types for tasks and tasklets
    - DEBUG: task: use struct ha_caller instead of arrays of file:line
    - DEBUG: applet: instrument appctx_wakeup() to log the caller's location
    - DEBUG: task: simplify the caller recording in DEBUG_TASK
    - CLEANUP: task: move tid and wake_date into the common part
    - CLEANUP: sched: remove duplicate code in run_tasks_from_list()
    - CLEANUP: activity: make the number of sched activity entries more configurable
    - DEBUG: resolvers: unstatify process_resolvers() to make it appear in profiling
    - DEBUG: quic: export the few task handlers that often appear in task dumps
    - MEDIUM: tasks/activity: combine the called function with the caller
    - MINOR: tasks/activity: improve the caller-callee activity hash
    - MINOR: activity/cli: support aggregating task profiling outputs
    - MINOR: activity/cli: support sorting task profiling by total CPU time
    - BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals
    - BUG/MINOR: quic: Speed up the handshake completion only one time
    - BUG/MINOR: quic: Trace fix about packet number space information.
    - BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal"
    - MINOR: h3: Add the quic_conn object to h3 traces
    - MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument
    - MINOR: h3: Send the h3 settings with others streams (requests)
    - MINOR: dev/udp: Apply the corruption to both directions
    - BUILD: udp-perturb: Add a make target for udp-perturb tool
    - BUG/MINOR: signals/poller: ensure wakeup from signals
    - CI: cirrus-ci: bump FreeBSD image to 13-1
    - DEV: flags: fix usage message to reflect available options
    - DEV: flags: add missing CO_FL_FDLESS connection flag
    - MINOR: flags: add a new file to host flag dumping macros
    - MINOR: flags: implement a macro used to dump enums inside masks
    - MINOR: flags/channel: use flag dumping for channel flags and analysers
    - MINOR: flags/connection: use flag dumping for connection flags
    - MINOR: flags/stconn: use flag dumping for stconn and sedesc flags
    - MINOR: flags/stream: use flag dumping for stream error type
    - MINOR: flags/stream: use flag dumping for stream flags
    - MINOR: flags/task: use flag dumping for task state
    - MINOR: flags/http_ana: use flag dumping for txn flags
    - DEV: flags: remove the now unused SHOW_FLAG() definition
    - DEV: flags: remove the now useless intermediary functions
    - MINOR: flags/htx: use flag dumping to show htx and start-line flags
    - MINOR: flags/http_ana: use flag dumping to show http msg states
    - BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
    - MINOR: listener: small API change
    - MINOR: proxy/listener: support for additional PAUSED state
    - BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
    - BUILD: flags: fix build warning in some macros used by show_flags
    - BUILD: flags: fix the fallback macros for missing stdio
    - CLEANUP: pollers: remove dead code in the polling loop
    - BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is created
    - REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
    - CLEANUP: listener: function comment typo in stop_listener()
    - BUG/MINOR: listener: null pointer dereference suspected by coverity
    - MINOR: flags/fd: decode FD flags states
    - REORG: mux-h2: extract flags and enums into mux_h2-t.h
    - MINOR: flags/mux-h2: decode H2C and H2S flags
    - REGTESTS: log: test the log-forward feature
    - BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
    - REGTESTS: ssl/log: test the log-forward with SSL
    - MEDIUM: httpclient: httpclient_create_proxy() creates a proxy for httpclient
    - MEDIUM: httpclient: allow to use another proxy
    - DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
    - MINOR: httpclient: export httpclient_create_proxy()
    - MEDIUM: quic: separate path for rx and tx with set_encryption_secrets
    - BUG/MEDIUM: mux-quic: fix crash on early app-ops release
    - REORG: mux-h1: extract flags and enums into mux_h1-t.h
    - MINOR: flags/mux-h1: decode H1C and H1S flags
    - CLEANUP: mux-quic: remove stconn usage in h3/hq
    - BUG/MINOR: mux-quic: do not remotely close stream too early
    - CLEANUP: exclude udp-perturb with .gitignore
    - BUG/MEDIUM: server: segv when adding server with hostname from CLI
    - CLEANUP: quic,ssl: fix tiny typos in C comments
    - BUG/MEDIUM: captures: free() an error capture out of the proxy lock
    - BUILD: fd: fix a build warning on the DWCAS
    - MINOR: anon: add new macros and functions to anonymize contents
    - MINOR: anon: store the anonymizing key in the global structure
    - MINOR: anon: store the anonymizing key in the CLI's appctx
    - MINOR: cli: anonymize commands 'show sess' and 'show sess all'
    - MINOR: cli: anonymize 'show servers state' and 'show servers conn'
    - MINOR: config: add command-line -dC to dump the configuration file
    - SCRIPTS: announce-release: update some URLs to https

2022/09/02 : 2.7-dev5
    - BUG/MINOR: mux-quic: Fix memleak on QUIC stream buffer for unacknowledged data
    - BUG/MEDIUM: cpu-map: fix thread 1's affinity affecting all threads
    - MINOR: cpu-map: remove obsolete diag warning about combined ranges
    - BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
    - REGTESTS: launch http_reuse_always in mworker mode
    - BUG/MINOR: quix: Memleak for non in flight TX packets
    - BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
    - BUG/MINOR: quic: Safer QUIC frame builders
    - MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
    - BUG/MEDIUM: applet: fix incorrect check for abnormal return condition from handler
    - BUG/MINOR: applet: make the call_rate only count the no-progress calls
    - MEDIUM: peers: limit the number of updates sent at once
    - BUILD: tcp_sample: fix build of get_tcp_info() on OpenBSD
    - BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
    - BUG/MINOR: mworker: does not create the "default" resolvers in wait mode
    - BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
    - REGTESTS: Fix prometheus script to perform HTTP health-checks
    - MINOR: resolvers: shut the warning when "default" resolvers is implicit
    - Revert "BUG/MINOR: quix: Memleak for non in flight TX packets"
    - BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
    - BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
    - CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
    - CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
    - MINOR: quic: Remove useless traces about references to TX packets
    - Revert "MINOR: quic: Remove useless traces about references to TX packets"
    - DOC: configuration: do-resolve doesn't work with a port in the string
    - MINOR: sample: add the host_only and port_only converters
    - BUG/MINOR: httpclient: fix resolution with port
    - DOC: configuration.txt: do-resolve must use host_only to remove its port.
    - BUG/MINOR: quic: Null packet dereferencing from qc_dup_pkt_frms() trace
    - BUG/MINOR: quic: Frames added to packets even if not built.
    - BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
    - BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
    - BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
    - BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
    - BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
    - BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
    - BUG/MINOR: epoll: do not actively poll for Rx after an error
    - MINOR: raw-sock: don't try to send if an error was already reported
    - BUG/MINOR: quic: Missing header protection AES cipher context initialisations (draft-v2)
    - MINOR: quic: Add a trace to distinguish the datagram from the packets inside
    - BUG/MINOR: ssl: fix deinit of the ca-file tree
    - BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
    - BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
    - BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
    - BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
    - BUG/MINOR: dev/udp: properly preset the rx address size
    - BUILD: debug: make sure debug macros are never empty
    - MINOR: quic: Move traces about RX/TX bytes from QUIC_EV_CONN_PRSAFRM event
    - BUG/MINOR: quic: TX frames memleak
    - BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
    - MINOR: sink/ring: rotate non-empty file-backed contents only
    - BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
    - REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
    - BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
    - MINOR: backend: always satisfy the first req reuse rule with l7 retries
    - BUG/MINOR: quic: Do not ack when probing
    - MINOR: quic: Add TX frames addresses to traces to several trace events
    - MINOR: quic: Trace typo fix in qc_release_frm()
    - BUG/MINOR: quic: Frames leak during retransmissions
    - BUG/MINOR: h2: properly set the direction flag on HTX response
    - BUG/MEDIUM: httpclient: always detach the caller before self-killing
    - BUG/MINOR: httpclient: only ask for more room on failed writes
    - BUG/MINOR: httpclient: keep-alive was accidentely disabled
    - MEDIUM: httpclient: enable ALPN support on outgoing https connections
    - BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
    - BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
    - BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
    - DEBUG: stream: minor rearrangement of a few fields in struct stream.
    - MINOR: debug: report applet pointer and handler in crashes when known
    - MINOR: mux-h2: extract the stream dump function out of h2_show_fd()
    - MINOR: mux-h2: extract the connection dump function out of h2_show_fd()
    - MINOR: muxes: add a "show_sd" helper to complete "show sess" dumps
    - MINOR: mux-h2: provide a "show_sd" helper to output stream debugging info
    - MINOR: mux-h2: insert line breaks in "show sess all" output for legibility
    - MINOR: mux-quic: provide a "show_sd" helper to output stream debugging info
    - MINOR: mux-h1: split "show_fd" into connection and stream
    - MINOR: mux-h1: provide a "show_sd" helper to output stream debugging info
    - BUG/MINOR: http-act: initialize http fmt head earlier

2022/08/20 : 2.7-dev4
    - BUG/MEDIUM: quic: Wrong packet length check in qc_do_rm_hp()
    - MINOR: quic: Too much useless traces in qc_build_frms()
    - BUG/MEDIUM: quic: Missing AEAD TAG check after removing header protection
    - MINOR: quic: Replace pool_zalloc() by pool_malloc() for fake datagrams
    - MINOR: debug: make the mem_stats section aligned to void*
    - MINOR: debug: store and report the pool's name in struct mem_stats
    - MINOR: debug: also store the function name in struct mem_stats
    - MINOR: debug/memstats: automatically determine first column size
    - MINOR: debug/memstats: permit to pass the size to free()
    - CLEANUP: mux-quic: remove loop on sending frames
    - MINOR: quic: replace custom buf on Tx by default struct buffer
    - MINOR: quic: release Tx buffer on each send
    - MINOR: quic: refactor datagram commit in Tx buffer
    - MINOR: quic: skip sending if no frame to send in io-cb
    - BUG/MINOR: mux-quic: open stream on STOP_SENDING
    - BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level
    - BUG/MEDIUM: quic: always remove the connection from the accept list on close
    - BUG/MEDIUM: poller: use fd_delete() to release the poller pipes
    - BUG/MEDIUM: task: relax one thread consistency check in task_unlink_wq()
    - MEDIUM: quic: xprt traces rework
    - BUILD: stconn: fix build warning at -O3 about possible null sc
    - MINOR: quic: Remove useless lock for RX packets
    - BUG/MINOR: quic: Possible infinite loop in quic_build_post_handshake_frames()
    - CLEANUP: quic: Remove trailing spaces
    - MINOR: mux-quic: adjust enter/leave traces
    - MINOR: mux-quic: define protocol error traces
    - CLEANUP: mux-quic: adjust traces level
    - MINOR: mux-quic: define new traces
    - BUG/MEDIUM: mux-quic: fix crash due to invalid trace arg
    - BUG/MEDIUM: quic: Possible use of uninitialized <odcid> variable in qc_lstnr_params_init()
    - BUG/MEDIUM: ring: fix too lax 'size' parser
    - BUG/MEDIUM: quic: Wrong use of <token_odcid> in qc_lsntr_pkt_rcv()
    - BUILD: ring: forward-declare struct appctx to avoid a build warning
    - MINOR: ring: support creating a ring from a linear area
    - MINOR: ring: add support for a backing-file
    - DEV: haring: add a simple utility to read file-backed rings
    - DEV: haring: support remapping LF in contents with CR VT
    - BUG/MINOR: quic: memleak on wrong datagram receipt
    - BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
    - MINOR: ring: archive a previous file-backed ring on startup
    - BUG/MINOR: mux-quic: fix crash with traces in qc_detach()
    - BUG/MINOR: quic: MIssing check when building TX packets
    - BUG/MINOR: quic: Wrong status returned by qc_pkt_decrypt()
    - MINOR: memprof: export the minimum definitions for memory profiling
    - MINOR: pool/memprof: report pool alloc/free in memory profiling
    - MINOR: pools/memprof: store and report the pool's name in each bin
    - MINOR: chunk: inline alloc_trash_chunk()
    - MINOR: stick-table: Add table_expire() and table_idle() new converters
    - CLEANUP: exclude haring with .gitignore
    - MINOR: quic: adjust quic_frame flag manipulation
    - MINOR: h3: report error on control stream close
    - MINOR: qpack: report error on enc/dec stream close
    - BUG/MEDIUM: mux-quic: reject uni stream ID exceeding flow control
    - MINOR: mux-quic: adjust traces on stream init
    - MINOR: mux-quic: add missing args on some traces
    - MINOR: quic: refactor application send
    - BUG/MINOR: quic: do not notify MUX on frame retransmit
    - BUG/MEDIUM: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names
    - BUG/MINOR: quic: Missing initializations for ducplicated frames.
    - BUG/MEDIUM: quic: fix crash on MUX send notification
    - REORG: h2: extract cookies concat function in http_htx
    - REGTESTS: add test for HTTP/2 cookies concatenation
    - MEDIUM: h3: concatenate multiple cookie headers
    - MINOR: applet: add a function to reset the svcctx of an applet
    - BUG/MEDIUM: cli: always reset the service context between commands
    - BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
    - MINOR: mux-h2/traces: report transition to SETTINGS1 before not after
    - MINOR: mux-h2: make streams know if they need to send more data
    - BUG/MINOR: mux-h2: send a CANCEL instead of ES on truncated writes
    - BUG/MINOR: quic: Possible crashes when dereferencing ->pkt quic_frame struct member
    - MINOR: quic: Add frame addresses to QUIC_EV_CONN_PRSAFRM event traces
    - BUG/MINOR: quic: Wrong splitted duplicated frames handling
    - MINOR: quic: Add the QUIC connection to mux traces
    - MINOR: quic: Trace fix in qc_release_frm()
    - BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
    - BUG/MAJOR: log-forward: Fix ssl layer not initialized on bind even if configured
    - MINOR: quic: Add reusable cipher contexts for header protection
    - BUG/MINOR: ssl/cli: error when the ca-file is empty
    - MINOR: ssl: handle ca-file appending in cafile_entry
    - MINOR: ssl/cli: implement "add ssl ca-file"

2022/08/07 : 2.7-dev3
    - BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
    - BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
    - MINOR: resolvers: resolvers_destroy() deinit and free a resolver
    - BUG/MINOR: resolvers: shut off the warning for the default resolvers
    - BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
    - BUG/MINOR: tools: fix statistical_prng_range()'s output range
    - BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
    - BUILD: debug: Add braces to if statement calling only CHECK_IF()
    - BUG/MINOR: fd: Properly init the fd state in fd_insert()
    - BUG/MEDIUM: fd/threads: fix incorrect thread selection in wakeup broadcast
    - MINOR: init: load OpenSSL error strings
    - MINOR: ssl: enhance ca-file error emitting
    - BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
    - BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
    - BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
    - BUILD: add detection for unsupported compiler models
    - BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
    - BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
    - BUG/MEDIUM: master: force the thread count earlier
    - BUG/MAJOR: poller: drop FD's tgid when masks don't match
    - DEBUG: fd: detect possibly invalid tgid in fd_insert()
    - BUG/MINOR: sockpair: wrong return value for fd_send_uxst()
    - MINOR: sockpair: move send_fd_uxst() error message in caller
    - Revert "BUG/MINOR: peers: set the proxy's name to the peers section name"
    - DEBUG: fd: split the fd check
    - MEDIUM: resolvers: continue startup if network is unavailable
    - BUG/MINOR: fd: always remove late updates when freeing fd_updt[]
    - MINOR: cli: emit a warning when _getsocks was used more than once
    - BUG/MINOR: mworker: PROC_O_LEAVING used but not updated
    - Revert "MINOR: cli: emit a warning when _getsocks was used more than once"
    - MINOR: cli: warning on _getsocks when socket were closed
    - BUG/MEDIUM: mux-quic: fix missing EOI flag to prevent streams leaks
    - MINOR: quic: Congestion control architecture refactoring
    - MEDIUM: quic: Cubic congestion control algorithm implementation
    - MINOR: quic: New "quic-cc-algo" bind keyword
    - BUG/MINOR: quic: loss time limit variable computed but not used
    - MINOR: quic: Stop looking for packet loss asap
    - BUG/MAJOR: quic: Useless resource intensive loop qc_ackrng_pkts()
    - MINOR: quic: Send packets as much as possible from qc_send_app_pkts()
    - BUG/MEDIUM: queue/threads: limit the number of entries dequeued at once
    - MAJOR: threads/plock: update the embedded library
    - MINOR: thread: provide an alternative to pthread's rwlock
    - DEBUG: tools: provide a tree dump function for ebmbtrees as well
    - MINOR: ebtree: add ebmb_lookup_shorter() to pursue lookups
    - BUG/MEDIUM: pattern: only visit equivalent nodes when skipping versions
    - BUG/MINOR: mux-quic: prevent crash if conn released during IO callback
    - CLEANUP: mux-quic: remove useless app_ops is_active callback
    - BUG/MINOR: mux-quic: do not free conn if attached streams
    - MINOR: mux-quic: save proxy instance into qcc
    - MINOR: mux-quic: use timeout server for backend conns
    - MEDIUM: mux-quic: adjust timeout refresh
    - MINOR: mux-quic: count in-progress requests
    - MEDIUM: mux-quic: implement http-keep-alive timeout
    - MINOR: peers: Add a warning about incompatible SSL config for the local peer
    - MINOR: peers: Use a dedicated reconnect timeout when stopping the local peer
    - BUG/MEDIUM: peers: limit reconnect attempts of the old process on reload
    - BUG/MINOR: peers: Use right channel flag to consider the peer as connected
    - BUG/MEDIUM: dns: Properly initialize new DNS session
    - BUG/MINOR: backend: Don't increment conn_retries counter too early
    - MINOR: server: Constify source server to copy its settings
    - REORG: server: Export srv_settings_cpy() function
    - BUG/MEDIUM: proxy: Perform a custom copy for default server settings
    - BUG/MINOR: quic: Missing in flight ack eliciting packet counter decrement
    - BUG/MEDIUM: quic: Floating point exception in cubic_root()
    - MINOR: h3: support HTTP request framing state
    - MINOR: mux-quic: refresh timeout on frame decoding
    - MINOR: mux-quic: refactor refresh timeout function
    - MEDIUM: mux-quic: implement http-request timeout
    - BUG/MINOR: quic: Avoid sending truncated datagrams
    - BUG/MINOR: ring/cli: fix a race condition between the writer and the reader
    - BUG/MEDIUM: sink: Set the sink ref for forwarders created during ring parsing
    - BUG/MINOR: sink: fix a race condition between the writer and the reader
    - BUG/MINOR: quic: do not reject datagrams matching minimum permitted size
    - MINOR: quic: Add two new stats counters for sendto() errors
    - BUG/MINOR: quic: Missing Initial packet dropping case
    - MINOR: quic: explicitely ignore sendto error
    - BUG/MINOR: quic: adjust errno handling on sendto
    - BUG/MEDIUM: quic: break out of the loop in quic_lstnr_dghdlr
    - MINOR: threads: report the number of thread groups in build options
    - MINOR: config: automatically preset MAX_THREADS based on MAX_TGROUPS
    - BUILD: SSL: allow to pass additional configure args to QUICTLS
    - CI: enable weekly "m32" builds on x86_64
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MEDIUM: fix DH length when EC key is used
    - REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
    - REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
    - REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc
    - BUILD: cfgparse: always defined _GNU_SOURCE for sched.h and crypt.h

2022/07/16 : 2.7-dev2
    - BUG/MINOR: qpack: fix build with QPACK_DEBUG
    - MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
    - BUG/MINOR: qpack: abort on dynamic index field line decoding
    - MINOR: qpack: properly handle invalid dynamic table references
    - MINOR: task: Add tasklet_wakeup_after()
    - BUG/MINOR: quic: Dropped packets not counted (with RX buffers full)
    - MINOR: quic: Add new stats counter to diagnose RX buffer overrun
    - MINOR: quic: Duplicated QUIC_RX_BUFSZ definition
    - MINOR: quic: Improvements for the datagrams receipt
    - CLEANUP: h2: Typo fix in h2_unsubcribe() traces
    - MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
    - CLEANUP: mux-quic: adjust comment on qcs_consume()
    - MINOR: ncbuf: implement ncb_is_fragmented()
    - BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
    - MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD
    - BUG/MEDIUM: ssl/fd: unexpected fd close using async engine
    - MINOR: tinfo: make tid temporarily still reflect global ID
    - CLEANUP: config: remove unused proc_mask()
    - MINOR: debug: remove mask support from "debug dev sched"
    - MEDIUM: task: add and preset a thread ID in the task struct
    - MEDIUM: task/debug: move the ->thread_mask integrity checks to ->tid
    - MAJOR: task: use t->tid instead of ffsl(t->thread_mask) to take the thread ID
    - MAJOR: task: replace t->thread_mask with 1<<t->tid when thread mask is needed
    - CLEANUP: task: remove thread_mask from the struct task
    - MEDIUM: applet: only keep appctx_new_*() and drop appctx_new()
    - MEDIUM: task: only keep task_new_*() and drop task_new()
    - MINOR: applet: always use task_new_on() on applet creation
    - MEDIUM: task: remove TASK_SHARED_WQ and only use t->tid
    - MINOR: task: replace task_set_affinity() with task_set_thread()
    - CLEANUP: task: remove the unused task_unlink_rq()
    - CLEANUP: task: remove the now unused TASK_GLOBAL flag
    - MINOR: task: make rqueue_ticks atomic
    - MEDIUM: task: move the shared runqueue to one per thread
    - MEDIUM: task: replace the global rq_lock with a per-rq one
    - MINOR: task: remove grq_total and use rq_total instead
    - MINOR: task: replace global_tasks_mask with a check for tree's emptiness
    - MEDIUM: task: use regular eb32 trees for the run queues
    - MEDIUM: queue: revert to regular inter-task wakeups
    - MINOR: thread: make wake_thread() take care of the sleeping threads mask
    - MINOR: thread: move the flags to the shared cache line
    - MINOR: thread: only use atomic ops to touch the flags
    - MINOR: poller: centralize poll return handling
    - MEDIUM: polling: make update_fd_polling() not care about sleeping threads
    - MINOR: poller: update_fd_polling: wake a random other thread
    - MEDIUM: thread: add a new per-thread flag TH_FL_NOTIFIED to remember wakeups
    - MEDIUM: tasks/fd: replace sleeping_thread_mask with a TH_FL_SLEEPING flag
    - MINOR: tinfo: add the tgid to the thread_info struct
    - MINOR: tinfo: replace the tgid with tgid_bit in tgroup_info
    - MINOR: tinfo: add the mask of enabled threads in each group
    - MINOR: debug: use ltid_bit in ha_thread_dump()
    - MINOR: wdt: use ltid_bit in wdt_handler()
    - MINOR: clock: use ltid_bit in clock_report_idle()
    - MINOR: thread: use ltid_bit in ha_tkillall()
    - MINOR: thread: add a new all_tgroups_mask variable to know about active tgroups
    - CLEANUP: thread: remove thread_sync_release() and thread_sync_mask
    - MEDIUM: tinfo: add a dynamic thread-group context
    - MEDIUM: thread: make stopping_threads per-group and add stopping_tgroups
    - MAJOR: threads: change thread_isolate to support inter-group synchronization
    - MINOR: thread: add is_thread_harmless() to know if a thread already is harmless
    - MINOR: debug: mark oneself harmless while waiting for threads to finish
    - MINOR: wdt: do not rely on threads_to_dump anymore
    - MEDIUM: debug: make the thread dumper not rely on a thread mask anymore
    - BUILD: debug: fix build issue on clang with previous commit
    - BUILD: debug: re-export thread_dump_state
    - BUG/MEDIUM: threads: fix incorrect thread group being used on soft-stop
    - BUG/MEDIUM: thread: check stopping thread against local bit and not global one
    - MINOR: proxy: use tg->threads_enabled in hard_stop() to detect stopped threads
    - BUILD: Makefile: Add Lua 5.4 autodetect
    - CI: re-enable gcc asan builds
    - MEDIUM: mworker: set the iocb of the socketpair without using fd_insert()
    - MINOR: fd: Add BUG_ON checks on fd_insert()
    - CLEANUP: mworker: rename mworker_pipe to mworker_sockpair
    - CLEANUP: mux-quic: do not export qc_get_ncbuf
    - REORG: mux-quic: reorganize flow-control fields
    - MINOR: mux-quic: implement accessor for sedesc
    - MEDIUM: mux-quic: refactor streams opening
    - MINOR: mux-quic: rename qcs flag FIN_RECV to SIZE_KNOWN
    - MINOR: mux-quic: emit FINAL_SIZE_ERROR on invalid STREAM size
    - BUG/MINOR: peers/config: always fill the bind_conf's argument
    - BUG/MEDIUM: peers/config: properly set the thread mask
    - CLEANUP: bwlim: Set pointers to NULL when memory is released
    - BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule
    - BUG/MINOR: http-act: Properly generate 103 responses when several rules are used
    - BUG/MEDIUM: thread: mask stopping_threads with threads_enabled when checking it
    - CLEANUP: thread: also remove a thread's bit from stopping_threads on stop
    - BUG/MINOR: peers: fix possible NULL dereferences at config parsing
    - BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo
    - MINOR: http: Add function to get port part of a host
    - MINOR: http: Add function to detect default port
    - BUG/MEDIUM: h1: Improve authority validation for CONNCET request
    - MINOR: http-htx: Use new HTTP functions for the scheme based normalization
    - BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream
    - REGTEESTS: filters: Fix CONNECT request in random-forwarding script
    - MEDIUM: mworker/systemd: send STATUS over sd_notify
    - BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer
    - BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state
    - BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send
    - MEDIUM: epoll: don't synchronously delete migrated FDs
    - BUILD: debug: silence warning on gcc-5
    - BUILD: http: silence an uninitialized warning affecting gcc-5
    - BUG/MEDIUM: mux-quic: fix server chunked encoding response
    - REORG: mux-quic: rename stream initialization function
    - MINOR: mux-quic: rename stream purge function
    - MINOR: mux-quic: add traces on frame parsing functions
    - MINOR: mux-quic: implement qcs_alert()
    - MINOR: mux-quic: filter send/receive-only streams on frame parsing
    - MINOR: mux-quic: do not ack STREAM frames on unrecoverable error
    - MINOR: mux-quic: support stream opening via MAX_STREAM_DATA
    - MINOR: mux-quic: define basic stream states
    - MINOR: mux-quic: use stream states to mark as detached
    - MEDIUM: mux-quic: implement RESET_STREAM emission
    - MEDIUM: mux-quic: implement STOP_SENDING handling
    - BUG/MEDIUM: debug: fix possible hang when multiple threads dump at once
    - BUG/MINOR: quic: fix closing state on NO_ERROR code sent
    - CLEANUP: quic: clean up include on quic_frame-t.h
    - MINOR: quic: define a generic QUIC error type
    - MINOR: mux-quic: support app graceful shutdown
    - MINOR: mux-quic/h3: prepare CONNECTION_CLOSE on release
    - MEDIUM: quic: send CONNECTION_CLOSE on released MUX
    - CLEANUP: mux-quic: move qc_release()
    - MINOR: mux-quic: send one last time before release
    - MINOR: h3: store control stream in h3c
    - MINOR: h3: implement graceful shutdown with GOAWAY
    - BUG/MINOR: threads: produce correct global mask for tgroup > 1
    - BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
    - BUG/MINOR: thread: use the correct thread's group in ha_tkillall()
    - BUG/MINOR: debug: enter ha_panic() only once
    - BUG/MEDIUM: debug: fix parallel thread dumps again
    - MINOR: cli/streams: show a stream's tgid next to its thread ID
    - DEBUG: cli: add a new "debug dev deadlock" expert command
    - MINOR: cli/activity: add a thread number argument to "show activity"
    - CLEANUP: applet: remove the obsolete command context from the appctx
    - MEDIUM: config: remove deprecated "bind-process" directives from frontends
    - MEDIUM: config: remove the "process" keyword on "bind" lines
    - MINOR: listener/config: make "thread" always support up to LONGBITS
    - CLEANUP: fd: get rid of the __GET_{NEXT,PREV} macros
    - MEDIUM: debug/threads: make the lock debugging take tgroups into account
    - MEDIUM: proto: stop protocols under thread isolation during soft stop
    - MEDIUM: poller: program the update in fd_update_events() for a migrated FD
    - MEDIUM: poller: disable thread-groups for poll() and select()
    - MINOR: thread: remove MAX_THREADS limitation
    - MEDIUM: cpu-map: replace the process number with the thread group number
    - MINOR: mworker/threads: limit the mworker sockets to group 1
    - MINOR: cli/threads: always bind CLI to thread group 1
    - MINOR: fd/thread: get rid of thread_mask()
    - MEDIUM: task/thread: move the task shared wait queues per thread group
    - MINOR: task: move the niced_tasks counter to the thread group context
    - DOC: design: add some thoughts about how to handle the update_list
    - MEDIUM: conn: make conn_backend_get always scan the same group
    - MAJOR: fd: remove pending updates upon real close
    - MEDIUM: fd/poller: make the update-list per-group
    - MINOR: fd: delete unused updates on close()
    - MINOR: fd: make fd_insert() apply the thread mask itself
    - MEDIUM: fd: add the tgid to the fd and pass it to fd_insert()
    - MINOR: cli/fd: show fd's tgid and refcount in "show fd"
    - MINOR: fd: add functions to manipulate the FD's tgid
    - MINOR: fd: add fd_get_running() to atomically return the running mask
    - MAJOR: fd: grab the tgid before manipulating running
    - MEDIUM: fd/poller: turn polled_mask to group-local IDs
    - MEDIUM: fd/poller: turn update_mask to group-local IDs
    - MEDIUM: fd/poller: turn running_mask to group-local IDs
    - MINOR: fd: make fd_clr_running() return the previous value instead
    - MEDIUM: fd: make thread_mask now represent group-local IDs
    - MEDIUM: fd: make fd_insert() take local thread masks
    - MEDIUM: fd: make fd_insert/fd_delete atomically update fd.tgid
    - MEDIUM: fd: quit fd_update_events() when FD is closed
    - MEDIUM: thread: change thread_resolve_group_mask() to return group-local values
    - MEDIUM: listener: switch bind_thread from global to group-local
    - MINOR: fd: add fd_reregister_all() to deal with boot-time FDs
    - MEDIUM: fd: support stopping FDs during starting
    - MAJOR: pollers: rely on fd_reregister_all() at boot time
    - MAJOR: poller: only touch/inspect the update_mask under tgid protection
    - MEDIUM: fd: support broadcasting updates for foreign groups in updt_fd_polling
    - CLEANUP: threads: remove the now unused all_threads_mask and tid_bit
    - MINOR: config: change default MAX_TGROUPS to 16
    - BUG/MEDIUM: tools: avoid calling dlsym() in static builds

2022/06/24 : 2.7-dev1
    - BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
    - BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
    - BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
    - BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
    - BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
    - BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
    - BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
    - BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
    - BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
    - BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
    - BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
    - MEDIUM: httpclient: Don't close CLI applet at the end of a response
    - MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
    - CLEANUP: Re-apply xalloc_size.cocci (2)
    - REGTESTS: abortonclose: Add a barrier to not mix up log messages
    - REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
    - CLEANUP: ssl_ckch: Use corresponding enum for commit_cacrlfile_ctx.cafile_type
    - MINOR: ssl_ckch: Simplify I/O handler to commit changes on CA/CRL entry
    - BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
    - BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
    - BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
    - BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
    - BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
    - CLEANUP: ssl_ckch: Remove unused field in commit_cacrlfile_ctx structure
    - MINOR: ssl_ckch: Simplify structure used to commit changes on CA/CRL entries
    - MINOR: ssl_ckch: Remove service context for "set ssl cert" command
    - MINOR: ssl_ckch: Remove service context for "set ssl ca-file" command
    - MINOR: ssl_ckch: Remove service context for "set ssl crl-file" command
    - BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
    - BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
    - BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
    - BUILD: ssl_ckch: Fix build error about a possible uninitialized value
    - BUG/MINOR: ssl_ckch: Fix another possible uninitialized value
    - REGTESTS: http_abortonclose: Extend supported versions
    - REGTESTS: restrict_req_hdr_names: Extend supported versions
    - MINOR: connection: support HTTP/3.0 for smp_*_http_major fetch
    - MINOR: h3: add h3c pointer into h3s instance
    - MINOR: mux-quic: simplify decode_qcs API
    - MINOR: mux-quic/h3: adjust demuxing function return values
    - BUG/MINOR: h3: fix return value on decode_qcs on error
    - BUILD: quic: fix anonymous union for gcc-4.4
    - BUILD: compiler: implement unreachable for older compilers too
    - DEV: tcploop: reorder options in the usage message
    - DEV: tcploop: make the current address the default address
    - DEV: tcploop: make it possible to change the target address of a connect()
    - DEV: tcploop: factor out the socket creation
    - DEV: tcploop: permit port 0 to ease handling of default options
    - DEV: tcploop: add a new "bind" command to bind to ip/port.
    - DEV: tcploop: add minimal UDP support
    - BUG/MINOR: trace: Test server existence for health-checks to get proxy
    - BUG/MINOR: checks: Properly handle email alerts in trace messages
    - BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
    - REGTESTS: healthcheckmail: Update the test to be functionnal again
    - REGTESTS: healthcheckmail: Relax health-check failure condition
    - BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
    - MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames
    - OPTIM: mux-h2: increase h2_settings_initial_window_size default to 64k
    - BUG/MINOR: h3: fix frame type definition
    - BUG/MEDIUM: h3: fix SETTINGS parsing
    - BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
    - BUG/MINOR: server: do not enable DNS resolution on disabled proxies
    - BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
    - DOC: design: update the notes on thread groups
    - BUG/MEDIUM: mux-quic: fix flow control connection Tx level
    - MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
    - BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
    - BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
    - CLEANUP: check: Remove useless tests on check's stream-connector
    - BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
    - BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
    - BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
    - MINOR: task: move profiling bit to per-thread
    - CLEANUP: quic: use task_new_on() for single-threaded tasks
    - MINOR: tinfo: remove the global thread ID bit (tid_bit)
    - CLEANUP: hlua: check for at least 2 threads on a task
    - MINOR: thread: get rid of MAX_THREADS_MASK
    - OPTIM: task: do not consult shared WQ when we're already full
    - DOC: design: update the task vs thread affinity requirements
    - MINOR: qpack: add comments and remove a useless trace
    - MINOR: qpack: reduce dependencies on other modules
    - BUG/MINOR: qpack: support header litteral name decoding
    - MINOR: qpack: add ABORT_NOW on unimplemented decoding
    - BUG/MINOR: h3/qpack: deal with too many headers
    - MINOR: qpack: improve decoding function
    - MINOR: qpack: implement standalone decoder tool
    - BUG/BUILD: h3: fix wrong label name
    - BUG/MINOR: quic: Stop hardcoding Retry packet Version field
    - MINOR: quic: Add several nonce and key definitions for Retry tag
    - BUG/MINOR: quic: Wrong PTO calculation
    - MINOR: quic: Parse long packet version from qc_parse_hd_form()
    - CLEANUP: quid: QUIC draft-28 no more supported
    - MEDIUM: quic: Add QUIC v2 draft support
    - MINOR: quic: Released QUIC TLS extension for QUIC v2 draft
    - MEDIUM: quic: Compatible version negotiation implementation (draft-08)
    - CLEANUP: quic: Remove any reference to boringssl
    - BUG/MINOR: task: fix thread assignment in tasklet_kill()
    - BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
    - MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
    - CLEANUP: stconn: Don't expect to have no sedesc on detach
    - BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
    - MINOR: hlua: don't dump empty entries in hlua_traceback()
    - MINOR: hlua: add a new hlua_show_current_location() function
    - MEDIUM: debug: add a tainted flag when a shared library is loaded
    - MEDIUM: debug: detect redefinition of symbols upon dlopen()
    - BUILD: quic: Wrong HKDF label constant variable initializations
    - BUG/MINOR: quic: Unexpected half open connection counter wrapping
    - BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
    - BUG/MINOR: quic: purge conn Rx packet list on release
    - BUG/MINOR: quic: free rejected Rx packets
    - BUG/MINOR: qpack: abort on dynamic index field line decoding
    - BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
    - REGTESTS: ssl: add the same cert for client/server
    - BUG/MINOR: quic: Acknowledgement must be forced during handshake
    - MINOR: quic: Dump version_information transport parameter
    - BUG/MEDIUM: mworker: use default maxconn in wait mode
    - MINOR: intops: add a function to return a valid bit position from a mask
    - TESTS: add a unit test for one_among_mask()
    - BUILD: ssl_ckch: fix "maybe-uninitialized" build error on gcc-9.4 + ARM
    - BUG/MINOR: ssl: Do not look for key in extra files if already in pem
    - BUG/MINOR: quic: Missing acknowledgments for trailing packets
    - BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created
    - BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch
    - MINOR: freq_ctr: Add a function to get events excess over the current period
    - BUG/MINOR: stream: only free the req/res captures when set
    - CLEANUP: pool/tree-wide: remove suffix "_pool" from certain pool names
    - MEDIUM: debug: improve DEBUG_MEM_STATS to also report pool alloc/free
    - BUG/MINOR: quic: Wrong reuse of fulfilled dgram RX buffer
    - BUG/MAJOR: quic: Big RX dgrams leak when fulfilling a buffer
    - BUG/MAJOR: quic: Big RX dgrams leak with POST requests
    - BUILD: quic+h3: 32-bit compilation errors fixes
    - MEDIUM: bwlim: Add support of bandwith limitation at the stream level

2022/05/31 : 2.7-dev0
    - MINOR: version: it's development again

2022/05/31 : 2.6.0
    - DOC: Fix formatting in configuration.txt to fix dconv
    - CLEANUP: tcpcheck: Remove useless test on the stream-connector in tcpcheck_main
    - CLEANUP: muxes: Consider stream's sd as defined in .show_fd callback functions
    - MINOR: quic: Ignore out of packet padding.
    - CLEANUP: quic: Useless QUIC_CONN_TX_BUF_SZ definition
    - CLEANUP: quic: No more used handshake output buffer
    - MINOR: quic: QUIC transport parameters split.
    - MINOR: quic: Transport parameters dump
    - DOC: quic: Update documentation for QUIC Retry
    - MINOR: quic: Tunable "max_idle_timeout" transport parameter
    - MINOR: quic: Tunable "initial_max_streams_bidi" transport parameter
    - MINOR: quic: Clarifications about transport parameters value
    - MINOIR: quic_stats: add QUIC connection errors counters
    - BUG/MINOR: quic: Largest RX packet numbers mixing
    - MINOR: quic_stats: Add transport new counters (lost, stateless reset, drop)
    - DOC: quic: Documentation update for QUIC
    - MINOR: quic: Connection TX buffer setting renaming.
    - MINOR: h3: Add a statistics module for h3
    - MINOR: quic: Send STOP_SENDING frames if mux is released
    - MINOR: quic: Do not drop packets with RESET_STREAM frames
    - BUG/MINOR: qpack: fix buffer API usage on prefix integer encoding
    - BUG/MINOR: qpack: support bigger prefix-integer encoding
    - BUG/MINOR: h3: do not report bug on unknown method
    - SCRIPTS: add make-releases-json to recreate a releases.json file in download dirs
    - SCRIPTS: make publish-release try to launch make-releases-json
    - MINOR: htx: add an unchecked version of htx_get_head_blk()
    - BUILD: htx: use the unchecked version of htx_get_head_blk() where needed
    - BUILD: quic: use inttypes.h instead of stdint.h
    - DOC: internal: remove totally outdated diagrams
    - DOC: remove the outdated ROADMAP file
    - DOC: add maintainers for QUIC and HTTP/3
    - MINOR: h3: define h3 trace module
    - MINOR: h3: add traces on frame recv
    - MINOR: h3: add traces on frame send
    - MINOR: h3: add traces on h3s init/end
    - EXAMPLES: remove completely outdated acl-content-sw.cfg
    - BUILD: makefile: reorder objects by build time
    - DOC: fix a few spelling mistakes in the docs
    - BUG/MEDIUM: peers/cli: fix "show peers" crash
    - CLEANUP: peers/cli: stop misusing the appctx local variable
    - CLEANUP: peers/cli: make peers_dump_peer() take an appctx instead of an stconn
    - BUG/MINOR: peers: set the proxy's name to the peers section name
    - MINOR: server: indicate when no address was expected for a server
    - BUG/MINOR: peers: detect and warn on init_addr/resolvers/check/agent-check
    - DOC: peers: indicate that some server settings are not usable
    - DOC: peers: clarify when entry expiration date is renewed.
    - DOC: peers: fix port number and addresses on new peers section format
    - DOC: gpc/gpt: add commments of gpc/gpt array definitions on stick tables.
    - DOC: install: update supported OpenSSL versions in the INSTALL doc
    - MINOR: ncbuf: adjust ncb_data with NCBUF_NULL
    - BUG/MINOR: h3: fix frame demuxing
    - BUG/MEDIUM: h3: fix H3_EXCESSIVE_LOAD when receiving H3 frame header only
    - BUG/MINOR: quic: Fix QUIC_EV_CONN_PRSAFRM event traces
    - CLEANUP: quic: remove useless check on local UNI stream reception
    - BUG/MINOR: qpack: do not consider empty enc/dec stream as error
    - DOC: intro: adjust the numbering of paragrams to keep the output ordered
    - MINOR: version: mention that it's LTS now.

2022/05/27 : 2.6-dev12
    - CLEANUP: tools: Clean up non-QUIC error message handling in str2sa_range()
    - BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str
    - CLEANUP: tools: Crash if inet_ntop fails due to ENOSPC in sa2str
    - BUG/MEDIUM: mux-quic: adjust buggy proxy closing support
    - Revert "MINOR: quic: activate QUIC traces at compilation"
    - Revert "MINOR: mux-quic: activate qmux traces on stdout via macro"
    - CLEANUP: init: address a coverity warning about possible multiply overflow
    - BUG/MEDIUM: http: Properly reject non-HTTP/1.x protocols
    - MEDIUM: h1: enlarge the scope of accepted version chars with accept-invalid-http-request
    - BUG/MEDIUM: resolvers: Don't defer resolutions release in deinit function
    - BUG/MEDIUM: peers: fix segfault using multiple bind on peers sections
    - BUG/MEDIUM: peers: prevent unitialized multiple listeners on peers section
    - BUG/MINOR: task: Don't defer tasks release when HAProxy is stopping
    - MINOR: h3: mark ncbuf as const on h3_b_dup
    - MINOR: mux-quic: do not alloc quic_stream_desc for uni remote stream
    - MINOR: mux-quic: delay cs_endpoint allocation
    - MINOR: mux-quic: add traces in qc_recv()
    - MINOR: mux-quic: adjust return value of decode_qcs
    - CLEANUP: h3: rename struct h3 -> h3c
    - CLEANUP: h3: rename uni stream type constants
    - BUG/MINOR: h3: prevent overflow when parsing SETTINGS
    - MINOR: h3: refactor h3_control_send()
    - MINOR: quic: support CONNECTION_CLOSE_APP emission
    - MINOR: mux-quic: disable read on CONNECTION_CLOSE emission
    - MINOR: h3: reject too big frames
    - MINOR: mux-quic: emit STREAM_STATE_ERROR in qcc_recv
    - BUG/MINOR: mux-quic: refactor uni streams TX/send H3 SETTINGS
    - MINOR: h3/qpack: use qcs as type in decode callbacks
    - MINOR: h3: define stream type
    - MINOR: h3: refactor uni streams initialization
    - MINOR: h3: check if frame is valid for stream type
    - MINOR: h3: define non-h3 generic parsing function
    - MEDIUM: quic: refactor uni streams RX
    - CLEANUP: h3: remove h3 uni tasklet
    - MINOR: h3: abort read on unknown uni stream
    - MINOR: h3: refactor SETTINGS parsing/error reporting
    - Revert "BUG/MINOR: task: Don't defer tasks release when HAProxy is stopping"
    - DOC: configuration: add a warning for @system-ca on bind
    - CLEANUP: init: address another coverity warning about a possible multiply overflow
    - BUG/MINOR: ssl/lua: use correctly cert_ext in CertCache.set()
    - BUG/MEDIUM: sample: Fix adjusting size in word converter
    - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2)
    - CLEANUP: conn_stream: remove unneeded exclusion of RX_WAIT_EP from RXBLK_ANY
    - CLEANUP: conn_stream: rename the cs_endpoint's context to "conn"
    - MINOR: conn_stream: add new sets of functions to set/get endpoint flags
    - DEV: coccinelle: add cs_endp_flags.cocci
    - CLEANUP: conn_stream: apply cs_endp_flags.cocci tree-wide
    - DEV: coccinelle: add endp_flags.cocci
    - CLEANUP: conn_stream: apply endp_flags.cocci tree-wide
    - CLEANUP: conn_stream: rename the stream endpoint flags CS_EP_* to  SE_FL_*
    - CLEANUP: conn_stream: rename the cs_endpoint's target to "se"
    - CLEANUP: conn_stream: rename cs_endpoint to sedesc (stream endpoint descriptor)
    - CLEANUP: applet: rename the sedesc pointer from "endp" to "sedesc"
    - CLEANUP: conn_stream: rename the conn_stream's endp to sedesc
    - CLEANUP: conn_stream: rename cs_app_* to sc_app_*
    - CLEANUP: conn_stream: tree-wide rename to stconn (stream connector)
    - CLEANUP: mux-h1: add and use h1s_sc() to retrieve the stream connector
    - CLEANUP: mux-h2: add and use h2s_sc() to retrieve the stream connector
    - CLEANUP: mux-fcgi: add and use fcgi_strm_sc() to retrieve the stream connector
    - CLEANUP: mux-pt: add and use pt_sc() to retrieve the stream connector
    - CLEANUP: stdesc: rename the stream connector ->cs field to ->sc
    - CLEANUP: stream: rename "csf" and "csb" to "scf" and "scb"
    - CLEANUP: stconn: tree-wide rename stream connector flags CS_FL_* to SC_FL_*
    - CLEANUP: stconn: tree-wide rename stconn states CS_ST/SB_* to SC_ST/SB_*
    - MINOR: check: export wake_srv_chk()
    - MINOR: conn_stream: test the various ops functions before calling them
    - MEDIUM: stconn: merge the app_ops and the data_cb fields
    - MINOR: applet: add new wrappers to put chk/blk/str/chr to channel from appctx
    - CLEANUP: applet: use applet_put*() everywhere possible
    - CLEANUP: stconn: rename cs_{i,o}{b,c} to sc_{i,o}{b,c}
    - CLEANUP: stconn: rename cs_{check,strm,strm_task} to sc_strm_*
    - CLEANUP: stconn: rename cs_conn() to sc_conn()
    - CLEANUP: stconn: rename cs_mux() to sc_mux_strm()
    - CLEANUP: stconn: rename cs_conn_mux() to sc_mux_ops()
    - CLEANUP: stconn: rename cs_appctx() to sc_appctx()
    - CLEANUP: stconn: rename __cs_endp_target() to __sc_endp()
    - CLEANUP: stconn: rename cs_get_data_name() to sc_get_data_name()
    - CLEANUP: stconn: rename cs_conn_*() to sc_conn_*()
    - CLEANUP: stconn: rename cs_conn_get_first() to conn_get_first_sc()
    - CLEANUP: stconn: rename cs_ep_set_error() to se_fl_set_error()
    - CLEANUP: stconn: make a few functions take a const argument
    - CLEANUP: stconn: use a single function to know if SC may send to SE
    - MINOR: stconn: consider CF_SHUTW for sc_is_send_allowed()
    - MINOR: stconn: remove calls to cs_done_get()
    - MEDIUM: stconn: always rely on CF_SHUTR in addition to cs_rx_blocked()
    - MEDIUM: stconn: remove SE_FL_RXBLK_SHUT
    - MINOR: stconn: rename SE_FL_RXBLK_CONN to SE_FL_APPLET_NEED_CONN
    - MEDIUM: stconn: take SE_FL_APPLET_NEED_CONN out of the RXBLK_ANY flags
    - CLEANUP: stconn: rename cs_rx_room_{blk,rdy} to sc_{need,have}_room()
    - CLEANUP: stconn: rename cs_rx_chan_{blk,rdy} to sc_{wont,will}_read()
    - CLEANUP: stconn: rename cs_rx_buff_{blk,rdy} to sc_{need,have}_buff()
    - MINOR: stconn: start to rename cs_rx_endp_{more,done}() to se_have_{no_,}more_data()
    - MINOR: stconn: add sc_is_recv_allowed() to check for ability to receive
    - CLEANUP: stconn: rename SE_FL_RX_WAIT_EP to SE_FL_HAVE_NO_DATA
    - MEDIUM: stconn: move the RXBLK flags to the stream connector
    - CLEANUP: stconn: rename SE_FL_WANT_GET to SE_FL_WILL_CONSUME
    - CLEANUP: stconn: remove cs_tx_blocked() and cs_tx_endp_ready()
    - CLEANUP: stconn: rename cs_{want,stop}_get() to se_{will,wont}_consume()
    - CLEANUP: stconn: rename cs_cant_get() to se_need_more_data()
    - CLEANUP: stconn: rename cs_{new,create,free,destroy}_* to sc_*
    - CLEANUP: stconn: rename remaining management functions from cs_* to sc_*
    - CLEANUP: stconn: rename cs{,_get}_{src,dst} to sc_*
    - CLEANUP: stconn: rename cs_{shut,chk}* to sc_*
    - CLEANUP: stconn: rename final state manipulation functions from cs_* to sc_*
    - CLEANUP: quic: drop the name "conn_stream" from the pool variable names
    - REORG: rename cs_utils.h to sc_strm.h
    - REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h}
    - CLEANUP: muxes: rename "get_first_cs" to "get_first_sc"
    - DEV: flags: use "sc" for stream conns instead of "cs"
    - CLEANUP: check: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: connection: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: stconn: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: quic/h3: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: stream: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: promex: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: stats: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: cli: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: applet: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: cache: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: dns: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: spoe: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: hlua: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: log-forward: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: http-client: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: mux-fcgi: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: mux-h1: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: mux-h2: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: mux-pt: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: peers: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: sink: rename all occurrences of stconn "cs" to "sc"
    - CLEANUP: sslsock: remove only occurrence of local variable "cs"
    - CLEANUP: applet: rename appctx_cs() to appctx_sc()
    - CLEANUP: stream: rename stream_upgrade_from_cs() to stream_upgrade_from_sc()
    - CLEANUP: obj_type: rename OBJ_TYPE_CS to OBJ_TYPE_SC
    - CLEANUP: stconn: replace a few remaining occurrences of CS in comments or traces
    - DOC: internal: update the muxes doc to mention the stconn
    - CLEANUP: mux-quic: rename the "endp" field to "sd"
    - CLEANUP: mux-h1: rename the "endp" field to "sd"
    - CLEANUP: mux-h2: rename the "endp" field to "sd"
    - CLEANUP: mux-fcgi: rename the "endp" field to "sd"
    - CLEANUP: mux-pt: rename the "endp" field to "sd"
    - CLEANUP: stconn: rename a few "endp" arguments and variables to "sd"
    - MINOR: stconn: turn SE_FL_WILL_CONSUME to SE_FL_WONT_CONSUME
    - CLEANUP: stream: remove unneeded test on appctx during initialization
    - CLEANUP: stconn: remove the new unneeded SE_FL_APP_MASK
    - DEV: flags: fix "siet" shortcut name
    - DEV: flags: rename the "endp" shortcut to "sd" for "stream descriptor"
    - DEV: flags: reorder a few SC/SE flags
    - DOC: internal: add a description of the stream connectors and descriptors

2022/05/20 : 2.6-dev11
    - CI: determine actual LibreSSL version dynamically
    - BUG/MEDIUM: ncbuf: fix null buffer usage
    - MINOR: ncbuf: fix warnings for testing build
    - MEDIUM: http-ana: Add a proxy option to restrict chars in request header names
    - MEDIUM: ssl: Delay random generator initialization after config parsing
    - MINOR: ssl: Add 'ssl-propquery' global option
    - MINOR: ssl: Add 'ssl-provider' global option
    - CLEANUP: Add missing header to ssl_utils.c
    - CLEANUP: Add missing header to hlua_fcn.c
    - CLEANUP: Remove unused function hlua_get_top_error_string
    - BUILD: fix build warning on solaris based systems with __maybe_unused.
    - MINOR: tools: add get_exec_path implementation for solaris based systems.
    - BUG/MINOR: ssl: Fix crash when no private key is found in pem
    - CLEANUP: conn-stream: Remove cs_applet_shut declaration from header file
    - MINOR: applet: Prepare appctx to own the session on frontend side
    - MINOR: applet: Let the frontend appctx release the session
    - MINOR: applet: Change return value for .init callback function
    - MINOR: stream: Export stream_free()
    - MINOR: applet: Add appctx_init() helper fnuction
    - MINOR: applet: Add a function to finalize frontend appctx startup
    - MINOR: applet: Add function to release appctx on error during init stage
    - MEDIUM: dns: Refactor dns appctx creation
    - MEDIUM: spoe: Refactor SPOE appctx creation
    - MEDIUM: lua: Refactor cosocket appctx creation
    - MEDIUM: httpclient: Refactor http-client appctx creation
    - MINOR: sink: Add a ref to sink in the sink_forward_target structure
    - MEDIUM: sink: Refactor sink forwarder appctx creation
    - MINOR: peers: Add a ref to peers section in the peer structure
    - MEDIUM: peers: Refactor peer appctx creation
    - MINOR: applet: Add API to start applet on a thread subset
    - MEDIUM: applet: Add support for async appctx startup on a thread subset
    - MINOR: peers: Track number of applets run by thread
    - MEDIUM: peers: Balance applets across threads
    - MINOR: conn-stream/applet: Stop setting appctx as the endpoint context
    - CLEANUP: proxy: Remove dead code when parsing "http-restrict-req-hdr-names" option
    - REGTESTS: abortonclose: Fix some race conditions
    - MINOR: ssl: Add 'ssl-provider-path' global option
    - CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id()
    - BUG/MINOR: spoe: Fix error handling in spoe_init_appctx()
    - CLEANUP: peers: Remove unreachable code in peer_session_create()
    - CLEANUP: httpclient: Remove useless test on ss_dst in httpclient_applet_init()
    - BUG/MEDIUM: quic: fix Rx buffering
    - OPTIM: quic: realign empty Rx buffer
    - BUG/MINOR: ncbuf: fix ncb_is_empty()
    - MINOR: ncbuf: refactor ncb_advance()
    - BUG/MINOR: mux-quic: update session's idle delay before stream creation
    - MINOR: h3: do not wait a complete frame for demuxing
    - MINOR: h3: flag demux as full on HTX full
    - MEDIUM: mux-quic: implement recv on io-cb
    - MINOR: mux-quic: remove qcc_decode_qcs() call in XPRT
    - MINOR: mux-quic: reorganize flow-control frames emission
    - MINOR: mux-quic: implement MAX_STREAM_DATA emission
    - MINOR: mux-quic: implement MAX_DATA emission
    - BUG/MINOR: mux-quic: support nul buffer with qc_free_ncbuf()
    - MINOR: mux-quic: free RX buf if empty
    - BUG/MEDIUM: config: Reset outline buffer size on realloc error in readcfgfile()
    - BUG/MINOR: check: Reinit the buffer wait list at the end of a check
    - MEDIUM: check: No longer shutdown the connection in .wake callback function
    - REORG: check: Rename and export I/O callback function
    - MEDIUM: check: Use the CS to handle subscriptions for read/write events
    - BUG/MINOR: quic: break for error on sendto
    - MINOR: quic: abort on unlisted errno on sendto()
    - MINOR: quic: detect EBADF on sendto()
    - BUG/MEDIUM: quic: fix initialization for local/remote TPs
    - CLEANUP: quic: adjust comment/coding style for TPs init
    - BUG/MINOR: cfgparse: abort earlier in case of allocation error
    - MINOR: quic: Dump initial derived secrets
    - MINOR: quic_tls: Add quic_tls_derive_retry_token_secret()
    - MINOR: quic_tls: Add quic_tls_decrypt2() implementation
    - MINOR: quic: Retry implementation
    - MINOR: cfgparse: Update for "cluster-secret" keyword for QUIC Retry
    - MINOR: quic: Move quic_lstnr_dgram_dispatch() out of xprt_quic.c
    - BUILD: stats: Missing headers inclusions from stats.h
    - MINOR: quic_stats: Add a new stats module for QUIC
    - MINOR: quic: Attach proxy QUIC stats counters to the QUIC connection
    - BUG/MINOR: quic: Fix potential memory leak during QUIC connection allocations
    - MINOR: quic: QUIC stats counters handling
    - MINOR: quic: Add tune.quic.retry-threshold keyword
    - MINOR: quic: Dynamic Retry implementation
    - MINOR: quic/mux-quic: define CONNECTION_CLOSE send API
    - MINOR: mux-quic: emit FLOW_CONTROL_ERROR
    - MINOR: mux-quic: emit STREAM_LIMIT_ERROR
    - MINOR: mux-quic: close connection on error if different data at offset
    - BUG/MINOR: peers: fix error reporting of "bind" lines
    - CLEANUP: config: improve address parser error report for unmatched protocols
    - CLEANUP: config: provide cleare hints about unsupported QUIC addresses
    - MINOR: protocol: replace ctrl_type with xprt_type and clarify it
    - MINOR: listener: provide a function to process all of a bind_conf's arguments
    - MINOR: config: use the new bind_parse_args_list() to parse a "bind" line
    - CLEANUP: listener: add a comment about what the BC_SSL_O_* flags are for
    - MINOR: listener: add a new "options" entry in bind_conf
    - CLEANUP: listener: replace all uses of bind_conf->is_ssl with BC_O_USE_SSL
    - CLEANUP: listener: replace bind_conf->generate_cers with BC_O_GENERATE_CERTS
    - CLEANUP: listener: replace bind_conf->quic_force_retry with BC_O_QUIC_FORCE_RETRY
    - CLEANUP: listener: store stream vs dgram at the bind_conf level
    - MINOR: listener: detect stream vs dgram conflict during parsing
    - MINOR: listener: set the QUIC xprt layer immediately after parsing the args
    - MINOR: listener/ssl: set the SSL xprt layer only once the whole config is known
    - MINOR: connection: add flag MX_FL_FRAMED to mark muxes relying on framed xprt
    - MINOR: config: detect and report mux and transport incompatibilities
    - MINOR: listener: automatically select a QUIC mux with a QUIC transport
    - MINOR: listener: automatically enable SSL if a QUIC transport is found
    - BUG/MINOR: quic: Fixe a typo in qc_idle_timer_task()
    - BUG/MINOR: quic: Missing <conn_opening> stats counter decrementation
    - BUILD/MINOR: cpuset fix build for FreeBSD 13.1
    - CI: determine actual OpenSSL version dynamically

2022/05/14 : 2.6-dev10
    - MINOR: ssl: ignore dotfiles when loading a dir w/ ca-file
    - MEDIUM: ssl: ignore dotfiles when loading a dir w/ crt
    - BUG/MINOR: ssl: Fix typos in crl-file related CLI commands
    - MINOR: compiler: add a new macro to set an attribute on an enum when possible
    - BUILD: stats: conditionally mark obsolete stats states as deprecated
    - BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation
    - BUILD: debug: work around gcc-12 excessive -Warray-bounds warnings
    - BUILD: listener: shut report of possible null-deref in listener_accept()
    - BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-(
    - DOC: install: update gcc version requirements
    - BUILD: makefile: add -Wfatal-errors to the default flags
    - BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
    - BUG/MAJOR: dns: multi-thread concurrency issue on UDP socket
    - BUG/MINOR: mux-h2: mark the stream as open before processing it not after
    - MINOR: mux-h2: report a trace event when failing to create a new stream
    - DOC: configuration: add the httpclient keywords to the global keywords index
    - MINOR: quic: Add a debug counter for sendto() errors
    - BUG/MINOR: quic: Dropped peer transport parameters
    - BUG/MINOR: quic: Wrong unit for ack delay for incoming ACK frames
    - MINOR: quic: Congestion controller event trace fix (loss)
    - MINOR: quic: Add correct ack delay values to ACK frames
    - MINOR: config: Add "cluster-secret" new global keyword
    - MINOR: quic-tls: Add quic_hkdf_extract_and_expand() for HKDF
    - MINOR: quic: new_quic_cid() code moving
    - MINOR: quic: Initialize stateless reset tokens with HKDF secrets
    - MINOR: qc_new_conn() rework for stateless reset
    - MINOR: quic: Stateless reset token copy to transport parameters
    - MINOR: quic: Send stateless reset tokens
    - MINOR: quic: Short packets always embed a trailing AEAD TAG
    - CLEANUP: quic: wrong use of eb*entry() macro
    - CLEANUP: quic: Useless use of pointer for quic_hkdf_extract()
    - CLEANUP: quic_tls: QUIC_TLS_IV_LEN defined two times
    - MINOR: ncbuf: define non-contiguous buffer
    - MINOR: ncbuf: complete API and define block interal abstraction
    - MINOR: ncbuf: optimize storage for the last gap
    - MINOR: ncbuf: implement insertion
    - MINOR: ncbuf: define various insertion modes
    - MINOR: ncbuf: implement advance
    - MINOR: ncbuf: write unit tests
    - BUG/MEDIUM: lua: fix argument handling in data removal functions
    - DOC/MINOR: fix typos in the lua-api document
    - BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized
    - MINOR: mux-h1: Add global option accpet payload for any HTTP/1.0 requests
    - CLEANUP: mux-h1: Fix comments and error messages for global options
    - MINOR: conn_stream: make cs_set_error() work on the endpoint instead
    - CLEANUP: mux-h1: always take the endp from the h1s not the cs
    - CLEANUP: mux-h2: always take the endp from the h2s not the cs
    - CLEANUP: mux-pt: always take the endp from the context not the cs
    - CLEANUP: mux-fcgi: always take the endp from the fstrm not the cs
    - CLEANUP: mux-quic: always take the endp from the qcs not the cs
    - CLEANUP: applet: use the appctx's endp instead of cs->endp
    - MINOR: conn_stream: add a pointer back to the cs from the endpoint
    - MINOR: mux-h1: remove the now unneeded h1s->cs
    - MINOR: mux-h2: make sure any h2s always has an endpoint
    - MINOR: mux-h2: remove the now unneeded conn_stream from the h2s
    - MINOR: mux-fcgi: make sure any stream always has an endpoint
    - MINOR: mux-fcgi: remove the now unneeded conn_stream from the fcgi_strm
    - MINOR: mux-quic: remove the now unneeded conn_stream from the qcs
    - MINOR: mux-pt: remove the now unneeded conn_stream from the context
    - CLEANUP: muxes: make mux->attach/detach take a conn_stream endpoint
    - MINOR: applet: replace cs_applet_shut() with appctx_shut()
    - MINOR: applet: add appctx_strm() and appctx_cs() to access common fields
    - CLEANUP: applet: remove the unneeded appctx->owner
    - CLEANUP: conn_stream: merge cs_new_from_{mux,applet} into cs_new_from_endp()
    - MINOR: ext-check: indicate the transport and protocol of a server
    - BUG/MEDIUM: mux-quic: fix a thinko in the latest cs/endpoint cleanup
    - MINOR: tools: improve error message accuracy in str2sa_range
    - MINOR: config: make sure never to mix dgram and stream protocols on a bind line
    - BUG/MINOR: ncbuf: fix coverity warning on uninit sz_data
    - MINOR: xprt_quic: adjust flow-control according to bufsize
    - MEDIUM: mux-quic/h3/hq-interop: use ncbuf for bidir streams
    - MEDIUM: mux-quic/h3/qpack: use ncbuf for uni streams
    - CLEANUP: mux-quic: remove unused fields for Rx
    - CLEANUP: quic: remove unused quic_rx_strm_frm

2022/05/08 : 2.6-dev9
    - MINOR: mux-quic: support full request channel buffer
    - BUG/MINOR: h3: fix parsing of unknown frame type with null length
    - CLEANUP: backend: make alloc_{bind,dst}_address() idempotent
    - MEDIUM: stream: remove the confusing SF_ADDR_SET flag
    - MINOR: conn_stream: remove the now unused CS_FL_ADDR_*_SET flags
    - CLEANUP: protocol: make sure the connect_* functions always receive a dst
    - MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags
    - MINOR: session: get rid of the now unused SESS_FL_ADDR_*_SET flags
    - CLEANUP: mux: Useless xprt_quic-t.h inclusion
    - MINOR: quic: Make the quic_conn be aware of the number of streams
    - BUG/MINOR: quic: Dropped retransmitted STREAM frames
    - BUG/MINOR: mux_quic: Dropped packet upon retransmission for closed streams
    - MEDIUM: httpclient: remove url2sa to use a more flexible parser
    - MEDIUM: httpclient: http-request rules for resolving
    - MEDIUM: httpclient: allow address and port change for resolving
    - CLEANUP: httpclient: remove the comment about resolving
    - MINOR: httpclient: handle unix and other socket types in dst
    - MINOR: httpclient: rename dash by dot in global option
    - MINOR: init: exit() after pre-check upon error
    - MINOR: httpclient: cleanup the error handling in init
    - MEDIUM: httpclient: hard-error when SSL is configured
    - MINOR: httpclient: allow to configure the ca-file
    - MINOR: httpclient: configure the resolvers section to use
    - MINOR: httpclient: allow ipv4 or ipv6 preference for resolving
    - DOC: configuration: httpclient global option
    - MINOR: conn-stream: Add mask from flags set by endpoint or app layer
    - BUG/MEDIUM: conn-stream: Only keep app layer flags of the endpoint on reset
    - BUG/MEDIUM: mux-fcgi: Be sure to never set EOM flag on an empty HTX message
    - BUG/MEDIUM: mux-h1: Be able to handle trailers when C-L header was specified
    - DOC: config: Update doc for PR/PH session states to warn about rewrite failures
    - MINOR: resolvers: cleanup alert/warning in parse-resolve-conf
    - MINOR: resolvers: move the resolv.conf parser in parse_resolv_conf()
    - MINOR: resolvers: resolvers_new() create a resolvers with default values
    - BUILD: debug: unify the definition of ha_backtrace_to_stderr()
    - BUG/MINOR: tcp/http: release the expr of set-{src,dst}[-port]
    - MEDIUM: resolvers: create a "default" resolvers section at startup
    - DOC: resolvers: default resolvers section
    - BUG/MINOR: startup: usage() when no -cc arguments
    - BUG/MEDIUM: resolvers: make "show resolvers" properly yield
    - BUG/MEDIUM: cli: make "show cli sockets" really yield
    - BUG/MINOR: proxy/cli: don't enumerate internal proxies on "show backend"
    - BUG/MINOR: map/cli: protect the backref list during "show map" errors
    - BUG/MINOR: map/cli: make sure patterns don't vanish under "show map"'s init
    - BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts
    - BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts
    - BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts
    - BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts
    - CLEANUP: ssl/cli: do not loop on unknown states in "add ssl crt-list" handler
    - MINOR: applet: reserve some generic storage in the applet's context
    - CLEANUP: applet: make appctx_new() initialize the whole appctx
    - CLEANUP: stream/cli: take the "show sess" context definition out of the appctx
    - CLEANUP: stream/cli: stop using appctx->st2 for the dump state
    - CLEANUP: stream/cli: remove the unneeded init state from "show sess"
    - CLEANUP: stream/cli: remove the unneeded STATE_FIN state from "show sess"
    - CLEANUP: stream/cli: remove the now unneeded dump state from "show sess"
    - CLEANUP: proxy/cli: take the "show errors" context definition out of the appctx
    - CLEANUP: stick-table/cli: take the "show table" context definition out of the appctx
    - CLEANUP: stick-table/cli: stop using appctx->st2 for the dump state
    - CLEANUP: stick-table/cli: remove the unneeded STATE_INIT for "show table"
    - CLEANUP: map/cli: take the "show map" context definition out of the appctx
    - CLEANUP: map/cli: stop using cli.i0/i1 to store the generation numbers
    - CLEANUP: map/cli: stop using appctx->st2 for the dump state
    - CLEANUP: map/cli: always detach the backref from the list after "show map"
    - CLEANUP: peers/cli: take the "show peers" context definition out of the appctx
    - CLEANUP: peers/cli: stop using appctx->st2 for the dump state
    - CLEANUP: peers/cli: remove unneeded state STATE_INIT
    - CLEANUP: cli: initialize the whole appctx->ctx, not just the stats part
    - CLEANUP: promex: make the applet use its own context
    - CLEANUP: promex: stop using appctx->st2
    - CLEANUP: stats/cli: take the "show stat" context definition out of the appctx
    - CLEANUP: stats/cli: stop using appctx->st2
    - CLEANUP: hlua/cli: take the hlua_cli context definition out of the appctx
    - CLEANUP: ssl/cli: use a local context for "show cafile"
    - CLEANUP: ssl/cli: use a local context for "show crlfile"
    - CLEANUP: ssl/cli: use a local context for "show ssl cert"
    - CLEANUP: ssl/cli: use a local context for "commit ssl cert"
    - CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl cert"
    - CLEANUP: ssl/cli: use a local context for "set ssl cert"
    - CLEANUP: ssl/cli: use a local context for "set ssl cafile"
    - CLEANUP: ssl/cli: use a local context for "set ssl crlfile"
    - CLEANUP: ssl/cli: use a local context for "commit ssl {ca|crl}file"
    - CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl ca/crl"
    - CLEANUP: ssl/cli: stop using ctx.cli.i0/i1/p0 for "show tls-keys"
    - CLEANUP: ssl/cli: add a new "dump_entries" field to "show_keys_ref"
    - CLEANUP: ssl/cli: make "show tlskeys" not use appctx->st2 anymore
    - CLEANUP: ssl/cli: make "show ssl ocsp-response" not use cli.p0 anymore
    - CLEANUP: ssl/cli: make "{show|dump} ssl crtlist" use its own context
    - CLEANUP: ssl/cli: make "add ssl crtlist" use its own context
    - CLEANUP: ssl/cli: make "add ssl crtlist" not use st2 anymore
    - CLEANUP: dns: stop abusing the sink forwarder's context
    - CLEANUP: sink: use the generic context to store the forwarder's context
    - CLEANUP: activity/cli: make "show profiling" not use ctx.cli anymore
    - CLEANUP: debug/cli: make "debug dev fd" not use ctx.cli anymore
    - CLEANUP: debug/cli: make "debug dev memstats" not use ctx.cli anymore
    - CLEANUP: ring: pass the ring watch flags to ring_attach_cli(), not in ctx.cli
    - CLEANUP: ring/cli: use a locally-defined context instead of using ctx.cli
    - CLEANUP: resolvers/cli: make "show resolvers" use a locally-defined context
    - CLEANUP: resolvers/cli: remove the unneeded appctx->st2 from "show resolvers"
    - CLEANUP: cache/cli: make use of a locally defined context for "show cache"
    - CLEANUP: proxy/cli: make use of a locally defined context for "show servers"
    - CLEANUP: proxy/cli: get rid of appctx->st2 in "show servers"
    - CLEANUP: proxy/cli: make "show backend" only use the generic context
    - CLEANUP: cli: make "show fd" use its own context
    - CLEANUP: cli: make "show env" use its own context
    - CLEANUP: cli: simplify the "show cli sockets" I/O handler
    - CLEANUP: cli: make "show cli sockets" use its own context
    - CLEANUP: httpclient/cli: use a locally-defined context instead of ctx.cli
    - CLEANUP: httpclient: do not use the appctx.ctx anymore
    - CLEANUP: peers: do not use appctx.ctx anymore
    - CLEANUP: spoe: do not use appctx.ctx anymore
    - BUILD: applet: mark the CLI's generic variables as deprecated
    - BUILD: applet: mark the appctx's st2 variable as deprecated
    - CLEANUP: cache: take the context out of appctx.ctx
    - MEDIUM: lua: move the cosocket storage outside of appctx.ctx
    - MINOR: lua: move the tcp service storage outside of appctx.ctx
    - MINOR: lua: move the http service context out of appctx.ctx
    - CLEANUP: cli: move the status print context into its own context
    - CLEANUP: stats: rename the stats state values an mark the old ones deprecated
    - DOC: internal: document the new cleaner approach to the appctx
    - MINOR: tcp: socket translate TCP_KEEPIDLE for macOs equivalent
    - DOC: fix typo "ant" for "and" in INSTALL
    - CI: dynamically determine actual version of h2spec

2022/04/30 : 2.6-dev8
    - BUG/MINOR: quic: fix use-after-free with trace on ACK consume
    - BUG/MINOR: rules: Forbid captures in defaults section if used by a backend
    - BUG/MEDIUM: rules: Be able to use captures defined in defaults section
    - BUG/MINOR: rules: Fix check_capture() function to use the right rule arguments
    - BUG/MINOR: http-act: make release_http_redir() more robust
    - BUG/MINOR: sample: add missing use_backend/use-server contexts in smp_resolve_args
    - MINOR: sample: don't needlessly call c_none() in sample_fetch_as_type()
    - MINOR: sample: make the bool type cast to bin
    - MEDIUM: backend: add new "balance hash <expr>" algorithm
    - MINOR: init: add global setting "fd-hard-limit" to bound system limits
    - BUILD: pollers: use an initcall to register the pollers
    - BUILD: xprt: use an initcall to register the transport layers
    - BUILD: thread: use initcall instead of a constructor
    - BUILD: http: remove the two unused constructors in rules and ana
    - CLEANUP: compression: move the default setting of maxzlibmem to defaults
    - MINOR: tree-wide: always consider EWOULDBLOCK in addition to EAGAIN
    - BUG/MINOR: connection: "connection:close" header added despite 'close-spread-time'
    - MINOR: fd: add functions to set O_NONBLOCK and FD_CLOEXEC
    - CLEANUP: tree-wide: use fd_set_nonblock() and fd_set_cloexec()
    - CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h
    - REGTESTS: fix the race conditions in be2dec.vtc ad field.vtc
    - REGTESTS: webstats: remove unused stats socket in /tmp
    - MEDIUM: httpclient: disable SSL when the ca-file couldn't be loaded
    - BUG/MINOR: httpclient/lua: error when the httpclient_start() fails
    - BUG/MINOR: ssl: free the cafile entries on deinit
    - BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file
    - MEDIUM: httpclient: re-enable the verify by default
    - BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail
    - BUILD: compiler: properly distinguish weak and global symbols
    - MINOR: connection: Add way to disable active connection closing during soft-stop
    - BUG/MEDIUM: http-ana: Fix memleak in redirect rules with ignore-empty option
    - CLEANUP: Destroy `http_err_chunks` members during deinit
    - BUG/MINOR: resolvers: Fix memory leak in resolvers_deinit()
    - MINOR: Call deinit_and_exit(0) for `haproxy -vv`
    - BUILD: fd: disguise the fd_set_nonblock/cloexec result
    - BUG/MINOR: pools: make sure to also destroy shared pools in pool_destroy_all()
    - MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord"
    - CLEANUP: errors: also call deinit_errors_buffers() on deinit()
    - CLEANUP: chunks: release trash also in deinit
    - CLEANUP: deinit: release the pre-check callbacks
    - CLEANUP: deinit: release the config postparsers
    - CLEANUP: listeners/deinit: release accept queue tasklets on deinit
    - CLEANUP: connections/deinit: destroy the idle_conns tasks
    - BUG/MINOR: mux-quic: fix build in release mode
    - MINOR: mux-quic: adjust comment on emission function
    - MINOR: mux-quic: remove unused bogus qcc_get_stream()
    - BUG/MINOR: mux-quic: fix leak if cs alloc failure
    - MINOR: mux-quic: count local flow-control stream limit on reception
    - BUG/MINOR: h3: fix incomplete POST requests
    - BUG/MEDIUM: h3: fix use-after-free on mux Rx buffer wrapping
    - MINOR: mux-quic: partially copy Rx frame if almost full buf
    - MINOR: h3: change frame demuxing API
    - MINOR: mux-quic: add a app-layer context in qcs
    - MINOR: h3: implement h3 stream context
    - MINOR: h3: support DATA demux if buffer full
    - MINOR: quic: decode as much STREAM as possible
    - MINOR: quic: Improve qc_prep_pkts() flexibility
    - MINOR: quic: Prepare quic_frame struct duplication
    - MINOR: quic: Do not retransmit frames from coalesced packets
    - MINOR: quic: Add traces about TX frame memory releasing
    - MINOR: quic: process_timer() rework
    - MEDIUM: quic: New functions for probing rework
    - MEDIUM: quic: Retransmission functions rework
    - MEDIUM: quic: qc_requeue_nacked_pkt_tx_frms() rework
    - MINOR: quic: old data distinction for qc_send_app_pkt()
    - MINOR: quic: Mark packets as probing with old data
    - MEDIUM: quic: Mark copies of acknowledged frames as acknowledged
    - MEDIUM: quic: Enable the new datagram probing process
    - MINOR: quic: Do not send ACK frames when probing
    - BUG/MINOR: quic: Wrong returned status by qc_build_frms()
    - BUG/MINOR: quic: Avoid sending useless PADDING frame
    - BUG/MINOR: quic: Traces fix about remaining frames upon packet build failure
    - MINOR: quic: Wake up the mux to probe with new data
    - BUG/MEDIUM: quic: Possible crash on STREAM frame loss
    - BUG/MINOR: quic: Missing Initial packet length check
    - CLEANUP: quic: Rely on the packet length set by qc_lstnr_pkt_rcv()
    - MINOR: quic: Drop 0-RTT packets if not allowed
    - BUG/MINOR: httpclient/ssl: use the correct verify constant
    - BUG/MEDIUM: conn-stream: Don't erase endpoint flags on reset
    - BUG/MEDIUM: httpclient: Fix loop consuming HTX blocks from the response channel
    - BUG/MINOR: httpclient: Count metadata in size to transfer via htx_xfer_blks()
    - MINOR: httpclient: Don't use co_set_data() to decrement output
    - BUG/MINOR: conn_stream: do not confirm a connection from the frontend path
    - MEDIUM: quic: do not ACK packet with STREAM if MUX not present
    - MEDIUM: quic: do not ack packet with invalid STREAM
    - MINOR: quic: Drop 0-RTT packets without secrets
    - CLEANUP: quic: Remaining fprintf() debug trace
    - MINOR: quic: moving code for QUIC loss detection
    - BUG/MINOR: quic: Missing time threshold multiplifier for loss delay computation
    - CI: github actions: update LibreSSL to 3.5.2
    - SCRIPTS: announce-release: add URL of dev packages

2022/04/23 : 2.6-dev7
    - BUILD: calltrace: fix wrong include when building with TRACE=1
    - MINOR: ssl: Use DH parameters defined in RFC7919 instead of hard coded ones
    - MEDIUM: ssl: Disable DHE ciphers by default
    - BUILD: ssl: Fix compilation with OpenSSL 1.0.2
    - MINOR: mux-quic: split xfer and STREAM frames build
    - REORG: quic: use a dedicated module for qc_stream_desc
    - MINOR: quic-stream: use distinct tree nodes for quic stream and qcs
    - MINOR: quic-stream: add qc field
    - MEDIUM: quic: implement multi-buffered Tx streams
    - MINOR: quic-stream: refactor ack management
    - MINOR: quic: limit total stream buffers per connection
    - MINOR: mux-quic: implement immediate send retry
    - MINOR: cfg-quic: define tune.quic.conn-buf-limit
    - MINOR: ssl: Add 'show ssl providers' cli command and providers list in -vv option
    - REGTESTS: ssl: Update error messages that changed with OpenSSLv3.1.0-dev
    - BUG/MEDIUM: quic: Possible crash with released mux
    - BUG/MINOR: mux-quic: unsubscribe on release
    - BUG/MINOR: mux-quic: handle null timeout
    - BUG/MEDIUM: logs: fix http-client's log srv initialization
    - BUG/MINOR: mux-quic: remove dead code in qcs_xfer_data()
    - DEV: stream: Fix conn-streams dump in full stream message
    - CLEANUP: conn-stream: Rename cs_conn_close() and cs_conn_drain_and_close()
    - CLEANUP: conn-stream: Rename cs_applet_release()
    - MINOR: conn-stream: Rely on endpoint shutdown flags to shutdown an applet
    - BUG/MINOR: cache: Disable cache if applet creation fails
    - BUG/MINOR: backend: Don't allow to change backend applet
    - BUG/MEDIUM: conn-stream: Set back CS to RDY state when the appctx is created
    - MINOR: stream: Don't needlessly detach server endpoint on early client abort
    - MINOR: conn-stream: Make cs_detach_* private and use cs_destroy() from outside
    - MINOR: init: add the pre-check callback
    - MEDIUM: httpclient: change the init sequence
    - MEDIUM: httpclient/ssl: verify required
    - MINOR: httpclient/mworker: disable in the master process
    - MEDIUM: httpclient/ssl: verify is configurable and disabled by default
    - BUG/MAJOR: connection: Never remove connection from idle lists outside the lock
    - BUG/MEDIUM: mux-quic: fix stalled POST requets
    - BUG/MINOR: mux-quic: fix POST with abortonclose
    - MINOR: task: add a new task_instant_wakeup() function
    - MEDIUM: queue: use tasklet_instant_wakeup() to wake tasks
    - DOC: remove my name from the config doc

2022/04/16 : 2.6-dev6
    - CLEANUP: connection: reduce the with of the mux dump output
    - CI: Update to actions/checkout@v3
    - CI: Update to actions/cache@v3
    - DOC: adjust QUIC instruction in INSTALL
    - BUG/MINOR: stats: define the description' background color in dark color scheme
    - BUILD: ssl: add USE_ENGINE and disable the openssl engine by default
    - BUILD: makefile: pass USE_ENGINE to cflags
    - BUILD: xprt-quic: replace ERR_func_error_string() with ERR_peek_error_func()
    - DOC: install: document the fact that SSL engines are not enabled by default
    - CI: github actions: disable -Wno-deprecated
    - BUILD: makefile: silence unbearable OpenSSL deprecation warnings
    - MINOR: sock: check configured limits at the sock layer, not the listener's
    - MINOR: connection: add a new flag CO_FL_FDLESS on fd-less connections
    - MINOR: connection: add conn_fd() to retrieve the FD only when it exists
    - MINOR: stream: only dump connections' FDs when they are valid
    - MINOR: connection: use conn_fd() when displaying connection errors
    - MINOR: connection: skip FD-based syscalls for FD-less connections
    - MEDIUM: connection: panic when calling FD-specific functions on FD-less conns
    - MINOR: mux-quic: properly set the flags and name fields
    - MINOR: connection: rearrange conn_get_src/dst to be a bit more extensible
    - MINOR: protocol: add get_src() and get_dst() at the protocol level
    - MINOR: quic-sock: provide a pair of get_src/get_dst functions
    - MEDIUM: ssl: improve retrieval of ssl_sock_ctx and SSL detection
    - MEDIUM: ssl: stop using conn->xprt_ctx to access the ssl_sock_ctx
    - MEDIUM: xprt-quic: implement get_ssl_sock_ctx()
    - MEDIUM: quic: move conn->qc into conn->handle
    - BUILD: ssl: fix build warning with previous changes to ssl_sock_ctx
    - BUILD: ssl: add an unchecked version of __conn_get_ssl_sock_ctx()
    - MINOR: ssl: refine the error testing for fc_err and fc_err_str
    - BUG/MINOR: sock: do not double-close the accepted socket on the error path
    - CI: cirrus: switch to FreeBSD-13.0
    - MINOR: log: add '~' to frontend when the transport layer provides SSL
    - BUILD/DEBUG: lru: fix printf format in debug code
    - BUILD: peers: adjust some printf format to silence cppcheck
    - BUILD/DEBUG: hpack-tbl: fix format string in standalone debug code
    - BUILD/DEBUG: hpack: use unsigned int in printf format in debug code
    - BUILD: halog: fix some incorrect signs in printf formats for integers
    - BUG/MINOR: h3: fix build with DEBUG_H3
    - BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent
    - BUG/MINOR: cache: do not display expired entries in "show cache"
    - BUG/MINOR: mux-h1: Don't release unallocated CS on error path
    - MINOR: applet: Make .init callback more generic
    - MINOR: conn-stream: Add flags to set the type of the endpoint
    - MEDIUM: applet: Set the appctx owner during allocation
    - MAJOR: conn-stream: Invert conn-stream endpoint and its context
    - REORG: Initialize the conn-stream by hand in cs_init()
    - MEDIUM: conn-stream: Add an endpoint structure in the conn-stream
    - MINOR: conn-stream: Move some CS flags to the endpoint
    - MEDIUM: conn-stream: Be able to pass endpoint to create a conn-stream
    - MEDIUM: conn-stream: Pre-allocate endpoint to create CS from muxes and applets
    - REORG: applet: Uninline appctx_new function
    - MAJOR: conn-stream: Share endpoint struct between the CS and the mux/applet
    - MEDIUM: conn-stream: Move remaning flags from CS to endpoint
    - MINOR: mux-pt: Rely on the endpoint instead of the conn-stream when possible
    - MINOR: conn-stream: Add ISBACK conn-stream flag
    - MINOR: conn-stream: Add header file with util functions related to conn-streams
    - MEDIUM: tree-wide: Use CS util functions instead of SI ones
    - MINOR: stream-int/txn: Move buffer for L7 retries in the HTTP transaction
    - CLEANUP: http-ana: Remove http_alloc_txn() function
    - MINOR: stream-int/stream: Move conn_retries counter in the stream
    - MINOR: stream: Simplify retries counter calculation
    - MEDIUM: stream-int/conn-stream: Move src/dst addresses in the conn-stream
    - MINOR: stream-int/conn-stream: Move half-close timeout in the conn-stream
    - MEDIUM: stream-int/stream: Use connect expiration instead of SI expiration
    - MINOR: stream-int/conn-stream: Report error to the CS instead of the SI
    - MEDIUM: conn-stream: Use endpoint error instead of conn-stream error
    - MINOR: channel: Use conn-streams as channel producer and consumer
    - MINOR: stream-int: Remove SI_FL_KILL_CON to rely on conn-stream endpoint only
    - MINOR: mux-h2/mux-fcgi: Fully rely on CS_EP_KILL_CONN
    - MINOR: stream-int: Remove SI_FL_NOLINGER/NOHALF to rely on CS flags instead
    - MINOR: stream-int: Remove SI_FL_DONT_WAKE to rely on CS flags instead
    - MINOR: stream-int: Remove SI_FL_INDEP_STR to rely on CS flags instead
    - MINOR: stream-int: Remove SI_FL_SRC_ADDR to rely on stream flags instead
    - CLEANUP: stream-int: Remove unused SI_FL_CLEAN_ABRT flag
    - MINOR: stream: Only save previous connection state for the server side
    - MEDIUM: stream-int: Move SI err_type in the stream
    - MEDIUM: stream-int/conn-stream: Move stream-interface state in the conn-stream
    - MINOR: stream-int/stream: Move si_retnclose() in the stream scope
    - MINOR: stream-int/backend: Move si_connect() in the backend scope
    - MINOR: stream-int/conn-stream: Move si_conn_ready() in the conn-stream scope
    - MINOR: conn-stream/connection: Move SHR/SHW modes in the connection scope
    - MEDIUM: conn-stream: Be prepared to fail to attach a cs to a mux
    - MEDIUM: stream-int/conn-stream: Handle I/O subscriptions in the conn-stream
    - MINOR: conn-stream: Rename CS functions dedicated to connections
    - MINOR: stream-int/conn-stream: Move si_shut* and si_chk* in conn-stream scope
    - MEDIUM: stream-int/conn-stream: Move si_ops in the conn-stream scope
    - MINOR: applet: Use the CS to register and release applets instead of SI
    - MINOR: connection: unconst mux's get_fist_cs() callback function
    - MINOR: stream-int/connection: Move conn_si_send_proxy() in the connection scope
    - REORG: stream-int: Export si_cs_recv(), si_cs_send() and si_cs_process()
    - REORG: stream-int: Move si_is_conn_error() in the header file
    - REORG: conn-stream: Move cs_shut* and cs_chk* in cs_utils
    - REORG: conn-stream: Move cs_app_ops in conn_stream.c
    - MINOR: stream-int-conn-stream: Move si_update_* in conn-stream scope
    - MINOR: stream-int/stream: Move si_update_both in stream scope
    - MEDIUM: conn-stream/applet: Add a data callback for applets
    - MINOR: stream-int/conn-stream: Move stream_int_read0() in the conn-stream scope
    - MINOR: stream-int/conn-stream: Move stream_int_notify() in the conn-stream scope
    - MINOR: stream-int/conn-stream: Move si_cs_io_cb() in the conn-stream scope
    - MINOR: stream-int/conn-stream: Move si_sync_recv/send() in conn-stream scope
    - MINOR: conn-stream: Move si_conn_cb in the conn-stream scope
    - MINOR: stream-int/conn-stream Move si_is_conn_error() in the conn-stream scope
    - MINOR: stream-int/conn-stream: Move si_alloc_ibuf() in the conn-stream scope
    - CLEANUP: stream-int:  Remove unused SI functions
    - MEDIUM: stream-int/conn-stream: Move blocking flags from SI to CS
    - MEDIUM: stream-int/conn-stream: Move I/O functions to conn-stream
    - REORG: stream-int/conn-stream: Move remaining functions to conn-stream
    - MINOR: stream: Use conn-stream to report server error
    - MINOR: http-ana: Use CS to perform L7 retries
    - MEDIUM: stream: Don't use the stream-int anymore in process_stream()
    - MINOR: conn-stream: Remove the stream-interface from the conn-stream
    - DEV: flags: No longer dump SI flags
    - CLEANUP: tree-wide: Remove any ref to stream-interfaces
    - CLEANUP: conn-stream: Don't export internal functions
    - DOC: conn-stream: Add comments on functions of the new CS api
    - MEDIUM: check: Use a new conn-stream for each health-check run
    - CLEANUP: muxes: Remove MX_FL_CLEAN_ABRT flag
    - MINOR: conn-stream: Use a dedicated function to conditionally remove a CS
    - CLEANUP: conn-stream: rename cs_register_applet() to cs_applet_create()
    - MINOR: muxes: Improve show_fd callbacks to dump endpoint flags
    - MINOR: mux-h1: Rely on the endpoint instead of the conn-stream when possible
    - BUG/MINOR: quic: Avoid starting the mux if no ALPN sent by the client
    - BUILD: debug: mark the __start_mem_stats/__stop_mem_stats symbols as weak
    - BUILD: initcall: mark the __start_i_* symbols as weak, not global
    - BUG/MINOR: mux-h2: do not use timeout http-keep-alive on backend side
    - BUG/MINOR: mux-h2: use timeout http-request as a fallback for http-keep-alive
    - MINOR: muxes: Don't expect to have a mux without connection in destroy callback
    - MINOR: muxes: Don't handle proto upgrade for muxes not supporting it
    - MINOR: muxes: Don't expect to call release function with no mux defined
    - MINOR: conn-stream: Use unsafe functions to get conn/appctx in cs_detach_endp
    - BUG/MEDIUM: mux-h1: Don't request more room on partial trailers
    - BUILD: http-client: Avoid dead code when compiled without SSL support
    - BUG/MINOR: mux-quic: prevent a crash in session_free on mux.destroy
    - BUG/MINOR: quic-sock: do not double free session on conn init failure
    - BUG/MINOR: quic: fix return value for error in start
    - MINOR: quic: emit CONNECTION_CLOSE on app init error
    - BUILD: sched: workaround crazy and dangerous warning in Clang 14
    - BUILD: compiler: use a more portable set of asm(".weak") statements
    - BUG/MEDIUM: stream: do not abort connection setup too early
    - CLEANUP: extcheck: do not needlessly preset the server's address/port
    - MINOR: extcheck: fill in the server's UNIX socket address when known
    - BUG/MEDIUM: connection: Don't crush context pointer location if it is a CS
    - BUG/MEDIUM: quic: properly clean frames on stream free
    - BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added
    - BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags
    - MINOR: tcp_sample: clarifying samples support per os, for further expansion.
    - MINOR: tcp_sample: extend support for get_tcp_info to macOs.
    - SCRIPTS: announce-release: update the doc's URL
    - DOC: lua: update a few doc URLs
    - SCRIPTS: announce-release: add shortened links to pending issues

2022/04/09 : 2.6-dev5
    - DOC: reflect H2 timeout changes
    - BUG/MEDIUM: mux-fcgi: Properly handle return value of headers/trailers parsing
    - BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing
    - BUG/MINOR: log: Initialize the list element when allocating a new log server
    - BUG/MINOR: samples: add missing context names for sample fetch functions
    - MINOR: management: add some basic keyword dump infrastructure
    - MINOR: config: add a function to dump all known config keywords
    - MINOR: filters: extend flt_dump_kws() to dump to stdout
    - MINOR: services: extend list_services() to dump to stdout
    - MINOR: cli: add a new keyword dump function
    - MINOR: acl: add a function to dump the list of known ACL keywords
    - MINOR: samples: add a function to list register sample fetch keywords
    - MINOR: sample: list registered sample converter functions
    - MINOR: tools: add strordered() to check whether strings are ordered
    - MINOR: action: add a function to dump the list of actions for a ruleset
    - MINOR: config: alphanumerically sort config keywords output
    - MINOR: sample: alphanumerically sort sample & conv keyword dumps
    - MINOR: acl: alphanumerically sort the ACL dump
    - MINOR: cli: alphanumerically sort the dump of supported commands
    - MINOR: filters: alphabetically sort the list of filter names
    - MINOR: services: alphabetically sort service names
    - MEDIUM: httpclient/lua: be stricter with httpclient parameters
    - MINOR: ssl: split the cert commit io handler
    - MINOR: ssl: move the cert_exts and the CERT_TYPE enum
    - MINOR: ssl: simplify the certificate extensions array
    - MINOR: ssl: export ckch_inst_rebuild()
    - MINOR: ssl: add "crt" in the cert_exts array
    - MINOR: ssl/lua: CertCache.set() allows to update an SSL certificate file
    - BUILD: ssl/lua: CacheCert needs OpenSSL
    - DOC: lua: CertCache class documentation
    - BUG/MEDIUM: quic: do not use qcs from quic_stream on ACK parsing
    - MINOR: mux-quic: return qcs instance from qcc_get_qcs
    - MINOR: mux-quic: reorganize qcs free
    - MINOR: mux-quic: define release app-ops
    - BUG/MINOR: h3: release resources on close
    - BUG/MINOR: mux-quic: ensure to free all qcs on MUX release
    - CLEANUP: quic: complete comment on qcs_try_to_consume
    - MINOR: quic: implement stream descriptor for transport layer
    - MEDIUM: quic: move transport fields from qcs to qc_conn_stream
    - MEDIUM: mux-quic: remove qcs tree node
    - BUG/MINOR: cli/stream: fix "shutdown session" to iterate over all threads
    - DOC: management: add missing dot in 9.4.1
    - BUG/MAJOR: mux_pt: always report the connection error to the conn_stream
    - DOC: remove double blanks in configuration.txt
    - CI: github actions: update OpenSSL to 3.0.2
    - BUG/MEDIUM: quic: Possible crash in ha_quic_set_encryption_secrets()
    - CLEANUP: quic: Remove all atomic operations on quic_conn struct
    - CLEANUP: quic: Remove all atomic operations on packet number spaces
    - MEDIUM: quic: Send ACK frames asap
    - BUG/MINOR: quic: Missing probing packets when coalescing
    - BUG/MINOR: quic: Discard Initial packet number space only one time
    - MINOR: quic: Do not display any timer value from process_timer()
    - BUG/MINOR: quic: Do not probe from an already probing packet number space
    - BUG/MINOR: quic: Non duplicated frames upon fast retransmission
    - BUG/MINOR: quic: Too much prepared retransmissions due to anti-amplification
    - MINOR: quic: Useless call to SSL_CTX_set_default_verify_paths()
    - MINOR: quic: Add traces about list of frames
    - BUG/MINOR: h3: Missing wait event struct field initialization
    - BUG/MINOR: quic: QUIC TLS secrets memory leak
    - BUG/MINOR: quic: Missing ACK range deallocations
    - BUG/MINOR: quic: Missing TX packet deallocations
    - CLEANUP: hpack: be careful about integer promotion from uint8_t
    - OPTIM: hpack: read 32 bits at once when possible.
    - MEDIUM: ssl: allow loading of a directory with the ca-file directive
    - BUG/MINOR: ssl: continue upon error when opening a directory w/ ca-file
    - MINOR: ssl: ca-file @system-ca loads the system trusted CA
    - DOC: configuration: add the ca-file changes
    - MINOR: sample: converter: Add add_item convertor
    - BUG/MINOR: ssl: handle X509_get_default_cert_dir() returning NULL
    - BUG/MINOR: ssl/cli: Remove empty lines from CLI output
    - MINOR: httpclient: enable request buffering
    - MEDIUM: httpclient: enable l7-retry
    - BUG/MINOR: httpclient: end callback in applet release
    - MINOR: quic: Add draining connection state.
    - MINOR: quic: Add closing connection state
    - BUG/MEDIUM: quic: ensure quic-conn survives to the MUX
    - CLEANUP: quic: use static qualifer on quic_close
    - CLEANUP: mux-quic: remove unused QC_CF_CC_RECV
    - BUG/MINOR: fix memleak on quic-conn streams cleaning
    - MINOR: mux-quic: factorize conn-stream attach
    - MINOR: mux-quic: adjust timeout to accelerate closing
    - MINOR: mux-quic: define is_active app-ops
    - MINOR: mux-quic: centralize send operations in qc_send
    - MEDIUM: mux-quic: report CO_FL_ERROR on send
    - MEDIUM: mux-quic: report errors on conn-streams
    - MEDIUM: quic: report closing state for the MUX
    - BUG/MINOR: fcgi-app: Don't add C-L header on response to HEAD requests
    - BUG/MEDIUM: stats: Be sure to never set EOM flag on an empty HTX message
    - BUG/MEDIUM: hlua: Don't set EOM flag on an empty HTX message in HTTP applet
    - BUG/MEDIUM: promex: Be sure to never set EOM flag on an empty HTX message
    - BUG/MEDIUM: mux-h1: Set outgoing message to DONE when payload length is reached
    - BUG/MINOR: http_client: Don't add input data on an empty request buffer
    - BUG/MEDIUM: http-conv: Fix url_enc() to not crush const samples
    - BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid
    - CLEANUP: mux-quic: remove uneeded TODO in qc_detach
    - BUG/MEDIUM: mux-quic: properly release conn-stream on detach
    - BUG/MINOR: quic: set the source not the destination address on accept()
    - BUG/MEDIUM: quic: Possible crash from quic_free_arngs()
    - MINOR: quic_tls: Add reusable cipher contexts to QUIC TLS contexts
    - MINOR: quic_tls: Stop hardcoding cipher IV lengths
    - CLEANUP: quic: Do not set any cipher/group from ssl_quic_initial_ctx()
    - MINOR: quic: Add short packet key phase bit values to traces
    - MINOR: quic_tls: Make key update use of reusable cipher contexts
    - BUG/MINOR: opentracing: setting the return value in function flt_ot_var_set()
    - BUG/BUILD: opentracing: fixed OT_DEFINE variable setting
    - EXAMPLES: opentracing: refined shell scripts for testing filter performance
    - DOC: opentracing: corrected comments in function descriptions
    - CLEANUP: opentracing: removed unused function flt_ot_var_unset()
    - CLEANUP: opentracing: removed unused function flt_ot_var_get()
    - Revert "MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn'"
    - MINOR: opentracing: only takes the variables lock on shared entries
    - CLEANUP: opentracing: added flt_ot_smp_init() function
    - CLEANUP: opentracing: added variable to store variable length
    - MINOR: opentracing: improved normalization of context variable names
    - DEBUG: opentracing: show return values of all functions in the debug output
    - CLEANUP: opentracing: added FLT_OT_PARSE_INVALID_enum enum
    - DEBUG: opentracing: display the contents of the err variable after setting
    - MAJOR: opentracing: reenable usage of vars to transmit opentracing context
    - Revert "BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time"
    - MEDIUM: global: Add a "close-spread-time" option to spread soft-stop on time window

2022/03/26 : 2.6-dev4
    - BUG/MEDIUM: httpclient: don't consume data before it was analyzed
    - CLEANUP: htx: remove unused co_htx_remove_blk()
    - BUG/MINOR: httpclient: consume partly the blocks when necessary
    - BUG/MINOR: httpclient: remove the UNUSED block when parsing headers
    - BUG/MEDIUM: httpclient: must manipulate head, not first
    - REGTESTS: fix the race conditions in be2hex.vtc
    - BUG/MEDIUM: quic: Blocked STREAM when retransmitted
    - BUG/MAJOR: quic: Possible crash with full congestion control window
    - BUG/MINOR: httpclient/lua: stuck when closing without data
    - BUG/MEDIUM: applet: Don't call .release callback function twice
    - BUG/MEDIUM: cli/debug: Properly get the stream-int in all debug I/O handlers
    - BUG/MEDIUM: sink: Properly get the stream-int in appctx callback functions
    - DEV: udp: switch parser to getopt() instead of positional arguments
    - DEV: udp: add support for random packet corruption
    - MINOR: server: export server_parse_sni_expr() function
    - BUG/MINOR: httpclient: send the SNI using the host header
    - BUILD: httpclient: fix build without SSL
    - BUG/MINOR: server/ssl: free the SNI sample expression
    - BUG/MINOR: logs: fix logsrv leaks on clean exit
    - MINOR: actions: add new function free_act_rule() to free a single rule
    - BUG/MINOR: tcp-rules: completely free incorrect TCP rules on error
    - BUG/MINOR: http-rules: completely free incorrect TCP rules on error
    - BUG/MINOR: httpclient: only check co_data() instead of HTTP_MSG_DATA
    - BUG/MINOR: httpclient: process the response when received before the end of the request
    - BUG/MINOR: httpclient: CF_SHUTW_NOW should be tested with channel_is_empty()
    - CI: github actions: switch to LibreSSL-3.5.1
    - BUG/MEDIUM: mux-h1: only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf
    - BUG/MEDIUM: stream-int: do not rely on the connection error once established
    - BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner
    - MEDIUM: mux-h2: slightly relax timeout management rules
    - BUG/MEDIUM: mux-h2: make use of http-request and keep-alive timeouts
    - BUG/MINOR: rules: Initialize the list element when allocating a new rule
    - BUG/MINOR: http-rules: Don't free new rule on allocation failure
    - DEV: coccinelle: Fix incorrect replacement in ist.cocci
    - CLEANUP: Reapply ist.cocci with `--include-headers-for-types --recursive-includes`
    - DEV: coccinelle: Add a new pattern to ist.cocci
    - CLEANUP: Reapply ist.cocci
    - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+
    - MINOR: quic: Code factorization (TX buffer reuse)
    - CLEANUP: quic: "largest_acked_pn" pktns struc member moving
    - MEDIUM: quic: Limit the number of ACK ranges
    - MEDIUM: quic: Rework of the TX packets memory handling
    - BUG/MINOR: quic: Possible crash in parse_retry_token()
    - BUG/MINOR: quic: Possible leak in quic_build_post_handshake_frames()
    - BUG/MINOR: quic: Unsent frame because of qc_build_frms()
    - BUG/MINOR: mux-quic: Access to empty frame list from qc_send_frames()
    - BUG/MINOR: mux-quic: Missing I/O handler events initialization
    - BUG/MINOR: quic: Missing TX packet initializations
    - BUG/MINOR: quic: 1RTT packets ignored after mux was released
    - BUG/MINOR: quic: Incorrect peer address validation
    - BUG/MINOR: quic: Non initialized variable in quic_build_post_handshake_frames()
    - BUG/MINOR: quic: Wrong TX packet related counters handling
    - MEDIUM: mqtt: support mqtt_is_valid and mqtt_field_value converters for MQTTv3.1
    - DOC: config: Explictly add supported MQTT versions
    - MINOR: quic: Add traces about stream TX buffer consumption
    - MINOR: quic: Add traces in qc_set_timer() (scheduling)
    - CLEANUP: mux-quic: change comment style to not mess with git conflict
    - CLEANUP: mux-quic: adjust comment for coding-style
    - MINOR: mux-quic: complete trace when stream is not found
    - MINOR: mux-quic: add comments for send functions
    - MINOR: mux-quic: use shorter name for flow-control fields
    - MEDIUM: mux-quic: respect peer bidirectional stream data limit
    - MEDIUM: mux-quic: respect peer connection data limit
    - MINOR: mux-quic: support MAX_STREAM_DATA frame parsing
    - MINOR: mux-quic: support MAX_DATA frame parsing
    - BUILD: stream-int: avoid a build warning when DEBUG is empty
    - BUG/MINOR: quic: Wrong buffer length passed to generate_retry_token()
    - BUG/MINOR: tools: fix url2sa return value with IPv4
    - MINOR: mux-quic: convert fin on push-frame as boolean
    - BUILD: quic: add missing includes
    - REORG: quic: use a dedicated quic_loss.c
    - MINOR: mux-quic: declare the qmux trace module
    - MINOR: mux-quic: replace printfs by traces
    - MINOR: mux-quic: add trace event for frame sending
    - MINOR: mux-quic: add trace event for qcs_push_frame
    - MINOR: mux-quic: activate qmux traces on stdout via macro
    - BUILD: qpack: fix unused value when not using DEBUG_HPACK
    - CLEANUP: qpack: suppress by default stdout traces
    - CLEANUP: h3: suppress by default stdout traces
    - BUG/MINOR: tools: url2sa reads too far when no port nor path

2022/03/11 : 2.6-dev3
    - DEBUG: rename WARN_ON_ONCE() to CHECK_IF()
    - DEBUG: improve BUG_ON output message accuracy
    - DEBUG: implement 4 levels of choices between warn and crash.
    - DEBUG: add two new macros to enable debugging in hot paths
    - DEBUG: buf: replace some sensitive BUG_ON() with BUG_ON_HOT()
    - DEBUG: buf: add BUG_ON_HOT() to most buffer management functions
    - MINOR: channel: don't use co_set_data() to decrement output
    - DEBUG: channel: add consistency checks using BUG_ON_HOT() in some key functions
    - MINOR: conn-stream: Improve API to have safe/unsafe accessors
    - MEDIUM: tree-wide: Use unsafe conn-stream API when it is relevant
    - CLEANUP: stream-int: Make si_cs_send() function static
    - REORG: stream-int: Uninline si_sync_recv() and make si_cs_recv() private
    - BUG/MEDIUM: mux-fcgi: Don't rely on SI src/dst addresses for FCGI health-checks
    - BUG/MEDIUM: htx: Fix a possible null derefs in htx_xfer_blks()
    - REGTESTS: fix the race conditions in normalize_uri.vtc
    - DEBUG: stream-int: Fix BUG_ON used to test appctx in si_applet_ops callbacks
    - BUILD: debug: fix build warning on older compilers around DEBUG_STRICT_ACTION
    - CLEANUP: connection: Indicate unreachability to the compiler in conn_recv_proxy
    - MINOR: connection: Transform safety check in PROXYv2 parsing into BUG_ON()
    - DOC: install: it's DEBUG_CFLAGS, not DEBUG, which is set to -g
    - DOC: install: describe the DEP variable
    - DOC: install: describe how to choose options used in the DEBUG variable
    - MINOR: queue: Replace if() + abort() with BUG_ON()
    - CLEANUP: adjust indentation in bidir STREAM handling function
    - MINOR: quic: simplify copy of STREAM frames to RX buffer
    - MINOR: quic: handle partially received buffered stream frame
    - MINOR: mux-quic: define flag for last received frame
    - BUG/MINOR: quic: support FIN on Rx-buffered STREAM frames
    - MEDIUM: quic: rearchitecture Rx path for bidirectional STREAM frames
    - REGTESTS: fix the race conditions in secure_memcmp.vtc
    - CLEANUP: stream: Remove useless tests on conn-stream in stream_dump()
    - BUILD: ssl: another build warning on LIBRESSL_VERSION_NUMBER
    - MINOR: quic: Ensure PTO timer is not set in the past
    - MINOR: quic: Post handshake I/O callback switching
    - MINOR: quic: Drop the packets of discarded packet number spaces
    - CLEANUP: quic: Useless tests in qc_try_rm_hp()
    - CLEANUP: quic: Indentation fix in qc_prep_pkts()
    - MINOR: quic: Assemble QUIC TLS flags at the same level
    - BUILD: conn_stream: avoid null-deref warnings on gcc 6
    - BUILD: connection: do not declare register_mux_proto() inline
    - BUILD: http_rules: do not declare http_*_keywords_registre() inline
    - BUILD: trace: do not declare trace_registre_source() inline
    - BUILD: tcpcheck: do not declare tcp_check_keywords_register() inline
    - DEBUG: reduce the footprint of BUG_ON() calls
    - BUG/MEDIUM: httpclient/lua: infinite appctx loop with POST
    - BUG/MINOR: pool: always align pool_heads to 64 bytes
    - DEV: udp: add a tiny UDP proxy for testing
    - DEV: udp: implement pseudo-random reordering/loss
    - DEV: udp: add an optional argument to set the prng seed
    - BUG/MINOR: quic: fix segfault on CC if mux uninitialized
    - BUG/MEDIUM: pools: fix ha_free() on area in the process of being freed
    - CLEANUP: tree-wide: remove a few rare non-ASCII chars
    - CI: coverity: simplify debugging options
    - CLEANUP: quic: complete ABORT_NOW with a TODO comment
    - MINOR: quic: qc_prep_app_pkts() implementation
    - MINOR: quic: Send short packet from a frame list
    - MINOR: quic: Make qc_build_frms() build ack-eliciting frames from a list
    - MINOR: quic: Export qc_send_app_pkts()
    - MINOR: mux-quic: refactor transport parameters init
    - MINOR: mux-quic: complete functions to detect stream type
    - MINOR: mux-quic: define new unions for flow-control fields
    - MEDIUM: mux-quic: use direct send transport API for STREAMs
    - MINOR: mux-quic: retry send opportunistically for remaining frames
    - MEDIUM: mux-quic: implement MAX_STREAMS emission for bidir streams
    - BUILD: fix kFreeBSD build.
    - MINOR: quic: Retry on qc_build_pkt() failures
    - BUG/MINOR: quic: Missing recovery start timer reset
    - CLEANUP: quic: Remove QUIC path manipulations out of the congestion controller
    - MINOR: quic: Add a "slow start" callback to congestion controller
    - MINOR: quic: Persistent congestion detection outside of controllers
    - CLEANUP: quic: Remove useless definitions from quic_cc_event struct
    - BUG/MINOR: quic: Confusion betwen "in_flight" and "prep_in_flight" in quic_path_prep_data()
    - MINOR: quic: More precise window update calculation
    - CLEANUP: quic: Remove window redundant variable from NewReno algorithm state struct
    - MINOR: quic: Add quic_max_int_by_size() function
    - BUG/MAJOR: quic: Wrong quic_max_available_room() returned value
    - MINOR: pools: add a new global option "no-memory-trimming"
    - BUG/MINOR: add missing modes in proxy_mode_str()
    - BUG/MINOR: cli: shows correct mode in "show sess"
    - BUG/MEDIUM: quic: do not drop packet on duplicate stream/decoding error
    - MINOR: stats: Add dark mode support for socket rows
    - BUILD: fix recent build breakage of freebsd caused by kFreeBSD build fix
    - BUG/MINOR: httpclient: Set conn-stream/channel EOI flags at the end of request
    - BUG/MINOR: hlua: Set conn-stream/channel EOI flags at the end of request
    - BUG/MINOR: stats: Set conn-stream/channel EOI flags at the end of request
    - BUG/MINOR: cache: Set conn-stream/channel EOI flags at the end of request
    - BUG/MINOR: promex: Set conn-stream/channel EOI flags at the end of request
    - BUG/MEDIUM: stream: Use the front analyzers for new listener-less streams
    - DEBUG: cache: Update underlying buffer when loading HTX message in cache applet
    - BUG/MEDIUM: mcli: Properly handle errors and timeouts during reponse processing
    - DEBUG: stream: Add the missing descriptions for stream trace events
    - DEBUG: stream: Fix stream trace message to print response buffer state
    - MINOR: proxy: Store monitor_uri as a `struct ist`
    - MINOR: proxy: Store fwdfor_hdr_name as a `struct ist`
    - MINOR: proxy: Store orgto_hdr_name as a `struct ist`
    - MEDIUM: proxy: Store server_id_hdr_name as a `struct ist`
    - CLEANUP: fcgi: Replace memcpy() on ist by istcat()
    - CLEANUP: fcgi: Use `istadv()` in `fcgi_strm_send_params`
    - BUG/MAJOR: mux-pt: Always destroy the backend connection on detach
    - DOC: sample fetch methods: move distcc_* to the right locations
    - MINOR: rules: record the last http/tcp rule that gave a final verdict
    - MINOR: stream: add "last_rule_file" and "last_rule_line" samples
    - BUG/MINOR: session: fix theoretical risk of memleak in session_accept_fd()
    - MINOR: quic: Add max_idle_timeout advertisement handling
    - MEDIUM: quic: Remove the QUIC connection reference counter
    - BUG/MINOR: quic: ACK_REQUIRED and ACK_RECEIVED flag collision
    - BUG/MINOR: quic: Missing check when setting the anti-amplification limit as reached
    - MINOR: quic: Add a function to compute the current PTO
    - MEDIUM: quic: Implement the idle timeout feature
    - BUG/MEDIUM: quic: qc_prep_app_pkts() retries on qc_build_pkt() failures
    - CLEANUP: quic: Comments fix for qc_prep_(app)pkts() functions
    - MINOR: mux-quic: prevent push frame for unidir streams
    - MINOR: mux-quic: improve opportunistic retry sending for STREAM frames
    - MINOR: quic: implement sending confirmation
    - MEDIUM: mux-quic: improve bidir STREAM frames sending
    - MEDIUM: check: do not auto configure SSL/PROXY for dynamic servers
    - REGTESTS: server: test SSL/PROXY with checks for dynamic servers
    - MEDIUM: server: remove experimental-mode for dynamic servers
    - BUG/MINOR: buffer: fix debugging condition in b_peek_varint()

2022/02/25 : 2.6-dev2
    - DOC: management: rework the Master CLI section
    - DOC: management: add expert and experimental mode in 9.4.1
    - CLEANUP: cleanup a commentary in pcli_parse_request()
    - BUG/MINOR: mworker/cli: don't display help on master applet
    - MINOR: mworker/cli: mcli-debug-mode enables every command
    - MINOR: mworker/cli: add flags in the prompt
    - BUG/MINOR: httpclient: Revisit HC request and response buffers allocation
    - BUG/MEDIUM: httpclient: Xfer the request when the stream is created
    - MINOR: httpclient: Don't limit data transfer to 1024 bytes
    - BUILD: ssl: adjust guard for X509_get_X509_PUBKEY(x)
    - REGTESTS: ssl: skip show_ssl_ocspresponse.vtc when BoringSSL is used
    - MINOR: quic: Do not modify a marked as consumed datagram
    - MINOR: quic: Wrong datagram buffer passed to quic_lstnr_dgram_dispatch()
    - MINOR: quic: Remove a useless test in quic_get_dgram_dcid()
    - BUG/MINOR: ssl: Remove empty lines from "show ssl ocsp-response <id>" output
    - CLEANUP: ssl: Remove unused ssl_sock_create_cert function
    - MINOR: ssl: Use high level OpenSSL APIs in sha2 converter
    - MINOR: ssl: Remove EC_KEY related calls when preparing SSL context
    - REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options
    - MINOR: ssl: Remove EC_KEY related calls when creating a certificate
    - REGTESTS: ssl: Add test for "generate-certificates" SSL option
    - MINOR: ssl: Remove call to SSL_CTX_set_tlsext_ticket_key_cb with OpenSSLv3
    - MINOR: ssl: Remove call to HMAC_Init_ex with OpenSSLv3
    - MINOR: h3: hardcode the stream id of control stream
    - MINOR: mux-quic: remove quic_transport_params_update
    - MINOR: quic: rename local tid variable
    - MINOR: quic: remove unused xprt rcv_buf operation
    - MINOR: quic: take out xprt snd_buf operation
    - CI: enable QUIC for Coverity scan
    - BUG/MINOR: mworker: does not erase the pidfile upon reload
    - MINOR: ssl: Remove call to ERR_func_error_string with OpenSSLv3
    - MINOR: ssl: Remove call to ERR_load_SSL_strings with OpenSSLv3
    - REGTESTS: ssl: Add tests for DH related options
    - MINOR: ssl: Create HASSL_DH wrapper structure
    - MINOR: ssl: Add ssl_sock_get_dh_from_bio helper function
    - MINOR: ssl: Factorize ssl_get_tmp_dh and append a cbk to its name
    - MINOR: ssl: Add ssl_sock_set_tmp_dh helper function
    - MINOR: ssl: Add ssl_sock_set_tmp_dh_from_pkey helper function
    - MINOR: ssl: Add ssl_new_dh_fromdata helper function
    - MINOR: ssl: Build local DH of right size when needed
    - MINOR: ssl: Set default dh size to 2048
    - MEDIUM: ssl: Replace all DH objects by EVP_PKEY on OpenSSLv3 (via HASSL_DH type)
    - MINOR: ssl: Remove calls to SSL_CTX_set_tmp_dh_callback on OpenSSLv3
    - MINOR: quic: Remove an RX buffer useless lock
    - MINOR: quic: Variable used before being checked in ha_quic_add_handshake_data()
    - MINOR: quic: EINTR error ignored
    - MINOR: quic: Potential overflow expression in qc_parse_frm()
    - MINOR: quic: Possible overflow in qpack_get_varint()
    - CLEANUP: h3: Unreachable target in h3_uqs_init()
    - MINOR: quic: Possible memleak in qc_new_conn()
    - MINOR: quic: Useless statement in quic_crypto_data_cpy()
    - BUG/MEDIUM: pools: ensure items are always large enough for the pool_cache_item
    - BUG/MINOR: pools: always flush pools about to be destroyed
    - CLEANUP: pools: don't needlessly set a call mark during refilling of caches
    - DEBUG: pools: add extra sanity checks when picking objects from a local cache
    - DEBUG: pools: let's add reverse mapping from cache heads to thread and pool
    - DEBUG: pools: replace the link pointer with the caller's address on pool_free()
    - BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks
    - MINOR: quic: use a global dghlrs for each thread
    - BUG/MEDIUM: quic: fix crash on CC if mux not present
    - MINOR: qpack: fix typo in trace
    - BUG/MINOR: quic: fix FIN stream signaling
    - BUG/MINOR: h3: fix the header length for QPACK decoding
    - MINOR: h3: remove transfer-encoding header
    - MINOR: h3: add documentation on h3_decode_qcs
    - MINOR: h3: set properly HTX EOM/BODYLESS on HEADERS parsing
    - MINOR: mux-quic: implement rcv_buf
    - MINOR: mux-quic: set EOS on rcv_buf
    - MINOR: h3: set CS_FL_NOT_FIRST
    - MINOR: h3: report frames bigger than rx buffer
    - MINOR: h3: extract HEADERS parsing in a dedicated function
    - MINOR: h3: implement DATA parsing
    - MINOR: quic: Wrong smoothed rtt initialization
    - MINOR: quic: Wrong loss delay computation
    - MINOR: quic: Code never reached in qc_ssl_sess_init()
    - MINOR: quic: ha_quic_set_encryption_secrets without server specific code
    - MINOR: quic: Avoid warning about NULL pointer dereferences
    - MINOR: quic: Useless test in quic_lstnr_dghdlr()
    - MINOR: quic: Non checked returned value for cs_new() in hq_interop_decode_qcs()
    - MINOR: h3: Dead code in h3_uqs_init()
    - MINOR: quic: Non checked returned value for cs_new() in h3_decode_qcs()
    - MINOR: quic: Possible frame parsers array overrun
    - MINOR: quic: Do not retransmit too much packets.
    - MINOR: quic: Move quic_rxbuf_pool pool out of xprt part
    - MINOR: h3: report error on HEADERS/DATA parsing
    - BUG/MINOR: jwt: Double free in deinit function
    - BUG/MINOR: jwt: Missing pkey free during cleanup
    - BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls
    - BUG/MINOR: httpclient/cli: display junk characters in vsn
    - MINOR: h3: remove unused return value on decode_qcs
    - BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies
    - BUG/MAJOR: spoe: properly detach all agents when releasing the applet
    - REGTESTS: server: close an occasional race on dynamic_server_ssl.vtc
    - REGTESTS: peers: leave a bit more time to peers to synchronize
    - BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change
    - BUG/MINOR: mux-h2: update the session's idle delay before creating the stream
    - BUG/MINOR: httpclient: reinit flags in httpclient_start()
    - BUG/MINOR: mailers: negotiate SMTP, not ESMTP
    - MINOR: httpclient: sets an alternative destination
    - MINOR: httpclient/lua: add 'dst' optionnal field
    - BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print
    - BUG/MINOR: ssl: Fix leak in "show ssl ocsp-response" CLI command
    - BUG/MINOR: ssl: Missing return value check in ssl_ocsp_response_print
    - CLEANUP: httpclient/cli: fix indentation alignment of the help message
    - BUG/MINOR: tools: url2sa reads ipv4 too far
    - BUG/MEDIUM: httpclient: limit transfers to the maximum available room
    - DEBUG: buffer: check in __b_put_blk() whether the buffer room is respected
    - MINOR: mux-quic: fix a possible null dereference in qc_timeout_task
    - BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
    - BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
    - BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
    - DEBUG: stream-int: Check CS_FL_WANT_ROOM is not set with an empty input buffer
    - MINOR: quic: do not modify offset node if quic_rx_strm_frm in tree
    - MINOR: h3: fix compiler warning variable set but not used
    - MINOR: mux-quic: fix uninitialized return on qc_send
    - MINOR: quic: fix handling of out-of-order received STREAM frames
    - MINOR: pools: mark most static pool configuration variables as read-mostly
    - CLEANUP: pools: remove the now unused pool_is_crowded()
    - REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
    - BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
    - MINOR: httpclient/lua: ability to set a server timeout
    - BUG/MINOR: httpclient/lua: missing pop for new timeout parameter
    - DOC: httpclient/lua: fix the type of the dst parameter
    - CLEANUP: httpclient: initialize the client in stage INIT not REGISTER
    - CLEANUP: muxes: do not use a dynamic trash in list_mux_protos()
    - CLEANUP: vars: move the per-process variables initialization to vars.c
    - CLEANUP: init: remove the ifdef on HAPROXY_MEMMAX
    - MINOR: pools: disable redundant poisonning on pool_free()
    - MINOR: pools: introduce a new pool_debugging global variable
    - MINOR: pools: switch the fail-alloc test to runtime only
    - MINOR: pools: switch DEBUG_DONT_SHARE_POOLS to runtime
    - MINOR: pools: add a new debugging flag POOL_DBG_COLD_FIRST
    - MINOR: pools: add a new debugging flag POOL_DBG_INTEGRITY
    - MINOR: pools: make the global pools a runtime option.
    - MEDIUM: pools: replace CONFIG_HAP_POOLS with a runtime "NO_CACHE" flag.
    - MINOR: pools: store the allocated size for each pool
    - MINOR: pools: get rid of POOL_EXTRA
    - MINOR: pools: replace DEBUG_POOL_TRACING with runtime POOL_DBG_CALLER
    - MINOR: pools: replace DEBUG_MEMORY_POOLS with runtime POOL_DBG_TAG
    - MINOR: pools: add a debugging flag for memory poisonning option
    - MEDIUM: initcall: move STG_REGISTER earlier
    - MEDIUM: init: split the early initialization in its own function
    - MINOR: init: extract args parsing to their own function
    - MEDIUM: init: handle arguments earlier
    - MINOR: pools: delegate parsing of command line option -dM to a new function
    - MINOR: pools: support setting debugging options using -dM
    - BUILD: makefile: enable both DEBUG_STRICT and DEBUG_MEMORY_POOLS by default
    - CI: github: enable pool debugging by default
    - DOC: Fix usage/examples of deprecated ACLs
    - DOC: internal: update the pools API to mention boot-time settings
    - DOC: design: add design thoughts for later simplification of the pools
    - DOC: design: commit the temporary design notes on thread groups
    - MINOR: stream-int: Handle appctx case first when releasing the endpoint
    - MINOR: connection: Be prepared to handle conn-stream with no connection
    - MINOR: stream: Handle appctx case first when creating a new stream
    - MINOR: connection: Add a function to detach a conn-stream from the connection
    - MINOR: stream-int: Add function to reset a SI endpoint
    - MINOR: stream-int: Add function to attach a connection to a SI
    - MINOR: stream-int: Be able to allocate a CS without connection
    - MEDIUM: stream: No longer release backend conn-stream on connection retry
    - MEDIUM: stream: Allocate backend CS when the stream is created
    - REORG: conn_stream: move conn-stream stuff in dedicated files
    - MEDIUM: conn-stream: No longer access connection field directly
    - MEDIUM: conn-stream: Be prepared to use an appctx as conn-stream endpoint
    - MAJOR: conn_stream/stream-int: move the appctx to the conn-stream
    - MEDIUM: applet: Set the conn-stream as appctx owner instead of the stream-int
    - MEDIUM: conn_stream: Add a pointer to the app object into the conn-stream
    - MINOR: stream: Add pointer to front/back conn-streams into stream struct
    - MINOR: stream: Slightly rework stream_new to separate CS/SI initialization
    - MINOR: stream-int: Always access the stream-int via the conn-stream
    - MINOR: backend: Always access the stream-int via the conn-stream
    - MINOR: stream: Always access the stream-int via the conn-stream
    - MINOR: http-ana: Always access the stream-int via the conn-stream
    - MINOR: cli: Always access the stream-int via the conn-stream
    - MINOR: log: Always access the stream-int via the conn-stream
    - MINOR: frontend: Always access the stream-int via the conn-stream
    - MINOR: proxy: Always access the stream-int via the conn-stream
    - MINOR: peers: Always access the stream-int via the conn-stream
    - MINOR: debug: Always access the stream-int via the conn-stream
    - MINOR: hlua: Always access the stream-int via the conn-stream
    - MINOR: cache: Always access the stream-int via the conn-stream
    - MINOR: dns: Always access the stream-int via the conn-stream
    - MINOR: http-act: Always access the stream-int via the conn-stream
    - MINOR: httpclient: Always access the stream-int via the conn-stream
    - MINOR: tcp-act: Always access the stream-int via the conn-stream
    - MINOR: sink: Always access the stream-int via the conn-stream
    - MINOR: conn-stream: Rename cs_detach() to cs_detach_endp()
    - CLEANUP: conn-stream: Don't export conn-stream pool
    - MAJOR: stream/conn_stream: Move the stream-interface into the conn-stream
    - CLEANUP: stream-int: rename si_reset() to si_init()
    - MINOR: conn-stream: Release a CS when both app and endp are detached
    - MINOR: stream: Don't destroy conn-streams but detach app and endp
    - MAJOR: check: Use a persistent conn-stream for health-checks
    - CLEANUP: conn-stream: Remove cs_destroy()
    - CLEANUP: backend: Don't export connect_server anymore
    - BUG/MINOR: h3/hq_interop: Fix CS and stream creation
    - BUILD: tree-wide: Avoid warnings about undefined entities retrieved from a CS
    - BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
    - BUG/MEDIUM: quic: fix received ACK stream calculation
    - BUILD: stream: fix build warning with older compilers
    - BUG/MINOR: debug: fix get_tainted() to properly read an atomic value
    - DEBUG: move the tainted stuff to bug.h for easier inclusion
    - DEBUG: cleanup back trace generation
    - DEBUG: cleanup BUG_ON() configuration
    - DEBUG: mark ABORT_NOW() as unreachable
    - DBEUG: add a new WARN_ON() macro
    - DEBUG: make the _BUG_ON() macro return the condition
    - DEBUG: add a new WARN_ON_ONCE() macro
    - DEBUG: report BUG_ON() and WARN_ON() in the tainted flags
    - MINOR: quic: adjust buffer handling for STREAM transmission
    - MINOR: quic: liberate the TX stream buffer after ACK processing
    - MINOR: quic: add a TODO for a memleak frame on ACK consume

2022/02/01 : 2.6-dev1
    - BUG/MINOR: cache: Fix loop on cache entries in "show cache"
    - BUG/MINOR: httpclient: allow to replace the host header
    - BUG/MINOR: lua: don't expose internal proxies
    - MEDIUM: mworker: seamless reload use the internal sockpairs
    - BUG/MINOR: lua: remove loop initial declarations
    - BUG/MINOR: mworker: does not add the -sf in wait mode
    - BUG/MEDIUM: mworker: FD leak of the eventpoll in wait mode
    - MINOR: quic: do not reject PADDING followed by other frames
    - REORG: quic: add comment on rare thread concurrence during CID alloc
    - CLEANUP: quic: add comments on CID code
    - MEDIUM: quic: handle CIDs to rattach received packets to connection
    - MINOR: qpack: support litteral field line with non-huff name
    - MINOR: quic: activate QUIC traces at compilation
    - MINOR: quic: use more verbose QUIC traces set at compile-time
    - MEDIUM: pool: refactor malloc_trim/glibc and jemalloc api addition detections.
    - MEDIUM: pool: support purging jemalloc arenas in trim_all_pools()
    - BUG/MINOR: mworker: deinit of thread poller was called when not initialized
    - BUILD: pools: only detect link-time jemalloc on ELF platforms
    - CI: github actions: add the output of $CC -dM -E-
    - BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time
    - BUILD: evports: remove a leftover from the dead_fd cleanup
    - MINOR: quic: Set "no_application_protocol" alert
    - MINOR: quic: More accurate immediately close.
    - MINOR: quic: Immediately close if no transport parameters extension found
    - MINOR: quic: Rename qc_prep_hdshk_pkts() to qc_prep_pkts()
    - MINOR: quic: Possible crash when inspecting the xprt context
    - MINOR: quic: Dynamically allocate the secrete keys
    - MINOR: quic: Add a function to derive the key update secrets
    - MINOR: quic: Add structures to maintain key phase information
    - MINOR: quic: Optional header protection key for quic_tls_derive_keys()
    - MINOR: quic: Add quic_tls_key_update() function for Key Update
    - MINOR: quic: Enable the Key Update process
    - MINOR: quic: Delete the ODCIDs asap
    - BUG/MINOR: vars: Fix the set-var and unset-var converters
    - MEDIUM: pool: Following up on previous pool trimming update.
    - BUG/MEDIUM: mux-h1: Fix splicing by properly detecting end of message
    - BUG/MINOR: mux-h1: Fix splicing for messages with unknown length
    - MINOR: mux-h1: Improve H1 traces by adding info about http parsers
    - MINOR: mux-h1: register a stats module
    - MINOR: mux-h1: add counters instance to h1c
    - MINOR: mux-h1: count open connections/streams on stats
    - MINOR: mux-h1: add stat for total count of connections/streams
    - MINOR: mux-h1: add stat for total amount of bytes received and sent
    - REGTESTS: h1: Add a script to validate H1 splicing support
    - BUG/MINOR: server: Don't rely on last default-server to init server SSL context
    - BUG/MEDIUM: resolvers: Detach query item on response error
    - MEDIUM: resolvers: No longer store query items in a list into the response
    - BUG/MAJOR: segfault using multiple log forward sections.
    - BUG/MEDIUM: h1: Properly reset h1m flags when headers parsing is restarted
    - BUG/MINOR: resolvers: Don't overwrite the error for invalid query domain name
    - BUILD: bug: Fix error when compiling with -DDEBUG_STRICT_NOCRASH
    - BUG/MEDIUM: sample: Fix memory leak in sample_conv_jwt_member_query
    - DOC: spoe: Clarify use of the event directive in spoe-message section
    - DOC: config: Specify %Ta is only available in HTTP mode
    - BUILD: tree-wide: avoid warnings caused by redundant checks of obj_types
    - IMPORT: slz: use the correct CRC32 instruction when running in 32-bit mode
    - MINOR: quic: fix segfault on CONNECTION_CLOSE parsing
    - MINOR: h3: add BUG_ON on control receive function
    - MEDIUM: xprt-quic: finalize app layer initialization after ALPN nego
    - MINOR: h3: remove duplicated FIN flag position
    - MAJOR: mux-quic: implement a simplified mux version
    - MEDIUM: mux-quic: implement release mux operation
    - MEDIUM: quic: detect the stream FIN
    - MINOR: mux-quic: implement subscribe on stream
    - MEDIUM: mux-quic: subscribe on xprt if remaining data after send
    - MEDIUM: mux-quic: wake up xprt on data transferred
    - MEDIUM: mux-quic: handle when sending buffer is full
    - MINOR: quic: RX buffer full due to wrong CRYPTO data handling
    - MINOR: quic: Race issue when consuming RX packets buffer
    - MINOR: quic: QUIC encryption level RX packets race issue
    - MINOR: quic: Delete remaining RX handshake packets
    - MINOR: quic: Remove QUIC TX packet length evaluation function
    - MINOR: hq-interop: fix tx buffering
    - MINOR: mux-quic: remove uneeded code to check fin on TX
    - MINOR: quic: add HTX EOM on request end
    - BUILD: mux-quic: fix compilation with DEBUG_MEM_STATS
    - MINOR: http-rules: Add capture action to http-after-response ruleset
    - BUG/MINOR: cli/server: Don't crash when a server is added with a custom id
    - MINOR: mux-quic: do not release qcs if there is remaining data to send
    - MINOR: quic: notify the mux on CONNECTION_CLOSE
    - BUG/MINOR: mux-quic: properly initialize flow control
    - MINOR: quic: Compilation fix for quic_rx_packet_refinc()
    - MINOR: h3: fix possible invalid dereference on htx parsing
    - DOC: config: retry-on list is space-delimited
    - DOC: config: fix error-log-format example
    - BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode
    - MINOR: hq-interop: refix tx buffering
    - REGTESTS: ssl: use X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY for cert check
    - MINOR: cli: "show version" displays the current process version
    - CLEANUP: cfgparse: modify preprocessor guards around numa detection code
    - MEDIUM: cfgparse: numa detect topology on FreeBSD.
    - BUILD: ssl: unbreak the build with newer libressl
    - MINOR: vars: Move UPDATEONLY flag test to vars_set_ifexist
    - MINOR: vars: Set variable type to ANY upon creation
    - MINOR: vars: Delay variable content freeing in var_set function
    - MINOR: vars: Parse optional conditions passed to the set-var converter
    - MINOR: vars: Parse optional conditions passed to the set-var actions
    - MEDIUM: vars: Enable optional conditions to set-var converter and actions
    - DOC: vars: Add documentation about the set-var conditions
    - REGTESTS: vars: Add new test for conditional set-var
    - MINOR: quic: Attach timer task to thread for the connection.
    - CLEANUP: quic_frame: Remove a useless suffix to STOP_SENDING
    - MINOR: quic: Add traces for STOP_SENDING frame and modify others
    - CLEANUP: quic: Remove cdata_len from quic_tx_packet struct
    - MINOR: quic: Enable TLS 0-RTT if needed
    - MINOR: quic: No TX secret at EARLY_DATA encryption level
    - MINOR: quic: Add quic_set_app_ops() function
    - MINOR: ssl_sock: Set the QUIC application from ssl_sock_advertise_alpn_protos.
    - MINOR: quic: Make xprt support 0-RTT.
    - MINOR: qpack: Missing check for truncated QPACK fields
    - CLEANUP: quic: Comment fix for qc_strm_cpy()
    - MINOR: hq_interop: Stop BUG_ON() truncated streams
    - MINOR: quic: Do not mix packet number space and connection flags
    - CLEANUP: quic: Shorten a litte bit the traces in lstnr_rcv_pkt()
    - MINOR: mux-quic: fix trace on stream creation
    - CLEANUP: quic: fix spelling mistake in a trace
    - CLEANUP: quic: rename quic_conn conn to qc in quic_conn_free
    - MINOR: quic: add missing lock on cid tree
    - MINOR: quic: rename constant for haproxy CIDs length
    - MINOR: quic: refactor concat DCID with address for Initial packets
    - MINOR: quic: compare coalesced packets by DCID
    - MINOR: quic: refactor DCID lookup
    - MINOR: quic: simplify the removal from ODCID tree
    - REGTESTS: vars: Remove useless ssl tunes from conditional set-var test
    - MINOR: ssl: Remove empty lines from "show ssl ocsp-response" output
    - MINOR: quic: Increase the RX buffer for each connection
    - MINOR: quic: Add a function to list remaining RX packets by encryption level
    - MINOR: quic: Stop emptying the RX buffer asap.
    - MINOR: quic: Do not expect to receive only one O-RTT packet
    - MINOR: quic: Do not forget STREAM frames received in disorder
    - MINOR: quic: Wrong packet refcount handling in qc_pkt_insert()
    - DOC: fix misspelled keyword "resolve_retries" in resolvers
    - CLEANUP: quic: rename quic_conn instances to qc
    - REORG: quic: move mux function outside of xprt
    - MINOR: quic: add reference to quic_conn in ssl context
    - MINOR: quic: add const qualifier for traces function
    - MINOR: trace: add quic_conn argument definition
    - MINOR: quic: use quic_conn as argument to traces
    - MINOR: quic: add quic_conn instance in traces for qc_new_conn
    - MINOR: quic: Add stream IDs to qcs_push_frame() traces
    - MINOR: quic: unchecked qc_retrieve_conn_from_cid() returned value
    - MINOR: quic: Wrong dropped packet skipping
    - MINOR: quic: Handle the cases of overlapping STREAM frames
    - MINOR: quic: xprt traces fixes
    - MINOR: quic: Drop asap Retry or Version Negotiation packets
    - MINOR: pools: work around possibly slow malloc_trim() during gc
    - DEBUG: ssl: make sure we never change a servername on established connections
    - MINOR: quic: Add traces for RX frames (flow control related)
    - MINOR: quic: Add CONNECTION_CLOSE phrase to trace
    - REORG: quic: remove qc_ prefix on functions which not used it directly
    - BUG/MINOR: quic: upgrade rdlock to wrlock for ODCID removal
    - MINOR: quic: remove unnecessary call to free_quic_conn_cids()
    - MINOR: quic: store ssl_sock_ctx reference into quic_conn
    - MINOR: quic: remove unnecessary if in qc_pkt_may_rm_hp()
    - MINOR: quic: replace usage of ssl_sock_ctx by quic_conn
    - MINOR: quic: delete timer task on quic_close()
    - MEDIUM: quic: implement refcount for quic_conn
    - BUG/MINOR: quic: fix potential null dereference
    - BUG/MINOR: quic: fix potential use of uninit pointer
    - BUG/MEDIUM: backend: fix possible sockaddr leak on redispatch
    - BUG/MEDIUM: peers: properly skip conn_cur from incoming messages
    - CI: Github Actions: do not show VTest failures if build failed
    - BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time
    - MINOR: compat: detect support for dl_iterate_phdr()
    - MINOR: debug: add ability to dump loaded shared libraries
    - MINOR: debug: add support for -dL to dump library names at boot
    - BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server
    - REGTESTS: ssl: fix ssl_default_server.vtc
    - BUG/MINOR: ssl: free the fields in srv->ssl_ctx
    - BUG/MEDIUM: ssl: free the ckch instance linked to a server
    - REGTESTS: ssl: update of a crt with server deletion
    - BUILD/MINOR: cpuset FreeBSD 14 build fix.
    - MINOR: pools: always evict oldest objects first in pool_evict_from_local_cache()
    - DOC: pool: document the purpose of various structures in the code
    - CLEANUP: pools: do not use the extra pointer to link shared elements
    - CLEANUP: pools: get rid of the POOL_LINK macro
    - MINOR: pool: allocate from the shared cache through the local caches
    - CLEANUP: pools: group list updates in pool_get_from_cache()
    - MINOR: pool: rely on pool_free_nocache() in pool_put_to_shared_cache()
    - MINOR: pool: make pool_is_crowded() always true when no shared pools are used
    - MINOR: pool: check for pool's fullness outside of pool_put_to_shared_cache()
    - MINOR: pool: introduce pool_item to represent shared pool items
    - MINOR: pool: add a function to estimate how many may be released at once
    - MEDIUM: pool: compute the number of evictable entries once per pool
    - MINOR: pools: prepare pool_item to support chained clusters
    - MINOR: pools: pass the objects count to pool_put_to_shared_cache()
    - MEDIUM: pools: centralize cache eviction in a common function
    - MEDIUM: pools: start to batch eviction from local caches
    - MEDIUM: pools: release cached objects in batches
    - OPTIM: pools: reduce local pool cache size to 512kB
    - CLEANUP: assorted typo fixes in the code and comments This is 29th iteration of typo fixes
    - CI: github actions: update OpenSSL to 3.0.1
    - BUILD/MINOR: tools: solaris build fix on dladdr.
    - BUG/MINOR: cli: fix _getsocks with musl libc
    - BUG/MEDIUM: http-ana: Preserve response's FLT_END analyser on L7 retry
    - MINOR: quic: Wrong traces after rework
    - MINOR: quic: Add trace about in flight bytes by packet number space
    - MINOR: quic: Wrong first packet number space computation
    - MINOR: quic: Wrong packet number space computation for PTO
    - MINOR: quic: Wrong loss time computation in qc_packet_loss_lookup()
    - MINOR: quic: Wrong ack_delay compution before calling quic_loss_srtt_update()
    - MINOR: quic: Remove nb_pto_dgrams quic_conn struct member
    - MINOR: quic: Wrong packet number space trace in qc_prep_pkts()
    - MINOR: quic: Useless test in qc_prep_pkts()
    - MINOR: quic: qc_prep_pkts() code moving
    - MINOR: quic: Speeding up Handshake Completion
    - MINOR: quic: Probe Initial packet number space more often
    - MINOR: quic: Probe several packet number space upon timer expiration
    - MINOR: quic: Comment fix.
    - MINOR: quic: Improve qc_prep_pkts() flexibility
    - MINOR: quic: Do not drop secret key but drop the CRYPTO data
    - MINOR: quic: Prepare Handshake packets asap after completed handshake
    - MINOR: quic: Flag asap the connection having reached the anti-amplification limit
    - MINOR: quic: PTO timer too often reset
    - MINOR: quic: Re-arm the PTO timer upon datagram receipt
    - MINOR: proxy: add option idle-close-on-response
    - MINOR: cpuset: switch to sched_setaffinity for FreeBSD 14 and above.
    - CI: refactor spelling check
    - CLEANUP: assorted typo fixes in the code and comments
    - BUILD: makefile: add -Wno-atomic-alignment to work around clang abusive warning
    - MINOR: quic: Only one CRYPTO frame by encryption level
    - MINOR: quic: Missing retransmission from qc_prep_fast_retrans()
    - MINOR: quic: Non-optimal use of a TX buffer
    - BUG/MEDIUM: mworker: don't use _getsocks in wait mode
    - BUG/MINOR: ssl: Store client SNI in SSL context in case of ClientHello error
    - BUG/MAJOR: mux-h1: Don't decrement .curr_len for unsent data
    - DOC: internals: document the pools architecture and API
    - CI: github actions: clean default step conditions
    - BUILD: cpuset: fix build issue on macos introduced by previous change
    - MINOR: quic: Remaining TRACEs with connection as firt arg
    - MINOR: quic: Reset ->conn quic_conn struct member when calling qc_release()
    - MINOR: quic: Flag the connection as being attached to a listener
    - MINOR: quic: Wrong CRYPTO frame concatenation
    - MINOR: quid: Add traces quic_close() and quic_conn_io_cb()
    - REGTESTS: ssl: Fix ssl_errors regtest with OpenSSL 1.0.2
    - MINOR: quic: Do not dereference ->conn quic_conn struct member
    - MINOR: quic: fix return of quic_dgram_read
    - MINOR: quic: add config parse source file
    - MINOR: quic: implement Retry TLS AEAD tag generation
    - MEDIUM: quic: implement Initial token parsing
    - MINOR: quic: define retry_source_connection_id TP
    - MEDIUM: quic: implement Retry emission
    - MINOR: quic: free xprt tasklet on its thread
    - BUG/MEDIUM: connection: properly leave stopping list on error
    - MINOR: pools: enable pools with DEBUG_FAIL_ALLOC as well
    - MINOR: quic: As server, skip 0-RTT packet number space
    - MINOR: quic: Do not wakeup the I/O handler before the mux is started
    - BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer
    - CI: github actions: use cache for OpenTracing
    - BUG/MINOR: httpclient: don't send an empty body
    - BUG/MINOR: httpclient: set default Accept and User-Agent headers
    - BUG/MINOR: httpclient/lua: don't pop the lua stack when getting headers
    - BUILD/MINOR: fix solaris build with clang.
    - BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl
    - CI: refactor OpenTracing build script
    - DOC: management: mark "set server ssl" as deprecated
    - MEDIUM: cli: yield between each pipelined command
    - MINOR: channel: add new function co_getdelim() to support multiple delimiters
    - BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands
    - MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change
    - MINOR: quic: Retransmit the TX frames in the same order
    - MINOR: quic: Remove the packet number space TX MT_LIST
    - MINOR: quic: Splice the frames which could not be added to packets
    - MINOR: quic: Add the number of TX bytes to traces
    - CLEANUP: quic: Replace <nb_pto_dgrams> by <probe>
    - MINOR: quic: Send two ack-eliciting packets when probing packet number spaces
    - MINOR: quic: Probe regardless of the congestion control
    - MINOR: quic: Speeding up handshake completion
    - MINOR: quic: Release RX Initial packets asap
    - MINOR: quic: Release asap TX frames to be transmitted
    - MINOR: quic: Probe even if coalescing
    - BUG/MEDIUM: cli: Never wait for more data on client shutdown
    - BUG/MEDIUM: mcli: do not try to parse empty buffers
    - BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them
    - BUG/MINOR: stream: make the call_rate only count the no-progress calls
    - MINOR: quic: do not use quic_conn after dropping it
    - MINOR: quic: adjust quic_conn refcount decrement
    - MINOR: quic: fix race-condition on xprt tasklet free
    - MINOR: quic: free SSL context on quic_conn free
    - MINOR: quic: Add QUIC_FT_RETIRE_CONNECTION_ID parsing case
    - MINOR: quic: Wrong packet number space selection
    - DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY
    - MINOR: quic: add missing include in quic_sock
    - MINOR: quic: fix indentation in qc_send_ppkts
    - MINOR: quic: remove dereferencement of connection when possible
    - MINOR: quic: set listener accept cb on parsing
    - MEDIUM: quic/ssl: add new ex data for quic_conn
    - MINOR: quic: initialize ssl_sock_ctx alongside the quic_conn
    - MINOR: ssl: fix build in release mode
    - MINOR: pools: partially uninline pool_free()
    - MINOR: pools: partially uninline pool_alloc()
    - MINOR: pools: prepare POOL_EXTRA to be split into multiple extra fields
    - MINOR: pools: extend pool_cache API to pass a pointer to a caller
    - DEBUG: pools: add new build option DEBUG_POOL_TRACING
    - DEBUG: cli: add a new "debug dev fd" expert command
    - MINOR: fd: register the write side of the poller pipe as well
    - CI: github actions: use cache for SSL libs
    - BUILD: debug/cli: condition test of O_ASYNC to its existence
    - BUILD: pools: fix build error on DEBUG_POOL_TRACING
    - MINOR: quic: refactor header protection removal
    - MINOR: quic: handle app data according to mux/connection layer status
    - MINOR: quic: refactor app-ops initialization
    - MINOR: receiver: define a flag for local accept
    - MEDIUM: quic: flag listener for local accept
    - MINOR: quic: do not manage connection in xprt snd_buf
    - MINOR: quic: remove wait handshake/L6 flags on init connection
    - MINOR: listener: add flags field
    - MINOR: quic: define QUIC flag on listener
    - MINOR: quic: create accept queue for QUIC connections
    - MINOR: listener: define per-thr struct
    - MAJOR: quic: implement accept queue
    - CLEANUP: mworker: simplify mworker_free_child()
    - BUILD/DEBUG: lru: update the standalone code to support the revision
    - DEBUG: lru: use a xorshift generator in the testing code
    - BUG/MAJOR: compiler: relax alignment constraints on certain structures
    - BUG/MEDIUM: fd: always align fdtab[] to 64 bytes
    - MINOR: quic: No DCID length for datagram context
    - MINOR: quic: Comment fix about the token found in Initial packets
    - MINOR: quic: Get rid of a struct buffer in quic_lstnr_dgram_read()
    - MINOR: quic: Remove the QUIC haproxy server packet parser
    - MINOR: quic: Add new defintion about DCIDs offsets
    - MINOR: quic: Add a list to QUIC sock I/O handler RX buffer
    - MINOR: quic: Allocate QUIC datagrams from sock I/O handler
    - MINOR: proto_quic: Allocate datagram handlers
    - MINOR: quic: Pass CID as a buffer to quic_get_cid_tid()
    - MINOR: quic: Convert quic_dgram_read() into a task
    - CLEANUP: quic: Remove useless definition
    - MINOR: proto_quic: Wrong allocations for TX rings and RX bufs
    - MINOR: quic: Do not consume the RX buffer on QUIC sock i/o handler side
    - MINOR: quic: Do not reset a full RX buffer
    - MINOR: quic: Attach all the CIDs to the same connection
    - MINOR: quic: Make usage of by datagram handler trees
    - MEDIUM: da: new optional data file download scheduler service.
    - MEDIUM: da: update doc and build for new scheduler mode service.
    - MEDIUM: da: update module to handle schedule mode.
    - MINOR: quic: Drop Initial packets with wrong ODCID
    - MINOR: quic: Wrong RX buffer tail handling when no more contiguous data
    - MINOR: quic: Iterate over all received datagrams
    - MINOR: quic: refactor quic CID association with threads
    - BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names
    - DEV: flags: Add missing flags
    - BUG/MINOR: sink: Use the right field in appctx context in release callback
    - MINOR: sock: move the unused socket cleaning code into its own function
    - BUG/MEDIUM: mworker: close unused transferred FDs on load failure
    - BUILD: atomic: make the old HA_ATOMIC_LOAD() support const pointers
    - BUILD: cpuset: do not use const on the source of CPU_AND/CPU_ASSIGN
    - BUILD: checks: fix inlining issue on set_srv_agent_[addr,port}
    - BUILD: vars: avoid overlapping field initialization
    - BUILD: server-state: avoid using not-so-portable isblank()
    - BUILD: mux_fcgi: avoid aliasing of a const struct in traces
    - BUILD: tree-wide: mark a few numeric constants as explicitly long long
    - BUILD: tools: fix warning about incorrect cast with dladdr1()
    - BUILD: task: use list_to_mt_list() instead of casting list to mt_list
    - BUILD: mworker: include tools.h for platforms without unsetenv()
    - BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload
    - MINOR: mworker: set the master side of ipc_fd in the worker to -1
    - MINOR: mworker: allocate and initialize a mworker_proc
    - CI: Consistently use actions/checkout@v2
    - REGTESTS: Remove REQUIRE_VERSION=1.8 from all tests
    - MINOR: mworker: sets used or closed worker FDs to -1
    - MINOR: quic: Try to accept 0-RTT connections
    - MINOR: quic: Do not try to treat 0-RTT packets without started mux
    - MINOR: quic: Do not try to accept a connection more than one time
    - MINOR: quic: Initialize the connection timer asap
    - MINOR: quic: Do not use connection struct xprt_ctx too soon
    - Revert "MINOR: mworker: sets used or closed worker FDs to -1"
    - BUILD: makefile: avoid testing all -Wno-* options when not needed
    - BUILD: makefile: validate support for extra warnings by batches
    - BUILD: makefile: only compute alternative options if required
    - DEBUG: fd: make sure we never try to insert/delete an impossible FD number
    - MINOR: mux-quic: add comment
    - MINOR: mux-quic: properly initialize qcc flags
    - MINOR: mux-quic: do not consider CONNECTION_CLOSE for the moment
    - MINOR: mux-quic: create a timeout task
    - MEDIUM: mux-quic: delay the closing with the timeout
    - MINOR: mux-quic: release idle conns on process stopping
    - MINOR: listener: replace the listener's spinlock with an rwlock
    - BUG/MEDIUM: listener: read-lock the listener during accept()
    - MINOR: mworker/cli: set expert/experimental mode from the CLI

2021/11/23 : 2.6-dev0
    - MINOR: version: it's development again

2021/11/23 : 2.5.0
    - BUILD: SSL: add quictls build to scripts/build-ssl.sh
    - BUILD: SSL: add QUICTLS to build matrix
    - CLEANUP: sock: Wrap `accept4_broken = 1` into additional parenthesis
    - BUILD: cli: clear a maybe-unused  warning on some older compilers
    - BUG/MEDIUM: cli: make sure we can report a warning from a bind keyword
    - BUG/MINOR: ssl: make SSL counters atomic
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
    - MINOR: version: mention that it's stable now

2021/11/19 : 2.5-dev15
    - BUG/MINOR: stick-table/cli: Check for invalid ipv6 key
    - CLEANUP: peers: Remove useless test on peer variable in peer_trace()
    - DOC: log: Add comments to specify when session's listener is defined or not
    - BUG/MEDIUM: mux-h1: Handle delayed silent shut in h1_process() to release H1C
    - REGTESTS: ssl_crt-list_filters: feature cmd incorrectly set
    - DOC: internals: document the list API
    - BUG/MINOR: h3: ignore unknown frame types
    - MINOR: quic: redirect app_ops snd_buf through mux
    - MEDIUM: quic: inspect ALPN to install app_ops
    - MINOR: quic: support hq-interop
    - MEDIUM: quic: send version negotiation packet on unknown version
    - BUG/MEDIUM: mworker: cleanup the listeners when reexecuting
    - DOC: internals: document the scheduler API
    - BUG/MINOR: quic: fix version negotiation packet generation
    - CLEANUP: ssl: fix wrong #else commentary
    - MINOR: config: support default values for environment variables
    - SCRIPTS: run-regtests: reduce the number of processes needed to check options
    - SCRIPT: run-regtests: avoid several calls to grep to test for features
    - SCRIPT: run-regtests: avoid calling awk to compute the version
    - REGTEST: set retries count to zero for all tests that expect at 503
    - REGTESTS: make tcp-check_min-recv fail fast
    - REGTESTS: extend the default I/O timeouts and make them overridable
    - BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3
    - BUG/MEDIUM: ssl: abort with the correct SSL error when SNI not found
    - REGTESTS: ssl: test the TLS resumption
    - BUILD: makefile: stop opening sub-shells for each and every command
    - BUILD: makefile: reorder objects by build time
    - BUG/MEDIUM: mux-h2: always process a pending shut read
    - MINOR: quic_sock: missing CO_FL_ADDR_TO_SET flag
    - MINOR: quic: Possible wrong connection identification
    - MINOR: quic: Correctly pad UDP datagrams
    - MINOR: quic: Support transport parameters draft TLS extension
    - MINOR: quic: Anti-amplification implementation
    - MINOR: quic: Wrong Initial packet connection initialization
    - MINOR: quic: Wrong ACK range building
    - MINOR: quic: Update some QUIC protocol errors
    - MINOR: quic: Send CONNECTION_CLOSE frame upon TLS alert
    - MINOR: quic: Wrong largest acked packet number parsing
    - MINOR: quic: Add minimalistic support for stream flow control frames
    - MINOR: quic: Wrong value for version negotiation packet 'Unused' field
    - MINOR: quic: Support draft-29 QUIC version
    - BUG/MINOR: quic: fix segfault on trace for version negotiation
    - BUG/MINOR: hq-interop: fix potential NULL dereference
    - BUILD: quic: fix potential NULL dereference on xprt_quic
    - DOC: lua: documentation about the httpclient API
    - BUG/MEDIUM: cache/cli: make "show cache" thread-safe
    - BUG/MEDIUM: shctx: leave the block allocator when enough blocks are found
    - BUG/MINOR: shctx: do not look for available blocks when the first one is enough
    - MINOR: shctx: add a few BUG_ON() for consistency checks

2021/11/14 : 2.5-dev14
    - DEV: coccinelle: Remove unused `expression e`
    - DEV: coccinelle: Add rule to use `istend()` where possible
    - CLEANUP: Apply ist.cocci
    - CLEANUP: Re-apply xalloc_size.cocci
    - CLEANUP: halog: make the default usage message fit in small screens
    - MINOR: h3/qpack: fix gcc11 warnings
    - MINOR: mux-quic: fix gcc11 warning
    - MINOR: h3: fix potential NULL dereference
    - MINOR: quic: Fix potential null pointer dereference
    - CLEANUP: halog: remove unused strl2ui()
    - OPTIM: halog: improve field parser speed for modern compilers
    - OPTIM: halog: skip fields 64 bits at a time when supported
    - DEV: coccinelle: Add rule to use `isttrim()` where possible
    - CLEANUP: Apply ist.cocci
    - DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_memcat()`
    - DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_strncat()`
    - CLEANUP: Apply ist.cocci
    - CLEANUP: chunk: Remove duplicated chunk_Xcat implementation
    - CLEANUP: chunk: remove misleading chunk_strncat() function
    - BUG/MINOR: cache: properly ignore unparsable max-age in quotes
    - Revert "DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_strncat()`"
    - DOC: stats: fix location of the text representation
    - DOC: internals: document the IST API
    - BUG/MINOR: httpclient/lua: rcv freeze when no request payload
    - BUG/MEDIUM: httpclient: channel_add_input() must use htx->data
    - MINOR: promex: backend aggregated server check status
    - DOC: config: Fix typo in ssl_fc_unique_id description
    - BUG/MINOR: http-ana: Apply stop to the current section for http-response rules
    - Revert "BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back"
    - DOC: config: Be more explicit in "allow" actions description
    - DOC: lua: Be explicit with the Reply object limits
    - MINOR: mux-h1: Slightly Improve H1 traces
    - BUG/MEDIUM: conn-stream: Don't reset CS flags on close
    - CLEANUP: mworker: remove any relative PID reference
    - MEDIUM: mworker: reexec in waitpid mode after successful loading
    - MINOR: mworker: clarify starting/failure messages
    - MINOR: mworker: only increment the number of reload in wait mode
    - MINOR: mworker: implement a reload failure counter
    - MINOR: mworker: ReloadFailed shown depending on failedreload
    - MINOR: mworker: change the way we set PROC_O_LEAVING
    - BUG/MINOR: mworker: doesn't launch the program postparser
    - DOC: management: edit the "show proc" example to show the current output
    - BUG/MEDIUM: httpclient/cli: free of unallocated hc->req.uri
    - REGTESTS: httpclient/lua: add greater body values
    - BUG/MINOR: mux-h2: Fix H2_CF_DEM_SHORT_READ value
    - BUG/MINOR: pools: don't mark ourselves as harmless in DEBUG_UAF mode
    - BUG/MEDIUM: connection: make cs_shutr/cs_shutw//cs_close() idempotent
    - BUILD: makefile: simplify detection of libatomic

2021/11/06 : 2.5-dev13
    - SCRIPTS: git-show-backports: re-enable file-based filtering
    - MINOR: jwt: Make invalid static JWT algorithms an error in `jwt_verify` converter
    - MINOR: mux-h2: add trace on extended connect usage
    - BUG/MEDIUM: mux-h2: reject upgrade if no RFC8441 support
    - MINOR: stream/mux: implement websocket stream flag
    - MINOR: connection: implement function to update ALPN
    - MINOR: connection: add alternative mux_ops param for conn_install_mux_be
    - MEDIUM: server/backend: implement websocket protocol selection
    - MINOR: server: add ws keyword
    - BUG/MINOR: resolvers: fix sent messages were counted twice
    - BUG/MINOR: resolvers: throw log message if trash not large enough for query
    - MINOR: resolvers/dns: split dns and resolver counters in dns_counter struct
    - MEDIUM: resolvers: rename dns extra counters to resolvers extra counters
    - BUG/MINOR: jwt: Fix jwt_parse_alg incorrectly returning JWS_ALG_NONE
    - DOC: add QUIC instruction in INSTALL
    - CLEANUP: halog: Remove dead stores
    - DEV: coccinelle: Add ha_free.cocci
    - CLEANUP: Apply ha_free.cocci
    - DEV: coccinelle: Add rule to use `istnext()` where possible
    - CLEANUP: Apply ist.cocci
    - REGTESTS: Use `feature cmd` for 2.5+ tests (2)
    - DOC: internals: move some API definitions to an "api" subdirectory
    - MINOR: quic: Allocate listener RX buffers
    - CLEANUP: quic: Remove useless code
    - MINOR: quic: Enhance the listener RX buffering part
    - MINOR: quic: Remove a useless lock for CRYPTO frames
    - MINOR: quic: Use QUIC_LOCK QUIC specific lock label.
    - MINOR: backend: Get client dst address to set the server's one only if needful
    - MINOR: compression: Warn for 'compression offload' in defaults sections
    - MEDIUM: connection: rename fc_conn_err and bc_conn_err to fc_err and bc_err
    - DOC: configuration: move the default log formats to their own section
    - MINOR: ssl: make the ssl_fc_sni() sample-fetch function always available
    - MEDIUM: log: add the client's SNI to the default HTTPS log format
    - DOC: config: add an example of reasonably complete error-log-format
    - DOC: config: move error-log-format before custom log format

2021/11/02 : 2.5-dev12
    - MINOR: httpclient: support payload within a buffer
    - MINOR: httpclient/lua: support more HTTP methods
    - MINOR: httpclient/lua: return an error when it can't generate the request
    - CLEANUP: lua: Remove any ambiguities about lua txn execution context flags
    - BUG/MEDIUM: lua: fix invalid return types in hlua_http_msg_get_body
    - CLEANUP: connection: No longer export make_proxy_line_v1/v2 functions
    - CLEANUP: tools: Use const address for get_net_port() and get_host_port()
    - CLEANUP: lua: Use a const address to retrieve info about a connection
    - MINOR: connection: Add function to get src/dst without updating the connection
    - MINOR: session: Add src and dst addresses to the session
    - MINOR: stream-int: Add src and dst addresses to the stream-interface
    - MINOR: frontend: Rely on client src and dst addresses at stream level
    - MINOR: log: Rely on client addresses at the appropriate level to log messages
    - MINOR: session: Rely on client source address at session level to log error
    - MINOR: http-ana: Rely on addresses at stream level to set xff and xot headers
    - MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches
    - MINOR: mux-fcgi: Rely on client addresses at stream level to set default params
    - MEDIUM: tcp-sample: Rely on addresses at the appropriate level in tcp samples
    - MEDIUM: connection: Rely on addresses at stream level to make proxy line
    - MEDIUM: backend: Rely on addresses at stream level to init server connection
    - MEDIUM: connection: Assign session addresses when PROXY line is received
    - MEDIUM: connection: Assign session addresses when NetScaler CIP proto is parsed
    - MEDIUM: tcp-act: Set addresses at the apprioriate level in set-(src/dst) actions
    - MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
    - DOC: config: Fix alphabetical order of fc_* samples
    - MINOR: tcp-sample: Add samples to get original info about client connection
    - REGTESTS: Add script to test client src/dst manipulation at different levels
    - MINOR: stream: Use backend stream-interface dst address instead of target_addr
    - BUILD: log: Fix compilation without SSL support
    - DEBUG: protocol: yell loudly during registration of invalid sock_domain
    - MINOR: protocols: add a new protocol type selector
    - MINOR: protocols: make use of the protocol type to select the protocol
    - MINOR: protocols: replace protocol_by_family() with protocol_lookup()
    - MINOR: halog: Add -qry parameter allowing to preserve the query string in -uX
    - CLEANUP: jwt: Remove the use of a trash buffer in jwt_jwsverify_hmac()
    - CLEANUP: jwt: Remove the use of a trash buffer in jwt_jwsverify_rsa_ecdsa()
    - DEV: coccinelle: Add realloc_leak.cocci
    - CLEANUP: hlua: Remove obsolete branch in `hlua_alloc()`
    - BUILD: atomic: prefer __atomic_compare_exchange_n() for __ha_cas_dw()
    - BUILD: atomic: fix build on mac/arm64
    - MINOR: atomic: remove the memcpy() call and dependency on string.h
    - MINOR: httpclient: request streaming with a callback
    - MINOR: httpclient/lua: handle the streaming into the lua applet
    - REGTESTS: lua: test httpclient with body streaming
    - DOC: halog: Move the `-qry` parameter into the correct section in help text
    - MINOR: halog: Rename -qry to -query
    - CLEANUP: halog: Use consistent indentation in help()
    - BUG/MINOR: halog: Add missing newlines in die() messages
    - MINOR: halog: Add support for extracting captures using -hdr
    - DOC: Typo fixed "it" should be "is"
    - BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed
    - BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released
    - BUG/MEDIUM: resolvers: Don't recursively perform requester unlink
    - BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
    - BUG/MINOR: http: Authorization value can have multiple spaces after the scheme
    - BUG/MINOR: http: http_auth_bearer fetch does not work on custom header name
    - BUG/MINOR: httpclient/lua: misplaced luaL_buffinit()
    - BUILD/MINOR: cpuset freebsd build fix
    - BUG/MINOR: httpclient: use a placeholder value for Host header
    - BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data
    - BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions
    - MINOR: stream: Improve dump of bogus streams
    - DOC/peers: some grammar fixes for peers 2.1 spec
    - MEDIUM: vars: make the var() sample fetch function really return type ANY
    - MINOR: vars: add "set-var" for "tcp-request connection" rules.

2021/10/22 : 2.5-dev11
    - DEV: coccinelle: Add strcmp.cocci
    - CLEANUP: Apply strcmp.cocci
    - CI: Add `permissions` to GitHub Actions
    - CI: Clean up formatting in GitHub Action definitions
    - MINOR: add ::1 to predefined LOCALHOST acl
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: Consistently `unsigned int` for bitfields
    - MEDIUM: resolvers: lower-case labels when converting from/to DNS names
    - MEDIUM: resolvers: replace bogus resolv_hostname_cmp() with memcmp()
    - MINOR: jwt: Empty the certificate tree during deinit
    - MINOR: jwt: jwt_verify returns negative values in case of error
    - MINOR: jwt: Do not rely on enum order anymore
    - BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
    - MINOR: httpclient/cli: access should be only done from expert mode
    - DOC: management: doc about the CLI httpclient
    - BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors
    - BUG/MAJOR: dns: tcp session can remain attached to a list after a free
    - BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier
    - CLEANUP: dns: always detach the appctx from the dns session on release
    - DEBUG: dns: add a few more BUG_ON at sensitive places
    - BUG/MAJOR: resolvers: add other missing references during resolution removal
    - CLEANUP: resolvers: do not export resolv_purge_resolution_answer_records()
    - BUILD: resolvers: avoid a possible warning on null-deref
    - BUG/MEDIUM: resolvers: always check a valid item in query_list
    - CLEANUP: always initialize the answer_list
    - CLEANUP: resolvers: simplify resolv_link_resolution() regarding requesters
    - CLEANUP: resolvers: replace all LIST_DELETE with LIST_DEL_INIT
    - MEDIUM: resolvers: use a kill list to preserve the list consistency
    - MEDIUM: resolvers: remove the last occurrences of the "safe" argument
    - BUG/MEDIUM: checks: fix the starting thread for external checks
    - MEDIUM: resolvers: replace the answer_list with a (flat) tree
    - MEDIUM: resolvers: hash the records before inserting them into the tree
    - BUG/MAJOR: buf: fix varint API post- vs pre- increment
    - OPTIM: resolvers: move the eb32 node before the data in the answer_item
    - MINOR: list: add new macro LIST_INLIST_ATOMIC()
    - OPTIM: dns: use an atomic check for the list membership
    - BUG/MINOR: task: do not set TASK_F_USR1 for no reason
    - BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
    - MINOR: connection: add a new CO_FL_WANT_DRAIN flag to force drain on close
    - MINOR: mux-h2: perform a full cycle shutdown+drain on close
    - CLEANUP: resolvers: get rid of single-iteration loop in resolv_get_ip_from_response()
    - MINOR: quic: Increase the size of handshake RX UDP datagrams
    - BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems
    - MINOR: memprof: report the delta between alloc and free on realloc()
    - MINOR: memprof: add one pointer size to the size of allocations
    - BUILD: fix compilation on NetBSD
    - MINOR: backend: add traces for idle connections reuse
    - BUG/MINOR: backend: fix improper insert in avail tree for always reuse
    - MINOR: backend: improve perf with tcp proxies skipping idle conns
    - MINOR: connection: remove unneeded memset 0 for idle conns

2021/10/16 : 2.5-dev10
    - MINOR: initcall: Rename __GLOBL and __GLOBL1.
    - MINOR: rules: add a new function new_act_rule() to allocate act_rules
    - MINOR: rules: add a file name and line number to act_rules
    - MINOR: stream: report the current rule in "show sess all" when known
    - MINOR: stream: report the current filter in "show sess all" when known
    - CLEANUP: stream: Properly indent current_rule line in "show sess all"
    - BUG/MINOR: lua: Fix lua error handling in `hlua_config_prepend_path()`
    - CI: github: switch to OpenSSL 3.0.0
    - REGTESTS: ssl: Fix references to removed option in test description
    - MINOR: ssl: Add ssllib_name_startswith precondition
    - REGTESTS: ssl: Fix ssl_errors test for OpenSSL v3
    - REGTESTS: ssl: Reenable ssl_errors test for OpenSSL only
    - REGTESTS: ssl: Use mostly TLSv1.2 in ssl_errors test
    - MEDIUM: mux-quic: rationalize tx buffers between qcc/qcs
    - MEDIUM: h3: properly manage tx buffers for large data
    - MINOR: mux-quic: standardize h3 settings sending
    - CLEANUP: h3: remove dead code
    - MINOR: mux-quic: implement standard method to detect if qcc is dead
    - MEDIUM: mux-quic: defer stream shut if remaining tx data
    - MINOR: mux: remove last occurences of qcc ring buffer
    - MINOR: quic: handle CONNECTION_CLOSE frame
    - REGTESTS: ssl: re-enable set_ssl_cert_bundle.vtc
    - MINOR: ssl: add ssl_fc_is_resumed to "option httpslog"
    - MINOR: http: Add http_auth_bearer sample fetch
    - MINOR: jwt: Parse JWT alg field
    - MINOR: jwt: JWT tokenizing helper function
    - MINOR: jwt: Insert public certificates into dedicated JWT tree
    - MINOR: jwt: jwt_header_query and jwt_payload_query converters
    - MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity
    - REGTESTS: jwt: Add tests for the jwt_verify converter
    - BUILD: jwt: fix declaration of EVP_KEY in jwt-h.h
    - MINOR: proto_tcp: use chunk_appendf() to ouput socket setup errors
    - MINOR: proto_tcp: also report the attempted MSS values in error message
    - MINOR: inet: report the faulty interface name in "bind" errors
    - MINOR: protocol: report the file and line number for binding/listening errors
    - MINOR: protocol: uniformize protocol errors
    - MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
    - BUG/MEDIUM: resolver: make sure to always use the correct hostname length
    - BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
    - MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
    - MEDIUM: listeners: split the thread mask between receiver and bind_conf
    - MINOR: listeners: add clone_listener() to duplicate listeners at boot time
    - MEDIUM: listener: add the "shards" bind keyword
    - BUG/MEDIUM: resolvers: use correct storage for the target address
    - MINOR: resolvers: merge address and target into a union "data"
    - BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
    - BUG/MEDIUM: jwt: fix base64 decoding error detection
    - BUG/MINOR: jwt: use CRYPTO_memcmp() to compare HMACs
    - DOC: jwt: fix a typo in the jwt_verify() keyword description
    - BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection
    - BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
    - BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
    - DOC: config: Move 'tcp-response content' at the right place
    - BUG/MINOR: proxy: Use .disabled field as a bitfield as documented
    - MINOR: proxy: Introduce proxy flags to replace disabled bitfield
    - MINOR: sample/arg: Be able to resolve args found in defaults sections
    - MEDIUM: proxy: Warn about ambiguous use of named defaults sections
    - MINOR: proxy: Be able to reference the defaults section used by a proxy
    - MINOR: proxy: Add PR_FL_READY flag on fully configured and usable proxies
    - MINOR: config: Finish configuration for referenced default proxies
    - MINOR: config: No longer remove previous anonymous defaults section
    - MINOR: tcpcheck: Support 2-steps args resolution in defaults sections
    - MEDIUM: rules/acl: Parse TCP/HTTP rules and acls defined in defaults sections
    - MEDIUM: tcp-rules: Eval TCP rules defined in defaults sections
    - MEDIUM: http-ana: Eval HTTP rules defined in defaults sections
    - BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
    - REGTESTS: Add scripts to test support of TCP/HTTP rules in defaults sections
    - DOC: config: Add documentation about TCP/HTTP rules in defaults section
    - DOC: config: Rework and uniformize how TCP/HTTP rules are documented
    - BUG/MINOR: proxy: Release ACLs and TCP/HTTP rules of default proxies
    - BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
    - BUG/MINOR: sample: fix backend direction flags consecutive to last fix
    - BUG/MINOR: listener: fix incorrect return on out-of-memory
    - BUG/MINOR: listener: add an error check for unallocatable trash
    - CLEANUP: listeners: remove unreachable code in clone_listener()

2021/10/08 : 2.5-dev9
    - head-truc
    - REGTESTS: lua: test the httpclient:get() feature
    - Revert "head-truc"
    - BUG/MEDIUM: httpclient: replace ist0 by istptr
    - MINOR: config: use a standard parser for the "nbthread" keyword
    - CLEANUP: init: remove useless test against MAX_THREADS in affinity loop
    - MEDIUM: init: de-uglify the per-thread affinity setting
    - MINOR: init: extract the setup and end of threads to their own functions
    - MINOR: log: Try to get the status code when MUX_EXIT_STATUS is retrieved
    - MINOR: mux-h1: Set error code if possible when MUX_EXIT_STATUS is returned
    - MINOR: mux-h1: Be able to set custom status code on parsing error
    - MEDIUM: mux-h1: Reject HTTP/1.0 GET/HEAD/DELETE requests with a payload
    - MEDIUM: h1: Force close mode for invalid uses of T-E header
    - BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers"
    - MINOR: http: Add 422-Unprocessable-Content error message
    - MINOR: h1: Change T-E header parsing to fail if chunked encoding is found twice
    - BUG/MEDIUM: mux-h1/mux-fcgi: Reject messages with unknown transfer encoding
    - REGTESTS: Add script to validate T-E header parsing
    - REORG: pools: move default settings to defaults.h
    - DOC: peers: fix doc "enable" statement on "peers" sections
    - MINOR: Makefile: add MEMORY_POOLS to the list of DEBUG_xxx options
    - MINOR: ssl: Set connection error code in case of SSL read or write fatal failure
    - MINOR: ssl: Rename ssl_bc_hsk_err to ssl_bc_err
    - MINOR: ssl: Store the last SSL error code in case of read or write failure
    - REGTESTS: ssl: enable show_ssl_ocspresponse.vtc again
    - REGTESTS: ssl: enable ssl_crt-list_filters.vtc again
    - BUG/MEDIUM: lua: fix wakeup condition from sleep()
    - BUG/MAJOR: lua: use task_wakeup() to properly run a task once
    - MINOR: arg: Be able to forbid unresolved args when building an argument list
    - BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing
    - BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input
    - MINOR: tasks: catch TICK_ETERNITY with BUG_ON() in __task_queue()
    - REGTESTS: ssl: show_ssl_ocspresponse w/ freebsd won't use base64
    - REGTESTS: ssl: wrong feature cmd in show_ssl_ocspresponse.vtc
    - CLEANUP: tasks: remove the long-unused work_lists
    - MINOR: task: provide 3 task_new_* wrappers to simplify the API
    - MINOR: time: uninline report_idle() and move it to task.c
    - REORG: sched: move idle time calculation from time.h to task.h
    - REORG: sched: move the stolen CPU time detection to sched_entering_poll()
    - BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release
    - BUG/MEDIUM: http-ana: Clear request analyzers when applying redirect rule
    - MINOR: httpclient: destroy() must free the headers and the ists
    - MINOR: httpclient: set HTTPCLIENT_F_ENDED only in release
    - MINOR: httpclient: stop_and_destroy() ask the applet to autokill
    - MINOR: httpclient: test if started during stop_and_destroy()
    - MINOR: httpclient/lua: implement garbage collection
    - BUG/MEDIUM: httpclient/lua: crash because of b_xfer and get_trash_chunk()
    - MINOR: httpclient: destroy checks if a client was started but not stopped
    - BUG/MINOR: httpclient/lua: does not process headers when failed
    - MINOR: httpclient/lua: supports headers via named arguments
    - CLEANUP: server: always include the storage for SSL settings
    - CLEANUP: sample: rename sample_conv_var2smp() to *_sint
    - CLEANUP: sample: uninline sample_conv_var2smp_str()
    - MINOR: sample: provide a generic var-to-sample conversion function
    - BUG/MEDIUM: sample: properly verify that variables cast to sample
    - BUILD: action: add the relevant structures for function arguments
    - BUILD: extcheck: needs to include stream-t.h
    - BUILD: hlua: needs to include stream-t.h
    - BUILD: stats: define several missing structures in stats.h
    - BUILD: resolvers: define missing types in resolvers.h
    - BUILD: httpclient: include missing ssl_sock-t
    - BUILD: sample: include openssl-compat
    - BUILD: http_ana: need to include proxy-t to get redirect_rule
    - BUILD: http_rules: requires http_ana-t.h for REDIRECT_*
    - BUILD: vars: need to include xxhash
    - BUILD: peers: need to include eb{32/mb/pt}tree.h
    - BUILD: ssl_ckch: include ebpttree.h in ssl_ckch.c
    - BUILD: compiler: add the container_of() and container_of_safe() macros
    - BUILD: idleconns: include missing ebmbtree.h at several places
    - BUILD: connection: connection.h needs list.h and server.h
    - BUILD: tree-wide: add missing http_ana.h from many places
    - BUILD: cfgparse-ssl: add missing errors.h
    - BUILD: tcp_sample: include missing errors.h and session-t.h
    - BUILD: mworker: mworker-prog needs time.h for the 'now' variable
    - BUILD: tree-wide: add several missing activity.h
    - BUILD: compat: fix -Wundef on SO_REUSEADDR
    - CLEANUP: pools: pools-t.h doesn't need to include thread-t.h
    - REORG: pools: uninline the UAF allocator and force-inline the rest
    - REORG: thread: uninline the lock-debugging code
    - MINOR: thread/debug: replace nsec_now() with now_mono_time()
    - CLEANUP: remove some unneeded includes from applet-t.h
    - REORG: listener: move bind_conf_alloc() and listener_state_str() to listener.c
    - CLEANUP: listeners: do not include openssl-compat
    - CLEANUP: servers: do not include openssl-compat
    - REORG: ssl: move ssl_sock_is_ssl() to connection.h and rename it
    - CLEANUP: mux_fcgi: remove dependency on ssl_sock
    - CLEANUP: ssl/server: move ssl_sock_set_srv() to srv_set_ssl() in server.c
    - REORG: ssl-sock: move the sslconns/totalsslconns counters to global
    - REORG: sample: move the crypto samples to ssl_sample.c
    - REORG: sched: moved samp_time and idle_time to task.c as well
    - REORG: time/ticks: move now_ms and global_now_ms definitions to ticks.h
    - CLEANUP: tree-wide: remove unneeded include time.h in ~20 files
    - REORG: activity: uninline activity_count_runtime()
    - REORG: acitvity: uninline sched_activity_entry()
    - CLEANUP: stream: remove many unneeded includes from stream-t.h
    - CLEANUP: stick-table: no need to include socket nor in.h
    - MINOR: connection: use uint64_t for the hashes
    - REORG: connection: move the hash-related stuff to connection.c
    - REORG: connection: uninline conn_notify_mux() and conn_delete_from_tree()
    - REORG: server: uninline the idle conns management functions
    - REORG: ebtree: split structures into their own file ebtree-t.h
    - CLEANUP: tree-wide: only include ebtree-t from type files
    - REORG: connection: move the largest inlines from connection.h to connection.c
    - CLEANUP: connection: do not include http_ana!
    - CLEANUP: connection: remove unneeded tcpcheck-t.h and use only session-t.h
    - REORG: connection: uninline the rest of the alloc/free stuff
    - REORG: task: uninline the loop time measurement code
    - CLEANUP: time: move a few configurable defines to defaults.h
    - CLEANUP: fd: do not include time.h
    - REORG: fd: uninline compute_poll_timeout()
    - CLENAUP: wdt: use ha_tkill() instead of accessing pthread directly
    - REORG: thread: move the thread init/affinity/stop to thread.c
    - REORG: thread: move ha_get_pthread_id() to thread.c
    - MINOR: thread: use a dedicated static pthread_t array in thread.c
    - CLEANUP: thread: uninline ha_tkill/ha_tkillall/ha_cpu_relax()
    - DOC: configuration: add clarification on escaping in keyword arguments
    - BUG/MINOR: task: fix missing include with DEBUG_TASK
    - MINOR: pools: report the amount used by thread caches in "show pools"
    - MINOR: quic: Distinguish packet and SSL read enc. level in traces
    - MINOR: quic: Add a function to dump SSL stack errors
    - MINOR: quic: BUG_ON() SSL errors.
    - MINOR: quic: Fix SSL error issues (do not use ssl_bio_and_sess_init())
    - BUG/MEDIUM: mux-quic: reinsert all streams in by_id tree
    - BUG/MAJOR: xprt-quic: do not queue qc timer if not set
    - MINOR: mux-quic: release connection if no more bidir streams
    - BUG/MAJOR: quic: remove qc from receiver cids tree on free
    - BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames
    - MINOR: qpack: do not encode invalid http status code
    - MINOR: qpack: support non-indexed http status code encoding
    - MINOR: qpack: fix memory leak on huffman decoding
    - CLEANUP: mux-quic: remove unused code
    - BUG/MINOR: quic: fix includes for compilation
    - BUILD: connection: avoid a build warning on FreeBSD with SO_USER_COOKIE
    - BUILD: init: avoid a build warning on FreeBSD with USE_PROCCTL
    - REORG: time: move time-keeping code and variables to clock.c
    - REORG: clock: move the updates of cpu/mono time to clock.c
    - MINOR: activity: get the run_time from the clock updates
    - CLEANUP: clock: stop exporting before_poll and after_poll
    - REORG: clock: move the clock_id initialization to clock.c
    - REORG: clock/wdt: move wdt timer initialization to clock.c
    - MINOR: clock: move the clock_ids to clock.c
    - MINOR: wdt: move wd_timer to wdt.c
    - CLEANUP: wdt: do not remap SI_TKILL to SI_LWP, test the values directly
    - REORG: thread/sched: move the task_per_thread stuff to thread_ctx
    - REORG: thread/clock: move the clock parts of thread_info to thread_ctx
    - REORG: thread/sched: move the thread_info flags to the thread_ctx
    - REORG: thread/sched: move the last dynamic thread_info to thread_ctx
    - MINOR: thread: make "ti" a const pointer and clean up thread_info a bit
    - MINOR: threads: introduce a minimalistic notion of thread-group
    - MINOR: global: add a new "thread-groups" directive
    - MINOR: global: add a new "thread-group" directive
    - MINOR: threads: make tg point to the current thread's group
    - MEDIUM: threads: automatically assign threads to groups
    - MINOR: threads: set the group ID and its bit in the thread group
    - MINOR: threads: set the tid, ltid and their bit in thread_cfg
    - MEDIUM: threads: replace ha_set_tid() with ha_set_thread()
    - MINOR: threads: add the current group ID in thread-local "tgid" variable
    - MINOR: debug: report the group and thread ID in the thread dumps
    - MEDIUM: listeners: support the definition of thread groups on bind lines
    - MINOR: threads: add a new function to resolve config groups and masks
    - MEDIUM: config: resolve relative threads on bind lines to absolute ones
    - MEDIUM: stick-table: never learn the "conn_cur" value from peers

2021/09/24 : 2.5-dev8
    - BUILD: compiler: fixed a missing test on  defined(__GNUC__)
    - BUILD: halog: fix a -Wundef warning on non-glibc systems
    - BUILD: threads: fix -Wundef for _POSIX_PRIORITY_SCHEDULING on libmusl
    - BUG/MINOR: compat: make sure __WORDSIZE is always defined
    - BUILD: sample: fix format warning on 32-bit archs in sample_conv_be2dec_check()
    - CLEANUP: pools: factor all malloc_trim() calls into trim_all_pools()
    - MINOR: pools: automatically disable malloc_trim() with external allocators
    - MINOR: pools: report it when malloc_trim() is enabled
    - DOC: Add .mailmap
    - CLEANUP: tree-wide: fix prototypes for functions taking no arguments.
    - CLEANUP: Remove prototype for non-existent thread_get_default_count()
    - CLEANUP: acl: Remove unused variable when releasing an acl expression
    - BUG/MAJOR: mux-h1: Don't eval input data if an error was reported
    - DOC: update Tim's address in .mailmap
    - MINOR: pools: use mallinfo2() when available instead of mallinfo()
    - BUG/MINOR: tcpcheck: Improve LDAP response parsing to fix LDAP check
    - DOC: management: certificate files must be sanitized before injection
    - BUG/MINOR: connection: prevent null deref on mux cleanup task allocation
    - BUILD: ist: prevent gcc11 maybe-uninitialized warning on istalloc
    - BUG/MINOR: cli/payload: do not search for args inside payload
    - BUILD: sockpair: do not set unused flag
    - BUILD: proto_uxst: do not set unused flag
    - BUILD: fd: remove unused variable totlen in fd_write_frag_line()
    - MINOR: applet: remove the thread mask from appctx_new()
    - REORG: threads: move ha_get_pthread_id() to tinfo.h
    - CLEANUP: Apply ist.cocci
    - DEV: coccinelle: Add ist.cocci
    - CLEANUP: Apply bug_on.cocci
    - DEV: coccinelle: Add xalloc_size.cocci
    - DEV: coccinelle: Add bug_on.cocci
    - CLEANUP: Apply xalloc_size.cocci
    - DEV: coccinelle: Add xalloc_cast.cocci
    - BUG/MINOR: flt-trace: fix an infinite loop when random-parsing is set
    - MINOR: httpclient: add the EOH when no headers where provided
    - CLEANUP: Include check.h in flt_spoe.c
    - CLEANUP: Remove unreachable `break` from parse_time_err()
    - BUG/MINOR: server: allow 'enable health' only if check configured
    - BUG/MINOR: server: alloc dynamic srv ssl ctx if proxy uses ssl chk rule
    - MINOR: server: enable more keywords for ssl checks for dynamic servers
    - MINOR: server: enable more check related keywords for dynamic servers
    - REORG: server: move slowstart init outside of checks
    - MINOR: server: enable slowstart for dynamic server
    - MEDIUM: listener: deprecate "process" in favor of "thread" on bind lines
    - BUG/MEDIUM: leastconn: fix rare possibility of divide by zero
    - BUG/MINOR: quic: Possible NULL pointer dereferencing when dumping streams.
    - MINOR: quic: Move transport parmaters to anynomous struct.
    - MINOR: mux_quic: Add QUIC mux layer.
    - MINOR: connection: Add callbacks definitions for QUIC.
    - MINOR: quic: Attach QUIC mux connection objet to QUIC connection.
    - MINOR: quic: Add a new definition to store STREAM frames.
    - MINOR: h3: Add HTTP/3 definitions.
    - MINOR: qpack: Add QPACK compression.
    - MINOR: quic_sock: Finalize the QUIC connections.
    - MINOR: quic: Disable the action of ->rcv_buf() xprt callback
    - MINOR: quic: Add callbacks for (un)scribing to QUIC xprt.
    - MINOR: quic: Variable-length integer encoding/decoding into/from buffer struct.
    - BUG/MINOR: quic: Wrong ->accept() error handling
    - MINOR: quic: Add a wrapper function to update transport parameters.
    - MINOR: quic: Update the streams transport parameters.
    - MINOR: quic: Avoid header collisions
    - MINOR: quic: Replace max_packet_size by max_udp_payload size.
    - MINOR: quic: Enable some quic, h3 and qpack modules compilation.
    - MINOR: quic: Move an SSL func call from QUIC I/O handler to the xprt init.
    - MINOR: quic: Initialize the session before starting the xprt.
    - BUG/MINOR: quic: Do not check the acception of a new conn from I/O handler.
    - MINOR: quic: QUIC conn initialization from I/O handler
    - MINOR: quic: Remove header protection for conn with context
    - MINOR: quic: Derive the initial secrets asap
    - MINOR: quic: Remove header protection also for Initial packets
    - BUG/MINOR: quic: Wrong memory free in quic_update_ack_ranges_list()
    - MINOR: quic: quic_update_ack_ranges_list() code factorization
    - MINOR: quic: Useless test in quic_update_ack_ranges_list()
    - MINOR: quic: Remove a useless variable in quic_update_ack_ranges_list()
    - BUG/MINOR: quic: Missing cases treatement when updating ACK ranges
    - CLEAUNUP: quic: Usage of a useless variable in qc_treat_rx_pkts()
    - BUG/MINOR: quic: Wrong RX packet reference counter usage
    - MINOR: quic: Do not stop the packet parsing too early in qc_treat_rx_packets()
    - MINOR: quic: Add a lock for RX packets
    - MINOR: quic: Move the connection state
    - MINOR: quic: Replace quic_conn_ctx struct by ssl_sock_ctx struct
    - MINOR: quic: Replace the RX list of packet by a thread safety one.
    - MINOR: quic: Replace the RX unprotected packet list by a thread safety one.
    - MINOR: quic: Add useful traces for I/O dgram handler
    - MINOR: quic: Do not wakeup the xprt task on ACK receipt
    - MINOR: quic: Connection allocations rework
    - MINOR: quic: Move conn_prepare() to ->accept_conn() callback
    - MINOR: quic: Make qc_lstnr_pkt_rcv() be thread safe.
    - MINOR: quic: Add a ring buffer implementation for QUIC
    - MINOR: quic: Prefer x25519 as ECDH preferred parametes.
    - MINOR: quic: Add the QUIC v1 initial salt.
    - BUG/MINOR: quic: Too much reduced computed space to build handshake packets
    - MINOR: net_helper: add functions for pointers
    - MINOR: quic: Add ring buffer definition (struct qring) for QUIC
    - MINOR: proto_quic: Allocate TX ring buffers for listeners
    - MINOR: quic: Initialize pointers to TX ring buffer list
    - MINOR: quic: Make use of TX ring buffers to send QUIC packets
    - MINOR: quic_tls: Make use of the QUIC V1 salt.
    - MINOR: quic: Remove old TX buffer implementation
    - MINOR: Add function for TX packets reference counting
    - MINOR: quic: Add TX packets at the very last time to their tree.
    - MINOR: quic: Unitialized mux context upon Client Hello message receipt.
    - MINOR: quic: Missing encryption level rx.crypto member initialization and lock.
    - MINOR: quic: Rename ->rx.rwlock of quic_enc_level struct to ->rx.pkts_rwlock
    - MINOR: quic: Make qc_treat_rx_pkts() be thread safe.
    - MINOR: quic: Make ->tx.frms quic_pktns struct member be thread safe
    - MINOR: quic: Replace quic_tx_frm struct by quic_frame struct
    - MINOR: quic: Add a mask for TX frame builders and their authorized packet types
    - MINOR: quic: Add a useful function to compute any frame length.
    - MINOR: quic: Add the QUIC connection state to traces
    - MINOR: quic: Store post handshake frame in ->pktns.tx.frms MT_LIST
    - MINOR: quic: Add the packet type to quic_tx_packet struct
    - MINOR: quic: Modify qc_do_build_hdshk_pkt() to accept any packet type
    - MINOR: quic: Atomically handle packet number space ->largest_acked_pn variable
    - MINOR: quic: Modify qc_build_cfrms() to support any frame
    - MINOR: quic: quic_conn_io_cb() task rework
    - MINOR: quic: Make qc_build_hdshk_pkt() atomically consume a packet number
    - MINOR: quic: qc_do_build_hdshk_pkt() does not  need to pass a copy of CRYPTO frame
    - MINOR: quic: Remove Application level related functions
    - MINOR: quic: Rename functions which do not build only Handshake packets
    - MINOR: quic: Make circular buffer internal buffers be variable-sized.
    - MINOR: quic: Add a pool for TX ring buffer internal buffer
    - MINOR: quic: Make use of the last cbuf API when initializing TX ring buffers
    - MINOR: quic: Missing acks encoded size updates.
    - MINOR: quic: Evaluate the packet lengths in advance
    - MINOR: quic: Update the TLS extension for QUIC transport parameters
    - MINOR: quic: Fix handshake state debug strings
    - MINOR: quic: Atomically get/set the connection state
    - MINOR: quic: Missing QUIC encryption level for qc_build_pkt()
    - MINOR: quic: Coalesce Application level packets with Handshake packets.
    - MINOR: quic: Wrong flags handling for acks
    - MINOR: quic: Missing case when discarding HANDSHAKE secrets
    - MINOR: quic: Post handshake packet building improvements
    - MINOR: quic: Prepare Application level packet asap.
    - MINOR: h3: Send h3 settings asap
    - MINOR: quic: Wrong STREAM frame length computing
    - MINOR: quic: Wrong short packet minimum length
    - MINOR: quic: Prepare STREAM frames to fill QUIC packets
    - MINOR: h3: change default settings
    - MINOR: quic-enc: fix varint encoding
    - MINOR: qpack: fix wrong comment
    - MINOR: qpack: generate headers list on decoder
    - MINOR: h3: parse headers to htx
    - MINOR: h3: allocate stream on headers
    - MEDIUM: mux-quic: implement ring buffer on stream tx
    - MINOR: mux-quic: send SETTINGS on uni stream
    - MINOR: h3: define snd_buf callback and divert mux ops
    - MINOR: mux-quic: define FIN stream flag
    - MINOR: qpack: create qpack-enc module
    - MINOR: qpack: encode headers functions
    - MINOR: h3: encode htx headers to QPACK
    - MINOR: h3: send htx data
    - MINOR: h3/mux: detect fin on last h3 frame of the stream
    - MINOR: quic: Shorten some handshakes
    - MINOR: quic: Make QUIC-TLS support at least two initial salts
    - MINOR: quic: Attach the QUIC connection to a thread.
    - MINOR: quic: Missing active_connection_id_limit default value
    - MINOR: quic_sock: Do not flag QUIC connections as being set
    - MINOR: buf: Add b_force_xfer() function
    - MINOR: quic: Make use of buffer structs to handle STREAM frames
    - MINOR: mux_quic: move qc_process() code to qc_send()
    - MINOR: quic: Add a typedef for unsigned long long
    - MINOR: quic: Confusion between TX/RX for the frame builders
    - MINOR: quic: Wrong packet flags settings during frame building
    - MINOR: quic: Constantness fixes for frame builders/parsers.
    - MINOR: quic_tls: Client/serveur state reordering
    - MINOR: quic: Wrong packet loss detection due to wrong pktns order
    - MINOR: quic: Wrong packet number space selection in quic_loss_pktns()
    - MINOR: quic: Initial packet number spaced not discarded
    - MINOR: quic: Add useful trace about pktns discarding
    - MINOR: mux_quic: Export the mux related flags
    - MINOR: quic: Implement quic_conn_subscribe()
    - MINOR: quic: Wake up the mux upon ACK receipt
    - MINOR: quic: Stream FIN bit fix in qcs_push_frame()
    - MINOR: quic: Implement qc_process_mux()
    - MINOR: quic: Wake up the xprt from mux
    - CLEANUP: quic: Remove useless inline functions
    - MINOR: quic: RX packets memory leak
    - MINOR: quic: Possible endless loop in qc_treat_rx_pkts()
    - MINOR: quic: Crash upon too big packets receipt
    - MINOR: quic: define close handler
    - MEDIUM: quic: implement mux release/conn free
    - MINOR: quic: fix qcc subs initialization
    - BUG/MINOR: h1-htx: Fix a typo when request parser is reset
    - BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer
    - BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data
    - BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM
    - MINOR: stream-int: Set CO_RFL transient/persistent flags apart in si_cs_rcv()
    - MINOR: htx: Add an HTX flag to know when a message is fragmented
    - MINOR: htx: Add a function to know if the free space wraps
    - BUG/MEDIUM: stream-int: Defrag HTX message in si_cs_recv() if necessary
    - MINOR: stream-int: Notify mux when the buffer is not stuck when calling rcv_buf
    - BUG/MINOR: http-ana: increment internal_errors counter on response error
    - MINOR: stats: Enable dark mode on stat web page
    - CLEANUP: stats: Fix some alignment mistakes
    - MINOR: httpclient: httpclient_data() returns the available data
    - MINOR: httpclient: httpclient_ended() returns 1 if the client ended
    - MINOR: httpclient/lua: httpclient:get() API in lua
    - MINOR: httpclient/lua: implement the headers in the response object
    - BUG/MINOR: httpclient/lua: return an error on argument check
    - CLEANUP: slz: Mark `reset_refs` as static

2021/09/12 : 2.5-dev7
    - BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
    - CLEANUP: htx: remove comments about "must be < 256 MB"
    - BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
    - Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
    - MINOR: proxy: add a global "grace" directive to postpone soft-stop
    - MINOR: vars: rename vars_init() to vars_init_head()
    - CLEANUP: vars: rename sample_clear_stream() to var_unset()
    - REORG: vars: remerge sample_store{,_stream}() into var_set()
    - MEDIUM: vars: make the ifexist variant of set-var only apply to the proc scope
    - MINOR: vars: add a VF_CREATEONLY flag for creation
    - MINOR: vars: support storing empty sample data with a variable
    - MINOR: vars: store flags into variables and add VF_PERMANENT
    - MEDIUM: vars: make var_clear() only reset VF_PERMANENT variables
    - MEDIUM: vars: pre-create parsed SCOPE_PROC variables as permanent ones
    - MINOR: vars: preset a random seed to hash variables names
    - MEDIUM: vars: replace the global name index with a hash
    - CLEANUP: vars: remove the now unused var_names array
    - MINOR: vars: centralize the lock/unlock into static inlines
    - OPTIM: vars: only takes the variables lock on shared entries
    - OPTIM: vars: remove internal bookkeeping for vars_global_size
    - OPTIM: vars: do not keep variables usage stats if no limit is set
    - BUILD: fix dragonfly build again on __read_mostly
    - CI: Github Actions: temporarily disable Opentracing
    - BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload
    - MINOR: htx: Skip headers with no value when adding a header list to a message
    - CLEANUP: mux-h1: Remove condition rejecting upgrade requests with payload
    - BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached
    - BUG/MEDIUM: http-ana: Reset channels analysers when returning an error
    - BUG/MINOR: filters: Set right FLT_END analyser depending on channel
    - CLEANUP: Add haproxy/xxhash.h to avoid modifying import/xxhash.h
    - CLEANUP: ebmbtree: Replace always-taken elseif by else
    - CLEANUP: Move XXH3 macro from haproxy/compat.h to haproxy/xxhash.h
    - BUILD: opentracing: exclude the use of haproxy variables for the OpenTracing context
    - BUG/MINOR: opentracing: enable the use of http headers without a set value
    - CLEANUP: opentracing: use the haproxy function to generate uuid
    - MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn'
    - CI: Github Actions: re-enable Opentracing
    - CLEANUP: opentracing: simplify the condition on the empty header
    - BUG/MEDIUM lua: Add missing call to RESET_SAFE_LJMP in hlua_filter_new()

2021/09/03 : 2.5-dev6
    - BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
    - BUG/MINOR: tools: Fix loop condition in dump_text()
    - BUILD: ssl: next round of build warnings on LIBRESSL_VERSION_NUMBER
    - BUILD: ssl: fix two remaining occurrences of #if USE_OPENSSL
    - BUILD: tools: properly guard __GLIBC__ with defined()
    - BUILD: globally enable -Wundef
    - MINOR: log: Remove log-error-via-logformat option
    - MINOR: log: Add new "error-log-format" option
    - BUG/MAJOR: queue: better protect a pendconn being picked from the proxy
    - CLEANUP: Add missing include guard to signal.h
    - MINOR: ssl: Add new ssl_bc_hsk_err sample fetch
    - MINOR: connection: Add a connection error code sample fetch for backend side
    - REGTESTS: ssl: Add tests for bc_conn_err and ssl_bc_hsk_err sample fetches
    - MINOR: http-rules: add a new "ignore-empty" option to redirects.
    - CI: Github Actions: temporarily disable BoringSSL builds
    - BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
    - BUG/MINOR: vars: improve accuracy of the rules used to check expression validity
    - MINOR: sample: add missing ARGC_ entries
    - BUG/MINOR: vars: properly set the argument parsing context in the expression
    - DOC: configuration: remove wrong tcp-request examples in tcp-response
    - MEDIUM: vars: add a new "set-var-fmt" action
    - BUG/MEDIUM: vars: run over the correct list in release_store_rules()
    - BUG/MINOR: vars: truncate the variable name in error reports about scope.
    - BUG/MINOR: vars: do not talk about global section in CLI errors for set-var
    - CLEANUP: vars: name the temporary proxy "CFG" instead of "CLI" for global vars
    - MINOR: log: make log-format expressions completely usable outside of req/resp
    - MINOR: vars: add a "set-var-fmt" directive to the global section
    - MEDIUM: vars: also support format strings in CLI's "set var" command
    - CLEANUP: vars: factor out common code from vars_get_by_{desc,name}
    - MINOR: vars: make vars_get_by_* support an optional default value
    - MINOR: vars: make the vars() sample fetch function support a default value
    - BUILD: ot: add argument for default value to vars_get_by_name()

2021/08/28 : 2.5-dev5
    - MINOR: httpclient: initialize the proxy
    - MINOR: httpclient: implement a simple HTTP Client API
    - MINOR: httpclient/cli: implement a simple client over the CLI
    - MINOR: httpclient/cli: change the User-Agent to "HAProxy"
    - MEDIUM: ssl: Keep a reference to the client's certificate for use in logs
    - BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
    - BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2
    - MINOR: server: check if srv is NULL in free_server()
    - MINOR: proxy: check if p is NULL in free_proxy()
    - BUG/MEDIUM: cfgparse: do not allocate IDs to automatic internal proxies
    - BUG/MINOR: http_client: make sure to preset the proxy's default settings
    - REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
    - REGTESTS: abortonclose: after retries, 503 is expected, not close
    - REGTESTS: server: fix agent-check syntax and expectation
    - BUG/MINOR: httpclient: fix uninitialized sl variable
    - BUG/MINOR: httpclient/cli: change the appctx test in the callbacks
    - BUG/MINOR: httpclient: check if hdr_num is not 0
    - MINOR: httpclient: cleanup the include files
    - MINOR: hlua: take the global Lua lock inside a global function
    - MINOR: tools: add FreeBSD support to get_exec_path()
    - BUG/MINOR: systemd: ExecStartPre must use -Ws
    - MINOR: systemd: remove the ExecStartPre line in the unit file
    - MINOR: ssl: add an openssl version string parser
    - MINOR: cfgcond: implements openssl_version_atleast and openssl_version_before
    - CLEANUP: ssl: remove useless check on p in openssl_version_parser()
    - BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
    - BUG/MINOR: httpclient: remove deinit of the httpclient
    - BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
    - MINOR: httpclient: set verify none on the https server
    - MINOR: httpclient: add the server to the proxy
    - BUG/MINOR: httpclient: fix Host header
    - BUILD: httpclient: fix build without OpenSSL
    - CI: github-actions: remove obsolete options
    - CLEANUP: assorted typo fixes in the code and comments
    - MINOR: proc: setting the process to produce a core dump on FreeBSD.
    - BUILD: adopt script/build-ssl.sh for OpenSSL-3.0.0beta2
    - MINOR: server: return the next srv instance on free_server
    - BUG/MINOR: stats: use refcount to protect dynamic server on dump
    - MEDIUM: server: extend refcount for all servers
    - MINOR: server: define non purgeable server flag
    - MINOR: server: mark referenced servers as non purgeable
    - MINOR: server: mark servers referenced by LUA script as non purgeable
    - MEDIUM: server: allow to remove servers at runtime except non purgeable
    - BUG/MINOR: base64: base64urldec() ignores padding in output size check
    - REGTEST: add missing lua requirements on server removal test
    - REGTEST: fix haproxy required version for server removal test
    - BUG/MINOR: proxy: don't dump servers of internal proxies
    - REGTESTS: Use `feature cmd` for 2.5+ tests
    - REGTESTS: Remove REQUIRE_VERSION=1.5 from all tests
    - BUG/MINOR: resolvers: mark servers with name-resolution as non purgeable
    - MINOR: compiler: implement an ONLY_ONCE() macro
    - BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
    - MEDIUM: ssl: Capture more info from Client Hello
    - MINOR: sample: Expose SSL captures using new fetchers
    - MINOR: sample: Add be2dec converter
    - MINOR: sample: Add be2hex converter
    - MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size
    - BUG/MINOR: time: fix idle time computation for long sleeps
    - MINOR: time: add report_idle() to report process-wide idle time
    - BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
    - BUILD: activity: use #ifdef not #if on USE_MEMORY_PROFILING
    - BUILD/MINOR: defaults: eliminate warning on MAXHOSTNAMELEN with -Wundef
    - BUILD/MINOR: ssl: avoid a build warning on LIBRESSL_VERSION with -Wundef
    - IMPORT: slz: silence a build warning with -Wundef
    - BUILD/MINOR: regex: avoid a build warning on USE_PCRE2 with -Wundef

2021/08/17 : 2.5-dev4
    - MINOR: log: rename 'dontloglegacyconnerr' to 'log-error-via-logformat'
    - MINOR: doc: rename conn_status in `option httsplog`
    - MINOR: proxy: disabled takes a stopping and a disabled state
    - MINOR: stats: shows proxy in a stopped state
    - BUG/MINOR: server: fix race on error path of 'add server' CLI if track
    - CLEANUP: thread: fix fantaisist indentation of thread_harmless_till_end()
    - MINOR: threads: make thread_release() not wait for other ones to complete
    - MEDIUM: threads: add a stronger thread_isolate_full() call
    - MEDIUM: servers: make the server deletion code run under full thread isolation
    - BUG/MINOR: server: remove srv from px list on CLI 'add server' error
    - MINOR: activity/fd: remove the dead_fd counter
    - MAJOR: fd: get rid of the DWCAS when setting the running_mask
    - CLEANUP: fd: remove the now unused fd_set_running()
    - CLEANUP: fd: remove the now unneeded fd_mig_lock
    - BUG/MINOR: server: update last_change on maint->ready transitions too
    - MINOR: spoe: Add a pointer on the filter config in the spoe_agent structure
    - BUG/MEDIUM: spoe: Create a SPOE applet if necessary when the last one is released
    - BUG/MEDIUM: spoe: Fix policy to close applets when SPOE connections are queued
    - MINOR: server: unmark deprecated on enable health/agent cli
    - MEDIUM: task: implement tasklet kill
    - MINOR: server: initialize fields for dynamic server check
    - MINOR: check: allocate default check ruleset for every backends
    - MINOR: check: export check init functions
    - MINOR: check: do not increment global maxsock at runtime
    - MINOR: server: implement a refcount for dynamic servers
    - MEDIUM: check: implement check deletion for dynamic servers
    - MINOR: check: enable safe keywords for dynamic servers
    - MEDIUM: server: implement check for dynamic servers
    - MEDIUM: server: implement agent check for dynamic servers
    - REGTESTS: server: add dynamic check server test
    - MINOR: doc: specify ulimit-n usage for dynamic servers
    - REGTESTS: server: fix dynamic server with checks test
    - CI: travis-ci: temporarily disable arm64 builds
    - BUG/MINOR: check: test if server is not null in purge
    - MINOR: global: define MODE_STOPPING
    - BUG/MINOR: server: do not use refcount in free_server in stopping mode
    - ADMIN: dyncookie: implement a simple dynamic cookie calculator
    - BUG/MINOR: check: do not reset check flags on purge
    - BUG/MINOR: check: fix leak on add dynamic server with agent-check error
    - BUG/MEDIUM: check: fix leak on agent-check purge
    - BUG/MEDIUM: server: support both check/agent-check on a dynamic instance
    - BUG/MINOR: buffer: fix buffer_dump() formatting
    - MINOR: channel: remove an htx block from a channel
    - BUG/MINOR: tcpcheck: Properly detect pending HTTP data in output buffer
    - BUG/MINOR: stream: Don't release a stream if FLT_END is still registered
    - MINOR: lua: Add a flag on lua context to know the yield capability at run time
    - BUG/MINOR: lua: Yield in channel functions only if lua context can yield
    - BUG/MINOR: lua: Don't yield in channel.append() and channel.set()
    - MINOR: filters/lua: Release filters before the lua context
    - MINOR: lua: Add a function to get a reference on a table in the stack
    - MEDIUM: lua: Process buffer data using an offset and a length
    - MEDIUM: lua: Improve/revisit the lua api to manipulate channels
    - DOC: Improve the lua documentation
    - MEDIUM: filters/lua: Add support for dummy filters written in lua
    - MINOR: lua: Add a function to get a filter attached to a channel class
    - MINOR: lua: Add flags on the lua TXN to know the execution context
    - MEDIUM: filters/lua: Be prepared to filter TCP payloads
    - MEDIUM: filters/lua: Support declaration of some filter callback functions in lua
    - MEDIUM: filters/lua: Add HTTPMessage class to help HTTP filtering
    - MINOR: filters/lua: Add request and response HTTP messages in the lua TXN
    - MINOR: filters/lua: Support the HTTP filtering from filters written in lua
    - DOC: config: Fix 'http-response send-spoe-group' documentation
    - BUG/MINOR: lua: Properly check negative offset in Channel/HttpMessage functions
    - BUG/MINOR: lua: Properly catch alloc errors when parsing lua filter directives
    - BUG/MEDIUM: cfgcheck: verify existing log-forward listeners during config check
    - MINOR: cli: delare the CLI frontend as an internal proxy
    - MINOR: proxy: disable warnings for internal proxies
    - BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set
    - BUG/MINOR: lua/filters: Return right code when txn:done() is called
    - DOC: lua-api: Add documentation about lua filters
    - CI: Remove obsolete USE_SLZ=1 CI job
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: github actions: relax OpenSSL-3.0.0 version comparision
    - BUILD: tools: get the absolute path of the current binary on NetBSD.
    - DOC: Minor typo fix - 'question mark' -> 'exclamation mark'
    - DOC/MINOR: fix typo in management document
    - MINOR: http: add a new function http_validate_scheme() to validate a scheme
    - BUG/MAJOR: h2: verify early that non-http/https schemes match the valid syntax
    - BUG/MAJOR: h2: verify that :path starts with a '/' before concatenating it
    - BUG/MAJOR: h2: enforce stricter syntax checks on the :method pseudo-header
    - BUG/MEDIUM: h2: give :authority precedence over Host
    - REGTESTS: add a test to prevent h2 desync attacks

2021/08/01 : 2.5-dev3
    - BUG/MINOR: arg: free all args on make_arg_list()'s error path
    - BUG/MINOR: cfgcond: revisit the condition freeing mechanism to avoid a leak
    - MEDIUM: proxy: remove long-broken 'option http_proxy'
    - CLEANUP: http_ana: Remove now unused label from http_process_request()
    - MINOR: deinit: always deinit the init_mutex on failed initialization
    - BUG/MEDIUM: cfgcond: limit recursion level in the condition expression parser
    - BUG/MEDIUM: mworker: do not register an exit handler if exit is expected
    - BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs
    - BUILD/MINOR: memprof fix macOs build.
    - BUG/MEDIUM: ssl_sample: fix segfault for srv samples on invalid request
    - BUG/MINOR: stats: Add missing agent stats on servers
    - BUG/MINOR: check: fix the condition to validate a port-less server
    - BUILD: threads: fix pthread_mutex_unlock when !USE_THREAD
    - BUG/MINOR: resolvers: Use a null-terminated string to lookup in servers tree
    - MINOR: ssl: use __objt_* variant when retrieving counters
    - BUG/MINOR: systemd: must check the configuration using -Ws
    - BUG/MINOR: mux-h1: Obey dontlognull option for empty requests
    - BUG/MINOR: mux-h2: Obey dontlognull option during the preface
    - BUG/MINOR: mux-h1: Be sure to swap H1C to splice mode when rcv_pipe() is called
    - BUG/MEDIUM: mux-h2: Handle remaining read0 cases on partial frames
    - MINOR: proxy: rename PR_CAP_LUA to PR_CAP_INT
    - MINOR: mworker: the mworker CLI proxy is internal
    - MINOR: stats: don't output internal proxies (PR_CAP_INT)
    - CLEANUP: mworker: use the proxy helper functions in mworker_cli_proxy_create()
    - CLEANUP: mworker: PR_CAP already initialized with alloc_new_proxy()
    - BUG/MINOR: connection: Add missing error labels to conn_err_code_str
    - MINOR: connection: Add a connection error code sample fetch
    - MINOR: ssl: Enable error fetches in case of handshake error
    - MINOR: ssl: Add new ssl_fc_hsk_err sample fetch
    - MINOR: ssl: Define a default https log format
    - MEDIUM: connection: Add option to disable legacy error log
    - REGTESTS: ssl: Add tests for the connection and SSL error fetches
    - REGTESTS: ssl: ssl_errors.vtc does not work with old openssl version
    - BUG/MEDIUM: connection: close a rare race between idle conn close and takeover
    - BUG/MEDIUM: pollers: clear the sleeping bit after waking up, not before
    - BUG/MINOR: select: fix excess number of dead/skip reported
    - BUG/MINOR: poll: fix abnormally high skip_fd counter
    - BUG/MINOR: pollers: always program an update for migrated FDs
    - BUG/MINOR: fd: protect fd state harder against a concurrent takeover
    - DOC: internals: document the FD takeover process
    - MINOR: fd: update flags only once in fd_update_events()
    - MINOR: poll/epoll: move detection of RDHUP support earlier
    - REORG: fd: uninline fd_update_events()
    - MEDIUM: fd: rely more on fd_update_events() to detect changes
    - BUG/MINOR: freq_ctr: use stricter barriers between updates and readings
    - MEDIUM: atomic: simplify the atomic load/store/exchange operations
    - MEDIUM: atomic: relax the load/store barriers on x86_64
    - BUILD: opentracing: fixed build when using pkg-config utility

2021/07/17 : 2.5-dev2
    - BUILD/MEDIUM: tcp: set-mark support for OpenBSD
    - DOC: config: use CREATE USER for mysql-check
    - BUG/MINOR: stick-table: fix several printf sign errors dumping tables
    - BUG/MINOR: peers: fix data_type bit computation more than 32 data_types
    - MINOR: stick-table: make skttable_data_cast to use only std types
    - MEDIUM: stick-table: handle arrays of standard types into stick-tables
    - MEDIUM: peers: handle arrays of std types in peers protocol
    - DOC: stick-table: add missing documentation about gpt0 stored type
    - MEDIUM: stick-table: add the new array of gpt data_type
    - MEDIUM: stick-table: make the use of 'gpt' excluding the use of 'gpt0'
    - MEDIUM: stick-table: add the new arrays of gpc and gpc_rate
    - MEDIUM: stick-table: make the use of 'gpc' excluding the use of 'gpc0/1''
    - BUG/MEDIUM: sock: make sure to never miss early connection failures
    - BUG/MINOR: cli: fix server name output in "show fd"
    - Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules"
    - MEDIUM: stats: include disabled proxies that hold active sessions to stats
    - BUILD: stick-table: shut up invalid "uninitialized" warning in gcc 8.3
    - MINOR: http: implement http_get_scheme
    - MEDIUM: http: implement scheme-based normalization
    - MEDIUM: h1-htx: apply scheme-based normalization on h1 requests
    - MEDIUM: h2: apply scheme-based normalization on h2 requests
    - REGTESTS: add http scheme-based normalization test
    - BUILD: http_htx: fix ci compilation error with isdigit for Windows
    - MINOR: http: implement http uri parser
    - MINOR: http: use http uri parser for scheme
    - MINOR: http: use http uri parser for authority
    - REORG: http_ana: split conditions for monitor-uri in wait for request
    - MINOR: http: use http uri parser for path
    - BUG/MEDIUM: http_ana: fix crash for http_proxy mode during uri rewrite
    - MINOR: mux_h2: define config to disable h2 websocket support
    - CLEANUP: applet: remove unused thread_mask
    - BUG/MINOR: ssl: Default-server configuration ignored by server
    - BUILD: add detection of missing important CFLAGS
    - BUILD: lua: silence a build warning with TCC
    - MINOR: srv: extract tracking server config function
    - MINOR: srv: do not allow to track a dynamic server
    - MEDIUM: server: support track keyword for dynamic servers
    - REGTESTS: test track support for dynamic servers
    - MINOR: init: verify that there is a single word on "-cc"
    - MINOR: init: make -cc support environment variables expansion
    - MINOR: arg: add a free_args() function to free an args array
    - CLEANUP: config: use free_args() to release args array in cfg_eval_condition()
    - CLEANUP: hlua: use free_args() to release args arrays
    - REORG: config: move the condition preprocessing code to its own file
    - MINOR: cfgcond: start to split the condition parser to introduce terms
    - MEDIUM: cfgcond: report invalid trailing chars after expressions
    - MINOR: cfgcond: remerge all arguments into a single line
    - MINOR: cfgcond: support negating conditional expressions
    - MINOR: cfgcond: make the conditional term parser automatically allocate nodes
    - MINOR: cfgcond: insert an expression between the condition and the term
    - MINOR: cfgcond: support terms made of parenthesis around expressions
    - REGTEST: make check_condition.vtc fail as soon as possible
    - REGTESTS: add more complex check conditions to check_conditions.vtc
    - BUG/MEDIUM: init: restore behavior of command-line "-m" for memory limitation

2021/06/30 : 2.5-dev1
    - CLEANUP: ssl: Move ssl_store related code to ssl_ckch.c
    - MINOR: ssl: Allow duplicated entries in the cafile_tree
    - MEDIUM: ssl: Chain ckch instances in ca-file entries
    - MINOR: ssl: Add reference to default ckch instance in bind_conf
    - MINOR: ssl: Add helper functions to create/delete cafile entries
    - MEDIUM: ssl: Add a way to load a ca-file content from memory
    - MINOR: ssl: Add helper function to add cafile entries
    - MINOR: ssl: Ckch instance rebuild and cleanup factorization in CLI handler
    - MEDIUM: ssl: Add "set+commit ssl ca-file" CLI commands
    - REGTESTS: ssl: Add new ca-file update tests
    - MINOR: ssl: Add "abort ssl ca-file" CLI command
    - MINOR: ssl: Add a cafile_entry type field
    - MINOR: ssl: Refactorize the "show certificate details" code
    - MEDIUM: ssl: Add "show ssl ca-file" CLI command
    - MEDIUM: ssl: Add "new ssl ca-file" CLI command
    - MINOR: ssl: Add "del ssl ca-file" CLI command
    - REGTESTS: ssl: Add "new/del ssl ca-file" tests
    - DOC: ssl: Add documentation about CA file hot update commands
    - DOC: internals: update the SSL architecture schema
    - MINOR: ssl: Chain instances in ca-file entries
    - MEDIUM: ssl: Add "set+commit ssl crl-file" CLI commands
    - MEDIUM: ssl: Add "new+del crl-file" CLI commands
    - MINOR: ssl: Add "abort ssl crl-file" CLI command
    - MEDIUM: ssl: Add "show ssl crl-file" CLI command
    - REGTESTS: ssl: Add "new/del ssl crl-file" tests
    - REGTESTS: ssl: Add "set/commit ssl crl-file" test
    - DOC: ssl: Add documentation about CRL file hot update commands
    - BUILD/MINOR: ssl: Fix compilation with SSL enabled
    - BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2
    - CI: introduce scripts/build-vtest.sh for installing VTest
    - CLEANUP: ssl: Fix coverity issues found in CA file hot update code
    - CI: github actions: add OpenTracing builds
    - BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
    - BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
    - BUILD/MINOR: opentracing: fixed build when using clang
    - BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
    - BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response
    - MINOR: map/acl: print the count of all the map/acl entries in "show map/acl"
    - CLEANUP: pattern: remove export of non-existent function pattern_delete()
    - MINOR: h1-htx: Update h1 parsing functions to return result as a size_t
    - MEDIUM: h1-htx: Adapt H1 data parsing to copy wrapping data in one call
    - MINOR: mux-h1/mux-fcgi: Don't needlessly loop on data parsing
    - MINOR: h1-htx: Move HTTP chunks parsing into a dedicated function
    - MEDIUM: h1-htx: Split function to parse a chunk and the loop on the buffer
    - MEDIUM: h1-htx: Add a function to parse contiguous small chunks
    - MINOR: h1-htx: Use a correlation table to speed-up small chunks parsing
    - MINOR: buf: Add function to realign a buffer with a specific head position
    - MINOR: muxes/h1-htx: Realign input buffer using b_slow_realign_ofs()
    - CLEANUP: mux-h1: Rename functions parsing input buf and filling output buf
    - Revert "MEDIUM: http-ana: Deal with L7 retries in HTTP analysers"
    - BUG/MINOR: http-ana: Send the right error if max retries is reached on L7 retry
    - BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts
    - MINOR: http-ana: Perform L7 retries because of status codes in response analyser
    - MINOR: cfgparse: Fail when encountering extra arguments in macro
    - DOC: intro: Fix typo in starter guide
    - BUG/MINOR: server: Missing calloc return value check in srv_parse_source
    - BUG/MINOR: peers: Missing calloc return value check in peers_register_table
    - BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine
    - BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture
    - BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare
    - BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy
    - BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response
    - BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule
    - BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo
    - BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list
    - BUG/MINOR: http: Missing calloc return value check while parsing redirect rule
    - BUG/MINOR: http: Missing calloc return value check in make_arg_list
    - BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree
    - CLEANUP: http-ana: Remove useless if statement about L7 retries
    - BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry
    - MINOR: backend: Don't release SI endpoint anymore in connect_server()
    - BUG/MINOR: vars: Be sure to have a session to get checks variables
    - DOC/MINOR: move uuid in the configuration to the right alphabetical order
    - CLEANUP: mux-fcgi: Don't needlessly store result of data/trailers parsing
    - BUILD: fix compilation for OpenSSL-3.0.0-alpha17
    - MINOR: http-ana: Use -1 status for client aborts during queuing and connect
    - REGTESTS: Fix http_abortonclose.vtc to support -1 status for some client aborts
    - CLEANUP: backend: fix incorrect comments on locking conditions for lb functions
    - CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
    - CI: github actions: add OpenSSL-3.0.0 builds
    - CI: github actions: -Wno-deprecated-declarations with OpenSSL 3.0.0
    - MINOR: errors: allow empty va_args for diag variadic macro
    - REORG: errors: split errors reporting function from log.c
    - CLEANUP: server: fix cosmetic of error message on sni parsing
    - MEDIUM: errors: implement user messages buffer
    - MINOR: log: do not discard stderr when starting is over
    - MEDIUM: errors: implement parsing context type
    - MINOR: errors: use user messages context in print_message
    - MINOR: log: display exec path on first warning
    - MINOR: errors: specify prefix "config" for parsing output
    - MINOR: log: define server user message format
    - REORG: server: use parsing ctx for server parsing
    - REORG: config: use parsing ctx for server config check
    - MINOR: server: use parsing ctx for server init addr
    - MINOR: server: use ha_alert in server parsing functions
    - DOC: use the req.ssl_sni in examples
    - CLEANUP: cfgparse: Remove duplication of `MAX_LINE_ARGS + 1`
    - CLEANUP: tools: Make errptr const in `parse_line()`
    - MINOR: haproxy: Add `-cc` argument
    - BUG: errors: remove printf positional args for user messages context
    - CI: Make matrix.py executable and add shebang
    - BUILD: make tune.ssl.keylog available again
    - BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future
    - Revert "BUG/MINOR: opentracing: initialization after establishing daemon mode"
    - BUG/MEDIUM: opentracing: initialization before establishing daemon and/or chroot mode
    - SCRIPTS: opentracing: enable parallel builds in build-ot.sh
    - BUG/MEDIUM: compression: Fix loop skipping unused blocks to get the next block
    - BUG/MEDIUM: compression: Properly get the next block to iterate on payload
    - BUG/MEDIUM: compression: Add a flag to know the filter is still processing data
    - MINOR: ssl: Keep the actual key length in the certificate_ocsp structure
    - MINOR: ssl: Add new "show ssl ocsp-response" CLI command
    - MINOR: ssl: Add the OCSP entry key when displaying the details of a certificate
    - MINOR: ssl: Add the "show ssl cert foo.pem.ocsp" CLI command
    - REGTESTS: ssl: Add "show ssl ocsp-response" test
    - BUG/MINOR: server: explicitly set "none" init-addr for dynamic servers
    - BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush()
    - BUG/MINOR: pools: make DEBUG_UAF always write to the to-be-freed location
    - MINOR: pools: do not maintain the lock during pool_flush()
    - MINOR: pools: call malloc_trim() under thread isolation
    - MEDIUM: pools: use a single pool_gc() function for locked and lockless
    - BUG/MAJOR: pools: fix possible race with free() in the lockless variant
    - CLEANUP: pools: remove now unused seq and pool_free_list
    - MEDIUM: pools: remove the locked pools implementation
    - BUILD: ssl: Fix compilation with BoringSSL
    - BUG/MEDIUM: errors: include missing obj_type file
    - REGTESTS: ssl: show_ssl_ocspresponce.vtc is broken with BoringSSL
    - BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded
    - BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default
    - BUG/MINOR: h1-htx: Fix a signess bug with char data type when parsing chunk size
    - CLEANUP: l7-retries: do not test the buffer before calling b_alloc()
    - BUG/MINOR: resolvers: answser item list was randomly purged or errors
    - MEDIUM: resolvers: add a ref on server to the used A/AAAA answer item
    - MEDIUM: resolvers: add a ref between servers and srv request or used SRV record
    - BUG/MINOR: server-state: load SRV resolution only if params match the config
    - MINOR: config: remove support for deprecated option "tune.chksize"
    - MINOR: config: completely remove support for "no option http-use-htx"
    - MINOR: log: remove the long-deprecated early log-format tags
    - MINOR: http: remove the long deprecated "set-cookie()" sample fetch function
    - MINOR: config: reject long-deprecated "option forceclose"
    - MINOR: config: remove deprecated option "http-tunnel"
    - MEDIUM: proxy: remove the deprecated "grace" keyword
    - MAJOR: config: remove parsing of the global "nbproc" directive
    - BUILD: init: remove initialization of multi-process thread mappings
    - BUILD: log: remove unused fmt_directive()
    - REGTESTS: Remove REQUIRE_VERSION=1.6 from all tests
    - REGTESTS: Remove REQUIRE_VERSION=1.7 from all tests
    - CI: github actions: enable alpine/musl builds
    - BUG/MAJOR: resolvers: segfault using server template without SRV RECORDs
    - DOC: lua: Add a warning about buffers modification in HTTP
    - MINOR: ssl: Use OpenSSL's ASN1_TIME convertor when available
    - BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
    - BUG/MEDIUM: server: extend thread-isolate over much of CLI 'add server'
    - BUG/MEDIUM: server: clear dynamic srv on delete from proxy id/name trees
    - BUG/MEDIUM: server: do not forget to generate the dynamic servers ids
    - BUG/MINOR: server: do not keep an invalid dynamic server in px ids tree
    - BUG/MEDIUM: server: do not auto insert a dynamic server in px addr_node
    - BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
    - BUG/MINOR: ssl: use atomic ops to update global shctx stats
    - BUG/MINOR: mworker: fix typo in chroot error message
    - CLEANUP: global: remove unused definition of stopping_task[]
    - MEDIUM: init: remove the loop over processes during init
    - MINOR: mworker: remove the initialization loop over processes
    - CLEANUP: global: remove the nbproc field from the global structure
    - CLEANUP: global: remove pid_bit and all_proc_mask
    - MEDIUM: global: remove dead code from nbproc/bind_proc removal
    - MEDIUM: config: simplify cpu-map handling
    - MEDIUM: cpu-set: make the proc a single bit field and not an array
    - CLEANUP: global: remove unused definition of MAX_PROCS
    - MEDIUM: global: remove the relative_pid from global and mworker
    - DOC: update references to process numbers in cpu-map and bind-process
    - MEDIUM: config: warn about "bind-process" deprecation
    - CLEANUP: shctx: remove the different inter-process locking techniques
    - BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue
    - MINOR: backend: only skip LB when there are actual connections
    - BUG/MINOR: mux-h1: do not skip the error response on bad requests
    - MINOR: connection: add helper conn_append_debug_info()
    - MINOR: mux-h2/trace: report a few connection-level info during h2_init()
    - CLEANUP: mux-h2/traces: better align user messages
    - BUG/MINOR: stats: make "show stat typed desc" work again
    - MINOR: mux-h2: obey http-ignore-probes during the preface
    - BUG/MINOR: mux-h2/traces: bring back the lost "rcvd H2 REQ" trace
    - BUG/MINOR: mux-h2/traces: bring back the lost "sent H2 REQ/RES" traces
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: Replace the requirement for 'sudo' with a call to 'ulimit -n'
    - REGTESTS: Replace REQUIRE_VERSION=2.5 with 'haproxy -cc'
    - REGTESTS: Replace REQUIRE_OPTIONS with 'haproxy -cc' for 2.5+ tests
    - REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
    - REGTESTS: Remove support for REQUIRE_BINARIES
    - CI: ssl: enable parallel builds for OpenSSL on Linux
    - CI: ssl: do not needlessly build the OpenSSL docs
    - CI: ssl: keep the old method for ancient OpenSSL versions
    - CLEANUP: server: a separate function for initializing the per_thr field
    - BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is enabled
    - BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
    - MINOR: resolvers: Clean server in a dedicated function when removing a SRV item
    - MINOR: resolvers: Remove server from named_servers tree when removing a SRV item
    - BUG/MEDIUM: resolvers: Add a task on servers to check SRV resolution status
    - BUG/MINOR: backend: restore the SF_SRV_REUSED flag original purpose
    - BUG/MINOR: backend: do not set sni on connection reuse
    - BUG/MINOR: resolvers: Use resolver's lock in resolv_srvrq_expire_task()
    - BUG/MINOR: server/cli: Fix locking in function processing "set server" command
    - BUG/MINOR: cache: Correctly handle existing-but-empty 'accept-encoding' header
    - MINOR: ssl: fix typo in usage for 'new ssl ca-file'
    - MINOR: ssl: always initialize random generator
    - MINOR: ssl: check allocation in ssl_sock_init_srv
    - MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost
    - MINOR: ssl: check allocation in parse npn/sni
    - MINOR: server: disable CLI 'set server ssl' for dynamic servers
    - MINOR: ssl: render file-access optional on server crt loading
    - MINOR: ssl: split parse functions for alpn/check-alpn
    - MINOR: ssl: support ca-file arg for dynamic servers
    - MINOR: ssl: support crt arg for dynamic servers
    - MINOR: ssl: support crl arg for dynamic servers
    - MINOR: ssl: enable a series of ssl keywords for dynamic servers
    - MINOR: ssl: support ssl keyword for dynamic servers
    - REGTESTS: server: test ssl support for dynamic servers
    - MINOR: queue: update the stream's pend_pos before queuing it
    - CLEANUP: Prevent channel-t.h from being detected as C++ by GitHub
    - BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
    - REGTESTS: fix maxconn update with agent-check
    - MEDIUM: queue: make pendconn_process_next_strm() only return the pendconn
    - MINOR: queue: update proxy->served once out of the loop
    - MEDIUM: queue: refine the locking in process_srv_queue()
    - MINOR: lb/api: remove the locked argument from take_conn/drop_conn
    - MINOR: queue: create a new structure type "queue"
    - MINOR: proxy: replace the pendconns-related stuff with a struct queue
    - MINOR: server: replace the pendconns-related stuff with a struct queue
    - MEDIUM: queue: use a dedicated lock for the queues
    - MEDIUM: queue: simplify again the process_srv_queue() API
    - MINOR: queue: factor out the proxy/server queuing code
    - MINOR: queue: use atomic-ops to update the queue's index
    - MEDIUM: queue: determine in process_srv_queue() if the proxy is usable
    - MEDIUM: queue: move the queue lock manipulation to pendconn_process_next_strm()
    - MEDIUM: queue: unlock as soon as possible
    - MINOR: queue: make pendconn_first() take the lock by itself
    - CLEANUP: backend: remove impossible case of round-robin + consistent hash
    - MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
    - DOC: config: Add missing actions in "tcp-request session" documentation
    - CLEANUP: dns: Remove a forgotten debug message
    - DOC: Replace issue templates by issue forms
    - Revert "MINOR: queue: make pendconn_first() take the lock by itself"
    - Revert "MEDIUM: queue: unlock as soon as possible"
    - Revert "MEDIUM: queue: move the queue lock manipulation to pendconn_process_next_strm()"
    - Revert "MEDIUM: queue: determine in process_srv_queue() if the proxy is usable"
    - Revert "MINOR: queue: use atomic-ops to update the queue's index"
    - Revert "MINOR: queue: factor out the proxy/server queuing code"
    - Revert "MEDIUM: queue: simplify again the process_srv_queue() API"
    - Revert "MEDIUM: queue: use a dedicated lock for the queues"
    - Revert "MEDIUM: queue: refine the locking in process_srv_queue()"
    - Revert "MINOR: queue: update proxy->served once out of the loop"
    - Revert "MEDIUM: queue: make pendconn_process_next_strm() only return the pendconn"
    - MEDIUM: queue: update px->served and lb's take_conn once per loop
    - MEDIUM: queue: use a dedicated lock for the queues (v2)
    - MEDIUM: queue: simplify again the process_srv_queue() API (v2)
    - MEDIUM: queue: determine in process_srv_queue() if the proxy is usable (v2)
    - MINOR: queue: factor out the proxy/server queuing code (v2)
    - MINOR: queue: use atomic-ops to update the queue's index (v2)
    - MEDIUM: queue: take the proxy lock only during the px queue accesses
    - MEDIUM: queue: use a trylock on the server's queue
    - MINOR: queue: add queue_init() to initialize a queue
    - MINOR: queue: add a pointer to the server and the proxy in the queue
    - MINOR: queue: store a pointer to the queue into the pendconn
    - MINOR: queue: remove the px/srv fields from pendconn
    - MINOR: queue: simplify pendconn_unlink() regarding srv vs px
    - BUG: backend: stop looking for queued connections once there's no more
    - BUG/MINOR: queue/debug: use the correct lock labels on the queue lock
    - BUG/MINOR: resolvers: Always attach server on matching record on resolution
    - BUG/MINOR: resolvers: Reset server IP when no ip is found in the response
    - MINOR: resolvers: Reset server IP on error in resolv_get_ip_from_response()
    - BUG/MINOR: checks: return correct error code for srv_parse_agent_check
    - BUILD: Makefile: fix linkage for Haiku.
    - BUG/MINOR: tcpcheck: Fix numbering of implicit HTTP send/expect rules
    - MINOR: http-act/tcp-act: Add "set-log-level" for tcp content rules
    - MINOR: http-act/tcp-act: Add "set-nice" for tcp content rules
    - MINOR: http-act/tcp-act: Add "set-mark" and "set-tos" for tcp content rules
    - CLEANUP: tcp-act: Sort action lists
    - BUILD/MEDIUM: tcp: set-mark setting support for FreeBSD.
    - BUILD: tcp-act: avoid warning when set-mark / set-tos are not supported
    - BUG/MINOR: mqtt: Fix parser for string with more than 127 characters
    - BUG/MINOR: mqtt: Support empty client ID in CONNECT message
    - BUG/MEDIUM: resolvers: Make 1st server of a template take part to SRV resolution
    - CLEANUP: peers: re-write intdecode function comment.

2021/05/14 : 2.5-dev0
    - MINOR: version: it's development again

2021/05/14 : 2.4.0
    - BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port
    - CLEANUP: cli/activity: Remove double spacing in set profiling command
    - CI: Build VTest with clang
    - CI: extend spellchecker whitelist, add "ists" as well
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: memprof: properly account for differences for realloc()
    - MINOR: memprof: also report the method used by each call
    - MINOR: memprof: also report the totals and delta alloc-free
    - CLEANUP: pattern: remove the unused and dangerous pat_ref_reload()
    - BUG/MINOR: http_act: Fix normalizer names in error messages
    - MINOR: uri_normalizer: Add `fragment-strip` normalizer
    - MINOR: uri_normalizer: Add `fragment-encode` normalizer
    - IMPORT: slz: use the generic function for the last bytes of the crc32
    - IMPORT: slz: do not produce the crc32_fast table when CRC is natively supported
    - BUILD/MINOR: opentracing: fixed compilation with filter enabled
    - BUILD: makefile: add a few popular ARMv8 CPU targets
    - BUG/MEDIUM: stick_table: fix crash when using tcp smp_fetch_src
    - REGTESTS: stick-table: add src_conn_rate test
    - CLEANUP: stick-table: remove a leftover of an old keyword declaration
    - BUG/MINOR: stats: fix lastchk metric that got accidently lost
    - EXAMPLES: add a "basic-config-edge" example config
    - EXAMPLES: add a trivial config for quick testing
    - DOC: management: Correct example reload command in the document
    - Revert "CI: Build VTest with clang"
    - MINOR: activity/cli: optionally support sorting by address on "show profiling"
    - DEBUG: ssl: export ssl_sock_close() to see its symbol resolved in profiling
    - BUG/MINOR: lua/vars: prevent get_var() from allocating a new name
    - DOC: config: Fix configuration example for mqtt
    - BUG/MAJOR: config: properly initialize cpu_map.thread[] up to MAX_THREADS
    - BUILD: config: avoid a build warning on numa_detect_topology() without threads
    - DOC: update min requirements in INSTALL
    - IMPORT: slz: use inttypes.h instead of stdint.h
    - BUILD: sample: use strtoll() instead of atoll()
    - MINOR: version: mention that it's LTS now.

2021/05/10 : 2.4-dev19
    - BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers
    - BUG/MEDIUM: cli: prevent memory leak on write errors
    - BUG/MINOR: ssl/cli: fix a lock leak when no memory available
    - MINOR: debug: add a new "debug dev sym" command in expert mode
    - MINOR: pools/debug: slightly relax DEBUG_DONT_SHARE_POOLS
    - CI: Github Actions: switch to LibreSSL-3.3.3
    - MINOR: srv: close all idle connections on shutdown
    - MINOR: connection: move session_list member in a union
    - MEDIUM: mux_h1: release idling frontend conns on soft-stop
    - MEDIUM: connection: close front idling connection on soft-stop
    - MINOR: tools: add functions to retrieve the address of a symbol
    - CLEANUP: activity: mark the profiling and task_profiling_mask __read_mostly
    - MINOR: activity: add a "memory" entry to "profiling"
    - MINOR: activity: declare the storage for memory usage statistics
    - MEDIUM: activity: collect memory allocator statistics with USE_MEMORY_PROFILING
    - MINOR: activity: clean up the show profiling io_handler a little bit
    - MINOR: activity: make "show profiling" support a few arguments
    - MINOR: activity: make "show profiling" also dump the memoery usage
    - MINOR: activity: add the profiling.memory global setting
    - BUILD: makefile: add new option USE_MEMORY_PROFILING
    - MINOR: channel: Rely on HTX version if appropriate in channel_may_recv()
    - BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive
    - MINOR: conn-stream: Force mux to wait for read events if abortonclose is set
    - MEDIUM: mux-h1: Don't block reads when waiting for the other side
    - BUG/MEDIUM: mux-h1: Properly report client close if abortonclose option is set
    - REGTESTS: Add script to test abortonclose option
    - MINOR: mux-h1: clean up conditions to enabled and disabled splicing
    - MINOR: mux-h1: Subscribe for sends if output buffer is not empty in h1_snd_pipe
    - MINOR: mux-h1: Always subscribe for reads when splicing is disabled
    - MEDIUM: mux-h1: Wake H1 stream when both sides a synchronized
    - CLEANUP: mux-h1: rename WAIT_INPUT/WAIT_OUTPUT flags
    - MINOR: mux-h1: Manage processing blocking flags on the H1 stream
    - BUG/MINOR: stream: Decrement server current session counter on L7 retry
    - BUG/MINOR: config: fix uninitialized initial state in ".if" block evaluator
    - BUG/MINOR: config: add a missing "ELIF_TAKE" test for ".elif" condition evaluator
    - BUG/MINOR: config: .if/.elif should also accept negative integers
    - MINOR: config: centralize the ".if"/".elif" condition parser and evaluator
    - MINOR: config: keep up-to-date current file/line/section in the global struct
    - MINOR: config: support some pseudo-variables for file/line/section
    - BUILD: activity: do not include malloc.h
    - MINOR: arg: improve the error message on missing closing parenthesis
    - MINOR: global: export the build features string list
    - MINOR: global: add version comparison functions
    - MINOR: config: improve .if condition error reporting
    - MINOR: config: make cfg_eval_condition() support predicates with arguments
    - MINOR: config: add predicate "defined()" to conditional expression blocks
    - MINOR: config: add predicates "streq()" and "strneq()" to conditional expressions
    - MINOR: config: add predicate "feature" to detect certain built-in features
    - MINOR: config: add predicates "version_atleast" and "version_before" to cond blocks
    - BUG/MINOR: activity: use the new pointer to calculate the new size in realloc()
    - BUG/MINOR: stream: properly clear the previous error mask on L7 retries
    - MEDIUM: log: slightly refine the output format of alerts/warnings/etc
    - MINOR: config: add a new message directive: .diag
    - CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages
    - BUG/MINOR: stream: Reset stream final state and si error type on L7 retry
    - BUG/MINOR: checks: Handle synchronous connect when a tcpcheck is started
    - BUG/MINOR: checks: Reschedule check on observe mode only if fastinter is set
    - MINOR: global: define tainted flag
    - MINOR: cfgparse: add a new field flags in cfg_keyword
    - MINOR: cfgparse: implement experimental config keywords
    - MINOR: action: replace match_pfx by a keyword flags field
    - MINOR: action: implement experimental actions
    - MINOR: cli: set tainted when using CLI expert/experimental mode
    - MINOR: stats: report tainted on show info
    - MINOR: http_act: mark normalize-uri as experimental
    - BUILD: fix usage of ha_alert without format string
    - MINOR: proxy: define PR_CAP_LB
    - BUG/MINOR: server: do not report diag for peer servers with null weight
    - DOC: ssl: Extra files loading now works for backends too
    - ADDONS: make addons/ discoverable by git via .gitignore
    - DOC: ssl: Add information about crl-file option
    - MINOR: sample: improve error reporting on missing arg to strcmp() converter
    - DOC: management: mention that some fields may be emitted as floats
    - MINOR: tools: implement trimming of floating point numbers
    - MINOR: tools: add a float-to-ascii conversion function
    - MINOR: freq_ctr: add new functions to report float measurements
    - MINOR: stats: avoid excessive padding of float values with trailing zeroes
    - MINOR: stats: add the HTML conversion for float types
    - MINOR: stats: pass the appctx flags to stats_fill_info()
    - MINOR: stats: support an optional "float" option to "show info"
    - MINOR: stats: use tv_remain() to precisely compute the uptime
    - MINOR: stats: report uptime and start time as floats with subsecond resolution
    - MINOR: stats: make "show info" able to report rates as floats when asked
    - MINOR: config: mark tune.fd.edge-triggered as experimental
    - REORG: vars: move the "proc" scope variables out of the global struct
    - REORG: threads: move all_thread_mask() to thread.h
    - BUILD: wdt: include signal-t.h
    - BUILD: auth: include missing list.h
    - REORG: mworker: move proc_self from global to mworker
    - BUILD: ssl: ssl_utils requires chunk.h
    - BUILD: config: cfgparse-ssl.c needs tools.h
    - BUILD: wurfl: wurfl.c needs tools.h
    - BUILD: spoe: flt_spoe.c needs tools.h
    - BUILD: promex: service-prometheus.c needs tools.h
    - BUILD: resolvers: include tools.h
    - BUILD: config: include tools.h in cfgparse-listen.c
    - BUILD: htx: include tools.h in http_htx.c
    - BUILD: proxy: include tools.h in proxy.c
    - BUILD: session: include tools.h in session.c
    - BUILD: cache: include tools.h in cache.c
    - BUILD: sink: include tools.h in sink.c
    - BUILD: connection: include tools.h in connection.c
    - BUILD: server-state: include tools.h from server_state.c
    - BUILD: dns: include tools.h in dns.c
    - BUILD: payload: include tools.h in payload.c
    - BUILD: vars: include tools.h in vars.c
    - BUILD: compression: include tools.h in compression.c
    - BUILD: mworker: include tools.h from mworker.c
    - BUILD: queue: include tools.h from queue.c
    - BUILD: udp: include tools.h from proto_udp.c
    - BUILD: stick-table: include freq_ctr.h from stick_table.h
    - BUILD: server: include tools.h from server.c
    - BUILD: server: include missing proxy.h in server.c
    - BUILD: sink: include proxy.h in sink.c
    - BUILD: mworker: include proxy.h in mworker.c
    - BUILD: filters: include proxy.h in filters.c
    - BUILD: fcgi-app: include proxy.h in fcgi-app.c
    - BUILD: connection: move list_mux_proto() to connection.c
    - REORG: stick-table: uninline stktable_alloc_data_type()
    - REORG: stick-table: move composite address functions to stick_table.h
    - REORG: config: uninline warnifnotcap() and failifnotcap()
    - BUILD: task: remove unused includes from task.c
    - MINOR: task: stop including stream.h from task.c
    - BUILD: connection: stop including listener-t.h
    - BUILD: hlua: include proxy.h from hlua.c
    - BUILD: mux-h1: include proxy.h from mux-h1.c
    - BUILD: mux-fcgi: include proxy.h from mux-fcgi.c
    - BUILD: listener: include proxy.h from listener.c
    - BUILD: http-rules: include proxy.h from http_rules.c
    - BUILD: thread: include log.h from thread.c
    - BUILD: comp: include proxy.h from flt_http_comp.c
    - BUILD: fd: include log.h from fd.c
    - BUILD: config: do not include proxy.h nor errors.h anymore in cfgparse.h
    - BUILD: makefile: reorder object files by build time
    - DOC: Fix a few grammar/spelling issues and casing of HAProxy
    - REGTESTS: run-regtests: match both "HAProxy" and "HA-Proxy" in the version
    - MINOR: version: report "HAProxy" not "HA-Proxy" in the version output
    - DOC: remove last occurrences of "HA-Proxy" syntax
    - DOC: peers: fix the protocol tag name in the doc
    - ADMIN: netsnmp: report "HAProxy" and not "Haproxy" in output descriptions
    - MEDIUM: mailers: use "HAProxy" nor "HAproxy" in the subject of messages
    - DOC: fix a few remainig cases of "Haproxy" and "HAproxy" in doc and comments
    - MINOR: tools/rnd: compute the result outside of the CAS loop
    - BUILD: http_fetch: address a few aliasing warnings with older compilers
    - BUILD: ssl: define HAVE_CRYPTO_memcmp() based on the library version
    - BUILD: errors: include stdarg in errors.h
    - REGTESTS: disable inter-thread idle connection sharing on sensitive tests
    - MINOR: cli: make "help" support a command in argument
    - MINOR: cli: sort the output of the "help" keywords
    - CLEANUP: cli/mworker: properly align the help messages
    - BUILD: memprof: make the old caller pointer a const in get_prof_bin()
    - BUILD: compat: include malloc_np.h for USE_MEMORY_PROFILING on FreeBSD
    - CI: Github Actions: enable USE_QUIC=1 for BoringSSL builds
    - BUG/MEDIUM: quic: fix null deref on error path in qc_conn_init()
    - BUILD: cli: appease a null-deref warning in cli_gen_usage_msg()

2021/05/01 : 2.4-dev18
    - DOC: Fix indentation for `path-strip-dot` normalizer
    - DOC: Fix RFC reference for the percent-to-uppercase normalizer
    - DOC: Add RFC references for the path-strip-dot(dot)? normalizers
    - MINOR: uri_normalizer: Add a `percent-decode-unreserved` normalizer
    - BUG/MINOR: mux-fcgi: Don't send normalized uri to FCGI application
    - REORG: htx: Inline htx functions to add HTX blocks in a message
    - CLEANUP: assorted typo fixes in the code and comments
    - DOC: general: fix white spaces for HTML converter
    - BUG/MINOR: ssl: ssl_sock_prepare_ssl_ctx does not return an error code
    - BUG/MINOR: cpuset: move include guard at the very beginning
    - BUG/MAJOR: fix build on musl with cpu_set_t support
    - BUG/MEDIUM: cpuset: fix build on MacOS
    - BUG/MINOR: htx: Preserve HTX flags when draining data from an HTX message
    - MEDIUM: htx: Refactor htx_xfer_blks() to not rely on hdrs_bytes field
    - CLEANUP: htx: Remove unsued hdrs_bytes field from the HTX start-line
    - BUG/MINOR: mux-h2: Don't encroach on the reserve when decoding headers
    - MEDIUM: http-ana: handle read error on server side if waiting for response
    - MINOR: htx: Limit length of headers name/value when a HTX message is dumped
    - BUG/MINOR: applet: Notify the other side if data were consumed by an applet
    - BUG/MINOR: hlua: Don't consume headers when starting an HTTP lua service
    - BUG/MEDIUM: mux-h2: Handle EOM flag when sending a DATA frame with zero-copy
    - CLEANUP: channel: No longer notify the producer in co_skip()/co_htx_skip()
    - DOC: general: fix example in set-timeout
    - CLEANUP: cfgparse: de-uglify early file error handling in readcfgfile()
    - MINOR: config: add a new "default-path" global directive
    - BUG/MEDIUM: peers: initialize resync timer to get an initial full resync
    - BUG/MEDIUM: peers: register last acked value as origin receiving a resync req
    - BUG/MEDIUM: peers: stop considering ack messages teaching a full resync
    - BUG/MEDIUM: peers: reset starting point if peers appears longly disconnected
    - BUG/MEDIUM: peers: reset commitupdate value in new conns
    - BUG/MEDIUM: peers: re-work updates lookup during the sync on the fly
    - BUG/MEDIUM: peers: reset tables stage flags stages on new conns
    - MINOR: peers: add informative flags about resync process for debugging
    - BUG/MEDIUM: time: fix updating of global_now upon clock drift
    - CLEANUP: freq_ctr: make arguments of freq_ctr_total() const
    - CLEANUP: hlua: rename hlua_appctx* appctx to luactx
    - MINOR: server: fix doc/trace on lb algo for dynamic server creation
    - REGTESTS: server: fix cli_add_server due to previous trace update
    - REGTESTS: add minimal CLI "add map" tests
    - DOC: management: move "set var" to the proper place
    - CLEANUP: map: slightly reorder the add map function
    - MINOR: map: get rid of map_add_key_value()
    - MINOR: map: show the current and next pattern version in "show map"
    - MINOR: map/acl: add the possibility to specify the version in "show map/acl"
    - MINOR: pattern: support purging arbitrary ranges of generations
    - MINOR: map/acl: add the possibility to specify the version in "clear map/acl"
    - MINOR: map/acl: add the "prepare map/acl" CLI command
    - MINOR: map/acl: add the "commit map/acl" CLI command
    - MINOR: map/acl: make "add map/acl" support an optional version number
    - CLEANUP: map/cli: properly align the map/acl help
    - BUILD: compiler: do not use already defined __read_mostly on dragonfly

2021/04/23 : 2.4-dev17
    - MINOIR: mux-pt/trace: Register a new trace source with its events
    - BUG/MINOR: mux-pt: Fix a possible UAF because of traces in mux_pt_io_cb
    - CI: travis: Drastically clean up .travis.yml
    - CLEANUP: pattern: make all pattern tables read-only
    - MINOR: trace: replace the trace() inline function with an equivalent macro
    - MINOR: initcall: uniformize the section names between MacOS and other unixes
    - CLEANUP: initcall: rename HA_SECTION to HA_INIT_SECTION
    - MINOR: compiler: add macros to declare section names
    - CLEANUP: initcall: rely on HA_SECTION_* instead of defining its own
    - MINOR: global: declare a read_mostly section
    - MINOR: fd: move a few read-mostly variables to their own section
    - MINOR: epoll: move epoll_fd to read_mostly
    - MINOR: kqueue: move kqueue_fd to read_mostly
    - MINOR: pool: move pool declarations to read_mostly
    - MINOR: threads: mark all_threads_mask as read_mostly
    - MINOR: server: move idle_conn_task to read_mostly
    - MINOR: protocol: move __protocol_by_family to read_mostly
    - MINOR: pattern: make the pat_lru_seed read_mostly
    - MINOR: trace: make trace sources read_mostly
    - MINOR: freq_ctr: add a generic function to report the total value
    - MEDIUM: freq_ctr: make read_freq_ctr_period() use freq_ctr_total()
    - MEDIUM: freq_ctr: reimplement freq_ctr_remain_period() from freq_ctr_total()
    - MINOR: freq_ctr: add the missing next_event_delay_period()
    - MINOR: freq_ctr: unify freq_ctr and freq_ctr_period into freq_ctr
    - MEDIUM: freq_ctr: replace the per-second counters with the generic ones
    - MINOR: freq_ctr: add cpu_relax in the rotation loop of update_freq_ctr_period()
    - MINOR: freq_ctr: simplify and improve the update function
    - CLEANUP: time: remove the now unused ms_left_scaled
    - MINOR: time: move the time initialization out of tv_update_date()
    - MINOR: time: remove useless variable copies in tv_update_date()
    - MINOR: time: change the global timeval and the the global tick at once
    - MEDIUM: time: make the clock offset global and no per-thread
    - MINOR: atomic: reimplement the relaxed version of x86 BTS/BTR
    - MINOR: trace: Add the checks as a possible trace source
    - MINOIR: checks/trace: Register a new trace source with its events
    - MINOR: hlua: Add function to release a lua function
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering a task
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering a converter
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering a fetch
    - BUG/MINOR: hlua: Fix memory leaks on error path when parsing a lua action
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering an action
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering a service
    - BUG/MINOR: hlua: Fix memory leaks on error path when registering a cli keyword
    - BUG/MINOR: cfgparse/proxy: Fix some leaks during proxy section parsing
    - BUG/MINOR: listener: Handle allocation error when allocating a new bind_conf
    - BUG/MINOR: cfgparse/proxy: Hande allocation errors during proxy section parsing
    - MINOR: cfgparse/proxy: Group alloc error handling during proxy section parsing
    - DOC: internals: update the SSL architecture schema
    - BUG/MEDIUM: sample: Fix adjusting size in field converter
    - MINOR: sample: add ub64dec and ub64enc converters
    - CLEANUP: sample: align samples list in sample.c
    - MINOR: ist: Add `istclear(struct ist*)`
    - CI: cirrus: install "pcre" package
    - MINOR: opentracing: correct calculation of the number of arguments in the args[]
    - MINOR: opentracing: transfer of context names without prefix
    - MINOR: sample: converter: Add mjson library.
    - MINOR: sample: converter: Add json_query converter
    - CI: travis-ci: enable weekly graviton2 builds
    - DOC: ssl: Certificate hot update only works on fronted certificates
    - DOC: ssl: Certificate hot update works on server certificates
    - BUG/MEDIUM: threads: Ignore current thread to end its harmless period
    - MINOR: threads: Only consider running threads to end a thread harmeless period
    - BUG/MINOR: checks: Set missing id to the dummy checks frontend
    - MINOR: logs: Add support of checks as session origin to format lf strings
    - BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections
    - MINOR: connection: Make bc_http_major compatible with tcp-checks
    - BUG/MINOR: ssl-samples: Fix ssl_bc_* samples when called from a health-check
    - BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded
    - MINOR: tcp_samples: Add samples to get src/dst info of the backend connection
    - MINOR: tcp_samples: Be able to call bc_src/bc_dst from the health-checks
    - BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function
    - BUG/MINOR: logs: Report the true number of retries if there was no connection
    - BUILD: makefile: Redirect stderr to /dev/null when probing options
    - MINOR: uri_normalizer: Add uri_normalizer module
    - MINOR: uri_normalizer: Add `enum uri_normalizer_err`
    - MINOR: uri_normalizer: Add `http-request normalize-uri`
    - MINOR: uri_normalizer: Add a `merge-slashes` normalizer to http-request normalize-uri
    - MINOR: uri_normalizer: Add a `dotdot` normalizer to http-request normalize-uri
    - MINOR: uri_normalizer: Add support for supressing leading `../` for dotdot normalizer
    - MINOR: uri_normalizer: Add a `sort-query` normalizer
    - MINOR: uri_normalizer: Add a `percent-upper` normalizer
    - MEDIUM: http_act: Rename uri-normalizers
    - DOC: Add introduction to http-request normalize-uri
    - DOC: Note that URI normalization is experimental
    - BUG/MINOR: pools: maintain consistent ->allocated count on alloc failures
    - BUG/MINOR: pools/buffers: make sure to always reserve the required buffers
    - MINOR: pools: drop the unused static history of artificially failed allocs
    - CLEANUP: pools: remove unused arguments to pool_evict_from_cache()
    - MEDIUM: pools: move the cache into the pool header
    - MINOR: pool: remove the size field from pool_cache_head
    - MINOR: pools: rename CONFIG_HAP_LOCAL_POOLS to CONFIG_HAP_POOLS
    - MINOR: pools: enable the fault injector in all allocation modes
    - MINOR: pools: make the basic pool_refill_alloc()/pool_free() update needed_avg
    - MEDIUM: pools: unify pool_refill_alloc() across all models
    - CLEANUP: pools: re-merge pool_refill_alloc() and __pool_refill_alloc()
    - MINOR: pools: call pool_alloc_nocache() out of the pool's lock
    - CLEANUP: pools: move the lock to the only __pool_get_first() that needs it
    - CLEANUP: pools: rename __pool_get_first() to pool_get_from_shared_cache()
    - CLEANUP: pools: rename pool_*_{from,to}_cache() to *_local_cache()
    - CLEANUP: pools: rename __pool_free() to pool_put_to_shared_cache()
    - MINOR: tools: add statistical_prng_range() to get a random number over a range
    - MINOR: pools: use cheaper randoms for fault injections
    - MINOR: pools: move the fault injector to __pool_alloc()
    - MINOR: pools: split the OS-based allocator in two
    - MINOR: pools: always use atomic ops to maintain counters
    - MINOR: pools: move pool_free_area() out of the lock in the locked version
    - MINOR: pools: factor the release code into pool_put_to_os()
    - MEDIUM: pools: make CONFIG_HAP_POOLS control both local and shared pools
    - MINOR: pools: create unified pool_{get_from,put_to}_cache()
    - MINOR: pools: evict excess objects using pool_evict_from_local_cache()
    - MEDIUM: pools: make pool_put_to_cache() always call pool_put_to_local_cache()
    - CLEANUP: pools: make the local cache allocator fall back to the shared cache
    - CLEANUP: pools: merge pool_{get_from,put_to}_local_caches with generic ones
    - CLEANUP: pools: uninline pool_put_to_cache()
    - CLEANUP: pools: declare dummy pool functions to remove some ifdefs
    - BUILD: pools: fix build with DEBUG_FAIL_ALLOC
    - BUG/MINOR: server: make srv_alloc_lb() allocate lb_nodes for consistent hash
    - CONTRIB: mod_defender: import the minimal number of includes
    - CONTRIB: mod_defender: make the code build with the embedded includes
    - CONTRIB: modsecurity: import the minimal number of includes
    - CONTRIB: modsecurity: make the code build with the embedded includes
    - CLEANUP: sample: Improve local variables in sample_conv_json_query
    - CLEANUP: sample: Explicitly handle all possible enum values from mjson
    - CLEANUP: sample: Use explicit return for successful `json_query`s
    - CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion
    - CONTRIB: move spoa_example out of the tree
    - BUG/MINOR: server: free srv.lb_nodes in free_server
    - BUG/MINOR: logs: free logsrv.conf.file on exit
    - BUG/MEDIUM: server: ensure thread-safety of server runtime creation
    - MINOR: server: add log on dynamic server creation
    - MINOR: server: implement delete server cli command
    - CONTRIB: move spoa_server out of the tree
    - CONTRIB: move modsecurity out of the tree
    - BUG/MINOR: server: fix potential null gcc error in delete server
    - BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
    - BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
    - BUG/MINOR: uri_normalizer: Use delim parameter when building the sorted query in uri_normalizer_query_sort
    - CLEANUP: uri_normalizer: Remove trailing whitespace
    - MINOR: uri_normalizer: Add a `strip-dot` normalizer
    - CONTRIB: move mod_defender out of the tree
    - CLEANUP: contrib: remove the last references to the now dead contrib/ directory
    - BUG/MEDIUM: config: fix cpu-map notation with both process and threads
    - MINOR: config: add a diag for invalid cpu-map statement
    - BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
    - BUG/MINOR: mworker: don't use oldpids[] anymore for reload
    - BUILD: makefile: fix the "make clean" target on strict bourne shells
    - IMPORT: slz: import slz into the tree
    - BUILD: compression: switch SLZ from out-of-tree to in-tree
    - CI: github: do not build libslz any more
    - CLEANUP: compression: remove calls to SLZ init functions
    - BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data
    - MINOR: cpuset: define a platform-independent cpuset type
    - MINOR: cfgparse: use hap_cpuset for parse_cpu_set
    - MEDIUM: config: use platform independent type hap_cpuset for cpu-map
    - MINOR: thread: implement the detection of forced cpu affinity
    - MINOR: cfgparse: support the comma separator on parse_cpu_set
    - MEDIUM: cfgparse: detect numa and set affinity if needed
    - MINOR: global: add option to disable numa detection
    - BUG/MINOR: haproxy: fix compilation on macOS
    - BUG/MINOR: cpuset: fix compilation on platform without cpu affinity
    - MINOR: time: avoid unneeded updates to now_offset
    - MINOR: time: avoid overwriting the same values of global_now
    - CLEANUP: time: use __tv_to_ms() in tv_update_date() instead of open-coding
    - MINOR: time: avoid u64 needlessly expensive computations for the 32-bit now_ms
    - BUG/MINOR: peers: remove useless table check if initial resync is finished
    - BUG/MEDIUM: peers: re-work connection to new process during reload.
    - BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
    - BUG/MEDIUM: config: fix missing initialization in numa_detect_topology()

2021/04/09 : 2.4-dev16
    - CLEANUP: dev/flags: remove useless test in the stdin number parser
    - MINOR: No longer rely on deprecated sample fetches for predefined ACLs
    - MINOR: acl: Add HTTP_2.0 predefined macro
    - BUG/MINOR: hlua: Detect end of request when reading data for an HTTP applet
    - BUG/MINOR: tools: fix parsing "us" unit for timers
    - MINOR: server/bind: add support of new prefixes for addresses.
    - MINOR: log: register config file and line number on log servers.
    - MEDIUM: log: support tcp or stream addresses on log lines.
    - BUG/MEDIUM: log: fix config parse error logging on stdout/stderr or any raw fd
    - CLEANUP: fd: remove FD_POLL_DATA and FD_POLL_STICKY
    - MEDIUM: fd: prepare FD_POLL_* to move to bits 8-15
    - MEDIUM: fd: merge fdtab[].ev and state for FD_EV_* and FD_POLL_* into state
    - MINOR: fd: move .linger_risk into fdtab[].state
    - MINOR: fd: move .cloned into fdtab[].state
    - MINOR: fd: move .initialized into fdtab[].state
    - MINOR: fd: move .et_possible into fdtab[].state
    - MINOR: fd: move .exported into fdtab[].state
    - MINOR: fd: implement an exclusive syscall bit to remove the ugly "log" lock
    - MINOR: cli/show-fd: slightly reorganize the FD status flags
    - MINOR: atomic/arm64: detect and use builtins for the double-word CAS
    - CLEANUP: atomic: add an explicit _FETCH variant for add/sub/and/or
    - CLEANUP: atomic: make all standard add/or/and/sub operations return void
    - CLEANUP: atomic: add a fetch-and-xxx variant for common operations
    - CLEANUP: atomic: add HA_ATOMIC_INC/DEC for unit increments
    - CLEANUP: atomic/tree-wide: replace single increments/decrements with inc/dec
    - CLEANUP: atomic: use the __atomic variant of BTS/BTR on modern compilers
    - MINOR: atomic: implement native BTS/BTR for x86
    - MINOR: ist: Add `istappend(struct ist, char)`
    - MINOR: ist: Add `istshift(struct ist*)`
    - MINOR: ist: Add `istsplit(struct ist*, char)`
    - BUG/MAJOR: fd: switch temp values to uint in fd_stop_both()
    - MINOR: opentracing: register config file and line number on log servers
    - MEDIUM: resolvers: add support of tcp address on nameserver line.
    - MINOR: ist: Rename istappend() to __istappend()
    - CLEANUP: htx: Make http_get_stline take a `const struct`
    - CLEANUP: ist: Remove unused `count` argument from `ist2str*`
    - CLEANUP: Remove useless malloc() casts

2021/04/02 : 2.4-dev15
    - BUG/MINOR: payload: Wait for more data if buffer is empty in payload/payload_lv
    - BUG/MINOR: stats: Apply proper styles in HTML status page.
    - BUG/MEDIUM: time: make sure to always initialize the global tick
    - BUG/MINOR: tcp: fix silent-drop workaround for IPv6
    - BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
    - CLEANUP: socket: replace SOL_IP/IPV6/TCP with IPPROTO_IP/IPV6/TCP
    - BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
    - BUG/MINOR: mux-h2: Don't emit log twice if an error occurred on the preface
    - MINOR: stream: Don't trigger errors on destructive HTTP upgrades
    - MINOR: frontend: Create HTTP txn for HTX streams
    - MINOR: stream: Be sure to set HTTP analysers when creating an HTX stream
    - BUG/MINOR: stream: Properly handle TCP>H1>H2 upgrades in http_wait_for_request
    - BUG/MINOR: config: Add warning for http-after-response rules in TCP mode
    - MINOR: muxes: Add a flag to notify a mux does not support any upgrade
    - MINOR: mux-h1: Don't perform implicit HTTP/2 upgrade if not supported by mux
    - MINOR: mux-pt: Don't perform implicit HTTP upgrade if not supported by mux
    - MEDIUM: mux-h1: Expose h1 in the list of supported mux protocols
    - MEDIUM: mux-pt: Expose passthrough in the list of supported mux protocols
    - MINOR: muxes: Show muxes flags when the mux list is displayed
    - DOC: config: Improve documentation about proto/check-proto keywords
    - MINOR: stream: Use stream type instead of proxy mode when appropriate
    - MINOR: filters/http-ana: Decide to filter HTTP headers in HTTP analysers
    - MINOR: http-ana: Simplify creation/destruction of HTTP transactions
    - MINOR: stream: Handle stream HTTP upgrade in a dedicated function
    - MEDIUM: Add tcp-request switch-mode action to perform HTTP upgrade
    - MINOR: config/proxy: Don't warn for HTTP rules in TCP if 'switch-mode http' set
    - MINOR: config/proxy: Warn if a TCP proxy without backend is upgradable to HTTP
    - DOC: config: Add documentation about TCP to HTTP upgrades
    - REGTESTS: Add script to tests TCP to HTTP upgrades
    - BUG/MINOR: payload/htx: Ingore L6 sample fetches for HTX streams/checks
    - MINOR: htx: Make internal.strm.is_htx an internal sample fetch
    - MINOR: action: Use a generic function to check validity of an action rule list
    - MINOR: payload/config: Warn if a L6 sample fetch is used from an HTTP proxy
    - MEDIUM: http-rules: Add wait-for-body action on request and response side
    - REGTESTS: Add script to tests the wait-for-body HTTP action
    - BUG/MINOR: http-fetch: Fix test on message state to capture the version
    - CLEANUP: vars: always pre-initialize smp in vars_parse_cli_get_var()
    - MINOR: global: define diagnostic mode of execution
    - MINOR: cfgparse: diag for multiple nbthread statements
    - MINOR: server: diag for 0 weight server
    - MINOR: diag: create cfgdiag module
    - MINOR: diag: diag if servers use the same cookie value
    - MINOR: config: diag if global section after non-global
    - TESTS: slightly reorganize the code in the tests/ directory
    - TESTS: move tests/*.cfg to tests/config
    - REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
    - REGTESTS: ssl: mark set_ssl_cert_bundle.vtc as broken
    - CONTRIB: halog: fix issue with array of type char
    - CONTRIB: tcploop: add a shutr command
    - CONTRIB: debug: add the show-fd-to-flags script
    - CONTRIB: debug: split poll from flags
    - CONTRIB: move some dev-specific tools to dev/
    - BUILD: makefile: always build the flags utility
    - DEV: flags: replace the unneeded makefile with a README
    - BUILD: makefile: integrate the hpack tools
    - CONTRIB: merge ip6range with iprange
    - CONTRIB: move some admin-related sub-projects to admin/
    - CONTRIB: move halog to admin/
    - ADMIN: halog: automatically enable USE_MEMCHR on the right glibc version
    - BUILD: makefile: build halog with the correct flags
    - BUILD: makefile: add a "USE_PROMEX" variable to ease building prometheus-exporter
    - CONTRIB: move prometheus-exporter to addons/promex
    - DOC: add a few words about USE_* and the addons directory
    - CONTRIB: move 51Degrees to addons/51degrees
    - CONTRIB: move src/da.c and contrib/deviceatlas to addons/deviceatlas
    - CONTRIB: move src/wurfl.c and contrib/wurfl to addons/wurfl
    - CONTRIB: move contrib/opentracing to addons/ot
    - BUG/MINOR: opentracing: initialization after establishing daemon mode
    - DOC: clarify that compression works for HTTP/2

2021/03/27 : 2.4-dev14
    - MEDIUM: quic: Fix build.
    - MEDIUM: quic: Fix build.
    - CI: codespell: whitelist "Dragan Dosen"
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: github actions: update LibreSSL to 3.2.5
    - REGTESTS: revert workaround for a crash with recent libressl on http-reuse sni
    - CLEANUP: mark defproxy as const on parse tune.fail-alloc
    - REGTESTS: remove unneeded experimental-mode in cli add server test
    - REGTESTS: wait for proper return of enable server in cli add server test
    - MINOR: compression: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: spoe: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: fcgi-app: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: cache: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: ssl: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: opentracing: use pool_alloc(), not pool_alloc_dirty()
    - MINOR: dynbuf: make b_alloc() always check if the buffer is allocated
    - CLEANUP: compression: do not test for buffer before calling b_alloc()
    - CLEANUP: l7-retries: do not test the buffer before calling b_alloc()
    - MINOR: channel: simplify the channel's buffer allocation
    - MEDIUM: dynbuf: remove last usages of b_alloc_margin()
    - CLEANUP: dynbuf: remove b_alloc_margin()
    - CLEANUP: dynbuf: remove the unused b_alloc_fast() function
    - CLEANUP: pools: remove the unused pool_get_first() function
    - MINOR: pools: make the pool allocator support a few flags
    - MINOR: pools: add pool_zalloc() to return a zeroed area
    - CLEANUP: connection: use pool_zalloc() in conn_alloc_hash_node()
    - CLEANUP: filters: use pool_zalloc() in flt_stream_add_filter()
    - CLEANUP: spoe: use pool_zalloc() instead of pool_alloc+memset
    - CLEANUP: frontend: use pool_zalloc() in frontend_accept()
    - CLEANUP: mailers: use pool_zalloc() in enqueue_one_email_alert()
    - CLEANUP: resolvers: use pool_zalloc() in resolv_link_resolution()
    - CLEANUP: ssl: use pool_zalloc() in ssl_init_keylog()
    - CLEANUP: tcpcheck: use pool_zalloc() instead of pool_alloc+memset
    - CLEANUP: quic: use pool_zalloc() instead of pool_alloc+memset
    - MINOR: time: also provide a global, monotonic global_now_ms timer
    - BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable
    - MINOR: tools: introduce new option PA_O_DEFAULT_DGRAM on str2sa_range.
    - BUILD: tools: fix build error with new PA_O_DEFAULT_DGRAM
    - BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"
    - CLEANUP: ssl: remove unused definitions
    - BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro
    - MINOR: lua: Slightly improve function dumping the lua traceback
    - BUG/MEDIUM: debug/lua: Use internal hlua function to dump the lua traceback
    - BUG/MEDIUM: lua: Always init the lua stack before referencing the context
    - MINOR: fd: make fd_clr_running() return the remaining running mask
    - MINOR: fd: remove the unneeded running bit from fd_insert()
    - BUG/MEDIUM: fd: do not wait on FD removal in fd_delete()
    - CLEANUP: fd: remove unused fd_set_running_excl()
    - CLEANUP: fd: slightly simplify up _fd_delete_orphan()
    - BUG/MEDIUM: fd: Take the fd_mig_lock when closing if no DWCAS is available.
    - BUG/MEDIUM: release lock on idle conn killing on reached pool high count
    - BUG/MEDIUM: thread: Fix a deadlock if an isolated thread is marked as harmless
    - MINOR: tools: make url2ipv4 return the exact number of bytes parsed
    - BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters
    - BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent
    - BUG/MINOR: ssl: Fix update of default certificate
    - BUG/MINOR: ssl: Prevent removal of crt-list line if the instance is a default one
    - BUILD: ssl: introduce fine guard for ssl random extraction functions
    - REORG: global: move initcall register code in a dedicated file
    - REORG: global: move free acl/action in their related source files
    - REORG: split proxy allocation functions
    - MINOR: proxy: implement a free_proxy function
    - MINOR: proxy: define cap PR_CAP_LUA
    - MINOR: lua: properly allocate the lua Socket proxy
    - MINOR: lua: properly allocate the lua Socket servers
    - MINOR: vars: make get_vars() allow the session to be null
    - MINOR: vars: make the var() sample fetch keyword depend on nothing
    - CLEANUP: sample: remove duplicate "stopping" sample fetch keyword
    - MINOR: sample: make smp_resolve_args() return an allocate error message
    - MINOR: sample: add a new SMP_SRC_CONST sample capability
    - MINOR: sample: mark the truly constant sample fetch keywords as such
    - MINOR: sample: add a new CFG_PARSER context for samples
    - MINOR: action: add a new ACT_F_CFG_PARSER origin designation
    - MEDIUM: vars: add support for a "set-var" global directive
    - REGTESTS: add a basic reg-test for some "set-var" commands
    - MINOR: sample: add a new CLI_PARSER context for samples
    - MINOR: action: add a new ACT_F_CLI_PARSER origin designation
    - MINOR: vars/cli: add a "get var" CLI command to retrieve global variables
    - MEDIUM: cli: add a new experimental "set var" command
    - MINOR: compat: add short aliases for a few very commonly used types
    - BUILD: ssl: use EVP_CIPH_GCM_MODE macro instead of HA_OPENSSL_VERSION
    - MEDIUM: backend: use a trylock to grab a connection on high FD counts as well

2021/03/19 : 2.4-dev13
    - BUG/MEDIUM: cli: fix "help" crashing since recent spelling fixes
    - BUG/MINOR: cfgparse: use the GLOBAL not LISTEN keywords list for spell checking
    - MINOR: tools: improve word fingerprinting by counting presence
    - MINOR: tools: do not sum squares of differences for word fingerprints
    - MINOR: cli: improve fuzzy matching to work on all remaining words at once
    - MINOR: cli: sort the suggestions by order of relevance
    - MINOR: cli: limit spelling suggestions to 5
    - MINOR: cfgparse/proxy: also support spelling fixes on options
    - BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames
    - MINOR: time: export the global_now variable
    - BUG/MINOR: freq_ctr/threads: make use of the last updated global time
    - MINOR: freq_ctr/threads: relax when failing to update a sliding window value
    - MINOR/BUG: mworker/cli: do not use the unix_bind prefix for the master CLI socket
    - MINOR: mworker/cli: alert the user if we enabled a master CLI but not the master-worker mode
    - MINOR: cli: implement experimental-mode
    - REORG: server: add a free server function
    - MINOR: cfgparse: always alloc idle conns task
    - REORG: server: move keywords in srv_kws
    - MINOR: server: remove fastinter from mistyped kw list
    - REORG: server: split parse_server
    - REORG: server: move alert traces in parse_server
    - REORG: server: rename internal functions from parse_server
    - REORG: server: attach servers in parse_server
    - REORG: server: use flags for parse_server
    - MINOR: server: prepare parsing for dynamic servers
    - MINOR: stats: export function to allocate extra proxy counters
    - MEDIUM: server: implement 'add server' cli command
    - REGTESTS: implement test for 'add server' cli
    - MINOR: server: enable standard options for dynamic servers
    - MINOR: server: support keyword proto in 'add server' cli
    - BUG/MINOR: protocol: add missing support of dgram unix socket.
    - CLEANUP: Fix a typo in fix_is_valid description
    - MINOR: raw_sock: Add a close method.
    - MEDIUM: connections: Introduce a new XPRT method, start().
    - MEDIUM: connections: Implement a start() method for xprt_handshake.
    - MEDIUM: connections: Implement a start() method in ssl_sock.
    - MINOR: muxes: garbage collect the reset() method.
    - CLEANUP: tcp-rules: Fix a typo in error messages about expect-netscaler-cip
    - MEDIUM: lua: Use a per-thread counter to track some non-reentrant parts of lua
    - BUG/MEDIUM: debug/lua: Don't dump the lua stack if not dumpable

2021/03/13 : 2.4-dev12
    - CLEANUP: connection: Use `VAR_ARRAY` in `struct tlv` definition
    - CLEANUP: connection: Remove useless test for NULL before calling `pool_free()`
    - CLEANUP: connection: Use istptr / istlen for proxy_unique_id
    - MINOR: connection: Use a `struct ist` to store proxy_authority
    - CLEANUP: connection: Consistently use `struct ist` to process all TLV types
    - BUILD: task: fix build at -O0 with threads disabled
    - BUILD: bug: refine HA_LINK_ERROR() to only be used on gcc and derivatives
    - CLEANUP: config: make the cfg_keyword parsers take a const for the defproxy
    - BUILD: connection: do not use VAR_ARRAY in struct tlv
    - BUG/MEDIUM: session: NULL dereference possible when accessing the listener
    - MINOR: build: force CC to set a return code when probing options
    - CLEANUP: stream: rename a few remaining occurrences of "stream *sess"
    - BUG/MEDIUM: resolvers: handle huge responses over tcp servers.
    - CLEANUP: config: also address the cfg_keyword API change in the compression code
    - BUG/MEDIUM: ssl: properly remove the TASK_HEAVY flag at end of handshake
    - BUG/MINOR: sample: Rename SenderComID/TargetComID to SenderCompID/TargetCompID
    - MINOR: task: give the scheduler a bit more flexibility in the runqueue size
    - OPTIM: task: automatically adjust the default runqueue-depth to the threads
    - BUG/MINOR: connection: Missing QUIC initialization
    - BUG/MEDIUM: stick-tables: fix ref counter in table entry using multiple http tracksc.
    - BUILD: atomic/arm64: force the register pairs to use in __ha_cas_dw()
    - BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached
    - BUG/MINOR: tcpcheck: Update .health threshold of agent inside an agent-check
    - BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters
    - BUG/MINOR: tcpcheck: Fix double free on error path when parsing tcp/http-check
    - BUG/MINOR: server-state: properly handle the case where the base is not set
    - BUG/MINOR: server-state: use the argument, not the global state
    - CLEANUP: tcp-rules: add missing actions in the tcp-request error message
    - CLEANUP: vars: make the error message clearer on missing arguments for set-var
    - CLEANUP: http-rules: remove the unexpected comma before the list of action keywords
    - CLEANUP: actions: the keyword must always be const from the rule
    - MINOR: tools: add simple word fingerprinting to find similar-looking words
    - MINOR: cfgparse: add cfg_find_best_match() to suggest an existing word
    - MINOR: cfgparse: suggest correct spelling for unknown words in proxy sections
    - MINOR: cfgparse: suggest correct spelling for unknown words in global section
    - MINOR: cfgparse/server: try to fix spelling mistakes on server lines
    - MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords
    - MINOR: actions: add a function to suggest an action ressembling a given word
    - MINOR: http-rules: suggest approaching action names on mismatch
    - MINOR: tcp-rules: suggest approaching action names on mismatch
    - BUG/MINOR: cfgparse/server: increment the extra keyword counter one at a time
    - Revert "BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record"
    - BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error
    - BUG/MINOR: resolvers: Reset server address on DNS error only on status change
    - BUG/MINOR: resolvers: Unlink DNS resolution to set RMAINT on SRV resolution
    - BUG/MEDIUM: resolvers: Don't set an address-less server as UP
    - BUG/MEDIUM: resolvers: Fix the loop looking for an existing ADD item
    - MINOR: resolvers: new function find_srvrq_answer_record()
    - BUG/MINOR; resolvers: Ignore DNS resolution for expired SRV item
    - BUG/MEDIUM: resolvers: Trigger a DNS resolution if an ADD item is obsolete
    - MINOR: resolvers: Use a function to remove answers attached to a resolution
    - MINOR: resolvers: Purge answer items when a SRV resolution triggers an error
    - MINOR: resolvers: Add function to change the srv status based on SRV resolution
    - MINOR: resolvers: Directly call srvrq_update_srv_state() when possible
    - BUG/MEDIUM: resolvers: Don't release resolution from a requester callbacks
    - BUG/MEDIUM: resolvers: Skip DNS resolution at startup if SRV resolution is set
    - MINOR: resolvers: Use milliseconds for cached items in resolver responses
    - MINOR: resolvers: Don't try to match immediatly renewed ADD items
    - CLEANUP: resolvers: Use ha_free() in srvrq_resolution_error_cb()
    - CLEANUP: resolvers: Perform unsafe loop on requester list when possible
    - BUG/MINOR: cli: make sure "help", "prompt", "quit" are enabled at master level
    - CLEANUP: cli: fix misleading comment and better indent the access level flags
    - MINOR: cli: set the ACCESS_MASTER* bits on the master bind_conf
    - MINOR: cli: test the appctx level for master access instead of comparing pointers
    - MINOR: cli: print the error message in the parser function itself
    - MINOR: cli: filter the list of commands to the matching part
    - MEDIUM: cli: apply spelling fixes for known commands before listing them
    - MINOR: tools: add the ability to update a word fingerprint
    - MINOR: cli: apply the fuzzy matching on the whole command instead of words
    - CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS
    - CLEANUP: cli: rename the last few "stats_" to "cli_"
    - CLEANUP: task: make sure tasklet handlers always indicate their statuses
    - CLEANUP: assorted typo fixes in the code and comments

2021/03/05 : 2.4-dev11
    - CI: codespell: skip Makefile for spell check
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule
    - BUG/MINOR: connection: Use the client's dst family for adressless servers
    - BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1
    - CLEANUP: Use ist2(const void*, size_t) whenever possible
    - CLEANUP: Use IST_NULL whenever possible
    - BUILD: proxy: Missing header inclusion for quic_transport_params_init()
    - BUILD: quic: Implicit conversion between SSL related enums.
    - DOC: spoe: Add a note about fragmentation support in HAProxy
    - MINOR: contrib: add support for heartbeat control messages.
    - MINOR: contrib: Enhance peers dissector heuristic.
    - BUG/MINOR: mux-h2: Fix typo in scheme adjustment
    - CLEANUP: Reapply the ist2() replacement patch
    - CLEANUP: Use istadv(const struct ist, const size_t) whenever possible
    - CLEANUP: Use isttest(const struct ist) whenever possible
    - Revert "CI: Pin VTest to a known good commit"
    - CLEANUP: backend: fix a wrong comment
    - BUG/MINOR: backend: free allocated bind_addr if reuse conn
    - MINOR: backend: handle reuse for conns with no server as target
    - REGTESTS: test http-reuse if no server target
    - BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring()
    - BUG/MINOR: server-state: Don't load server-state file for disabled backends
    - CLEANUP: dns: Use DISGUISE() on a never-failing ring_attach() call
    - CLEANUP: dns: Remove useless test on ns->dgram in dns_connect_nameserver()
    - DOC: fix originalto except clause on destination address
    - CLEANUP: Use the ist() macro whenever possible
    - CLEANUP: Replace for loop with only a condition by while
    - REORG: atomic: reimplement pl_cpu_relax() from atomic-ops.h
    - BUG/MINOR: mt-list: always perform a cpu_relax call on failure
    - MINOR: atomic: add armv8.1-a atomics variant for cas-dw
    - MINOR: atomic: implement a more efficient arm64 __ha_cas_dw() using pairs
    - BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode
    - MEDIUM: pools: add CONFIG_HAP_NO_GLOBAL_POOLS and CONFIG_HAP_GLOBAL_POOLS
    - MINOR: pools: double the local pool cache size to 1 MB
    - MINOR: stream: use ABORT_NOW() and not abort() in stream_dump_and_crash()
    - CLEANUP: stream: explain why we queue the stream at the head of the server list
    - MEDIUM: backend: use a trylock when trying to grab an idle connection
    - REORG: tools: promote the debug PRNG to more general use as a statistical one
    - OPTIM: lb-random: use a cheaper PRNG to pick a server
    - MINOR: task: stop abusing the nice field to detect a tasklet
    - MINOR: task: move the nice field to the struct task only
    - MEDIUM: task: extend the state field to 32 bits
    - MINOR: task: add an application specific flag to the state: TASK_F_USR1
    - MEDIUM: muxes: mark idle conns tasklets with TASK_F_USR1
    - MINOR: xprt: add new xprt_set_idle and xprt_set_used methods
    - MEDIUM: ssl: implement xprt_set_used and xprt_set_idle to relax context checks
    - MINOR: server: don't read curr_used_conns multiple times
    - CLEANUP: global: reorder some fields to respect cache lines
    - CLEANUP: sockpair: silence a coverity check about fcntl()
    - CLEANUP: lua: set a dummy file name and line number on the dummy servers
    - MINOR: server: add a global list of all known servers
    - MINOR: cfgparse: finish to set up servers outside of the proxy setup loop
    - MINOR: server: allocate a per-thread struct for the per-thread connections stuff
    - MINOR: server: move actconns to the per-thread structure
    - CLEANUP: server: reorder some fields in the server struct to respect cache lines
    - MINOR: backend: add a BUG_ON if conn mux NULL in connect_server
    - BUG/MINOR: backend: fix condition for reuse on mode HTTP
    - BUILD: Fix build when using clang without optimizing.
    - CLEANUP: assorted typo fixes in the code and comments

2021/02/26 : 2.4-dev10
    - BUILD: SSL: introduce fine guard for RAND_keep_random_devices_open
    - MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes
    - BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert"
    - BUG/MINOR: sample: secure convs that accept base64 string and var name as args
    - BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe
    - CLEANUP: vars: make smp_fetch_var() to reuse vars_get_by_desc()
    - DOC: muxes: add a diagram of the exchanges between muxes and outer world
    - BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop
    - BUG/MEDIUM: cli/shutdown sessions: make it thread-safe
    - BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal
    - MINOR: stream: add an "epoch" to figure which streams appeared when
    - MINOR: cli/streams: make "show sess" dump all streams till the new epoch
    - MINOR: streams: use one list per stream instead of a global one
    - MEDIUM: streams: do not use the streams lock anymore
    - BUILD: dns: avoid a build warning when threads are disabled (dss unused)
    - MEDIUM: task: remove the tasks_run_queue counter and have one per thread
    - MINOR: tasks: do not maintain the rqueue_size counter anymore
    - CLEANUP: tasks: use a less confusing name for task_list_size
    - CLEANUP: task: move the tree root detection from __task_wakeup() to task_wakeup()
    - MINOR: task: limit the remote thread wakeup to the global runqueue only
    - MINOR: task: move the allocated tasks counter to the per-thread struct
    - CLEANUP: task: split the large tasklet_wakeup_on() function in two
    - BUG/MINOR: fd: properly wait for !running_mask in fd_set_running_excl()
    - BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned
    - BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record
    - BUG/MINOR: resolvers: new callback to properly handle SRV record errors
    - BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records
    - BUG/MEDIUM: resolvers: Reset address for unresolved servers
    - DOC: Update the module list in MAINTAINERS file
    - MINOR: htx: Add function to reserve the max possible size for an HTX DATA block
    - DOC: Update the HTX API documentation
    - DOC: Update the filters guide
    - BUG/MEDIUM: contrib/prometheus-exporter: fix segfault in listener name dump
    - MINOR: task: split the counts of local and global tasks picked
    - MINOR: task: do not use __task_unlink_rq() from process_runnable_tasks()
    - MINOR: task: don't decrement then increment the local run queue
    - CLEANUP: task: re-merge __task_unlink_rq() with task_unlink_rq()
    - MINOR: task: make grq_total atomic to move it outside of the grq_lock
    - MINOR: tasks: also compute the tasklet latency when DEBUG_TASK is set
    - MINOR: task: make tasklet wakeup latency measurements more accurate
    - MINOR: server: Be more strict on the server-state line parsing
    - MINOR: server: Only fill one array when parsing a server-state line
    - MEDIUM: server: Refactor apply_server_state() to make it more readable
    - CLEANUP: server: Rename state_line node to node instead of name_name
    - CLEANUP: server: Rename state_line structure into server_state_line
    - CLEANUP: server: Use a local eb-tree to store lines of the global server-state file
    - MINOR: server: Be more strict when reading the version of a server-state file
    - MEDIUM: server: Store parsed params of a server-state line in the tree
    - MINOR: server: Remove cached line from global server-state tree when found
    - MINOR: server: Move loading state of servers in a dedicated function
    - MEDIUM: server: Use a tree to store local server-state lines
    - MINOR: server: Parse and store server-state lines in a dedicated function
    - MEDIUM: server: Don't load server-state file if a line is corrupted
    - REORG: server: Export and rename some functions updating server info
    - REORG: server-state: Move functions to deal with server-state in its own file
    - MINOR: server-state: Don't load server-state file for serverless proxies
    - CLEANUP: muxes: Remove useless if condition in show_fd function
    - BUG/MINOR: stats: fix compare of no-maint url suffix
    - MINOR: task: limit the number of subsequent heavy tasks with flag TASK_HEAVY
    - MINOR: ssl: mark the SSL handshake tasklet as heavy
    - CLEANUP: server: rename srv_cleanup_{idle,toremove}_connections()
    - BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup()
    - MINOR: task: add one extra tasklet class: TL_HEAVY
    - MINOR: task: place the heavy elements in TL_HEAVY
    - MINOR: task: only limit TL_HEAVY tasks but not others
    - BUG/MINOR: http-ana: Only consider dst address to process originalto option
    - MINOR: tools: Add net_addr structure describing a network addess
    - MINOR: tools: Add function to compare an address to a network address
    - MEDIUM: http-ana: Add IPv6 support for forwardfor and orignialto options
    - CLEANUP: hlua: Use net_addr structure internally to parse and compare addresses
    - REGTESTS: Add script to test except param for fowardedfor/originalto options
    - DOC: scheduler: add a diagram showing the different queues and their usages
    - CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x)
    - CLEANUP: config: replace a few free() with ha_free()
    - CLEANUP: vars: always zero the pointers after a free()
    - CLEANUP: ssl: remove a useless "if" before freeing an error message
    - CLEANUP: ssl: make ssl_sock_free_srv_ctx() zero the pointers after free
    - CLEANUP: ssl: use realloc() instead of free()+malloc()

2021/02/20 : 2.4-dev9
    - BUG/MINOR: server: Remove RMAINT from admin state when loading server state
    - CLEANUP: check: fix get_check_status_info declaration
    - CLEANUP: contrib/prometheus-exporter: align for with srv status case
    - MEDIUM: stats: allow to select one field in `stats_fill_li_stats`
    - MINOR: stats: add helper to get status string
    - MEDIUM: contrib/prometheus-exporter: add listen stats
    - BUG/MINOR: dns: add test on result getting value from buffer into ring.
    - BUG/MINOR: dns: dns_connect_server must return -1 unsupported nameserver's type
    - BUG/MINOR: dns: missing test writing in output channel in session handler
    - BUG/MINOR: dns: fix ring attach control on dns_session_new
    - BUG/MEDIUM: dns: fix multiple double close on fd in dns.c
    - BUG/MAJOR: connection: prevent double free if conn selected for removal
    - BUG/MINOR: session: atomically increment the tracked sessions counter
    - REGTESTS: fix http_reuse_conn_hash proxy test
    - BUG/MINOR: backend: do not call smp_make_safe for sni conn hash
    - MINOR: connection: remove pointers for prehash in conn_hash_params
    - BUG/MINOR: checks: properly handle wrapping time in __health_adjust()
    - BUG/MEDIUM: checks: don't needlessly take the server lock in health_adjust()
    - DEBUG: thread: add 5 extra lock labels for statistics and debugging
    - OPTIM: server: switch the actconn list to an mt-list
    - Revert "MINOR: threads: change lock_t to an unsigned int"
    - MINOR: lb/api: let callers of take_conn/drop_conn tell if they have the lock
    - OPTIM: lb-first: do not take the server lock on take_conn/drop_conn
    - OPTIM: lb-leastconn: do not take the server lock on take_conn/drop_conn
    - OPTIM: lb-leastconn: do not unlink the server if it did not change
    - MINOR: tasks: add DEBUG_TASK to report caller info in a task
    - MINOR: tasks/debug: add some extra controls of use-after-free in DEBUG_TASK
    - BUG/MINOR: sample: Always consider zero size string samples as unsafe
    - MINOR: cli: add missing agent commands for set server
    - BUILD/MEDIUM: da Adding pcre2 support.
    - BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions
    - REGTESTS: reorder reuse conn proxy protocol test
    - DOC: explain the relation between pool-low-conn and tune.idle-pool.shared
    - MINOR: tasks: refine the default run queue depth
    - MINOR: listener: refine the default MAX_ACCEPT from 64 to 4
    - MINOR: mux_h2: do not try to remove front conn from idle trees
    - REGTESTS: workaround for a crash with recent libressl on http-reuse sni
    - BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ().
    - MINOR: connection: allocate dynamically hash node for backend conns
    - DOC: DeviceAtlas documentation typo fix.
    - BUG/MEDIUM: spoe: Resolve the sink if a SPOE logs in a ring buffer
    - BUG/MINOR: http-rules: Always replace the response status on a return action
    - BUG/MINOR: server: Init params before parsing a new server-state line
    - BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line
    - MEDIUM: server: Don't introduce a new server-state file version
    - DOC: contrib/prometheus-exporter: remove htx reference
    - REGTESTS: contrib/prometheus-exporter: test NaN values
    - REGTESTS: contrib/prometheus-exporter: test well known labels
    - CI: github actions: switch to stable LibreSSL release
    - BUG/MINOR: server: Fix test on number of fields allowed in a server-state line
    - MINOR: dynbuf: make the buffer wait queue per thread
    - MINOR: dynbuf: use regular lists instead of mt_lists for buffer_wait
    - MINOR: dynbuf: pass offer_buffers() the number of buffers instead of a threshold
    - MINOR: sched: have one runqueue ticks counter per thread

2021/02/13 : 2.4-dev8
    - BUILD: ssl: fix typo in HAVE_SSL_CTX_ADD_SERVER_CUSTOM_EXT macro
    - BUILD: ssl: guard SSL_CTX_add_server_custom_ext with special macro
    - BUG/MINOR: mux-h1: Don't emit extra CRLF for empty chunked messages
    - MINOR: contrib/prometheus-exporter: use stats desc when possible followup
    - MEDIUM: contrib/prometheus-exporter: export base stick table stats
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: check: fix some typo in comments
    - CLEANUP: tools: typo in `strl2irc` mention
    - BUILD: ssl: guard SSL_CTX_set_msg_callback with SSL_CTRL_SET_MSG_CALLBACK macro
    - MEDIUM: ssl: add a rwlock for SSL server session cache
    - BUG/MINOR: intops: fix mul32hi()'s off-by-one
    - BUG/MINOR: freq_ctr: fix a wrong delay calculation in next_event_delay()
    - MINOR: stick-tables/counters: add http_fail_cnt and http_fail_rate data types
    - MINOR: ssl: add SSL_SERVER_LOCK label in threads.h
    - BUG/MINOR: mux-h1: Don't increment HTTP error counter for 408/500/501 errors
    - BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors
    - BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state
    - BUG/MINOR: mux-h1: Fix data skipping for bodyless responses
    - BUG/MINOR: mux-h1: Don't blindly skip EOT block for non-chunked messages
    - BUG/MEDIUM: mux-h2: Add EOT block when EOM flag is set on an empty HTX message
    - MINOR: mux-h1: Be sure EOM flag is set when processing end of outgoing message
    - REGTESTS: Add a script to test payload skipping for bodyless HTTP responses
    - BUG/MINOR: server: re-align state file fields number
    - CLEANUP: muxes: Remove useless calls to b_realign_if_empty()
    - BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()
    - CLEANUP: remove unused variable assigned found by Coverity
    - CLEANUP: queue: Remove useless tests on p or pp in pendconn_process_next_strm()
    - BUG/MINOR: backend: hold correctly lock when killing idle conn
    - MEDIUM: connection: protect idle conn lists with locks
    - MEDIUM: connection: replace idle conn lists by eb trees
    - MINOR: backend: search conn in idle/safe trees after available
    - MINOR: backend: search conn in idle tree after safe on always reuse
    - MINOR: connection: prepare hash calcul for server conns
    - MINOR: connection: use the srv pointer for the srv conn hash
    - MINOR: backend: compare conn hash for session conn reuse
    - MINOR: connection: use sni as parameter for srv conn hash
    - MINOR: reg-tests: test http-reuse with sni
    - MINOR: backend: rewrite alloc of stream target address
    - MINOR: connection: use dst addr as parameter for srv conn hash
    - MINOR: reg-test: test http-reuse with specific dst addr
    - MINOR: backend: rewrite alloc of connection src address
    - MINOR: connection: use src addr as parameter for srv conn hash
    - MINOR: connection: use proxy protocol as parameter for srv conn hash
    - MINOR: reg-tests: test http-reuse with proxy protocol
    - MINOR: doc: update http reuse for new eligilible connections
    - BUG/MINOR: backend: fix compilation without ssl
    - REGTESTS: adjust http_reuse_conn_hash requirements
    - REGTESTS: deactivate a failed test on CI in http_reuse_conn_hash
    - REGTESTS: fix sni used in http_reuse_conn_hash for libressl 3.3.0
    - CI: cirrus: update FreeBSD image to 12.2
    - MEDIUM: cli: add check-addr command
    - MEDIUM: cli: add agent-port command
    - MEDIUM: server: add server-states version 2
    - MEDIUM: server: support {check,agent}_addr, agent_port in server state
    - MINOR: server: enhance error precision when applying server state
    - BUG/MINOR: server: Fix server-state-file-name directive
    - CLEANUP: deinit: release global and per-proxy server-state variables on deinit
    - BUG/MEDIUM: config: don't pick unset values from last defaults section
    - BUG/MINOR: stats: revert the change on ST_CONVDONE
    - BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines
    - BUG/MINOR: http-htx: defpx must be a const in proxy_dup_default_conf_errors()
    - BUG/MINOR: tcpheck: the source list must be a const in dup_tcpcheck_var()
    - BUILD: proxy: add missing compression-t.h to proxy-t.h
    - REORG: move init_default_instance() to proxy.c and pass it the defproxy pointer
    - REORG: proxy: centralize the proxy allocation code into alloc_new_proxy()
    - MEDIUM: proxy: only take defaults when a default proxy is passed.
    - MINOR: proxy: move the defproxy freeing code to proxy.c
    - MINOR: proxy: always properly reset the just freed default instance pointers
    - BUG/MINOR: extcheck: proxy_parse_extcheck() must take a const for the defproxy
    - BUG/MINOR: tcpcheck: proxy_parse_*check*() must take a const for the defproxy
    - BUG/MINOR: server: parse_server() must take a const for the defproxy
    - MINOR: cfgparse: move defproxy to cfgparse-listen as a static
    - MINOR: proxy: add a new capability PR_CAP_DEF
    - MINOR: cfgparse: check PR_CAP_DEF instead of comparing poiner against defproxy
    - MINOR: cfgparse: use a pointer to the current default proxy
    - MINOR: proxy: also store the name for a defaults section
    - MINOR: proxy: support storing defaults sections into their own tree
    - MEDIUM: proxy: store the default proxies in a tree by name
    - MEDIUM: cfgparse: allow a proxy to designate the defaults section to use
    - MINOR: http: add baseq sample fetch
    - CLEANUP: tcpcheck: Remove a useless test on port variable
    - BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL
    - CLEANUP: server: Remove useless "filepath" variable in apply_server_state()
    - MINOR: peers/cli: do not dump the peers dictionaries by default on "show peers"
    - MINOR: cfgparse: implement a simple if/elif/else/endif macro block handler
    - DOC: tune: explain the origin of block size for ssl.cachesize
    - MINOR: tcp: add support for defer-accept on FreeBSD.
    - MINOR: ring: adds new ring_init function.
    - CLEANUP: channel: fix comment in ci_putblk.
    - BUG/MINOR: dns: add missing sent counter and parent id to dns counters.
    - BUG/MINOR: resolvers: fix attribute packed struct for dns
    - MINOR: resolvers: renames some resolvers internal types and removes dns prefix
    - MINOR: resolvers: renames type dns_resolvers to resolvers.
    - MINOR: resolvers: renames some resolvers specific types to not use dns prefix
    - MINOR: resolvers: renames some dns prefixed types using resolv prefix.
    - MINOR: resolvers: renames resolvers DNS_RESP_* errcodes RSLV_RESP_*
    - MINOR: resolvers: renames resolvers DNS_UPD_* returncodes to RSLV_UPD_*
    - MINOR: resolvers: rework prototype suffixes to split resolving and dns.
    - MEDIUM: resolvers: move resolvers section parsing from cfgparse.c to dns.c
    - MINOR: resolvers: replace nameserver's resolver ref by generic parent pointer
    - MINOR: resolvers: rework dns stats prototype because specific to resolvers
    - MEDIUM: resolvers: split resolving and dns message exchange layers.
    - MEDIUM: resolvers/dns: split dns.c into dns.c and resolvers.c
    - MEDIUM: dns: adds code to support pipelined DNS requests over TCP.
    - MEDIUM: resolvers: add supports of TCP nameservers in resolvers.

2021/02/05 : 2.4-dev7
    - BUG/MINOR: stats: Continue to fill frontend stats on unimplemented metric
    - BUILD: ssl: guard Client Hello callbacks with HAVE_SSL_CLIENT_HELLO_CB macro instead of openssl version
    - BUG/MINOR: stats: Init the metric variable when frontend stats are filled
    - MINOR: contrib/prometheus-exporter: better output of Not-a-Number
    - CLEANUP: stats: improve field selection for frontend http fields
    - CLEANUP: assorted typo fixes in the code and comments
    - DOC: Improve documentation of the various hdr() fetches
    - MEDIUM: stats: allow to select one field in `stats_fill_be_stats`
    - MINOR: contrib/prometheus-exporter: use fill_be_stats for backend dump
    - MEDIUM: stats: allow to select one field in `stats_fill_sv_stats`
    - MINOR: contrib/prometheus-exporter: use fill_sv_stats for server dump
    - MINOR: abort() on my_unreachable() when DEBUG_USE_ABORT is set.
    - BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown
    - BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
    - MINOR: reg-tests: add http-reuse test
    - CLEANUP: srv: fix comment for pool-max-conn
    - CLEANUP: backend: remove an obsolete comment on conn_backend_get
    - REORG: backend: simplify conn_backend_get
    - MINOR: ssl: Server ssl context prepare function refactoring
    - MINOR: ssl: Certificate chain loading refactorization
    - MEDIUM: ssl: Load client certificates in a ckch for backend servers
    - MEDIUM: ssl: Enable backend certificate hot update
    - MINOR: ssl: Remove client_crt member of the server's ssl context
    - CLEANUP: ssl/cli: rework free in cli_io_handler_commit_cert()
    - CLEANUP: ssl: remove SSL_CTX function parameter
    - CLEANUP: ssl: make load_srv_{ckchs,cert} match their bind counterpart
    - BUILD: Include stdlib.h in compiler.h if DEBUG_USE_ABORT is set
    - CI: Fix DEBUG_STRICT definition for Coverity
    - BUG/MINOR: stats: Remove a break preventing ST_F_QCUR to be set for servers
    - BUG/MINOR: stats: Add a break after filling ST_F_MODE field for servers
    - CLEANUP: ssl: remove dead code in ckch_inst_new_load_srv_store()
    - BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file()
    - BUG/MEDIUM: session: only retrieve ready idle conn from session
    - BUG/MEDIUM: backend: never reuse a connection for tcp mode
    - REGTESTS: set_ssl_server_cert.vtc: remove the abort command
    - REGTESTS: set_ssl_server_cert.vtc: check the Sha1 Fingerprint
    - REGTESTS: set_ssl_server_cert.vtc: check the sha1 from the server
    - MEDIUM: stream-int: Take care of EOS if the SI wake callback function
    - MINOR: mux-h1: Try to wake up data layer first before calling its wake callback
    - MINOR: mux-h1: Wake up H1C after its creation if input buffer is not empty
    - MEDIUM: mux-h1: Add ST_READY state for the H1 connections
    - MINOR: stream: Add a function to validate TCP to H1 upgrades
    - MEDIUM: http-ana: Do nothing in wait-for-request analyzer if not htx
    - BUG/MEDIUM: stream: Don't immediatly ack the TCP to H1 upgrades
    - BUG/MAJOR: mux-h1: Properly handle TCP to H1 upgrades
    - MINOR: htx/http-ana: Save info about Upgrade option in the Connection header
    - MEDIUM: http-ana: Refuse invalid 101-switching-protocols responses
    - BUG/MINOR: h2/mux-h2: Reject 101 responses with a PROTOCOL_ERROR h2s error
    - MINOR: mux-h1/mux-fcgi: Don't set TUNNEL mode if payload length is unknown
    - MINOR: mux-h1: Split H1C_F_WAIT_OPPOSITE flag to separate input/output sides
    - MINOR: mux-h2: Add 2 flags to help to properly handle tunnel mode
    - MEDIUM: mux-h2: Block client data on server side waiting tunnel establishment
    - MEDIUM: mux-h2: Close streams when processing data for an aborted tunnel
    - MEDIUM: mux-h1: Properly handle tunnel establishments and aborts
    - BUG/MAJOR: mux-h1/mux-h2/htx: Fix HTTP tunnel management at the mux level
    - MINOR: htx: Rename HTX_FL_EOI flag into HTX_FL_EOM
    - REGTESTS: Don't run http_msg_full_on_eom script on the 2.4 anymore
    - MINOR: htx: Add a function to know if a block is the only one in a message
    - MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead
    - MINOR: mux-h1: Add a flag on H1 streams with a response known to be bodyless
    - MEDIUM: mux-h1: Don't emit any payload for bodyless responses
    - MINOR: mux-h1: Don't emit C-L and T-E headers for 204 and 1xx responses
    - MINOR: mux-h1: Don't add Connection close/keep-alive header for 1xx messages
    - MINOR: h2/mux-h2: Add flags to notify the response is known to have no body
    - MEDIUM: mux-h2: Don't emit DATA frame for bodyless responses
    - MEDIUM: http-ana: Deal with L7 retries in HTTP analysers
    - MINOR: h1: reject websocket handshake if missing key
    - MEDIUM: h1: generate WebSocket key on response if needed
    - MINOR: mux_h2: define H2_SF_EXT_CONNECT_SENT stream flag
    - MEDIUM: h2: parse Extended CONNECT reponse to htx
    - MEDIUM: mux_h2: generate Extended CONNECT from htx upgrade
    - MEDIUM: h1: add a WebSocket key on handshake if needed
    - MEDIUM: mux_h2: generate Extended CONNECT response
    - MEDIUM: h2: parse Extended CONNECT request to htx
    - MEDIUM: h2: send connect protocol h2 settings
    - MINOR: vtc: add test for h1/h2 protocol upgrade translation
    - MINOR: vtc: add websocket test
    - REGTESTS: Fix required versions for several scripts
    - REGTEST: Don't use the websocket to validate http-check
    - MINOR: mux-h1/trace: add traces at level ERROR for all kind of errors
    - MINOR: mux-fcgi/trace: add traces at level ERROR for all kind of errors
    - MINOR: h1: Raise the chunk size limit up to (2^52 - 1)
    - BUG/MEDIUM: listener: do not accept connections faster than we can process them
    - REGTESTS: set_ssl_server_cert.vtc: set as broken
    - Revert "BUG/MEDIUM: listener: do not accept connections faster than we can process them"
    - BUG/MINOR: backend: check available list allocation for reuse
    - CI: Fix the coverity builds
    - DOC: management: fix "show resolvers" alphabetical ordering
    - MINOR: tools: add print_time_short() to print a condensed duration value
    - MINOR: activity: make profiling more manageable
    - MINOR: activity: declare a new structure to collect per-function activity
    - MEDIUM: tasks/activity: collect per-task statistics when profiling is enabled
    - MINOR: activity: also report collected tasks stats in "show profiling"
    - MINOR: activity: flush scheduler stats on "set profiling tasks on"
    - MINOR: activity: add a new "show tasks" command to list currently active tasks
    - MINOR: listener: export accept_queue_process
    - MINOR: session: export session_expire_embryonic()
    - MINOR: muxes: export the timeout and shutr task handlers
    - MINOR: checks: export a few functions that appear often in trace dumps
    - MINOR: peers: export process_peer_sync() to improve traces
    - MINOR: stick-tables: export process_table_expire()
    - MINOR: mux-h1: Remove first useless test on count in h1_process_output()
    - BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
    - MINOR: http-fetch: Don't check if argument list is set in sample fetches
    - MINOR: http-conv: Don't check if argument list is set in sample converters
    - MINOR: sample: Don't check if argument list is set in sample fetches
    - MINOR: ssl-sample: Don't check if argument list is set in sample fetches
    - MINOR: mux-h2: Don't tests the start-line when sending HEADERS frame
    - MINOR: mux-h2: Slightly improve request HEADERS frames sending
    - MINOR: contrib/prometheus-exporter: declare states for objects
    - MAJOR: contrib/prometheus-exporter: move ftd/bkd/srv states to labels
    - MEDIUM: contrib/prometheus-exporter: Use dynamic labels instead of static ones
    - MINOR: listener: export manage_global_listener_queue()
    - BUG/MINOR: activity: take care of late wakeups in "show tasks"
    - REGTESTS: set_ssl_server_cert.vtc: remove SSL caching and set as working
    - REGTESTS: set_ssl_server_cert: cleanup the SSL caching option
    - MINOR: checks: Add function to get the result code corresponding to a status
    - MAJOR: contrib/prometheus-exporter: move health check status to labels
    - MINOR: contrib/prometheus-exporter: improve service status description field
    - MINOR: stats: improve pending connections description
    - MINOR: stats: improve max stats descriptions
    - MINOR: contrib/prometheus-exporter: use stats desc when possible
    - MINOR: contrib/prometheus-exporter: add uweight field
    - MINOR: contrib/prometheus-exporter: add recv logs_logs_total field
    - CLEANUP: contrib/prometheus-exporter: remove unused includes
    - CLEANUP: contrib/prometheus-exporter: align and reorder fields
    - CLEANUP: contrib/prometheus-exporter: remove description in README
    - DOC: contrib/prometheus-exporter: Add missing metrics in README
    - BUG/MINOR: contrib/prometheus-exporter: Add missing label for ST_F_HRSP_1XX
    - BUG/MINOR: contrib/prometheus-exporter: Restart labels dump at the right pos
    - BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
    - BUG/MEDIUM: ssl: check a connection's status before computing a handshake
    - BUG/MINOR: mux_h2: fix incorrect stat titles
    - MINOR: ssl/cli: flush the server session cache upon 'commit ssl cert'
    - BUG/MINOR: cli: fix set server addr/port coherency with health checks
    - MINOR: server: Don't set the check port during the update from a state file
    - MINOR: dns: Don't set the check port during a server dns resolution
    - MEDIUM: check: remove checkport checkaddr flag
    - MEDIUM: server: adding support for check_port in server state
    - BUG/MINOR: check: consitent way to set agentaddr
    - MEDIUM: check: align agentaddr and agentport behaviour
    - DOC: server: Add missing params in comment of the server state line parsing
    - BUG/MINOR: xxhash: make sure armv6 uses memcpy()
    - REGTESTS: mark http-check-send.vtc as 2.4-only
    - REGTESTS: mark sample_fetches/hashes.vtc as 2.4-only
    - BUG/MINOR: ssl: do not try to use early data if not configured
    - REGTESTS: unbreak http-check-send.vtc
    - MINOR: cli/show_fd: report local and report ports when known
    - BUILD: Makefile: move REGTESTST_TYPE default setting
    - BUG/MEDIUM: mux-h2: handle remaining read0 cases
    - CLEANUP: http-htx: Set buffer area to NULL instead of malloc(0)
    - BUG/MINOR: sock: Unclosed fd in case of connection allocation failure
    - BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED

2021/01/22 : 2.4-dev6
    - MINOR: converter: adding support for url_enc
    - BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES
    - BUILD: ssl: guard EVP_PKEY_get_default_digest_nid with ASN1_PKEY_CTRL_DEFAULT_MD_NID
    - BUILD: ssl: guard openssl specific with SSL_READ_EARLY_DATA_SUCCESS
    - BUILD: Makefile: exclude broken tests by default
    - CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error
    - BUG/MINOR: hlua: Fix memory leak in hlua_alloc
    - MINOR: contrib/prometheus-exporter: export build_info
    - DOC: fix some spelling issues over multiple files
    - CLEANUP: Fix spelling errors in comments
    - SCRIPTS: announce-release: fix typo in help message
    - CI: github: add a few more words to the codespell ignore list
    - DOC: Add maintainers for the Prometheus exporter
    - BUG/MINOR: sample: fix concat() converter's corruption with non-string variables
    - BUG/MINOR: server: Memory leak of proxy.used_server_addr during deinit
    - CLEANUP: sample: remove uneeded check in json validation
    - MINOR: reg-tests: add a way to add service dependency
    - BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
    - BUG/MINOR: reg-tests: fix service dependency script
    - MINOR: reg-tests: add base prometheus test
    - Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
    - BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
    - BUG/MINOR: check: Don't perform any check on servers defined in a frontend
    - BUG/MINOR: init: enforce strict-limits when using master-worker
    - MINOR: contrib/prometheus-exporter: avoid connection close header
    - MINOR: contrib/prometheus-exporter: use fill_info for process dump
    - BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
    - MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities
    - MINOR: server: Forbid server definitions in frontend sections
    - BUG/MINOR: threads: Fixes the number of possible cpus report for Mac.
    - CLEANUP: pattern: rename pat_ref_commit() to pat_ref_commit_elt()
    - MINOR: pattern: add the missing generation ID manipulation functions
    - MINOR: peers: Add traces for peer control messages.
    - BUG/MINOR: dns: SRV records ignores duplicated AR records (v2)
    - BUILD: peers: fix build warning about unused variable
    - BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition
    - MINOR: cache: Do not store responses with an unknown encoding
    - BUG/MINOR: peers: Possible appctx pointer dereference.
    - MINOR: build: discard echoing in help target
    - MINOR: cache: Remove the `hash` part of the accept-encoding secondary key
    - CLEANUP: cache: Use proper data types in secondary_key_cmp()
    - CLEANUP: Rename accept_encoding_hash_cmp to accept_encoding_bitmap_cmp
    - BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command.
    - MINOR: contrib: Make the wireshark peers dissector compile for more distribs.
    - BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper
    - CLEANUP: tools: make resolve_sym_name() take a const pointer
    - CLEANUP: cli: make "show fd" use a const connection to access other fields
    - MINOR: cli: make "show fd" also report the xprt and xprt_ctx
    - MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps.
    - MINOR: ssl: provide a "show fd" helper to report important SSL information
    - MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves them
    - MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber when known
    - MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber when known
    - MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm subscriber when known
    - CI: Pin VTest to a known good commit
    - MINOR: cli: give the show_fd helpers the ability to report a suspicious entry
    - MINOR: cli/show_fd: report some easily detectable suspicious states
    - MINOR: ssl/show_fd: report some FDs as suspicious when possible
    - MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls
    - MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls
    - BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
    - BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback context
    - BUG/MEDIUM: mux-h2: Xfer rxbuf to the upper layer when creating a front stream
    - MINOR: http: Add HTTP 501-not-implemented error message
    - MINOR: muxes: Add exit status for errors about not implemented features
    - MINOR: mux-h1: Be prepared to return 501-not-implemented error during parsing
    - MEDIUM: mux-h1: Return a 501-not-implemented for upgrade requests with a body
    - DOC: Remove space after comma in converter signature
    - DOC: Rename '<var name>' to '<var>' in converter signature
    - MINOR: stats: duplicate 3 fields in bytes in info
    - MINOR: stats: add new start time field
    - MINOR: contrib/prometheus-exporter: merge info description from stats
    - MEDIUM: stats: allow to select one field in `stats_fill_fe_stats`
    - MINOR: contrib/prometheus-exporter: use fill_fe_stats for frontend dump
    - MINOR: contrib/prometheus-exporter: Don't needlessly set empty label for metrics
    - MINOR: contrib/prometheus-exporter: Split the PROMEX_FL_STATS_METRIC flag
    - MINOR: contrib/prometheus-exporter: Add promex_metric struct defining a metric
    - MEDIUM: contrib/prometheus-exporter: Rework matrices defining Promex metrics
    - BUG/MINOR: stream: Don't update counters when TCP to H2 upgrades are performed
    - BUG/MEDIUM: mux-h2: fix read0 handling on partial frames
    - MINOR: debug: always export the my_backtrace function
    - MINOR: debug: extract the backtrace dumping code to its own function
    - MINOR: debug: create ha_backtrace_to_stderr() to dump an instant backtrace
    - MEDIUM: debug: now always print a backtrace on CRASH_NOW() and friends
    - MINOR: debug: let ha_dump_backtrace() dump a bit further for some callers
    - BUILD: debug: fix build warning by consuming the write() result
    - MINOR: lua: remove unused variable
    - BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX

2021/01/06 : 2.4-dev5
    - BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup
    - BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
    - MINOR: time: increase the minimum wakeup interval to 60s
    - MINOR: check: do not ignore a connection header for http-check send
    - REGTESTS: complete http-check test
    - CI: travis-ci: drop coverity scan builds
    - MINOR: atomic: don't use ; to separate instruction on aarch64.
    - IMPORT: xxhash: update to v0.8.0 that introduces stable XXH3 variant
    - MEDIUM: xxhash: use the XXH3 functions to generate 64-bit hashes
    - MEDIUM: xxhash: use the XXH_INLINE_ALL macro to inline all functions
    - CLEANUP: xxhash: remove the unused src/xxhash.c
    - MINOR: sample: add the xxh3 converter
    - REGTESTS: add tests for the xxh3 converter
    - MINOR: protocol: Create proto_quic QUIC protocol layer.
    - MINOR: connection: Attach a "quic_conn" struct to "connection" struct.
    - MINOR: quic: Redefine control layer callbacks which are QUIC specific.
    - MINOR: ssl_sock: Initialize BIO and SSL objects outside of ssl_sock_init()
    - MINOR: connection: Add a new xprt to connection.
    - MINOR: ssl: Export definitions required by QUIC.
    - MINOR: cfgparse: Do not modify the QUIC xprt when parsing "ssl".
    - MINOR: tools: Add support for QUIC addresses parsing.
    - MINOR: quic: Add definitions for QUIC protocol.
    - MINOR: quic: Import C source code files for QUIC protocol.
    - MINOR: listener: Add QUIC info to listeners and receivers.
    - MINOR: server: Add QUIC definitions to servers.
    - MINOR: ssl: SSL CTX initialization modifications for QUIC.
    - MINOR: ssl: QUIC transport parameters parsing.
    - MINOR: quic: QUIC socket management finalization.
    - MINOR: cfgparse: QUIC default server transport parameters init.
    - MINOR: quic: Enable the compilation of QUIC modules.
    - MAJOR: quic: Make usage of ebtrees to store QUIC ACK ranges.
    - MINOR: quic: Attempt to make trace more readable
    - MINOR: quic: Make usage of the congestion control window.
    - MINOR: quic: Flag RX packet as ack-eliciting from the generic parser.
    - MINOR: quic: Code reordering to help in reviewing/modifying.
    - MINOR: quic: Add traces to congestion avoidance NewReno callback.
    - MINOR: quic: Display the SSL alert in ->ssl_send_alert() callback.
    - MINOR: quic: Update the initial salt to that of draft-29.
    - MINOR: quic: Add traces for in flght ack-eliciting packet counter.
    - MINOR: quic: make a packet build fails when qc_build_frm() fails.
    - MINOR: quic: Add traces for quic_packet_encrypt().
    - MINOR: cache: Refactoring of secondary_key building functions
    - MINOR: cache: Avoid storing responses whose secondary key was not correctly calculated
    - BUG/MINOR: cache: Manage multiple headers in accept-encoding normalization
    - MINOR: cache: Add specific secondary key comparison mechanism
    - MINOR: http: Add helper functions to trim spaces and tabs
    - MEDIUM: cache: Manage a subset of encodings in accept-encoding normalizer
    - REGTESTS: cache: Simplify vary.vtc file
    - REGTESTS: cache: Add a specific test for the accept-encoding normalizer
    - MINOR: cache: Remove redundant test in http_action_req_cache_use
    - MINOR: cache: Replace the "process-vary" option's expected values
    - CI: GitHub Actions: enable daily Coverity scan
    - BUG/MEDIUM: cache: Fix hash collision in `accept-encoding` handling for `Vary`
    - MEDIUM: stick-tables: Add srvkey option to stick-table
    - REGTESTS: add test for stickiness using "srvkey addr"
    - BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11
    - BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails
    - BUG/MINOR: lua: Fix memory leak error cases in hlua_config_prepend_path
    - MINOR: lua: Use consistent error message 'memory allocation failed'
    - CLEANUP: Compare the return value of `XXXcmp()` functions with zero
    - CLEANUP: Apply the coccinelle patch for `XXXcmp()` on include/
    - CLEANUP: Apply the coccinelle patch for `XXXcmp()` on contrib/
    - MINOR: qpack: Add static header table definitions for QPACK.
    - CLEANUP: qpack: Wrong comment about the draft for QPACK static header table.
    - CLEANUP: quic: Remove useless QUIC event trace definitions.
    - BUG/MINOR: quic: Possible CRYPTO frame building errors.
    - MINOR: quic: Pass quic_conn struct to frame parsers.
    - BUG/MINOR: quic: Wrong STREAM frames parsing.
    - MINOR: quic: Drop packets with STREAM frames with wrong direction.
    - CLEANUP: ssl: Remove useless loop in tlskeys_list_get_next()
    - CLEANUP: ssl: Remove useless local variable in tlskeys_list_get_next()
    - MINOR: ssl: make tlskeys_list_get_next() take a list element
    - Revert "BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11"
    - BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails
    - CLEANUP: mworker: remove duplicate pointer tests in cfg_parse_program()
    - CLEANUP: Reduce scope of `header_name` in http_action_store_cache()
    - CLEANUP: Reduce scope of `hdr_age` in http_action_store_cache()
    - CLEANUP: spoe: fix typo on `var_check_arg` comment
    - BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule
    - CI: github actions: build several popular "contrib" tools
    - DOC: Improve the message printed when running `make` w/o `TARGET`
    - BUG/MEDIUM: server: srv_set_addr_desc() crashes when a server has no address
    - REGTESTS: add unresolvable servers to srvkey-addr
    - BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread local
    - BUG/MINOR: quic: NULL pointer dereferences when building post handshake frames.
    - SCRIPTS: improve announce-release to support different tag and versions
    - SCRIPTS: make announce release support preparing announces before tag exists
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: srv: do not init address if backend is disabled
    - BUG/MINOR: srv: do not cleanup idle conns if pool max is null
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: few extra typo and fixes over last one ("ot" -> "to")

2020/12/21 : 2.4-dev4
    - BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight
    - BUG/MEDIUM: mux-h1: Fix a deadlock when a 408 error is pending for a client
    - BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert"
    - BUG/MAJOR: cache: Crash because of disabled entry not removed from the tree
    - BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call
    - MEDIUM: cache: Add a secondary entry counter and insertion limitation
    - MEDIUM: cache: Avoid going over duplicates lists too often
    - MINOR: cache: Add a max-secondary-entries cache option
    - CI: cirrus: drop CentOS 6 builds
    - BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well
    - MINOR: vars: replace static functions with global ones
    - MINOR: opentracing: add ARGC_OT enum
    - CONTRIB: opentracing: add the OpenTracing filter
    - DOC: opentracing: add the OpenTracing filter section
    - REGTESTS: make use of HAPROXY_ARGS and pass -dM by default
    - BUG/MINOR: http: Establish a tunnel for all 2xx responses to a CONNECT
    - BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests
    - BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode
    - CLEANUP: mux-h2: Rename h2s_frt_make_resp_data() to be generic
    - CLEANUP: mux-h2: Rename h2c_frt_handle_data() to be generic
    - BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request
    - CLEANUP: debug: mark the RNG's seed as unsigned
    - CONTRIB: halog: fix build issue caused by %L printf format
    - CONTRIB: halog: mark the has_zero* functions unused
    - CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps
    - CONTRIB: debug: address "poll" utility build on non-linux platforms
    - BUILD: plock: remove dead code that causes a warning in gcc 11
    - BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call
    - BUG/MINOR: dns: SRV records ignores duplicated AR records
    - DOC: fix "smp_size" vs "sample_size" in "log" directive arguments
    - CLEANUP: assorted typo fixes in the code and comments
    - DOC: assorted typo fixes in the documentation
    - CI: codespell: whitelist "te" and "nd" words

2020/12/11 : 2.4-dev3
    - MINOR: log: Logging HTTP path only with %HPO
    - BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate
    - MINOR: traces: add a new level "error" below the "user" level
    - MINOR: mux-h2/trace: add traces at level ERROR for protocol errors
    - BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors
    - BUG/MINOR: lua: missing "\n" in error message
    - BUG/MINOR: lua: lua-load doesn't check its parameters
    - BUG/MINOR: lua: Post init register function are not executed beyond the first one
    - BUG/MINOR: lua: Some lua init operation are processed unsafe
    - MINOR: actions: Export actions lookup functions
    - MINOR: actions: add a function returning a service pointer from its name
    - MINOR: cli: add a function to look up a CLI service description
    - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times
    - MINOR: cache: Improve accept_encoding_normalizer
    - MINOR: cache: Add entry to the tree as soon as possible
    - BUG/MINOR: trace: Wrong displayed trace level
    - BUG/MAJOR: ring: tcp forward on ring can break the reader counter.
    - MINOR: lua: simplify hlua_alloc() to only rely on realloc()
    - MEDIUM: lua-thread: use atomics for memory accounting
    - MINOR: lua-thread: remove struct hlua from function hlua_prepend_path()
    - MEDIUM: lua-thread: make hlua_post_init() no longer use the runtime execution function
    - MINOR: lua-thread: hlua_ctx_renew() is never called with main gL lua state
    - MINOR: lua-thread: Use NULL context for main lua state
    - MINOR: lua-thread: Stop usage of struct hlua for the global lua state
    - MINOR: lua-thread: Replace embedded struct hlua_function by a pointer
    - MINOR: lua-thread: Split hlua_init() function in two parts
    - MINOR: lua-thread: make hlua_ctx_init() get L from its caller
    - MINOR: lua-thread: Split hlua_load function in two parts
    - MINOR: lua-thread: Split hlua_post_init() function in two parts
    - MINOR: lua-thread: Add the "thread" core variable
    - MEDIUM: lua-thread: No longer use locked context in initialization parts
    - MEDIUM: lua-thread: Apply lock only if the parent state is the main thread
    - MINOR: lua-thread: Replace global gL var with an array of states
    - MINOR: lua-thread: Replace "struct hlua_function" allocation by dedicated function
    - MINOR: lua-thread: Replace state_from by state_id
    - MINOR: lua-thread: Store each function reference and init reference in array
    - MEDIUM: lua-thread: Add the lua-load-per-thread directive
    - MINOR: lua-thread: Add verbosity in errors
    - REGTESTS: add a test for the threaded Lua code
    - BUILD/MINOR: haproxy DragonFlyBSD affinity build update.
    - DOC/MINOR: Fix formatting in Management Guide
    - MINOR: cache: Do not store stale entry
    - MINOR: cache: Add extra "cache-control" value checks
    - MEDIUM: cache: Remove cache entry in case of POST on the same resource
    - MINOR: cache: Consider invalid Age values as stale
    - BUG/MEDIUM: lua-thread: some parts must be initialized once
    - BUG/MINOR: lua-thread: close all states on deinit
    - BUG/MINOR: listener: use sockaddr_in6 for IPv6
    - BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections
    - MINOR: session: Add the idle duration field into the session
    - MINOR: mux-h1: Update session idle duration when data are received
    - MINOR: mux-h1: Reset session dates and durations info when the CS is detached
    - MINOR: logs: Use session idle duration when no stream is provided
    - MINOR: stream: Always get idle duration from the session
    - MINOR: stream: Don't retrieve anymore timing info from the mux csinfo
    - MINOR: mux-h1: Don't provide anymore timing info using cs_info structure
    - MINOR: muxes: Remove get_cs_info callback function now useless
    - MINOR: stream: Pass an optional input buffer when a stream is created
    - MINOR: mux-h1: Add a flag to disable reads to wait opposite side
    - MEDIUM: mux-h1: Use a h1c flag to block reads when splicing is in-progress
    - MINOR: mux-h1: Introduce H1C_F_IS_BACK flag on the H1 connection
    - MINOR: mux-h1: Separate parsing and formatting errors at H1 stream level
    - MINOR: mux-h1: Split front/back h1 stream creation in 2 functions
    - MINOR: mux-h1: Add a rxbuf into the H1 stream
    - MINOR: mux-h1: Don't set CS flags in internal parsing functions
    - MINOR: mux-h1: Add embryonic and attached states on the H1 connection
    - MINOR: mux-h1: rework the h1_timeout_task() function
    - MINOR: mux-h1: Reset more H1C flags when a H1 stream is destroyed
    - MINOR: mux-h1: Disable reads if an error was reported on the H1 stream
    - MINOR: mux-h1: Rework how shutdowns are handled
    - MINOR: mux-h1: Rework h1_refresh_timeout to be easier to read
    - MINOR: mux-h1: Process next request for IDLE connection only
    - MINOR: mux-h1: Add a idle expiration date on the H1 connection
    - MINOR: stick-tables: Add functions to update some values of a tracked counter
    - MINOR: session: Add functions to increase http values of tracked counters
    - MINOR: mux: Add a ctl parameter to get the exit status of the multiplexers
    - MINOR: logs: Get the multiplexer exist status when no stream is provided
    - MINOR: mux-h1: Add functions to send HTTP errors from the mux
    - MAJOR: mux-h1: Create the client stream as later as possible
    - DOC: config: Add notes about errors emitted by H1 mux
    - CLEANUP: mux-h1: Rename H1C_F_CS_* flags and reorder H1C flags
    - MINOR: http-ana: Remove useless update of t_idle duration of the stream
    - CLEANUP: htx: Remove HTX_FL_UPGRADE unsued flag
    - MEDIUM: http-ana: Don't process partial or empty request anymore
    - CLEANUP: http-ana: Remove TX_WAIT_NEXT_RQ unsued flag
    - CLEANUP: connection: Remove CS_FL_READ_PARTIAL flag
    - REGTESTS: Fix proxy_protocol_tlv_validation
    - MINOR: http-ana: Properly set message flags from the start-line flags
    - MINOR: h1-htx/http-ana: Set BODYLESS flag on message in TUNNEL state
    - MINOR: protocol: add a ->set_port() helper to address families
    - MINOR: listener: automatically set the port when creating listeners
    - MINOR: listener: now use a generic add_listener() function
    - MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1
    - BUG/MEDIUM: stream: Xfer the input buffer to a fully created stream
    - BUG/MINOR: stream: Don't use input buffer after the ownership xfer
    - MINOR: protocol: remove the redundant ->sock_domain field
    - MINOR: protocol: export protocol definitions
    - CLEANUP: protocol: group protocol struct members by usage
    - MINOR: protocol: add a set of ctrl_init/ctrl_close methods for setup/teardown
    - MINOR: connection: use the control layer's init/close
    - MINOR: udp: export udp_suspend_receiver() and udp_resume_receiver()
    - BUG/MAJOR: spoa/python: Fixing return None
    - DOC: spoa/python: Fixing typo in IP related error messages
    - DOC: spoa/python: Rephrasing memory related error messages
    - DOC: spoa/python: Fixing typos in comments
    - BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations
    - BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails
    - BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments
    - BUG/MEDIUM: spoa/python: Fixing references to None
    - DOC: email change of the DeviceAtlas maintainer
    - MINOR: cache: Dump secondary entries in "show cache"
    - CLEANUP: connection: use fd_stop_both() instead of conn_stop_polling()
    - MINOR: stream-int: don't touch polling anymore on shutdown
    - MINOR: connection: implement cs_drain_and_close()
    - MINOR: mux-pt: take care of CS_SHR_DRAIN in shutr()
    - MINOR: checks: use cs_drain_and_close() instead of draining the connection
    - MINOR: checks: don't call conn_cond_update_polling() anymore
    - CLEANUP: connection: open-code conn_cond_update_polling() and update the comment
    - CLEANUP: connection: remove the unused conn_{stop,cond_update}_polling()
    - BUG/MINOR: http-check: Use right condition to consider HTX message as full
    - BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read
    - MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules
    - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity
    - BUG/MINOR: tools: Reject size format not starting by a digit
    - MINOR: action: define enum for timeout type of the set-timeout rule
    - MINOR: stream: prepare the hot refresh of timeouts
    - MEDIUM: stream: support a dynamic server timeout
    - MEDIUM: stream: support a dynamic tunnel timeout
    - MEDIUM: http_act: define set-timeout server/tunnel action
    - MINOR: frontend: add client timeout sample fetch
    - MINOR: backend: add timeout sample fetches
    - MINOR: stream: add sample fetches
    - MINOR: stream: add timeout sample fetches
    - REGTESTS: add regtest for http-request set-timeout
    - CLEANUP: remove the unused fd_stop_send() in conn_xprt_shutw{,_hard}()
    - CLEANUP: connection: remove the unneeded fd_stop_{recv,send} on read0/shutw
    - MINOR: connection: remove sock-specific code from conn_sock_send()
    - REORG: connection: move the socket iocb (conn_fd_handler) to sock.c
    - MINOR: protocol: add a ->drain() function at the connection control layer
    - MINOR: connection: make conn_sock_drain() use the control layer's ->drain()
    - MINOR: protocol: add a pair of check_events/ignore_events functions at the ctrl layer
    - MEDIUM: connection: make use of the control layer check_events/ignore_events

2020/12/01 : 2.4-dev2
    - BUILD: Make DEBUG part of .build_opts
    - BUILD: Show the value of DEBUG= in haproxy -vv
    - CI: Set DEBUG=-DDEBUG_STRICT=1 in GitHub Actions
    - MINOR: stream: Add level 7 retries on http error 401, 403
    - CLEANUP: remove unused function "ssl_sock_is_ckch_valid"
    - BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open"
    - BUILD: SSL: do not "update" BoringSSL version equivalent anymore
    - BUG/MEDIUM: http_act: Restore init of log-format list
    - DOC: better describes how to configure a fallback crt
    - BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
    - MINOR: cache: Prepare helper functions for Vary support
    - MEDIUM: cache: Add the Vary header support
    - MINOR: cache: Add a process-vary option that can enable/disable Vary processing
    - BUG/CRITICAL: cache: Fix trivial crash by sending accept-encoding header
    - BUG/MAJOR: peers: fix partial message decoding
    - DOC: cache: Add new caching limitation information
    - DOC: cache: Add information about Vary support
    - DOC: better document the config file format and escaping/quoting rules
    - DOC: Clarify %HP description in log-format
    - CI: github actions: update LibreSSL to 3.3.0
    - CI: github actions: enable 51degrees feature
    - MINOR: fd/threads: silence a build warning with threads disabled
    - BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
    - MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
    - BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
    - MINOR: tcpcheck: Don't handle anymore in-progress connect rules in tcpcheck_main
    - MINOR: config: Deprecate and ignore tune.chksize global option
    - MINOR: config: Add a warning if tune.chksize is used
    - REORG: tcpcheck: Move check option parsing functions based on tcp-check
    - MINOR: check: Always increment check health counter on CONPASS
    - MINOR: tcpcheck: Add support of L7OKC on expect rules error-status argument
    - DOC: config: Make disable-on-404 option clearer on transition conditions
    - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
    - BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
    - MINOR: plock: use an ARMv8 instruction barrier for the pause instruction
    - MINOR: debug: add "debug dev sched" to stress the scheduler.
    - MINOR: debug: add a trivial PRNG for scheduler stress-tests
    - BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
    - MINOR: task: remove tasklet_insert_into_tasklet_list()
    - MINOR: task: perform atomic counter increments only once per wakeup
    - MINOR: task: remove __tasklet_remove_from_tasklet_list()
    - BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link
    - BUG/MEDIUM: local log format regression.

2020/11/21 : 2.4-dev1
    - MINOR: ist: Add istend() function to return a pointer to the end of the string
    - MINOR: sample: Add converters to parse FIX messages
    - REGTEST: converter: Add a regtest for fix converters
    - MINOR: sample: Add converts to parses MQTT messages
    - REGTEST: converter: Add a regtest for MQTT converters
    - MINOR: compat: automatically include malloc.h on glibc
    - MEDIUM: pools: call malloc_trim() from pool_gc()
    - MEDIUM: pattern: call malloc_trim() on pat_ref_reload()
    - MINOR: pattern: move the update revision to the pat_ref, not the expression
    - CLEANUP: pattern: delete the back refs at once during pat_ref_reload()
    - MINOR: pattern: new sflag PAT_SF_REGFREE indicates regex_free() is needed
    - MINOR: pattern: make the delete and prune functions more generic
    - MEDIUM: pattern: link all final elements from the reference
    - MEDIUM: pattern: change the pat_del_* functions to delete from the references
    - MINOR: pattern: remerge the list and tree deletion functions
    - MINOR: pattern: perform a single call to pat_delete_gen() under the expression
    - CLEANUP: acl: don't reference the generic pattern deletion function anymore
    - CLEANUP: pattern: remove pat_delete_fcts[] and pattern_head->delete()
    - MINOR: pattern: introduce pat_ref_delete_by_ptr() to delete a valid reference
    - MINOR: pattern: store a generation number in the reference patterns
    - MEDIUM: pattern: only match patterns that match the current generation
    - MINOR: pattern: add pat_ref_commit() to commit a previously inserted element
    - MINOR: pattern: implement pat_ref_load() to load a pattern at a given generation
    - MINOR: pattern: add pat_ref_purge_older() to purge old entries
    - MEDIUM: pattern: make pat_ref_prune() rely on pat_ref_purge_older()
    - MINOR: pattern: during reload, delete elements frem the ref, not the expression
    - MINOR: pattern: prepare removal of a pattern from the list head
    - MEDIUM: pattern: turn the pattern chaining to single-linked list
    - CLEANUP: cfgparse: remove duplicate registration for transparent build options
    - BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher
    - MINOR: http-htx: Add understandable errors for the errorfiles parsing
    - MINOR: ssl: instantiate stats module
    - MINOR: ssl: count client hello for stats
    - MINOR: ssl: add counters for ssl sessions
    - DOC: config: Fix a typo on ssl_c_chain_der
    - MINOR: server: remove idle lock in srv_cleanup_connections
    - BUILD: ssl: silence build warning on uninitialised counters
    - BUILD: http-htx: fix build warning regarding long type in printf
    - REGTEST: ssl: test wildcard and multi-type + exclusions
    - BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded
    - CI: Expand use of GitHub Actions for CI
    - REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
    - BUG/MINOR: pattern: a sample marked as const could be written
    - BUG/MINOR: lua: set buffer size during map lookups
    - MEDIUM: cache: Change caching conditions
    - BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
    - BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one
    - MINOR: peers: Add traces to peer_treat_updatemsg().
    - BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
    - BUG/MINOR: peers: Missing TX cache entries reset.
    - BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
    - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
    - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
    - BUG/MEDIUM: check: reuse srv proto only if using same mode
    - MINOR: check: report error on incompatible proto
    - MINOR: check: report error on incompatible connect proto
    - BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
    - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
    - MINOR: spoe: Don't close connection in sync mode on processing timeout
    - BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
    - MINOR: init: Fix the prototype for per-thread free callbacks
    - MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
    - CLEANUP: config: Return ERR_NONE from config callbacks instead of 0
    - MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
    - REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
    - REGTESTS: Add sample_fetches/cook.vtc
    - BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering
    - BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests
    - CLEANUP: flt-trace: Remove unused random-parsing option
    - MINOR: flt-trace: Add an option to inhibits trace messages
    - MINOR: flt-trace: Use a bitfield for the trace options
    - REGTESTS: Add a script to test the random forwarding with several filters
    - REGTESTS: mark the abns test as broken again
    - REGTESTS: converter: add url_dec test
    - CI: Stop hijacking the hosts file
    - CI: Make the h2spec workflow more consistent with the VTest workflow
    - CI: travis-ci: remove amd64, osx builds
    - CI: travis-ci: arm64 are not allowed to fail anymore
    - DOC: add missing 3.10 in the summary
    - MINOR: ssl: remove client hello counters
    - MEDIUM: stats: add counters for failed handshake
    - MINOR: ssl: create common ssl_ctx init
    - MEDIUM: cli/ssl: configure ssl on server at runtime
    - REGTEST: server/cli_set_ssl.vtc requires OpenSSL
    - DOC: coding-style: update a few rules about pointers
    - BUG/MINOR: ssl: segv on startup when AKID but no keyid
    - BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION
    - BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
    - BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
    - BUG/MEDIUM: ssl: error when no certificate are found
    - BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
    - BUG/MEDIUM: ssl/crt-list: fix error when no file found
    - CI: Github Actions: enable prometheus exporter
    - CI: Github Actions: remove LibreSSL-3.0.2 builds
    - CI: Github Actions: enable BoringSSL builds
    - CI: travis-ci: remove builds migrated to GH actions
    - BUILD: makefile: enable crypt(3) for OpenBSD
    - CI: Github Action: run "apt-get update" before packages restore
    - BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES
    - CI: Pass the github.event_name to matrix.py
    - CI: Clean up Windows CI
    - DOC: clarify how to create a fallback crt
    - CLEANUP: connection: do not use conn->owner when the session is known
    - BUG/MAJOR: connection: reset conn->owner when detaching from session list
    - REGTESTS: mark proxy_protocol_random_fail as broken
    - BUG/MINOR: http_htx: Fix searching headers by substring
    - MINOR: http_act: Add -m flag for del-header name matching method

2020/11/05 : 2.4-dev0
    - MINOR: version: it's development again.
    - DOC: mention in INSTALL that it's development again

2020/11/05 : 2.3.0
    - CLEANUP: pattern: remove unused entry "tree" in pattern.val
    - BUILD: ssl: use SSL_CTRL_GET_RAW_CIPHERLIST instead of OpenSSL versions
    - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies
    - BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies
    - BUG/MINOR: checks: Report a socket error before any connection attempt
    - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup
    - MINOR: server: Copy configuration file and line for server templates
    - BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade
    - BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions
    - MINOR: debug: don't count free(NULL) in memstats
    - BUG/MINOR: filters: Skip disabled proxies during startup only
    - MINOR: mux_h2: capitalize frame type in stats
    - MINOR: mux_h2: add stat for total count of connections/streams
    - MINOR: stats: do not display empty stat module title on html
    - BUG/MEDIUM: stick-table: limit the time spent purging old entries
    - BUG/MEDIUM: listener: only enable a listening listener if needed
    - BUG/MEDIUM: listener: never suspend inherited sockets
    - BUG/MEDIUM: listener: make the master also keep workers' inherited FDs
    - MINOR: fd: add fd_want_recv_safe()
    - MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers
    - REGTESTS: mark abns_socket as working now
    - CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream
    - MINOR: sock: add a check against cross worker<->master socket activities
    - CI: github actions: limit OpenSSL no-deprecated builds to "default,bug,devel" reg-tests
    - BUG/MEDIUM: server: make it possible to kill last idle connections
    - MINOR: mworker/cli: the master CLI use its own applet
    - MINOR: ssl: define SSL_CTX_set1_curves_list to itself on BoringSSL
    - BUILD: ssl: use feature macros for detecting ec curves manipulation support
    - DOC: Add dns as an available domain to show stat
    - BUILD: makefile: usual reorder of objects for faster builds
    - DOC: update INSTALL to mention that TCC is supported
    - DOC: mention in INSTALL that haproxy 2.3 is a stable version
    - MINOR: version: mention that it's stable now

2020/10/31 : 2.3-dev9
    - CLEANUP: http_ana: remove unused assignation of `att_beg`
    - BUG/MEDIUM: ssl: OCSP must work with BoringSSL
    - BUG/MINOR: log: fix memory leak on logsrv parse error
    - BUG/MINOR: log: fix risk of null deref on error path
    - BUILD: ssl: more elegant OpenSSL early data support check
    - CI: github actions: update h2spec to 2.6.0
    - BUG/MINOR: cache: Check the return value of http_replace_res_status
    - MINOR: cache: Store the "Last-Modified" date in the cache_entry
    - MINOR: cache: Process the If-Modified-Since header in conditional requests
    - MINOR: cache: Create res.cache_hit and res.cache_name sample fetches
    - MINOR: mux-h2: register a stats module
    - MINOR: mux-h2: add counters instance to h2c
    - MINOR: mux-h2: add stats for received frame types
    - MINOR: mux-h2: report detected error on stats
    - MINOR: mux-h2: count open connections/streams on stats
    - BUG/MINOR: server: fix srv downtime calcul on starting
    - BUG/MINOR: server: fix down_time report for stats
    - BUG/MINOR: lua: initialize sample before using it
    - MINOR: cache: Add Expires header value parsing
    - MINOR: ist: Add a case insensitive istmatch function
    - BUG/MINOR: cache: Manage multiple values in cache-control header value
    - BUG/MINOR: cache: Inverted variables in http_calc_maxage function
    - MINOR: pattern: make pat_ref_append() return the newly added element
    - MINOR: pattern: make pat_ref_add() rely on pat_ref_append()
    - MINOR: pattern: export pat_ref_push()
    - CLEANUP: pattern: use calloc() rather than malloc for structures
    - CLEANUP: pattern: fix spelling/grammatical/copy-paste in comments

2020/10/24 : 2.3-dev8
    - MINOR: backend: replace the lbprm lock with an rwlock
    - MINOR: lb/map: use seek lock and read locks where appropriate
    - MINOR: lb/leastconn: only take a read lock in fwlc_get_next_server()
    - MINOR: lb/first: use a read lock in fas_get_next_server()
    - MINOR: lb/chash: use a read lock in chash_get_server_hash()
    - BUG/MINOR: disable dynamic OCSP load with BoringSSL
    - BUILD: ssl: make BoringSSL use its own version numbers
    - CLEANUP: threads: don't register an initcall when not debugging
    - MINOR: threads: change lock_t to an unsigned int
    - CLEANUP: tree-wide: reorder a few structures to plug some holes around locks
    - CLEANUP: task: remove the unused and mishandled global_rqueue_size
    - BUG/MEDIUM: connection: Never cleanup server lists when freeing private conns
    - MEDIUM: config: report that "nbproc" is deprecated
    - BUG/MINOR: listener: close before free in `listener_accept`
    - MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension
    - BUG/MINOR: queue: properly report redistributed connections
    - CONTRIB: tcploop: remove unused local variables in tcp_pause()
    - BUILD: makefile: add entries to build common debugging tools
    - BUG/MEDIUM: server: support changing the slowstart value from state-file
    - MINOR: http: Add `enum etag_type http_get_etag_type(const struct ist)`
    - MINOR: http: Add etag comparison function
    - MEDIUM: cache: Store the ETag information in the cache_entry
    - MEDIUM: cache: Add support for 'If-None-Match' request header
    - REGTEST: cache: Add if-none-match test case
    - CLEANUP: compression: Make use of http_get_etag_type()
    - BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests
    - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible
    - MINOR: threads/debug: only report used lock stats
    - MINOR: threads/debug: only report lock stats for used operations
    - MINOR: proxy; replace the spinlock with an rwlock
    - MINOR: server: read-lock the cookie during srv_set_dyncookie()
    - MINOR: proxy/cli: only take a read lock in "show errors"
    - OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued
    - MINOR: queue: split __pendconn_unlink() in per-srv and per-prx
    - MINOR: queue: reduce the locked area in pendconn_add()
    - OPTIM: queue: make the nbpend counters atomic
    - OPTIM: queue: decrement the nbpend and totpend counters outside of the lock
    - MINOR: leastconn: take the queue length into account when queuing servers
    - MEDIUM: fwlc: re-enable per-server queuing up to maxqueue
    - Revert "OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued"
    - MINOR: stats: support the "up" output modifier for "show stat"
    - MINOR: stats: also support a "no-maint" show stat modifier
    - MINOR: stats: indicate the number of servers in a backend's status
    - MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt
    - REGTEST: ssl: test "set ssl cert" with separate key / crt
    - DOC: management: apply the "show stat" modifiers to "show stat", not "show info"
    - MINOR: stats: report server's user-configured weight next to effective weight
    - CI: travis-ci: switch to Ubuntu 20.04
    - CONTRIB: release-estimator: Add release estimating tool
    - BUG/MEDIUM: queue: fix unsafe proxy pointer when counting nbpend
    - BUG/MINOR: extcheck: add missing checks on extchk_setenv()

2020/10/17 : 2.3-dev7
    - CI: travis-ci: replace not defined SSL_LIB, SSL_INC for BotringSSL builds
    - BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited
    - BUG/MINOR: mux-h2: do not stop outgoing connections on stopping
    - MINOR: fd: report an error message when failing initial allocations
    - MINOR: proto-tcp: make use of connect(AF_UNSPEC) for the pause
    - MINOR: sock: add sock_accept_conn() to test a listening socket
    - MINOR: protocol: make proto_tcp & proto_uxst report listening sockets
    - MINOR: sockpair: implement the .rx_listening function
    - CLEANUP: tcp: make use of sock_accept_conn() where relevant
    - CLEANUP: unix: make use of sock_accept_conn() where relevant
    - BUG/MINOR: listener: detect and handle shared sockets stopped in other processes
    - CONTRIB: tcploop: implement a disconnect operation 'D'
    - CLEANUP: protocol: intitialize all of the sockaddr when disconnecting
    - BUG/MEDIUM: deinit: check fdtab before fdtab[fd].owner
    - BUG/MINOR: connection: fix loop iter on connection takeover
    - BUG/MEDIUM: connection: fix srv idle count on conn takeover
    - MINOR: connection: improve list api usage
    - MINOR: mux/connection: add a new mux flag for HOL risk
    - MINOR: connection: don't check priv flag on free
    - MEDIUM: backend: add new conn to session if mux marked as HOL blocking
    - MEDIUM: backend: add reused conn to sess if mux marked as HOL blocking
    - MEDIUM: h2: remove conn from session on detach
    - MEDIUM: fcgi: remove conn from session on detach
    - DOC: Describe reuse safe for HOL handling
    - MEDIUM: proxy: remove obsolete "mode health"
    - MEDIUM: proxy: remove obsolete "monitor-net"
    - CLEANUP: protocol: remove the ->drain() function
    - CLEANUP: fd: finally get rid of fd_done_recv()
    - MINOR: connection: make sockaddr_alloc() take the address to be copied
    - MEDIUM: listener: allocate the connection before queuing a new connection
    - MINOR: session: simplify error path in session_accept_fd()
    - MINOR: connection: add new error codes for accept_conn()
    - MINOR: sock: rename sock_accept_conn() to sock_accepting_conn()
    - MINOR: protocol: add a new function accept_conn()
    - MINOR: sock: implement sock_accept_conn() to accept a connection
    - MINOR: sockpair: implement sockpair_accept_conn() to accept a connection
    - MEDIUM: listener: use protocol->accept_conn() to accept a connection
    - MEDIUM: listener: remove the second pass of fd manipulation at the end
    - MINOR: protocol: add a default I/O callback and put it into the receiver
    - MINOR: log: set the UDP receiver's I/O handler in the receiver
    - MINOR: protocol: register the receiver's I/O handler and not the protocol's
    - CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind()
    - DOC: improve the documentation for "option nolinger"
    - BUG/MEDIUM: proxy: properly stop backends
    - BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once
    - MINOR: threads: augment rwlock debugging stats to report seek lock stats
    - MINOR: threads: add the transitions to/from the seek state
    - MEDIUM: task: use an upgradable seek lock when scanning the wait queue
    - BUILD: listener: avoir a build warning when threads are disabled
    - BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions.
    - MINOR: ssl: add volatile flags to ssl samples
    - MEDIUM: backend: reuse connection if using a static sni
    - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided
    - BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages
    - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn
    - DOC: fix typo in MAX_SESS_STKCTR

2020/10/10 : 2.3-dev6
    - REGTESTS: use "command" instead of "which" for better POSIX compatibility
    - BUILD: makefile: Update feature flags for OpenBSD
    - DOC: agent-check: fix typo in "fail" word expected reply
    - DOC: crt: advise to move away from cert bundle
    - BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line()
    - REGTEST: fix host part in balance-uri-path-only.vtc
    - REGTEST: make ssl_client_samples and ssl_server_samples requiret to 2.3
    - REGTEST: the iif converter test requires 2.3
    - REGTEST: make agent-check.vtc require 1.8
    - REGTEST: make abns_socket.vtc require 1.8
    - REGTEST: make map_regm_with_backref require 1.7
    - BUILD: makefile: Update feature flags for FreeBSD
    - OPTIM: backend/random: never queue on the server, always on the backend
    - OPTIM: backend: skip LB when we know the backend is full
    - BUILD: makefile: Fix building with closefrom() support enabled
    - BUILD: makefile: add an EXTRAVERSION variable to ease local naming
    - MINOR: tools: support for word expansion of environment in parse_line
    - BUILD: tools: fix minor build issue on isspace()
    - BUILD: makefile: Enable closefrom() support on Solaris
    - CLEANUP: ssl: Use structured format for error line report during crt-list parsing
    - MINOR: ssl: Add error if a crt-list might be truncated
    - MINOR: ssl: remove uneeded check in crtlist_parse_file
    - BUG/MINOR: Fix several leaks of 'log_tag' in init().
    - DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules
    - MEDIUM: tcp-rules: Warn if a track-sc* content rule doesn't depend on content
    - BUG/MINOR: tcpcheck: Set socks4 and send-proxy flags before the connect call
    - DOC: ssl: new "cert bundle" behavior
    - BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe
    - CLEANUP: ssl: "bundle" is not an OpenSSL wording
    - MINOR: counters: fix a typo in comment
    - BUG/MINOR: stats: fix validity of the json schema
    - REORG: stats: export some functions
    - MINOR: stats: add stats size as a parameter for csv/json dump
    - MINOR: stats: hide px/sv/li fields in applet struct
    - REORG: stats: extract proxy json dump
    - REORG: stats: extract proxies dump loop in a function
    - MINOR: hlua: Display debug messages on stderr only in debug mode
    - MINOR: stats: define the concept of domain for statistics
    - MINOR: stats: define additional flag px cap on domain
    - MEDIUM: stats: add delimiter for static proxy stats on csv
    - MEDIUM: stats: define an API to register stat modules
    - MEDIUM: stats: add abstract type to store counters
    - MEDIUM: stats: integrate static proxies stats in new stats
    - MINOR: stats: support clear counters for dynamic stats
    - MINOR: stats: display extra proxy stats on the html page
    - MINOR: stats: add config "stats show modules"
    - MINOR: dns/stats: integrate dns counters in stats
    - MINOR: stats: remove for loop declaration
    - DOC: ssl: fix typo about ocsp files
    - BUG/MINOR: peers: Inconsistency when dumping peer status codes.
    - DOC: update INSTALL with supported OpenBSD / FreeBSD versions
    - BUG/MINOR: proto_tcp: Report warning messages when listeners are bound
    - CLEANUP: cache: Fix leak of cconf->c.name during config check
    - CLEANUP: ssl: Release cached SSL sessions on deinit
    - BUG/MINOR: mux-h1: Be sure to only set CO_RFL_READ_ONCE for the first read
    - BUG/MINOR: mux-h1: Always set the session on frontend h1 stream
    - MINOR: mux-h1: Don't wakeup the H1C when output buffer become available
    - CLEANUP: sock-unix: Remove an unreachable goto clause
    - BUG/MINOR: proxy: inc req counter on new syslog messages.
    - BUG/MEDIUM: log: old processes with log foward section don't die on soft stop.
    - MINOR: stats: inc req counter on listeners.
    - MINOR: channel: new getword and getchar functions on channel.
    - MEDIUM: log: syslog TCP support on log forward section.
    - BUG/MINOR: proxy/log: frontend/backend and log forward names must differ
    - DOC: re-work log forward bind statement documentation.
    - DOC: fix a confusing typo on a regsub example
    - BUILD: Add a DragonFlyBSD target
    - BUG/MINOR: makefile: fix a tiny typo in the target list
    - BUILD: makefile: Update feature flags for NetBSD
    - CI: travis-ci: help Coverity to detect BUG_ON() as a real stop
    - DOC: Add missing stats fields in the management doc
    - BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams
    - BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams
    - DOC: Fix typos in configuration.txt
    - BUG/MINOR: http: Fix content-length of the default 500 error
    - BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses
    - REGTESTS: mark abns_socket as broken
    - MEDIUM: fd: always wake up one thread when enabling a foreing FD
    - MEDIUM: listeners: don't bounce listeners management between queues
    - MEDIUM: init: stop disabled proxies after initializing fdtab
    - MEDIUM: listeners: make unbind_listener() converge if needed
    - MEDIUM: deinit: close all receivers/listeners before scanning proxies
    - MEDIUM: listeners: remove the now unused ZOMBIE state
    - MINOR: listeners: do not uselessly try to close zombie listeners in soft_stop()
    - CLEANUP: proxy: remove the first_to_listen hack in zombify_proxy()
    - MINOR: listeners: introduce listener_set_state()
    - MINOR: proxy: maintain per-state counters of listeners
    - MEDIUM: proxy: remove the unused PR_STFULL state
    - MEDIUM: proxy: remove the PR_STERROR state
    - MEDIUM: proxy: remove state PR_STPAUSED
    - MINOR: startup: don't rely on PR_STNEW to check for listeners
    - CLEANUP: peers: don't use the PR_ST* states to mark enabled/disabled
    - MEDIUM: proxy: replace proxy->state with proxy->disabled
    - MEDIUM: proxy: remove start_proxies()
    - MEDIUM: proxy: merge zombify_proxy() with stop_proxy()
    - MINOR: listeners: check the current listener state in pause_listener()
    - MINOR: listeners: check the current listener earlier state in resume_listener()
    - MEDIUM: listener/proxy: make the listeners notify about proxy pause/resume
    - MINOR: protocol: introduce protocol_{pause,resume}_all()
    - MAJOR: signals: use protocol_pause_all() and protocol_resume_all()
    - CLEANUP: proxy: remove the now unused pause_proxies() and resume_proxies()
    - MEDIUM: proto_tcp: make the pause() more robust in multi-process
    - BUG/MEDIUM: listeners: correctly report pause() errors
    - MINOR: listeners: move fd_stop_recv() to the receiver's socket code
    - CLEANUP: protocol: remove the ->disable_all method
    - CLEANUP: listeners: remove unused disable_listener and disable_all_listeners
    - MINOR: listeners: export enable_listener()
    - MINOR: protocol: directly call enable_listener() from protocol_enable_all()
    - CLEANUP: protocol: remove the ->enable_all method
    - CLEANUP: listeners: remove the now unused enable_all_listeners()
    - MINOR: protocol: rename the ->listeners field to ->receivers
    - MINOR: protocol: replace ->pause(listener) with ->rx_suspend(receiver)
    - MINOR: protocol: implement an ->rx_resume() method
    - MINOR: listener: use the protocol's ->rx_resume() method when available
    - MINOR: sock: provide a set of generic enable/disable functions
    - MINOR: protocol: add a new pair of rx_enable/rx_disable methods
    - MINOR: protocol: add a new pair of enable/disable methods for listeners
    - MEDIUM: listeners: now use the listener's ->enable/disable
    - MINOR: listeners: split delete_listener() in two versions
    - MINOR: listeners: count unstoppable jobs on creation, not deletion
    - MINOR: listeners: add a new stop_listener() function
    - MEDIUM: proxy: make stop_proxy() now use stop_listener()
    - MEDIUM: proxy: add mode PR_MODE_PEERS to flag peers frontends
    - MEDIUM: proxy: centralize proxy status update and reporting
    - MINOR: protocol: add protocol_stop_now() to instant-stop listeners
    - MEDIUM: proxy: make soft_stop() stop most listeners using protocol_stop_now()
    - MEDIUM: udp: implement udp_suspend() and udp_resume()
    - MINOR: listener: add a few BUG_ON() statements to detect inconsistencies
    - MEDIUM: listeners: always close master vs worker listeners
    - BROKEN/MEDIUM: listeners: rework the unbind logic to make it idempotent
    - MEDIUM: listener: let do_unbind_listener() decide whether to close or not
    - CLEANUP: listeners: remove the do_close argument to unbind_listener()
    - MINOR: listeners: move the LI_O_MWORKER flag to the receiver
    - MEDIUM: receivers: add an rx_unbind() method in the protocols
    - MINOR: listeners: split do_unbind_listener() in two
    - MEDIUM: listeners: implement protocol level ->suspend/resume() calls
    - MEDIUM: config: mark "grace" as deprecated
    - MEDIUM: config: remove the deprecated and dangerous global "debug" directive
    - BUG/MINOR: proxy: respect the proper format string in sig_pause/sig_listen
    - MINOR: peers: heartbeat, collisions and handshake information for "show peers" command.
    - BUILD: makefile: Enable getaddrinfo() on OS/X

2020/09/25 : 2.3-dev5
    - DOC: Fix typo in iif() example
    - CLEANUP: Update .gitignore
    - BUILD: introduce possibility to define ABORT_NOW() conditionally
    - CI: travis-ci: help Coverity to recognize abort()
    - BUG/MINOR: Fix type passed of sizeof() for calloc()
    - CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc'
    - CLEANUP: tree-wide: use VAR_ARRAY instead of [0] in various definitions
    - BUILD: connection: fix build on clang after the VAR_ARRAY cleanup
    - BUG/MINOR: ssl: verifyhost is case sensitive
    - BUILD: makefile: change default value of CC from gcc to cc
    - CI: travis-ci: split asan step out of running tests
    - BUG/MINOR: server: report correct error message for invalid port on "socks4"
    - BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly.
    - BUG/MINOR: ssl/crt-list: crt-list could end without a \n
    - BUG/MINOR: log-forward: fail on unknown keywords
    - MEDIUM: log-forward: use "dgram-bind" instead of "bind" for the listener
    - BUG/MEDIUM: log-forward: always quit on parsing errors
    - MEDIUM: ssl: remove bundle support in crt-list and directories
    - MEDIUM: ssl/cli: remove support for multi certificates bundle
    - MINOR: ssl: crtlist_dup_ssl_conf() duplicates a ssl_bind_conf
    - MINOR: ssl: crtlist_entry_dup() duplicates a crtlist_entry
    - MEDIUM: ssl: emulates the multi-cert bundles in the crtlist
    - MEDIUM: ssl: emulate multi-cert bundles loading in standard loading
    - CLEANUP: ssl: remove test on "multi" variable in ckch functions
    - CLEANUP: ssl/cli: remove test on 'multi' variable in CLI functions
    - CLEANUP: ssl: remove utility functions for bundle
    - DOC: explain bundle emulation in configuration.txt
    - BUILD: fix build with openssl < 1.0.2 since bundle removal
    - BUG/MINOR: log: gracefully handle the "udp@" address format for log servers
    - BUG/MINOR: dns: gracefully handle the "udp@" address format for nameservers
    - MINOR: listener: create a new struct "settings" in bind_conf
    - MINOR: listener: move bind_proc and bind_thread to struct settings
    - MINOR: listener: move the interface to the struct settings
    - MINOR: listener: move the network namespace to the struct settings
    - REORG: listener: create a new struct receiver
    - REORG: listener: move the listening address to a struct receiver
    - REORG: listener: move the receiving FD to struct receiver
    - REORG: listener: move the listener's proto to the receiver
    - MINOR: listener: make sock_find_compatible_fd() check the socket type
    - REORG: listener: move the receiver part to a new file
    - MINOR: receiver: link the receiver to its settings
    - MINOR: receiver: link the receiver to its owner
    - MINOR: listener: prefer to retrieve the socket's settings via the receiver
    - MINOR: receiver: add a receiver-specific flag to indicate the socket is bound
    - MINOR: listener: move the INHERITED flag down to the receiver
    - MINOR: receiver: move the FOREIGN and V6ONLY options from listener to settings
    - MINOR: sock: make sock_find_compatible_fd() only take a receiver
    - MINOR: protocol: rename the ->bind field to ->listen
    - MINOR: protocol: add a new ->bind() entry to bind the receiver
    - MEDIUM: sock_inet: implement sock_inet_bind_receiver()
    - MEDIUM: tcp: make use of sock_inet_bind_receiver()
    - MEDIUM: udp: make use of sock_inet_bind_receiver()
    - MEDIUM: sock_unix: implement sock_unix_bind_receiver()
    - MEDIUM: uxst: make use of sock_unix_bind_receiver()
    - MEDIUM: sockpair: implement sockpair_bind_receiver()
    - MEDIUM: proto_sockpair: make use of sockpair_bind_receiver()
    - MEDIUM: protocol: explicitly start the receiver before the listener
    - MEDIUM: protocol: do not call proto->bind() anymore from bind_listener()
    - MINOR: protocol: add a new proto_fam structure for protocol families
    - MINOR: protocol: retrieve the family-specific fields from the family
    - CLEANUP: protocol: remove family-specific fields from struct protocol
    - MINOR: protocol: add a real family for existing FDs
    - CLEANUP: tools: make str2sa_range() less awful for fd@ and sockpair@
    - MINOR: tools: make str2sa_range() take more options than just resolve
    - MINOR: tools: add several PA_O_PORT_* flags in str2sa_range() callers
    - MEDIUM: tools: make str2sa_range() validate callers' port specifications
    - MEDIUM: config: remove all checks for missing/invalid ports/ranges
    - MINOR: tools: add several PA_O_* flags in str2sa_range() callers
    - MINOR: listener: remove the inherited arg to create_listener()
    - MINOR: tools: make str2sa_range() optionally return the fd
    - MINOR: log: detect LOG_TARGET_FD from the fd and not from the syntax
    - MEDIUM: tools: make str2sa_range() resolve pre-bound listeners
    - MINOR: config: do not test an inherited socket again
    - MEDIUM: tools: make str2sa_range() check for the sockpair's FD usability
    - MINOR: tools: start to distinguish stream and dgram in str2sa_range()
    - MEDIUM: tools: make str2sa_range() only report AF_CUST_UDP on listeners
    - MINOR: tools: remove the central test for "udp" in str2sa_range()
    - MINOR: cfgparse: add str2receiver() to parse dgram receivers
    - MINOR: log-forward: use str2receiver() to parse the dgram-bind address
    - MEDIUM: config: make str2listener() not accept datagram sockets anymore
    - MINOR: listener: pass the chosen protocol to create_listeners()
    - MINOR: tools: make str2sa_range() directly return the protocol
    - MEDIUM: tools: make str2sa_range() check that the protocol has ->connect()
    - MINOR: protocol: add the control layer type in the protocol struct
    - MEDIUM: protocol: store the socket and control type in the protocol array
    - MEDIUM: tools: make str2sa_range() use protocol_lookup()
    - MEDIUM: proto_udp: replace last AF_CUST_UDP* with AF_INET*
    - MINOR: tools: drop listener detection hack from str2sa_range()
    - BUILD: sock_unix: add missing errno.h
    - MINOR: sock_inet: report the errno string in binding errors
    - MINOR: sock_unix: report the errno string in binding errors
    - BUILD: sock_inet: include errno.h
    - MINOR: h2/trace: also display the remaining frame length in traces
    - BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK
    - BUG/MEDIUM: h2: report frame bits only for handled types
    - BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch
    - BUG/MINOR: Fix memory leaks cfg_parse_peers
    - BUG/MINOR: config: Fix memory leak on config parse listen
    - MINOR: backend: make the "whole" option of balance uri take only one bit
    - MINOR: backend: add a new "path-only" option to "balance uri"
    - REGTESTS: add a few load balancing tests
    - BUG/MEDIUM: listeners: do not pause foreign listeners
    - BUG/MINOR: listeners: properly close listener FDs
    - BUILD: trace: include tools.h

2020/09/11 : 2.3-dev4
    - MINOR: hlua: Add error message relative to the Channel manipulation and HTTP mode
    - BUG/MEDIUM: ssl: crt-list negative filters don't work
    - DOC: overhauling github issue templates
    - MEDIUM: cfgparse: Emit hard error on truncated lines
    - DOC: cache: Use '<name>' instead of '<id>' in error message
    - MINOR: cache: Reject duplicate cache names
    - REGTEST: remove stray leading spaces in converteers_ref_cnt_never_dec.vtc
    - MINOR: stats: prevent favicon.ico requests for stats page
    - BUILD: tools: include auxv a bit later
    - BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1
    - MEDIUM: ssl: Support certificate chaining for certificate generation
    - MINOR: ssl: Support SAN extension for certificate generation
    - MINOR: tcp: don't try to set/clear v6only on inherited sockets
    - BUG/MINOR: reload: detect the OS's v6only status before choosing an old socket
    - MINOR: reload: determine the foreing binding status from the socket
    - MEDIUM: reload: stop passing listener options along with FDs
    - BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards
    - MEDIUM: fd: replace usages of fd_remove() with fd_stop_both()
    - CLEANUP: fd: remove fd_remove() and rename fd_dodelete() to fd_delete()
    - MINOR: fd: add a new "exported" flag and use it for all regular listeners
    - MEDIUM: reload: pass all exportable FDs, not just listeners
    - DOC: add description of pidfile in master-worker mode
    - BUG/MINOR: reload: do not fail when no socket is sent
    - REORG: tcp: move TCP actions from proto_tcp.c to tcp_act.c
    - CLEANUP: tcp: stop exporting smp_fetch_src()
    - REORG: tcp: move TCP sample fetches from proto_tcp.c to tcp_sample.c
    - REORG: tcp: move TCP bind/server keywords from proto_tcp.c to cfgparse-tcp.c
    - REORG: unix: move UNIX bind/server keywords from proto_uxst.c to cfgparse-unix.c
    - REORG: sock: start to move some generic socket code to sock.c
    - MINOR: sock: introduce sock_inet and sock_unix
    - MINOR: tcp/udp/unix: make use of proto->addrcmp() to compare addresses
    - MINOR: sock_inet: implement sock_inet_get_dst()
    - REORG: inet: replace tcp_is_foreign() with sock_inet_is_foreign()
    - REORG: sock_inet: move v6only_default from proto_tcp.c to sock_inet.c
    - REORG: sock_inet: move default_tcp_maxseg from proto_tcp.c
    - REORG: listener: move xfer_sock_list to sock.{c,h}.
    - MINOR: sock: add interface and namespace length to xfer_sock_list
    - MINOR: sock: implement sock_find_compatible_fd()
    - MINOR: sock_inet: move the IPv4/v6 transparent mode code to sock_inet
    - REORG: sock: move get_old_sockets() from haproxy.c
    - MINOR: sock: do not use LI_O_* in xfer_sock_list anymore
    - MINOR: sock: distinguish dgram from stream types when retrieving old sockets
    - BUILD: sock_unix: fix build issue with isdigit()
    - BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers
    - MINOR: http-htx: Add an option to eval query-string when the path is replaced
    - BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action
    - MINOR: http-htx: Handle an optional reason when replacing the response status
    - MINOR: contrib/spoa-server: allow MAX_FRAME_SIZE override
    - BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak
    - BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed
    - BUG/MINOR: contrib/spoa-server: Do not free reference to NULL
    - BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure
    - BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address
    - CLEANUP: http: silence a cppcheck warning in get_http_auth()
    - REGTEST: increase some short timeouts to make tests more reliable
    - BUG/MINOR: threads: work around a libgcc_s issue with chrooting
    - BUILD: thread: limit the libgcc_s workaround to glibc only
    - MINOR: protocol: do not call proto->bind_all() anymore
    - MINOR: protocol: do not call proto->unbind_all() anymore
    - CLEANUP: protocol: remove all ->bind_all() and ->unbind_all() functions
    - MAJOR: init: start all listeners via protocols and not via proxies anymore
    - BUG/MINOR: startup: haproxy -s cause 100% cpu
    - Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action"
    - BUG/MEDIUM: doc: Fix replace-path action description
    - MINOR: http-rules: Add set-pathq and replace-pathq actions
    - MINOR: http-fetch: Add pathq sample fetch
    - REGTEST: Add a test for request path manipulations, with and without the QS
    - MINOR: Commit .gitattributes
    - CLEANUP: Update .gitignore
    - BUG/MEDIUM: dns: Don't store additional records in a linked-list
    - BUG/MEDIUM: dns: Be sure to renew IP address for already known servers
    - MINOR: server: Improve log message sent when server address is updated
    - DOC: ssl-load-extra-files only applies to certificates on bind lines
    - BUG/MINOR: auth: report valid crypto(3) support depending on build options
    - BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections
    - BUILD: threads: better workaround for late loading of libgcc_s
    - BUILD: compiler: reserve the gcc version checks to the gcc compiler
    - BUILD: compiler: workaround a glibc madness around __attribute__()
    - BUILD: intops: on x86_64, the bswap instruction is called bswapq
    - BUILD: trace: always have an argument before variadic args in macros
    - BUILD: traces: don't pass an empty argument for missing ones
    - BUG/MINOR: haproxy: Free uri_auth->scope during deinit
    - CLEANUP: Free old_argv on deinit
    - CLEANUP: haproxy: Free post_proxy_check_list in deinit()
    - CLEANUP: haproxy: Free per_thread_*_list in deinit()
    - CLEANUP: haproxy: Free post_check_list in deinit()
    - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned
    - REORG: tools: move PARSE_OPT_* from tools.h to tools-t.h
    - MINOR: sample: Add iif(<true>,<false>) converter

2020/08/14 : 2.3-dev3
    - SCRIPTS: git-show-backports: make -m most only show the left branch
    - SCRIPTS: git-show-backports: emit the shell command to backport a commit
    - BUILD: Makefile: require SSL_LIB, SSL_INC to be explicitly set
    - CI: travis-ci: specify SLZ_LIB, SLZ_INC for travis builds
    - BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send
    - CLEANUP: dns: typo in reported error message
    - BUG/MAJOR: dns: disabled servers through SRV records never recover
    - BUG/MINOR: spoa-server: fix size_t format printing
    - DOC: spoa-server: fix false friends `actually`
    - BUG/MINOR: ssl: fix memory leak at OCSP loading
    - BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()
    - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
    - MINOR: arg: Add an argument type to keep a reference on opaque data
    - BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter
    - BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created
    - BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters
    - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation
    - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation
    - MINOR: hlua: Don't needlessly copy lua strings in trash during args validation
    - BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array
    - MEDIUM: lua: Don't filter exported fetches and converters
    - MINOR: lua: Add support for userlist as fetches and converters arguments
    - MINOR: lua: Add support for regex as fetches and converters arguments
    - MINOR: arg: Use chunk_destroy() to release string arguments
    - BUG/MINOR: snapshots: leak of snapshots on deinit()
    - CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces
    - MINOR: ssl: add ssl_{c,s}_chain_der fetch methods
    - CLEANUP: fix all duplicated semicolons
    - BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option
    - BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2
    - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
    - BUILD: makefile: don't disable -Wstringop-overflow anymore
    - BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der()
    - BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction
    - BUG/MEDIUM: ssl: never generates the chain from the verify store
    - OPTIM: regex: PCRE2 use JIT match when JIT optimisation occured.
    - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
    - CLEANUP: ssl: remove poorly readable nested ternary

2020/07/31 : 2.3-dev2
    - DOC: ssl: req_ssl_sni needs implicit TLS
    - BUG/MEDIUM: arg: empty args list must be dropped
    - BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
    - BUG/MAJOR: tasks: don't requeue global tasks into the local queue
    - MINOR: tasks/debug: make the thread affinity BUG_ON check a bit stricter
    - MINOR: tasks/debug: add a few BUG_ON() to detect use of wrong timer queue
    - MINOR: tasks/debug: add a BUG_ON() check to detect requeued task on free
    - BUG/MAJOR: dns: Make the do-resolve action thread-safe
    - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
    - MEDIUM: htx: Add a flag on a HTX message when no more data are expected
    - BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
    - BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
    - CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response()
    - BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
    - BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
    - BUILD: tools: fix build with static only toolchains
    - DOC: Use gender neutral language
    - BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
    - BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
    - BUG/MAJOR: dns: don't treat Authority records as an error
    - CI : travis-ci : prepare for using stock OpenSSL
    - CI: travis-ci : switch to stock openssl when openssl-1.1.1 is used
    - MEDIUM: lua: Add support for the Lua 5.4
    - BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
    - BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
    - MINOR: tcp-rules: Return an internal error if an action yields on a final eval
    - BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
    - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
    - MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset
    - MEDIUM: lua: Set the analyse expiration date with smaller wake_time only
    - BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
    - MINOR: connection: Preinstall the mux for non-ssl connect
    - MINOR: stream-int: Be sure to have a mux to do sends and receives
    - BUG/MINOR: lua: Fix a possible null pointer deref on lua ctx
    - SCRIPTS: announce-release: add the link to the wiki in the announce messages
    - CI: travis-ci: use better name for Coverity scan job
    - CI: travis-ci: use proper linking flags for SLZ build
    - BUG/MEDIUM: backend: always attach the transport before installing the mux
    - BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
    - MINOR: connection: avoid a useless recvfrom() on outgoing connections
    - MINOR: mux-h1: do not even try to receive if the connection is not fully set up
    - MINOR: mux-h1: do not try to receive on backend before sending a request
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()

2020/07/17 : 2.3-dev1
    - MINOR: config: make strict limits enabled by default
    - BUG/MINOR: acl: Fix freeing of expr->smp in prune_acl_expr
    - BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr
    - BUG/MINOR: haproxy: Free proxy->format_unique_id during deinit
    - BUG/MINOR: haproxy: Add missing free of server->(hostname|resolvers_id)
    - BUG/MINOR: haproxy: Free proxy->unique_id_header during deinit
    - BUG/MINOR: haproxy: Free srule->file during deinit
    - BUG/MINOR: haproxy: Free srule->expr during deinit
    - BUG/MINOR: sample: Free str.area in smp_check_const_bool
    - BUG/MINOR: sample: Free str.area in smp_check_const_meth
    - CLEANUP: haproxy: Free proxy_deinit_list in deinit()
    - CLEANUP: haproxy: Free post_deinit_list in deinit()
    - CLEANUP: haproxy: Free server_deinit_list in deinit()
    - CLEANUP: haproxy: Free post_server_check_list in deinit()
    - CLEANUP: Add static void vars_deinit()
    - CLEANUP: Add static void hlua_deinit()
    - CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric
    - BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
    - BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
    - MINOR: tcp: Support TCP keepalive parameters customization
    - BUILD: tcp: condition TCP keepalive settings to platforms providing them
    - MINOR: lists: rename some MT_LIST operations to clarify them
    - MINOR: buffer: use MT_LIST_ADDQ() for buffer_wait lists additions
    - MINOR: connection: use MT_LIST_ADDQ() to add connections to idle lists
    - MINOR: tasks: use MT_LIST_ADDQ() when killing tasks.
    - CONTRIB: da: fix memory leak in dummy function da_atlas_open()
    - CI: travis-ci: speed up osx build by running brew scripted, switch to latest osx image
    - BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
    - BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
    - MINOR: connection: Set the SNI on server connections before installing the mux
    - MINOR: connection: Set new connection as private on reuse never
    - MINOR: connection: Add a wrapper to mark a connection as private
    - MEDIUM: connection: Add private connections synchronously in session server list
    - MINOR: connection: Use a dedicated function to look for a session's connection
    - MINOR: connection: Set the conncetion target during its initialisation
    - MINOR: session: Take care to decrement idle_conns counter in session_unown_conn
    - MINOR: server: Factorize code to deal with reuse of server idle connections
    - MINOR: server: Factorize code to deal with connections removed from an idle list
    - CLEANUP: connection: remove unused field idle_time from the connection struct
    - BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
    - MINOR: raw_sock: Report the number of bytes emitted using the splicing
    - MINOR: contrib/prometheus-exporter: Add missing global and per-server metrics
    - MINOR: backend: Add sample fetches to get the server's weight
    - BUG/MINOR: mux-fcgi: Handle empty STDERR record
    - BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
    - BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
    - BUG/MINOR: backend: fix potential null deref on srv_conn
    - BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
    - MEDIUM: udp: adds minimal proto udp support for message listeners.
    - MEDIUM: log/sink: re-work and merge of build message API.
    - MINOR: log: adds syslog udp message handler and parsing.
    - MEDIUM: log: adds log forwarding section.
    - MINOR: log: adds counters on received syslog messages.
    - BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
    - BUG/MEDIUM: server: resolve state file handle leak on reload
    - BUG/MEDIUM: server: fix possibly uninitialized state file on close
    - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
    - BUILD: config: address build warning on raspbian+rpi4
    - BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
    - BUILD: config: fix again bugs gcc warnings on calloc

2020/07/07 : 2.3-dev0
    - [RELEASE] Released version 2.3-dev0
    - MINOR: version: back to development, update status message

2020/07/07 : 2.3-dev0
    - exact copy of 2.2.0

2020/07/07 : 2.2.0
    - BUILD: mux-h2: fix typo breaking build when using DEBUG_LOCK
    - CLEANUP: makefile: update the outdated list of DEBUG_xxx options
    - BUILD: tools: make resolve_sym_name() return a const
    - CLEANUP: auth: fix useless self-include of auth-t.h
    - BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char
    - CLEANUP: assorted typo fixes in the code and comments
    - WIP/MINOR: ssl: add sample fetches for keylog in frontend
    - DOC: fix tune.ssl.keylog sample fetches array
    - BUG/MINOR: ssl: check conn in keylog sample fetch
    - DOC: configuration: various typo fixes
    - MINOR: log: Remove unused case statement during the log-format string parsing
    - BUG/MINOR: mux-h1: Fix the splicing in TUNNEL mode
    - BUG/MINOR: mux-h1: Don't read data from a pipe if the mux is unable to receive
    - BUG/MINOR: mux-h1: Disable splicing only if input data was processed
    - BUG/MEDIUM: mux-h1: Disable splicing for the conn-stream if read0 is received
    - MINOR: mux-h1: Improve traces about the splicing
    - BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server
    - BUG/MEDIUM: connection: Don't consider new private connections as available
    - BUG/MINOR: connection: See new connection as available only on reuse always
    - DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x
    - CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog()
    - DOC: update INSTALL with new compiler versions
    - DOC: minor update to coding style file
    - MINOR: version: mention that it's an LTS release now

2020/07/04 : 2.2-dev12
    - BUG/MINOR: mux_h2: don't lose the leaving trace in h2_io_cb()
    - MINOR: cli: make "show sess" stop at the last known session
    - CLEANUP: buffers: remove unused buffer_wq_lock lock
    - BUG/MEDIUM: buffers: always allocate from the local cache first
    - MINOR: connection: align toremove_{lock,connections} and cleanup into idle_conns
    - CONTRIB: debug: add missing flags SI_FL_L7_RETRY & SI_FL_D_L7_RETRY
    - BUG/MEDIUM: connections: Don't increase curr_used_conns for shared connections.
    - BUG/MEDIUM: checks: Increment the server's curr_used_conns
    - REORG: buffer: rename buffer.c to dynbuf.c
    - REORG: includes: create tinfo.h for the thread_info struct
    - CLEANUP: pool: only include the type files from types
    - MINOR: pools: move the LRU cache heads to thread_info
    - BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD
    - MINOR: stats: add 3 new output values for the per-server idle conn state
    - MINOR: activity: add per-thread statistics on FD takeover
    - BUG/MINOR: server: start cleaning idle connections from various points
    - MEDIUM: server: improve estimate of the need for idle connections
    - MINOR: stats: add the estimated need of concurrent connections per server
    - BUG/MINOR: threads: Don't forget to init each thread toremove_lock.
    - BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
    - Revert "BUG/MEDIUM: lists: Lock the element while we check if it is in a list."
    - BUG/MINOR: haproxy: don't wake already stopping threads on exit
    - BUG/MINOR: server: always count one idle slot for current thread
    - MEDIUM: server: use the two thresholds for the connection release algorithm
    - BUG/MINOR: http-rules: Fix ACLs parsing for http deny rules
    - BUG/MINOR: sched: properly cover for a rare MT_LIST_ADDQ() race
    - MINOR: mux-h1: avoid taking the toremove_lock in on dying tasks
    - MINOR: mux-h2: avoid taking the toremove_lock in on dying tasks
    - MINOR: mux-fcgi: avoid taking the toremove_lock in on dying tasks
    - MINOR: pools: increase MAX_BASE_POOLS to 64
    - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list
    - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible
    - BUG/MEDIUM: log-format: fix possible endless loop in parse_logformat_string()
    - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash
    - BUG/MINOR: proxy: always initialize the trash in show servers state
    - MINOR: cli/proxy: add a new "show servers conn" command
    - MINOR: server: skip servers with no idle conns earlier
    - BUG/MINOR: server: fix the connection release logic regarding nearly full conditions
    - MEDIUM: server: add a new pool-low-conn server setting
    - BUG/MEDIUM: backend: always search in the safe list after failing on the idle one
    - MINOR: backend: don't always takeover from the same threads
    - MINOR: sched: make sched->task_list_size atomic
    - MEDIUM: sched: create a new TASK_KILLED task flag
    - MEDIUM: sched: implement task_kill() to kill a task
    - MEDIUM: mux-h1: use task_kill() during h1_takeover() instead of task_wakeup()
    - MEDIUM: mux-h2: use task_kill() during h2_takeover() instead of task_wakeup()
    - MEDIUM: mux-fcgi: use task_kill() during fcgi_takeover() instead of task_wakeup()
    - MINOR: list: Add MT_LIST_DEL_SAFE_NOINIT() and MT_LIST_ADDQ_NOCHECK()
    - CLEANUP: connections: rename the toremove_lock to takeover_lock
    - MEDIUM: connections: Don't use a lock when moving connections to remove.
    - DOC: configuration: add missing index entries for tune.pool-{low,high}-fd-ratio
    - DOC: configuration: fix alphabetical ordering for tune.pool-{high,low}-fd-ratio
    - MINOR: config: add a new tune.idle-pool.shared global setting.
    - MINOR: 51d: silence a warning about null pointer dereference
    - MINOR: debug: add a new "debug dev memstats" command
    - MINOR: log-format: allow to preserve spacing in log format strings
    - BUILD: debug: avoid build warnings with DEBUG_MEM_STATS
    - BUG/MAJOR: sched: make sure task_kill() always queues the task
    - BUG/MEDIUM: muxes: Make sure nobody stole the connection before using it.
    - BUG/MEDIUM: cli/proxy: don't try to dump idle connection state if there's none
    - BUILD: haproxy: fix build error when RLIMIT_AS is not set
    - BUG/MAJOR: sched: make it work also when not building with DEBUG_STRICT
    - MINOR: log: add time second fraction field to rfc5424 log timestamp.
    - BUG/MINOR: log: missing timezone on iso dates.
    - BUG/MEDIUM: server: don't kill all idle conns when there are not enough
    - MINOR: sched: split tasklet_wakeup() into tasklet_wakeup_on()
    - BUG/MEDIUM: connections: Set the tid for the old tasklet on takeover.
    - BUG/MEDIUM: connections: Let the xprt layer know a takeover happened.
    - BUG/MINOR: http_act: don't check capture id in backend (2)
    - BUILD: makefile: disable threads by default on OpenBSD
    - BUILD: peers: fix build warning with gcc 4.2.1
    - CI: cirrus-ci: exclude slow reg-tests

2020/06/26 : 2.2-dev11
    - REGTEST: Add a simple script to tests errorfile directives in proxy sections
    - BUG/MEDIUM: fcgi-app: Resolve the sink if a fcgi-app logs in a ring buffer
    - BUG/MINOR: spoe: correction of setting bits for analyzer
    - BUG/MINOR: cfgparse: Support configurations without newline at EOF
    - MINOR: cfgparse: Warn on truncated lines / files
    - BUG/MINOR: http_ana: clarify connection pointer check on L7 retry
    - MINOR: debug: add a new DEBUG_FD build option
    - BUG/MINOR: tasks: make sure never to exceed max_processed
    - MINOR: task: add a new pointer to current tasklet queue
    - BUG/MEDIUM: task: be careful not to run too many tasks at TL_URGENT
    - BUG/MINOR: cfgparse: Fix argument reference in PARSE_ERR_TOOMANY message
    - BUG/MINOR: cfgparse: Fix calculation of position for PARSE_ERR_TOOMANY message
    - BUG/MEDIUM: ssl: fix ssl_bind_conf double free
    - MINOR: ssl: free bind_conf_node in crtlist_free()
    - MINOR: ssl: free the crtlist and the ckch during the deinit()
    - BUG/MINOR: ssl: fix build with ckch_deinit() and crtlist_deinit()
    - BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted
    - MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c
    - MEDIUM: tasks: apply a fair CPU distribution between tasklet classes
    - MINOR: tasks: make current_queue an index instead of a pointer
    - MINOR: tasks: add a mask of the queues with active tasklets
    - MINOR: tasks: pass the queue index to run_task_from_list()
    - MINOR: tasks: make run_tasks_from_lists() scan the queues itself
    - MEDIUM: tasks: add a tune.sched.low-latency option
    - BUG/MEDIUM: ssl/cli: 'commit ssl cert' crashes when no private key
    - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines
    - MINOR: tools: make parse_line() always terminate the args list
    - BUG/MINOR: cfgparse: report extraneous args *after* the string is allocated
    - MINOR: cfgparse: sanitize the output a little bit
    - MINOR: cli/ssl: handle trailing slashes in crt-list commands
    - MINOR: ssl: add the ssl_s_* sample fetches for server side certificate
    - BUG/MEDIUM: http-ana: Don't loop trying to generate a malformed 500 response
    - BUG/MINOR: stream-int: Don't wait to send truncated HTTP messages
    - BUG/MINOR: http-ana: Set CF_EOI on response channel for generated responses
    - BUG/MINOR: http-ana: Don't wait to send 1xx responses generated by HAProxy
    - MINOR: spoe: Don't systematically create new applets if processing rate is low
    - DOC: fix some typos in the ssl_s_{s|i}_dn documentation
    - BUILD: fix ssl_sample.c when building against BoringSSL
    - CI: travis-ci: switch BoringSSL builds to ninja
    - CI: extend spellchecker whitelist
    - DOC: assorted typo fixes in the documentation
    - CLEANUP: assorted typo fixes in the code and comments
    - MINOR: http: Add support for http 413 status
    - REGTEST: ssl: tests the ssl_f_* sample fetches
    - REGTEST: ssl: add some ssl_c_* sample fetches test
    - DOC: ssl: update the documentation of "commit ssl cert"
    - BUG/MINOR: cfgparse: correctly deal with empty lines
    - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL

2020/06/19 : 2.2-dev10
    - BUILD: include: add sys/types before netinet/tcp.h
    - BUG/MEDIUM: log: don't hold the log lock during writev() on a file descriptor
    - BUILD: Remove nowarn for warnings that do not trigger
    - BUG/MEDIUM: pattern: fix thread safety of pattern matching
    - BUILD: Re-enable -Wimplicit-fallthrough
    - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0
    - BUILD: thread: add parenthesis around values of locking macros
    - BUILD: proto_uxst: shut up yet another gcc's absurd warning
    - BUG/MEDIUM: checks: Fix off-by-one in allocation of SMTP greeting cmd
    - CI: travis-ci: use "-O1" for clang builds
    - MINOR: haproxy: Add void deinit_and_exit(int)
    - MINOR: haproxy: Make use of deinit_and_exit() for clean exits
    - BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules
    - BUILD: compression: make gcc 10 happy with free_zlib()
    - BUILD: atomic: add string.h for memcpy() on ARM64
    - BUG/MINOR: http: make smp_fetch_body() report that the contents may change
    - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness
    - BUILD: haproxy: mark deinit_and_exit() as noreturn
    - BUG/MAJOR: vars: Fix bogus free() during deinit() for http-request rules
    - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks
    - MINOR: tools: add a new configurable line parse, parse_line()
    - BUG/MEDIUM: cfgparse: use parse_line() to expand/unquote/unescape config lines
    - BUG/MEDIUM: cfgparse: stop after a reasonable amount of fatal error
    - MINOR: http: do not close connections anymore after internal responses
    - BUG/MINOR: cfgparse: Add missing fatal++ in PARSE_ERR_HEX case
    - BUG/MINOR: spoe: add missing key length check before checking key names
    - MINOR: version: put the compiler version output into version.c not haproxy.c
    - MINOR: compiler: always define __has_feature()
    - MINOR: version: report the presence of the compiler's address sanitizer
    - BUILD: Fix build by including haproxy/global.h
    - BUG/MAJOR: connection: always disable ready events once reported
    - CLEANUP: activity: remove unused counter fd_lock
    - DOC: fd: make it clear that some fields ordering must absolutely be respected
    - MINOR: activity: report the number of times poll() reports I/O
    - MINOR: activity: rename confusing poll_* fields in the output
    - MINOR: fd: Fix a typo in a coment.
    - BUG/MEDIUM: fd: Don't fd_stop_recv() a fd we don't own.
    - BUG/MEDIUM: fd: Call fd_stop_recv() when we just got a fd.
    - MINOR: activity: group the per-loop counters at the top
    - MINOR: activity: rename the "stream" field to "stream_calls"
    - MEDIUM: fd: refine the fd_takeover() migration lock
    - MINOR: fd: slightly optimize the fd_takeover double-CAS loop
    - MINOR: fd: factorize the fd_takeover() exit path to make it safer
    - MINOR: peers: do not use localpeer as an array anymore
    - MEDIUM: peers: add the "localpeer" global option
    - MEDIUM: fd: add experimental support for edge-triggered polling
    - CONTRIB: debug: add the missing flags CO_FL_SAFE_LIST and CO_FL_IDLE_LIST
    - MINOR: haproxy: process signals before runnable tasks
    - MEDIUM: tasks: clean up the front side of the wait queue in wake_expired_tasks()
    - MEDIUM: tasks: also process late wakeups in process_runnable_tasks()
    - BUG/MINOR: cli: allow space escaping on the CLI
    - BUG/MINOR: mworker/cli: fix the escaping in the master CLI
    - BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI
    - REGTEST: http-rules: test spaces in ACLs
    - REGTEST: http-rules: test spaces in ACLs with master CLI
    - BUG/MAJOR: init: properly compute the default global.maxpipes value
    - MEDIUM: map: make the "clear map" operation yield
    - BUG/MEDIUM: stream-int: fix loss of CO_SFL_MSG_MORE flag in forwarding
    - MINOR: mux_h1: Set H1_F_CO_MSG_MORE if we know we have more to send.
    - BUG/MINOR: systemd: Wait for network to be online
    - DOC: configuration: Unindent non-code sentences in the protobuf example
    - DOC: configuration: http-check send was missing from matrix

2020/06/11 : 2.2-dev9
    - BUG/MINOR: http-htx: Don't forget to release the http reply in release function
    - BUG/MINOR: http-htx: Fix a leak on error path during http reply parsing
    - MINOR: checks: Remove dead code from process_chk_conn()
    - REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
    - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv
    - MINOR: lua: Use vars_unset_by_name_ifexist()
    - CLEANUP: vars: Remove void vars_unset_by_name(const char*, size_t, struct sample*)
    - MINOR: vars: Make vars_(un|)set_by_name(_ifexist|) return a success value
    - MINOR: lua: Make `set_var()` and `unset_var()` return success
    - MEDIUM: lua: Add `ifexist` parameter to `set_var`
    - MEDIUM: ring: new section ring to declare custom ring buffers.
    - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation
    - REGTESTS: Require the version 2.2 to execute lua/set_var
    - BUG/MEDIUM: checks: Refresh the conn-stream and the connection after a connect
    - MINOR: checks: Remove useless tests on the connection and conn-stream
    - BUG/MEDIUM: contrib/spoa: do not register python3.8 if --embed fail
    - BUG/MEDIUM: connection: Ignore PP2 unique ID for stream-less connections
    - BUG/MINOR: connection: Always get the stream when available to send PP2 line
    - BUG/MEDIUM: backend: set the connection owner to the session when using alpn.
    - MINOR: pools: compute an estimate of each pool's average needed objects
    - MEDIUM: pools: directly free objects when pools are too much crowded
    - REGTEST: Add connection/proxy_protocol_send_unique_id_alpn
    - MINOR: http-ana: Make the function http_reply_to_htx() public
    - MINOR: http-ana: Use proxy's error replies to emit 401/407 responses
    - MINOR: http-rules: Use an action function to eval http-request auth rules
    - CLEANUP: http: Remove unused HTTP message templates
    - BUG/MEDIUM: checks: Don't blindly subscribe for receive if waiting for connect
    - MINOR: checks: I/O callback function only rely on the data layer wake callback
    - BUG/MINOR: lua: Add missing string length for lua sticktable lookup
    - BUG/MEDIUM: logs: fix trailing zeros on log message.
    - CI: cirrus-ci: skip reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on CentOS 6
    - BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
    - BUG/MEDIUM: checks: Don't add a tcpcheck ruleset twice in the shared tree
    - MEDIUM: ssl: use TLSv1.2 as the minimum default on bind lines
    - CLEANUP: pools: use the regular lock for the flush operation on lockless pools
    - SCRIPTS: publish-release: pass -n to gzip to remove timestamp
    - MINOR: ring: re-work ring attach generic API.
    - BUG/MINOR: error on unknown statement in ring section.
    - MEDIUM: ring: add server statement to forward messages from a ring
    - MEDIUM: ring: add new srv statement to support octet counting forward
    - MINOR: ssl: set ssl-min-ver in ambiguous configurations
    - CLEANUP: ssl: remove comment from dump_crtlist_sslconf()
    - BUILD: sink: address build warning on 32-bit architectures
    - BUG/MINOR: peers: fix internal/network key type mapping.
    - CLEANUP: regex: remove outdated support for regex actions
    - Revert "MINOR: ssl: rework add cert chain to CTX to be libssl independent"
    - MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade
    - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
    - DOC: add a line about comments in crt-list
    - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
    - BUG/MINOR: checks: Fix test on http-check rulesets during config validity check
    - BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
    - BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
    - BUG/MINOR: init: -x can have a parameter starting with a dash
    - BUG/MINOR: init: -S can have a parameter starting with a dash
    - BUG/MEDIUM: mworker: fix the reload with an -- option
    - BUG/MINOR: ssl: fix a trash buffer leak in some error cases
    - BUG/MINOR: mworker: fix a memleak when execvp() failed
    - MINOR: sample: Add secure_memcmp converter
    - REORG: ebtree: move the C files from ebtree/ to src/
    - REORG: ebtree: move the include files from ebtree to include/import/
    - REORG: ebtree: clean up remains of the ebtree/ directory
    - REORG: include: create new file haproxy/api-t.h
    - REORG: include: create new file haproxy/api.h
    - REORG: include: update all files to use haproxy/api.h or api-t.h if needed
    - CLEANUP: include: remove common/config.h
    - CLEANUP: include: remove unused template.h
    - REORG: include: move MIN/MAX from tools.h to compat.h
    - REORG: include: move SWAP/MID_RANGE/MAX_RANGE from tools.h to standard.h
    - CLEANUP: include: remove unused common/tools.h
    - REORG: include: move the base files from common/ to haproxy/
    - REORG: include: move version.h to haproxy/
    - REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/
    - REORG: include: move openssl-compat.h from common/ to haproxy/
    - REORG: include: move ist.h from common/ to import/
    - REORG: include: move the BUG_ON() code to haproxy/bug.h
    - REORG: include: move debug.h from common/ to haproxy/
    - CLEANUP: debug: drop unused function p_malloc()
    - REORG: include: split buf.h into haproxy/buf-t.h and haproxy/buf.h
    - REORG: include: move istbuf.h to haproxy/
    - REORG: include: split mini-clist into haproxy/list and list-t.h
    - REORG: threads: extract atomic ops from hathreads.h
    - CLEANUP: threads: remove a few needless includes of hathreads.h
    - REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h
    - CLEANUP: thread: rename __decl_hathreads() to __decl_thread()
    - REORG: include: move time.h from common/ to haproxy/
    - REORG: include: move integer manipulation functions from standard.h to intops.h
    - CLEANUP: include: remove excessive includes of common/standard.h
    - REORG: include: move freq_ctr to haproxy/
    - CLEANUP: pool: include freq_ctr.h and remove locally duplicated functions
    - REORG: memory: move the pool type definitions to haproxy/pool-t.h
    - REORG: memory: move the OS-level allocator to haproxy/pool-os.h
    - MINOR: memory: don't let __pool_get_first() pick from the cache
    - MEDIUM: memory: don't let pool_put_to_cache() free the objects itself
    - MINOR: memory: move pool-specific path of the locked pool_free() to __pool_free()
    - MEDIUM: memory: make local pools independent on lockless pools
    - REORG: include: move common/memory.h to haproxy/pool.h
    - REORG: include: move common/chunk.h to haproxy/chunk.h
    - REORG: include: move activity to haproxy/
    - REORG: include: move common/buffer.h to haproxy/dynbuf{,-t}.h
    - REORG: include: move common/net_helper.h to haproxy/net_helper.h
    - REORG: include: move common/namespace.h to haproxy/namespace{,-t}.h
    - REORG: include: split common/regex.h into haproxy/regex{,-t}.h
    - REORG: include: split common/xref.h into haproxy/xref{,-t}.h
    - REORG: include: move common/ticks.h to haproxy/ticks.h
    - REORG: include: split common/http.h into haproxy/http{,-t}.h
    - REORG: include: split common/http-hdr.h into haproxy/http-hdr{,-t}.h
    - REORG: include: move common/h1.h to haproxy/h1.h
    - REORG: include: split common/htx.h into haproxy/htx{,-t}.h
    - REORG: include: move hpack*.h to haproxy/ and split hpack-tbl
    - REORG: include: move common/h2.h to haproxy/h2.h
    - REORG: include: move common/fcgi.h to haproxy/
    - REORG: include: move protocol.h to haproxy/protocol{,-t}.h
    - REORG: tools: split common/standard.h into haproxy/tools{,-t}.h
    - REORG: include: move dict.h to hparoxy/dict{,-t}.h
    - REORG: include: move shctx to haproxy/shctx{,-t}.h
    - REORG: include: move port_range.h to haproxy/port_range{,-t}.h
    - REORG: include: move fd.h to haproxy/fd{,-t}.h
    - REORG: include: move ring to haproxy/ring{,-t}.h
    - REORG: include: move sink.h to haproxy/sink{,-t}.h
    - REORG: include: move pipe.h to haproxy/pipe{,-t}.h
    - CLEANUP: include: remove empty raw_sock.h
    - REORG: include: move proto_udp.h to haproxy/proto_udp{,-t}.h
    - REORG: include: move proto/proto_sockpair.h to haproxy/proto_sockpair.h
    - REORG: include: move compression.h to haproxy/compression{,-t}.h
    - REORG: include: move h1_htx.h to haproxy/h1_htx.h
    - REORG: include: move http_htx.h to haproxy/http_htx{,-t}.h
    - REORG: include: move hlua.h to haproxy/hlua{,-t}.h
    - REORG: include: move hlua_fcn.h to haproxy/hlua_fcn.h
    - REORG: include: move action.h to haproxy/action{,-t}.h
    - REORG: include: move arg.h to haproxy/arg{,-t}.h
    - REORG: include: move auth.h to haproxy/auth{,-t}.h
    - REORG: include: move dns.h to haproxy/dns{,-t}.h
    - REORG: include: move flt_http_comp.h to haproxy/
    - REORG: include: move counters.h to haproxy/counters-t.h
    - REORG: include: split mailers.h into haproxy/mailers{,-t}.h
    - REORG: include: move capture.h to haproxy/capture{,-t}.h
    - REORG: include: move frontend.h to haproxy/frontend.h
    - REORG: include: move obj_type.h to haproxy/obj_type{,-t}.h
    - REORG: include: move http_rules.h to haproxy/http_rules.h
    - CLEANUP: include: remove unused mux_pt.h
    - REORG: include: move mworker.h to haproxy/mworker{,-t}.h
    - REORG: include: move ssl_utils.h to haproxy/ssl_utils.h
    - REORG: include: move ssl_ckch.h to haproxy/ssl_ckch{,-t}.h
    - REORG: move ssl_crtlist.h to haproxy/ssl_crtlist{,-t}.h
    - REORG: include: move lb_chash.h to haproxy/lb_chash{,-t}.h
    - REORG: include: move lb_fas.h to haproxy/lb_fas{,-t}.h
    - REORG: include: move lb_fwlc.h to haproxy/lb_fwlc{,-t}.h
    - REORG: include: move lb_fwrr.h to haproxy/lb_fwrr{,-t}.h
    - REORG: include: move listener.h to haproxy/listener{,-t}.h
    - REORG: include: move pattern.h to haproxy/pattern{,-t}.h
    - REORG: include: move map to haproxy/map{,-t}.h
    - REORG: include: move payload.h to haproxy/payload.h
    - REORG: include: move sample.h to haproxy/sample{,-t}.h
    - REORG: include: move protocol_buffers.h to haproxy/protobuf{,-t}.h
    - REORG: include: move vars.h to haproxy/vars{,-t}.h
    - REORG: include: split global.h into haproxy/global{,-t}.h
    - REORG: include: move task.h to haproxy/task{,-t}.h
    - REORG: include: move proto_tcp.h to haproxy/proto_tcp.h
    - REORG: include: move signal.h to haproxy/signal{,-t}.h
    - REORG: include: move tcp_rules.h to haproxy/tcp_rules.h
    - REORG: include: move connection.h to haproxy/connection{,-t}.h
    - REORG: include: move checks.h to haproxy/check{,-t}.h
    - REORG: include: move http_fetch.h to haproxy/http_fetch.h
    - REORG: include: move peers.h to haproxy/peers{,-t}.h
    - REORG: include: move stick_table.h to haproxy/stick_table{,-t}.h
    - REORG: include: move session.h to haproxy/session{,-t}.h
    - REORG: include: move trace.h to haproxy/trace{,-t}.h
    - REORG: include: move acl.h to haproxy/acl.h{,-t}.h
    - REORG: include: split common/uri_auth.h into haproxy/uri_auth{,-t}.h
    - REORG: move applet.h to haproxy/applet{,-t}.h
    - REORG: include: move stats.h to haproxy/stats{,-t}.h
    - REORG: include: move cli.h to haproxy/cli{,-t}.h
    - REORG: include: move lb_map.h to haproxy/lb_map{,-t}.h
    - REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h
    - REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h
    - REORG: include: move channel.h to haproxy/channel{,-t}.h
    - REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h
    - REORG: include: move filters.h to haproxy/filters{,-t}.h
    - REORG: include: move fcgi-app.h to haproxy/fcgi-app{,-t}.h
    - REORG: include: move log.h to haproxy/log{,-t}.h
    - REORG: include: move proxy.h to haproxy/proxy{,-t}.h
    - REORG: include: move spoe.h to haproxy/spoe{,-t}.h
    - REORG: include: move backend.h to haproxy/backend{,-t}.h
    - REORG: include: move queue.h to haproxy/queue{,-t}.h
    - REORG: include: move server.h to haproxy/server{,-t}.h
    - REORG: include: move stream.h to haproxy/stream{,-t}.h
    - REORG: include: move cfgparse.h to haproxy/cfgparse.h
    - CLEANUP: hpack: export debug functions and move inlines to .h
    - REORG: check: move the e-mail alerting code to mailers.c
    - REORG: check: move tcpchecks away from check.c
    - REORG: check: move email_alert* from proxy-t.h to mailers-t.h
    - REORG: check: extract the external checks from check.{c,h}
    - CLEANUP: include: don't include stddef.h directly
    - CLEANUP: include: don't include proxy-t.h in global-t.h
    - CLEANUP: include: move sample_data out of sample-t.h
    - REORG: include: move the error reporting functions to from log.h to errors.h
    - BUILD: reorder objects in the Makefile for faster builds
    - CLEANUP: compiler: add a THREAD_ALIGNED macro and use it where appropriate
    - CLEANUP: include: make atomic.h part of the base API
    - REORG: include: move MAX_THREADS to defaults.h
    - REORG: include: move THREAD_LOCAL and __decl_thread() to compiler.h
    - CLEANUP: include: tree-wide alphabetical sort of include files
    - REORG: include: make list-t.h part of the base API
    - REORG: dgram: rename proto_udp to dgram

2020/05/22 : 2.2-dev8
    - MINOR: checks: Improve report of unexpected errors for expect rules
    - MEDIUM: checks: Add matching on log-format string for expect rules
    - DOC: Fix req.body and co documentation to be accurate
    - MEDIUM: checks: Remove dedicated sample fetches and use response ones instead
    - CLEANUP: checks: sort and rename tcpcheck_expect_type types
    - MINOR: checks: Use dedicated actions to send log-format strings in send rules
    - MINOR: checks: Simplify matching on HTTP headers in HTTP expect rules
    - MINOR: checks/sample: Remove unnecessary tests on the sample session
    - REGTEST: checks: Adapt SSL error message reported when connection is rejected
    - MINOR: mworker: replace ha_alert by ha_warning when exiting successfuly
    - MINOR: checks: Support log-format string to set the URI for HTTP send rules
    - MINOR: checks: Support log-format string to set the body for HTTP send rules
    - DOC: Be more explicit about configurable check ok/error/timeout status
    - MINOR: checks: Make matching on HTTP headers for expect rules less obscure
    - BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
    - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
    - REGTESTS: make the http-check-send test require version 2.2
    - BUG/MINOR: http-ana: fix NTLM response parsing again
    - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
    - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
    - MINOR: cfgparse: Improve error message for invalid \x sequences
    - CI: travis-ci: enable arm64 builds again
    - MEDIUM: ssl: increase default-dh-param to 2048
    - CI: travis-ci: skip pcre2 on arm64 build
    - CI: travis-ci: extend the build time for SSL to 60 minutes
    - CLEANUP: config: drop unused setting CONFIG_HAP_MEM_OPTIM
    - CLEANUP: config: drop unused setting CONFIG_HAP_INLINE_FD_SET
    - CLENAUP: config: move CONFIG_HAP_LOCKLESS_POOLS out of config.h
    - CLEANUP: remove THREAD_LOCAL from config.h
    - CI: travis-ci: upgrade LibreSSL versions
    - DOC: assorted typo fixes in the documentation
    - CI: extend spellchecker whitelist
    - CLEANUP: assorted typo fixes in the code and comments
    - MAJOR: contrib: porting spoa_server to support python3
    - BUG/MEDIUM: checks: Subscribe to I/O events on an unfinished connect
    - BUG/MINOR: checks: Don't subscribe to I/O events if it is already done
    - BUG/MINOR: checks: Rely on next I/O oriented rule when waiting for a connection
    - MINOR: checks: Don't try to send outgoing data if waiting to be able to send
    - MINOR: sample: Move aes_gcm_dec implementation into sample.c
    - MINOR: sample: Add digest and hmac converters
    - BUG/MEDIUM: checks: Subscribe to I/O events only if a mux was installed
    - BUG/MINOR: sample/ssl: Fix digest converter for openssl < 1.1.0
    - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
    - BUG/MINOR: pollers: remove uneeded free in global init
    - CLEANUP: select: enhance readability in init
    - BUG/MINOR: soft-stop: always wake up waiting threads on stopping
    - MINOR: soft-stop: let the first stopper only signal other threads
    - BUILD: select: only declare existing local labels to appease clang
    - BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
    - BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
    - DOC: retry-on can only be used with mode http
    - MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages
    - MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism
    - MINOR: ssl: add a new function ssl_sock_get_ssl_object()
    - MEDIUM: ssl: use ssl_sock_get_ssl_object() in fetchers where appropriate
    - REORG: ssl: move macros and structure definitions to ssl_sock.h
    - CLEANUP: ssl: remove the shsess_* macros
    - REORG: move the crt-list structures in their own .h
    - REORG: ssl: move the ckch structures to types/ssl_ckch.h
    - CLEANUP: ssl: add ckch prototypes in proto/ssl_ckch.h
    - REORG: ssl: move crtlist functions to src/ssl_crtlist.c
    - CLEANUP: ssl: avoid circular dependencies in ssl_crtlist.h
    - REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c
    - REORG: ssl: move ckch_inst functions to src/ssl_ckch.c
    - REORG: ssl: move the crt-list CLI functions in src/ssl_crtlist.c
    - REORG: ssl: move the CLI 'cert' functions to src/ssl_ckch.c
    - REORG: ssl: move ssl configuration to cfgparse-ssl.c
    - MINOR: ssl: remove static keyword in some SSL utility functions
    - REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues
    - REORG: ssl: move sample fetches to src/ssl_sample.c
    - REORG: ssl: move utility functions to src/ssl_utils.c
    - DOC: ssl: update MAINTAINERS file
    - CI: travis-ci: switch arm64 builds to use openssl from distro
    - MINOR: stats: Prepare for more accurate moving averages
    - MINOR: stats: Expose native cum_req metric for a server
    - MEDIUM: stats: Enable more accurate moving average calculation for stats
    - BUILD: ssl: include buffer common headers for ssl_sock_ctx
    - BUILD: ssl: include errno.h in ssl_crtlist.c
    - CLEANUP: acl: remove unused assignment
    - DOC/MINOR: halog: Add long help info for ic flag
    - BUILD: ssl: fix build without OPENSSL_NO_ENGINE
    - DOC: SPOE is no longer experimental
    - BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
    - MINOR: config: Don't dump keywords if argument is NULL
    - MEDIUM: checks: Make post-41 the default mode for mysql checks
    - BUG/MINOR: logs: prevent double line returns in some events.
    - MEDIUM: sink: build header in sink_write for log formats
    - MEDIUM: logs: buffer targets now rely on new sink_write
    - MEDIUM: sink: add global statement to create a new ring (sink buffer)
    - MEDIUM: hpack: use a pool for the hpack table
    - BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
    - BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
    - MINOR: applet: adopt the wait list entry from the CLI
    - MINOR: ring: make the applet code not depend on the CLI
    - Revert "MEDIUM: sink: add global statement to create a new ring (sink buffer)"
    - CI: travis-ci: fix libslz download URL
    - MINOR: ssl: split config and runtime variable for ssl-{min,max}-ver
    - CLEANUP: http_ana: Remove unused TXN flags
    - BUG/MINOR: http-rules: Mark http return rules as final
    - MINOR: http-htx: Add http_reply type based on what is used for http return rules
    - CLEANUP: http-htx: Rename http_error structure into http_error_msg
    - MINOR: http-rules: Use http_reply structure for http return rules
    - MINOR: http-htx: Use a dedicated function to release http_reply objects
    - MINOR: http-htx: Use a dedicated function to parse http reply arguments
    - MINOR: http-htx: Use a dedicated function to check http reply validity
    - MINOR: http-ana: Use a dedicated function to send a response from an http reply
    - MEDIUM: http-rules: Rely on http reply for http deny/tarpit rules
    - MINOR: http-htx: Store default error messages in a global http reply array
    - MINOR: http-htx: Store messages of an http-errors section in a http reply array
    - MINOR: http-htx: Store errorloc/errorfile messages in http replies
    - MINOR: proxy: Add references on http replies for proxy error messages
    - MINOR: http-htx: Use http reply from the http-errors section
    - MINOR: http-ana: Use a TXN flag to prevent after-response ruleset evaluation
    - MEDIUM: http-ana: Use http replies for HTTP error messages
    - CLEANUP: http-htx: Remove unused storage of error messages in buffers
    - MINOR: htx: Add a function to copy a buffer in an HTX message
    - CLEANUP: channel: Remove channel_htx_copy_msg() function
    - MINOR: http-ana: Add a function to write an http reply in an HTX message
    - MINOR: http-htx/proxy: Add http-error directive using http return syntax
    - DOC: Fix "errorfile" description in the configuration manual
    - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
    - BUILD: hpack: make sure the hpack table can still be built standalone
    - CONTRIB: hpack: make use of the simplified standalone HPACK API
    - MINOR: connection: add pp2-never-send-local to support old PP2 behavior

2020/05/05 : 2.2-dev7
    - MINOR: version: Show uname output in display_version()
    - CI: run weekly OpenSSL "no-deprecated" builds
    - CLEANUP: log: fix comment of parse_logformat_string()
    - DOC: Improve documentation on http-request set-src
    - MINOR: ssl/cli: disallow SSL options for directory in 'add ssl crt-list'
    - MINOR: ssl/cli: restrain certificate path when inserting into a directory
    - MINOR: ssl: add ssl-skip-self-issued-ca global option
    - BUG/MINOR: ssl: default settings for ssl server options are not used
    - MINOR: config: add a global directive to set default SSL curves
    - BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
    - DOC: internals: update the SSL architecture schema
    - BUG/MINOR: tools: fix the i386 version of the div64_32 function
    - BUG/MINOR: mux-fcgi/trace: fix wrong set of trace flags in fcgi_strm_add_eom()
    - BUG/MINOR: http: make url_decode() optionally convert '+' to SP
    - DOC: option logasap does not depend on mode
    - MEDIUM: memory: make pool_gc() run under thread isolation
    - MINOR: contrib: make the peers wireshark dissector a plugin
    - BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on errors
    - BUG/MINOR: check: Update server address and port to execute an external check
    - MINOR: mini-clist: Add functions to iterate backward on a list
    - MINOR: checks: Add a way to send custom headers and payload during http chekcs
    - MINOR: server: respect warning and alert semantic
    - BUG/MINOR: checks: Respect the no-check-ssl option
    - BUG/MEDIUM: server/checks: Init server check during config validity check
    - CLEANUP: checks: Don't export anymore init_check and srv_check_healthcheck_port
    - BUG/MINOR: checks: chained expect will not properly wait for enough data
    - BUG/MINOR: checks: Forbid tcp-check lines in default section as documented
    - MINOR: checks: Use an enum to describe the tcp-check rule type
    - MINOR: checks: Simplify connection flag parsing in tcp-check connect
    - MEDIUM: checks: rewind to the first inverse expect rule of a chain on new data
    - MINOR: checks: simplify tcp expect config parser
    - MINOR: checks: add min-recv tcp-check expect option
    - MINOR: checks: add linger option to tcp connect
    - MINOR: checks: define a tcp expect type
    - MEDIUM: checks: rewrite tcp-check expect block
    - MINOR: checks: Stop xform buffers to null-terminated string for tcp-check rules
    - MINOR: checks: add rbinary expect match type
    - MINOR: checks: Simplify functions to get step id and comment
    - MEDIUM: checks: capture groups in expect regexes
    - MINOR: checks: Don't use a static tcp rule list head
    - MEDIUM: checks: Use a non-comment rule iterator to get next rule
    - MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules
    - MINOR: checks: Set the tcp-check rule index during parsing
    - MINOR: checks: define tcp-check send type
    - MINOR: checks: define a tcp-check connect type
    - MEDIUM: checks: Add implicit tcp-check connect rule
    - MAJOR: checks: Refactor and simplify the tcp-check loop
    - MEDIUM: checks: Associate a session to each tcp-check healthcheck
    - MINOR: checks/vars: Add a check scope for variables
    - MEDIUM: checks: Parse custom action rules in tcp-checks
    - MINOR: checks: Add support to set-var and unset-var rules in tcp-checks
    - MINOR: checks: Add the sni option for tcp-check connect rules
    - MINOR: checks: Add the via-socks4 option for tcp-check connect rules
    - MINOR: checks: Add the alpn option for tcp-check connect rules
    - MINOR: ssl: Export a generic function to parse an alpn string
    - MINOR: checks: Add the default option for tcp-check connect rules
    - MINOR: checks: Add the addr option for tcp-check connect rule
    - MEDIUM: checks: Support expression to set the port
    - MEDIUM: checks: Support log-format strings for tcp-check send rules
    - MINOR: log: Don't depends on a stream to process samples in log-format string
    - MINOR: log: Don't systematically set LW_REQ when a sample expr is added
    - MEDIUM: checks: Add a shared list of tcp-check rules
    - MINOR: sample: add htonl converter
    - MINOR: sample: add cut_crlf converter
    - MINOR: sample: add ltrim converter
    - MINOR: sample: add rtrim converter
    - MINOR: checks: Use a name for the healthcheck status enum
    - MINOR: checks: Add option to tcp-check expect rules to customize error status
    - MINOR: checks: Merge tcp-check comment rules with the others at config parsing
    - MINOR: checks: Add a sample fetch to extract a block from the input check buffer
    - MEDIUM: checks: Add on-error/on-success option on tcp-check expect rules
    - MEDIUM: checks: Add status-code sample expression on tcp-check expect rules
    - MINOR: checks: Relax the default option for tcp-check connect rules
    - MEDIUM: checks: Add a list of vars to set before executing a tpc-check ruleset
    - MINOR: checks: Export the tcpcheck_eval_ret enum
    - MINOR: checks: Use dedicated function to handle onsuccess/onerror messages
    - MINOR: checks: Support custom functions to eval a tcp-check expect rules
    - MEDIUM: checks: Implement redis check using tcp-check rules
    - MEDIUM: checks: Implement ssl-hello check using tcp-check rules
    - MEDIUM: checks: Implement smtp check using tcp-check rules
    - MEDIUM: checks: Implement postgres check using tcp-check rules
    - MEDIUM: checks: Implement MySQL check using tcp-check rules
    - MEDIUM: checks: Implement LDAP check using tcp-check rules
    - MEDIUM: checks: Implement SPOP check using tcp-check rules
    - MINOR: server/checks: Move parsing of agent keywords in checks.c
    - MINOR: server/checks: Move parsing of server check keywords in checks.c
    - MEDIUM: checks: Implement agent check using tcp-check rules
    - REGTEST: Adapt regtests about checks to recent changes
    - MINOR: Produce tcp-check info message for pure tcp-check rules only
    - MINOR: checks: Add an option to set success status of tcp-check expect rules
    - MINOR: checks: Improve log message of tcp-checks on success
    - MINOR: proxy/checks: Move parsing of httpchk option in checks.c
    - MINOR: proxy/checks: Move parsing of tcp-check option in checks.c
    - MINOR: proxy/checks: Register a keyword to parse http-check rules
    - MINOR: proxy/checks: Move parsing of external-check option in checks.c
    - MINOR: proxy/checks: Register a keyword to parse external-check rules
    - MEDIUM: checks: Use a shared ruleset to store tcp-check rules
    - MINOR: checks: Use an indirect string to represent the expect matching string
    - MINOR: checks: Introduce flags to configure in tcp-check expect rules
    - MINOR: standard: Add my_memspn and my_memcspn
    - MINOR: checks: Add a reverse non-comment rule iterator to get last rule
    - MAJOR: checks: Implement HTTP check using tcp-check rules
    - MINOR: checks: Make resume conditions more explicit in tcpcheck_main()
    - MINOR: connection: Add macros to know if a conn or a cs uses an HTX mux
    - MEDIUM: checks: Refactor how data are received in tcpcheck_main()
    - MINOR: checks/obj_type: Add a new object type for checks
    - BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
    - MINOR: checks: Use the check as origin when a session is created
    - MINOR: checks: Add a mux proto to health-check and tcp-check connect rule
    - MINOR: connection: Add a function to install a mux for a health-check
    - MAJOR: checks: Use the best mux depending on the protocol for health checks
    - MEDIUM: checks: Implement default TCP check using tcp-check rules
    - MINOR: checks: Remove unused code about pure TCP checks
    - CLEANUP: checks: Reorg checks.c file to be more readable
    - REGTEST: Fix reg-tests about health-checks to adapt them to recent changes
    - MINOR: ist: Add a function to retrieve the ist pointer
    - MINOR: checks: Use ist API as far as possible
    - BUG/MEDIUM: checks: Be sure to subscribe for sends if outgoing data remains
    - MINOR: checks: Use a tree instead of a list to store tcp-check rulesets
    - BUG/MINOR: checks: Send the right amount of outgoing data for HTTP checks
    - REGTEST: Add scripts to test based tcp-check health-checks
    - Revert "MEDIUM: checks: capture groups in expect regexes"
    - DOC: Add documentation about comments for tcp-check and http-check directives
    - DOC: Fix the tcp-check and http-check directives layout
    - BUG/MEDIUM: checks: Use the mux protocol specified on the server line
    - MINOR: checks: Support mux protocol definition for tcp and http health checks
    - BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
    - MINOR: checks: Support list of status codes on http-check expect rules
    - BUG/MEDIUM: checks: Unsubscribe to mux events when a conn-stream is destroyed
    - REGTEST: Add a script to validate agent checks
    - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
    - BUG/MEDIUM: checks: unsubscribe for events on the old conn-stream on connect
    - BUG/MINOR: checks: Only use ssl_sock_is_ssl() if compiled with SSL support
    - BUG/MINOR: checks/server: use_ssl member must be signed
    - BUG/MEDIUM: sessions: Always pass the mux context as argument to destroy a mux
    - BUG/MEDIUM: checks: Destroy the conn-stream before the session
    - BUG/MINOR: checks: Fix PostgreSQL regex on the authentication packet
    - CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on CentOS 6
    - MINOR: checks: Support HTTP/2 version (without '.0') for http-check send rules
    - MINOR: checks: Use ver keyword to specify the HTTP version for http checks
    - BUG/MINOR: checks: Remove wrong variable redeclaration
    - BUG/MINOR: checks: Properly handle truncated mysql server messages
    - CLEANUP: checks: Remove unused code when ldap server message is parsed
    - MINOR: checks: Make the use of the check's server more explicit on connect
    - BUG/MINOR: checks: Avoid incompatible cast when a binary string is parsed
    - BUG/MINOR: checks: Remove bad call to free() when an expect rule is parsed
    - BUG/MINOR: checks: Don't lose warning on proxy capability
    - MINOR: log: Add "Tu" timer
    - BUG/MINOR: checks: Set the output buffer length before calling parse_binary()
    - BUG/MEDIUM: mux-h1: make sure we always have a timeout on front connections
    - REGTEST: ssl: test the client certificate authentication
    - DOC: give a more accurate description of what check does
    - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
    - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
    - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
    - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
    - CLEANUP: http: add a few comments on certain functions' assumptions about streams
    - BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
    - MINOR: http-htx: Export functions to update message authority and host
    - MINOR: checks: Don't support multiple host header for http-check send rule
    - MINOR: checks: Skip some headers for http-check send rules
    - MINOR: checks: Keep the Host header and the request uri synchronized
    - CLEANUP: checks: Fix checks includes
    - DOC: Fix send rules in the http-check connect example
    - DOC: Add more info about request formatting in http-check send description
    - REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script
    - REGTEST: ssl: remove curl from the "add ssl crt-list" test
    - REGTEST: ssl: improve the "set ssl cert" test
    - CLEANUP: ssl: silence a build warning when threads are disabled
    - BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
    - MINOR: threads: export the POSIX thread ID in panic dumps
    - BUG/MINOR: debug: properly use long long instead of long for the thread ID
    - BUG/MEDIUM: shctx: really check the lock's value while waiting
    - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
    - MINOR: stream: report the list of active filters on stream crashes
    - BUG/MEDIUM: mux-fcgi: Return from detach if server don't keep the connection
    - BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
    - BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
    - BUG/MEDIUM: connections: force connections cleanup on server changes
    - BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
    - BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
    - CLEANUP: connections: align function declaration
    - BUG/MINOR: sample: Set the correct type when a binary is converted to a string
    - MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples
    - DOC: Document the log-format parameter for tcp-check send/send-binary rules
    - MINOR: checks: Add support of payload-based sample fetches
    - MINOR: checks: Add support of be_id, be_name, srv_id and srv_name sample fetches
    - MINOR: checks: Add support of server side ssl sample fetches
    - MINOR: checks: Add support of HTTP response sample fetches
    - MINOR: http-htx: Support different methods to look for header names
    - MINOR: checks: Set by default expect rule status to UNKNOWN during parsing
    - BUG/MINOR: checks: Support multiple HTTP expect rules
    - REGTEST: checks: Fix sync condition for agent-check
    - MEDIUM: checks: Support matching on headers for http-check expect rules
    - MINOR: lua: allow changing port with set_addr
    - BUG/MINOR: da: Fix HTX message prefetch
    - BUG/MINOR: wurfl: Fix HTX message prefetch
    - BUG/MINOR: 51d: Fix HTX message prefetch
    - MINOR: ist: add istadv() function
    - MINOR: ist: add istissame() function
    - MINOR: istbuf: add ist2buf() function
    - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
    - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
    - DOC: update intro.txt for 2.2
    - DOC: intro: add a contacts section

2020/04/17 : 2.2-dev6
    - BUG/MINOR: ssl: memory leak when find_chain is NULL
    - CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain
    - MINOR: ssl: rework add cert chain to CTX to be libssl independent
    - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
    - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
    - BUG/MINOR: peers: Use after free of "peers" section.
    - CI: github actions: add weekly h2spec test
    - BUG/MEDIUM: mux_h1: Process a new request if we already received it.
    - MINOR: build: Fix build in mux_h1
    - CLEANUP: remove obsolete comments
    - BUG/MEDIUM: dns: improper parsing of aditional records
    - MINOR: ssl: skip self issued CA in cert chain for ssl_ctx
    - MINOR: listener: add so_name sample fetch
    - MEDIUM: stream: support use-server rules with dynamic names
    - MINOR: servers: Add a counter for the number of currently used connections.
    - MEDIUM: connections: Revamp the way idle connections are killed
    - MINOR: cli: add a general purpose pointer in the CLI struct
    - MINOR: ssl: add a list of bind_conf in struct crtlist
    - REORG: ssl: move SETCERT enum to ssl_sock.h
    - BUG/MINOR: ssl: ckch_inst wrongly inserted in crtlist_entry
    - REORG: ssl: move some functions above crtlist_load_cert_dir()
    - MINOR: ssl: use crtlist_free() upon error in directory loading
    - MINOR: ssl: add a list of crtlist_entry in ckch_store
    - MINOR: ssl: store a ptr to crtlist in crtlist_entry
    - MINOR: ssl/cli: update pointer to store in 'commit ssl cert'
    - MEDIUM: ssl/cli: 'add ssl crt-list' command
    - REGTEST: ssl/cli: test the 'add ssl crt-list' command
    - BUG/MINOR: ssl: entry->ckch_inst not initialized
    - REGTEST: ssl/cli: change test type to devel
    - REGTEST: make the PROXY TLV validation depend on version 2.2
    - CLEANUP: assorted typo fixes in the code and comments
    - BUG/MINOR: stats: Fix color of draining servers on stats page
    - DOC: internals: Fix spelling errors in filters.txt
    - MINOR: connections: Don't mark conn flags 0x00000001 and 0x00000002 as unused.
    - REGTEST: make the unique-id test depend on version 2.0
    - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive
    - MINOR: ssl: split the line parsing of the crt-list
    - MINOR: ssl/cli: support filters and options in add ssl crt-list
    - MINOR: ssl: add a comment above the ssl_bind_conf keywords
    - REGTEST: ssl/cli: tests options and filters w/ add ssl crt-list
    - REGTEST: ssl: pollute the crt-list file
    - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping
    - BUG/MINOR: protocol_buffer: Wrong maximum shifting.
    - CLEANUP: src/fd.c: mask setsockopt with DISGUISE
    - BUG/MINOR: ssl/cli: initialize fcount int crtlist_entry
    - REGTEST: ssl/cli: add other cases of 'add ssl crt-list'
    - CLEANUP: assorted typo fixes in the code and comments
    - DOC: management: add the new crt-list CLI commands
    - BUG/MINOR: ssl/cli: fix spaces in 'show ssl crt-list'
    - MINOR: ssl/cli: 'del ssl crt-list' delete an entry
    - MINOR: ssl/cli: replace dump/show ssl crt-list by '-n' option
    - CI: use better SSL library definition
    - CI: travis-ci: enable DEBUG_STRICT=1 for CI builds
    - CI: travis-ci: upgrade openssl to 1.1.1f
    - MINOR: ssl: improve the errors when a crt can't be open
    - CI: cirrus-ci: rename openssl package after it is renamed in FreeBSD
    - CI: adopt openssl download script to download all versions
    - BUG/MINOR: ssl/cli: lock the ckch structures during crt-list delete
    - MINOR: ssl/cli: improve error for bundle in add/del ssl crt-list
    - MINOR: ssl/cli: 'del ssl cert' deletes a certificate
    - BUG/MINOR: ssl: trailing slashes in directory names wrongly cached
    - BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
    - CLEANUP: ssl: use the refcount for the SSL_CTX'
    - CLEANUP: ssl/cli: use the list of filters in the crtlist_entry
    - BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
    - CLEANUP: ssl: remove a commentary in struct ckch_inst
    - MINOR: ssl: initialize all list in ckch_inst_new()
    - MINOR: ssl: free instances and SNIs with ckch_inst_free()
    - MINOR: ssl: replace ckchs_free() by ckch_store_free()
    - BUG/MEDIUM: ssl/cli: trying to access to free'd memory
    - MINOR: ssl: ckch_store_new() alloc and init a ckch_store
    - MINOR: ssl: crtlist_new() alloc and initialize a struct crtlist
    - REORG: ssl: move some free/new functions
    - MINOR: ssl: crtlist_entry_{new, free}
    - BUG/MINOR: ssl: ssl_conf always set to NULL on crt-list parsing
    - MINOR: ssl: don't alloc ssl_conf if no option found
    - BUG/MINOR: connection: always send address-less LOCAL PROXY connections
    - BUG/MINOR: peers: Incomplete peers sections should be validated.
    - MINOR: init: report in "haproxy -c" whether there were warnings or not
    - MINOR: init: add -dW and "zero-warning" to reject configs with warnings
    - MINOR: init: report the compiler version in haproxy -vv
    - CLEANUP: assorted typo fixes in the code and comments
    - MINOR: init: report the haproxy version and executable path once on errors
    - DOC: Make how "option redispatch" works more explicit
    - BUILD: Makefile: add linux-musl to TARGET
    - CLEANUP: assorted typo fixes in the code and comments
    - CLEANUP: http: Fixed small typo in parse_http_return
    - DOC: hashing: update link to hashing functions

2020/03/23 : 2.2-dev5
    - CLEANUP: ssl: is_default is a bit in ckch_inst
    - BUG/MINOR: ssl/cli: sni_ctx' mustn't always be used as filters
    - DOC: ssl: clarify security implications of TLS tickets
    - CLEANUP: remove support for Linux i686 vsyscalls
    - CLEANUP: drop support for USE_MY_ACCEPT4
    - CLEANUP: remove support for USE_MY_EPOLL
    - CLEANUP: remove support for USE_MY_SPLICE
    - CLEANUP: remove the now unused common/syscall.h
    - BUILD: make dladdr1 depend on glibc version and not __USE_GNU
    - BUILD: wdt: only test for SI_TKILL when compiled with thread support
    - BUILD: Makefile: the compiler-specific flags should all be in SPEC_CFLAGS
    - CLEANUP: ssl: separate the directory loading in a new function
    - BUG/MINOR: buffers: MT_LIST_DEL_SAFE() expects the temporary pointer.
    - BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL;
    - MINOR: init: move the maxsock calculation code to compute_ideal_maxsock()
    - MEDIUM: init: always try to push the FD limit when maxconn is set from -m
    - BUG/MAJOR: list: fix invalid element address calculation
    - BUILD: stream-int: fix a few includes dependencies
    - MINOR: mt_lists: Appease gcc.
    - MINOR: lists: Implement function to convert list => mt_list and mt_list => list
    - MINOR: servers: Kill priv_conns.
    - MINOR: lists: fix indentation.
    - BUG/MEDIUM: random: align the state on 2*64 bits for ARM64
    - BUG/MEDIUM: connections: Don't assume the connection has a valid session.
    - BUG/MEDIUM: pools: Always update free_list in pool_gc().
    - BUG/MINOR: haproxy: always initialize sleeping_thread_mask
    - BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping
    - BUG/MINOR: haproxy/threads: try to make all threads leave together
    - Revert "BUILD: travis-ci: enable s390x builds"
    - BUILD: travis-ci: enable regular s390x builds
    - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID
    - MINOR: proxy_protocol: Ingest PP2_TYPE_UNIQUE_ID on incoming connections
    - MEDIUM: proxy_protocol: Support sending unique IDs using PPv2
    - CLEANUP: connection: Add blank line after declarations in PP handling
    - CLEANUP: assorted typo fixes in the code and comments
    - CI: add spellcheck github action
    - DOC: correct typo in alert message about rspirep
    - CI: travis: switch linux builds to clang-9
    - MINOR: debug: add a new DISGUISE() macro to pass a value as identity
    - MINOR: debug: consume the write() result in BUG_ON() to silence a warning
    - MINOR: use DISGUISE() everywhere we deliberately want to ignore a result
    - BUILD: pools: silence build warnings with DEBUG_MEMORY_POOLS and DEBUG_UAF
    - CLEANUP: connection: Stop directly setting an ist's .ptr
    - CI: travis: revert to clang-7 for BoringSSL tests
    - BUILD: on ARM, must be linked to libatomic.
    - BUILD: makefile: fix regex syntax in ARM platform detection
    - BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases.
    - REORG: ssl: move ssl_sock_load_cert()
    - MINOR: ssl: pass ckch_inst to ssl_sock_load_ckchs()
    - MEDIUM: ssl: allow crt-list caching
    - MINOR: ssl: directories are loaded like crt-list
    - BUG/MINOR: ssl: can't open directories anymore
    - BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area
    - MINOR: fd: Use a separate lock for logs instead of abusing the fd lock.
    - MINOR: mux_pt: Don't try to remove the connection from the idle list.
    - MINOR: ssl/cli: show/dump ssl crt-list
    - BUG/MINOR: ssl/cli: free the trash chunk in dump_crtlist
    - MEDIUM: fd: Introduce a running mask, and use it instead of the spinlock.
    - BUG/MINOR: ssl: memory leak in crtlist_parse_file()
    - MINOR: tasks: Provide the tasklet to the callback.
    - BUG/MINOR: ssl: memleak of struct crtlist_entry
    - BUG/MINOR: pattern: Do not pass len = 0 to calloc()
    - BUILD: makefile: fix expression again to detect ARM platform
    - CI: travis: re-enable ASAN on clang
    - CI: travis: proper group output redirection together with travis_wait
    - DOC: assorted typo fixes in the documentation
    - MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h.
    - BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue().
    - MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc.
    - MINOR: ssl/cli: 'new ssl cert' command
    - MINOR: ssl/cli: show certificate status in 'show ssl cert'
    - MEDIUM: sessions: Don't be responsible for connections anymore.
    - MEDIUM: servers: Split the connections into idle, safe, and available.
    - MINOR: fd: Implement fd_takeover().
    - MINOR: connections: Add a new mux method, "takeover".
    - MINOR: connections: Make the "list" element a struct mt_list instead of list.
    - MINOR: connections: Add a flag to know if we're in the safe or idle list.
    - MEDIUM: connections: Attempt to get idle connections from other threads.
    - MEDIUM: mux_h1: Implement the takeover() method.
    - MEDIUM: mux_h2: Implement the takeover() method.
    - MEDIUM: mux_fcgi: Implement the takeover() method.
    - MEDIUM: connections: Kill connections even if we are reusing one.
    - BUG/MEDIUM: connections: Don't forget to decrement idle connection counters.
    - BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure
    - BUG/MINOR: ssl: Correctly add the 1 for the sentinel to the number of elements
    - BUG/MINOR: ssl: crtlist_dup_filters() must return NULL with fcount == 0
    - BUG/MEDIUM: build: Fix compilation by spelling decl correctly.
    - BUILD/MEDIUM: fd: Declare fd_mig_lock as extern.
    - CI: run travis-ci builds on push only, skip pull requests
    - CI: temporarily disable unstable travis arm64 builds
    - BUG/MINOR: ssl/cli: free BIO upon error in 'show ssl cert'
    - BUG/MINOR: connections: Make sure we free the connection on failure.
    - BUG/MINOR: ssl/cli: fix a potential NULL dereference
    - BUG/MEDIUM: h1: Make sure we subscribe before going into idle list.
    - BUG/MINOR: connections: Set idle_time before adding to idle list.
    - MINOR: muxes: Note that we can't usee a connection when added to the srv idle.
    - REGTEST: increase timeouts on the seamless-reload test
    - BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection
    - CLEANUP: haproxy/threads: don't check global_tasks_mask twice

2020/03/09 : 2.2-dev4
    - MEDIUM: buffer: remove the buffer_wq lock
    - MINOR: ssl: move find certificate chain code to its own function
    - MINOR: ssl: resolve issuers chain later
    - MINOR: ssl: resolve ocsp_issuer later
    - MINOR: ssl/cli: "show ssl cert" command should print the "Chain Filename:"
    - BUG/MINOR: h2: reject again empty :path pseudo-headers
    - MINOR: wdt: always clear sigev_value to make valgrind happy
    - MINOR: epoll: always initialize all of epoll_event to please valgrind
    - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch
    - BUG/MEDIUM: ssl: chain must be initialized with sk_X509_new_null()
    - BUILD: cirrus-ci: suppress OS version check when installing packages
    - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits
    - CLEANUP: fd: remove the FD_EV_STATUS aggregate
    - CLEANUP: fd: remove some unneeded definitions of FD_EV_* flags
    - MINOR: fd: merge the read and write error bits into RW error
    - BUG/MINOR: dns: ignore trailing dot
    - MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric
    - BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name
    - MINOR: mux-h1: Remove useless case-insensitive comparisons
    - MINOR: rawsock: always mark the FD not ready when we're certain it happens
    - MEDIUM: connection: make the subscribe() call able to wakeup if ready
    - MEDIUM: connection: don't stop receiving events in the FD handler
    - MEDIUM: mux-h1: do not blindly wake up the tasklet at end of request anymore
    - BUG/MINOR: arg: don't reject missing optional args
    - MINOR: tools: make sure to correctly check the returned 'ms' in date2std_log
    - MINOR: debug: report the task handler's pointer relative to main
    - BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump
    - MINOR: haproxy: export main to ease access from debugger
    - MINOR: haproxy: export run_poll_loop
    - MINOR: task: export run_tasks_from_list
    - BUILD: tools: remove obsolete and conflicting trace() from standard.c
    - MINOR: tools: add new function dump_addr_and_bytes()
    - MINOR: tools: add resolve_sym_name() to resolve function pointers
    - MINOR: debug: use resolve_sym_name() to dump task handlers
    - MINOR: cli: make "show fd" rely on resolve_sym_name()
    - MEDIUM: debug: add support for dumping backtraces of stuck threads
    - MINOR: debug: call backtrace() once upon startup
    - MINOR: ssl: add "ca-verify-file" directive
    - BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled
    - BUILD: Makefile: include librt before libpthread
    - MEDIUM: wdt: fall back to CLOCK_REALTIME if CLOCK_THREAD_CPUTIME is not available
    - MINOR: wdt: do not depend on USE_THREAD
    - MINOR: debug: report the number of entries in the backtrace
    - MINOR: debug: improve backtrace() on aarch64 and possibly other systems
    - MINOR: debug: use our own backtrace function on clang+x86_64
    - MINOR: debug: dump the whole trace if we can't spot the starting point
    - BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
    - BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
    - CLEANUP: contrib/spoa_example: Fix several typos
    - BUILD: makefile: do not modify the build options during make reg-tests
    - BUG/MEDIUM: connection: stop polling for sending when the event is ready
    - MEDIUM: stream-int: make sure to try to immediately validate the connection
    - MINOR: tcp/uxst/sockpair: only ask for I/O when really waiting for a connect()
    - MEDIUM: connection: only call ->wake() for connect() without I/O
    - OPTIM: connection: disable receiving on disabled events when the run queue is too high
    - OPTIM: mux-h1: subscribe rather than waking up at a few other places
    - REGTEST: Add unique-id reg-test
    - MINOR: stream: Add stream_generate_unique_id function
    - MINOR: stream: Use stream_generate_unique_id
    - BUG/MINOR: connection/debug: do not enforce !event_type on subscribe() anymore
    - MINOR: ssl/cli: support crt-list filters
    - MINOR: ssl: reach a ckch_store from a sni_ctx
    - DOC: fix incorrect indentation of http_auth_*
    - BUG/MINOR: ssl-sock: do not return an uninitialized pointer in ckch_inst_sni_ctx_to_sni_filters
    - MINOR: debug: add CLI command "debug dev write" to write an arbitrary size
    - MINOR: ist: Add `IST_NULL` macro
    - MINOR: ist: Add `int isttest(const struct ist)`
    - MINOR: ist: Add `struct ist istalloc(size_t)` and `void istfree(struct ist*)`
    - CLEANUP: Use `isttest()` and `istfree()`
    - MINOR: ist: Add `struct ist istdup(const struct ist)`
    - MINOR: proxy: Make `header_unique_id` a `struct ist`
    - MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist`
    - OPTIM: startup: fast unique_id allocation for acl.
    - DOC: configuration.txt: fix various typos
    - DOC: assorted typo fixes in the documentation and Makefile
    - BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits
    - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
    - CLEANUP: proxy_protocol: Use `size_t` when parsing TLVs
    - MINOR: buf: Add function to insert a string at an absolute offset in a buffer
    - MINOR: htx: Add a function to return a block at a specific offset
    - MINOR: htx: Use htx_find_offset() to truncate an HTX message
    - MINOR: flt_trace: Use htx_find_offset() to get the available payload length
    - BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data
    - BUG/MINOR: filters: Forward everything if no data filters are called
    - BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload
    - BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload
    - BUG/MINOR: http-ana: Reset request analysers on a response side error
    - BUG/MINOR: lua: Abort when txn:done() is called from a Lua action
    - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not
    - MINOR: lua: Add function to know if a channel is a response one
    - MINOR: lua: Stop using the lua txn in hlua_http_get_headers()
    - MINOR: lua: Stop using the lua txn in hlua_http_rep_hdr()
    - MINOR: lua: Stop using lua txn in hlua_http_del_hdr() and hlua_http_add_hdr()
    - MINOR: lua: Remove the flag HLUA_TXN_HTTP_RDY
    - MINOR: lua: Rename hlua_action_wake_time() to hlua_set_wake_time()
    - BUG/MINOR: lua: Init the lua wake_time value before calling a lua function
    - BUG/MINOR: http-rules: Return ACT_RET_ABRT to abort a transaction
    - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action
    - BUG/MINOR: http-rules: Fix a typo in the reject action function
    - MINOR: cache/filters: Initialize the cache filter when stream is created
    - MINOR: compression/filters: Initialize the comp filter when stream is created
    - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action
    - BUG/MINOR: rules: Return ACT_RET_ABRT when a silent-drop action is executed
    - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop
    - BUG/MINOR: http-rules: Abort transaction when a redirect is applied on response
    - BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h
    - BUILD: ssl: include mini-clist.h
    - BUILD: global: must not include common/standard.h but only types/freq_ctr.h
    - BUILD: freq_ctr: proto/freq_ctr needs to include common/standard.h
    - BUILD: listener: types/listener.h must not include standard.h
    - BUG/MEDIUM: random: initialize the random pool a bit better
    - BUG/MEDIUM: random: implement per-thread and per-process random sequences
    - Revert "BUG/MEDIUM: random: implement per-thread and per-process random sequences"
    - BUILD: cirrus-ci: get rid of unstable freebsd images
    - MINOR: tools: add 64-bit rotate operators
    - BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG
    - MINOR: backend: use a single call to ha_random32() for the random LB algo
    - BUG/MINOR: checks/threads: use ha_random() and not rand()
    - MINOR: sample: make all bits random on the rand() sample fetch
    - MINOR: tools: add a generic function to generate UUIDs
    - DOC: fix typo about no-tls-tickets
    - DOC: improve description of no-tls-tickets
    - DOC: assorted typo fixes in the documentation
    - CLEANUP: remove unused code in 'my_ffsl/my_flsl' functions

2020/02/25 : 2.2-dev3
    - SCRIPTS: announce-release: place the send command in the mail's header
    - SCRIPTS: announce-release: allow the user to force to overwrite old files
    - SCRIPTS: backport: fix the master branch detection
    - BUG/MINOR: http-act: Set stream error flag before returning an error
    - BUG/MINOR: http-act: Fix bugs on error path during parsing of return actions
    - BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
    - BUG/MEDIUM: tcp-rules: Fix track-sc* actions for L4/L5 TCP rules
    - DOC: schematic of the SSL certificates architecture
    - BUG/MAJOR: mux-h2: don't wake streams after connection was destroyed
    - BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
    - BUILD: cirrus-ci: switch to "snap" images to unify openssl naming
    - BUILD: cirrus-ci: workaround "pkg install" bug
    - BUILD: cirrus-ci: add ERR=1 to freebsd builds
    - BUG/MINOR: connection: correctly retry I/O on signals
    - CLEANUP: mini-clist: simplify nested do { while(1) {} } while (0)
    - BUILD: http_act: cast file sizes when reporting file size error
    - BUG/MEDIUM: listener: only consider running threads when resuming listeners
    - BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
    - BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
    - MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs
    - BUILD: travis-ci: no more allowed failures for openssl-1.0.2
    - BUILD: travis-ci: harden builds, add ERR=1 (warning ought to be errors)
    - BUILD: scripts/build-ssl.sh: use "uname" instead of ${TRAVIS_OS_NAME}
    - BUG/MINOR: tcp: don't try to set defaultmss when value is negative
    - SCRIPTS: make announce-release executable again
    - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat
    - BUG/MEDIUM: muxes: Use the right argument when calling the destroy method.
    - BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param
    - CLEANUP: ssl: remove unused functions in openssl-compat.h
    - MINOR: mux-fcgi: Make the capture of the path-info optional in pathinfo regex
    - MINOR: tools: add is_idchar() to tell if a char may belong to an identifier
    - MINOR: chunk: implement chunk_strncpy() to copy partial strings
    - MINOR: sample/acl: use is_idchar() to locate the fetch/conv name
    - MEDIUM: arg: make make_arg_list() stop after its own arguments
    - MEDIUM: arg: copy parsed arguments into the trash instead of allocating them
    - MEDIUM: arg: make make_arg_list() support quotes in arguments
    - MINOR: sample: make sample_parse_expr() able to return an end pointer
    - MEDIUM: log-format: make the LF parser aware of sample expressions' end
    - BUG/MINOR: arg: report an error if an argument is larger than bufsize
    - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft
    - BUILD: enable ERR=1 in github cygwin builds
    - BUG/MINOR: arg: fix again incorrect argument length check
    - MINOR: sample: regsub now supports backreferences
    - BUG/MINOR: tools: also accept '+' as a valid character in an identifier
    - MINOR: http-htx: Add a function to retrieve the headers size of an HTX message
    - MINOR: filters: Forward data only if the last filter forwards something
    - BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them
    - BUG/MINOR: http-htx: Don't return error if authority is updated without changes
    - BUG/MINOR: stream: Don't incr frontend cum_req counter when stream is closed
    - BUG/MINOR: sample: exit regsub() in case of trash allocation error
    - MINOR: ssl: add "issuers-chain-path" directive.
    - REGTESTS: use "command -v" instead of "which"
    - BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive
    - MINOR: http-ana: Match on the path if the monitor-uri starts by a /
    - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
    - BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered
    - BUG/MINOR: mux: do not call conn_xprt_stop_recv() on buffer shortage
    - MINOR: checks: do not call conn_xprt_stop_send() anymore
    - CLEANUP: epoll: place the struct epoll_event in the stack
    - MEDIUM: connection: remove the intermediary polling state from the connection
    - MINOR: raw_sock: directly call fd_stop_send() and not conn_xprt_stop_send()
    - MINOR: tcp/uxst/sockpair: use fd_want_send() instead of conn_xprt_want_send()
    - MINOR: connection: remove the last calls to conn_xprt_{want,stop}_*
    - CLEANUP: connection: remove the definitions of conn_xprt_{stop,want}_{send,recv}
    - MINOR: connection: introduce a new receive flag: CO_RFL_READ_ONCE
    - MINOR: mux-h1: pass CO_RFL_READ_ONCE to the lower layers when relevant
    - MINOR: ist: add an iststop() function
    - BUG/MINOR: http: http-request replace-path duplicates the query string
    - CLEANUP: sample: use iststop instead of a for loop
    - BUG/MEDIUM: shctx: make sure to keep all blocks aligned
    - MINOR: compiler: move CPU capabilities definition from config.h and complete them
    - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support
    - CLEANUP: http/h1: rely on HA_UNALIGNED_LE instead of checking for CPU families
    - BUILD: fix recent build failure on unaligned archs
    - MINOR: ssl: load the key from a dedicated file
    - BUG/MINOR: ssl: load .key in a directory only after PEM
    - MINOR: compiler: drop special cases of likely/unlikely for older compilers
    - CLEANUP: conn: Do not pass a pointer to likely
    - CLEANUP: net_helper: Do not negate the result of unlikely
    - BUILD: remove obsolete support for -mregparm / USE_REGPARM
    - CLEANUP: cfgparse: Fix type of second calloc() parameter
    - BUILD: ssl: only pass unsigned chars to isspace()
    - BUILD: general: always pass unsigned chars to is* functions
    - BUG/MINOR: sample: fix the json converter's endian-sensitivity
    - BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions
    - CLEANUP: fd: use a union in fd_rm_from_fd_list() to shut aliasing warnings
    - CLEANUP: cache: use read_u32/write_u32 to access the cache entry's hash
    - CLEANUP: stick-tables: use read_u32() to display a node's key
    - CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask
    - MINOR: pattern: fix all remaining strict aliasing issues
    - CLEANUP: lua: fix aliasing issues in the address matching code
    - CLEANUP: connection: use read_u32() instead of a cast in the netscaler parser
    - BUILD: makefile: re-enable strict aliasing
    - BUG/MINOR: connection: make sure to correctly tag local PROXY connections
    - MINOR: compiler: add new alignment macros
    - BUILD: ebtree: improve architecture-specific alignment
    - MINOR: config: mark global.debug as deprecated
    - BUILD: travis-ci: enable s390x builds
    - MINOR: ssl/cli: 'show ssl cert' displays the chain
    - MINOR: ssl/cli: 'show ssl cert'displays the issuer in the chain
    - MINOR: ssl/cli: reorder 'show ssl cert' output
    - CLEANUP: ssl: move issuer_chain tree and definition
    - DOC: proxy-protocol: clarify IPv6 address representation in the spec

2020/02/07 : 2.2-dev2
    - BUILD: CI: temporarily mark openssl-1.0.2 as allowed failure
    - MEDIUM: cli: Allow multiple filter entries for "show table"
    - BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
    - BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
    - BUILD: stick-table: fix build errors introduced by last stick-table change
    - BUG/MINOR: cli: Missing arg offset for filter data values.
    - MEDIUM: streams: Always create a conn_stream in connect_server().
    - MEDIUM: connections: Get ride of the xprt_done callback.
    - CLEANUP: changelog: remove the duplicate entry for 2.2-dev1
    - BUILD: CI: move cygwin builds to Github Actions
    - MINOR: cli: Report location of errors or any extra data for "show table"
    - BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
    - CLEANUP: backend: remove useless test for inexistent connection
    - CLEANUP: backend: shut another false null-deref in back_handle_st_con()
    - CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2
    - BUG/MINOR: ssl: increment issuer refcount if in chain
    - BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
    - BUG/MINOR: ssl: typo in previous patch
    - BUG/MEDIUM: connections: Set CO_FL_CONNECTED in conn_complete_session().
    - BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
    - MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_*
    - BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
    - MINOR: stream-int: always report received shutdowns
    - MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE
    - MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE
    - MINOR: connection: remove checks for CO_FL_HANDSHAKE before I/O
    - MINOR: connection: do not check for CO_FL_SOCK_RD_SH too early
    - MINOR: connection: don't check for CO_FL_SOCK_WR_SH too early in handshakes
    - MINOR: raw-sock: always check for CO_FL_SOCK_WR_SH before sending
    - MINOR: connection: remove some unneeded checks for CO_FL_SOCK_WR_SH
    - BUG/MINOR: stktable: report the current proxy name in error messages
    - BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers"
    - MINOR: lua: Add hlua_prepend_path function
    - MINOR: lua: Add lua-prepend-path configuration option
    - MINOR: lua: Add HLUA_PREPEND_C?PATH build option
    - BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
    - BUG/MINOR: http-ana: Increment the backend counters on the backend
    - BUG/MINOR: stream: Be sure to have a listener to increment its counters
    - BUG/MEDIUM: streams: Move the conn_stream allocation outside #IF USE_OPENSSL.
    - REGTESTS: make the set_ssl_cert test require version 2.2
    - BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
    - MINOR: ssl: Remove dead code.
    - BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
    - BUG/MEDIUM: stream: Don't install the mux in back_handle_st_con().
    - MEDIUM: streams: Don't close the connection in back_handle_st_con().
    - MEDIUM: streams: Don't close the connection in back_handle_st_rdy().
    - BUILD: CI: disable slow regtests on Travis
    - BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
    - BUG/MINOR: http-rules: Always init log-format expr for common HTTP actions
    - BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
    - BUG/MINOR: dns: allow 63 char in hostname
    - MINOR: proxy: clarify number of connections log when stopping
    - DOC: word converter ignores delimiters at the start or end of input string
    - MEDIUM: raw-sock: remove obsolete calls to fd_{cant,cond,done}_{send,recv}
    - BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2
    - MEDIUM: pipe/thread: reduce the locking overhead
    - MEDIUM: pipe/thread: maintain a per-thread local cache of recently used pipes
    - BUG/MEDIUM: pipe/thread: fix atomicity of pipe counters
    - MINOR: tasks: move the list walking code to its own function
    - MEDIUM: tasks: implement 3 different tasklet classes with their own queues
    - MEDIUM: tasks: automatically requeue into the bulk queue an already running tasklet
    - OPTIM: task: refine task classes default CPU bandwidth ratios
    - BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
    - MINOR: task: permanently flag tasklets waking themselves up
    - MINOR: task: make sched->current also reflect tasklets
    - MINOR: task: detect self-wakeups on tl==sched->current instead of TASK_RUNNING
    - OPTIM: task: readjust CPU bandwidth distribution since last update
    - MINOR: task: don't set TASK_RUNNING on tasklets
    - BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
    - MINOR: memory: Only init the pool spinlock once.
    - BUG/MEDIUM: memory: Add a rwlock before freeing memory.
    - BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
    - MINOR: ssl: ssl-load-extra-files configure loading of files
    - SCRIPTS: add a new "backport" script to simplify long series of backports
    - BUG/MINOR: ssl: we may only ignore the first 64 errors
    - SCRIPTS: use /usr/bin/env bash instead of /bin/bash for scripts
    - BUG/MINOR: ssl: clear the SSL errors on DH loading failure
    - CLEANUP: hpack: remove a redundant test in the decoder
    - CLEANUP: peers: Remove unused static function `free_dcache`
    - CLEANUP: peers: Remove unused static function `free_dcache_tx`
    - CONTRIB: debug: add missing flags SF_HTX and SF_MUX
    - CONTRIB: debug: add the possibility to decode the value as certain types only
    - CONTRIB: debug: support reporting multiple values at once
    - BUG/MINOR: http-act: Use the good message to test strict rewritting mode
    - MINOR: global: Set default tune.maxrewrite value during global structure init
    - MINOR: http-rules: Set SF_ERR_PRXCOND termination flag when a header rewrite fails
    - MINOR: http-htx: Emit a warning if an error file runs over the buffer's reserve
    - MINOR: htx: Add a function to append an HTX message to another one
    - MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer
    - BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported
    - MINOR: dns: Dynamically allocate dns options to reduce the act_rule size
    - MINOR: dns: Add function to release memory allocated for a do-resolve rule
    - BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response
    - BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect
    - MINOR: http-rules: Add a flag on redirect rules to know the rule direction
    - MINOR: http-rules: Handle the rule direction when a redirect is evaluated
    - MINOR: http-ana: Rely on http_reply_and_close() to handle server error
    - MINOR: http-ana: Add a function for forward internal responses
    - MINOR: http-ana/http-rules: Use dedicated function to forward internal responses
    - MEDIUM: http: Add a ruleset evaluated on all responses just before forwarding
    - MEDIUM: http-rules: Add the return action to HTTP rules
    - MEDIUM: http-rules: Support extra headers for HTTP return actions
    - CLEANUP: lua: Remove consistency check for sample fetches and actions
    - BUG/MINOR: http-ana: Increment failed_resp counters on invalid response
    - MINOR: lua: Get the action return code on the stack when an action finishes
    - MINOR: lua: Create the global 'act' object to register all action return codes
    - MINOR: lua: Add act:wake_time() function to set a timeout when an action yields
    - MEDIUM: lua: Add ability for actions to intercept HTTP messages
    - REGTESTS: Add reg tests for the HTTP return action
    - REGTESTS: Add a reg test for http-after-response rulesets
    - BUILD: lua: silence a warning on systems where longjmp is not marked as noreturn
    - MINOR: acl: Warn when an ACL is named 'or'
    - CONTRIB: debug: also support reading values from stdin
    - SCRIPTS: backport: use short revs and resolve the initial commit
    - BUG/MINOR: acl: Fix type of log message when an acl is named 'or'

2020/01/22 : 2.2-dev1
    - DOC: this is development again
    - MINOR: version: this is development again, update the status
    - SCRIPTS: update create-release to fix the changelog on new branches
    - CLEANUP: ssl: Clean up error handling
    - BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only
    - BUG/MINOR: h1: Don't test the host header during response parsing
    - BUILD/MINOR: trace: fix use of long type in a few printf format strings
    - DOC: Clarify behavior of server maxconn in HTTP mode
    - MINOR: ssl: deduplicate ca-file
    - MINOR: ssl: compute ca-list from deduplicate ca-file
    - MINOR: ssl: deduplicate crl-file
    - CLEANUP: dns: resolution can never be null
    - BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty
    - DOC: ssl/cli: set/commit/abort ssl cert
    - BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2
    - BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive
    - BUG/MINOR: stats: Fix HTML output for the frontends heading
    - BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0
    - DOC: clarify matching strings on binary fetches
    - DOC: Fix ordered list in summary
    - DOC: move the "group" keyword at the right place
    - MEDIUM: init: prevent process and thread creation at runtime
    - BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights
    - BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
    - BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
    - BUG/MINOR: ssl/cli: don't overwrite the filters variable
    - BUG/MEDIUM: listener/thread: fix a race when pausing a listener
    - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
    - BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
    - BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
    - BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
    - BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity().
    - BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting.
    - MINOR: debug: replace popen() with pipe+fork() in "debug dev exec"
    - MEDIUM: init: set NO_NEW_PRIVS by default when supported
    - BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added
    - BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted
    - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
    - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
    - BUG/MINOR: listener: also clear the error flag on a paused listener
    - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
    - MINOR: listener: make the wait paths cleaner and more reliable
    - MINOR: listener: split dequeue_all_listener() in two
    - REORG: listener: move the global listener queue code to listener.c
    - DOC: document the listener state transitions
    - BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
    - BUG/MAJOR: dns: add minimalist error processing on the Rx path
    - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
    - DOC: listeners: add a few missing transitions
    - BUG/MINOR: tasks: only requeue a task if it was already in the queue
    - MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups
    - DOC: proxies: HAProxy only supports 3 connection modes
    - DOC: remove references to the outdated architecture.txt
    - BUG/MINOR: log: fix minor resource leaks on logformat error path
    - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
    - BUG/MINOR: listener: do not immediately resume on transient error
    - BUG/MINOR: server: make "agent-addr" work on default-server line
    - BUG/MINOR: listener: fix off-by-one in state name check
    - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy()
    - MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state
    - MINOR: http-htx: Add some htx sample fetches for debugging purpose
    - REGTEST: Add an HTX reg-test to check an edge case
    - DOC: clarify the fact that replace-uri works on a full URI
    - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
    - BUG/MINOR: sample: always check converters' arguments
    - MINOR: sample: Validate the number of bits for the sha2 converter
    - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
    - MINOR: ssl/cli: 'show ssl cert' give information on the certificates
    - BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2
    - MINOR: debug: support logging to various sinks
    - MINOR: http: add a new "replace-path" action
    - REGTEST: ssl: test the "set ssl cert" CLI command
    - REGTEST: run-regtests: implement #REQUIRE_BINARIES
    - MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
    - BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
    - BUG/MEDIUM: ssl: Revamp the way early data are handled.
    - MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
    - BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
    - REGTEST: make the "set ssl cert" require version 2.1
    - BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
    - BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
    - BUG/MINOR: state-file: do not store duplicates in the global tree
    - BUG/MINOR: state-file: do not leak memory on parse errors
    - BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty
    - BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
    - BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
    - BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH
    - BUILD: travis-ci: reenable address sanitizer for clang builds
    - BUG/MINOR: checks: refine which errno values are really errors.
    - BUG/MINOR: connection: only wake send/recv callbacks if the FD is active
    - CLEANUP: connection: conn->xprt is never NULL
    - MINOR: pollers: add a new flag to indicate pollers reporting ERR & HUP
    - MEDIUM: tcp: make tcp_connect_probe() consider ERR/HUP
    - REORG: connection: move tcp_connect_probe() to conn_fd_check()
    - MINOR: connection: check for connection validation earlier
    - MINOR: connection: remove the double test on xprt_done_cb()
    - CLEANUP: connection: merge CO_FL_NOTIFY_DATA and CO_FL_NOTIFY_DONE
    - MINOR: poller: do not call the IO handler if the FD is not active
    - OPTIM: epoll: always poll for recv if neither active nor ready
    - OPTIM: polling: do not create update entries for FD removal
    - BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
    - BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
    - BUILD: CI: modernize cirrus-ci
    - MINOR: config: disable busy polling on old processes
    - MINOR: ssl: Remove unused variable "need_out".
    - BUG/MINOR: h1: Report the right error position when a header value is invalid
    - BUG/MINOR: proxy: Fix input data copy when an error is captured
    - BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
    - BUG/MINOR: channel: inject output data at the end of output
    - BUG/MEDIUM: session: do not report a failure when rejecting a session
    - MEDIUM: dns: implement synchronous send
    - MINOR: raw_sock: make sure to disable polling once everything is sent
    - MINOR: http: Add 410 to http-request deny
    - MINOR: http: Add 404 to http-request deny
    - CLEANUP: mux-h2: remove unused goto "out_free_h2s"
    - BUILD: cirrus-ci: choose proper openssl package name
    - BUG/MAJOR: listener: do not schedule a task-less proxy
    - CLEANUP: server: remove unused err section in server_finalize_init
    - REGTEST: set_ssl_cert.vtc: replace "echo" with "printf"
    - BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
    - BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
    - BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
    - BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
    - CLEANUP: ssl: remove opendir call in ssl_sock_load_cert
    - MEDIUM: lua: don't call the GC as often when dealing with outgoing connections
    - BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
    - BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
    - REGTEST: mcli/mcli_start_progs: start 2 programs
    - BUG/MEDIUM: mworker: remain in mworker mode during reload
    - DOC: clarify crt-base usage
    - CLEANUP: compression: remove unused deinit_comp_ctx section
    - BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
    - BUG/MEDIUM: raw_sock: Make sur the fd and conn are sync.
    - CLEANUP: proxy: simplify proxy_parse_rate_limit proxy checks
    - BUG/MAJOR: hashes: fix the signedness of the hash inputs
    - REGTEST: add sample_fetches/hashes.vtc to validate hashes
    - BUG/MEDIUM: cli: _getsocks must send the peers sockets
    - CLEANUP: cli: deduplicate the code in _getsocks
    - BUG/MINOR: stream: don't mistake match rules for store-request rules
    - BUG/MEDIUM: connection: add a mux flag to indicate splice usability
    - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
    - MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only
    - MINOR: stream-int: remove dependency on CO_FL_WAIT_ROOM for rcv_buf()
    - MEDIUM: connection: get rid of CO_FL_CURR_* flags
    - BUILD: pattern: include errno.h
    - MEDIUM: mux-h2: do not try to stop sending streams on blocked mux
    - MEDIUM: mux-fcgi: do not try to stop sending streams on blocked mux
    - MEDIUM: mux-h2: do not make an h2s subscribe to itself on deferred shut
    - MEDIUM: mux-fcgi: do not make an fstrm subscribe to itself on deferred shut
    - REORG: stream/backend: move backend-specific stuff to backend.c
    - MEDIUM: backend: move the connection finalization step to back_handle_st_con()
    - MEDIUM: connection: merge the send_wait and recv_wait entries
    - MEDIUM: xprt: merge recv_wait and send_wait in xprt_handshake
    - MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock
    - MEDIUM: mux-h1: merge recv_wait and send_wait
    - MEDIUM: mux-h2: merge recv_wait and send_wait event notifications
    - MEDIUM: mux-fcgi: merge recv_wait and send_wait event notifications
    - MINOR: connection: make the last arg of subscribe() a struct wait_event*
    - MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format.
    - DOC: Fix copy and paste mistake in http-response replace-value doc
    - BUG/MINOR: cache: Fix leak of cache name in error path
    - BUG/MINOR: dns: Make dns_query_id_seed unsigned
    - BUG/MINOR: 51d: Fix bug when HTX is enabled
    - MINOR: http-htx: Move htx sample fetches in the scope "internal"
    - MINOR: http-htx: Rename 'internal.htx_blk.val' to 'internal.htx_blk.data'
    - MINOR: http-htx: Make 'internal.htx_blk_data' return a binary string
    - DOC: Add a section to document the internal sample fetches
    - MINOR: mux-h1: Inherit send flags from the upper layer
    - MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics
    - BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
    - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
    - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
    - MEDIUM: http-rules: Register an action keyword for all http rules
    - MINOR: tcp-rules: Always set from which ruleset a rule comes from
    - MINOR: actions: Use ACT_RET_CONT code to ignore an error from a custom action
    - MINOR: tcp-rules: Kill connections when custom actions return ACT_RET_ERR
    - MINOR: http-rules: Return an error when custom actions return ACT_RET_ERR
    - MINOR: counters: Add a counter to report internal processing errors
    - MEDIUM: http-ana: Properly handle internal processing errors
    - MINOR: http-rules: Add a rule result to report internal error
    - MINOR: http-rules: Handle internal errors during HTTP rules evaluation
    - MINOR: http-rules: Add more return codes to let custom actions act as normal ones
    - MINOR: tcp-rules: Handle denied/aborted/invalid connections from TCP rules
    - MINOR: http-rules: Handle denied/aborted/invalid connections from HTTP rules
    - MINOR: stats: Report internal errors in the proxies/listeners/servers stats
    - MINOR: contrib/prometheus-exporter: Export internal errors per proxy/server
    - MINOR: counters: Remove failed_secu counter and use denied_resp instead
    - MINOR: counters: Review conditions to increment counters from analysers
    - MINOR: http-ana: Add a txn flag to support soft/strict message rewrites
    - MINOR: http-rules: Handle all message rewrites the same way
    - MINOR: http-rules: Add a rule to enable or disable the strict rewriting mode
    - MEDIUM: http-rules: Enable the strict rewriting mode by default
    - REGTEST: Fix format of set-uri HTTP request rule in h1or2_to_h1c.vtc
    - MINOR: actions: Add a function pointer to release args used by actions
    - MINOR: actions: Regroup some info about HTTP rules in the same struct
    - MINOR: http-rules/tcp-rules: Call the defined action function first if defined
    - MINOR: actions: Rename the act_flag enum into act_opt
    - MINOR: actions: Add flags to configure the action behaviour
    - MINOR: actions: Use an integer to set the action type
    - MINOR: http-rules: Use a specific action type for some custom HTTP actions
    - MINOR: http-rules: Make replace-header and replace-value custom actions
    - MINOR: http-rules: Make set-header and add-header custom actions
    - MINOR: http-rules: Make set/del-map and add/del-acl custom actions
    - MINOR: http-rules: Group all processing of early-hint rule in its case clause
    - MEDIUM: http-rules: Make early-hint custom actions
    - MINOR: http-rule/tcp-rules: Make track-sc* custom actions
    - MINOR: tcp-rules: Make tcp-request capture a custom action
    - MINOR: http-rules: Add release functions for existing HTTP actions
    - BUG/MINOR: http-rules: Fix memory releases on error path during action parsing
    - MINOR: tcp-rules: Add release functions for existing TCP actions
    - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
    - MINOR: http-htx: Add functions to read a raw error file and convert it in HTX
    - MINOR: http-htx: Add functions to create HTX redirect message
    - MINOR: config: Use dedicated function to parse proxy's errorfiles
    - MINOR: config: Use dedicated function to parse proxy's errorloc
    - MEDIUM: http-htx/proxy: Use a global and centralized storage for HTTP error messages
    - MINOR: proxy: Register keywords to parse errorfile and errorloc directives
    - MINOR: http-htx: Add a new section to create groups of custom HTTP errors
    - MEDIUM: proxy: Add a directive to reference an http-errors section in a proxy
    - MINOR: http-rules: Update txn flags and status when a deny rule is executed
    - MINOR: http-rules: Support an optional status on deny rules for http reponses
    - MINOR: http-rules: Use same function to parse request and response deny actions
    - MINOR: http-ana: Add an error message in the txn and send it when defined
    - MEDIUM: http-rules: Support an optional error message in http deny rules
    - REGTEST: Add a strict rewriting mode reg test
    - REGEST: Add reg tests about error files
    - MINOR: ssl: accept 'verify' bind option with 'set ssl cert'
    - BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
    - BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
    - BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
    - BUG/MINOR: http_htx: Fix some leaks on error path when error files are loaded
    - CLEANUP: http-ana: Remove useless test on txn when the error message is retrieved
    - BUILD: CI: introduce ARM64 builds
    - BUILD: ssl: more elegant anti-replay feature presence check
    - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive
    - MEDIUM: dns: use Additional records from SRV responses
    - CLEANUP: Consistently `unsigned int` for bitfields
    - CLEANUP: pattern: remove the pat_time definition
    - BUG/MINOR: http_act: don't check capture id in backend
    - BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x

2019/11/25 : 2.2-dev0
    - exact copy of 2.1.0

2019/11/25 : 2.1.0
    - BUG/MINOR: init: fix set-dumpable when using uid/gid
    - MINOR: init: avoid code duplication while setting identify
    - BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer
    - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
    - MINOR: peers: Alway show the table info for disconnected peers.
    - MINOR: peers: Add TX/RX heartbeat counters.
    - MINOR: peers: Add debugging information to "show peers".
    - BUG/MINOR: peers: Wrong null "server_name" data field handling.
    - MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction
    - BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec
    - BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
    - BUILD/MINOR: ssl: fix compiler warning about useless statement
    - BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported
    - MINOR: contrib/prometheus-exporter: filter exported metrics by scope
    - MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance
    - BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests
    - BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
    - BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
    - DOC: Update http-buffer-request description to remove the part about chunks
    - BUG/MINOR: stream-int: Fix si_cs_recv() return value
    - DOC: internal: document the init calls
    - MEDIUM: dns: Add resolve-opts "ignore-weight"
    - MINOR: ssl: ssl_sock_prepare_ctx() return an error code
    - MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit
    - MINOR: ssl/cli: display warning during 'commit ssl cert'
    - MINOR: version: report the version status in "haproxy -v"
    - MINOR: version: emit the link to the known bugs in output of "haproxy -v"
    - DOC: Add documentation about the use-service action
    - MINOR: ssl: fix possible null dereference in error handling
    - BUG/MINOR: ssl: fix curve setup with LibreSSL
    - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
    - CLEANUP: ssl: check if a transaction exists once before setting it
    - BUG/MINOR: cli: fix out of bounds in -S parser
    - MINOR: ist: add ist_find_ctl()
    - BUG/MAJOR: h2: reject header values containing invalid chars
    - BUG/MAJOR: h2: make header field name filtering stronger
    - BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state
    - MINOR: h2: add a function to report H2 error codes as strings
    - MINOR: mux-h2/trace: report the connection and/or stream error code
    - SCRIPTS: create-release: show the correct origin name in suggested commands
    - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
    - BUG/MEDIUM: trace: fix a typo causing an incorrect startup error
    - BUILD: reorder the objects in the makefile
    - DOC: mention in INSTALL haproxy 2.1 is a stable stable version
    - MINOR: version: indicate that this version is stable

2019/11/15 : 2.1-dev5
    - BUG/MEDIUM: ssl/cli: don't alloc path when cert not found
    - BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension
    - BUG/MINOR: ssl/cli: fix an error when a file is not found
    - MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert'
    - DOC: fix date and http_date keywords syntax
    - MINOR: peers: Add "log" directive to "peers" section.
    - BUG/MEDIUM: mux-h1: Disable splicing for chunked messages
    - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it
    - MINOR: flt_trace: Rename macros to print trace messages
    - MINOR: trace: Add a set of macros to trace events if HA is compiled with debug
    - MEDIUM: stream/trace: Register a new trace source with its events
    - MINOR: doc: http-reuse connection pool fix
    - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
    - MINOR: http-ana: Remove the unused function http_reset_txn()
    - BUG/MINOR: action: do-resolve now use cached response
    - BUG: dns: timeout resolve not applied for valid resolutions
    - DOC: management: fix typo on "cache_lookups" stats output
    - BUG/MINOR: stream: init variables when the list is empty
    - BUG/MEDIUM: tasks: Make tasklet_remove_from_tasklet_list() no matter the tasklet.
    - BUG/MINOR: queue/threads: make the queue unlinking atomic
    - BUG/MEDIUM: Make sure we leave the session list in session_free().
    - CLEANUP: session: slightly simplify idle connection cleanup logic
    - MINOR: memory: also poison the area on freeing
    - CLEANUP: cli: use srv_shutdown_streams() instead of open-coding it
    - CLEANUP: stats: use srv_shutdown_streams() instead of open-coding it
    - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition
    - BUILD: contrib/da: remove an "unused" warning
    - BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams
    - MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams
    - MINOR: freq_ctr: Make the sliding window sums thread-safe
    - MINOR: stream: Remove the lock on the proxy to update time stats
    - MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
    - MINOR: stats: Report max times in addition of the averages for sessions
    - MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions
    - BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
    - MINOR: contrib/prometheus-exporter: report the number of idle conns per server
    - DOC: Add missing stats fields in the management manual
    - BUG/MINOR: mux-h1: Properly catch parsing errors on payload and trailers
    - BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe
    - MINOR: mux-h1: Set EOI on the conn-stream when EOS is reported in TUNNEL state
    - MINOR: sink: Set the default max length for a message to BUFSIZE
    - MINOR: ring: make the parse function automatically set the handler/release
    - BUG/MINOR: log: make "show startup-log" use a ring buffer instead
    - MINOR: stick-table: allow sc-set-gpt0 to set value from an expression

2019/11/03 : 2.1-dev4
    - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed
    - BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent
    - BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached
    - DOC: remove obsolete section about header manipulation
    - BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error
    - MINOR: ssl/cli: rework the 'set ssl cert' IO handler
    - BUILD: CI: comment out cygwin build, upgrade various ssl libraries
    - DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri)
    - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset()
    - BUG/MINOR: spoe: fix off-by-one length in UUID format string
    - BUILD/MINOR: ssl: shut up a build warning about format truncation
    - BUILD: do not disable -Wformat-truncation anymore
    - MINOR: chunk: add chunk_istcat() to concatenate an ist after a chunk
    - Revert "MINOR: istbuf: add b_fromist() to make a buffer from an ist"
    - MINOR: mux: Add a new method to get informations about a mux.
    - BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready.
    - BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready.
    - MINOR: doc: fix busy-polling performance reference
    - MINOR: config: allow no set-dumpable config option
    - MINOR: init: always fail when setrlimit fails
    - MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit'
    - CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2)
    - REGTEST: vtest can now enable mcli with its own flag
    - BUG/MINOR: config: Update cookie domain warn to RFC6265
    - MINOR: sample: add us/ms support to date/http_date
    - BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert()
    - BUG/MEDIUM: mux-h2: report no available stream on a connection having errors
    - BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list
    - BUG/MEDIUM: mux-h2: immediately report connection errors on streams
    - BUG/MINOR: stats: properly check the path and not the whole URI
    - BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl
    - BUG/MINOR: ssl: ckch->chain must be initialized
    - BUG/MINOR: ssl: double free on error for ckch->{key,cert}
    - MINOR: ssl: BoringSSL ocsp_response does not need issuer
    - BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert
    - MINOR: backend: Add srv_name sample fetche
    - DOC: Add GitHub issue config.yml

2019/10/25 : 2.1-dev3
    - MINOR: mux-h2/trace: missing conn pointer in demux full message
    - MINOR: mux-h2: add a per-connection list of blocked streams
    - BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const
    - BUG/MEDIUM: mux-h2: do not enforce timeout on long connections
    - BUG/MEDIUM: tasks: Don't forget to decrement tasks_run_queue.
    - BUG/MINOR: peers: crash on reload without local peer.
    - BUG/MINOR: mux-h2/trace: Fix traces on h2c initialization
    - MINOR: h1-htx: Update h1_copy_msg_data() to ease the traces in the mux-h1
    - MINOR: htx: Adapt htx_dump() to be used from traces
    - MINOR: mux-h1/trace: register a new trace source with its events
    - MINOR: proxy: Store http-send-name-header in lower case
    - MINOR: http: Remove headers matching the name of http-send-name-header option
    - BUG/MINOR: mux-h1: Adjust header case when the server name is add to a request
    - BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
    - MINOR: mux-h1: Try to wakeup the stream on output buffer allocation
    - MINOR: fcgi: Add function to get the string representation of a record type
    - MINOR: mux-fcgi/trace: Register a new trace source with its events
    - BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
    - DOC: clarify some points around http-send-name-header's behavior
    - MEDIUM: mux-h2: support emitting CONTINUATION frames after HEADERS
    - BUG/MINOR: mux-h1/mux-fcgi/trace: Fix position of the 4th arg in some traces
    - DOC: fix typo in Prometheus exporter doc
    - MINOR: h2: clarify the rules for how to convert an H2 request to HTX
    - MINOR: htx: Add 2 flags on the start-line to have more info about the uri
    - MINOR: http: Add a function to get the authority into a URI
    - MINOR: h1-htx: Set the flag HTX_SL_F_HAS_AUTHORITY during the request parsing
    - MEDIUM: http-htx: Keep the Host header and the request start-line synchronized
    - MINOR: h1-htx: Only use the path of a normalized URI to format a request line
    - MEDIUM: h2: make the request parser rebuild a complete URI
    - MINOR: h2: report in the HTX flags when the request has an authority
    - MEDIUM: mux-h2: do not map Host to :authority on output
    - MEDIUM: h2: use the normalized URI encoding for absolute form requests
    - MINOR: stats: mention in the help message support for "json" and "typed"
    - MINOR: stats: get rid of the ST_CONVDONE flag
    - MINOR: stats: replace the ST_* uri_auth flags with STAT_*
    - MINOR: stats: always merge the uri_auth flags into the appctx flags
    - MINOR: stats: set the appctx flags when initializing the applet only
    - MINOR: stats: get rid of the STAT_SHOWADMIN flag
    - MINOR: stats: make stats_dump_fields_json() directly take flags
    - MINOR: stats: uniformize the calling convention of the dump functions
    - MINOR: stats: support the "desc" output format modifier for info and stat
    - MINOR: stats: prepare to add a description with each stat/info field
    - MINOR: stats: make "show stat" and "show info"
    - MINOR: stats: fill all the descriptions for "show info" and "show stat"
    - BUG/MEDIUM: applet: always check a fast running applet's activity before killing
    - BUILD: stats: fix missing '=' sign in array declaration
    - MINOR: lists: add new macro LIST_SPLICE_END_DETACHED
    - MINOR: list: add new macro MT_LIST_BEHEAD
    - MEDIUM: task: Split the tasklet list into two lists.
    - MINOR: h2: Document traps to be avoided on multithread.
    - MINOR: lists: Try to use local variables instead of macro arguments.
    - MINOR: lists: Fix alignement of \ when relevant.
    - MINOR: mux-h2: also support emitting CONTINUATION on trailers
    - MINOR: ssl: crt-list do ckchn_lookup
    - REORG: ssl: rename ckch_node to ckch_store
    - REORG: ssl: move structures to ssl_sock.h
    - MINOR: ssl: initialize the sni_keytypes_map as EB_ROOT
    - MINOR: ssl: initialize explicitly the sni_ctx trees
    - BUG/MINOR: ssl: abort on sni allocation failure
    - BUG/MINOR: ssl: free the sni_keytype nodes
    - BUG/MINOR: ssl: abort on sni_keytypes allocation failure
    - MEDIUM: ssl: introduce the ckch instance structure
    - MEDIUM: ssl: split ssl_sock_add_cert_sni()
    - MINOR: ssl: ssl_sock_load_ckchn() can properly fail
    - MINOR: ssl: ssl_sock_load_multi_ckchs() can properly fail
    - MEDIUM: ssl: ssl_sock_load_ckchs() alloc a ckch_inst
    - MINOR: ssl: ssl_sock_load_crt_file_into_ckch() is filling from a BIO
    - MEDIUM: ssl/cli: 'set ssl cert' updates a certificate from the CLI
    - MINOR: ssl: load the sctl in/from the ckch
    - MINOR: ssl: load the ocsp in/from the ckch
    - BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni()
    - BUG/MINOR: ssl: fix build without SSL
    - BUG/MINOR: ssl: fix build without multi-cert bundles
    - BUILD: ssl: wrong #ifdef for SSL engines code
    - BUG/MINOR: ssl: fix OCSP build with BoringSSL
    - BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1
    - BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
    - BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted
    - MINOR: mux-h1: Xfer as much payload data as possible during output processing
    - CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c
    - BUG/MINOR: mux-h1: Capture ignored parsing errors
    - MINOR: h1: Reject requests with different occurrences of the header host
    - MINOR: h1: Reject requests if the authority does not match the header host
    - REGTESTS: Send valid URIs in peers reg-tests and fix HA config to avoid warnings
    - REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too
    - BUG/MINOR: WURFL: fix send_log() function arguments
    - BUG/MINOR: ssl: fix error messages for OCSP loading
    - BUG/MINOR: ssl: can't load ocsp files
    - MINOR: version: make the version strings variables, not constants
    - BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive
    - MINOR: htx: Add a flag on HTX to known when a response was generated by HAProxy
    - MINOR: mux-h1: Force close mode for proxy responses with an unfinished request
    - BUILD: travis-ci: limit build to branches "master" and "next"
    - BUILD/MEDIUM: threads: rename thread_info struct to ha_thread_info
    - BUILD/SMALL: threads: enable threads on osx
    - BUILD/MEDIUM: threads: enable cpu_affinity on osx
    - MINOR: istbuf: add b_fromist() to make a buffer from an ist
    - BUG/MINOR: cache: also cache absolute URIs
    - BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
    - BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
    - BUG/MEDIUM: lists: Handle 1-element-lists in MT_LIST_BEHEAD().
    - BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing.
    - BUG/MEDIUM: tasklet: properly compute the sleeping threads mask in tasklet_wakeup()
    - BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads
    - BUG/MEDIUM: task: make tasklets either local or shared but not both at once
    - Revert e8826ded5fea3593d89da2be5c2d81c522070995.
    - BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached.
    - BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive.
    - REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI
    - CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes
    - CLEANUP: ssl: make ssl_sock_load_ckchs() return a set of ERR_*
    - CLEANUP: ssl: make cli_parse_set_cert handle errcode and warnings.
    - CLEANUP: ssl: make ckch_inst_new_load_(multi_)store handle errcode/warn
    - CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
    - CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn
    - CLEANUP: bind: handle warning label on bind keywords parsing.
    - BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
    - BUG/MINOR: mworker/cli: reload fail with inherited FD
    - BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
    - BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
    - BUG/MINOR: cache: alloc shctx after check config
    - BUG/MINOR: sample: Make the `field` converter compatible with `-m found`
    - BUG/MINOR: server: check return value of fopen() in apply_server_state()
    - REGTESTS: make seamless-reload depend on 1.9 and above
    - REGTESTS: server/cli_set_fqdn requires version 1.8 minimum
    - BUG/MINOR: dns: allow srv record weight set to 0
    - BUG/MINOR: ssl: fix memcpy overlap without consequences.
    - BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion
    - BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless
    - BUG/MINOR: mux-h2: do not emit logs on backend connections
    - CLEANUP: ssl: remove old TODO commentary
    - CLEANUP: ssl: fix SNI/CKCH lock labels
    - MINOR: ssl: OCSP functions can load from file or buffer
    - MINOR: ssl: load sctl from buf OR from a file
    - MINOR: ssl: load issuer from file or from buffer
    - MINOR: ssl: split ssl_sock_load_crt_file_into_ckch()
    - BUG/MINOR: ssl/cli: fix looking up for a bundle
    - MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI
    - MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents
    - MINOR: ssl: copy a ckch from src to dst
    - MINOR: ssl: new functions duplicate and free a ckch_store
    - MINOR: ssl/cli: assignate a new ckch_store
    - MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler
    - BUG/MINOR: ssl/cli: fix build of SCTL and OCSP
    - BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl
    - BUG/MINOR: ssl: fix build with openssl < 1.1.0
    - BUG/MINOR: ssl: fix build of X509_chain_up_ref() w/ libreSSL
    - MINOR: tcp: avoid confusion in time parsing init
    - MINOR: debug: add a new "debug dev stream" command
    - MINOR: cli/debug: validate addresses using may_access() in "debug dev stream"
    - REORG: move CLI access level definitions to cli.h
    - MINOR: cli: add an expert mode to hide dangerous commands
    - MINOR: debug: make most debug CLI commands accessible in expert mode
    - MINOR: stats/debug: maintain a counter of debug commands issued
    - BUG/MEDIUM: debug: address a possible null pointer dereference in "debug dev stream"

2019/10/01 : 2.1-dev2
    - DOC: management: document reuse and connect counters in the CSV format
    - DOC: management: document cache_hits and cache_lookups in the CSV format
    - BUG/MINOR: dns: remove irrelevant dependency on a client connection
    - MINOR: applet: make appctx use their own pool
    - BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed.
    - BUG/MEDIUM: http/htx: unbreak option http_proxy
    - BUG/MINOR: backend: do not try to install a mux when the connection failed
    - MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf()
    - BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules
    - BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies
    - BUG/MINOR: cache/htx: Make maxage calculation HTX aware
    - BUG/MINOR: hlua: Make the function txn:done() HTX aware
    - MINOR: proto_htx: Directly call htx_check_response_for_cacheability()
    - MINOR: proto_htx: Rely on the HTX function to apply a redirect rules
    - MINOR: proto_htx: Add the function htx_return_srv_error()
    - MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection
    - MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing
    - DOC: htx: Update comments in HTX files
    - CLEANUP: htx: Remove the unsued function htx_add_blk_type_size()
    - MINOR: htx: Deduce the number of used blocks from tail and head values
    - MINOR: htx: Use an array of char to store HTX blocks
    - MINOR: htx: Slightly update htx_dump() to report better messages
    - DOC: htx: Add internal documentation about the HTX
    - MAJOR: http: Deprecate and ignore the option "http-use-htx"
    - MEDIUM: mux-h2: Remove support of the legacy HTTP mode
    - CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones
    - MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX
    - MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones
    - MEDIUM: http_fetch: Remove code relying on HTTP legacy mode
    - MINOR: config: Remove tests on the option 'http-use-htx'
    - MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new()
    - MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade
    - MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets
    - MINOR: cache: Remove tests on the option 'http-use-htx'
    - MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx'
    - CLEANUP: proxy: Remove the flag PR_O2_USE_HTX
    - MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore
    - MEDIUM: backend: Remove code relying on the HTTP legacy mode
    - MEDIUM: hlua: Remove code relying on the legacy HTTP mode
    - MINOR: http_act: Remove code relying on the legacy HTTP mode
    - MEDIUM: cache: Remove code relying on the legacy HTTP mode
    - MEDIUM: compression: Remove code relying on the legacy HTTP mode
    - MINOR: flt_trace: Remove code relying on the legacy HTTP mode
    - MINOR: stats: Remove code relying on the legacy HTTP mode
    - MAJOR: filters: Remove code relying on the legacy HTTP mode
    - MINOR: stream: Remove code relying on the legacy HTTP mode
    - MAJOR: http: Remove the HTTP legacy code
    - MINOR: hlua: Remove useless test on TX_CON_WANT_* flags
    - MINOR: proto_http: Remove unused http txn flags
    - MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN
    - CLEANUP: proto_http: Group remaining flags of the HTTP transaction
    - CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT
    - CLEANUP: proto_http: Remove unecessary includes and comments
    - CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c
    - REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files
    - BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
    - MINOR: proxy: Remove support of the option 'http-tunnel'
    - DOC: config: Update as a result of the legacy HTTP removal
    - MEDIUM: config: Remove parsing of req* and rsp* directives
    - MINOR: proxy: Remove the unused list of block rules
    - MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists
    - DOC: config: Remove unsupported req* and rsp* keywords
    - MINOR: global: Preset tune.max_http_hdr to its default value
    - MINOR: http: Don't store raw HTTP errors in chunks anymore
    - BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
    - BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
    - CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_*
    - BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
    - MINOR: config: Warn only if the option http-use-htx is used with "no" prefix
    - BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
    - MINOR: connection: add conn_get_src() and conn_get_dst()
    - MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging
    - MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping
    - MINOR: ssl: switch to conn_get_dst() to retrieve the destination address
    - MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst}
    - MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy()
    - MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output
    - MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses
    - MINOR: http/htx: use conn_get_dst() to retrieve the destination address
    - MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses
    - MINOR: http: check the source address via conn_get_src() in sample fetch functions
    - CLEANUP: connection: remove the now unused conn_get_{from,to}_addr()
    - MINOR: connection: add new src and dst fields
    - MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to}
    - MINOR: ssl-sock: use conn->dst instead of &conn->addr.to
    - MINOR: lua: switch to conn->dst for a connection's target address
    - MINOR: peers: use conn->dst for the peer's target address
    - MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: proxy: switch to conn->src in error snapshots
    - MINOR: session: use conn->src instead of conn->addr.from
    - MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst}
    - MINOR: unix: use conn->dst for the target address in ->connect()
    - MINOR: sockpair: use conn->dst for the target address in ->connect()
    - MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to}
    - MINOR: checks: replace conn->addr.to with conn->dst
    - MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: http: convert conn->addr.from to conn->src in sample fetches
    - MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst}
    - MINOR: connection: create a new pool for struct sockaddr_storage
    - MEDIUM: connection: make sure all address producers allocate their address
    - MAJOR: connection: remove the addr field
    - MINOR: connection: don't use clear_addr() anymore, just release the address
    - MINOR: stream: add a new target_addr entry in the stream structure
    - MAJOR: stream: store the target address into s->target_addr
    - MINOR: peers: now remove the remote connection setup code
    - MEDIUM: lua: do not allocate the remote connection anymore
    - MEDIUM: backend: always release any existing prior connection in connect_server()
    - MEDIUM: backend: remove impossible cases from connect_server()
    - BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
    - BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
    - BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
    - BUG/MINOR: http_htx: Support empty errorfiles
    - BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
    - BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
    - BUG/MINOR: proxy: always lock stop_proxy()
    - MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
    - BUILD: threads: add the definition of PROTO_LOCK
    - BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
    - BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
    - BUG/MINOR: log: make sure writev() is not interrupted on a file output
    - DOC: improve the wording in CONTRIBUTING about how to document a bug fix
    - MEDIUM: h1: Don't try to subscribe if we managed to read data.
    - MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request.
    - REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc
    - BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
    - BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
    - MINOR: hlua: Don't set request analyzers on response channel for lua actions
    - MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
    - BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
    - BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
    - MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file()
    - MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file()
    - MEDIUM: ssl: split the loading of the certificates
    - MEDIUM: ssl: lookup and store in a ckch_node tree
    - MEDIUM: ssl: load DH param in struct cert_key_and_chain
    - BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
    - MINOR: ssl: use STACK_OF for chain certs
    - MINOR: ssl: add extra chain compatibility
    - MINOR: ssl: check private key consistency in loading
    - MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH
    - CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch
    - MINOR: ssl: clean ret variable in ssl_sock_load_ckchn
    - MAJOR: fd: Get rid of the fd cache.
    - MEDIUM: pollers: Remember the state for read and write for each threads.
    - MEDIUM: mux-h2: don't try to read more than needed
    - BUG/BUILD: ssl: fix build with openssl < 1.0.2
    - BUG/MEDIUM: ssl: does not try to free a DH in a ckch
    - BUG/MINOR: debug: fix a small race in the thread dumping code
    - MINOR: wdt: also consider that waiting in the thread dumper is normal
    - REGTESTS: checks: make 4be_1srv_health_checks more reliable
    - BUILD: ssl: BoringSSL add EVP_PKEY_base_id
    - BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle
    - BUG/MINOR: ssl: fix ressource leaks on error
    - BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
    - BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
    - BUG/MINOR: stream-int: make sure to always release empty buffers after sending
    - BUG/MEDIUM: ssl: open the right path for multi-cert bundle
    - BUG/MINOR: stream-int: also update analysers timeouts on activity
    - BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
    - BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
    - BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
    - DOC: Add 'Question.md' issue template, discouraging asking questions
    - BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
    - BUG/MEDIUM: pollers: Clear the poll_send bits as well.
    - BUILD: travis-ci: enable daily Coverity scan
    - BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
    - BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
    - BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
    - BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
    - BUG/MINOR: mux-h2: always send stream window update before connection's
    - BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
    - BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
    - BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
    - CLEANUP: mux-h2: move the demuxed frame check code in its own function
    - MINOR: cache: add method to cache hash
    - MINOR: cache: allow caching of OPTIONS request
    - BUG/MINOR: ssl: fix 0-RTT for BoringSSL
    - MINOR: ssl: ssl_fc_has_early should work for BoringSSL
    - BUG/MINOR: pools: don't mark the thread harmless if already isolated
    - BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
    - CLEANUP: buffer: replace b_drop() with b_free()
    - CLEANUP: task: move the cpu_time field to the task-only part
    - MINOR: cli: add two new states to print messages on the CLI
    - MINOR: cli: add cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr()
    - CLEANUP: cli: replace all occurrences of manual handling of return messages
    - BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
    - BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
    - BUG/MINOR: lua: fix setting netfilter mark
    - BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
    - BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
    - BUG/MINOR: stats: Wait the body before processing POST requests
    - MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
    - BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
    - BUILD: travis-ci: trigger non-mainstream configurations only on daily builds.
    - MINOR: debug: indicate the applet name when the task is task_run_applet()
    - MINOR: tools: add append_prefixed_str()
    - MINOR: lua: export applet and task handlers
    - MEDIUM: debug: make the thread dump code show Lua backtraces
    - BUG/MEDIUM: h1: Always try to receive more in h1_rcv_buf().
    - MINOR: list: add LIST_SPLICE() to merge one list into another
    - MINOR: tools: add a DEFNULL() macro to use NULL for empty args
    - REORG: trace: rename trace.c to calltrace.c and mention it's not thread-safe
    - MINOR: sink: create definitions a minimal code for event sinks
    - MINOR: sink: add a support for file descriptors
    - MINOR: trace: start to create a new trace subsystem
    - MINOR: trace: add allocation of buffer-sized trace buffers
    - MINOR: trace/cli: register the "trace" CLI keyword to list the sources
    - MINOR: trace/cli: parse the "level" argument to configure the trace verbosity
    - MINOR: trace/cli: add "show trace" to report trace state and statistics
    - MINOR: trace: implement a very basic trace() function
    - MINOR: trace: add the file name and line number in the prefix
    - MINOR: trace: make trace() now also take a level in argument
    - MINOR: trace: implement a call to a decode function
    - MINOR: trace: add per-level macros to produce traces
    - MINOR: trace: add a definition of typed arguments to trace()
    - MINOR: trace: make sure to always stop the locking when stopping or pausing
    - MINOR: trace: add the possibility to lock on some arguments
    - MINOR: trace: parse the "lock" argument to trace
    - MINOR: trace: retrieve useful pointers and enforce lock-on
    - DOC: management: document the "trace" and "show trace" commands
    - BUILD: trace: make the lockon_ptr const to silence a warning without threads
    - BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
    - BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full
    - DOC: fixed typo in management.txt
    - BUG/MINOR: mworker: disable SIGPROF on re-exec
    - BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
    - BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
    - MINOR: backend: Add srv_queue converter
    - MINOR: sink: set the fd-type sinks to non-blocking
    - MINOR: tools: add a function varint_bytes() to report the size of a varint
    - MINOR: buffer: add functions to read/write varints from/to buffers
    - MINOR: fd: add fd_write_frag_line() to send a fragmented line to an fd
    - MINOR: sink: now call the generic fd write function
    - MINOR: ring: add a new mechanism for retrieving/storing ring data in buffers
    - MINOR: ring: add a ring_write() function
    - MINOR: ring: add a generic CLI io_handler to dump a ring buffer
    - MINOR: sink: add support for ring buffers
    - MINOR: sink: implement "show events" to show supported sinks and dump the rings
    - MINOR: sink: now report the number of dropped events on output
    - MINOR: trace: support a default callback for the source
    - MINOR: trace: extend the source location to 13 chars
    - MINOR: trace: show thread number and source name in the trace
    - MINOR: trace: change the TRACE() calling convention to put the args and cb last
    - MINOR: connection: add the fc_pp_authority fetch -- authority TLV, from PROXYv2
    - MINOR: tools: add a generic struct "name_desc" for name-description pairs
    - MINOR: trace: replace struct trace_lockon_args with struct name_desc
    - MINOR: trace: change the "payload" level to "data" and move it
    - MINOR: trace: prepend the function name for developer level traces
    - MINOR: trace: also report the trace level in the output
    - MINOR: trace: change the detail_level to per-source verbosity
    - MINOR: mux-h2/trace: register a new trace source with its events
    - MINOR: mux-h2/trace: add the default decoding callback
    - MEDIUM: mux-h2/trace: add lots of traces all over the code
    - MINOR: mux-h2: add functions to convert an h2c/h2s state to a string
    - MINOR: mux-h2/trace: add a new verbosity level "clean"
    - MINOR: mux-h2/trace: only decode the start-line at verbosity other than "minimal"
    - MINOR: mux-h2/trace: always report the h2c/h2s state and flags
    - MINOR: mux-h2/trace: report h2s->id before h2c->dsi for the stream ID
    - CLEANUP: mux-h2/trace: reformat the "received" messages for better alignment
    - CLEANUP: mux-h2/trace: lower-case event names
    - MINOR: trace: extend default event names to 12 chars
    - BUG/MINOR: ring: fix the way watchers are counted
    - MINOR: cli: extend the CLI context with a list and two offsets
    - MINOR: mux-h2/trace: report the connection pointer and state before FRAME_H
    - MEDIUM: ring: implement a wait mode for watchers
    - BUG/MEDIUM: mux-h2/trace: do not dereference h2c->conn after failed idle
    - BUG/MEDIUM: mux-h2/trace: fix missing braces added with traces
    - BUG/MINOR: ring: b_peek_varint() returns a uint64_t, not a size_t
    - CLEANUP: fd: remove leftovers of the fdcache
    - MINOR: fd: add a new "initialized" bit in the fdtab struct
    - MINOR: fd/log/sink: make the non-blocking initialization depend on the initialized bit
    - MEDIUM: log: use the new generic fd_write_frag_line() function
    - MINOR: log: add a target type instead of hacking the address family
    - MEDIUM: log: add support for logging to a ring buffer
    - MINOR: send-proxy-v2: sends authority TLV according to TLV received
    - MINOR: build: add linux-glibc-legacy build TARGET
    - BUG/MEDIUM: peers: local peer socket not bound.
    - BUILD: connection: silence gcc warning with extra parentheses
    - BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
    - BUG/MINOR: h1: Properly reset h1m when parsing is restarted
    - BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
    - BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
    - BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
    - BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
    - BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
    - BUG/MINOR: mux-h1: Fix a possible null pointer dereference in h1_subscribe()
    - MEDIUM: fd: remove the FD_EV_POLLED status bit
    - MEDIUM: fd: simplify the fd_*_{recv,send} functions using BTS/BTR
    - MINOR: fd: make updt_fd_polling() a normal function
    - CONTRIB: debug: add new program "poll" to test poll() events
    - BUG/MINOR: checks: stop polling for write when we have nothing left to send
    - BUG/MINOR: checks: start sending the request right after connect()
    - BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
    - BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
    - BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
    - BUILD: CI: add basic CentOS 6 cirrus build
    - MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
    - BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
    - BUG/MAJOR: ssl: ssl_sock was not fully initialized.
    - MEDIUM: fd: mark the FD as ready when it's inserted
    - MINOR: fd: add two new calls fd_cond_{recv,send}()
    - MEDIUM: connection: enable reading only once the connection is confirmed
    - MINOR: fd: add two flags ERR and SHUT to describe FD states
    - MEDIUM: fd: do not use the FD_POLL_* flags in the pollers anymore
    - BUG/MEDIUM: connection: don't keep more idle connections than ever needed
    - MINOR: stats: report the number of idle connections for each server
    - BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6
    - BUILD/MINOR: auth: enabling for osx
    - BUG/MINOR: listener: Fix a possible null pointer dereference
    - BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
    - MINOR: stats: Add JSON export from the stats page
    - BUG/MINOR: filters: Properly set the HTTP status code on analysis error
    - MINOR: sample: Add UUID-fetch
    - CLEANUP: mux-h2: Remove unused flag H2_SF_DATA_CHNK
    - BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
    - BUG/MINOR: backend: Fix a possible null pointer dereference
    - BUG/MINOR: Missing stat_field_names (since f21d17bb)
    - BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument
    - BUILD: CI: temporarily disable ASAN
    - MINOR: htx: Add a flag on HTX message to report processing errors
    - MINOR: mux-h1: Report a processing error during output processing
    - MINOR: http-ana: Handle HTX errors first during message analysis
    - MINOR: http-ana: Remove err_state field from http_msg
    - MINOR: config: Support per-proxy and per-server deinit functions callbacks
    - MINOR: config: Support per-proxy and per-server post-check functions callbacks
    - MINOR: http_fetch: Add sample fetches to get auth method/user/pass
    - MINOR: istbuf: Add the function b_isteqi()
    - MINOR: log: Provide a function to emit a log for an application
    - MINOR: http: Add function to parse value of the header Status
    - MEDIUM: mux-h1/h1-htx: move HTX convertion of H1 messages in dedicated file
    - MINOR: h1-htx: Use the same function to copy message payload in all cases
    - MINOR: muxes/htx: Ignore pseudo header during message formatting
    - MINOR: fcgi: Add code related to FCGI protocol
    - MEDIUM: fcgi-app: Add FCGI application and filter
    - MEDIUM: mux-fcgi: Add the FCGI multiplexer
    - MINOR: doc: Add documentation about the FastCGI support
    - BUG/MINOR: build: Fix compilation of mux_fcgi.c when compiled without SSL
    - BUILD: CI: install golang-1.13 when building BoringSSL
    - BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe
    - BUG/MINOR: mux-fcgi: Be sure to have a connection to unsubcribe
    - CLEANUP: fcgi-app: Remove useless test on fcgi_conf pointer
    - BUG/MINOR: mux-fcgi: Don't compare the filter name in its parsing callback
    - BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame
    - BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1
    - MEDIUM: list: Separate "locked" list from regular list.
    - MINOR: mt_lists: Add new macroes.
    - MEDIUM: servers: Use LIST_DEL_INIT() instead of LIST_DEL().
    - MINOR: mt_lists: Do nothing in MT_LIST_ADD/MT_LIST_ADDQ if already in list.
    - MINOR: mt_lists: Give MT_LIST_ADD, MT_LIST_ADDQ and MT_LIST_DEL a return value.
    - MEDIUM: tasklets: Make the tasklet list a struct mt_list.
    - TESTS: Add a stress-test for mt_lists.
    - BUILD: travis-ci: add PCRE2, SLZ build
    - BUG/MINOR: build: fix event ports (Solaris)
    - BUG/MEDIUM: namespace: fix fd leak in master-worker mode
    - OPTIM: listeners: use tasklets for the multi-queue rings
    - BUILD: makefile: work around yet another GCC fantasy (-Wstring-plus-int)
    - BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send()
    - BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends
    - BUG/MEDIUM: checks: make sure the connection is ready before trying to recv
    - CLEANUP: task: remove impossible test
    - CLEANUP: task: cache the task_per_thread pointer
    - MINOR: task: split the tasklet vs task code in process_runnable_tasks()
    - MINOR: task: introduce a thread-local "sched" variable for local scheduler stuff
    - CLEANUP: mux-fcgi: Remove the unused function fcgi_strm_id()
    - BUG/MINOR: mux-fcgi: Use a literal string as format in app_log()
    - BUG/MEDIUM: tasklets: Make sure we're waking the target thread if it sleeps.
    - MINOR: h2/trace: indicate 'F' or 'B' to locate the side of an h2c in traces
    - MINOR: h2/trace: report the frame type when known
    - BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready
    - BUG/MEDIUM: namespace: close open namespaces during soft shutdown
    - MINOR: time: add timeofday_as_iso_us() to return instant time as ISO
    - MINOR: sink: finally implement support for SINK_FMT_{TIMED,ISO}
    - MINOR: sink: change ring buffer "buf0"'s format to "timed"
    - BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams
    - BUG/MINOR: mux-fcgi: silence a gcc warning about null dereference
    - BUG/MINOR: mux-h2: Fix missing braces because of traces in h2_detach()
    - BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream
    - BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames
    - BUG/MINOR: mux-h1: Do h2 upgrade only on the first request
    - BUG/MEDIUM: spoe: Use a different engine-id per process
    - MINOR: spoe: Improve generation of the engine-id
    - MINOR: spoe: Support the async mode with several threads
    - MINOR: http: Add server name header from HTTP multiplexers
    - CLEANUP: http-ana: Remove the unused function http_send_name_header()
    - MINOR: stats: Add the support of float fields in stats
    - BUG/MINOR: contrib/prometheus-exporter: Return the time averages in seconds
    - DOC: Fix documentation about the cli command to get resolver stats
    - BUG/MEDIUM: fcgi: fix missing list tail in sample fetch registration
    - BUG/MINOR: stats: Add a missing break in a switch statement
    - BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)
    - CLEANUP: lua: Get rid of obsolete (size_t *) cast in hlua_lua2(smp|arg)
    - BUG/MEDIUM: lua: Store stick tables into the sample's `t` field
    - CLEANUP: proxy: Remove `proxy_tbl_by_name`
    - BUILD: ssl: fix a warning when built with openssl < 1.0.2
    - DOC: replace utf-8 quotes by ascii ones
    - BUG/MEDIUM: fd: HUP is an error only when write is active
    - BUG/MINOR: action: do-resolve does not yield on requests with body
    - Revert "MINOR: cache: allow caching of OPTIONS request"

2019/07/16 : 2.1-dev1
    - BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built
    - DOC: this is a development branch again.
    - MEDIUM: Make 'block' directive fatal
    - MEDIUM: Make 'redispatch' directive fatal
    - MEDIUM: Make '(cli|con|srv)timeout' directive fatal
    - MEDIUM: Remove 'option independant-streams'
    - MINOR: sample: Add sha2([<bits>]) converter
    - MEDIUM: server: server-state global file stored in a tree
    - BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware
    - BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages
    - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
    - MINOR: htx: Add the function htx_change_blk_value_len()
    - BUG/MEDIUM: htx: Fully update HTX message when the block value is changed
    - BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux
    - BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked
    - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock
    - BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition.
    - BUILD: mworker: silence two printf format warnings around getpid()
    - BUILD: makefile: use :space: instead of digits to count commits
    - BUILD: makefile: adjust the sed expression of "make help" for solaris
    - BUILD: makefile: do not rely on shell substitutions to determine git version
    - BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse
    - BUG/MINOR: spoe: Fix memory leak if failing to allocate memory
    - BUG/MEDIUM: mworker: don't call the thread and fdtab deinit
    - BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON.
    - BUG/MEDIUM: connections: Always add the xprt handshake if needed.
    - BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.
    - BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore
    - BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced
    - BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted
    - BUG/MINOR: memory: Set objects size for pools in the per-thread cache
    - BUG/MINOR: log: Detect missing sampling ranges in config
    - BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages
    - BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages
    - BUG/MINOR: mux-h1: Make format errors during output formatting fatal
    - BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
    - BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
    - BUG/MINOR: mworker/cli: don't output a \n before the response
    - BUG/MEDIUM: checks: unblock signals in external checks
    - BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
    - BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
    - BUG/MEDIUM: connections: Always call shutdown, with no linger.
    - BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
    - BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
    - BUG/MINOR: hlua: Don't use channel_htx_recv_max()
    - BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
    - BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
    - BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
    - BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
    - BUG/MEDIUM: servers: Authorize tfo in default-server.
    - BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
    - MINOR: server: Add "no-tfo" option.
    - BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
    - MINOR: action: Add the return code ACT_RET_DONE for actions
    - BUG/MEDIUM: http/applet: Finish request processing when a service is registered
    - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
    - BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
    - BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
    - MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
    - BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
    - DOC: contrib: spoa_server Add some hints for building spoa_server
    - DOC: Fix typo in intro.txt
    - BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
    - BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
    - MINOR: pools: release the pool's lock during the malloc/free calls
    - MINOR: pools: always pre-initialize allocated memory outside of the lock
    - MINOR: pools: make the thread harmless during the mmap/munmap syscalls
    - BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept
    - BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections
    - BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection.
    - BUG/MEDIUM: da: cast the chunk to string.
    - DOC: Fix typos and grammer in configuration.txt
    - CLEANUP: proto_tcp: Remove useless header inclusions.
    - BUG/MEDIUM: servers: Fix a race condition with idle connections.
    - MINOR: task: introduce work lists
    - BUG/MAJOR: listener: fix thread safety in resume_listener()
    - BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send
    - BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used
    - BUG/MEDIUM: streams: Don't give up if we couldn't send the request.
    - BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set.
    - BUG/MINOR: mux-pt: do not pretend there's more data after a read0
    - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again
    - MEDIUM: mworker-prog: Add user/group options to program section
    - REGTESTS: checks: tcp-check connect to multiple ports
    - BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored

2019/06/16 : 2.1-dev0
    - exact copy of 2.0.0

2019/06/16 : 2.0.0
    - MINOR: fd: Don't use atomic operations when it's not needed.
    - DOC: mworker-prog: documentation for the program section
    - MINOR: http: add a new "http-request replace-uri" action
    - BUG/MINOR: 51d/htx: The _51d_fetch method, and the methods it calls are now HTX aware.
    - MINOR: 51d: Added dummy libraries for the 51Degrees module for testing.
    - MINOR: mworker: change formatting in uptime field of "show proc"
    - MINOR: mworker: add the HAProxy version in "show proc"
    - MINOR: doc: Remove -Ds option in man page
    - MINOR: doc: add master-worker in the man page
    - MINOR: doc: mention HAPROXY_LOCALPEER in the man
    - BUILD: Silence gcc warning about unused return value
    - CLEANUP: 51d: move the 51d dummy lib to contrib/51d/src to match the real lib
    - BUILD: travis-ci: add 51Degree device detection, update openssl to 1.1.1c
    - MINOR: doc: update the manpage and usage message about -S
    - BUILD/MINOR: 51d: Updated build registration output to indicate thatif the library is a dummy one or not.
    - BUG/MEDIUM: h1: Don't wait for handshake if we had an error.
    - BUG/MEDIUM: h1: Wait for the connection if the handshake didn't complete.
    - BUG/MINOR: task: prevent schedulable tasks from starving under high I/O activity
    - BUG/MINOR: fl_trace/htx: Be sure to always forward trailers and EOM
    - BUG/MINOR: channel/htx: Call channel_htx_full() from channel_full()
    - BUG/MINOR: http: Use the global value to limit the number of parsed headers
    - BUG/MINOR: htx: Detect when tail_addr meet end_addr to maximize free rooms
    - BUG/MEDIUM: htx: Don't change position of the first block during HTX analysis
    - CLEANUP: channel: Remove channel_htx_fwd_payload() and channel_htx_fwd_all()
    - BUG/MEDIUM: proto_htx: Introduce the state ENDING during forwarding
    - MINOR: htx: Add 3 flags on the start-line to deal with the request schemes
    - MINOR: h2: Set flags about the request's scheme on the start-line
    - MINOR: mux-h1: Set flags about the request's scheme on the start-line
    - MINOR: mux-h2: Forward clients scheme to servers checking start-line flags
    - MEDIUM: server: server-state only rely on server name
    - CLEANUP: connection: rename the wait_event.task field to .tasklet
    - CLEANUP: tasks: rename task_remove_from_tasklet_list() to tasklet_remove_*
    - BUG/MEDIUM: connections: Don't call shutdown() if we want to disable linger.
    - DOC: add some environment variables in section 2.3
    - BUILD: makefile: clarify the "help" output and list options
    - BUG/MINOR: mux-h1: Wake busy mux for I/O when message is fully sent
    - BUG: tasks: fix bug introduced by latest scheduler cleanup
    - BUG/MEDIUM: mux-h2: fix early close with option abortonclose
    - BUG/MEDIUM: connections: Don't use ALPN to pick mux when in mode TCP.
    - BUG/MEDIUM: connections: Don't try to send early data if we have no mux.
    - BUG/MEDIUM: mux-h2: properly account for the appended data in HTX
    - BUILD: makefile: further clarify the "help" output and list targets
    - BUILD: makefile: rename "linux2628" to "linux-glibc" and remove older targets
    - BUILD: travis-ci: switch to linux-glibc instead of linux2628
    - DOC: update few references to the linux* targets and change them to linux-glibc
    - BUILD: makefile: detect and reject recently removed linux targets
    - BUILD: makefile: enable linux namespaces by default on linux
    - BUILD: makefile: enable TFO on linux platforms
    - BUILD: makefile: enable getaddrinfo on the linux-glibc target
    - DOC: small updates to the CONTRIBUTING file
    - BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data.
    - CLEANUP: removed obsolete examples an move a few to better places
    - DOC: Fix typos in CONTRIBUTING
    - DOC: update the outdated ROADMAP file
    - DOC: create a BRANCHES file to explain the life cycle
    - DOC: mention in INSTALL haproxy 2.0 is a long-term supported stable version
    - BUILD: travis-ci: TFO and GETADDRINFO are now enabled by default
    - BUILD: makefile: make the obsolete target detection compatible with make-3.80
    - BUILD: tools: work around an internal compiler bug in gcc-3.4
    - BUILD: pattern: work around an internal compiler bug in gcc-3.4
    - BUILD: makefile: enable USE_RT on Solaris
    - BUILD: makefile: do not use echo -n
    - DOC: mention a few common build errors in the INSTALL file

2019/06/11 : 2.0-dev7
    - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set
    - MINOR: tools: add new bitmap manipulation functions
    - MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps
    - MINOR: chunks: Make sure trash_size is only set once.
    - Revert "MINOR: chunks: Make sure trash_size is only set once."
    - MINOR: threads: serialize threads initialization
    - MINOR peers: data structure simplifications for server names dictionary cache.
    - DOC: peers: Update for dictionary cache entries for peers protocol.
    - MINOR: dict: Store the length of the dictionary entries.
    - MINOR: peers: A bit of optimization when encoding cached server names.
    - MINOR: peers: Optimization for dictionary cache lookup.
    - MEDIUM: tools: improve time format error detection
    - BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early.
    - BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI.
    - MINOR: threads: avoid clearing harmless twice in thread_release()
    - MEDIUM: threads: add thread_sync_release() to synchronize steps
    - BUG/MEDIUM: init/threads: prevent initialized threads from starting before others
    - OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread
    - BUG/MINOR: dict: race condition fix when inserting dictionary entries.
    - MEDIUM: init/threads: don't use spinlocks during the init phase
    - BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet
    - BUG/MEDIUM: compression/htx: Fix the adding of the last data block
    - MINOR: flt_trace: Don't scrash the original offset during the random forwarding
    - MAJOR: htx: Rework how free rooms are tracked in an HTX message
    - MINOR: htx: Add the function htx_move_blk_before()
    - Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early."
    - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message
    - MINOR: http: turn default error files to HTTP/1.1
    - BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error.
    - BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done.
    - MINOR: contrib/spoa_server: Upgrade SPOP to 2.0
    - BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames
    - MINOR: contrib/spoa_server: Add random IP score
    - DOC/MINOR: contrib/spoa_server: Fix typo in README

2019/06/07 : 2.0-dev6
    - BUG/MEDIUM: connection: fix multiple handshake polling issues
    - MINOR: connection: also stop receiving after a SOCKS4 response
    - MINOR: mux-h1: don't try to recv() before the connection is ready
    - BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one
    - MEDIUM: mux-h1: don't use CS_FL_REOS anymore
    - CLEANUP: connection: remove the now unused CS_FL_REOS flag
    - CONTRIB: debug: add 4 missing connection/conn_stream flags
    - MEDIUM: stream: make a full process_stream() loop when completing I/O on exit
    - MINOR: server: increase the default pool-purge-delay to 5 seconds
    - BUILD: tools: do not use the weak attribute for trace() on obsolete linkers
    - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars
    - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions
    - BUILD: task: fix a build warning when threads are disabled
    - CLEANUP: peers: Remove tabs characters.
    - CLEANUP: peers: Replace hard-coded values by macros.
    - BUG/MINOR: peers: Wrong stick-table update message building.
    - MINOR: dict: Add dictionary new data structure.
    - MINOR: peers: Add a LRU cache implementation for dictionaries.
    - MINOR: stick-table: Add "server_name" new data type.
    - MINOR: cfgparse: Space allocation for "server_name" stick-table data type.
    - MINOR: proxy: Add a "server by name" tree to proxy.
    - MINOR: server: Add a dictionary for server names.
    - MINOR: stream: Stickiness server lookup by name.
    - MINOR: peers: Make peers protocol support new "server_name" data type.
    - MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type.
    - REGTEST: Add a basic server by name stickiness reg test.
    - MINOR: peers: Add dictionary cache information to "show peers" CLI command.
    - MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros.
    - MINOR: peers: Replace hard-coded values for peer protocol messaging by macros.
    - CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL)
    - BUILD: travis-ci improvements
    - MINOR: SSL: add client/server random sample fetches
    - BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message
    - BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time
    - BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing
    - MEDIUM: mux-h1: refactor output processing
    - MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s
    - MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers
    - MINOR: mux-h1: Don't count the EOM in the estimated size of headers
    - MEDIUM: cache/htx: Always store info about HTX blocks in the cache
    - MEDIUM: htx: Add the parsing of trailers of chunked messages
    - MINOR: htx: Don't use end-of-data blocks anymore
    - BUG/MINOR: mux-h1: Don't send more data than expected
    - BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body.
    - BUG/MINOR: peers: Wrong "server_name" decoding.
    - BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled.
    - MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy().
    - MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled.
    - MEDIUM: ssl: Handle subscribe by itself.
    - MINOR: ssl: Make ssl_sock_handshake() static.
    - MINOR: connections: Add a new xprt method, remove_xprt.
    - MINOR: connections: Add a new xprt method, add_xprt().
    - MEDIUM: connections: Introduce a handshake pseudo-XPRT.
    - MEDIUM: connections: Remove CONN_FL_SOCK*
    - BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait.
    - BUG/MINOR: peers: Wrong server name parsing.
    - MINOR: server: really increase the pool-purge-delay default to 5 seconds
    - BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states
    - MINOR: stream-int: use bit fields to match multiple stream-int states at once
    - MEDIUM: stream-int: remove dangerous interval checks for stream-int states
    - MEDIUM: stream-int: introduce a new state SI_ST_RDY
    - MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O
    - MEDIUM: stream-int: make idle-conns switch to ST_RDY
    - MEDIUM: stream: re-arrange the connection setup status reporting
    - MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx()
    - MINOR: stream-int: make si_sync_send() from the send code of si_update_both()
    - MEDIUM: stream: rearrange the events to remove the loop
    - MEDIUM: stream: only loop on flags relevant to the analysers
    - MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW
    - BUILD: stream-int: avoid a build warning in dev mode in si_state_bit()
    - BUILD: peers: fix a build warning about an incorrect intiialization
    - BUG/MINOR: time: make sure only one thread sets global_now at boot
    - BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect.

2019/06/02 : 2.0-dev5
    - BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value
    - BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL
    - BUILD: watchdog: condition it to USE_RT
    - MINOR: raw_sock: report global traffic statistics
    - MINOR: stats: report the global output bit rate in human readable form
    - BUG/MINOR: proto-htx: Try to keep connections alive on redirect
    - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it
    - BUG/MINOR: lua: Set right direction and flags on new HTTP objects
    - BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted
    - BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade
    - BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled
    - BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag()
    - DOC: fix typos
    - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
    - OPTIM: freq-ctr: don't take the date lock for most updates
    - MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed
    - CLEANUP: debug: remove the TRACE() macro
    - MINOR: buffer: introduce b_make() to make a buffer from its parameters
    - MINOR: buffer: add a new buffer ring API to manipulate rings of buffers
    - MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring
    - MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail
    - MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring
    - MEDIUM: mux-h2: make the send() function iterate over all mux buffers
    - CLEANUP: mux-h2: consistently use a local variable for the mbuf
    - MINOR: mux-h2: report the mbuf's head and tail in "show fd"
    - MAJOR: mux-h2: switch to next mux buffer on buffer full condition.
    - BUILD: connections: shut up gcc about impossible out-of-bounds warning
    - BUILD: ssl: fix latest LibreSSL reg-test error
    - MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity
    - MINOR: cli/activity: add 3 general purpose counters in development mode
    - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass
    - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute.
    - BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms
    - MEDIUM: config: now alert when two servers have the same name
    - MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead
    - MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h
    - MINOR: htx: Store the head position instead of the wrap one
    - MINOR: htx: Store start-line block's position instead of address of its payload
    - MINOR: htx: Add functions to get the first block of an HTX message
    - MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built
    - MINOR: htx: Replace the function http_find_stline() by http_get_stline()
    - CLEANUP: htx: Remove unused function htx_get_stline()
    - MINOR: http/htx: Use sl_pos directly to replace the start-line
    - MEDIUM: http/htx: Perform analysis relatively to the first block
    - MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max()
    - MINOR: htx: Add function htx_get_max_blksz()
    - BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata
    - MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf()
    - MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf()
    - MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv()
    - MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV
    - MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf()
    - MINOR: htx: Add a field to set the memory used by headers in the HTX start-line
    - MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced
    - MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced
    - MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks()
    - MEDIUM: htx: 1xx messages are now part of the final reponses
    - MINOR: channel/htx: Add function to forward headers of an HTX message
    - MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering
    - MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses
    - MEDIUM: htx: Store the first block position instead of the start-line one
    - MINOR: stats/htx: don't use the first block position but the head one
    - MINOR: channel/htx: Add functions to forward a part or all HTX payload
    - MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded
    - MEDIUM: filters/htx: Filter body relatively to the first block
    - MINOR: htx: Optimize htx_drain() when all data are drained
    - MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate()
    - MINOR: htx: remove the unused function htx_find_blk()
    - MINOR: htx: Remove support of pseudo headers because it is unused
    - BUG/MEDIUM: http: fix "http-request reject" when not final
    - MINOR: ssl: Make sure the underlying xprt's init method doesn't fail.
    - MINOR: ssl: Don't forget to call the close method of the underlying xprt.
    - MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce()
    - MINOR: htx: make htx_add_data() return the transmitted byte count
    - MEDIUM: htx: make htx_add_data() never defragment the buffer
    - MINOR: activity: write totals on the "show activity" output
    - MINOR: activity: report totals and average separately
    - MEDIUM: poller: separate the wait time from the wake events
    - MINOR: activity: report the number of failed pool/buffer allocations
    - MEDIUM: buffers: relax the buffer lock a little bit
    - MINOR: task: turn the WQ lock to an RW_LOCK
    - MEDIUM: task: don't grab the WR lock just to check the WQ
    - BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read
    - MEDIUM: sessions: Introduce session flags.
    - BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs.
    - BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop
    - BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer
    - BUG/MEDIUM: connection: Use the session to get the origin address if needed.
    - MEDIUM: tasks: Get rid of active_tasks_mask.
    - MEDIUM: connection: Upstream SOCKS4 proxy support
    - BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct
    - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit

2019/05/22 : 2.0-dev4
    - BUILD: enable freebsd builds on cirrus-ci
    - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()"
    - MEDIUM: Make 'option forceclose' actually warn
    - MEDIUM: Make 'resolution_pool_size' directive fatal
    - DOC: management: place "show activity" at the right place
    - MINOR: cli/activity: show the dumping thread ID starting at 1
    - MINOR: task: export global_task_mask
    - MINOR: cli/debug: add a thread dump function
    - BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete.
    - BUG/MEDIUM: streams: Try to L7 retry before aborting the connection.
    - BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it
    - BUG/MINOR: debug: make ha_task_dump() actually dump the requested task
    - MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer
    - BUG/MINOR: debug: don't check the call date on tasklets
    - MINOR: thread: implement ha_thread_relax()
    - MINOR: task: put barriers after each write to curr_task
    - MINOR: task: always reset curr_task when freeing a task or tasklet
    - MINOR: stream: detach the stream from its own task on stream_free()
    - MEDIUM: debug/threads: implement an advanced thread dump system
    - REGTEST: extend the check duration on tls_health_checks and mark it slow
    - DOC: fix "successful" typo
    - MINOR: init: setenv HAPROXY_CFGFILES
    - MINOR: threads/init: synchronize the threads startup
    - MEDIUM: init/mworker: make the pipe register function a regular initcall
    - CLEANUP: memory: make the fault injection code use the OTHER_LOCK label
    - CLEANUP: threads: remove the now unused START_LOCK label
    - MINOR: init/threads: make the global threads an array of structs
    - MINOR: threads: add each thread's clockid into the global thread_info
    - CLEANUP: stream: remove an obsolete debugging test
    - MINOR: tools: add dump_hex()
    - MINOR: debug: implement ha_panic()
    - MINOR: debug/cli: add some debugging commands for developers
    - MINOR: tools: provide a may_access() function and make dump_hex() use it
    - MINOR: debug: make ha_panic() report threads starting at 1
    - REORG: compat: move some integer limit definitions from standard.h to compat.h
    - REORG: threads: move the struct thread_info from global.h to hathreads.h
    - MINOR: compat: make sure to always define clockid_t
    - MINOR: threads: always place the clockid in the struct thread_info
    - MINOR: threads: add a thread-local thread_info pointer "ti"
    - MINOR: time: move the cpu, mono, and idle time to thread_info
    - MINOR: time: add a function to retrieve another thread's cputime
    - MINOR: debug: report each thread's cpu usage in "show thread"
    - BUILD: threads: only assign the clock_id when supported
    - BUILD: makefile: use USE_OBSOLETE_LINKER for solaris
    - BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris)
    - MAJOR: polling: add event ports support (Solaris)
    - BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0.
    - CLEANUP: time: refine the test on _POSIX_TIMERS
    - MINOR: compat: define a new empty type empty_t for non-implemented fields
    - CLEANUP: time: switch clockid_t to empty_t when not available
    - BUG/MINOR: mworker: Fix memory leak of mworker_proc members
    - CLEANUP: objtype: make obj_type() and obj_type_name() take consts
    - MINOR: debug: switch to SIGURG for thread dumps
    - CLEANUP: threads: really move thread_info to hathreads.c
    - MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads
    - CLEANUP: debug: always report harmless/want_rdv even without threads
    - MINOR: threads: implement ha_tkill() and ha_tkillall()
    - CLEANUP: debug: make use of ha_tkill() and remove ifdefs
    - MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash()
    - MINOR: debug: dump streams when an applet, iocb or stream is known
    - MINOR: threads: add a "stuck" flag to the thread_info struct
    - MINOR: threads: add a timer_t per thread in thread_info
    - MAJOR: watchdog: implement a thread lockup detection mechanism
    - MINOR: stream: remove the cpu time detection from process_stream()
    - MINOR: connection: report the mux names in "haproxy -vv"
    - CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name
    - BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info.
    - MINOR: WURFL: call header_retireve_callback() in dummy library
    - MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id
    - MINOR: WURFL: shows log messages during module initialization
    - MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results
    - MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails
    - MEDIUM: WURFL: HTX awareness.
    - MINOR: WURFL: module version bump to 2.0
    - MINOR: WURFL: do not emit warnings when not configured
    - CONTRIB: wurfl: address 3 build issues in the wurfl dummy library
    - BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks
    - BUILD: travis: add sanitizers to travis-ci builds
    - BUILD: time: remove the test on _POSIX_C_SOURCE
    - CLEANUP: build: rename some build macros to use the USE_* ones
    - CLEANUP: raw_sock: remove support for very old linux splice bug workaround
    - BUG/MEDIUM: dns: make the port numbers unsigned
    - MEDIUM: config: deprecate the antique req* and rsp* commands

2019/05/15 : 2.0-dev3
    - BUG/MINOR: peers: Really close the sessions with no heartbeat.
    - CLEANUP: peers: remove useless annoying tabulations.
    - CLEANUP: peers: replace timeout constants by macros.
    - REGTEST: Enable again reg tests with HEAD HTTP method usage.
    - DOC: The option httplog is no longer valid in a backend.
    - DOC: peers: Peers protocol documentation update.
    - REGTEST: remove unexpected "nbthread" statement from Lua test cases
    - BUILD: Makefile: remove 11-years old workarounds for deprecated options
    - BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE
    - BUILD: Makefile: remove outdated support for dlmalloc
    - BUILD: Makefile: consider a variable's origin and not its value for the options list
    - BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable
    - BUILD: Makefile: shorten default settings declaration
    - BUILD: Makefile: clean up the target declarations
    - BUILD: report the whole feature set with their status in haproxy -vv
    - BUILD: pass all "USE_*" variables as -DUSE_* to the compiler
    - REGTEST: script: make the script use the new features list
    - REGTEST: script: remove platform-specific assigments of OPTIONS
    - BUG/MINOR: peers: Missing initializations after peer session shutdown.
    - BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes
    - BUILD/MINOR: listener: Silent a few signedness warnings.
    - BUG/MINOR: mux-h1: Only skip invalid C-L headers on output
    - BUG/MEDIUM: mworker: don't free the wrong child when not found
    - BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error.
    - BUG/MAJOR: checks: segfault during tcpcheck_main
    - BUILD: makefile: work around an old bug in GNU make-3.80
    - BUILD: makefile: work around another bug in make 3.80
    - BUILD: http: properly mark some struct as extern
    - BUILD: chunk: properly declare pool_head_trash as extern
    - BUILD: cache: avoid a build warning with some compilers/linkers
    - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()
    - MINOR: tools: add an unsetenv() implementation
    - BUILD: re-implement an initcall variant without using executable sections
    - BUILD: use inttypes.h instead of stdint.h
    - BUILD: connection: fix naming of ip_v field
    - BUILD: makefile: fix build of IPv6 header on aix51
    - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51
    - BUILD: define unsetenv on AIX 5.1
    - BUILD: Makefile: disable shared cache on AIX 5.1
    - MINOR: ssl: Add aes_gcm_dec converter
    - REORG: mworker: move serializing functions to mworker.c
    - REORG: mworker: move signals functions to mworker.c
    - REORG: mworker: move IPC functions to mworker.c
    - REORG: mworker: move signal handlers and related functions
    - REORG: mworker: move mworker_cleanlisteners to mworker.c
    - MINOR: mworker: calloc mworker_proc structures
    - MINOR: mworker: don't use children variable anymore
    - MINOR: cli: export cli_parse_default() definition in cli.h
    - REORG: mworker/cli: move CLI functions to mworker.c
    - MEDIUM: mworker-prog: implement program for master-worker
    - MINOR: mworker/cli: show programs in 'show proc'
    - BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
    - MINOR: cli: start addresses by a prefix in 'show cli sockets'
    - MINOR: cli: export HAPROXY_CLI environment variable
    - BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error
    - BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE
    - REGTEST: http-capture/h00000: Relax a regex matching the log message
    - REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled
    - REGTEST: http-rules/h00003: Use a different client for requests expecting a 301
    - REGTEST: log/b00000: Be sure the client always hits its timeout
    - REGTEST: lua/b00003: Relax the regex matching the log message
    - REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed
    - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
    - BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed.
    - BUG/MEDIUM: htx: fix random premature abort of data transfers
    - BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both().
    - BUG/MEDIUM: streams: Store prev_state before calling si_update_both().
    - BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both.
    - MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols.
    - MINOR: threads: Implement thread_cpus_enabled() for FreeBSD.
    - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
    - MINOR: skip get_gmtime where tm is unused
    - MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL
    - BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state.
    - BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected.
    - BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks
    - BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value
    - BUG/MINOR: listener: renice the accept ring processing task
    - MINOR: cli/listener: report the number of accepts on "show activity"
    - MINOR: cli/activity: report the accept queue sizes in "show activity"
    - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
    - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
    - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded
    - BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap
    - BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block
    - MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX
    - MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers
    - BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections
    - MINOR: mux-h1: Simplify handling of 1xx responses
    - MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses
    - MEDIUM: h1: Add an option to sanitize connection headers during parsing
    - MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers
    - MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed
    - BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write
    - MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode
    - MINOR: muxes: Add a flag to specify a multiplexer uses the HTX
    - MINOR: stream: Set a flag when the stream uses the HTX
    - MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX
    - MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx
    - MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter
    - MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn
    - MEDIUM: muxes: Add an optional input buffer during mux initialization
    - MINOR: muxes: Pass the context of the mux to destroy() instead of the connection
    - MEDIUM: muxes: Be prepared to don't own connection during the release
    - MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades
    - MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too
    - MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode
    - MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2
    - MAJOR: htx: Enable the HTX mode by default for all proxies
    - REGTEST: Use HTX by default and add '--no-htx' option to disable it
    - BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions
    - CLEANUP: task: do not export rq_next anymore
    - MEDIUM: tasks: improve fairness between the local and global queues
    - MEDIUM: tasks: only base the nice offset on the run queue depth
    - MINOR: tasks: restore the lower latency scheduling when niced tasks are present
    - BUG/MEDIUM: map: Fix memory leak in the map converter
    - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation
    - BUILD: task/thread: fix single-threaded build of task.c
    - BUILD: cli/threads: fix build in single-threaded mode
    - BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx.
    - BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe().
    - BUG/MEDIUM: h2: Revamp the way send subscriptions works.
    - MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag.
    - BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7.
    - BUILD: address a few cases of "static <type> inline foo()"
    - BUILD: do not specify "const" on functions returning structs or scalars
    - BUILD: htx: fix a used uninitialized warning on is_cookie2
    - MINOR: peers: Add a new command to the CLI for peers.
    - DOC: update for "show peers" CLI command.
    - BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB
    - MEDIUM: mworker: store the leaving state of a process
    - MEDIUM: mworker-prog: implements 'option start-on-reload'
    - CLEANUP: mworker: remove the type field in mworker_proc
    - MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable
    - MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI
    - MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode
    - MINOR: init: add a "set-dumpable" global directive to enable core dumps
    - BUG/MINOR: listener/mq: correctly scan all bound threads under low load
    - BUG/MINOR: mworker: mworker_kill should apply on every children
    - BUG/MINOR: mworker: don't exit with an ambiguous value
    - BUG/MINOR: mworker: ensure that we still quits with SIGINT
    - REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled
    - BUG/MINOR: mux-h1: Process input even if the input buffer is empty
    - BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done
    - BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty
    - BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only
    - MINOR: mux-h1: Handle read0 during TCP splicing
    - BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty
    - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
    - BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX
    - BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode
    - BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq.
    - BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock.
    - MINOR: tasks: Don't consider we can wake task with tasklet_wakeup().
    - MEDIUM: tasks: No longer use rq.node.leaf_p as a lock.
    - MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list.
    - BUG/MEDIUM: applets: Don't use task_in_rq().
    - BUG/MAJOR: task: make sure never to delete a queued task
    - MINOR: task/thread: factor out a wake-up condition
    - CLEANUP: task: remain consistent when using the task's handler
    - MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy().
    - MEDIUM: tasks: Don't account a destroyed task as a runned task.
    - BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type
    - MINOR: contrib/prometheus-exporter: Remove usless rate metrics
    - MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable
    - MINOR: contrib/prometheus-exporter: Follow best practices about metrics type
    - BUG/MINOR: mworker: disable busy polling in the master process
    - MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask.
    - MEDIUM: ssl: Give ssl_sock its own context.
    - MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx.
    - MEDIUM: ssl: provide its own subscribe/unsubscribe function.
    - MEDIUM: connections: Provide a xprt_ctx for each xprt method.
    - MEDIUM: ssl: provide our own BIO.
    - BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0
    - MINOR: peers: adds counters on show peers about tasks calls.
    - MEDIUM: enable travis-ci builds
    - MINOR: fd: Add a counter of used fds.
    - MEDIUM: connections: Add a way to control the number of idling connections.
    - BUG/MEDIUM: maps: only try to parse the default value when it's present
    - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
    - REGTEST: Missing REQUIRE_VERSION declarations.
    - MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var
    - BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available
    - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
    - BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled
    - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
    - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
    - MINOR: gcc: Fix a silly gcc warning in connect_server()
    - MINOR: ssl/cli: async fd io-handlers printable on show fd
    - Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code"
    - BUILD: add USE_WURFL to the list of known build options
    - MINOR: wurfl: indicate in haproxy -vv the wurfl version in use
    - BUILD: wurfl: build fix for 1.9/2.0 code base
    - CLEANUP: wurfl: removed deprecated methods
    - DOC: wurfl: added point of contact in MAINTAINERS file
    - MINOR: wurfl: enabled multithreading mode
    - MINOR: contrib: dummy wurfl library
    - MINOR: dns: dns_requester structures are now in a memory pool
    - MINOR: dns: move callback affection in dns_link_resolution()
    - MINOR: obj_type: new object type for struct stream
    - MINOR: action: new '(http-request|tcp-request content) do-resolve' action
    - MINOR: log: Extract some code to send syslog messages.
    - REGTEST: replace LEVEL option by a more human readable one.
    - REGTEST: rename the reg test files.
    - REGTEST: adapt some reg tests after renaming.
    - REGTEST: make the "run-regtests" script search for tests in reg-tests by default
    - BUG/MAJOR: stream: Missing DNS context initializations.
    - BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled
    - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
    - BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN.
    - BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB
    - BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only
    - BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup
    - CLEANUP: task: report calls as unsigned in show sess
    - MINOR: tasks/activity: report the context switch and task wakeup rates
    - MINOR: stream: measure and report a stream's call rate in "show sess"
    - MINOR: applet: measure and report an appctx's call rate in "show sess"
    - BUILD: extend Travis CI config to support more platforms
    - REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks
    - REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word
    - REGTEST: exclude OSX and generic targets from abns_socket.vtc
    - BUILD: travis: remove the "allow_failures" entry
    - BUG/MINOR: activity: always initialize the profiling variable
    - MINOR: activity: make the profiling status per thread and not global
    - MINOR: activity: enable automatic profiling turn on/off
    - CLEANUP: standard: use proper const to addr_to_str() and port_to_str()
    - BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive
    - MINOR: connection: make the debugging helper functions safer
    - MINOR: stream/debug: make a stream dump and crash function
    - MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever
    - MEDIUM: stream/debug: force a crash if a stream spins over itself forever
    - MEDIUM: streams: measure processing time and abort when detecting bugs
    - BUILD/MEDIUM: contrib: Dummy DeviceAtlas API.
    - MEDIUM: da: HTX mode support.
    - BUG/MEDIUM: mux-h2: properly deal with too large headers frames
    - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request
    - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed
    - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding
    - DOC: contrib/modsecurity: Typos and fix the reject example
    - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it
    - MINOR: log: Add "sample" new keyword to "log" lines.
    - MINOR: log: Enable the log sampling and load-balancing feature.
    - DOC: log: Document the sampling and load-balancing logging feature.
    - REGTEST: Add a new reg test for log load-balancing feature.
    - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
    - REGTEST: Make this reg test be Linux specific.
    - CLEANUP: task: move the task_per_thread definition to task.h
    - MINOR: activity: report context switch counts instead of rates
    - MINOR: threads: Implement HA_ATOMIC_LOAD().
    - BUG/MEDIUM: port_range: Make the ring buffer lock-free.
    - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled
    - MINOR: config: Test validity of tune.maxaccept during the config parsing
    - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
    - BUG/MEDIUM: servers: fix typo "src" instead of "srv"
    - BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w.
    - BUG/MINOR: haproxy: fix rule->file memory leak
    - BUG/MINOR: log: properly free memory on logformat parse error and deinit()
    - BUG/MINOR: checks: free memory allocated for tasklets
    - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions
    - BUG/MEDIUM: channels: Don't forget to reset output in channel_erase().
    - BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown.
    - MINOR: threads: flatten the per-thread cpu-map
    - MINOR: init/threads: remove the useless tids[] array
    - MINOR: init/threads: make the threads array global
    - BUG/MEDIUM: ssl: Use the early_data API the right way.
    - BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected.
    - MEDIUM: streams: Add the ability to retry a request on L7 failure.
    - MEDIUM: streams: Add a way to replay failed 0rtt requests.
    - MEDIUM: streams: Add a new keyword for retry-on, "junk-response"
    - BUG/MINOR: stream: also increment the retry stats counter on L7 retries
    - BUG/MEDIUM: checks: make sure the warmup task takes the server lock
    - BUG/MINOR: logs/threads: properly split the log area upon startup
    - BUILD: extend travis-ci matrix
    - CLEANUP: Remove appsession documentation
    - DOC: Fix typo in keyword matrix
    - BUILD: remove "build_libressl" duplicate declaration
    - BUILD: travis-ci: get back to osx without openssl support
    - BUILD: enable several LibreSSL hacks, including
    - BUILD: temporarily mark LibreSSL builds as allowed to fail
    - BUILD: travis: TMPDIR replacement.
    - BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
    - MINOR: doc: Document allow-0rtt on the server line.
    - MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected.
    - MEDIUM: proto: Change the prototype of the connect() method.
    - MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server
    - MINOR: config: Extract the code of "stick-table" line parsing.
    - BUILD/MINOR: stick-table: Compilation fix.
    - MEDIUM: stick-table: Stop handling stick-tables as proxies.
    - MINOR: stick-tables: Add peers process binding computing.
    - MINOR: stick-table: Add prefixes to stick-table names.
    - MINOR: peers: Do not emit global stick-table names.
    - DOC: Update for "table" lines in "peers" section.
    - REGTEST: Add reg tests for "table" lines in "peers" sections.
    - MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct
    - REGTEST: make the tls_health_checks test much faster
    - REGTEST: make the "table in peers" test require v2.0
    - BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data
    - BUG/MEDIUM: h2/htx: always fail on too large trailers
    - MEDIUM: mux-h2: discard contents that are to be sent after a shutdown
    - BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers
    - BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block
    - REGTEST: Flag some slow reg tests.
    - REGTEST: Reg tests file renaming.
    - REGTEST: Wrong renaming for one reg test.
    - REGTEST: Wrong assumption in IP:port logging test.
    - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload
    - MINOR: systemd: Use the variables from /etc/default/haproxy
    - MINOR: systemd: Make use of master socket in systemd unit
    - MINOR: systemd: support /etc/sysconfig/ for redhat based distrib
    - BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct
    - BUG/MEDIUM: tasks: fix possible segfault on task_destroy()
    - CLEANUP: task: remove unneeded tests before task_destroy()
    - MINOR: mworker: support a configurable maximum number of reloads
    - BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend
    - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
    - BUG/MINOR: mux-h1: Fix the parsing of trailers
    - BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks()
    - MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message
    - MINOR: htx: Don't try to append a trailer block with the previous one
    - MINOR: htx: Remove support for unused OOB HTX blocks
    - BUILD: travis-ci bugfixes and improvements
    - BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO.
    - BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach().
    - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix
    - CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER
    - BUILD: ssl: make libressl use its own version numbers
    - CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER
    - MINOR: ssl: enable aes_gcm_dec on LibreSSL
    - BUILD: ssl: fix libressl build again after aes-gcm-enc
    - REORG: ssl: move openssl-compat from proto to common
    - REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat
    - CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore
    - CLEANUP: ssl: make inclusion of openssl headers safe
    - BUILD: add BoringSSL to travis-ci build matrix
    - BUILD: threads: Add __ha_cas_dw fallback for single threaded builds
    - BUG/MINOR: stream: Attach the read side on the response as soon as possible
    - BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers
    - BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list.
    - BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry.
    - MEDIUM: streams: Add a new http action, disable-l7-retry.
    - MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors.
    - BUG/MINOR: vars: Fix memory leak in vars_check_arg
    - BUILD: travis-ci: make TMPDIR global variable in travis-ci
    - CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat
    - CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs()
    - CLEANUP: ssl: move all BIO_* definitions to openssl-compat
    - BUILD: threads: fix again the __ha_cas_dw() definition
    - BUG/MAJOR: mux-h2: do not add a stream twice to the send list
    - Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg"
    - BUG/MINOR: peers: Fix memory leak in cfg_parse_peers
    - BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer
    - REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI
    - MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked
    - BUG/MINOR: vars: Fix memory leak in vars_check_arg
    - BUG/MAJOR: ssl: segfault upon an heartbeat request
    - MINOR: spoa-server: Clone the v1.7 spoa-example project
    - MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h
    - MINOR: spoa-server: Externalise debug functions
    - MINOR: spoe-server: rename "worker" functions
    - MINOR: spoa-server: Replace the thread init system by processes
    - MINOR: spoa-server: With debug mode, start only one process
    - MINOR: spoa-server: Allow registering external processes
    - MINOR: spoa-server: Allow registering message processors
    - MINOR: spoa-server: Load files
    - MINOR: spoa-server: Prepare responses
    - MINOR: spoa-server: Execute registered callbacks
    - MINOR: spoa-server: Add Lua processing
    - MINOR: spoa-server: Add python
    - MINOR/DOC: spoe-server: Add documentation
    - BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close.
    - MINOR: lists: add LIST_ADDED() to check if an element belongs to a list
    - CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant
    - MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw
    - CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut()
    - CLEANUP: connection: remove the handle field from the wait_event struct
    - BUG/MINOR: log: Wrong log format initialization.
    - BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries
    - BUG/MINOR: mworker: use after free when the PID not assigned
    - MINOR: mux-h2: remove useless test on stream ID vs last in wake function
    - MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags
    - MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS
    - MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags
    - BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w}
    - CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions
    - MINOR: mux-h2: add macros to check multiple stream states at once
    - MINOR: mux-h2: stop relying on CS_FL_REOS
    - BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf()
    - BUILD: debug: make gcc not complain on the ABORT_NOW() macro
    - MINOR: debug: add a new BUG_ON macro
    - MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers

2019/03/26 : 2.0-dev2
    - CLEANUP: http: Remove unreachable code in parse_http_req_capture
    - CLEANUP: stream: Remove bogus loop in conn_si_send_proxy
    - MINOR: lists: Implement locked variations.
    - MEDIUM: servers: Used a locked list for idle_orphan_conns.
    - MEDIUM: servers: Reorganize the way idle connections are cleaned.
    - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
    - MINOR: cfgparse: Add a cast to make gcc happier.
    - BUG/MEDIUM: standard: Wrong reallocation size.
    - BUG/MINOR: listener: keep accept rate counters accurate under saturation
    - DOC: fix alphabetic ordering for "tune.fail-alloc" setting
    - MAJOR: config: disable support for nbproc and nbthread in parallel
    - MEDIUM: listener: keep a single thread-mask and warn on "process" misuse
    - MAJOR: listener: do not hold the listener lock in listener_accept()
    - MINOR: listener: maintain a per-thread count of the number of connections on a listener
    - MINOR: tools: implement functions to look up the nth bit set in a mask
    - MINOR: listener: pre-compute some thread counts per bind_conf
    - MINOR: listener: implement multi-queue accept for threads
    - MAJOR: listener: use the multi-queue for multi-thread listeners
    - MINOR: activity: add accept queue counters for pushed and overflows
    - MINOR: config: add global tune.listener.multi-queue setting
    - MAJOR: threads: enable one thread per CPU by default
    - DOC: update management.txt to reflect that threads are used by default
    - BUG/MINOR: config: don't over-count the global maxsock value
    - BUG/MEDIUM: list: fix the rollback on addq in the locked liss
    - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
    - BUG/MEDIUM: list: add missing store barriers when updating elements and head
    - MINOR: list: make the delete and pop operations idempotent
    - MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED
    - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
    - BUG/MEDIUM: listener: make sure the listener never accepts too many conns
    - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
    - MINOR: listener: introduce listener_backlog() to report the backlog value
    - MINOR: listener: do not needlessly set l->maxconn
    - MINOR: proxy: do not change the listeners' maxconn when updating the frontend's
    - MEDIUM: config: don't enforce a low frontend maxconn value anymore
    - MINOR: peers: Add a message for heartbeat.
    - MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values
    - BUG/MINOR: init: never lower rlim_fd_max
    - BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max
    - BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload
    - MINOR: init: make the maxpipe computation more accurate
    - MINOR: init: move some maxsock updates earlier
    - MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits
    - REGTEST: fix a spurious "nbthread 4" in the connection test
    - DOC: update the text related to the global maxconn value
    - BUG/MAJOR: mux-h2: fix race condition between close on both ends
    - MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter.
    - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
    - MINOR: htx: unconditionally handle parsing errors in requests or responses
    - MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX
    - BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars
    - MINOR: sample: Code factorization "ungrpc" converter.
    - MINOR: sample: Rework gRPC converter code.
    - CLEANUP: wurfl: remove dead, broken and unmaintained code
    - MINOR: config: relax the range checks on cpu-map
    - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
    - MINOR: sample: Extract some protocol buffers specific code.
    - DOC: Remove tabs and fixed punctuation.
    - MINOR: sample: Add a protocol buffers specific converter.
    - REGTEST: Peers reg tests.
    - REGTEST: Enable reg tests with HEAD HTTP method usage.
    - MINOR: lists: add a LIST_DEL_INIT() macro
    - MINOR: task: use LIST_DEL_INIT() to remove a task from the queue
    - MINOR: listener: improve incoming traffic distribution
    - MINOR: tools: implement my_flsl()
    - MEDIUM: listener: change the LB algorithm again to use two round robins instead
    - CLEANUP: listener: remove old thread bit mapping
    - MINOR: listener: move thr_idx from the bind_conf to the listener
    - BUG/MEDIUM: logs: Only attempt to free startup_logs once.
    - BUG/MAJOR: config: Wrong maxconn adjustment.
    - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
    - OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list()
    - MINOR: fd: Remove debugging code.
    - BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL.
    - MINOR: threads: Implement __ha_barrier_atomic*.
    - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API.
    - MINOR: threads: Add macros to do atomic operation with no memory barrier.
    - MEDIUM: various: Use __ha_barrier_atomic* when relevant.
    - MEDIUM: applets: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: xref: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: fd: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: proxy: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: server: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: task: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: activity: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: backend: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: cache: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: checks: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: pollers: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: compression: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: spoe: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: threads: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: http: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: listeners: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: logs: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: memory: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: peers: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: queues: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: sessions: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: ssl: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: stream: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: time: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: vars: Use the new _HA_ATOMIC_* macros.
    - MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places
    - MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn
    - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
    - BUG/MEDIUM: listener: make sure we don't pick stopped threads
    - MEDIUM: list: Remove useless barriers.
    - MEDIUM: list: Use _HA_ATOMIC_*
    - MEDIUM: connections: Use _HA_ATOMIC_*
    - BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq.
    - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
    - BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation
    - BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed.
    - BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received
    - BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent
    - BUG/MINOR: lua/htx: Use channel_add_input() when response data are added
    - BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate
    - MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests
    - MINOR: stats: Move stuff about the stats status codes in stats files
    - BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet
    - Revert "REGTEST: Enable reg tests with HEAD HTTP method usage."
    - BUILD: listener: shut up a build warning when threads are disabled
    - BUILD: Makefile: allow the reg-tests target to be verbose
    - BUILD: Makefile: resolve LEVEL before calling run-regtests
    - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
    - BUG/MAJOR: stats: Fix how huge POST data are read from the channel
    - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
    - BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams
    - MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent
    - MINOR: muxes: Report the Last read with a dedicated flag
    - MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding
    - BUILD: tools: fix a build warning on some 32-bit archs
    - MINOR: init: report the list of optionally available services
    - MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter
    - BUG/MINOR: cache: Fully consume large requests in the cache applet
    - BUG/MINOR: stats: Fully consume large requests in the stats applet
    - BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends
    - MINOR: proto_http: Add function to handle the header "Expect: 100-continue"
    - MINOR: proto_htx: Add function to handle the header "Expect: 100-continue"
    - MINOR: stats/cache: Handle the header Expect when applets are registered
    - MINOR: http/applets: Handle all applets intercepting HTTP requests the same way
    - CLEANUP: cache: don't export http_cache_applet anymore
    - MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore
    - BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay.
    - Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter"
    - BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done.
    - BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send.
    - BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders().
    - MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses
    - CLEANUP: mux-h2: add some comments to help understand the code
    - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
    - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used.
    - BUG/MEDIUM: h2: Try to be fair when sending data.
    - BUG/MINOR: proto-http: Don't forward request body anymore on error
    - MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data()
    - MINOR: connection: and new flag to mark end of input (EOI)
    - MINOR: channel: Report EOI on the input channel if it was reached in the mux
    - MEDIUM: mux-h2: Don't mix the end of the message with the end of stream
    - MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached
    - BUG/MEDIUM: http/htx: Fix handling of the option abortonclose
    - CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL
    - MEDIUM: proto_htx: Reintroduce the infinite forwarding on data
    - BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL.
    - BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send().
    - BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf.
    - BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing.
    - BUG/MEDIUM: task/h2: add an idempotent task removal fucntion
    - CLEANUP: task: only perform a LIST_DEL() when the list is not empty
    - BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition
    - CONTRIB: debug: report the CS and CF's EOI flags
    - MINOR: channel: don't unset CF_SHUTR_NOW after shutting down.

2019/02/26 : 2.0-dev1
    - MINOR: mux-h2: only increase the connection window with the first update
    - REGTESTS: remove the expected window updates from H2 handshakes
    - BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error
    - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
    - MEDIUM: mux-h2: remove padlen during headers phase
    - MINOR: h2: add a bit-based frame type representation
    - MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers()
    - MEDIUM: mux-h2: decode HEADERS frames before allocating the stream
    - MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code
    - MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code
    - MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM
    - MINOR: buffers: add a new b_move() function
    - MINOR: mux-h2: make h2_peek_frame_hdr() support an offset
    - MEDIUM: mux-h2: handle decoding of CONTINUATION frames
    - CLEANUP: mux-h2: remove misleading comments about CONTINUATION
    - BUG/MEDIUM: servers: Don't try to reuse connection if we switched server.
    - BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free().
    - BUG/MINOR: htx: send the proper authenticate header when using http-request auth
    - BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full.
    - BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream.
    - BUG/MAJOR: servers: Use the list api correctly to avoid crashes.
    - BUG/MAJOR: servers: Correctly use LIST_ELEM().
    - BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.
    - BUG/MEDIUM: servers: Flag the stream_interface on handshake error.
    - MEDIUM: servers: Be smarter when switching connections.
    - MEDIUM: sessions: Keep track of which connections are idle.
    - MINOR: payload: add sample fetch for TLS ALPN
    - BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals
    - MINOR: channel: Add the function channel_add_input
    - MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand
    - BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown
    - BUG/MAJOR: htx: Return the good block address after a defrag
    - MINOR: lb: allow redispatch when using consistent hash
    - CLEANUP: mux-h2: fix end-of-stream flag name when processing headers
    - BUG/MEDIUM: mux-h2: always restart reading if data are available
    - BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers()
    - BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers()
    - BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before
    - BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers
    - BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions
    - BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2
    - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
    - BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done
    - BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts
    - MINOR: mux-h2: make h2c_decode_headers() return a status, not a count
    - MINOR: mux-h2: add a new dummy stream : h2_error_stream
    - MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors
    - BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers
    - MINOR: mux-h2: remove a misleading and impossible test
    - CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing
    - MINOR: mux-h2: check for too many streams only for idle streams
    - MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded
    - BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames
    - MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers
    - MEDIUM: mux-h2: pass trailers to H1 (legacy mode)
    - MINOR: htx: add a new function to add a block without filling it
    - MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers
    - MEDIUM: mux-h2: pass trailers to HTX
    - MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN
    - BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests
    - MINOR: mux-h2: make HTX_BLK_EOM processing idempotent
    - MINOR: h1: make the H1 headers block parser able to parse headers only
    - MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks
    - MINOR: stream/htx: Add info about the HTX structs in "show sess all" command
    - MINOR: stream: Add the subscription events of SIs in "show sess all" command
    - MINOR: mux-h1: Add the subscription events in "show fd" command
    - BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing
    - BUG/MINOR: cache/htx: Be sure to count partial trailers
    - BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv().
    - BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized.
    - MINOR: connections: Remove a stall comment.
    - BUG/MEDIUM: cli: make "show sess" really thread-safe
    - BUILD: add a new file "version.c" to carry version updates
    - MINOR: stream/htx: add the HTX flags output in "show sess all"
    - MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
    - MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
    - BUG/MINOR: lua: bad args are returned for Lua actions
    - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
    - MINOR: htx: Add an helper function to get the max space usable for a block
    - MINOR: channel/htx: Add HTX version for some helper functions
    - BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served
    - BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped
    - DOC: regtest: make it clearer what the purpose of the "broken" series is
    - REGTEST: mailers: add new test for 'mailers' section
    - REGTEST: Add a reg test for health-checks over SSL/TLS.
    - BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done
    - MEDIUM: mux-h1: Clarify how shutr/shutw are handled
    - BUG/MINOR: compression: Disable it if another one is already in progress
    - BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams
    - BUG/MINOR: cache: Disable the cache if any compression filter precedes it
    - REGTEST: Add some informatoin to test results.
    - MINOR: htx: Add a function to truncate all blocks after a specific offset
    - MINOR: channel/htx: Add the HTX version of channel_truncate/erase
    - BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer
    - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
    - DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...)
    - DOC: http-request cache-use / http-response cache-store expects cache name
    - REGTEST: "capture (request|response)" regtest.
    - BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet
    - REGTEST: filters: add compression test
    - BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template
    - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
    - DOC: Be a bit more explicit about allow-0rtt security implications.
    - MINOR: mux-h1: make the mux_h1_ops struct static
    - BUILD: makefile: add an EXTRA_OBJS variable to help build optional code
    - BUG/MEDIUM: connection: properly unregister the mux on failed initialization
    - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
    - REGTESTS: test case for map_regm commit 271022150d
    - REGTESTS: Basic tests for concat,strcmp,word,field,ipmask converters
    - REGTESTS: Basic tests for using maps to redirect requests / select backend
    - DOC: REGTESTS README varnishtest -Dno-htx= define.
    - MINOR: spoe: Make the SPOE filter compatible with HTX proxies
    - MINOR: checks: Store the proxy in checks.
    - BUG/MEDIUM: checks: Avoid having an associated server for email checks.
    - REGTEST: Switch to vtest.
    - REGTEST: Adapt reg test doc files to vtest.
    - BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did shutw.
    - BUG/MINOR: base64: dec func ignores padding for output size checking
    - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
    - MINOR: ssl: add support of aes256 bits ticket keys on file and cli.
    - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
    - BUG/MINOR: backend: balance uri specific options were lost across defaults
    - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
    - MINOR: backend: move url_param_name/len to lbprm.arg_str/len
    - MINOR: backend: make headers and RDP cookie also use arg_str/len
    - MINOR: backend: add new fields in lbprm to store more LB options
    - MINOR: backend: make the header hash use arg_opt1 for use_domain_only
    - MINOR: backend: remap the balance uri settings to lbprm.arg_opt{1,2,3}
    - MINOR: backend: move hash_balance_factor out of chash
    - MEDIUM: backend: move all LB algo parameters into an union
    - MINOR: backend: make the random algorithm support a number of draws
    - BUILD/MEDIUM: da: Necessary code changes for new buffer API.
    - BUG/MINOR: stick_table: Prevent conn_cur from underflowing
    - BUG: 51d: Changes to the buffer API in 1.9 were not applied to the 51Degrees code.
    - BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is used or not
    - DOC: add a missing space in the documentation for bc_http_major
    - REGTEST: checks basic stats webpage functionality
    - BUG/MEDIUM: servers: Make assign_tproxy_address work when ALPN is set.
    - BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded.
    - DOC: add github issue templates
    - MINOR: cfgparse: Extract some code to be re-used.
    - CLEANUP: cfgparse: Return asap from cfg_parse_peers().
    - CLEANUP: cfgparse: Code reindentation.
    - MINOR: cfgparse: Useless frontend initialization in "peers" sections.
    - MINOR: cfgparse: Rework peers frontend init.
    - MINOR: cfgparse: Simplication.
    - MINOR: cfgparse: Make "peer" lines be parsed as "server" lines.
    - MINOR: peers: Make outgoing connection to SSL/TLS peers work.
    - MINOR: cfgparse: SSL/TLS binding in "peers" sections.
    - DOC: peers: SSL/TLS documentation for "peers"
    - BUG/MINOR: startup: certain goto paths in init_pollers fail to free
    - BUG/MEDIUM: checks: fix recent regression on agent-check making it crash
    - BUG/MINOR: server: don't always trust srv_check_health when loading a server state
    - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
    - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
    - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
    - BUG/MINOR: proto-htx: Return an error if all headers cannot be received at once
    - BUG/MEDIUM: mux-h2/htx: Respect the channel's reserve
    - BUG/MINOR: mux-h1: Apply the reserve on the channel's buffer only
    - BUG/MINOR: mux-h1: avoid copying output over itself in zero-copy
    - BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in h2_snd_buf()
    - BUG/MEDIUM: backend: also remove from idle list muxes that have no more room
    - BUG/MEDIUM: mux-h2: properly abort on trailers decoding errors
    - MINOR: h2: declare new sets of frame types
    - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
    - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
    - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream
    - BUG/MINOR: hpack: return a compression error on invalid table size updates
    - MINOR: server: make sure pool-max-conn is >= -1
    - BUG/MINOR: stream: take care of synchronous errors when trying to send
    - CLEANUP: server: fix indentation mess on idle connections
    - BUG/MINOR: mux-h2: always check the stream ID limit in h2_avail_streams()
    - BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID
    - BUG/MEDIUM: backend: never try to attach to a mux having no more stream available
    - MINOR: server: add a max-reuse parameter
    - MINOR: mux-h2: always consider a server's max-reuse parameter
    - MEDIUM: stream-int: always mark pending outgoing SI_ST_CON
    - MINOR: stream: don't wait before retrying after a failed connection reuse
    - MEDIUM: h2: always parse and deduplicate the content-length header
    - BUG/MINOR: mux-h2: always compare content-length to the sum of DATA frames
    - CLEANUP: h2: Remove debug printf in mux_h2.c
    - MINOR: cfgparse: make the process/thread parser support a maximum value
    - MINOR: threads: make MAX_THREADS configurable at build time
    - DOC: nbthread is no longer experimental.
    - BUG/MINOR: listener: always fill the source address for accepted socketpairs
    - BUG/MINOR: mux-h2: do not report available outgoing streams after GOAWAY
    - BUG/MINOR: spoe: corrected fragmentation string size
    - BUG/MINOR: task: fix possibly missed event in inter-thread wakeups
    - BUG/MEDIUM: servers: Attempt to reuse an unfinished connection on retry.
    - BUG/MEDIUM: backend: always call si_detach_endpoint() on async connection failure
    - SCRIPTS: add the issue tracker URL to the announce script
    - MINOR: peers: Extract some code to be reused.
    - CLEANUP: peers: Indentation fixes.
    - MINOR: peers: send code factorization.
    - MINOR: peers: Add new functions to send code and reduce the I/O handler.
    - MEDIUM: peers: synchronizaiton code factorization to reduce the size of the I/O handler.
    - MINOR: peers: Move update receive code to reduce the size of the I/O handler.
    - MINOR: peers: Move ack, switch and definition receive code to reduce the size of the I/O handler.
    - MINOR: peers: Move high level receive code to reduce the size of I/O handler.
    - CLEANUP: peers: Be more generic.
    - MINOR: peers: move error handling to reduce the size of the I/O handler.
    - MINOR: peers: move messages treatment code to reduce the size of the I/O handler.
    - MINOR: peers: move send code to reduce the size of the I/O handler.
    - CLEANUP: peers: Remove useless statements.
    - MINOR: peers: move "hello" message treatment code to reduce the size of the I/O handler.
    - MINOR: peers: move peer initializations code to reduce the size of the I/O handler.
    - CLEANUP: peers: factor the error handling code in peer_treet_updatemsg()
    - CLEANUP: peers: factor error handling in peer_treat_definedmsg()
    - BUILD/MINOR: peers: shut up a build warning introduced during last cleanup
    - BUG/MEDIUM: mux-h2: only close connection on request frames on closed streams
    - CLEANUP: mux-h2: remove two useless but misleading assignments
    - BUG/MEDIUM: checks: Check that conn_install_mux succeeded.
    - BUG/MEDIUM: servers: Only destroy a conn_stream we just allocated.
    - BUG/MEDIUM: servers: Don't add an incomplete conn to the server idle list.
    - BUG/MEDIUM: checks: Don't try to set ALPN if connection failed.
    - BUG/MEDIUM: h2: In h2_send(), stop the loop if we failed to alloc a buf.
    - BUG/MEDIUM: peers: Handle mux creation failure.
    - BUG/MEDIUM: servers: Close the connection if we failed to install the mux.
    - BUG/MEDIUM: compression: Rewrite strong ETags
    - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
    - CLEANUP: mux-h2: remove misleading leftover test on h2s' nullity
    - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
    - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
    - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
    - BUG/MEDIUM: mux-h2: do not abort HEADERS frame before decoding them
    - BUG/MINOR: mux-h2: make sure response HEADERS are not received in other states than OPEN and HLOC
    - MINOR: h2: add a generic frame checker
    - MEDIUM: mux-h2: check the frame validity before considering the stream state
    - CLEANUP: mux-h2: remove stream ID and frame length checks from the frame parsers
    - BUG/MINOR: mux-h2: make sure request trailers on aborted streams don't break the connection
    - DOC: compression: Update the reasons for disabled compression
    - BUG/MEDIUM: buffer: Make sure b_is_null handles buffers waiting for allocation.
    - DOC: htx: make it clear that htxbuf() and htx_from_buf() always return valid pointers
    - MINOR: htx: never check for null htx pointer in htx_is_{,not_}empty()
    - MINOR: mux-h2: consistently rely on the htx variable to detect the mode
    - BUG/MEDIUM: peers: Peer addresses parsing broken.
    - BUG/MEDIUM: mux-h1: Don't add "transfer-encoding" if message-body is forbidden
    - BUG/MEDIUM: connections: Don't forget to remove CO_FL_SESS_IDLE.
    - BUG/MINOR: stream: don't close the front connection when facing a backend error
    - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
    - MINOR: stream-int: add a new flag to mention that we want the connection to be killed
    - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
    - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
    - BUG/MINOR: server: fix logic flaw in idle connection list management
    - MINOR: mux-h2: max-concurrent-streams should be unsigned
    - MINOR: mux-h2: make sure to only check concurrency limit on the frontend
    - MINOR: mux-h2: learn and store the peer's advertised MAX_CONCURRENT_STREAMS setting
    - BUG/MEDIUM: mux-h2: properly consider the peer's advertised max-concurrent-streams
    - MINOR: xref: Add missing barriers.
    - MINOR: muxes: Don't bother to LIST_DEL(&conn->list) before calling conn_free().
    - MINOR: debug: Add an option that causes random allocation failures.
    - BUG/MEDIUM: backend: always release the previous connection into its own target srv_list
    - BUG/MEDIUM: htx: check the HTX compatibility in dynamic use-backend rules
    - BUG/MINOR: tune.fail-alloc: Don't forget to initialize ret.
    - BUG/MINOR: backend: check srv_conn before dereferencing it
    - BUG/MEDIUM: mux-h2: always omit :scheme and :path for the CONNECT method
    - BUG/MEDIUM: mux-h2: always set :authority on request output
    - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
    - BUG/MINOR: threads: fix the process range of thread masks
    - BUG/MINOR: config: fix bind line thread mask validation
    - CLEANUP: threads: fix misleading comment about all_threads_mask
    - CLEANUP: threads: use nbits to calculate the thread mask
    - OPTIM: listener: optimize cache-line packing for struct listener
    - MINOR: tools: improve the popcount() operation
    - MINOR: config: keep an all_proc_mask like we have all_threads_mask
    - MINOR: global: add proc_mask() and thread_mask()
    - MINOR: config: simplify bind_proc processing using proc_mask()
    - MINOR: threads: make use of thread_mask() to simplify some thread calculations
    - BUG/MINOR: compression: properly report compression stats in HTX mode
    - BUG/MINOR: task: close a tiny race in the inter-thread wakeup
    - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
    - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
    - BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible with HTX
    - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
    - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
    - DOC: ssl: Stop documenting ciphers example to use
    - BUG/MINOR: spoe: do not assume agent->rt is valid on exit
    - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
    - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
    - BUG/MEDIUM: server: initialize the idle conns list after parsing the config
    - BUG/MEDIUM: server: initialize the orphaned conns lists and tasks at the end
    - MINOR: config: make MAX_PROCS configurable at build time
    - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
    - BUG/MINOR: config: Reinforce validity check when a process number is parsed
    - BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl
    - CONTRIB: contrib/prometheus-exporter: Add a Prometheus exporter for HAProxy
    - BUG/MINOR: mux-h1: verify the request's version before dropping connection: keep-alive
    - BUG: 51d: In Hash Trie, multi header matching was affected by the header names stored globaly.
    - MEDIUM: 51d: Enabled multi threaded operation in the 51Degrees module.
    - BUG/MAJOR: stream: avoid double free on unique_id
    - BUILD/MINOR: stream: avoid a build warning with threads disabled
    - BUILD/MINOR: tools: fix build warning in the date conversion functions
    - BUILD/MINOR: peers: remove an impossible null test in intencode()
    - BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline
    - BUG/MEDIUM: peers: Missing peer initializations.
    - BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode
    - BUG/MEDIUM: proto_htx: Fix data size update if end of the cookie is removed
    - BUG/MEDIUM: http_fetch: fix "req.body_len" and "req.body_size" fetch methods in HTX mode
    - BUILD/MEDIUM: initcall: Fix build on MacOS.
    - BUG/MEDIUM: mux-h2/htx: Always set CS flags before exiting h2_rcv_buf()
    - MINOR: h2/htx: Set the flag HTX_SL_F_BODYLESS for messages without body
    - BUG/MINOR: mux-h1: Add "transfer-encoding" header on outgoing requests if needed
    - BUG/MINOR: mux-h2: Don't add ":status" pseudo-header on trailers
    - BUG/MINOR: proto-htx: Consider a XFER_LEN message as chunked by default
    - BUG/MEDIUM: h2/htx: Correctly handle interim responses when HTX is enabled
    - MINOR: mux-h2: Set HTX extra value when possible
    - BUG/MEDIUM: htx: count the amount of copied data towards the final count
    - MINOR: mux-h2: make the H2 MAX_FRAME_SIZE setting configurable
    - BUG/MEDIUM: mux-h2/htx: send an empty DATA frame on empty HTX trailers
    - BUG/MEDIUM: servers: Use atomic operations when handling curr_idle_conns.
    - BUG/MEDIUM: servers: Add a per-thread counter of idle connections.
    - MINOR: fd: add a new my_closefrom() function to close all FDs
    - MINOR: checks: use my_closefrom() to close all FDs
    - MINOR: fd: implement an optimised my_closefrom() function
    - BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs
    - BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are unlocked
    - BUG/MAJOR: listener: Make sure the listener exist before using it.
    - MINOR: fd: Use closefrom() as my_closefrom() if supported.
    - BUG/MEDIUM: mux-h1: Report the right amount of data xferred in h1_rcv_buf()
    - BUG/MINOR: channel: Set CF_WROTE_DATA when outgoing data are skipped
    - MINOR: htx: Add function to drain data from an HTX message
    - MINOR: channel/htx: Add function to skips output bytes from an HTX channel
    - BUG/MAJOR: cache/htx: Set the start-line offset when a cached object is served
    - BUG/MEDIUM: cache: Get objects from the cache only for GET and HEAD requests
    - BUG/MINOR: cache/htx: Return only the headers of cached objects to HEAD requests
    - BUG/MINOR: mux-h1: Always initilize h1m variable in h1_process_input()
    - BUG/MEDIUM: proto_htx: Fix functions applying regex filters on HTX messages
    - BUG/MEDIUM: h2: advertise to servers that we don't support push
    - MINOR: standard: Add a function to parse uints (dotted notation).
    - MINOR: arg: Add support for ARGT_PBUF_FNUM arg type.
    - MINOR: http_fetch: add "req.ungrpc" sample fetch for gRPC.
    - MINOR: sample: Add two sample converters for protocol buffers.
    - DOC: sample: Add gRPC related documentation.

2018/12/22 : 2.0-dev0
    - BUG/MAJOR: connections: Close the connection before freeing it.
    - REGTEST: Require the option LUA to run lua tests
    - REGTEST: script: Process script arguments before everything else
    - REGTEST: script: Evaluate the varnishtest command to allow quoted parameters
    - REGTEST: script: Add the option --clean to remove previous log direcotries
    - REGTEST: script: Add the option --debug to show logs on standard ouput
    - REGTEST: script: Add the option --keep-logs to keep all log directories
    - REGTEST: script: Add the option --use-htx to enable the HTX in regtests
    - REGTEST: script: Print only errors in the results report
    - REGTEST: Add option to use HTX prefixed by the macro 'no-htx'
    - REGTEST: Make reg-tests target support argument.
    - REGTEST: Fix a typo about barrier type.
    - REGTEST: Be less Linux specific with a syslog regex.
    - REGTEST: Missing enclosing quotes for ${tmpdir} macro.
    - REGTEST: Exclude freebsd target for some reg tests.
    - BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE.
    - BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports
    - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
    - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
    - BUG/MINOR: compression/htx: Don't compress responses with unknown body length
    - BUG/MINOR: compression/htx: Don't add the last block of data if it is empty
    - MEDIUM: mux_h1: Implement h1_show_fd.
    - REGTEST: script: Add support of alternatives in requited options list
    - REGTEST: Add a basic test for the compression
    - BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames
    - REGTEST: A basic test for "http-buffer-request"
    - BUG/MEDIUM: server: Also copy "check-sni" for server templates.
    - MINOR: ssl: Add ssl_sock_set_alpn().
    - MEDIUM: checks: Add check-alpn.
    - wip

2018/12/19 : 1.9.0
    - BUG/MEDIUM: compression: Use the right buffer pointers to compress input data
    - BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback
    - BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams.
    - CONTRIB: debug: teach the "flags" utility about new conn_stream flags
    - BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving
    - BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux
    - BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available
    - BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode
    - MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd"
    - CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT
    - MINOR: cli/stream: add the conn_stream in "show sess" output
    - BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd"
    - BUG/MINOR: cli/fd: don't isolate the thread for each individual fd
    - MINOR: objtype: report a few missing types in names and base pointers
    - BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS
    - BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams()
    - BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors
    - BUG/MINOR: mux-h1: report the correct frontend in error captures
    - BUG/MEDIUM: stream-int: also wake the stream up on end of transfer
    - MEDIUM: h2: properly check and deduplicate the content-length header in HTX
    - BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding
    - BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies
    - BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets
    - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
    - MINOR: compression: Remove the thread_local variable buf_output
    - CLEANUP: connection: rename subscription events values and event field
    - CLEANUP: connection: rename conn->mux_ctx to conn->ctx
    - MINOR: connection: remove an unwelcome dependency on struct stream
    - CLEANUP: stream-int: consistently call the si/stream_int functions
    - BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive.
    - BUG/MEDIUM: H2: Make sure htx is set even on empty frames.
    - BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams()
    - MEDIUM: stream-int: always consider all CS errors on the send side
    - BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data.
    - CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers
    - MINOR: mux-h2: add a new function h2s_alert() to call the data layer
    - BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts
    - MINOR: connection: add cs_set_error() to set the error bits
    - CLEANUP: mux-h2: make use of cs_set_error()
    - BUG/MINOR: mux-h2: make sure we check the conn_stream in early data
    - BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr.
    - MINOR: cli/show_fd: report that a connection is back or not
    - SCRIPTS: add the slack channel URL to the announce script
    - CLEANUP: remove my name and address from the copyright banner
    - DOC: mention in the readme that 1.9 is a stable version now

2018/12/16 : 1.9-dev11
    - BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried.
    - REGTEST/MINOR: remove double body specification for server txresp
    - BUG/MEDIUM: connections: Remove error flags when retrying.
    - REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd
    - REGTEST/MINOR: remove health-check that can make the test fail
    - DOC: clarify that check-sni needs an argument.
    - DOC: refer to check-sni in the documentation of sni
    - BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods
    - BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages
    - BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests
    - BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received
    - BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one
    - BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx.
    - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
    - CLEANUP: hpack: no need to include chunk.h, only include buf.h
    - MINOR: hpack: simplify the len to bytes conversion
    - MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header()
    - MINOR: hpack: optimize header encoding for short names
    - CONTRIB: hpack: add a compressed stream generator for the encoder
    - MEDIUM: hpack: make it possible to encode any static header name
    - MINOR: hpack: move the length computation and encoding functions to .h
    - MINOR: hpack: provide a function to encode a short indexed header
    - MINOR: hpack: provide a function to encode a long indexed header
    - MINOR: hpack: provide new functions to encode the ":status" header
    - MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status
    - MINOR: hpack: provide a function to encode an HTTP method
    - MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method
    - MINOR: hpack: provide a function to encode an HTTP scheme
    - MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme
    - MINOR: hpack: provide a function to encode an HTTP path
    - MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path
    - REGTEST: add the HTTP rules test involving HTX processing
    - REORG: connection: centralize the conn_set_{tos,mark,quickack} functions
    - MEDIUM: cli: rework the CLI proxy parser
    - MINOR: cli: parse prompt command in the CLI proxy
    - MINOR: cli: implements 'quit' in the CLI proxy
    - BUG/MINOR: cli: wait for payload data even without prompt
    - MEDIUM: cli: handle payload in CLI proxy
    - MINOR: cli: use pcli_flags for prompt activation
    - MINOR: compression: Rename the function check_legacy_http_comp_flt()
    - MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies
    - MINOR: cache: Register the cache as a data filter only if response is cacheable
    - MEDIUM: cache/htx: Add the HTX support into the cache
    - MINOR: cache: Improve and simplify the cache configuration check
    - MINOR: filters: Export the name of known filters
    - MEDIUM: cache/compression: Add a way to safely combined compression and cache
    - MEDIUM: cache: Require an explicit filter declaration if other filters are used
    - REORG: htx: merge types+proto into common/htx.h
    - REORG: http: create http_msg.c to place there some legacy HTTP parts
    - REORG: h1: move legacy http functions to http_msg.c
    - REORG: h1: move the h1_state definition to proto_http
    - CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions
    - REORG: h1: merge types+proto into common/h1.h
    - CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR
    - MEDIUM: mux-h1: implement true zero-copy of DATA blocks
    - MINOR: config: round up global.tune.bufsize to the next multiple of 2 void*
    - BUG/MINOR: mux-h2: refrain from muxing during the preface
    - BUG/MINOR: mux-h2: advertise a larger connection window size
    - DOC: master CLI documentation in management.txt
    - MINOR: mux-h2: avoid copying large blocks into full buffers
    - MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks
    - MINOR: mux-h2: force reads to be HTX-aligned in HTX mode
    - MINOR: cli: change 'show proc' output of old processes
    - BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages
    - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
    - BUG: dns: Prevent out-of-bounds read in dns_read_name()
    - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
    - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
    - BUG: dns: Fix off-by-one write in dns_validate_dns_response()
    - REGTEST: the cache regtest requires haproxy 1.9
    - MEDIUM: cli: store CLI level in the appctx
    - MEDIUM: cli: show and change CLI permissions
    - CLEANUP: cli: use dedicated define instead of appctx ones
    - MEDIUM: cli: handle CLI level from the master CLI
    - BUG/MEDIUM: cli: handle correctly prefix and payload
    - BUILD: Makefile: Implements the help target
    - REGTESTS: adjust the http-rules regtest to support window updates
    - BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry.
    - BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected.
    - BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure.
    - MEDIUM: mux: Add an optional "reset" method.
    - BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data
    - MINOR: mux-h1: Add helper functions to wake a stream from recv or send
    - BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established
    - BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection.
    - MEDIUM: htx: Try to take a connection over if it has no owner.
    - REGTEST: Reg testing improvements.
    - REGTEST: Add a first test for health-checks.
    - REGTEST: Reg test for "check" health-check option.
    - REGTEST: level 1 health-check test 2.
    - REGTEST: Add miscellaneous reg tests for health-checks.
    - REGTEST: add a few HTTP messaging tests
    - MINOR: lb: make the leastconn algorithm more accurate
    - REGTEST: fix missing space in checks/s00001
    - REGTEST: http-messaging: add "option http-buffer-request" for H2 tests
    - BUG/MEDIUM: cache: fix random crash on filter parser's error path
    - MINOR: connection: realign empty buffers in muxes, not transport layers
    - MINOR: mux_h1/h2: simplify the zero-copy Rx alignment
    - MINOR: backend: count the number of connect and reuse per server and per backend
    - BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses
    - MINOR: tools: increase the number of ITOA strings to 16
    - MINOR: cache: report the number of cache lookups and cache hits
    - MEDIUM: tasks: check the global task mask instead of the thread number
    - MINOR: mworker: set all_threads_mask and pid_bit to 1
    - BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason
    - BUG/MINOR: stats: Parse post data for HTX streams
    - MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware
    - MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX
    - MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies
    - MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX
    - MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware
    - MAJOR: lua/htx: Adapt HTTP applets to support HTX messages
    - MINOR: lua: Remove useless check on the messages state in HTTP functions
    - BUG/MEDIUM: htx: When performing zero-copy, start from the right offset.
    - BUG/MINOR: mworker: don't use unitialized mworker_proc struct
    - MINOR: mworker/cli: indicate in the master prompt when a reload failed
    - MINOR: cli: implements 'reload' on master CLI
    - BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream.
    - BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send
    - BUG/MAJOR: backend: only update server's counters when the server exists
    - MINOR: tools: preset the port of fd-based "sockets" to zero
    - BUG/MINOR: log: fix logging to both FD and IP
    - REGTEST: Add a reg test for HTTP cookies.
    - BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs
    - BUILD: thread: properly report multi-thread support
    - BUG/MINOR: logs: leave startup-logs global and not per-thread
    - BUG/MEDIUM: threads: don't close the thread waker pipe if not init
    - BUG/MAJOR: compression/cache: Make it really works with these both filters
    - BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut.
    - MEDIUM: proxy: Set http-reuse safe as default.
    - MEDIUM: servers: Add a command to limit the number of idling connections.
    - MEDIUM: servers: Replace idle-timeout with pool-purge-delay.
    - MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list.
    - MEDIUM: mux: provide the session to the init() and attach() method.
    - MEDIUM: sessions: Don't keep an infinite number of idling connections.
    - MEDIUM: servers: Be more agressive when adding H2 connection to idle lists.
    - MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams.
    - BUG/MEDIUM: htx/cache: use the correct class of error codes on abort
    - BUG/MINOR: cache: also consider CF_SHUTR to abort delivery
    - MINOR: pools: Cast to volatile int * instead of int *.
    - MINOR: debug: make the ABORT_NOW macro use a volatile int
    - BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached.
    - BUG/MEDIUM: mux-h1: don't try to process an empty input buffer
    - DOC: clarify the agent-check status line syntax
    - BUG/MAJOR: hpack: fix length check for short names encoding
    - DOC: split the README into README + INSTALL

2018/12/08 : 1.9-dev10
    - MINOR: htx: Rename functions htx_*_to_str() to be H1 specific
    - BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above
    - BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn
    - BUG/MEDIUM: mworker: stop proxies which have no listener in the master
    - BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner.
    - BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw.
    - BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support
    - BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data.
    - MEDIUM: mux-h1: Revamp the way subscriptions are handled.
    - BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv()
    - MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed
    - BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s
    - BUG/MINOR: proto_htx: Truncate the request when an error is detected
    - BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all.
    - BUG/MEDIUM: mux-h2: properly update the window size in HTX mode
    - BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers
    - BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked
    - BUG/MEDIUM: mux-h2: don't send more HTX data than requested
    - MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks
    - BUG/MEDIUM: h1: Correctly report used data with no len.
    - MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed.
    - BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE.
    - MINOR: htx: make htx_from_buf() adjust the size only on new buffers
    - MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers
    - MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room()
    - MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers
    - MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible
    - BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx
    - BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path
    - MEDIUM: htx: Rework conversion from a buffer to an htx structure
    - MEDIUM: channel/htx: Add functions for forward HTX data
    - MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf()
    - CLEANUP: htx: Fix indentation here and there in HTX files
    - MINOR: mux-h1: Allow partial data consumption during outgoing data processing
    - BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line
    - BUG/MEDIUM: mux-h2: stop sending using HTX on errors
    - MINOR: mux-h1: Drain obuf if the output is closed after sending data
    - BUG/MEDIUM: mworker: stop every tasks in the master
    - BUG/MEDIUM: htx: Set the right start-line offset after a defrag
    - BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet.
    - BUG/MEDIUM: connections: Reuse an already attached conn_stream.
    - MINOR: stream-int: add a new blocking condition on the remote connection
    - BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established
    - BUG/MEDIUM: lua: block on remote connection establishment
    - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks()
    - SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests
    - BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags.
    - BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection.
    - BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0.
    - BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv
    - REGTEST: Move LUA reg test 4 to level 1.
    - MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string
    - MEDIUM: ist: always turn header names to lower case
    - MINOR: h2: don't turn HTX header names to lower case anymore
    - MEDIUM: ist: use local conversion arrays to case conversion
    - MINOR: htx: switch to case sensitive search of lower case header names
    - MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending
    - BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv
    - REGTEST: fix the Lua test file name in test lua/h00002 :-)
    - REGTEST: add a basic test for HTTP rules manipulating headers
    - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
    - MINOR: sample: add bc_http_major
    - BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time
    - REGTEST: make the HTTP rules test compatible with HTTP/2 as well
    - BUG/MEDIUM: h2: Don't try to chunk data when using HTX.
    - MINOR: compiler: add a new macro ALREADY_CHECKED()
    - BUILD: h2: mark the start line already checked to avoid warnings
    - BUG/MINOR: mux-h1: Remove the connection header when it is useless

2018/12/02 : 1.9-dev9
    - BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl
    - BUG/MINOR: mworker: Do not attempt to close(2) fd -1
    - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM
    - MINOR: compression: always create the compression pool
    - BUG/MEDIUM: mworker: fix FD leak upon reload
    - BUILD: htx: fix fprintf format inconsistency on 32-bit platforms
    - BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl
    - MINOR: initcall: introduce a way to register init functions to call at boot
    - MINOR: init: process all initcalls in order at boot time
    - MEDIUM: init: convert all trivial registration calls to initcalls
    - MINOR: thread: provide a set of lock initialisers
    - MINOR: threads: add new macros to declare self-initializing locks
    - MEDIUM: init: use self-initializing spinlocks and rwlocks
    - MINOR: initcall: apply initcall to all register_build_opts() calls
    - MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread*
    - MINOR: initcall: use initcalls for section parsers
    - MINOR: memory: add a callback function to create a pool
    - MEDIUM: init: use initcall for all fixed size pool creations
    - MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()
    - MEDIUM: initcall: use initcalls for a few initialization functions
    - MEDIUM: memory: make the pool cache an array and not a thread_local
    - MINOR: ssl: free ctx when libssl doesn't support NPN
    - BUG/MINOR: proto_htx: only mark connections private if NTLM is detected
    - MINOR: h2: make struct h2_ops static
    - BUG/MEDIUM: mworker: avoid leak of client socket
    - REORG: mworker: declare master variable in global.h
    - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set
    - CLEANUP: http: Fix typo in init_http's comment
    - BUILD: Makefile: Disable -Wcast-function-type if it exists.
    - BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed.
    - REGTEST/MINOR: script: add run-regtests.sh script
    - REGTEST: Add a basic test for the cache.
    - BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach.
    - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
    - BUG/MEDIUM: connections: Wake the stream once the mux is chosen.
    - BUG/MEDIUM: connections: Don't forget to detach the connection from the SI.
    - BUG/MEDIUM: stream_interface: Don't check if the handshake is done.
    - BUG/MEDIUM: stream_interface: Make sure we read all the data available.
    - BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection.
    - REGTEST: Fix several issues.
    - REGTEST: lua: check socket functionality from a lua-task
    - BUG/MEDIUM: session: Remove the session from the session_list in session_free.
    - BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp.
    - BUG/MEDIUM: connections: Don't assume we have a mux in connect_server().
    - BUG/MEDIUM: connections: Remove the connection from the idle list before destroy.
    - BUG/MEDIUM: session: properly clean the outgoing connection before freeing.
    - BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done.
    - MEDIUM: connections: Put H2 connections in the idle list if http-reuse always.
    - MEDIUM: h2: Destroy a connection with no stream if it has no owner.
    - MAJOR: sessions: Store multiple outgoing connections in the session.
    - MEDIUM: session: Steal owner-less connections on end of transaction.
    - MEDIUM: server: Be smarter about deciding to reuse the last server.
    - BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections.
    - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
    - BUG/MINOR: http: Use out buffer instead of trash to display error snapshot
    - BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced
    - BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages
    - BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed
    - BUG/MINOR: proto_htx: Send outgoing data to client to start response processing
    - BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM
    - BUG/MINOR: connection: report mux modes when HTX is supported
    - MINOR: htx: add a function to cut the beginning of a DATA block
    - MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer
    - MINOR: mux-h1: Implement get_cs_info() callback
    - MINOR: stream: Rely on CS's info if it exists and fallback on session's ones
    - MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible
    - MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode()
    - MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message
    - MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing
    - MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent
    - MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf()
    - MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list
    - MINOR: htx: Add function to add an HTX block just before another one
    - MINOR: htx: Add function to iterate on an HTX message using HTX blocks
    - MINOR: htx: Add a function to find the HTX block corresponding to a data offset
    - MINOR: stats: Don't add end-of-data marker and trailers in the HTX response
    - MEDIUM: htx: Change htx_sl to be a struct instead of an union
    - MINOR: htx: Add the start-line offset for the HTX message in the HTX structure
    - MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing
    - MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones
    - MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message
    - MINOR: proto_htx: Use full HTX messages to send 100-Continue responses
    - MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses
    - MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses
    - MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server
    - MINOR: proto_htx: Send valid HTX message to send 30x responses
    - MEDIUM: proto_htx: Convert all HTTP error messages into HTX
    - MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found
    - MINOR: mux-h1: Change client conn_mode on an explicit close for the response
    - MINOR: mux-h1: Capture bad H1 messages
    - MAJOR: filters: Adapt filters API to be compatible with the HTX represenation
    - MEDIUM: proto_htx/filters: Add data filtering during the forwarding
    - MINOR: flt_trace: Adapt to be compatible with the HTX representation
    - MEDIUM: compression: Adapt to be compatible with the HTX representation
    - MINOR: h2: implement H2->HTX request header frame transcoding
    - MEDIUM: mux-h2: register mux for both HTTP and HTX modes
    - MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers
    - MEDIUM: mux-h2: make h2_snd_buf() HTX-aware
    - MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers
    - MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks
    - MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks
    - MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks
    - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
    - BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode
    - BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers
    - MINOR: listener: the mux_proto entry in the bind_conf is const
    - MINOR: connection: create conn_get_best_mux_entry()
    - MINOR: server: the mux_proto entry in the server is const
    - MINOR: config: make sure to associate the proper mux to bind and servers
    - MINOR: hpack: add ":path" to the list of common header fields
    - MINOR: h2: add new functions to produce an HTX message from an H2 response
    - MINOR: mux-h2: mention that the mux is compatible with both sides
    - MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new()
    - MEDIUM: mux-h2: start to create the outgoing mux
    - MEDIUM: mux-h2: implement encoding of H2 request on the backend side
    - MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic
    - MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well
    - MEDIUM: mux-h2: Implement h2_attach().
    - MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY.
    - REGTEST: Fix LEVEL 4 script 0 of "connection" module.
    - MINOR: connection: Fix a comment.
    - MINOR: mux: add a "max_streams" method.
    - MEDIUM: servers: Add a way to keep idle connections alive.
    - CLEANUP: fix typos in the htx subsystem
    - CLEANUP: Fix typo in the chunk headers file
    - CLEANUP: Fix typos in the h1 subsystem
    - CLEANUP: Fix typos in the h2 subsystem
    - CLEANUP: Fix a typo in the mini-clist header
    - CLEANUP: Fix a typo in the proto_htx subsystem
    - CLEANUP: Fix typos in the proto_tcp subsystem
    - CLEANUP: Fix a typo in the signal subsystem
    - CLEANUP: Fix a typo in the session subsystem
    - CLEANUP: Fix a typo in the queue subsystem
    - CLEANUP: Fix typos in the shctx subsystem
    - CLEANUP: Fix typos in the socket pair protocol subsystem
    - CLEANUP: Fix typos in the map management functions
    - CLEANUP: Fix typo in the fwrr subsystem
    - CLEANUP: Fix typos in the cli subsystem
    - CLEANUP: Fix typo in the 51d subsystem
    - CLEANUP: Fix a typo in the base64 subsystem
    - CLEANUP: Fix a typo in the connection subsystem
    - CLEANUP: Fix a typo in the protocol header file
    - CLEANUP: Fix a typo in the checks header file
    - CLEANUP: Fix typos in the file descriptor subsystem
    - CLEANUP: Fix a typo in the listener subsystem
    - BUG/MINOR: lb-map: fix unprotected update to server's score
    - BUILD: threads: fix minor build warnings when threads are disabled

2018/11/25 : 1.9-dev8
    - REORG: config: extract the global section parser into cfgparse-global
    - REORG: config: extract the proxy parser into cfgparse-listen.c
    - BUILD: update the list of supported targets and compilers in makefile and readme
    - BUILD: reorder the objects in the makefile
    - BUILD: Makefile: make "V=1" show some of the commands that are executed
    - BUILD: Makefile: add the quiet mode to a few more targets
    - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets
    - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR
    - MINOR: cli: format `show proc` to be more readable
    - MINOR: cli: displays uptime in `show proc`
    - MINOR: cli: show master information in 'show proc'
    - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
    - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer
    - BUG/MINOR: mux-h1: Enable keep-alive on server side
    - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used
    - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed
    - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten
    - BUG/MINOR: proto_htx: Fix request/response synchronisation on error
    - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe()
    - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf()
    - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe
    - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send()
    - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols
    - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed()
    - MEDIUM: mworker: wait mode use standard init code path
    - MINOR: log: introduce ha_notice()
    - MINOR: mworker: use ha_notice to announce a new worker
    - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header.
    - MINOR: cli: add mworker_accept_wrapper to 'show fd'
    - MEDIUM: signal: signal_unregister() removes every handlers
    - BUG/MEDIUM: mworker: unregister the signals of main()
    - MINOR: cli: add a few missing includes in proto/cli.h
    - REORG: time/activity: move activity measurements to activity.{c,h}
    - MINOR: activity: report the average loop time in "show activity"
    - MINOR: activity: add configuration and CLI support for "profiling.tasks"
    - MEDIUM: tasks: collect per-task CPU time and latency
    - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot
    - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds
    - BUG/MINOR: cli: Fix memory leak
    - BUG/MINOR: mworker: fix FD leak and memory leak in error path
    - MINOR: poller: move the call of tv_update_date() back to the pollers
    - MINOR: polling: add an option to support busy polling
    - MINOR: server: Add "alpn" and "npn" keywords.
    - MEDIUM: connection: Don't bother reactivating polling after connection retry.
    - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set.
    - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches.
    - MINOR: servers: Free [idle|safe|priv]_conns on exit.
    - REGTEST: add the option to test only a specific set of files
    - REGTEST: add a test for connections to a "dispatch" address
    - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server().
    - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set.
    - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon.
    - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed.
    - MEDIUM: servers: Store the connection in the SI until we have a mux.
    - BUG/MEDIUM: h2: wake the processing task up after demuxing
    - BUG/MEDIUM: h2: restart demuxing after releasing buffer space

2018/11/18 : 1.9-dev7
    - BUILD: cache: fix a build warning regarding too large an integer for the age
    - CLEANUP: fix typos in the comments of the Makefile
    - CLEANUP: fix a typo in a comment for the contrib/halog subsystem
    - CLEANUP: fix typos in comments for the contrib/modsecurity subsystem
    - CLEANUP: fix typos in comments for contrib/spoa_example
    - CLEANUP: fix typos in comments for contrib/wireshark-dissectors
    - DOC: Fix typos in README and CONTRIBUTING
    - MINOR: log: slightly improve error message syntax on log failure
    - DOC: logs: the format directive was missing from the second log part
    - MINOR: log: report the number of dropped logs in the stats
    - MEDIUM: log: add support for logging to existing file descriptors
    - MEDIUM: log: support a new "short" format
    - MEDIUM: log: add a new "raw" format
    - BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int
    - BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty()
    - MINOR: namespaces: don't build namespace.c if disabled
    - BUILD/MEDIUM: threads/affinity: DragonFly build fix
    - MINOR: http: Add new "early-hint" http-request action.
    - MINOR: http: Make new "early-hint" http-request action really be parsed.
    - MINOR: http: Implement "early-hint" http request rules.
    - MINOR: doc: Add information about "early-hint" http-request action.
    - DOC: early-hints: fix truncated line.
    - MINOR: mworker: only close std{in,out,err} in daemon mode
    - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs
    - BUG/MEDIUM: Make sure stksess is properly aligned.
    - BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv
    - BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in
    - BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice()
    - CONTRIB: debug: fix build related to conn_stream flags change
    - REGTEST: fix scripts 1 and 3 to accept development version
    - BUG/MINOR: http_fetch: Remove the version part when capturing the request uri
    - MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end
    - MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end
    - BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses
    - MEDIUM: jobs: support unstoppable jobs for soft stop
    - MEDIUM: listeners: support unstoppable listener
    - MEDIUM: cli: worker socketpair is unstoppable
    - BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish()
    - MINOR: stream: move the conn_stream specific calls to the stream-int
    - BUG/MINOR: config: Copy default error messages when parsing of a backend starts
    - CLEANUP: h2: minimum documentation for recent API changes
    - MINOR: mux: implement a get_first_cs() method
    - MINOR: stream-int: make conn_si_send_proxy() use cs_get_first()
    - MINOR: stream-int: relax the forwarding rules in stream_int_notify()
    - MINOR: stream-int: expand the flags to 32-bit
    - MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM
    - MINOR: stream-int: introduce new SI_FL_RXBLK flags
    - MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}()
    - MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP
    - MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness
    - MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness
    - MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}()
    - MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv()
    - MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv()
    - MINOR: stream-int: automatically mark applets as ready if they block on the channel
    - MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness
    - MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness
    - MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed
    - MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify
    - MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel
    - MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}()
    - MEDIUM: connections: Wait until the connection is established to try to recv.
    - MEDIUM: mux: Teach the mux_pt how to deal with idle connections.
    - MINOR: mux: Add a new "avail_streams" method.
    - MINOR: mux: Add a destroy() method.
    - MINOR: sessions: Start to store the outgoing connection in sessions.
    - MAJOR: connections: Detach connections from streams.
    - MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers
    - MINOR: htx: Add proto_htx.c file
    - MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve
    - MINOR: http: Add standalone functions to parse a start-line or a header
    - MINOR: http: Call http_send_name_header with the stream instead of the txn
    - MINOR: conn_stream: Add a flag to notify the SI some data were received
    - MINOR: http: Add macros to check if a stream uses the HTX representation
    - MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used
    - MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections
    - MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages
    - MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux
    - MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data
    - MEDIUM: htx: Add API to deal with the internal representation of HTTP messages
    - MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c
    - MINOR: proto_htx: Add some functions to handle HTX messages
    - MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation
    - MINOR: http_htx: Add functions to replace part of the start-line
    - MINOR: http_htx: Add functions to retrieve a specific occurrence of a header
    - MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages
    - MINOR: proto_htx: Add the internal function htx_del_hdr_value
    - MINOR: proto_htx: Add the internal function htx_fmt_res_line
    - MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str
    - MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status
    - MINOR: proto_htx: Add function to build and send HTTP 103 responses
    - MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule
    - MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages
    - MINOR: proto_htx: Add functions to manage cookies on HTX messages
    - MINOR: proto_htx: Add functions to check the cacheability of HTX messages
    - MINOR: proto_htx: Add functions htx_send_name_header
    - MINOR: proto_htx: Add functions htx_perform_server_redirect
    - MINOR: proto_htx: Add functions to handle the stats applet
    - MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages
    - MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages
    - MINOR: http_fetch: Add smp_prefetch_htx
    - MEDIUM: http_fetch: Adapt all fetches to handle HTX messages
    - MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data
    - MINOR: stats/htx: Adapt the stats applet to handle HTX messages
    - MINOR: stream: Don't reset sov value with HTX messages
    - MEDIUM: mux-h1: Handle errors and timeouts in the stream
    - MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy
    - MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy
    - CLEANUP: Fix some typos in the haproxy subsystem
    - CLEANUP: Fix typos in the dns subsystem
    - CLEANUP: Fix typos in the pattern subsystem
    - CLEANUP: fix 2 typos in the xxhash subsystem
    - CLEANUP: fix a few typos in the comments of the server subsystem
    - CLEANUP: fix a misspell in tests/filltab25.c
    - CLEANUP: fix a typo found in the stream subsystem
    - CLEANUP: fix typos in comments in ebtree
    - CLEANUP: fix typos in reg-tests
    - CLEANUP: fix typos in the comments of the vars subsystem
    - CLEANUP: fix typos in the hlua_fcn subsystem
    - CLEANUP: fix typos in the proto_http subsystem
    - CLEANUP: fix typos in the proxy subsystem
    - CLEANUP: fix typos in the ssl_sock subsystem
    - DOC: Fix typos in different subsections of the documentation
    - DOC: fix a few typos in the documentation
    - MINOR: Fix an error message thrown when we run out of memory
    - MINOR: Fix typos in error messages in the proxy subsystem
    - MINOR: fix typos in the examples files
    - CLEANUP: Fix a typo in the stats subsystem
    - CLEANUP: Fix typos in the acl subsystem
    - CLEANUP: Fix typos in the cache subsystem
    - CLEANUP: Fix typos in the cfgparse subsystem
    - CLEANUP: Fix typos in the filters subsystem
    - CLEANUP: Fix typos in the http subsystem
    - CLEANUP: Fix typos in the log subsystem
    - CLEANUP: Fix typos in the peers subsystem
    - CLEANUP: Fix typos in the regex subsystem
    - CLEANUP: Fix typos in the sample subsystem
    - CLEANUP: Fix typos in the spoe subsystem
    - CLEANUP: Fix typos in the standard subsystem
    - CLEANUP: Fix typos in the stick_table subsystem
    - CLEANUP: Fix typos in the task subsystem
    - MINOR: Fix typo in error message in the standard subsystem
    - CLEANUP: fix typos in the comments of hlua
    - MINOR: Fix typo in the error 500 output of hlua
    - MINOR: Fix a typo in a warning message in the spoe subsystem

2018/11/11 : 1.9-dev6
    - BUG/MEDIUM: tools: fix direction of my_ffsl()
    - BUG/MINOR: cli: forward the whole command on master CLI
    - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
    - MINOR: compat: automatically detect support for crypt_r()
    - MEDIUM: auth/threads: make use of crypt_r() on systems supporting it
    - DOC: split the http-request actions in their own section
    - DOC: split the http-response actions in their own section
    - BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn()
    - BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers
    - MINOR: stats: report the number of active jobs and listeners in "show info"
    - MINOR: stats: report the number of active peers in "show info"
    - MINOR: stats: report the number of currently connected peers
    - MINOR: cli: show the number of reload in 'show proc'
    - MINOR: cli: can't connect to the target CLI
    - MEDIUM: mworker: does not create the CLI proxy when no listener
    - MINOR: mworker: displays more information when leaving
    - MEDIUM: mworker: exit with the incriminated exit code
    - MINOR: mworker: displays a message when a worker is forked
    - MEDIUM: mworker: leave when the master die
    - CLEANUP: stream-int: retro-document si_cs_io_cb()
    - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register()
    - BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON
    - BUG/MEDIUM: cli: crash when trying to access a worker
    - DOC: restore note about "independant" typo
    - MEDIUM: stream: implement stream_buf_available()
    - MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks
    - MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put}
    - MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore
    - MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM
    - MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r}
    - MINOR: stream-int: make it clear that si_ops cannot be null
    - MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM
    - MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv()
    - MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ
    - MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer
    - MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared
    - MINOR: stream-int: replace si_update() with si_update_both()
    - MEDIUM: stream-int: make stream_int_update() aware of the lower layers
    - CLEANUP: stream-int: remove the now unused si->update() function
    - MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt
    - MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full
    - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn

2018/10/28 : 1.9-dev5
    - BUILD: Makefile: add the new ERR variable to force -Werror
    - MINOR: freq_ctr: add swrate_add_scaled() to work with large samples
    - MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed.
    - CLEANUP: http: Remove the unused function http_find_header
    - MINOR: h1: Export some functions parsing the value of some HTTP headers
    - BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT
    - MINOR: proxy: add a new option "http-use-htx"
    - BUG/MEDIUM: pools: fix the minimum allocation size
    - MINOR: shctx: Shared objects block by block allocation.
    - MINOR: cache: Larger HTTP objects caching.
    - MINOR: shctx: Add a maximum object size parameter.
    - MINOR: cache: Add "max-object-size" option.
    - DOC: Update about the cache support for big objects.
    - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB).
    - BUG/MINOR: cache: Wrong usage of shctx_init().
    - BUG/MINOR: ssl: Wrong usage of shctx_init().
    - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size".
    - MINOR: shctx: Change max. object size type to unsigned int.
    - DOC: cache: Missing information about "total-max-size" and "max-object-size"
    - CLEANUP: tools: fix misleading comment above function LIM2A
    - MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT
    - BUG/MINOR: only mark connections private if NTLM is detected
    - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
    - MINOR: stream: don't prune variables if the list is empty
    - MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation
    - MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere
    - MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation
    - MEDIUM: stream: don't try to send first in process_stream()
    - MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O
    - MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn
    - MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn()
    - MINOR: stream-int: make stream_int_notify() not wake the tasklet up
    - MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process()
    - MINOR: mworker: number of reload in the life of a worker
    - MEDIUM: mworker: each worker socketpair is a CLI listener
    - REORG: mworker: move struct mworker_proc to global.h
    - MINOR: server: export new_server() function
    - MEDIUM: mworker: move proc_list gen before proxies startup
    - MEDIUM: mworker: add proc_list in global.h
    - MEDIUM: mworker: proxy for the master CLI
    - MEDIUM: mworker: create CLI listeners from argv[]
    - MEDIUM: cli: disable some keywords in the master
    - MEDIUM: mworker: find the server ptr using a CLI prefix
    - MEDIUM: cli: 'show proc' displays processus
    - MEDIUM: cli: implement 'mode cli' proxy analyzers
    - MINOR: cli: displays sockpair@ in "show cli sockets"
    - MEDIUM: cli: enable "show cli sockets" for the master
    - MINOR: cli: put @master @<relative pid> @!<pid> in the help
    - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs
    - MEDIUM: mworker: stop the master proxy in the workers
    - MEDIUM: channel: reorder the channel analyzers for the cli
    - MEDIUM: cli: write a prompt for the CLI proxy of the master
    - MINOR: cli: helper to write an response message and close
    - MINOR: cache: Add "Age" header.
    - REGTEST: make the IP+port logging test more reliable
    - BUG/MINOR: memory: make the thread-local cache allocator set the debugging link
    - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
    - BUG/MINOR: backend: assign the wait list after the error check

2018/10/21 : 1.9-dev4
    - BUILD: Allow configuration of pcre-config path
    - DOC: clarify force-private-cache is an option
    - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
    - REORG: http: move the code to different files
    - REORG: http: move HTTP rules parsing to http_rules.c
    - CLEANUP: http: remove some leftovers from recent cleanups
    - BUILD: Makefile: add a "make opts" target to simply show the build options
    - BUILD: Makefile: speed up compiler options detection
    - BUG/MINOR: backend: check that the mux installed properly
    - BUG/MEDIUM: h2: check that the connection is still valid at the end of init()
    - BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure
    - REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets
    - MINOR: ssl: cleanup old openssl API call
    - MINOR: ssl: generate-certificates for BoringSSL
    - BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk.
    - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
    - CLEANUP: haproxy: Remove unused variable
    - CLEANUP: h1: Fix debug warnings for h1 headers
    - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause
    - MEDIUM: task: perform a single tree lookup per run queue batch
    - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
    - BUG/MINOR: threads: move declaration of capabilities to config.h
    - OPTIM: tools: optimize my_ffsl() for x86_64
    - BUG/MINOR: h2: null-deref
    - BUG/MINOR: checks: queues null-deref
    - MINOR: connections: Introduce an unsubscribe method.
    - MEDIUM: connections: Change struct wait_list to wait_event.
    - BUG/MEDIUM: h2: Make sure we're not in the send list on flow control.
    - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM.
    - BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint.
    - MINOR: http: Move comment about some HTTP macros in the right header file
    - MINOR: stats: Add missing include
    - MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring
    - MEDIUM: http: Ignore http-pretend-keepalive option on frontend
    - MEDIUM: http: Ignore http-tunnel option on backend
    - MINOR: http: Use same flag for httpclose and forceclose options
    - MINOR: h1: Add EOH marker during headers parsing
    - MINOR: conn-stream: Add CL_FL_NOT_FIRST flag
    - MINOR: h1: Change the union h1_sl to use indirect strings to store infos
    - MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing
    - MINOR: log: make sess_log() support sess=NULL
    - MINOR: chunk: add chunk_cpy() and chunk_cat()
    - MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED
    - CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings()
    - MINOR: h2: don't try to send data before preface
    - MINOR: h2: unify the mux init function
    - MINOR: h2: retrieve the front proxy from the caller instead of the session
    - MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new()
    - MINOR: h2: add a new flag to quickly distinguish front vs back connection
    - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners
    - BUG/MEDIUM: stream: don't crash on out-of-memory
    - BUILD: compiler: add a new statement "__unreachable()"
    - BUILD: lua: silence some compiler warnings about potential null derefs
    - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
    - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
    - BUILD: stick-table: make sure not to fail on task_new() during initialization
    - BUILD: peers: check allocation error during peers_init_sync()
    - MINOR: tools: add a new function atleast2() to test masks for more than 1 bit
    - MINOR: config: use atleast2() instead of my_popcountl() where relevant
    - MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread
    - MAJOR: tasks: create per-thread wait queues
    - OPTIM: tasks: group all tree roots per cache line
    - DOC: Fix a few typos
    - MINOR: pools: allocate most memory pools from an array
    - MINOR: pools: split pool_free() in the lockfree variant
    - MEDIUM: pools: implement a thread-local cache for pool entries
    - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point
    - Revert "BUILD: lua: silence some compiler warnings about potential null derefs"
    - BUILD: lua: silence some compiler warnings about potential null derefs (#2)
    - MINOR: lua: all functions calling lua_yieldk() may return
    - BUILD: lua: silence some compiler warnings after WILL_LJMP
    - BUILD: Makefile: silence an option conflict warning with clang
    - MINOR: server: Use memcpy() instead of strncpy().
    - CLEANUP: state-file: make the path concatenation code a bit more consistent
    - MINOR: build: Disable -Wstringop-overflow.
    - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80.
    - MINOR: peers: use defines instead of enums to appease clang.
    - DOC: fix reference to map files in MAINTAINERS
    - MINOR: fd: centralize poll timeout computation in compute_poll_timeout()
    - MINOR: poller: move time and date computation out of the pollers
    - BUILD: memory: fix pointer declaration for atomic CAS
    - BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends
    - MINOR: time: add now_mono_time() and now_cpu_time()
    - MEDIUM: time: measure the time stolen by other threads
    - BUILD: memory: fix free_list pointer declaration again for atomic CAS
    - BUILD: compiler: rename __unreachable() to my_unreachable()
    - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF.
    - BUILD: memory: fix free_list pointer declaration again for atomic CAS
    - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent.
    - BUG/MEDIUM: connections: Remove subscription if going in idle mode.
    - BUG/MEDIUM: stream: Make sure polling is right on retry.
    - MINOR: h2: Make sure to return 1 in h2_recv() when needed.
    - MEDIUM: connections: Don't directly mess with the polling from the upper layers.
    - MINOR: streams: Call tasklet_free() after si_release_endpoint().
    - MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event.
    - MINOR: h2: Don't run tasks that are waiting to send if mux in full.
    - MINOR: ebtree: save 8 bytes in struct eb32sc_node

2018/09/29 : 1.9-dev3
    - BUG/MINOR: h1: don't consider the status for each header
    - MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above
    - MINOR: h1: parse the Connection header field
    - DOC: Fix typos in lua documentation
    - MINOR: h1: Add H1_MF_XFER_LEN flag
    - MINOR: http: add http_hdr_del() to remove a header from a list
    - MINOR: h1: add headers to the list after controls, not before
    - MEDIUM: h1: better handle transfer-encoding vs content-length
    - MEDIUM: h1: deduplicate the content-length header
    - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list
    - BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed
    - CLEANUP/CONTRIB: hpack: remove some h1 build warnings
    - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
    - BUG/MINOR: cli: make sure the "getsock" command is only called on connections
    - MINOR: stktable: provide an unchecked version of stktable_data_ptr()
    - MINOR: stream-int: make si_appctx() never fail
    - BUILD: ssl_sock: remove build warnings on potential null-derefs
    - BUILD: stats: remove build warnings on potential null-derefs
    - BUILD: stream: address null-deref build warnings at -Wextra
    - BUILD: http: address a couple of null-deref warnings at -Wextra
    - BUILD: log: silent build warnings due to unchecked __objt_{server,applet}
    - BUILD: dns: fix null-deref build warning at -Wextra
    - BUILD: checks: silence a null-deref build warning at -Wextra
    - BUILD: connection: silence a couple of null-deref build warnings at -Wextra
    - BUILD: backend: fix 3 build warnings related to null-deref at -Wextra
    - BUILD: sockpair: silence a build warning at -Wextra
    - BUILD: build with -Wextra and sort out certain warnings
    - BUG/CRITICAL: hpack: fix improper sign check on the header index value
    - BUG/MEDIUM: http: Don't parse chunked body if there is no input data
    - DOC: Update configuration doc about the maximum number of stick counters.
    - BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream().
    - MINOR: h2/stream_interface: Reintroduce te wake() method.
    - BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process().
    - BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received.
    - MEDIUM: lua: Add stick table support for Lua.

2018/09/12 : 1.9-dev2
    - BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output
    - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
    - BUG/MEDIUM: servers: check the queues once enabling a server
    - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
    - MEDIUM: mux: Remove const on the buffer in mux->snd_buf()
    - CLEANUP: backend: Move mux install to call it at only one place
    - MINOR: conn_stream: add an tx buffer to the conn_stream
    - MINOR: conn_stream: add cs_send() as a default snd_buf() function
    - MINOR: backend: Try to find the best mux for outgoing connections
    - MEDIUM: backend: don't rely on mux_pt_ops in connect_server()
    - MINOR: mux: Add info about the supported side in alpn_mux_list structure
    - MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols
    - MINOR: mux: Print the list of existing mux protocols during HA startup
    - MEDIUM: checks: use the new rendez-vous point to spread check result
    - MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop
    - MINOR: threads: remove the previous synchronization point
    - MAJOR: server: make server state changes synchronous again
    - CLEANUP: server: remove the update list and the update lock
    - BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK"
    - BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive
    - MINOR: mux: Change get_mux_proto to get an ist as parameter
    - MINOR: mux: Improve the message with the list of existing mux protocols
    - MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol
    - MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol
    - MEDIUM: mux: Use the mux protocol specified on bind/server lines
    - BUG/MEDIUM: connection/mux: take care of serverless proxies
    - MINOR: queue: make sure the pendconn is released before logging
    - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos
    - MINOR: queue: store the queue index in the stream when enqueuing
    - MINOR: queue: replace the linked list with a tree
    - MEDIUM: add set-priority-class and set-priority-offset
    - MEDIUM: queue: adjust position based on priority-class and priority-offset
    - DOC: update the roadmap about priority queues
    - BUG/MINOR: ssl: empty connections reported as errors.
    - MINOR: connections: Make rcv_buf mandatory and nuke cs_recv().
    - MINOR: connections: Move rxbuf from the conn_stream to the h2s.
    - MINOR: connections: Get rid of txbuf.
    - MINOR: tasks: Allow tasklet_wakeup() to wakeup a task.
    - MINOR: connections/mux: Add the wait reason(s) to wait_list.
    - MINOR: stream_interface: Don't use si_cs_send() as a task handler.
    - MINOR: stream_interface: Give stream_interface its own wait_list.
    - MINOR: mux_h2: Don't use h2_send() as a callback.
    - MINOR: checks: Add event_srv_chk_io().
    - BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1
    - BUG/MEDIUM: sessions: Don't use t->state.
    - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
    - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
    - BUG/MINOR: map: fix map_regm with backref
    - DOC: dns: explain set server ... fqdn requires resolver
    - DOC: add documentation for prio_class and prio_offset sample fetches.
    - DOC: ssl: Use consistent naming for TLS protocols
    - DOC: update the layering design notes
    - MINOR: tasks: Don't special-case when nbthreads == 1
    - MINOR: fd cache: And the thread_mask with all_threads_mask.
    - BUG/MEDIUM: lua: socket timeouts are not applied
    - BUG/MINOR: lua: fix extra 500ms added to socket timeouts
    - BUG/MEDIUM: server: update our local state before propagating changes
    - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates
    - DOC: server/threads: document which functions need to be called with/without locks
    - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations
    - BUG/MEDIUM: streams: Don't forget to remove the si from the wait list.
    - BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet.
    - BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb.
    - BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf().
    - BUG/MEDIUM: stream_interface: Call the wake callback after sending.
    - BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server
    - BUG/MEDIUM: connection: don't forget to always delete the list's head
    - BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations
    - BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates
    - BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error
    - BUG/MEDIUM: http: don't store exp_replace() result in the trash's length
    - BUG/MEDIUM: http: don't store url_decode() result in the samples's length
    - BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length
    - BUG/MEDIUM: map: don't store exp_replace() result in the trash's length
    - BUG/MEDIUM: connection: don't store recv() result into trash.data
    - BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
    - MINOR: chunk: remove impossible tests on negative chunk->data
    - MINOR: sample: remove impossible tests on negative smp->data.u.str.data
    - DOC: Fix spelling error in configuration doc
    - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro".
    - REGTEST/MINOR: Add a new class of regression testing files.
    - BUG/MEDIUM: unix: provide a ->drain() function
    - MINOR: connection: make conn_sock_drain() work for all socket families
    - BUG/MINOR: lua: Bad HTTP client request duration.
    - REGEST/MINOR: Add reg testing files.
    - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
    - REGTEST/MINOR: Add a reg testing file for b406b87 commit.
    - BUG/MEDIUM: lua: reset lua transaction between http requests
    - MINOR: add be_conn_free sample fetch
    - MINOR: Add srv_conn_free sample fetch
    - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
    - MINOR: checks: Call wake_srv_chk() when we can finally send data.
    - BUG/MEDIUM: stream_interface: try to call si_cs_send() earlier.
    - BUG/MAJOR: thread: lua: Wrong SSL context initialization.
    - REGTEST/MINOR: Add a reg testing file for 3e60b11.
    - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.
    - REGTEST/MINOR: lua: Add reg testing files for 70d318c.
    - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file
    - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
    - MINOR: tools: make date2str_log() take some consts
    - MINOR: thread: implement HA_ATOMIC_XADD()
    - BUG/MINOR: stream: use atomic increments for the request counter
    - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs
    - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames
    - BUG/MAJOR: buffer: fix incorrect check in __b_putblk()
    - MINOR: log: move the log code to sess_build_logline() to add extra arguments
    - MINOR: log: make the backend fall back to the frontend when there's no stream
    - MINOR: log: make sess_build_logline() not dereference a NULL stream for txn
    - MINOR: log: don't unconditionally pick log info from s->logs
    - CLEANUP: log: make the low_level lf_{ip,port,text,text_len} functions take consts
    - MINOR: log: keep a copy of the backend connection early in sess_build_logline()
    - MINOR: log: do not dereference a null stream to access captures
    - MINOR: log: be sure not to dereference a null stream for a target
    - MINOR: log: don't check the stream-int's conn_retries if the stream is NULL
    - MINOR: log: use NULL for the unique_id if there is no stream
    - MINOR: log: keep a copy of s->flags early to avoid a dereference
    - MINOR: log: use zero as the request counter if there is no stream
    - MEDIUM: log: make sess_build_logline() support being called with no stream
    - MINOR: log: provide a function to emit a log for a session
    - MEDIUM: h2: produce some logs on early errors that prevent streams from being created
    - BUG/MINOR: h1: fix buffer shift after realignment
    - MINOR: connection: make the initialization more consistent
    - MINOR: connection: add new function conn_get_proxy()
    - MINOR: connection: add new function conn_is_back()
    - MINOR: log: One const should be enough.
    - BUG/MINOR: dns: check and link servers' resolvers right after config parsing
    - BUG/MINOR: http/threads: atomically increment the error snapshot ID
    - MINOR: snapshot: restart on the event ID and not the stream ID
    - MINOR: snapshot: split the error snapshots into common and proto-specific parts
    - MEDIUM: snapshot: start to reorder the HTTP snapshot output a little bit
    - MEDIUM: snapshot: implement a show() callback and use it for HTTP
    - MINOR: proxy: add a new generic proxy_capture_error()
    - MINOR: http: make the HTTP error capture rely on the generic proxy code
    - MINOR: http: remove the pointer to the error snapshot in http_capture_bad_message()
    - REORG: cli: move the "show errors" handler from http to proxy
    - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors
    - MEDIUM: snapshots: dynamically allocate the snapshots
    - MEDIUM: snapshot: merge the captured data after the descriptor
    - MEDIUM: mworker: remove register/unregister signal functions
    - MEDIUM: mworker: use the haproxy poll loop
    - BUG/MINOR: mworker: no need to stop peers for each proxy
    - MINOR: mworker: mworker_cleanlisteners() delete the listeners
    - MEDIUM: mworker: block SIGCHLD until the master is ready
    - MEDIUM: mworker: never block SIG{TERM,INT} during reload
    - MEDIUM: startup: unify signal init between daemon and mworker mode
    - MINOR: mworker: don't deinit the poller fd when in wait mode
    - MEDIUM: mworker: master wait mode use its own initialization
    - MEDIUM: mworker: replace the master pipe by socketpairs
    - MINOR: mworker: keep and clean the listeners
    - MEDIUM: threads: close the thread-waker pipe during deinit
    - MEDIUM: mworker: call per_thread deinit in mworker_reload()
    - REORG: http: move the HTTP semantics definitions to http.h/http.c
    - REORG: http: move http_get_path() to http.c
    - REORG: http: move error codes production and processing to http.c
    - REORG: http: move the log encoding tables to log.c
    - REORG: http: move some header value processing functions to http.c
    - BUG/MAJOR: kqueue: Don't reset the changes number by accident.
    - MEDIUM: protocol: use a custom AF_MAX to help protocol parser
    - MEDIUM: protocol: sockpair protocol
    - TESTS: add a python wrapper for sockpair@
    - BUG/MINOR: server: Crash when setting FQDN via CLI.
    - BUG/MINOR: h2: report asynchronous end of stream on closed connections
    - BUILD: fix build without thread
    - BUG/MEDIUM: tasks: Don't forget to decrement task_list_size in tasklet_free().
    - MEDIUM: connections: Don't reset the polling flags in conn_fd_handler().
    - MEDIUM: connections/mux: Add a recv and a send+recv wait list.
    - MEDIUM: connections: Get rid of the recv() method.
    - MINOR: h2: Let user of h2_recv() and h2_send() know xfer has been done.
    - MEDIUM: h2: always subscribe to receive if allowed.
    - MEDIUM: h2: Don't use a wake() method anymore.
    - MEDIUM: stream_interface: Make recv() subscribe when more data is needed.
    - MINOR: connections: Add a "handle" field to wait_list.
    - MEDIUM: mux_h2: Revamp the send path when blocking.
    - MEDIUM: stream_interfaces: Starts receiving from the upper layers.
    - MINOR: checks: Give checks their own wait_list.
    - MINOR: conn_streams: Remove wait_list from conn_streams.
    - REORG: h1: create a new h1m_state
    - MINOR: h1: add the restart offsets into struct h1m
    - MINOR: h1: remove the unused states from h1m_state
    - MINOR: h1: provide a distinct init() function for request and response
    - MINOR: h1: add a message flag to indicate that a message carries a response
    - MINOR: h2: make sure h1m->err_pos field is correct on chunk error
    - MINOR: h1: properly pre-initialize err_pos to -2
    - MINOR: mux_h2: replace the req,res h1 messages with a single h1 message
    - MINOR: h2: pre-initialize h1m->err_pos to -1 on the output path
    - MEDIUM: h1: consider err_pos before deciding to accept a header name or not
    - MEDIUM: h1: make the parser support a pointer to a start line
    - MEDIUM: h1: let the caller pass the initial parser's state
    - MINOR: h1: make the message parser support a null <hdr> argument
    - MEDIUM: h1: support partial message parsing
    - MEDIUM: h1: remove the useless H1_MSG_BODY state
    - MINOR: h2: store the HTTP status into the H2S, not the H1M
    - MINOR: h1: remove the HTTP status from the H1M struct
    - MEDIUM: h1: implement the request parser as well
    - MINOR: h1: add H1_MF_TOLOWER to decide when to turn header names to lower case
    - MINOR: connection: pass the proxy when creating a connection
    - BUG/MEDIUM: h2: Don't forget to empty the wait lists on destroy.
    - BUG/MEDIUM: h2: Don't forget to set recv_wait_list to NULL in h2_detach.
    - BUG/MAJOR: h2: reset the parser's state on mux buffer full

2018/08/02 : 1.9-dev1
    - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
    - DOC: cache: update sections and fix some typos
    - BUILD/MINOR: deviceatlas: enable thread support
    - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
    - BUG/MEDIUM: ssl: don't allocate shctx several time
    - BUG/MEDIUM: cache: bad computation of the remaining size
    - BUILD: checks: don't include server.h
    - BUG/MEDIUM: stream: fix session leak on applet-initiated connections
    - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header
    - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY
    - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
    - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
    - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
    - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
    - BUG/MAJOR: thread/peers: fix deadlock on peers sync.
    - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed
    - MINOR: config: report when "monitor fail" rules are misplaced
    - BUG/MINOR: mworker: fix validity check for the pipe FDs
    - BUG/MINOR: mworker: detach from tty when in daemon mode
    - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD.
    - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
    - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles
    - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
    - BUG/MINOR: hpack: fix debugging output of pseudo header names
    - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
    - BUG/MINOR: hpack: reject invalid header index
    - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
    - BUG/MAJOR: h2: correctly check the request length when building an H1 request
    - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
    - BUG/MINOR: h2: try to abort closed streams as soon as possible
    - BUG/MINOR: h2: ":path" must not be empty
    - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
    - BUG/MINOR: h2: the TE header if present may only contain trailers
    - BUG/MEDIUM: h2: enforce the per-connection stream limit
    - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
    - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
    - BUG/MINOR: h2: properly check PRIORITY frames
    - BUG/MINOR: h2: reject response pseudo-headers from requests
    - BUG/MEDIUM: h2: remove connection-specific headers from request
    - BUG/MEDIUM: h2: do not accept upper case letters in request header names
    - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
    - BUG/MINOR: action: Don't check http capture rules when no id is defined
    - BUG/MAJOR: hpack: don't pretend large headers fit in empty table
    - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
    - BUG/MEDIUM: mworker: also close peers sockets in the master
    - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
    - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
    - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
    - BUG/MEDIUM: h2: fix handling of end of stream again
    - MINOR: mworker: Update messages referencing exit-on-failure
    - MINOR: mworker: Improve wording in `void mworker_wait()`
    - CONTRIB: halog: Add help text for -s switch in halog program
    - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
    - BUG/MEDIUM: threads/vars: Fix deadlock in register_name
    - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET
    - DOC: notifications: add precisions about thread usage
    - BUG/MEDIUM: lua/notification: memory leak
    - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data
    - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
    - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
    - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
    - BUG/MEDIUM: h2: work around a connection API limitation
    - BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
    - MINOR: h2: store the demux padding length in the h2c struct
    - BUG/MEDIUM: h2: support uploading partial DATA frames
    - MINOR: h2: don't demand that a DATA frame is complete before processing it
    - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
    - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
    - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
    - BUG/MEDIUM: h2: fix stream limit enforcement
    - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
    - MINOR: sample: add len converter
    - BUG: MAJOR: lb_map: server map calculation broken
    - BUG: MINOR: http: don't check http-request capture id when len is provided
    - MINOR: sample: rename the "len" converter to "length"
    - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd
    - DOC/MINOR: intro: typo, wording, formatting fixes
    - MINOR: netscaler: respect syntax
    - MINOR: netscaler: remove the use of cip_magic only used once
    - MINOR: netscaler: rename cip_len to clarify its uage
    - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size
    - BUG/MAJOR: netscaler: address truncated CIP header detection
    - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header
    - MEDIUM: netscaler: do not analyze original IP packet size
    - MEDIUM: netscaler: add support for standard NetScaler CIP protocol
    - MINOR: spoe: add force-set-var option in spoe-agent configuration
    - CONTRIB: iprange: Fix compiler warning in iprange.c
    - CONTRIB: halog: Fix compiler warnings in halog.c
    - BUG/MINOR: h2: properly report a stream error on RST_STREAM
    - MINOR: mux: add flags to describe a mux's capabilities
    - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts
    - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly
    - BUG/MEDIUM: checks: a server passed in maint state was not forced down.
    - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service()
    - MINOR: http: adjust the list of supposedly cacheable methods
    - MINOR: http: update the list of cacheable status codes as per RFC7231
    - MINOR: http: start to compute the transaction's cacheability from the request
    - BUG/MINOR: http: do not ignore cache-control: public
    - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses
    - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability
    - MINOR: http: add a function to check request's cache-control header field
    - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache
    - BUG/MEDIUM: cache: replace old object on store
    - BUG/MEDIUM: cache: respect the request cache-control header
    - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie"
    - BUG/MAJOR: connection: refine the situations where we don't send shutw()
    - BUG/MEDIUM: checks: properly set servers to stopping state on 404
    - BUG/MEDIUM: h2: properly handle and report some stream errors
    - BUG/MEDIUM: h2: improve handling of frames received on closed streams
    - DOC/MINOR: configuration: typo, formatting fixes
    - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
    - BUG/MEDIUM: mworker: don't close stdio several time
    - MINOR: don't close stdio anymore
    - BUG/MEDIUM: http: don't automatically forward request close
    - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
    - MINOR: h2: add a function to report pseudo-header names
    - DEBUG: hpack: make hpack_dht_dump() expose the output file
    - DEBUG: hpack: add more traces to the hpack decoder
    - CONTRIB: hpack: add an hpack decoder
    - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
    - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames
    - BUILD: ssl: silence a warning when building without NPN nor ALPN support
    - CLEANUP: rbtree: remove
    - BUG/MEDIUM: ssl: cache doesn't release shctx blocks
    - BUG/MINOR: lua: Fix default value for pattern in Socket.receive
    - DOC: lua: Fix typos in comments of hlua_socket_receive
    - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect
    - BUG/MINOR: lua: Fix return value of Socket.settimeout
    - MINOR: dns: Handle SRV record weight correctly.
    - BUG/MEDIUM: mworker: execvp failure depending on argv[0]
    - MINOR: hathreads: add support for gcc < 4.7
    - BUILD/MINOR: ancient gcc versions atomic fix
    - BUG/MEDIUM: stream: properly handle client aborts during redispatch
    - MINOR: spoe: add register-var-names directive in spoe-agent configuration
    - MINOR: spoe: Don't queue a SPOE context if nothing is sent
    - DOC: clarify the scope of ssl_fc_is_resumed
    - CONTRIB: debug: fix a few flags definitions
    - BUG/MINOR: poll: too large size allocation for FD events
    - MINOR: sample: add date_us sample
    - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely.
    - MINOR: servers: Don't report duplicate dyncookies for disabled servers.
    - MINOR: global/threads: move cpu_map at the end of the global struct
    - MINOR: threads: add a MAX_THREADS define instead of LONGBITS
    - MINOR: global: add some global activity counters to help debugging
    - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache
    - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num
    - BUG/MEDIUM: fd: maintain a per-thread update mask
    - MINOR: fd: add a bitmask to indicate that an FD is known by the poller
    - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
    - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
    - BUG/MEDIUM: threads/mworker: fix a race on startup
    - BUG/MINOR: mworker: only write to pidfile if it exists
    - MINOR: threads: Fix build when we're not compiling with threads.
    - BUG/MINOR: threads: always set an owner to the thread_sync pipe
    - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
    - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
    - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
    - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
    - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
    - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
    - CLEANUP: sample: Fix comment encoding of sample.c
    - CLEANUP: sample: Fix outdated comment about sample casts functions
    - BUG/MINOR: sample: Fix output type of c_ipv62ip
    - CLEANUP: Fix typo in ARGT_MSK6 comment
    - CLEANUP: standard: Use len2mask4 in str2mask
    - MINOR: standard: Add str2mask6 function
    - MINOR: config: Add support for ARGT_MSK6
    - MEDIUM: sample: Add IPv6 support to the ipmask converter
    - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters.
    - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
    - MINOR: polling: make epoll and kqueue not depend on maxfd anymore
    - MINOR: fd: don't report maxfd in alert messages
    - MEDIUM: polling: start to move maxfd computation to the pollers
    - CLEANUP: fd/threads: remove the now unused fdtab_lock
    - MINOR: poll: more accurately compute the new maxfd in the loop
    - CLEANUP: fd: remove the unused "new" field
    - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h
    - MEDIUM: select: make use of hap_fd_* functions
    - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock
    - MEDIUM: select: don't use the old FD state anymore
    - MEDIUM: poll: don't use the old FD state anymore
    - MINOR: fd: pass the iocb and owner to fd_insert()
    - BUG/MINOR: threads: Update labels array because of changes in lock_label enum
    - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters.
    - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
    - DOC: don't suggest using http-server-close
    - MINOR: introduce proxy-v2-options for send-proxy-v2
    - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
    - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
    - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued
    - MINOR: spoe: Always link a SPOE context with the applet processing it
    - MINOR: spoe: Replace sending_rate by a frequency counter
    - MINOR: spoe: Count the number of frames waiting for an ack for each applet
    - MEDIUM: spoe: Use an ebtree to manage idle applets
    - MINOR: spoa_example: Count the number of frames processed by each worker
    - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration
    - MINOR: init: make stdout unbuffered
    - MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
    - MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
    - MINOR: compiler: introduce offsetoff().
    - MINOR: threads: Introduce double-width CAS on x86_64 and arm.
    - MINOR: threads: add test and set/reset operations
    - MINOR: pools/threads: Implement lockless memory pools.
    - MAJOR: fd/threads: Make the fdcache mostly lockless.
    - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry.
    - MAJOR: fd: compute the new fd polling state out of the fd lock
    - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: poll: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: select: get rid of the now useless fd_compute_new_polled_status()
    - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function
    - MEDIUM: fd: make updt_fd_polling() use atomics
    - MEDIUM: poller: use atomic ops to update the fdtab mask
    - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c
    - BUG/MINOR: fd/threads: properly dereference fdcache as volatile
    - MINOR: fd: remove the unneeded last CAS when adding an fd to the list
    - MINOR: fd: reorder fd_add_to_fd_list()
    - BUG/MINOR: time/threads: ensure the adjusted time is always correct
    - BUG/MEDIUM: standard: Fix memory leak in str2ip2()
    - MINOR: init: emit warning when -sf/-sd cannot parse argument
    - BUILD: fd/threads: fix breakage build breakage without threads
    - DOC: Describe routing impact of using interface keyword on bind lines
    - DOC: Mention -Ws in the list of available options
    - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
    - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache.
    - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
    - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
    - BUILD/MINOR: memory: stdint is needed for uintptr_t
    - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
    - DOC: lua: new prototype for function "register_action()"
    - DOC: cfgparse: Warn on option (tcp|http)log in backend
    - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
    - MINOR: sample: add a new "concat" converter
    - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
    - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
    - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
    - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
    - CLEANUP: cfgparse: Remove unused label end
    - CLEANUP: spoe: Remove unused label retry
    - CLEANUP: h2: Remove unused labels from mux_h2.c
    - CLEANUP: pools: Remove unused end label in memory.h
    - CLEANUP: standard: Fix typo in IPv6 mask example
    - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs
    - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
    - MINOR: debug/pools: make DEBUG_UAF also detect underflows
    - MINOR: stats: display the number of threads in the statistics.
    - BUG/MINOR: h2: Set the target of dbuf_wait to h2c
    - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
    - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
    - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
    - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
    - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')"
    - MINOR: ssl: extract full pkey info in load_certificate
    - MINOR: ssl: add ssl_sock_get_pkey_algo function
    - MINOR: ssl: add ssl_sock_get_cert_sig function
    - MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key
    - MINOR: connection: add proxy-v2-options authority
    - MINOR: systemd: Add section for SystemD sandboxing to unit file
    - MINOR: systemd: Add SystemD's Protect*= options to the unit file
    - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
    - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
    - MINOR: h2: provide and use h2s_detach() and h2s_free()
    - MEDIUM: h2: use a single buffer allocator
    - MINOR/BUILD: fix Lua build on Mac OS X
    - BUILD/MINOR: fix Lua build on Mac OS X (again)
    - BUG/MINOR: session: Fix tcp-request session failure if handshake.
    - CLEANUP: .gitignore: Ignore binaries from the contrib directory
    - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
    - DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers()
    - BUG/MEDIUM: h2: also arm the h2 timeout when sending
    - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
    - CLEANUP: ssl: Remove a duplicated #include
    - CLEANUP: cli: Remove a leftover debug message
    - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
    - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
    - BUG/MINOR: force-persist and ignore-persist only apply to backends
    - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
    - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
    - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
    - TESTS: Add a testcase for multi-port + multi-server listener issue
    - CLEANUP: dns: remove duplicate code in src/dns.c
    - BUG/MINOR: seemless reload: Fix crash when an interface is specified.
    - BUG/MINOR: cli: Ensure all command outputs end with a LF
    - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
    - BUILD: ssl: Fix build with OpenSSL without NPN capability
    - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
    - BUG/MINOR: lua: return bad error messages
    - CLEANUP: lua/syntax: lua is a name and not an acronym
    - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
    - BUG/MINOR: tcp-check: use the server's service port as a fallback
    - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
    - MINOR: log: stop emitting alerts when it's not possible to write on the socket
    - BUILD/BUG: enable -fno-strict-overflow by default
    - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents
    - DOC: log: more than 2 log servers are allowed
    - MINOR: hash: add new function hash_crc32c
    - MINOR: proxy-v2-options: add crc32c
    - MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum
    - REORG: compact "struct server"
    - MINOR: samples: add crc32c converter
    - BUG/MEDIUM: h2: properly account for DATA padding in flow control
    - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
    - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
    - CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c
    - BUG/MINOR: lua: the function returns anything
    - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
    - CLEANUP: lua: typo fix in comments
    - BUILD/MINOR: fix build when USE_THREAD is not defined
    - MINOR: lua: allow socket api settimeout to accept integers, float, and doubles
    - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
    - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
    - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
    - BUILD/MINOR: cli: fix a build warning introduced by last commit
    - BUG/MAJOR: h2: remove orphaned streams from the send list before closing
    - MINOR: h2: always call h2s_detach() in h2_detach()
    - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
    - BUG/MEDIUM: h2/threads: never release the task outside of the task handler
    - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
    - BUILD/MINOR: threads: always export thread_sync_io_handler()
    - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
    - MINOR: h2: implement a basic "show_fd" function
    - MINOR: cli: report cache indexes in "show fd"
    - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
    - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
    - BUG/MINOR: checks: check the conn_stream's readiness and not the connection
    - BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
    - BUG/MINOR: email-alert: Set the mailer port during alert initialization
    - BUG/MINOR: cache: fix "show cache" output
    - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
    - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
    - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
    - BUG/MINOR: spoe: Register the variable to set when an error occurred
    - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted
    - MINOR: spoe: Add metrics in to know time spent in the SPOE
    - MINOR: spoe: Add options to store processing times in variables
    - MINOR: log: move 'log' keyword parsing in dedicated function
    - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries
    - MINOR: spoe: Add loggers dedicated to the SPOE agent
    - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section
    - MINOR: spoe: use agent's logger to log SPOE messages
    - MINOR: spoe: Add counters to log info about SPOE agents
    - BUG/MAJOR: cache: always initialize newly created objects
    - MINOR: servers: Support alphanumeric characters for the server templates names
    - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
    - BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
    - BUG/MINOR: http: Return an error in proxy mode when url2sa fails
    - MINOR: proxy: Add fe_defbe fetcher
    - MINOR: config: Warn if resolvers has no nameservers
    - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
    - MINOR: cli: Ensure the CLI always outputs an error when it should
    - MEDIUM: sample: Extend functionality for field/word converters
    - MINOR: export localpeer as an environment variable
    - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
    - BUILD: sample: avoid build warning in sample.c
    - BUG/CRITICAL: h2: fix incorrect frame length check
    - DOC: lua: update the links to the config and Lua API
    - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
    - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
    - BUG/MINOR: log: t_idle (%Ti) is not set for some requests
    - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
    - MINOR: h2: detect presence of CONNECT and/or content-length
    - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
    - BUG/MINOR: spoe: Fix counters update when processing is interrupted
    - BUG/MINOR: spoe: Fix parsing of dontlog-normal option
    - MEDIUM: cli: Add payload support
    - MINOR: map: Add payload support to "add map"
    - MINOR: ssl: Add payload support to "set ssl ocsp-response"
    - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
    - MINOR: sample: Add strcmp sample converter
    - MINOR: http: Add support for 421 Misdirected Request
    - BUG/MINOR: config: disable http-reuse on TCP proxies
    - MINOR: ssl: disable SSL sample fetches when unsupported
    - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
    - BUG/MINOR: checks: Fix check->health computation for flapping servers
    - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
    - BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data
    - MINOR: backend: implement random-based load balancing
    - DOC/MINOR: clean up LUA documentation re: servers & array/table.
    - MINOR: lua: Add server name & puid to LUA Server class.
    - MINOR: lua: add get_maxconn and set_maxconn to LUA Server class.
    - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
    - BUG/MEDIUM: task: Don't free a task that is about to be run.
    - MINOR: fd: Make the lockless fd list work with multiple lists.
    - BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
    - MINOR: pollers: move polled_mask outside of struct fdtab.
    - BUG/MINOR: lua: schedule socket task upon lua connect()
    - BUG/MINOR: lua: ensure large proxy IDs can be represented
    - BUG/MEDIUM: pollers/kqueue: use incremented position in event list
    - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL
    - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
    - BUG/MEDIUM: ssl: properly protect SSL cert generation
    - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
    - BUG/MINOR: spoe: Mistake in error message about SPOE configuration
    - BUG/MEDIUM: spoe: Flags are not encoded in network order
    - CLEANUP: spoe: Remove unused variables the agent structure
    - DOC: spoe: fix a typo
    - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
    - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
    - DOC: add some description of the pending rework of the buffer structure
    - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
    - MINOR: lua: Improve error message
    - BUG/MEDIUM: cache: don't cache when an Authorization header is present
    - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
    - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
    - BUG/BUILD: threads: unbreak build without threads
    - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
    - BUG/MEDIUM: lua/socket: Length required read doesn't work
    - MINOR: tasks: Change the task API so that the callback takes 3 arguments.
    - MAJOR: tasks: Create a per-thread runqueue.
    - MAJOR: tasks: Introduce tasklets.
    - MINOR: tasks: Make the number of tasks to run at once configurable.
    - MAJOR: applets: Use tasks, instead of rolling our own scheduler.
    - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
    - MINOR: http: Log warning if (add|set)-header fails
    - DOC: management: add the new wrew stats column
    - MINOR: stats: also report the failed header rewrites warnings on the stats page
    - BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue.
    - BUG/MEDIUM: task: Don't forget to decrement max_processed after each task.
    - MINOR: task: Also consider the task list size when getting global tasks.
    - MINOR: dns: Implement `parse-resolv-conf` directive
    - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
    - MINOR: task/notification: Is notifications registered ?
    - BUG/MEDIUM: lua/socket: wrong scheduling for sockets
    - BUG/MAJOR: lua: Dead lock with sockets
    - BUG/MEDIUM: lua/socket: Notification error
    - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
    - BUG/MEDIUM: lua/socket: Buffer error, may segfault
    - DOC: contrib/modsecurity: few typo fixes
    - DOC: SPOE.txt: fix a typo
    - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
    - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
    - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
    - MINOR: task: Fix a compiler warning by adding a cast.
    - MINOR: stats: also report the nice and number of calls for applets
    - MINOR: applet: assign the same nice value to a new appctx as its owner task
    - MINOR: task: Fix compiler warning.
    - BUG/MEDIUM: tasks: Use the local runqueue when building without threads.
    - MINOR: tasks: Don't define rqueue if we're building without threads.
    - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
    - MINOR: lua: Increase debug information
    - BUG/MEDIUM: threads: handle signal queue only in thread 0
    - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
    - BUG/MINOR: signals: ha_sigmask macro for multithreading
    - BUG/MAJOR: map: fix a segfault when using http-request set-map
    - DOC: regression testing: Add a short starting guide.
    - MINOR: tasks: Make sure we correctly init and deinit a tasklet.
    - BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler.
    - BUG/MINOR: lua: Segfaults with wrong usage of types.
    - BUG/MAJOR: ssl: Random crash with cipherlist capture
    - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
    - BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
    - MINOR: tests: First regression testing file.
    - MINOR: reg-tests: Add reg-tests/README file.
    - MINOR: reg-tests: Add a few regression testing files.
    - DOC: Add new REGTEST tag info about reg testing.
    - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
    - MINOR: Some spelling cleanup in the comments.
    - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
    - MINOR: threads: Be sure to remove threads from all_threads_mask on exit
    - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS.
    - REGTEST/MINOR: Set HAPROXY_PROGRAM default value.
    - REGTEST/MINOR: Add levels to reg-tests target.
    - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
    - BUG/BUILD: threads: unbreak build without threads
    - BUG/MAJOR: stick_table: Complete incomplete SEGV fix
    - MINOR: stick-tables: make stktable_release() do nothing on NULL
    - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
    - MINOR: startup: change session/process group settings
    - MINOR: systemd: consider exit status 143 as successful
    - REGTEST/MINOR: Wrong URI syntax.
    - CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC
    - CLEANUP: dns: inacurate comment about prefered IP score
    - MINOR: dns: fix wrong score computation in dns_get_ip_from_response
    - MINOR: dns: new DNS options to allow/prevent IP address duplication
    - REGTEST/MINOR: Unexpected curl URL globling.
    - BUG/MINOR: ssl: properly ref-count the tls_keys entries
    - MINOR: h2: keep a count of the number of conn_streams attached to the mux
    - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
    - MINOR: h2: add the mux and demux buffer lengths on "show fd"
    - BUG/MEDIUM: h2: never leave pending data in the output buffer on close
    - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
    - MINOR: tasklet: Set process to NULL.
    - MINOR: buffer: implement a new file for low-level buffer manipulation functions
    - MINOR: buffer: switch buffer sizes and offsets to size_t
    - MINOR: buffer: add a few basic functions for the new API
    - MINOR: buffer: Introduce b_sub(), b_add(), and bo_add()
    - MINOR: buffer: Add b_set_data().
    - MINOR: buffer: introduce b_realign_if_empty()
    - MINOR: compression: pass the channel to http_compression_buffer_end()
    - MINOR: channel: add a few basic functions for the new buffer API
    - MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign()
    - MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign()
    - MEDIUM: channel: make channel_slow_realign() take a swap buffer
    - MINOR: h2: use b_slow_realign() with the trash as a swap buffer
    - MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code
    - MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew}
    - MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps()
    - MINOR: buffer: remove bi_getblk() and bi_getblk_nc()
    - MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data()
    - MINOR: buffer: remove bi_ptr()
    - MINOR: buffer: remove bo_ptr()
    - MINOR: buffer: remove bo_end()
    - MINOR: buffer: remove bi_end()
    - MINOR: buffer: remove bo_contig_data()
    - MINOR: buffer: merge b{i,o}_contig_space()
    - MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk()
    - MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset
    - MINOR: buffer: replace bi_del() and bo_del() with b_del()
    - MINOR: buffer: convert most b_ptr() calls to c_ptr()
    - MINOR: h1: make h1_measure_trailers() take the byte count in argument
    - MINOR: h2: clarify the fact that the send functions are unsigned
    - MEDIUM: h2: prevent the various mux encoders from modifying the buffer
    - MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore
    - MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore
    - MINOR: h1: make h1_measure_trailers() use an offset and a count
    - MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop
    - MEDIUM: h2: don't use b_ptr() nor b_end() anymore
    - MINOR: buffer: get rid of b_end() and b_to_end()
    - MINOR: buffer: make b_getblk_nc() take const pointers
    - MINOR: buffer: make b_getblk_nc() take size_t for the block sizes
    - MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
    - MEDIUM: mux: make mux->snd_buf() take the byte count in argument
    - MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
    - MEDIUM: mux: make mux->rcv_buf() take a size_t for the count
    - MINOR: connection: add a flags argument to rcv_buf()
    - MINOR: connection: add a new receive flag : CO_RFL_BUF_WET
    - MINOR: buffer: get rid of b_ptr() and convert its last users
    - MINOR: buffer: use b_room() to determine available space in a buffer
    - MINOR: buffer: replace buffer_not_empty() with b_data() or c_data()
    - MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
    - MINOR: buffer: make bo_putchar() use b_tail()
    - MINOR: buffer: replace buffer_full() with channel_full()
    - MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace()
    - MINOR: buffer: replace buffer_pending() with ci_data()
    - MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn))
    - MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o)
    - MINOR: buffer: use b_orig() to replace most references to b->data
    - MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
    - MINOR: channel: remove almost all references to buf->i and buf->o
    - MINOR: channel: Add co_set_data().
    - MEDIUM: channel: adapt to the new buffer API
    - MINOR: checks: adapt to the new buffer API
    - MEDIUM: h2: update to the new buffer API
    - MINOR: buffer: remove unused bo_add()
    - MEDIUM: spoe: use the new buffer API for the SPOE buffer
    - MINOR: stats: adapt to the new buffers API
    - MINOR: cli: use the new buffer API
    - MINOR: cache: use the new buffer API
    - MINOR: stream-int: use the new buffer API
    - MINOR: stream: use wrappers instead of directly manipulating buffers
    - MINOR: backend: use new buffer API
    - MEDIUM: http: use wrappers instead of directly manipulating buffers states
    - MINOR: filters: convert to the new buffer API
    - MINOR: payload: convert to the new buffer API
    - MEDIUM: h1: port to new buffer API.
    - MINOR: flt_trace: adapt to the new buffer API
    - MEDIUM: compression: start to move to the new buffer API
    - MINOR: lua: use the wrappers instead of directly manipulating buffer states
    - MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API
    - MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API
    - MAJOR: start to change buffer API
    - MINOR: buffer: remove the check for output on b_del()
    - MINOR: buffer: b_set_data() doesn't truncate output data anymore
    - MINOR: buffer: rename the "data" field to "area"
    - MEDIUM: buffers: move "output" from struct buffer to struct channel
    - MINOR: buffer: replace bi_fast_delete() with b_del()
    - MINOR: buffer: replace b{i,o}_put* with b_put*
    - MINOR: buffer: add a new file for ist + buffer manipulation functions
    - MINOR: checks: use b_putist() instead of b_putstr()
    - MINOR: buffers: remove b_putstr()
    - CLEANUP: buffer: minor cleanups to buffer.h
    - MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2()
    - MINOR: buffer: replace buffer_replace2() with b_rep_blk()
    - MINOR: buffer: rename the data length member to '->data'
    - MAJOR: buffer: finalize buffer detachment
    - MEDIUM: chunks: make the chunk struct's fields match the buffer struct
    - MAJOR: chunks: replace struct chunk with struct buffer
    - DOC: buffers: document the new buffers API
    - DOC: buffers: remove obsolete docs about buffers
    - MINOR: tasklets: Don't attempt to add a tasklet in the list twice.
    - MINOR: connections/mux: Add a new "subscribe" method.
    - MEDIUM: connections/mux: Revamp the send direction.
    - MINOR: connection: simplify subscription by adding a registration function
    - BUG/MINOR: http: Set brackets for the unlikely macro at the right place
    - BUG/MINOR: build: Fix compilation with debug mode enabled
    - BUILD: Generate sha256 checksums in publish-release
    - MINOR: debug: Add check for CO_FL_WILL_UPDATE
    - MINOR: debug: Add checks for conn_stream flags
    - MINOR: ist: Add the function isteqi
    - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
    - BUG/MEDIUM: mux_h2: Call h2_send() before updating polling.
    - MINOR: buffers: simplify b_contig_space()
    - MINOR: buffers: split b_putblk() into __b_putblk()
    - MINOR: buffers: add b_xfer() to transfer data between buffers
    - DOC: add some design notes about the new layering model
    - MINOR: conn_stream: add a new CS_FL_REOS flag
    - MINOR: conn_stream: add an rx buffer to the conn_stream
    - MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function
    - MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake()
    - MINOR: h2: make each H2 stream support an intermediary input buffer
    - MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer
    - MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer
    - MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf()
    - MEDIUM: h2: move headers and data frame decoding to their respective parsers
    - MEDIUM: buffers: make b_xfer() automatically swap buffers when possible
    - MEDIUM: h2: perform a single call to the data layer in demux()
    - MEDIUM: h2: don't call data_cb->recv() anymore
    - MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen
    - MEDIUM: h2: use the default conn_stream's receive function
    - DOC: add more design feedback on the new layering model
    - MINOR: h2: add the error code and the max/last stream IDs to "show fd"
    - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
    - BUG/MEDIUM: stats: don't ask for more data as long as we're responding
    - BUG/MINOR: servers: Don't make "server" in a frontend fatal.
    - BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue
    - BUG/MEDIUM: tasks: Decrement rqueue_size at the right time.
    - BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask
    - BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive.
    - MINOR: signal: don't pass the signal number anymore as the wakeup reason
    - MINOR: tasks: extend the state bits from 8 to 16 and remove the reason
    - MINOR: tasks: Add a flag that tells if we're in the global runqueue.
    - BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size.
    - MINOR: queue: centralize dequeuing code a bit better
    - MEDIUM: queue: make pendconn_free() work on the stream instead
    - DOC: queue: document the expected locking model for the server's queue
    - MINOR: queue: make sure pendconn->strm->pend_pos is always valid
    - MINOR: queue: use a distinct variable for the assigned server and the queue
    - MINOR: queue: implement pendconn queue locking functions
    - MEDIUM: queue: get rid of the pendconn lock
    - MINOR: tasks: Make active_tasks_mask volatile.
    - MINOR: tasks: Make global_tasks_mask volatile.
    - MINOR: pollers: Add a way to wake a thread sleeping in the poller.
    - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code.
    - BUG/MEDIUM: threads/sync: use sched_yield when available
    - MINOR: ssl: BoringSSL matches OpenSSL 1.1.0
    - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
    - BUG/MINOR: config: stick-table is not supported in defaults section
    - BUILD/MINOR: threads: unbreak build with threads disabled
    - BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
    - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
    - MINOR: threads: move "nbthread" parsing to hathreads.c
    - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
    - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
    - BUILD/MINOR: compiler: fix offsetof() on older compilers
    - SCRIPTS: git-show-backports: add missing quotes to "echo"
    - MINOR: threads: add more consistency between certain variables in no-thread case
    - MEDIUM: hathreads: implement a more flexible rendez-vous point
    - BUG/MEDIUM: cli: make "show fd" thread-safe

2017/11/26 : 1.9-dev0

2017/11/26 : 1.8.0
    - BUG/MEDIUM: stream: don't automatically forward connect nor close
    - BUG/MAJOR: stream: ensure analysers are always called upon close
    - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
    - MEDIUM: mworker: Add systemd `Type=notify` support
    - BUG/MEDIUM: cache: free callback to remove from tree
    - CLEANUP: cache: remove unused struct
    - MEDIUM: cache: enable the HTTP analysers
    - CLEANUP: cache: remove wrong comment
    - MINOR: threads/atomic: rename local variables in macros to avoid conflicts
    - MINOR: threads/plock: rename local variables in macros to avoid conflicts
    - MINOR: threads/atomic: implement pl_mb() in asm on x86
    - MINOR: threads/atomic: implement pl_bts() on non-x86
    - MINOR: threads/build: atomic: replace the few inlines with macros
    - BUILD: threads/plock: fix a build issue on Clang without optimization
    - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees
    - BUILD: compiler: add a new type modifier __maybe_unused
    - BUILD: h2: mark some inlined functions "unused"
    - BUILD: server: check->desc always exists
    - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
    - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list
    - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers
    - BUG/MEDIUM: h2: always reassemble the Cookie request header field
    - BUG/MINOR: systemd: ignore daemon mode
    - CONTRIB: spoa_example: allow to compile outside HAProxy.
    - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist
    - CONTRIB: spoa_example: remove last dependencies on type "sample"
    - CONTRIB: spoa_example: remove SPOE enums that are useless for clients
    - CLEANUP: cache: reorder includes
    - MEDIUM: shctx: use unsigned int for len and block_count
    - MEDIUM: cache: "show cache" on the cli
    - BUG/MEDIUM: cache: use key=0 as a condition for freeing
    - BUG/MEDIUM: cache: refcount forbids to free the objects
    - BUG/MEDIUM: cache fix cli_kws structure
    - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
    - BUG/MINOR: ssl: Always start the handshake if we can't send early data.
    - MINOR: ssl: Don't disable early data handling if we could not write.
    - MINOR: pools: prepare functions to override malloc/free in pools
    - MINOR: pools: implement DEBUG_UAF to detect use after free
    - BUG/MEDIUM: threads/time: fix time drift correction
    - BUG/MEDIUM: threads/time: maintain a common time reference between all threads
    - MINOR: sample: Add "thread" sample fetch
    - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
    - BUG/MINOR: stream: fix tv_request calculation for applets
    - BUG/MAJOR: h2: always remove a stream from the send list before freeing it
    - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
    - MINOR: ssl: Handle reading early data after writing better.
    - MINOR: mux: Make sure every string is woken up after the handshake.
    - MEDIUM: cache: store sha1 for hashing the cache key
    - MINOR: http: implement the "http-request reject" rule
    - MINOR: h2: send RST_STREAM before GOAWAY on reject
    - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close
    - MINOR: h2: make use of client-fin timeout after GOAWAY
    - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2
    - MINOR: ssl: Handle early data with BoringSSL
    - BUG/MEDIUM: stream: always release the stream-interface on abort
    - BUG/MEDIUM: cache: free ressources in chn_end_analyze
    - MINOR: cache: move the refcount decrease in the applet release
    - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
    - MINOR: config: Support a range to specify processes in "cpu-map" parameter
    - MINOR: config: Slightly change how parse_process_number works
    - MINOR: config: Export parse_process_number and use it wherever it's applicable
    - MINOR: standard: Add my_ffsl function to get the position of the bit set to one
    - MINOR: config: Add auto-increment feature for cpu-map
    - MINOR: config: Support partial ranges in cpu-map directive
    - MINOR:: config: Remove thread-map directive
    - MINOR: config: Add the threads support in cpu-map directive
    - MINOR: config: Add threads support for "process" option on "bind" lines
    - MEDIUM: listener: Bind listeners on a thread subset if specified
    - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
    - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
    - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list"
    - CLEANUP: pools: rename all pool functions and pointers to remove this "2"
    - DOC: update the roadmap file with the latest changes merged in 1.8
    - DOC: fix mangled version in peers protocol documentation
    - DOC: add initial peers protovol v2.0 documentation.
    - DOC: mention William as maintainer of the cache and master-worker
    - DOC: add Christopher and Emeric as maintainers of the threads
    - MINOR: cache: replace a fprint() by an abort()
    - MEDIUM: cache: max-age configuration keyword
    - DOC: explain HTTP2 timeout behavior
    - DOC: cache: configuration and management
    - MAJOR: mworker: exits the master on failure
    - BUG/MINOR: threads: don't drop "extern" on the lock in include files
    - MINOR: task: keep a pointer to the currently running task
    - MINOR: task: align the rq and wq locks
    - MINOR: fd: cache-align fdtab and fdcache locks
    - MINOR: buffers: cache-align buffer_wq_lock
    - CLEANUP: server: reorder some fields in struct server to save 40 bytes
    - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes
    - CLEANUP: checks: remove 16 bytes of holes in struct check
    - CLEANUP: cache: more efficiently pack the struct cache
    - CLEANUP: fd: place the lock at the beginning of struct fdtab
    - CLEANUP: pools: align pools on a cache line
    - DOC: config: add a few bits about how to configure HTTP/2
    - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
    - BUILD: Makefile: reorder object files by size

2017/11/19 : 1.8-rc4
    - BUG/MEDIUM: cache: does not cache if no Content-Length
    - BUILD: thread/pipe: fix build without threads
    - BUG/MINOR: spoe: check buffer size before acquiring or releasing it
    - MINOR: debug/flags: Add missing flags
    - MINOR: threads: Use __decl_hathreads to declare locks
    - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
    - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
    - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
    - MINOR: ebtree/scope: add a function to find next node from a parent
    - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent()
    - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
    - BUG/MEDIUM: cache: use msg->sov to forward header
    - MINOR: cache: forward data with headers
    - MINOR: cache: disable cache if shctx_row_data_append fail
    - BUG/MINOR: threads: tid_bit must be a unsigned long
    - CLEANUP: tasks: Remove useless double test on rq_next
    - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
    - MINOR: tools: add a function to dump a scope-aware tree to a file
    - MINOR: tools: improve the DOT dump of the ebtree
    - MINOR: tools: emphasize the node being worked on in the tree dump
    - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
    - DOC: peers: Add a first version of peers protocol v2.1.
    - CONTRIB: Wireshark dissector for HAProxy Peer Protocol.
    - MINOR: mworker: display an accurate error when the reexec fail
    - BUG/MEDIUM: mworker: wait again for signals when execvp fail
    - BUG/MEDIUM: mworker: does not deinit anymore
    - BUG/MEDIUM: mworker: does not close inherited FD
    - MINOR: tests: add a python wrapper to test inherited fd
    - BUG/MINOR: Allocate the log buffers before the proxies startup
    - MINOR: tasks: Use a bitfield to track tasks activity per-thread
    - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue
    - MINOR: applets: Use a bitfield to track applets activity per-thread
    - MAJOR: polling: Use active_appels_mask instead of applets_active_queue
    - MEDIUM: applets: Don't process more than 200 active applets at once
    - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command
    - MINOR: SSL: Store the ASN1 representation of client sessions.
    - MINOR: ssl: Make sure we don't shutw the connection before the handshake.
    - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data

2017/11/11 : 1.8-rc3
    - BUILD: use MAXPATHLEN instead of NAME_MAX.
    - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
    - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
    - BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
    - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
    - CLEANUP: checks: remove return statements in locked functions
    - BUG/MINOR: cli: add severity in "set server addr" parser
    - CLEANUP: server: get rid of return statements in the CLI parser
    - BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
    - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
    - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
    - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
    - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
    - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
    - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
    - BUG/MEDIUM: threads: don't try to free build option message on exit
    - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup()
    - MINOR: add master-worker in the warning about nbproc
    - MINOR: mworker: allow pidfile in mworker + foreground
    - MINOR: mworker: write parent pid in the pidfile
    - MINOR: mworker: do not store child pid anymore in the pidfile
    - MINOR: ebtree: implement the scope-aware functions for eb32
    - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc
    - MINOR: ebtree: update the eb32sc parent node's scope on delete
    - MEDIUM: ebtree: only consider the branches matching the scope in lookups
    - MINOR: ebtree: implement eb32sc_lookup_ge_or_first()
    - MAJOR: task: make use of the scope-aware ebtree functions
    - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop
    - MEDIUM: task: change the construction of the loop in process_runnable_tasks()
    - MINOR: threads: use faster locks for the spin locks
    - MINOR: tasks: only visit filled task slots after processing them
    - MEDIUM: tasks: implement a lockless scheduler for single-thread usage
    - BUG/MINOR: dns: Don't try to get the server lock if it's already held.
    - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
    - DOC: Add note about encrypted password CPU usage
    - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
    - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
    - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
    - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
    - MEDIUM: h2: remove the H2_SS_RESET intermediate state
    - BUG/MEDIUM: h2: fix some wrong error codes on connections
    - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix
    - BUILD: enable USE_THREAD for Solaris build.
    - BUG/MEDIUM: h2: don't close the connection is there are data left
    - MINOR: h2: don't re-enable the connection's task when we're closing
    - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
    - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
    - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA
    - BUG/MINOR: h2: don't send GOAWAY on failed response
    - BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
    - BUG/MINOR: comp: fix compilation warning compiling without compression.
    - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
    - BUG/MAJOR: threads/tasks: fix the scheduler again
    - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
    - MINOR: ssl: Handle session resumption with TLS 1.3
    - MINOR: ssl: Spell 0x10101000L correctly.
    - MINOR: ssl: Handle sending early data to server.
    - BUILD: ssl: fix build of backend without ssl
    - BUILD: shctx: do not depend on openssl anymore
    - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
    - BUG/MEDIUM: h2: reject non-3-digit status codes
    - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
    - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
    - BUG/MEDIUM: h2: split the function to send RST_STREAM
    - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
    - MINOR: tools: don't use unlikely() in hex2i()
    - BUG/MEDIUM: h2: support orphaned streams
    - BUG/MEDIUM: threads/cli: fix "show sess" locking on release
    - CLEANUP: mux: remove the unused "release()" function
    - MINOR: cli: make "show fd" report the fd's thread mask
    - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
    - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid
    - MEDIUM: http: always reject the "PRI" method

2017/11/03 : 1.8-rc2
    - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
    - BUG/MINOR: send-proxy-v2: string size must include ('\0')
    - MINOR: mux: Only define pipe functions on linux.
    - MINOR: cache: Remove useless test for nonzero.
    - MINOR: cache: Don't confuse act_return and act_parse_ret.
    - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
    - BUG/MEDIUM: checks/mux: always enable send-polling after connecting
    - BUG/MAJOR: fix deadlock on healthchecks.
    - BUG/MINOR: thread: fix a typo in the debug code
    - BUILD: shctx: allow to be built without openssl
    - BUG/MEDIUM: cache: don't try to resolve wrong filters
    - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
    - BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
    - BUG/MINOR: stdarg.h inclusion
    - BUG/MINOR: dns: fix missing lock protection on server.
    - BUG/MINOR: lua: fix missing lock protection on server.
    - BUILD: enable USE_THREAD for OpenBSD build.
    - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
    - MINOR: thread: report multi-thread support in haproxy -vv

2017/10/31 : 1.8-rc1
    - BUG/MEDIUM: server: Allocate tmptrash before using it.
    - CONTRIB: trace: add the possibility to place trace calls in the code
    - CONTRIB: trace: try to display the function's return value on exit
    - CONTRIB: trace: report the base name only for file names
    - BUILD: ssl: support OPENSSL_NO_ASYNC #define
    - MINOR: ssl: build with recent BoringSSL library
    - BUG/MINOR: ssl: OCSP_single_get0_status can return -1
    - BUG/MINOR: cli: restore "set ssl tls-key" command
    - CLEANUP: cli: remove undocumented "set ssl tls-keys" command
    - IMPORT: sha1: import SHA1 functions
    - MINOR: sample: add the sha1 converter
    - MINOR: sample: add the hex2i converter
    - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn
    - MINOR: ssl: don't abort after sending 16kB
    - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM
    - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted
    - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw()
    - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE
    - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE
    - BUG/MINOR: checks: Don't forget to release the connection on error case.
    - MINOR: buffer: add the buffer input manipulation functions
    - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
    - MEDIUM: cfgparse: post section callback
    - MEDIUM: cfgparse: post parsing registration
    - MINOR: lua: add uuid to the Class Proxy
    - MINOR: hlua: Add regex class
    - MINOR: http: Mark the 425 code as "Too Early".
    - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code
    - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx
    - MINOR: ssl: generated certificate is missing in switchctx early callback
    - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1
    - BUILD: Makefile: disable -Wunused-label
    - MINOR: ssl/proto_http: Add keywords to take care of early data.
    - BUG/MINOR: lua: const attribute of a string is overridden
    - MINOR: ssl: Don't abuse ssl_options.
    - MINOR: update proxy-protocol-v2 #define
    - MINOR: merge ssl_sock_get calls for log and ppv2
    - MINOR: add ALPN information to send-proxy-v2
    - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body
    - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures
    - MEDIUM: lists: list_for_each_entry{_safe}_from functions
    - REORG: shctx: move lock functions and struct
    - MEDIUM: shctx: allow the use of multiple shctx
    - REORG: shctx: move ssl functions to ssl_sock.c
    - MEDIUM: shctx: separate ssl and shctx
    - MINOR: shctx: rename lock functions
    - MINOR: h1: store the status code in the H1 message
    - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
    - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
    - MINOR: action: Add trk_idx inline function
    - MINOR: action: Use trk_idx instead of tcp/http_trk_idx
    - MINOR: action: Add a function pointer in act_rule struct to check its validity
    - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_*
    - MINOR: action: Add a functions to check http capture rules
    - MINOR: action: Factorize checks on rules calling check_ptr if defined
    - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond
    - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages
    - MINOR: spoe: Check uniqness of SPOE engine names during config parsing
    - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file
    - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules
    - MINOR: spoe: Move message encoding in its own function
    - MINOR: spoe: Add a type to qualify the message list during encoding
    - MINOR: spoe: Add a generic function to encode a list of SPOE message
    - MEDIUM: spoe/rules: Process "send-spoe-group" action
    - BUG/MINOR: dns: Fix CLI keyword declaration
    - MAJOR: dns: Refactor the DNS code
    - BUG/MINOR: mailers: Fix a memory leak when email alerts are released
    - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing
    - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules
    - MINOR: standard: Add memvprintf function
    - MINOR: log: Save alerts and warnings emitted during HAProxy startup
    - MINOR: cli: Add "show startup-logs" command
    - MINOR: startup: Extend the scope the MODE_STARTING flag
    - MINOR: threads: Prepare makefile to link with pthread
    - MINOR: threads: Add THREAD_LOCAL macro
    - MINOR: threads: Add atomic-ops and plock includes in import dir
    - MEDIUM: threads: Add hathreads header file
    - MINOR: threads: Add mechanism to register per-thread init/deinit functions
    - MINOR: threads: Add nbthread parameter
    - MEDIUM: threads: Adds a set of functions to handle sync-point
    - MAJOR: threads: Start threads to experiment multithreading
    - MINOR: threads: Define the sync-point inside run_poll_loop
    - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions
    - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables
    - MEDIUM: threads/time: Many global variables from time.h are now thread-local
    - MEDIUM: threads/logs: Make logs thread-safe
    - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool
    - MAJOR: threads/fd: Make fd stuffs thread-safe
    - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array
    - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert
    - MINOR: threads/fd: Process cached events of FDs depending on the process mask
    - MINOR: threads/polling: pollers now handle FDs depending on the process mask
    - WIP: SQUASH WITH SYNC POINT
    - MAJOR: threads/task: handle multithread on task scheduler
    - MEDIUM: threads/signal: Add a lock to make signals thread-safe
    - MEDIUM: threads/listeners: Make listeners thread-safe
    - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars
    - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe
    - MEDIUM: threads/server: Add a lock per server and atomically update server vars
    - MINOR: threads/server: Add a lock to deal with insert in updates_servers list
    - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe
    - MEDIUM: threads/stick-tables: handle multithreads on stick tables
    - MINOR: threads/sample: Change temp_smp into a thread local variable
    - MEDIUM: threads/http: Make http_capture_bad_message thread-safe
    - MINOR: threads/regex: Change Regex trash buffer into a thread local variable
    - MAJOR: threads/applet: Handle multithreading for applets
    - MAJOR: threads/peers: Make peers thread safe
    - MAJOR: threads/buffer: Make buffer wait queue thread safe
    - MEDIUM: threads/stream: Make streams list thread safe
    - MAJOR: threads/ssl: Make SSL part thread-safe
    - MEDIUM: threads/queue: Make queues thread-safe
    - MAJOR: threads/map: Make acls/maps thread safe
    - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe
    - MEDIUM: thread/vars: Make vars thread-safe
    - MEDIUM: threads/filters: Add init/deinit callback per thread
    - MINOR: threads/filters: Update trace filter to add _per_thread callbacks
    - MEDIUM: threads/compression: Make HTTP compression thread-safe
    - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread.
    - MEDIUM: threads/lua: Add locks around the Lua execution parts.
    - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me
    - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread.
    - MEDIUM: threads/xref: Convert xref function to a thread safe model
    - MEDIUM: threads/tasks: Add lock around notifications
    - MEDIUM: thread/spoe: Make the SPOE thread-safe
    - MEDIUM: thread/dns: Make DNS thread-safe
    - MINOR: threads: Add thread-map config parameter in the global section
    - MINOR: threads/checks: Add a lock to protect the pid list used by external checks
    - MINOR: threads/checks: Set the task process_mask when a check is executed
    - MINOR: threads/mailers: Add a lock to protect queues of email alerts
    - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency
    - MINOR: threads: Don't start when device a detection module is used
    - BUG/MEDIUM: threads: Run the poll loop on the main thread too
    - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
    - MAJOR: threads: Offically enable the threads support in HAProxy
    - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
    - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
    - BUILD: stick-tables: silence an uninitialized variable warning
    - BUG/MINOR: dns: Fix SRV records with the new thread code.
    - MINOR: ssl: Remove the global allow-0rtt option.
    - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit
    - CLEANUP: threads: rename process_mask to thread_mask
    - MINOR: h1: add a function to measure the trailers length
    - MINOR: threads: add a portable barrier for threads and non-threads
    - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
    - BUG/MEDIUM: threads: Initialize the sync-point
    - MEDIUM: connection: start to introduce a mux layer between xprt and data
    - MINOR: connection: implement alpn registration of muxes
    - MINOR: mux: register the pass-through mux for any ALPN string
    - MEDIUM: session: use the ALPN token and proxy mode to select the mux
    - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major)
    - MINOR: connection: introduce conn_stream
    - MINOR: mux: add more methods to mux_ops
    - MINOR: connection: introduce the conn_stream manipulation functions
    - MINOR: mux_pt: implement remaining mux_ops methods
    - MAJOR: connection : Split struct connection into struct connection and struct conn_stream.
    - MINOR: connection: make conn_stream users also check for per-stream error flag
    - MINOR: conn_stream: new shutr/w status flags
    - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode
    - MEDIUM: connection: make conn_sock_shutw() aware of lingering
    - MINOR: connection: add cs_close() to close a conn_stream
    - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection
    - MEDIUM: connection: replace conn_full_close() with cs_close()
    - MEDIUM: connection: make mux->detach() release the connection
    - MEDIUM: stream: do not forcefully close the client connection anymore
    - MEDIUM: checks: exclusively use cs_destroy() to release a connection
    - MEDIUM: connection: add a destroy callback
    - MINOR: session: release the listener with the session, not the stream
    - MEDIUM: session: make use of the connection's destroy callback
    - CONTRIB: hpack: implement a reverse huffman table generator for hpack
    - MINOR: hpack: implement the HPACK Huffman table decoder
    - MINOR: hpack: implement the header tables management
    - MINOR: hpack: implement the decoder
    - MEDIUM: hpack: implement basic hpack encoding
    - MINOR: h2: centralize all HTTP/2 protocol elements and constants
    - MINOR: h2: create a very minimalistic h2 mux
    - MINOR: h2: expose tune.h2.header-table-size to configure the table size
    - MINOR: h2: expose tune.h2.initial-window-size to configure the window size
    - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams
    - MINOR: h2: create the h2c struct and allocate its pool
    - MINOR: h2: create the h2s struct and the associated pool
    - MINOR: h2: handle two extra stream states for errors
    - MINOR: h2: add a frame header descriptor for incoming frames
    - MEDIUM: h2: allocate and release the h2c context on connection init/end
    - MEDIUM: h2: implement basic recv/send/wake functions
    - MEDIUM: h2: dynamically allocate the demux buffer on Rx
    - MEDIUM: h2: implement the mux buffer allocator
    - MINOR: h2: add the connection and stream flags listing the causes for blocking
    - MINOR: h2: add function h2s_id() to report a stream's ID
    - MINOR: h2: small function to know when the mux is busy
    - MINOR: h2: new function h2c_error to mark an error on the connection
    - MINOR: h2: new function h2s_error() to mark an error on a stream
    - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame
    - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header
    - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer
    - MINOR: h2: add stream lookup function based on the stream ID
    - MINOR: h2: create dummy idle and closed streams
    - MINOR: h2: add the function to create a new stream
    - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability
    - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling
    - MINOR: h2: also terminate the connection on shutr
    - MEDIUM: h2: properly consider all conditions for end of connection
    - MEDIUM: h2: wake the connection up for send on pending streams
    - MEDIUM: h2: start to implement the frames processing loop
    - MINOR: h2: add a function to send a GOAWAY error frame
    - MINOR: h2: match the H2 connection preface on init
    - MEDIUM: h2: enable connection polling for send when a cs wants to emit
    - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full
    - MEDIUM: h2: process streams pending for sending
    - MINOR: h2: send a real SETTINGS frame based on the configuration
    - MEDIUM: h2: detect the presence of the first settings frame
    - MINOR: h2: create a stream parser for the demuxer
    - MINOR: h2: implement PING frames
    - MEDIUM: h2: decode SETTINGS frames and extract relevant settings
    - MINOR: h2: lookup the stream during demuxing
    - MEDIUM: h2: honor WINDOW_UPDATE frames
    - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames
    - MINOR: h2: handle CONTINUATION frames
    - MEDIUM: h2: partial implementation of h2_detach()
    - MEDIUM: h2: unblock a connection when its current stream detaches
    - MEDIUM: h2: basic processing of HEADERS frame
    - MEDIUM: h2: don't use trash to decode headers!
    - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response
    - MEDIUM: h2: send the H1 response body as DATA frames
    - MEDIUM: h2: skip the response trailers if any
    - MEDIUM: h2: properly continue to parse header block when facing a 1xx response
    - MEDIUM: h2: send WINDOW_UPDATE frames for connection
    - MEDIUM: h2: handle request body in DATA frames
    - MINOR: h2: handle RST_STREAM frames
    - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr
    - MINOR: h2: use a common function to signal some and all streams.
    - MEDIUM: h2: handle GOAWAY frames
    - MINOR: h2: centralize the check for the idle streams
    - MINOR: h2: centralize the check for the half-closed(remote) streams
    - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY
    - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client
    - MEDIUM: h2: perform a graceful shutdown on "Connection: close"
    - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response
    - MEDIUM: h2: apply a timeout to h2 connections
    - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
    - MEDIUM: shctx: forbid shctx to read more than expected
    - MEDIUM: cache: configuration parsing and initialization
    - MEDIUM: cache: store objects in cache
    - MEDIUM: cache: deliver objects from cache

2017/10/22 : 1.8-dev3
    - REORG: ssl: move defines and methodVersions table upper
    - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table
    - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list
    - MEDIUM: ssl: disable SSLv3 per default for bind
    - BUG/MAJOR: ssl: fix segfault on connection close using async engines.
    - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine
    - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler
    - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
    - BUG/MEDIUM: build without openssl broken
    - BUG/MINOR: warning: need_resend may be used uninitialized
    - BUG/MEDIUM: misplaced exit and wrong exit code
    - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
    - BUILD: scripts: make publish-release support bare repositories
    - BUILD: scripts: add an automatic mode for publish-release
    - BUILD: scripts: add a "quiet" mode to publish-release
    - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
    - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
    - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO.
    - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
    - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0
    - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
    - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
    - BUG/MAJOR: server: Segfault after parsing server state file.
    - BUG/MEDIUM: unix: never unlink a unix socket from the file system
    - scripts: create-release pass -n to tail
    - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity
    - BUG/MEDIUM: fix segfault when no argument to -x option
    - MINOR: warning on multiple -x
    - MINOR: mworker: don't copy -x argument anymore in copy_argv()
    - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master
    - BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
    - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
    - BUG/MINOR: log: pin the front connection when front ip/ports are logged
    - DOC: fix references to the section about the unix socket
    - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
    - MAJOR: task: task scheduler rework.
    - MINOR: task/stream: tasks related to a stream must be init by the caller.
    - MINOR: queue: Change pendconn_get_next_strm into private function
    - MINOR: backends: Change get_server_sh/get_server_uh into private function
    - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions
    - MEDIUM: stream: make stream_new() always set the target and analysers
    - MINOR: frontend: initialize HTTP layer after the debugging code
    - MINOR: connection: add a .get_alpn() method to xprt_ops
    - MINOR: ssl: add a get_alpn() method to ssl_sock
    - MINOR: frontend: retrieve the ALPN name when available
    - MINOR: frontend: report the connection's ALPN in the debug output
    - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL
    - MINOR: connection: send data before receiving
    - MAJOR: applet: applet scheduler rework.
    - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections
    - BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
    - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
    - BUG/MAJOR: compression: Be sure to release the compression state in all cases
    - MINOR: compression: Use a memory pool to allocate compression states
    - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded.
    - DOC: fix references to the section about time format.
    - BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
    - BUG/MAJOR: http: fix buffer overflow on loguri buffer.
    - MINOR: ssl: compare server certificate names to the SNI on outgoing connections
    - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
    - BUG/MINOR: http: Don't reset the transaction if there are still data to send
    - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
    - MINOR: peers: Add additional information to stick-table definition messages.
    - BUG/MINOR: http: properly handle all 1xx informational responses
    - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer
    - BUG/MINOR: peers: peer synchronization issue (with several peers sections).
    - CLEANUP: hdr_idx: make some function arguments const where possible
    - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x".
    - BUG/MINOR: lua: In error case, the safe mode is not removed
    - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
    - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
    - BUG/MEDIUM: lua: bad memory access
    - BUG/MINOR: Lua: variable already initialized
    - DOC: update CONTRIBUTING regarding optional parts and message format
    - DOC: update the list of OpenSSL versions in the README
    - BUG/MINOR: http: Set the response error state in http_sync_res_state
    - MINOR: http: Reorder/rewrite checks in http_resync_states
    - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
    - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
    - MINOR: http: Rely on analyzers mask to end processing in forward_body functions
    - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states
    - BUG/MINOR: contrib/modsecurity: BSD build fix
    - BUG/MINOR: contrib/mod_defender: build fix
    - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3
    - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy
    - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_*
    - MINOR: tools: add a portable timegm() alternative
    - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10
    - DOC: Updated 51Degrees git URL to point to a stable version.
    - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
    - MINOR: memory: remove macros
    - BUG/MINOR: lua: Fix Server.get_addr() port values
    - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
    - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup
    - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw
    - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known
    - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
    - MINOR: task: always preinitialize the task's timeout in task_init()
    - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new()
    - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
    - MINOR: lua: Add proxy as member of proxy object.
    - DOC: lua: Proxy class doc update
    - MINOR: lua: Add lists of frontends and backends
    - BUG/MINOR: ssl: Fix check against SNI during server certificate verification
    - BUG/MINOR: ssl: make use of the name in SNI before verifyhost
    - MINOR: ssl: add a new error codes for wrong server certificates
    - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
    - MINOR: ssl: add "no-ca-names" parameter for bind
    - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
    - DOC: fix alphabetical order of "show commands" in management.txt
    - MINOR: listener: add a function to return a listener's state as a string
    - MINOR: cli: add a new "show fd" command
    - BUG/MEDIUM: ssl: Fix regression about certificates generation
    - MINOR: Add server port field to server state file.
    - MINOR: ssl: allow to start without certificate if strict-sni is set
    - MINOR: dns: Cache previous DNS answers.
    - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ.
    - Add a few functions to do unaligned access.
    - MINOR: dns: Handle SRV records.
    - MINOR: check: Fix checks when using SRV records.
    - MINOR: doc: Document SRV label usage.
    - BUILD/MINOR: cli: shut a minor gcc warning in "show fd"
    - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2
    - BUILD/MINOR: build without openssl still broken
    - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
    - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit()
    - MINOR: init: Fix CPU affinity setting on FreeBSD.
    - MINOR: dns: Update analysis of TRUNCATED response for SRV records
    - MINOR: dns: update record dname matching for SRV query types
    - MINOR: dns: update dns response buffer reading pointer due to SRV record
    - MINOR: dns: duplicate entries in resolution wait queue for SRV records
    - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records
    - MINOR: dns: ability to use a SRV resolution for multiple backends
    - MINOR: dns: enable caching of responses for server set by a SRV record
    - MINOR: dns: new dns record type (RTYPE) for OPT
    - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable
    - MINOR: dns: default "hold obsolete" timeout set to 0
    - MINOR: chunks: add chunk_memcpy() and chunk_memcat()
    - MINOR: session: add a streams field to the session struct
    - MINOR: stream: link the stream to its session
    - MEDIUM: session: do not free a session until no stream references it
    - MINOR: ist: implement very simple indirect strings
    - TESTS: ist: add a test file for the functions
    - MINOR: http: export some of the HTTP parser macros
    - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
    - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
    - MINOR: dns: Maximum DNS udp payload set to 8192
    - MINOR: dns: automatic reduction of DNS accpeted payload size
    - MINOR: dns: make SRV record processing more verbose
    - CLEANUP: dns: remove duplicated code in dns_resolve_recv()
    - CLEANUP: dns: remove duplicated code in dns_validate_dns_response()
    - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
    - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
    - BUG/MAJOR: lua: fix the impact of the scheduler changes again
    - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
    - MINOR: lua: properly process the contents of the content-length field
    - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
    - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet
    - OPTIM: lua: don't add "Connection: close" on the response
    - REORG/MEDIUM: connection: introduce the notion of connection handle
    - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
    - MEDIUM: connection: get rid of data->init() which was not for data
    - MEDIUM: stream: make stream_new() allocate its own task
    - CLEANUP: listener: remove the unused handler field
    - MEDIUM: session: add a pointer to a struct task in the session
    - MINOR: stream: provide a new stream creation function for connections
    - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH
    - CLEANUP: connection: remove the unused conn_sock_shutw_pending()
    - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH
    - DOC: add CLI info on privilege levels
    - DOC: Refer to Mozilla TLS info / config generator
    - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf
    - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
    - DOC: Add note about "* " prefix in CSV stats
    - CLEANUP: memory: Remove unused function pool_destroy
    - MINOR: listeners: Change listener_full and limit_listener into private functions
    - MINOR: listeners: Change enable_listener and disable_listener into private functions
    - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed
    - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab
    - MINOR: backends: Make get_server_* functions explicitly static
    - MINOR: applet: Check applets_active_queue before processing applets queue
    - MINOR: chunks: Use dedicated function to init/deinit trash buffers
    - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked
    - MINOR: logs: Use dedicated function to init/deinit log buffers
    - MINOR: logs: Realloc log buffers only after the config is parsed and checked
    - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function
    - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer
    - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header
    - MINOR: fd: Add fd_active function
    - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions
    - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers
    - MINOR: freq_ctr: Return the new value after an update
    - MEDIUM: check: server states and weight propagation re-work
    - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
    - MINOR: fd: Add fd_update_events function
    - MINOR: polling: Use fd_update_events to update events seen for a fd
    - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
    - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
    - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use
    - BUG/MEDIUM: http: Close streams for connections closed before a redirect
    - BUG/MINOR: Lua: The socket may be destroyed when we try to access.
    - MINOR: xref: Add a new xref system
    - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua
    - MINOR: tasks: Move Lua notification from Lua to tasks
    - MINOR: net_helper: Inline functions meant to be inlined.
    - MINOR: cli: add socket commands and config to prepend informational messages with severity
    - MINOR: add severity information to cli feedback messages
    - BUILD: Makefile: add a function to detect support by the compiler of certain options
    - BUILD: Makefile: shut certain gcc/clang stupid warnings
    - BUILD: Makefile: improve detection of support for compiler warnings
    - MINOR: peers: don't reference the incoming listener on outgoing connections
    - MINOR: frontend: don't retrieve ALPN on the critical path
    - MINOR: protocols: always pass a "port" argument to the listener creation
    - MINOR: protocols: register the ->add function and stop calling them directly
    - MINOR: unix: remove the now unused proto_uxst.h file
    - MINOR: listeners: new function create_listeners
    - MINOR: listeners: make listeners count consistent with reality
    - MEDIUM: session: take care of incrementing/decrementing jobs
    - MINOR: listener: new function listener_release
    - MINOR: session: small cleanup of conn_complete_session()
    - MEDIUM: session: factor out duplicated code for conn_complete_session
    - MEDIUM: session: count the frontend's connections at a single place
    - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
    - BUG/MINOR: compression: Check response headers before http-response rules eval
    - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
    - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
    - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl
    - BUG/MINOR: contrib/mod_defender: close the va_list argp before return
    - BUG/MINOR: contrib/modsecurity: close the va_list ap before return
    - MINOR: tools: make my_htonll() more efficient on x86_64
    - MINOR: buffer: add b_del() to delete a number of characters
    - MINOR: buffer: add b_end() and b_to_end()
    - MINOR: net_helper: add functions to read from vectors
    - MINOR: net_helper: add write functions
    - MINOR: net_helper: add 64-bit read/write functions
    - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags
    - MINOR: ist: add a macro to ease const array initialization
    - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
    - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
    - BUG/MINOR: log: fixing small memory leak in error code path.
    - BUG/MINOR: contrib/halog: fixing small memory leak
    - BUG/MEDIUM: tcp/http: set-dst-port action broken
    - CLEANUUP: checks: don't set conn->handle.fd to -1
    - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
    - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
    - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
    - BUG/MINOR: unix: properly check for octal digits in the "mode" argument
    - MINOR: checks: make chk_report_conn_err() take a check, not a connection
    - CLEANUP: checks: remove misleading comments and statuses for external process
    - CLEANUP: checks: don't report report the fork() error twice
    - CLEANUP: checks: do not allocate a connection for process checks
    - TESTS: checks: add a simple test config for external checks
    - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
    - TESTS: checks: add a simple test config for tcp-checks
    - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection
    - MINOR: checks: don't create then kill a dummy connection before tcp-checks
    - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection
    - MEDIUM: checks: do not allocate a permanent connection anymore
    - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
    - BUG/MEDIUM: http: Return an error when url_dec sample converter failed
    - BUG/MAJOR: stream-int: don't re-arm recv if send fails
    - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12
    - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12
    - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files.
    - MINOR: compiler: restore the likely() wrapper for gcc 5.x
    - MINOR: session: remove the list of streams from struct session
    - DOC: fix some typos
    - MINOR: server: add the srv_queue() sample fetch method
    - MINOR: payload: add new sample fetch functions to process distcc protocol
    - MAJOR: servers: propagate server status changes asynchronously.
    - BUG/MEDIUM: ssl: fix OCSP expiry calculation
    - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
    - MINOR: server: Handle weight increase in consistent hash.
    - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks.
    - BUG/MINOR: tools: fix my_htonll() on x86_64
    - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
    - BUG/MAJOR: lua: scheduled task is freezing.
    - MINOR: buffer: add bo_del() to delete a number of characters from output
    - MINOR: buffer: add a function to match against string patterns
    - MINOR: buffer: add two functions to inject data into buffers
    - MINOR: buffer: add buffer_space_wraps()
    - REORG: channel: finally rename the last bi_* / bo_* functions
    - MINOR: buffer: add bo_getblk() and bo_getblk_nc()
    - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents
    - MINOR: channel: make the channel be a const in all {ci,co}_get* functions
    - MINOR: ist: add ist0() to add a trailing zero to a string.
    - BUG/MEDIUM: log: check result details truncated.
    - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer
    - REORG: http: move some very http1-specific parts to h1.{c,h}
    - REORG: http: move the HTTP/1 chunk parser to h1.{c,h}
    - REORG: http: move the HTTP/1 header block parser to h1.c
    - MEDIUM: http: make the chunk size parser only depend on the buffer
    - MEDIUM: http: make the chunk crlf parser only depend on the buffer
    - MINOR: h1: add struct h1m for basic HTTP/1 messages
    - MINOR: http: add very simple header management based on double strings
    - MEDIUM: h1: reimplement the http/1 response parser for the gateway
    - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_*
    - MEDIUM: connection: make conn_sock_shutw() aware of lingering
    - MINOR: connection: ensure conn_ctrl_close() also resets the fd
    - MINOR: connection: add conn_stop_tracking() to disable tracking
    - MINOR: tcp: use conn_full_close() instead of conn_force_close()
    - MINOR: unix: use conn_full_close() instead of conn_force_close()
    - MINOR: checks: use conn_full_close() instead of conn_force_close()
    - MINOR: session: use conn_full_close() instead of conn_force_close()
    - MINOR: stream: use conn_full_close() instead of conn_force_close()
    - MINOR: stream: use conn_full_close() instead of conn_force_close()
    - MINOR: backend: use conn_full_close() instead of conn_force_close()
    - MINOR: stream-int: use conn_full_close() instead of conn_force_close()
    - MINOR: connection: remove conn_force_close()
    - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct

2017/06/02 : 1.8-dev2
    - CLEANUP: server: moving netinet/tcp.h inclusion
    - DOC: changed "block"(deprecated) examples to http-request deny
    - DOC: add few comments to examples.
    - DOC: update sample code for PROXY protocol
    - DOC: mention lighttpd 1.4.46 implements PROXY
    - MINOR server: Restrict dynamic cookie check to the same proxy.
    - DOC: stick-table is available in frontend sections
    - BUG/MINOR: server : no transparent proxy for DragonflyBSD
    - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header()
    - BUILD/MINOR: tools: fix build warning in debug_hexdump()
    - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
    - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
    - BUG/MINOR: arg: don't try to add an argument on failed memory allocation
    - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses
    - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
    - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
    - BUG/MEDIUM: servers: unbreak server weight propagation
    - MINOR: lua: ensure the memory allocator is used all the time
    - MINOR: cli: Add a command to send listening sockets.
    - MINOR: global: Add an option to get the old listening sockets.
    - MINOR: tcp: When binding socket, attempt to reuse one from the old proc.
    - MINOR: doc: document the -x flag
    - MINOR: proxy: Don't close FDs if not our proxy.
    - MINOR: socket transfer: Set a timeout on the socket.
    - MINOR: systemd wrapper: add support for passing the -x option.
    - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing.
    - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting.
    - CLEANUP: logs: typo: simgle => single
    - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
    - MEDIUM: config: don't check config validity when there are fatal errors
    - BUG/MAJOR: Use -fwrapv.
    - BUG/MINOR: server: don't use "proxy" when px is really meant.
    - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
    - BUG/MINOR: server: missing default server 'resolvers' setting duplication.
    - MINOR: server: Extract the code responsible of copying default-server settings.
    - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing.
    - MINOR: server: Add 'server-template' new keyword supported in backend sections.
    - MINOR: server: Add server_template_init() function to initialize servers from a templates.
    - DOC: Add documentation for new "server-template" keyword.
    - DOC: add layer 4 links/cross reference to "block" keyword.
    - DOC: errloc/errorloc302/errorloc303 missing status codes.
    - BUG/MEDIUM: lua: memory leak
    - CLEANUP: lua: remove test
    - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
    - BUG/MINOR: change header-declared function to static inline
    - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common
    - MINOR: Add binary encoding request header sample fetch
    - MINOR: proto-http: Add sample fetch wich returns all HTTP headers
    - MINOR: Add ModSecurity wrapper as contrib
    - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
    - DOC: update RFC references
    - CONTRIB: tcploop: add action "X" to execute a command
    - MINOR: server: cli: Add server FQDNs to server-state file and stats socket.
    - BUG/MINOR: contrib/mod_security: fix build on FreeBSD
    - BUG/MINOR: checks: don't send proxy protocol with agent checks
    - MINOR: ssl: add prefer-client-ciphers
    - MEDIUM: ssl: revert ssl/tls version settings relative to default-server.
    - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx
    - MEDIUM: ssl: calculate the real min/max TLS version and find holes
    - MINOR: ssl: support TLSv1.3 for bind and server
    - MINOR: ssl: show methods supported by openssl
    - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server
    - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility.
    - CLEANUP: retire obsoleted USE_GETSOCKNAME build option
    - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
    - MINOR: sample: Add b64dec sample converter
    - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
    - MINOR: cli: add ACCESS_LVL_MASK to store the access level
    - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs
    - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound
    - MEDIUM: ssl: add basic support for OpenSSL crypto engine
    - MAJOR: ssl: add openssl async mode support
    - MEDIUM: ssl: handle multiple async engines
    - MINOR: boringssl: basic support for OCSP Stapling
    - MEDIUM: mworker: replace systemd mode by master worker mode
    - MEDIUM: mworker: handle reload and signals
    - MEDIUM: mworker: wait mode on reload failure
    - MEDIUM: mworker: try to guess the next stats socket to use with -x
    - MEDIUM: mworker: exit-on-failure option
    - MEDIUM: mworker: workers exit when the master leaves
    - DOC: add documentation for the master-worker mode
    - MEDIUM: systemd: Type=forking in unit file
    - MAJOR: systemd-wrapper: get rid of the wrapper
    - MINOR: log: Add logurilen tunable.
    - CLEANUP: server.c: missing prototype of srv_free_dns_resolution
    - MINOR: dns: smallest DNS fqdn size
    - MINOR: dns: functions to manage memory for a DNS resolution structure
    - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution()
    - REORG: dns: dns_option structure, storage of hostname_dn
    - MINOR: dns: new snr_check_ip_callback function
    - MAJOR: dns: save a copy of the DNS response in struct resolution
    - MINOR: dns: implement a LRU cache for DNS resolutions
    - MINOR: dns: make 'ancount' field to match the number of saved records
    - MINOR: dns: introduce roundrobin into the internal cache (WIP)
    - MAJOR/REORG: dns: DNS resolution task and requester queues
    - BUILD: ssl: fix build with OPENSSL_NO_ENGINE
    - MINOR: Add Mod Defender integration as contrib
    - CLEANUP: str2mask return code comment: non-zero -> zero.
    - MINOR: tools: make debug_hexdump() use a const char for the string
    - MINOR: tools: make debug_hexdump() take a string prefix
    - CLEANUP: connection: remove unused CO_FL_WAIT_DATA

2017/04/03 : 1.8-dev1
    - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
    - BUG/MINOR: stats: make field_str() return an empty string on NULL
    - DOC: Spelling fixes
    - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
    - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
    - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
    - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
    - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
    - BUG/MAJOR: stream: fix session abort on resource shortage
    - OPTIM: stream-int: don't disable polling anymore on DONT_READ
    - BUG/MINOR: cli: allow the backslash to be escaped on the CLI
    - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
    - DOC: Fix map table's format
    - DOC: Added 51Degrees conv and fetch functions to documentation.
    - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
    - DOC: mention that req_tot is for both frontends and backends
    - BUG/MEDIUM: variables: some variable name can hide another ones
    - MINOR: lua: Allow argument for actions
    - BUILD: rearrange target files by build time
    - CLEANUP: hlua: just indent functions
    - MINOR: lua: give HAProxy variable access to the applets
    - BUG/MINOR: stats: fix be/sessions/max output in html stats
    - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
    - DOC: lua: Documentation about some entry missing
    - DOC: lua: Add documentation about variable manipulation from applet
    - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
    - DOC: Add undocumented argument of the trace filter
    - DOC: Fix some typo in SPOE documentation
    - MINOR: cli: Remove useless call to bi_putchk
    - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
    - MINOR: applet: Count number of (active) applets
    - MINOR: task: Rename run_queue and run_queue_cur counters
    - BUG/MEDIUM: stream: Save unprocessed events for a stream
    - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
    - BUILD/MEDIUM: Fixing the build using LibreSSL
    - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
    - SCRIPTS: git-show-backports: fix a harmless typo
    - SCRIPTS: git-show-backports: add -H to use the hash of the commit message
    - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
    - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context
    - CLEANUP: applet/table: add an "action" entry in ->table context
    - CLEANUP: applet: remove the now unused appctx->private field
    - DOC: lua: documentation about time parser functions
    - DOC: lua: improve links
    - DOC: lua: section declared twice
    - MEDIUM: cli: 'show cli sockets' list the CLI sockets
    - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes
    - BUG/MINOR: cli: "show cli sockets" would always report process 64
    - CLEANUP: lua: rename one of the lua appctx union
    - BUG/MINOR: lua/cli: bad error message
    - MEDIUM: lua: use memory pool for hlua struct in applets
    - MINOR: lua/signals: Remove Lua part from signals.
    - DOC: cli: show cli sockets
    - MINOR: cli: automatically enable a CLI I/O handler when there's no parser
    - CLEANUP: memory: remove the now unused cli_parse_show_pools() function
    - CLEANUP: applet: group all CLI contexts together
    - CLEANUP: stats: move a misplaced stats context initialization
    - MINOR: cli: add two general purpose pointers and integers in the CLI struct
    - MINOR: appctx/cli: remove the cli_socket entry from the appctx union
    - MINOR: appctx/cli: remove the env entry from the appctx union
    - MINOR: appctx/cli: remove the "be" entry from the appctx union
    - MINOR: appctx/cli: remove the "dns" entry from the appctx union
    - MINOR: appctx/cli: remove the "server_state" entry from the appctx union
    - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union
    - CONTRIB: tcploop: add limits.h to fix build issue with some compilers
    - MINOR/DOC: lua: just precise one thing
    - DOC: fix small typo in fe_id (backend instead of frontend)
    - BUG/MINOR: Fix the sending function in Lua's cosocket
    - BUG/MINOR: lua: memory leak executing tasks
    - BUG/MINOR: lua: bad return code
    - BUG/MINOR: lua: memleak when Lua/cli fails
    - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools
    - CLEANUP: haproxy: statify unexported functions
    - MINOR: haproxy: add a registration for build options
    - CLEANUP: wurfl: use the build options list to report it
    - CLEANUP: 51d: use the build options list to report it
    - CLEANUP: da: use the build options list to report it
    - CLEANUP: namespaces: use the build options list to report it
    - CLEANUP: tcp: use the build options list to report transparent modes
    - CLEANUP: lua: use the build options list to report it
    - CLEANUP: regex: use the build options list to report the regex type
    - CLEANUP: ssl: use the build options list to report the SSL details
    - CLEANUP: compression: use the build options list to report the algos
    - CLEANUP: auth: use the build options list to report its support
    - MINOR: haproxy: add a registration for post-check functions
    - CLEANUP: checks: make use of the post-init registration to start checks
    - CLEANUP: filters: use the function registration to initialize all proxies
    - CLEANUP: wurfl: make use of the late init registration
    - CLEANUP: 51d: make use of the late init registration
    - CLEANUP: da: make use of the late init registration code
    - MINOR: haproxy: add a registration for post-deinit functions
    - CLEANUP: wurfl: register the deinit function via the dedicated list
    - CLEANUP: 51d: register the deinitialization function
    - CLEANUP: da: register the deinitialization function
    - CLEANUP: wurfl: move global settings out of the global section
    - CLEANUP: 51d: move global settings out of the global section
    - CLEANUP: da: move global settings out of the global section
    - MINOR: cfgparse: add two new functions to check arguments count
    - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock
    - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock
    - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock
    - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock
    - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock
    - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c
    - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
    - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
    - BUG/MINOR: stats: fix be/sessions/current out in typed stats
    - MINOR: tcp-rules: check that the listener exists before updating its counters
    - MEDIUM: spoe: don't create a dummy listener for outgoing connections
    - MINOR: listener: move the transport layer pointer to the bind_conf
    - MEDIUM: move listener->frontend to bind_conf->frontend
    - MEDIUM: ssl: remote the proxy argument from most functions
    - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops
    - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf()
    - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops
    - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf()
    - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL
    - MINOR: connection: add a minimal transport layer registration system
    - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock
    - CLEANUP: connection: unexport raw_sock and ssl_sock
    - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops
    - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()
    - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback
    - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c
    - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
    - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
    - BUG/MINOR: systemd: potential zombie processes
    - DOC: Add timings events schemas
    - BUILD: lua: build failed on FreeBSD.
    - MINOR: samples: add xx-hash functions
    - MEDIUM: regex: pcre2 support
    - BUG/MINOR: option prefer-last-server must be ignored in some case
    - MINOR: stats: Support "select all" for backend actions
    - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
    - BUG/MAJOR: channel: Fix the definition order of channel analyzers
    - BUG/MINOR: http: report real parser state in error captures
    - BUILD: scripts: automatically update the branch in version.h when releasing
    - MINOR: tools: add a generic hexdump function for debugging
    - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
    - MINOR: http: custom status reason.
    - MINOR: connection: add sample fetch "fc_rcvd_proxy"
    - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
    - BUG/MINOR: tools: fix off-by-one in port size check
    - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
    - MEDIUM: server: split the address and the port into two different fields
    - MINOR: tools: make str2sa_range() return the port in a separate argument
    - MINOR: server: take the destination port from the port field, not the addr
    - MEDIUM: server: disable protocol validations when the server doesn't resolve
    - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
    - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
    - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
    - MINOR: Use "500 Internal Server Error" for 500 error/status code message.
    - MINOR: proto_http.c 502 error txt typo.
    - DOC: add deprecation notice to "block"
    - MINOR: compression: fix -vv output without zlib/slz
    - BUG/MINOR: Reset errno variable before calling strtol(3)
    - MINOR: ssl: don't show prefer-server-ciphers output
    - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration
    - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
    - MAJOR: ssl: bind configuration per certificat
    - MINOR: ssl: add curve suite for ECDHE negotiation
    - MINOR: checks: Add agent-addr config directive
    - MINOR: cli: Add possiblity to change agent config via CLI/socket
    - MINOR: doc: Add docs for agent-addr configuration variable
    - MINOR: doc: Add docs for agent-addr and agent-send CLI commands
    - BUILD: ssl: fix to build (again) with boringssl
    - BUILD: ssl: fix build on OpenSSL 1.0.0
    - BUILD: ssl: silence a warning reported for ERR_remove_state()
    - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes()
    - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility
    - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
    - BUG/MINOR: unix: fix connect's polling in case no data are scheduled
    - MINOR: server: extend the flags to 32 bits
    - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
    - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
    - BUG/MAJOR: dns: restart sockets after fork()
    - MINOR: chunks: implement a simple dynamic allocator for trash buffers
    - BUG/MEDIUM: http: prevent redirect from overwriting a buffer
    - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
    - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
    - BUG/MINOR: http: Return an error when a replace-header rule failed on the response
    - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
    - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
    - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
    - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
    - MINOR: http: don't close when redirect location doesn't start with "/"
    - MEDIUM: boringssl: support native multi-cert selection without bundling
    - BUG/MEDIUM: ssl: fix verify/ca-file per certificate
    - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
    - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation.
    - BUILD: ssl: fix build with -DOPENSSL_NO_DH
    - MEDIUM: ssl: add new sample-fetch which captures the cipherlist
    - MEDIUM: ssl: remove ssl-options from crt-list
    - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
    - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
    - MINOR: ssl: improved cipherlist captures
    - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
    - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
    - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents
    - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example
    - MINOR: spoe: Remove SPOE details from the appctx structure
    - MINOR: spoe: Add status code in error variable instead of hardcoded value
    - MINOR: spoe: Send a log message when an error occurred during event processing
    - MINOR: spoe: Check the scope of sample fetches used in SPOE messages
    - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer
    - MINOR: spoe: Use the min of all known max_frame_size to encode messages
    - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames
    - MINOR: spoe: Add support for fragmentation capability in the SPOA example
    - MAJOR: spoe: refactor the filter to clean up the code
    - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames
    - REORG: spoe: Move struct and enum definitions in dedicated header file
    - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file
    - MINOR: spoe: Improve implementation of the payload fragmentation
    - MINOR: spoe: Add support of negation for options in SPOE configuration file
    - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section
    - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing
    - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section
    - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section
    - DOC: spoe: Update SPOE documentation to reflect recent changes
    - MINOR: config: warn when some HTTP rules are used in a TCP proxy
    - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
    - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
    - BUG/MINOR: Fix "get map <map> <value>" CLI command
    - MINOR: Add nbsrv sample converter
    - CLEANUP: Replace repeated code to count usable servers with be_usable_srv()
    - MINOR: Add hostname sample fetch
    - CLEANUP: Remove comment that's no longer valid
    - MEDIUM: http_error_message: txn->status / http_get_status_idx.
    - MINOR: http-request tarpit deny_status.
    - CLEANUP: http: make http_server_error() not set the status anymore
    - MEDIUM: stats: Add JSON output option to show (info|stat)
    - MEDIUM: stats: Add show json schema
    - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
    - MINOR: server: Add dynamic session cookies.
    - MINOR: cli: Let configure the dynamic cookies from the cli.
    - BUG/MINOR: checks: attempt clean shutw for SSL check
    - CONTRIB: tcploop: make it build on FreeBSD
    - CONTRIB: tcploop: fix time format to silence build warnings
    - CONTRIB: tcploop: report action 'K' (kill) in usage message
    - CONTRIB: tcploop: fix connect's address length
    - CONTRIB: tcploop: use the trash instead of NULL for recv()
    - BUG/MEDIUM: listener: do not try to rebind another process' socket
    - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided.
    - CLEANUP: config: Typo in comment.
    - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
    - TESTS: add a test configuration to stress handshake combinations
    - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
    - BUG/MEDIUM: connection: ensure to always report the end of handshakes
    - MEDIUM: connection: don't test for CO_FL_WAKE_DATA
    - CLEANUP: connection: completely remove CO_FL_WAKE_DATA
    - BUG: payload: fix payload not retrieving arbitrary lengths
    - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility
    - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl
    - BUG/MAJOR: http: fix typo in http_apply_redirect_rule
    - MINOR: doc: 2.4. Examples should be 2.5. Examples
    - BUG/MEDIUM: stream: fix client-fin/server-fin handling
    - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
    - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
    - OPTIM: poll: enable support for POLLRDHUP
    - MINOR: kqueue: exclusively rely on the kqueue returned status
    - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy
    - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data
    - DOC/MINOR: Fix typos in proxy protocol doc
    - DOC: Protocol doc: add checksum, TLV type ranges
    - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
    - DOC: Protocol doc: add noop TLV
    - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
    - MINOR: dns: improve DNS response parsing to use as many available records as possible
    - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
    - MINOR: server: irrelevant error message with 'default-server' config file keyword.
    - MINOR: server: Make 'default-server' support 'backup' keyword.
    - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'non-stick' keyword.
    - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords.
    - MINOR: server: Make 'default-server' support 'check-ssl' keyword.
    - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords.
    - MINOR: server: Make 'default-server' support 'ssl' keyword.
    - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'verify' keyword.
    - MINOR: server: Make 'default-server' support 'verifyhost' setting.
    - MINOR: server: Make 'default-server' support 'check' keyword.
    - MINOR: server: Make 'default-server' support 'track' setting.
    - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings.
    - MINOR: server: Make 'default-server' support 'redir' keyword.
    - MINOR: server: Make 'default-server' support 'observe' keyword.
    - MINOR: server: Make 'default-server' support 'cookie' keyword.
    - MINOR: server: Make 'default-server' support 'ciphers' keyword.
    - MINOR: server: Make 'default-server' support 'tcp-ut' keyword.
    - MINOR: server: Make 'default-server' support 'namespace' keyword.
    - MINOR: server: Make 'default-server' support 'source' keyword.
    - MINOR: server: Make 'default-server' support 'sni' keyword.
    - MINOR: server: Make 'default-server' support 'addr' keyword.
    - MINOR: server: Make 'default-server' support 'disabled' keyword.
    - MINOR: server: Add 'no-agent-check' server keyword.
    - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings.
    - MINOR: doc: fix use-server example (imap vs mail)
    - BUG/MEDIUM: tcp: don't require privileges to bind to device
    - BUILD: make the release script use shortlog for the final changelog
    - BUILD: scripts: fix typo in announce-release error message
    - CLEANUP: time: curr_sec_ms doesn't need to be exported
    - BUG/MEDIUM: server: Wrong server default CRT filenames initialization.
    - BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
    - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
    - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
    - CLEANUP: http: Remove channel_congested function
    - CLEANUP: buffers: Remove buffer_bounce_realign function
    - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions
    - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request
    - MINOR: http: Add debug messages when HTTP body analyzers are called
    - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
    - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
    - DOC: fix parenthesis and add missing "Example" tags
    - DOC: update the contributing file
    - DOC: log-format/tcplog/httplog update
    - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections

2016/11/25 : 1.8-dev0

2016/11/25 : 1.7.0
    - SCRIPTS: make publish-release also copy the new SPOE doc
    - BUILD: http: include types/sample.h in proto_http.h
    - BUILD: debug/flags: remove test for SF_COMP_READY
    - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT
    - MINOR: lua: add function which return true if the channel is full.
    - MINOR: lua: add ip addresses and network manipulation function
    - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes
    - CONTRIB: tcploop: implement fork()
    - CONTRIB: tcploop: implement logging when called with -v
    - CONTRIB: tcploop: update the usage output
    - CONTRIB: tcploop: support sending plain strings
    - CONTRIB: tcploop: don't report failed send() or recv()
    - CONTRIB: tcploop: add basic loops via a jump instruction
    - BUG/MEDIUM: channel: bad unlikely macro
    - CLEANUP: lua: move comment
    - CLEANUP: lua: control executed twice
    - BUG/MEDIUM: ssl: Store certificate filename in a variable
    - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
    - CLEANUP: ssl: Remove goto after return dead code
    - CLEANUP: ssl: Fix bind keywords name in comments
    - DOC: ssl: Use correct wording for ca-sign-pass
    - CLEANUP: lua: avoid directly calling getsockname/getpeername()
    - BUG/MINOR: stick-table: handle out-of-memory condition gracefully
    - MINOR: cli: add private pointer and release function
    - MEDIUM: lua: Add cli handler for Lua
    - BUG/MEDIUM: connection: check the control layer before stopping polling
    - DEBUG: connection: mark the closed FDs with a value that is easier to detect
    - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
    - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
    - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
    - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams
    - MINOR: spoe: Add 'timeout processing' option to limit time to process an event
    - MINOR: spoe: Remove useless 'timeout ack' option
    - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section
    - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements
    - MINOR: spoe: Add "option set-on-error" statement
    - MINOR: stats: correct documentation of process ID for typed output
    - BUILD: contrib: fix ip6range build on Centos 7
    - BUILD: fix build on Solaris 10/11
    - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
    - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
    - BUG/MINOR: cli: wake up the CLI's task after a timeout update
    - MINOR: connection: add a few functions to report the data and xprt layers' names
    - MINOR: connection: add names for transport and data layers
    - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c
    - REORG: cli: split dumpstats.h in stats.h and cli.h
    - REORG: cli: move ssl CLI functions to ssl_sock.c
    - REORG: cli: move map and acl code to map.c
    - REORG: cli: move show stat resolvers to dns.c
    - MINOR: cli: create new function cli_has_level() to validate permissions
    - MINOR: server: create new function cli_find_server() to find a server
    - MINOR: proxy: create new function cli_find_frontend() to find a frontend
    - REORG: cli: move 'set server' to server.c
    - REORG: cli: move 'show pools' to memory.c
    - REORG: cli: move 'show servers' to proxy.c
    - REORG: cli: move 'show sess' to stream.c
    - REORG: cli: move 'show backend' to proxy.c
    - REORG: cli: move get/set weight to server.c
    - REORG: cli: move "show stat" to stats.c
    - REORG: cli: move "show info" to stats.c
    - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c
    - REORG: cli: move table dump/clear/set to stick_table.c
    - REORG: cli: move "show errors" out of cli.c
    - REORG: cli: make "show env" also use the generic keyword registration
    - REORG: cli: move "set timeout" to its own handler
    - REORG: cli: move "clear counters" to stats.c
    - REORG: cli: move "set maxconn global" to its own handler
    - REORG: cli: move "set maxconn server" to server.c
    - REORG: cli: move "set maxconn frontend" to proxy.c
    - REORG: cli: move "shutdown sessions server" to stream.c
    - REORG: cli: move "shutdown session" to stream.c
    - REORG: cli: move "shutdown frontend" to proxy.c
    - REORG: cli: move "{enable|disable} frontend" to proxy.c
    - REORG: cli: move "{enable|disable} server" to server.c
    - REORG: cli: move "{enable|disable} health" to server.c
    - REORG: cli: move "{enable|disable} agent" to server.c
    - REORG: cli: move the "set rate-limit" functions to their own parser
    - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_*
    - CLEANUP: cli: simplify the request parser a little bit
    - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers
    - BUILD: server: remove a build warning introduced by latest series
    - BUG/MINOR: log-format: uncatched memory allocation functions
    - CLEANUP: log-format: useless file and line in json converter
    - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var()
    - CLEANUP: log-format: fix return code of the function parse_logformat_var()
    - CLEANUP: log-format: fix return code of function parse_logformat_var_args()
    - CLEANUP: log-format: remove unused arguments
    - MEDIUM: log-format: strict parsing and enable fail
    - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code
    - BUILD: ssl: make the SSL layer build again with openssl 0.9.8
    - BUILD: vars: remove a build warning on vars.c
    - MINOR: lua: add utility function for check boolean argument
    - MINOR: lua: Add tokenize function.
    - BUG/MINOR: conf: calloc untested
    - MINOR: http/conf: store the use_backend configuration file and line for logs
    - MEDIUM: log-format: Use standard HAProxy log system to report errors
    - CLEANUP: sample: report "converter" instead of "conv method" in error messages
    - BUG: spoe: Fix parsing of SPOE actions in ACK frames
    - MINOR: cli: make "show stat" support a proxy name
    - MINOR: cli: make "show errors" support a proxy name
    - MINOR: cli: make "show errors" capable of dumping only request or response
    - BUG/MINOR: freq-ctr: make swrate_add() support larger values
    - CLEANUP: counters: move from 3 types to 2 types
    - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules
    - REORG: tcp-rules: move tcp rules processing to their own file
    - REORG: stkctr: move all the stick counters processing to stick-tables.c
    - DOC: update the roadmap file with the latest changes

2016/11/09 : 1.7-dev6
    - DOC: fix the entry for hash-balance-factor config option
    - DOC: Fix typo in description of `-st` parameter in man page
    - CLEANUP: cfgparse: Very minor spelling correction
    - MINOR: examples: Update haproxy.spec URLs to haproxy.org
    - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
    - BUG/MEDIUM: peers: fix use after free in peer_session_create()
    - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream
    - MINOR: peers: remove the pointer to the stream
    - BUG/MEDIUM: systemd-wrapper: return correct exit codes
    - DOC: stats: provide state details for show servers state
    - MEDIUM: tools: make str2ip2() preserve existing ports
    - CLEANUP: tools: make ipcpy() preserve the original port
    - OPTIM: http: move all http character classs tables into a single one
    - OPTIM: http: improve parsing performance of long header lines
    - OPTIM: http: improve parsing performance of long URIs
    - OPTIM: http: optimize lookup of comma and quote in header values
    - BUG/MEDIUM: srv-state: properly restore the DRAIN state
    - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
    - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot
    - BUG/MEDIUM: servers: properly propagate the maintenance states during startup
    - MEDIUM: wurfl: add Scientiamobile WURFL device detection module
    - DOC: move the device detection modules documentation to their own files
    - CLEANUP: wurfl: reduce exposure in the rest of the code
    - MEDIUM: ssl: Add support for OpenSSL 1.1.0
    - MINOR: stream: make option contstats usable again
    - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving
    - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK
    - MAJOR: server: postpone address resolution
    - MINOR: new srv_admin flag: SRV_ADMF_RMAINT
    - MINOR: server: indicate in the logs when RMAINT is cleared
    - MINOR: stats: indicate it when a server is down due to resolution
    - MINOR: server: make srv_set_admin_state() capable of telling why this happens
    - MINOR: dns: implement extra 'hold' timers.
    - MAJOR: dns: runtime resolution can change server admin state
    - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI
    - MEDIUM: server: add a new init-addr server line setting
    - MEDIUM: server: make use of init-addr
    - MINOR: server: implement init-addr none
    - MEDIUM: server: make libc resolution failure non-fatal
    - MINOR: server: add support for explicit numeric address in init-addr
    - DOC: add some documentation for the "init-addr" server keyword
    - MINOR: init: add -dr to ignore server address resolution failures
    - MEDIUM: server: do not restrict anymore usage of IP address from the state file
    - BUG: vars: Fix 'set-var' converter because of a typo
    - CLEANUP: remove last references to 'ruleset' section
    - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks
    - MINOR: filters: Update filters documentation accordingly to recent changes
    - MINOR: filters: Call stream_set_backend callbacks before updating backend stats
    - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams
    - MINOR: flt_trace: Add hexdump option to dump forwarded data
    - MINOR: cfgparse: Add functions to backup and restore registered sections
    - MINOR: cfgparse: Parse scope lines and save the last one parsed
    - REORG: sample: move code to release a sample expression in sample.c
    - MINOR: vars: Allow '.' in variable names
    - MINOR: vars: Add vars_set_by_name_ifexist function
    - MEDIUM: vars: Add a per-process scope for variables
    - MINOR: vars: Add 'unset-var' action/converter
    - MAJOR: spoe: Add an experimental Stream Processing Offload Engine
    - MINOR: spoe: add random ip-reputation service as SPOA example
    - MINOR: spoe/checks: Add support for SPOP health checks
    - DOC: update ROADMAP file

2016/10/25 : 1.7-dev5
    - MINOR: cfgparse: few memory leaks fixes.
    - MEDIUM: log: Decompose %Tq in %Th %Ti %TR
    - CLEANUP: logs: remove unused log format field definitions
    - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c
    - BUG/MAJOR: stream: properly mark the server address as unset on connect retry
    - CLEANUP: proto_http: Removing useless variable assignation
    - CLEANUP: dumpstats: Removing useless variables allocation
    - CLEANUP: dns: Removing usless variable & assignation
    - BUG/MINOR: payload: fix SSLv2 version parser
    - MINOR: cli: allow the semi-colon to be escaped on the CLI
    - MINOR: cli: change a server health check port through the stats socket
    - BUG/MINOR: Fix OSX compilation errors
    - MAJOR: check: find out which port to use for health check at run time
    - MINOR: server: introduction of 3 new server flags
    - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT
    - MINOR: cli: ability to change a server's port
    - CLEANUP/MINOR dns: comment do not follow up code update
    - MINOR: chunk: new strncat function
    - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value
    - MINOR: dns: new MAX values
    - MINOR: dns: new macro to compute DNS header size
    - MINOR: dns: new DNS structures to store received packets
    - MEDIUM: dns: new DNS response parser
    - MINOR: dns: query type change when last record is a CNAME
    - MINOR: dns: proper domain name validation when receiving DNS response
    - MINOR: dns: comments in types/dns.h about structures endianness
    - BUG/MINOR: displayed PCRE version is running release
    - MINOR: show Built with PCRE version
    - MINOR: show Running on zlib version
    - MEDIUM: make SO_REUSEPORT configurable
    - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections
    - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing
    - BUG/MINOR: stats: report the correct conn_time in backend's html output
    - BUG/MEDIUM: dns: don't randomly crash on out-of-memory
    - MINOR: Add fe_req_rate sample fetch
    - MEDIUM: peers: Fix a peer stick-tables synchronization issue.
    - MEDIUM: cli: register CLI keywords with cli_register_kw()
    - BUILD: Make use of accept4() on OpenBSD.
    - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative
    - DOC: fix missed entry for "set-{src,dst}{,-port}"
    - BUG/MINOR: vars: use sess and not s->sess in action_store()
    - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
    - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
    - MINOR: stats: output dcon
    - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4
    - MINOR: counters: add new fields for denied_sess
    - MEDIUM: tcp: add registration and processing of TCP L5 rules
    - MINOR: stats: emit dses
    - DOC: document tcp-request session
    - MINOR: ssl: add debug traces
    - BUILD/CLEANUP: ssl: Check BIO_reset() return code
    - BUG/MINOR: ssl: Check malloc return code
    - BUG/MINOR: ssl: prevent multiple entries for the same certificate
    - BUG/MINOR: systemd: make the wrapper return a non-null status code on error
    - BUG/MINOR: systemd: always restore signals before execve()
    - BUG/MINOR: systemd: check return value of calloc()
    - MINOR: systemd: report it when execve() fails
    - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
    - MINOR: proxy: add 'served' field to proxy, equal to total of all servers'
    - MINOR: backend: add hash-balance-factor option for hash-type consistent
    - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target
    - MEDIUM: server: Implement bounded-load hash algorithm
    - SCRIPTS: make git-show-backports also dump a "git show" command
    - MINOR: build: Allow linking to device-atlas library file
    - MINOR: stats: Escape equals sign on socket dump

2016/08/14 : 1.7-dev4
    - MINOR: add list_append_word function
    - MEDIUM: init: use list_append_word in haproxy.c
    - MEDIUM: init: allow directory as argument of -f
    - CLEANUP: config: detect double registration of a config section
    - MINOR: log: add the %Td log-format specifier
    - MEDIUM: filters: Move HTTP headers filtering in its own callback
    - MINOR: filters: Simplify calls to analyzers using 2 new macros
    - MEDIUM: filters: Add pre and post analyzer callbacks
    - DOC: filters: Update the filters documentation accordingly to recent changes
    - BUG/MEDIUM: init: don't use environment locale
    - SCRIPTS: teach git-show-backports how to report upstream commits
    - SCRIPTS: make git-show-backports capable of limiting its history
    - BUG/MAJOR: fix listening IP address storage for frontends
    - BUG/MINOR: fix listening IP address storage for frontends (cont)
    - DOC: Fix typo so fetch is properly parsed by Cyril's converter
    - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
    - BUG/MEDIUM: stick-tables: fix breakage in table converters
    - MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY
    - BUG/MEDIUM: dns: unbreak DNS resolver after header fix
    - BUILD: fix build on Solaris 11
    - BUG/MEDIUM: config: fix multiple declaration of section parsers
    - BUG/MEDIUM: stats: show servers state may show an servers from another backend
    - BUG/MEDIUM: fix risk of segfault with "show tls-keys"
    - MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets
    - DOC: update doc about tls-tickets-keys dump
    - MEDIUM: tcp: add 'set-src' to 'tcp-request connection'
    - MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src'
    - MEDIUM: tcp/http: add 'set-src-port' action
    - MEDIUM: tcp/http: new set-dst/set-dst-port actions
    - BUG/MEDIUM: sticktables: segfault in some configuration error cases
    - BUILD/MEDIUM: rebuild everything when an include file is changed
    - BUILD/MEDIUM: force a full rebuild if some build options change
    - BUG/MEDIUM: lua: converters doesn't work
    - BUG/MINOR: http: add-header: header name copied twice
    - BUG/MEDIUM: http: add-header: buffer overwritten
    - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
    - MINOR: stream: export the function 'smp_create_src_stkctr'
    - BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
    - MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump
    - BUG/MINOR: http: url32+src should use the big endian version of url32
    - BUG/MINOR: http: url32+src should check cli_conn before using it
    - DOC: http: add documentation for url32 and url32+src
    - BUG/MINOR: fix http-response set-log-level parsing error
    - MINOR: systemd: Use variable for config and pidfile paths
    - MINOR: systemd: Perform sanity check on config before reload
    - MEDIUM: ssl: support SNI filters with multicerts
    - MINOR: ssl: crt-list parsing factor
    - BUILD: ssl: fix typo causing a build failure in the multicert patch
    - MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword
    - MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4"
    - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
    - BUG/MINOR: init: ensure that FD limit is raised to the max allowed
    - BUG/MEDIUM: external-checks: close all FDs right after the fork()
    - BUG/MAJOR: external-checks: use asynchronous signal delivery
    - BUG/MINOR: external-checks: do not unblock undesired signals
    - CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list
    - BUG/MEDIUM: filters: Fix data filtering when data are modified
    - BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
    - BUG/MINOR: srv-state: fix incorrect output of state file
    - BUG/MINOR: ssl: close ssl key file on error
    - BUG/MINOR: http: fix misleading error message for response captures
    - BUG/BUILD: don't automatically run "make" on "make install"
    - DOC: add missing doc for http-request deny [deny_status <status>]
    - CLEANUP: dumpstats: u64 field is an unsigned type.
    - BUG/MEDIUM: http: unbreak uri/header/url_param hashing
    - BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes
    - MINOR: new function my_realloc2 = realloc + free upon failure
    - CLEANUP: fixed some usages of realloc leading to memory leak
    - Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
    - CLEANUP: connection: using internal struct to hold source and dest port.
    - DOC: spelling fixes
    - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
    - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
    - BUG/MINOR: Fix endiness issue in DNS header creation code
    - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
    - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
    - MEDIUM: http: implement http-response track-sc* directive
    - BUG/MINOR: peers: Fix peers data decoding issue
    - BUG/MINOR: peers: don't count track-sc multiple times on errors
    - MINOR: standard: add function "escape_string"
    - BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk"
    - MINOR: tcp: Return TCP statistics like RTT and RTT variance
    - DOC: lua: remove old functions
    - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
    - DOC: fix json converter example and error message
    - BUG/MEDIUM: stream-int: completely detach connection on connect error
    - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
    - BUILD: make proto_tcp.c compatible with musl library
    - BUG/MAJOR: compression: initialize avail_in/next_in even during flush
    - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
    - MINOR: sample: implement smp_is_safe() and smp_make_safe()
    - MINOR: sample: provide smp_is_rw() and smp_make_rw()
    - BUG/MAJOR: server: the "sni" directive could randomly cause trouble
    - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
    - BUG/MEDIUM: stick-table: properly convert binary samples to keys
    - MINOR: sample: use smp_make_rw() in upper/lower converters
    - MINOR: tcp: add dst_is_local and src_is_local
    - BUG/MINOR: peers: some updates are pushed twice after a resync.
    - BUILD: protocol: fix some build errors on OpenBSD
    - BUILD: log: iovec requires to include sys/uio.h on OpenBSD
    - BUILD: tcp: do not include netinet/ip.h for IP_TTL
    - BUILD: connection: fix build breakage on openbsd due to missing in_systm.h
    - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD
    - BUILD: tcp: define SOL_TCP when only IPPROTO_TCP exists
    - BUILD: compression: remove a warning when no compression lib is used
    - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
    - MINOR: tcp: add further tcp info fetchers
    - BUG/MINOR: peers: empty chunks after a resync.
    - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
    - MINOR: standard.c: ipcmp() function to compare 2 IP addresses stored in 2 struct sockaddr_storage
    - MINOR: standard.c: ipcpy() function to copy an IP address from a struct sockaddr_storage into an other one
    - MAJOR: listen section: don't use first bind port anymore when no server ports are provided

2016/05/10 : 1.7-dev3
    - MINOR: sample: Moves ARGS underlying type from 32 to 64 bits.
    - BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted
    - BUILD: namespaces: fix a potential build warning in namespaces.c
    - MINOR: da: Using ARG12 macro for the sample fetch and the convertor.
    - DOC: add encoding to json converter example
    - BUG/MINOR: conf: "listener id" expects integer, but its not checked
    - DOC: Clarify tunes.vars.xxx-max-size settings
    - CLEANUP: chunk: adding NULL check to chunk_dup allocation.
    - CLEANUP: connection: fix double negation on memcmp()
    - BUG/MEDIUM: peers: fix incorrect age in frequency counters
    - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
    - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
    - BUG/MINOR: lua: can't load external libraries
    - BUG/MINOR: prevent the dump of uninitialized vars
    - CLEANUP: map: it seems that the map were planed to be chained
    - MINOR: lua: move class registration facilities
    - MINOR: lua: remove some useless checks
    - CLEANUP: lua: Remove two same functions
    - MINOR: lua: refactor the Lua object registration
    - MINOR: lua: precise message when a critical error is catched
    - MINOR: lua: post initialization
    - MINOR: lua: Add internal function which strip spaces
    - MINOR: lua: convert field to lua type
    - DOC: "addr" parameter applies to both health and agent checks
    - DOC: timeout client: pointers to timeout http-request
    - DOC: typo on stick-store response
    - DOC: stick-table: amend paragraph blaming the loss of table upon reload
    - DOC: typo: ACL subdir match
    - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size
    - DOC: regsub: parser limitation about the inability to use closing square brackets
    - DOC: typo: req.uri is now replaced by capture.req.uri
    - DOC: name set-gpt0 mismatch with the expected keyword
    - MINOR: http: sample fetch which returns unique-id
    - MINOR: dumpstats: extract stats fields enum and names
    - MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts
    - MINOR: dumpstats: split stats_dump_fe_stats() in two parts
    - MINOR: dumpstats: split stats_dump_li_stats() in two parts
    - MINOR: dumpstats: split stats_dump_sv_stats() in two parts
    - MINOR: dumpstats: split stats_dump_be_stats() in two parts
    - MINOR: lua: dump general info
    - MINOR: lua: add class proxy
    - MINOR: lua: add class server
    - MINOR: lua: add class listener
    - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state.
    - MEDIUM: proxy: use dynamic allocation for error dumps
    - CLEANUP: remove unneeded casts
    - CLEANUP: uniformize last argument of malloc/calloc
    - DOC: fix "needed" typo
    - BUG/MINOR: dumpstats: fix write to global chunk
    - BUG/MINOR: dns: inapropriate way out after a resolution timeout
    - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout
    - CLEANUP: proto_http: few corrections for gcc warnings.
    - BUG/MINOR: DNS: resolution structure change
    - BUG/MINOR : allow to log cookie for tarpit and denied request
    - BUG/MEDIUM: ssl: rewind the BIO when reading certificates
    - OPTIM/MINOR: session: abort if possible before connecting to the backend
    - DOC: http: rename the unique-id sample and add the documentation
    - BUG/MEDIUM: trace.c: rdtsc() is defined in two files
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try)
    - BUG/MINOR: server: risk of over reading the pref_net array.
    - BUG/MINOR: cfgparse: couple of small memory leaks.
    - BUG/MEDIUM: sample: initialize the pointer before parse_binary call.
    - DOC: fix discrepancy in the example for http-request redirect
    - MINOR: acl: Add predefined METH_DELETE, METH_PUT
    - CLEANUP: .gitignore cleanup
    - DOC: Clarify IPv4 address / mask notation rules
    - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept()
    - BUG/MEDIUM: fix maxaccept computation on per-process listeners
    - BUG/MINOR: listener: stop unbound listeners on startup
    - BUG/MINOR: fix maxaccept computation according to the frontend process range
    - TESTS: add blocksig.c to run tests with all signals blocked
    - MEDIUM: unblock signals on startup.
    - MINOR: filters: Print the list of existing filters during HA startup
    - MINOR: filters: Typo in an error message
    - MINOR: filters: Filters must define the callbacks struct during config parsing
    - DOC: filters: Add filters documentation
    - BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
    - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
    - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode
    - MINOR: Add ability for agent-check to set server maxconn
    - CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates
    - MINOR: filters: add opaque data
    - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches.
    - MINOR: lua: migrate the argument mask to 64 bits type.
    - BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats
    - BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ>
    - BUG/MEDIUM: http: fix incorrect reporting of server errors
    - MINOR: channel: add new function channel_congested()
    - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
    - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
    - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
    - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
    - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result
    - BUG/MEDIUM: stats: show backend may show an empty or incomplete result
    - MINOR: stats: fix typo in help messages
    - MINOR: stats: show stat resolvers missing in the help message
    - BUG/MINOR: dns: fix DNS header definition
    - BUG/MEDIUM: dns: fix alignment issue when building DNS queries
    - CLEANUP: don't ignore scripts in .gitignore
    - BUILD: add a few release and backport scripts in scripts/

2016/03/14 : 1.7-dev2
    - DOC: lua: fix lua API
    - DOC: mailers: typo in 'hostname' description
    - DOC: compression: missing mention of libslz for compression algorithm
    - BUILD/MINOR: regex: missing header
    - BUG/MINOR: stream: bad return code
    - DOC: lua: fix somme errors and add implicit types
    - MINOR: lua: add set/get priv for applets
    - BUG/MINOR: http: fix several off-by-one errors in the url_param parser
    - BUG/MINOR: http: Be sure to process all the data received from a server
    - MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose
    - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
    - DOC: ssl: fixed some formatting errors in crt tag
    - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
    - MINOR: chunks: add chunk_strcat() and chunk_newstr()
    - MINOR: chunk: make chunk_initstr() take a const string
    - MEDIUM: tools: add csv_enc_append() to preserve the original chunk
    - MINOR: tools: make csv_enc_append() always start at the first byte of the chunk
    - MINOR: lru: new function to delete <nb> least recently used keys
    - DOC: add Ben Shillito as the maintainer of 51d
    - BUG/MINOR: 51d: Ensures a unique domain for each configuration
    - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices.
    - BUG/MINOR: 51d: Releases workset back to pool.
    - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
    - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc.
    - MINOR: rename master process name in -Ds (systemd mode)
    - DOC: fix a few spelling mistakes
    - DOC: fix "workaround" spelling
    - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files
    - MINOR: fix the return type for dns_response_get_query_id() function
    - MINOR: server state: missing LF (\n) on error message printed when parsing server state file
    - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver
    - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server
    - BUG/MEDIUM: servers state: server port is used uninitialized
    - BUG/MEDIUM: config: Adding validation to stick-table expire value.
    - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space.
    - MEDIUM: pools: add a new flag to avoid rounding pool size up
    - BUG/MEDIUM: buffers: do not round up buffer size during allocation
    - BUG/MINOR: stream: don't force retries if the server is DOWN
    - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table
    - MINOR: unix: don't mention free ports on EAGAIN
    - BUG/CLEANUP: CLI: report the proper field states in "show sess"
    - MINOR: stats: send content-length with the redirect to allow keep-alive
    - BUG: stream_interface: Reuse connection even if the output channel is empty
    - DOC: remove old tunnel mode assumptions
    - BUG/MAJOR: http-reuse: fix risk of orphaned connections
    - BUG/MEDIUM: http-reuse: do not share private connections across backends
    - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
    - BUG/MINOR: stats: fix missing comma in stats on agent drain
    - MAJOR: filters: Add filters support
    - MINOR: filters: Do not reset stream analyzers if the client is gone
    - REORG: filters: Prepare creation of the HTTP compression filter
    - MAJOR: filters/http: Rewrite the HTTP compression as a filter
    - MEDIUM: filters: Use macros to call filters callbacks to speed-up processing
    - MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end
    - MEDIUM: filters: Replace filter_http_headers callback by an analyzer
    - MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions
    - MINOR: filters: Add stream_filters structure to hide filters info
    - MAJOR: filters: Require explicit registration to filter HTTP body and TCP data
    - MINOR: filters: Remove unused or useless stuff and do small optimizations
    - MEDIUM: filters: Optimize the HTTP compression for chunk encoded response
    - MINOR: filters/http: Slightly update the parsing of chunks
    - MINOR: filters/http: Forward remaining data when a channel has no "data" filters
    - MINOR: filters: Add an filter example
    - MINOR: filters: Extract proxy stuff from the struct filter
    - MINOR: map: Add regex matching replacement
    - BUG/MINOR: lua: unsafe initialization
    - DOC: lua: fix somme errors
    - MINOR: lua: file dedicated to unsafe functions
    - MINOR: lua: add "now" time function
    - MINOR: standard: add RFC HTTP date parser
    - MINOR: lua: Add date functions
    - MINOR: lua: move common function
    - MINOR: lua: merge function
    - MINOR: lua: Add concat class
    - MINOR: standard: add function "escape_chunk"
    - MEDIUM: log: add a new log format flag "E"
    - DOC: add server name at rate-limit sessions example
    - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
    - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
    - DOC: LUA: fix some typos and syntax errors
    - MINOR: cli: add a new "show env" command
    - MEDIUM: config: allow to manipulate environment variables in the global section
    - MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers
    - MINOR: mailers: increase default timeout to 10 seconds
    - MINOR: mailers: use <CRLF> for all line endings
    - BUG/MAJOR: lua: segfault using Concat object
    - DOC: lua: copyrights
    - MINOR: common: mask conversion
    - MEDIUM: dns: extract options
    - MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network
    - MINOR: mailers: make it possible to configure the connection timeout
    - BUG/MAJOR: lua: applets can't sleep.
    - BUG/MINOR: server: some prototypes are renamed
    - BUG/MINOR: lua: Useless copy
    - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
    - BUG/MINOR: server: fix the format of the warning on address change
    - CLEANUP: server: add "const" to some message strings
    - MINOR: server: generalize the "updater" source
    - BUG/MEDIUM: chunks: always reject negative-length chunks
    - BUG/MINOR: systemd: ensure we don't miss signals
    - BUG/MINOR: systemd: report the correct signal in debug message output
    - BUG/MINOR: systemd: propagate the correct signal to haproxy
    - MINOR: systemd: ensure a reload doesn't mask a stop
    - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
    - CLEANUP: stats: Avoid computation with uninitialized bits.
    - CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
    - CLEANUP: map: Avoid memory leak in out-of-memory condition.
    - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
    - BUG/MAJOR: samples: check smp->strm before using it
    - MINOR: sample: add a new helper to initialize the owner of a sample
    - MINOR: sample: always set a new sample's owner before evaluating it
    - BUG/MAJOR: vars: always retrieve the stream and session from the sample
    - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer
    - BUG/MINOR: ssl: fix usage of the various sample fetch functions
    - MINOR: stats: create fields types suitable for all CSV output data
    - MINOR: stats: add all the "show info" fields in a table
    - MEDIUM: stats: fill all the show info elements prior to displaying them
    - MINOR: stats: add a function to emit fields into a chunk
    - MINOR: stats: add stats_dump_info_fields() to dump one field per line
    - MEDIUM: stats: make use of stats_dump_info_fields() for "show info"
    - MINOR: stats: add a declaration of all stats fields
    - MINOR: stats: don't hard-code the CSV fields list anymore
    - MINOR: stats: create stats fields storage and CSV dump function
    - MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML
    - MEDIUM: stats: move the server state coloring logic to the server dump function
    - MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps
    - MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps
    - MINOR: stats: make CSV report server check status only when enabled
    - MINOR: stats: only report backend's down time if it has servers
    - MINOR: stats: prepend '*' in front of the check status when in progress
    - MINOR: stats: make HTML stats dump rely on the table for the check status
    - MINOR: stats: add agent_status, agent_code, agent_duration to output
    - MINOR: stats: add check_desc and agent_desc to the output fields
    - MINOR: stats: add check and agent's health values in the output
    - MEDIUM: stats: make the HTML server state dump use the CSV states
    - MEDIUM: stats: only report observe errors when observe is set
    - MEDIUM: stats: expose the same flags for CLI and HTTP accesses
    - MEDIUM: stats: report server's address in the CSV output
    - MEDIUM: stats: report the cookie value in the server & backend CSV dumps
    - MEDIUM: stats: compute the color code only in the HTML form
    - MEDIUM: stats: report the listeners' address in the CSV output
    - MEDIUM: stats: make it possible to report the WAITING state for listeners
    - REORG: stats: dump the frontend's HTML stats via a generic function
    - REORG: stats: dump the socket stats via the generic function
    - REORG: stats: dump the server stats via the generic function
    - REORG: stats: dump the backend stats via the generic function
    - MEDIUM: stats: add a new "mode" column to report the proxy mode
    - MINOR: stats: report the load balancing algorithm in CSV output
    - MINOR: stats: add 3 fields to report the frontend-specific connection stats
    - MINOR: stats: report number of intercepted requests for frontend and backends
    - MINOR: stats: introduce stats_dump_one_line() to dump one stats line
    - CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore
    - MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags
    - MINOR: stats: make stats_dump_fields_html() not use &trash by default
    - MINOR: stats: add functions to emit typed fields into a chunk
    - MEDIUM: stats: support "show info typed" on the CLI
    - MEDIUM: stats: implement a typed output format for stats
    - DOC: document the "show info typed" and "show stat typed" output formats
    - MINOR: cfgparse: warn when uid parameter is not a number
    - MINOR: cfgparse: warn when gid parameter is not a number
    - BUG/MINOR: standard: Avoid free of non-allocated pointer
    - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
    - CLEANUP: http: fix a build warning introduced by a recent fix
    - BUG/MINOR: log: GMT offset not updated when entering/leaving DST

2015/12/20 : 1.7-dev1
    - DOC: specify that stats socket doc (section 9.2) is in management
    - BUILD: install only relevant and existing documentation
    - CLEANUP: don't ignore debian/ directory if present
    - BUG/MINOR: dns: parsing error of some DNS response
    - BUG/MEDIUM: namespaces: don't fail if no namespace is used
    - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
    - MEDIUM: dns: Don't use the ANY query type
    - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
    - DOC: fix a typo for a "deviceatlas" keyword
    - FIX: small typo in an example using the "Referer" header
    - MINOR: cli: ability to set per-server maxconn
    - DEBUG/MINOR: memory: add a build option to disable memory pools sharing
    - DEBUG/MEDIUM: memory: optionally protect free data in pools
    - DEBUG/MEDIUM: memory: add optional control pool memory operations
    - MEDIUM: memory: add accounting for failed allocations
    - BUG/MEDIUM: config: count memory limits on 64 bits, not 32
    - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop
    - BUG/MINOR: dns: unable to parse CNAMEs response
    - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check()
    - DOC: deviceatlas: more example use cases.
    - MINOR: config: allow IPv6 bracketed literals
    - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
    - BUILD: add Haiku as supported target.
    - BUG/MAJOR: http: don't requeue an idle connection that is already queued
    - DOC: typo on capture.res.hdr and capture.req.hdr
    - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing
    - CLEANUP: use direction names in place of numeric values
    - BUG/MEDIUM: lua: sample fetches based on response doesn't work
    - MINOR: check: add agent-send server parameter
    - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id
    - BUG/MINOR: server: check return value of fgets() in apply_server_state()
    - BUG/MINOR: acl: don't use record layer in req_ssl_ver
    - BUILD: freebsd: double declaration
    - BUG/MEDIUM: lua: clean output buffer
    - BUILD: check for libressl to be able to build against it
    - DOC: lua-api/index.rst small example fixes, spelling correction.
    - DOC: lua: architecture and first steps
    - DOC: relation between timeout http-request and option http-buffer-request
    - BUILD: Make deviceatlas require PCRE
    - BUG: http: do not abort keep-alive connections on server timeout
    - BUG/MEDIUM: http: switch the request channel to no-delay once done.
    - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
    - BUILD/MINOR: http: proto_http.h needs sample.h
    - BUG/MEDIUM: http: don't enable auto-close on the response side
    - BUG/MEDIUM: stream: fix half-closed timeout handling
    - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB
    - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
    - BUG/MEDIUM: sample: urlp can't match an empty value
    - BUILD: dumpstats: silencing warning for printf format specifier / time_t
    - CLEANUP: proxy: calloc call inverted arguments
    - MINOR: da: silent logging by default and displaying DeviceAtlas support if built.
    - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input.
    - DOC: Edited 51Degrees section of README/
    - BUG/MEDIUM: checks: email-alert not working when declared in defaults
    - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured
    - BUG/MINOR: checks: typo in an email-alert error message
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT
    - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
    - DOC: prefer using http-request/response over reqXXX/rspXXX directives
    - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
    - MINOR: ssl: Added cert_key_and_chain struct
    - MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs
    - MINOR: ssl: Added multi cert support for crt-list config keyword
    - MEDIUM: ssl: Added multi cert support for loading crt directories
    - MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling
    - BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2
    - MINOR: config: make tune.recv_enough configurable
    - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced
    - DOC: ssl: Adding docs for Multi-Cert bundling
    - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
    - BUG/MEDIUM: peers: old stick table updates could be repushed.
    - MINOR: lua: service/applet can have access to the HTTP headers when a POST is received
    - REORG/MINOR: lua: convert boolean "int" to bitfield
    - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
    - BUG/MINOR: lua: Lua applets must not use http_txn
    - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
    - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
    - CLEANUP: lua: bad error messages
    - CONTRIB: initiate a debugging suite to make debugging easier

2015/10/13 : 1.7-dev0
    - exact copy of 1.6.0

2015/10/13 : 1.6.0
    - BUG/MINOR: Handle interactive mode in cli handler
    - DOC: global section missing parameters
    - DOC: backend section missing parameters
    - DOC: stats paramaters available in frontend
    - MINOR: lru: do not allocate useless memory in lru64_lookup
    - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
    - BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
    - MINOR: ssl: Release Servers SSL context when HAProxy is shut down
    - MINOR: ssl: Read the file used to generate certificates in any order
    - MINOR: ssl: Add support for EC for the CA used to sign generated certificates
    - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
    - BUG/MEDIUM: logs: fix time zone offset format in RFC5424
    - BUILD: Fix the build on OSX (htonll/ntohll)
    - BUILD: enable build on Linux/s390x
    - BUG/MEDIUM: lua: direction test failed
    - MINOR: lua: fix a spelling error in some error messages
    - CLEANUP: cli: ensure we can never double-free error messages
    - BUG/MEDIUM: lua: force server-close mode on Lua services
    - MEDIUM: init: support more command line arguments after pid list
    - MEDIUM: init: support a list of files on the command line
    - MINOR: debug: enable memory poisonning to use byte 0
    - BUILD: ssl: fix build error introduced by recent commit
    - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
    - MEDIUM: server: implement TCP_USER_TIMEOUT on the server
    - DOC: mention the "namespace" options for bind and server lines
    - DOC: add the "management" documentation
    - DOC: move the stats socket documentation from config to management
    - MINOR: examples: update haproxy.spec to mention new docs
    - DOC: mention management.txt in README
    - DOC: remove haproxy-{en,fr}.txt
    - BUILD: properly report when USE_ZLIB and USE_SLZ are used together
    - MINOR: init: report use of libslz instead of "no compression"
    - CLEANUP: examples: remove some obsolete and confusing files
    - CLEANUP: examples: remove obsolete configuration file samples
    - CLEANUP: examples: fix the example file content-sw-sample.cfg
    - CLEANUP: examples: update sample file option-http_proxy.cfg
    - CLEANUP: examples: update sample file ssl.cfg
    - CLEANUP: tests: move a test file from examples/ to tests/
    - CLEANUP: examples: shut up warnings in transparent proxy example
    - CLEANUP: tests: removed completely obsolete test files
    - DOC: update ROADMAP to remove what was done in 1.6
    - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id

2015/10/06 : 1.6-dev7
    - MINOR: cli: Dump all resolvers stats if no resolver section is given
    - BUG: config: external-check command validation is checking for incorrect arguments.
    - DOC: documentation format cleanups
    - DOC: lua: few typos.
    - BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy
    - BUG/MEDIUM: logs: segfault writing to log from Lua
    - DOC: fix lua use-service example
    - MINOR: payload: add support for tls session ticket ext
    - MINOR: lua: remove the run flag
    - MEDIUM: lua: change the timeout execution
    - MINOR: lua: rename the tune.lua.applet-timeout
    - DOC: lua: update Lua doc
    - DOC: lua: update doc according with the last Lua changes
    - MINOR: http/tcp: fill the avalaible actions
    - DOC: reorder misplaced res.ssl_hello_type in the doc
    - BUG/MINOR: tcp: make silent-drop always force a TCP reset
    - CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled
    - BUILD: tcp: use IPPROTO_IP when SOL_IP is not available
    - BUILD: server: fix build warnings introduced by load-server-state
    - BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings

2015/09/28 : 1.6-dev6
    - BUG/MAJOR: can't enable a server through the stat socket
    - MINOR: server: Macro definition for server-state
    - MINOR: cli: new stats socket command: show servers state
    - DOC: stats socket command: show servers state
    - MINOR: config: new global directive server-state-base
    - DOC: global directive server-state-base
    - MINOR: config: new global section directive: server-state-file
    - DOC: new global directive: server-state-file
    - MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name
    - DOC: load-server-state-from-file
    - MINOR: init: server state loaded from file
    - MINOR: server: startup slowstart task when using seamless reload of HAProxy
    - MINOR: cli: new stats socket command: show backend
    - DOC: servers state seamless reload example
    - BUG: dns: can't connect UDP socket on FreeBSD
    - MINOR: cfgparse: New function cfg_unregister_sections()
    - MINOR: chunk: New function free_trash_buffers()
    - BUG/MEDIUM: main: Freeing a bunch of static pointers
    - MINOR: proto_http: Externalisation of previously internal functions
    - MINOR: global: Few new struct fields for da module
    - MAJOR: da: Update of the DeviceAtlas API module
    - DOC: DeviceAtlas new keywords
    - DOC: README: DeviceAtlas sample configuration updates
    - MEDIUM: log: replace sendto() with sendmsg() in __send_log()
    - MEDIUM: log: use a separate buffer for the header and for the message
    - MEDIUM: logs: remove the hostname, tag and pid part from the logheader
    - MEDIUM: logs: add support for RFC5424 header format per logger
    - MEDIUM: logs: add a new RFC5424 log-format for the structured-data
    - DOC: mention support for the RFC5424 syslog message format
    - MEDIUM: logs: have global.log_send_hostname not contain the trailing space
    - MEDIUM: logs: pass the trailing "\n" as an iovec
    - BUG/MEDIUM: peers: some table updates are randomly not pushed.
    - BUG/MEDIUM: peers: same table updates re-pushed after a re-connect
    - BUG/MINOR: fct peer_prepare_ackmsg should not use trash.
    - MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions
    - MINOR: global: Added new fields for 51Degrees device detection
    - DOC: Added more explanation for 51Degrees V3.2
    - BUILD: Changed 51Degrees option to support V3.2
    - MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features
    - MINOR: 51d: Improved string handling for LRU cache
    - DOC: add references to rise/fall for the fastinter explanation
    - MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD
    - BUG/MAJOR: lua: potential unexpected aborts()
    - BUG/MINOR: lua: breaks the log message if his size exceed one buffer
    - MINOR: action: add private configuration
    - MINOR: action: add reference to the original keywork matched for the called parser.
    - MINOR: lua: change actions registration
    - MEDIUM: proto_http: smp_prefetch_http initialize txn
    - MINOR: channel: rename function chn_sess to chn_strm
    - CLEANUP: lua: align defines
    - MINOR: http: export http_get_path() function
    - MINOR: http: export the get_reason() function
    - MINOR: http: export function http_msg_analyzer()
    - MINOR: http: split initialization
    - MINOR: lua: reset pointer after use
    - MINOR: lua: identify userdata objects
    - MEDIUM: lua: use the function lua_rawset in place of lua_settable
    - BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action.
    - CLEANUP: lua: use calloc in place of malloc
    - BUG/MEDIUM: lua: longjmp function must be unregistered
    - BUG/MEDIUM: lua: forces a garbage collection
    - BUG/MEDIUM: lua: wakeup task on bad conditions
    - MINOR: standard: avoid DNS resolution from the function str2sa_range()
    - MINOR: lua: extend socket address to support non-IP families
    - MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup
    - BUG/MEDIUM: lua: socket destroy before reading pending data
    - MEDIUM: lua: change the GC policy
    - OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket
    - BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume
    - MINOR: applet: add init function
    - MINOR: applet: add an execution timeout
    - MINOR: stream/applet: add use-service action
    - MINOR: lua: add AppletTCP class and service
    - MINOR: lua: add AppletHTTP class and service
    - DOC: lua: some documentation update
    - DOC: add the documentation about internal circular lists
    - DOC: add a CONTRIBUTING file
    - DOC: add a MAINTAINERS file
    - BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes
    - DOC: update coding-style to reference checkpatch.pl
    - BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries
    - BUG/MINOR: args: add name for ARGT_VAR
    - DOC: add more entries to MAINTAINERS
    - DOC: add more entries to MAINTAINERS
    - CLEANUP: stream-int: remove obsolete function si_applet_call()
    - BUG/MAJOR: cli: do not dereference strm_li()->proto->name
    - BUG/MEDIUM: http: do not dereference strm_li(stream)
    - BUG/MEDIUM: proxy: do not dereference strm_li(stream)
    - BUG/MEDIUM: stream: do not dereference strm_li(stream)
    - MINOR: stream-int: use si_release_endpoint() to close idle conns
    - BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers
    - BUG/MEDIUM: acl: always accept match "found"
    - MINOR: applet: rename applet_runq to applet_active_queue
    - BUG/MAJOR: applet: use a separate run queue to maintain list integrity
    - MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts
    - MINOR: stream-int: implement a new stream_int_update() function
    - MEDIUM: stream-int: factor out the stream update functions
    - MEDIUM: stream-int: call stream_int_update() from si_update()
    - MINOR: stream-int: export stream_int_update_*
    - MINOR: stream-int: move the applet_pause call out of the stream updates
    - MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb
    - MINOR: stream-int: implement the stream_int_notify() function
    - MEDIUM: stream-int: use the same stream notification function for applets and conns
    - MEDIUM: stream-int: completely remove stream_int_update_embedded()
    - MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb()
    - BUG/MEDIUM: applet: fix reporting of broken write situation
    - BUG/MINOR: stats: do not call cli_release_handler 3 times
    - BUG/MEDIUM: cli: properly handle closed output
    - MINOR: cli: do not call the release handler on internal error.
    - BUG/MEDIUM: stream-int: avoid double-call to applet->release
    - DEBUG: add p_malloc() to return a poisonned memory area
    - CLEANUP: lua: remove unneeded memset(0) after calloc()
    - MINOR: lua: use the proper applet wakeup mechanism
    - BUG/MEDIUM: lua: better fix for the protocol check
    - BUG/MEDIUM: lua: properly set the target on the connection
    - MEDIUM: actions: pass a new "flags" argument to custom actions
    - MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call
    - MEDIUM: http: pass ACT_FLAG_FINAL to custom actions
    - MEDIUM: lua: only allow actions to yield if not in a final call
    - DOC: clarify how to make use of abstract sockets in socat
    - CLEANUP: config: make the errorloc/errorfile messages less confusing
    - MEDIUM: action: add a new flag ACT_FLAG_FIRST
    - BUG/MINOR: config: check that tune.bufsize is always positive
    - MEDIUM: config: set tune.maxrewrite to 1024 by default
    - DOC: add David Carlier as maintainer of da.c
    - DOC: fix some broken unexpected unicode chars in the Lua doc.
    - BUG/MEDIUM: proxy: ignore stopped peers
    - BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
    - MEDIUM: init: completely deallocate unused peers
    - BUG/MEDIUM: tcp: fix inverted condition to call custom actions
    - DOC: remove outdated actions lists on tcp-request/response
    - MEDIUM: tcp: add new tcp action "silent-drop"
    - DOC: add URLs to optional libraries in the README

2015/09/14 : 1.6-dev5
    - MINOR: dns: dns_resolution structure update: time_t to unsigned int
    - BUG/MEDIUM: dns: DNS resolution doesn't start
    - BUG/MAJOR: dns: dns client resolution infinite loop
    - MINOR: dns: coding style update
    - MINOR: dns: new bitmasks to use against DNS flags
    - MINOR: dns: dns_nameserver structure update: new counter for truncated response
    - MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED
    - MEDIUM: dns: handling of truncated response
    - MINOR: DNS client query type failover management
    - MINOR: dns: no expected DNS record type found
    - MINOR: dns: new flag to report that no IP can be found in a DNS response packet
    - BUG/MINOR: DNS request retry counter used for retry only
    - DOC: DNS documentation updated
    - MEDIUM: actions: remove ACTION_STOP
    - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis)
    - BUG/MINOR: lua: last log character truncated.
    - CLEANUP: typo: bad indent
    - CLEANUP: actions: missplaced includes
    - MINOR: build: missing header
    - CLEANUP: lua: Merge log functions
    - BUG/MAJOR: http: don't manipulate the server connection if it's killed
    - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
    - BUG/MAJOR: http: don't call http_send_name_header() after an error
    - MEDIUM: tools: make str2sa_range() optionally return the FQDN
    - BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
    - BUG/MEDIUM: dns: use the correct server hostname when resolving

2015/08/30 : 1.6-dev4
    - MINOR: log: Add log-format variable %HQ, to log HTTP query strings
    - DOC: typo in 'redirect', 302 code meaning
    - DOC: typos in tcp-check expect examples
    - DOC: resolve-prefer default value and default-server update
    - MINOR: DNS counters: increment valid counter
    - BUG/MEDIUM: DNS resolution response parsing broken
    - MINOR: server: add new SRV_ADMF_CMAINT flag
    - MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT
    - BUG/MEDIUM: dns: wrong first time DNS resolution
    - BUG/MEDIUM: lua: Lua tasks fail to start.
    - BUILD: add USE_LUA to BUILD_OPTIONS when it's used
    - DOC/MINOR: fix OpenBSD versions where haproxy works
    - MINOR: 51d: unable to start haproxy without "51degrees-data-file"
    - BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement.
    - BUG/MAJOR: peers: fix current table pointer not re-initialized on session release.
    - BUILD: ssl: Allow building against libssl without SSLv3.
    - DOC: clarify some points about SSL and the proxy protocol
    - DOC: mention support for RFC 5077 TLS Ticket extension in starter guide
    - BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF>
    - DOC: match several lua configuration option names to those implemented in code
    - MINOR cfgparse: Correct the mailer warning text to show the right names to the user
    - BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
    - MINOR: stream: initialize the current_rule field to NULL on stream init
    - BUG/MEDIUM: lua: timeout error with converters, wrapper and actions.
    - CLEANUP: proto_http: remove useless initialisation
    - CLEANUP: http/tcp actions: remove the scope member
    - BUG/MINOR: proto_tcp: custom action continue is ignored
    - MINOR: proto_tcp: add session in the action prototype
    - MINOR: vars: reduce the code size of some wrappers
    - MINOR: Move http method enum from proto_http to sample
    - MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts
    - MINOR: sample/proto_tcp: export "smp_fetch_src"
    - MEDIUM: cli: rely on the map's output type instead of the sample type
    - BUG/MEDIUM: stream: The stream doen't inherit SC from the session
    - BUG/MEDIUM: vars: segfault during the configuration parsing
    - BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream
    - BUG/MEDIUM: lua: bad error processing
    - MINOR: samples: rename a struct from sample_storage to sample_data
    - MINOR: samples: rename some struct member from "smp" to "data"
    - MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
    - MINOR: samples: extract the anonymous union and create the union sample_value
    - MINOR: samples: rename union from "data" to "u"
    - MEDIUM: 51degrees: Adapt the 51Degrees library
    - MINOR: samples: data assignation simplification
    - MEDIUM: pattern/map: Maps can returns various types
    - MINOR: map: The map can return IPv4 and IPv6
    - MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs
    - MINOR: actions: Remove the data opaque pointer
    - MINOR: lua: use the hlua_rule type in place of opaque type
    - MINOR: vars: use the vars types as argument in place of opaque type
    - MINOR: proto_http: use an "expr" type in place of generic opaque type.
    - MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line
    - MINOR: proto_http: replace generic opaque types by real used types in "http_capture"
    - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id
    - MEDIUM: track-sc: Move the track-sc configuration storage in the union
    - MEDIUM: capture: Move the capture configuration storage in the union
    - MINOR: actions: add "from" information
    - MINOR: actions: remove the mark indicating the last entry in enum
    - MINOR: actions: Declare all the embedded actions in the same header file
    - MINOR: actions: change actions names
    - MEDIUM: actions: Add standard return code for the action API
    - MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs
    - MINOR: proto_tcp: proto_tcp.h is now useles
    - MINOR: actions: mutualise the action keyword lookup
    - MEDIUM: actions: Normalize the return code of the configuration parsers
    - MINOR: actions: Remove wrappers
    - MAJOR: stick-tables: use sample types in place of dedicated types
    - MEDIUM: stick-tables: use the sample type names
    - MAJOR: stick-tables: remove key storage from the key struct
    - MEDIUM: stick-tables: Add GPT0 in the stick tables
    - MINOR: stick-tables: Add GPT0 access
    - MINOR: stick-tables: Add GPC0 actions
    - BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault
    - DOC: ssl: missing LF
    - MINOR: lua: add core.done() function
    - DOC: fix function name
    - BUG/MINOR: lua: in some case a sample may remain undefined
    - DOC: fix "http_action_set_req_line()" comments
    - MINOR: http: Action for manipulating the returned status code.
    - MEDIUM: lua: turns txn:close into txn:done
    - BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call
    - BUILD: link with libdl if needed for Lua support
    - CLEANUP: backend: factor out objt_server() in connect_server()
    - MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection
    - MEDIUM: stream-int: simplify si_alloc_conn()
    - MINOR: stream-int: add new function si_detach_endpoint()
    - MINOR: server: add a list of private idle connections
    - MINOR: connection: add a new list member in the connection struct
    - MEDIUM: stream-int: queue idle connections at the server
    - MINOR: stream-int: make si_idle_conn() only accept valid connections
    - MINOR: server: add a list of already used idle connections
    - MINOR: connection: add a new flag CO_FL_PRIVATE
    - MINOR: config: add new setting "http-reuse"
    - MAJOR: backend: initial work towards connection reuse
    - MAJOR: backend: improve the connection reuse mechanism
    - MEDIUM: backend: implement "http-reuse safe"
    - MINOR: server: add a list of safe, already reused idle connections
    - MEDIUM: backend: add the "http-reuse aggressive" strategy
    - DOC: document the new http-reuse directive
    - DOC: internals: document next steps for HTTP connection reuse
    - DOC: mention that %ms is left-padded with zeroes.
    - MINOR: init: indicate to check 'bind' lines when no listeners were found.
    - MAJOR: http: remove references to appsession
    - CLEANUP: config: remove appsession initialization
    - CLEANUP: appsession: remove appsession.c and sessionhash.c
    - CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg
    - CLEANUP: proxy: remove last references to appsession
    - CLEANUP: appsession: remove the last include files
    - DOC: remove documentation about appsession
    - CLEANUP: .gitignore: ignore more test files
    - CLEANUP: .gitignore: finally ignore everything but what is known.
    - MEDIUM: config: emit a warning on a frontend without listener
    - DOC: add doc/internals/entities-v2.txt
    - DOC: add doc/linux-syn-cookies.txt
    - DOC: add design thoughts on HTTP/2
    - DOC: add some thoughts on connection sharing for HTTP/2
    - DOC: add design thoughts on dynamic buffer allocation
    - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
    - DOC: add new file intro.txt
    - MAJOR: tproxy: remove support for cttproxy
    - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2
    - DOC: lua: replace txn:close with txn:done in lua-api
    - DOC: intro: minor updates and fixes
    - DOC: intro: fix too long line.
    - DOC: fix example of http-request using ssl_fc_session_id
    - BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode
    - CLEANUP: lua: fix some indent issues
    - BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice
    - DOC: lua: mention than txn:close was renamed txn:done.

2015/07/22 : 1.6-dev3
    - CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type()
    - MEDIUM: http: Add new 'set-src' option to http-request
    - DOC usesrc root privileges requirments
    - BUG/MINOR: dns: wrong time unit for some DNS default parameters
    - MINOR: proxy: bit field for proxy_find_best_match diff status
    - MINOR: server: new server flag: SRV_F_FORCED_ID
    - MINOR: server: server_find functions: id, name, best_match
    - DOC: dns: fix chapters syntax
    - BUILD/MINOR: tools: rename popcount to my_popcountl
    - BUILD: add netbsd TARGET
    - MEDIUM: 51Degrees code refactoring and cleanup
    - MEDIUM: 51d: add LRU-based cache on User-Agent string detection
    - DOC: add notes about the "51degrees-cache-size" parameter
    - BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str
    - BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing
    - MINOR: Add sample fetch to detect Supported Elliptic Curves Extension
    - BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext
    - BUG/MINOR: lua: type error in the arguments wrapper
    - CLEANUP: vars: remove unused struct
    - BUG/MINOR: http/sample: gmtime/localtime can fail
    - MINOR: standard: add 64 bits conversion functions
    - MAJOR: sample: converts uint and sint in 64 bits signed integer
    - MAJOR: arg: converts uint and sint in sint
    - MEDIUM: sample: switch to saturated arithmetic
    - MINOR: vars: returns variable content
    - MEDIUM: vars/sample: operators can use variables as parameter
    - BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
    - BUILD/MINOR: lua: fix a harmless build warning
    - BUILD/MINOR: stats: fix build warning due to condition always true
    - BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon
    - BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags
    - BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined
    - BUG/MEDIUM: lru: fix possible memory leak when ->free() is used
    - MINOR: vars: make the accounting not depend on the stream
    - MEDIUM: vars: move the session variables to the session, not the stream
    - BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched
    - BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
    - BUG/MAJOR: tcp: tcp rulesets were still broken
    - MINOR: stats: improve compression stats reporting
    - MINOR: ssl: make self-generated certs also work with raw IPv6 addresses
    - CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const
    - CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial()
    - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
    - MINOR: args: add new context for servers
    - MINOR: stream: maintain consistence between channel_forward and HTTP forward
    - MINOR: ssl: provide ia function to set the SNI extension on a connection
    - MEDIUM: ssl: add sni support on the server lines
    - CLEANUP: stream: remove a useless call to si_detach()
    - CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler()
    - CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach()
    - MINOR: stream-int: only use si_release_endpoint() to release a connection
    - MINOR: standard: provide htonll() and ntohll()
    - CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char
    - BUG/MAJOR: dns: fix the length of the string to be copied

2015/06/17 : 1.6-dev2
    - BUG/MINOR: ssl: Display correct filename in error message
    - MEDIUM: logs: Add HTTP request-line log format directives
    - BUG/MEDIUM: check: tcpcheck regression introduced by e16c1b3f
    - BUG/MINOR: check: fix tcpcheck error message
    - MINOR: use an int instead of calling tcpcheck_get_step_id
    - MINOR: tcpcheck_rule structure update
    - MINOR: include comment in tcpcheck error log
    - DOC: tcpcheck comment documentation
    - MEDIUM: server: add support for changing a server's address
    - MEDIUM: server: change server ip address from stats socket
    - MEDIUM: protocol: add minimalist UDP protocol client
    - MEDIUM: dns: implement a DNS resolver
    - MAJOR: server: add DNS-based server name resolution
    - DOC: server name resolution + proto DNS
    - MINOR: dns: add DNS statistics
    - MEDIUM: http: configurable http result codes for http-request deny
    - BUILD: Compile clean when debug options defined
    - MINOR: lru: Add the possibility to free data when an item is removed
    - MINOR: lru: Add lru64_lookup function
    - MEDIUM: ssl: Add options to forge SSL certificates
    - MINOR: ssl: Export functions to manipulate generated certificates
    - MEDIUM: config: add DeviceAtlas global keywords
    - MEDIUM: global: add the DeviceAtlas required elements to struct global
    - MEDIUM: sample: add the da-csv converter
    - MEDIUM: init: DeviceAtlas initialization
    - BUILD: Makefile: add options to build with DeviceAtlas
    - DOC: README: explain how to build with DeviceAtlas
    - BUG/MEDIUM: http: fix the url_param fetch
    - BUG/MEDIUM: init: segfault if global._51d_property_names is not initialized
    - MAJOR: peers: peers protocol version 2.0
    - MINOR: peers: avoid re-scheduling of pending stick-table's updates still not pushed.
    - MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified.
    - MEDIUM: peers: support of any stick-table data-types for sync
    - BUG/MAJOR: sample: regression on sample cast to stick table types.
    - CLEANUP: deinit: remove codes for cleaning p->block_rules
    - DOC: Fix L4TOUT typo in documentation
    - DOC: set-log-level in Logging section preamble
    - BUG/MEDIUM: compat: fix segfault on FreeBSD
    - MEDIUM: check: include server address and port in the send-state header
    - MEDIUM: backend: Allow redispatch on retry intervals
    - MINOR: Add TLS ticket keys reference and use it in the listener struct
    - MEDIUM: Add support for updating TLS ticket keys via socket
    - DOC: Document new socket commands "show tls-keys" and "set ssl tls-key"
    - MINOR: Add sample fetch which identifies if the SSL session has been resumed
    - DOC: Update doc about weight, act and bck fields in the statistics
    - BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
    - MINOR: ssl: add a destructor to free allocated SSL ressources
    - MEDIUM: ssl: add the possibility to use a global DH parameters file
    - MEDIUM: ssl: replace standards DH groups with custom ones
    - MEDIUM: stats: Add enum srv_stats_state
    - MEDIUM: stats: Separate server state and colour in stats
    - MEDIUM: stats: Only report drain state in stats if server has SRV_ADMF_DRAIN set
    - MEDIUM: stats: Differentiate between DRAIN and DRAIN (agent)
    - MEDIUM: Lower priority of email alerts for log-health-checks messages
    - MEDIUM: Send email alerts when servers are marked as UP or enter the drain state
    - MEDIUM: Document when email-alerts are sent
    - BUG/MEDIUM: lua: bad argument number in analyser and in error message
    - MEDIUM: lua: automatically converts strings in proxy, tables, server and ip
    - BUG/MINOR: utf8: remove compilator warning
    - MEDIUM: map: uses HAProxy facilities to store default value
    - BUG/MINOR: lua: error in detection of mandatory arguments
    - BUG/MINOR: lua: set current proxy as default value if it is possible
    - BUG/MEDIUM: http: the action set-{method|path|query|uri} doesn't run.
    - BUG/MEDIUM: lua: undetected infinite loop
    - BUG/MAJOR: http: don't read past buffer's end in http_replace_value
    - BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
    - MEDIUM/CLEANUP: http: rewrite and lighten http_transform_header() prototype
    - BUILD: lua: it miss the '-ldl' directive
    - MEDIUM: http: allows 'R' and 'S' in the protocol alphabet
    - MINOR: http: split the function http_action_set_req_line() in two parts
    - MINOR: http: split http_transform_header() function in two parts.
    - MINOR: http: export function inet_set_tos()
    - MINOR: lua: txn: add function set_(loglevel|tos|mark)
    - MINOR: lua: create and register HTTP class
    - DOC: lua: fix some typos
    - MINOR: lua: add log functions
    - BUG/MINOR: lua: Fix SSL initialisation
    - DOC: lua: some fixes
    - MINOR: lua: (req|res)_get_headers return more than one header value
    - MINOR: lua: map system integration in Lua
    - BUG/MEDIUM: http: functions set-{path,query,method,uri} breaks the HTTP parser
    - MINOR: sample: add url_dec converter
    - MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers
    - MEDIUM: sample change the prototype of sample-fetches and converters functions
    - MINOR: sample: fill the struct sample with the options.
    - MEDIUM: sample: change the prototype of sample-fetches functions
    - MINOR: http: split the url_param in two parts
    - CLEANUP: http: bad indentation
    - MINOR: http: add body_param fetch
    - MEDIUM: http: url-encoded parsing function can run throught wrapped buffer
    - DOC: http: req.body_param documentation
    - MINOR: proxy: custom capture declaration
    - MINOR: capture: add two "capture" converters
    - MEDIUM: capture: Allow capture with slot identifier
    - MINOR: http: add array of generic pointers in http_res_rules
    - MEDIUM: capture: adds http-response capture
    - MINOR: common: escape CSV strings
    - MEDIUM: stats: escape some strings in the CSV dump
    - MINOR: tcp: add custom actions that can continue tcp-(request|response) processing
    - MINOR: lua: Lua tcp action are not final action
    - DOC: lua: schematics about lua socket organization
    - BUG/MINOR: debug: display (null) in place of "meth"
    - DOC: mention the "lua action" in documentation
    - MINOR: standard: add function that converts signed int to a string
    - BUG/MINOR: sample: wrong conversion of signed values
    - MEDIUM: sample: Add type any
    - MINOR: debug: add a special converter which display its input sample content.
    - MINOR: tcp: increase the opaque data array
    - MINOR: tcp/http/conf: extends the keyword registration options
    - MINOR: build: fix build dependency
    - MEDIUM: vars: adds support of variables
    - MINOR: vars: adds get and set functions
    - MINOR: lua: Variable access
    - MINOR: samples: add samples which returns constants
    - BUG/MINOR: vars/compil: fix some warnings
    - BUILD: add 51degrees options to makefile.
    - MINOR: global: add several 51Degrees members to global
    - MINOR: config: add 51Degrees config parsing.
    - MINOR: init: add 51Degrees initialisation code
    - MEDIUM: sample: add fiftyone_degrees converter.
    - MEDIUM: deinit: add cleanup for 51Degrees to deinit
    - MEDIUM: sample: add trie support to 51Degrees
    - DOC: add 51Degrees notes to configuration.txt.
    - DOC: add build indications for 51Degrees to README.
    - MEDIUM: cfgparse: introduce weak and strong quoting
    - BUG/MEDIUM: cfgparse: incorrect memmove in quotes management
    - MINOR: cfgparse: remove line size limitation
    - MEDIUM: cfgparse: expand environment variables
    - BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
    - BUG/MEDIUM: cfgparse: segfault when userlist is misused
    - CLEANUP: cfgparse: remove reference to 'ruleset' section
    - MEDIUM: cfgparse: check section maximum number of arguments
    - MEDIUM: cfgparse: max arguments check in the global section
    - MEDIUM: cfgparse: check max arguments in the proxies sections
    - CLEANUP: stream-int: remove a redundant clearing of the linger_risk flag
    - MINOR: connection: make conn_sock_shutw() actually perform the shutdown() call
    - MINOR: stream-int: use conn_sock_shutw() to shutdown a connection
    - MINOR: connection: perform the call to xprt->shutw() in conn_data_shutw()
    - MEDIUM: stream-int: replace xprt->shutw calls with conn_data_shutw()
    - MINOR: checks: use conn_data_shutw_hard() instead of call via xprt
    - MINOR: connection: implement conn_sock_send()
    - MEDIUM: stream-int: make conn_si_send_proxy() use conn_sock_send()
    - MEDIUM: connection: make conn_drain() perform more controls
    - REORG: connection: move conn_drain() to connection.c and rename it
    - CLEANUP: stream-int: remove inclusion of fd.h that is not used anymore
    - MEDIUM: channel: don't always set CF_WAKE_WRITE on bi_put*
    - CLEANUP: lua: don't use si_ic/si_oc on known stream-ints
    - BUG/MEDIUM: peers: correctly configure the client timeout
    - MINOR: peers: centralize configuration of the peers frontend
    - MINOR: proxy: store the default target into the frontend's configuration
    - MEDIUM: stats: use frontend_accept() as the accept function
    - MEDIUM: peers: use frontend_accept() instead of peer_accept()
    - CLEANUP: listeners: remove unused timeout
    - MEDIUM: listener: store the default target per listener
    - BUILD: fix automatic inclusion of libdl.
    - MEDIUM: lua: implement a simple memory allocator
    - MEDIUM: compression: postpone buffer adjustments after compression
    - MEDIUM: compression: don't send leading zeroes with chunk size
    - BUG/MINOR: compression: consider the expansion factor in init
    - MINOR: http: check the algo name "identity" instead of the function pointer
    - CLEANUP: compression: statify all algo-specific functions
    - MEDIUM: compression: add a distinction between UA- and config- algorithms
    - MEDIUM: compression: add new "raw-deflate" compression algorithm
    - MEDIUM: compression: split deflate_flush() into flush and finish
    - CLEANUP: compression: remove unused reset functions
    - MAJOR: compression: integrate support for libslz
    - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
    - BUG/MAJOR: http: null-terminate the http actions keywords list
    - CLEANUP: lua: remove the unused hlua_sleep memory pool
    - BUG/MAJOR: lua: use correct object size when initializing a new converter
    - CLEANUP: lua: remove hard-coded sizeof() in object creations and mallocs
    - CLEANUP: lua: fix confusing local variable naming in hlua_txn_new()
    - CLEANUP: hlua: stop using variable name "s" alternately for hlua_txn and hlua_smp
    - CLEANUP: lua: get rid of the last "*ht" for struct hlua_txn.
    - CLEANUP: lua: rename last occurrences of "*s" to "*htxn" for hlua_txn
    - CLEANUP: lua: rename variable "sc" for struct hlua_smp
    - CLEANUP: lua: get rid of the last two "*hs" for hlua_smp
    - REORG/MAJOR: session: rename the "session" entity to "stream"
    - REORG/MEDIUM: stream: rename stream flags from SN_* to SF_*
    - MINOR: session: start to reintroduce struct session
    - MEDIUM: stream: allocate the session when a stream is created
    - MEDIUM: stream: move the listener's pointer to the session
    - MEDIUM: stream: move the frontend's pointer to the session
    - MINOR: session: add a pointer to the session's origin
    - MEDIUM: session: use the pointer to the origin instead of s->si[0].end
    - CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL
    - MEDIUM: http: move header captures from http_txn to struct stream
    - MINOR: http: create a dedicated pool for http_txn
    - MAJOR: http: move http_txn out of struct stream
    - MAJOR: sample: don't pass l7 anymore to sample fetch functions
    - CLEANUP: lua: remove unused hlua_smp->l7 and hlua_txn->l7
    - MEDIUM: http: remove the now useless http_txn from {req/res} rules
    - CLEANUP: lua: don't pass http_txn anymore to hlua_request_act_wrapper()
    - MAJOR: sample: pass a pointer to the session to each sample fetch function
    - MINOR: stream: provide a few helpers to retrieve frontend, listener and origin
    - CLEANUP: stream: don't set ->target to the incoming connection anymore
    - MINOR: stream: move session initialization before the stream's
    - MINOR: session: store the session's accept date
    - MINOR: session: don't rely on s->logs.logwait in embryonic sessions
    - MINOR: session: implement session_free() and use it everywhere
    - MINOR: session: add stick counters to the struct session
    - REORG: stktable: move the stkctr_* functions from stream to sticktable
    - MEDIUM: streams: support looking up stkctr in the session
    - MEDIUM: session: update the session's stick counters upon session_free()
    - MEDIUM: proto_tcp: track the session's counters in the connection ruleset
    - MAJOR: tcp: make tcp_exec_req_rules() only rely on the session
    - MEDIUM: stream: don't call stream_store_counters() in kill_mini_session() nor session_accept()
    - MEDIUM: stream: move all the session-specific stuff of stream_accept() earlier
    - MAJOR: stream: don't initialize the stream anymore in stream_accept
    - MEDIUM: session: remove the task pointer from the session
    - REORG: session: move the session parts out of stream.c
    - MINOR: stream-int: make appctx_new() take the applet in argument
    - MEDIUM: peers: move the appctx initialization earlier
    - MINOR: session: introduce session_new()
    - MINOR: session: make use of session_new() when creating a new session
    - MINOR: peers: make use of session_new() when creating a new session
    - MEDIUM: peers: initialize the task before the stream
    - MINOR: session: set the CO_FL_CONNECTED flag on the connection once ready
    - CLEANUP: stream.c: do not re-attach the connection to the stream
    - MEDIUM: stream: isolate connection-specific initialization code
    - MEDIUM: stream: also accept appctx as origin in stream_accept_session()
    - MEDIUM: peers: make use of stream_accept_session()
    - MEDIUM: frontend: make ->accept only return +/-1
    - MEDIUM: stream: return the stream upon accept()
    - MEDIUM: frontend: move some stream initialisation to stream_new()
    - MEDIUM: frontend: move the fd-specific settings to session_accept_fd()
    - MEDIUM: frontend: don't restrict frontend_accept() to connections anymore
    - MEDIUM: frontend: move some remaining stream settings to stream_new()
    - CLEANUP: frontend: remove one useless local variable
    - MEDIUM: stream: don't rely on the session's listener anymore in stream_new()
    - MEDIUM: lua: make use of stream_new() to create an outgoing connection
    - MINOR: lua: minor cleanup in hlua_socket_new()
    - MINOR: lua: no need for setting timeouts / conn_retries in hlua_socket_new()
    - MINOR: peers: no need for setting timeouts / conn_retries in peer_session_create()
    - CLEANUP: stream-int: swap stream-int and appctx declarations
    - CLEANUP: namespaces: fix protection against multiple inclusions
    - MINOR: session: maintain the session count stats in the session, not the stream
    - MEDIUM: session: adjust the connection flags before stream_new()
    - MINOR: stream: pass the pointer to the origin explicitly to stream_new()
    - CLEANUP: poll: move the conditions for waiting out of the poll functions
    - BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
    - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
    - BUG/MAJOR: tcp/http: fix current_rule assignment when restarting over a ruleset
    - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
    - DOC: update the entities diagrams
    - BUG/MEDIUM: http: properly retrieve the front connection
    - MINOR: applet: add a new "owner" pointer in the appctx
    - MEDIUM: applet: make the applet not depend on a stream interface anymore
    - REORG: applet: move the applet definitions out of stream_interface
    - CLEANUP: applet: rename struct si_applet to applet
    - REORG: stream-int: create si_applet_ops dedicated to applets
    - MEDIUM: applet: add basic support for an applet run queue
    - MEDIUM: applet: implement a run queue for active appctx
    - MEDIUM: stream-int: add a new function si_applet_done()
    - MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers
    - MAJOR: stream: use a regular ->update for all stream interfaces
    - MEDIUM: dumpstats: don't unregister the applet anymore
    - MEDIUM: applet: centralize the call to si_applet_done() in the I/O handler
    - MAJOR: stream: do not allocate request buffers anymore when the left side is an applet
    - MINOR: stream-int: add two flags to indicate an applet's wishes regarding I/O
    - MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put}
    - MEDIUM: stream-int: pause the appctx if the task is woken up
    - BUG/MAJOR: tcp: only call registered actions when they're registered
    - BUG/MEDIUM: peers: fix applet scheduling
    - BUG/MEDIUM: peers: recent applet changes broke peers updates scheduling
    - MINOR: tools: provide an rdtsc() function for time comparisons
    - IMPORT: lru: import simple ebtree-based LRU functions
    - IMPORT: hash: import xxhash-r39
    - MEDIUM: pattern: add a revision to all pattern expressions
    - MAJOR: pattern: add LRU-based cache on pattern matching
    - BUG/MEDIUM: http: remove content-length from chunked messages
    - DOC: http: update the comments about the rules for determining transfer-length
    - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
    - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
    - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
    - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
    - MEDIUM: http: disable support for HTTP/0.9 by default
    - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
    - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
    - MEDIUM: init: don't stop proxies in parent process when exiting
    - MINOR: stick-table: don't attach to peers in stopped state
    - MEDIUM: config: initialize stick-tables after peers, not before
    - MEDIUM: peers: add the ability to disable a peers section
    - MINOR: peers: store the pointer to the signal handler
    - MEDIUM: peers: unregister peers that were never started
    - MEDIUM: config: propagate the table's process list to the peers sections
    - MEDIUM: init: stop any peers section not bound to the correct process
    - MEDIUM: config: validate that peers sections are bound to exactly one process
    - MAJOR: peers: allow peers section to be used with nbproc > 1
    - DOC: relax the peers restriction to single-process
    - DOC: document option http-ignore-probes
    - DOC: fix the comments about the meaning of msg->sol in HTTP
    - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
    - BUG/MAJOR: http: prevent risk of reading past end with balance url_param
    - MEDIUM: stream: move HTTP request body analyser before process_common
    - MEDIUM: http: add a new option http-buffer-request
    - MEDIUM: http: provide 3 fetches for the body
    - DOC: update the doc on the proxy protocol
    - BUILD: pattern: fix build warnings introduced in the LRU cache
    - BUG/MEDIUM: stats: properly initialize the scope before dumping stats
    - CLEANUP: config: fix misleading information in error message.
    - MINOR: config: report the number of processes using a peers section in the error case
    - BUG/MEDIUM: config: properly compute the default number of processes for a proxy
    - MEDIUM: http: add new "capture" action for http-request
    - BUG/MEDIUM: http: fix the http-request capture parser
    - BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
    - BUILD/MINOR: ssl: fix build failure introduced by recent patch
    - BUG/MAJOR: check: fix breakage of inverted tcp-check rules
    - CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
    - BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
    - CLEANUP: checks: simplify the loop processing of tcp-checks
    - BUG/MAJOR: checks: always check for end of list before proceeding
    - BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
    - BUG/MAJOR: checks: break infinite loops when tcp-checks starts with comment
    - MEDIUM: http: make url_param iterate over multiple occurrences
    - BUG/MEDIUM: peers: apply a random reconnection timeout
    - MEDIUM: config: reject invalid config with name duplicates
    - MEDIUM: config: reject conflicts in table names
    - CLEANUP: proxy: make the proxy lookup functions more user-friendly
    - MINOR: proxy: simply ignore duplicates in proxy name lookups
    - MINOR: config: don't open-code proxy name lookups
    - MEDIUM: config: clarify the conflicting modes detection for backend rules
    - CLEANUP: proxy: remove now unused function findproxy_mode()
    - MEDIUM: stick-table: remove the now duplicate find_stktable() function
    - MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions
    - MINOR: proxy: add a new function proxy_find_by_id()
    - MINOR: proxy: add a flag to memorize that the proxy's ID was forced
    - MEDIUM: proxy: add a new proxy_find_best_match() function
    - CLEANUP: http: explicitly reference request in http_apply_redirect_rules()
    - MINOR: http: prepare support for parsing redirect actions on responses
    - MEDIUM: http: implement http-response redirect rules
    - MEDIUM: http: no need to close the request on redirect if data was parsed
    - BUG/MEDIUM: http: fix body processing for the stats applet
    - BUG/MINOR: da: fix log-level comparison to emove annoying warning
    - CLEANUP: global: remove one ifdef USE_DEVICEATLAS
    - CLEANUP: da: move the converter registration to da.c
    - CLEANUP: da: register the config keywords in da.c
    - CLEANUP: adjust the envelope name in da.h to reflect the file name
    - CLEANUP: da: remove ifdef USE_DEVICEATLAS from da.c
    - BUILD: make 51D easier to build by defaulting to 51DEGREES_SRC
    - BUILD: fix build warning when not using 51degrees
    - BUILD: make DeviceAtlas easier to build by defaulting to DEVICEATLAS_SRC
    - BUILD: ssl: fix recent build breakage on older SSL libs

2015/03/11 : 1.6-dev1
    - CLEANUP: extract temporary $CFG to eliminate duplication
    - CLEANUP: extract temporary $BIN to eliminate duplication
    - CLEANUP: extract temporary $PIDFILE to eliminate duplication
    - CLEANUP: extract temporary $LOCKFILE to eliminate duplication
    - CLEANUP: extract quiet_check() to avoid duplication
    - BUG/MINOR: don't start haproxy on reload
    - DOC: Address issue where documentation is excluded due to a gitignore rule.
    - BUG/MEDIUM: systemd: set KillMode to 'mixed'
    - BUILD: fix "make install" to support spaces in the install dirs
    - BUG/MINOR: config: http-request replace-header arg typo
    - BUG: config: error in http-response replace-header number of arguments
    - DOC: missing track-sc* in http-request rules
    - BUILD: lua: missing ifdef related to SSL when enabling LUA
    - BUG/MEDIUM: regex: fix pcre_study error handling
    - MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT
    - BUG/MINOR: Fix search for -p argument in systemd wrapper.
    - MEDIUM: Improve signal handling in systemd wrapper.
    - DOC: fix typo in Unix Socket commands
    - BUG/MEDIUM: checks: external checks can't change server status to UP
    - BUG/MEDIUM: checks: segfault with external checks in a backend section
    - BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result
    - BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
    - BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
    - BUG/MINOR: config: don't propagate process binding for dynamic use_backend
    - BUG/MINOR: log: fix request flags when keep-alive is enabled
    - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
    - MINOR: checks: allow external checks in backend sections
    - MEDIUM: checks: provide environment variables to the external checks
    - MINOR: checks: update dynamic environment variables in external checks
    - DOC: checks: environment variables used by "external-check command"
    - BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
    - MINOR: ssl: load certificates in alphabetical order
    - BUG/MINOR: checks: prevent http keep-alive with http-check expect
    - MINOR: lua: typo in an error message
    - MINOR: report the Lua version in -vv
    - MINOR: lua: add a compilation error message when compiled with an incompatible version
    - BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua
    - BUILD: try to automatically detect the Lua library name
    - BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration
    - BUG/MEDIUM: backend: Update hash to use unsigned int throughout
    - BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header
    - MEDIUM: connection: add new bit in Proxy Protocol V2
    - BUG/MINOR: ssl: rejects OCSP response without nextupdate.
    - BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses.
    - BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice.
    - BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
    - MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
    - MINOR: ssl: add statement to force some ssl options in global.
    - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
    - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
    - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
    - MINOR: samples: adds the bytes converter.
    - MINOR: samples: adds the field converter.
    - MINOR: samples: add the word converter.
    - BUG/MINOR: server: move the directive #endif to the end of file
    - BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped
    - DOC: fix a few typos
    - CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents
    - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
    - BUG/MINOR: parse: refer curproxy instead of proxy
    - BUG/MINOR: parse: check the validity of size string in a more strict way
    - BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS
    - DOC: expand the docs for the provided stats.
    - BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure.
    - MEDIUM: ssl: Certificate Transparency support
    - MEDIUM: stats: proxied stats admin forms fix
    - MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200
    - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
    - MAJOR: namespace: add Linux network namespace support
    - MINOR: systemd: Check configuration before start
    - BUILD: ssl: handle boringssl in openssl version detection
    - BUILD: ssl: disable OCSP when using boringssl
    - BUILD: ssl: don't call get_rfc2409_prime when using boringssl
    - MINOR: ssl: don't use boringssl's cipher_list
    - BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support
    - MINOR: stats: fix minor typo in HTML page
    - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
    - MEDIUM: Add support for configurable TLS ticket keys
    - DOC: Document the new tls-ticket-keys bind keyword
    - DOC: clearly state that the "show sess" output format is not fixed
    - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
    - DOC: httplog does not support 'no'
    - BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
    - MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list.
    - BUG/MEDIUM: Consistently use 'check' in process_chk
    - MEDIUM: Add external check
    - BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
    - MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
    - MEDIUM: Remove connect_chk
    - MEDIUM: Refactor init_check and move to checks.c
    - MEDIUM: Add free_check() helper
    - MEDIUM: Move proto and addr fields struct check
    - MEDIUM: Attach tcpcheck_rules to check
    - MEDIUM: Add parsing of mailers section
    - MEDIUM: Allow configuration of email alerts
    - MEDIUM: Support sending email alerts
    - DOC: Document email alerts
    - MINOR: Remove trailing '.' from email alert messages
    - MEDIUM: Allow suppression of email alerts by log level
    - BUG/MEDIUM: Do not consider an agent check as failed on L7 error
    - MINOR: deinit: fix memory leak
    - MINOR: http: export the function 'smp_fetch_base32'
    - BUG/MEDIUM: http: tarpit timeout is reset
    - MINOR: sample: add "json" converter
    - BUG/MEDIUM: pattern: don't load more than once a pattern list.
    - MINOR: map/acl/dumpstats: remove the "Done." message
    - BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection
    - BUG/MINOR: pattern: error message missing
    - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
    - BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word
    - MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay
    - MEDIUM: task: call session analyzers if the task is woken by a message.
    - MEDIUM: protocol: automatically pick the proto associated to the connection.
    - MEDIUM: channel: wake up any request analyzer on response activity
    - MINOR: converters: add a "void *private" argument to converters
    - MINOR: converters: give the session pointer as converter argument
    - MINOR: sample: add private argument to the struct sample_fetch
    - MINOR: global: export function and permits to not resolve DNS names
    - MINOR: sample: add function for browsing samples.
    - MINOR: global: export many symbols.
    - MINOR: includes: fix a lot of missing or useless includes
    - MEDIUM: tcp: add register keyword system.
    - MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied.
    - MEDIUM: http: change the code returned by the response processing rule functions
    - MEDIUM: http/tcp: permit to resume http and tcp custom actions
    - MINOR: channel: functions to get data from a buffer without copy
    - MEDIUM: lua: lua integration in the build and init system.
    - MINOR: lua: add ease functions
    - MINOR: lua: add runtime execution context
    - MEDIUM: lua: "com" signals
    - MINOR: lua: add the configuration directive "lua-load"
    - MINOR: lua: core: create "core" class and object
    - MINOR: lua: post initialisation bindings
    - MEDIUM: lua: add coroutine as tasks.
    - MINOR: lua: add sample and args type converters
    - MINOR: lua: txn: create class TXN associated with the transaction.
    - MINOR: lua: add shared context in the lua stack
    - MINOR: lua: txn: import existing sample-fetches in the class TXN
    - MINOR: lua: txn: add lua function in TXN that returns an array of http headers
    - MINOR: lua: register and execute sample-fetches in LUA
    - MINOR: lua: register and execute converters in LUA
    - MINOR: lua: add bindings for tcp and http actions
    - MINOR: lua: core: add sleep functions
    - MEDIUM: lua: socket: add "socket" class for TCP I/O
    - MINOR: lua: core: pattern and acl manipulation
    - MINOR: lua: channel: add "channel" class
    - MINOR: lua: txn: object "txn" provides two objects "channel"
    - MINOR: lua: core: can set the nice of the current task
    - MINOR: lua: core: can yield an execution stack
    - MINOR: lua: txn: add binding for closing the client connection.
    - MEDIUM: lua: Lua initialisation "on demand"
    - BUG/MAJOR: lua: send function fails and return bad bytes
    - MINOR: remove unused declaration.
    - MINOR: lua: remove some #define
    - MINOR: lua: use bitfield and macro in place of integer and enum
    - MINOR: lua: set skeleton for Lua execution expiration
    - MEDIUM: lua: each yielding function returns a wake up time.
    - MINOR: lua: adds "forced yield" flag
    - MEDIUM: lua: interrupt the Lua execution for running other process
    - MEDIUM: lua: change the sleep function core
    - BUG/MEDIUM: lua: the execution timeout is ignored in yield case
    - DOC: lua: Lua configuration documentation
    - MINOR: lua: add the struct session in the lua channel struct
    - BUG/MINOR: lua: set buffer if it is nnot avalaible.
    - BUG/MEDIUM: lua: reset flags before resuming execution
    - BUG/MEDIUM: lua: fix infinite loop about channel
    - BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side
    - BUG/MEDIUM: lua: many errors when we try to send data with the channel API
    - MEDIUM: lua: use the Lua-5.3 version of the library
    - BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors
    - BUG/MEDIUM: lua: can't handle the response bytes
    - BUG/MEDIUM: lua: segfault with buffer_replace2
    - BUG/MINOR: lua: check buffers before initializing socket
    - BUG/MINOR: log: segfault if there are no proxy reference
    - BUG/MEDIUM: lua: sockets don't have buffer to write data
    - BUG/MEDIUM: lua: cannot connect socket
    - BUG/MINOR: lua: sockets receive behavior doesn't follows the specs
    - BUG/BUILD: lua: The strict Lua 5.3 version check is not done.
    - BUG/MEDIUM: buffer: one byte miss in buffer free space check
    - MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster
    - MINOR: replace the Core object by a simple model.
    - MEDIUM: lua: change the objects configuration
    - MEDIUM: lua: create a namespace for the fetches
    - MINOR: converters: add function to browse converters
    - MINOR: lua: wrapper for converters
    - MINOR: lua: replace function (req|get)_channel by a variable
    - MINOR: lua: fetches and converters can return an empty string in place of nil
    - DOC: lua api
    - BUG/MEDIUM: sample: fix random number upper-bound
    - BUG/MINOR: stats:Fix incorrect printf type.
    - BUG/MAJOR: session: revert all the crappy client-side timeout changes
    - BUG/MINOR: logs: properly initialize and count log sockets
    - BUG/MEDIUM: http: fetch "base" is not compatible with set-header
    - BUG/MINOR: counters: do not untrack counters before logging
    - BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process()
    - MINOR: stick-table: make stktable_fetch_key() indicate why it failed
    - BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents
    - BUILD: remove TODO from the spec file and add README
    - MINOR: log: make MAX_SYSLOG_LEN overridable at build time
    - MEDIUM: log: support a user-configurable max log line length
    - DOC: provide an example of how to use ssl_c_sha1
    - BUILD: checks: external checker needs signal.h
    - BUILD: checks: kill a minor warning on Solaris in external checks
    - BUILD: http: fix isdigit & isspace warnings on Solaris
    - BUG/MINOR: listener: set the listener's fd to -1 after deletion
    - BUG/MEDIUM: unix: failed abstract socket binding is retryable
    - MEDIUM: listener: implement a per-protocol pause() function
    - MEDIUM: listener: support rebinding during resume()
    - BUG/MEDIUM: unix: completely unbind abstract sockets during a pause()
    - DOC: explicitly mention the limits of abstract namespace sockets
    - DOC: minor fix on {sc,src}_kbytes_{in,out}
    - DOC: fix alphabetical sort of converters
    - MEDIUM: stick-table: implement lookup from a sample fetch
    - MEDIUM: stick-table: add new converters to fetch table data
    - MINOR: samples: add two converters for the date format
    - BUG/MAJOR: http: correctly rewind the request body after start of forwarding
    - DOC: remove references to CPU=native in the README
    - DOC: mention that "compression offload" is ignored in defaults section
    - DOC: mention that Squid correctly responds 400 to PPv2 header
    - BUILD: fix dependencies between config and compat.h
    - MINOR: session: export the function 'smp_fetch_sc_stkctr'
    - MEDIUM: stick-table: make it easier to register extra data types
    - BUG/MINOR: http: base32+src should use the big endian version of base32
    - MINOR: sample: allow IP address to cast to binary
    - MINOR: sample: add new converters to hash input
    - MINOR: sample: allow integers to cast to binary
    - BUILD: report commit ID in git versions as well
    - CLEANUP: session: move the stick counters declarations to stick_table.h
    - MEDIUM: http: add the track-sc* actions to http-request rules
    - BUG/MEDIUM: connection: fix proxy v2 header again!
    - BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
    - OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs
    - MINOR: log: add a new field "%lc" to implement a per-frontend log counter
    - BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
    - BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
    - BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
    - BUG/MEDIUM: acl: correctly compute the output type when a converter is used
    - CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
    - BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
    - MEDIUM: http: enable header manipulation for 101 responses
    - BUG/MEDIUM: config: propagate frontend to backend process binding again.
    - MEDIUM: config: properly propagate process binding between proxies
    - MEDIUM: config: make the frontends automatically bind to the listeners' processes
    - MEDIUM: config: compute the exact bind-process before listener's maxaccept
    - MEDIUM: config: only warn if stats are attached to multi-process bind directives
    - MEDIUM: config: report it when tcp-request rules are misplaced
    - DOC: indicate in the doc that track-sc* can wait if data are missing
    - MINOR: config: detect the case where a tcp-request content rule has no inspect-delay
    - MEDIUM: systemd-wrapper: support multiple executable versions and names
    - BUG/MEDIUM: remove debugging code from systemd-wrapper
    - BUG/MEDIUM: http: adjust close mode when switching to backend
    - BUG/MINOR: config: don't propagate process binding on fatal errors.
    - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
    - BUG/MINOR: tcp-check: report the correct failed step in the status
    - DOC: indicate that weight zero is reported as DRAIN
    - BUG/MEDIUM: config: avoid skipping disabled proxies
    - BUG/MINOR: config: do not accept more track-sc than configured
    - BUG/MEDIUM: backend: fix URI hash when a query string is present
    - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
    - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
    - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
    - BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8
    - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
    - BUG/BUILD: revert accidental change in the makefile from latest SSL fix
    - BUG/MEDIUM: ssl: force a full GC in case of memory shortage
    - MEDIUM: ssl: add support for smaller SSL records
    - MINOR: session: release a few other pools when stopping
    - MINOR: task: release the task pool when stopping
    - BUG/MINOR: config: don't inherit the default balance algorithm in frontends
    - BUG/MAJOR: frontend: initialize capture pointers earlier
    - BUG/MINOR: stats: correctly set the request/response analysers
    - MAJOR: polling: centralize calls to I/O callbacks
    - DOC: fix typo in the body parser documentation for msg.sov
    - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
    - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
    - DEBUG: pools: apply poisonning on every allocated pool
    - BUG/MAJOR: sessions: unlink session from list on out of memory
    - BUG/MEDIUM: patterns: previous fix was incomplete
    - BUG/MEDIUM: payload: ensure that a request channel is available
    - BUG/MINOR: tcp-check: don't condition data polling on check type
    - BUG/MEDIUM: tcp-check: don't rely on random memory contents
    - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
    - BUG/MINOR: config: fix typo in condition when propagating process binding
    - BUG/MEDIUM: config: do not propagate processes between stopped processes
    - BUG/MAJOR: stream-int: properly check the memory allocation return
    - BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
    - BUG/MAJOR: namespaces: conn->target is not necessarily a server
    - BUG/MEDIUM: compression: correctly report zlib_mem
    - CLEANUP: lists: remove dead code
    - CLEANUP: memory: remove dead code
    - CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions
    - MINOR: memory: cut pool allocator in 3 layers
    - MEDIUM: memory: improve pool_refill_alloc() to pass a refill count
    - MINOR: stream-int: retrieve session pointer from stream-int
    - MINOR: buffer: reset a buffer in b_reset() and not channel_init()
    - MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer
    - MINOR: buffer: move buffer initialization after channel initialization
    - MINOR: buffer: only use b_free to release buffers
    - MEDIUM: buffer: always assign a dummy empty buffer to channels
    - MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations
    - MEDIUM: channel: do not report full when buf_empty is present on a channel
    - MINOR: session: group buffer allocations together
    - MINOR: buffer: implement b_alloc_fast()
    - MEDIUM: buffer: implement b_alloc_margin()
    - MEDIUM: session: implement a basic atomic buffer allocator
    - MAJOR: session: implement a wait-queue for sessions who need a buffer
    - MAJOR: session: only allocate buffers when needed
    - MINOR: stats: report a "waiting" flags for sessions
    - MAJOR: session: only wake up as many sessions as available buffers permit
    - MINOR: config: implement global setting tune.buffers.reserve
    - MINOR: config: implement global setting tune.buffers.limit
    - MEDIUM: channel: implement a zero-copy buffer transfer
    - MEDIUM: stream-int: support splicing from applets
    - OPTIM: stream-int: try to send pending spliced data
    - CLEANUP: session: remove session_from_task()
    - DOC: add missing entry for log-format and clarify the text
    - MINOR: logs: add a new per-proxy "log-tag" directive
    - BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
    - MINOR: config: extend the default max hostname length to 64 and beyond
    - BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
    - BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
    - MINOR: channel: add channel_in_transit()
    - MEDIUM: channel: make buffer_reserved() use channel_in_transit()
    - MEDIUM: channel: make bi_avail() use channel_in_transit()
    - BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
    - CLEANUP: channel: rename channel_reserved -> channel_is_rewritable
    - MINOR: channel: rename channel_full() to !channel_may_recv()
    - MINOR: channel: rename buffer_reserved() to channel_reserved()
    - MINOR: channel: rename buffer_max_len() to channel_recv_limit()
    - MINOR: channel: rename bi_avail() to channel_recv_max()
    - MINOR: channel: rename bi_erase() to channel_truncate()
    - BUG/MAJOR: log: don't try to emit a log if no logger is set
    - MINOR: tools: add new round_2dig() function to round integers
    - MINOR: global: always export some SSL-specific metrics
    - MINOR: global: report information about the cost of SSL connections
    - MAJOR: init: automatically set maxconn and/or maxsslconn when possible
    - MINOR: http: add a new fetch "query" to extract the request's query string
    - MINOR: hash: add new function hash_crc32
    - MINOR: samples: provide a "crc32" converter
    - MEDIUM: backend: add the crc32 hash algorithm for load balancing
    - BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
    - BUG/MEDIUM: http: make http-request set-header compute the string before removal
    - MEDIUM: args: use #define to specify the number of bits used by arg types and counts
    - MEDIUM: args: increase arg type to 5 bits and limit arg count to 5
    - MINOR: args: add type-specific flags for each arg in a list
    - MINOR: args: implement a new arg type for regex : ARGT_REG
    - MEDIUM: regex: add support for passing regex flags to regex_exec_match()
    - MEDIUM: samples: add a regsub converter to perform regex-based transformations
    - BUG/MINOR: sample: fix case sensitivity for the regsub converter
    - MEDIUM: http: implement http-request set-{method,path,query,uri}
    - DOC: fix missing closing brackend on regsub
    - MEDIUM: samples: provide basic arithmetic and bitwise operators
    - MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set
    - BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
    - BUG/MINOR: http: abort request processing on filter failure
    - MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT
    - MINOR: ssl/server: add the "no-ssl-reuse" server option
    - BUG/MAJOR: peers: initialize s->buffer_wait when creating the session
    - MINOR: http: add a new function to iterate over each header line
    - MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names
    - MEDIUM: task: always ensure that the run queue is consistent
    - BUILD: Makefile: add -Wdeclaration-after-statement
    - BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration
    - BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code
    - MEDIUM: protocol: use a family array to index the protocol handlers
    - BUILD: lua: cleanup many mixed occurrences declarations & code
    - BUG/MEDIUM: task: fix recently introduced scheduler skew
    - BUG/MINOR: lua: report the correct function name in an error message
    - BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD
    - Revert "BUG/MEDIUM: lua: can't handle the response bytes"
    - MINOR: lua: convert IP addresses to type string
    - CLEANUP: lua: use the same function names in C and Lua
    - REORG/MAJOR: move session's req and resp channels back into the session
    - CLEANUP: remove now unused channel pool
    - REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels
    - MEDIUM: stream-int: add a flag indicating which side the SI is on
    - MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel
    - MEDIUM: stream-interface: remove now unused pointers to channels
    - MEDIUM: stream-int: make si_sess() use the stream int's side
    - MEDIUM: stream-int: use si_task() to retrieve the task from the stream int
    - MEDIUM: stream-int: remove any reference to the owner
    - CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers
    - CLEANUP: stream-int: add si_opposite() to find the other stream interface
    - REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces
    - MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel
    - MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI
    - MEDIUM: channel: remove now unused ->prod and ->cons pointers
    - CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res})
    - CLEANUP: session: use local variables to access channels / stream ints
    - CLEANUP: session: don't needlessly pass a pointer to the stream-int
    - CLEANUP: session: don't use si_{ic,oc} when we know the session.
    - CLEANUP: stream-int: limit usage of si_ic/si_oc
    - CLEANUP: lua: limit usage of si_ic/si_oc
    - MINOR: channel: add chn_sess() helper to retrieve session from channel
    - MEDIUM: session: simplify receive buffer allocator to only use the channel
    - MEDIUM: lua: use CF_ISRESP to detect the channel's side
    - CLEANUP: lua: remove the session pointer from hlua_channel
    - CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore
    - MEDIUM: lua: remove struct hlua_channel
    - MEDIUM: lua: remove hlua_sample_fetch

2014/06/19 : 1.6-dev0
    - exact copy of 1.5.0

2014/06/19 : 1.5.0
    - MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'.
    - MEDIUM: ssl: basic OCSP stapling support.
    - MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response'
    - MEDIUM: ssl: add 300s supported time skew on OCSP response update.
    - MINOR: checks: mysql-check: Add support for v4.1+ authentication
    - MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits
    - MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description.
    - MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp
    - MEDIUM: Break out check establishment into connect_chk()
    - MEDIUM: Add port_to_str helper
    - BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section.
    - BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT.
    - MINOR: regex: fix a little configuration memory leak.
    - MINOR: regex: Create JIT compatible function that return match strings
    - MEDIUM: regex: replace all standard regex function by own functions
    - MEDIUM: regex: Remove null terminated strings.
    - MINOR: regex: Use native PCRE API.
    - MINOR: missing regex.h include
    - DOC: Add Exim as Proxy Protocol implementer.
    - BUILD: don't use type "uint" which is not portable
    - BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour
    - BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction
    - CLEANUP: http: don't clear CF_READ_NOEXP twice
    - DOC: fix proxy protocol v2 decoder example
    - DOC: fix remaining occurrences of "pattern extraction"
    - MINOR: log: allow the HTTP status code to be logged even in TCP frontends
    - MINOR: logs: don't limit HTTP header captures to HTTP frontends
    - MINOR: sample: improve sample_fetch_string() to report partial contents
    - MINOR: capture: extend the captures to support non-header keys
    - MINOR: tcp: prepare support for the "capture" action
    - MEDIUM: tcp: add a new tcp-request capture directive
    - MEDIUM: session: allow shorter retry delay if timeout connect is small
    - MEDIUM: session: don't apply the retry delay when redispatching
    - MEDIUM: session: redispatch earlier when possible
    - MINOR: config: warn when tcp-check rules are used without option tcp-check
    - BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol
    - DOC: proxy protocol example parser was still wrong
    - DOC: minor updates to the proxy protocol doc
    - CLEANUP: connection: merge proxy proto v2 header and address block
    - MEDIUM: connection: add support for proxy protocol v2 in accept-proxy
    - MINOR: tools: add new functions to quote-encode strings
    - DOC: clarify the CSV format
    - MEDIUM: stats: report the last check and last agent's output on the CSV status
    - MINOR: freq_ctr: introduce a new averaging method
    - MEDIUM: session: maintain per-backend and per-server time statistics
    - MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs
    - BUG/MINOR: http: fix typos in previous patch
    - DOC: remove the ultra-obsolete TODO file
    - DOC: update roadmap
    - DOC: minor updates to the README
    - DOC: mention the maxconn limitations with the select poller
    - DOC: commit a few old design thoughts files

2014/05/28 : 1.5-dev26
    - BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1.
    - BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one
    - OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance
    - MINOR: fix a few memory usage errors
    - CONTRIB: halog: Filter input lines by date and time through timestamp
    - MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int
    - BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()
    - MINOR: acl: set "str" as default match for strings
    - DOC: Add some precisions about acl default matching method
    - MEDIUM: acl: strenghten the option parser to report invalid options
    - BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25
    - BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks
    - MINOR: stats: improve alignment of color codes to save one line of header
    - MINOR: checks: simplify and improve reporting of state changes when using log-health-checks
    - MINOR: server: remove the SRV_DRAIN flag which can always be deduced
    - MINOR: server: use functions to detect state changes and to update them
    - MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer
    - BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining
    - BUG/MAJOR: config: don't free valid regex memory
    - BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called
    - BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status
    - MEDIUM: proxy: make timeout parser a bit stricter
    - REORG/MEDIUM: server: split server state and flags in two different variables
    - REORG/MEDIUM: server: move the maintenance bits out of the server state
    - MAJOR: server: use states instead of flags to store the server state
    - REORG: checks: put the functions in the appropriate files !
    - MEDIUM: server: properly support and propagate the maintenance status
    - MEDIUM: server: allow multi-level server tracking
    - CLEANUP: checks: rename the server_status_printf function
    - MEDIUM: checks: simplify server up/down/nolb transitions
    - MAJOR: checks: move health checks changes to set_server_check_status()
    - MINOR: server: make the status reporting function support a reason
    - MINOR: checks: simplify health check reporting functions
    - MINOR: server: implement srv_set_stopped()
    - MINOR: server: implement srv_set_running()
    - MINOR: server: implement srv_set_stopping()
    - MEDIUM: checks: simplify failure notification using srv_set_stopped()
    - MEDIUM: checks: simplify success notification using srv_set_running()
    - MEDIUM: checks: simplify stopping mode notification using srv_set_stopping()
    - MEDIUM: stats: report a server's own state instead of the tracked one's
    - MINOR: server: make use of srv_is_usable() instead of checking eweight
    - MAJOR: checks: add support for a new "drain" administrative mode
    - MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page
    - MEDIUM: stats: introduce new actions to simplify admin status management
    - MINOR: cli: introduce a new "set server" command
    - MINOR: stats: report a distinct output for DOWN caused by agent
    - MINOR: checks: support specific check reporting for the agent
    - MINOR: checks: support a neutral check result
    - BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message
    - MEDIUM: cli: add support for enabling/disabling health checks.
    - MEDIUM: stats: report down caused by agent prior to reporting up
    - MAJOR: agent: rework the response processing and support additional actions
    - MINOR: stats: improve the stats web page to support more actions
    - CONTRIB: halog: avoid calling time/localtime/mktime for each line
    - DOC: document the workarouds for Google Chrome's bogus pre-connect
    - MINOR: stats: report SSL key computations per second
    - MINOR: stats: add counters for SSL cache lookups and misses

2014/05/10 : 1.5-dev25
    - MEDIUM: connection: Implement and extented PROXY Protocol V2
    - MINOR: ssl: clean unused ACLs declarations
    - MINOR: ssl: adds fetchs and ACLs for ssl back connection.
    - MINOR: ssl: merge client's and frontend's certificate functions.
    - MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint
    - MINOR: ssl: adds sample converter base64 for binary type.
    - MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id.
    - BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported.
    - MAJOR: ssl: Change default locks on ssl session cache.
    - BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring.
    - MINOR: ssl: add global statement tune.ssl.force-private-cache.
    - MINOR: ssl: remove fallback to SSL session private cache if lock init fails.
    - BUG/MEDIUM: patterns: last fix was still not enough
    - MINOR: http: export the smp_fetch_cookie function
    - MINOR: http: generic pointer to rule argument
    - BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering
    - BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns
    - BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend
    - BUG/MINOR: http: log 407 in case of proxy auth
    - MINOR: http: rely on the message body parser to send 100-continue
    - MEDIUM: http: move reqadd after execution of http_request redirect
    - MEDIUM: http: jump to dedicated labels after http-request processing
    - BUG/MINOR: http: block rules forgot to increment the denied_req counter
    - BUG/MINOR: http: block rules forgot to increment the session's request counter
    - MEDIUM: http: move Connection header processing earlier
    - MEDIUM: http: remove even more of the spaghetti in the request path
    - MINOR: http: silently support the "block" action for http-request
    - CLEANUP: proxy: rename "block_cond" to "block_rules"
    - MEDIUM: http: emulate "block" rules using "http-request" rules
    - MINOR: http: remove the now unused loop over "block" rules
    - MEDIUM: http: factorize the "auth" action of http-request and stats
    - MEDIUM: http: make http-request rules processing return a verdict instead of a rule
    - MINOR: config: add minimum support for emitting warnings only once
    - MEDIUM: config: inform the user about the deprecatedness of "block" rules
    - MEDIUM: config: inform the user that "reqsetbe" is deprecated
    - MEDIUM: config: inform the user only once that "redispatch" is deprecated
    - MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated
    - BUG/MINOR: auth: fix wrong return type in pat_match_auth()
    - BUILD: config: remove a warning with clang
    - BUG/MAJOR: http: connection setup may stall on balance url_param
    - BUG/MEDIUM: http/session: disable client-side expiration only after body
    - BUG/MEDIUM: http: correctly report request body timeouts
    - BUG/MEDIUM: http: disable server-side expiration until client has sent the body
    - MEDIUM: listener: make the accept function more robust against pauses
    - BUILD: syscalls: remove improper inline statement in front of syscalls
    - BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7
    - BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions
    - DOC: add some explanation on the shared cache build options in the readme.
    - MEDIUM: proxy: only adjust the backend's bind-process when already set
    - MEDIUM: config: limit nbproc to the machine's word size
    - MEDIUM: config: check the bind-process settings according to nbproc
    - MEDIUM: listener: parse the new "process" bind keyword
    - MEDIUM: listener: inherit the process mask from the proxy
    - MAJOR: listener: only start listeners bound to the same processes
    - MINOR: config: only report a warning when stats sockets are bound to more than 1 process
    - CLEANUP: config: set the maxaccept value for peers listeners earlier
    - BUG/MINOR: backend: only match IPv4 addresses with RDP cookies
    - BUG/MINOR: checks: correctly configure the address family and protocol
    - MINOR: tools: split is_addr() and is_inet_addr()
    - MINOR: protocols: use is_inet_addr() when only INET addresses are desired
    - MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets
    - MEDIUM: checks: only complain about the missing port when the check uses TCP
    - MEDIUM: unix: implement support for Linux abstract namespace sockets
    - DOC: map_beg was missing from the table of map_* converters
    - DOC: ebtree: indicate that prefix insertion/lookup may be used with strings
    - MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning
    - BUILD: remove the obsolete BSD and OSX makefiles
    - MEDIUM: unix: avoid a double connect probe when no data are sent
    - DOC: stop referencing the slow git repository in the README
    - BUILD: only build the systemd wrapper on Linux 2.6 and above
    - DOC: update roadmap with completed tasks
    - MEDIUM: session: implement half-closed timeouts (client-fin and server-fin)

2014/04/26 : 1.5-dev24
    - MINOR: pattern: find element in a reference
    - MEDIUM: http: ACL and MAP updates through http-(request|response) rules
    - MEDIUM: ssl: explicitly log failed handshakes after a heartbeat
    - DOC: Full section dedicated to the converters
    - MEDIUM: http: register http-request and http-response keywords
    - BUG/MINOR: compression: correctly report incoming byte count
    - BUG/MINOR: http: don't report server aborts as client aborts
    - BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer
    - CLEANUP: buffers: remove unused function buffer_contig_space_with_res()
    - MEDIUM: stats: reimplement HTTP keep-alive on the stats page
    - BUG/MAJOR: http: fix timeouts during data forwarding
    - BUG/MEDIUM: http: 100-continue responses must process the next part immediately
    - MEDIUM: http: move skipping of 100-continue earlier
    - BUILD: stats: let gcc know that last_fwd cannot be used uninitialized...
    - CLEANUP: general: get rid of all old occurrences of "session *t"
    - CLEANUP: http: remove the useless "if (1)" inherited from version 1.4
    - BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back
    - MEDIUM: http: enable analysers to have keep-alive on stats
    - REORG: http: move HTTP Connection response header parsing earlier
    - MINOR: stats: always emit HTTP/1.1 in responses
    - MINOR: http: add capture.req.ver and capture.res.ver
    - MINOR: checks: add a new global max-spread-checks directive
    - BUG/MAJOR: http: fix the 'next' pointer when performing a redirect
    - MINOR: http: implement the max-keep-alive-queue setting
    - DOC: fix alphabetic order of tcp-check
    - MINOR: connection: add a new error code for SSL with heartbeat
    - MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack
    - BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits"
    - BUILD: http: remove a warning on strndup
    - BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1
    - BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack
    - MINOR: ssl: finally catch the heartbeats missing the padding

2014/04/23 : 1.5-dev23
    - BUG/MINOR: reject malformed HTTP/0.9 requests
    - MINOR: systemd wrapper: re-execute on SIGUSR2
    - MINOR: systemd wrapper: improve logging
    - MINOR: systemd wrapper: propagate exit status
    - BUG/MINOR: tcpcheck connect wrong behavior
    - MEDIUM: proxy: support use_backend with dynamic names
    - MINOR: stats: Enhancement to stats page to provide information of last session time.
    - BUG/MEDIUM: peers: fix key consistency for integer stick tables
    - DOC: fix a typo on http-server-close and encapsulate options with double-quotes
    - DOC: fix fetching samples syntax
    - MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID
    - MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2
    - DOC: fix typo
    - CLEANUP: code style: use tabs to indent codes instead of spaces
    - DOC: fix a few config typos.
    - BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv()
    - DOC: lowercase format string in unique-id
    - MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode
    - BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version
    - BUG/MINOR: build: add missing objects in osx and bsd Makefiles
    - BUG/MINOR: build: handle whitespaces in wc -l output
    - BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO
    - MEDIUM: ssl: Add standardized DH parameters >= 1024 bits
    - BUG/MEDIUM: map: The map parser includes blank lines.
    - BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes.
    - MINOR: standard: add function "encode_chunk"
    - BUG/MINOR: http: fix encoding of samples used in http headers
    - MINOR: sample: add hex converter
    - MEDIUM: sample: change the behavior of the bin2str cast
    - MAJOR: auth: Change the internal authentication system.
    - MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()"
    - MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string.
    - MEDIUM: pattern: Change the prototype of the function pattern_register().
    - CONTRIB: ip6range: add a network IPv6 range to mask converter
    - MINOR: pattern: separe list element from the data part.
    - MEDIUM: pattern: add indexation function.
    - MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation
    - MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree"
    - MINOR: sample: dont call the sample cast function "c_none"
    - MINOR: standard: Add function for converting cidr to network mask.
    - MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags
    - MEDIUM: sample/http_proto: Add new type called method
    - MINOR: dumpstats: Group map inline help
    - MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match.
    - MINOR: dumpstats: change map inline sentences
    - MINOR: dumpstats: change the "get map" display management
    - MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format.
    - MEDIUM: pattern: The match function browse itself the list or the tree.
    - MEDIUM: pattern: Index IPv6 addresses in a tree.
    - MEDIUM: pattern: add delete functions
    - MEDIUM: pattern: add prune function
    - MEDIUM: pattern: add sample lookup function.
    - MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used
    - MINOR: map/pattern: The sample parser is stored in the pattern
    - MAJOR: pattern/map: Extends the map edition system in the patterns
    - MEDIUM: pattern: merge same pattern
    - MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once.
    - MINOR: pattern: Each pattern is identified by unique id.
    - MINOR: pattern/acl: Each pattern of each acl can be load with specified id
    - MINOR: pattern: The function "pattern_register()" is no longer used.
    - MINOR: pattern: Merge function pattern_add() with pat_ref_push().
    - MINOR: pattern: store configuration reference for each acl or map pattern.
    - MINOR: pattern: Each pattern expression element store the reference struct.
    - MINOR: dumpstats: display the reference for th key/pattern and value.
    - MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed
    - MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed
    - MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped
    - MINOR: pattern/map/acl: Centralization of the file parsers
    - MINOR: pattern: Check if the file reference is not used with acl and map
    - MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns
    - MEDIUM: dumpstats: Display error message during add of values.
    - MINOR: pattern: The function pat_ref_set() have now atomic behavior
    - MINOR: regex: The pointer regstr in the struc regex is no longer used.
    - MINOR: cli: Block the usage of the command "acl add" in many cases.
    - MINOR: doc: Update the documentation about the map and acl
    - MINOR: pattern: index duplicates
    - MINOR: configuration: File and line propagation
    - MINOR: dumpstat/conf: display all the configuration lines that using pattern reference
    - MINOR: standard: Disable ip resolution during the runtime
    - MINOR: pattern: Remove the flag "PAT_F_FROM_FILE".
    - MINOR: pattern: forbid dns resolutions
    - DOC: document "get map" / "get acl" on the CLI
    - MEDIUM: acl: Change the acl register struct
    - BUG/MEDIUM: acl: boolean only matches were broken by recent changes
    - DOC: pattern: pattern organisation schematics
    - MINOR: pattern/cli: Update used terms in documentation and cli
    - MINOR: cli: remove information about acl or map owner.
    - MINOR: session: don't always assume there's a listener
    - MINOR: pattern: Add function to prune and reload pattern list.
    - MINOR: standard: Add ipv6 support in the function url2sa().
    - MEDIUM: config: Dynamic sections.
    - BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches
    - MINOR: http: Add the "language" converter to for use with accept-language
    - BUG/MINOR: log: Don't dump empty unique-id
    - BUG/MAJOR: session: fix a possible crash with src_tracked
    - DOC: Update "language" documentation
    - MINOR: http: add the function "del-header" to the directives http-request and http-response
    - DOC: add some information on capture.(req|res).hdr
    - MINOR: http: capture.req.method and capture.req.uri
    - MINOR: http: optimize capture.req.method and capture.req.uri
    - MINOR: session: clean up the connection free code
    - BUG/MEDIUM: checks: immediately report a connection success
    - MEDIUM: connection: don't use real send() flags in snd_buf()
    - OPTIM: ssl: implement dynamic record size adjustment
    - MINOR: stats: report exact last session time in backend too
    - BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV.
    - BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL
    - BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
    - MINOR: channel: add the date of last read in the channel
    - MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle
    - MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time
    - MINOR: config: make the stream interface idle timer user-configurable
    - MINOR: config: add global directives to set default SSL ciphers
    - MINOR: sample: add a rand() sample fetch to return a sample.
    - BUG/MEDIUM: config: immediately abort if peers section has no name
    - BUG/MINOR: ssl: fix syntax in config error message
    - BUG/MEDIUM: ssl: always send a full buffer after EAGAIN
    - BUG/MINOR: config: server on-marked-* statement is ignored in default-server
    - BUG/MEDIUM: backend: prefer-last-server breaks redispatch
    - BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server
    - MEDIUM: acl: fix pattern type for payload / payload_lv
    - BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer
    - BUG/MEDIUM: compression: fix the output type of the compressor name
    - BUG/MEDIUM: http: don't start to forward request data before the connect
    - MINOR: http: release compression context only in http_end_txn()
    - MINOR: protect ebimtree/ebistree against multiple inclusions
    - MEDIUM: proxy: create a tree to store proxies by name
    - MEDIUM: proxy: make findproxy() use trees to look up proxies
    - MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies
    - MEDIUM: stick-table: lookup table names using trees.
    - MEDIUM: config: faster lookup for duplicated proxy name
    - CLEANUP: acl: remove obsolete test in parse_acl_expr()
    - MINOR: sample: move smp_to_type to sample.c
    - MEDIUM: compression: consider the "q=" attribute in Accept-Encoding
    - REORG: cfgparse: move server keyword parsing to server.c
    - BUILD: adjust makefile for AIX 5.1
    - BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array
    - CLEANUP: pattern: move array definitions to proto/ and not types/
    - BUG/MAJOR: counters: check for null-deref when looking up an alternate table
    - BUILD: ssl: previous patch failed
    - BUILD/MEDIUM: standard: get rid of the last strcpy()
    - BUILD/MEDIUM: standard: get rid of sprintf()
    - BUILD/MEDIUM: cfgparse: get rid of sprintf()
    - BUILD/MEDIUM: checks: get rid of sprintf()
    - BUILD/MEDIUM: http: remove calls to sprintf()
    - BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary
    - BUILD/MINOR: ssl: remove one call to sprintf()
    - MEDIUM: http: don't reject anymore message bodies not containing the url param
    - MEDIUM: http: wait for the first chunk or message body length in http_process_body
    - CLEANUP: http: rename http_process_request_body()
    - CLEANUP: http: prepare dedicated processing for chunked encoded message bodies
    - MINOR: http: make msg->eol carry the last CRLF length
    - MAJOR: http: do not use msg->sol while processing messages or forwarding data
    - MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer
    - MAJOR: http: don't update msg->sov anymore while processing the body
    - MINOR: http: add a small helper to compute the amount of body bytes present
    - MEDIUM: http: add a small helper to compute how far to rewind to find headers
    - MINOR: http: add a small helper to compute how far to rewind to find URI
    - MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA
    - MAJOR: http: reset msg->sov after headers are forwarded
    - MEDIUM: http: forward headers again while waiting for connection to complete
    - BUG/MINOR: http: deinitialize compression after a parsing error
    - BUG/MINOR: http: deinitialize compression after a compression error
    - MEDIUM: http: headers must be forwarded even if data was already inspected
    - MAJOR: http: re-enable compression on chunked encoding
    - MAJOR: http/compression: fix chunked-encoded response processing
    - MEDIUM: http: cleanup: centralize a little bit HTTP compression end
    - MEDIUM: http: start to centralize the forwarding code
    - MINOR: http: further cleanups of response forwarding function
    - MEDIUM: http: only allocate the temporary compression buffer when needed
    - MAJOR: http: centralize data forwarding in the request path
    - CLEANUP: http: document the response forwarding states
    - CLEANUP: http: remove all calls to http_silent_debug()
    - DOC: internal: add some reminders about HTTP parsing and pointer states
    - BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo
    - BUG/MINOR: stats: last session was not always set
    - DOC: add pointer to the Cyril's HTML doc in the README
    - MEDIUM: config: relax use_backend check to make the condition optional
    - MEDIUM: config: report misplaced http-request rules
    - MEDIUM: config: report misplaced use-server rules
    - DOC: update roadmap with what was done.

2014/02/03 : 1.5-dev22
    - MEDIUM: tcp-check new feature: connect
    - MEDIUM: ssl: Set verify 'required' as global default for servers side.
    - MINOR: ssl: handshake optim for long certificate chains.
    - BUG/MINOR: pattern: pattern comparison executed twice
    - BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..."
    - BUG/MEDIUM: pattern: Segfault in binary parser
    - MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation.
    - MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated
    - BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function.
    - BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type.
    - BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer
    - BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
    - MINOR: doc: Bad cli function name.
    - MINOR: http: smp_fetch_capture_header_* fetch captured headers
    - BUILD: last release inadvertently prepended a "+" in front of the date
    - BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler
    - BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse
    - BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes"
    - BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
    - MINOR: http: try to stick to same server after status 401/407
    - BUG/MINOR: http: always disable compression on HTTP/1.0
    - OPTIM: poll: restore polling after a poll/stop/want sequence
    - OPTIM: http: don't stop polling for read on the client side after a request
    - BUG/MEDIUM: checks: unchecked servers could not be enabled anymore
    - BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
    - BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned
    - BUG/MINOR: stream-int: do not clear the owner upon unregister
    - MEDIUM: stats: add support for HTTP keep-alive on the stats page
    - BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch
    - Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page"
    - MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes
    - OPTIM: session: set the READ_DONTWAIT flag when connecting
    - BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests
    - MINOR: session: factor out the connect time measurement
    - MEDIUM: session: prepare to support earlier transitions to the established state
    - MEDIUM: stream-int: make si_connect() return an established state when possible
    - MINOR: checks: use an inline function for health_adjust()
    - OPTIM: session: put unlikely() around the freewheeling code
    - MEDIUM: config: report a warning when multiple servers have the same name
    - BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence"
    - BUILD/MINOR: listener: remove a glibc warning on accept4()
    - BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage
    - BUILD: listener: fix recent accept4() again
    - BUG/MAJOR: ssl: fix breakage caused by recent fix abf08d9
    - BUG/MEDIUM: polling: ensure we update FD status when there's no more activity
    - MEDIUM: listener: fix polling management in the accept loop
    - MINOR: protocol: improve the proto->drain() API
    - MINOR: connection: add a new conn_drain() function
    - MEDIUM: tcp: report in tcp_drain() that lingering is already disabled on close
    - MEDIUM: connection: update callers of ctrl->drain() to use conn_drain()
    - MINOR: connection: add more error codes to report connection errors
    - MEDIUM: tcp: report connection error at the connection level
    - MEDIUM: checks: make use of chk_report_conn_err() for connection errors
    - BUG/MEDIUM: unique_id: HTTP request counter is not stable
    - DOC: fix misleading information about SIGQUIT
    - BUG/MAJOR: fix freezes during compression
    - BUG/MEDIUM: stream-interface: don't wake the task up before end of transfer
    - BUILD: fix VERDATE exclusion regex
    - CLEANUP: polling: rename "spec_e" to "state"
    - DOC: add a diagram showing polling state transitions
    - REORG: polling: rename "spec_e" to "state" and "spec_p" to "cache"
    - REORG: polling: rename "fd_spec" to "fd_cache"
    - REORG: polling: rename the cache allocation functions
    - REORG: polling: rename "fd_process_spec_events()" to "fd_process_cached_events()"
    - MAJOR: polling: rework the whole polling system
    - MAJOR: connection: remove the CO_FL_WAIT_{RD,WR} flags
    - MEDIUM: connection: remove conn_{data,sock}_poll_{recv,send}
    - MEDIUM: connection: add check for readiness in I/O handlers
    - MEDIUM: stream-interface: the polling flags must always be updated in chk_snd_conn
    - MINOR: stream-interface: no need to call fd_stop_both() on error
    - MEDIUM: connection: no need to recheck FD state
    - CLEANUP: connection: use conn_ctrl_ready() instead of checking the flag
    - CLEANUP: connection: use conn_xprt_ready() instead of checking the flag
    - CLEANUP: connection: fix comments in connection.h to reflect new behaviour.
    - OPTIM: raw-sock: don't speculate after a short read if polling is enabled
    - MEDIUM: polling: centralize polled events processing
    - MINOR: polling: create function fd_compute_new_polled_status()
    - MINOR: cli: add more information to the "show info" output
    - MEDIUM: listener: add support for limiting the session rate in addition to the connection rate
    - MEDIUM: listener: apply a limit on the session rate submitted to SSL
    - REORG: stats: move the stats socket states to dumpstats.c
    - MINOR: cli: add the new "show pools" command
    - BUG/MEDIUM: counters: flush content counters after each request
    - BUG/MEDIUM: counters: fix stick-table entry leak when using track-sc2 in connection
    - MINOR: tools: add very basic support for composite pointers
    - MEDIUM: counters: stop relying on session flags at all
    - BUG/MINOR: cli: fix missing break in command line parser
    - BUG/MINOR: config: correctly report when log-format headers require HTTP mode
    - MAJOR: http: update connection mode configuration
    - MEDIUM: http: make keep-alive + httpclose be passive mode
    - MAJOR: http: switch to keep-alive mode by default
    - BUG/MEDIUM: http: fix regression caused by recent switch to keep-alive by default
    - BUG/MEDIUM: listener: improve detection of non-working accept4()
    - BUILD: listener: add fcntl.h and unistd.h
    - BUG/MINOR: raw_sock: correctly set the MSG_MORE flag

2013/12/17 : 1.5-dev21
    - MINOR: stats: don't use a monospace font to report numbers
    - MINOR: session: remove debugging code
    - BUG/MAJOR: patterns: fix double free caused by loading strings from files
    - MEDIUM: http: make option http_proxy automatically rewrite the URL
    - BUG/MEDIUM: http: cook_cnt() forgets to set its output type
    - BUG/MINOR: stats: correctly report throttle rate of low weight servers
    - BUG/MEDIUM: checks: servers must not start in slowstart mode
    - BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords
    - MEDIUM: stream-int: implement a very simplistic idle connection manager
    - DOC: update the ROADMAP file

2013/12/16 : 1.5-dev20
    - DOC: add missing options to the manpage
    - DOC: add manpage references to all system calls
    - DOC: update manpage reference to haproxy-en.txt
    - DOC: remove -s and -l options from the manpage
    - DOC: missing information for the "description" keyword
    - DOC: missing http-send-name-header keyword in keyword table
    - MINOR: tools: function my_memmem() to lookup binary contents
    - MEDIUM: checks: add send/expect tcp based check
    - MEDIUM: backend: Enhance hash-type directive with an algorithm options
    - MEDIUM: backend: Implement avalanche as a modifier of the hashing functions.
    - DOC: Documentation for hashing function, with test results.
    - BUG/MEDIUM: ssl: potential memory leak using verifyhost
    - BUILD: ssl: compilation issue with openssl v0.9.6.
    - BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg.
    - MINOR: ssl: optimization of verifyhost on wildcard certificates.
    - BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard.
    - MINOR: ssl: Add statement 'verifyhost' to "server" statements
    - CLEANUP: session: remove event_accept() which was not used anymore
    - BUG/MINOR: deinit: free fdinfo while doing cleanup
    - DOC: minor typo fix in documentation
    - BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE
    - BUG/MINOR: use the same check condition for server as other algorithms
    - DOC: fix typo in comments
    - BUG/MINOR: deinit: free server map which is allocated in init_server_map()
    - CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop()
    - MINOR: buffer: align the last output line of buffer_dump()
    - MINOR: buffer: align the last output line if there are less than 8 characters left
    - DOC: stick-table: modify the description
    - OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set
    - CLEANUP: code style: use tabs to indent codes
    - DOC: checkcache: block responses with cacheable cookies
    - BUG/MINOR: check_config_validity: check the returned value of stktable_init()
    - MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory
    - MEDIUM: systemd-wrapper: Kill child processes when interrupted
    - LOW: systemd-wrapper: Write debug information to stdout
    - BUG/MINOR: http: fix "set-tos" not working in certain configurations
    - MEDIUM: http: add IPv6 support for "set-tos"
    - DOC: ssl: update build instructions to use new SSL_* variables
    - BUILD/MINOR: systemd: fix compiler warning about unused result
    - url32+src - like base32+src but whole url including parameters
    - BUG/MINOR: fix forcing fastinter in "on-error"
    - CLEANUP: Make parameters of srv_downtime and srv_getinter const
    - CLEANUP: Remove unused 'last_slowstart_change' field from struct peer
    - MEDIUM: Split up struct server's check element
    - MEDIUM: Move result element to struct check
    - MEDIUM: Paramatise functions over the check of a server
    - MEDIUM: cfgparse: Factor out check initialisation
    - MEDIUM: Add state to struct check
    - MEDIUM: Move health element to struct check
    - MEDIUM: Add helper for task creation for checks
    - MEDIUM: Add helper function for failed checks
    - MEDIUM: Log agent fail, stopped or down as info
    - MEDIUM: Remove option lb-agent-chk
    - MEDIUM: checks: Add supplementary agent checks
    - MEDIUM: Do not mark a server as down if the agent is unavailable
    - MEDIUM: Set rise and fall of agent checks to 1
    - MEDIUM: Add enable and disable agent unix socket commands
    - MEDIUM: Add DRAIN state and report it on the stats page
    - BUILD/MINOR: missing header file
    - CLEANUP: regex: Create regex_comp function that compiles regex using compilation options
    - CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char.
    - MINOR: http: some exported functions were not in the header file
    - MINOR: http: change url_decode to return the size of the decoded string.
    - BUILD/MINOR: missing header file
    - BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap
    - BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments
    - MINOR: sample: export the generic sample conversion parser
    - MINOR: sample: export sample_casts
    - MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword
    - MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr"
    - MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function.
    - MINOR: tools: Add a function to convert buffer to an ipv6 address
    - MINOR: acl: export acl arrays
    - MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function
    - MINOR: acl: Extract the pattern matching function
    - MINOR: sample: Define new struct sample_storage
    - MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern"
    - REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c
    - MEDIUM: pattern: create pattern expression
    - MEDIUM: pattern: rename "acl" prefix to "pat"
    - MEDIUM: sample: let the cast functions set their output type
    - MINOR: sample: add a private field to the struct sample_conv
    - MINOR: map: Define map types
    - MEDIUM: sample: add the "map" converter
    - MEDIUM: http: The redirect strings follows the log format rules.
    - BUG/MINOR: acl: acl parser does not recognize empty converter list
    - BUG/MINOR: map: The map list was declared in the map.h file
    - MINOR: map: Cleanup the initialisation of map descriptors.
    - MEDIUM: map: merge identical maps
    - BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node"
    - BUG/MEDIUM: map: Bad map file parser
    - CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN
    - BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end
    - MINOR: map: export map_get_reference() function
    - MINOR: pattern: Each pattern sets the expected input type
    - MEDIUM: acl: Last patch change the output type
    - MEDIUM: pattern: Extract the index process from the pat_parse_*() functions
    - MINOR: standard: The function parse_binary() can use preallocated buffer
    - MINOR: regex: Change the struct containing regex
    - MINOR: regex: Copy the original regex expression into string.
    - MINOR: pattern: add support for compiling patterns for lookups
    - MINOR: pattern: make the pattern matching function return a pointer to the matched element
    - MINOR: map: export parse output sample functions
    - MINOR: pattern: add function to lookup a specific entry in pattern list
    - MINOR: pattern/map: Each pattern must free the associated sample
    - MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char
    - MEDIUM: map: dynamic manipulation of maps
    - BUG/MEDIUM: unique_id: junk in log on empty unique_id
    - BUG/MINOR: log: junk at the end of syslog packet
    - MINOR: Makefile: provide cscope rule
    - DOC: compression: chunk are not compressed anymore
    - MEDIUM: session: disable lingering on the server when the client aborts
    - BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS
    - DOC: remove the comment saying that SSL certs are not checked on the server side
    - BUG: counters: third counter was not stored if others unset
    - BUG/MAJOR: http: don't emit the send-name-header when no server is available
    - BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
    - BUG/MAJOR: http: sample prefetch code was not properly migrated
    - BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing
    - BUG/MINOR: stream_interface: don't call chk_snd() on polled events
    - OPTIM: splicing: use splice() for the last block when relevant
    - MEDIUM: sample: handle comma-delimited converter list
    - MINOR: sample: fix sample_process handling of unstable data
    - CLEANUP: acl: move the 3 remaining sample fetches to samples.c
    - MINOR: sample: add a new "date" fetch to return the current date
    - MINOR: samples: add the http_date([<offset>]) sample converter.
    - DOC: minor improvements to the part on the stats socket.
    - MEDIUM: sample: systematically pass the keyword pointer to the keyword
    - MINOR: payload: split smp_fetch_rdp_cookie()
    - MINOR: counters: factor out smp_fetch_sc*_tracked
    - MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src.
    - MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0
    - MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0
    - MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0
    - MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt
    - MEDIUM: counters: factor out smp_fetch_sc*_conn_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_conn_cur
    - MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt
    - MEDIUM: counters: factor out smp_fetch_sc*_sess_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt
    - MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt
    - MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in
    - MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out
    - MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate
    - MEDIUM: counters: factor out smp_fetch_sc*_trackers
    - MINOR: session: make the number of stick counter entries more configurable
    - MEDIUM: counters: support passing the counter number as a fetch argument
    - MEDIUM: counters: support looking up a key in an alternate table
    - MEDIUM: cli: adjust the method for feeding frequency counters in tables
    - MINOR: cli: make it possible to enter multiple values at once with "set table"
    - MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths
    - BUG/MINOR: cli: "clear table" must not kill entries that don't match condition
    - MINOR: ssl: use MAXPATHLEN instead of PATH_MAX
    - MINOR: config: warn when a server with no specific port uses rdp-cookie
    - BUG/MEDIUM: unique_id: HTTP request counter must be unique!
    - DOC: add a mention about the limited chunk size
    - BUG/MEDIUM: fix broken send_proxy on FreeBSD
    - MEDIUM: stick-tables: flush old entries upon soft-stop
    - MINOR: tcp: add new "close" action for tcp-response
    - MINOR: payload: provide the "res.len" fetch method
    - BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl
    - MINOR: http: compute response time before processing headers
    - BUG/MINOR: acl: fix improper string size assignment in proxy argument
    - BUG/MEDIUM: http: accept full buffers on smp_prefetch_http
    - BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved
    - BUG/MEDIUM: session: risk of crash on out of memory conditions
    - BUG/MINOR: peers: set the accept date in outgoing connections
    - BUG/MEDIUM: tcp: do not skip tracking rules on second pass
    - BUG/MEDIUM: acl: do not evaluate next terms after a miss
    - MINOR: acl: add a warning when an ACL keyword is used without any value
    - MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set
    - BUG/MINOR: acl: remove patterns from the tree before freeing them
    - MEDIUM: backend: add support for the wt6 hash
    - OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes
    - OPTIM/MINOR: mark the source address as already known on accept()
    - BUG/MINOR: stats: don't count tarpitted connections twice
    - CLEANUP: http: homogenize processing of denied req counter
    - CLEANUP: http: merge error handling for req* and http-request *
    - BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules
    - BUG/MINOR: http: fix build warning introduced with url32/url32_src
    - BUG/MEDIUM: checks: fix slow start regression after fix attempt
    - BUG/MAJOR: server: weight calculation fails for map-based algorithms
    - MINOR: stats: report correct throttling percentage for servers in slowstart
    - OPTIM: connection: fold the error handling with handshake handling
    - MINOR: peers: accept to learn strings of different lengths
    - BUG/MAJOR: fix haproxy crash when using server tracking instead of checks
    - BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start
    - BUG/MINOR: stats: do not report "via" on tracking servers in maintenance
    - BUG/MINOR: connection: fix typo in error message report
    - BUG/MINOR: backend: fix target address retrieval in transparent mode
    - BUG/MINOR: config: report the correct track-sc number in tcp-rules
    - BUG/MINOR: log: fix log-format parsing errors
    - DOC: add some information about how to apply converters to samples
    - MINOR: acl/pattern: use types different from int to clarify who does what.
    - MINOR: pattern: import acl_find_match_name() into pattern.h
    - MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6
    - MEDIUM: log-format: relax parsing of '%' followed by unsupported characters
    - BUG/MINOR: http: usual deinit stuff in last commit
    - BUILD: log: silent a warning about isblank() with latest patches
    - BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order
    - BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors
    - BUG/MINOR: checks: don't consider errno and use conn->err_code
    - BUG/MEDIUM: checks: also update the DRAIN state from the web interface
    - MINOR: stats: remove some confusion between the DRAIN state and NOLB
    - BUG/MINOR: tcp: check that no error is pending during a connect probe
    - BUG/MINOR: connection: check EINTR when sending a PROXY header
    - MEDIUM: connection: set the socket shutdown flags on socket errors
    - BUG/MEDIUM: acl: fix regression introduced by latest converters support
    - MINOR: connection: clear errno prior to checking for errors
    - BUG/MINOR: checks: do not trust errno in write event before any syscall
    - MEDIUM: checks: centralize error reporting
    - OPTIM: checks: don't poll on recv when using plain TCP connects
    - OPTIM: checks: avoid setting SO_LINGER twice
    - MINOR: tools: add a generic binary hex string parser
    - BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send
    - BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full
    - BUG/MEDIUM: args: fix double free on error path in argument expression parser
    - BUG/MINOR: acl: fix sample expression error reporting
    - BUG/MINOR: checks: tcp-check actions are enums, not flags
    - MEDIUM: checks: make tcp-check perform multiple send() at once
    - BUG/MEDIUM: stick: completely remove the unused flag from the store entries
    - OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit
    - BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
    - CLEANUP: stream_interface: remove unused field err_loc
    - MEDIUM: stats: don't use conn->xprt_st anymore
    - MINOR: session: add a simple function to retrieve a session from a task
    - MEDIUM: stats: don't use conn->xprt_ctx anymore
    - MEDIUM: peers: don't rely on conn->xprt_ctx anymore
    - MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn
    - MINOR: connection: make it easier to emit proxy protocol for unknown addresses
    - MEDIUM: stats: prepare the HTTP stats I/O handler to support more states
    - MAJOR: stats: move the HTTP stats handling to its applet
    - MEDIUM: stats: move request argument processing to the final step
    - MEDIUM: session: detect applets from the session by using s->target
    - MAJOR: session: check for a connection to an applet in sess_prepare_conn_req()
    - MAJOR: session: pass applet return traffic through the response analysers
    - MEDIUM: stream-int: split the shutr/shutw functions between applet and conn
    - MINOR: stream-int: make the shutr/shutw functions void
    - MINOR: obj: provide a safe and an unsafe access to pointed objects
    - MINOR: connection: add a field to store an object type
    - MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN
    - MEDIUM: stream interface: move the peers' ptr into the applet context
    - MINOR: stream-interface: move the applet context to its own struct
    - MINOR: obj: introduce a new type appctx
    - MINOR: stream-int: rename ->applet to ->appctx
    - MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet
    - MINOR: stream-int: add a new pointer to the end point
    - MEDIUM: stream-interface: set the pointer to the applet into the applet context
    - MAJOR: stream interface: remove the ->release function pointer
    - MEDIUM: stream-int: make ->end point to the connection or the appctx
    - CLEANUP: stream-int: remove obsolete si_ctrl function
    - MAJOR: stream-int: stop using si->conn and use si->end instead
    - MEDIUM: stream-int: do not allocate a connection in parallel to applets
    - MEDIUM: session: attach incoming connection to target on embryonic sessions
    - MINOR: connection: add conn_init() to (re)initialize a connection
    - MINOR: checks: call conn_init() to properly initialize the connection.
    - MINOR: peers: make use of conn_init() to initialize the connection
    - MINOR: session: use conn_init() to initialize the connections
    - MINOR: http: use conn_init() to reinitialize the server connection
    - MEDIUM: connection: replace conn_prepare with conn_assign
    - MINOR: get rid of si_takeover_conn()
    - MINOR: connection: add conn_new() / conn_free()
    - MAJOR: connection: add two new flags to indicate readiness of control/transport
    - MINOR: stream-interface: introduce si_reset() and si_set_state()
    - MINOR: connection: reintroduce conn_prepare to set the protocol and transport
    - MINOR: connection: replace conn_assign with conn_attach
    - MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn
    - MAJOR: stream interface: dynamically allocate the outgoing connection
    - MEDIUM: connection: move the send_proxy offset to the connection
    - MINOR: connection: check for send_proxy during the connect(), not the SI
    - MEDIUM: connection: merge the send_proxy and local_send_proxy calls
    - MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx()
    - MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler()
    - MAJOR: stream-interface: dynamically allocate the applet context
    - MEDIUM: session: automatically register the applet designated by the target
    - MEDIUM: stats: delay appctx initialization
    - CLEANUP: peers: use less confusing state/status code names
    - MEDIUM: peers: delay appctx initialization
    - MINOR: stats: provide some appctx information in "show sess all"
    - DIET/MINOR: obj: pack the obj_type enum to 8 bits
    - DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct
    - DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes
    - DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes
    - DIET/MINOR: session: reduce the struct session size by 8 bytes
    - DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes
    - DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes
    - MINOR: http: switch the http state to an enum
    - MINOR: http: use an enum for the auth method in http_auth_data
    - DIET/MINOR: task: reduce struct task size by 8 bytes
    - MINOR: stream_interface: add reporting of ressouce allocation errors
    - MINOR: session: report lack of resources using the new stream-interface's error code
    - BUILD: simplify the date and version retrieval in the makefile
    - BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE
    - BUILD: use format tags in VERDATE and SUBVERS files
    - BUG/MEDIUM: channel:  bo_getline() must wait for \n until buffer is full
    - CLEANUP: check: server port is unsigned
    - BUG/MEDIUM: checks: agent doesn't get the response if server does not closes
    - MINOR: tools: buf2ip6 must not modify output on failure
    - MINOR: pattern: do not assign SMP_TYPES by default to patterns
    - MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors
    - MINOR: arg: improve wording on error reporting
    - BUG/MEDIUM: sample: simplify and fix the argument parsing
    - MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors
    - MEDIUM: acl: fix the initialization order of the ACL expression
    - CLEANUP: acl: remove useless blind copy-paste from sample converters
    - TESTS: add regression tests for ACL and sample expression parsers
    - BUILD: time: adapt the type of TV_ETERNITY to the local system
    - MINOR: chunks: allocate the trash chunks before parsing the config
    - BUILD: definitely silence some stupid GCC warnings
    - MINOR: chunks: always initialize the output chunk in get_trash_chunk()
    - MINOR: checks: improve handling of the servers tracking chain
    - REORG: checks: retrieve the check-specific defines from server.h to checks.h
    - MINOR: checks: use an enum instead of flags to report a check result
    - MINOR: checks: rename the state flags
    - MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED
    - MINOR: checks: use check->state instead of srv->state & SRV_CHECKED
    - MINOR: checks: fix agent check interval computation
    - MINOR: checks: add a PAUSED state for the checks
    - MINOR: checks: create the agent tasks even when no check is configured
    - MINOR: checks: add a flag to indicate what check is an agent
    - MEDIUM: checks: enable agent checks even if health checks are disabled
    - BUG/MEDIUM: checks: ensure we can enable a server after boot
    - BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
    - BUG/MAJOR: session: repair tcp-request connection rules
    - BUILD: fix SUBVERS extraction in the Makefile
    - BUILD: pattern: silence a warning about uninitialized value
    - BUILD: log: fix build warning on Solaris
    - BUILD: dumpstats: fix build error on Solaris
    - DOC: move option pgsql-check to the correct place
    - DOC: move option tcp-check to the proper place
    - MINOR: connection: add simple functions to report connection readiness
    - MEDIUM: connection: centralize handling of nolinger in fd management
    - OPTIM: http: set CF_READ_DONTWAIT on response message
    - OPTIM: http: do not re-enable reading on client side while closing the server side
    - MINOR: config: add option http-keep-alive
    - MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not
    - MAJOR: stream-int: handle the connection reuse in si_connect()
    - MAJOR: http: add the keep-alive transition on the server side
    - MAJOR: backend: enable connection reuse
    - MINOR: http: add option prefer-last-server
    - MEDIUM: http: do not report connection errors for second and further requests

2013/06/17 : 1.5-dev19
    - MINOR: stats: remove the autofocus on the scope input field
    - BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored.
    - BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file.
    - BUG/MEDIUM: shctx: makes the code independent on SSL runtime version.
    - MEDIUM: ssl: improve crt-list format to support negation
    - BUG: ssl: fix crt-list for clients not supporting SNI
    - MINOR: stats: show soft-stopped servers in different color
    - BUG/MINOR: config: "source" does not work in defaults section
    - BUG: regex: fix pcre compile error when using JIT
    - MINOR: ssl: add pattern fetch 'ssl_c_sha1'
    - BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used
    - MINOR: show PCRE version and JIT status in -vv
    - BUG/MINOR: jit: don't rely on USE flag to detect support
    - DOC: readme: add suggestion to link against static openssl
    - DOC: examples: provide simplified ssl configuration
    - REORG: tproxy: prepare the transparent proxy defines for accepting other OSes
    - MINOR: tproxy: add support for FreeBSD
    - MINOR: tproxy: add support for OpenBSD
    - DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8
    - CLEANUP: fix minor typo in error message.
    - CLEANUP: fix missing include <string.h> in proto/listener.h
    - CLEANUP: protect checks.h from multiple inclusions
    - MINOR: compression: acl "res.comp" and fetch "res.comp_algo"
    - BUG/MINOR: http: add-header/set-header did not accept the ACL condition
    - BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32
    - BUG/MEDIUM: splicing is broken since 1.5-dev12
    - BUG/MAJOR: acl: add implicit arguments to the resolve list
    - BUG/MINOR: tcp: fix error reporting for TCP rules
    - CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix
    - MINOR: stick-table: allow to allocate an entry without filling it
    - BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes
    - MINOR: session: only call http_send_name_header() when changing the server
    - MINOR: tcp: report the erroneous word in tcp-request track*
    - BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
    - BUG/MEDIUM: log: fix regression on log-format handling
    - MEDIUM: log: report file name, line number, and directive name with log-format errors
    - BUG/MINOR: cli: "clear table" did not work anymore without a key
    - BUG/MINOR: cli: "clear table xx data.xx" does not work anymore
    - BUG/MAJOR: http: compression still has defects on chunked responses
    - BUG/MINOR: stats: fix confirmation links on the stats interface
    - BUG/MINOR: stats: the status bar does not appear anymore after a change
    - BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process"
    - BUG/MEDIUM: stats: fix a regression when dealing with POST requests
    - BUG/MINOR: fix unterminated ACL array in compression
    - BUILD: last fix broke non-linux platforms
    - MINOR: init: indicate the SSL runtime version on -vv.
    - BUG/MEDIUM: compression: the deflate algorithm must use global settings as well
    - BUILD: stdbool is not portable (again)
    - DOC: readme: add a small reminder about restrictions to respect in the code
    - MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates
    - BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT
    - DOC: fix wrong copy-paste in the rspdel example
    - MINOR: counters: make it easier to extend the amount of tracked counters
    - MEDIUM: counters: add support for tracking a third counter
    - MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables
    - BUG/MAJOR: http: always ensure response buffer has some room for a response
    - MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked
    - MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined
    - MINOR: log: add a new flag 'L' for locally processed requests
    - MINOR: http: add full-length header fetch methods
    - MEDIUM: protocol: implement a "drain" function in protocol layers
    - MEDIUM: http: add a new "http-response" ruleset
    - MEDIUM: http: add the "set-nice" action to http-request and http-response
    - MEDIUM: log: add a log level override value in struct session
    - MEDIUM: http: add support for action "set-log-level" in http-request/http-response
    - MEDIUM: http: add support for "set-tos" in http-request/http-response
    - MEDIUM: http: add the "set-mark" action on http-request/http-response rules
    - MEDIUM: tcp: add "tcp-request connection expect-proxy layer4"
    - MEDIUM: acl: automatically detect the type of certain fetches
    - MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches
    - MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches
    - DOC: major reorg of ACL + sample fetch
    - CLEANUP: http: remove the bogus urlp_ip ACL match
    - MINOR: acl: add the new "env()" fetch method to retrieve an environment variable
    - BUG/MINOR: acl: correctly consider boolean fetches when doing casts
    - BUG/CRITICAL: fix a possible crash when using negative header occurrences
    - DOC: update ROADMAP file
    - MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3
    - MEDIUM: stats: add proxy name filtering on the statistic page

2013/04/03 : 1.5-dev18
    - DOCS: Add explanation of intermediate certs to crt paramater
    - DOC: typo and minor fixes in compression paragraph
    - MINOR: config: http-request configuration error message misses new keywords
    - DOC: minor typo fix in documentation
    - BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured.
    - MEDIUM: ssl: add bind-option "strict-sni"
    - MEDIUM: ssl: add mapping from SNI to cert file using "crt-list"
    - MEDIUM: regex: Use PCRE JIT in acl
    - DOC: simplify bind option "interface" explanation
    - DOC: tfo: bump required kernel to linux-3.7
    - BUILD: add explicit support for TFO with USE_TFO
    - MEDIUM: New cli option -Ds for systemd compatibility
    - MEDIUM: add haproxy-systemd-wrapper
    - MEDIUM: add systemd service
    - BUG/MEDIUM: systemd-wrapper: don't leak zombie processes
    - BUG/MEDIUM: remove supplementary groups when changing gid
    - BUG/MEDIUM: config: fix parser crash with bad bind or server address
    - BUG/MINOR: Correct logic in cut_crlf()
    - CLEANUP: checks: Make desc argument to set_server_check_status const
    - CLEANUP: dumpstats: Make cli_release_handler() static
    - MEDIUM: server: Break out set weight processing code
    - MEDIUM: server: Allow relative weights greater than 100%
    - MEDIUM: server: Tighten up parsing of weight string
    - MEDIUM: checks: Add agent health check
    - BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot
    - BUG/MINOR: time: frequency counters are not totally accurate
    - BUG/MINOR: http: don't process abortonclose when request was sent
    - BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw()
    - BUG/MEDIUM: checks: ignore late resets after valid responses
    - DOC: fix bogus recommendation on usage of gpc0 counter
    - BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request
    - MINOR: signal: don't block SIGPROF by default
    - OPTIM: epoll: make use of EPOLLRDHUP
    - OPTIM: splice: detect shutdowns and avoid splice() == 0
    - OPTIM: splice: assume by default that splice is working correctly
    - BUG/MINOR: log: temporary fix for lost SSL info in some situations
    - BUG/MEDIUM: peers: only the last peers section was used by tables
    - BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers
    - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
    - BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
    - BUG/MINOR: config: free peer's address when exiting upon parsing error
    - BUG/MINOR: config: check the proper variable when parsing log minlvl
    - BUG/MEDIUM: checks: ensure the health_status is always within bounds
    - BUG/MINOR: cli: show sess should always validate s->listener
    - BUG/MINOR: log: improper NULL return check on utoa_pad()
    - CLEANUP: http: remove a useless null check
    - CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener()
    - BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
    - BUG/MEDIUM: tools: off-by-one in quote_arg()
    - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
    - BUG/MINOR: unix: remove the 'level' field from the ux struct
    - CLEANUP: http: don't try to deinitialize http compression if it fails before init
    - CLEANUP: config: slowstart is never negative
    - CLEANUP: config: maxcompcpuusage is never negative
    - BUG/MEDIUM: log: emit '-' for empty fields again
    - BUG/MEDIUM: checks: fix a race condition between checks and observe layer7
    - BUILD: fix a warning emitted by isblank() on non-c99 compilers
    - BUILD: improve the makefile's support for libpcre
    - MEDIUM: halog: add support for counting per source address (-ic)
    - MEDIUM: tools: make str2sa_range support all address syntaxes
    - MEDIUM: config: make use of str2sa_range() instead of str2sa()
    - MEDIUM: config: use str2sa_range() to parse server addresses
    - MEDIUM: config: use str2sa_range() to parse peers addresses
    - MINOR: tests: add a config file to ease address parsing tests.
    - MINOR: ssl: add a global tunable for the max SSL/TLS record size
    - BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux
    - BUILD/MINOR: syscall: add definition of NR_accept4 for ARM
    - MINOR: config: report missing peers section name
    - BUG/MEDIUM: tools: fix bad character handling in str2sa_range()
    - BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket
    - MINOR: tools: prepare str2sa_range() to return an error message
    - BUG/MEDIUM: checks: don't call connect() on unsupported address families
    - MINOR: tools: prepare str2sa_range() to accept a prefix
    - MEDIUM: tools: make str2sa_range() parse unix addresses too
    - MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses
    - MEDIUM: config: use a single str2sa_range() call to parse bind addresses
    - MEDIUM: config: use str2sa_range() to parse log addresses
    - CLEANUP: tools: remove str2sun() which is not used anymore.
    - MEDIUM: config: add complete support for str2sa_range() in dispatch
    - MEDIUM: config: add complete support for str2sa_range() in server addr
    - MEDIUM: config: add complete support for str2sa_range() in 'server'
    - MEDIUM: config: add complete support for str2sa_range() in 'peer'
    - MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc'
    - CLEANUP: minor cleanup in str2sa_range() and str2ip()
    - CLEANUP: config: do not use multiple errmsg at once
    - MEDIUM: tools: support specifying explicit address families in str2sa_range()
    - MAJOR: listener: support inheriting a listening fd from the parent
    - MAJOR: tools: support environment variables in addresses
    - BUG/MEDIUM: http: add-header should not emit "-" for empty fields
    - BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong
    - BUG/MEDIUM: http: fix another issue caused by http-send-name-header
    - DOC: mention the new HTTP 307 and 308 redirect statues
    - MEDIUM: poll: do not use FD_* macros anymore
    - BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
    - BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings
    - BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern
    - BUILD: fix usual isdigit() warning on solaris
    - BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris
    - OPTIM: buffer: remove one jump in buffer_count()
    - OPTIM: http: improve branching in chunk size parser
    - OPTIM: http: optimize the response forward state machine
    - BUILD: enable poll() by default in the makefile
    - BUILD: add explicit support for Mac OS/X
    - BUG/MAJOR: http: use a static storage for sample fetch context
    - BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file()
    - BUG/MAJOR: http: fix regression introduced by commit a890d072
    - BUG/MAJOR: http: fix regression introduced by commit d655ffe
    - BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
    - MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used
    - MEDIUM: samples: use new flags to describe compatibility between fetches and their usages
    - MINOR: log: indicate it when some unreliable sample fetches are logged
    - MEDIUM: samples: move payload-based fetches and ACLs to their own file
    - MINOR: backend: rename sample fetch functions and declare the sample keywords
    - MINOR: frontend: rename sample fetch functions and declare the sample keywords
    - MINOR: listener: rename sample fetch functions and declare the sample keywords
    - MEDIUM: http: unify acl and sample fetch functions
    - MINOR: session: rename sample fetch functions and declare the sample keywords
    - MAJOR: acl: make all ACLs reference the fetch function via a sample.
    - MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
    - MAJOR: acl: remove fetch argument validation from the ACL struct
    - MINOR: http: add new direction-explicit sample fetches for headers and cookies
    - MINOR: payload: add new direction-explicit sample fetches
    - CLEANUP: acl: remove ACL hooks which were never used
    - MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed"
    - MINOR: sample: provide a function to report the name of a sample check point
    - MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires
    - CLEANUP: acl: remove unused references to ACL_USE_*
    - MINOR: http: replace acl_parse_ver with acl_parse_str
    - MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr
    - MAJOR: acl: add option -m to change the pattern matching method
    - MINOR: acl: remove the use_count in acl keywords
    - MEDIUM: acl: have a pointer to the keyword name in acl_expr
    - MEDIUM: acl: support using sample fetches directly in ACLs
    - MEDIUM: http: remove val_usr() to validate user_lists
    - MAJOR: sample: maintain a per-proxy list of the fetch args to resolve
    - MINOR: ssl: add support for the "alpn" bind keyword
    - MINOR: http: status code 303 is HTTP/1.1 only
    - MEDIUM: http: implement redirect 307 and 308
    - MINOR: http: status 301 should not be marked non-cacheable

2012/12/28 : 1.5-dev17
    - MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
    - BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5
    - BUG/MINOR: stats: last fix was still wrong
    - BUG/MINOR: stats: http-request rules still don't cope with stats
    - BUG/MINOR: http: http-request add-header emits a corrupted header
    - BUG/MEDIUM: stats: disable request analyser when processing POST or HEAD
    - BUG/MINOR: log: make log-format, unique-id-format and add-header more independant
    - BUILD: log: unused variable svid
    - CLEANUP: http: rename the misleading http_check_access_rule
    - MINOR: http: move redirect rule processing to its own function
    - REORG: config: move the http redirect rule parser to proto_http.c
    - MEDIUM: http: add support for "http-request redirect" rules
    - MEDIUM: http: add support for "http-request tarpit" rule

2012/12/24 : 1.5-dev16
    - BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections.
    - BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection.
    - MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate.
    - MINOR: contrib: make the iprange tool grep for addresses
    - CLEANUP: polling: gcc doesn't always optimize constants away
    - OPTIM: poll: optimize fd management functions for low register count CPUs
    - CLEANUP: poll: remove a useless double-check on fdtab[fd].owner
    - OPTIM: epoll: use a temp variable for intermediary flag computations
    - OPTIM: epoll: current fd does not count as a new one
    - BUG/MINOR: poll: the I/O handler was called twice for polled I/Os
    - MINOR: http: make resp_ver and status ACLs check for the presence of a response
    - BUG/MEDIUM: stream-interface: fix possible stalls during transfers
    - BUG/MINOR: stream_interface: don't return when the fd is already set
    - BUG/MEDIUM: connection: always update connection flags prior to computing polling
    - CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0
    - BUG/MAJOR: stream_interface: fix occasional data transfer freezes
    - BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up
    - BUG/MINOR: http: don't abort client connection on premature responses
    - BUILD: no need to clean up when making git-tar
    - MINOR: log: add a tag for amount of bytes uploaded from client to server
    - BUG/MEDIUM: log: fix possible segfault during config parsing
    - MEDIUM: log: change a few log tokens to make them easier to remember
    - BUG/MINOR: log: add_to_logformat_list() used the wrong constants
    - MEDIUM: log-format: make the format parser more robust and more extensible
    - MINOR: sample: support cast from bool to string
    - MINOR: samples: add a function to fetch and convert any sample to a string
    - MINOR: log: add lf_text_len
    - MEDIUM: log: add the ability to include samples in logs
    - REORG: stats: massive code reorg and cleanup
    - REORG: stats: move the HTTP header injection to proto_http
    - REORG: stats: functions are now HTTP/CLI agnostic
    - BUG/MINOR: log: fix regression introduced by commit 8a3f52
    - MINOR: chunks: centralize the trash chunk allocation
    - MEDIUM: stats: use hover boxes instead of title to report details
    - MEDIUM: stats: use multi-line tips to display detailed counters
    - MINOR: tools: simplify the use of the int to ascii macros
    - MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML
    - MINOR: http: prepare to support more http-request actions
    - MINOR: log: make parse_logformat_string() take a const char *
    - MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers

2012/12/12 : 1.5-dev15
    - DOC: add a few precisions on compression
    - BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert.
    - BUG/MINOR: ssl: One free session in cache remains unused.
    - BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err
    - MEDIUM: ssl: manage shared cache by blocks for huge sessions.
    - MINOR: acl: add fetch for server session rate
    - BUG/MINOR: compression: Content-Type is case insensitive
    - MINOR: compression: disable on multipart or status != 200
    - BUG/MINOR: http: don't report client aborts as server errors
    - MINOR: stats: compute the ratio of compressed response based on 2xx responses
    - MINOR: http: factor out the content-type checks
    - BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios
    - BUILD: ssl: OpenSSL 0.9.6 has no renegociation
    - BUG/MINOR: http: disable compression when message has no body
    - MINOR: compression: make the stats a bit more robust
    - BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes
    - MINOR: connection: don't remove failed handshake flags
    - MEDIUM: connection: add an error code in connections
    - MEDIUM: connection: add minimal error reporting in logs for incomplete connections
    - MEDIUM: connection: add error reporting for the PROXY protocol header
    - MEDIUM: connection: add error reporting for the SSL
    - DOC: document the connection error format in logs
    - BUG/MINOR: http: don't log a 503 on client errors while waiting for requests
    - BUILD: stdbool is not portable
    - BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead
    - BUG/MAJOR: raw_sock: must check error code on hangup
    - BUG/MAJOR: polling: do not set speculative events on ERR nor HUP
    - BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled
    - MINOR: stats: add a few more information on session dump
    - BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections
    - CLEANUP: connection: remove unused server/proxy/task/si_applet declarations
    - BUG/MEDIUM: tcp: process could theorically crash on lack of source ports
    - MINOR: cfgparse: mention "interface" in the list of allowed "source" options
    - MEDIUM: connection: introduce "struct conn_src" for servers and proxies
    - CLEANUP: proto_tcp: use the same code to bind servers and backends
    - CLEANUP: backend: use the same tproxy address selection code for servers and backends
    - BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13
    - MEDIUM: proto_tcp: add support for tracking L7 information
    - MEDIUM: counters: add sc1_trackers/sc2_trackers
    - MINOR: http: add the "base32" pattern fetch function
    - MINOR: http: add the "base32+src" fetch method.
    - CLEANUP: session: use an array for the stick counters
    - BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2
    - BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2
    - BUG/MAJOR: connection: always recompute polling status upon I/O
    - BUG/MINOR: connection: remove a few synchronous calls to polling updates
    - MINOR: config: improve error checking on TCP stick-table tracking
    - DOC: add some clarifications to the readme

2012/11/26 : 1.5-dev14
    - DOC: fix minor typos
    - BUG/MEDIUM: compression: does not forward trailers
    - MINOR: buffer_dump with ASCII
    - BUG/MEDIUM: checks: mark the check as stopped after a connect error
    - BUG/MEDIUM: checks: ensure we completely disable polling upon success
    - BUG/MINOR: checks: don't mark the FD as closed before transport close
    - MEDIUM: checks: avoid accumulating TIME_WAITs during checks
    - MINOR: cli: report the msg state in full text in "show sess $PTR"
    - CLEANUP: checks: rename some server check flags
    - MAJOR: checks: rework completely bogus state machine
    - BUG/MINOR: checks: slightly clean the state machine up
    - MEDIUM: checks: avoid waking the application up for pure TCP checks
    - MEDIUM: checks: close the socket as soon as we have a response
    - BUG/MAJOR: checks: close FD on all timeouts
    - MINOR: checks: fix recv polling after connect()
    - MEDIUM: connection: provide a common conn_full_close() function
    - BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts
    - BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops
    - MINOR: listeners: make the accept loop more robust when maxaccept==0
    - BUG/MEDIUM: acl: correctly resolve all args, not just the first one
    - BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit
    - BUG/MINOR: stats: fix inversion of the report of a check in progress
    - MEDIUM: tcp: add explicit support for delayed ACK in connect()
    - BUG/MEDIUM: connection: always disable polling upon error
    - MINOR: connection: abort earlier when errors are detected
    - BUG/MEDIUM: checks: report handshake failures
    - BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish
    - MINOR: tcp: add support for the "v6only" bind option
    - MINOR: stats: also report the computed compression savings in html stats
    - MINOR: stats: report the total number of compressed responses per front/back
    - MINOR: tcp: add support for the "v4v6" bind option
    - DOC: stats: document the comp_rsp stats column
    - BUILD: buffer: fix another isprint() warning on solaris
    - MINOR: cli: add support for the "show sess all" command
    - BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list
    - MINOR: cli: improve output format for show sess $ptr

2012/11/22 : 1.5-dev13
    - BUILD: fix build issue without USE_OPENSSL
    - BUILD: fix compilation error with DEBUG_FULL
    - DOC: ssl: remove prefer-server-ciphers documentation
    - DOC: ssl: surround keywords with quotes
    - DOC: fix minor typo on http-send-name-header
    - BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs
    - BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl
    - MEDIUM: http: accept IPv6 values with (s)hdr_ip acl
    - BUILD: report zlib support in haproxy -vv
    - DOC: compression: add some details and clean up the formatting
    - DOC: Change is_ssl acl to ssl_fc acl in example
    - DOC: make it clear what the HTTP request size is
    - MINOR: ssl: try to load Diffie-Hellman parameters from cert file
    - DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading
    - MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation
    - DOC: ssl: add 'ecdhe' statement on 'bind'
    - MEDIUM: ssl: add client certificate authentication support
    - DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind'
    - MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present
    - DOC: ssl: add fetch and ACL 'client_cert'
    - MINOR: ssl: add ignore verify errors options
    - DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind'
    - MINOR: ssl: add fetch and ACL 'ssl_verify_result'
    - DOC: ssl: add fetch and ACL 'ssl_verify_result'
    - MINOR: ssl: add fetches and ACLs to return verify errors
    - DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth'
    - MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1
    - MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory
    - MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
    - DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
    - MEDIUM: config: authorize frontend and listen without bind.
    - MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption
    - DOC: ssl: add 'no-tls-tickets' statement documentation.
    - BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified.
    - BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature.
    - BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL.
    - BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686.
    - MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners.
    - BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes
    - MINOR: ssl: add 'crt-base' and 'ca-base' global statements.
    - MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'.
    - MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file'
    - MINOR: ssl: use bit fields to  store ssl options instead of one int each
    - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind.
    - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server
    - MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS.
    - BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3'
    - MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c
    - MEDIUM: ssl: reject ssl server keywords in default-server statement
    - MINOR: ssl: add statement 'no-tls-tickets' on server side.
    - MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers.
    - DOC: Fix rename of options cafile and crlfile to ca-file and crl-file.
    - MINOR: sample: manage binary to string type convertion in stick-table and samples.
    - MINOR: acl: add parse and match primitives to use binary type on ACLs
    - MINOR: sample: export 'sample_get_trash_chunk(void)'
    - MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c'
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize'
    - MINOR: ssl: add pattern fetch 'ssl_fc_session_id'
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version'
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn'
    - MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg'
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg'
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter'
    - MINOR: ssl: add 'crt' statement on server.
    - MINOR: ssl: checks the consistency of a private key with the corresponding certificate
    - BUG/MEDIUM: ssl: review polling on reneg.
    - BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled.
    - BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server.
    - MINOR: build: allow packagers to specify the ssl cache size
    - MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind.
    - MINOR: ssl: Add tune.ssl.lifetime statement in global.
    - MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8
    - BUG: http: revert broken optimisation from 82fe75c1a79dac933391501b9d293bce34513755
    - DOC: duplicate ssl_sni section
    - MEDIUM: HTTP compression (zlib library support)
    - CLEANUP: use struct comp_ctx instead of union
    - BUILD: remove dependency to zlib.h
    - MINOR: compression: memlevel and windowsize
    - MEDIUM: use pool for zlib
    - MINOR: compression: try init in cfgparse.c
    - MINOR: compression: init before deleting headers
    - MEDIUM: compression: limit RAM usage
    - MINOR: compression: tune.comp.maxlevel
    - MINOR: compression: maximum compression rate limit
    - MINOR: log-format: check number of arguments in cfgparse.c
    - BUG/MEDIUM: compression: no Content-Type header but type in configuration
    - BUG/MINOR: compression: deinit zlib only when required
    - MEDIUM: compression: don't compress when no data
    - MEDIUM: compression: use pool for comp_ctx
    - MINOR: compression: rate limit in 'show info'
    - MINOR: compression: report zlib memory usage
    - BUG/MINOR: compression: dynamic level increase
    - DOC: compression: unsupported cases.
    - MINOR: compression: CPU usage limit
    - MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection
    - BUG/MAJOR: ssl: missing tests in ACL fetch functions
    - MINOR: config: add a function to indent error messages
    - REORG: split "protocols" files into protocol and listener
    - MEDIUM: config: replace ssl_conf by bind_conf
    - CLEANUP: listener: remove unused conf->file and conf->line
    - MEDIUM: listener: add a minimal framework to register "bind" keyword options
    - MEDIUM: config: move the "bind" TCP parameters to proto_tcp
    - MEDIUM: move bind SSL parsing to ssl_sock
    - MINOR: config: improve error reporting for "bind" lines
    - MEDIUM: config: move the common "bind" settings to listener.c
    - MEDIUM: config: move all unix-specific bind keywords to proto_uxst.c
    - MEDIUM: config: enumerate full list of registered "bind" keywords upon error
    - MINOR: listener: add a scope field in the bind keyword lists
    - MINOR: config: pass the file and line to config keyword parsers
    - MINOR: stats: fill the file and line numbers in the stats frontend
    - MINOR: config: set the bind_conf entry on listeners created from a "listen" line.
    - MAJOR: listeners: use dual-linked lists to chain listeners with frontends
    - REORG: listener: move unix perms from the listener to the bind_conf
    - BUG: backend: balance hdr was broken since 1.5-dev11
    - MINOR: standard: make memprintf() support a NULL destination
    - MINOR: config: make str2listener() use memprintf() to report errors.
    - MEDIUM: stats: remove the stats_sock struct from the global struct
    - MINOR: ssl: set the listeners' data layer to ssl during parsing
    - MEDIUM: stats: make use of the standard "bind" parsers to parse global socket
    - DOC: move bind options to their own section
    - DOC: stats: refer to "bind" section for "stats socket" settings
    - DOC: fix index to reference bind and server options
    - BUG: http: do not print garbage on invalid requests in debug mode
    - BUG/MINOR: config: check the proper pointer to report unknown protocol
    - CLEANUP: connection: offer conn_prepare() to set up a connection
    - CLEANUP: config: fix typo inteface => interface
    - BUG: stats: fix regression introduced by commit 4348fad1
    - MINOR: cli: allow to set frontend maxconn to zero
    - BUG/MAJOR: http: chunk parser was broken with buffer changes
    - MEDIUM: monitor: simplify handling of monitor-net and mode health
    - MINOR: connection: add a pointer to the connection owner
    - MEDIUM: connection: make use of the owner instead of container_of
    - BUG/MINOR: ssl: report the L4 connection as established when possible
    - BUG/MEDIUM: proxy: must not try to stop disabled proxies upon reload
    - BUG/MINOR: config: use a copy of the file name in proxy configurations
    - BUG/MEDIUM: listener: don't pause protocols that do not support it
    - MEDIUM: proxy: add the global frontend to the list of normal proxies
    - BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
    - MINOR: signal: really ignore signals configured with no handler
    - MINOR: buffers: add a few functions to write chars, strings and blocks
    - MINOR: raw_sock: always report asynchronous connection errors
    - MEDIUM: raw_sock: improve connection error reporting
    - REORG: connection: rename the data layer the "transport layer"
    - REORG: connection: rename app_cb "data"
    - MINOR: connection: provide a generic data layer wakeup callback
    - MINOR: connection: split conn_prepare() in two functions
    - MINOR: connection: add an init callback to the data_cb struct
    - MEDIUM: session: use a specific data_cb for embryonic sessions
    - MEDIUM: connection: use a generic data-layer init() callback
    - MEDIUM: connection: reorganize connection flags
    - MEDIUM: connection: only call the data->wake callback on activity
    - MEDIUM: connection: make it possible for data->wake to return an error
    - MEDIUM: session: register a data->wake callback to process errors
    - MEDIUM: connection: don't call the data->init callback upon error
    - MEDIUM: connection: it's not the data layer's role to validate the connection
    - MEDIUM: connection: automatically disable polling on error
    - REORG: connection: move the PROXY protocol management to connection.c
    - MEDIUM: connection: add a new local send-proxy transport callback
    - MAJOR: checks: make use of the connection layer to send checks
    - REORG: server: move the check-specific parts into a check subsection
    - MEDIUM: checks: use real buffers to store requests and responses
    - MEDIUM: check: add the ctrl and transport layers in the server check structure
    - MAJOR: checks: completely use the connection transport layer
    - MEDIUM: checks: add the "check-ssl" server option
    - MEDIUM: checks: enable the PROXY protocol with health checks
    - CLEANUP: checks: remove minor warnings for assigned but not used variables
    - MEDIUM: tcp: enable TCP Fast Open on systems which support it
    - BUG: connection: fix regression from commit 9e272bf9
    - CLEANUP: cttproxy: remove a warning on undeclared close()
    - BUG/MAJOR: ensure that hdr_idx is always reserved when L7 fetches are used
    - MEDIUM: listener: add support for linux's accept4() syscall
    - MINOR: halog: sort output by cookie code
    - BUG/MINOR: halog: -ad/-ac report the correct number of output lines
    - BUG/MINOR: halog: fix help message for -ut/-uto
    - MINOR: halog: add a parameter to limit output line count
    - BUILD: accept4: move the socketcall declaration outside of accept4()
    - MINOR: server: add minimal infrastructure to parse keywords
    - MINOR: standard: make indent_msg() support empty messages
    - MEDIUM: server: check for registered keywords when parsing unknown keywords
    - MEDIUM: server: move parsing of keyword "id" to server.c
    - BUG/MEDIUM: config: check-send-proxy was ignored if SSL was not builtin
    - MEDIUM: ssl: move "server" keyword SSL options parsing to ssl_sock.c
    - MEDIUM: log: suffix the frontend's name with '~' when using SSL
    - MEDIUM: connection: always unset the transport layer upon close
    - BUG/MINOR: session: fix some leftover from debug code
    - BUG/MEDIUM: session: enable the conn_session_update() callback
    - MEDIUM: connection: add a flag to hold the transport layer
    - MEDIUM: log: add a new LW_XPRT flag to pin the transport layer
    - MINOR: log: make lf_text use a const char *
    - MEDIUM: log: report SSL ciphers and version in logs using logformat %sslc/%sslv
    - REORG: http: rename msg->buf to msg->chn since it's a channel
    - CLEANUP: http: use 'chn' to name channel variables, not 'buf'
    - CLEANUP: channel: use 'chn' instead of 'buf' as local variable names
    - CLEANUP: tcp: use 'chn' instead of 'buf' or 'b' for channel pointer names
    - CLEANUP: stream_interface: use 'chn' instead of 'b' to name channel pointers
    - CLEANUP: acl: use 'chn' instead of 'b' to name channel pointers
    - MAJOR: channel: replace the struct buffer with a pointer to a buffer
    - OPTIM: channel: reorganize struct members to improve cache efficiency
    - CLEANUP: session: remove term_trace which is not used anymore
    - OPTIM: session: reorder struct session fields
    - OPTIM: connection: pack the struct target
    - DOC: document relations between internal entities
    - MINOR: ssl: add 'ssl_npn' sample/acl to extract TLS/NPN information
    - BUILD: ssl: fix shctx build on older compilers
    - MEDIUM: ssl: add support for the "npn" bind keyword
    - BUG: ssl: fix ssl_sni ACLs to correctly process regular expressions
    - MINOR: chunk: provide string compare functions
    - MINOR: sample: accept fetch keywords without parenthesis
    - MEDIUM: sample: pass an empty list instead of a null for fetch args
    - MINOR: ssl: improve socket behaviour upon handshake abort.
    - BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode
    - MEDIUM: listener: provide a fallback for accept4() when not supported
    - BUG/MAJOR: connection: risk of crash on certain tricky close scenario
    - MEDIUM: cli: allow the stats socket to be bound to a specific set of processes
    - OPTIM: channel: inline channel_forward's fast path
    - OPTIM: http: inline http_parse_chunk_size() and http_skip_chunk_crlf()
    - OPTIM: tools: inline hex2i()
    - CLEANUP: http: rename HTTP_MSG_DATA_CRLF state
    - MINOR: compression: automatically disable compression for older browsers
    - MINOR: compression: optimize memLevel to improve byte rate
    - BUG/MINOR: http: compression should consider all Accept-Encoding header values
    - BUILD: fix coexistence of openssl and zlib
    - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_serial' and 'ssl_f_serial'
    - BUG/MEDIUM: command-line option -D must have precedence over "debug"
    - MINOR: tools: add a clear_addr() function to unset an address
    - BUG/MEDIUM: tcp: transparent bind to the source only when address is set
    - CLEANUP: remove trashlen
    - MAJOR: session: detach the connections from the stream interfaces
    - DOC: update document describing relations between internal entities
    - BUILD: make it possible to specify ZLIB path
    - MINOR: compression: add an offload option to remove the Accept-Encoding header
    - BUG: compression: disable auto-close and enable MSG_MORE during transfer
    - CLEANUP: completely remove trashlen
    - MINOR: chunk: add a function to reset a chunk
    - CLEANUP: replace chunk_printf() with chunk_appendf()
    - MEDIUM: make the trash be a chunk instead of a char *
    - MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions
    - MEDIUM: stick-table: allocate the table key of size buffer size
    - BUG/MINOR: stream_interface: don't loop over ->snd_buf()
    - BUG/MINOR: session: ensure that we don't retry connection if some data were sent
    - OPTIM: session: don't process the whole session when only timers need a refresh
    - BUG/MINOR: session: mark the handshake as complete earlier
    - MAJOR: connection: remove the CO_FL_CURR_*_POL flag
    - BUG/MAJOR: always clear the CO_FL_WAIT_* flags after updating polling flags
    - MAJOR: sepoll: make the poller totally event-driven
    - OPTIM: stream_interface: disable reading when CF_READ_DONTWAIT is set
    - BUILD: compression: remove a build warning
    - MEDIUM: fd: don't unset fdtab[].updated upon delete
    - REORG: fd: move the speculative I/O management from ev_sepoll
    - REORG: fd: move the fd state management from ev_sepoll
    - REORG: fd: centralize the processing of speculative events
    - BUG: raw_sock: also consider ENOTCONN in addition to EAGAIN
    - BUILD: stream_interface: remove si_fd() and its references
    - BUILD: compression: enable build in BSD and OSX Makefiles
    - MAJOR: ev_select: make the poller support speculative events
    - MAJOR: ev_poll: make the poller support speculative events
    - MAJOR: ev_kqueue: make the poller support speculative events
    - MAJOR: polling: replace epoll with sepoll and remove sepoll
    - MAJOR: polling: remove unused callbacks from the poller struct
    - MEDIUM: http: refrain from sending "Connection: close" when Upgrade is present
    - CLEANUP: channel: remove any reference of the hijackers
    - CLEANUP: stream_interface: remove the external task type target
    - MAJOR: connection: replace struct target with a pointer to an enum
    - BUG: connection: fix typo in previous commit
    - BUG: polling: don't skip polled events in the spec list
    - MINOR: splice: disable it when the system returns EBADF
    - MINOR: build: allow packagers to specify the default maxzlibmem
    - BUG: halog: fix broken output limitation
    - BUG: proxy: fix server name lookup in get_backend_server()
    - BUG: compression: do not always increment the round counter on allocation failure
    - BUG/MEDIUM: compression: release the zlib pools between keep-alive requests
    - MINOR: global: don't prevent nbproc from being redefined
    - MINOR: config: support process ranges for "bind-process"
    - MEDIUM: global: add support for CPU binding on Linux ("cpu-map")
    - MINOR: ssl: rename and document the tune.ssl.cachesize option
    - DOC: update the PROXY protocol spec to support v2
    - MINOR: standard: add a simple popcount function
    - MEDIUM: adjust the maxaccept per listener depending on the number of processes
    - BUG: compression: properly disable compression when content-type does not match
    - MINOR: cli: report connection status in "show sess xxx"
    - BUG/MAJOR: stream_interface: certain workloads could cause get stuck
    - BUILD: cli: fix build when SSL is enabled
    - MINOR: cli: report the fd state in "show sess xxx"
    - MINOR: cli: report an error message on missing argument to compression rate
    - MINOR: http: add some debugging functions to pretty-print msg state names
    - BUG/MAJOR: stream_interface: read0 not always handled since dev12
    - DOC: documentation on http header capture is wrong
    - MINOR: http: allow the cookie capture size to be changed
    - DOC: http header capture has not been limited in size for a long time
    - DOC: update readme with build methods for BSD
    - BUILD: silence a warning on Solaris about usage of isdigit()
    - MINOR: stats: report HTTP compression stats per frontend and per backend
    - MINOR: log: add '%Tl' to log-format
    - MINOR: samples: update the url_param fetch to match parameters in the path

2012/09/10 : 1.5-dev12
    - CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
    - MEDIUM: ssl: add support for prefer-server-ciphers option
    - MINOR: IPv6 support for transparent proxy
    - MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined
    - MINOR: server: add SSL context to servers if USE_OPENSSL is defined
    - MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS).
    - MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer
    - MEDIUM: config: add the 'ssl' keyword on 'bind' lines
    - MEDIUM: config: add support for the 'ssl' option on 'server' lines
    - MEDIUM: ssl: protect against client-initiated renegociation
    - BUILD: add optional support for SSL via the USE_OPENSSL flag
    - MEDIUM: ssl: add shared memory session cache implementation.
    - MEDIUM: ssl: replace OpenSSL's session cache with the shared cache
    - MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.
    - MEDIUM: ssl: add support for SNI and wildcard certificates
    - DOC: Typos cleanup
    - DOC: fix name for "option independant-streams"
    - DOC: specify the default value for maxconn in the context of a proxy
    - BUG/MINOR: to_log erased with unique-id-format
    - LICENSE: add licence exception for OpenSSL
    - BUG/MAJOR: cookie prefix doesn't support cookie-less servers
    - BUILD: add an AIX 5.2 (and later) target.
    - MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection
    - MINOR: halog: use the more recent dual-mode fgets2 implementation
    - BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches
    - CLEANUP: halog: make clean should also remove .o files
    - OPTIM: halog: make use of memchr() on platforms which provide a fast one
    - OPTIM: halog: improve cold-cache behaviour when loading a file
    - BUG/MINOR: ACL implicit arguments must be created with unresolved flag
    - MINOR: replace acl_fetch_{path,url}* with smp_fetch_*
    - MEDIUM: pattern: add the "base" sample fetch method
    - OPTIM: i386: make use of kernel-mode-linux when available
    - BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
    - BUG/MINOR: polling: some events were not set in various pollers
    - MINOR: http: add the urlp_val ACL match
    - BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families
    - MINOR: stats/cli: add plans to support more stick-table actions
    - MEDIUM: stats/cli: add support for "set table key" to enter values
    - REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab
    - REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll
    - REORG/MEDIUM: fd: get rid of FD_STLISTEN
    - REORG/MINOR: connection: move declaration to its own include file
    - REORG/MINOR: checks: put a struct connection into the server
    - MINOR: connection: add flags to the connection struct
    - MAJOR: get rid of fdtab[].state and use connection->flags instead
    - MINOR: fd: add a new I/O handler to fdtab
    - MEDIUM: polling: prepare to call the iocb() function when defined.
    - MEDIUM: checks: make use of fdtab->iocb instead of cb[]
    - MEDIUM: protocols: use the generic I/O callback for accept callbacks
    - MINOR: connection: add a handler for fd-based connections
    - MAJOR: connection: replace direct I/O callbacks with the connection callback
    - MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore
    - MEDIUM: connection: remove the FD_POLL_* flags only once
    - MEDIUM: connection: extract the send_proxy callback from proto_tcp
    - MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes
    - CLEANUP: remove the now unused fdtab direct I/O callbacks
    - MAJOR: remove the stream interface and task management code from sock_*
    - MEDIUM: stream_interface: pass connection instead of fd in sock_ops
    - MEDIUM: stream_interface: centralize the SI_FL_ERR management
    - MAJOR: connection: add a new CO_FL_CONNECTED flag
    - MINOR: rearrange tcp_connect_probe() and fix wrong return codes
    - MAJOR: connection: call data layer handshakes from the handler
    - MEDIUM: fd: remove the EV_FD_COND_* primitives
    - MINOR: sock_raw: move calls to si_data_close upper
    - REORG: connection: replace si_data_close() with conn_data_close()
    - MEDIUM: sock_raw: introduce a read0 callback that is different from shutr
    - MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer
    - MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls
    - MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required
    - MEDIUM: connection: add definitions for dual polling mechanisms
    - MEDIUM: connection: make use of the new polling functions
    - MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers
    - MEDIUM: checks: don't use FD_WAIT_* anymore
    - MINOR: fd: get rid of FD_WAIT_*
    - MEDIUM: stream_interface: offer a generic function for connection updates
    - MEDIUM: stream-interface: offer a generic chk_rcv function for connections
    - MEDIUM: stream-interface: add a snd_buf() callback to sock_ops
    - MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function
    - MEDIUM: stream-interface: provide a generic si_conn_send_cb callback
    - MEDIUM: stream-interface: provide a generic stream_sock_read0() function
    - REORG/MAJOR: use "struct channel" instead of "struct buffer"
    - REORG/MAJOR: extract "struct buffer" from "struct channel"
    - MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions
    - REORG: sock_raw: rename the files raw_sock*
    - MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read()
    - MAJOR: raw_sock: temporarily disable splicing
    - MINOR: stream-interface: add an rcv_buf callback to sock_ops
    - REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb()
    - MAJOR: connection: split the send call into connection and stream interface
    - MAJOR: stream-interface: restore splicing mechanism
    - MAJOR: stream-interface: make conn_notify_si() more robust
    - MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy()
    - MAJOR: stream-interface: don't commit polling changes in every callback
    - MAJOR: stream-interface: fix splice not to call chk_snd by itself
    - MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress
    - CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops
    - REORG: buffers: split buffers into chunk,buffer,channel
    - MAJOR: channel: remove the BF_OUT_EMPTY flag
    - REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h
    - MINOR: channel: rename bi_full to channel_full as it checks the whole channel
    - MINOR: buffer: provide a new buffer_full() function
    - MAJOR: channel: stop relying on BF_FULL to take action
    - MAJOR: channel: remove the BF_FULL flag
    - REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h}
    - CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_
    - CLEANUP: channel: use "channel" instead of "buffer" in function names
    - REORG: connection: move the target pointer from si to connection
    - MAJOR: connection: move the addr field from the stream_interface
    - MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags
    - MEDIUM: proto_tcp: remove any dependence on stream_interface
    - MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key
    - MEDIUM: connection: add an ->init function to data layer
    - MAJOR: session: introduce embryonic sessions
    - MAJOR: connection: make the PROXY decoder a handshake handler
    - CLEANUP: frontend: remove the old proxy protocol decoder
    - MAJOR: connection: rearrange the polling flags.
    - MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet
    - MEDIUM: connection: complete the polling cleanups
    - MEDIUM: connection: avoid calling handshakes when polling is required
    - MAJOR: stream_interface: continue to update data polling flags during handshakes
    - CLEANUP: fd: remove fdtab->flags
    - CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest
    - CLEANUP: includes: fix includes for a number of users of fd.h
    - MINOR: ssl: disable TCP quick-ack by default on SSL listeners
    - MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites
    - MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines
    - BUG: ssl: mark the connection as waiting for an SSL connection during the handshake
    - BUILD: http: rename error_message http_error_message to fix conflicts on RHEL
    - BUILD: ssl: fix shctx build on RHEL with futex
    - BUILD: include sys/socket.h to fix build failure on FreeBSD
    - BUILD: fix build error without SSL (ssl_cert)
    - BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS
    - BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1
    - MEDIUM: config: support per-listener backlog and maxconn
    - MINOR: session: do not send an HTTP/500 error on SSL sockets
    - MEDIUM: config: implement maxsslconn in the global section
    - BUG: tcp: close socket fd upon connect error
    - MEDIUM: connection: improve error handling around the data layer
    - MINOR: config: make the tasks "nice" value configurable on "bind" lines.
    - BUILD: shut a gcc warning introduced by commit 269ab31
    - MEDIUM: config: centralize handling of SSL config per bind line
    - BUILD: makefile: report USE_OPENSSL status in build options
    - BUILD: report openssl build settings in haproxy -vv
    - MEDIUM: ssl: add sample fetches for is_ssl, ssl_has_sni, ssl_sni_*
    - DOC: add a special acknowledgement for the stud project
    - DOC: add missing SSL options for servers and listeners
    - BUILD: automatically add -lcrypto for SSL
    - DOC: add some info about openssl build in the README

2012/06/04 : 1.5-dev11
    - BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations
    - BUG/MAJOR: trash must always be the size of a buffer
    - DOC: fix minor regex example issue and improve doc on stats
    - MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT
    - MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct
    - MINOR: checks: add on-marked-up option
    - MINOR: balance uri: added 'whole' parameter to include query string in hash calculation
    - MEDIUM: stream_interface: remove the si->init
    - MINOR: buffers: add a rewind function
    - BUG/MAJOR: fix regression on content-based hashing and http-send-name-header
    - MAJOR: http: stop using msg->sol outside the parsers
    - CLEANUP: http: make it more obvious that msg->som is always null outside of chunks
    - MEDIUM: http: get rid of msg->som which is not used anymore
    - MEDIUM: http: msg->sov and msg->sol will never wrap
    - BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
    - BUG/MINOR: stop connect timeout when connect succeeds
    - REORG: move the send-proxy code to tcp_connect_write()
    - REORG/MINOR: session: detect the TCP monitor checks at the protocol accept
    - MINOR: stream_interface: introduce a new "struct connection" type
    - REORG/MINOR: stream_interface: move si->fd to struct connection
    - REORG/MEDIUM: stream_interface: move applet->state and private to connection
    - MINOR: stream_interface: add a data channel close function
    - MEDIUM: stream_interface: call si_data_close() before releasing the si
    - MINOR: peers: use the socket layer operations from the peer instead of sock_raw
    - BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect
    - MINOR: add a new function call tracer for debugging purposes
    - BUG/MINOR: perform_http_redirect also needs to rewind the buffer
    - BUG/MAJOR: b_rew() must pass a signed offset to b_ptr()
    - BUG/MEDIUM: register peer sync handler in the proper order
    - BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer
    - BUG/MINOR: fix option httplog validation with TCP frontends
    - BUG/MINOR: log: don't report logformat errors in backends
    - REORG/MINOR: use dedicated proxy flags for the cookie handling
    - BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http
    - MINOR: http: add support for "httponly" and "secure" cookie attributes
    - BUG/MEDIUM: ensure that unresolved arguments are freed exactly once
    - BUG/MINOR: commit 196729ef used wrong condition resulting in freeing constants
    - MEDIUM: stats: add support for soft stop/soft start in the admin interface
    - MEDIUM: stats: add the ability to kill sessions from the admin interface
    - BUILD: add support for linux kernels >= 2.6.28

2012/05/14 : 1.5-dev10
    - BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally
    - BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist
    - CLEANUP: auth: make the code build again with DEBUG_AUTH
    - BUG/MEDIUM: config: don't crash at config load time on invalid userlist names
    - REORG: use the name sock_raw instead of stream_sock
    - MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT
    - BUG/MEDIUM: stream_interface: restore get_src/get_dst
    - CLEANUP: sock_raw: remove last references to stream_sock
    - CLEANUP: stream_interface: stop exporting socket layer functions
    - MINOR: stream_interface: add an init callback to sock_ops
    - MEDIUM: stream_interface: derive the socket operations from the target
    - MAJOR: fd: remove the need for the socket layer to recheck the connection
    - MINOR: session: call the socket layer init function when a session establishes
    - MEDIUM: session: add support for tunnel timeouts
    - MINOR: standard: add a new debug macro : fddebug()
    - CLEANUP: fd: remove unused cb->b pointers in the struct fdtab
    - OPTIM: proto_http: don't enable quick-ack on empty buffers
    - OPTIM/MAJOR: ev_sepoll: process spec events after polled events
    - OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag

2012/05/08 : 1.5-dev9
    - MINOR: Add release callback to si_applet
    - CLEANUP: Fix some minor typos
    - MINOR: Add TO/FROM_SET flags to struct stream_interface
    - CLEANUP: Fix some minor whitespace issues
    - MINOR: stats admin: allow unordered parameters in POST requests
    - CLEANUP: fix typo in findserver() log message
    - MINOR: stats admin: use the backend id instead of its name in the form
    - MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes
    - DOC: cleanup indentation, alignment, columns and chapters
    - DOC: fix some keywords arguments documentation
    - MINOR: cli: display the 4 IP addresses and ports on "show sess XXX"
    - BUG/MAJOR: log: possible segfault with logformat
    - MEDIUM: log: split of log_format generation
    - MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid
    - MEDIUM: log: Unique ID
    - MINOR: log: log-format: usable without httplog and tcplog
    - BUG/MEDIUM: balance source did not properly hash IPv6 addresses
    - MINOR: contrib/iprange: add a network IP range to mask converter
    - MEDIUM: session: implement the "use-server" directive
    - MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used
    - MEDIUM: http: make extract_cookie_value() iterate over cookie values
    - MEDIUM: http: add cookie and scookie ACLs
    - CLEANUP: lb_first: add reference to a paper describing the original idea
    - MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET
    - BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present
    - BUILD: http: make extract_cookie_value() return an int not size_t
    - BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values
    - CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
    - MINOR: standard: add a memprintf() function to build formatted error messages
    - CLEANUP: remove a few warning about unchecked return values in debug code
    - MEDIUM: move message-related flags from transaction to message
    - DOC: add a diagram to explain how circular buffers work
    - MAJOR: buffer rework: replace ->send_max with ->o
    - MAJOR: buffer: replace buf->l with buf->{o+i}
    - MINOR: buffers: provide simple pointer normalization functions
    - MINOR: buffers: remove unused function buffer_contig_data()
    - MAJOR: buffers: replace buf->w with buf->p - buf->o
    - MAJOR: buffers: replace buf->r with buf->p + buf->i
    - MAJOR: http: move buffer->lr to http_msg->next
    - MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin
    - CLEANUP: http: remove unused http_msg->col
    - MAJOR: http: turn http_msg->eol to a buffer-relative offset
    - MEDIUM: http: add a pointer to the buffer in http_msg
    - MAJOR: http: make http_msg->sol relative to buffer's origin
    - MEDIUM: http: http_send_name_header: remove references to msg and buffer
    - MEDIUM: http: remove buffer arg in a few header manipulation functions
    - MEDIUM: http: remove buffer arg in http_capture_bad_message
    - MEDIUM: http: remove buffer arg in http_msg_analyzer
    - MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10
    - MEDIUM: http: remove buffer arg in http_buffer_heavy_realign
    - MEDIUM: http: remove buffer arg in chunk parsing functions
    - MINOR: http: remove useless wrapping checks in http_msg_analyzer
    - MEDIUM: buffers: fix unsafe use of buffer_ignore at some places
    - MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls
    - MEDIUM: buffers: implement b_adv() to advance a buffer's pointer
    - MEDIUM: buffers: rename a number of buffer management functions
    - MEDIUM: http: add a prefetch function for ACL pattern fetch
    - MEDIUM: http: make all ACL fetch function use acl_prefetch_http()
    - BUG/MINOR: http_auth: ACLs are volatile, not permanent
    - MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies
    - MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr()
    - MEDIUM: add a new typed argument list parsing framework
    - MAJOR: acl: make use of the new argument parsing framework
    - MAJOR: acl: store the ACL argument types in the ACL keyword declaration
    - MEDIUM: acl: acl_find_target() now resolves arguments based on their types
    - MAJOR: acl: make acl_find_targets also resolve proxy names at config time
    - MAJOR: acl: ensure that implicit table and proxies are valid
    - MEDIUM: acl: remove unused tests for missing args when args are mandatory
    - MEDIUM: pattern: replace type pattern_arg with type arg
    - MEDIUM: pattern: get rid of arg_i in all functions making use of arguments
    - MEDIUM: pattern: use the standard arg parser
    - MEDIUM: pattern: add an argument validation callback to pattern descriptors
    - MEDIUM: pattern: report the precise argument parsing error when known.
    - MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag
    - MINOR: pattern: add a new 'sample' type to store fetched data
    - MEDIUM: pattern: add new sample types to replace pattern types
    - MAJOR: acl: make use of the new sample struct and get rid of acl_test
    - MEDIUM: pattern/acl: get rid of temp_pattern in ACLs
    - MEDIUM: acl: get rid of the SET_RES flags
    - MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE
    - MINOR: pattern: replace struct pattern with struct sample
    - MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere
    - MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description
    - MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down
    - MEDIUM: acl: replace acl_expr with args in acl fetch_* functions
    - MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie
    - MEDIUM: acl/pattern: use the same direction scheme
    - MEDIUM: acl/pattern: start merging common sample fetch functions
    - MEDIUM: pattern: ensure that sample types always cast into other types.
    - MEDIUM: acl/pattern: factor out the src/dst address fetches
    - MEDIUM: acl: implement payload and payload_lv
    - CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer
    - MINOR: stick_table: centralize the handling of empty keys
    - MINOR: pattern: centralize handling of unstable data in pattern_process()
    - MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version
    - MINOR: acl: set SMP_OPT_ITERATE on fetch functions
    - MINOR: acl: add a val_args field to keywords
    - MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs
    - MEDIUM: http: merge acl and pattern header fetch functions
    - MEDIUM: http: merge ACL and pattern cookie fetches into a single one
    - MEDIUM: acl: report parsing errors to the caller
    - MINOR: arg: improve error reporting on invalid arguments
    - MINOR: acl: report errors encountered when loading patterns from files
    - MEDIUM: acl: extend the pattern parsers to report meaningful errors
    - REORG: use the name "sample" instead of "pattern" to designate extracted data
    - REORG: rename "pattern" files
    - MINOR: acl: add types to ACL patterns
    - MINOR: standard: add an IPv6 parsing function (str62net)
    - MEDIUM: acl: support IPv6 address matching
    - REORG: stream_interface: create a struct sock_ops to hold socket operations
    - REORG/MEDIUM: move protocol->{read,write} to sock_ops
    - REORG/MEDIUM: stream_interface: initialize socket ops from descriptors
    - REORG/MEDIUM: replace stream interface protocol functions by a proto pointer
    - REORG/MEDIUM: move the default accept function from sockstream to protocols.c
    - MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods
    - BUG/MINOR: http: error snapshots are wrong if buffer wraps
    - BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p
    - MEDIUM: http: improve error capture reports
    - MINOR: acl: add the cook_val() match to match a cookie against an integer
    - BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs
    - MEDIUM: memory: add the ability to poison memory at run time
    - BUG/MEDIUM: log: ensure that unique_id is properly initialized
    - MINOR: cfgparse: use a common errmsg pointer for all parsers
    - MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors
    - MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords
    - MINOR: http: replace http_message_realign() with  buffer_slow_realign()

2012/03/26 : 1.5-dev8
    - MINOR: patch for minor typo (ressources/resources)
    - MEDIUM: http: add support for sending the server's name in the outgoing request
    - DOC: mention that default checks are TCP connections
    - BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified
    - CLEANUP: Make check_statuses, analyze_statuses and process_chk static
    - CLEANUP: Fix HCHK spelling errors
    - BUG/MINOR: fix typo in processing of http-send-name-header
    - MEDIUM: log: Use linked lists for loggers
    - BUILD: fix declaration inside a scope block
    - REORG: log: split send_log function
    - MINOR: config: Parse the string of the log-format config keyword
    - MINOR: add ultoa, ulltoa, ltoa, lltoa implementations
    - MINOR: Date and time fonctions that don't use snprintf
    - MEDIUM: log: make http_sess_log use log_format
    - DOC: log-format documentation
    - MEDIUM: log: use log_format for mode tcplog
    - MEDIUM: log-format: backend source address %Bi %Bp
    - BUG/MINOR: log-format: fix %o flag
    - BUG/MEDIUM: bad length in log_format and __send_log
    - MINOR: logformat %st is signed
    - BUILD/MINOR: fix the source URL in the spec file
    - DOC: acl is http_first_req, not http_req_first
    - BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces
    - MINOR: acl: add new matches for header/path/url length
    - BUILD: halog: make halog build on solaris
    - BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports
    - MINOR: remove the client/server side distinction in SI addresses
    - MINOR: halog: add support for matching queued requests
    - DOC: indicate that cookie "prefix" and "indirect" should not be mixed
    - OPTIM/MINOR: move struct sockaddr_storage to the tail of structs
    - OPTIM/MINOR: make it possible to change pipe size (tune.pipesize)
    - BUILD/MINOR: silent a build warning in src/pipe.c (fcntl)
    - OPTIM/MINOR: move the hdr_idx pools out of the proxy struct
    - MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers
    - BUG/MINOR: fix a segfault when parsing a config with undeclared peers
    - CLEANUP: rename possibly confusing struct field "tracked"
    - BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use
    - MINOR: config: tolerate server "cookie" setting in non-HTTP mode
    - MEDIUM: buffers: add some new primitives and rework existing ones
    - BUG: buffers: don't return a negative value on buffer_total_space_res()
    - MINOR: buffers: make buffer_pointer() support negative pointers too
    - CLEANUP: kill buffer_replace() and use an inline instead
    - BUG: tcp: option nolinger does not work on backends
    - CLEANUP: ebtree: remove a few annoying signedness warnings
    - CLEANUP: ebtree: clarify licence and update to 6.0.6
    - CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code
    - CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code
    - BUG: ebtree: ebst_lookup() could return the wrong entry
    - OPTIM: stream_sock: reduce the amount of in-flight spliced data
    - OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN
    - MINOR: acl: add support for TLS server name matching using SNI
    - BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests
    - BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown
    - MINOR: pattern: export the global temporary pattern
    - CLEANUP: patterns: get rid of pattern_data_setstring()
    - MEDIUM: acl: use temp_pattern to store fetched information in the "method" match
    - MINOR: acl: include pattern.h to make pattern migration more transparent
    - MEDIUM: pattern: change the pattern data integer from unsigned to signed
    - MEDIUM: acl: use temp_pattern to store any integer-type information
    - MEDIUM: acl: use temp_pattern to store any address-type information
    - CLEANUP: acl: integer part of acl_test is not used anymore
    - MEDIUM: acl: use temp_pattern to store any string-type information
    - CLEANUP: acl: remove last data fields from the acl_test struct
    - MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr()
    - MEDIUM: patterns: the hdr() pattern is now of type string
    - DOC: add minimal documentation on how ACLs work internally
    - DOC: add a coding-style file
    - OPTIM: halog: keep a fast path for the lines-count only
    - CLEANUP: silence a warning when building on sparc
    - BUG: http: tighten the list of allowed characters in a URI
    - MEDIUM: http: block non-ASCII characters in URIs by default
    - DOC: add some documentation from RFC3986 about URI format
    - BUG/MINOR: cli: correctly remove the whole table on "clear table"
    - BUG/MEDIUM: correctly disable servers tracking another disabled servers.
    - BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
    - MINOR: halog: add some help on the command line
    - BUILD: fix build error on FreeBSD
    - BUG: fix double free in peers config error path
    - MEDIUM: improve config check return codes
    - BUILD: make it possible to look for pcre in the default system paths
    - MINOR: config: emit a warning when 'default_backend' masks servers
    - MINOR: backend: rework the LC definition to support other connection-based algos
    - MEDIUM: backend: add the 'first' balancing algorithm
    - BUG: fix httplog trailing LF
    - MEDIUM: increase chunk-size limit to 2GB-1
    - BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
    - BUG: http: disable TCP delayed ACKs when forwarding content-length data
    - BUG: checks: fix server maintenance exit sequence
    - BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes
    - DOC: enumerate valid status codes for "observe layer7"
    - MINOR: buffer: switch a number of buffer args to const
    - CLEANUP: silence signedness warning in acl.c
    - BUG: stream_sock: si->release was not called upon shutw()
    - MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie
    - BUG/CRITICAL: log: fix risk of crash in development snapshot
    - BUG/MAJOR: possible crash when using capture headers on TCP frontends
    - MINOR: config: disable header captures in TCP mode and complain

2011/09/10 : 1.5-dev7
    - [BUG] fix binary stick-tables
    - [MINOR] http: *_dom matching header functions now also split on ":"
    - [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
    - [MINOR] acl: add srv_conn acl to count connections on a     specific backend server
    - [MINOR] check: add redis check support
    - [DOC] small fixes to clearly distinguish between keyword     and variables
    - [MINOR] halog: add support for termination code matching (-tcn/-TCN)
    - [DOC] Minor spelling fixes and grammatical enhancements
    - [CLEANUP] dumpstats: make symbols static where possible
    - [MINOR] Break out dumping table
    - [MINOR] Break out processing of clear table
    - [MINOR] Allow listing of stick table by key
    - [MINOR] Break out all stick table socat command parsing
    - [MINOR] More flexible clearing of stick table
    - [MINOR] Allow showing and clearing by key of ipv6 stick tables
    - [MINOR] Allow showing and clearing by key of integer stick tables
    - [MINOR] Allow showing and clearing by key of string stick tables
    - [CLEANUP] Remove assigned but unused variables
    - [CLEANUP] peers.h: fix declarations
    - [CLEANUP] session.c: Make functions static where possible
    - [MINOR] Add active connection list to server
    - [MINOR] Allow shutdown of sessions when a server becomes unavailable
    - [MINOR] Add down termination condition
    - [MINOR] Make appsess{,ion}_refresh static
    - [MINOR] Add rdp_cookie pattern fetch function
    - [CLEANUP] Remove unnecessary casts
    - [MINOR] Add non-stick server option
    - [MINOR] Consistently use error in tcp_parse_tcp_req()
    - [MINOR] Consistently free expr on error in cfg_parse_listen()
    - [MINOR] Free rdp_cookie_name on denint()
    - [MINOR] Free tcp rules on denint()
    - [MINOR] Free stick table pool on denint()
    - [MINOR] Free stick rules on denint()
    - [MEDIUM] Fix stick-table replication on soft-restart
    - [MEDIUM] Correct ipmask() logic
    - [MINOR] Correct type in table dump examples
    - [MINOR] Fix build error in stream_int_register_handler()
    - [MINOR] Use DPRINTF in assign_server()
    - [BUG] checks: http-check expect could fail a check on multi-packet responses
    - [DOC] fix minor typo in the "dispatch" doc
    - [BUG] proto_tcp: fix address binding on remote source
    - [MINOR] http: don't report the "haproxy" word on the monitoring response
    - [REORG] http: move HTTP error codes back to proto_http.h
    - [MINOR] http: make the "HTTP 200" status code configurable.
    - [MINOR] http: partially revert the chunking optimization for now
    - [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer
    - [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test
    - [MEDIUM] http: add support for "http-no-delay"
    - [OPTIM] http: optimize chunking again in non-interactive mode
    - [OPTIM] stream_sock: avoid fast-forwarding of partial data
    - [OPTIM] stream_sock: don't use splice on too small payloads
    - [MINOR] config: make it possible to specify a cookie even without a server
    - [BUG] stats: support url-encoded forms
    - [MINOR] config: automatically compute a default fullconn value
    - [CLEANUP] config: remove some left-over printf debugging code from previous patch
    - [DOC] add missing entry or stick store-response
    - [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns
    - [BUG] halog: correctly handle truncated last line
    - [MINOR] halog: make SKIP_CHAR stop on field delimiters
    - [MINOR] halog: add support for HTTP log matching (-H)
    - [MINOR] halog: gain back performance before SKIP_CHAR fix
    - [OPTIM] halog: cache some common fields positions
    - [OPTIM] halog: check once for correct line format and reuse the pointer
    - [OPTIM] halog: remove many 'if' by using a function pointer for the filters
    - [OPTIM] halog: remove support for tab delimiters in input data
    - [BUG] session: risk of crash on out of memory (1.5-dev regression)
    - [MINOR] session: try to emit a 500 response on memory allocation errors
    - [OPTIM] stream_sock: reduce the default number of accepted connections at once
    - [BUG] stream_sock: disable listener when system resources are exhausted
    - [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c
    - [BUG] stream_sock: ensure orphan listeners don't accept too many connections
    - [MINOR] listeners: add listen_full() to mark a listener full
    - [MINOR] listeners: add support for queueing resource limited listeners
    - [MEDIUM] listeners: put listeners in queue upon resource shortage
    - [MEDIUM] listeners: queue proxy-bound listeners at the proxy's
    - [MEDIUM] listeners: don't stop proxies when global maxconn is reached
    - [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies
    - [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN)
    - [MINOR] stats: report a "WAITING" state for sockets waiting for resource
    - [MINOR] proxy: make session rate-limit more accurate
    - [MINOR] sessions: only wake waiting listeners up if rate limit is OK
    - [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies
    - [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop
    - [MINOR] task: new function task_schedule() to schedule a wake up
    - [MAJOR] proxy: finally get rid of maintain_proxies()
    - [BUG] proxy: stats frontend and peers were missing many initializers
    - [MEDIUM] listeners: add a global listener management task
    - [MINOR] proxy: make findproxy() return proxies from numeric IDs too
    - [DOC] fix typos, "#" is a sharp, not a dash
    - [MEDIUM] stats: add support for changing frontend's maxconn at runtime
    - [MEDIUM] checks: group health checks methods by values and save option bits
    - [MINOR] session-counters: add the ability to clear the counters
    - [BUG] check: http-check expect + regex would crash in defaults section
    - [MEDIUM] http: make x-forwarded-for addition conditional
    - [REORG] build: move syscall redefinition to specific places
    - [CLEANUP] update the year in the copyright banner
    - [BUG] possible crash in 'show table' on stats socket
    - [BUG] checks: use the correct destination port for sending checks
    - [BUG] backend: risk of picking a wrong port when mapping is used with crossed families
    - [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches
    - [DOC] fixed a few "sensible" -> "sensitive" errors
    - [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop()
    - [BUG] http: trailing white spaces must also be trimmed after headers
    - [MINOR] stats: display "<NONE>" instead of the frontend name when unknown
    - [MINOR] http: take a capture of too large requests and responses
    - [MINOR] http: take a capture of truncated responses
    - [MINOR] http: take a capture of bad content-lengths.
    - [DOC] add a few old and uncommitted docs
    - [CLEANUP] cfgparse: fix reported options for the "bind" keyword
    - [MINOR] halog: add -hs/-HS to filter by HTTP status code range
    - [MINOR] halog: support backslash-escaped quotes
    - [CLEANUP] remove dirty left-over of a debugging message
    - [MEDIUM] stats: disable complex socket reservation for stats socket
    - [CLEANUP] remove a useless test in manage_global_listener_queue()
    - [MEDIUM] stats: add the "set maxconn" setting to the command line interface
    - [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate.
    - [MINOR] stats: report the current and max global connection rates
    - [MEDIUM] stats: add the ability to adjust the global maxconnrate
    - [BUG] peers: don't pre-allocate 65000 connections to each peer
    - [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate
    - [BUG] peers: the peer frontend must not emit any log
    - [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs
    - [BUG] peers: don't keep a peers section which has a NULL frontend
    - [BUG] peers: ensure the peers are resumed if they were paused
    - [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime
    - [MEDIUM] session: make session_shutdown() an independant function
    - [MEDIUM] stats: offer the possibility to kill a session from the CLI
    - [CLEANUP] stats: centralize tests for backend/server inputs on the CLI
    - [MEDIUM] stats: offer the possibility to kill sessions by server
    - [MINOR] halog: do not consider byte 0x8A as end of line
    - [MINOR] frontend: ensure debug message length is always initialized
    - [OPTIM] halog: make fgets parse more bytes by blocks
    - [OPTIM] halog: add assembly version of the field lookup code
    - [MEDIUM] poll: add a measurement of idle vs work time
    - [CLEANUP] startup: report only the basename in the usage message
    - [MINOR] startup: add an option to change to a new directory
    - [OPTIM] task: don't scan the run queue if we know it's empty
    - [BUILD] stats: stdint is not present on solaris
    - [DOC] update the README file to reflect new naming rules for patches
    - [MINOR] stats: report the number of requests intercepted by the frontend
    - [DOC] update ROADMAP file

2011/04/08 : 1.5-dev6
    - [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage
    - [BUG] TCP source tracking was broken with IPv6 changes
    - [BUG] stick-tables did not work when converting IPv6 to IPv4
    - [CRITICAL] fix risk of crash when dealing with space in response cookies

2011/03/29 : 1.5-dev5
    - [BUG] standard: is_addr return value for IPv4 was inverted
    - [MINOR] update comment about IPv6 support for server
    - [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail
    - [DOC] update IPv6 support for bind
    - [DOC] document IPv6 support for server
    - [DOC] fix a minor typo
    - [MEDIUM] IPv6 support for syslog
    - [DOC] document IPv6 support for syslog
    - [MEDIUM] IPv6 support for stick-tables
    - [DOC] document IPv6 support for stick-tables
    - [DOC] update ROADMAP file
    - [BUG] session: src_conn_cur was returning src_conn_cnt instead
    - [MINOR] frontend: add a make_proxy_line function
    - [MEDIUM] stream_sock: add support for sending the proxy protocol header line
    - [MEDIUM] server: add support for the "send-proxy" option
    - [DOC] update the spec on the proxy protocol
    - [BUILD] proto_tcp: fix build issue with CTTPROXY
    - [DOC] update ROADMAP file
    - [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses
    - [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range
    - [BUILD] add the USE_GETADDRINFO build option
    - [TESTS] provide a test case for various address formats
    - [BUG] session: conn_retries was not always initialized
    - [BUG] log: retrieve the target from the session, not the SI
    - [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2)
    - [MINOR] tools: add two macros MID_RANGE and MAX_RANGE
    - [BUG] http: fix content-length handling on 32-bit platforms
    - [OPTIM] buffers: uninline buffer_forward()
    - [BUG] stream_sock: fix handling for server side PROXY protocol
    - [MINOR] acl: add support for table_cnt and table_avl matches
    - [DOC] update ROADMAP file

2011/03/13 : 1.5-dev4
    - [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation.
    - [MINOR] unix sockets : inherits the backlog size from the listener
    - [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener()
    - [DOC] fix a minor typo
    - [DOC] fix ignore-persist documentation
    - [MINOR] add warnings on features not compatible with multi-process mode
    - [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode
    - [MINOR] stats: add support for several packets in stats admin
    - [BUG] stats: admin commands must check the proxy state
    - [BUG] stats: admin web interface must check the proxy state
    - [MINOR] http: add pattern extraction method to stick on query string parameter
    - [MEDIUM] add internal support for IPv6 server addresses
    - [MINOR] acl: add be_id/srv_id to match backend's and server's id
    - [MINOR] log: add support for passing the forwarded hostname
    - [MINOR] log: ability to override the syslog tag
    - [MINOR] checks: add PostgreSQL health check
    - [DOC] update ROADMAP file
    - [BUILD] pattern: use 'int' instead of 'int32_t'
    - [OPTIM] linux: add support for bypassing libc to force using vsyscalls
    - [BUG] debug: report the correct poller list in verbose mode
    - [BUG] capture: do not capture a cookie if there is no memory left
    - [BUG] appsession: fix possible double free in case of out of memory
    - [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process
    - [BUG] http: correctly update the header list when removing two consecutive headers
    - [BUILD] add the CPU=native and ARCH=32/64 build options
    - [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4
    - [CLEANUP] hash: move the avalanche hash code globally available
    - [MEDIUM] hash: add support for an 'avalanche' hash-type
    - [DOC] update roadmap file
    - [BUG] http: do not re-enable the PROXY analyser on keep-alive
    - [OPTIM] http: don't send each chunk in a separate packet
    - [DOC] fix minor typos reported recently in the peers section
    - [DOC] fix another typo in the doc
    - [MINOR] stats: report HTTP message state and buffer flags in error dumps
    - [BUG] http chunking: don't report a parsing error on connection errors
    - [BUG] stream_interface: truncate buffers when sending error messages
    - [MINOR] http: support wrapping messages in error captures
    - [MINOR] http: capture incorrectly chunked message bodies
    - [MINOR] stats: add global event ID and count
    - [BUG] http: analyser optimizations broke pipelining
    - [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets
    - [BUG] http: fix incorrect error reporting during data transfers
    - [CRITICAL] session: correctly leave turn-around and queue states on abort
    - [BUG] session: release slot before processing pending connections
    - [MINOR] tcp: add support for dynamic MSS setting
    - [BUG] stick-table: correctly terminate string keys during lookups
    - [BUG] acl: fix handling of empty lines in pattern files
    - [BUG] stick-table: use the private buffer when padding strings
    - [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys
    - [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop
    - [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len
    - [REVERT] undo the stick-table string key lookup fixes
    - [MINOR] http: improve url_param pattern extraction to ignore empty values
    - [BUILD] frontend: shut a warning with TCP_MAXSEG
    - [BUG] http: update the header list's tail when removing the last header
    - [DOC] fix minor typo in the proxy protocol doc
    - [DOC] fix typos (http-request instead of http-check)
    - [BUG] http: use correct ACL pointer when evaluating authentication
    - [BUG] cfgparse: correctly count one socket per port in ranges
    - [BUG] startup: set the rlimits before binding ports, not after.
    - [BUG] acl: srv_id must return no match when the server is NULL
    - [MINOR] acl: add ability to check for internal response-only parameters
    - [MINOR] acl: srv_id is only valid in responses
    - [MINOR] config: warn if response-only conditions are used in "redirect" rules
    - [BUG] acl: fd leak when reading patterns from file
    - [DOC] fix minor typo in "usesrc"
    - [BUG] http: fix possible incorrect forwarded wrapping chunk size
    - [BUG] http: fix computation of message body length after forwarding has started
    - [BUG] http: balance url_param did not work with first parameters on POST
    - [TESTS] update the url_param regression test to test check_post too
    - [DOC] update ROADMAP
    - [DOC] internal: reflect the fact that SI_ST_ASS is transient
    - [BUG] config: don't crash on empty pattern files.
    - [MINOR] stream_interface: make use of an applet descriptor for IO handlers
    - [REORG] stream_interface: move the st0, st1 and private members to the applet
    - [REORG] stream_interface: split the struct members in 3 parts
    - [REORG] session: move client and server address to the stream interface
    - [REORG] tcp: make tcpv4_connect_server() take the target address from the SI
    - [MEDIUM] stream_interface: store the target pointer and type
    - [CLEANUP] stream_interface: remove the applet.handler pointer
    - [MEDIUM] log: take the logged server name from the stream interface
    - [CLEANUP] session: remove data_source from struct session
    - [CLEANUP] stats: make all dump functions only rely on the stream interface
    - [REORG] session: move the data_ctx struct to the stream interface's applet
    - [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode
    - [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy
    - [MINOR] session: add a pointer to the new target into the session
    - [MEDIUM] session: remove s->prev_srv which is not needed anymore
    - [CLEANUP] stream_interface: use inline functions to manipulate targets
    - [MAJOR] session: remove the ->srv pointer from struct session
    - [MEDIUM] stats: split frontend and backend stats
    - [MEDIUM] http: always evaluate http-request rules before stats http-request
    - [REORG] http: move the http-request rules to proto_http
    - [BUG] http: stats were not incremented on http-request deny
    - [MINOR] checks: report it if checks fail due to socket creation error

2010/11/11 : 1.5-dev3
    - [DOC] fix http-request documentation
    - [MEDIUM] enable/disable servers from the stats web interface
    - [MEDIUM] stats: add an admin level
    - [DOC] stats: document the "stats admin" statement
    - [MINOR] startup: print the proxy socket which caused an error
    - [CLEANUP] Remove unneeded chars allocation
    - [MINOR] config: detect options not supported due to compilation options
    - [MINOR] Add pattern's fetchs payload and payload_lv
    - [MINOR] frontend: improve accept-proxy header parsing
    - [MINOR] frontend: add tcpv6 support on accept-proxy bind
    - [MEDIUM] Enhance message errors management on binds
    - [MINOR] Manage unix socket source field on logs
    - [MINOR] Manage unix socket source field on session dump on sock stats
    - [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c
    - [MINOR] Add some tests on sockets family for port remapping and mode transparent.
    - [MINOR] Manage socket type unix for some logs
    - [MINOR] Enhance controls of socket's family on acls and pattern fetch
    - [MINOR] Support listener's sockets unix on http logs.
    - [MEDIUM] Add supports of bind on unix sockets.
    - [BUG] stick table purge failure if size less than 255
    - [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter
    - [MEDIUM] Implement tcp inspect response rules
    - [DOC] tcp-response content and inspect
    - [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type
    - [DOC] acls rep_ssl_hello and req_ssl_hello
    - [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated.
    - [DOC] new type binary in stick-table
    - [DOC] stick store-response and new patterns payload and payload_lv
    - [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command
    - [MEDIUM] Create updates tree on stick table to manage sync.
    - [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management
    - [MEDIUM] Manage peers section parsing and stick table registration on peers.
    - [MEDIUM] Manage soft stop on peers proxy
    - [DOC] add documentation for peers section
    - [MINOR] checks: add support for LDAPv3 health checks
    - [MINOR] add better support to "mysql-check"
    - [BUG] Restore info about available active/backup servers
    - [CONTRIB] Update haproxy.pl
    - [CONTRIB] Update Cacti Tempates
    - [CONTRIB] add templates for Cacti.
    - [BUG] http: don't consider commas as a header delimitor within quotes
    - [MINOR] support a global jobs counter
    - [DOC] add a summary about cookie incompatibilities between specs and browsers
    - [DOC] fix description of cookie "insert" and "indirect" modes
    - [MEDIUM] http: fix space handling in the request cookie parser
    - [MEDIUM] http: fix space handling in the response cookie parser
    - [DOC] fix typo in the queue() definition (backend, not frontend)
    - [BUG] deinit: unbind listeners before freeing them
    - [BUG] stream_interface: only call si->release when both dirs are closed
    - [MEDIUM] buffers: rework the functions to exchange between SI and buffers
    - [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend)
    - [MINOR] halog: add '-tc' to sort by termination codes
    - [MINOR] halog: skip non-traffic logs for -st and -tc
    - [BUG] stream_sock: cleanly disable the listener in case of resource shortage
    - [BUILD] stream_sock: previous fix lacked the #include, causing a warning.
    - [DOC] bind option is "defer-accept", not "defer_accept"
    - [DOC] missing index entry for http-check send-state
    - [DOC] tcp-request inspect-delay is for backends too
    - [BUG] ebtree: string_equal_bits() could return garbage on identical strings
    - [BUG] stream_sock: try to flush any extra pending request data after a POST
    - [BUILD] proto_http: eliminate some build warnings with gcc-2.95
    - [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose
    - [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full
    - [MEDIUM] checks: add support for HTTP contents lookup
    - [TESTS] add test-check-expect to test various http-check methods
    - [MINOR] global: add "tune.chksize" to change the default check buffer size
    - [MINOR] cookie: add options "maxidle" and "maxlife"
    - [MEDIUM] cookie: support client cookies with some contents appended to their value
    - [MINOR] http: make some room in the transaction flags to extend cookies
    - [MINOR] cookie: add the expired (E) and old (O) flags for request cookies
    - [MEDIUM] cookie: reassign set-cookie status flags to store more states
    - [MINOR] add encode/decode function for 30-bit integers from/to base64
    - [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies
    - [MEDIUM] cookie: set the date in the cookie if needed
    - [DOC] document the cookie maxidle and maxlife parameters
    - [BUG] checks: don't log backend down for all zero-weight servers
    - [MEDIUM] checks: set server state to one state from failure when leaving maintenance
    - [BUG] config: report correct keywords for "observe"
    - [MINOR] checks: ensure that we can inherit binary checks from the defaults section
    - [MINOR] acl: add the http_req_first match
    - [DOC] fix typos about bind-process syntax
    - [BUG] cookie: correctly unset default cookie parameters
    - [MINOR] cookie: add support for the "preserve" option
    - [BUG] ebtree: fix duplicate strings insertion
    - [CONTRIB] halog: report per-url counts, errors and times
    - [CONTRIB] halog: minor speed improvement in timer parser
    - [MINOR] buffers: add a new request analyser flag for PROXY mode
    - [MINOR] listener: add the "accept-proxy" option to the "bind" keyword
    - [MINOR] standard: add read_uint() to parse a delimited unsigned integer
    - [MINOR] standard: change arg type from const char* to char*
    - [MINOR] frontend: add a new analyser to parse a proxied connection
    - [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections
    - [DOC] add the proxy protocol's specifications
    - [DOC] document the 'accept-proxy' bind option
    - [MINOR] cfgparse: report support of <path> for the 'bind' statements
    - [DOC] add references to unix socket handling
    - [MINOR] move MAXPATHLEN definition to compat.h
    - [MEDIUM] unix sockets: cleanup the error reporting path
    - [BUG] session: don't stop forwarding of data upon last packet
    - [CLEANUP] accept: replace some inappropriate Alert() calls with send_log()
    - [BUILD] peers: shut a printf format warning (key_size is a size_t)
    - [BUG] accept: don't close twice upon error
    - [OPTIM] session: don't recheck analysers when buffer flags have not changed
    - [OPTIM] stream_sock: don't clear FDs that are already cleared
    - [BUG] proto_tcp: potential bug on pattern fetch dst and dport

2010/08/28 : 1.5-dev2
    - [MINOR] startup: release unused structs after forking
    - [MINOR] startup: don't wait for nothing when no old pid remains
    - [CLEANUP] reference product branch 1.5
    - [MEDIUM] signals: add support for registering functions and tasks
    - [MEDIUM] signals: support redistribution of signal zero when stopping
    - [BUG] http: don't set auto_close if more data are expected

2010/08/25 : 1.5-dev1
    - [BUG] stats: session rate limit gets garbaged in the stats
    - [DOC] mention 'option http-server-close' effect in Tq section
    - [DOC] summarize and highlight persistent connections behaviour
    - [DOC] add configuration samples
    - [BUG] http: dispatch and http_proxy modes were broken for a long time
    - [BUG] http: the transaction must be initialized even in TCP mode
    - [BUG] tcp: dropped connections must be counted as "denied" not "failed"
    - [BUG] consistent hash: balance on all servers, not only 2 !
    - [CONTRIB] halog: report per-server status codes, errors and response times
    - [BUG] http: the transaction must be initialized even in TCP mode (part 2)
    - [BUG] client: always ensure to zero rep->analysers
    - [BUG] session: clear BF_READ_ATTACHED before next I/O
    - [BUG] http: automatically close response if req is aborted
    - [BUG] proxy: connection rate limiting was eating lots of CPU
    - [BUG] http: report correct flags in case of client aborts during body
    - [TESTS] refine non-regression tests and add 4 new tests
    - [BUG] debug: wrong pointer was used to report a status line
    - [BUG] debug: correctly report truncated messages
    - [DOC] document the "dispatch" keyword
    - [BUG] stick_table: fix possible memory leak in case of connection error
    - [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents
    - [MINOR] accept: count the incoming connection earlier
    - [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp
    - [CLEANUP] client: move some ACLs away to their respective locations
    - [CLEANUP] rename client -> frontend
    - [MEDIUM] separate protocol-level accept() from the frontend's
    - [MINOR] proxy: add a list to hold future layer 4 rules
    - [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject)
    - [MEDIUM] tcp: check for pure layer4 rules immediately after accept()
    - [OPTIM] frontend: tell the compiler that errors are unlikely to occur
    - [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener
    - [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set
    - [CLEANUP] buffer->cto is not used anymore
    - [MEDIUM] session: finish session establishment sequence in with I/O handlers
    - [MEDIUM] session: initialize server-side timeouts after connect()
    - [MEDIUM] backend: initialize the server stream_interface upon connect()
    - [MAJOR] frontend: don't initialize the server-side stream_int anymore
    - [MEDIUM] session: move the conn_retries attribute to the stream interface
    - [MEDIUM] session: don't assign conn_retries upon accept() anymore
    - [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR
    - [MAJOR] frontend: reorder the session initialization upon accept
    - [MINOR] proxy: add an accept() callback for the application layer
    - [MAJOR] frontend: split accept() into frontend_accept() and session_accept()
    - [MEDIUM] stats: rely on the standard session_accept() function
    - [MINOR] buffer: refine the flags that may wake an analyser up.
    - [MINOR] stream_sock: don't dereference a non-existing frontend
    - [MINOR] session: differenciate between accepted connections and received connections
    - [MEDIUM] frontend: count the incoming connection earlier
    - [MINOR] frontend: count denied TCP requests separately
    - [CLEANUP] stick_table: add/clarify some comments
    - [BUILD] memory: add a few missing parenthesis to the pool management macros
    - [MINOR] stick_table: add support for variable-sized data
    - [CLEANUP] stick_table: rename some stksess struct members to avoid confusion
    - [CLEANUP] stick_table: move pattern to key functions to stick_table.c
    - [MEDIUM] stick_table: add room for extra data types
    - [MINOR] stick_table: add support for "conn_cum" data type.
    - [MEDIUM] stick_table: don't overwrite data when storing an entry
    - [MINOR] config: initialize stick tables after all the parsing
    - [MINOR] stick_table: provide functions to return stksess data from a type
    - [MEDIUM] stick_table: move the server ID to a generic data type
    - [MINOR] stick_table: enable it for frontends too
    - [MINOR] stick_table: export the stick_table_key
    - [MINOR] tcp: add per-source connection rate limiting
    - [MEDIUM] stick_table: separate storage and update of session entries
    - [MEDIUM] stick-tables: add a reference counter to each entry
    - [MINOR] session: add a pointer to the tracked counters for the source
    - [CLEANUP] proto_tcp: make the config parser a little bit more flexible
    - [BUG] config: report the correct proxy type in tcp-request errors
    - [MINOR] config: provide a function to quote args in a more friendly way
    - [BUG] stick_table: the fix for the memory leak caused a regression
    - [MEDIUM] backend: support servers on 0.0.0.0
    - [BUG] stick-table: correctly refresh expiration timers
    - [MEDIUM] stream-interface: add a ->release callback
    - [MINOR] proxy: add a "parent" member to the structure
    - [MEDIUM] session: make it possible to call an I/O handler on both SI
    - [MINOR] tools: add a fast div64_32 function
    - [MINOR] freq_ctr: add new types and functions for periods different from 1s
    - [MINOR] errors: provide new status codes for config parsing functions
    - [BUG] http: denied requests must not be counted as denied resps in listeners
    - [MINOR] tools: add a get_std_op() function to parse operators
    - [MEDIUM] acl: make use of get_std_op() to parse intger ranges
    - [MAJOR] stream_sock: better wakeup conditions on read()
    - [BUG] session: analysers must be checked when SI state changes
    - [MINOR] http: reset analysers to listener's, not frontend's
    - [MEDIUM] session: support "tcp-request content" rules in backends
    - [BUILD] always match official tags when doing git-tar
    - [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers
    - [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks
    - [MINOR] tcp: src_count acl does not have a permanent result
    - [MAJOR] session: add track-counters to track counters related to the session
    - [MINOR] stick-table: provide a table lookup function
    - [MINOR] stick-table: use suffix "_cnt" for cumulated counts
    - [MEDIUM] session: move counter ACL fetches from proto_tcp
    - [MEDIUM] session: add concurrent connections counter
    - [MEDIUM] session: add data in and out volume counters
    - [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts
    - [MEDIUM] session-counters: automatically update tracked connection count
    - [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection
    - [MINOR] session: add trk_kbytes_* ACL keywords to track data size
    - [MEDIUM] session: add a counter on the cumulated number of sessions
    - [MINOR] config: support a comma-separated list of store data types in stick-table
    - [MEDIUM] stick-tables: add support for arguments to data_types
    - [MEDIUM] stick-tables: add stored data argument type checking
    - [MEDIUM] session counters: add conn_rate and sess_rate counters
    - [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters
    - [MINOR] stktable: add a stktable_update_key() function
    - [MINOR] session-counters: add a general purpose counter (gpc0)
    - [MEDIUM] session-counters: add HTTP req/err tracking
    - [MEDIUM] stats: add "show table [<name>]" to dump a stick-table
    - [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries
    - [CLEANUP] stick-table: declare stktable_data_types as extern
    - [MEDIUM] stick-table: make use of generic types for stored data
    - [MINOR] stats: correctly report errors on "show table" and "clear table"
    - [MEDIUM] stats: add the ability to dump table entries matching criteria
    - [DOC] configuration: document all the new tracked counters
    - [DOC] stats: document "show table" and "clear table"
    - [MAJOR] session-counters: split FE and BE track counters
    - [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules
    - [MEDIUM] session counters: automatically remove expired entries.
    - [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection"
    - [MEDIUM] session-counters: make it possible to count connections from frontend
    - [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters"
    - [MEDIUM] session-counters: correctly unbind the counters tracked by the backend
    - [CLEANUP] stats: use stksess_kill() to remove table entries
    - [DOC] update the references to session counters and to tcp-request connection
    - [DOC] cleanup: split a few long lines
    - [MEDIUM] http: forward client's close when abortonclose is set
    - [BUG] queue: don't dequeue proxy-global requests on disabled servers
    - [BUG] stats: global stats timeout may be specified before stats socket.
    - [BUG] conf: add tcp-request content rules to the correct list

2010/05/23 : 1.5-dev0
    - exact copy of 1.4.6

2010/05/16 : 1.4.6
    - [BUILD] ebtree: update to v6.0.1 to remove references to dprintf()
    - [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test
    - [MINOR] acl: add srv_is_up() to check that a specific server is up or not
    - [DOC] add a few precisions about the use of RDP cookies

2010/05/13 : 1.4.5
    - [DOC] report minimum kernel version for tproxy in the Makefile
    - [MINOR] add the "ignore-persist" option to conditionally ignore persistence
    - [DOC] add the "ignore-persist" option to conditionally ignore persistence
    - [DOC] fix ignore-persist/force-persist documentation
    - [BUG] cttproxy: socket fd leakage in check_cttproxy_version
    - [DOC] doc/configuration.txt: fix typos
    - [MINOR] option http-pretend-keepalive is both for FEs and BEs
    - [MINOR] fix possible crash in debug mode with invalid responses
    - [MINOR] halog: add support for statisticts on status codes
    - [OPTIM] halog: use a faster zero test in fgets()
    - [OPTIM] halog: minor speedup by using unlikely()
    - [OPTIM] halog: speed up fgets2-64 by about 10%
    - [DOC] refresh the README file and merge the CONTRIB file into it
    - [MINOR] acl: support loading values from files
    - [MEDIUM] ebtree: upgrade to version 6.0
    - [MINOR] acl trees: add flags and union members to store values in trees
    - [MEDIUM] acl: add ability to insert patterns in trees
    - [MEDIUM] acl: add tree-based lookups of exact strings
    - [MEDIUM] acl: add tree-based lookups of networks
    - [MINOR] acl: ignore empty lines and comments in pattern files
    - [MINOR] stick-tables: add support for "stick on hdr"

2010/04/07 : 1.4.4
    - [BUG] appsession should match the whole cookie name
    - [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag
    - [MEDIUM] backend: move the transparent proxy address selection to backend
    - [MINOR] add very fast IP parsing functions
    - [MINOR] add new tproxy flags for dynamic source address binding
    - [MEDIUM] add ability to connect to a server from an IP found in a header
    - [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY
    - [MINOR] http: make it possible to pretend keep-alive when doing close
    - [MINOR] config: report "default-server" instead of "(null)" in error messages

2010/03/30 : 1.4.3
    - [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer()
    - [MEDIUM] session: better fix for connection to servers with closed input
    - [DOC] indicate in the doc how to bind to port ranges
    - [BUG] backend: L7 hashing must not be performed on incomplete requests
    - [TESTS] add a simple program to test connection resets
    - [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used
    - [MINOR] config: emit warnings when HTTP-only options are used in TCP mode
    - [MINOR] config: allow "slowstart 0s"
    - [BUILD] 'make tags' did not consider files ending in '.c'
    - [MINOR] checks: add the ability to disable a server in the config

2010/03/17 : 1.4.2
    - [CLEANUP] product branch update
    - [DOC] Some more documentation cleanups
    - [BUG] clf logs segfault when capturing a non existant header
    - [OPTIM] config: only allocate check buffer when checks are enabled
    - [MEDIUM] checks: support multi-packet health check responses
    - [CLEANUP] session: remove duplicate test
    - [BUG] http: don't wait for response data to leave buffer is client has left
    - [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time
    - [MINOR] stats: don't send empty lines in "show errors"
    - [MINOR] stats: make the data dump function reusable for other purposes
    - [MINOR] stats socket: add show sess <id> to dump details about a session
    - [BUG] stats: connection reset counters must be plain ascii, not HTML
    - [BUG] url_param hash may return a down server
    - [MINOR] force null-termination of hostname
    - [MEDIUM] connect to servers even when the input has already been closed
    - [BUG] don't merge anonymous ACLs !
    - [BUG] config: fix endless loop when parsing "on-error"
    - [MINOR] http: don't mark a server as failed when it returns 501/505
    - [OPTIM] checks: try to detect the end of response without polling again
    - [BUG] checks: don't report an error when recv() returns an error after data
    - [BUG] checks: don't abort when second poll returns an error
    - [MINOR] checks: make shutdown() silently fail
    - [BUG] http: fix truncated responses on chunk encoding when size divides buffer size
    - [BUG] init: unconditionally catch SIGPIPE
    - [BUG] checks: don't wait for a close to start parsing the response

2010/03/04 : 1.4.1
    - [BUG] Clear-cookie path issue
    - [DOC] fix typo on stickiness rules
    - [BUILD] fix BSD and OSX makefiles for missing files
    - [BUILD] includes order breaks OpenBSD build
    - [BUILD] fix some build warnings on Solaris with is* macros
    - [BUG] logs: don't report "last data" when we have just closed after an error
    - [BUG] logs: don't report "proxy request" when server closes early
    - [BUILD] fix platform-dependant build issues related to crypt()
    - [STATS] count transfer aborts caused by client and by server
    - [STATS] frontend requests were not accounted for failed requests
    - [MINOR] report total number of processed connections when stopping a proxy
    - [DOC] be more clear about the limitation to one single monitor-net entry

2010/02/26 : 1.4.0
    - [MINOR] stats: report maint state for tracking servers too
    - [DOC] fix summary to add pattern extraction
    - [DOC] Documentation cleanups
    - [BUG] cfgparse memory leak and missing free calls in deinit()
    - [BUG] pxid/puid/luid: don't shift IDs when some of them are forced
    - [EXAMPLES] add auth.cfg
    - [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008
    - [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once
    - [BUILD] auth: don't use unnamed unions
    - [BUG] config: report unresolvable host names as errors
    - [BUILD] fix build breakage with DEBUG_FULL
    - [DOC] fix a typo about timeout check and clarify the explanation.
    - [MEDIUM] http: don't use trash to realign large buffers
    - [STATS] report HTTP requests (total and rate) in frontends
    - [STATS] separate frontend and backend HTTP stats
    - [MEDIUM] http: revert to use a swap buffer for realignment
    - [MINOR] stats: report the request rate in frontends as cell titles
    - [MINOR] stats: mark areas with an underline when tooltips are available
    - [DOC] reorder some entries to maintain the alphabetical order
    - [DOC] cleanup of the keyword matrix

2010/02/02 : 1.4-rc1
    - [MEDIUM] add a maintenance mode to servers
    - [MINOR] http-auth: last fix was wrong
    - [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table.
    - [MINOR] Base64 decode
    - [MINOR] generic auth support with groups and encrypted passwords
    - [MINOR] add ACL_TEST_F_NULL_MATCH
    - [MINOR] http-request: allow/deny/auth support for frontend/backend/listen
    - [MINOR] acl: add http_auth and http_auth_group
    - [MAJOR] use the new auth framework for http stats
    - [DOC] add info about userlists, http-request and http_auth/http_auth_group acls
    - [STATS] make it possible to change a CLI connection timeout
    - [BUG] patterns: copy-paste typo in type conversion arguments
    - [MINOR] pattern: make the converter more flexible by supporting void* and int args
    - [MINOR] standard: str2mask: string to netmask converter
    - [MINOR] pattern: add support for argument parsers for converters
    - [MINOR] pattern: add the "ipmask()" converting function
    - [MINOR] config: off-by-one in "stick-table" after list of converters
    - [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy
    - [BUG] restore accidentely removed line in last patch !
    - [MINOR] checks: make the HTTP check code add the CRLF itself
    - [MINOR] checks: add the server's status in the checks
    - [BUILD] halog: make without arch-specific optimizations
    - [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit fe362fe4762151d209b9656639ee1651bc2b329d)
    - [MINOR] http: disable keep-alive when process is going down
    - [MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config
    - [CLEANUP] config: use build_acl_cond() instead of parse_acl_cond()
    - [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs
    - [MINOR] prepare req_*/rsp_* to receive a condition
    - [CLEANUP] config: specify correct const char types to warnif_* functions
    - [MEDIUM] config: factor out the parsing of 20 req*/rsp* keywords
    - [MEDIUM] http: make the request filter loop check for optional conditions
    - [MEDIUM] http: add support for conditional request filter execution
    - [DOC] add some build info about the AIX platform (cherry picked from commit e41914c77edbc40aebf827b37542d37d758e371e)
    - [MEDIUM] http: add support for conditional request header addition
    - [MEDIUM] http: add support for conditional response header rewriting
    - [DOC] add some missing ACLs about response header matching
    - [MEDIUM] http: add support for proxy authentication
    - [MINOR] http-auth: make the 'unless' keyword work as expected
    - [CLEANUP] config: use build_acl_cond() to simplify http-request ACL parsing
    - [MEDIUM] add support for anonymous ACLs
    - [MEDIUM] http: switch to tunnel mode after status 101 responses
    - [MEDIUM] http: stricter processing of the CONNECT method
    - [BUG] config: reset check request to avoid double free when switching to ssl/sql
    - [MINOR] config: fix too large ssl-hello-check message.
    - [BUG] fix error response in case of server error

2010/01/25 : 1.4-dev8
    - [CLEANUP] Keep in sync "defaults" support between documentation and code
    - [MEDIUM] http: add support for Proxy-Connection header
    - [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry
    - [MINOR] http: remove a copy-paste typo in transaction cleaning
    - [BUG] http: trim any excess buffer data when recycling a connection

2010/01/25 : 1.4-dev7
    - [BUG] appsession: possible memory leak in case of out of memory condition
    - [MINOR] config: don't accept 'appsession' in defaults section
    - [MINOR] Add function to parse a size in configuration
    - [MEDIUM] Add stick table (persistence) management functions and types
    - [MEDIUM] Add pattern fetch management types and functions
    - [MEDIUM] Add src dst and dport pattern fetches.
    - [MEDIUM] Add stick table configuration and init.
    - [MEDIUM] Add stick and store rules analysers.
    - [MINOR] add option "mysql-check" to use MySQL health checks
    - [BUG] health checks: fix requeued message
    - [OPTIM] remove SSP_O_VIA and SSP_O_STATUS
    - [BUG] checks: fix newline termination
    - [MINOR] acl: add fe_id/so_id to match frontend's and socket's id
    - [BUG] appsession's sessid must be reset at end of transaction
    - [BUILD] appsession did not build anymore under gcc-2.95
    - [BUG] server redirection used an uninitialized string.
    - [MEDIUM] http: fix handling of message pointers
    - [MINOR] http: fix double slash prefix with server redirect
    - [MINOR] http redirect: add the ability to append a '/' to the URL
    - [BUG] stream_interface: fix retnclose and remove cond_close
    - [MINOR] http redirect: don't explicitly state keep-alive on 1.1
    - [MINOR] http: move appsession 'sessid' from session to http_txn
    - [OPTIM] reorder http_txn to optimize cache lines placement
    - [MINOR] http: differentiate waiting for new request and waiting for a complete requst
    - [MINOR] http: add a separate "http-keep-alive" timeout
    - [MINOR] config: remove undocumented and buggy 'timeout appsession'
    - [DOC] fix various too large lines
    - [DOC] remove several trailing spaces
    - [DOC] add the doc about stickiness
    - [BUILD] remove a warning in standard.h on AIX
    - [BUG] checks: chars are unsigned on AIX, check was always true
    - [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv()
    - [BUG] check: we must not check for error before reading a response
    - [BUG] buffers: remove remains of wrong obsolete length check
    - [OPTIM] stream_sock: don't shutdown(write) when the socket is in error
    - [BUG] http: don't count req errors on client resets or t/o during keep-alive
    - [MEDIUM] http: don't switch to tunnel mode upon close
    - [DOC] add documentation about connection header processing
    - [MINOR] http: add http_remove_header2() to remove a header value.
    - [MINOR] tools: add a "word_match()" function to match words and ignore spaces
    - [MAJOR] http: rework request Connection header handling
    - [MAJOR] http: rework response Connection header handling
    - [MINOR] add the ability to force kernel socket buffer size.
    - [BUG] http_server_error() must not purge a previous pending response
    - [OPTIM] http: don't delay response if next request is incomplete
    - [MINOR] add the "force-persist" statement to force persistence on down servers
    - [MINOR] http: logs must report persistent connections to down servers
    - [BUG] buffer_replace2 must never change the ->w entry

2010/01/08 : 1.4-dev6
    - [BUILD] warning in stream_interface.h
    - [BUILD] warning ultoa_r returns char *
    - [MINOR] hana: only report stats if it is enabled
    - [MINOR] stats: add "a link" & "a href" for sockets
    - [MINOR]: stats: add show-legends to report additional informations
    - [MEDIUM] default-server support
    - [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list
    - [MINOR] stats: add href to tracked server
    - [BUG] stats: show UP/DOWN status also in tracking servers
    - [DOC] Restore ability to search a keyword at the beginning of a line
    - [BUG] stats: cookie should be reported under backend not under proxy
    - [BUG] cfgparser/stats: fix error message
    - [BUG] http: disable auto-closing during chunk analysis
    - [BUG] http: fix hopefully last closing issue on data forwarding
    - [DEBUG] add an http_silent_debug function to debug HTTP states
    - [MAJOR] http: fix again the forward analysers
    - [BUG] http_process_res_common() must not skip the forward analyser
    - [BUG] http: some possible missed close remain in the forward chain
    - [BUG] http: redirect needed to be updated after recent changes
    - [BUG] http: don't set no-linger on response in case of forced close
    - [MEDIUM] http: restore the original behaviour of option httpclose
    - [TESTS] add a file to test various connection modes
    - [BUG] http: check options before the connection header
    - [MAJOR] session: fix the order by which the analysers are run
    - [MEDIUM] session: also consider request analysers added during response
    - [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags
    - [BUG] http: memory leak with captures when using keep-alive
    - [BUG] http: fix for capture memory leak was incorrect
    - [MINOR] http redirect: use proper call to return last response
    - [MEDIUM] http: wait for some flush of the response buffer before a new request
    - [MEDIUM] session: limit the number of analyser loops

2010/01/03 : 1.4-dev5
    - [MINOR] server tracking: don't care about the tracked server's mode
    - [MEDIUM] appsession: add "len", "prefix" and "mode" options
    - [MEDIUM] appsession: add the "request-learn" option
    - [BUG] Configuration parser bug when escaping characters
    - [MINOR] CSS & HTML fun
    - [MINOR] Collect & provide http response codes received from servers
    - [BUG] Fix silly typo: hspr_other -> hrsp_other
    - [MINOR] Add "a name" to stats page
    - [MINOR] add additional "a href"s to stats page
    - [MINOR] Collect & provide http response codes for frontends, fix backends
    - [DOC] some small spell fixes and unifications
    - [MEDIUM] Decrease server health based on http responses / events, version 3
    - [BUG] format '%d' expects type 'int', but argument 5 has type 'long int'
    - [BUG] config: fix erroneous check on cookie domain names, again
    - [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately
    - [DOC] trivial fix for man page
    - [MINOR] config: report all supported options for the "bind" keyword
    - [MINOR] tcp: add support for the defer_accept bind option
    - [MINOR] unix socket: report the socket path in case of bind error
    - [CONTRIB] halog: support searching by response time
    - [DOC] add a reminder about obsolete documents
    - [DOC] point to 1.4 doc, not 1.3
    - [DOC] option tcp-smart-connect was missing from index
    - [MINOR] http: detect connection: close earlier
    - [CLEANUP] sepoll: clean up the fd_clr/fd_set functions
    - [OPTIM] move some rarely used fields out of fdtab
    - [MEDIUM] fd: merge fd_list into fdtab
    - [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required
    - [MINOR] http: add new transaction flags for keep-alive and content-length
    - [MEDIUM] http request: parse connection, content-length and transfer-encoding
    - [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite
    - [MINOR] http request: simplify the test of no-data
    - [MEDIUM] http request: simplify POST length detection
    - [MEDIUM] http request: make use of pre-parsed transfer-encoding header
    - [MAJOR] http: create the analyser which waits for a response
    - [MINOR] http: pre-set the persistent flags in the transaction
    - [MEDIUM] http response: check body length and set transaction flags
    - [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite
    - [MINOR] http: remove the last call to stream_int_return
    - [IMPORT] import ebtree v5.0 into directory ebtree/
    - [MEDIUM] build: switch ebtree users to use new ebtree version
    - [CLEANUP] ebtree: remove old unused files
    - [BUG] definitely fix regparm issues between haproxy core and ebtree
    - [CLEANUP] ebtree: cast to char * to get rid of gcc warning
    - [BUILD] missing #ifndef in ebmbtree.h
    - [BUILD] missing #ifndef in ebsttree.h
    - [MINOR] tools: add hex2i() function to convert hex char to int
    - [MINOR] http: create new MSG_BODY sub-states
    - [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms
    - [DOC] option is "defer-accept", not "defer_accept"
    - [MINOR] http: keep pointer to beginning of data
    - [BUG] x-original-to: name was not set in default instance
    - [MINOR] http: detect tunnel mode and set it in the session
    - [BUG] config: fix error message when config file is not found
    - [BUG] config: fix wrong handling of too large argument count
    - [BUG] config: disable 'option httplog' on TCP proxies
    - [BUG] config: fix erroneous check on cookie domain names
    - [BUG] config: cookie domain was ignored in defaults sections
    - [MINOR] config: support passing multiple "domain" statements to cookies
    - [MINOR] ebtree: add functions to lookup non-null terminated strings
    - [MINOR] config: don't report error on all subsequent files on failure
    - [BUG] second fix for the printf format warning
    - [BUG] check_post: limit analysis to the buffer length
    - [MEDIUM] http: process request body in a specific analyser
    - [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post()
    - [MAJOR] http: completely process the "connection" header
    - [MINOR] http: only consider chunk encoding with HTTP/1.1
    - [MAJOR] buffers: automatically compute the maximum buffer length
    - [MINOR] http: move the http transaction init/cleanup code to proto_http
    - [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs
    - [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE
    - [MEDIUM] http: rework chunk-size parser
    - [MEDIUM] http: add a new transaction flags indicating if we know the transfer length
    - [MINOR] buffers: add buffer_ignore() to skip some bytes
    - [BUG] http: offsets are relative to the buffer, not to ->som
    - [MEDIUM] http: automatically re-aling request buffer
    - [BUG] http: body parsing must consider the start of message
    - [MINOR] new function stream_int_cond_close()
    - [MAJOR] http: implement body parser
    - [BUG] http: typos on several unlikely() around header insertion
    - [BUG] stream_sock: wrong max computation on recv
    - [MEDIUM] http: rework the buffer alignment logic
    - [BUG] buffers: wrong size calculation for displaced data
    - [MINOR] stream_sock: prepare for closing when all pending data are sent
    - [MEDIUM] http: add two more states for the closing period
    - [MEDIUM] http: properly handle "option forceclose"
    - [MINOR] stream_sock: add SI_FL_NOLINGER for faster close
    - [MEDIUM] http: make forceclose use SI_FL_NOLINGER
    - [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts
    - [MEDIUM] http: add some SI_FL_NOLINGER around server errors
    - [MINOR] config: option forceclose is valid in frontends too
    - [BUILD] halog: insufficient include path in makefile
    - [MEDIUM] http: make the analyser not rely on msg being initialized anymore
    - [MEDIUM] http: make the parsers able to wait for a buffer flush
    - [MAJOR] http: add support for option http-server-close
    - [BUG] http: ensure we abort data transfer on write error
    - [BUG] last fix was overzealous and disabled server-close
    - [BUG] http: fix erroneous trailers size computation
    - [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data
    - [OPTIM] http: set MSG_MORE on response when a pipelined request is pending
    - [BUG] http: redirects were broken by chunk changes
    - [BUG] http: the request URI pointer is relative to the buffer
    - [OPTIM] http: don't immediately enable reading on request
    - [MINOR] http: move redirect messages to HTTP/1.1 with a content-length
    - [BUG] http: take care of errors, timeouts and aborts during the data phase
    - [MINOR] http: don't wait for sending requests to the server
    - [MINOR] http: make the conditional redirect support keep-alive
    - [BUG] http: fix cookie parser to support spaces and commas in values
    - [MINOR] config: some options were missing for "redirect"
    - [MINOR] redirect: add support for unconditional rules
    - [MINOR] config: centralize proxy struct initialization
    - [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements
    - [MEDIUM] config: remove the limitation of 10 config files
    - [CLEANUP] http: remove a remaining impossible condition
    - [OPTIM] http: optimize a bit the construct of the forward loops

2009/10/12 : 1.4-dev4
    - [DOC] add missing rate_lim and rate_max
    - [MAJOR] struct chunk rework
    - [MEDIUM] Health check reporting code rework + health logging, v3
    - [BUG] check if rise/fall has an argument and it is > 0
    - [MINOR] health checks logging unification
    - [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2
    - [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname.
    - [DOC] Add information about http://haproxy.1wt.eu/contrib.html
    - [MINOR] Introduce include/types/counters.h
    - [CLEANUP] Move counters to dedicated structures
    - [MINOR] Add "clear counters" to clear statistics counters
    - [MEDIUM] Collect & provide separate statistics for sockets, v2
    - [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
    - [MINOR] acl: don't report valid acls as potential mistakes
    - [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim()
    - [MINOR] Add chunk_htmlencode and chunk_asciiencode
    - [MINOR] Capture & display more data from health checks, v2
    - [BUG] task.c: don't assing last_timer to node-less entries
    - [BUG] http stats: large outputs sometimes got some parts chopped off
    - [MINOR] backend: export some functions to recount servers
    - [MINOR] backend: uninline some LB functions
    - [MINOR] include time.h from freq_ctr.h as is uses "now".
    - [CLEANUP] backend: move LB algos to individual files
    - [MINOR] lb_map: reorder code in order to ease integration of new hash functions
    - [CLEANUP] proxy: move last lb-specific bits to their respective files
    - [MINOR] backend: separate declarations of LB algos from their lookup method
    - [MINOR] backend: reorganize the LB algorithm selection
    - [MEDIUM] backend: introduce the "static-rr" LB algorithm
    - [MINOR] report list of supported pollers with -vv
    - [DOC] log-health-checks is an option, not a directive
    - [MEDIUM] new option "independant-streams" to stop updating read timeout on writes
    - [BUG] stats: don't call buffer_shutw(), but ->shutw() instead
    - [MINOR] stats: strip CR and LF from the input command line
    - [BUG] don't refresh timeouts late after detected activity
    - [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk()
    - [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk()
    - [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk
    - [MEDIUM] stats: don't use s->ana_state anymore
    - [MINOR] remove now obsolete ana_state from the session struct
    - [MEDIUM] stats: make HTTP stats use an I/O handler
    - [MEDIUM] stream_int: adjust WAIT_ROOM handling
    - [BUG] config: look for ID conflicts in all sockets, not only last ones.
    - [MINOR] config: reference file and line with any listener/proxy/server declaration
    - [MINOR] config: report places of duplicate names or IDs
    - [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules
    - [MINOR] tools: add a new get_next_id() function
    - [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners
    - [OPTIM] counters: move some max numbers to the counters struct
    - [BUG] counters: fix segfault on missing counters for a listener
    - [MEDIUM] backend: implement consistent hashing variation
    - [MINOR] acl: add fe_conn, be_conn, queue, avg_queue
    - [MINOR] stats: use 'clear counters all' to clear all values
    - [MEDIUM] add access restrictions to the stats socket
    - [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length
    - [MINOR] proxy: provide function to retrieve backend/server pointers
    - [MINOR] add the "initial weight" to the server struct.
    - [MEDIUM] stats: add the "get weight" command to report a server's weight
    - [MEDIUM] stats: add the "set weight" command
    - [BUILD] add a 'make tags' target
    - [MINOR] stats: add support for numeric IDs in set weight/get weight
    - [MINOR] stats: use a dedicated state to output static data
    - [OPTIM] stats: check free space before trying to print

2009/09/24 : 1.4-dev3
    - [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD
    - [MEDIUM] Collect & show information about last health check, v3
    - [MINOR] export the hostname variable so that all the code can access it
    - [MINOR] stats: add a new node-name setting
    - [MEDIUM] remove old experimental tcpsplice option
    - [BUILD] fix build for systems without SOL_TCP
    - [MEDIUM] move connection establishment from backend to the SI.
    - [MEDIUM] make the global stats socket part of a frontend
    - [MEDIUM] session: account per-listener connections
    - [MINOR] session: switch to established state if no connect function
    - [MEDIUM] make the unix stats sockets use the generic session handler
    - [CLEANUP] unix: remove uxst_process_session()
    - [CLEANUP] move remaining stats sockets code to dumpstats
    - [MINOR] move the initial task's nice value to the listener
    - [MINOR] cleanup set_session_backend by using pre-computed analysers
    - [MINOR] set s->srv_error according to the analysers
    - [MEDIUM] set rep->analysers from fe and be analysers
    - [MEDIUM] replace BUFSIZE with buf->size in computations
    - [MEDIUM] make it possible to change the buffer size in the configuration
    - [MEDIUM] report error on buffer writes larger than buffer size
    - [MEDIUM] stream_interface: add and use ->update function to resync
    - [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead
    - [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead
    - [BUG] tarpit did not work anymore
    - [MINOR] acl: add support for hdr_ip to match IP addresses in headers
    - [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag
    - [MINOR] buffers: provide more functions to handle buffer data
    - [MEDIUM] buffers: provide new buffer_feed*() function
    - [MINOR] buffers: add peekchar and peekline functions for stream interfaces
    - [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface
    - [BUG] buffer_forward() would not correctly consider data already scheduled
    - [MINOR] buffers: add buffer_cut_tail() to cut only unsent data
    - [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors
    - [MAJOR] http: add support for HTTP 1xx informational responses
    - [MINOR] buffers: inline buffer_si_putchar()
    - [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE
    - [MAJOR] buffers: fix the BF_EMPTY flag's meaning
    - [BUG] stream_interface: SI_ST_CLO must have buffers SHUT
    - [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set
    - [MEDIUM] add support for infinite forwarding
    - [BUILD] stream_interface: fix conflicting declaration
    - [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY
    - [BUG] variable buffer size ignored at initialization time
    - [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL
    - [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds
    - [MINOR] stream_interface: add SI_FL_DONT_WAKE flag
    - [MINOR] stream_interface: add iohandler callback
    - [MINOR] stream_interface: add functions to support running as internal/external tasks
    - [MEDIUM] session: call iohandler for embedded tasks (applets)
    - [MINOR] add a ->private member to the stream_interface
    - [MEDIUM] stats: prepare the connection for closing before dumping
    - [MEDIUM] stats: replace the stats socket analyser with an SI applet

2009/08/09 : 1.4-dev2
    - [BUG] task: fix possible crash when some timeouts are not configured
    - [BUG] log: option tcplog would log to global if no logger was defined

2009/07/29 : 1.4-dev1
    - [MINOR] acl: add support for matching of RDP cookies
    - [MEDIUM] add support for RDP cookie load-balancing
    - [MEDIUM] add support for RDP cookie persistence
    - [MINOR] add a new CLF log format
    - [MINOR] startup: don't imply -q with -D
    - [BUG] ensure that we correctly re-start old process in case of error
    - [MEDIUM] add support for binding to source port ranges during connect
    - [MINOR] config: track "no option"/"option" changes
    - [MINOR] config: support resetting options do default values
    - [MEDIUM] implement option tcp-smart-accept at the frontend
    - [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux
    - [MEDIUM] implement tcp-smart-connect option at the backend
    - [MEDIUM] add support for TCP MSS adjustment for listeners
    - [MEDIUM] support setting a server weight to zero
    - [MINOR] make DEFAULT_MAXCONN user-configurable at build time
    - [MAJOR] session: don't clear buffer status flags anymore
    - [MAJOR] session: only check for timeouts when they have just occurred.
    - [MAJOR] session: simplify buffer error handling
    - [MEDIUM] config: split parser and checker in two functions
    - [MEDIUM] config: support loading multiple configuration files
    - [MEDIUM] stream_sock: don't close prematurely when nolinger is set
    - [MEDIUM] session: rework buffer analysis to permit permanent analysers
    - [MEDIUM] splice: set the capability on each stream_interface
    - [BUG] http: redirect rules were processed too early
    - [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define
    - [MEDIUM] http: split request waiter from request processor
    - [MEDIUM] session: tell analysers what bit they were called for
    - [MAJOR] http: complete splitting of the remaining stages
    - [MINOR] report in the proxies the requirements for ACLs
    - [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx
    - [MINOR] acl: add HTTP protocol detection (req_proto_http)
    - [MINOR] prepare callers of session_set_backend to handle errors
    - [BUG] default ACLs did not properly set the ->requires flag
    - [MEDIUM] allow a TCP frontend to switch to an HTTP backend
    - [MINOR] ensure we can jump from swiching rules to http without data
    - [MINOR] http: take http request timeout from the backend
    - [MINOR] allow TCP inspection rules to make use of HTTP ACLs
    - [BUILD] report commit date and not author's date as build date
    - [MINOR] acl: don't complain anymore when using L7 acls in TCP
    - [BUG] stream_sock: always shutdown(SHUT_WR) before closing
    - [BUG] stream_sock: don't stop reading when the poller reports an error
    - [BUG] config: tcp-request content only accepts "if" or "unless"
    - [BUG] task: fix possible timer drift after update
    - [MINOR] apply tcp-smart-connect option for the checks too
    - [MINOR] stats: better displaying in MSIE
    - [MINOR] config: improve error reporting in global section
    - [MINOR] config: improve error reporting in listen sections
    - [MINOR] config: the "capture" keyword is not allowed in backends
    - [MINOR] config: improve error reporting when checking configuration
    - [BUILD] fix a minor build warning on AIX
    - [BUILD] use "git cmd" instead of "git-cmd"
    - [CLEANUP] report 2009 not 2008 in the copyright banner.
    - [MINOR] print usage on the stats sockets upon invalid commands
    - [MINOR] acl: detect and report potential mistakes in ACLs
    - [BUILD] fix incorrect printf arg count with tcp_splice
    - [BUG] fix random pauses on last segment of a series
    - [BUILD] add support for build under Cygwin

2009/06/09 : 1.4-dev0
    - exact copy of 1.3.18

2009/05/10 : 1.3.18
    - [MEDIUM] add support for "balance hdr(name)"
    - [CLEANUP] give a little bit more information in error message
    - [MINOR] add X-Original-To: header
    - [BUG] x-original-to: fix missing initialization to default value
    - [BUILD] spec file: fix broken pipe during rpmbuild and add man file
    - [MINOR] improve reporting of misplaced acl/reqxxx rules
    - [MEDIUM] http: add options to ignore invalid header names
    - [MEDIUM] http: capture invalid requests/responses even if accepted
    - [BUILD] add format(printf) to printf-like functions
    - [MINOR] fix several printf formats and missing arguments
    - [BUG] stats: total and lbtot are unsigned
    - [MINOR] fix a few remaining printf-like formats on 64-bit platforms
    - [CLEANUP] remove unused make option from haproxy.spec
    - [BUILD] make it possible to pass alternative arch at build time
    - [MINOR] switch all stat counters to 64-bit
    - [MEDIUM] ensure we don't recursively call pool_gc2()
    - [CRITICAL] uninitialized response field can sometimes cause crashes
    - [BUG] fix wrong pointer arithmetics in HTTP message captures
    - [MINOR] rhel init script : support the reload operation
    - [MINOR] add basic signal handling functions
    - [BUILD] add signal.o to all makefiles
    - [MEDIUM] call signal_process_queue from run_poll_loop
    - [MEDIUM] pollers: don't wait if a signal is pending
    - [MEDIUM] convert all signals to asynchronous signals
    - [BUG] O(1) pollers should check their FD before closing it
    - [MINOR] don't close stdio fds twice
    - [MINOR] add options dontlog-normal and log-separate-errors
    - [DOC] minor fixes and rearrangements
    - [BUG] fix parser crash on unconditional tcp content rules
    - [DOC] rearrange the configuration manual and add a summary
    - [MINOR] standard: provide a new 'my_strndup' function
    - [MINOR] implement per-logger log level limitation
    - [MINOR] compute the max of sessions/s on fe/be/srv
    - [MINOR] stats: report max sessions/s and limit in CSV export
    - [MINOR] stats: report max sessions/s and limit in HTML stats
    - [MINOR] stats/html: use the arial font before helvetica

2009/03/29 : 1.3.17
    - Update specfile to build for v2.6 kernel.
    - [BUG] reset the stream_interface connect timeout upon connect or error
    - [BUG] reject unix accepts when connection limit is reached
    - [MINOR] show sess: report number of calls to each task
    - [BUG] don't call epoll_ctl() on closed sockets
    - [BUG] stream_sock: disable I/O on fds reporting an error
    - [MINOR] sepoll: don't count two events on the same FD.
    - [MINOR] show sess: report a lot more information about sessions
    - [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts
    - [BUG] don't set an expiration date directly from now_ms
    - [MINOR] implement ulltoh() to write HTML-formatted numbers
    - [MINOR] stats/html: group digits by 3 to clarify numbers
    - [BUILD] remove haproxy-small.spec
    - [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND

2009/03/22 : 1.3.16
    - [BUILD] Fixed Makefile for linking pcre
    - [CONTRIB] selinux policy for haproxy
    - [MINOR] show errors: encode backslash as well as non-ascii characters
    - [MINOR] cfgparse: some cleanups in the consistency checks
    - [MINOR] cfgparse: set backends to "balance roundrobin" by default
    - [MINOR] tcp-inspect: permit the use of no-delay inspection
    - [MEDIUM] reverse internal proxy declaration order to match configuration
    - [CLEANUP] config: catch and report some possibly wrong rule ordering
    - [BUG] connect timeout is in the stream interface, not the buffer
    - [BUG] session: errors were not reported in termination flags in TCP mode
    - [MINOR] tcp_request: let the caller take care of errors and timeouts
    - [CLEANUP] http: remove some commented out obsolete code in process_response
    - [MINOR] update ebtree to version 4.1
    - [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1
    - [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present
    - [BUG] scheduler: fix improper handling of duplicates __task_queue()
    - [MINOR] sched: permit a task to stay up between calls
    - [MINOR] task: keep a task count and clean up task creators
    - [MINOR] stats: report number of tasks (active and running)
    - [BUG] server check intervals must not be null
    - [OPTIM] stream_sock: don't retry to read after a large read
    - [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates
    - [MEDIUM] session: don't resync FSMs on non-interesting changes
    - [BUG] check for global.maxconn before doing accept()
    - [OPTIM] sepoll: do not re-check whole list upon accepts

2009/03/09 : 1.3.16-rc2
    - [BUG] stream_sock: write timeout must be updated when forwarding !

2009/03/09 : 1.3.16-rc1
    - appsessions: cleanup DEBUG_HASH and initialize request_counter
    - [MINOR] acl: add new keyword "connslots"
    - [MINOR] cfgparse: fix off-by 2 in error message size
    - [BUILD] fix build with gcc 4.3
    - [BUILD] fix MANDIR default location to match documentation
    - [TESTS] add a debug patch to help trigger the stats bug
    - [BUG] Flush buffers also where there are exactly 0 bytes left
    - [MINOR] Allow to specify a domain for a cookie
    - [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain)
    - [MEDIUM] Fix memory freeing at exit
    - [MEDIUM] Fix memory freeing at exit, part 2
    - [BUG] Fix listen & more of 2 couples <ip>:<port>
    - [DOC] remove buggy comment for use_backend
    - [CRITICAL] fix server state tracking: it was O(n!) instead of O(n)
    - [MEDIUM] add support for URI hash depth and length limits
    - [MINOR] permit renaming of x-forwarded-for header
    - [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface
    - [BUILD] Haproxy won't compile if DEBUG_FULL is defined
    - [MEDIUM] upgrade to ebtree v4.0
    - [DOC] update the README file with new build options
    - [MEDIUM] reduce risk of event starvation in ev_sepoll
    - [MEDIUM] detect streaming buffers and tag them as such
    - [MEDIUM] add support for conditional HTTP redirection
    - [BUILD] make install should depend on haproxy not "all"
    - [DEBUG] add a TRACE macro to facilitate runtime data extraction
    - [BUG] event pollers must not wait if a task exists in the run queue
    - [BUG] queue management: wake oldest request in queues
    - [BUG] log: reported queue position was offed-by-one
    - [BUG] fix the dequeuing logic to ensure that all requests get served
    - [DOC] documentation for the "retries" parameter was missing.
    - [MEDIUM] implement a monotonic internal clock
    - [MEDIUM] further improve monotonic clock by check forward jumps
    - [OPTIM] add branch prediction hints in list manipulations
    - [MAJOR] replace ultree with ebtree in wait-queues
    - [BUG] we could segfault during exit while freeing uri_auths
    - [BUG] wqueue: perform proper timeout comparisons with wrapping values
    - [MINOR] introduce now_ms, the current date in milliseconds
    - [BUG] disable buffer read timeout when reading stats
    - [MEDIUM] rework the wait queue mechanism
    - [BUILD] change declaration of base64tab to fix build with Intel C++
    - [OPTIM] shrink wake_expired_tasks() by using task_wakeup()
    - [MAJOR] use an ebtree instead of a list for the run queue
    - [MEDIUM] introduce task->nice and boot access to statistics
    - [OPTIM] task_queue: assume most consecutive timers are equal
    - [BUILD] silent a warning in unlikely() with gcc 4.x
    - [MAJOR] convert all expiration timers from timeval to ticks
    - [BUG] use_backend would not correctly consider "unless"
    - [TESTS] added test-acl.cfg to test some ACL combinations
    - [MEDIUM] add support for configuration keyword registration
    - [MEDIUM] modularize the global "stats" keyword configuration parser
    - [MINOR] cfgparse: add support for warnings in external functions
    - [MEDIUM] modularize the "timeout" keyword configuration parser
    - [MAJOR] implement tcp request content inspection
    - [MINOR] acl: add a new parsing function: parse_dotted_ver
    - [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version
    - [CLEANUP] remove unused include/types/client.h
    - [CLEANUP] remove many #include <types/xxx> from C files
    - [CLEANUP] remove dependency on obsolete INTBITS macro
    - [DOC] document the new "tcp-request" keyword and associated ACLs
    - [MINOR] acl: add REQ_CONTENT to the list of default acls
    - [MEDIUM] acl: permit fetch() functions to set the result themselves
    - [MEDIUM] acl: get rid of dummy values in always_true/always_false
    - [MINOR] acl: add the "wait_end" acl verb
    - [MEDIUM] acl: enforce ACL type checking
    - [MEDIUM] acl: set types on all currently known ACL verbs
    - [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings
    - [CLEANUP] remove 65 useless NULL checks before free
    - [MEDIUM] memory: update pool_free2() to support NULL pointers
    - [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns
    - [MEDIUM] process_srv: rely on buffer flags for client shutdown
    - [MEDIUM] process_srv: don't rely at all on client state
    - [MEDIUM] process_cli: don't rely at all on server state
    - [BUG] fix segfault with url_param + check_post
    - [BUG] server timeout was not considered in some circumstances
    - [BUG] client timeout incorrectly rearmed while waiting for server
    - [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1)
    - [MAJOR] get rid of SV_STANALYZE (step 2)
    - [MEDIUM] simplify and centralize request timeout cancellation and request forwarding
    - [MAJOR] completely separate HTTP and TCP states on the request path
    - [BUG] fix recently introduced loop when client closes early
    - [MAJOR] get rid of the SV_STHEADERS state
    - [MAJOR] better separation of response processing and server state
    - [MAJOR] clearly separate HTTP response processing from TCP server state
    - [MEDIUM] remove unused references to {CL|SV}_STSHUT*
    - [MINOR] term_trace: add better instrumentations to trace the code
    - [BUG] ev_sepoll: closed file descriptors could persist in the spec list
    - [BUG] process_response must not enable the read FD
    - [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue
    - [BUG] process_response: do not touch srv_state
    - [BUG] maintain_proxies must not disable backends
    - [CLEANUP] get rid of BF_SHUT*_PENDING
    - [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l
    - [MAJOR] process_session: rely only on buffer flags
    - [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout
    - [MEDIUM] centralize buffer timeout checks at the top of process_session
    - [MINOR] ensure the termination flags are set by process_xxx
    - [MEDIUM] session: move the analysis bit field to the buffer
    - [OPTIM] process_cli/process_srv:  reduce the number of tests
    - [BUG] regparm is broken on gcc < 3
    - [BUILD] fix warning in proto_tcp.c with gcc >= 4
    - [MEDIUM] merge inspect_exp and txn->exp into request buffer
    - [BUG] process_cli/process_srv: don't call shutdown when already done
    - [BUG] process_request: HTTP body analysis must return zero if missing data
    - [TESTS] test-fsm: 22 regression tests for state machines
    - [BUG] Fix empty X-Forwarded-For header name when set in defaults section
    - [BUG] fix harmless but wrong fd insertion sequence
    - [MEDIUM] make it possible for analysers to follow the whole session
    - [MAJOR] rework of the server FSM
    - [OPTIM] remove useless fd_set(read) upon shutdown(write)
    - [MEDIUM] massive cleanup of process_srv()
    - [MEDIUM] second level of code cleanup for process_srv_data
    - [MEDIUM] third cleanup and optimization of process_srv_data()
    - [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts
    - [MEDIUM] stream_sock_process_data moved to stream_sock.c
    - [MAJOR] make the client side use stream_sock_process_data()
    - [MEDIUM] split stream_sock_process_data
    - [OPTIM] stream_sock_read must check for null-reads more often
    - [MINOR] only call flow analysers when their read side is connected.
    - [MEDIUM] reintroduce BF_HIJACK with produce_content
    - [MINOR] re-arrange buffer flags and rename some of them
    - [MINOR] do not check for BF_SHUTR when computing write timeout
    - [OPTIM] ev_sepoll: detect newly created FDs and check them once
    - [OPTIM] reduce the number of calls to task_wakeup()
    - [OPTIM] force inlining of large functions with gcc >= 3
    - [MEDIUM] indicate a reason for a task wakeup
    - [MINOR] change type of fdtab[]->owner to void*
    - [MAJOR] make stream sockets aware of the stream interface
    - [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers
    - [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT
    - [MEDIUM] process_session: make use of the new buffer flags
    - [CLEANUP] process_session: move debug outputs out of the critical loop
    - [MEDIUM] move QUEUE and TAR timers to stream interfaces
    - [OPTIM] add compiler hints in tick_is_expired()
    - [MINOR] add buffer_check_timeouts() to check what timeouts have fired.
    - [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts()
    - [MINOR] add an expiration flag to the stream_sock_interface
    - [MAJOR] migrate the connection logic to stream interface
    - [MAJOR] add a connection error state to the stream_interface
    - [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions
    - [MEDIUM] continue layering cleanups.
    - [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO
    - [MEDIUM] remove stream_sock_update_data()
    - [MINOR] maintain a global session list in order to ease debugging
    - [BUG] shutw must imply close during a connect
    - [MEDIUM] process shutw during connection attempt
    - [MEDIUM] make the stream interface control the SHUT{R,W} bits
    - [MAJOR] complete layer4/7 separation
    - [CLEANUP] move the session-related functions to session.c
    - [MINOR] call session->do_log() for logging
    - [MINOR] replace the ambiguous client_return function by stream_int_return
    - [MINOR] replace client_retnclose() with stream_int_retnclose()
    - [MINOR] replace srv_close_with_err() with http_server_error()
    - [MEDIUM] make the http server error function a pointer in the session
    - [CLEANUP] session.c: removed some migration left-overs in sess_establish()
    - [MINOR] stream_sock_data_finish() should not expose fd
    - [MEDIUM] extract TCP request processing from HTTP
    - [MEDIUM] extract the HTTP tarpit code from process_request().
    - [MEDIUM] move the HTTP request body analyser out of process_request().
    - [MEDIUM] rename process_request to http_process_request
    - [BUG] fix forgotten server session counter
    - [MINOR] declare process_session in session.h, not proto_http.h
    - [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept()
    - [MINOR] add an analyser code for UNIX stats request
    - [MINOR] pre-set analyser flags on the listener at registration time
    - [BUG] do not forward close from cons to prod with analysers
    - [MEDIUM] ensure that sock->shutw() also closes read for init states
    - [MINOR] add an analyser state in struct session
    - [MAJOR] make unix sockets work again with stats
    - [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session
    - [MINOR] move the listener reference from fd to session
    - [MEDIUM] reference the current hijack function in the buffer itself
    - [MINOR] slightly rebalance stats_dump_{raw,http}
    - [MINOR] add a new back-reference type : struct bref
    - [MINOR] add back-references to sessions for later use by a dumper.
    - [MEDIUM] add support for "show sess" in unix stats socket
    - [BUG] do not release the connection slot during a retry
    - [BUG] dynamic connection throttling could return a max of zero conns
    - [BUG] do not try to pause backends during reload
    - [BUG] ensure that listeners from disabled proxies are correctly unbound.
    - [BUG] acl-related keywords are not allowed in defaults sections
    - [BUG] cookie capture is declared in the frontend but checked on the backend
    - [BUG] critical errors should be reported even in daemon mode
    - [MINOR] redirect: add support for the "drop-query" option
    - [MINOR] redirect: add support for "set-cookie" and "clear-cookie"
    - [MINOR] redirect: in prefix mode a "/" means not to change the URI
    - [BUG] do not dequeue requests on a dead server
    - [BUG] do not dequeue the backend's pending connections on a dead server
    - [MINOR] stats: indicate if a task is running in "show sess"
    - [BUG] check timeout must not be changed if timeout.check is not set
    - [BUG] "option transparent" is for backend, not frontend !
    - [MINOR] transfer errors were not reported anymore in data phase
    - [MEDIUM] add a send limit to a buffer
    - [MEDIUM] don't report buffer timeout when there is I/O activity
    - [MEDIUM] indicate when we don't care about read timeout
    - [MINOR] add flags to indicate when a stream interface is waiting for space/data
    - [MEDIUM] enable inter-stream_interface wakeup calls
    - [MAJOR] implement autonomous inter-socket forwarding
    - [MINOR] add the splice_len member to the buffer struct in preparation of splice support
    - [MEDIUM] stream_sock: factor out the return path in case of no-writes
    - [MEDIUM] i/o: rework ->to_forward and ->send_max
    - [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read
    - [OPTIM] buffer: replace rlim by max_len
    - [OPTIM] stream_sock: factor out the buffer full handling out of the loop
    - [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y)
    - [CLEANUP] stream_sock: move the write-nothing condition out of the loop
    - [MEDIUM] split stream_sock_write() into callback and core functions
    - [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending
    - [MINOR] stream_sock: fix a few wrong empty calculations
    - [MEDIUM] stream_sock: try to send pending data on chk_snd()
    - [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes
    - [MEDIUM] splice: add configuration options and set global.maxpipes
    - [MINOR] introduce structures required to support Linux kernel splicing
    - [MEDIUM] add definitions for Linux kernel splicing
    - [MAJOR] complete support for linux 2.6 kernel splicing
    - [BUG] reserve some pipes for backends with splice enabled
    - [MEDIUM] splice: add hints to support older buggy kernels
    - [MEDIUM] introduce pipe pools
    - [MEDIUM] splice: make use of pipe pools
    - [STATS] report pipe usage in the statistics
    - [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified
    - [BUILD] fix snapshot date extraction with negative timezones
    - [MEDIUM] move global tuning options to the global structure
    - [MEDIUM] splice: add the global "nosplice" option
    - [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
    - [BUG] we must not exit if protocol binding only returns a warning
    - [MINOR] add support for bind interface name
    - [BUG] inform the user when root is expected but not set
    - [MEDIUM] add support for source interface binding
    - [MEDIUM] add support for source interface binding at the server level
    - [MEDIUM] implement bind-process to limit service presence by process
    - [DOC] document maxpipes, nosplice, option splice-{auto,request,response}
    - [DOC] filled the logging section of the configuration manual
    - [DOC] document HTTP status codes
    - [DOC] document a few missing info about errorfile
    - [BUG] fix random memory corruption using "show sess"
    - [BUG] fix unix socket processing of interrupted output
    - [DOC] add diagrams of queuing and future ACL design
    - [BUILD] proto_http did not build on gcc-2.95
    - [BUG] the "source" keyword must first clear optional settings
    - [BUG] global.tune.maxaccept must be limited even in mono-process mode
    - [MINOR] ensure that http_msg_analyzer updates pointer to invalid char
    - [MEDIUM] store a complete dump of request and response errors in proxies
    - [MEDIUM] implement error dump on unix socket with "show errors"
    - [DOC] document "show errors"
    - [MINOR] errors dump must use user-visible date, not internal date.
    - [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second
    - [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second.
    - [MEDIUM] measure and report session rate on frontend, backends and servers
    - [BUG] the "connslots" keyword was matched as "connlots"
    - [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate
    - [MEDIUM] implement "rate-limit sessions" for the frontend
    - [BUG] interface binding: length must include the trailing zero
    - [BUG] typo in timeout error reporting : report *res and not *err
    - [OPTIM] maintain_proxies: only wake up when the frontend will be ready
    - [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption
    - [BUG] switch server-side stream interface to close in case of abort
    - [CLEANUP] remove last references to term_trace
    - [OPTIM] freq_ctr: do not rotate the counters when reading
    - [BUG] disable any analysers for monitoring requests
    - [BUG] rate-limit in defaults section was ignored
    - [BUG] task: fix handling of duplicate keys
    - [OPTIM] task: don't unlink a task from a wait queue when waking it up
    - [OPTIM] displace tasks in the wait queue only if absolutely needed
    - [MEDIUM] minor update to the task api: let the scheduler queue itself
    - [BUG] event_accept() must always wake the task up, even in health mode
    - [CLEANUP] task: distinguish between clock ticks and timers
    - [OPTIM] task: reduce the number of calls to task_queue()
    - [OPTIM] do not re-check req buffer when only response has changed
    - [CLEANUP] don't enable kernel splicing when socket is closed
    - [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase
    - [MINOR] buffers: implement buffer_flush()
    - [MEDIUM] rearrange forwarding condition to enable splice during analysis
    - [BUILD] build fixes for Solaris
    - [BUILD] proto_http did not build on gcc-2.95 (again)
    - [CONTRIB] halog: fast log parser for haproxy
    - [CONTRIB] halog: faster fgets() and add support for percentile reporting

2008/04/19 : 1.3.15
    - [BUILD] Added support for 'make install'
    - [BUILD] Added 'install-man' make target for installing the man page
    - [BUILD] Added 'install-bin' make target
    - [BUILD] Added 'install-doc' make target
    - [BUILD] Removed "/" after '$(DESTDIR)' in install targets
    - [BUILD] Changed 'install' target to install the binaries first
    - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
    - [MEDIUM]: Inversion for options
    - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
    - [BUG]: Restore clearing t->logs.bytes
    - [MEDIUM]: rework checks handling
    - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
    - [MEDIUM] Implement "track [<backend>/]<server>"
    - [MINOR] Implement persistent id for proxies and servers
    - [BUG] Don't increment server connections too much + fix retries
    - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
    - [MAJOR] proto_uxst rework -> SNMP support
    - [BUG] appsession lookup in URL does not work
    - [BUG] transparent proxy address was ignored in backend
    - [BUG] hot reconfiguration failed because of a wrong error check
    - [DOC] big update to the configuration manual
    - [DOC] large update to the configuration manual
    - [DOC] document more options
    - [BUILD] major rework of the GNU Makefile
    - [STATS] add support for "show info" on the unix socket
    - [DOC] document options forwardfor to logasap
    - [MINOR] add support for the "backlog" parameter
    - [OPTIM] introduce global parameter "tune.maxaccept"
    - [MEDIUM] introduce "timeout http-request" in frontends
    - [MINOR] tarpit timeout is also allowed in backends
    - [BUG] increment server connections for each connect()
    - [MEDIUM] add a turn-around state of one second after a connection failure
    - [BUG] fix typo in redispatched connection
    - [DOC] document options nolinger to ssl-hello-chk
    - [DOC] added documentation for "option tcplog" to "use_backend"
    - [BUG] connect_server: server might not exist when sending error report
    - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
    - [MEDIUM] add non-local bind to connect() on Linux
    - [MINOR] add transparent proxy support for balabit's Tproxy v4
    - [BUG] use backend's source and not server's source with tproxy
    - [BUG] fix overlapping server flags
    - [MEDIUM] fix server health checks source address selection
    - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
    - [DOC] added "server", "source" and "stats" keywords
    - [DOC] all server parameters have been documented
    - [DOC] document all req* and rsp* keywords.
    - [DOC] added documentation about HTTP header manipulations
    - [BUG] log response byte count, not request
    - [BUILD] code did not build in full debug mode
    - [BUG] fix truncated responses with sepoll
    - [MINOR] use s->frt_addr as the server's address in transparent proxy
    - [MINOR] fix configuration hint about timeouts
    - [DOC] minor cleanup of the doc and notice to contributors
    - [MINOR] report correct section type for unknown keywords.
    - [BUILD] update MacOS Makefile to build on newer versions
    - [DOC] fix erroneous "useallbackups" option in the doc
    - [DOC] applied small fixes from early readers
    - [MINOR] add configuration support for "redir" server keyword
    - [MEDIUM] completely implement the server redirection method
    - [TESTS] add a test case for the server redirection mechanism
    - [DOC] add a configuration entry for "server ... redir <prefix>"
    - [BUILD] backend.c and checks.c did not build without tproxy !
    - Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
    - [BUILD] backend.c and checks.c did not build without tproxy !
    - [OPTIM] used unsigned ints for HTTP state and message offsets
    - [OPTIM] GCC4's builtin_expect() is suboptimal
    - [BUG] failed conns were sometimes incremented in the frontend!
    - [BUG] timeout.check was not pre-set to eternity
    - [TESTS] add test-pollers.cfg to easily report pollers in use
    - [BUG] do not apply timeout.connect in checks if unset
    - [BUILD] ensure that makefile understands USE_DLMALLOC=1
    - [MINOR] silent gcc for a wrong warning
    - [CLEANUP] update .gitignore to ignore more temporary files
    - [CLEANUP] report dlmalloc's source path only if explictly specified
    - [BUG] str2sun could leak a small buffer in case of error during parsing
    - [BUG] option allbackups was not working anymore in roundrobin mode
    - [MAJOR] implementation of the "leastconn" load balancing algorithm
    - [BUILD] ensure that users don't build without setting the target anymore.
    - [DOC] document the leastconn LB algo
    - [MEDIUM] fix stats socket limitation to 16 kB
    - [DOC] fix unescaped space in httpchk example.
    - [BUG] fix double-decrement of server connections
    - [TESTS] add a test case for port mapping
    - [TESTS] add a benchmark for integer hashing
    - [TESTS] add new methods in ip-hash test file
    - [MAJOR] implement parameter hashing for POST requests

2007/12/06 : 1.3.14
    - New option http_proxy (Alexandre Cassen)
    - add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
    - Check for duplicated conflicting proxies (Krzysztof Oledzki)
    - stats: report server and backend cumulated downtime (Krzysztof Oledzki)
    - use backends only with use_backend directive (Krzysztof Oledzki)
    - Handle long lines properly (Krzysztof Oledzki)
    - Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
    - continous statistics (Krzysztof Oledzki)
    - add support for logging via a UNIX socket (Robert Tsai)
    - fix error checking in strl2ic/strl2uic()
    - fix calls to localtime()
    - provide easier-to-use ultoa_* functions
    - provide easy-to-use limit_r and LIM2A* macros
    - add a simple test for the status page
    - move error codes to common/errors.h
    - silent warning about LIST_* being redefined on OpenBSD
    - add socket address length to the protocols
    - group PR_O_BALANCE_* bits into a checkable value
    - externalize the "balance" option parser to backend.c
    - introduce the "url_param" balance method
    - make default_backend work in TCP mode too
    - disable warning about localtime_r on Solaris
    - adjust error messages about conflicting proxies
    - avoid calling some layer7 functions if not needed
    - simplify error path in event_accept()
    - add an options field to the listeners
    - added a new state to listeners
    - unbind_listener() must use fd_delete() and not close()
    - add a generic unbind_listener() primitive
    - add a generic delete_listener() primitive
    - add a generic unbind_all_listeners() primitive
    - create proto_tcp and move initialization of proxy listeners
    - stats: report numerical process ID, proxy ID and server ID
    - relative_pid was not initialized
    - missing header names in raw stats output
    - fix missing parenthesis in check_response_for_cacheability
    - small optimization on session_process_counters()
    - merge ebtree version 3.0
    - make ebtree headers multiple-include compatible
    - ebtree: include config.h for REGPRM*
    - differentiate between generic LB params and map-specific ones
    - add a weight divisor to the struct proxy
    - implement the Fast Weighted Round Robin (FWRR) algo
    - include filltab25.c to experiment on FWRR for dynamic weights
    - merge test-fwrr.cfg to validate dynamic weights
    - move the load balancing algorithm to be->lbprm.algo
    - change server check result to a bit field
    - implement "http-check disable-on-404" for graceful shutdown
    - secure the calling conditions of ->set_server_status_{up,down}
    - report disabled servers as "NOLB" when they are still UP
    - document the "http-check disable-on-404" option
    - http-check disable-on-404 is not limited to HTTP mode
    - add a test file for disable-on-404
    - use distinct bits per load-balancing algorithm type
    - implement the slowstart parameter for servers
    - document the server's slowstart parameter
    - stats: report the server warm up status in a "throttle" column
    - fix 2 minor issues on AIX
    - add the "nbsrv" ACL verb
    - add the "fail" condition to monitor requests
    - remove a warning from gcc due to htons() in standard.c
    - fwrr: ensure that we never overflow in placements
    - store the build options to report with -vv
    - fix the status return of the init script (R.I. Pienaar)
    - stats: real time monitoring script for unix socket (Prizee) 
    - document "nbsrv" and "monitor fail"
    - restrict the set of allowed characters for identifiers
    - implement a time parsing function
    - add support for time units in the configuration
    - add a bit of documentation about timers
    - introduce separation between contimeout, and tarpit + queue
    - introduce the "timeout" keyword
    - grouped all timeouts in one structure
    - slowstart is in ms, not seconds
    - slowstart: ensure we don't start with a null weight
    - report the number of times each server was selected
    - fix build on AIX due to recent log changes
    - fix build on Solaris due to recent log changes

2007/10/18 : 1.3.13
    - replace the code under O'Reilly license (Arnaud Cornet)
    - add a small man page (Arnaud Cornet)
    - stats: report haproxy's version by default (Krzysztof Oledzki)
    - stats: count server retries and redispatches (Krzysztof Oledzki)
    - core: added easy support for Doug Lea's malloc (dlmalloc)
    - core: fade out memory usage when stopping proxies
    - core: moved the sockaddr pointer to the fdtab structure
    - core: add generic protocol support
    - core: implement client-side support for PF_UNIX sockets
    - stats: implement the CSV output
    - stats: add a link to the CSV export HTML page
    - stats: implement the statistics output on a unix socket
    - config: introduce the "stats" keyword in global section
    - build: centralize version and date into one file for each
    - tests: added a new hash algorithm

2007/10/18 : 1.3.12.3
    - add the "nolinger" option to disable data lingering (Alexandre Cassen)
    - fix double-free during clean exit (Krzysztof Oledzki)
    - prevent the system from sending an RST when closing health-checks
      (Krzysztof Oledzki)
    - do not add a cache-control header when on non-cacheable responses
      (Krzysztof Oledzki)
    - spread health checks even more (Krzysztof Oledzki)
    - stats: scope "." must match the backend and not the frontend
    - fixed call to chroot() during startup
    - fix wrong timeout computation in event_accept()
    - remove condition for exit() under fork() failure

2007/09/20 : 1.3.12.2
    - fix configuration sanity checks for TCP listeners
    - set the log socket receive window to zero bytes
    - pre-initialize timeouts to infinity, not zero
    - fix the SIGHUP message not to alert on server-less proxies
    - timeouts and retries could be ignored when switching backend
    - added a file to check that "retries" works.
    - O'Reilly has clarified its license

2007/09/05 : 1.3.12.1
    - spec I/O: fix allocations of spec entries for an FD
    - ensure we never overflow in chunk_printf()
    - improve behaviour with large number of servers per proxy
    - add support for "stats refresh <interval>"
    - stats page: added links for 'refresh' and 'hide down'
    - fix backend's weight in the stats page.
    - the "stats" keyword is not allowed in a pure frontend.
    - provide a test configuration file for stats and checks

2007/06/17 : 1.3.12
    - fix segfault at exit when using captures
    - bug: negation in ACL conds was not cleared between terms
    - errorfile: use a local file to feed error messages
    - acl: support '-i' to ignore case when matching
    - acl: smarter integer comparison with operators eq,lt,gt,le,ge
    - acl: support maching on 'path' component
    - acl: implement matching on header values
    - acl: distinguish between request and response headers
    - acl: permit to return any header when no name specified
    - acl: provide default ACLs
    - added the 'use_backend' keyword for full content-switching
    - acl: specify the direction during fetches
    - acl: provide the argument length for fetch functions
    - acl: provide a reference to the expr to fetch()
    - improve memory freeing upon exit
    - str2net() must not change the const char *
    - shut warnings 'is*' macros from ctype.h on solaris

2007/06/03 : 1.3.11.4
    - do not re-arm read timeout in SHUTR state !
    - optimize I/O by detecting system starvation
    - the epoll FD must not be shared between processes
    - limit the number of events returned by *poll*

2007/05/14 : 1.3.11.3
    - pre-initialize timeouts with tv_eternity during parsing

2007/05/14 : 1.3.11.2
    - fixed broken health-checks since switch to timeval

2007/05/14 : 1.3.11.1
    - fixed ev_kqueue which was forgotten during the switch to timeval
    - allowed null timeouts for past events in select

2007/05/14 : 1.3.11
    - fixed ev_sepoll again by rewriting the state machine
    - switched all timeouts to timevals instead of milliseconds
    - improved memory management using mempools v2.
    - several minor optimizations

2007/05/09 : 1.3.10.2
    - fixed build on OpenBSD (missing types.h)

2007/05/09 : 1.3.10.1
    - fixed sepoll transition matrix (two states were missing)

2007/05/08 : 1.3.10
    - several fixes in ev_sepoll
    - fixed some expiration dates on some tasks
    - fixed a bug in connection establishment detection due to speculative I/O
    - fixed rare bug occuring on TCP with early close (reported by Andy Smith)
    - implemented URI hashing algorithm (Guillaume Dallaire)
    - implemented SMTP health checks (Peter van Dijk)
    - replaced the rbtree with ul2tree from old scheduler project
    - new framework for generic ACL support
    - added the 'acl' and 'block' keywords to the config language
    - added several ACL criteria and matches (IP, port, URI, ...)
    - cleaned up and better modularization for some time functions
    - fixed list macros
    - fixed useless memory allocation in str2net()
    - store the original destination address in the session

2007/04/15 : 1.3.9
    - modularized the polling mechanisms and use function pointers instead
      of macros at many places
    - implemented support for FreeBSD's kqueue() polling mechanism
    - fixed a warning on OpenBSD : MIN/MAX redefined
    - change socket registration order at startup to accomodate kqueue.
    - several makefile cleanups to support old shells
    - fix build with limits.h once for all
    - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
    - fdtab now holds the results of polling
    - implemented support for speculative I/O processing with epoll()
    - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
    - auto-registering of pollers at load time

2007/04/03 : 1.3.8.2
    - rewriting either the status line or request line could crash the
      process due to a pointer which ought to be reset before parsing.
    - rewriting the status line in the response did not work, it caused
      a 502 Bad Gateway due to an erroneous state during parsing

2007/04/01 : 1.3.8.1
    - fix reqadd when no option httpclose is used.
    - removed now unused fiprm and beprm from proxies
    - split logs into two versions : TCP and HTTP
    - added some docs about http headers storage and acls
    - added a VIM script for syntax color highlighting (Bruno Michel)

2007/03/25 : 1.3.8
    - fixed several bugs which might have caused a crash with bad configs
    - several optimizations in header processing
    - many progresses towards transaction-based processing
    - option forwardfor may be used in frontends
    - completed HTTP response processing
    - some code refactoring between request and response processing
    - new HTTP header manipulation functions
    - optimizations on the recv() patch to reduce CPU usage under very
      high data rates.
    - more user-friendly help about the 'usesrc' keyword (CTTPROXY)
    - username/groupname support from Marcus Rueckert
    - added the "except" keyword to the "forwardfor" option (Bryan German)
    - support for health-checks on other addresses (Fabrice Dulaunoy)
    - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
    - do not insert "Connection: close" in HTTP/1.0 messages

2007/01/26 : 1.3.7
    - fix critical bug introduced with 1.3.6 : an empty request header
      may lead to a crash due to missing pointer assignment
    - hdr_idx might be left uninitialized in debug mode
    - fixed build on FreeBSD due to missing fd_set declaration

2007/01/22 : 1.3.6.1
    - change in the header chaining broke cookies and authentication

2007/01/22 : 1.3.6
    - stats now support the HEAD method too
    - extracted http request from the session
    - huge rework of the HTTP parser which is now a 28-state FSM.
    - linux-style likely/unlikely macros for optimization hints
    - do not create a server socket when there's no server
    - imported lots of docs

2007/01/07 : 1.3.5
    - stats: swap color sets for active and backup servers
    - try to guess server check port when unset
    - added complete support and doc for TCP Splicing
    - replace the wait-queue linked list with an rbtree.
    - a few bugfixes and cleanups

2007/01/02 : 1.3.4
    - support for cttproxy on the server side to present the client
      address to the server.
    - added support for SO_REUSEPORT on Linux (needs kernel patch)
    - new RFC2616-compliant HTTP request parser with header indexing
    - split proxies in frontends, rulesets and backends
    - implemented the 'req[i]setbe' to select a backend depending
      on the contents
    - added the 'default_backend' keyword to select a default BE.
    - new stats page featuring FEs and BEs + bytes in both dirs
    - improved log format to indicate the backend and the time in ms.
    - lots of cleanups

2006/10/15 : 1.3.3
    - fix broken redispatch option in case the connection has already
      been marked "in progress" (ie: nearly always).
    - support regparm on x86 to speed up some often called functions
    - removed a few useless calls to gettimeofday() in log functions.
    - lots of 'const char*' cleanups
    - turn every FD_* into functions which are faster on recent CPUs

2006/09/03 : 1.3.2
    - started the changes towards I/O completion callbacks. stream_sock* have
      replaced event_*.
    - added the new "reqtarpit" and "reqitarpit" protection features

2006/07/09 : 1.3.1 (1.2.15)
   - now, haproxy warns about missing timeout during startup to try to
     eliminate all those buggy configurations.
   - added "Content-Type: text/html" in responses wherever appropriate, as
     suggested by Cameron Simpson.
   - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
     test server's health
   - implemented "monitor-uri" so that haproxy can reply to a specific URI with
     an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
     at once.

2006/06/29 : 1.3.0
   - exploded the whole file into multiple .c and .h. No functionnal
     difference is expected at all.
   - fixed a bug by which neither stats nor error messages could be returned if
     'clitimeout' was missing.

2006/05/21 : 1.2.14
   - new HTML status report with the 'stats' keyword.
   - added the 'abortonclose' option to better resist traffic surges
   - implemented dynamic traffic regulation with the 'minconn' option
   - show request time on denied requests
   - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
   - now a proxy instance is allowed to run without servers, which is
     useful to dedicate one instance to stats
   - added lots of error counters
   - a missing parenthesis preventd matching of cacheable cookies
   - a missing parenthesis in poll_loop() might have caused missed events.

2006/05/14 : 1.2.13.1
   - an uninitialized field in the struct session could cause a crash when
     the session was freed. This has been encountered on Solaris only.
   - Solaris and OpenBSD no not support shutdown() on listening socket. Let's
     be nice to them by performing a soft stop if pause fails.

2006/05/13 : 1.2.13
   - 'maxconn' server parameter to do per-server session limitation
   - queueing to support non-blocking session limitation
   - fixed removal of cookies for cookie-less servers such as backup servers
   - two separate wait queues for expirable and non-expirable tasks provide
     better performance with lots of sessions.
   - some code cleanups and performance improvements
   - made state dumps a bit more verbose
   - fixed missing checks for NULL srv in dispatch mode
   - load balancing on backup servers was not possible in source hash mode.
   - two session flags shared the same bit, but fortunately they were not
     compatible.

2006/04/15 : 1.2.12
   Very few changes preparing for more important changes to support per-server
   session limitations and queueing :
   - ignore leading empty lines in HTTP requests as suggested by RFC2616.
   - added the 'weight' parameter to the servers, limited to 1..256. It applies
     to roundrobin and source hash.
   - the optional '-s' option could clobber '-st' and '-sf' if compiled in.

2006/03/30 : 1.2.11.1
   - under some conditions, it might have been possible that when the
     last dead server became available, it would not have been used
     till another one would have changed state. Could not be reproduced
     at all, however seems possible from the code.

2006/03/25 : 1.2.11
   - added the '-db' command-line option to disable backgrounding.
   - added the -sf/-st command-line arguments which are used to specify
     a list of pids to send a FINISH or TERMINATE signal upon startup.
     They will also be asked to release their port if a bind fails.
   - reworked the startup mechanism to allow the sending of a signal to a list
     of old pids if a socket cannot be bound, with a retry for a limited amount
     of time (1 second by default).
   - added the ability to enforce limits on memory usage.
   - added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
   - re-architectured the server round-robin mechanism to ease integration of
     other algorithms. It now relies on the number of active and backup servers.
   - added a counter for the number of active and backup servers, and report
     these numbers upon SIGHUP or state change.

2006/03/23 : 1.2.10.1
  - while fixing the backup server round-robin "feature", a new bug was
    introduced which could miss some backup servers.
  - the displayed proxy name was wrong when dumping upon SIGHUP.

2006/03/19 : 1.2.10
  - assert.h is needed when DEBUG is defined.
  - ENORMOUS long standing bug affecting the epoll polling system :
    event_data is a union, not a structure !
  - Make fd management more robust and easier to debug. Also some
    micro-optimisations.
  - Limit the number of consecutive accept() in multi-process mode.
    This produces a more evenly distributed load across the processes and
    slightly improves performance by reducing bottlenecks.
  - Make health-checks be more regular, and faster to retry after a timeout.
  - Fixed some messages to ease parsing of alerts.
  - provided a patch to enable epoll on RHEL3 kernels.
  - Separated OpenBSD build from the main Makefile into a new one.

2006/03/15 : 1.2.9
  - haproxy could not be stopped after being paused, it had to be woken up
    first. This has been fixed.
  - the 'ulimit-n' parameter is now optional and by default computed from
    maxconn + the number of listeners + the number of health-checks.
  - it is now possible to specify a maximum number of connections at build
    time with the SYSTEM_MAXCONN define. The value set in the configuration
    file will then be limited to this value, and only the command-line '-n'
    option will be able to bypass it. It will prevent against accidental
    high memory usage on small systems.
  - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
    versions did not detect a line beginning with a space as the continuation
    of previous header. It is now correct.
  - health checks sent to servers configured with identical intervals were
    sent in perfect synchronisation because the initial time was the same
    for all. This could induce high load peaks when fragile servers were
    hosting tens of instances for the same application.  Now the load is
    spread evenly across the smallest interval amongst a listener.
  - a new 'forceclose' option was added to make the proxy close the outgoing
    channel to the server once it has sent all its headers and the server
    starts responding. This helps some servers which don't close upon the
    'Connection: close' header. It implies 'option httpclose'.
  - there was a bug in the way the backup servers were handled. They were
    erroneously load-balanced while the doc said the opposite. Since
    load-balanced backup servers is one of the features some people have
    been asking for, the problem was fixed to reflect the documented
    behaviour and a new option 'allbackups' was introduced to provide the
    feature to those who need it.
  - a never ending connect() could lead to a fast select() loop if its
    timeout times the number of retransmits exceeded the server read or write
    timeout, because the later was used to compute select()'s timeout while
    the connection timeout was not reached.
  - now we initialize the libc's localtime structures very early so that even
    under OOM conditions, we can still send dated error messages without
    segfaulting.
  - the 'daemon' mode implies 'quiet' and disables 'verbose' because file
    descriptors are closed.

2006/01/29 : 1.2.8
  - fixed a nasty bug affecting poll/epoll which could return unmodified data
    from the server to the client, and sometimes lead to memory corruption
    crashing the process.
  - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.

2005/12/18 : 1.2.7.1
  - the "retries" option was ignored because connect() could not return an
    error if the connection failed before the timeout.
  - TCP health-checks could not detect a connection refused in poll/epoll
    mode.

2005/11/13 : 1.2.7
  - building with -DUSE_PCRE should include PCRE headers and not regex.h. At
    least on Solaris, this caused the libc's regex primitives to be used instead
    of PCRE, which caused trouble on group references. This is now fixed.
  - delayed the quiet mode during startup so that most of the startup alerts can
    be displayed even in quiet mode.
  - display an alert when a listener has no address, invalid or no port, or when
    there are no enabled listeners upon startup.
  - added "static-pcre" to the list of supported regex options in the Makefile.

2005/10/09 : 1.2.7rc (1.1.33rc)
  - second batch of socklen_t changes.
  - clean-ups from Cameron Simpson.
  - because tv_remain() does not know about eternity, using no timeout can
    make select() spin around a null time-out. Bug reported by Cameron Simpson.
  - client read timeout was not properly set to eternity initialized after an
    accept() if it was not set in the config. It remained undetected so long
    because eternity is 0 and newly allocated pages are zeroed by the system.
  - do not call get_original_dst() when not in transparent mode.
  - implemented a workaround for a bug in certain epoll() implementations on
    linux-2.4 kernels (epoll-lt <= 0.21).
  - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.

2005/08/07 : 1.2.6
  - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).

2005/07/06 : 1.2.6-pre5 (1.1.32)
  - added the number of active sessions (proxy/process) in the logs

2005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
  - the time-out fix introduced in 1.1.25 caused a corner case where it was
    possible for a client to keep a connection maintained regardless of the
    timeout if the server closed the connection during the HEADER phase,
    while the client ignored the close request while doing nothing in the
    other direction. This has been fixed now by ensuring that read timeouts
    are re-armed when switching to any SHUTW state.

2005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
  - enhanced error reporting in the logs. Now the proxy will precisely detect
    various error conditions related to the system and/or process limits, and
    generate LOG_EMERG logs indicating that a resource has been exhausted.
  - logs will contain two new characters for the error cause : 'R' indicates
    a resource exhausted, and 'I' indicates an internal error, though this
    one should never happen.
  - server connection timeouts can now be reported in the logs (sC), as well
    as connections refused because of maxconn limitations (PC).

2005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
  - new global configuration keyword "ulimit-n" may be used to raise the FD
    limit to usable values.
  - a warning is now displayed on startup if the FD limit is lower than the
    configured maximum number of sockets.

2005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
  - new configuration keyword "monitor-net" makes it possible to be monitored
    by external devices which connect to the proxy without being logged nor
    forwarded to any server. Particularly useful on generic TCPv4 relays.

2005/06/21 : 1.2.5.2
  - fixed build on PPC where chars are unsigned by default

2005/05/02 : 1.2.5.1
  - dirty hack to fix a bug introduced with epoll : if we close an FD and
    immediately reassign it to another session through a connect(), the
    Prev{Read,Write}Events are not updated, which causes trouble detecting
    changes, thus leading to many timeouts at high loads.

2005/04/30 : 1.2.5 (1.1.31)
  - changed the runtime argument to disable epoll() to '-de'
  - changed the runtime argument to disable poll() to '-dp'
  - added global options 'nopoll' and 'noepoll' to do the same at the
    configuration level.
  - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
    support epoll().
  - changed default FD_SETSIZE to 65536 on Solaris (default=1024)
  - conditionned signals redirection to #ifdef DEBUG_MEMORY

2005/04/26 : 1.2.5-pre4
  - made epoll() support a compile-time option : ENABLE_EPOLL
  - provided a very little libc replacement for a possibly missing epoll()
    implementation which can be enabled by -DUSE_MY_EPOLL
  - implemented the poll() poller, which can be enabled with -DENABLE_POLL.
    The equivalent runtime argument becomes '-P'. A few tests show that it
    performs like select() with many fds, but slightly slower (certainly
    because of the higher amount of memory involved).
  - separated the 3 polling methods and the tasks scheduler into 4 distinct
    functions which makes the code a lot more modular.
  - moved some event tables to private static declarations inside the poller
    functions.
  - the poller functions can now initialize themselves, run, and cleanup.
  - changed the runtime argument to enable epoll() to '-E'.
  - removed buggy epoll_ctl() code in the client_retnclose() function. This
    function was never meant to remove anything.
  - fixed a typo which caused glibc to yell about a double free on exit.
  - removed error checking after epoll_ctl(DEL) because we can never know if
    the fd is still active or already closed.
  - added a few entries in the makefile

2005/04/25 : 1.2.5-pre3
  - experimental epoll() support (use temporary '-e' argument)

2005/04/24 : 1.2.5-pre2
  - implemented the HTTP 303 code for error redirection. This forces the
    browser to fetch the given URI with a GET request. The new keyword for
    this is 'errorloc303', and a new 'errorloc302' keyword has been created
    to make them easily distinguishable.
  - added more controls in the parser for valid use of '\x' sequence.
  - few fixes from Alex & Klaus

2005/02/17 : 1.2.5-pre1
  - fixed a few errors in the documentation

2005/02/13
  - do not pre-initialize unused file-descriptors before select() anymore.

2005/01/22 : 1.2.4
  - merged Alexander Lazic's and Klaus Wagner's work on application
    cookie-based persistence. Since this is the first merge, this version is
    not intended for general use and reports are more than welcome. Some
    documentation is really needed though.

2005/01/22 : 1.2.3 (1.1.30)
  - add an architecture guide to the documentation
  - released without any changes

2004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
  - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
    compatible with Apache. This limit can be configured in the makefile now.
    Thanks to Eric Fehr for the checks.
  - added a per-server "source" option which now makes it possible to bind to
    a different source for each (potentially identical) server.
  - changed cookie-based server selection slightly to allow several servers to
    share a same cookie, thus making it possible to associate backup servers to
    live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
  - added the cookie 'prefix' mode which makes it possible to use persistence
    with thin clients which support only one cookie. The server name is prefixed
    before the application cookie, and restore back.
  - fixed the order of servers within an instance to match documentation. Now
    the servers are *really* used in the order of their declaration. This is
    particularly important when multiple backup servers are in use.

2004/10/18 : 1.2.2 (1.1.29)
  - fixed a bug where a TCP connection would be logged twice if the 'logasap'
    option was enabled without the 'tcplog' option.
  - encode_string() would use hdr_encode_map instead of the map argument.

2004/08/10 : (1.1.29-pre2)
  - the logged request is now encoded with '#XX' for unprintable characters
  - new keywords 'capture request header' and 'capture response header' enable
    logging of arbitrary HTTP headers in requests and responses
  - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()

2004/06/06 : 1.2.1 (1.1.28)
  - added the '-V' command line option to verbosely report errors even though
    the -q or 'quiet' options are specified. This is useful with '-c'.
  - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>

2004/06/05 :
  - added the "logasap" option which produces a log without waiting for the data
    to be transferred from the server to the client.
  - added the "httpclose" option which removes any "connection:" header and adds
    "Connection: close" in both direction.
  - added the 'checkcache' option which blocks cacheable responses containing
    dangerous headers, such as 'set-cookie'.
  - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
    information leak from servers.

2004/04/18 :
  - send an EMERG log when no server is available for a given proxy
  - added the '-c' command line option to syntactically check the
    configuration file without starting the service.

2003/11/09 : 1.2.0
  - the same as 1.1.27 + IPv6 support on the client side

2003/10/27 : 1.1.27
  - the configurable HTTP health check introduced in 1.1.23 revealed a shameful
    bug : the code still assumed that HTTP requests were the same size as the
    original ones (22 bytes), and failed if they were not.
  - added support for pidfiles.

2003/10/22 : 1.1.26
  - the fix introduced in 1.1.25 for client timeouts while waiting for servers
    broke almost all compatibility with POST requests, because the proxy
    stopped to read anything from the client as soon as it got all of its
    headers.

2003/10/15 : 1.1.25
  - added the 'tcplog' option, which provides enhanced, HTTP-like logs for
    generic TCP proxies, or lighter logs for HTTP proxies.
  - fixed a time-out condition wrongly reported as client time-out in data
    phase if the client timeout was lower than the connect timeout times the
    number of retries.

2003/09/21 : 1.1.24
  - if a client sent a full request then shut its write connection down, then
    the request was aborted. This case was detected only when using haproxy
    both as health-check client and as a server.
  - if 'option httpchk' is used in a 'health' mode server, then responses will
    change from 'OK' to 'HTTP/1.0 200 OK'.
  - fixed a Linux-only bug in case of HTTP server health-checks, where a single
    server response followed by a close could be ignored, and the server seen
    as failed.

2003/09/19 : 1.1.23
  - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
    'default' sections to keep previous parameters, and not initialize logs
    correctly.
  - fixed a second stupid bug introduced in 1.1.22 which caused configurations
    relying on 'dispatch' mode to segfault at the first connection.
  - 'option httpchk' now supports method, HTTP version and a few headers.
  - now, 'option httpchk', 'cookie' and 'capture' can be specified in
    'defaults' section

2003/09/10 : 1.1.22
  - 'listen' now supports optionnal address:port-range lists
  - 'bind' introduced to add new listen addresses
  - fixed a bug which caused a session to be kept established on a server till
    it timed out if the client closed during the DATA phase.
  - the port part of each server address can now be empty to make the proxy
    connect to the server on the same port it was connected to, be an absolute
    unsigned number to reflect a single port (as in older versions), or an
    explicitly signed number (+N/-N) to indicate that this offset must be
    applied to the port the proxy was connected to, when connecting to the
    server.
  - the 'port' server option allows the user to specify a different
    health-check port than the service one. It is mandatory when only relative
    ports have been specified and check is required. By default, the checks are
    sent to the service port.
  - new 'defaults' section which is rather similar to 'listen' except that all
    values are only used as default values for future 'listen' sections, until
    a new 'defaults' resets them. At the moment, server options, regexes,
    cookie names and captures cannot be set in the 'defaults' section.

2003/05/06 : 1.1.21
  - changed the debug output format so that it now includes the session unique
    ID followed by the instance name at the beginning of each line.
  - in debug mode, accept now shows the client's IP and port.
  - added one 3 small debugging scripts to search and pretty print debug output
  - changed the default health check request to "OPTIONS /" instead of
    "OPTIONS *" since not all servers implement the later one.
  - "option httpchk" now accepts an optional parameter allowing the user to
    specify and URI other than '/' during health-checks.

2003/04/21 : 1.1.20
  - fixed two problems with time-outs, one where a server would be logged as
    timed out during transfer that take longer to complete than the fixed
    time-out, and one where clients were logged as timed-out during the data
    phase because they didn't have anything to send. This sometimes caused
    slow client connections to close too early while in fact there was no
    problem. The proper fix would be to have a per-fd time-out with
    conditions depending on the state of the HTTP FSM.

2003/04/16 : 1.1.19
  - haproxy was NOT RFC compliant because it was case-sensitive on HTTP
    "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
    cookie persistence because it uses "cookie:". Two memcmp() have been
    replaced with strncasecmp().

2003/04/02 : 1.1.18
  - Haproxy can be compiled with PCRE regex instead of libc regex, by setting
    REGEX=pcre on the make command line.
  - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
  - when explicit source address binding is required, it is now also used for
    health-checks.
  - added 'reqpass' and 'reqipass' to allow certain headers but not the request
    itself.
  - factored several strings to reduce binary size by about 2 kB.
  - replaced setreuid() and setregid() with more standard setuid() and setgid().
  - added 4 status flags to the log line indicating who ended the connection
    first, the sessions state, the validity of the cookie, and action taken on
    the set-cookie header.

2002/10/18 : 1.1.17
  - add the notion of "backup" servers, which are used only when all other
    servers are down.
  - make Set-Cookie return "" instead of "(null)" when the server has no
    cookie assigned (useful for backup servers).
  - "log" now supports an optionnal level name (info, notice, err ...) above
    which nothing is sent.
  - replaced some strncmp() with memcmp() for better efficiency.
  - added "capture cookie" option which logs client and/or server cookies
  - cleaned up/down messages and dump servers states upon SIGHUP
  - added a redirection feature for errors : "errorloc <errnum> <url>"
  - now we won't insist on connecting to a dead server, even with a cookie,
    unless option "persist" is specified.
  - added HTTP/408 response for client request time-out and HTTP/50[234] for
    server reply time-out or errors.

2002/09/01 : 1.1.16
  - implement HTTP health checks when option "httpchk" is specified.

2002/08/07 : 1.1.15
  - replaced setpgid()/setpgrp() with setsid() for better portability, because
    setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.

2002/07/20 : 1.1.14
  - added "postonly" cookie mode

2002/07/15 : 1.1.13
  - tv_diff used inverted parameters which led to negative times !

2002/07/13 : 1.1.12
  - fixed stats monitoring, and optimized some tv_* for most common cases.
  - replaced temporary 'newhdr' with 'trash' to reduce stack size
  - made HTTP errors more HTML-fiendly.
  - renamed strlcpy() to strlcpy2() because of a slightly difference between
    their behaviour (return value), to avoid confusion.
  - restricted HTTP messages to HTTP proxies only
  - added a 502 message when the connection has been refused by the server,
    to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
  - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
    inserting a cookie, because some caches (apache) don't understand it.
  - fixed processing of server headers when client is in SHUTR state

2002/07/04 :
  - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
    setpgid()

2002/06/04 : 1.1.11
  - fixed multi-cookie handling in client request to allow clean deletion
    in insert+indirect mode. Now, only the server cookie is deleted and not
    all the header. Should now be compliant to RFC2965.
  - added a "nocache" option to "cookie" to specify that we explicitly want
    to add a "cache-control" header when we add a cookie.
    It is also possible to add an "Expires: <old-date>" to keep compatibility
    with old/broken caches.

2002/05/10 : 1.1.10
  - if a cookie is used in insert+indirect mode, it's desirable that the
    the servers don't see it. It was not possible to remove it correctly
    with regexps, so now it's removed automatically.

2002/04/19 : 1.1.9
  - don't use snprintf()'s return value as an end of message since it may
    be larger. This caused bus errors and segfaults in internal libc's
    getenv() during localtime() in send_log().
  - removed dead insecure send_syslog() function and all references to it.
  - fixed warnings on Solaris due to buggy implementation of isXXXX().

2002/04/18 : 1.1.8
  - option "dontlognull"
  - fixed "double space" bug in config parser
  - fixed an uninitialized server field in case of dispatch
    with no existing server which could cause a segfault during
    logging.
  - the pid logged was always the father's, which was wrong for daemons.
  - fixed wrong level "LOG_INFO" for message "proxy started".

2002/04/13 :
  - http logging is now complete :
    - ip:port, date, proxy, server
    - req_time, conn_time, hdr_time, tot_time
    - status, size, request
  - source address

2002/04/12 : 1.1.7
  - added option forwardfor
  - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
  - added "log global" in "listen" section.

2002/04/09 :
  - added a new "global" section :
    - logs
    - debug, quiet, daemon modes
    - uid, gid, chroot, nbproc, maxconn

2002/04/08 : 1.1.6
  - regex are now chained and not limited anymore.
  - unavailable server now returns HTTP/502.
  - increased per-line args limit to 40
  - added reqallow/reqdeny to block some request on matches
  - added HTTP 400/403 responses

2002/04/03 : 1.1.5
  - connection logging displayed incorrect source address.
  - added proxy start/stop and server up/down log events.
  - replaced log message short buffers with larger trash.
  - enlarged buffer to 8 kB and replace buffer to 4 kB.

2002/03/25 : 1.1.4
  - made rise/fall/interval time configurable

2002/03/22 : 1.1.3
  - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
    which could lead to loops.

2002/03/21 : 1.1.2
  - fixed a bug in buffer management where we could have a loop
    between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
    => implemented an adjustable buffer limit.
  - fixed a bug : expiration of tasks in wait queue timeout is used again,
    and running tasks are skipped.
  - added some debug lines for accept events.
  - send warnings for servers up/down.

2002/03/12 : 1.1.1
  - fixed a bug in total failure handling
  - fixed a bug in timestamp comparison within same second (tv_cmp_ms)

2002/03/10 : 1.1.0
  - fixed a few timeout bugs
  - rearranged the task scheduler subsystem to improve performance,
    add new tasks, and make it easier to later port to librt ;
  - allow multiple accept() for one select() wake up ;
  - implemented internal load balancing with basic health-check ;
  - cookie insertion and header add/replace/delete, with better strings
    support.

2002/03/08
  - reworked buffer handling to fix a few rewrite bugs, and
    improve overall performance.
  - implement the "purge" option to delete server cookies in direct mode.

2002/03/07
  - fixed some error cases where the maxfd was not decreased.

2002/02/26
  - now supports transparent proxying, at least on linux 2.4.

2002/02/12
  - soft stop works again (fixed select timeout computation).
  - it seems that TCP proxies sometimes cannot timeout.
  - added a "quiet" mode.
  - enforce file descriptor limitation on socket() and accept().

2001/12/30 : release of version 1.0.2 : fixed a bug in header processing
2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
2001/12/16 : release of version 1.0.0.
2001/12/16 : added syslog capability for each accepted connection.
2001/11/19 : corrected premature end of files and occasional SIGPIPE.
2001/10/31 : added health-check type servers (mode health) which replies OK then closes.
2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
		with or without cookies (use keyword http for this).
2001/09/01 : added client/server header replacing with regexps.
		eg:
       		cliexp ^(Host:\ [^:]*).* Host:\ \1:80
       		srvexp ^Server:\ .* Server:\ Apache
2000/11/29 : first fully working release with complete FSMs and timeouts.
2000/11/28 : major rewrite
2000/11/26 : first write