Default page

Edit File: changes.html

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="generator" content="Docutils 0.20.1: https://docutils.sourceforge.io/" />
<title>changes.rst</title>
<style type="text/css">

/*
:Author: David Goodger (goodger@python.org)
:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $
:Copyright: This stylesheet has been placed in the public domain.

Default cascading style sheet for the HTML output of Docutils.

See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
customize this style sheet.
*/

/* used to remove borders from tables and images */
.borderless, table.borderless td, table.borderless th {
  border: 0 }

table.borderless td, table.borderless th {
  /* Override padding for "table.docutils td" with "! important".
     The right padding separates the table cells. */
  padding: 0 0.5em 0 0 ! important }

.first {
  /* Override more specific margin styles with "! important". */
  margin-top: 0 ! important }

.last, .with-subtitle {
  margin-bottom: 0 ! important }

.hidden {
  display: none }

.subscript {
  vertical-align: sub;
  font-size: smaller }

.superscript {
  vertical-align: super;
  font-size: smaller }

a.toc-backref {
  text-decoration: none ;
  color: black }

blockquote.epigraph {
  margin: 2em 5em ; }

dl.docutils dd {
  margin-bottom: 0.5em }

object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
  overflow: hidden;
}

/* Uncomment (and remove this text!) to get bold-faced definition list terms
dl.docutils dt {
  font-weight: bold }
*/

div.abstract {
  margin: 2em 5em }

div.abstract p.topic-title {
  font-weight: bold ;
  text-align: center }

div.admonition, div.attention, div.caution, div.danger, div.error,
div.hint, div.important, div.note, div.tip, div.warning {
  margin: 2em ;
  border: medium outset ;
  padding: 1em }

div.admonition p.admonition-title, div.hint p.admonition-title,
div.important p.admonition-title, div.note p.admonition-title,
div.tip p.admonition-title {
  font-weight: bold ;
  font-family: sans-serif }

div.attention p.admonition-title, div.caution p.admonition-title,
div.danger p.admonition-title, div.error p.admonition-title,
div.warning p.admonition-title, .code .error {
  color: red ;
  font-weight: bold ;
  font-family: sans-serif }

/* Uncomment (and remove this text!) to get reduced vertical space in
   compound paragraphs.
div.compound .compound-first, div.compound .compound-middle {
  margin-bottom: 0.5em }

div.compound .compound-last, div.compound .compound-middle {
  margin-top: 0.5em }
*/

div.dedication {
  margin: 2em 5em ;
  text-align: center ;
  font-style: italic }

div.dedication p.topic-title {
  font-weight: bold ;
  font-style: normal }

div.figure {
  margin-left: 2em ;
  margin-right: 2em }

div.footer, div.header {
  clear: both;
  font-size: smaller }

div.line-block {
  display: block ;
  margin-top: 1em ;
  margin-bottom: 1em }

div.line-block div.line-block {
  margin-top: 0 ;
  margin-bottom: 0 ;
  margin-left: 1.5em }

div.sidebar {
  margin: 0 0 0.5em 1em ;
  border: medium outset ;
  padding: 1em ;
  background-color: #ffffee ;
  width: 40% ;
  float: right ;
  clear: right }

div.sidebar p.rubric {
  font-family: sans-serif ;
  font-size: medium }

div.system-messages {
  margin: 5em }

div.system-messages h1 {
  color: red }

div.system-message {
  border: medium outset ;
  padding: 1em }

div.system-message p.system-message-title {
  color: red ;
  font-weight: bold }

div.topic {
  margin: 2em }

h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
  margin-top: 0.4em }

h1.title {
  text-align: center }

h2.subtitle {
  text-align: center }

hr.docutils {
  width: 75% }

img.align-left, .figure.align-left, object.align-left, table.align-left {
  clear: left ;
  float: left ;
  margin-right: 1em }

img.align-right, .figure.align-right, object.align-right, table.align-right {
  clear: right ;
  float: right ;
  margin-left: 1em }

img.align-center, .figure.align-center, object.align-center {
  display: block;
  margin-left: auto;
  margin-right: auto;
}

table.align-center {
  margin-left: auto;
  margin-right: auto;
}

.align-left {
  text-align: left }

.align-center {
  clear: both ;
  text-align: center }

.align-right {
  text-align: right }

/* reset inner alignment in figures */
div.align-right {
  text-align: inherit }

/* div.align-center * { */
/*   text-align: left } */

.align-top    {
  vertical-align: top }

.align-middle {
  vertical-align: middle }

.align-bottom {
  vertical-align: bottom }

ol.simple, ul.simple {
  margin-bottom: 1em }

ol.arabic {
  list-style: decimal }

ol.loweralpha {
  list-style: lower-alpha }

ol.upperalpha {
  list-style: upper-alpha }

ol.lowerroman {
  list-style: lower-roman }

ol.upperroman {
  list-style: upper-roman }

p.attribution {
  text-align: right ;
  margin-left: 50% }

p.caption {
  font-style: italic }

p.credits {
  font-style: italic ;
  font-size: smaller }

p.label {
  white-space: nowrap }

p.rubric {
  font-weight: bold ;
  font-size: larger ;
  color: maroon ;
  text-align: center }

p.sidebar-title {
  font-family: sans-serif ;
  font-weight: bold ;
  font-size: larger }

p.sidebar-subtitle {
  font-family: sans-serif ;
  font-weight: bold }

p.topic-title {
  font-weight: bold }

pre.address {
  margin-bottom: 0 ;
  margin-top: 0 ;
  font: inherit }

pre.literal-block, pre.doctest-block, pre.math, pre.code {
  margin-left: 2em ;
  margin-right: 2em }

pre.code .ln { color: grey; } /* line numbers */
pre.code, code { background-color: #eeeeee }
pre.code .comment, code .comment { color: #5C6576 }
pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
pre.code .literal.string, code .literal.string { color: #0C5404 }
pre.code .name.builtin, code .name.builtin { color: #352B84 }
pre.code .deleted, code .deleted { background-color: #DEB0A1}
pre.code .inserted, code .inserted { background-color: #A3D289}

span.classifier {
  font-family: sans-serif ;
  font-style: oblique }

span.classifier-delimiter {
  font-family: sans-serif ;
  font-weight: bold }

span.interpreted {
  font-family: sans-serif }

span.option {
  white-space: nowrap }

span.pre {
  white-space: pre }

span.problematic {
  color: red }

span.section-subtitle {
  /* font-size relative to parent (h1..h6 element) */
  font-size: 80% }

table.citation {
  border-left: solid 1px gray;
  margin-left: 1px }

table.docinfo {
  margin: 2em 4em }

table.docutils {
  margin-top: 0.5em ;
  margin-bottom: 0.5em }

table.footnote {
  border-left: solid 1px black;
  margin-left: 1px }

table.docutils td, table.docutils th,
table.docinfo td, table.docinfo th {
  padding-left: 0.5em ;
  padding-right: 0.5em ;
  vertical-align: top }

table.docutils th.field-name, table.docinfo th.docinfo-name {
  font-weight: bold ;
  text-align: left ;
  white-space: nowrap ;
  padding-left: 0 }

/* "booktabs" style (no vertical lines) */
table.docutils.booktabs {
  border: 0px;
  border-top: 2px solid;
  border-bottom: 2px solid;
  border-collapse: collapse;
}
table.docutils.booktabs * {
  border: 0px;
}
table.docutils.booktabs th {
  border-bottom: thin solid;
  text-align: left;
}

h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
  font-size: 100% }

ul.auto-toc {
  list-style-type: none }

</style>
</head>
<body>
<div class="document">

<div class="section" id="about-this-document">
<h1>About this document</h1>

<p>This document contains notes from the Varnish developers about ongoing
development and past versions:</p>
<ul class="simple">
<li>Developers will note here changes which they consider particularly
relevant or otherwise noteworthy</li>
<li>This document is not necessarily up-to-date with the code</li>
<li>It serves as a basis for release managers and others involved in
release documentation</li>
<li>It is not rendered as part of the official documentation and thus
only available in ReStructuredText (rst) format in the source
repository and -distribution.</li>
</ul>
<p>Official information about changes in releases and advise on the
upgrade process can be found in the <tt class="docutils literal"><span class="pre">doc/sphinx/whats-new/</span></tt>
directory, also available in HTML format at
<a class="reference external" href="http://varnish-cache.org/docs/trunk/whats-new/index.html">http://varnish-cache.org/docs/trunk/whats-new/index.html</a> and via
individual releases. These documents are updated as part of the
release process.</p>
</div>
<div class="section" id="varnish-cache-7-5-0-2024-03-18">
<h1>Varnish Cache 7.5.0 (2024-03-18)</h1>

<ul>
<li><p class="first">Add <tt class="docutils literal">h2_window_timeout</tt> paramater to mitigate CVE-2023-43622 (<a class="reference external" href="https://varnish-cache.org/security/VSV00014.html">VSV00014</a>).</p>
</li>
<li><p class="first">The parameters <tt class="docutils literal">idle_send_timeout</tt> and <tt class="docutils literal">timeout_idle</tt> are now
limited to a maximum of 1 hour.</p>
</li>
<li><p class="first">The VCL variables <tt class="docutils literal">bereq.connect_timeout</tt>,
<tt class="docutils literal">bereq.first_byte_timeout</tt>, <tt class="docutils literal">bereq.between_bytes_timeout</tt>,
<tt class="docutils literal">bereq.task_deadline</tt>, <tt class="docutils literal">sess.timeout_idle</tt>,
<tt class="docutils literal">sess.timeout_linger</tt>, <tt class="docutils literal">sess.idle_send_timeout</tt> and
<tt class="docutils literal">sess.send_timeout</tt> can now be <tt class="docutils literal">unset</tt> to use their default
values from parameters.</p>
</li>
<li><p class="first">Timeout and deadline parameters can now be set to a new special value
<tt class="docutils literal">never</tt> to apply an infinitely long timeout. Parameters which used to
be of type <tt class="docutils literal">timeout</tt> but do not accept <tt class="docutils literal">never</tt> have been moved to
the new type <tt class="docutils literal">duration</tt>. VCL variables cannot be set to <tt class="docutils literal">never</tt>.</p>
</li>
<li><p class="first">The implementation of the feature flag <tt class="docutils literal">esi_include_onerror</tt> changed
in Varnish-Cache 7.3.0 has been reverted to more closely match the
behavior before that release: By default, fragments are included
again, even errors. When <tt class="docutils literal">esi_include_onerror</tt> is enabled and
errors are encountered while processing an ESI fragment, processing
only continues if the <tt class="docutils literal">onerror</tt> attribute of the <tt class="docutils literal"><esi:include></tt>
tag is present.</p>
<p>Any response status other than <tt class="docutils literal">200</tt> or <tt class="docutils literal">204</tt> counts as an error
as well as any fetch error.</p>
<p>Streaming responses may continue to be partially delivered.</p>
<p>Error behavior has been fixed to be consistent also for zero length
fragments.</p>
</li>
<li><p class="first">The new VSC <tt class="docutils literal">n_superseded</tt> gets incremented every time an object
is superseded by a new one, for example when the grace and/or keep
timers kept it in cache for longer than the TTL and a fresh copy is
fetched.</p>
<p>Cache evictions of superseded objects are logged as <tt class="docutils literal">ExpKill</tt>
messages starting with <tt class="docutils literal">VBF_Superseded</tt>.</p>
</li>
<li><p class="first">The implementation of <tt class="docutils literal">PRIV_TASK</tt> and <tt class="docutils literal">PRIV_TOP</tt> VMOD
function/method arguments has been fixed to also work with
<tt class="docutils literal">std.rollback()</tt> (<a class="reference external" href="https://github.com/varnish/varnish-modules/issues/222">Varnish-Modules #222</a>)</p>
</li>
<li><p class="first">Transports are now responsible for calling <tt class="docutils literal">VDP_Close()</tt> in all
cases.</p>
</li>
<li><p class="first">The format of <tt class="docutils literal">BackendClose</tt> VSL records has been changed to use
the short reason name for consistency with  <tt class="docutils literal">SessClose</tt>.</p>
</li>
<li><p class="first">During <tt class="docutils literal">varnishd</tt> shutdown, pooled backend connections are now
closed bi-directionally.</p>
</li>
<li><p class="first">Mode bits of files opened via the UNIX jail as <tt class="docutils literal">JAIL_FIXFD_FILE</tt>
are now correctly set as <tt class="docutils literal">0600</tt>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">busy_stats_rate</tt> feature now also works for HTTP/2.</p>
</li>
<li><p class="first">The <tt class="docutils literal">BUILD_VMOD_$NAME</tt> m4 macro for VMOD Makefiles has been fixed
to properly support custom <tt class="docutils literal">CFLAGS</tt>.</p>
</li>
<li><p class="first">Storage engines are now responsible for deciding which
<tt class="docutils literal">fetch_chunksize</tt> to use. When Varnish-Cache does not know the
expected object size, it calls the <tt class="docutils literal">objgetspace</tt> stevedore
function with a zero <tt class="docutils literal">sz</tt> argument.</p>
</li>
<li><p class="first">The <tt class="docutils literal">Timestamp</tt> SLT with <tt class="docutils literal">Process</tt> prefix is not emitted any
more when processing continues as for restarts, or when <tt class="docutils literal">vcl_deliver</tt>
transitions to <tt class="docutils literal">vcl_synth</tt>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">FetchError</tt> SLT with <tt class="docutils literal">HTC</tt> prefix now contains a verbose
explanation.</p>
</li>
<li><p class="first">Varnish Test Cases (VTCs) now support an <tt class="docutils literal">include</tt> statement.</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishncsa</tt> now supports the <tt class="docutils literal">%{Varnish:default_format}x</tt>
format to use the default format with additions.</p>
</li>
<li><p class="first">A deadlock in <tt class="docutils literal">VRT_AddDirector()</tt> is now avoided with dynamic
backends when the VCL goes cold.</p>
</li>
<li><p class="first">A new variable <tt class="docutils literal">bereq.task_deadline</tt>, available in <tt class="docutils literal">sub vcl_pipe
{}</tt> only for now, allows to limit the total duration of pipe
transactions. Its default comes from the <tt class="docutils literal">pipe_task_deadline</tt>
parameter, which itself defaults to <tt class="docutils literal">never</tt>.</p>
</li>
<li><p class="first">The VSC counters <tt class="docutils literal">n_expired</tt>, <tt class="docutils literal">n_purges</tt> and <tt class="docutils literal">n_obj_purged</tt>
have been fixed for purged objects.</p>
</li>
<li><p class="first">The <tt class="docutils literal">ExpKill</tt> SLT prefix <tt class="docutils literal">EXP_expire</tt> has been renamed to
<tt class="docutils literal">EXP_Inspect</tt>.</p>
</li>
<li><p class="first">New VSL records of the <tt class="docutils literal">ExpKill</tt> SLT with <tt class="docutils literal">EXP_Removed</tt> are now
emitted to uniformly log all "object removed from cache" events.</p>
</li>
<li><p class="first">VSL records of the <tt class="docutils literal">ExpKill</tt> SLT with <tt class="docutils literal">EXP_Expired</tt> prefix now
contain the number of hits on the removed object.</p>
</li>
<li><p class="first">A bug has been fixed in <tt class="docutils literal">varnishstat</tt> where the description of the
last VSC was not shown.</p>
</li>
<li><p class="first">VCL COLD events have been fixed for directors vs. VMODs: VDI COLD
now comes before VMOD COLD.</p>
</li>
<li><p class="first">The <tt class="docutils literal">file</tt> storage engine now fails properly if the file size is
too small.</p>
</li>
<li><p class="first">The <tt class="docutils literal">.happy</tt> stevedore type method now returns <tt class="docutils literal">true</tt> if not
implemented instead of panicking <tt class="docutils literal">varnishd</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/4036">4036</a>)</p>
</li>
<li><p class="first">Use of <tt class="docutils literal">objiterate_f</tt> on request bodies has been fixed to
correctly post <tt class="docutils literal">OBJ_ITER_END</tt>.</p>
</li>
<li><p class="first">Use of <tt class="docutils literal">STV_NewObject()</tt> has been fixed to correctly request zero
bytes for attributes where only a body is to be stored.</p>
</li>
<li><p class="first"><tt class="docutils literal">(struct <span class="pre">req).filter_list</span></tt> has been renamed to <tt class="docutils literal">vdp_filter_list</tt>.</p>
</li>
<li><p class="first">304 object copying has been optimized to make optimal use of storage
engines' allocations.</p>
</li>
<li><p class="first">Use of the <tt class="docutils literal">trimstore</tt> storage engine function has been fixed for
304 responses.</p>
</li>
<li><p class="first">A missing <tt class="docutils literal">:scheme</tt> for HTTP/2 requests is now properly handled.</p>
</li>
<li><p class="first">The <tt class="docutils literal">fold</tt> flag has been added to Access Control Lists (ACLs)
in VCL. When it is activated with <tt class="docutils literal">acl ... +fold {}</tt>, ACL entries
get optimized in that subnets contained in other entries are skipped
(e.g.  if 1.2.3.0/24 is part of the ACL, an entry for 1.2.3.128/25
will not be added) and adjacent entries get folded (e.g.  if both
1.2.3.0/25 and 1.2.3.128/25 are added, they will be folded to
1.2.3.0/24) (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3563">3563</a>).</p>
<p>Logging under the <tt class="docutils literal">VCL_acl</tt> tag can change with this flag.</p>
<p>Negated ACL entries are never folded.</p>
</li>
<li><p class="first">Fixed handling of failing sub-requests: A VCL failure on the client
side or the <tt class="docutils literal">vcl_req_reset</tt> feature could trigger a panic, because
it is not allowed to generate a minimal response. For sub-requests,
we now masquerade the fail transition as a deliver and trade the
illegal minimal response for the synthetic response (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/4022">4022</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">param.reset <span class="pre">[-j]</span></tt> CLI command has been added to reset flags
to their default. Consequently, the <tt class="docutils literal">param.set ... default</tt>
special value is now deprecated.</p>
</li>
<li><p class="first">The <tt class="docutils literal">param.set</tt> CLI command now supports the <tt class="docutils literal">none</tt> and <tt class="docutils literal">all</tt>
values to achieve setting "absolute" values atomically as in
<tt class="docutils literal">param.set foo <span class="pre">none,+bar,+baz</span></tt> or <tt class="docutils literal">param.set foo <span class="pre">all,-bar,-baz</span></tt>.</p>
</li>
<li><p class="first">A glitch in CLI command parsing has been fixed where individually
quoted arguments like <tt class="docutils literal">"help"</tt> were rejected.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vcl_req_reset</tt> feature (controllable through the <tt class="docutils literal">feature</tt>
parameter, see <cite>varnishd(1)</cite>) has been added and enabled by default
to terminate client side VCL processing early when the client is
gone.</p>
<p><em>req_reset</em> events trigger a VCL failure and are reported to
<cite>vsl(7)</cite> as <tt class="docutils literal">Timestamp: Reset</tt> and accounted to <tt class="docutils literal">main.req_reset</tt>
in <cite>vsc</cite> as visible through <tt class="docutils literal">varnishstat(1)</tt>.</p>
<p>In particular, this feature is used to reduce resource consumption
of HTTP/2 "rapid reset" attacks (see below).</p>
<p>Note that <em>req_reset</em> events may lead to client tasks for which no
VCL is called ever. Presumably, this is thus the first time that
valid <cite>vcl(7)</cite> client transactions may not contain any <tt class="docutils literal">VCL_call</tt>
records.</p>
</li>
<li><p class="first">Added mitigation options and visibility for HTTP/2 "rapid reset"
attacks (<a class="reference external" href="https://nvd.nist.gov/vuln/detail/CVE-2023-44487">CVE-2023-44487</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3996">3996</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3997">3997</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3998">3998</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3999">3999</a>).</p>
<p>Global rate limit controls have been added as parameters, which can
be overridden per HTTP/2 session from VCL using the new vmod <tt class="docutils literal">h2</tt>:</p>
<ul>
<li><p class="first">The <tt class="docutils literal">h2_rapid_reset</tt> parameter and <tt class="docutils literal">h2.rapid_reset()</tt> function
define a threshold duration for an <tt class="docutils literal">RST_STREAM</tt> to be classified
as "rapid": If an <tt class="docutils literal">RST_STREAM</tt> frame is parsed sooner than this
duration after a <tt class="docutils literal">HEADERS</tt> frame, it is accounted against the
rate limit described below.</p>
<p>The default is one second.</p>
</li>
<li><p class="first">The <tt class="docutils literal">h2_rapid_reset_limit</tt> parameter and
<tt class="docutils literal">h2.rapid_reset_limit()</tt> function define how many "rapid" resets
may be received during the time span defined by the
<tt class="docutils literal">h2_rapid_reset_period</tt> parameter / <tt class="docutils literal">h2.rapid_reset_period()</tt>
function before the HTTP/2 connection is forcibly closed with a
<tt class="docutils literal">GOAWAY</tt> and all ongoing VCL client tasks of the connection are
aborted.</p>
<p>The defaults are 100 and 60 seconds, corresponding to an allowance
of 100 "rapid" resets per minute.</p>
</li>
<li><p class="first">The <tt class="docutils literal">h2.rapid_reset_budget()</tt> function can be used to query the
number of currently allowed "rapid" resets.</p>
</li>
<li><p class="first">Sessions closed due to rapid reset rate limiting are reported as
<tt class="docutils literal">SessClose RAPID_RESET</tt> in <cite>vsl(7)</cite> and accounted to
<tt class="docutils literal">main.sc_rapid_reset</tt> in <cite>vsc</cite> as visible through
<tt class="docutils literal">varnishstat(1)</tt>.</p>
</li>
</ul>
</li>
<li><p class="first">The <tt class="docutils literal">cli_limit</tt> parameter default has been increased from 48KB to
64KB.</p>
</li>
<li><p class="first"><tt class="docutils literal">VSUB_closefrom()</tt> now falls back to the base implementation not
only if <tt class="docutils literal">close_range()</tt> was determined to be unusable at compile
time, but also at run time. That is to say, even if
<tt class="docutils literal">close_range()</tt> is compiled in, the fallback to the naive
implementation remains.</p>
</li>
<li><p class="first">Fixed <tt class="docutils literal">varnishd <span class="pre">-I</span></tt> error reporting when a final newline or
carriage return is missing in the CLI command file (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3995">3995</a>).</p>
</li>
<li><p class="first">Improved and updated the build system with respect to autoconf and
automake.</p>
</li>
<li><p class="first">Improved <tt class="docutils literal">VSB_tofile()</tt> error reporting, added support for partial
writes and support of VSBs larger than INT_MAX.</p>
</li>
<li><p class="first">Improved HPACK header validation.</p>
</li>
<li><p class="first">Fixed scopes of protected headers (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3984">3984</a>).</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-4-0-2023-09-15">
<h1>Varnish Cache 7.4.0 (2023-09-15)</h1>
<ul>
<li><p class="first">The <tt class="docutils literal">VSB_quote_pfx()</tt> (and, consequently, <tt class="docutils literal">VSB_quote()</tt>) function
no longer produces <tt class="docutils literal">\v</tt> for a vertical tab. This improves
compatibility with JSON.</p>
</li>
<li><p class="first">The bundled <em>zlib</em> has been updated to match <em>zlib 1.3</em>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">VSHA256_*</tt> functions have been added to libvarnishapi (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3946">3946</a>).</p>
</li>
<li><p class="first">Tabulation of the <tt class="docutils literal">vcl.list</tt> CLI output has been modified
slightly.</p>
</li>
<li><p class="first">VCL now supports "protected headers", which can neither be set nor unset.</p>
</li>
<li><p class="first">The <tt class="docutils literal"><span class="pre">Content-Length</span></tt> and <tt class="docutils literal"><span class="pre">Transfer-Encoding</span></tt> headers are now
protected. For the common use case of <tt class="docutils literal">unset
<span class="pre">xxx.http.Content-Length</span></tt> to dismiss a body, <tt class="docutils literal">unset xxx.body</tt>
should be used.</p>
</li>
<li><p class="first">Error handling of numeric literals in exponent notation has been
improved in the VCL compiler (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3971">3971</a>).</p>
</li>
<li><p class="first">Finalization of the storage private state of busy objects has been
fixed. This bug could trigger a panic when <tt class="docutils literal">vcl_synth {}</tt> was used
to replace the object body and storage was changed from one of the
built-in storage engines to a storage engine from an extension (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3953">3953</a>).</p>
</li>
<li><p class="first">HTTP/2 header field validation is now more strict with respect to
allowed characters (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3952">3952</a>).</p>
</li>
<li><p class="first">A bug has been fixed in the filter handling code which could trigger
a panic when <tt class="docutils literal">resp.filters</tt> was used from <tt class="docutils literal">vcl_synth {}</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3968">3968</a>).</p>
</li>
<li><p class="first">The utility macros <tt class="docutils literal">ALLOC_OBJ_EXTRA()</tt> and <tt class="docutils literal">ALLOC_FLEX_OBJ()</tt>
have been added to <tt class="docutils literal">miniobj.h</tt> to simplify allocation of objects
larger than a struct and such with a flexible array.</p>
</li>
<li><p class="first">The <tt class="docutils literal">varnishapi</tt> version has been increased to 3.1 and the
functions <tt class="docutils literal">VENC_Encode_Base64()</tt> and <tt class="docutils literal">VENC_Decode_Base64()</tt> are
now exposed.</p>
</li>
<li><p class="first">Two bugs in the ban expression parser have been fixed where one of them
could lead to a panic if a ban expression with an empty header name was
issued (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3962">3962</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">v_cold</tt> macro has been added to add <tt class="docutils literal"><span class="pre">__attribute__((cold))</span></tt>
on compilers supporting it. It is used for <tt class="docutils literal">VRT_fail()</tt> to mark
failure code paths as cold.</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishtest</tt> now generates <tt class="docutils literal"><span class="pre">User-Agent</span></tt> request and <tt class="docutils literal">Server</tt>
response headers with the respective client and server name by
default. The <tt class="docutils literal">txreq <span class="pre">-nouseragent</span></tt> and <tt class="docutils literal">txresp <span class="pre">-noserver</span></tt> options
disable addition of these headers.</p>
</li>
<li><p class="first">Error handling of invalid header names has been improved in the VCL
Compiler (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3960">3960</a>).</p>
</li>
<li><p class="first">A race condition has been fixed in the backend probe code which
could trigger a panic with dynamic backends (<a class="reference external" href="https://github.com/nigoroll/libvmod-dynamic/issues/100">dyn100</a>).</p>
</li>
<li><p class="first">A bug has been fixed in the ESI code which would prevent use of
internal status codes >1000 as their modulus 1000 value (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3958">3958</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">varnishd_args_prepend</tt> and <tt class="docutils literal">varnishd_args_append</tt> macros
have been added to <tt class="docutils literal">varnishtest</tt> to add arguments to <tt class="docutils literal">varnishd</tt>
invocations before and after the defaults.</p>
</li>
<li><p class="first">A bug has been fixed where <tt class="docutils literal">varnishd</tt> would hang indefinitely when
the worker process would not come up within <tt class="docutils literal">cli_timeout</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3940">3940</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">startup_timeout</tt> parameter now specifically replaces
<tt class="docutils literal">cli_timeout</tt> for the initial startup only (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3940">3940</a>).</p>
</li>
<li><p class="first">On Linux, <tt class="docutils literal">close_range()</tt> is now used if available (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3905">3905</a>).</p>
</li>
<li><p class="first">Error reporting has been improved if the working directory
(<tt class="docutils literal">varnishd <span class="pre">-n</span></tt> argument) resides on a file system mounted
<tt class="docutils literal">noexec</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3943">3943</a>).</p>
</li>
<li><p class="first">The number of backtrace levels in panic reports has been increased
from 10 to 20.</p>
</li>
<li><p class="first">The <tt class="docutils literal">PTOK()</tt> macro has been added to <tt class="docutils literal">vas.h</tt> to simplify error
checking of <tt class="docutils literal">pthread_*</tt> POSIX functions.</p>
</li>
<li><p class="first">In <tt class="docutils literal">varnishtest</tt>, the basename of the test directory is now
available as the <tt class="docutils literal">vtcid</tt> macro to serve as a unique string across
concurrently running tests.</p>
</li>
<li><p class="first">In <tt class="docutils literal">struct vsmwseg</tt> and <tt class="docutils literal">struct vsm_fantom</tt>, the <tt class="docutils literal">class</tt>
member has been renamed to <tt class="docutils literal">category</tt>.</p>
</li>
<li><p class="first">ESI <tt class="docutils literal">onerror=abort</tt> handling has been fixed when <tt class="docutils literal">max_esi_depth</tt>
is reached (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3938">3938</a>).</p>
</li>
<li><p class="first">A spurious <em>Could not delete 'vcl_...'</em> error message has been
removed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3925">3925</a>).</p>
</li>
<li><p class="first">A bug has been fixed where <tt class="docutils literal">unset bereq.body</tt> had no effect when
used with a cached body (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3914">3914</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">.vcc</tt> files of VMODs are now installed to
<tt class="docutils literal">/usr/share/varnish/vcc</tt> (or equivalent) to enable re-use by other
tools like code editors.</p>
</li>
<li><p class="first">The <em class="ref">vcl-step(7)</em> manual page has been added to document the
VCL state machines.</p>
</li>
<li><p class="first"><tt class="docutils literal">HSH_Cancel()</tt> has been moved to <tt class="docutils literal">VDP_Close()</tt> to enable
transports to keep references to objects.</p>
</li>
<li><p class="first">VCL tracing now needs to be explicitly activated by setting the
<tt class="docutils literal">req.trace</tt> or <tt class="docutils literal">bereq.trace</tt> VCL variables, which are
initialized from the <tt class="docutils literal">feature +trace</tt> flag. Only if the trace
variables are set will <tt class="docutils literal">VCL_trace</tt> log records be generated.</p>
<p>Consequently, <tt class="docutils literal">VCL_trace</tt> has been removed from the default
<tt class="docutils literal">vsl_mask</tt>, so any trace records will be emitted by
default. <tt class="docutils literal">vsl_mask</tt> can still be used to filter <tt class="docutils literal">VCL_trace</tt>
records.</p>
<p>To trace <tt class="docutils literal">vcl_init {}</tt> and <tt class="docutils literal">vcl_fini {}</tt>, set the <tt class="docutils literal">feature
+trace</tt> flag while the vcl is loaded/discarded.</p>
</li>
<li><p class="first">Varnish Delivery Processors (VDPs) are now also properly closed for
error conditions, avoiding potential minor memory leaks.</p>
</li>
<li><p class="first">A regression introduced with Varnish Cache 7.3.0 was fixed: On
HTTP/2 connections, URLs starting with <tt class="docutils literal">//</tt> no longer trigger a
protocol error (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3911">3911</a>).</p>
</li>
<li><p class="first">Call sites of VMOD functions and methods can now be restricted to
built-in subroutines using the <tt class="docutils literal">$Restrict</tt> stanza in the VCC file.</p>
</li>
<li><p class="first">The counter <tt class="docutils literal">MAIN.http1_iovs_flush</tt> has been added to track the
number of premature <tt class="docutils literal">writev()</tt> calls due to an insufficient number
of IO vectors. This number is configured through the <tt class="docutils literal">http1_iovs</tt>
parameter for client connections and implicitly defined by the
amount of free workspace for backend connections.</p>
</li>
<li><p class="first">Object creation failures by the selected storage engine are now
logged under the <tt class="docutils literal">Error</tt> tag as <tt class="docutils literal">Failed to create object object
from %s %s</tt>.</p>
</li>
<li><p class="first">The limit on the size of <tt class="docutils literal">varnishtest</tt> macros has been raised to
2KB.</p>
</li>
<li><p class="first">The newly introduced abstract socket support was incompatible with
other implementations, this has been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3908">3908</a>).</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-3-0-2023-03-15">
<h1>Varnish Cache 7.3.0 (2023-03-15)</h1>
<ul>
<li><p class="first">The macro <tt class="docutils literal">WS_TASK_ALLOC_OBJ</tt> as been added to handle the common
case of allocating mini objects on a workspace.</p>
</li>
<li><p class="first"><tt class="docutils literal">xid</tt> variables in VCL are now of type <tt class="docutils literal">INT</tt>.</p>
</li>
<li><p class="first">The new <tt class="docutils literal">beresp.transit_buffer</tt> variable has been added to VCL,
which defaults to the newly added parameter <tt class="docutils literal">transit_buffer</tt>. This
variable limits the number of bytes varnish pre-fetches for
uncacheable streaming fetches.</p>
</li>
<li><p class="first">Varnish now supports abstract unix domain sockets. If the operating
system supports them, abstract sockets can be specified using the
commonplace <tt class="docutils literal">@</tt> notation for accept sockets, e.g.:</p>
<pre class="literal-block">
varnishd -a @kandinsky
</pre>
<p>and backend paths, e.g.:</p>
<pre class="literal-block">
backend miro {
  .path = "@miro";
}
</pre>
</li>
<li><p class="first">For backend requests, the timestamp from the <tt class="docutils literal"><span class="pre">Last-Modified</span></tt>
response header is now only used to create an <tt class="docutils literal"><span class="pre">If-Modified-Since</span></tt>
conditional <tt class="docutils literal">GET</tt> request if it is at least one second older than
the timestamp from the <tt class="docutils literal">Date</tt> header.</p>
</li>
<li><p class="first">Various interfaces of varnish's own socket address abstraction, VSA,
have been changed to return or take pointers to
<tt class="docutils literal">const</tt>. <tt class="docutils literal">VSA_free()</tt> has been added.</p>
</li>
<li><p class="first">Processing of Range requests has been improved: Previously, varnish
would send a 200 response with the full body when it could not
reliably determine (yet) the object size during streaming.</p>
</li>
</ul>
<!-- `RFC9110`_ : https://httpwg.org/specs/rfc9110.html#field.content-range

Now a 206 response is sent even in this case (for HTTP/1.1 as
chunked encoding) with ``*`` in place of the ``complete-length`` as
per `RFC9110`_. -->
<ul>
<li><p class="first">The <tt class="docutils literal">debug.xid</tt> CLI command now sets the next XID to be used,
rather than "one less than the next XID to be used"</p>
</li>
<li><p class="first">VXIDs are 64 bit now and the binary format of SHM and raw saved
VSL files has changed as a consequence.</p>
<p>The actual valid range for VXIDs is [1…999999999999999], so it
fits in a VRT_INTEGER.</p>
<p>At one million cache-missing single request sessions per second
VXIDs will roll over in a little over ten years:</p>
<pre class="literal-block">
(1e15-1) / (3 * 1e6  * 86400 * 365) = 10.57
</pre>
<p>That should be enough for everybody™.</p>
<p>You can test if your downstream log-chewing pipeline handle the
larger VXIDs correctly using the CLI command:</p>
<pre class="literal-block">
``debug.xid 20000000000``
</pre>
</li>
<li><p class="first">Consequently, VSL clients (log processing tools) are now
incompatible with logs and in-memory data written by previous
versions, and vice versa.</p>
</li>
<li><p class="first">Do not ESI:include failed objects unless instructed to.</p>
<p>Previously, any ESI:include object would be included, no matter
what the status of it were, 200, 503, didn't matter.</p>
<p>From now on, by default, only objects with 200 and 204 status
will be included and any other status code will fail the parent
ESI request.</p>
<p>If objects with other status should be delivered, they should
have their status changed to 200 in VCL, for instance in
<tt class="docutils literal">sub vcl_backend_error{}</tt>, <tt class="docutils literal">vcl_synth{}</tt> or <tt class="docutils literal">vcl_deliver{}</tt>.</p>
<p>If <tt class="docutils literal">param.set feature +esi_include_onerror</tt> is used, and the
<tt class="docutils literal"><esi:include …></tt> tag has a <tt class="docutils literal"><span class="pre">onerror="continue"</span></tt> attribute,
any and all ESI:include objects will be delivered, no matter what
their status might be, and not even a partial delivery of them
will fail the parent ESI request.  To be used with great caution.</p>
</li>
<li><p class="first">Backend implementations are in charge of logging their headers.</p>
</li>
<li><p class="first">VCL backend <tt class="docutils literal">probe</tt>s gained an <tt class="docutils literal">.expect_close</tt> boolean
attribute. By setting to to <tt class="docutils literal">false</tt>, backends which fail to honor
<tt class="docutils literal">Connection: close</tt> can be probed.</p>
<p>Notice that the probe <tt class="docutils literal">.timeout</tt> needs to be reached for a probe
with <tt class="docutils literal">.expect_close = false</tt> to return.</p>
</li>
<li><p class="first">Support for backend connections through a proxy with a PROXY2
preamble has been added:</p>
<ul class="simple">
<li>VCL <tt class="docutils literal">backend</tt>s gained attributes <tt class="docutils literal">.via</tt> and <tt class="docutils literal">.authority</tt></li>
<li>The <tt class="docutils literal">VRT_new_backend_clustered()</tt> and <tt class="docutils literal">VRT_new_backend()</tt>
signatures have been changed</li>
</ul>
</li>
<li><p class="first">Unused log tags (SLTs) have been removed.</p>
</li>
<li><p class="first">Directors which take and hold references to other directors via
<tt class="docutils literal">VRT_Assign_Backend()</tt> (typically any director which has other
directors as backends) are now expected to implement the new
<tt class="docutils literal">.release</tt> callback of type <tt class="docutils literal">void
vdi_release_f(VCL_BACKEND)</tt>. This function is called by
<tt class="docutils literal">VRT_DelDirector()</tt>. The implementation is expected drop any
backend references which the director holds (again using
<tt class="docutils literal">VRT_Assign_Backend()</tt> with <tt class="docutils literal">NULL</tt> as the second argument).</p>
<p>Failure to implement this callback can result in deadlocks, in
particular during VCL discard.</p>
</li>
<li><p class="first">Handling of the HTTP/2 :path pseudo header has been improved.</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-2-0-2022-09-15">
<h1>Varnish Cache 7.2.0 (2022-09-15)</h1>
<ul>
<li><p class="first">Functions <tt class="docutils literal">VRT_AddVDP()</tt>, <tt class="docutils literal">VRT_AddVFP()</tt>, <tt class="docutils literal">VRT_RemoveVDP()</tt> and
<tt class="docutils literal">VRT_RemoveVFP()</tt> are deprecated.</p>
</li>
<li><p class="first">Cookie headers generated by vmod_cookie no longer have a spurious trailing
semi-colon (<tt class="docutils literal">';'</tt>) at the end of the string. This could break VCL relying
on the previous incorrect behavior.</p>
</li>
<li><p class="first">The <tt class="docutils literal">SessClose</tt> and <tt class="docutils literal">BackendClose</tt> reason <tt class="docutils literal">rx_body</tt>, which
previously output <tt class="docutils literal">Failure receiving req.body</tt>, has been rewritten
to <tt class="docutils literal">Failure receiving body</tt>.</p>
</li>
<li><p class="first">Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded
by the cache process. Unlike VMODs that have the combined lifetime of all
the VCLs that reference them, a VEXT has the lifetime of the cache process
itself. There are no built-in extensions so far.</p>
</li>
<li><p class="first">The VCC (compilation) process no longer loads VMODs with <tt class="docutils literal">dlopen(3)</tt> to
collect their metadata.</p>
</li>
<li><p class="first">Stevedore initialization via the <tt class="docutils literal">.init()</tt> callback has been moved
to the worker process.</p>
</li>
<li><p class="first">The parameter <tt class="docutils literal">tcp_keepalive_time</tt> is supported on MacOS.</p>
</li>
<li><p class="first">Duration parameters can optionally take a unit, with the same syntax as
duration units in VCL. Example: <tt class="docutils literal">param.set default_grace 1h</tt>.</p>
</li>
<li><p class="first">Calls to <tt class="docutils literal">VRT_CacheReqBody()</tt> and <tt class="docutils literal">std.cache_req_body</tt> from outside
client vcl subs now fail properly instead of triggering an
assertion failure (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3846">3846</a>).</p>
</li>
<li><p class="first">New <tt class="docutils literal">"B"</tt> string for the package branch in <tt class="docutils literal">VCS_String()</tt>. For the 7.2.0
version, it would yield the 7.2 branch.</p>
</li>
<li><p class="first">The Varnish version and branch are available in <tt class="docutils literal">varnishtest</tt> through the
<tt class="docutils literal">${pkg_version}</tt> and <tt class="docutils literal">${pkg_branch}</tt> macros.</p>
</li>
<li><p class="first">New <tt class="docutils literal">${topsrc}</tt> macro in <tt class="docutils literal">varnishtest <span class="pre">-i</span></tt> mode.</p>
</li>
<li><p class="first">New <tt class="docutils literal">process pNAME <span class="pre">-match-text</span></tt> command in <tt class="docutils literal">varnishtest</tt> to expect
text matching a regular expression on screen.</p>
</li>
<li><p class="first">New <tt class="docutils literal">filewrite <span class="pre">[-a]</span></tt> command in <tt class="docutils literal">varnishtest</tt> to put or append a string
into a file.</p>
</li>
<li><p class="first">The new <tt class="docutils literal">vcc_feature</tt> bits parameter replaces previous <tt class="docutils literal">vcc_*</tt> boolean
parameters. The latter still exist as deprecated aliases.</p>
</li>
<li><p class="first">The <tt class="docutils literal"><span class="pre">-k</span></tt> option from <tt class="docutils literal">varnishlog</tt> is now supported by <tt class="docutils literal">varnishncsa</tt>.</p>
</li>
<li><p class="first">New functions <tt class="docutils literal">std.now()</tt> and <tt class="docutils literal">std.timed_call()</tt> in vmod_std.</p>
</li>
<li><p class="first">New <tt class="docutils literal">MAIN.shm_bytes</tt> counter.</p>
</li>
<li><p class="first">A <tt class="docutils literal">req.http.via</tt> header is set before entering <tt class="docutils literal">vcl_recv</tt>. Via headers
are generated using the <tt class="docutils literal">server.identity</tt> value. It defaults to the host
name and can be turned into a pseudonym with the <tt class="docutils literal">varnishd <span class="pre">-i</span></tt> option.
Via headers are appended in both directions, to work with other hops that
may advertise themselves.</p>
</li>
<li><p class="first">A <tt class="docutils literal">resp.http.via</tt> header is no longer overwritten by varnish, but
rather appended to.</p>
</li>
<li><p class="first">The <tt class="docutils literal">server.identity</tt> syntax is now limited to a "token" as defined in
the HTTP grammar to be suitable for Via headers.</p>
</li>
<li><p class="first">In <tt class="docutils literal">varnishtest</tt> a Varnish instance will use its VTC instance name as its
instance name (<tt class="docutils literal">varnishd <span class="pre">-i</span></tt>) by default for predictable Via headers in
test cases.</p>
</li>
<li><p class="first">VMOD and VEXT authors can use functions from <tt class="docutils literal">vnum.h</tt>.</p>
</li>
<li><p class="first">Do not filter pseudo-headers as regular headers (<a class="reference external" href="https://varnish-cache.org/security/VSV00009.html">VSV00009</a> / <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3830">3830</a>).</p>
</li>
<li><p class="first">The termination rules for <tt class="docutils literal">WRK_BgThread()</tt> were relaxed to allow VMODs to
use it.</p>
</li>
<li><p class="first"><tt class="docutils literal">(struct <span class="pre">worker).handling</span></tt> has been moved to the newly introduced
<tt class="docutils literal">struct wrk_vpi</tt> and replaced by a pointer to it, as well as
<tt class="docutils literal">(struct <span class="pre">vrt_ctx).handling</span></tt> has been replaced by that pointer.</p>
<p><tt class="docutils literal">struct wrk_vpi</tt> is for state at the interface between VRT and VGC
and, in particular, is not const as <tt class="docutils literal">struct vrt_ctx</tt> aka
<tt class="docutils literal">VRT_CTX</tt>.</p>
</li>
<li><p class="first">Panics now contain information about VCL source files and lines.</p>
</li>
<li><p class="first">The <tt class="docutils literal">Begin</tt> log record has a 4th field for subtasks like ESI sub-requests.</p>
</li>
<li><p class="first">The <tt class="docutils literal"><span class="pre">-E</span></tt> option for log utilities now works as documented, with any type
of sub-task based on the <tt class="docutils literal">Begin[4]</tt> field. This covers ESI like before,
and sub-tasks spawned by VMODs (provided that they log the new field).</p>
</li>
<li><p class="first">No more <tt class="docutils literal"><span class="pre">req.http.transfer-encoding</span></tt> for ESI sub-requests.</p>
</li>
<li><p class="first">New <tt class="docutils literal">tools/coccinelle/vcocci.sh</tt> refactoring script for internal use.</p>
</li>
<li><p class="first">The thread pool reserve is now limited to tasks that can be queued. A
backend background fetch is no longer eligible for queueing. It would
otherwise slow a grace hit down significantly when thread pools are
saturated.</p>
</li>
<li><p class="first">The unused <tt class="docutils literal">fetch_no_thread</tt> counter was renamed to <tt class="docutils literal">bgfetch_no_thread</tt>
because regular backend fetch tasks are always scheduled.</p>
</li>
<li><p class="first">The macros <tt class="docutils literal">FEATURE()</tt>, <tt class="docutils literal">EXPERIMENT()</tt>, <tt class="docutils literal">DO_DEBUG()</tt>,
<tt class="docutils literal">MGT_FEATURE()</tt>, <tt class="docutils literal">MGT_EXPERIMENT()</tt>, <tt class="docutils literal">MGT_DO_DEBUG()</tt> and
<tt class="docutils literal">MGT_VCC_FEATURE()</tt> now return a boolean value (<tt class="docutils literal">0</tt> or <tt class="docutils literal">1</tt>)
instead of the (private) flag value.</p>
</li>
<li><p class="first">There is a new <tt class="docutils literal">contrib/</tt> directory in the Varnish source tree. The first
contribution is a <tt class="docutils literal">varnishstatdiff</tt> script.</p>
</li>
<li><p class="first">A regression in the transport code led MAIN.client_req to be incremented
for requests coming back from the waiting list, it was fixed.  (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3841">3841</a>)</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-1-0-2022-03-15">
<h1>Varnish Cache 7.1.0 (2022-03-15)</h1>
<ul>
<li><p class="first">The <tt class="docutils literal">cookie.format_rfc1123()</tt> function was renamed to
<tt class="docutils literal">cookie.format_date()</tt>, and the former was retained as a
deprecated alias.</p>
</li>
<li><p class="first">The VCC file <tt class="docutils literal">$Alias</tt> stanza has been added to support vmod alias
functions/methods.</p>
</li>
<li><p class="first">VCC now supports alias symbols.</p>
</li>
<li><p class="first">There is a new <tt class="docutils literal">experimental</tt> parameter that is identical to the
<tt class="docutils literal">feature</tt> parameter, except that it guards features that may not
be considered complete or stable. An experimental feature may be
promoted to a regular feature or dropped without being considered a
breaking change.</p>
</li>
<li><p class="first">ESI includes now support the <tt class="docutils literal"><span class="pre">onerror="continue"</span></tt> attribute of
<tt class="docutils literal"><esi:include/></tt> tags.</p>
<p>The <tt class="docutils literal">+esi_include_onerror</tt> feature flag controls if the attribute
is honored: If enabled, failure of an include stops ESI processing
unless the <tt class="docutils literal"><span class="pre">onerror="continue"</span></tt> attribute was set for it.</p>
<p>The feature flag is off by default, preserving the existing behavior
to continue ESI processing despite include failures.</p>
</li>
<li><p class="first">The deprecated sub-argument of the <tt class="docutils literal"><span class="pre">-l</span></tt> option was removed, it is
now a shorthand for the <tt class="docutils literal">vsl_space</tt> parameter only.</p>
</li>
<li><p class="first">The <tt class="docutils literal"><span class="pre">-T</span></tt>, <tt class="docutils literal"><span class="pre">-M</span></tt> and <tt class="docutils literal"><span class="pre">-P</span></tt> command line options can be used
multiple times, instead of retaining only the last occurrence.</p>
</li>
<li><p class="first">The <tt class="docutils literal">debug.xid</tt> CLI command has been extended to also set and
query the VXID cache chunk size.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vtc.barrier_sync()</tt> VMOD function now also works in <tt class="docutils literal">vcl_init</tt></p>
</li>
<li><p class="first">The <tt class="docutils literal">abort</tt> command in the <tt class="docutils literal">logexpect</tt> facility of
<tt class="docutils literal">varnishtest</tt> can now be used to trigger an <tt class="docutils literal">abort()</tt> to help
debugging the vsl client library code.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vtc.vsl()</tt> and <tt class="docutils literal">vtc.vsl_replay()</tt> functions have been added
to the vtc vmod to generate arbitraty log lines for testing.</p>
</li>
<li><p class="first">The limit of the <tt class="docutils literal">vsl_reclen</tt> parameter has been corrected.</p>
</li>
<li><p class="first">Varnish now closes client connections correctly when request body
processing failed.</p>
</li>
<li><p class="first">Filter init methods of types <tt class="docutils literal">vdp_init_f</tt> and <tt class="docutils literal">vfp_init_f</tt>
gained a <tt class="docutils literal">VRT_CTX</tt> argument.</p>
</li>
<li><p class="first">The <tt class="docutils literal">param.set</tt> CLI command accepts a <tt class="docutils literal"><span class="pre">-j</span></tt> option. In this case
the JSON output is the same as <tt class="docutils literal">param.show <span class="pre">-j</span></tt> of the updated
parameter.</p>
</li>
<li><p class="first">A new <tt class="docutils literal">cc_warnings</tt> parameter contains a subset of the compiler
flags extracted from <tt class="docutils literal">cc_command</tt>, which in turn grew new
expansions:</p>
<ul class="simple">
<li><tt class="docutils literal">%d</tt>: the raw default <tt class="docutils literal">cc_command</tt></li>
<li><tt class="docutils literal">%D</tt>: the expanded default <tt class="docutils literal">cc_command</tt></li>
<li><tt class="docutils literal">%w</tt>: the <tt class="docutils literal">cc_warnings</tt> parameter</li>
<li><tt class="docutils literal">%n</tt>: the working directory (<tt class="docutils literal"><span class="pre">-n</span></tt> option)</li>
</ul>
</li>
<li><p class="first">For <tt class="docutils literal">return(pipe)</tt>, the backend transactions now emit a Start
timestamp and both client and backend transactions emit the Process
timestamp.</p>
</li>
<li><p class="first"><tt class="docutils literal">http_IsHdr()</tt> is now exposed as part of the strict ABI for VMODs.</p>
</li>
<li><p class="first">The <tt class="docutils literal">req.transport</tt> VCL variable has been added, which returns
"HTTP/1" or "HTTP/2" as appropriate.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vtc.workspace_reserve()</tt> VMOD function now zeroes memory.</p>
</li>
<li><p class="first">Parameter aliases have been added to facilitate parameter deprecation.</p>
</li>
<li><p class="first">Two bugs in the catflap facility have been fixed which could trigger
panics due to the state pointer not being cleared. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3752">3752</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3755">3755</a>)</p>
</li>
<li><p class="first">It is now possible to assign to a <tt class="docutils literal">BODY</tt> variable either a
<tt class="docutils literal">STRING</tt> type or a <tt class="docutils literal">BLOB</tt>.</p>
</li>
<li><p class="first">When the <tt class="docutils literal">vcl.show</tt> CLI command is invoked without a parameter, it
now defaults to the active VCL.</p>
</li>
<li><p class="first">The reporting of <tt class="docutils literal">logexpect</tt> events in <tt class="docutils literal">varnishtest</tt> was
rearranged for readability.</p>
</li>
<li><p class="first">Workspace debugging as enabled by the <tt class="docutils literal">+workspace</tt> debug flag is
now logged with the corresponding transaction.</p>
</li>
<li><p class="first">VMODs should now register and unregister fetch and delivery filters
with <tt class="docutils literal">VRT_AddFilter()</tt> and <tt class="docutils literal">VRT_RemoveFilter()</tt>.</p>
</li>
<li><p class="first"><tt class="docutils literal">HSH_purge()</tt> has been rewritten to properly handle concurrent
purges on the same object head.</p>
</li>
<li><p class="first"><tt class="docutils literal">VSL_WriteOpen()</tt>, <tt class="docutils literal">varnishlog</tt> and <tt class="docutils literal">varnishncsa</tt> have been
changed to support writing to stdout with <tt class="docutils literal"><span class="pre">-w</span> -</tt> when not in
daemon mode.</p>
</li>
<li><p class="first">In VSL, the case has been optimized that the space remaining in a
buffer is close to <tt class="docutils literal">vsl_reclen</tt>.</p>
</li>
<li><p class="first"><tt class="docutils literal">std.ip()</tt> has been changed to always return a valid (bogo ip)
fallback if the fallback argument is invalid.</p>
</li>
<li><p class="first">New VCL variables <tt class="docutils literal"><span class="pre">{req,req_top,resp,bereq,beresp,obj}.time</span></tt> have
been added to track when the respective object was born.</p>
</li>
<li><p class="first"><tt class="docutils literal">VRT_StaticDirector()</tt> has been added to mark directors with VCL
lifetime, to avoid the overhead of reference counting.</p>
</li>
<li><p class="first">Dynamic backends are now reference-counted, and VMOD authors must
explicitly track assignments with <tt class="docutils literal">VRT_Assign_Backend()</tt>.</p>
</li>
<li><p class="first">Varnish will use libunwind by default when available at configure
time, the <tt class="docutils literal"><span class="pre">--without-unwind</span></tt> configure flag can prevent this and
fall back to libexecinfo to generate backtraces.</p>
</li>
<li><p class="first">A new <tt class="docutils literal">debug.shutdown.delay</tt> command is available in the Varnish
CLI for testing purposes.</p>
</li>
<li><p class="first">New utility macros <tt class="docutils literal">vmin[_t]</tt>, <tt class="docutils literal">vmax[_t]</tt> and <tt class="docutils literal">vlimit[_t]</tt>
available in <tt class="docutils literal">vdef.h</tt>.</p>
</li>
<li><p class="first">The macros <tt class="docutils literal">TOSTRAND(s)</tt> and <tt class="docutils literal">TOSTRANDS(x, <span class="pre">...)</span></tt> have been added
to create a <tt class="docutils literal">struct strands *</tt> (intended to be used as a
<tt class="docutils literal">VCL_STANDS</tt>) from a single string <tt class="docutils literal">s</tt> or <tt class="docutils literal">x</tt> strings,
respectively.</p>
<p>Note that the macros create a compund literal whose scope is the
enclosing block. Their value must thus only be used within the same
block (it can be passed to called functions) and must not be
returned or referenced for use outside the enclosing block.</p>
<p>As before, <tt class="docutils literal">VRT_AllocStrandsWS()</tt> or <tt class="docutils literal">VRT_StrandsWS()</tt> must be
used to create <tt class="docutils literal">VCL_STRANDS</tt> with <em>task</em> scope for use outside the
current block.</p>
</li>
<li><p class="first">A bug in the backend connection handling code has been fixed which
could trigger an unwarranted assertion failure (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3664">3664</a>).</p>
</li>
<li><p class="first"><tt class="docutils literal">std.strftime()</tt> has been added.</p>
</li>
<li><p class="first"><tt class="docutils literal">Lck_CondWait()</tt> has lost the timeout argument and now waits
forever. <tt class="docutils literal">Lck_CondWaitUntil()</tt> and <tt class="docutils literal">Lck_CondWaitTimeout()</tt> have
been added to wait on a condition variable until some point in time
or until a timeout expires, respectively.</p>
</li>
<li><p class="first">All mutex locks in core code have been given the
<tt class="docutils literal">PTHREAD_MUTEX_ERRORCHECK</tt> attribute.</p>
</li>
<li><p class="first"><tt class="docutils literal">Host</tt> and <tt class="docutils literal"><span class="pre">Content-Length</span></tt> header checks have been moved to
protocol independent code and thus implicitly extended to HTTP2.</p>
</li>
<li><p class="first">A potential race on busy objects has been closed.</p>
</li>
<li><p class="first">Use of the <tt class="docutils literal">ObjGetSpace()</tt> for synthetic objects has been fixed to
support stevedores returning less space than requested (as permitted
by the API).</p>
</li>
<li><p class="first">The <tt class="docutils literal">FINI_OBJ()</tt> macro has been added to standardize the common
pattern of zeroing a mini object and clearing a pointer to it.</p>
</li>
<li><p class="first">The deprecated <tt class="docutils literal">vsm_space</tt> parameter was removed.</p>
</li>
<li><p class="first">The <tt class="docutils literal">varnishtest</tt> <tt class="docutils literal">err_shell</tt> commando has been removed after
having been deprecated since release 5.1.0.</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-0-1-2021-11-23">
<h1>Varnish Cache 7.0.1 (2021-11-23)</h1>
<ul>
<li><p class="first">An assertion failure has been fixed which triggered when matching bans
on non-existing headers (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3706">3706</a>).</p>
</li>
<li><p class="first">A VCL compilation issue has been fixed when calling builtin functions
directly (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3719">3719</a>).</p>
</li>
<li><p class="first">It is now again possible to concatenate static strings to produce
combined strings of type VCL_REGEX (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3726">3721</a>).</p>
</li>
<li><p class="first">An issue has been fixed that would cause the VCL dependency checker to
incorrectly flag VCLs as dependants of other VCLs when using labels,
preventing them from being discarded (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3734">3734</a>).</p>
</li>
<li><p class="first">VCLs loaded through CLI or the use of startup CLI scripts (-I option to
<cite>varnishd</cite>) will, when no active VCL has previously been set, no longer
automatically set the first VCL loaded to the active VCL. This prevents
situations where it was possible to make a cold VCL the active VCL
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3737">3737</a>).</p>
</li>
<li><p class="first">There is now a <cite>configure</cite> build-time requirement on working SO_RCVTIMEO
and SO_SNDTIMEO socket options.</p>
<p>We no longer check whether they effectively work, so the
<tt class="docutils literal">SO_RCVTIMEO_WORKS</tt> feature check has been removed from
<tt class="docutils literal">varnishtest</tt>.</p>
</li>
<li><p class="first">The socket option inheritance checks now correctly identifies situations
where UDS and TCP listening sockets behave differently, and are no
longer subject to the order the inheritance checks happens to be
executed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/3732">3732</a>).</p>
</li>
<li><p class="first">IPv6 listen endpoint address strings are now printed using brackets.</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-7-0-0-2021-09-15">
<h1>Varnish Cache 7.0.0 (2021-09-15)</h1>
<ul class="simple">
<li>Added convenience <tt class="docutils literal">vrt_null_strands</tt> and <tt class="docutils literal">vrt_null_blob</tt> constants.</li>
<li>New VCL flag syntax <tt class="docutils literal">foo <name> +bar <span class="pre">-baz</span> { ... }</tt>, starting with ACL
flags <tt class="docutils literal">log</tt>, <tt class="docutils literal">pedantic</tt> and <tt class="docutils literal">table</tt>.</li>
<li>ACLs no longer produce VSL <tt class="docutils literal">VCL_acl</tt> records by default, this must be
explicitly enabled with <tt class="docutils literal">acl <name> +log { ... }</tt>.</li>
<li>ACLs can be compiled into a table format, which runs a little bit
slower, but compiles much faster for large ACLs.</li>
<li>ACLs default to <tt class="docutils literal">pedantic</tt> which is now a per-ACL feature flag.</li>
<li>New <tt class="docutils literal">glob</tt> flag for VCL <tt class="docutils literal">include</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3193">3193</a>).</li>
<li>The maximum number of headers for a request or a response in <tt class="docutils literal">varnishtest</tt>
was increased to 64.</li>
<li>The backend lock class from struct backend was moved to struct director and
renamed accordingly.</li>
<li>New <tt class="docutils literal">%{sec,msec,usec,msec_frac,usec_frac}t</tt> formats in <tt class="docutils literal">varnishncsa</tt>.</li>
<li><tt class="docutils literal">vstrerror()</tt> was renamed to <tt class="docutils literal">VAS_errtxt()</tt>.</li>
<li>New <tt class="docutils literal">varnishncsa <span class="pre">-j</span></tt> option to format for JSON (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3595">3595</a>).</li>
<li>To skip a test in the <em>presence</em> of a feature instead of it absence, a new
<tt class="docutils literal">feature !<name></tt> syntax was added to <tt class="docutils literal">varnishtest</tt>.</li>
<li>Accept-Ranges headers are no longer generated for passed objects,
but must either come from the backend or be created in <tt class="docutils literal">vcl_deliver{}</tt>
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3251">3251</a>).</li>
<li>The busyobj <tt class="docutils literal">do_pass</tt> flag is gone in favor of <tt class="docutils literal">uncacheable</tt>.</li>
<li>The objcore flag ABANDON was renamed to CANCEL.</li>
<li>'Scientific Notation' numbers like 6.62607004e-34 are no longer
supported in VCL.  (The preparation of RFC8941 made it clear that
there are neither reason nor any need to support scientific notation
in context of HTTP headers.</li>
<li>New <tt class="docutils literal">tunnel</tt> command in <tt class="docutils literal">varnishtest</tt> to gain the ability to
shape traffic between two peers without having to change their
implementation.</li>
<li>Global VCL symbols can be defined after use (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3555">3555</a>).</li>
<li>New <tt class="docutils literal">req.hash_ignore_vary</tt> flag in VCL.</li>
<li><tt class="docutils literal">varnishtest</tt> can register macros backed by functions, which is the case
for <tt class="docutils literal">${date}</tt> and the brand new <tt class="docutils literal"><span class="pre">${string,<action>[,<args>...]}</span></tt> macro
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3627">3627</a>).</li>
<li>Migration to pcre2 with extensive changes to the VRE API, parameters renamed
to <tt class="docutils literal">pcre2_match_limit</tt> and <tt class="docutils literal">pcre2_depth_limit</tt>, and the addition of a
new <tt class="docutils literal">pcre2_jit_compilation</tt> parameter. The <tt class="docutils literal">varnishtest</tt> undocumented
feature check <tt class="docutils literal">pcre_jit</tt> is gone (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3635">3635</a>). This change is transparent at
the VRT layer and only affects direct VRE consumers.</li>
<li>New inverted mode in <tt class="docutils literal"><span class="pre">vtc-bisect.sh</span></tt> to find the opposite of regressions.</li>
<li>The default values for <tt class="docutils literal">workspace_client</tt>, <tt class="docutils literal">workspace_backend</tt> and
<tt class="docutils literal">vsl_buffer</tt> on 64bit systems were increased to respectively 96kB, 96kB
and 16kB (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3648">3648</a>).</li>
<li>The deprecated <tt class="docutils literal">WS_Inside()</tt> was replaced with <tt class="docutils literal">WS_Allocated()</tt> and
<tt class="docutils literal">WS_Front()</tt> was removed.</li>
<li>VCL header names can be quoted, for example <tt class="docutils literal"><span class="pre">req.http."valid.name"</span></tt>.</li>
<li>Added <tt class="docutils literal">VRT_UnsetHdr()</tt> and removed <tt class="docutils literal">vrt_magic_string_unset</tt>.</li>
<li>Removed depcreated <tt class="docutils literal">STRING_LIST</tt> in favor of <tt class="docutils literal">STRANDS</tt>. All functions
that previously took a <tt class="docutils literal">STRING_LIST</tt> had <tt class="docutils literal">const char *, ...</tt> arguments,
they now take <tt class="docutils literal">const char *, VCL_STRANDS</tt> arguments. The magic cookie
<tt class="docutils literal">vrt_magic_string_end</tt> is gone and <tt class="docutils literal">VRT_CollectStrands()</tt> was renamed to
<tt class="docutils literal">VRT_STRANDS_string()</tt>.</li>
<li>The default value for <tt class="docutils literal">thread_pool_stack</tt> was increased to 80kB for 64bit
systems and 64kB for 32bit to accomodate the PCRE2 jit compiler.</li>
<li>Removed deprecated <tt class="docutils literal">VSB_new()</tt> and <tt class="docutils literal">VSB_delete()</tt>, which resulted in a
major soname bump of libvarnishapi to 3.0.0, instead of the 2.7.0 version
initially planned.</li>
<li>The default workdir (the default <tt class="docutils literal"><span class="pre">-n</span></tt> argument) is now <tt class="docutils literal">/var/run</tt>
instead of <tt class="docutils literal"><span class="pre">${prefix}/var</span></tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3672">3672</a>). Packages usually configure this to
match local customs.</li>
<li>The minimum <tt class="docutils literal">session_workspace</tt> is now 384 bytes</li>
<li>Emit minimal 500 response if <tt class="docutils literal">vcl_synth</tt> fails (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3441">3441</a>).</li>
<li>New <tt class="docutils literal"><span class="pre">--enable-coverage</span></tt> configure flag, and renovated sanitizer setup.</li>
<li>New feature checks in <tt class="docutils literal">varnishtest</tt>: <tt class="docutils literal">sanitizer</tt>, <tt class="docutils literal">asan</tt>, <tt class="docutils literal">lsan</tt>,
<tt class="docutils literal">msan</tt>, <tt class="docutils literal">ubsan</tt> and <tt class="docutils literal">coverage</tt>.</li>
<li>New <tt class="docutils literal"><span class="pre">--enable-workspace-emulator</span></tt> configure flag to swap the worksapce
implementation with a sparse one ideal for fuzzing (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3644">3644</a>).</li>
<li>Strict comparison of items from the HTTP grammar (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3650">3650</a>).</li>
<li>New request body h2 window handling using a buffer to avoid stalling an
entire h2 session until the relevant stream starts consuming DATA frames.
As a result the minimum value for <tt class="docutils literal">h2_initial_window_size</tt> is now 65535B
to avoid running out of buffer with a negative window that was simpler to
not tolerate, and a new <tt class="docutils literal">h2_rxbuf_storage</tt> parameter was added (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3661">3661</a>).</li>
<li><tt class="docutils literal">SLT_Hit</tt> now includes streaming progress when relevant.</li>
<li>The <tt class="docutils literal">http_range_support</tt> adds consistency checks for pass transactions
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3673">3673</a>).</li>
<li>New <tt class="docutils literal">VNUM_uint()</tt> and <tt class="docutils literal">VNUM_hex()</tt> functions geared at token parsing.</li>
</ul>
</div>
<div class="section" id="varnish-cache-6-6-0-2021-03-15">
<h1>Varnish Cache 6.6.0 (2021-03-15)</h1>
<ul>
<li><p class="first">Body bytes accounting has been fixed to always represent the number
of bodybytes moved on the wire, exclusive of protocol-specific
overhead like HTTP/1 chunked encoding or HTTP/2 framing.</p>
<p>This change affects counters like</p>
<ul class="simple">
<li><tt class="docutils literal">MAIN.s_req_bodybytes</tt>,</li>
<li><tt class="docutils literal">MAIN.s_resp_bodybytes</tt>,</li>
<li><tt class="docutils literal"><span class="pre">VBE.*.*.bereq_bodybytes</span></tt> and</li>
<li><tt class="docutils literal"><span class="pre">VBE.*.*.beresp_bodybytes</span></tt></li>
</ul>
<p>as well as the VSL records</p>
<ul class="simple">
<li><tt class="docutils literal">ReqAcct</tt>,</li>
<li><tt class="docutils literal">PipeAcct</tt> and</li>
<li><tt class="docutils literal">BereqAcct</tt>.</li>
</ul>
</li>
<li><p class="first"><tt class="docutils literal">VdpAcct</tt> log records have been added to output delivery filter
(VDP) accounting details analogous to the existing <tt class="docutils literal">VfpAcct</tt>. Both
tags are masked by default.</p>
</li>
<li><p class="first">Many filter (VDP/VFP) related signatures have been changed:</p>
<ul class="simple">
<li><tt class="docutils literal">vdp_init_f</tt></li>
<li><tt class="docutils literal">vdp_fini_f</tt></li>
<li><tt class="docutils literal">vdp_bytes_f</tt></li>
<li><tt class="docutils literal">VDP_bytes()</tt></li>
</ul>
<p>as well as <tt class="docutils literal">struct vdp_entry</tt> and <tt class="docutils literal">struct vdp_ctx</tt></p>
<p><tt class="docutils literal">VFP_Push()</tt> and <tt class="docutils literal">VDP_Push()</tt> are no longer intended for VMOD
use and have been removed from the API.</p>
</li>
<li><p class="first">The VDP code is now more strict about <tt class="docutils literal">VDP_END</tt>, which must be
sent down the filter chain at most once.</p>
</li>
<li><p class="first">Core code has been changed to ensure for most cases that <tt class="docutils literal">VDP_END</tt>
gets signaled with the object's last bytes, rather than with an
extra zero-data call.</p>
</li>
<li><p class="first">Reason phrases for more HTTP Status codes have been added to core
code.</p>
</li>
<li><p class="first">Connection pooling behavior has been improved with respect to
<tt class="docutils literal">Connection: close</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3400">3400</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3405">3405</a>).</p>
</li>
<li><p class="first">Handling of the <tt class="docutils literal"><span class="pre">Keep-Alive</span></tt> HTTP header as hop-by-hop has been
fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3417">3417</a>).</p>
</li>
<li><p class="first">Handling of hop-by-hop headers has been fixed for HTTP/2 (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3416">3416</a>).</p>
</li>
<li><p class="first">The stevedore API has been changed:</p>
<ul class="simple">
<li><tt class="docutils literal">OBJ_ITER_FINAL</tt> has been renamed to <tt class="docutils literal">OBJ_ITER_END</tt></li>
<li><tt class="docutils literal">ObjExtend()</tt> signature has been changed to also cover the
<tt class="docutils literal">ObjTrimStore()</tt> use case and</li>
<li><tt class="docutils literal">ObjTrimStore()</tt> has been removed.</li>
</ul>
</li>
<li><p class="first">The <tt class="docutils literal">verrno.h</tt> header file has been removed and merged into
<tt class="docutils literal">vas.h</tt></p>
</li>
<li><p class="first">The connection close reason has been fixed to properly report
<tt class="docutils literal">SC_RESP_CLOSE</tt> / <tt class="docutils literal">resp_close</tt> where previously only
<tt class="docutils literal">SC_REQ_CLOSE</tt> / <tt class="docutils literal">req_close</tt> was reported.</p>
</li>
<li><p class="first">Unless the new <tt class="docutils literal">validate_headers</tt> feature is disabled, all newly
set headers are now validated to contain only characters allowed by
RFC7230. A (runtime) VCL failure is triggered if not (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3407">3407</a>).</p>
</li>
<li><p class="first"><tt class="docutils literal">VRT_ValidHdr()</tt> has been added for vmods to conduct the same
check as the <tt class="docutils literal">validate_headers</tt> feature, for example when headers
are set by vmods using the <tt class="docutils literal">cache_http.c</tt> Functions like
<tt class="docutils literal">http_ForceHeader()</tt> from untrusted input.</p>
</li>
<li><p class="first">The shard director now supports reconfiguration (adding/removing
backends) of several instances without any special ordering
requirement.</p>
</li>
<li><p class="first">Calling the shard director <tt class="docutils literal">.reconfigure()</tt> method is now
optional. If not called explicitly, any shard director backend
changes are applied at the end of the current task.</p>
</li>
<li><p class="first">Shard director <tt class="docutils literal">Error</tt> log messages with <tt class="docutils literal">(notice)</tt> have been
turned into <tt class="docutils literal">Notice</tt> log messages.</p>
</li>
<li><p class="first">All shard <tt class="docutils literal">Error</tt> and <tt class="docutils literal">Notice</tt> messages now use the unified
prefix <tt class="docutils literal">vmod_directors: shard %s</tt>.</p>
</li>
<li><p class="first">In the shard director, use of parameter sets with <tt class="docutils literal">resolve=NOW</tt>
has been fixed.</p>
</li>
<li><p class="first">Performance of log-processing tools like <tt class="docutils literal">varnishlog</tt> has been
improved by using <tt class="docutils literal">mmap()</tt> if possible when reading from log
files.</p>
</li>
<li><p class="first">An assertion failure has been fixed which could be triggered when a
request body was used with restarts (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3433">3433</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3434">3434</a>).</p>
</li>
<li><p class="first">A signal handling bug in the Varnish Utility API (VUT) has been
fixed which caused log-processing utilities to perform poorly after
a signal had been received (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3436">3436</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">client.identity</tt> variable is now accessible on the backend
side.</p>
</li>
<li><p class="first">Client and backend finite state machine internals (<tt class="docutils literal">enum req_step</tt>
and <tt class="docutils literal">enum fetch_step</tt>) have been removed from <tt class="docutils literal">cache.h</tt>.</p>
</li>
<li><p class="first">Three new <tt class="docutils literal">Timestamp</tt> VSL records have been added to backend
request processing:</p>
<ul class="simple">
<li>The <tt class="docutils literal">Process</tt> timestamp after <tt class="docutils literal">return(deliver)</tt> or
<tt class="docutils literal">return(pass(x))</tt> from <tt class="docutils literal">vcl_backend_response</tt>,</li>
<li>the <tt class="docutils literal">Fetch</tt> timestamp before a backend connection is requested
and</li>
<li>the <tt class="docutils literal">Connected</tt> timestamp when a connection to a regular backend
(VBE) is established, or when a recycled connection was selected for
reuse.</li>
</ul>
</li>
<li><p class="first">The VRT backend interface has been changed:</p>
<ul>
<li><p class="first"><tt class="docutils literal">struct vrt_endpoint</tt> has been added describing a UDS or TCP
endpoint for a backend to connect to.</p>
<p>Endpoints also support a preamble to be sent with every new
connection.</p>
</li>
<li><p class="first">This structure needs to be passed via the <tt class="docutils literal">endpoint</tt> member of
<tt class="docutils literal">struct vrt_backend</tt> when creating backends with
<tt class="docutils literal">VRT_new_backend()</tt> or <tt class="docutils literal">VRT_new_backend_clustered()</tt>.</p>
</li>
</ul>
</li>
<li><p class="first"><tt class="docutils literal">VRT_Endpoint_Clone()</tt> has been added to facilitate working with
endpoints.</p>
</li>
<li><p class="first">The variables <tt class="docutils literal">bereq.is_hitpass</tt> and <tt class="docutils literal">bereq.is_hitmiss</tt> have
been added to the backend side matching <tt class="docutils literal">req.is_hitpass</tt> and
<tt class="docutils literal">req.is_hitmiss</tt> on the client side.</p>
</li>
<li><p class="first">The <tt class="docutils literal">set_ip_tos()</tt> function from the bundled <tt class="docutils literal">std</tt> vmod now sets
the IPv6 Taffic Class (TCLASS) when used on an IPv6 connection.</p>
</li>
<li><p class="first">A bug has been fixed which could lead to varnish failing to start
after updates due to outdated content of the <tt class="docutils literal">vmod_cache</tt>
directory (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3243">3243</a>).</p>
</li>
<li><p class="first">An issue has been addressed where using VCL with a high number of
literal strings could lead to prolonged c-compiler runtimes since
Varnish-Cache 6.3 (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3392">3392</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">MAIN.esi_req</tt> counter has been added as a statistic of the
number of ESI sub requests created.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vcl.discard</tt> CLI command can now be used to discard more than
one VCL with a single command, which succeeds only if all given VCLs
could be discarded (atomic behavior).</p>
</li>
<li><p class="first">The <tt class="docutils literal">vcl.discard</tt> CLI command now supports glob patterns for vcl names.</p>
</li>
<li><p class="first">The <tt class="docutils literal">vcl.deps</tt> CLI command has been added to output dependencies
between VCLs (because of labels and <tt class="docutils literal">return(vcl)</tt> statements).</p>
</li>
<li><p class="first">The <tt class="docutils literal">FetchError</tt> log message <tt class="docutils literal">Timed out reusing backend
connection</tt> has been renamed to <tt class="docutils literal">first byte timeout (reused
connection)</tt> to clarify that it is emit for effectively the same
reason as <tt class="docutils literal">first byte timeout</tt>.</p>
</li>
<li><p class="first">Long strings in VCL can now also be denoted using <tt class="docutils literal">""" ... """</tt> in
addition to the existing <tt class="docutils literal">{" ... "}</tt>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">pdiff()</tt> function declaration has been moved from <tt class="docutils literal">cache.h</tt>
to <tt class="docutils literal">vas.h</tt>.</p>
</li>
<li><p class="first">The interface for private pointers in VMODs has been changed:</p>
<ul class="simple">
<li>The <tt class="docutils literal">free</tt> pointer in <tt class="docutils literal">struct vmod_priv</tt> has been replaced
with a pointer to <tt class="docutils literal">struct vmod_priv_methods</tt>, to where the
pointer to the former free callback has been moved as the <tt class="docutils literal">fini</tt>
member.</li>
<li>The former free callback type has been renamed from
<tt class="docutils literal">vmod_priv_free_f</tt> to <tt class="docutils literal">vmod_priv_fini_f</tt> and as gained a
<tt class="docutils literal">VRT_CTX</tt> argument</li>
</ul>
</li>
<li><p class="first">The <tt class="docutils literal">MAIN.s_bgfetch</tt> counter has been added as a statistic on the
number of background fetches issues.</p>
</li>
<li><p class="first">Various improvements have been made to the <tt class="docutils literal">varnishtest</tt> facility:</p>
<ul class="simple">
<li>the <tt class="docutils literal">loop</tt> keyword now works everywhere</li>
<li>HTTP/2 logging has been improved</li>
<li>Default HTTP/2 parameters have been tweaked (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3442">3442</a>)</li>
<li>Varnish listen address information is now available by default in
the macros <tt class="docutils literal">${vNAME_addr}</tt>, <tt class="docutils literal">${vNAME_port}</tt> and
<tt class="docutils literal">${vNAME_sock}</tt>. Macros by the names <tt class="docutils literal">${vNAME_SOCKET_*}</tt>
contain the address information for each listen socket as created
with the <tt class="docutils literal"><span class="pre">-a</span></tt> argument to <tt class="docutils literal">varnishd</tt>.</li>
<li>Synchronization points for counters (VSCs) have been added as
<tt class="docutils literal">varnish vNAME <span class="pre">-expect</span> PATTERN OP PATTERN</tt></li>
<li>varnishtest now also works with IPv6 setups</li>
<li><tt class="docutils literal">feature ipv4</tt> and <tt class="docutils literal">feature ipv6</tt> can be used to control
execution of test cases which require one or the other protocol.</li>
<li>haproxy arguments can now be externally provided through the
<tt class="docutils literal">HAPROXY_ARGS</tt> variable.</li>
<li>logexpect now supports alternatives with the <tt class="docutils literal">expect ? ...</tt> syntax
and negative matches with the <tt class="docutils literal">fail add ...</tt> and <tt class="docutils literal">fail clear</tt>
syntax.</li>
<li>The overall logexpect match expectation can now be inverted using
the <tt class="docutils literal"><span class="pre">-err</span></tt> argument.</li>
<li>Numeric comparisons for HTTP headers have been added: <tt class="docutils literal"><span class="pre">-lt</span></tt>,
<tt class="docutils literal"><span class="pre">-le</span></tt>, <tt class="docutils literal"><span class="pre">-eq</span></tt>, <tt class="docutils literal"><span class="pre">-ne</span></tt>, <tt class="docutils literal"><span class="pre">-ge</span></tt>, <tt class="docutils literal"><span class="pre">-gt</span></tt></li>
<li><tt class="docutils literal">rxdata <span class="pre">-some</span></tt> has been fixed.</li>
</ul>
</li>
<li><p class="first">The <tt class="docutils literal">ban_cutoff</tt> parameter now refers to the overall length of the
ban list, including completed bans, where before only non-completed
("active") bans were counted towards <tt class="docutils literal">ban_cutoff</tt>.</p>
</li>
<li><p class="first">A race in the round-robin director has been fixed which could lead
to backend requests failing when backends in the director were sick
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3473">3473</a>).</p>
</li>
<li><p class="first">A race in the probe management has been fixed which could lead to a
panic when VCLs changed temperature in general and when
<tt class="docutils literal">vcl.discard</tt> was used in particular (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3362">3362</a>).</p>
</li>
<li><p class="first">A bug has been fixed which lead to counters (VSCs) of backends from
cold VCLs being presented (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3358">3358</a>).</p>
</li>
<li><p class="first">A bug in <tt class="docutils literal">varnishncsa</tt> has been fixed which could lead to it
crashing when header fields were referenced which did not exist in
the processed logs (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3485">3485</a>).</p>
</li>
<li><p class="first">For failing PROXY connections, <tt class="docutils literal">SessClose</tt> now provides more
detailed information on the cause of the failure.</p>
</li>
<li><p class="first">The <tt class="docutils literal">std.ban()</tt> and <tt class="docutils literal">std.ban_error()</tt> functions have been added
to the <tt class="docutils literal">std</tt> vmod, allowing VCL to check for ban errors.</p>
</li>
<li><p class="first">Use of the <tt class="docutils literal">ban()</tt> built-in VCL command is now deprecated.</p>
</li>
<li><p class="first">The source tree has been reorganized with all vmods now moved to a
single <tt class="docutils literal">vmod</tt> directory.</p>
</li>
<li><p class="first"><tt class="docutils literal">vmodtool.py</tt> has been improved to simplify Makefiles when many
VMODs are built in a single directory.</p>
</li>
<li><p class="first">The <tt class="docutils literal">VSA_getsockname()</tt> and <tt class="docutils literal">VSA_getpeername()</tt> functions have
been added to get address information of file descriptors.</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishd</tt> now supports the <tt class="docutils literal"><span class="pre">-b</span> none</tt> argument to start with
only the builtin VCL and no backend at all (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3067">3067</a>).</p>
</li>
<li><p class="first">Some corner cases of IPv6 support in <tt class="docutils literal">varnishd</tt> have been fixed.</p>
</li>
<li><p class="first"><tt class="docutils literal">vcl_pipe {}</tt>: <tt class="docutils literal">return(synth)</tt> and vmod private state support
have been fixed. Trying to use <tt class="docutils literal">std.rollback()</tt> from <tt class="docutils literal">vcl_pipe</tt>
now results in VCL failure (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3329">3329</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3330">3330</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3385">3385</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">bereq.xid</tt> variable is now also available in <tt class="docutils literal">vcl_pipe {}</tt></p>
</li>
<li><p class="first">The <tt class="docutils literal">VRT_priv_task_get()</tt> and <tt class="docutils literal">VRT_priv_top_get()</tt> functions
have been added to VRT to allow vmods to retrieve existing
<tt class="docutils literal">PRIV_TASK</tt> / <tt class="docutils literal">PRIV_TOP</tt> private pointers without creating any.</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishstat</tt> now avoids display errors of gauges which previously
could underflow to negative values, being displayed as extremely
high positive values.</p>
<p>The <tt class="docutils literal"><span class="pre">-r</span></tt> option and the <tt class="docutils literal">r</tt> key binding have been added to
return to the previous behavior. When raw mode is active in
<tt class="docutils literal">varnishstat</tt> interactive (curses) mode, the word <tt class="docutils literal">RAW</tt> is
displayed at the right hand side in the lower status line.</p>
</li>
<li><p class="first">The <tt class="docutils literal">VSC_IsRaw()</tt> function has been added to <tt class="docutils literal">libvarnishapi</tt> to
query if a gauge is being returned raw or adjusted.</p>
</li>
<li><p class="first">The <tt class="docutils literal">busy_stats_rate</tt> feature flag has been added to ensure
statistics updates (as configured using the <tt class="docutils literal">thread_stats_rate</tt>
parameter) even in scenarios where worker threads never run out
of tasks and may remain forever busy.</p>
</li>
<li><p class="first"><tt class="docutils literal">ExpKill</tt> log (VSL) records are now masked by default. See the
<tt class="docutils literal">vsl_mask</tt> parameter.</p>
</li>
<li><p class="first">A bug has been fixed which could lead to panics when ESI was used
with ESI-aware VMODs were used because <tt class="docutils literal">PRIV_TOP</tt> vmod private
state was created on a wrong workspace (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3496">3496</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">VCL_REGEX</tt> data type is now supported for VMODs, allowing
them to use regular expression literals checked and compiled by the
VCL compiler infrastructure.</p>
<p>Consequently, the <tt class="docutils literal">VRT_re_init()</tt> and <tt class="docutils literal">VRT_re_fini()</tt> functions
have been removed, because they are not required and their use was
probably wrong anyway.</p>
</li>
<li><p class="first">The <tt class="docutils literal">filter_re</tt>, <tt class="docutils literal">keep_re</tt> and <tt class="docutils literal">get_re</tt> functions from the
bundled <tt class="docutils literal">cookie</tt> vmod have been changed to take the <tt class="docutils literal">VCL_REGEX</tt>
type. This implies that their regular expression arguments now need
to be literal, whereas before they could be taken from some other
variable or function returning <tt class="docutils literal">VCL_STRING</tt>.</p>
<p>Note that these functions never actually handled _dynamic_ regexen,
the string passed with the first call was compiled to a regex, which
was then used for the lifetime of the respective VCL.</p>
</li>
<li><p class="first">The <tt class="docutils literal">%{X}T</tt> format has been added to <tt class="docutils literal">varnishncsa</tt>, which
generalizes <tt class="docutils literal">%D</tt> and <tt class="docutils literal">%T</tt>, but also support milliseconds
(<tt class="docutils literal">ms</tt>) output.</p>
</li>
<li><p class="first">Error handling has been fixed when vmod functions/methods with
<tt class="docutils literal">PRIV_TASK</tt> arguments were wrongly called from the backend side
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3498">3498</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">varnishncsa</tt> <tt class="docutils literal"><span class="pre">-E</span></tt> argument to show ESI requests has been
changed to imply <tt class="docutils literal"><span class="pre">-c</span></tt> (client mode).</p>
</li>
<li><p class="first">Error handling and performance of the VSL (shared log) client code
in <tt class="docutils literal">libvarnishapi</tt> have been improved (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3501">3501</a>).</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishlog</tt> now supports the <tt class="docutils literal"><span class="pre">-u</span></tt> option to write to a file
specified with <tt class="docutils literal"><span class="pre">-w</span></tt> unbuffered.</p>
</li>
<li><p class="first">Comparisons of numbers in VSL queries have been improved to match
better the behavior which is likely expected by users who have not
read the documentation in all detail (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3463">3463</a>).</p>
</li>
<li><p class="first">A bug in the ESI code has been fixed which could trigger a panic
when no storage space was available (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3502">3502</a>).</p>
</li>
<li><p class="first">The <tt class="docutils literal">resp.proto</tt> variable is now read-only as it should have been
for long.</p>
</li>
<li><p class="first"><tt class="docutils literal">VTCP_open()</tt> has been fixed to try all possible addresses from
the resolver before giving up (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3509">3509</a>). This bug could cause
confusing error messages (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3510">3510</a>).</p>
</li>
<li><p class="first"><tt class="docutils literal">VRT_synth_blob()</tt> and <tt class="docutils literal">VRT_synth_strands()</tt> have been
added. The latter should now be used instead of <tt class="docutils literal">VRT_synth_page()</tt>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">VCL_SUB</tt> data type is now supported for VMODs to save
references to subroutines to be called later using
<tt class="docutils literal">VRT_call()</tt>. Calls from a wrong context (e.g. calling a
subroutine accessing <tt class="docutils literal">req</tt> from the backend side) and recursive
calls fail the VCL.</p>
<p>See <a class="reference external" href="https://varnish-cache.org/docs/trunk/reference/vmod.html">VMOD - Varnish Modules</a> in the Reference Manual.</p>
</li>
</ul>
<blockquote>
VMOD functions can also return the <tt class="docutils literal">VCL_SUB</tt> data type for calls
from VCL as in <tt class="docutils literal">call <span class="pre">vmod.returning_sub();</span></tt>.</blockquote>
<ul>
<li><p class="first"><tt class="docutils literal">VRT_check_call()</tt> can be used to check if a <tt class="docutils literal">VRT_call()</tt> would
succeed in order to avoid the potential VCL failure in case it would
not.</p>
<p>It returns <tt class="docutils literal">NULL</tt> if <tt class="docutils literal">VRT_call()</tt> would make the call or an
error string why not.</p>
</li>
<li><p class="first"><tt class="docutils literal">VRT_handled()</tt> has been added, which is now to be used instead of
access to the <tt class="docutils literal">handling</tt> member of <tt class="docutils literal">VRT_CTX</tt>.</p>
</li>
<li><p class="first">The session close reason logging/statistics for HTTP/2 connections
have been improved (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3393">3393</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishadm</tt> now has the <tt class="docutils literal"><span class="pre">-p</span></tt> option to disable readline support
for use in scripts and as a generic CLI connector.</p>
</li>
<li><p class="first">A log (VSL) <tt class="docutils literal">Notice</tt> record is now emitted whenever more than
<tt class="docutils literal">vary_notice</tt> variants are encountered in the cache for a specific
hash. The new <tt class="docutils literal">vary_notice</tt> parameter defaults to 10.</p>
</li>
<li><p class="first">The modulus operator <tt class="docutils literal">%</tt> has been added to VCL.</p>
</li>
<li><p class="first"><tt class="docutils literal">return(retry)</tt> from <tt class="docutils literal">vcl_backend_error {}</tt> now correctly resets
<tt class="docutils literal">beresp.status</tt> and <tt class="docutils literal">beresp.reason</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3525">3525</a>).</p>
</li>
<li><p class="first">Handling of the <tt class="docutils literal">gunzip</tt> filter with ESI has been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3529">3529</a>).</p>
</li>
<li><p class="first">A bug where the <tt class="docutils literal">threads_limited</tt> counter could be increased
without reason has been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3531">3531</a>).</p>
</li>
<li><p class="first">All varnish tools using the VUT library utilities for argument
processing now support the <tt class="docutils literal"><span class="pre">--optstring</span></tt> argument to return a
string suitable for use with <tt class="docutils literal">getopts</tt> from shell scripts.</p>
</li>
<li><p class="first">An issue with high CPU consumption when the maximum number of
threads was reached has been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2942">2942</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3531">3531</a>)</p>
</li>
<li><p class="first">HTTP/2 streams are now reset for filter chain (VDP) errors.</p>
</li>
<li><p class="first">The task priority of incoming connections has been fixed.</p>
</li>
<li><p class="first">An issue has been addressed where the watchdog facility could
misfire when tasks are queued.</p>
</li>
<li><p class="first">The builtin VCL has been reworked: VCL code has been split into
small subroutines, which custom VCL can prepend custom code to.</p>
<p>This allows for better integration of custom VCL and the built-in
VCL and better reuse.</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-6-5-1-2020-09-25">
<h1>Varnish Cache 6.5.1 (2020-09-25)</h1>
<ul class="simple">
<li>Bump the VRT_MAJOR_VERSION from 11 to 12, to reflect the API changes
that went into the 6.5.0 release. This step was forgotten for that
release.</li>
</ul>
</div>
<div class="section" id="varnish-cache-6-5-0-2020-09-15">
<h1>Varnish Cache 6.5.0 (2020-09-15)</h1>
<p>[ABI] marks potentially breaking changes to binary compatibility.</p>
<p>[API] marks potentially breaking changes to source compatibility
(implies [ABI]).</p>
<ul>
<li><p class="first"><tt class="docutils literal">varnishstat</tt> now has a help screen, available via the <tt class="docutils literal">h</tt> key
in curses mode</p>
</li>
<li><p class="first">The initial <tt class="docutils literal">varnishstat</tt> verbosity has been changed to ensure any
fields specified by the <tt class="docutils literal"><span class="pre">-f</span></tt> argument are visible (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2990">2990</a>)</p>
</li>
<li><p class="first">Fixed handling of out-of-workspace conditions after
<tt class="docutils literal">vcl_backend_response</tt> and <tt class="docutils literal">vcl_deliver</tt> during filter
initialization (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3253">3253</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3241">3241</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">PRIV_TOP</tt> is now thread-safe to support parallel ESI
implementations</p>
</li>
<li><p class="first"><tt class="docutils literal">varnishstat</tt> JSON format (<tt class="docutils literal"><span class="pre">-j</span></tt> option) has been changed:</p>
<ul>
<li><p class="first">on the top level, a <tt class="docutils literal">version</tt> identifier has been introduced,
which will be used to mark future breaking changes to the JSON
formatting. It will not be used to mark changes to the counters
themselves.</p>
<p>The new <tt class="docutils literal">version</tt> is <tt class="docutils literal">1</tt>.</p>
</li>
<li><p class="first">All counters have been moved down one level to the <tt class="docutils literal">counters</tt>
object.</p>
</li>
</ul>
</li>
<li><p class="first"><tt class="docutils literal">VSA_BuildFAP()</tt> has been added as a convenience function to
build a <tt class="docutils literal">struct suckaddr</tt></p>
</li>
<li><p class="first">Depending on the setting of the new <tt class="docutils literal">vcc_acl_pedantic</tt> parameter,
VCC now either emits a warning or fails if network numbers used in
ACLs do not have an all-zero host part.</p>
<p>For <tt class="docutils literal">vcc_acl_pedantic</tt> off, the host part is fixed to all-zero and
that fact logged with the <tt class="docutils literal">ACL</tt> VSL tag.</p>
</li>
<li><p class="first">Fixed error handling during object creation after
<tt class="docutils literal">vcl_backend_response</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3273">3273</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">obj.can_esi</tt> has been added to identify if the response can be
ESI processed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3002">3002</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">resp.filters</tt> now contains a correct value when the
auto-determined filter list is read (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3002">3002</a>)</p>
</li>
<li><p class="first">It is now a VCL (runtime) error to write to <tt class="docutils literal">resp.do_*</tt> and
<tt class="docutils literal">beresp.do_*</tt> fields which determine the filter list after setting
<tt class="docutils literal">resp.filters</tt> and <tt class="docutils literal">beresp.filters</tt>, respectively</p>
</li>
<li><p class="first">Behavior for 304 responses was changed not to update
the <tt class="docutils literal"><span class="pre">Content-Encoding</span></tt> response header of the stored object.</p>
</li>
<li><p class="first">[ABI] <tt class="docutils literal">struct vfp_entry</tt> and <tt class="docutils literal">struct vdp_ctx</tt> changed</p>
</li>
<li><p class="first">[API] VSB_QUOTE_GLOB, which was prematurely added to 6.4, has been
removed again.</p>
</li>
<li><p class="first">[API] Add <tt class="docutils literal">VDP_END</tt> action for delivery processors, which has to
be sent with or after the last buffer.</p>
</li>
<li><p class="first">Respect the administrative health for "real" (VBE) backends (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3299">3299</a>)</p>
</li>
<li><p class="first">Fixed handling of illegal (internal) four-digit response codes and
with HTTP/2 (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3301">3301</a>)</p>
</li>
<li><p class="first">Fixed backend connection pooling of closed connections (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3266">3266</a>)</p>
</li>
<li><p class="first">Added the <tt class="docutils literal">.resolve</tt> method for the <tt class="docutils literal">BACKEND</tt> type to resolve
(determine the "real" backend) a director.</p>
</li>
<li><p class="first">Improved <tt class="docutils literal">vmodtool</tt> support for out-of-tree builds</p>
</li>
<li><p class="first">Added <tt class="docutils literal">VJ_unlink()</tt> and <tt class="docutils literal">VJ_rmdir()</tt> jail functions</p>
</li>
<li><p class="first">Fixed workdir cleanup (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3307">3307</a>)</p>
</li>
<li><p class="first">Added <tt class="docutils literal">JAIL_MASTER_SYSTEM</tt> jail level</p>
</li>
<li><p class="first">The Varnish Jail (least privileges) code for Solaris has been
largely rewritten. It now reduces privileges even further and thus
should improve the security of Varnish on Solaris even more.</p>
</li>
<li><p class="first">The Varnish Jail for Solaris now accepts an optional <tt class="docutils literal">worker=</tt>
argument which allows to extend the effective privilege set of the
worker process.</p>
</li>
<li><p class="first">The shard director and shard director parameter objects should now
work in <tt class="docutils literal">vcl_pipe {}</tt> like in <tt class="docutils literal">vcl_backend_* {}</tt> subs.</p>
</li>
<li><p class="first">For a failure in <tt class="docutils literal">vcl_recv {}</tt>, the VCL state engine now returns
right after return from that subroutine. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3303">3303</a>)</p>
</li>
<li><p class="first">The shard director now supports weights by scaling the number of
replicas of each backend on the consistent hashing ring</p>
</li>
<li><p class="first">Fixed a race in the cache expiry code which could lead to a panic (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2999">2999</a>)</p>
</li>
<li><p class="first">Added <tt class="docutils literal">VRE_quote()</tt> to facilitate building literal string matches
with regular expressions.</p>
</li>
<li><p class="first">The <tt class="docutils literal">BackendReuse</tt> VSL (log) tag has been retired and replaced
with <tt class="docutils literal">BackendClose</tt>, which has been changed to contain either
<tt class="docutils literal">close</tt> or <tt class="docutils literal">recycle</tt> to signify whether the connection was
closed or returned to a pool for later reuse.</p>
</li>
<li><p class="first"><tt class="docutils literal">BackendOpen</tt> VSL entries have been changed to contain <tt class="docutils literal">reuse</tt>
or <tt class="docutils literal">connect</tt> in the last column to signify whether the connection
was reused from a pool or newly opened.</p>
</li>
<li><p class="first"><tt class="docutils literal">std.rollback()</tt> of backend requests with <tt class="docutils literal">return(retry)</tt> has
been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3353">3353</a>)</p>
</li>
<li><p class="first"><tt class="docutils literal">FetchError</tt> logs now differentiate between <tt class="docutils literal">No backend</tt> and
"none resolved" as <tt class="docutils literal">Director %s returned no backend</tt></p>
</li>
<li><p class="first">Added <tt class="docutils literal">VRT_DirectorResolve()</tt> to resolve a director</p>
</li>
<li><p class="first">Improved VCC handling of symbols and, in particular, type methods</p>
</li>
<li><p class="first">Fixed use of the shard director from <tt class="docutils literal">vcl_pipe {}</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3361">3361</a>)</p>
</li>
<li><p class="first">Handle recursive use of vcl <tt class="docutils literal">include</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3360">3360</a>)</p>
</li>
<li><p class="first">VCL: Added native support for BLOBs in structured fields notation
(<tt class="docutils literal">:<base64>:</tt>)</p>
</li>
<li><p class="first">Fixed handling of the <tt class="docutils literal">Connection:</tt> header when multiple instances
of the named headers existed.</p>
</li>
<li><p class="first">Added support for naming <tt class="docutils literal">PRIV_</tt> arguments to vmod methods/functions</p>
</li>
<li><p class="first">The varnish binary heap implementation has been renamed to use the
<tt class="docutils literal">VBH_</tt> prefix, complemented with a destructor and added to header
files for use with vmods (via include of <tt class="docutils literal">vbh.h</tt>).</p>
</li>
<li><p class="first">A bug in <tt class="docutils literal">vmod_blob</tt> for base64 decoding with a <tt class="docutils literal">length</tt>
argument and non-padding decoding has been fixed (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3378">3378</a>)</p>
</li>
<li><p class="first">Added <tt class="docutils literal">VRT_BLOB_string()</tt> to <tt class="docutils literal">vrt.h</tt></p>
</li>
<li><p class="first">VSB support for dynamic vs. static allocations has been changed:</p>
<p>For dynamic allocations use:</p>
<pre class="literal-block">
VSB_new_auto() + VSB_destroy()
</pre>
<p>For preexisting buffers use:</p>
<pre class="literal-block">
VSB_init() + VSB_fini()
</pre>
<p><tt class="docutils literal">VSB_new()</tt> + <tt class="docutils literal">VSB_delete()</tt> are now deprecated.</p>
</li>
<li><p class="first"><tt class="docutils literal">std.blobread()</tt> has been added</p>
</li>
<li><p class="first">New <tt class="docutils literal">MAIN.beresp_uncacheable</tt> and <tt class="docutils literal">MAIN.beresp_shortlived</tt>
counters have been added.</p>
</li>
<li><p class="first">The <tt class="docutils literal">I</tt>, <tt class="docutils literal">X</tt> and <tt class="docutils literal">R</tt> arguments have been added to the VSC API
and <tt class="docutils literal">varnishstat</tt> for inclusion, exclusion and required glob
patterns on the statistic field names. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3394">3394</a>)</p>
<ul class="simple">
<li>Added the missing <tt class="docutils literal">VSC_OPT_f</tt> macro and the new <tt class="docutils literal">VSC_OPT_I</tt> and
<tt class="docutils literal">VSC_OPT_X</tt> to libvarnishapi headers.</li>
<li>Added <tt class="docutils literal"><span class="pre">-I</span></tt> and <tt class="docutils literal"><span class="pre">-X</span></tt> options to <tt class="docutils literal">varnishstat</tt>.</li>
</ul>
</li>
<li><p class="first">Overhaul of the workspace API</p>
<ul class="simple">
<li>The previously deprecated <tt class="docutils literal">WS_Reserve()</tt> has been removed</li>
<li>The signature of <tt class="docutils literal">WS_Printf()</tt> has been changed to return
<tt class="docutils literal">const char *</tt> instead of <tt class="docutils literal">void *</tt> (we do not consider this a
breaking change).</li>
<li>Add <tt class="docutils literal">WS_ReservationSize()</tt></li>
<li><tt class="docutils literal">WS_Front()</tt> is now deprecated and replaced by <tt class="docutils literal">WS_Reservation()</tt></li>
</ul>
</li>
<li><p class="first">Handle a workspace overflow in <tt class="docutils literal">VRY_Validate()</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3319">3319</a>)</p>
</li>
<li><p class="first">Fixed the backend probe <tt class="docutils literal">.timeout</tt> handling for "dripping" responses (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3402">3402</a>)</p>
</li>
<li><p class="first">New <tt class="docutils literal">VARNISH_VMODS_GENERATED()</tt> macro in <tt class="docutils literal">varnish.m4</tt>.</p>
</li>
<li><p class="first">Prevent pooling of a <tt class="docutils literal">Connection: close</tt> backend response.</p>
<p>When this header is present, be it sent by the backend or added in
<tt class="docutils literal">vcl_backend_response {}</tt>, varnish closes the connection after the
current request. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3400">3400</a>)</p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-6-4-0-2020-03-16">
<h1>Varnish Cache 6.4.0 (2020-03-16)</h1>
<ul>
<li><p class="first">The <tt class="docutils literal">MAIN.sess_drop</tt> counter is gone.</p>
</li>
<li><p class="first">New configure switch: --with-unwind. Alpine linux appears to offer a
<tt class="docutils literal">libexecinfo</tt> implementation that crashes when called by Varnish, this
offers the alternative of using <tt class="docutils literal">libunwind</tt> instead.</p>
</li>
<li><p class="first">backend <tt class="docutils literal">none</tt> was added for "no backend".</p>
</li>
<li><p class="first"><tt class="docutils literal">std.rollback(bereq)</tt> is now safe to use, fixed bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3009">3009</a></p>
</li>
<li><p class="first">Fixed <tt class="docutils literal">varnishstat</tt>, <tt class="docutils literal">varnishtop</tt>, <tt class="docutils literal">varnishhist</tt> and
<tt class="docutils literal">varnishadm</tt> handling INT, TERM and HUP signals (bugs <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3088">3088</a> and
<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3229">3229</a>)</p>
</li>
<li><p class="first">The hash algorithm of the <tt class="docutils literal">hash</tt> director was changed, so backend
selection will change once only when upgrading. Users of the
<tt class="docutils literal">hash</tt> director are advised to consider using the <tt class="docutils literal">shard</tt>
director, which, amongst other advantages, offers more stable
backend selection through consistent hashing.</p>
</li>
<li><p class="first">Log records can safely have empty fields or fields containing blanks if
they are delimited by "double quotes". This was applied to <tt class="docutils literal">SessError</tt>
and <tt class="docutils literal">Backend_health</tt>.</p>
</li>
<li><p class="first">It is now possible for VMOD authors to customize the connection pooling
of a dynamic backend. A hash is now computed to determine uniqueness and
a backend declaration can contribute arbitrary data to influence the pool.</p>
</li>
<li><p class="first">The option <tt class="docutils literal">varnishtest <span class="pre">-W</span></tt> is gone, the same can be achieved with
<tt class="docutils literal">varnishtest <span class="pre">-p</span> <span class="pre">debug=+witness</span></tt>. A <tt class="docutils literal">witness.sh</tt> script is available
in the source tree to generate a graphviz dot file and detect potential
lock cycles from the test logs.</p>
</li>
<li><p class="first">The <tt class="docutils literal">Process</tt> timestamp for <tt class="docutils literal">vcl_synth {}</tt> was wrongly issued
before the VCL subroutine, now it gets emitted after VCL returns for
consistency with <tt class="docutils literal">vcl_deliver {}</tt>.</p>
</li>
<li><p class="first">Latencies for newly created worker threads to start work on
congested systems have been improved.</p>
</li>
<li><p class="first"><tt class="docutils literal">VRB_Iterate()</tt> signature has changed</p>
</li>
<li><p class="first"><tt class="docutils literal">VRT_fail()</tt> now also works from director code</p>
</li>
<li><p class="first">Deliberately closing backend requests through <tt class="docutils literal">return(abandon)</tt>,
<tt class="docutils literal">return(fail)</tt> or <tt class="docutils literal">return(error)</tt> is no longer accounted as a
fetch failure</p>
</li>
<li><p class="first">Fixed a bug which could cause probes not to run</p>
</li>
<li><p class="first">The <tt class="docutils literal"><span class="pre">if-range</span></tt> header is now handled, allowing clients to conditionally
request a range based on a date or an ETag.</p>
</li>
<li><p class="first">Introduced <tt class="docutils literal">struct reqtop</tt> to hold information on the ESI top
request and <tt class="docutils literal">PRIV_TOP</tt>, fixed regression <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3019">3019</a></p>
</li>
<li><p class="first">Allow numerical expressions in VCL to be negative / negated</p>
</li>
<li><p class="first">Add vi-stype CTRL-f / CTRL-b for page down/up to interactive
varnishstat</p>
</li>
<li><p class="first">Fixed wrong handling of an out-of-workspae condition in the proxy
vmod and in the workspace allocator, bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3131">3131</a></p>
</li>
<li><p class="first">Raised the minimum for the <tt class="docutils literal">vcl_cooldown</tt> parameter to 1s to fix
bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3135">3135</a></p>
</li>
<li><p class="first">Improved creation of additional threads when none are available</p>
</li>
<li><p class="first">Fixed a race between director creation and the <tt class="docutils literal">backend.list</tt> CLI
command - see bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3094">3094</a></p>
</li>
<li><p class="first">Added error handling to avoid panics for workspace overflows during
session attribute allocation - bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3145">3145</a></p>
</li>
<li><p class="first">Overloaded the <tt class="docutils literal">+=</tt> operator to also append to headers</p>
</li>
<li><p class="first">Fixed set <tt class="docutils literal">*.body</tt> commands.</p>
</li>
<li><p class="first">Fixed status for truncated CLI responses, bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3038">3038</a></p>
</li>
<li><p class="first">New or improved Coccinelle semantic patches that may be useful for
VMOD or utilities authors.</p>
</li>
<li><p class="first">Output VCC warnings also for VCLs loaded via the <tt class="docutils literal">varnishd <span class="pre">-f</span></tt>
option, see bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3160">3160</a></p>
</li>
<li><p class="first">Improved fetch error handling when stale objects are present in
cache, see bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3089">3089</a></p>
</li>
<li><p class="first">Added a <tt class="docutils literal">Notice</tt> VSL tag (used for <tt class="docutils literal">varnishlog</tt> logging)</p>
</li>
<li><p class="first">Always refer to <tt class="docutils literal">sub</tt> as subroutine in the documentation and error
messages to avoid confusion with other terms.</p>
</li>
<li><p class="first">New <tt class="docutils literal">pid</tt> command in the Varnish CLI, to get the master and optionally
cache process PIDs, for example from <tt class="docutils literal">varnishadm</tt>.</p>
</li>
<li><p class="first">Fixed a race that could result in a partial response being served in its
entirety when it is also compressed with gzip.</p>
</li>
<li><p class="first">Fixed session close reason reporting and accounting, added <tt class="docutils literal">rx_close_idle</tt>
counter for separate accounting when <tt class="docutils literal">timeout_idle</tt> is reached. Also,
<tt class="docutils literal">send_timeout</tt> is no longer reported as "remote closed".</p>
</li>
<li><p class="first">Fixed handling of request bodies for backend retries</p>
</li>
<li><p class="first">Fix deadlocks when the maximum number of threads has been reached,
in particular with http/2, see <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2418">2418</a></p>
</li>
<li><p class="first">Add more vcl control over timeouts with <tt class="docutils literal">sess.timeout_linger</tt>,
<tt class="docutils literal">sess.send_timeout</tt> and <tt class="docutils literal">sess.idle_send_timeout</tt></p>
</li>
<li><p class="first">Fix panics due to missing EINVAL handling on MacOS, see <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1853">1853</a></p>
</li>
<li><p class="first">Added <tt class="docutils literal">VSLs()</tt> and <tt class="docutils literal">VSLbs()</tt> functions for logging <tt class="docutils literal">STRANDS</tt> to
VSL</p>
</li>
<li><p class="first">Fixed cases where a workspace overflow would not result in a VCL
failure, see <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3194">3194</a></p>
</li>
<li><p class="first">Added <tt class="docutils literal">WS_VSB_new()</tt> / <tt class="docutils literal">WS_VSB_finish()</tt> for VSBs on workspaces</p>
</li>
<li><p class="first">Imported <tt class="docutils literal">vmod_cookie</tt> from <a class="reference external" href="https://github.com/varnish/varnish-modules">varnish_modules</a></p>
<p>The previously deprecated function <tt class="docutils literal">cookie.filter_except()</tt> has
been removed during import. It was replaced by <tt class="docutils literal">cookie.keep()</tt></p>
</li>
<li><p class="first"><tt class="docutils literal">body_status</tt> and <tt class="docutils literal">req_body_status</tt> have been collapsed into one
type. In particular, the <tt class="docutils literal">REQ_BODY_*</tt> enums now have been replaced
with <tt class="docutils literal">BS_*</tt>.</p>
</li>
</ul>

<ul>
<li><p class="first">Fixed an old regression of the <tt class="docutils literal">Age:</tt> header for passes, see bug
<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3221">3221</a></p>
</li>
<li><p class="first">Added <tt class="docutils literal">VRT_AllocStrandsWS()</tt> as a utility function to allocate
STRANDS on a workspace.</p>
</li>
<li><p class="first">Reduced compile time of <tt class="docutils literal">vcl_init{}</tt> / <tt class="docutils literal">vcl_fini{}</tt> with gcc,
added <tt class="docutils literal">v_dont_optimize</tt> attribute macro</p>
</li>
<li><p class="first">Fixed a case where <tt class="docutils literal">send_timeout</tt> would have no effect when
streaming from a backend fetch, see bug <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3189">3189</a></p>
<p><em>NOTE</em> Users upgrading varnish should re-check <tt class="docutils literal">send_timeout</tt> with
respect to long pass and streaming fetches and watch out for
increased session close rates.</p>
</li>
<li><p class="first">Added <tt class="docutils literal">VSB_tofile()</tt> to <tt class="docutils literal">libvarnishapi</tt>, see <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/3238">3238</a></p>
</li>
</ul>
</div>
<div class="section" id="varnish-cache-6-3-0-2019-09-15">
<h1>Varnish Cache 6.3.0 (2019-09-15)</h1>
<p>In addition to a significant number of bug fixes, these are the most
important changes in 6.3:</p>
<ul class="simple">
<li>The Host: header is folded to lower-case in the builtin_vcl.</li>
<li>Improved performance of shared memory statistics counters.</li>
<li>Synthetic objects created from <tt class="docutils literal">vcl_backend_error {}</tt> now replace
existing stale objects as ordinary backend fetches would, unless:<ul>
<li>abandoning the bereq or</li>
<li>leaving <tt class="docutils literal">vcl_backend_error {}</tt> with <tt class="docutils literal">return (deliver) and
``beresp.ttl == 0s</tt> or</li>
<li>there is a waitinglist on the object, in which case, by default,
the synthetic object is created with <tt class="docutils literal">ttl = 1s</tt> / <tt class="docutils literal">grace = 5s</tt>
/ <tt class="docutils literal">keep = 5s</tt> avoid hammering on failing backends
(note this is existing behavior).</li>
</ul>
</li>
<li>Retired the <tt class="docutils literal">BackendStart</tt> log tag - <tt class="docutils literal">BackendOpen</tt> contains all
the information from it</li>
</ul>
<div class="section" id="apis-vmods">
<h2>APIs / VMODs</h2>
<ul>
<li><p class="first"><tt class="docutils literal">WS_Reserve()</tt> is now deprecated and any use should trigger a
compiler warning. It is to be replaced by</p>
<ul>
<li><p class="first"><tt class="docutils literal">WS_ReserveAll()</tt> to reserve all of the remaining workspace</p>
<p>It will always leave the workspace reserved even if 0 bytes are
available, so it must always be followed by a call to
<tt class="docutils literal">WS_Release()</tt></p>
</li>
<li><p class="first"><tt class="docutils literal">WS_ReserveSize()</tt> to reserve a fixed amount.</p>
<p>It will only leave the workspace reserved if the reservation
request could be fulfilled.</p>
</li>
</ul>
<p>We provide a script to help automate this change in the
<tt class="docutils literal">tools/coccinelle</tt> subdirectory of the source tree.</p>
</li>
<li><p class="first">The RST references generated by <tt class="docutils literal">vmodtool.py</tt> have been changed to
match better the VCL syntax to avoid overhead where references are
used. The new scheme for a vmod called <em>name</em> is:</p>
<ul class="simple">
<li><tt class="docutils literal">$Function</tt>: <em>name</em>.<em>function</em>()</li>
<li><tt class="docutils literal">$Object</tt> constructor: <em>name</em>.<em>object</em>()</li>
<li><tt class="docutils literal">$Method</tt>: x<em>object</em>.<em>method</em>()</li>
</ul>
<p>To illustrate, the old references:</p>
<pre class="literal-block">
:ref:`vmod_name.function`
:ref:`vmod_name.obj`
:ref:`vmod_name.obj.method`
</pre>
<p>now are renamed to:</p>
<pre class="literal-block">
:ref:`name.function()`
:ref:`name.obj()`
:ref:`xobj.method()`
</pre>
<p><tt class="docutils literal">tools/vmod_ref_rename.sh</tt> is provided to automate this task</p>
</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-6-2-0-2019-03-15">
<h1>Varnish Cache 6.2.0 (2019-03-15)</h1>
<ul>
<li><p class="first">Extend JSON support in the CLI (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2783">2783</a>)</p>
</li>
<li><p class="first">Improve accuracy of statistics (VSC)</p>
</li>
<li><p class="first">In <tt class="docutils literal">Error: out of workspace</tt> log entries, the workspace name is
now reported in lowercase</p>
</li>
<li><p class="first">Adjust code generator python tools to python 3 and prefer python 3
over python 2 where available</p>
</li>
<li><p class="first">Added a thread pool watchdog which will restart the worker process
if scheduling tasks onto worker threads appears stuck. The new
parameter <tt class="docutils literal">thread_pool_watchdog</tt> configures it. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2418">2418</a>)</p>
</li>
<li><p class="first">Changed <tt class="docutils literal">ExpKill</tt> log tags to emit microsecond-precision
timestamps instead of nanoseconds (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2792">2792</a>)</p>
</li>
<li><p class="first">Changed the default of the <tt class="docutils literal">thread_pool_watchdog</tt> parameter
to 60 seconds to match the <tt class="docutils literal">cli_timeout</tt> default</p>
</li>
<li><p class="first">VSB quoted output has been unified to three-digit octal,
VSB_QUOTE_ESCHEX has been added to prefer hex over octal quoting</p>
</li>
<li><p class="first">Retired long deprecated parameters (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/wiki/VIP16%3A-Retire-parameters-aliases">VIP16</a>). Replacement mapping is:
<tt class="docutils literal">shm_reclen</tt> -> <tt class="docutils literal">vsl_reclen</tt>
<tt class="docutils literal">vcl_dir</tt> -> <tt class="docutils literal">vcl_path</tt>
<tt class="docutils literal">vmod_dir</tt> -> <tt class="docutils literal">vmod_path</tt></p>
</li>
<li><p class="first">The width of the columns of the <tt class="docutils literal">backend.list</tt> cli command output
is now dynamic.</p>
<p>For best forward compatibility, we recommend that scripts parse JSON
output as obtained using the <tt class="docutils literal"><span class="pre">-j</span></tt> option.</p>
<p>See release notes for details.</p>
</li>
<li><p class="first">The format of the <tt class="docutils literal">backend.list <span class="pre">-j</span></tt> (JSON) cli command output has
changed.</p>
<p>See release notes for details.</p>
</li>
<li><p class="first">The undocumented <tt class="docutils literal"><span class="pre">-v</span></tt> option to the <tt class="docutils literal">backend.list</tt> cli command
has been removed</p>
</li>
<li><p class="first">Changed the formatting of the <tt class="docutils literal">vcl.list</tt> command from:</p>
<pre class="literal-block">
status      state/temperature       busy    name    [labelinfo]
</pre>
<p>to:</p>
<pre class="literal-block">
status      state   temperature     busy    name    [<-|->] [info]
</pre>
<p>Column width is now dynamic.</p>
<p>Field values remain unchanged except for the label information, see
varnish-cli(7) for details.</p>
</li>
<li><p class="first">The ban facility has been extended by bans access to obj.ttl,
obj.age, obj.grace and obj.keep and additional inequality operators.</p>
</li>
<li><p class="first">Many cache lookup optimizations.</p>
</li>
<li><p class="first">Display the VCL syntax during a panic.</p>
</li>
<li><p class="first">Update to the VCL diagrams to include hit-for-miss.</p>
</li>
</ul>
<div class="section" id="vcl">
<h2>VCL</h2>
<ul class="simple">
<li>Added <tt class="docutils literal">req.is_hitmiss</tt> and <tt class="docutils literal">req.is_hitpass</tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2743">2743</a>)</li>
</ul>
</div>
<div class="section" id="bundled-vmods">
<h2>bundled vmods</h2>
<ul class="simple">
<li>Added <tt class="docutils literal">directors.lookup()</tt></li>
</ul>
</div>
<div class="section" id="bundled-tools">
<h2>bundled tools</h2>
<ul>
<li><p class="first">Improved varnish log client performance (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2788">2788</a>)</p>
</li>
<li><p class="first">For <tt class="docutils literal">varnishtest <span class="pre">-L</span></tt>, also keep VCL C source files</p>
</li>
<li><p class="first">Add <tt class="docutils literal">param.reset</tt> command to <tt class="docutils literal">varnishadm</tt></p>
</li>
<li><p class="first">Add VSL rate limiting (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2837">2837</a>)</p>
<p>This adds rate limiting to varnishncsa and varnishlog.</p>
</li>
<li><p class="first">Make it possible to change <tt class="docutils literal">varnishstat</tt> update rate. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2741">2741</a>)</p>
</li>
</ul>
</div>
<div class="section" id="c-apis-for-vmod-and-utility-authors">
<h2>C APIs (for vmod and utility authors)</h2>
<ul>
<li><p class="first"><tt class="docutils literal">libvarnish</tt>: <tt class="docutils literal">VRT_VSA_GetPtr</tt> renamed to <tt class="docutils literal">VSA_GetPtr</tt></p>
</li>
<li><p class="first">Included <tt class="docutils literal">vtree.h</tt> in the distribution for vmods and
renamed the red/black tree macros from <tt class="docutils literal">VRB_*</tt> to <tt class="docutils literal">VRBT_*</tt>
to disambiguate from the acronym for Varnish Request Body.</p>
<p>Changed the internal organisation of dynamic PRIVs (<tt class="docutils literal">PRIV_TASK</tt>,
<tt class="docutils literal">PRIV_TOP</tt> from a list to a red/black tree) for performance.
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2813">2813</a>)</p>
</li>
<li><p class="first">Vmod developers are advised that anything returned by a vmod
function/method is assumed to be immutable. In other words, a vmod
<cite>must not</cite> modify any data which was previously returned.</p>
</li>
<li><p class="first">Tolerate null IP addresses for ACL matches.</p>
</li>
<li><p class="first">Added <tt class="docutils literal">vstrerror()</tt> as a safe wrapper for <tt class="docutils literal">strerror()</tt> to avoid
a NULL pointer dereference under rare conditions where the latter
could return NULL. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2815">2815</a>)</p>
</li>
<li><p class="first">Varnish-based tools using the VUT interface should now consider
using the <tt class="docutils literal">VUT_Usage()</tt> function for consistency</p>
</li>
<li><p class="first">The name of the <cite>event_function</cite> callback for VCL events in vmods is
now prefixed by <cite>$Prefix</cite><tt class="docutils literal">_</tt>` if <cite>$Prefix</cite> is defined in the
<tt class="docutils literal">.vcc</tt> file, or <tt class="docutils literal">vmod_</tt> by default.</p>
<p>So, for example, with <tt class="docutils literal">$Event foo</tt> and no <cite>$Prefix</cite>, the event
function will be called <tt class="docutils literal">vmod_foo</tt> and with <tt class="docutils literal">$Prefix bar</tt> it
will be called <tt class="docutils literal">bar_foo</tt>.</p>
</li>
<li><p class="first">In the <cite>vmodtool</cite>-generated ReStructuredText documentation,
anchors have been renamed</p>
<ul class="simple">
<li>from <tt class="docutils literal">obj_</tt><cite>class</cite> to <cite>vmodname</cite><tt class="docutils literal">.</tt><cite>class</cite> for
constructors and</li>
<li>from <tt class="docutils literal">func_</tt><cite>class</cite> to <cite>vmodname</cite><tt class="docutils literal">.</tt><cite>function</cite> for functions and</li>
<li>from <tt class="docutils literal">func_</tt><cite>class</cite> to <cite>vmodname</cite><tt class="docutils literal">.</tt><cite>class</cite><tt class="docutils literal">.</tt><cite>method</cite> for methods,</li>
</ul>
<p>repsectively. In short, the anchor is now named equal to VCL syntax
for constructors and functions and similarly to VCL syntax for methods.</p>
</li>
<li><p class="first">VRT API has been updated to 9.0</p>
<ul>
<li><p class="first"><tt class="docutils literal">HTTP_Copy()</tt> was removed, <tt class="docutils literal">HTTP_Dup()</tt> and <tt class="docutils literal">HTTP_Clone()</tt> were added</p>
</li>
<li><p class="first">Previously, <tt class="docutils literal">VCL_BLOB</tt> was implemented as <tt class="docutils literal">struct vmod_priv</tt>,
which had the following shortcomings:</p>
<ul class="simple">
<li>blobs are immutable, but that was not reflected by the <tt class="docutils literal">priv</tt>
pointer</li>
<li>the existence of a free pointer suggested automatic memory
management, which did never and will not exist for blobs.</li>
</ul>
<p>The <tt class="docutils literal">VCL_BLOB</tt> type is now implemented as <tt class="docutils literal">struct vrt_blob</tt>,
with the <tt class="docutils literal">blob</tt> member replacing the former <tt class="docutils literal">priv</tt> pointer and
the <tt class="docutils literal">free</tt> pointer removed.</p>
<p>A <tt class="docutils literal">type</tt> member was added for lightweight type checking similar
to the miniobject <tt class="docutils literal">magic</tt> member, but in contrast to it,
<tt class="docutils literal">type</tt> should never be asserted upon.</p>
<p><tt class="docutils literal">VRT_blob()</tt> was updated accordingly.</p>
</li>
<li><p class="first"><tt class="docutils literal"><span class="pre">req->req_bodybytes</span></tt> was removed. Replacement code snippet:</p>
<pre class="literal-block">
AZ(ObjGetU64(req->wrk, req->body_oc, OA_LEN, &u));
</pre>
</li>
<li><p class="first"><tt class="docutils literal">VRT_SetHealth()</tt> has been removed and <tt class="docutils literal">VRT_SetChanged()</tt>
added. <tt class="docutils literal">VRT_LookupDirector()</tt> (only to be called from CLI
contexts) as been added.</p>
<p>See release notes for details</p>
</li>
</ul>
</li>
<li><p class="first">vmodtool has been changed significantly to avoid various name
clashes. Rather than using literal prefixes/suffixes, vmod authors
should now (and might have to for making existing code continue to
compile) use the following macros</p>
<ul>
<li><p class="first"><tt class="docutils literal">VPFX(name)</tt> to prepend the vmod prefix (<tt class="docutils literal">vmod_</tt> by default)</p>
</li>
<li><p class="first"><tt class="docutils literal">VARGS(name)</tt> as the name of a function/method's argument
struct, e.g.:</p>
<pre class="literal-block">
VCL_VOID vmod_test(VRT_CTX, struct VARGS(test) *args) { ...
</pre>
</li>
<li><p class="first"><tt class="docutils literal">VENUM(name)</tt> to access the enum by the name <cite>name</cite></p>
</li>
</ul>
</li>
</ul>
</div>
<div class="section" id="fixed-bugs">
<h2>Fixed bugs</h2>
<ul class="simple">
<li>Fixed <tt class="docutils literal">varnishhist</tt> display error (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2780">2780</a>)</li>
<li>Fix <tt class="docutils literal">varnishstat <span class="pre">-f</span></tt> in curses mode (interactively, without
<tt class="docutils literal"><span class="pre">-1</span></tt>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2787">2787</a>)</li>
<li>Handle an out-of-workspace condition in HTTP/2 delivery more
gracefully (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2589">2589</a>)</li>
<li>Fixed regression introduced just before 6.1.0 release which caused
an unnecessary incompatibility with VSL files written by previous
versions. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2790">2790</a>)</li>
<li>Fix warmup/rampup of the shard director (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2823">2823</a>)</li>
<li>Fix VRT_priv_task for calls from vcl_pipe {} (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2820">2820</a>)</li>
<li>Fix assinging <bool> == <bool> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2809">2809</a>)</li>
<li>Fix vmod object constructor documentation in the <tt class="docutils literal">vmodtool.py</tt> -
generated RST files</li>
<li>Fix some stats metrics (vsc) which were wrongly marked as _gauge_</li>
<li>Fix <tt class="docutils literal">varnishd <span class="pre">-I</span></tt> (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2782">2782</a>)</li>
<li>Add error handling for STV_NewObject() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2831">2831</a>)</li>
<li>Fix VRT_fail for 'if'/'elseif' conditional expressions (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2840">2840</a>)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-6-1-0-2018-09-17">
<h1>Varnish Cache 6.1.0 (2018-09-17)</h1>
<ul class="simple">
<li>Added -p max_vcl and -p max_vcl_handling for warnings/errors when
there are too many undiscarded VCL instances. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2713">2713</a>)</li>
<li><tt class="docutils literal"><span class="pre">Content-Length</span></tt> header is not rewritten in response to a HEAD
request, allows responses to HEAD requests to be cached
independently from GET responses.</li>
</ul>
<div class="section" id="vcl-1">
<h2>VCL</h2>
<ul class="simple">
<li><tt class="docutils literal"><span class="pre">return(fail("mumble"))</span></tt> can have a string argument that is
emitted by VCC as an error message if the VCL load fails due to the
return. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2694">2694</a>)</li>
<li>Improved VCC error messages (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2696">2696</a>)</li>
<li>Fixed <tt class="docutils literal">obj.hits</tt> in <tt class="docutils literal">vcl_hit</tt> (had been always 0) (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2746">2746</a>)</li>
<li>req.ttl is fully supported again</li>
</ul>
</div>
<div class="section" id="bundled-tools-1">
<h2>bundled tools</h2>
<ul class="simple">
<li><tt class="docutils literal">varnishhist</tt>: Improved test coverage</li>
<li><tt class="docutils literal">varnishtest</tt>: Added haproxy CLI send/expect facility</li>
</ul>
</div>
<div class="section" id="c-apis-for-vmod-and-utility-authors-1">
<h2>C APIs (for vmod and utility authors)</h2>
<ul class="simple">
<li>libvarnishapi so version bumped to 2.0.0 (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2718">2718</a>)</li>
<li>For VMOD methods/functions with PRIV_TASK or PRIV_TOP arguments, the
struct vrt_priv is allocated on the appropriate workspace. In the
out-of-workspace condition, VCL failure is invoked, and the VMOD
method/function is not called. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2708">2708</a>)</li>
<li>Improved support for the VCL STRANDS type, VMOD blob refactored to
use STRANDS (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2745">2745</a>)</li>
</ul>
</div>
<div class="section" id="fixed-bugs-1">
<h2>Fixed bugs</h2>
<ul class="simple">
<li>A series of bug fixes related to excessive object accumulation and
Transient storage use in the hit-for-miss case (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2760">2760</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2754">2754</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2654">2654</a>,
<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2763">2763</a>)</li>
<li>A series of fixes related to Python and the vmodtool (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2761">2761</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2759">2759</a>,
<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2742">2742</a>)</li>
<li>UB in varnishhist (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2773">2773</a>)</li>
<li>Allow to not have randomness in file_id (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2436">2436</a>)</li>
<li>b64.vtc unstable (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2753">2753</a>)</li>
<li>VCL_Poll ctx scope (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2749">2749</a>)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-6-0-1-2018-08-29">
<h1>Varnish Cache 6.0.1 (2018-08-29)</h1>
<ul class="simple">
<li>Added std.fnmatch() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2737">2737</a>)</li>
<li>The variable req.grace is back. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2705">2705</a>)</li>
<li>Importing the same VMOD multiple times is now allowed, if the file_id
is identical.</li>
</ul>
<div class="section" id="varnishstat">
<h2>varnishstat</h2>
<ul>
<li><p class="first">The counters</p>
<ul class="simple">
<li><tt class="docutils literal">sess_fail_econnaborted</tt></li>
<li><tt class="docutils literal">sess_fail_eintr</tt></li>
<li><tt class="docutils literal">sess_fail_emfile</tt></li>
<li><tt class="docutils literal">sess_fail_ebadf</tt></li>
<li><tt class="docutils literal">sess_fail_enomem</tt></li>
<li><tt class="docutils literal">sess_fail_other</tt></li>
</ul>
<p>now break down the detailed reason for session accept failures, the
sum of which continues to be counted in <tt class="docutils literal">sess_fail</tt>.</p>
</li>
</ul>
</div>
<div class="section" id="vcl-and-bundled-vmods">
<h2>VCL and bundled VMODs</h2>
<ul class="simple">
<li>VMOD unix now supports the <tt class="docutils literal">getpeerucred(3)</tt> case.</li>
</ul>
</div>
<div class="section" id="bundled-tools-2">
<h2>bundled tools</h2>
<ul class="simple">
<li><tt class="docutils literal">varnishhist</tt>: The format of the <tt class="docutils literal"><span class="pre">-P</span></tt> argument has been changed
for custom profile definitions to also contain a prefix to match the
tag against.</li>
<li><tt class="docutils literal">varnishtest</tt>: syslog instances now have to start with a capital S.</li>
</ul>
</div>
<div class="section" id="fixed-bugs-which-may-influence-vcl-behavior">
<h2>Fixed bugs which may influence VCL behavior</h2>
<ul class="simple">
<li>When an object is out of grace but in keep, the client context goes
straight to vcl_miss instead of vcl_hit. The documentation has been
updated accordingly. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2705">2705</a>)</li>
</ul>
</div>
<div class="section" id="fixed-bugs-2">
<h2>Fixed bugs</h2>
<ul class="simple">
<li>Several H2 bugs (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2285">2285</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2572">2572</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2623">2623</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2624">2624</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2679">2679</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2690">2690</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2693">2693</a>)</li>
<li>Make large integers work in VCL. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2603">2603</a>)</li>
<li>Print usage on unknown or missing arguments (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2608">2608</a>)</li>
<li>Assert error in VPX_Send_Proxy() with proxy backends in pipe mode
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2613">2613</a>)</li>
<li>Holddown times for certain backend connection errors (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2622">2622</a>)</li>
<li>Enforce Host requirement for HTTP/1.1 requests (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2631">2631</a>)</li>
<li>Introduction of '-' CLI prefix allowed empty commands to sneak
through. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2647">2647</a>)</li>
<li>VUT apps can be stopped cleanly via vtc process -stop (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2649">2649</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2650">2650</a>)</li>
<li>VUT apps fail gracefully when removing a PID file fails</li>
<li>varnishd startup log should mention version (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2661">2661</a>)</li>
<li>In curses mode, always filter in the counters necessary for the
header lines. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2678">2678</a>)</li>
<li>Assert error in ban_lurker_getfirst() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2681">2681</a>)</li>
<li>Missing command entries in varnishadm help menu (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2682">2682</a>)</li>
<li>Handle string literal concatenation correctly (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2685">2685</a>)</li>
<li>varnishtop -1 does not work as documented (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2686">2686</a>)</li>
<li>Handle sigbus like sigsegv (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2693">2693</a>)</li>
<li>Panic on return (retry) of a conditional fetch (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2700">2700</a>)</li>
<li>Wrong turn at cache/cache_backend_probe.c:255: Unknown family
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2702">2702</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2726">2726</a>)</li>
<li>VCL failure causes TASK_PRIV reference on reset workspace (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2706">2706</a>)</li>
<li>Accurate ban statistics except for a few remaining corner cases
(<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2716">2716</a>)</li>
<li>Assert error in vca_make_session() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2719">2719</a>)</li>
<li>Assert error in vca_tcp_opt_set() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2722">2722</a>)</li>
<li>VCL compiling error on parenthesis (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2727">2727</a>)</li>
<li>Assert error in HTC_RxPipeline() (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2731">2731</a>)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-6-0-0-2018-03-15">
<h1>Varnish Cache 6.0.0 (2018-03-15)</h1>
<div class="section" id="usage">
<h2>Usage</h2>
<ul>
<li><p class="first">Fixed implementation of the <tt class="docutils literal">max_restarts</tt> limit: It used to be one
less than the number of allowed restarts, it now is the number of
<tt class="docutils literal">return(restart)</tt> calls per request.</p>
</li>
<li><p class="first">The <tt class="docutils literal">cli_buffer</tt> parameter has been removed</p>
</li>
<li><p class="first">Added back <tt class="docutils literal">umem</tt> storage for Solaris descendants</p>
</li>
<li><p class="first">The new storage backend type (stevedore) <tt class="docutils literal">default</tt> now resolves to
either <tt class="docutils literal">umem</tt> (where available) or <tt class="docutils literal">malloc</tt>.</p>
</li>
<li><p class="first">Since varnish 4.1, the thread workspace as configured by
<tt class="docutils literal">workspace_thread</tt> was not used as documented, delivery also used
the client workspace.</p>
<p>We are now taking delivery IO vectors from the thread workspace, so
the parameter documentation is in sync with reality again.</p>
<p>Users who need to minimize memory footprint might consider
decreasing <tt class="docutils literal">workspace_client</tt> by <tt class="docutils literal">workspace_thread</tt>.</p>
</li>
<li><p class="first">The new parameter <tt class="docutils literal">esi_iovs</tt> configures the amount of IO vectors
used during ESI delivery. It should not be tuned unless advised by a
developer.</p>
</li>
<li><p class="first">Support Unix domain sockets for the <tt class="docutils literal"><span class="pre">-a</span></tt> and <tt class="docutils literal"><span class="pre">-b</span></tt> command-line
arguments, and for backend declarations. This requires VCL >= 4.1.</p>
</li>
</ul>
</div>
<div class="section" id="vcl-and-bundled-vmods-1">
<h2>VCL and bundled VMODs</h2>
<ul>
<li><p class="first"><tt class="docutils literal">return (fetch)</tt> is no longer allowed in <tt class="docutils literal">vcl_hit {}</tt>, use
<tt class="docutils literal">return (miss)</tt> instead. Note that <tt class="docutils literal">return (fetch)</tt> has been
deprecated since 4.0.</p>
</li>
<li><p class="first">Fix behaviour of restarts to how it was originally intended:
Restarts now leave all the request properties in place except for
<tt class="docutils literal">req.restarts</tt> and <tt class="docutils literal">req.xid</tt>, which need to change by design.</p>
</li>
<li><p class="first"><tt class="docutils literal">req.storage</tt>, <tt class="docutils literal">req.hash_ignore_busy</tt> and
<tt class="docutils literal">req.hash_always_miss</tt> are now accessible from all of the client
side subs, not just <tt class="docutils literal">vcl_recv{}</tt></p>
</li>
<li><p class="first"><tt class="docutils literal">obj.storage</tt> is now available in <tt class="docutils literal">vcl_hit{}</tt> and <tt class="docutils literal">vcl_deliver{}</tt>.</p>
</li>
<li><p class="first">Removed <tt class="docutils literal">beresp.storage_hint</tt> for VCL 4.1 (was deprecated since
Varnish 5.1)</p>
<p>For VCL 4.0, compatibility is preserved, but the implementation is
changed slightly: <tt class="docutils literal">beresp.storage_hint</tt> is now referring to the
same internal data structure as <tt class="docutils literal">beresp.storage</tt>.</p>
<p>In particular, it was previously possible to set
<tt class="docutils literal">beresp.storage_hint</tt> to an invalid storage name and later
retrieve it back. Doing so will now yield the last successfully set
stevedore or the undefined (<tt class="docutils literal">NULL</tt>) string.</p>
</li>
<li><p class="first">IP-valued elements of VCL are equivalent to <tt class="docutils literal">0.0.0.0:0</tt> when the
connection in question was addressed as a UDS. This is implemented
with the <tt class="docutils literal">bogo_ip</tt> in <tt class="docutils literal">vsa.c</tt>.</p>
</li>
<li><p class="first"><tt class="docutils literal">beresp.backend.ip</tt> is retired as of VCL 4.1.</p>
</li>
<li><p class="first">workspace overflows in <tt class="docutils literal">std.log()</tt> now trigger a VCL failure.</p>
</li>
<li><p class="first">workspace overflows in <tt class="docutils literal">std.syslog()</tt> are ignored.</p>
</li>
<li><p class="first">added <tt class="docutils literal">return(restart)</tt> from <tt class="docutils literal">vcl_recv{}</tt>.</p>
</li>
<li><p class="first">The <tt class="docutils literal">alg</tt> argument of the <tt class="docutils literal">shard</tt> director <tt class="docutils literal">.reconfigure()</tt>
method has been removed - the consistent hashing ring is now always
generated using the last 32 bits of a SHA256 hash of <tt class="docutils literal">"ident%d"</tt>
as with <tt class="docutils literal">alg=SHA256</tt> or the default.</p>
<p>We believe that the other algorithms did not yield sufficiently
dispersed placement of backends on the consistent hashing ring and
thus retire this option without replacement.</p>
<p>Users of <tt class="docutils literal">.reconfigure(alg=CRC32)</tt> or <tt class="docutils literal">.reconfigure(alg=RS)</tt> be
advised that when upgrading and removing the <tt class="docutils literal">alg</tt> argument,
consistent hashing values for all backends will change once and only
once.</p>
</li>
<li><p class="first">The <tt class="docutils literal">alg</tt> argument of the <tt class="docutils literal">shard</tt> director <tt class="docutils literal">.key()</tt> method has
been removed - it now always hashes its arguments using SHA256 and
returns the last 32 bits for use as a shard key.</p>
<p>Backwards compatibility is provided through <a class="reference external" href="https://code.uplex.de/uplex-varnish/libvmod-blobdigest/blob/master/README.rst">vmod blobdigest</a> with
the <tt class="docutils literal">key_blob</tt> argument of the <tt class="docutils literal">shard</tt> director <tt class="docutils literal">.backend()</tt>
method:</p>
<ul>
<li><p class="first">for <tt class="docutils literal">alg=CRC32</tt>, replace:</p>
<pre class="literal-block">
<dir>.backend(by=KEY, key=<dir>.key(<string>, CRC32))
</pre>
<p>with:</p>
<pre class="literal-block">
<dir>.backend(by=BLOB, key_blob=blobdigest.hash(ICRC32,
  blob.decode(encoded=<string>)))
</pre>
<p><cite>Note:</cite> The <a class="reference external" href="https://code.uplex.de/uplex-varnish/libvmod-blobdigest/blob/master/README.rst">vmod blobdigest</a> hash method corresponding to the
shard director CRC32 method is called <strong>I</strong>CRC32</p>
</li>
</ul>
</li>
</ul>
<blockquote>
<ul>
<li><p class="first">for <tt class="docutils literal">alg=RS</tt>, replace:</p>
<pre class="literal-block">
<dir>.backend(by=KEY, key=<dir>.key(<string>, RS))
</pre>
<p>with:</p>
<pre class="literal-block">
<dir>.backend(by=BLOB, key_blob=blobdigest.hash(RS,
  blob.decode(encoded=<string>)))
</pre>
</li>
</ul>
</blockquote>
<ul>
<li><p class="first">The <tt class="docutils literal">shard</tt> director now offers resolution at the time the actual
backend connection is made, which is how all other bundled directors
work as well: With the <tt class="docutils literal">resolve=LAZY</tt> argument, other shard
parameters are saved for later reference and a director object is
returned.</p>
<p>This enables layering the shard director below other directors.</p>
</li>
<li><p class="first">The <tt class="docutils literal">shard</tt> director now also supports getting other parameters
from a parameter set object: Rather than passing the required
parameters with each <tt class="docutils literal">.backend()</tt> call, an object can be
associated with a shard director defining the parameters. The
association can be changed in <tt class="docutils literal">vcl_backend_fetch()</tt> and individual
parameters can be overridden in each <tt class="docutils literal">.backend()</tt> call.</p>
<p>The main use case is to segregate shard parameters from director
selection: By associating a parameter object with many directors,
the same load balancing decision can easily be applied independent
of which set of backends is to be used.</p>
</li>
<li><p class="first">To support parameter overriding, support for positional arguments of
the shard director <tt class="docutils literal">.backend()</tt> method had to be removed. In other
words, all parameters to the shard director <tt class="docutils literal">.backend()</tt> method
now need to be named.</p>
</li>
<li><p class="first">Integers in VCL are now 64 bits wide across all platforms
(implemented as <tt class="docutils literal">int64_t</tt> C type), but due to implementation
specifics of the VCL compiler (VCC), integer literals' precision is
limited to that of a VCL real (<tt class="docutils literal">double</tt> C type, roughly 53 bits).</p>
<p>In effect, larger integers are not represented accurately (they get
rounded) and may even have their sign changed or trigger a C
compiler warning / error.</p>
</li>
<li><p class="first">Add VMOD unix.</p>
</li>
<li><p class="first">Add VMOD proxy.</p>
</li>
</ul>
</div>
<div class="section" id="logging-statistics">
<h2>Logging / statistics</h2>
<ul class="simple">
<li>Turned off PROXY protocol debugging by default, can be enabled with
the <tt class="docutils literal">protocol</tt> debug flag.</li>
<li>added <tt class="docutils literal">cache_hit_grace</tt> statistics counter.</li>
<li>added <tt class="docutils literal">n_lru_limited</tt> counter.</li>
<li>The byte counters in ReqAcct now show the numbers reported from the
operating system rather than what we anticipated to send. This will give
more accurate numbers when e.g. the client hung up early without
receiving the entire response. Also these counters now show how many
bytes was attributed to the body, including any protocol overhead (ie
chunked encoding).</li>
</ul>
</div>
<div class="section" id="bundled-tools-3">
<h2>bundled tools</h2>
<ul class="simple">
<li><tt class="docutils literal">varnishncsa</tt> refuses output formats (as defined with the <tt class="docutils literal"><span class="pre">-F</span></tt>
command line argument) for tags which could contain control or
binary characters. At the time of writing, these are:
<tt class="docutils literal">%{H2RxHdr}x</tt>, <tt class="docutils literal">%{H2RxBody}x</tt>, <tt class="docutils literal">%{H2TxHdr}x</tt>, <tt class="docutils literal">%{H2TxBody}x</tt>,
<tt class="docutils literal">%{Debug}x</tt>, <tt class="docutils literal">%{HttpGarbage}x</tt> and <tt class="docutils literal">%{Hash}x</tt></li>
<li>The vtc <tt class="docutils literal">server <span class="pre">-listen</span></tt> command supports UDS addresses, as does
the <tt class="docutils literal">client <span class="pre">-connect</span></tt> command. vtc <tt class="docutils literal">remote.path</tt> and
<tt class="docutils literal">remote.port</tt> have the values <tt class="docutils literal">0.0.0.0</tt> and <tt class="docutils literal">0</tt> when the peer
address is UDS. Added <tt class="docutils literal">remote.path</tt> to vtc, whose value is the
path when the address is UDS, and NULL (matching <undef>) for IP
addresses.</li>
</ul>
</div>
<div class="section" id="c-apis-for-vmod-and-utility-authors-2">
<h2>C APIs (for vmod and utility authors)</h2>
<ul class="simple">
<li>We have now defined three API Stability levels: <tt class="docutils literal">VRT</tt>,
<tt class="docutils literal">PACKAGE</tt>, <tt class="docutils literal">SOURCE</tt>.</li>
<li>New API namespace rules, see <cite>phk_api_spaces_</cite></li>
<li>Rules for including API headers have been changed:
* many headers can now only be included once
* some headers require specific include ordering
* only <tt class="docutils literal">cache.h</tt> _or_ <tt class="docutils literal">vrt.h</tt> can be included</li>
<li>Signatures of functions in the VLU API for bytestream into text
serialization have been changed</li>
<li>vcl.h now contains convenience macros <tt class="docutils literal">VCL_MET_TASK_B</tt>,
<tt class="docutils literal">VCL_MET_TASK_C</tt> and <tt class="docutils literal">VCL_MET_TASK_H</tt> for checking
<tt class="docutils literal"><span class="pre">ctx->method</span></tt> for backend, client and housekeeping
(vcl_init/vcl_fini) task context</li>
<li>vcc files can now contain a <tt class="docutils literal">$Prefix</tt> stanza to define the prefix
for vmod function names (which was fixed to <tt class="docutils literal">vmod</tt> before)</li>
<li>vcc files can contain a <tt class="docutils literal">$Synopsis</tt> stanza with one of the values
<tt class="docutils literal">auto</tt> or <tt class="docutils literal">manual</tt>, default <tt class="docutils literal">auto</tt>. With <tt class="docutils literal">auto</tt>, a more
comprehensive SYNOPSIS is generated in the doc output with an
overview of objects, methods, functions and their signatures. With
<tt class="docutils literal">manual</tt>, the auto-SYNOPSIS is left out, for VMOD authors who
prefer to write their own.</li>
<li>All Varnish internal <tt class="docutils literal">SHA256*</tt> symbols have been renamed to
<tt class="docutils literal">VSHA256*</tt></li>
<li>libvarnish now has <tt class="docutils literal">VNUM_duration()</tt> to convert from a VCL
duration like 4h or 5s</li>
<li>director health state queries have been merged to <tt class="docutils literal">VRT_Healthy()</tt></li>
<li>Renamed macros:
* <tt class="docutils literal">__match_proto__()</tt> -> <tt class="docutils literal">v_matchproto_()</tt>
* <tt class="docutils literal">__v_printflike()</tt> -> <tt class="docutils literal">v_printflike_()</tt>
* <tt class="docutils literal">__state_variable__()</tt> -> <tt class="docutils literal">v_statevariable_()</tt>
* <tt class="docutils literal">__unused</tt> -> <tt class="docutils literal">v_unused_</tt>
* <tt class="docutils literal"><span class="pre">__attribute__((__noreturn__)</span></tt> -> <tt class="docutils literal">v_noreturn_</tt></li>
<li>ENUMs are now fixed pointers per vcl.</li>
<li>Added <tt class="docutils literal">VRT_blob()</tt> utility function to create a blob as a copy
of some chunk of data on the workspace.</li>
<li>Directors now have their own admin health information and always need to
have the <tt class="docutils literal">(struct <span class="pre">director).admin_health</span></tt> initialized to
<tt class="docutils literal">VDI_AH_*</tt> (usually <tt class="docutils literal">VDI_AH_HEALTHY</tt>).</li>
</ul>
</div>
<div class="section" id="other-changes-relevant-for-vmods">
<h2>Other changes relevant for VMODs</h2>
<ul class="simple">
<li><tt class="docutils literal">PRIV_*</tt> function/method arguments are not excluded from
auto-generated vmod documentation.</li>
</ul>
</div>
<div class="section" id="fixed-bugs-which-may-influence-vcl-behaviour">
<h2>Fixed bugs which may influence VCL behaviour</h2>
<ul class="simple">
<li>After reusing a backend connection fails once, a fresh connection
will be opened (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2135">2135</a>).</li>
</ul>
</div>
<div class="section" id="fixed-bugs-3">
<h2>Fixed bugs</h2>
<ul class="simple">
<li>Honor first_byte_timeout for recycled backend connections. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1772">1772</a>)</li>
<li>Limit backend connection retries to a single retry (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2135">2135</a>)</li>
<li>H2: Move the req-specific PRIV pointers to struct req. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2268">2268</a>)</li>
<li>H2: Don't panic if we reembark with a request body (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2305">2305</a>)</li>
<li>Clear the objcore attributes flags when (re)initializing an stv object. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2319">2319</a>)</li>
<li>H2: Fail streams with missing :method or :path. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2351">2351</a>)</li>
<li>H2: Enforce sequence requirement of header block frames. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2387">2387</a>)</li>
<li>H2: Hold the sess mutex when evaluating r2->cond. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2434">2434</a>)</li>
<li>Use the idle read timeout only on empty requests. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2492">2492</a>)</li>
<li>OH leak in http1_reembark. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2495">2495</a>)</li>
<li>Fix objcore reference count leak. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2502">2502</a>)</li>
<li>Close a race between backend probe and vcl.state=Cold by removing
the be->vsc under backend mtx. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2505">2505</a>)</li>
<li>Fail gracefully if shard.backend() is called in housekeeping subs (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2506">2506</a>)</li>
<li>Fix issue #1799 for keep. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2519">2519</a>)</li>
<li>oc->last_lru as float gives too little precision. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2527">2527</a>)</li>
<li>H2: Don't HTC_RxStuff with a non-reserved workspace. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2539">2539</a>)</li>
<li>Various optimizations of VSM. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2430">2430</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2470">2470</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2518">2518</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2535">2535</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2541">2541</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2545">2545</a>, <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2546">2546</a>)</li>
<li>Problems during late socket initialization performed by the Varnish
child process can now be reported back to the management process with an
error message. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2551">2551</a>)</li>
<li>Fail if ESI is attempted on partial (206) objects.</li>
<li>Assert error in ban_mark_completed() - ban lurker edge case. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2556">2556</a>)</li>
<li>Accurate byte counters (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2558">2558</a>). See Logging / statistics above.</li>
<li>H2: Fix reembark failure handling. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2563">2563</a> and <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2592">2592</a>)</li>
<li>Working directory permissions insufficient when starting with
umask 027. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2570">2570</a>)</li>
<li>Always use HTTP/1.1 on backend connections for pass & fetch. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2574">2574</a>)</li>
<li>EPIPE is a documented errno in tcp(7) on linux. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2582">2582</a>)</li>
<li>H2: Handle failed write(2) in h2_ou_session. (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2607">2607</a>)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-2-1-2017-11-14">
<h1>Varnish Cache 5.2.1 (2017-11-14)</h1>
<div class="section" id="bugs-fixed">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2429">2429</a> - Avoid buffer read overflow on vcl_backend_error and -sfile</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2492">2492</a> - Use the idle read timeout only on empty requests.</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-2-0-2017-09-15">
<h1>Varnish Cache 5.2.0 (2017-09-15)</h1>
<ul class="simple">
<li>The <tt class="docutils literal">cli_buffer</tt> parameter has been deprecated (<a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2382">2382</a>)</li>
</ul>
</div>
<div class="section" id="varnish-cache-5-2-rc1-2017-09-04">
<h1>Varnish Cache 5.2-RC1 (2017-09-04)</h1>
<div class="section" id="usage-1">
<h2>Usage</h2>
<ul class="simple">
<li>The default for the the -i argument is now the hostname as returned
by gethostname(3)</li>
<li>Where possible (on platforms with setproctitle(3)), the -i argument
rather than the -n argument is used for process names</li>
<li>varnishd -f honors <tt class="docutils literal">vcl_path</tt> (#2342)</li>
<li>The <tt class="docutils literal">MAIN.s_req</tt> statistic has been removed, as it was identical to
<tt class="docutils literal">MAIN.client_req</tt>. VSM consumers should be changed to use the
latter if necessary.</li>
<li>A listen address can take a name in the -a argument. This name is used
in the logs and later will possibly be available in VCL.</li>
</ul>
</div>
<div class="section" id="vcl-2">
<h2>VCL</h2>
<ul class="simple">
<li>VRT_purge fails a transaction if used outside of <tt class="docutils literal">vcl_hit</tt> and
<tt class="docutils literal">vcl_miss</tt> (#2339)</li>
<li>Added <tt class="docutils literal">bereq.is_bgfetch</tt> which is true for background fetches.</li>
<li>Added VMOD purge (#2404)</li>
<li>Added VMOD blob (#2407)</li>
</ul>
</div>
<div class="section" id="c-apis-for-vmod-and-utility-authors-3">
<h2>C APIs (for vmod and utility authors)</h2>
<ul class="simple">
<li>The VSM API for accessing the shared memory segment has been
totally rewritten.  Things should be simpler and more general.</li>
<li>VSC shared memory layout has changed and the VSC API updated
to match it.  This paves the way for user defined VSC counters
in VMODS and later possibly also in VCL.</li>
<li>New vmod vtc for advanced varnishtest usage (#2276)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-1-3-2017-08-02">
<h1>Varnish Cache 5.1.3 (2017-08-02)</h1>
<div class="section" id="bugs-fixed-1">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2379">2379</a> - Correctly handle bogusly large chunk sizes (VSV00001)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-1-2-2017-04-07">
<h1>Varnish Cache 5.1.2 (2017-04-07)</h1>
<ul class="simple">
<li>Fix an endless loop in Backend Polling (#2295)</li>
<li>Fix a Chunked bug in tight workspaces (#2207, #2275)</li>
<li>Fix a bug relating to req.body when on waitinglist (#2266)</li>
<li>Handle EPIPE on broken TCP connections (#2267)</li>
<li>Work around the x86 arch's turbo-double FP format in parameter
setup code. (#1875)</li>
<li>Fix race related to backend probe with proxy header (#2278)</li>
<li>Keep VCL temperature consistent between mgt/worker also when
worker protests.</li>
<li>A lot of HTTP/2 fixes.</li>
</ul>
</div>
<div class="section" id="varnish-cache-5-1-1-2017-03-16">
<h1>Varnish Cache 5.1.1 (2017-03-16)</h1>
<ul class="simple">
<li>Fix bug introduced by stubborn old bugger right before release
5.1.0 was cut.</li>
</ul>
</div>
<div class="section" id="varnish-cache-5-1-0-2017-03-15">
<h1>Varnish Cache 5.1.0 (2017-03-15)</h1>
<ul class="simple">
<li>Added varnishd command-line options -I, -x and -?, and tightened
restrictions on permitted combinations of options.</li>
<li>More progress on support for HTTP/2.</li>
<li>Add <tt class="docutils literal">return(fail)</tt> to almost all VCL subroutines.</li>
<li>Restored the old hit-for-pass, invoked with
<tt class="docutils literal">return(pass(DURATION))</tt> from
<tt class="docutils literal">vcl_backend_response</tt>. hit-for-miss remains the default.  Added
the cache_hitmiss stat, and cache_hitpass only counts the new/old
hit-for-pass cases. Restored HitPass to the Varnish log, and added
HitMiss. Added the HFP prefix to TTL log entries to log a
hit-for-pass duration.</li>
<li>Rolled back the fix for #1206. Client delivery decides solely whether
to send a 304 client response, based on client request and response
headers.</li>
<li>Added vtest.sh.</li>
<li>Added vxid as a lefthand side for VSL queries.</li>
<li>Added the setenv and write_body commands for Varnish test cases (VTCs).
err_shell is deprecated. Also added the operators -cliexpect, -match and
-hdrlen, and -reason replaces -msg. Added the ${bad_backend} macro.</li>
<li>varnishtest can be stopped with the TERM, INT and KILL signals, but
not with HUP.</li>
<li>The fallback director has now an extra, optional parameter to keep
using the current backend until it falls sick.</li>
<li>VMOD shared libraries are now copied to the workdir, to avoid problems
when VMODs are updated via packaging systems.</li>
<li>Bump the VRT version to 6.0.</li>
<li>Export more symbols from libvarnishapi.so.</li>
<li>The size of the VSL log is limited to 4G-1b, placing upper bounds on
the -l option and the vsl_space and vsm_space parameters.</li>
<li>Added parameters clock_step, thread_pool_reserve and ban_cutoff.</li>
<li>Parameters vcl_dir and vmod_dir are deprecated, use vcl_path and
vmod_path instead.</li>
<li>All parameters are defined, even on platforms that don't support
them.  An unsupported parameter is documented as such in
param.show. Setting such a parameter is not an error, but has no
effect.</li>
<li>Clarified the interpretations of the + and - operators in VCL with
operands of the various data types.</li>
<li>DURATION types may be used in boolean contexts.</li>
<li>INT, DURATION and REAL values can now be negative.</li>
<li>Response codes 1000 or greater may now be set in VCL internally.
resp.status is delivered modulo 1000 in client responses.</li>
<li>IP addresses can be compared for equality in VCL.</li>
<li>Introduce the STEVEDORE data type, and the objects storage.SNAME
in VCL.  Added req.storage and beresp.storage; beresp.storage_hint
is deprecated.</li>
<li>Retired the umem stevedore.</li>
<li>req.ttl is deprecated.</li>
<li>Added std.getenv() and std.late_100_continue().</li>
<li>The fetch_failed stat is incremented for any kind of fetch failure.</li>
<li>Added the stats n_test_gunzip and bans_lurker_obj_killed_cutoff.</li>
<li>Clarified the meanings of the %r, %{X}i and %{X}o formatters in
varnishncsa.</li>
</ul>
<div class="section" id="bugs-fixed-2">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2251">2251</a> - varnishapi.pc and varnishconfdir</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2250">2250</a> - vrt.h now depends on vdef.h making current vmod fail.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2249">2249</a> - "logexpect -wait" doesn't fail</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2245">2245</a> - Varnish doesn't start, if use vmod (vmod_cache dir was permission denied)</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2241">2241</a> - VSL fails to get hold of SHM</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2233">2233</a> - Crash on "Assert error in WS_Assert(), cache/cache_ws.c line 59"</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2227">2227</a> - -C flag broken in HEAD</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2217">2217</a> - fix argument processing -C regression</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2207">2207</a> - Assert error in V1L_Write()</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2205">2205</a> - Strange bug when I set client.ip with another string</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2203">2203</a> - unhandled SIGPIPE</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2200">2200</a> - Assert error in vev_compact_pfd(), vev.c line 394</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2197">2197</a> - ESI parser panic on malformed src URL</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2190">2190</a> - varnishncsa: The %r formatter is NOT equivalent to "%m <a class="reference external" href="http:/">http:/</a>/%{Host}i%U%q %H"</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2186">2186</a> - Assert error in sml_iterator(), storage/storage_simple.c line 263</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2184">2184</a> - Cannot subtract a negative number</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2177">2177</a> - Clarify interactions between restarts and labels</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2175">2175</a> - Backend leak between a top VCL and a label</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2174">2174</a> - Cflags overhaul</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2167">2167</a> - VCC will not parse a literal negative number where INT is expected</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2155">2155</a> - vmodtool removes text following $Event from RST docs</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2151">2151</a> - Health probes do not honor a backend's PROXY protocol setting</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2142">2142</a> - ip comparison fails</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2148">2148</a> - varnishncsa cannot decode Authorization header if the format is incorrect.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2143">2143</a> - Assert error in exp_inbox(), cache/cache_expire.c line 195</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2134">2134</a> - Disable Nagle's</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2129">2129</a> - stack overflow with >4 level esi</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2128">2128</a> - SIGSEGV NULL Pointer in STV__iter()</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2118">2118</a> - "varnishstat -f MAIN.sess_conn -1" produces empty output</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2117">2117</a> - SES_Close() EBADF / Wait_Enter() wp->fd <= 0</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2115">2115</a> - VSM temporary files are not always deleted</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2110">2110</a> - [CLI] vcl.inline failures</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2104">2104</a> - Assert error in VFP_Open(), cache/cache_fetch_proc.c line 139: Condition((vc->wrk->vsl) != 0) not true</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2099">2099</a> - VCC BACKEND/HDR comparison produces duplicate gethdr_s definition</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2096">2096</a> - H2 t2002 fail on arm64/arm32</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2094">2094</a> - H2 t2000 fail on arm64/arm32</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2078">2078</a> - VCL comparison doesn't fold STRING_LIST</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2052">2052</a> - d12.vtc flaky when compiling with suncc</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2042">2042</a> - Send a 304 response for a just-gone-stale hitpass object when appropriate</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2041">2041</a> - Parent process should exit if it fails to start child</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2035">2035</a> - varnishd stalls with two consecutive Range requests using HTTP persistent connections</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2026">2026</a> - Add restart of poll in read_tmo</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2021">2021</a> - vcc "used before defined" check</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2017">2017</a> - "%r" field is wrong</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2016">2016</a> - confusing vcc error when acl referenced before definition</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2014">2014</a> - req.ttl: retire or document+vtc</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2010">2010</a> - varnishadm CLI behaving weirdly</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1991">1991</a> - Starting varnish on Linux with boot param ipv6.disable=1 fails</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1988">1988</a> - Lost req.url gives misleading error</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1914">1914</a> - set a custom storage for cache_req_body</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1899">1899</a> - varnishadm vcl.inline is overly obscure</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1874">1874</a> - clock-step related crash</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1865">1865</a> - Panic accessing beresp.backend.ip in vcl_backend_error{}</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1856">1856</a> - LostHeader setting req.url to an empty string</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1834">1834</a> - WS_Assert(), cache/cache_ws.c line 59</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1830">1830</a> - VSL API: "duplicate link" errors in request grouping when vsl_buffer is increased</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1764">1764</a> - nuke_limit is not honored</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1750">1750</a> - Fail more gracefully on -l >= 4GB</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1704">1704</a> - fetch_failed not incremented</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-0-0-2016-09-15">
<h1>Varnish Cache 5.0.0 (2016-09-15)</h1>
<ul class="simple">
<li>Documentation updates, especially the what's new and upgrade sections.</li>
<li>Via: header made by Varnish now says 5.0.</li>
<li>VMOD VRT ABI level increased.</li>
<li>[vcl] obj.(ttl|age|grace|keep) is now readable in vcl_deliver.</li>
<li>Latest devicedetect.vcl imported from upstream.</li>
<li>New system wide VCL directory: <tt class="docutils literal">/usr/share/varnish/vcl/</tt></li>
<li>std.integer() can now convert from REAL.</li>
</ul>
<div class="section" id="bugs-fixed-3">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2086">2086</a> - Ignore H2 upgrades if the feature is not enabled.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2054">2054</a> - Introduce new macros for out-of-tree VMODs</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2022">2022</a> - varnishstat -1 -f field inclusion glob doesn't allow VBE backend fields</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2008">2008</a> - Panic: Assert error in VBE_Delete()</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1800">1800</a> - PRIV_TASK in vcl_init/fini</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-5-0-0-beta1-2016-09-09">
<h1>Varnish Cache 5.0.0-beta1 (2016-09-09)</h1>
<p>This is the first beta release of the upcoming 5.0 release.</p>
<p>The list of changes are numerous and will not be expanded on in detail.</p>
<p>The release notes contain more background information and are highly
recommended reading before using any of the new features.</p>
<p>Major items:</p>
<ul class="simple">
<li>VCL labels, allowing for per-vhost (or per-anything) separate VCL files.</li>
<li>(Very!) experimental support for HTTP/2.</li>
<li>Always send the request body to the backend, making possible to cache
responses of POST, PATCH requests etc with appropriate custom VCL and/or
VMODs.</li>
<li>hit-for-pass is now actually hit-for-miss.</li>
<li>new shard director for loadbalancing by consistent hashing</li>
<li>ban lurker performance improvements</li>
<li>access to obj.ttl, obj.age, obj.grace and obj.keep in vcl_deliver</li>
</ul>
<div class="section" id="news-for-vmod-authors">
<h2>News for Vmod Authors</h2>
<ul class="simple">
<li>workspace and PRIV_TASK for vcl cli events (init/fini methods)</li>
<li>PRIV_* now also work for object methods with unchanged scope.</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-9-2017-11-14">
<h1>Varnish Cache 4.1.9 (2017-11-14)</h1>
<p>Changes since 4.1.8:</p>
<ul class="simple">
<li>Added <tt class="docutils literal">bereq.is_bgfetch</tt> which is true for background fetches.</li>
<li>Add the vtc feature ignore_unknown_macro.</li>
<li>Expose to VCL whether or not a fetch is a background fetch (bgfetch)</li>
<li>Ignore req.ttl when keeping track of expired objects (see <a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2422">2422</a>)</li>
<li>Move a cli buffer to VSB (from stack).</li>
<li>Use a separate stack for signals.</li>
</ul>
<div class="section" id="bugs-fixed-4">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2337">2337</a> and <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2366">2366</a> - Both Upgrade and Connection headers are needed for
WebSocket now</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2372">2372</a> - Fix problem with purging and the n_obj_purged counter</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2373">2373</a> - VSC n_vcl, n_vcl_avail, n_vcl_discard are gauge</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2380">2380</a> - Correct regexp in examples.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2390">2390</a> - Straighten locking wrt vcl_active</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2429">2429</a> - Avoid buffer read overflow on vcl_backend_error and -sfile</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2492">2492</a> - Use the idle read timeout only on empty requests</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-8-2017-08-02">
<h1>Varnish Cache 4.1.8 (2017-08-02)</h1>
<p>Changes since 4.1.7:</p>
<ul class="simple">
<li>Update in the documentation of timestamps</li>
</ul>
<div class="section" id="bugs-fixed-5">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2379">2379</a> - Correctly handle bogusly large chunk sizes (VSV00001)</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-7-2017-06-28">
<h1>Varnish Cache 4.1.7 (2017-06-28)</h1>
<p>Changes since 4.1.7-beta1:</p>
<ul class="simple">
<li>Add extra locking to protect the pools list and refcounts</li>
<li>Don't panic on a null ban</li>
</ul>
<div class="section" id="bugs-fixed-6">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2321">2321</a> - Prevent storage backends name collisions</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-7-beta1-2017-06-15">
<h1>Varnish Cache 4.1.7-beta1 (2017-06-15)</h1>
<p>Changes since 4.1.6:</p>
<ul class="simple">
<li>Add -vsl_catchup to varnishtest</li>
<li>Add record-prefix support to varnishncsa</li>
</ul>
<div class="section" id="bugs-fixed-7">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1764">1764</a> - Correctly honor nuke_limit parameter</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2022">2022</a> - varnishstat -1 -f field inclusion glob doesn't allow VBE
backend fields</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2069">2069</a> - Health probes fail when HTTP response does not contain
reason phrase</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2118">2118</a> - "varnishstat -f MAIN.sess_conn -1" produces empty output</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2219">2219</a> - Remember to reset workspace</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2320">2320</a> - Rework and fix varnishstat counter filtering</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2329">2329</a> - Docfix: Only root can jail</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-6-2017-04-26">
<h1>Varnish Cache 4.1.6 (2017-04-26)</h1>
<ul class="simple">
<li>Introduce a vxid left hand side for VSL queries. This allows
matching on records matching a known vxid.</li>
<li>Environment variables are now available in the stdandard VMOD;
std.getenv()</li>
<li>Add setenv command to varnishtest</li>
</ul>
<div class="section" id="bugs-fixed-8">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2200">2200</a> - Dramatically simplify VEV, fix assert in vev.c</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2216">2216</a> - Make sure Age is always less than max-age</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2233">2233</a> - Correct check when parsing the query string</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2241">2241</a> - VSL fails to get hold of SHM</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2270">2270</a> - Newly loaded auto VCLs don't get their go_cold timer set</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2273">2273</a> - Master cooling problem</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2275">2275</a> - If the client workspace is almost, but not quite exhaused, we may
not be able to get enough iovec's to do Chunked transmission.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2295">2295</a> - Spinning loop in VBE_Poll causes master to kill child on
CLI timeout</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2301">2301</a> - Don't attempt to check if varnishd is still running if we have
already failed.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2313">2313</a> - Cannot link to varnishapi, symbols missing</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-5-2017-02-09">
<h1>Varnish Cache 4.1.5 (2017-02-09)</h1>
<ul class="simple">
<li>No code changes since 4.1.5-beta2.</li>
</ul>
</div>
<div class="section" id="varnish-cache-4-1-5-beta2-2017-02-08">
<h1>Varnish Cache 4.1.5-beta2 (2017-02-08)</h1>
<ul class="simple">
<li>Update devicedetect.vcl</li>
</ul>
<div class="section" id="bugs-fixed-9">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1704">1704</a> - Reverted the docfix and made the fech_failed counter do
what the documentation says it should do</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1865">1865</a> - Panic accessing beresp.backend.ip in vcl_backend_error</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2167">2167</a> - VCC will not parse a literal negative number where INT is
expected</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2184">2184</a> - Cannot subtract a negative number</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-5-beta1-2017-02-02">
<h1>Varnish Cache 4.1.5-beta1 (2017-02-02)</h1>
<div class="section" id="bugs-fixed-10">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1704">1704</a> - (docfix) Clarify description of fetch_failed counter</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1834">1834</a> - Panic in workspace exhaustion conditions</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2106">2106</a> - 4.1.3: Varnish crashes with "Assert error in CNT_Request(),
cache/cache_req_fsm.c line 820"</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2134">2134</a> - Disable Nagle's</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2148">2148</a> - varnishncsa cannot decode Authorization header if the
format is incorrect.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2168">2168</a> - Compare 'bereq.backend' / 'req.backend_hint'
myDirector.backend() does not work</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2178">2178</a> - 4.1 branch does not compile on FreeBSD</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/pull/2188">2188</a> - Fix vsm_free (never incremented)</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2190">2190</a> - (docfix)varnishncsa: The %r formatter is NOT equivalent to...</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2197">2197</a> - ESI parser panic on malformed src URL</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-4-2016-12-01">
<h1>Varnish Cache 4.1.4 (2016-12-01)</h1>
<div class="section" id="bugs-fixed-11">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2035">2035</a> - varnishd stalls with two consecutive Range requests using
HTTP persistent connections</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-4-beta3-2016-11-24">
<h1>Varnish Cache 4.1.4-beta3 (2016-11-24)</h1>
<ul class="simple">
<li>Include the current time of the panic in the panic output</li>
<li>Keep a reserve of idle threads for vital tasks</li>
</ul>
<div class="section" id="bugs-fixed-12">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1874">1874</a> - clock-step related crash</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1889">1889</a> - (docfix) What does -p flag for backend.list command means</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2115">2115</a> - VSM temporary files are not always deleted</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2129">2129</a> - (docfix) stack overflow with >4 level esi</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-4-beta2-2016-10-13">
<h1>Varnish Cache 4.1.4-beta2 (2016-10-13)</h1>
<div class="section" id="bugs-fixed-13">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1830">1830</a> - VSL API: "duplicate link" errors in request grouping when
vsl_buffer is increased</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2010">2010</a> - varnishadm CLI behaving weirdly</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2017">2017</a> - varnishncsa docfix: "%r" field is wrong</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2107">2107</a> - (docfix) HEAD requestes changed to GET</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-4-beta1-2016-09-14">
<h1>Varnish Cache 4.1.4-beta1 (2016-09-14)</h1>
<ul class="simple">
<li>[varnishhist] Various improvements</li>
<li>[varnishtest] A <cite>cmd</cite> feature for custom shell-based checks</li>
<li>Documentation improvements (do_stream, sess_herd, timeout_linger, thread_pools)</li>
<li>[varnishtop] Documented behavior when both -p and -1 are specified</li>
</ul>
<div class="section" id="bugs-fixed-14">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2027">2027</a> - Racy backend selection</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2024">2024</a> - panic vmod_rr_resolve() round_robin.c line 75 (be) != NULL</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2011">2011</a> - VBE.*.conn (concurrent connections to backend) not working as expected</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2008">2008</a> - Assert error in VBE_Delete()</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/2007">2007</a> - Update documentation part about CLI/management port authentication parameter</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1881">1881</a> - std.cache_req_body() w/ return(pipe) is broken</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-3-2016-07-06">
<h1>Varnish Cache 4.1.3 (2016-07-06)</h1>
<ul class="simple">
<li>Be stricter when parsing request headers to harden against smuggling attacks.</li>
</ul>
</div>
<div class="section" id="varnish-cache-4-1-3-beta2-2016-06-28">
<h1>Varnish Cache 4.1.3-beta2 (2016-06-28)</h1>
<ul class="simple">
<li>New parameter <cite>vsm_free_cooldown</cite>. Specifies how long freed VSM
memory (shared log) will be kept around before actually being freed.</li>
<li>varnishncsa now accepts <cite>-L</cite> argument to configure the limit on incomplete
transactions kept. (Issue <a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1994">1994</a>)</li>
</ul>
<div class="section" id="bugs-fixed-15">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1984">1984</a> - Make the counter vsm_cooling act according to spec</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1963">1963</a> - Avoid abort when changing to a VCL name which is a path</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1933">1933</a> - Don't trust dlopen refcounting</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-3-beta1-2016-06-15">
<h1>Varnish Cache 4.1.3-beta1 (2016-06-15)</h1>
<ul class="simple">
<li>varnishncsa can now access and log backend requests. (PR #1905)</li>
<li>[varnishncsa] New output formatters %{Varnish:vxid}x and %{VSL:Tag}x.</li>
<li>[varnishlog] Added log tag BackendStart on backend transactions.</li>
<li>On SmartOS, use ports instead of epoll by default.</li>
<li>Add support for TCP Fast Open where available. Disabled by default.</li>
<li>[varnishtest] New syncronization primitive barriers added, improving
coordination when test cases call external programs.</li>
</ul>
<div class="section" id="bugs-fixed-16">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1971">1971</a> - Add missing Wait_HeapDelete</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1967">1967</a> - [ncsa] Remove implicit line feed when using formatfile</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1955">1955</a> - 4.1.x sometimes duplicates Age and Accept-Ranges headers</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1954">1954</a> - Correctly handle HTTP/1.1 EOF response</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1953">1953</a> - Deal with fetch failures in ved_stripgzip</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1931">1931</a> - Allow VCL set Last-Modified to be used for I-M-S processing</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1928">1928</a> - req->task members must be set in case we get onto the waitinglist</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1924">1924</a> - Make std.log() and std.syslog() work from vcl_{init,fini}</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1919">1919</a> - Avoid ban lurker panic with empty olist</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1918">1918</a> - Correctly handle EOF responses with HTTP/1.1</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1912">1912</a> - Fix (insignificant) memory leak with mal-formed ESI directives.</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1904">1904</a> - Release memory instead of crashing on malformed ESI</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1885">1885</a> - [vmodtool] Method names should start with a period</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1879">1879</a> - Correct handling of duplicate headers on IMS header merge</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1878">1878</a> - Fix a ESI+gzip corner case which had escaped notice until now</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1873">1873</a> - Check for overrun before looking at the next vsm record</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1871">1871</a> - Missing error handling code in V1F_Setup_Fetch</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1869">1869</a> - Remove temporary directory iff called with -C</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1883">1883</a> - Only accept C identifiers as acls</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1855">1855</a> - Truncate output if it's wider than 12 chars</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1806">1806</a> - One minute delay on return (pipe) and a POST-Request</li>
<li><a class="reference external" href="https://github.com/varnishcache/varnish-cache/issues/1725">1725</a> - Revive the backend_conn counter</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-2-2016-03-04">
<h1>Varnish Cache 4.1.2 (2016-03-04)</h1>
<ul class="simple">
<li>[vmods] vmodtool improvements for multiple VMODs in a single directory.</li>
</ul>
<div class="section" id="bugs-fixed-17">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1860">1860</a> - ESI-related memory leaks</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1863">1863</a> - Don't reset the oc->ban pointer from BAN_CheckObject</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1864">1864</a> - Avoid panic if the lurker is working on a ban to be checked.</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-2-beta2-2016-02-25">
<h1>Varnish Cache 4.1.2-beta2 (2016-02-25)</h1>
<ul class="simple">
<li>[vmods] Passing VCL ACL to a VMOD is now possible.</li>
<li>[vmods] VRT_MINOR_VERSION increase due to new function: VRT_acl_match()</li>
<li>Some test case stabilization fixes and minor documentation updates.</li>
<li>Improved handling of workspace exhaustion when fetching objects.</li>
</ul>
<div class="section" id="bugs-fixed-18">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1858">1858</a> - Hit-for-pass objects are not IMS candidates</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-2-beta1-2016-02-17">
<h1>Varnish Cache 4.1.2-beta1 (2016-02-17)</h1>
<ul class="simple">
<li>Be stricter when parsing a HTTP request to avoid potential
HTTP smuggling attacks against vulnerable backends.</li>
<li>Some fixes to minor/trivial issues found with clang AddressSanitizer.</li>
<li>Arithmetric on REAL data type in VCL is now possible.</li>
<li>vmodtool.py improvements to allow VMODs for 4.0 and 4.1 to share a source tree.</li>
<li>Off-by-one in WS_Reset() fixed.</li>
<li>"https_scheme" parameter added. Enables graceful handling of compound
request URLs with HTTPS scheme. (Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1847">1847</a>)</li>
</ul>
<div class="section" id="bugs-fixed-19">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1739">1739</a> - Workspace overflow handling in VFP_Push()</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1837">1837</a> - Error compiling VCL if probe is referenced before it is defined</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1841">1841</a> - Replace alien FD's with /dev/null rather than just closing them</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1843">1843</a> - Fail HTTP/1.0 POST and PUT requests without Content-Length</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1844">1844</a> - Correct ENUM handling in object constructors</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1851">1851</a> - Varnish 4.1.1 fails to build on i386</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1852">1852</a> - Add a missing VDP flush operation after ESI:includes.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1857">1857</a> - Fix timeout calculation for session herding.</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-1-2016-01-28">
<h1>Varnish Cache 4.1.1 (2016-01-28)</h1>
<ul class="simple">
<li>No code changes since 4.1.1-beta2.</li>
</ul>
</div>
<div class="section" id="varnish-cache-4-1-1-beta2-2016-01-22">
<h1>Varnish Cache 4.1.1-beta2 (2016-01-22)</h1>
<ul class="simple">
<li>Improvements to VCL temperature handling added. This opens for reliably
deny warming a cooling VCL from a VMOD.</li>
</ul>
<div class="section" id="bugs-fixed-20">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1802">1802</a> - Segfault after VCL change</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1825">1825</a> - Cannot Start Varnish After Just Restarting The Service</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1842">1842</a> - Handle missing waiting list gracefully.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1845">1845</a> - Handle whitespace after floats in test fields</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-1-beta1-2016-01-15">
<h1>Varnish Cache 4.1.1-beta1 (2016-01-15)</h1>
<ul class="simple">
<li>Format of "ban.list" has changed slightly.</li>
<li>[varnishncsa] -w is now required when running deamonized.</li>
<li>[varnishncsa] Log format can now be read from file.</li>
<li>Port fields extracted from PROXY1 header now work as expected.</li>
<li>New VCL state "busy" introduced (mostly for VMOD writers).</li>
<li>Last traces of varnishreplay removed.</li>
<li>If-Modified-Since is now ignored if we have If-None-Match.</li>
<li>Zero Content-Length is no longer sent on 304 responses.</li>
<li>vcl_dir and vmod_dir now accept a colon separated list of directories.</li>
<li>Nested includes starting with "./" are relative to the including
VCL file now.</li>
</ul>
<div class="section" id="bugs-fixed-21">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1796">1796</a> - Don't attempt to allocate a V1L from the workspace if it is overflowed.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1794">1794</a> - Fail if multiple -a arguments return the same suckaddr.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1763">1763</a> - Restart epoll_wait on EINTR error</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1788">1788</a> - ObjIter has terrible performance profile when busyobj != NULL</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1798">1798</a> - Varnish requests painfully slow with large files</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1816">1816</a> - Use a weak comparison function for If-None-Match</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1818">1818</a> - Allow grace-hits on hit-for-pass objects, [..]</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1821">1821</a> - Always slim private & pass objects after delivery.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1823">1823</a> - Rush the objheader if there is a waiting list when it is deref'ed.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1826">1826</a> - Ignore 0 Content-Lengths in 204 responses</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1813">1813</a> - Fail if multiple -a arguments return the same suckaddr.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1810">1810</a> - Improve handling of HTTP/1.0 clients</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1807">1807</a> - Return 500 if we cannot decode the stored object into the resp.*</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1804">1804</a> - Log proxy related messages on the session, not on the request.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1801">1801</a> - Relax IP constant parsing</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-0-2015-09-30">
<h1>Varnish Cache 4.1.0 (2015-09-30)</h1>
<ul class="simple">
<li>Documentation updates.</li>
<li>Stabilization fixes on testcase p00005.vtc.</li>
<li>Avoid compiler warning in zlib.</li>
<li>Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1792">1792</a>: Avoid using fallocate() with -sfile on non-EXT4.</li>
</ul>
</div>
<div class="section" id="varnish-cache-4-1-0-beta1-2015-09-11">
<h1>Varnish Cache 4.1.0-beta1 (2015-09-11)</h1>
<ul class="simple">
<li>Redhat packaging files are now separate from the normal tree.</li>
<li>Client workspace overflow should now result in a 500 response
instead of panic.</li>
<li>[varnishstat] -w option has been retired.</li>
<li>libvarnishapi release number is increased.</li>
<li>Body bytes sent on ESI subrequests with gzip are now counted correctly.</li>
<li>[vmod-std] Data type conversion functions now take additional fallback argument.</li>
</ul>
<div class="section" id="bugs-fixed-22">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1777">1777</a> - Disable speculative Range handling on streaming transactions.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1778">1778</a> - [varnishstat] Cast to integer to prevent negative values messing the statistics</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1781">1781</a> - Propagate gzip CRC upwards from nested ESI includes.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1783">1783</a> - Align code with RFC7230 section 3.3.3 which allows POST without a body.</li>
</ul>
</div>
</div>
<div class="section" id="varnish-cache-4-1-0-tp1-2015-07-08">
<h1>Varnish Cache 4.1.0-tp1 (2015-07-08)</h1>
<p>Changes between 4.0 and 4.1 are numerous. Please read the upgrade
section in the documentation for a general overview.</p>
</div>
<div class="section" id="changes-from-4-0-3-rc3-to-4-0-3-2015-02-17">
<h1>Changes from 4.0.3-rc3 to 4.0.3 (2015-02-17)</h1>
<ul class="simple">
<li>No changes.</li>
</ul>
</div>
<div class="section" id="changes-from-4-0-3-rc2-to-4-0-3-rc3-2015-02-11">
<h1>Changes from 4.0.3-rc2 to 4.0.3-rc3 (2015-02-11)</h1>
<ul class="simple">
<li>Superseded objects are now expired immediately.</li>
</ul>
<div class="section" id="bugs-fixed-23">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1462">1462</a> - Use first/last log entry in varnishncsa.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1539">1539</a> - Avoid panic when expiry thread modifies a candidate object.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1637">1637</a> - Fail the fetch processing if the vep callback failed.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1665">1665</a> - Be more accurate when computing client RX_TIMEOUT.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1672">1672</a> - Do not panic on unsolicited 304 response to non-200 bereq.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-3-rc1-to-4-0-3-rc2-2015-01-28">
<h1>Changes from 4.0.3-rc1 to 4.0.3-rc2 (2015-01-28)</h1>
<ul class="simple">
<li>Assorted documentation updates.</li>
</ul>
<div class="section" id="bugs-fixed-24">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1479">1479</a> - Fix out-of-tree builds.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1578">1566</a> - Escape VCL string question marks.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1616">1616</a> - Correct header file placement.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1620">1620</a> - Fail miss properly if out of backend threads. (Also <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1621">1621</a>)</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1628">1628</a> - Avoid dereferencing null in VBO_DerefBusyObj().</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1629">1629</a> - Ditch rest of waiting list on failure to reschedule.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1660">1660</a> - Don't attempt range delivery on a synth response</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-2-to-4-0-3-rc1-2015-01-15">
<h1>Changes from 4.0.2 to 4.0.3-rc1 (2015-01-15)</h1>
<ul class="simple">
<li>Support older autoconf (< 2.63b) (el5)</li>
<li>A lot of minor documentation fixes.</li>
<li>bereq.uncacheable is now read-only.</li>
<li>obj.uncacheable is now readable in vcl_deliver.</li>
<li>[varnishadm] Prefer exact matches for backend.set_healthy. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1349">1349</a>.</li>
<li>Hard-coded -sfile default size is removed.</li>
<li>[packaging] EL6 packages are once again built with -O2.</li>
<li>[parameter] fetch_chunksize default is reduced to 16KB. (from 128KB)</li>
<li>Added std.time() which converts strings to VCL_TIME.</li>
<li>[packaging] packages now Provide strictABI (gitref) and ABI (VRT major/minor) for VMOD use.</li>
</ul>
<div class="section" id="bugs-fixed-25">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1378">1378</a> - Properly escape non-printable characters in varnishncsa.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1596">1596</a> - Delay HSH_Complete() until the storage sanity functions has finished.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1506">1506</a> - Keep Content-Length from backend if we can.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1602">1602</a> - Fix a cornercase related to empty pass objects.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1607">1607</a> - Don't leak reqs on failure to revive from waitinglist.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1610">1610</a> - Update forgotten varnishlog example to 4.0 syntax.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1612">1612</a> - Fix a cornercase related to empty pass objects.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1623">1623</a> - Fix varnishhist -d segfault.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1636">1636</a> - Outdated paragraph in Vary: documentation</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1638">1638</a> - Fix panic when retrying a failed backend fetch.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1639">1639</a> - Restore the default SIGSEGV handler during pan_ic</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1647">1647</a> - Relax an assertion for the IMS update candidate object.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1648">1648</a> - Avoid partial IMS updates to replace old object.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1650">1650</a> - Collapse multiple X-Forwarded-For headers</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-2-rc1-to-4-0-2-2014-10-08">
<h1>Changes from 4.0.2-rc1 to 4.0.2 (2014-10-08)</h1>
<p>New since 4.0.2-rc1:</p>
<ul class="simple">
<li>[varnishlog] -k argument is back. (exit after n records)</li>
<li>[varnishadm] vcl.show is now listed in help.</li>
</ul>
</div>
<div class="section" id="changes-from-4-0-1-to-4-0-2-rc1-2014-09-23">
<h1>Changes from 4.0.1 to 4.0.2-rc1 (2014-09-23)</h1>
<p>New since 4.0.1:</p>
<ul class="simple">
<li>[libvmod-std] New function strstr() for matching substrings.</li>
<li>server.(hostname|identity) is now available in all VCL functions.</li>
<li>VCL variable type BYTES was added.</li>
<li><cite>workspace_client</cite> default is now 9k.</li>
<li>[varnishstat] Update interval can now be subsecond.</li>
<li>Document that reloading VCL does not reload a VMOD.</li>
<li>Guru meditation page is now valid HTML5.</li>
<li>[varnishstat] hitrate calculation is back.</li>
<li>New parameter <cite>group_cc</cite> adds a GID to the grouplist of
VCL compiler sandbox.</li>
<li>Parameter shm_reclen is now an alias for vsl_reclen.</li>
<li>Workspace overflows are now handled with a 500 client response.</li>
<li>VCL variable type added: HTTP, representing a HTTP header set.</li>
<li>It is now possible to return(synth) from vcl_deliver.</li>
<li>[varnishadm] vcl.show now has a -v option that output the
complete set of VCL and included VCL files.</li>
<li>RHEL7 packaging (systemd) was added.</li>
<li>[libvmod-std] querysort() fixed parameter limit has been lifted.</li>
<li>Fix small memory leak in ESI parser.</li>
<li>Fix unreported race/assert in V1D_Deliver().</li>
</ul>
<div class="section" id="bugs-fixed-26">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1553">1553</a> - Fully reset workspace (incl. Vary state) before reusing it.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1551">1551</a> - Handle workspace exhaustion during purge.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1591">1591</a> - Group entries correctly in varnishtop.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1592">1592</a> - Bail out on workspace exhaustion in VRT_IP_string.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1538">1538</a> - Relax VMOD ABI check for release branches.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1584">1584</a> - Don't log garbage/non-HTTP requests. [varnishncsa]</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1407">1407</a> - Don't rename VSM file until child has started.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1466">1466</a> - Don't leak request structs on restart after waitinglist.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1580">1580</a> - Output warning if started without -b and -f. [varnishd]</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1583">1583</a> - Abort on fatal sandbox errors on Solaris. (Related: <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1572">1572</a>)</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1585">1585</a> - Handle fatal sandbox errors.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1572">1572</a> - Exit codes have been cleaned up.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1569">1569</a> - Order of symbols should not influence compilation result.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1579">1579</a> - Clean up type inference in VCL.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1578">1578</a> - Don't count Age twice when computing new object TTL.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1574">1574</a> - std.syslog() logged empty strings.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1555">1555</a> - autoconf editline/readline build issue.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1568">1568</a> - Skip NULL arguments when hashing.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1567">1567</a> - Compile on systems without SO_SNDTIMEO/SO_RCVTIMEO.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1512">1512</a> - Changes to bereq are lost between v_b_r and v_b_f.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1563">1563</a> - Increase varnishtest read timeout.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1561">1561</a> - Never call a VDP with zero length unless done.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1562">1562</a> - Fail correctly when rereading a failed client request body.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1521">1521</a> - VCL compilation fails on OSX x86_64.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1547">1547</a> - Panic when increasing shm_reclen.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1503">1503</a> - Document return(retry).</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1581">1581</a> - Don't log duplicate Begin records to shmlog.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1588">1588</a> - Correct timestamps on pipelined requests.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1575">1575</a> - Use all director backends when looking for a healthy one.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1577">1577</a> - Read the full request body if shunted to synth.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1532">1532</a> - Use correct VCL representation of reals.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1531">1531</a> - Work around libedit bug in varnishadm.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-0-to-4-0-1-2014-06-24">
<h1>Changes from 4.0.0 to 4.0.1 (2014-06-24)</h1>
<p>New since 4.0.0:</p>
<ul class="simple">
<li>New functions in vmod_std: real2time, time2integer, time2real, real.</li>
<li>Chunked requests are now supported. (pass)</li>
<li>Add std.querysort() that sorts GET query arguments. (from libvmod-boltsort)</li>
<li>Varnish will no longer reply with "200 Not Modified".</li>
<li>Backend IMS is now only attempted when last status was 200.</li>
<li>Packaging now uses find-provides instead of find-requires. [redhat]</li>
<li>Two new counters: n_purges and n_obj_purged.</li>
<li>Core size can now be set from /etc/sysconfig/varnish [redhat]</li>
<li>Via header set is now RFC compliant.</li>
<li>Removed "purge" keyword in VCL. Use return(purge) instead.</li>
<li>fallback director is now documented.</li>
<li>%D format flag in varnishncsa is now truncated to an integer value.</li>
<li>persistent storage backend is now deprecated.
<a class="reference external" href="https://www.varnish-cache.org/docs/trunk/phk/persistent.html">https://www.varnish-cache.org/docs/trunk/phk/persistent.html</a></li>
<li>Added format flags %I (total bytes received) and %O (total bytes sent) for
varnishncsa.</li>
<li>python-docutils >= 0.6 is now required.</li>
<li>Support year (y) as a duration in VCL.</li>
<li>VMOD ABI requirements are relaxed, a VMOD no longer have to be run on the
same git revision as it was compiled for. Replaced by a major/minor ABI counter.</li>
</ul>
<div class="section" id="bugs-fixed-27">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1269">1269</a> - Use correct byte counters in varnishncsa when piping a request.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1524">1524</a> - Chunked requests should be pipe-able.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1530">1530</a> - Expire old object on successful IMS fetch.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1475">1475</a> - time-to-first-byte in varnishncsa was potentially dishonest.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1480">1480</a> - Porting guide for 4.0 is incomplete.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1482">1482</a> - Inherit group memberships of -u specified user.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1473">1473</a> - Fail correctly in configure when rst2man is not found.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1486">1486</a> - Truncate negative Age values to zero.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1488">1488</a> - Don't panic on high request rates.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1489">1489</a> - req.esi should only be available in client threads.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1490">1490</a> - Fix thread leak when reducing number of threads.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1491">1491</a> - Reorder backend connection close procedure to help test cases.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1498">1498</a> - Prefix translated VCL names to avoid name clashes.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1499">1499</a> - Don't leak an objcore when HSH_Lookup returns expired object.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1493">1493</a> - vcl_purge can return synth or restart.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1476">1476</a> - Cope with systems having sys/endian.h and endian.h.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1496">1496</a> - varnishadm should be consistent in argv ordering.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1494">1494</a> - Don't panic on VCL-initiated retry after a backend 500 error.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1139">1139</a> - Also reset keep (for IMS) time when purging.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1478">1478</a> - Avoid panic when delivering an object that expires during delivery.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1504">1504</a> - ACLs can be unreferenced with vcc_err_unref=off set.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1501">1501</a> - Handle that a director couldn't pick a backend.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1495">1495</a> - Reduce WRK_SumStat contention.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1510">1510</a> - Complain on symbol reuse in VCL.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1514">1514</a> - Document storage.NAME.free_space and .used_space [docs]</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1518">1518</a> - Suppress body on 304 response when using ESI.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1519">1519</a> - Round-robin director does not support weight. [docs]</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-0-beta1-to-4-0-0-2014-04-10">
<h1>Changes from 4.0.0 beta1 to 4.0.0 (2014-04-10)</h1>
<p>New since 4.0.0-beta1:</p>
<ul class="simple">
<li>improved varnishstat documentation.</li>
<li>In VCL, req.backend_hint is available in vcl_hit</li>
<li>ncurses is now a dependency.</li>
</ul>
<div class="section" id="bugs-fixed-28">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1469">1469</a> - Fix build error on PPC</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1468">1468</a> - Set ttl=0 on failed objects</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1462">1462</a> - Handle duplicate ReqURL in varnishncsa.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1467">1467</a> - Fix missing clearing of oc->busyobj on HSH_Fail.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-0-tp2-to-4-0-0-beta1-2014-03-27">
<h1>Changes from 4.0.0 TP2 to 4.0.0 beta1 (2014-03-27)</h1>
<p>New since TP2:</p>
<ul class="simple">
<li>Previous always-appended code called default.vcl is now called builtin.vcl.
The new example.vcl is recommended as a starting point for new users.</li>
<li>vcl_error is now called vcl_synth, and does not any more mandate closing the
client connection.</li>
<li>New VCL function vcl_backend_error, where you can change the 503 prepared if
all your backends are failing. This can then be cached as a regular object.</li>
<li>Keyword "remove" in VCL is replaced by "unset".</li>
<li>new timestamp and accounting records in varnishlog.</li>
<li>std.timestamp() is introduced.</li>
<li>stored objects are now read only, meaning obj.hits now counts per objecthead
instead. obj.lastuse saw little use and has been removed.</li>
<li>builtin VCL now does return(pipe) for chunked POST and PUT requests.</li>
<li>python-docutils and rst2man are now build requirements.</li>
<li>cli_timeout is now 60 seconds to avoid slaughtering the child process in
times of high IO load/scheduling latency.</li>
<li>return(purge) from vcl_recv is now valid.</li>
<li>return(hash) is now the default return action from vcl_recv.</li>
<li>req.backend is now req.backend_hint. beresp.storage is beresp.storage_hint.</li>
</ul>
<div class="section" id="bugs-fixed-29">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1460">1460</a> - tools now use the new timestamp format.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1450">1450</a> - varnishstat -l segmentation fault.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1320">1320</a> - Work around Content-Length: 0 and Content-Encoding: gzip gracefully.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1458">1458</a> - Panic on busy object.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1417">1417</a> - Handle return(abandon) in vcl_backend_response.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1455">1455</a> - vcl_pipe now sets Connection: close by default on backend requests.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1454">1454</a> - X-Forwarded-For is now done in C, before vcl_recv is run.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1436">1436</a> - Better explanation when missing an import in VCL.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1440">1440</a> - Serve ESI-includes from a different backend.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1441">1441</a> - Incorrect grouping when logging ESI subrequests.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1434">1434</a> - std.duration can now do ms/milliseconds.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1419">1419</a> - Don't put objcores on the ban list until they go non-BUSY.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1405">1405</a> - Ban lurker does not always evict all objects.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-4-0-0-tp1-to-4-0-0-tp2-2014-01-23">
<h1>Changes from 4.0.0 TP1 to 4.0.0 TP2 (2014-01-23)</h1>
<div class="section" id="new-since-from-4-0-0-tp1">
<h2>New since from 4.0.0 TP1</h2>
<ul class="simple">
<li>New VCL_BLOB type to pass binary data between VMODs.</li>
<li>New format for VMOD description files. (.vcc)</li>
</ul>
</div>
<div class="section" id="bugs-fixed-30">
<h2>Bugs fixed</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1404">1404</a> - Don't send Content-Length on 304 Not Modified responses.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1401">1401</a> - Varnish would crash when retrying a backend fetch too many times.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1399">1399</a> - Memory get freed while in use by another thread/object</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1398">1398</a> - Fix NULL deref related to a backend we don't know any more.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1397">1397</a> - Crash on backend fetch while LRUing.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1395">1395</a> - End up in vcl_error also if fetch fails vcl_backend_response.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1391">1391</a> - Client abort and retry during a streaming fetch would make Varnish assert.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1390">1390</a> - Fix assert if the ban lurker is overtaken by new duplicate bans.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1385">1385</a> - ban lurker doesn't remove (G)one bans</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1383">1383</a> - varnishncsa logs requests for localhost regardless of host header.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1382">1382</a> - varnishncsa prints nulls as part of request string.</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1381">1381</a> - Ensure vmod_director is installed</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1323">1323</a> - Add a missing boundary check for Range requests</li>
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1268">1268</a> - shortlived parameter now uses TTL+grace+keep instead of just TTL.</li>
<li>Fix build error on OpenBSD (TCP_KEEP)</li>
<li>n_object wasn't being decremented correctly on object expire.</li>
<li>Example default.vcl in distribution is now 4.0-ready.</li>
</ul>
</div>
<div class="section" id="open-issues">
<h2>Open issues</h2>
<ul class="simple">
<li><a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1405">1405</a> - Ban lurker does not always evict all objects.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-7-rc1-to-3-0-7-2015-03-23">
<h1>Changes from 3.0.7-rc1 to 3.0.7 (2015-03-23)</h1>
<ul class="simple">
<li>No changes.</li>
</ul>
</div>
<div class="section" id="changes-from-3-0-6-to-3-0-7-rc1-2015-03-18">
<h1>Changes from 3.0.6 to 3.0.7-rc1 (2015-03-18)</h1>
<ul class="simple">
<li>Requests with multiple Content-Length headers will now fail.</li>
<li>Stop recognizing a single CR (r) as a HTTP line separator.
This opened up a possible cache poisoning attack in stacked installations
where sslterminator/varnish/backend had different CR handling.</li>
<li>Improved error detection on master-child process communication, leading to
faster recovery (child restart) if communication loses sync.</li>
<li>Fix a corner-case where Content-Length was wrong for HTTP 1.0 clients,
when using gzip and streaming. Bug <a class="reference external" href="http://varnish-cache.org/trac/ticket/1627">1627</a>.</li>
<li>More robust handling of hop-by-hop headers.</li>
<li>[packaging] Coherent Redhat pidfile in init script. Bug <a class="reference external" href="http://varnish-cache.org/trac/ticket/1690">1690</a>.</li>
<li>Avoid memory leak when adding bans.</li>
</ul>
</div>
<div class="section" id="changes-from-3-0-6rc1-to-3-0-6-2014-10-16">
<h1>Changes from 3.0.6rc1 to 3.0.6 (2014-10-16)</h1>
<ul class="simple">
<li>Minor changes to documentation.</li>
<li>[varnishadm] Add termcap workaround for libedit. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1531">1531</a>.</li>
</ul>
</div>
<div class="section" id="changes-from-3-0-5-to-3-0-6rc1-2014-06-24">
<h1>Changes from 3.0.5 to 3.0.6rc1 (2014-06-24)</h1>
<ul class="simple">
<li>Document storage.<name>.* VCL variables. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1514">1514</a>.</li>
<li>Fix memory alignment panic when http_max_hdr is not a multiple of 4. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1327">1327</a>.</li>
<li>Avoid negative ReqEnd timestamps with ESI. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1297">1297</a>.</li>
<li>%D format for varnishncsa is now an integer (as documented)</li>
<li>Fix compile errors with clang.</li>
<li>Clear objectcore flags earlier in ban lurker to avoid spinning thread. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1470">1470</a>.</li>
<li>Patch embedded jemalloc to avoid segfault. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1448">1448</a>.</li>
<li>Allow backend names to start with if, include or else. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1439">1439</a>.</li>
<li>Stop handling gzip after gzip body end. Bug <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1086">1086</a>.</li>
<li>Document %D and %T for varnishncsa.</li>
</ul>
</div>
<div class="section" id="changes-from-3-0-5-rc-1-to-3-0-5-2013-12-02">
<h1>Changes from 3.0.5 rc 1 to 3.0.5 (2013-12-02)</h1>
<div class="section" id="varnishd">
<h2>varnishd</h2>
<ul class="simple">
<li>Always check the local address of a socket.  This avoids a crash if
server.ip is accessed after a client has closed the connection. <cite>Bug #1376</cite></li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-4-to-3-0-5-rc-1">
<h1>Changes from 3.0.4 to 3.0.5 rc 1</h1>
<div class="section" id="varnishd-1">
<h2>varnishd</h2>
<ul class="simple">
<li>Stop printing error messages on ESI parse errors</li>
<li>Fix a problem where Varnish would segfault if the first part of a
synthetic page was NULL.  <cite>Bug #1287</cite></li>
<li>If streaming was used, you could in some cases end up with duplicate
content headers being sent to clients. <cite>Bug #1272</cite></li>
<li>If we receive a completely garbled request, don't pass through
vcl_error, since we could then end up in vcl_recv through a restart
and things would go downhill from there. <cite>Bug #1367</cite></li>
<li>Prettify backtraces on panic slightly.</li>
</ul>
</div>
<div class="section" id="varnishlog">
<h2>varnishlog</h2>
<ul class="simple">
<li>Correct an error where -m, -c and -b would interact badly, leading
to lack of matches.  Also, emit BackendXID to signify the start of a
transaction. <cite>Bug #1325</cite></li>
</ul>
</div>
<div class="section" id="varnishadm">
<h2>varnishadm</h2>
<ul class="simple">
<li>Handle input from stdin properly. <cite>Bug #1314</cite></li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-4-rc-1-to-3-0-4-2013-06-14">
<h1>Changes from 3.0.4 rc 1 to 3.0.4 (2013-06-14)</h1>
<div class="section" id="varnishd-2">
<h2>varnishd</h2>
<ul class="simple">
<li>Set the waiter pipe as non-blocking and record overflows.  <cite>Bug
#1285</cite></li>
<li>Fix up a bug in the ACL compile code that could lead to false
negatives.  CVE-2013-4090.    <cite>Bug #1312</cite></li>
<li>Return an error if the client sends multiple Host headers.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-3-to-3-0-4-rc-1">
<h1>Changes from 3.0.3 to 3.0.4 rc 1</h1>
<div class="section" id="varnishd-3">
<h2>varnishd</h2>
<ul class="simple">
<li>Fix error handling when uncompressing fetched objects for ESI
processing. <cite>Bug #1184</cite></li>
<li>Be clearer about which timeout was reached in logs.</li>
<li>Correctly decrement n_waitinglist counter.  <cite>Bug #1261</cite></li>
<li>Turn off Nagle/set TCP_NODELAY.</li>
<li>Avoid panic on malformed Vary headers.  <cite>Bug #1275</cite></li>
<li>Increase the maximum length of backend names.  <cite>Bug #1224</cite></li>
<li>Add support for banning on http.status.  <cite>Bug #1076</cite></li>
<li>Make hit-for-pass correctly prefer the transient storage.</li>
</ul>
</div>
<div class="section" id="varnishlog-1">
<h2>varnishlog</h2>
<ul class="simple">
<li>If -m, but neither -b or -c is given, assume both.  This filters out
a lot of noise when -m is used to filter.  <cite>Bug #1071</cite></li>
</ul>
</div>
<div class="section" id="varnishadm-1">
<h2>varnishadm</h2>
<ul class="simple">
<li>Improve tab completion and require libedit/readline to build.</li>
</ul>
</div>
<div class="section" id="varnishtop">
<h2>varnishtop</h2>
<ul class="simple">
<li>Reopen log file if Varnish is restarted.</li>
</ul>
</div>
<div class="section" id="varnishncsa">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Handle file descriptors above 64k (by ignoring them).  Prevents a
crash in some cases with corrupted shared memory logs.</li>
<li>Add %D and %T support for more timing information.</li>
</ul>
</div>
<div class="section" id="other">
<h2>Other</h2>
<ul class="simple">
<li>Documentation updates.</li>
<li>Fixes for OSX</li>
<li>Disable PCRE JIT-er, since it's broken in some PCRE versions, at
least on i386.</li>
<li>Make libvarnish prefer exact hits when looking for VSL tags.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-2-to-3-0-3-2012-08-20">
<h1>Changes from 3.0.2 to 3.0.3 (2012-08-20)</h1>
<div class="section" id="varnishd-4">
<h2>varnishd</h2>
<ul class="simple">
<li>Fix a race on the n_sess counter. This race made varnish do excessive
session workspace allocations. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/897">Bug #897</a>.</li>
<li>Fix some crashes in the gzip code when it runs out of memory. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1037">Bug #1037</a>.
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1043">Bug #1043</a>. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1044">Bug #1044</a>.</li>
<li>Fix a bug where the regular expression parser could end up in an infinite
loop. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1047">Bug #1047</a>.</li>
<li>Fix a memory leak in the regex code.</li>
<li>DNS director now uses port 80 by default if not specified.</li>
<li>Introduce <cite>idle_send_timeout</cite> and increase default value for <cite>send_timeout</cite>
to 600s. This allows a long send timeout for slow clients while still being
able to disconnect idle clients.</li>
<li>Fix an issue where <esi:remove> did not remove HTML comments. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1092">Bug #1092</a>.</li>
<li>Fix a crash when passing with streaming on.</li>
<li>Fix a crash in the idle session timeout code.</li>
<li>Fix an issue where the poll waiter did not timeout clients if all clients
were idle. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1023">Bug #1023</a>.</li>
<li>Log regex errors instead of crashing.</li>
<li>Introduce <cite>pcre_match_limit</cite>, and <cite>pcre_match_limit_recursion</cite> parameters.</li>
<li>Add CLI commands to manually control health state of a backend.</li>
<li>Fix an issue where the s_bodybytes counter is not updated correctly on
gunzipped delivery.</li>
<li>Fix a crash when we couldn't allocate memory for a fetched object.
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1100">Bug #1100</a>.</li>
<li>Fix an issue where objects could end up in the transient store with a
long TTL, when memory could not be allocated for them in the requested
store. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1140">Bug #1140</a>.</li>
<li>Activate req.hash_ignore_busy when req.hash_always_miss is activated.
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1073">Bug #1073</a>.</li>
<li>Reject invalid tcp port numbers for listen address. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1035">Bug #1035</a>.</li>
<li>Enable JIT for better performing regular expressions. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1080">Bug #1080</a>.</li>
<li>Return VCL errors in exit code when using -C. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1069">Bug #1069</a>.</li>
<li>Stricter validation of acl syntax, to avoid a crash with 5-octet IPv4
addresses. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1126">Bug #1126</a>.</li>
<li>Fix a crash when first argument to regsub was null. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1125">Bug #1125</a>.</li>
<li>Fix a case where varnish delivered corrupt gzip content when using ESI.
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1109">Bug #1109</a>.</li>
<li>Fix a case where varnish didn't remove the old Date header and served
it alongside the varnish-generated Date header. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1104">Bug #1104</a>.</li>
<li>Make saint mode work, for the case where we have no object with that hash.
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1091">Bug #1091</a>.</li>
<li>Don't save the object body on hit-for-pass objects.</li>
<li>n_ban_gone counter added to count the number of "gone" bans.</li>
<li>Ban lurker rewritten to properly sleep when no bans are present, and
otherwise to process the list at the configured speed.</li>
<li>Fix a case where varnish delivered wrong content for an uncompressed page
with compressed ESI child. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1029">Bug #1029</a>.</li>
<li>Fix an issue where varnish runs out of thread workspace when processing
many ESI includes on an object. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1038">Bug #1038</a>.</li>
<li>Fix a crash when streaming was enabled for an empty body.</li>
<li>Better error reporting for some fetch errors.</li>
<li>Small performance optimizations.</li>
</ul>
</div>
<div class="section" id="varnishncsa-1">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Support for tn in varnishncsa format strings.</li>
<li>Add new format: %{VCL_Log:foo}x which output key:value from std.log() in
VCL.</li>
<li>Add user-defined date formatting, using %{format}t.</li>
</ul>
</div>
<div class="section" id="varnishtest">
<h2>varnishtest</h2>
<ul class="simple">
<li>resp.body is now available for inspection.</li>
<li>Make it possible to test for the absence of an HTTP header. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1062">Bug #1062</a>.</li>
<li>Log the full panic message instead of shortening it to 512 characters.</li>
</ul>
</div>
<div class="section" id="varnishstat-1">
<h2>varnishstat</h2>
<ul class="simple">
<li>Add json output (-j).</li>
</ul>
</div>
<div class="section" id="other-1">
<h2>Other</h2>
<ul class="simple">
<li>Documentation updates.</li>
<li>Bump minimum number of threads to 50 in RPM packages.</li>
<li>RPM packaging updates.</li>
<li>Fix some compilation warnings on Solaris.</li>
<li>Fix some build issues on Open/Net/DragonFly-BSD.</li>
<li>Fix build on FreeBSD 10-current.</li>
<li>Fix libedit detection on *BSD OSes. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1003">Bug #1003</a>.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-2-rc-1-to-3-0-2-2011-10-26">
<h1>Changes from 3.0.2 rc 1 to 3.0.2 (2011-10-26)</h1>
<div class="section" id="varnishd-5">
<h2>varnishd</h2>
<ul class="simple">
<li>Make the size of the synthetic object workspace equal to
<cite>http_resp_size</cite> and add workaround to avoid a crash when setting
too long response strings for synthetic objects.</li>
<li>Ensure the ban lurker always sleeps the advertised 1 second when it
does not have anything to do.</li>
<li>Remove error from <cite>vcl_deliver</cite>.  Previously this would assert while
it will now give a syntax error.</li>
</ul>
</div>
<div class="section" id="varnishncsa-2">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Add default values for some fields when logging incomplete records
and document the default values.</li>
</ul>
</div>
<div class="section" id="other-2">
<h2>Other</h2>
<ul class="simple">
<li>Documentation updates</li>
<li>Some Solaris portability updates.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-1-to-3-0-2-rc-1-2011-10-06">
<h1>Changes from 3.0.1 to 3.0.2 rc 1 (2011-10-06)</h1>
<div class="section" id="varnishd-6">
<h2>varnishd</h2>
<ul class="simple">
<li>Only log the first 20 bytes of extra headers to prevent overflows.</li>
<li>Fix crasher bug which sometimes happened if responses are queued and
the backend sends us Vary. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/994">Bug #994</a>.</li>
<li>Log correct size of compressed when uncompressing them for clients
that do not support compression. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/996">Bug #996</a>.</li>
<li>Only send Range responses if we are going to send a body. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1007">Bug #1007</a>.</li>
<li>When varnishd creates a storage file, also unlink it to avoid
leaking disk space over time.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1008">Bug #1008</a>.</li>
<li>The default size of the <cite>-s file</cite> parameter has been changed to
100MB instead of 50% of the available disk space.</li>
<li>The limit on the number of objects we remove from the cache to make
room for a new one was mistakenly lowered to 10 in 3.0.1.  This has
been raised back to 50.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1012">Bug #1012</a>.</li>
<li><cite>http_req_size</cite> and <cite>http_resp_size</cite> have been increased to 8192
bytes.  This better matches what other HTTPds have.   <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/1016">Bug #1016</a>.</li>
</ul>
</div>
<div class="section" id="vcl-3">
<h2>VCL</h2>
<ul class="simple">
<li>Allow relational comparisons of floating point types.</li>
<li>Make it possible for VMODs to fail loading and so cause the VCL
loading to fail.</li>
</ul>
</div>
<div class="section" id="varnishncsa-3">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Fixed crash when client was sending illegal HTTP headers.</li>
<li><cite>%{Varnish:handling}</cite> in format strings was broken, this has been
fixed.</li>
</ul>
</div>
<div class="section" id="other-3">
<h2>Other</h2>
<ul class="simple">
<li>Documentation updates</li>
<li>Some Solaris portability updates.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-1-rc-1-to-3-0-1-2011-08-30">
<h1>Changes from 3.0.1 rc 1 to 3.0.1 (2011-08-30)</h1>
<div class="section" id="varnishd-7">
<h2>varnishd</h2>
<ul class="simple">
<li>Fix crash in streaming code.</li>
<li>Add <cite>fallback</cite> director, as a variant of the <cite>round-robin</cite>
director.</li>
<li>The parameter <cite>http_req_size</cite> has been reduced on 32 bit machines.</li>
</ul>
</div>
<div class="section" id="vcl-4">
<h2>VCL</h2>
<ul class="simple">
<li>Disallow error in the <cite>vcl_init</cite> and <cite>vcl_fini</cite> VCL functions.</li>
</ul>
</div>
<div class="section" id="varnishncsa-4">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Fixed crash when using <cite>-X</cite>.</li>
<li>Fix error when the time to first byte was in the format string.</li>
</ul>
</div>
<div class="section" id="other-4">
<h2>Other</h2>
<ul class="simple">
<li>Documentation updates</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-0-to-3-0-1-rc-1-2011-08-24">
<h1>Changes from 3.0.0 to 3.0.1 rc 1 (2011-08-24)</h1>
<div class="section" id="varnishd-8">
<h2>varnishd</h2>
<ul class="simple">
<li>Avoid sending an empty end-chunk when sending bodyless responses.</li>
<li><cite>http_resp_hdr_len</cite> and <cite>http_req_hdr_len</cite> were set to too low
values leading to clients receiving <cite>HTTP 400 Bad Request</cite> errors.
The limit has been increased and the error code is now <cite>HTTP 413
Request entity too large</cite>.</li>
<li>Objects with grace or keep set were mistakenly considered as
candidates for the transient storage.  They now have their grace and
keep limited to limit the memory usage of the transient stevedore.</li>
<li>If a request was restarted from <cite>vcl_miss</cite> or <cite>vcl_pass</cite> it would
crash.  This has been fixed.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/965">Bug #965</a>.</li>
<li>Only the first few clients waiting for an object from the backend
would be woken up when object arrived and this lead to some clients
getting stuck for a long time.  This has now been fixed. <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/963">Bug #963</a>.</li>
<li>The <cite>hash</cite> and <cite>client</cite> directors would mistakenly retry fetching an
object from the same backend unless health probes were enabled.
This has been fixed and it will now retry a different backend.</li>
</ul>
</div>
<div class="section" id="vcl-5">
<h2>VCL</h2>
<ul class="simple">
<li>Request specific variables such as <cite>client.*</cite> and <cite>server.*</cite> are now
correctly marked as not available in <cite>vcl_init</cite> and <cite>vcl_fini</cite>.</li>
<li>The VCL compiler would fault if two IP comparisons were done on the
same line.  This now works correctly.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/948">Bug #948</a>.</li>
</ul>
</div>
<div class="section" id="varnishncsa-5">
<h2>varnishncsa</h2>
<ul class="simple">
<li>Add support for logging arbitrary request and response headers.</li>
<li>Fix crashes if <cite>hitmiss</cite> and <cite>handling</cite> have not yet been set.</li>
<li>Avoid printing partial log lines if there is an error in a format
string.</li>
<li>Report user specified format string errors better.</li>
</ul>
</div>
<div class="section" id="varnishlog-2">
<h2>varnishlog</h2>
<ul class="simple">
<li><cite>varnishlog -r</cite> now works correctly again and no longer opens the
shared log file of the running Varnish.</li>
</ul>
</div>
<div class="section" id="other-5">
<h2>Other</h2>
<ul class="simple">
<li>Various documentation updates.</li>
<li>Minor compilation fixes for newer compilers.</li>
<li>A bug in the ESI entity replacement parser has been fixed.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/961">Bug
#961</a>.</li>
<li>The ABI of VMODs are now checked.  This will require a rebuild of
all VMODs against the new version of Varnish.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-beta-2-to-3-0-0-2011-06-16">
<h1>Changes from 3.0 beta 2 to 3.0.0 (2011-06-16)</h1>
<div class="section" id="varnishd-9">
<h2>varnishd</h2>
<ul class="simple">
<li>Avoid sending an empty end-chunk when sending bodyless responses.</li>
</ul>
</div>
<div class="section" id="vcl-6">
<h2>VCL</h2>
<ul class="simple">
<li>The <cite>synthetic</cite> keyword has now been properly marked as only
available in <cite>vcl_deliver</cite>.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/936">Bug #936</a>.</li>
</ul>
</div>
<div class="section" id="varnishadm-2">
<h2>varnishadm</h2>
<ul class="simple">
<li>Fix crash if the secret file was unreadable.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/935">Bug #935</a>.</li>
<li>Always exit if <cite>varnishadm</cite> can't connect to the backend for any
reason.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-3-0-beta-1-to-3-0-beta-2">
<h1>Changes from 3.0 beta 1 to 3.0 beta 2</h1>
<div class="section" id="varnishd-10">
<h2>varnishd</h2>
<ul class="simple">
<li>thread_pool_min and thread_pool_max now each refer to the number of
threads per pool, rather than being inconsistent as they were
before.</li>
<li>307 Temporary redirect is now considered cacheable.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/908">Bug #908</a>.</li>
<li>The <cite>stats</cite> command has been removed from the CLI interface.  With
the new counters, it would mean implementing more and more of
varnishstat in the master CLI process and the CLI is
single-threaded so we do not want to do this work there in the first
place.  Use varnishstat instead.</li>
</ul>
</div>
<div class="section" id="vcl-7">
<h2>VCL</h2>
<ul class="simple">
<li>VCL now treats null arguments (unset headers for instance) as empty
strings.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/913">Bug #913</a>.</li>
<li>VCL now has vcl_init and vcl_fini functions that are called when a
given VCL has been loaded and unloaded.</li>
<li>There is no longer any interpolation of the right hand side in bans
where the ban is a single string.  This was confusing and you now
have to make sure bits are inside or outside string context as
appropriate.</li>
<li>Varnish is now stricter in enforcing no duplication of probes,
backends and ACLs.</li>
</ul>
</div>
<div class="section" id="varnishncsa-6">
<h2>varnishncsa</h2>
<ul class="simple">
<li>varnishncsa now ignores piped requests, since we have no way of
knowing their return status.</li>
</ul>
</div>
<div class="section" id="vmods">
<h2>VMODs</h2>
<ul class="simple">
<li>The std module now has proper documentation, including a manual page</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-5-to-3-0-beta-1">
<h1>Changes from 2.1.5 to 3.0 beta 1</h1>
<div class="section" id="upcoming-changes">
<h2>Upcoming changes</h2>
<ul class="simple">
<li>The interpretation of bans will change slightly between 3.0 beta 1
and 3.0 release.  Currently, doing <tt class="docutils literal"><span class="pre">ban("req.url</span> == req.url")</tt>
will cause the right hand req.url to be interpreted in the context
of the request creating the ban.  This will change so you will have
to do <tt class="docutils literal"><span class="pre">ban("req.url</span> == " + req.url)</tt> instead.  This syntax already
works and is recommended.</li>
</ul>
</div>
<div class="section" id="varnishd-11">
<h2>varnishd</h2>
<ul class="simple">
<li>Add streaming on <tt class="docutils literal">pass</tt> and <tt class="docutils literal">miss</tt>.  This is controlled by the
<tt class="docutils literal">beresp.do_stream</tt> boolean.  This includes support for
compression/uncompression.</li>
<li>Add support for ESI and gzip.</li>
<li>Handle objects larger than 2G.</li>
<li>HTTP Range support is now enabled by default</li>
<li>The ban lurker is enabled by default</li>
<li>if there is a backend or director with the name <tt class="docutils literal">default</tt>, use
that as the default backend, otherwise use the first one listed.</li>
<li>Add many more stats counters.  Amongst those, add per storage
backend stats and per-backend statistics.</li>
<li>Syslog the platform we are running on</li>
<li>The <tt class="docutils literal"><span class="pre">-l</span></tt> (shared memory log file) argument has been changed,
please see the varnishd manual for the new syntax.</li>
<li>The <tt class="docutils literal"><span class="pre">-S</span></tt> and <tt class="docutils literal"><span class="pre">-T</span></tt> arguments are now stored in the shmlog</li>
<li>Fix off-by-one error when exactly filling up the workspace.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/693">Bug #693</a>.</li>
<li>Make it possible to name storage backends.  The names have to be
unique.</li>
<li>Update usage output to match the code.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/683">Bug #683</a></li>
<li>Add per-backend health information to shared memory log.</li>
<li>Always recreate the shared memory log on startup.</li>
<li>Add a <tt class="docutils literal">vcl_dir</tt> parameter.  This is used to resolve relative path
names for <tt class="docutils literal">vcl.load</tt> and <tt class="docutils literal">include</tt> in .vcl files.</li>
<li>Make it possible to specify <tt class="docutils literal"><span class="pre">-T</span> :0</tt>.  This causes varnishd to look
for a free port automatically.  The port is written in the shared
memory log so varnishadm can find it.</li>
<li>Classify locks into kinds and collect stats for each kind,
recording the data in the shared memory log.</li>
<li>Auto-detect necessary flags for pthread support and <tt class="docutils literal">VCC_CC</tt>
flags.  This should make Varnish somewhat happier on Solaris.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/663">Bug
#663</a></li>
<li>The <tt class="docutils literal">overflow_max</tt> parameter has been renamed to <tt class="docutils literal">queue_max</tt>.</li>
<li>If setting a parameter fails, report which parameter failed as this
is not obvious during startup.</li>
<li>Add a parameter named <tt class="docutils literal">shortlived</tt>.  Objects whose TTL is less
than the parameter go into transient (malloc) storage.</li>
<li>Reduce the default <tt class="docutils literal">thread_add_delay</tt> to 2ms.</li>
<li>The <tt class="docutils literal">max_esi_includes</tt> parameter has been renamed to
<tt class="docutils literal">max_esi_depth</tt>.</li>
<li>Hash string components are now logged by default.</li>
<li>The default connect timeout parameter has been increased to 0.7
seconds.</li>
<li>The <tt class="docutils literal">err_ttl</tt> parameter has been removed and is replaced by a
setting in default.vcl.</li>
<li>The default <tt class="docutils literal">send_timeout</tt> parameter has been reduced to 1 minute.</li>
<li>The default <tt class="docutils literal">ban_lurker</tt> sleep has been set to 10ms.</li>
<li>When an object is banned, make sure to set its grace to 0 as well.</li>
<li>Add <tt class="docutils literal">panic.show</tt> and <tt class="docutils literal">panic.clear</tt> CLI commands.</li>
<li>The default <tt class="docutils literal">http_resp_hdr_len</tt> and <tt class="docutils literal">http_req_hdr_len</tt> has been
increased to 2048 bytes.</li>
<li>If <tt class="docutils literal">vcl_fetch</tt> results in <tt class="docutils literal">restart</tt> or <tt class="docutils literal">error</tt>, close the
backend connection rather than fetching the object.</li>
<li>If allocating storage for an object, try reducing the chunk size
before evicting objects to make room.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/880">Bug #880</a></li>
<li>Add <tt class="docutils literal">restart</tt> from <tt class="docutils literal">vcl_deliver</tt>.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/411">Bug #411</a></li>
<li>Fix an off-by-up-to-one-minus-epsilon bug where if an object from
the backend did not have a last-modified header we would send out a
304 response which did include a <tt class="docutils literal"><span class="pre">Last-Modified</span></tt> header set to
when we received the object.  However, we would compare the
timestamp to the fractional second we got the object, meaning any
request with the exact timestamp would get a <tt class="docutils literal">200</tt> response rather
than the correct <tt class="docutils literal">304</tt>.</li>
<li>Fix a race condition in the ban lurker where a serving thread and
the lurker would both look at an object at the same time, leading to
Varnish crashing.</li>
<li>If a backend sends a <tt class="docutils literal"><span class="pre">Content-Length</span></tt> header and we are streaming and
we are not uncompressing it, send the <tt class="docutils literal"><span class="pre">Content-Length</span></tt> header on,
allowing browsers to diplay a progress bar.</li>
<li>All storage must be at least 1M large.  This is to prevent
administrator errors when specifying the size of storage where the
admin might have forgotten to specify units.</li>
</ul>
</div>
<div class="section" id="tools">
<h2>Tools</h2>
<div class="section" id="common">
<h3>common</h3>
<ul class="simple">
<li>Add an <tt class="docutils literal"><span class="pre">-m</span> <span class="pre">$tag:$regex</span></tt> parameter, used for selecting some
transactions.  The parameter can be repeated, in which case it is
logically and-ed together.</li>
</ul>
</div>
<div class="section" id="varnishadm-3">
<h3>varnishadm</h3>
<ul class="simple">
<li>varnishadm will now pick up the -S and -T arguments from the shared
memory log, meaning just running it without any arguments will
connect to the running varnish.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/875">Bug #875</a></li>
<li>varnishadm now accepts an -n argument to specify the location of the
shared memory log file</li>
<li>add libedit support</li>
</ul>
</div>
<div class="section" id="varnishstat-2">
<h3>varnishstat</h3>
<ul class="simple">
<li>reopen shared memory log if the varnishd process is restarted.</li>
<li>Improve support for selecting some, but not all fields using the
<tt class="docutils literal"><span class="pre">-f</span></tt> argument. Please see the documentation for further details on
the use of <tt class="docutils literal"><span class="pre">-f</span></tt>.</li>
<li>display per-backend health information</li>
</ul>
</div>
<div class="section" id="varnishncsa-7">
<h3>varnishncsa</h3>
<ul class="simple">
<li>Report error if called with <tt class="docutils literal"><span class="pre">-i</span></tt> and <tt class="docutils literal"><span class="pre">-I</span></tt> as they do not make
any sense for varnishncsa.</li>
<li>Add custom log formats, specified with <tt class="docutils literal"><span class="pre">-F</span></tt>.  Most of the Apache
log formats are supported, as well as some Varnish-specific ones.
See the documentation for further information.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/712">Bug #712</a> and <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/485">bug #485</a></li>
</ul>
</div>
<div class="section" id="varnishtest-1">
<h3>varnishtest</h3>
<ul class="simple">
<li>add <tt class="docutils literal"><span class="pre">-l</span></tt> and <tt class="docutils literal"><span class="pre">-L</span></tt> switches which leave <tt class="docutils literal">/tmp/vtc.*</tt> behind on
error and unconditionally respectively.</li>
<li>add <tt class="docutils literal"><span class="pre">-j</span></tt> parameter to run tests in parallell and use this by
default.</li>
</ul>
</div>
<div class="section" id="varnishtop-1">
<h3>varnishtop</h3>
<ul class="simple">
<li>add <tt class="docutils literal"><span class="pre">-p</span> $period</tt> parameter.  The units in varnishtop were
previously undefined, they are now in requests/period.  The default
period is 60 seconds.</li>
</ul>
</div>
<div class="section" id="varnishlog-3">
<h3>varnishlog</h3>
<ul class="simple">
<li>group requests by default.  This can be turned off by using <tt class="docutils literal"><span class="pre">-O</span></tt></li>
<li>the <tt class="docutils literal"><span class="pre">-o</span></tt> parameter is now a no-op and is ignored.</li>
</ul>
</div>
</div>
<div class="section" id="vmods-1">
<h2>VMODs</h2>
<ul class="simple">
<li>Add a std VMOD which includes a random function, log, syslog,
fileread, collect,</li>
</ul>
</div>
<div class="section" id="vcl-8">
<h2>VCL</h2>
<ul class="simple">
<li>Change string concatenation to be done using <tt class="docutils literal">+</tt> rather than
implicitly.</li>
<li>Stop using <tt class="docutils literal">%xx</tt> escapes in VCL strings.</li>
<li>Change <tt class="docutils literal">req.hash += value</tt> to <tt class="docutils literal">hash_data(value)</tt></li>
<li>Variables in VCL now have distinct read/write access</li>
<li><tt class="docutils literal">bereq.connect_timeout</tt> is now available in <tt class="docutils literal">vcl_pipe</tt>.</li>
<li>Make it possible to declare probes outside of a director. Please see
the documentation on how to do this.</li>
<li>The VCL compiler has been reworked greatly, expanding its abilities
with regards to what kinds of expressions it understands.</li>
<li>Add <tt class="docutils literal">beresp.backend.name</tt>, <tt class="docutils literal">beresp.backend.ip</tt> and
<tt class="docutils literal">beresp.backend.port</tt> variables.  They are only available from
<tt class="docutils literal">vcl_fetch</tt> and are read only.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/481">Bug #481</a></li>
<li>The default VCL now calls pass for any objects where
<tt class="docutils literal">beresp.http.Vary == "*"</tt>.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/787">Bug #787</a></li>
<li>The <tt class="docutils literal">log</tt> keyword has been moved to the <tt class="docutils literal">std</tt> VMOD.</li>
<li>It is now possible to choose which storage backend to be used</li>
<li>Add variables <tt class="docutils literal"><span class="pre">storage.$name.free_space</span></tt>,
<tt class="docutils literal"><span class="pre">storage.$name.used_space</span></tt> and <tt class="docutils literal"><span class="pre">storage.$name.happy</span></tt></li>
<li>The variable <tt class="docutils literal">req.can_gzip</tt> tells us whether the client accepts
gzipped objects or not.</li>
<li><tt class="docutils literal">purge</tt> is now called <tt class="docutils literal">ban</tt>, since that is what it really is and
has always been.</li>
<li><tt class="docutils literal">req.esi_level</tt> is now available.  <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/782">Bug #782</a></li>
<li>esi handling is now controlled by the <tt class="docutils literal">beresp.do_esi</tt> boolean rather
than the <tt class="docutils literal">esi</tt> function.</li>
<li><tt class="docutils literal">beresp.do_gzip</tt> and <tt class="docutils literal">beresp.do_gunzip</tt> now control whether an
uncompressed object should be compressed and a compressed object
should be uncompressed in the cache.</li>
<li>make it possible to control compression level using the
<tt class="docutils literal">gzip_level</tt> parameter.</li>
<li><tt class="docutils literal">obj.cacheable</tt> and <tt class="docutils literal">beresp.cacheable</tt> have been removed.
Cacheability is now solely through the <tt class="docutils literal">beresp.ttl</tt> and
<tt class="docutils literal">beresp.grace</tt> variables.</li>
<li>setting the <tt class="docutils literal">obj.ttl</tt> or <tt class="docutils literal">beresp.ttl</tt> to zero now also sets the
corresponding grace to zero.  If you want a non-zero grace, set
grace after setting the TTL.</li>
<li><tt class="docutils literal">return(pass)</tt> in <tt class="docutils literal">vcl_fetch</tt> has been renamed to
<tt class="docutils literal">return(hit_for_pass)</tt> to make it clear that pass in <tt class="docutils literal">vcl_fetch</tt>
and <tt class="docutils literal">vcl_recv</tt> are different beasts.</li>
<li>Add actual purge support.  Doing <tt class="docutils literal">purge</tt> will remove an object and
all its variants.</li>
</ul>
</div>
<div class="section" id="libraries">
<h2>Libraries</h2>
<ul class="simple">
<li><tt class="docutils literal">libvarnishapi</tt> has been overhauled and the API has been broken.
Please see git commit logs and the support tools to understand
what's been changed.</li>
<li>Add functions to walk over all the available counters.  This is
needed because some of the counter names might only be available at
runtime.</li>
<li>Limit the amount of time varnishapi waits for a shared memory log
to appear before returning an error.</li>
<li>All libraries but <tt class="docutils literal">libvarnishapi</tt> have been moved to a private
directory as they are not for public consumption and have no ABI/API
guarantees.</li>
</ul>
</div>
<div class="section" id="other-6">
<h2>Other</h2>
<ul class="simple">
<li>Python is now required to build</li>
<li>Varnish Cache is now consistently named Varnish Cache.</li>
<li>The compilation process now looks for kqueue on NetBSD</li>
<li>Make it possible to use a system jemalloc rather than the bundled
version.</li>
<li>The documentation has been improved all over and should now be in
much better shape than before</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-4-to-2-1-5-2011-01-25">
<h1>Changes from 2.1.4 to 2.1.5 (2011-01-25)</h1>
<div class="section" id="varnishd-12">
<h2>varnishd</h2>
<ul class="simple">
<li>On pass from vcl_recv, we did not remove the backends Content-Length
header before adding our own. This could cause confusion for browsers
and has been fixed.</li>
<li>Make pass with content-length work again. An issue with regards to
304, Content-Length and pass has been resolved.</li>
<li>An issue relating to passed requests with If-Modified-Since headers
has been fixed. Varnish did not recognize that the 304-response did
not have a body.</li>
<li>A potential lock-inversion with the ban lurker thread has been
resolved.</li>
<li>Several build-dependency issues relating to rst2man have been fixed.
Varnish should now build from source without rst2man if you are using
tar-balls.</li>
<li>Ensure Varnish reads the expected last CRLF after chunked data from
the backend. This allows re-use of the connection.</li>
<li>Remove a GNU Make-ism during make dist to make BSD happier.</li>
<li>Document the log, set, unset, return and restart statements in the
VCL documentation.</li>
<li>Fix an embarrassingly old bug where Varnish would run out of
workspace when requests come in fast over a single connection,
typically during synthetic benchmarks.</li>
<li>Varnish will now allow If-Modified-Since requests to objects without
a Last-Modified-header, and instead use the time the object was
cached instead.</li>
<li>Do not filter out Content-Range headers in pass.</li>
<li>Require -d, -b, -f, -S or -T when starting varnishd. In human terms,
this means that it is legal to start varnishd without a Vcl or
backend, but only if you have a CLI channel of some kind.</li>
<li>Don't suppress Cache-Control headers in pass responses.</li>
<li>Merge multi-line Cache-Control and Vary header fields. Until now, no
browsers have needed this, but Chromium seems to find it necessary to
spread its Cache-Control across two lines, and we get to deal with
it.</li>
<li>Make new-purge not touch busy objects. This fixes a potential crash
when calling VRT_purge.</li>
<li>If there are everal grace-able objects, pick the least expired one.</li>
<li>Fix an issue with varnishadm -T :6082 shorthand.</li>
<li>Add bourn-shell like "here" documents on the CLI. Typical usage:
vcl.inline vcl_new << 42 backend foo {...} sub vcl_recv {...} 42</li>
<li>Add CLI version to the CLI-banner, starting with version 1.0 to mark
here-documents.</li>
<li>Fix a problem with the expiry thread slacking off during high load.</li>
</ul>
</div>
<div class="section" id="varnishtest-2">
<h2>varnishtest</h2>
<ul class="simple">
<li>Remove no longer existing -L option.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-3-to-2-1-4">
<h1>Changes from 2.1.3 to 2.1.4</h1>
<div class="section" id="varnishd-13">
<h2>varnishd</h2>
<ul class="simple">
<li>An embarrasing typo in the new binary heap layout caused inflated
obj/objcore/objhdr counts and could cause odd problems when the LRU
expunge mechanism was invoked. This has been fixed.</li>
<li>We now have updated documentation in the reStructuredText format.
Manual pages and reference documentation are both built from this.</li>
<li>We now include a DNS director which uses DNS for choosing which
backend to route requests to. Please see the documentation for more
details.</li>
<li>If you restarted a request, the HTTP header X-Forwarded-For would be
updated multiple times. This has been fixed.</li>
<li>If a VCL contained a % sign, and the vcl.show CLI command was used,
varnishd would crash. This has been fixed.</li>
<li>When doing a pass operation, we would remove the Content-Length, Age
and Proxy-Auth headers. We are no longer doing this.</li>
<li>now has a string representation, making it easier to construct
Expires headers in VCL.</li>
<li>In a high traffic environment, we would sometimes reuse a file
descriptor before flushing the logs from a worker thread to the
shared log buffer. This would cause confusion in some of the tools.
This has been fixed by explicitly flushing the log when a backend
connection is closed.</li>
<li>If the communication between the management and the child process
gets out of sync, we have no way to recover. Previously, varnishd
would be confused, but we now just kill the child and restart it.</li>
<li>If the backend closes the connection on us just as we sent a request
to it, we retry the request. This should solve some interoperability
problems with Apache and the mpm-itk multi processing module.</li>
<li>varnishd now only provides help output the current CLI session is
authenticated for.</li>
<li>If the backend does not tell us which length indication it is using,
we now assume the resource ends EOF at.</li>
<li>The client director now has a variable client.identity which is used
to choose which backend should receive a given request.</li>
<li>The Solaris port waiter has been updated, and other portability fixes
for Solaris.</li>
<li>There was a corner case in the close-down processing of pipes, this
has now been fixed.</li>
<li>Previously, if we stopped polling a backend which was sick, it never
got marked as healthy. This has now been changed.</li>
<li>It is now possible to specify ports as part of the .host field in
VCL.</li>
<li>The synthetic counters were not locked properly, and so the sms_
counters could underflow. This has now been fixed.</li>
<li>The value of obj.status as a string in vcl_error would not be
correct in all cases. This has been fixed.</li>
<li>Varnish would try to trim storage segments completely filled when
using the malloc stevedore and the object was received chunked
encoding. This has been fixed.</li>
<li>If a buggy backend sends us a Vary header with two colons, we would
previously abort. We now rather fix this up and ignore the extra
colon.</li>
<li>req.hash_always_miss and req.hash_ignore_busy has been added, to
make preloading or periodically refreshing content work better.</li>
</ul>
</div>
<div class="section" id="varnishncsa-8">
<h2>varnishncsa</h2>
<ul class="simple">
<li>varnishncsa would in some cases be confused by ESI requests and
output invalid lines. This has now been fixed.</li>
</ul>
</div>
<div class="section" id="varnishlog-4">
<h2>varnishlog</h2>
<ul class="simple">
<li>varnishlog now allows -o and -u together.</li>
</ul>
</div>
<div class="section" id="varnishtop-2">
<h2>varnishtop</h2>
<ul class="simple">
<li>varnishtop would crash on 32 bit architectures. This has been fixed.</li>
</ul>
</div>
<div class="section" id="libvarnishapi">
<h2>libvarnishapi</h2>
<ul class="simple">
<li>Regex inclusion and exclusion had problems with matching particular
parts of the string being matched. This has been fixed.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-2-to-2-1-3">
<h1>Changes from 2.1.2 to 2.1.3</h1>
<div class="section" id="varnishd-14">
<h2>varnishd</h2>
<ul class="simple">
<li>Improve scalability of critbit.</li>
<li>The critbit hash algorithm has now been tightened to make sure the
tree is in a consistent state at all points, and the time we wait for
an object to cool off after it is eligible for garbage collection has
been tweaked.</li>
<li>Add log command to VCL. This emits a VCL_log entry into the shared
memory log.</li>
<li>Only emit Length and ReqEnd log entries if we actually have an XID.
This should get rid of some empty log lines in varnishncsa.</li>
<li>Destroy directors in a predictable fashion, namely reverse of
creation order.</li>
<li>Fix bug when ESI elements spanned storage elements causing a panic.</li>
<li>In some cases, the VCL compiler would panic instead of giving
sensible messages. This has now been fixed.</li>
<li>Correct an off-by-one error when the requested range exceeds the size
of an object.</li>
<li>Handle requests for the end of an object correctly.</li>
<li>Allow tabulator characters in the third field of the first line of
HTTP requests</li>
<li>On Solaris, if the remote end sends us an RST, all system calls
related to that socket will return EINVAL. We now handle this better.</li>
</ul>
</div>
<div class="section" id="libvarnishapi-1">
<h2>libvarnishapi</h2>
<ul class="simple">
<li>The -X parameter didn't work correctly. This has been fixed.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-1-to-2-1-2">
<h1>Changes from 2.1.1 to 2.1.2</h1>
<div class="section" id="varnishd-15">
<h2>varnishd</h2>
<ul class="simple">
<li>When adding Range support for 2.1.1, we accidentally introduced a
bug which would append garbage to objects larger than the chunk size,
by default 128k. Browsers would do the right thing due to
Content-Length, but some load balancers would get very confused.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-1-1-to-2-1-1">
<h1>Changes from 2.1.1 to 2.1.1</h1>
<div class="section" id="varnishd-16">
<h2>varnishd</h2>
<ul class="simple">
<li>The changelog in 2.1.0 included syntax errors, causing the generated
changelog to be empty.</li>
<li>The help text for default_grace was wrongly formatted and included a
syntax error. This has now been fixed.</li>
<li>varnishd now closes the file descriptor used to read the management
secret file (from the -S parameter).</li>
<li>The child would previously try to close every valid file descriptor,
something which could cause problems if the file descriptor ulimit
was set too high. We now keep track of all the file descriptors we
open and only close up to that number.</li>
<li>ESI was partially broken in 2.1.0 due to a bug in the rollback of
session workspace. This has been fixed.</li>
<li>Reject the authcommand rather than crash if there is no -S parameter
given.</li>
<li>Align pointers in allocated objects. This will in theory make Varnish
a tiny bit faster at the expense of slightly more memory usage.</li>
<li>Ensure the master process process id is updated in the shared memory
log file after we go into the background.</li>
<li>HEAD requests would be converted to GET requests too early, which
affected pass and pipe. This has been fixed.</li>
<li>Update the documentation to point out that the TTL is no longer taken
into account to decide whether an object is cacheable or not.</li>
<li>Add support for completely obliterating an object and all variants of
it. Currently, this has to be done using inline C.</li>
<li>Add experimental support for the Range header. This has to be enabled
using the parameter http_range_support.</li>
<li>The critbit hasher could get into a deadlock and had a race
condition. Both those have now been fixed.</li>
</ul>
<p>varnishsizes
-----------~</p>
<ul class="simple">
<li>varnishsizes, which is like varnishhist, but for the length of
objects, has been added..</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-6-to-2-1-0">
<h1>Changes from 2.0.6 to 2.1.0</h1>
<div class="section" id="varnishd-17">
<h2>varnishd</h2>
<ul>
<li><p class="first">Persistent storage is now experimentally supported using the
persistent stevedore. It has the same command line arguments as the
file stevedore.</p>
</li>
<li><p class="first">obj.* is now called beresp.* in vcl_fetch, and obj.* is now
read-only.</p>
</li>
<li><p class="first">The regular expression engine is now PCRE instead of POSIX regular
expressions.</p>
</li>
<li><p class="first">req.* is now available in vcl_deliver.</p>
</li>
<li><p class="first">Add saint mode where we can attempt to grace an object if we don't
like the backend response for some reason.</p>
<p>Related, add saintmode_threshold which is the threshold for the
number of objects to be added to the trouble list before the backend
is considered sick.</p>
</li>
<li><p class="first">Add a new hashing method called critbit. This autoscales and should
work better on large object workloads than the classic hash. Critbit
has been made the default hash algorithm.</p>
</li>
<li><p class="first">When closing connections, we experimented with sending RST to free up
load balancers and free up threads more quickly. This caused some
problems with NAT routers and so has been reverted for now.</p>
</li>
<li><p class="first">Add thread that checks objects against ban list in order to prevent
ban list from growing forever. Note that this needs purges to be
written so they don't depend on req.*. Enabled by setting
ban_lurker_sleep to a nonzero value.</p>
</li>
<li><p class="first">The shared memory log file format was limited to maximum 64k
simultaneous connections. This is now a 32 bit field which removes
this limitation.</p>
</li>
<li><p class="first">Remove obj_workspace, this is now sized automatically.</p>
</li>
<li><p class="first">Rename acceptors to waiters</p>
</li>
<li><p class="first">vcl_prefetch has been removed. It was never fully implemented.</p>
</li>
<li><p class="first">Add support for authenticating CLI connections.</p>
</li>
<li><p class="first">Add hash director that chooses which backend to use depending on
req.hash.</p>
</li>
<li><p class="first">Add client director that chooses which backend to use depending on
the client's IP address. Note that this ignores the X-Forwarded-For
header.</p>
</li>
<li><p class="first">varnishd now displays a banner by default when you connect to the
CLI.</p>
</li>
<li><p class="first">Increase performance somewhat by moving statistics gathering into a
per-worker structure that is regularly flushed to the global stats.</p>
</li>
<li><p class="first">Make sure we store the header and body of object together. This may
in some cases improve performance and is needed for persistence.</p>
</li>
<li><p class="first">Remove client-side address accounting. It was never used for anything
and presented a performance problem.</p>
</li>
<li><p class="first">Add a timestamp to bans, so you can know how old they are.</p>
</li>
<li><p class="first">Quite a few people got confused over the warning about not being able
to lock the shared memory log into RAM, so stop warning about that.</p>
</li>
<li><p class="first">Change the default CLI timeout to 10 seconds.</p>
</li>
<li><p class="first">We previously forced all inserts into the cache to be GET requests.
This has been changed to allow POST as well in order to be able to
implement purge-on-POST semantics.</p>
</li>
<li><p class="first">The CLI command stats now only lists non-zero values.</p>
</li>
<li><p class="first">The CLI command stats now only lists non-zero values.</p>
</li>
<li><p class="first">Use daemon(3) from libcompat on Darwin.</p>
</li>
<li><p class="first">Remove vcl_discard as it causes too much complexity and never
actually worked particularly well.</p>
</li>
<li><p class="first">Remove vcl_timeout as it causes too much complexity and never
actually worked particularly well.</p>
</li>
<li><p class="first">Update the documentation so it refers to sess_workspace, not
http_workspace.</p>
</li>
<li><p class="first">Document the -i switch to varnishd as well as the server.identity and
server.hostname VCL variables.</p>
</li>
<li><p class="first">purge.hash is now deprecated and no longer shown in help listings.</p>
</li>
<li><p class="first">When processing ESI, replace the five mandatory XML entities when we
encounter them.</p>
</li>
<li><p class="first">Add string representations of time and relative time.</p>
</li>
<li><p class="first">Add locking for n_vbe_conn to make it stop underflowing.</p>
</li>
<li><p class="first">When ESI-processing content, check for illegal XML character
entities.</p>
</li>
<li><p class="first">Varnish can now connect its CLI to a remote instance when starting
up, rather than just being connected to.</p>
</li>
<li><p class="first">It is no longer needed to specify the maximum number of HTTP headers
to allow from backends. This is now a run-time parameter.</p>
</li>
<li><p class="first">The X-Forwarded-For header is now generated by vcl_recv rather than
the C code.</p>
</li>
<li><p class="first">It is now possible to not send all CLI traffic to syslog.</p>
</li>
<li><p class="first">It is now possible to not send all CLI traffic to syslog.</p>
</li>
<li><p class="first">In the case of varnish crashing, it now outputs a identifying string
with the OS, OS revision, architecture and storage parameters
together with the backtrace.</p>
</li>
<li><p class="first">Use exponential backoff when we run out of file descriptors or
sessions.</p>
</li>
<li><p class="first">Allow setting backend timeouts to zero.</p>
</li>
<li><p class="first">Count uptime in the shared memory log.</p>
</li>
<li><p class="first">Try to detect the case of two running varnishes with the same shmlog
and storage by writing the master and child process ids to the shmlog
and refusing to start if they are still running.</p>
</li>
<li><p class="first">Make sure to use EOF mode when serving ESI content to HTTP/1.0
clients.</p>
</li>
<li><p class="first">Make sure we close the connection if it either sends Connection:
close or it is a HTTP/1.0 backend that does not send Connection:
keep-alive.</p>
</li>
<li><p class="first">Increase the default session workspace to 64k on 64-bit systems.</p>
</li>
<li><p class="first">Make the epoll waiter use level triggering, not edge triggering as
edge triggering caused problems on very busy servers.</p>
</li>
<li><p class="first">Handle unforeseen client disconnections better on Solaris.</p>
</li>
<li><p class="first">Make session lingering apply to new sessions, not just reused
sessions.</p>
</li>
</ul>
</div>
<div class="section" id="varnishstat-3">
<h2>varnishstat</h2>
<ul class="simple">
<li>Make use of the new uptime field in the shared memory log rather than
synthesizing it from the start time.</li>
</ul>
</div>
<div class="section" id="varnishlog-5">
<h2>varnishlog</h2>
<ul class="simple">
<li>Exit at the end of the file when started with -d.</li>
</ul>
</div>
<div class="section" id="varnishadm-4">
<h2>varnishadm</h2>
<ul class="simple">
<li>varnishadm can now have a timeout when trying to connect to the
running varnishd.</li>
<li>varnishadm now knows how to respond to the secret from a secured
varnishd</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-5-to-2-0-6">
<h1>Changes from 2.0.5 to 2.0.6</h1>
<div class="section" id="varnishd-18">
<h2>varnishd</h2>
<ul class="simple">
<li>2.0.5 had an off-by-one error in the ESI handling causing includes to
fail a large part of the time. This has now been fixed.</li>
<li>Try harder to not confuse backends when sending them backend probes.
We half-closed the connection, something some backends thought meant
we had dropped the connection. Stop doing so, and add the capability
for specifying the expected response code.</li>
<li>In 2.0.5, session lingering was turned on. This caused statistics to
not be counted often enough in some cases. This has now been fixed.</li>
<li>Avoid triggering an assert if the other end closes the connection
while we are lingering and waiting for another request from them.</li>
<li>When generating backtraces, prefer the built-in backtrace function if
such exists. This fixes a problem compiling 2.0.5 on Solaris.</li>
<li>Make it possible to specify the per-thread stack size. This might be
useful on 32 bit systems with their limited address space.</li>
<li>Document the -C option to varnishd.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-4-to-2-0-5">
<h1>Changes from 2.0.4 to 2.0.5</h1>
<div class="section" id="varnishd-19">
<h2>varnishd</h2>
<ul class="simple">
<li>Handle object workspace overruns better.</li>
<li>Allow turning off ESI processing per request by using set req.esi =
off.</li>
<li>Tell the kernel that we expect to use the mmap-ed file in a random
fashion. On Linux, this turns off/down readahead and increases
performance.</li>
<li>Make it possible to change the maximum number of HTTP headers we
allow by passing --with-max-header-fields=NUM rather than changing
the code.</li>
<li>Implement support for HTTP continuation lines.</li>
<li>Change how connections are closed and only use SO_LINGER for orderly
connection closure. This should hopefully make worker threads less
prone to hangups on network problems.</li>
<li>Handle multi-element purges correctly. Previously we ended up with
parse errors when this was done from VCL.</li>
<li>Handle illegal responses from the backend better by serving a 503
page rather than panic-ing.</li>
<li>When we run into an assertion that is not true, Varnish would
previously dump a little bit of information about itself. Extend that
information with a backtrace. Note that this relies on the varnish
binary being unstripped.</li>
<li>Add a session_max parameter that limits the maximum number of
sessions we keep open before we start dropping new connections
summarily.</li>
<li>Try to consume less memory when doing ESI processing by properly
rolling back used workspace after processing an object. This should
make it possible to turn sess_workspace quite a bit for users with
ESI-heavy pages.</li>
<li>Turn on session_linger by default. Tests have shown that
session_linger helps a fair bit with performance.</li>
<li>Rewrite the epoll acceptor for better performance. This should lead
to both higher processing rates and maximum number of connections on
Linux.</li>
<li>Add If-None-Match support, this gives significant bandwidth savings
for users with compliant browsers.</li>
<li>RFC2616 specifies that ETag, Content-Location, Expires, Cache-Control
and Vary should be emitted when delivering a response with the 304
response code.</li>
<li>Various fixes which makes Varnish compile and work on AIX.</li>
<li>Turn on TCP_DEFER_ACCEPT on Linux. This should make us less
suspecible to denial of service attacks as well as give us slightly
better performance.</li>
<li>Add an .initial property to the backend probe specification. This is
the number of good probes we pretend to have seen. The default is one
less than .threshold, which means the first probe will decide if we
consider the backend healthy.</li>
<li>Make it possible to compare strings against other string-like
objects, not just plain strings. This allows you to compare two
headers, for instance.</li>
<li>When support for restart in vcl_error was added, there was no check
to prevent infinte recursion. This has now been fixed.</li>
<li>Turn on purge_dups by default. This should make us consume less
memory when there are many bans for the same pattern added.</li>
<li>Add a new log tag called FetchError which tries to explain why we
could not fetch an object from the backend.</li>
<li>Change the default srcaddr_ttl to 0. It is not used by anything and
has been removed in the development version. This will increase
performance somewhat.</li>
</ul>
</div>
<div class="section" id="varnishtop-3">
<h2>varnishtop</h2>
<ul class="simple">
<li>varnishtop did not handle variable-length log fields correctly. This
is now fixed.</li>
<li>varnishtop previously did not print the name of the tag, which made
it very hard to understand. We now print out the tag name.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-3-to-2-0-4">
<h1>Changes from 2.0.3 to 2.0.4</h1>
<div class="section" id="varnishd-20">
<h2>varnishd</h2>
<ul class="simple">
<li>Make Varnish more portable by pulling in fixes for Solaris and
NetBSD.</li>
<li>Correct description of -a in the manual page.</li>
<li>Ensure we are compiling in C99 mode.</li>
<li>If error was called with a null reason, we would crash on Solaris.
Make sure this no longer happens.</li>
<li>Varnish used to crash if you asked it to use a non-existent waiter.
This has now been fixed.</li>
<li>Add documentation to the default VCL explaining that using
Connection: close in vcl_pipe is generally a good idea.</li>
<li>Add minimal facility for dealing with TELNET option negotiation by
returning WONT to DO and DONT requests.</li>
<li>If the backend is unhealthy, use a graced object if one is available.</li>
<li>Make server.hostname and server.identity available to VCL. The latter
can be set with the -i parameter to varnishd.</li>
<li>Make restart available from vcl_error.</li>
<li>Previously, only the TTL of an object was considered in whether it
would be marked as cacheable. This has been changed to take the grace
into consideration as well.</li>
<li>Previously, if an included ESI fragment had a zero size, we would
send out a zero-sized chunk which signifies end-of-transmission. We
now ignore zero-sized chunks.</li>
<li>We accidentally slept for far too long when we reached the maximum
number of open file descriptors. This has been corrected and
accept_fd_holdoff now works correctly.</li>
<li>Previously, when ESI processing, we did not look at the full length,
but stopped at the first NULL byte. We no longer do that, enabling
ESI processing of binary data.</li>
</ul>
</div>
<div class="section" id="varnishtest-3">
<h2>varnishtest</h2>
<ul class="simple">
<li>Make sure system "..." returns successfully to ensure test failures
do not go unnoticed.</li>
<li>Make it possible to send NULL bytes through the testing framework.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-2-to-2-0-3">
<h1>Changes from 2.0.2 to 2.0.3</h1>
<div class="section" id="varnishd-21">
<h2>varnishd</h2>
<ul class="simple">
<li>Handle If-Modified-Since and ESI sub-objects better, fixing a problem
where we sometimes neglected to insert included objects.</li>
<li>restart in vcl_hit is now supported.</li>
<li>Setting the TTL of an object to 0 seconds would sometimes cause it to
be delivered for up to one second - epsilon. This has been corrected
and we should now never deliver those objects to other clients.</li>
<li>The malloc storage backend now prints the maximum storage size, just
like the file backend.</li>
<li>Various small documentation bugs have been fixed.</li>
<li>Varnish did not set a default interval for backend probes, causing it
to poll the backend continuously. This has been corrected.</li>
<li>Allow "true" and "false" when setting boolean parameters, in addition
to on/off, enable/disable and yes/no.</li>
<li>Default to always talking HTTP 1.1 with the backend.</li>
<li>Varnish did not make sure the file it was loading was a regular file.
This could cause Varnish to crash if it was asked to load a directory
or other non-regular file. We now check that the file is a regular
file before loading it.</li>
<li>The binary heap used for expiry processing had scalability problems.
Work around this by using stripes of a fixed size, which should make
this scale better, particularly when starting up and having lots of
objects.</li>
<li>When we imported the jemalloc library into the Varnish tree, it did
not compile without warnings. This has now been fixed.</li>
<li>Varnish took a very long time to detect that the backend did not
respond. To remedy this, we now have read timeouts in addition to the
connect timeout. Both the first_byte_timeout and the
between_bytes_timeout defaults to 60 seconds. The connect timeout
is no longer in milliseconds, but rather in seconds.</li>
<li>Previously, the VCL to C conversion as well as the invocation of the
C compiler was done in the management process. This is now done in a
separate sub-process. This prevents any bugs in the VCL compiler from
affecting the management process.</li>
<li>Chunked encoding headers were counted in the statistics for header
bytes. They no longer are.</li>
<li>ESI processed objects were not counted in the statistics for body
bytes. They now are.</li>
<li>It is now possible to adjust the maximum record length of log entries
in the shmlog by tuning the shm_reclen parameter.</li>
<li>The management parameters listed in the CLI were not sorted, which
made it hard to find the parameter you were looking for. They are now
sorted, which should make this easier.</li>
<li>Add a new hashing type, "critbit", which uses a lock-less tree based
lookup algorithm. This is experimental and should not be enabled in
production environments without proper testing.</li>
<li>The session workspace had a default size of 8k. It is now 16k, which
should make VCLs where many headers are processed less prone to
panics.</li>
<li>We have seen that people seem to be confused as to which actions in
the different VCL functions return and which ones don't. Add a new
syntax return(action) to make this more explicit. The old syntax is
still supported.</li>
<li>Varnish would return an error if any of the management IPs listed in
the -T parameter could not be listened to. We now only return an
error if none of them can be listened to.</li>
<li>In the case of the backend or client giving us too many parameters,
we used to just ignore the overflowing headers. This is problematic
if you end up ignoreing Content-Length, Transfer-Encoding and similar
headers. We now give out a 400 error to the client if it sends us too
many and 503 if we get too many from the backend.</li>
<li>We used panic if we got a too large chunked header. This behaviour
has been changed into just failing the transaction.</li>
<li>Varnish now supports an extended purge method where it is possible to
do purge req.http.host ~ "web1.com" && req.url ~ "\.png" and
similar. See the documentation for details.</li>
<li>Under heavy load, Varnish would sometimes crash when trying to update
the per-request statistics. This has now been fixed.</li>
<li>It is now possible to not save the hash string in the session and
object workspace. This will save a lot of memory on sites with many
small objects. Disabling the purge_hash parameter also disables the
purge.hash facility.</li>
<li>Varnish now supports !~ as a "no match" regular expression matcher.</li>
<li>In some cases, you could get serialised access to "pass" objects. We
now make it default to the default_ttl value; this can be overridden
in vcl_fetch.</li>
<li>Varnish did not check the syntax of regsub calls properly. More
checking has been added.</li>
<li>If the client closed the connection while Varnish was processing ESI
elements, Varnish would crash while trying to write the object to the
client. We now check if the client has closed the connection.</li>
<li>The ESI parser had a bug where it would crash if an XML comment would
span storage segments. This has been fixed.</li>
</ul>
<p>VCL Manual page
--------------~</p>
<ul class="simple">
<li>The documentation on how capturing parentheses work was wrong. This
has been corrected.</li>
<li>Grace has now been documented.</li>
</ul>
</div>
<div class="section" id="varnishreplay">
<h2>varnishreplay</h2>
<ul class="simple">
<li>varnishreplay did not work correctly on Linux, due to a too small
stack. This has now been fixed.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-1-to-2-0-2">
<h1>Changes from 2.0.1 to 2.0.2</h1>
<div class="section" id="varnishd-22">
<h2>varnishd</h2>
<ul class="simple">
<li>In high-load situations, when using ESI, varnishd would sometimes
mishandle objects and crash. This has been worked around.</li>
</ul>
</div>
<div class="section" id="varnishreplay-1">
<h2>varnishreplay</h2>
<ul class="simple">
<li>varnishreplay did not work correctly on Linux, due to a too small
stack. This has now been fixed.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-2-0-to-2-0-1">
<h1>Changes from 2.0 to 2.0.1</h1>
<div class="section" id="varnishd-23">
<h2>varnishd</h2>
<ul class="simple">
<li>When receiving a garbled HTTP request, varnishd would sometimes
crash. This has been fixed.</li>
<li>There was an off-by-one error in the ACL compilation. Now fixed.</li>
</ul>
<p>Red Hat spec file
----------------~</p>
<ul class="simple">
<li>A typo in the spec file made the .rpm file names wrong.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-1-1-2-to-2-0">
<h1>Changes from 1.1.2 to 2.0</h1>
<div class="section" id="varnishd-24">
<h2>varnishd</h2>
<ul class="simple">
<li>Only look for sendfile on platforms where we know how to use it,
which is FreeBSD for now.</li>
<li>Make it possible to adjust the shared memory log size and bump the
size from 8MB to 80MB.</li>
<li>Fix up the handling of request bodies to better match what RFC2616
mandates. This makes PUT, DELETE, OPTIONS and TRACE work in addition
to POST.</li>
<li>Change how backends are defined, to a constant structural defintion
style. See <a class="reference external" href="https://www.varnish-cache.org/wiki/VclSyntaxChanges">https://www.varnish-cache.org/wiki/VclSyntaxChanges</a>
for the details.</li>
<li>Add directors, which wrap backends. Currently, there's a random
director and a round-robin director.</li>
<li>Add "grace", which is for how long and object will be served, even
after it has expired. To use this, both the object's and the
request's grace parameter need to be set.</li>
<li>Manual pages have been updated for new VCL syntax and varnishd
options.</li>
<li>Man pages and other docs have been updated.</li>
<li>The shared memory log file is now locked in memory, so it should not
be paged out to disk.</li>
<li>We now handle Vary correctly, as well as Expect.</li>
<li>ESI include support is implemented.</li>
<li>Make it possible to limit how much memory the malloc uses.</li>
<li>Solaris is now supported.</li>
<li>There is now a regsuball function, which works like regsub except it
replaces all occurrences of the regex, not just the first.</li>
<li>Backend and director declarations can have a .connect_timeout
parameter, which tells us how long to wait for a successful
connection.</li>
<li>It is now possible to select the acceptor to use by changing the
acceptor parameter.</li>
<li>Backends can have probes associated with them, which can be checked
with req.backend.health in VCL as well as being handled by directors
which do load-balancing.</li>
<li>Support larger-than-2GB files also on 32 bit hosts. Please note that
this does not mean we can support caches bigger than 2GB, it just
means logfiles and similar can be bigger.</li>
<li>In some cases, we would remove the wrong header when we were
stripping Content-Transfer-Encoding headers from a request. This has
been fixed.</li>
<li>Backends can have a .max_connections associated with them.</li>
<li>On Linux, we need to set the dumpable bit on the child if we want
core dumps. Make sure it's set.</li>
<li>Doing purge.hash() with an empty string would cause us to dump core.
Fixed so we don't do that any more.</li>
<li>We ran into a problem with glibc's malloc on Linux where it seemed
like it failed to ever give memory back to the OS, causing the system
to swap. We have now switched to jemalloc which appears not to have
this problem.</li>
<li>max_restarts was never checked, so we always ended up running out of
workspace. Now, vcl_error is called when we reach max_restarts.</li>
</ul>
</div>
<div class="section" id="varnishtest-4">
<h2>varnishtest</h2>
<ul class="simple">
<li>varnishtest is a tool to do correctness tests of varnishd. The test
suite is run by using make check.</li>
</ul>
</div>
<div class="section" id="varnishtop-4">
<h2>varnishtop</h2>
<ul class="simple">
<li>We now set the field widths dynamically based on the size of the
terminal and the name of the longest field.</li>
</ul>
</div>
<div class="section" id="varnishstat-4">
<h2>varnishstat</h2>
<ul class="simple">
<li>varnishstat -1 now displays the uptime too.</li>
</ul>
</div>
<div class="section" id="varnishncsa-9">
<h2>varnishncsa</h2>
<ul class="simple">
<li>varnishncsa now does fflush after each write. This makes tail -f work
correctly, as well as avoiding broken lines in the log file.</li>
<li>It is possible to get varnishncsa to output the X-Forwarded-For
instead of the client IP by passing -f to it.</li>
</ul>
<p>Build system
-----------~</p>
<ul class="simple">
<li>Various sanity checks have been added to configure, it now complains
about no ncurses or if SO_RCVTIMEO or SO_SNDTIMEO are
non-functional. It also aborts if there's no working acceptor
mechanism</li>
<li>The C compiler invocation is decided by the configure script and can
now be overridden by passing VCC_CC when running configure.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-1-1-1-to-1-1-2">
<h1>Changes from 1.1.1 to 1.1.2</h1>
<div class="section" id="varnishd-25">
<h2>varnishd</h2>
<ul class="simple">
<li>When switching to a new VCL configuration, a race condition exists
which may cause Varnish to reference a backend which no longer exists
(see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/144">ticket #144</a>).
This race condition has not been entirely eliminated, but it should
occur less frequently.</li>
<li>When dropping a TCP session before any requests were processed, an
assertion would be triggered due to an uninitialized timestamp (see
<a class="reference external" href="https://www.varnish-cache.org/trac/ticket/132">ticket #132</a>). The
timestamp is now correctly initialized.</li>
<li>Varnish will now correctly generate a Date: header for every response
instead of copying the one it got from the backend (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/157">ticket
#157</a>).</li>
<li>Comparisons in VCL which involve a non-existent string (usually a
header which is not present in the request or object being processed)
would cause a NULL pointer dereference; now the comparison will
simply fail.</li>
<li>A bug in the VCL compiler which would cause a double-free when
processing include directives has been fixed.</li>
<li>A resource leak in the worker thread management code has been fixed.</li>
<li>When connecting to a backend, Varnish will usually get the address
from a cache. When the cache is refreshed, existing connections may
end up with a reference to an address structure which no longer
exists, resulting in a crash. This race condition has been somewhat
mitigated, but not entirely eliminated (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/144">ticket
#144</a>.)</li>
<li>Varnish will now pass the correct protocol version in pipe mode: the
backend will get what the client sent, and vice versa.</li>
<li>The core of the pipe mode code has been rewritten to increase
robustness and eliminate spurious error messages when either end
closes the connection in a manner Varnish did not anticipate.</li>
<li>A memory leak in the backend code has been plugged.</li>
<li>When using the kqueue acceptor, if a client shuts down the request
side of the connection (as many clients do after sending their final
request), it was possible for the acceptor code to receive the EOF
event and recycle the session while the last request was still being
serviced, resulting in a assertion failure and a crash when the
worker thread later tried to delete the session. This should no
longer happen (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/162">ticket
#162</a>.)</li>
<li>A mismatch between the recorded length of a cached object and the
amount of data actually present in cache for that object can
occasionally occur (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/167">ticket
#167</a>.) This has been
partially fixed, but may still occur for error pages generated by
Varnish when a problem arises while retrieving an object from the
backend.</li>
<li>Some socket-related system calls may return unexpected error codes
when operating on a TCP connection that has been shut down at the
other end. These error codes would previously cause assertion
failures, but are now recognized as harmless conditions.</li>
</ul>
</div>
<div class="section" id="varnishhist">
<h2>varnishhist</h2>
<ul class="simple">
<li>Pressing 0 though 9 while varnishhist is running will change the
refresh interval to the corresponding power of two, in seconds.</li>
</ul>
</div>
<div class="section" id="varnishncsa-10">
<h2>varnishncsa</h2>
<ul class="simple">
<li>The varnishncsa tool can now daemonize and write a PID file like
varnishlog, using the same command-line options. It will also reopen
its output upon receipt of a SIGHUP if invoked with -w.</li>
</ul>
</div>
<div class="section" id="varnishstat-5">
<h2>varnishstat</h2>
<ul class="simple">
<li>Pressing 0 though 9 while varnishstat is running will change the
refresh interval to the corresponding power of two, in seconds.</li>
</ul>
<p>Build system
-----------~</p>
<ul class="simple">
<li>Varnish's <queue.h> has been modified to avoid conflicts with
<sys/queue.h> on platforms where the latter is included indirectly
through system headers.</li>
<li>Several steps have been taken towards Solaris support, but this is
not yet complete.</li>
<li>When configure was run without an explicit prefix, Varnish's idea of
the default state directory would be garbage and a state directory
would have to be specified manually with -n. This has been corrected.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-1-1-to-1-1-1">
<h1>Changes from 1.1 to 1.1.1</h1>
<div class="section" id="varnishd-26">
<h2>varnishd</h2>
<ul class="simple">
<li>The code required to allow VCL to read obj.status, which had
accidentally been left out, has now been added.</li>
<li>Varnish will now always include a Connection: header in its reply to
the client, to avoid possible misunderstandings.</li>
<li>A bug that triggered an assertion failure when generating synthetic
error documents has been corrected.</li>
<li>A new VCL function, purge_url, provides the same functionality as
the url.purge management command.</li>
<li>Previously, Varnish assumed that the response body should be sent
only if the request method was GET. This was a problem for custom
request methods (such as PURGE), so the logic has been changed to
always send the response body except in the specific case of a HEAD
request.</li>
<li>Changes to run-time parameters are now correctly propagated to the
child process.</li>
<li>Due to the way run-time parameters are initialized at startup,
varnishd previously required the nobody user and the nogroup group to
exist even if a different user and group were specified on the
command line. This has been corrected.</li>
<li>Under certain conditions, the VCL compiler would carry on after a
syntax error instead of exiting after reporting the error. This has
been corrected.</li>
<li>The manner in which the hash string is assembled has been modified to
reduce memory usage and memory-to-memory copying.</li>
<li>Before calling vcl_miss, Varnish assembles a tentative request
object for the backend request which will usually follow. This object
would be leaked if vcl_miss returned anything else than fetch. This
has been corrected.</li>
<li>The code necessary to handle an error return from vcl_fetch and
vcl_deliver had inadvertantly been left out. This has been
corrected.</li>
<li>Varnish no longer prints a spurious "child died" message (the result
of reaping the compiler process) after compiling a new VCL
configuration.</li>
<li>Under some circumstances, due to an error in the workspace management
code, Varnish would lose the "tail" of a request, i.e. the part of
the request that has been received from the client but not yet
processed. The most obvious symptom of this was that POST requests
would work with some browsers but not others, depending on details of
the browser's HTTP implementation. This has been corrected.</li>
<li>On some platforms, due to incorrect assumptions in the CLI code, the
management process would crash while processing commands received
over the management port. This has been corrected.</li>
</ul>
<p>Build system
-----------~</p>
<ul class="simple">
<li>The top-level Makefile will now honor $DESTDIR when creating the
state directory.</li>
<li>The Debian and RedHat packages are now split into three (main / lib /
devel) as is customary.</li>
<li>A number of compile-time and run-time portability issues have been
addressed.</li>
<li>The autogen.sh script had workarounds for problems with the GNU
autotools on FreeBSD; these are no longer needed and have been
removed.</li>
<li>The libcompat library has been renamed to libvarnishcompat and is now
dynamic rather than static. This simplifies the build process and
resolves an issue with the Mac OS X linker.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-1-0-4-to-1-1">
<h1>Changes from 1.0.4 to 1.1</h1>
<div class="section" id="varnishd-27">
<h2>varnishd</h2>
<ul class="simple">
<li>Readability of the C source code generated from VCL code has been
improved.</li>
<li>Equality (==) and inequality (!=) operators have been implemented for
IP addresses (which previously could only be compared using ACLs).</li>
<li>The address of the listening socket on which the client connection
was received is now available to VCL as the server.ip variable.</li>
<li>Each object's hash key is now computed based on a string which is
available to VCL as req.hash. A VCL hook named vcl_hash has been
added to allow VCL scripts to control hash generation (for instance,
whether or not to include the value of the Host: header in the hash).</li>
<li>The setup code for listening sockets has been modified to detect and
handle situations where a host name resolves to multiple IP
addresses. It will now attempt to bind to each IP address separately,
and report a failure only if none of them worked.</li>
<li>Network or protocol errors that occur while retrieving an object from
a backend server now result in a synthetic error page being inserted
into the cache with a 30-second TTL. This should help avoid driving
an overburdened backend server into the ground by repeatedly
requesting the same object.</li>
<li>The child process will now drop root privileges immediately upon
startup. The user and group to use are specified with the user and
group run-time parameters, which default to nobody and nogroup,
respectively. Other changes have been made in an effort to increase
the isolation between parent and child, and reduce the impact of a
compromise of the child process.</li>
<li>Objects which are received from the backend with a Vary: header are
now stored separately according to the values of the headers
specified in Vary:. This allows Varnish to correctly cache e.g.
compressed and uncompressed versions of the same object.</li>
<li>Each Varnish instance now has a name, which by default is the host
name of the machine it runs on, but can be any string that would be
valid as a relative or absolute directory name. It is used to
construct the name of a directory in which the server state as well
as all temporary files are stored. This makes it possible to run
multiple Varnish instances on the same machine without conflict.</li>
<li>When invoked with the -C option, varnishd will now not just translate
the VCL code to C, but also compile the C code and attempt to load
the resulting shared object.</li>
<li>Attempts by VCL code to reference a variable outside its scope or to
assign a value to a read-only variable will now result in
compile-time rather than run-time errors.</li>
<li>The new command-line option -F will make varnishd run in the
foreground, without enabling debugging.</li>
<li>New VCL variables have been introduced to allow inspection and
manipulation of the request sent to the backend (bereq.request,
bereq.url, bereq.proto and bereq.http) and the response to the client
(resp.proto, resp.status, resp.response and resp.http).</li>
<li>Statistics from the storage code (including the amount of data and
free space in the cache) are now available to varnishstat and other
statistics-gathering tools.</li>
<li>Objects are now kept on an LRU list which is kept loosely up-to-date
(to within a few seconds). When cache runs out, the objects at the
tail end of the LRU list are discarded one by one until there is
enough space for the freshly requested object(s). A VCL hook,
vcl_discard, is allowed to inspect each object and determine its
fate by returning either keep or discard.</li>
<li>A new VCL hook, vcl_deliver, provides a chance to adjust the
response before it is sent to the client.</li>
<li>A new management command, vcl.show, displays the VCL source code of
any loaded configuration.</li>
<li>A new VCL variable, now, provides VCL scripts with the current time
in seconds since the epoch.</li>
<li>A new VCL variable, obj.lastuse, reflects the time in seconds since
the object in question was last used.</li>
<li>VCL scripts can now add an HTTP header (or modify the value of an
existing one) by assigning a value to the corresponding variable, and
strip an HTTP header by using the remove keyword.</li>
<li>VCL scripts can now modify the HTTP status code of cached objects
(obj.status) and responses (resp.status)</li>
<li>Numeric and other non-textual variables in VCL can now be assigned to
textual variables; they will be converted as needed.</li>
<li>VCL scripts can now apply regular expression substitutions to textual
variables using the regsub function.</li>
<li>A new management command, status, returns the state of the child.</li>
<li>Varnish will now build and run on Mac OS X.</li>
</ul>
</div>
<div class="section" id="varnishadm-5">
<h2>varnishadm</h2>
<ul class="simple">
<li>This is a new utility which sends a single command to a Varnish
server's management port and prints the result to stdout, greatly
simplifying the use of the management port from scripts.</li>
</ul>
</div>
<div class="section" id="varnishhist-1">
<h2>varnishhist</h2>
<ul class="simple">
<li>The user interface has been greatly improved; the histogram will be
automatically rescaled and redrawn when the window size changes, and
it is updated regularly rather than at a rate dependent on the amount
of log data gathered. In addition, the name of the Varnish instance
being watched is displayed in the upper right corner.</li>
</ul>
</div>
<div class="section" id="varnishncsa-11">
<h2>varnishncsa</h2>
<ul class="simple">
<li>In addition to client traffic, varnishncsa can now also process log
data from backend traffic.</li>
<li>A bug that would cause varnishncsa to segfault when it encountered an
empty HTTP header in the log file has been fixed.</li>
</ul>
</div>
<div class="section" id="varnishreplay-2">
<h2>varnishreplay</h2>
<ul class="simple">
<li>This new utility will attempt to recreate the HTTP traffic which
resulted in the raw Varnish log data which it is fed.</li>
</ul>
</div>
<div class="section" id="varnishstat-6">
<h2>varnishstat</h2>
<ul class="simple">
<li>Don't print lifetime averages when it doesn't make any sense, for
instance, there is no point in dividing the amount in bytes of free
cache space by the lifetime in seconds of the varnishd process.</li>
<li>The user interface has been greatly improved; varnishstat will no
longer print more than fits in the terminal, and will respond
correctly to window resize events. The output produced in one-shot
mode has been modified to include symbolic names for each entry. In
addition, the name of the Varnish instance being watched is displayed
in the upper right corner in curses mode.</li>
</ul>
</div>
<div class="section" id="varnishtop-5">
<h2>varnishtop</h2>
<ul class="simple">
<li>The user interface has been greatly improved; varnishtop will now
respond correctly to window resize events, and one-shot mode (-1)
actually works. In addition, the name of the Varnish instance being
watched is displayed in the upper right corner in curses mode.</li>
</ul>
</div>
</div>
<div class="section" id="changes-from-1-0-3-to-1-0-4">
<h1>Changes from 1.0.3 to 1.0.4</h1>
<div class="section" id="varnishd-28">
<h2>varnishd</h2>
<ul>
<li><p class="first">The request workflow has been redesigned to simplify request
processing and eliminate code duplication. All codepaths which need
to speak HTTP now share a single implementation of the protocol. Some
new VCL hooks have been added, though they aren't much use yet. The
only real user-visible change should be that Varnish now handles
persistent backend connections correctly (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/56">ticket
#56</a>).</p>
</li>
<li><p class="first">Support for multiple listen addresses has been added.</p>
</li>
<li><p class="first">An "include" facility has been added to VCL, allowing VCL code to
pull in code fragments from multiple files.</p>
</li>
<li><p class="first">Multiple definitions of the same VCL function are now concatenated
into one in the order in which they appear in the source. This
simplifies the mechanism for falling back to the built-in default for
cases which aren't handled in custom code, and facilitates
modularization.</p>
</li>
<li><p class="first">The code used to format management command arguments before passing
them on to the child process would underestimate the amount of space
needed to hold each argument once quotes and special characters were
properly escaped, resulting in a buffer overflow. This has been
corrected.</p>
</li>
<li><p class="first">The VCL compiler has been overhauled. Several memory leaks have been
plugged, and error detection and reporting has been improved
throughout. Parts of the compiler have been refactored to simplify
future extension of the language.</p>
</li>
<li><p class="first">A bug in the VCL compiler which resulted in incorrect parsing of the
decrement (-=) operator has been fixed.</p>
</li>
<li><p class="first">A new -C command-line option has been added which causes varnishd to
compile the VCL code (either from a file specified with -f or the
built-in default), print the resulting C code and exit.</p>
</li>
<li><p class="first">When processing a backend response using chunked encoding, if a chunk
header crosses a read buffer boundary, read additional bytes from the
backend connection until the chunk header is complete.</p>
</li>
<li><p class="first">A new ping_interval run-time parameter controls how often the
management process checks that the worker process is alive.</p>
</li>
<li><p class="first">A bug which would cause the worker process to dereference a NULL
pointer and crash if the backend did not respond has been fixed.</p>
</li>
<li><p class="first">In some cases, such as when they are used by AJAX applications to
circumvent Internet Explorer's over-eager disk cache, it may be
desirable to cache POST requests. However, the code path responsible
for delivering objects from cache would only transmit the response
body when replying to a GET request. This has been extended to also
apply to POST.</p>
<p>This should be revisited at a later date to allow VCL code to control
whether the body is delivered.</p>
</li>
<li><p class="first">Varnish now respects Cache-control: s-maxage, and prefers it to
Cache-control: max-age if both are present.</p>
<p>This should be revisited at a later date to allow VCL code to control
which headers are used and how they are interpreted.</p>
</li>
<li><p class="first">When loading a new VCL script, the management process will now load
the compiled object to verify that it links correctly before
instructing the worker process to load it.</p>
</li>
<li><p class="first">A new -P command-line options has been added which causes varnishd to
create a PID file.</p>
</li>
<li><p class="first">The sendfile_threshold run-time parameter's default value has been
set to infinity after a variety of sendfile()-related bugs were
discovered on several platforms.</p>
</li>
</ul>
</div>
<div class="section" id="varnishlog-6">
<h2>varnishlog</h2>
<ul class="simple">
<li>When grouping log entries by request, varnishlog attempts to collapse
the log entry for a call to a VCL function with the log entry for the
corresponding return from VCL. When two VCL calls were made in
succession, varnishlog would incorrectly omit the newline between the
two calls (see <a class="reference external" href="https://www.varnish-cache.org/trac/ticket/95">ticket
#95</a>).</li>
<li>New -D and -P command-line options have been added to daemonize and
create a pidfile, respectively.</li>
<li>The flag that is raised upon reception of a SIGHUP has been marked
volatile so it will not be optimized away by the compiler.</li>
</ul>
</div>
<div class="section" id="varnishncsa-12">
<h2>varnishncsa</h2>
<ul>
<li><p class="first">The formatting callback has been largely rewritten for clarity,
robustness and efficiency.</p>
<p>If a request included a Host: header, construct and output an
absolute URL. This makes varnishncsa output from servers which handle
multiple virtual hosts far more useful.</p>
</li>
<li><p class="first">The flag that is raised upon reception of a SIGHUP has been marked
volatile so it will not be optimized away by the compiler.</p>
</li>
</ul>
</div>
<div class="section" id="documentation">
<h2>Documentation</h2>
<ul class="simple">
<li>The documentation, especially the VCL documentation, has been greatly
extended and improved.</li>
</ul>
</div>
<div class="section" id="build-system">
<h2>Build system</h2>
<ul class="simple">
<li>The name and location of the curses or ncurses library is now
correctly detected by the configure script instead of being hardcoded
into affected Makefiles. This allows Varnish to build correctly on a
wider range of platforms.</li>
<li>Compatibility shims for clock_gettime() are now correctly applied
where needed, allowing Varnish to build on MacOS X.</li>
<li>The autogen.sh script will now correctly detect and warn about
automake versions which are known not to work correctly.</li>
</ul>
</div>
</div>
</div>
</body>
</html>