Commit Graph

255 Commits

Author SHA1 Message Date
Willy Tarreau
09733ab109 [MINOR] add .gitignore 2006-12-16 19:56:22 +01:00
Willy Tarreau
1d488b6e10 [MINOR] added include/common/debug.h
This file will provide debugging macros such as DPRINTF.
2006-12-16 19:54:02 +01:00
Willy Tarreau
f224273df3 [BUILD] last commit did not build 2006-12-16 19:00:29 +01:00
Willy Tarreau
e15d9132df [MEDIUM] reference and index appended request headers
When headers are appended to the end of a request, they must
be indexed.
2006-12-14 22:26:42 +01:00
Willy Tarreau
2a32428926 [MAJOR] finished replacement of the client-side HTTP parser with a new one
The code is working again, but not as clean as it could be.
Many blocks should still move to dedicated functions. req->h
must be removed everywhere and updated everytime needed.

A few functions or macros should take care of the headers
during header insertion/deletion/change.
2006-12-05 00:05:46 +01:00
Willy Tarreau
58f10d7478 [MAJOR] replaced the client-side HTTP parser with a new one
The new parser uses an FSM to strictly follow RFC2616.
Headers are indexed and parsed only once they're all available.
That way, complex regexes make more sense.

HTTP processing is now performed in several phases by calling
multiple functions, making the code cleaner and easier to read.

Note that req[i]pass does not work anymore because it would
require that we mark a header to be ignored. What is really
needed is to have the ability to add an exception to a matching
(match xx except yy).

Several bugs have been fixed in appsession during the conversion
to the new FSM (method length and recovery on malloc errors).

The code does build and work with the debug examples, but is
not usable yet to connect to anything as it does not forward
the requests yet.
2006-12-04 02:26:12 +01:00
Willy Tarreau
b7eba10304 [BUG] files were missing for hdr_idx in previous commit 2006-12-04 02:20:02 +01:00
Willy Tarreau
e5f20dcea8 [MEDIUM] added the hdr_idx structure for future HTTP header indexing
This structure will consume 4 bytes per header to keep track of
headers within a request or a response without having to parse
the whole request for each regex. As it's not possible to allocate
only 4 bytes, we define a max number of HTTP headers. We set it
to (BUFSIZE+79)/80 so that 8kB buffers can contain 100 headers
(like Apache), resulting in 400 bytes dedicated to indexation,
or about 400/(2*8kB) ~= 2.4% of the memory usage.
2006-12-03 15:21:35 +01:00
Willy Tarreau
09536952b3 Merge branch 'rfc2616' into switch 2006-12-02 20:13:39 +01:00
Willy Tarreau
669e6da163 [BUG] implemented support for multi-line headers as required by RFC2616.
This patch was added in 1.2.9 but was then incidentely reverted by
  manipulation error when merging next patch (enforce max number of
  conns). It's now merged again.
2006-12-02 20:12:55 +01:00
Willy Tarreau
73de9899a6 [MAJOR] separate sess->proxy into sess->{fe,fi,be}
The references to the proxy from the session have been turned into
Frontend (fe), Filters (fi) and Backend (be). This should ease the
migration to the L7 switching features. Next step will be to kill
the struct proxy and have 3 independant structs instead, each
referenced from entities called listener, frontend, filters and
backend.
2006-11-30 11:40:23 +01:00
Willy Tarreau
163c53253c [MEDIUM] use tproxy address as source of health checks
If a tproxy address is defined, then use it for health checks too.
2006-11-14 16:18:41 +01:00
Willy Tarreau
f19cf37031 [BUILD] remove a warning in backend.c
include <string.h> to remove a warning on memset
2006-11-14 15:40:51 +01:00
Willy Tarreau
58b2f83685 [MEDIUM] add support for SO_REUSEPORT on Linux
SO_REUSEPORT does not exist on Linux but the checks are available in
the code. With a little patch, it's possible to implement the feature,
but the value of SO_REUSEPORT will still have to be known from userland.
This patch adds a workaround to this problem by figuring out the value
for the one used by SO_REUSEADDR.
2006-11-13 01:22:38 +01:00
Willy Tarreau
77074d548b [MAJOR] support for source binding via cttproxy
Using the cttproxy kernel patch, it's possible to bind to any source
address. It is highly recommended to use the 03-natdel patch with the
other ones.

A new keyword appears as a complement to the "source" keyword : "usesrc".
The source address is mandatory and must be valid on the interface which
will see the packets. The "usesrc" option supports "client" (for full
client_ip:client_port spoofing), "client_ip" (for client_ip spoofing)
and any 'IP[:port]' combination to pretend to be another machine.

Right now, the source binding is missing from server health-checks if
set to another address. It must be implemented (think restricted firewalls).
The doc is still missing too.
2006-11-12 23:57:19 +01:00
Willy Tarreau
2152cb5b59 [MEDIUM] import ip_tproxy.h from cttproxy
The file "ip_tproxy.h" will be needed to build with cttproxy support.
Let's include it to ease the build process.
2006-11-12 23:50:48 +01:00
Willy Tarreau
9c9fea4617 [RELEASE] released 1.3.3
Released 1.3.3 with the following changes :
    - fix broken redispatch option in case the connection has already
      been marked "in progress" (ie: nearly always).
    - support regparm on x86 to speed up some often called functions
    - removed a few useless calls to gettimeofday() in log functions.
    - lots of 'const char*' cleanups
    - turn every FD_* into functions which are faster on recent CPUs
    - builds again on OpenBSD and Solaris
2006-10-16 00:03:35 +02:00
Willy Tarreau
4eeec0967d [BUILD] Makefile.bsd is functionnal again. 2006-10-15 23:50:42 +02:00
Willy Tarreau
390223bc32 [BUILD] only enable regparm on x86 to avoid useless warnings
It complains at least on Solaris/sparc64 and OpenBSD/vax.
2006-10-15 23:43:42 +02:00
Willy Tarreau
1a587498e8 [BUILD] make clean did not work on anything but bash 2006-10-15 23:40:58 +02:00
Willy Tarreau
aad2e49034 [BUILD] replaced u_int32_t with unsigned int.
Linux and BSD know about u_int32_t, while Solaris knows about uint32_t.
This is getting boring and unsigned int perfectly fits the goal for the
moment. Further investigation will be performed anyway.
2006-10-15 23:32:18 +02:00
Willy Tarreau
7d67768e27 [BUILD] types/proxy.h: reorder a few includes.
OpenBSD is very sensible on the order of includes :
sys/types.h, sys/socket.h, netinet/in.h and arpa/inet.h must be
included in this exact order.
2006-10-15 23:18:47 +02:00
Willy Tarreau
1001b949ee [CLEANUP] fd.c : regparm was hardcoded too. 2006-10-15 23:10:10 +02:00
Willy Tarreau
014b4fecb2 [BUILD] <stdint> is not present on OpenBSD. Prefer <sys/types.h> 2006-10-15 22:57:13 +02:00
Willy Tarreau
fddaec02ee [CLEANUP] fd.h : regparm was hardcoded. 2006-10-15 22:56:08 +02:00
Willy Tarreau
bf73613543 [CLEANUP] added the correct cast to call localtime()
Calling localtime() with a timeval.tv_sec causes a warning on
OpenBSD where the tv_sec is declared long.
2006-10-15 22:54:47 +02:00
Willy Tarreau
fb278677e2 [MEDIUM] use regparm on a few tv_* functions
Some of the tv_* functions are called very often. Passing their
arguments as registers is quite faster. This can be disabled
by setting CONFIG_HAP_DISABLE_REGPARM.
2006-10-15 15:38:50 +02:00
Willy Tarreau
2b35c95d6c [MEDIUM] remove useless calls to gettimeofday()
send_log(), Alert() and Warning() used gettimeofday() while using
<now> should have been preferred.
2006-10-15 15:25:48 +02:00
Willy Tarreau
b17916e89b [CLEANUP] add a few "const char *" where appropriate
As suggested by Markus Elfring, a few "const char *" have replaced
some "char *" declarations where a function is not expected to
modify a value. It does not change the code but it helps detecting
coding errors.
2006-10-15 15:17:57 +02:00
Willy Tarreau
c642348ce4 [CLEANUP] add a few checks for functions return values
Markus Elfring suggested adding a few checks which were missing
after a bunch of getsockopt() and 2 strdup(). While those are
unlikely to fail where they are used, it makes the code cleaner.
2006-10-15 14:59:03 +02:00
Willy Tarreau
2a429503e0 [MINOR] turn every FD_* into functions
On recent CPUs, functions are about twice as fast as inline FD_*, so
there is now a #define CONFIG_HAP_INLINE_FD_SET to choose between the
two modes.
2006-10-15 14:53:07 +02:00
Willy Tarreau
0bbc3cf157 [MEDIUM] fix broken redispatch option
Since the connection queueing was introduced, the "redispatch"
option could not cover the cases where a connection has been
refused by the server after having been marked "in progress".
The fix consists in doing a redispatch in the delayed connection
handling code.

Problem reported by Konrad Rzentarzewski.
2006-10-15 14:26:02 +02:00
Willy Tarreau
9f0a90145f [BUILD] added the 'git-tar' target to the Makefile
Now, doing a "make git-tar" will automaticall build the tar.gz archive
from the versionned tree.
2006-10-15 14:24:14 +02:00
Willy Tarreau
690f9aa028 [RELEASE] released 1.3.2
- started the changes towards I/O completion callbacks. stream_sock* have
      replaced event_*.
    - added the new "reqtarpit" and "reqitarpit" protection features
2006-09-03 11:23:06 +02:00
Willy Tarreau
08fa2e37fd [MINOR] tarpit: close the connection if the client closes.
There's no point at maintaining an open tarpitted connection
if the client has left.
2006-09-03 10:47:37 +02:00
Willy Tarreau
2272dc14bb [DOC] add docs and examples of tarpit configuration 2006-09-03 10:19:38 +02:00
Willy Tarreau
b8750a82a2 [MEDIUM] added the "reqtarpit" and "reqitarpit" features
It is now possible to tarpit connections based on regex matches.
The tarpit timeout is equal to the contimeout. A 500 server error
response is faked, and the logs show the status flags as "PT" which
indicate the connection has been tarpitted.
2006-09-03 09:56:00 +02:00
Willy Tarreau
f8306d5391 [MEDIUM] got rid of event_{cli,srv}_write() in favor of stream_sock_write()
The timeouts, expiration timers and results are now stored in the buffers.
The timers will have to change a bit to become more flexible, and when the
I/O completion functions will be written, the connect_complete() will have
to be extracted from the write() function.
2006-07-29 19:01:31 +02:00
Willy Tarreau
d797128d6e [MEDIUM] got rid of event_{cli,srv}_read() in favor of stream_sock_read() 2006-07-29 18:36:34 +02:00
Willy Tarreau
0f9f5056f9 [MEDIUM] removed all res_* and RES_*
The read-, write-, end- and error- status are now stored in the buffer.
2006-07-29 17:39:25 +02:00
Willy Tarreau
5446940e37 [MEDIUM] started the changes towards I/O completion callbacks
Now the event_* functions find their buffer in the fdtab itself.
2006-07-29 16:59:06 +02:00
Willy Tarreau
1da7a77031 [TESTS] added two new test configurations
- one for basic features
- one for httpterm
2006-07-29 16:47:12 +02:00
Willy Tarreau
8f2b855ab2 [RELEASE] released 1.3.1 after resyncing with 1.2.15
Released 1.3.1 with the following changes from 1.2.15 :
   - now, haproxy warns about missing timeout during startup to try to
     eliminate all those buggy configurations.
   - added "Content-Type: text/html" in responses wherever appropriate, as
     suggested by Cameron Simpson.
   - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
     test server's health
   - implemented "monitor-uri" so that haproxy can reply to a specific URI with
     an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
     at once.
2006-07-09 17:11:39 +02:00
Willy Tarreau
6bbf14c154 [DOC] provided an example of configuration involving URL switching. 2006-07-09 17:02:06 +02:00
Willy Tarreau
1c47f85292 [MEDIUM] implemented the 'monitor-uri' keyword.
It is used to test haproxy's status with an HTTP request to which
it will reply with HTTP/1.0 200 OK.
2006-07-09 17:01:40 +02:00
Willy Tarreau
f3c692090e [MEDIUM] implement 'option ssl-hello-chk' to use CLIENT HELLO health checks.
This makes it possible to relay SSL connections in pure TCP instances while
ensuring the remote end really receives our data eventhough intermediate
agents (firewalls, proxies, ...) might acknowledge the connection.
2006-07-09 16:42:34 +02:00
Willy Tarreau
2738a14941 [MEDIUM] now upon startup, haproxy will warn about missing timeouts.
Too many problem reports were caused by missing timeouts. While
there has never been any default value since version 1.0, having
no timeout is abnormal in networked environments, and will lead
to various problems such as CLOSE_WAIT sockets accumulating and
nasty things like this. For this reason, it's better to annoy
the users until they fix their configs than letting them run
buggy configurations.
2006-07-09 16:22:41 +02:00
Willy Tarreau
791d66d363 [MINOR] added lots of Content-Type: text/html to HTML responses and stats.
This suggestion from Cameron Simpson is perfectly valid and should have been
implemented from the beginning.
2006-07-09 16:13:17 +02:00
Willy Tarreau
b9e98b6836 [RELEASE] version 1.3.0
Released version 1.3.0 which differs from 1.2.14 only by the fact
that the code is now classed in multiple .c and .h files.
2006-07-03 10:32:46 +02:00
Willy Tarreau
e3ba5f0aaa [CLEANUP] included common/version.h everywhere 2006-06-29 18:54:54 +02:00