Overview Repositories Revisions Requests Users Attributes Meta

Revisions of varnish

Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 135) 
[info=b36281bc31c37580f70fe48a94251b144830a893a05179ea6e3bf924506ed3de]
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 134) 
Rewrap to fit format guidelines
Jan Engelhardt's avatar Jan Engelhardt (jengelh) accepted request 1205838 from Andrea Manzini's avatar Andrea Manzini (amanzini) (revision 133) 
- Update to release 7.6.0
  * The Varnish Delivery Processor (VDP) filter API has been generalized 
    to also accommodate future use for backend request bodies
  * VDPs with no vdp_bytes_f function are now supported if the vdp_init_f 
    returns a value greater than zero to signify that the filter is not to 
    be added to the chain. This is useful to support VDPs which only need to 
    work on headers.
  * The epoll and kqueue waiters have been improved to correctly report 
    WAITER_REMCLOSE, which increases the WAITER.*.remclose counter.
  * varnishtest now supports the shutdown command corresponding to the 
    shutdown(2) standard C library call
  * VSC counters for waiters have been added:
     + conns to count waits on idle connections
     + remclose to count idle connections closed by the peer
     + timeout to count idle connections which timed out in the waiter
     + action to count idle connections which resulted in a read
  * The port of a listen_endpoint given with the -a argument to varnishd 
    can now also be a numerical port range like 80-89
  * To implement the aforementioned feature, VSS_resolver_range() as been
    added to libvarnish
  * The Warning: mlock() of VSM failed message is now emitted when locking
    of shared memory segments (via mlock(2)) fails.
  * A bug has been fixed where string comparisons in VCL could fail with the
    nonsensical error message Comparison of different types: STRING '=='
    STRING.
  * An issue has been addressed in the builtin.vcl where backend responses
    would fail if they contained a Content-Range header when no range was
    requested. 
  * Additional SessError VSL events are now generated for various HTTP/2
    protocol errors.
buildservice-autocommit accepted request 1162360 from Jan Engelhardt's avatar Jan Engelhardt (jengelh) (revision 132) 
baserev update by copy to link target
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 131) 
- Update to release 7.5.0
buildservice-autocommit accepted request 1144754 from Jan Engelhardt's avatar Jan Engelhardt (jengelh) (revision 130) 
baserev update by copy to link target
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 129)
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 128) 
use sysusers fragment from solanum
Jan Engelhardt's avatar Jan Engelhardt (jengelh) accepted request 1144719 from Arjen de Korte's avatar Arjen de Korte (adkorte) (revision 127) 
- Use sysuser-tools to generate varnish user
buildservice-autocommit accepted request 1130193 from Jan Engelhardt's avatar Jan Engelhardt (jengelh) (revision 126) 
baserev update by copy to link target
Jan Engelhardt's avatar Jan Engelhardt (jengelh) accepted request 1130176 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 125) 
- update to 7.4.2 (bsc#1216123, CVE-2023-44487):
  * The ``vcl_req_reset`` feature (controllable through the ``feature``
    parameter, see `varnishd(1)`) has been added and enabled by default
    to terminate client side VCL processing early when the client is
    gone.
    *req_reset* events trigger a VCL failure and are reported to
    `vsl(7)` as ``Timestamp: Reset`` and accounted to ``main.req_reset``
    in `vsc` as visible through ``varnishstat(1)``.
    In particular, this feature is used to reduce resource consumption
    of HTTP/2 "rapid reset" attacks (see below).
    Note that *req_reset* events may lead to client tasks for which no
    VCL is called ever. Presumably, this is thus the first time that
    valid `vcl(7)` client transactions may not contain any ``VCL_call``
    records.
  * Added mitigation options and visibility for HTTP/2 "rapid reset"
    attacks
    Global rate limit controls have been added as parameters, which can
    be overridden per HTTP/2 session from VCL using the new vmod ``h2``:
    * The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function
      define a threshold duration for an ``RST_STREAM`` to be classified
      as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this
      duration after a ``HEADERS`` frame, it is accounted against the
      rate limit described below.
    * The ``h2_rapid_reset_limit`` parameter and
      ``h2.rapid_reset_limit()`` function define how many "rapid" resets
      may be received during the time span defined by the
      ``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()``
      function before the HTTP/2 connection is forcibly closed with a
      ``GOAWAY`` and all ongoing VCL client tasks of the connection are
      aborted.
buildservice-autocommit accepted request 1112701 from Jan Engelhardt's avatar Jan Engelhardt (jengelh) (revision 124) 
baserev update by copy to link target
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 123) 
- Update to release 7.4.1
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 121) 
- Update to release 7.2.1
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 120) 
- Delete varnish-5.1.2-add-fallthrough-comments.patch
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 119) 
wrap lines at the very obvious dashed line
Jan Engelhardt's avatar Jan Engelhardt (jengelh) committed (revision 118) 
curate changelog for the user
Jan Engelhardt's avatar Jan Engelhardt (jengelh) accepted request 1032206 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 117) 
- update to 7.2.0:
  * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and
    ``VRT_RemoveVFP()`` are deprecated.
  * Cookie headers generated by vmod_cookie no longer have a spurious trailing
    semi-colon (``';'``) at the end of the string. This could break VCL relying
    on the previous incorrect behavior.
  * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which
    previously output ``Failure receiving req.body``, has been rewritten
    to ``Failure receiving body``.
  * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded
    by the cache process. Unlike VMODs that have the combined lifetime of all
    the VCLs that reference them, a VEXT has the lifetime of the cache process
    itself. There are no built-in extensions so far.
  * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to
    collect their metadata.
  * Stevedore initialization via the ``.init()`` callback has been moved
    to the worker process.
  * The parameter ``tcp_keepalive_time`` is supported on MacOS.
  * Duration parameters can optionally take a unit, with the same syntax as
    duration units in VCL. Example: ``param.set default_grace 1h``.
  * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside
    client vcl subs now fail properly instead of triggering an
    assertion failure (3846_).
  * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0
    version, it would yield the 7.2 branch.
  * The Varnish version and branch are available in ``varnishtest`` through the
    ``${pkg_version}`` and ``${pkg_branch}`` macros.
  * New ``${topsrc}`` macro in ``varnishtest -i`` mode.
  * New ``process pNAME -match-text`` command in ``varnishtest`` to expect
    text matching a regular expression on screen.
Jan Engelhardt's avatar Jan Engelhardt (jengelh) accepted request 1005874 from Bernhard Wiedemann's avatar Bernhard Wiedemann (bmwiedemann) (revision 116) 
- Make reload fail nicely on vcl syntax error
- Set TasksMax=16384 because default thread_pool_max is 5000 so systemd killed varnish on high load
Displaying revisions 1 - 20 of 135
openSUSE Build Service is sponsored by
Places