On 31/01/2023 22:08, Vincent Bernat wrote:
On 2023-01-31 21:44, Lee Garrett wrote:
with release 2.6 haproxy has dropped the "ssl-engine" keyword by
default. Would
be nice to document that in NEWS.Debian so it gets shown by tools such as
apt-listchanges during upgrade from bullseye to bookworm.
In my case haproxy failed to start with my bullseye config since it
still had
the "ssl-engine" keyword in it.
I understand this would be useful, but it opens me to get bugs like
"NEWS.Debian says something about ssl-engine, but not about some other
change". I would need to make a summary of upstream's CHANGELOG file.
This seems a tedious task.
I've written a NEWS file for you:
haproxy (2.6.8-2) unstable; urgency=medium
Starting with haproxy 2.6, the "ssl-engine" keyword has been removed.
You will
need to remove this setting for your previous config to continue to work.
Previously, clients sending an invalid request header like "Version:
rtsp/1.1"
would still get their request being served. Starting with haproxy
2.6, this
will result in a 502 response. If you depend on the old, buggy
behaviour, set
"option accept-invalid-http-requests" in the relevant config section.
-- Lee Garrett <deb...@rocketjump.eu> Tue, 31 Jan 2023 22:57:05 +0100
