From 8e879a52e2841dfe49da3ff86645b9f71c2be511 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Thu, 19 Sep 2024 14:07:01 +0200
Subject: [PATCH] [RELEASE] Released version 3.0.5

Released version 3.0.5 with the following main changes :
    - BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
    - BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
    - BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
    - BUILD: mux-pt: Use the right name for the sedesc variable
    - BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
    - BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
    - BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
    - BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
    - BUG/MEDIUM: http-ana: Report error on write error waiting for the response
    - BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
    - BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
    - BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
    - BUG/MINOR: fcgi-app: handle a possible strdup() failure
    - DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted
    - BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
    - BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
    - BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
    - BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
    - BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
    - BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
    - BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
    - BUG/MINOR: proto_tcp: keep error msg if listen() fails
    - MINOR: channel: implement ci_insert() function
    - BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
    - REGTESTS: mcli: test the pipelined commands on master CLI
    - BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
    - BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
    - BUG/MINOR: h3: properly reject too long header responses
    - BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
    - BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
    - DOC: config: correct the table for option tcplog
    - BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
    - BUILD: quic: 32bits build broken by wrong integer conversions for printf()
    - BUG/MEDIUM: clock: also update the date offset on time jumps
    - MINOR: tools: Implement ipaddrcpy().
    - MINOR: quic: Implement quic_tls_derive_token_secret().
    - MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD
    - MINOR: quic: Token for future connections implementation.
    - BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
    - MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct)
    - MINOR: quic: Implement qc_ssl_eary_data_accepted().
    - MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event.
    - BUG/MEDIUM: quic: always validate sender address on 0-RTT
    - BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
    - BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
    - DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
    - REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
    - BUG/MEDIUM: clock: detect and cover jumps during execution
    - BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
    - BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
    - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
    - BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
    - BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
    - MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
    - BUG/MINOR: polling: fix time reporting when using busy polling
    - BUG/MINOR: clock: make time jump corrections a bit more accurate
    - BUG/MINOR: clock: validate that now_offset still applies to the current date
    - BUG/MEDIUM: queue: implement a flag to check for the dequeuing
    - BUG/MINOR: peers: local entries updates may not be advertised after resync
    - DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options
    - BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send
    - BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
    - BUG/MEDIUM: promex: Wait to have the request before sending the response
    - BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
    - MINOR: quic: convert qc_stream_desc release field to flags
    - MINOR: quic: implement function to check if STREAM is fully acked
    - BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
    - BUG/MINOR: quic: prevent freeze after early QCS closure
---
 CHANGELOG             | 70 +++++++++++++++++++++++++++++++++++++++++++
 VERDATE               |  2 +-
 VERSION               |  2 +-
 doc/configuration.txt |  2 +-
 4 files changed, 73 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index f17e0eaf07efe..94b8b9580b8bf 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,76 @@
 ChangeLog :
 ===========
 
+2024/09/19 : 3.0.5
+    - BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
+    - BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
+    - BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
+    - BUILD: mux-pt: Use the right name for the sedesc variable
+    - BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
+    - BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
+    - BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
+    - BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
+    - BUG/MEDIUM: http-ana: Report error on write error waiting for the response
+    - BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
+    - BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
+    - BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
+    - BUG/MINOR: fcgi-app: handle a possible strdup() failure
+    - DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted
+    - BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
+    - BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
+    - BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
+    - BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
+    - BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
+    - BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
+    - BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
+    - BUG/MINOR: proto_tcp: keep error msg if listen() fails
+    - MINOR: channel: implement ci_insert() function
+    - BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
+    - REGTESTS: mcli: test the pipelined commands on master CLI
+    - BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
+    - BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
+    - BUG/MINOR: h3: properly reject too long header responses
+    - BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
+    - BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
+    - DOC: config: correct the table for option tcplog
+    - BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
+    - BUILD: quic: 32bits build broken by wrong integer conversions for printf()
+    - BUG/MEDIUM: clock: also update the date offset on time jumps
+    - MINOR: tools: Implement ipaddrcpy().
+    - MINOR: quic: Implement quic_tls_derive_token_secret().
+    - MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD
+    - MINOR: quic: Token for future connections implementation.
+    - BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
+    - MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct)
+    - MINOR: quic: Implement qc_ssl_eary_data_accepted().
+    - MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event.
+    - BUG/MEDIUM: quic: always validate sender address on 0-RTT
+    - BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
+    - BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
+    - DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
+    - REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
+    - BUG/MEDIUM: clock: detect and cover jumps during execution
+    - BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
+    - BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
+    - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
+    - BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
+    - BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
+    - MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
+    - BUG/MINOR: polling: fix time reporting when using busy polling
+    - BUG/MINOR: clock: make time jump corrections a bit more accurate
+    - BUG/MINOR: clock: validate that now_offset still applies to the current date
+    - BUG/MEDIUM: queue: implement a flag to check for the dequeuing
+    - BUG/MINOR: peers: local entries updates may not be advertised after resync
+    - DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options
+    - BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send
+    - BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
+    - BUG/MEDIUM: promex: Wait to have the request before sending the response
+    - BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
+    - MINOR: quic: convert qc_stream_desc release field to flags
+    - MINOR: quic: implement function to check if STREAM is fully acked
+    - BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
+    - BUG/MINOR: quic: prevent freeze after early QCS closure
+
 2024/09/03 : 3.0.4
     - MINOR: proto: extend connection thread rebind API
     - BUILD: listener: silence a build warning about unused value without threads
diff --git a/VERDATE b/VERDATE
index ca77863ebd06c..07ee80b9d7574 100644
--- a/VERDATE
+++ b/VERDATE
@@ -1,2 +1,2 @@
 $Format:%ci$
-2024/09/03
+2024/09/19
diff --git a/VERSION b/VERSION
index b0f2dcb32fc28..eca690e737b32 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.0.4
+3.0.5
diff --git a/doc/configuration.txt b/doc/configuration.txt
index f4054cba4368b..adc719382156a 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -3,7 +3,7 @@
                           Configuration Manual
                          ----------------------
                               version 3.0
-                              2024/09/03
+                              2024/09/19
 
 
 This document covers the configuration language as implemented in the version