mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-16 00:14:31 +00:00
5f3f15f618
111 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Willy Tarreau
|
eab1dc6234 |
[RELEASE] Released version 1.5-dev19
Released version 1.5-dev19 with the following main changes : - MINOR: stats: remove the autofocus on the scope input field - BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored. - BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file. - BUG/MEDIUM: shctx: makes the code independent on SSL runtime version. - MEDIUM: ssl: improve crt-list format to support negation - BUG: ssl: fix crt-list for clients not supporting SNI - MINOR: stats: show soft-stopped servers in different color - BUG/MINOR: config: "source" does not work in defaults section - BUG: regex: fix pcre compile error when using JIT - MINOR: ssl: add pattern fetch 'ssl_c_sha1' - BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used - MINOR: show PCRE version and JIT status in -vv - BUG/MINOR: jit: don't rely on USE flag to detect support - DOC: readme: add suggestion to link against static openssl - DOC: examples: provide simplified ssl configuration - REORG: tproxy: prepare the transparent proxy defines for accepting other OSes - MINOR: tproxy: add support for FreeBSD - MINOR: tproxy: add support for OpenBSD - DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8 - CLEANUP: fix minor typo in error message. - CLEANUP: fix missing include <string.h> in proto/listener.h - CLEANUP: protect checks.h from multiple inclusions - MINOR: compression: acl "res.comp" and fetch "res.comp_algo" - BUG/MINOR: http: add-header/set-header did not accept the ACL condition - BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32 - BUG/MEDIUM: splicing is broken since 1.5-dev12 - BUG/MAJOR: acl: add implicit arguments to the resolve list - BUG/MINOR: tcp: fix error reporting for TCP rules - CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix - MINOR: stick-table: allow to allocate an entry without filling it - BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes - MINOR: session: only call http_send_name_header() when changing the server - MINOR: tcp: report the erroneous word in tcp-request track* - BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances - BUG/MEDIUM: log: fix regression on log-format handling - MEDIUM: log: report file name, line number, and directive name with log-format errors - BUG/MINOR: cli: "clear table" did not work anymore without a key - BUG/MINOR: cli: "clear table xx data.xx" does not work anymore - BUG/MAJOR: http: compression still has defects on chunked responses - BUG/MINOR: stats: fix confirmation links on the stats interface - BUG/MINOR: stats: the status bar does not appear anymore after a change - BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process" - BUG/MEDIUM: stats: fix a regression when dealing with POST requests - BUG/MINOR: fix unterminated ACL array in compression - BUILD: last fix broke non-linux platforms - MINOR: init: indicate the SSL runtime version on -vv. - BUG/MEDIUM: compression: the deflate algorithm must use global settings as well - BUILD: stdbool is not portable (again) - DOC: readme: add a small reminder about restrictions to respect in the code - MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates - BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT - DOC: fix wrong copy-paste in the rspdel example - MINOR: counters: make it easier to extend the amount of tracked counters - MEDIUM: counters: add support for tracking a third counter - MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables - BUG/MAJOR: http: always ensure response buffer has some room for a response - MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked - MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined - MINOR: log: add a new flag 'L' for locally processed requests - MINOR: http: add full-length header fetch methods - MEDIUM: protocol: implement a "drain" function in protocol layers - MEDIUM: http: add a new "http-response" ruleset - MEDIUM: http: add the "set-nice" action to http-request and http-response - MEDIUM: log: add a log level override value in struct session - MEDIUM: http: add support for action "set-log-level" in http-request/http-response - MEDIUM: http: add support for "set-tos" in http-request/http-response - MEDIUM: http: add the "set-mark" action on http-request/http-response rules - MEDIUM: tcp: add "tcp-request connection expect-proxy layer4" - MEDIUM: acl: automatically detect the type of certain fetches - MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches - MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches - DOC: major reorg of ACL + sample fetch - CLEANUP: http: remove the bogus urlp_ip ACL match - MINOR: acl: add the new "env()" fetch method to retrieve an environment variable - BUG/MINOR: acl: correctly consider boolean fetches when doing casts - BUG/CRITICAL: fix a possible crash when using negative header occurrences - DOC: update ROADMAP file - MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3 - MEDIUM: stats: add proxy name filtering on the statistic page |
||
Willy Tarreau
|
289dd92a64 |
[RELEASE] Released version 1.5-dev18
Released version 1.5-dev18 with the following main changes : - DOCS: Add explanation of intermediate certs to crt paramater - DOC: typo and minor fixes in compression paragraph - MINOR: config: http-request configuration error message misses new keywords - DOC: minor typo fix in documentation - BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured. - MEDIUM: ssl: add bind-option "strict-sni" - MEDIUM: ssl: add mapping from SNI to cert file using "crt-list" - MEDIUM: regex: Use PCRE JIT in acl - DOC: simplify bind option "interface" explanation - DOC: tfo: bump required kernel to linux-3.7 - BUILD: add explicit support for TFO with USE_TFO - MEDIUM: New cli option -Ds for systemd compatibility - MEDIUM: add haproxy-systemd-wrapper - MEDIUM: add systemd service - BUG/MEDIUM: systemd-wrapper: don't leak zombie processes - BUG/MEDIUM: remove supplementary groups when changing gid - BUG/MEDIUM: config: fix parser crash with bad bind or server address - BUG/MINOR: Correct logic in cut_crlf() - CLEANUP: checks: Make desc argument to set_server_check_status const - CLEANUP: dumpstats: Make cli_release_handler() static - MEDIUM: server: Break out set weight processing code - MEDIUM: server: Allow relative weights greater than 100% - MEDIUM: server: Tighten up parsing of weight string - MEDIUM: checks: Add agent health check - BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot - BUG/MINOR: time: frequency counters are not totally accurate - BUG/MINOR: http: don't process abortonclose when request was sent - BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw() - BUG/MEDIUM: checks: ignore late resets after valid responses - DOC: fix bogus recommendation on usage of gpc0 counter - BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request - MINOR: signal: don't block SIGPROF by default - OPTIM: epoll: make use of EPOLLRDHUP - OPTIM: splice: detect shutdowns and avoid splice() == 0 - OPTIM: splice: assume by default that splice is working correctly - BUG/MINOR: log: temporary fix for lost SSL info in some situations - BUG/MEDIUM: peers: only the last peers section was used by tables - BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() - BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser - BUG/MINOR: config: free peer's address when exiting upon parsing error - BUG/MINOR: config: check the proper variable when parsing log minlvl - BUG/MEDIUM: checks: ensure the health_status is always within bounds - BUG/MINOR: cli: show sess should always validate s->listener - BUG/MINOR: log: improper NULL return check on utoa_pad() - CLEANUP: http: remove a useless null check - CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener() - BUG/MEDIUM: signal: signal handler does not properly check for signal bounds - BUG/MEDIUM: tools: off-by-one in quote_arg() - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage - BUG/MINOR: unix: remove the 'level' field from the ux struct - CLEANUP: http: don't try to deinitialize http compression if it fails before init - CLEANUP: config: slowstart is never negative - CLEANUP: config: maxcompcpuusage is never negative - BUG/MEDIUM: log: emit '-' for empty fields again - BUG/MEDIUM: checks: fix a race condition between checks and observe layer7 - BUILD: fix a warning emitted by isblank() on non-c99 compilers - BUILD: improve the makefile's support for libpcre - MEDIUM: halog: add support for counting per source address (-ic) - MEDIUM: tools: make str2sa_range support all address syntaxes - MEDIUM: config: make use of str2sa_range() instead of str2sa() - MEDIUM: config: use str2sa_range() to parse server addresses - MEDIUM: config: use str2sa_range() to parse peers addresses - MINOR: tests: add a config file to ease address parsing tests. - MINOR: ssl: add a global tunable for the max SSL/TLS record size - BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux - BUILD/MINOR: syscall: add definition of NR_accept4 for ARM - MINOR: config: report missing peers section name - BUG/MEDIUM: tools: fix bad character handling in str2sa_range() - BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket - MINOR: tools: prepare str2sa_range() to return an error message - BUG/MEDIUM: checks: don't call connect() on unsupported address families - MINOR: tools: prepare str2sa_range() to accept a prefix - MEDIUM: tools: make str2sa_range() parse unix addresses too - MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses - MEDIUM: config: use a single str2sa_range() call to parse bind addresses - MEDIUM: config: use str2sa_range() to parse log addresses - CLEANUP: tools: remove str2sun() which is not used anymore. - MEDIUM: config: add complete support for str2sa_range() in dispatch - MEDIUM: config: add complete support for str2sa_range() in server addr - MEDIUM: config: add complete support for str2sa_range() in 'server' - MEDIUM: config: add complete support for str2sa_range() in 'peer' - MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc' - CLEANUP: minor cleanup in str2sa_range() and str2ip() - CLEANUP: config: do not use multiple errmsg at once - MEDIUM: tools: support specifying explicit address families in str2sa_range() - MAJOR: listener: support inheriting a listening fd from the parent - MAJOR: tools: support environment variables in addresses - BUG/MEDIUM: http: add-header should not emit "-" for empty fields - BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong - BUG/MEDIUM: http: fix another issue caused by http-send-name-header - DOC: mention the new HTTP 307 and 308 redirect statues - MEDIUM: poll: do not use FD_* macros anymore - BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE - BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings - BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern - BUILD: fix usual isdigit() warning on solaris - BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris - OPTIM: buffer: remove one jump in buffer_count() - OPTIM: http: improve branching in chunk size parser - OPTIM: http: optimize the response forward state machine - BUILD: enable poll() by default in the makefile - BUILD: add explicit support for Mac OS/X - BUG/MAJOR: http: use a static storage for sample fetch context - BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file() - BUG/MAJOR: http: fix regression introduced by commit |
||
Willy Tarreau
|
a3ecbd9023 |
[RELEASE] Released version 1.5-dev17
Released version 1.5-dev17 with the following main changes :
- MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
- BUG/MEDIUM: stats: fix stats page regression introduced by commit
|
||
Willy Tarreau
|
69eda35acd |
[RELEASE] Released version 1.5-dev16
Released version 1.5-dev16 with the following main changes : - BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections. - BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection. - MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate. - MINOR: contrib: make the iprange tool grep for addresses - CLEANUP: polling: gcc doesn't always optimize constants away - OPTIM: poll: optimize fd management functions for low register count CPUs - CLEANUP: poll: remove a useless double-check on fdtab[fd].owner - OPTIM: epoll: use a temp variable for intermediary flag computations - OPTIM: epoll: current fd does not count as a new one - BUG/MINOR: poll: the I/O handler was called twice for polled I/Os - MINOR: http: make resp_ver and status ACLs check for the presence of a response - BUG/MEDIUM: stream-interface: fix possible stalls during transfers - BUG/MINOR: stream_interface: don't return when the fd is already set - BUG/MEDIUM: connection: always update connection flags prior to computing polling - CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0 - BUG/MAJOR: stream_interface: fix occasional data transfer freezes - BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up - BUG/MINOR: http: don't abort client connection on premature responses - BUILD: no need to clean up when making git-tar - MINOR: log: add a tag for amount of bytes uploaded from client to server - BUG/MEDIUM: log: fix possible segfault during config parsing - MEDIUM: log: change a few log tokens to make them easier to remember - BUG/MINOR: log: add_to_logformat_list() used the wrong constants - MEDIUM: log-format: make the format parser more robust and more extensible - MINOR: sample: support cast from bool to string - MINOR: samples: add a function to fetch and convert any sample to a string - MINOR: log: add lf_text_len - MEDIUM: log: add the ability to include samples in logs - REORG: stats: massive code reorg and cleanup - REORG: stats: move the HTTP header injection to proto_http - REORG: stats: functions are now HTTP/CLI agnostic - BUG/MINOR: log: fix regression introduced by commit 8a3f52 - MINOR: chunks: centralize the trash chunk allocation - MEDIUM: stats: use hover boxes instead of title to report details - MEDIUM: stats: use multi-line tips to display detailed counters - MINOR: tools: simplify the use of the int to ascii macros - MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML - MINOR: http: prepare to support more http-request actions - MINOR: log: make parse_logformat_string() take a const char * - MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers |
||
Willy Tarreau
|
0cae4b3218 |
[RELEASE] Released version 1.5-dev15
Released version 1.5-dev15 with the following main changes : - DOC: add a few precisions on compression - BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert. - BUG/MINOR: ssl: One free session in cache remains unused. - BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err - MEDIUM: ssl: manage shared cache by blocks for huge sessions. - MINOR: acl: add fetch for server session rate - BUG/MINOR: compression: Content-Type is case insensitive - MINOR: compression: disable on multipart or status != 200 - BUG/MINOR: http: don't report client aborts as server errors - MINOR: stats: compute the ratio of compressed response based on 2xx responses - MINOR: http: factor out the content-type checks - BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios - BUILD: ssl: OpenSSL 0.9.6 has no renegociation - BUG/MINOR: http: disable compression when message has no body - MINOR: compression: make the stats a bit more robust - BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes - MINOR: connection: don't remove failed handshake flags - MEDIUM: connection: add an error code in connections - MEDIUM: connection: add minimal error reporting in logs for incomplete connections - MEDIUM: connection: add error reporting for the PROXY protocol header - MEDIUM: connection: add error reporting for the SSL - DOC: document the connection error format in logs - BUG/MINOR: http: don't log a 503 on client errors while waiting for requests - BUILD: stdbool is not portable - BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead - BUG/MAJOR: raw_sock: must check error code on hangup - BUG/MAJOR: polling: do not set speculative events on ERR nor HUP - BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled - MINOR: stats: add a few more information on session dump - BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections - CLEANUP: connection: remove unused server/proxy/task/si_applet declarations - BUG/MEDIUM: tcp: process could theorically crash on lack of source ports - MINOR: cfgparse: mention "interface" in the list of allowed "source" options - MEDIUM: connection: introduce "struct conn_src" for servers and proxies - CLEANUP: proto_tcp: use the same code to bind servers and backends - CLEANUP: backend: use the same tproxy address selection code for servers and backends - BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13 - MEDIUM: proto_tcp: add support for tracking L7 information - MEDIUM: counters: add sc1_trackers/sc2_trackers - MINOR: http: add the "base32" pattern fetch function - MINOR: http: add the "base32+src" fetch method. - CLEANUP: session: use an array for the stick counters - BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2 - BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2 - BUG/MAJOR: connection: always recompute polling status upon I/O - BUG/MINOR: connection: remove a few synchronous calls to polling updates - MINOR: config: improve error checking on TCP stick-table tracking - DOC: add some clarifications to the readme |
||
Willy Tarreau
|
fee48ce452 |
[RELEASE] Released version 1.5-dev14
Released version 1.5-dev14 with the following main changes : - DOC: fix minor typos - BUG/MEDIUM: compression: does not forward trailers - MINOR: buffer_dump with ASCII - BUG/MEDIUM: checks: mark the check as stopped after a connect error - BUG/MEDIUM: checks: ensure we completely disable polling upon success - BUG/MINOR: checks: don't mark the FD as closed before transport close - MEDIUM: checks: avoid accumulating TIME_WAITs during checks - MINOR: cli: report the msg state in full text in "show sess $PTR" - CLEANUP: checks: rename some server check flags - MAJOR: checks: rework completely bogus state machine - BUG/MINOR: checks: slightly clean the state machine up - MEDIUM: checks: avoid waking the application up for pure TCP checks - MEDIUM: checks: close the socket as soon as we have a response - BUG/MAJOR: checks: close FD on all timeouts - MINOR: checks: fix recv polling after connect() - MEDIUM: connection: provide a common conn_full_close() function - BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts - BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops - MINOR: listeners: make the accept loop more robust when maxaccept==0 - BUG/MEDIUM: acl: correctly resolve all args, not just the first one - BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit - BUG/MINOR: stats: fix inversion of the report of a check in progress - MEDIUM: tcp: add explicit support for delayed ACK in connect() - BUG/MEDIUM: connection: always disable polling upon error - MINOR: connection: abort earlier when errors are detected - BUG/MEDIUM: checks: report handshake failures - BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish - MINOR: tcp: add support for the "v6only" bind option - MINOR: stats: also report the computed compression savings in html stats - MINOR: stats: report the total number of compressed responses per front/back - MINOR: tcp: add support for the "v4v6" bind option - DOC: stats: document the comp_rsp stats column - BUILD: buffer: fix another isprint() warning on solaris - MINOR: cli: add support for the "show sess all" command - BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list - MINOR: cli: improve output format for show sess $ptr |
||
Willy Tarreau
|
ad15d127a7 |
[RELEASE] Released version 1.5-dev13
Released version 1.5-dev13 with the following main changes : - BUILD: fix build issue without USE_OPENSSL - BUILD: fix compilation error with DEBUG_FULL - DOC: ssl: remove prefer-server-ciphers documentation - DOC: ssl: surround keywords with quotes - DOC: fix minor typo on http-send-name-header - BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs - BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl - MEDIUM: http: accept IPv6 values with (s)hdr_ip acl - BUILD: report zlib support in haproxy -vv - DOC: compression: add some details and clean up the formatting - DOC: Change is_ssl acl to ssl_fc acl in example - DOC: make it clear what the HTTP request size is - MINOR: ssl: try to load Diffie-Hellman parameters from cert file - DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading - MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation - DOC: ssl: add 'ecdhe' statement on 'bind' - MEDIUM: ssl: add client certificate authentication support - DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind' - MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present - DOC: ssl: add fetch and ACL 'client_cert' - MINOR: ssl: add ignore verify errors options - DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind' - MINOR: ssl: add fetch and ACL 'ssl_verify_result' - DOC: ssl: add fetch and ACL 'ssl_verify_result' - MINOR: ssl: add fetches and ACLs to return verify errors - DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth' - MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1 - MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory - MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. - DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. - MEDIUM: config: authorize frontend and listen without bind. - MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption - DOC: ssl: add 'no-tls-tickets' statement documentation. - BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified. - BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature. - BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL. - BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686. - MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners. - BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes - MINOR: ssl: add 'crt-base' and 'ca-base' global statements. - MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'. - MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file' - MINOR: ssl: use bit fields to store ssl options instead of one int each - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind. - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server - MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS. - BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3' - MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c - MEDIUM: ssl: reject ssl server keywords in default-server statement - MINOR: ssl: add statement 'no-tls-tickets' on server side. - MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers. - DOC: Fix rename of options cafile and crlfile to ca-file and crl-file. - MINOR: sample: manage binary to string type convertion in stick-table and samples. - MINOR: acl: add parse and match primitives to use binary type on ACLs - MINOR: sample: export 'sample_get_trash_chunk(void)' - MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c' - MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize' - MINOR: ssl: add pattern fetch 'ssl_fc_session_id' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn' - MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter' - MINOR: ssl: add 'crt' statement on server. - MINOR: ssl: checks the consistency of a private key with the corresponding certificate - BUG/MEDIUM: ssl: review polling on reneg. - BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled. - BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server. - MINOR: build: allow packagers to specify the ssl cache size - MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind. - MINOR: ssl: Add tune.ssl.lifetime statement in global. - MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8 - BUG: http: revert broken optimisation from |
||
Willy Tarreau
|
16216828fc |
[RELEASE] Released version 1.5-dev12
Released version 1.5-dev12 with the following main changes :
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
- MEDIUM: ssl: add support for prefer-server-ciphers option
- MINOR: IPv6 support for transparent proxy
- MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined
- MINOR: server: add SSL context to servers if USE_OPENSSL is defined
- MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS).
- MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer
- MEDIUM: config: add the 'ssl' keyword on 'bind' lines
- MEDIUM: config: add support for the 'ssl' option on 'server' lines
- MEDIUM: ssl: protect against client-initiated renegociation
- BUILD: add optional support for SSL via the USE_OPENSSL flag
- MEDIUM: ssl: add shared memory session cache implementation.
- MEDIUM: ssl: replace OpenSSL's session cache with the shared cache
- MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.
- MEDIUM: ssl: add support for SNI and wildcard certificates
- DOC: Typos cleanup
- DOC: fix name for "option independant-streams"
- DOC: specify the default value for maxconn in the context of a proxy
- BUG/MINOR: to_log erased with unique-id-format
- LICENSE: add licence exception for OpenSSL
- BUG/MAJOR: cookie prefix doesn't support cookie-less servers
- BUILD: add an AIX 5.2 (and later) target.
- MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection
- MINOR: halog: use the more recent dual-mode fgets2 implementation
- BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches
- CLEANUP: halog: make clean should also remove .o files
- OPTIM: halog: make use of memchr() on platforms which provide a fast one
- OPTIM: halog: improve cold-cache behaviour when loading a file
- BUG/MINOR: ACL implicit arguments must be created with unresolved flag
- MINOR: replace acl_fetch_{path,url}* with smp_fetch_*
- MEDIUM: pattern: add the "base" sample fetch method
- OPTIM: i386: make use of kernel-mode-linux when available
- BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
- BUG/MINOR: polling: some events were not set in various pollers
- MINOR: http: add the urlp_val ACL match
- BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families
- MINOR: stats/cli: add plans to support more stick-table actions
- MEDIUM: stats/cli: add support for "set table key" to enter values
- REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab
- REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll
- REORG/MEDIUM: fd: get rid of FD_STLISTEN
- REORG/MINOR: connection: move declaration to its own include file
- REORG/MINOR: checks: put a struct connection into the server
- MINOR: connection: add flags to the connection struct
- MAJOR: get rid of fdtab[].state and use connection->flags instead
- MINOR: fd: add a new I/O handler to fdtab
- MEDIUM: polling: prepare to call the iocb() function when defined.
- MEDIUM: checks: make use of fdtab->iocb instead of cb[]
- MEDIUM: protocols: use the generic I/O callback for accept callbacks
- MINOR: connection: add a handler for fd-based connections
- MAJOR: connection: replace direct I/O callbacks with the connection callback
- MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore
- MEDIUM: connection: remove the FD_POLL_* flags only once
- MEDIUM: connection: extract the send_proxy callback from proto_tcp
- MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes
- CLEANUP: remove the now unused fdtab direct I/O callbacks
- MAJOR: remove the stream interface and task management code from sock_*
- MEDIUM: stream_interface: pass connection instead of fd in sock_ops
- MEDIUM: stream_interface: centralize the SI_FL_ERR management
- MAJOR: connection: add a new CO_FL_CONNECTED flag
- MINOR: rearrange tcp_connect_probe() and fix wrong return codes
- MAJOR: connection: call data layer handshakes from the handler
- MEDIUM: fd: remove the EV_FD_COND_* primitives
- MINOR: sock_raw: move calls to si_data_close upper
- REORG: connection: replace si_data_close() with conn_data_close()
- MEDIUM: sock_raw: introduce a read0 callback that is different from shutr
- MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer
- MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls
- MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required
- MEDIUM: connection: add definitions for dual polling mechanisms
- MEDIUM: connection: make use of the new polling functions
- MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers
- MEDIUM: checks: don't use FD_WAIT_* anymore
- MINOR: fd: get rid of FD_WAIT_*
- MEDIUM: stream_interface: offer a generic function for connection updates
- MEDIUM: stream-interface: offer a generic chk_rcv function for connections
- MEDIUM: stream-interface: add a snd_buf() callback to sock_ops
- MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function
- MEDIUM: stream-interface: provide a generic si_conn_send_cb callback
- MEDIUM: stream-interface: provide a generic stream_sock_read0() function
- REORG/MAJOR: use "struct channel" instead of "struct buffer"
- REORG/MAJOR: extract "struct buffer" from "struct channel"
- MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions
- REORG: sock_raw: rename the files raw_sock*
- MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read()
- MAJOR: raw_sock: temporarily disable splicing
- MINOR: stream-interface: add an rcv_buf callback to sock_ops
- REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb()
- MAJOR: connection: split the send call into connection and stream interface
- MAJOR: stream-interface: restore splicing mechanism
- MAJOR: stream-interface: make conn_notify_si() more robust
- MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy()
- MAJOR: stream-interface: don't commit polling changes in every callback
- MAJOR: stream-interface: fix splice not to call chk_snd by itself
- MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress
- CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops
- REORG: buffers: split buffers into chunk,buffer,channel
- MAJOR: channel: remove the BF_OUT_EMPTY flag
- REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h
- MINOR: channel: rename bi_full to channel_full as it checks the whole channel
- MINOR: buffer: provide a new buffer_full() function
- MAJOR: channel: stop relying on BF_FULL to take action
- MAJOR: channel: remove the BF_FULL flag
- REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h}
- CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_
- CLEANUP: channel: use "channel" instead of "buffer" in function names
- REORG: connection: move the target pointer from si to connection
- MAJOR: connection: move the addr field from the stream_interface
- MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags
- MEDIUM: proto_tcp: remove any dependence on stream_interface
- MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key
- MEDIUM: connection: add an ->init function to data layer
- MAJOR: session: introduce embryonic sessions
- MAJOR: connection: make the PROXY decoder a handshake handler
- CLEANUP: frontend: remove the old proxy protocol decoder
- MAJOR: connection: rearrange the polling flags.
- MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet
- MEDIUM: connection: complete the polling cleanups
- MEDIUM: connection: avoid calling handshakes when polling is required
- MAJOR: stream_interface: continue to update data polling flags during handshakes
- CLEANUP: fd: remove fdtab->flags
- CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest
- CLEANUP: includes: fix includes for a number of users of fd.h
- MINOR: ssl: disable TCP quick-ack by default on SSL listeners
- MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites
- MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines
- BUG: ssl: mark the connection as waiting for an SSL connection during the handshake
- BUILD: http: rename error_message http_error_message to fix conflicts on RHEL
- BUILD: ssl: fix shctx build on RHEL with futex
- BUILD: include sys/socket.h to fix build failure on FreeBSD
- BUILD: fix build error without SSL (ssl_cert)
- BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS
- BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1
- MEDIUM: config: support per-listener backlog and maxconn
- MINOR: session: do not send an HTTP/500 error on SSL sockets
- MEDIUM: config: implement maxsslconn in the global section
- BUG: tcp: close socket fd upon connect error
- MEDIUM: connection: improve error handling around the data layer
- MINOR: config: make the tasks "nice" value configurable on "bind" lines.
- BUILD: shut a gcc warning introduced by commit
|
||
Willy Tarreau
|
02c7c14ae7 |
[RELEASE] Released version 1.5-dev11
Released version 1.5-dev11 with the following main changes :
- BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations
- BUG/MAJOR: trash must always be the size of a buffer
- DOC: fix minor regex example issue and improve doc on stats
- MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT
- MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct
- MINOR: checks: add on-marked-up option
- MINOR: balance uri: added 'whole' parameter to include query string in hash calculation
- MEDIUM: stream_interface: remove the si->init
- MINOR: buffers: add a rewind function
- BUG/MAJOR: fix regression on content-based hashing and http-send-name-header
- MAJOR: http: stop using msg->sol outside the parsers
- CLEANUP: http: make it more obvious that msg->som is always null outside of chunks
- MEDIUM: http: get rid of msg->som which is not used anymore
- MEDIUM: http: msg->sov and msg->sol will never wrap
- BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
- BUG/MINOR: stop connect timeout when connect succeeds
- REORG: move the send-proxy code to tcp_connect_write()
- REORG/MINOR: session: detect the TCP monitor checks at the protocol accept
- MINOR: stream_interface: introduce a new "struct connection" type
- REORG/MINOR: stream_interface: move si->fd to struct connection
- REORG/MEDIUM: stream_interface: move applet->state and private to connection
- MINOR: stream_interface: add a data channel close function
- MEDIUM: stream_interface: call si_data_close() before releasing the si
- MINOR: peers: use the socket layer operations from the peer instead of sock_raw
- BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect
- MINOR: add a new function call tracer for debugging purposes
- BUG/MINOR: perform_http_redirect also needs to rewind the buffer
- BUG/MAJOR: b_rew() must pass a signed offset to b_ptr()
- BUG/MEDIUM: register peer sync handler in the proper order
- BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer
- BUG/MINOR: fix option httplog validation with TCP frontends
- BUG/MINOR: log: don't report logformat errors in backends
- REORG/MINOR: use dedicated proxy flags for the cookie handling
- BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http
- MINOR: http: add support for "httponly" and "secure" cookie attributes
- BUG/MEDIUM: ensure that unresolved arguments are freed exactly once
- BUG/MINOR: commit
|
||
Willy Tarreau
|
ffb8947bb8 |
[RELEASE] Released version 1.5-dev10
Released version 1.5-dev10 with the following main changes : - BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally - BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist - CLEANUP: auth: make the code build again with DEBUG_AUTH - BUG/MEDIUM: config: don't crash at config load time on invalid userlist names - REORG: use the name sock_raw instead of stream_sock - MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT - BUG/MEDIUM: stream_interface: restore get_src/get_dst - CLEANUP: sock_raw: remove last references to stream_sock - CLEANUP: stream_interface: stop exporting socket layer functions - MINOR: stream_interface: add an init callback to sock_ops - MEDIUM: stream_interface: derive the socket operations from the target - MAJOR: fd: remove the need for the socket layer to recheck the connection - MINOR: session: call the socket layer init function when a session establishes - MEDIUM: session: add support for tunnel timeouts - MINOR: standard: add a new debug macro : fddebug() - CLEANUP: fd: remove unused cb->b pointers in the struct fdtab - OPTIM: proto_http: don't enable quick-ack on empty buffers - OPTIM/MAJOR: ev_sepoll: process spec events after polled events - OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag |
||
Willy Tarreau
|
a0564f3541 |
[RELEASE] Released version 1.5-dev9
Released version 1.5-dev9 with the following main changes : - MINOR: Add release callback to si_applet - CLEANUP: Fix some minor typos - MINOR: Add TO/FROM_SET flags to struct stream_interface - CLEANUP: Fix some minor whitespace issues - MINOR: stats admin: allow unordered parameters in POST requests - CLEANUP: fix typo in findserver() log message - MINOR: stats admin: use the backend id instead of its name in the form - MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes - DOC: cleanup indentation, alignment, columns and chapters - DOC: fix some keywords arguments documentation - MINOR: cli: display the 4 IP addresses and ports on "show sess XXX" - BUG/MAJOR: log: possible segfault with logformat - MEDIUM: log: split of log_format generation - MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid - MEDIUM: log: Unique ID - MINOR: log: log-format: usable without httplog and tcplog - BUG/MEDIUM: balance source did not properly hash IPv6 addresses - MINOR: contrib/iprange: add a network IP range to mask converter - MEDIUM: session: implement the "use-server" directive - MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used - MEDIUM: http: make extract_cookie_value() iterate over cookie values - MEDIUM: http: add cookie and scookie ACLs - CLEANUP: lb_first: add reference to a paper describing the original idea - MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET - BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present - BUILD: http: make extract_cookie_value() return an int not size_t - BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values - CLEANUP: http: message parser must ignore HTTP_MSG_ERROR - MINOR: standard: add a memprintf() function to build formatted error messages - CLEANUP: remove a few warning about unchecked return values in debug code - MEDIUM: move message-related flags from transaction to message - DOC: add a diagram to explain how circular buffers work - MAJOR: buffer rework: replace ->send_max with ->o - MAJOR: buffer: replace buf->l with buf->{o+i} - MINOR: buffers: provide simple pointer normalization functions - MINOR: buffers: remove unused function buffer_contig_data() - MAJOR: buffers: replace buf->w with buf->p - buf->o - MAJOR: buffers: replace buf->r with buf->p + buf->i - MAJOR: http: move buffer->lr to http_msg->next - MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin - CLEANUP: http: remove unused http_msg->col - MAJOR: http: turn http_msg->eol to a buffer-relative offset - MEDIUM: http: add a pointer to the buffer in http_msg - MAJOR: http: make http_msg->sol relative to buffer's origin - MEDIUM: http: http_send_name_header: remove references to msg and buffer - MEDIUM: http: remove buffer arg in a few header manipulation functions - MEDIUM: http: remove buffer arg in http_capture_bad_message - MEDIUM: http: remove buffer arg in http_msg_analyzer - MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10 - MEDIUM: http: remove buffer arg in http_buffer_heavy_realign - MEDIUM: http: remove buffer arg in chunk parsing functions - MINOR: http: remove useless wrapping checks in http_msg_analyzer - MEDIUM: buffers: fix unsafe use of buffer_ignore at some places - MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls - MEDIUM: buffers: implement b_adv() to advance a buffer's pointer - MEDIUM: buffers: rename a number of buffer management functions - MEDIUM: http: add a prefetch function for ACL pattern fetch - MEDIUM: http: make all ACL fetch function use acl_prefetch_http() - BUG/MINOR: http_auth: ACLs are volatile, not permanent - MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies - MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr() - MEDIUM: add a new typed argument list parsing framework - MAJOR: acl: make use of the new argument parsing framework - MAJOR: acl: store the ACL argument types in the ACL keyword declaration - MEDIUM: acl: acl_find_target() now resolves arguments based on their types - MAJOR: acl: make acl_find_targets also resolve proxy names at config time - MAJOR: acl: ensure that implicit table and proxies are valid - MEDIUM: acl: remove unused tests for missing args when args are mandatory - MEDIUM: pattern: replace type pattern_arg with type arg - MEDIUM: pattern: get rid of arg_i in all functions making use of arguments - MEDIUM: pattern: use the standard arg parser - MEDIUM: pattern: add an argument validation callback to pattern descriptors - MEDIUM: pattern: report the precise argument parsing error when known. - MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag - MINOR: pattern: add a new 'sample' type to store fetched data - MEDIUM: pattern: add new sample types to replace pattern types - MAJOR: acl: make use of the new sample struct and get rid of acl_test - MEDIUM: pattern/acl: get rid of temp_pattern in ACLs - MEDIUM: acl: get rid of the SET_RES flags - MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE - MINOR: pattern: replace struct pattern with struct sample - MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere - MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description - MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down - MEDIUM: acl: replace acl_expr with args in acl fetch_* functions - MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie - MEDIUM: acl/pattern: use the same direction scheme - MEDIUM: acl/pattern: start merging common sample fetch functions - MEDIUM: pattern: ensure that sample types always cast into other types. - MEDIUM: acl/pattern: factor out the src/dst address fetches - MEDIUM: acl: implement payload and payload_lv - CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer - MINOR: stick_table: centralize the handling of empty keys - MINOR: pattern: centralize handling of unstable data in pattern_process() - MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version - MINOR: acl: set SMP_OPT_ITERATE on fetch functions - MINOR: acl: add a val_args field to keywords - MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs - MEDIUM: http: merge acl and pattern header fetch functions - MEDIUM: http: merge ACL and pattern cookie fetches into a single one - MEDIUM: acl: report parsing errors to the caller - MINOR: arg: improve error reporting on invalid arguments - MINOR: acl: report errors encountered when loading patterns from files - MEDIUM: acl: extend the pattern parsers to report meaningful errors - REORG: use the name "sample" instead of "pattern" to designate extracted data - REORG: rename "pattern" files - MINOR: acl: add types to ACL patterns - MINOR: standard: add an IPv6 parsing function (str62net) - MEDIUM: acl: support IPv6 address matching - REORG: stream_interface: create a struct sock_ops to hold socket operations - REORG/MEDIUM: move protocol->{read,write} to sock_ops - REORG/MEDIUM: stream_interface: initialize socket ops from descriptors - REORG/MEDIUM: replace stream interface protocol functions by a proto pointer - REORG/MEDIUM: move the default accept function from sockstream to protocols.c - MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods - BUG/MINOR: http: error snapshots are wrong if buffer wraps - BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p - MEDIUM: http: improve error capture reports - MINOR: acl: add the cook_val() match to match a cookie against an integer - BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs - MEDIUM: memory: add the ability to poison memory at run time - BUG/MEDIUM: log: ensure that unique_id is properly initialized - MINOR: cfgparse: use a common errmsg pointer for all parsers - MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors - MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords - MINOR: http: replace http_message_realign() with buffer_slow_realign() |
||
Willy Tarreau
|
9eeb57bd7f |
[RELEASE] Released version 1.5-dev8
Released version 1.5-dev8 with the following main changes : - MINOR: patch for minor typo (ressources/resources) - MEDIUM: http: add support for sending the server's name in the outgoing request - DOC: mention that default checks are TCP connections - BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified - CLEANUP: Make check_statuses, analyze_statuses and process_chk static - CLEANUP: Fix HCHK spelling errors - BUG/MINOR: fix typo in processing of http-send-name-header - MEDIUM: log: Use linked lists for loggers - BUILD: fix declaration inside a scope block - REORG: log: split send_log function - MINOR: config: Parse the string of the log-format config keyword - MINOR: add ultoa, ulltoa, ltoa, lltoa implementations - MINOR: Date and time fonctions that don't use snprintf - MEDIUM: log: make http_sess_log use log_format - DOC: log-format documentation - MEDIUM: log: use log_format for mode tcplog - MEDIUM: log-format: backend source address %Bi %Bp - BUG/MINOR: log-format: fix %o flag - BUG/MEDIUM: bad length in log_format and __send_log - MINOR: logformat %st is signed - BUILD/MINOR: fix the source URL in the spec file - DOC: acl is http_first_req, not http_req_first - BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces - MINOR: acl: add new matches for header/path/url length - BUILD: halog: make halog build on solaris - BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports - MINOR: remove the client/server side distinction in SI addresses - MINOR: halog: add support for matching queued requests - DOC: indicate that cookie "prefix" and "indirect" should not be mixed - OPTIM/MINOR: move struct sockaddr_storage to the tail of structs - OPTIM/MINOR: make it possible to change pipe size (tune.pipesize) - BUILD/MINOR: silent a build warning in src/pipe.c (fcntl) - OPTIM/MINOR: move the hdr_idx pools out of the proxy struct - MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers - BUG/MINOR: fix a segfault when parsing a config with undeclared peers - CLEANUP: rename possibly confusing struct field "tracked" - BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use - MINOR: config: tolerate server "cookie" setting in non-HTTP mode - MEDIUM: buffers: add some new primitives and rework existing ones - BUG: buffers: don't return a negative value on buffer_total_space_res() - MINOR: buffers: make buffer_pointer() support negative pointers too - CLEANUP: kill buffer_replace() and use an inline instead - BUG: tcp: option nolinger does not work on backends - CLEANUP: ebtree: remove a few annoying signedness warnings - CLEANUP: ebtree: clarify licence and update to 6.0.6 - CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code - CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code - BUG: ebtree: ebst_lookup() could return the wrong entry - OPTIM: stream_sock: reduce the amount of in-flight spliced data - OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN - MINOR: acl: add support for TLS server name matching using SNI - BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests - BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown - MINOR: pattern: export the global temporary pattern - CLEANUP: patterns: get rid of pattern_data_setstring() - MEDIUM: acl: use temp_pattern to store fetched information in the "method" match - MINOR: acl: include pattern.h to make pattern migration more transparent - MEDIUM: pattern: change the pattern data integer from unsigned to signed - MEDIUM: acl: use temp_pattern to store any integer-type information - MEDIUM: acl: use temp_pattern to store any address-type information - CLEANUP: acl: integer part of acl_test is not used anymore - MEDIUM: acl: use temp_pattern to store any string-type information - CLEANUP: acl: remove last data fields from the acl_test struct - MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr() - MEDIUM: patterns: the hdr() pattern is now of type string - DOC: add minimal documentation on how ACLs work internally - DOC: add a coding-style file - OPTIM: halog: keep a fast path for the lines-count only - CLEANUP: silence a warning when building on sparc - BUG: http: tighten the list of allowed characters in a URI - MEDIUM: http: block non-ASCII characters in URIs by default - DOC: add some documentation from RFC3986 about URI format - BUG/MINOR: cli: correctly remove the whole table on "clear table" - BUG/MEDIUM: correctly disable servers tracking another disabled servers. - BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend - MINOR: halog: add some help on the command line - BUILD: fix build error on FreeBSD - BUG: fix double free in peers config error path - MEDIUM: improve config check return codes - BUILD: make it possible to look for pcre in the default system paths - MINOR: config: emit a warning when 'default_backend' masks servers - MINOR: backend: rework the LC definition to support other connection-based algos - MEDIUM: backend: add the 'first' balancing algorithm - BUG: fix httplog trailing LF - MEDIUM: increase chunk-size limit to 2GB-1 - BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions - BUG: http: disable TCP delayed ACKs when forwarding content-length data - BUG: checks: fix server maintenance exit sequence - BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes - DOC: enumerate valid status codes for "observe layer7" - MINOR: buffer: switch a number of buffer args to const - CLEANUP: silence signedness warning in acl.c - BUG: stream_sock: si->release was not called upon shutw() - MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie - BUG/CRITICAL: log: fix risk of crash in development snapshot - BUG/MAJOR: possible crash when using capture headers on TCP frontends - MINOR: config: disable header captures in TCP mode and complain |
||
Willy Tarreau
|
60612ebbbf |
[RELEASE] Released version 1.5-dev7
Released version 1.5-dev7 with the following main changes : - [BUG] fix binary stick-tables - [MINOR] http: *_dom matching header functions now also split on ":" - [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check - [MINOR] acl: add srv_conn acl to count connections on a specific backend server - [MINOR] check: add redis check support - [DOC] small fixes to clearly distinguish between keyword and variables - [MINOR] halog: add support for termination code matching (-tcn/-TCN) - [DOC] Minor spelling fixes and grammatical enhancements - [CLEANUP] dumpstats: make symbols static where possible - [MINOR] Break out dumping table - [MINOR] Break out processing of clear table - [MINOR] Allow listing of stick table by key - [MINOR] Break out all stick table socat command parsing - [MINOR] More flexible clearing of stick table - [MINOR] Allow showing and clearing by key of ipv6 stick tables - [MINOR] Allow showing and clearing by key of integer stick tables - [MINOR] Allow showing and clearing by key of string stick tables - [CLEANUP] Remove assigned but unused variables - [CLEANUP] peers.h: fix declarations - [CLEANUP] session.c: Make functions static where possible - [MINOR] Add active connection list to server - [MINOR] Allow shutdown of sessions when a server becomes unavailable - [MINOR] Add down termination condition - [MINOR] Make appsess{,ion}_refresh static - [MINOR] Add rdp_cookie pattern fetch function - [CLEANUP] Remove unnecessary casts - [MINOR] Add non-stick server option - [MINOR] Consistently use error in tcp_parse_tcp_req() - [MINOR] Consistently free expr on error in cfg_parse_listen() - [MINOR] Free rdp_cookie_name on denint() - [MINOR] Free tcp rules on denint() - [MINOR] Free stick table pool on denint() - [MINOR] Free stick rules on denint() - [MEDIUM] Fix stick-table replication on soft-restart - [MEDIUM] Correct ipmask() logic - [MINOR] Correct type in table dump examples - [MINOR] Fix build error in stream_int_register_handler() - [MINOR] Use DPRINTF in assign_server() - [BUG] checks: http-check expect could fail a check on multi-packet responses - [DOC] fix minor typo in the "dispatch" doc - [BUG] proto_tcp: fix address binding on remote source - [MINOR] http: don't report the "haproxy" word on the monitoring response - [REORG] http: move HTTP error codes back to proto_http.h - [MINOR] http: make the "HTTP 200" status code configurable. - [MINOR] http: partially revert the chunking optimization for now - [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer - [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test - [MEDIUM] http: add support for "http-no-delay" - [OPTIM] http: optimize chunking again in non-interactive mode - [OPTIM] stream_sock: avoid fast-forwarding of partial data - [OPTIM] stream_sock: don't use splice on too small payloads - [MINOR] config: make it possible to specify a cookie even without a server - [BUG] stats: support url-encoded forms - [MINOR] config: automatically compute a default fullconn value - [CLEANUP] config: remove some left-over printf debugging code from previous patch - [DOC] add missing entry or stick store-response - [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns - [BUG] halog: correctly handle truncated last line - [MINOR] halog: make SKIP_CHAR stop on field delimiters - [MINOR] halog: add support for HTTP log matching (-H) - [MINOR] halog: gain back performance before SKIP_CHAR fix - [OPTIM] halog: cache some common fields positions - [OPTIM] halog: check once for correct line format and reuse the pointer - [OPTIM] halog: remove many 'if' by using a function pointer for the filters - [OPTIM] halog: remove support for tab delimiters in input data - [BUG] session: risk of crash on out of memory (1.5-dev regression) - [MINOR] session: try to emit a 500 response on memory allocation errors - [OPTIM] stream_sock: reduce the default number of accepted connections at once - [BUG] stream_sock: disable listener when system resources are exhausted - [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c - [BUG] stream_sock: ensure orphan listeners don't accept too many connections - [MINOR] listeners: add listen_full() to mark a listener full - [MINOR] listeners: add support for queueing resource limited listeners - [MEDIUM] listeners: put listeners in queue upon resource shortage - [MEDIUM] listeners: queue proxy-bound listeners at the proxy's - [MEDIUM] listeners: don't stop proxies when global maxconn is reached - [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies - [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN) - [MINOR] stats: report a "WAITING" state for sockets waiting for resource - [MINOR] proxy: make session rate-limit more accurate - [MINOR] sessions: only wake waiting listeners up if rate limit is OK - [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies - [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop - [MINOR] task: new function task_schedule() to schedule a wake up - [MAJOR] proxy: finally get rid of maintain_proxies() - [BUG] proxy: stats frontend and peers were missing many initializers - [MEDIUM] listeners: add a global listener management task - [MINOR] proxy: make findproxy() return proxies from numeric IDs too - [DOC] fix typos, "#" is a sharp, not a dash - [MEDIUM] stats: add support for changing frontend's maxconn at runtime - [MEDIUM] checks: group health checks methods by values and save option bits - [MINOR] session-counters: add the ability to clear the counters - [BUG] check: http-check expect + regex would crash in defaults section - [MEDIUM] http: make x-forwarded-for addition conditional - [REORG] build: move syscall redefinition to specific places - [CLEANUP] update the year in the copyright banner - [BUG] possible crash in 'show table' on stats socket - [BUG] checks: use the correct destination port for sending checks - [BUG] backend: risk of picking a wrong port when mapping is used with crossed families - [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches - [DOC] fixed a few "sensible" -> "sensitive" errors - [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() - [BUG] http: trailing white spaces must also be trimmed after headers - [MINOR] stats: display "<NONE>" instead of the frontend name when unknown - [MINOR] http: take a capture of too large requests and responses - [MINOR] http: take a capture of truncated responses - [MINOR] http: take a capture of bad content-lengths. - [DOC] add a few old and uncommitted docs - [CLEANUP] cfgparse: fix reported options for the "bind" keyword - [MINOR] halog: add -hs/-HS to filter by HTTP status code range - [MINOR] halog: support backslash-escaped quotes - [CLEANUP] remove dirty left-over of a debugging message - [MEDIUM] stats: disable complex socket reservation for stats socket - [CLEANUP] remove a useless test in manage_global_listener_queue() - [MEDIUM] stats: add the "set maxconn" setting to the command line interface - [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate. - [MINOR] stats: report the current and max global connection rates - [MEDIUM] stats: add the ability to adjust the global maxconnrate - [BUG] peers: don't pre-allocate 65000 connections to each peer - [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate - [BUG] peers: the peer frontend must not emit any log - [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs - [BUG] peers: don't keep a peers section which has a NULL frontend - [BUG] peers: ensure the peers are resumed if they were paused - [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime - [MEDIUM] session: make session_shutdown() an independant function - [MEDIUM] stats: offer the possibility to kill a session from the CLI - [CLEANUP] stats: centralize tests for backend/server inputs on the CLI - [MEDIUM] stats: offer the possibility to kill sessions by server - [MINOR] halog: do not consider byte 0x8A as end of line - [MINOR] frontend: ensure debug message length is always initialized - [OPTIM] halog: make fgets parse more bytes by blocks - [OPTIM] halog: add assembly version of the field lookup code - [MEDIUM] poll: add a measurement of idle vs work time - [CLEANUP] startup: report only the basename in the usage message - [MINOR] startup: add an option to change to a new directory - [OPTIM] task: don't scan the run queue if we know it's empty - [BUILD] stats: stdint is not present on solaris - [DOC] update the README file to reflect new naming rules for patches - [MINOR] stats: report the number of requests intercepted by the frontend - [DOC] update ROADMAP file |
||
Willy Tarreau
|
04df1125cf |
[RELEASE] Released version 1.5-dev6
Released version 1.5-dev6 with the following main changes : - [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage - [BUG] TCP source tracking was broken with IPv6 changes - [BUG] stick-tables did not work when converting IPv6 to IPv4 - [CRITICAL] fix risk of crash when dealing with space in response cookies |
||
Willy Tarreau
|
b06ed2c6af |
[RELEASE] Released version 1.5-dev5
Released version 1.5-dev5 with the following main changes : - [BUG] standard: is_addr return value for IPv4 was inverted - [MINOR] update comment about IPv6 support for server - [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail - [DOC] update IPv6 support for bind - [DOC] document IPv6 support for server - [DOC] fix a minor typo - [MEDIUM] IPv6 support for syslog - [DOC] document IPv6 support for syslog - [MEDIUM] IPv6 support for stick-tables - [DOC] document IPv6 support for stick-tables - [DOC] update ROADMAP file - [BUG] session: src_conn_cur was returning src_conn_cnt instead - [MINOR] frontend: add a make_proxy_line function - [MEDIUM] stream_sock: add support for sending the proxy protocol header line - [MEDIUM] server: add support for the "send-proxy" option - [DOC] update the spec on the proxy protocol - [BUILD] proto_tcp: fix build issue with CTTPROXY - [DOC] update ROADMAP file - [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses - [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range - [BUILD] add the USE_GETADDRINFO build option - [TESTS] provide a test case for various address formats - [BUG] session: conn_retries was not always initialized - [BUG] log: retrieve the target from the session, not the SI - [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2) - [MINOR] tools: add two macros MID_RANGE and MAX_RANGE - [BUG] http: fix content-length handling on 32-bit platforms - [OPTIM] buffers: uninline buffer_forward() - [BUG] stream_sock: fix handling for server side PROXY protocol - [MINOR] acl: add support for table_cnt and table_avl matches - [DOC] update ROADMAP file |
||
Willy Tarreau
|
e0052ccd27 |
[RELEASE] Released version 1.5-dev4
Released version 1.5-dev4 with the following main changes : - [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation. - [MINOR] unix sockets : inherits the backlog size from the listener - [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener() - [DOC] fix a minor typo - [DOC] fix ignore-persist documentation - [MINOR] add warnings on features not compatible with multi-process mode - [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode - [MINOR] stats: add support for several packets in stats admin - [BUG] stats: admin commands must check the proxy state - [BUG] stats: admin web interface must check the proxy state - [MINOR] http: add pattern extraction method to stick on query string parameter - [MEDIUM] add internal support for IPv6 server addresses - [MINOR] acl: add be_id/srv_id to match backend's and server's id - [MINOR] log: add support for passing the forwarded hostname - [MINOR] log: ability to override the syslog tag - [MINOR] checks: add PostgreSQL health check - [DOC] update ROADMAP file - [BUILD] pattern: use 'int' instead of 'int32_t' - [OPTIM] linux: add support for bypassing libc to force using vsyscalls - [BUG] debug: report the correct poller list in verbose mode - [BUG] capture: do not capture a cookie if there is no memory left - [BUG] appsession: fix possible double free in case of out of memory - [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process - [BUG] http: correctly update the header list when removing two consecutive headers - [BUILD] add the CPU=native and ARCH=32/64 build options - [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4 - [CLEANUP] hash: move the avalanche hash code globally available - [MEDIUM] hash: add support for an 'avalanche' hash-type - [DOC] update roadmap file - [BUG] http: do not re-enable the PROXY analyser on keep-alive - [OPTIM] http: don't send each chunk in a separate packet - [DOC] fix minor typos reported recently in the peers section - [DOC] fix another typo in the doc - [MINOR] stats: report HTTP message state and buffer flags in error dumps - [BUG] http chunking: don't report a parsing error on connection errors - [BUG] stream_interface: truncate buffers when sending error messages - [MINOR] http: support wrapping messages in error captures - [MINOR] http: capture incorrectly chunked message bodies - [MINOR] stats: add global event ID and count - [BUG] http: analyser optimizations broke pipelining - [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets - [BUG] http: fix incorrect error reporting during data transfers - [CRITICAL] session: correctly leave turn-around and queue states on abort - [BUG] session: release slot before processing pending connections - [MINOR] tcp: add support for dynamic MSS setting - [BUG] stick-table: correctly terminate string keys during lookups - [BUG] acl: fix handling of empty lines in pattern files - [BUG] stick-table: use the private buffer when padding strings - [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys - [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop - [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len - [REVERT] undo the stick-table string key lookup fixes - [MINOR] http: improve url_param pattern extraction to ignore empty values - [BUILD] frontend: shut a warning with TCP_MAXSEG - [BUG] http: update the header list's tail when removing the last header - [DOC] fix minor typo in the proxy protocol doc - [DOC] fix typos (http-request instead of http-check) - [BUG] http: use correct ACL pointer when evaluating authentication - [BUG] cfgparse: correctly count one socket per port in ranges - [BUG] startup: set the rlimits before binding ports, not after. - [BUG] acl: srv_id must return no match when the server is NULL - [MINOR] acl: add ability to check for internal response-only parameters - [MINOR] acl: srv_id is only valid in responses - [MINOR] config: warn if response-only conditions are used in "redirect" rules - [BUG] acl: fd leak when reading patterns from file - [DOC] fix minor typo in "usesrc" - [BUG] http: fix possible incorrect forwarded wrapping chunk size - [BUG] http: fix computation of message body length after forwarding has started - [BUG] http: balance url_param did not work with first parameters on POST - [TESTS] update the url_param regression test to test check_post too - [DOC] update ROADMAP - [DOC] internal: reflect the fact that SI_ST_ASS is transient - [BUG] config: don't crash on empty pattern files. - [MINOR] stream_interface: make use of an applet descriptor for IO handlers - [REORG] stream_interface: move the st0, st1 and private members to the applet - [REORG] stream_interface: split the struct members in 3 parts - [REORG] session: move client and server address to the stream interface - [REORG] tcp: make tcpv4_connect_server() take the target address from the SI - [MEDIUM] stream_interface: store the target pointer and type - [CLEANUP] stream_interface: remove the applet.handler pointer - [MEDIUM] log: take the logged server name from the stream interface - [CLEANUP] session: remove data_source from struct session - [CLEANUP] stats: make all dump functions only rely on the stream interface - [REORG] session: move the data_ctx struct to the stream interface's applet - [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode - [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy - [MINOR] session: add a pointer to the new target into the session - [MEDIUM] session: remove s->prev_srv which is not needed anymore - [CLEANUP] stream_interface: use inline functions to manipulate targets - [MAJOR] session: remove the ->srv pointer from struct session - [MEDIUM] stats: split frontend and backend stats - [MEDIUM] http: always evaluate http-request rules before stats http-request - [REORG] http: move the http-request rules to proto_http - [BUG] http: stats were not incremented on http-request deny - [MINOR] checks: report it if checks fail due to socket creation error |
||
Willy Tarreau
|
442e8349f1 |
[RELEASE] Released version 1.5-dev3
Released version 1.5-dev3 with the following main changes : - [DOC] fix http-request documentation - [MEDIUM] enable/disable servers from the stats web interface - [MEDIUM] stats: add an admin level - [DOC] stats: document the "stats admin" statement - [MINOR] startup: print the proxy socket which caused an error - [CLEANUP] Remove unneeded chars allocation - [MINOR] config: detect options not supported due to compilation options - [MINOR] Add pattern's fetchs payload and payload_lv - [MINOR] frontend: improve accept-proxy header parsing - [MINOR] frontend: add tcpv6 support on accept-proxy bind - [MEDIUM] Enhance message errors management on binds - [MINOR] Manage unix socket source field on logs - [MINOR] Manage unix socket source field on session dump on sock stats - [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c - [MINOR] Add some tests on sockets family for port remapping and mode transparent. - [MINOR] Manage socket type unix for some logs - [MINOR] Enhance controls of socket's family on acls and pattern fetch - [MINOR] Support listener's sockets unix on http logs. - [MEDIUM] Add supports of bind on unix sockets. - [BUG] stick table purge failure if size less than 255 - [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter - [MEDIUM] Implement tcp inspect response rules - [DOC] tcp-response content and inspect - [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type - [DOC] acls rep_ssl_hello and req_ssl_hello - [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. - [DOC] new type binary in stick-table - [DOC] stick store-response and new patterns payload and payload_lv - [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command - [MEDIUM] Create updates tree on stick table to manage sync. - [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management - [MEDIUM] Manage peers section parsing and stick table registration on peers. - [MEDIUM] Manage soft stop on peers proxy - [DOC] add documentation for peers section - [MINOR] checks: add support for LDAPv3 health checks - [MINOR] add better support to "mysql-check" - [BUG] Restore info about available active/backup servers - [CONTRIB] Update haproxy.pl - [CONTRIB] Update Cacti Tempates - [CONTRIB] add templates for Cacti. - [BUG] http: don't consider commas as a header delimitor within quotes - [MINOR] support a global jobs counter - [DOC] add a summary about cookie incompatibilities between specs and browsers - [DOC] fix description of cookie "insert" and "indirect" modes - [MEDIUM] http: fix space handling in the request cookie parser - [MEDIUM] http: fix space handling in the response cookie parser - [DOC] fix typo in the queue() definition (backend, not frontend) - [BUG] deinit: unbind listeners before freeing them - [BUG] stream_interface: only call si->release when both dirs are closed - [MEDIUM] buffers: rework the functions to exchange between SI and buffers - [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend) - [MINOR] halog: add '-tc' to sort by termination codes - [MINOR] halog: skip non-traffic logs for -st and -tc - [BUG] stream_sock: cleanly disable the listener in case of resource shortage - [BUILD] stream_sock: previous fix lacked the #include, causing a warning. - [DOC] bind option is "defer-accept", not "defer_accept" - [DOC] missing index entry for http-check send-state - [DOC] tcp-request inspect-delay is for backends too - [BUG] ebtree: string_equal_bits() could return garbage on identical strings - [BUG] stream_sock: try to flush any extra pending request data after a POST - [BUILD] proto_http: eliminate some build warnings with gcc-2.95 - [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose - [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full - [MEDIUM] checks: add support for HTTP contents lookup - [TESTS] add test-check-expect to test various http-check methods - [MINOR] global: add "tune.chksize" to change the default check buffer size - [MINOR] cookie: add options "maxidle" and "maxlife" - [MEDIUM] cookie: support client cookies with some contents appended to their value - [MINOR] http: make some room in the transaction flags to extend cookies - [MINOR] cookie: add the expired (E) and old (O) flags for request cookies - [MEDIUM] cookie: reassign set-cookie status flags to store more states - [MINOR] add encode/decode function for 30-bit integers from/to base64 - [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies - [MEDIUM] cookie: set the date in the cookie if needed - [DOC] document the cookie maxidle and maxlife parameters - [BUG] checks: don't log backend down for all zero-weight servers - [MEDIUM] checks: set server state to one state from failure when leaving maintenance - [BUG] config: report correct keywords for "observe" - [MINOR] checks: ensure that we can inherit binary checks from the defaults section - [MINOR] acl: add the http_req_first match - [DOC] fix typos about bind-process syntax - [BUG] cookie: correctly unset default cookie parameters - [MINOR] cookie: add support for the "preserve" option - [BUG] ebtree: fix duplicate strings insertion - [CONTRIB] halog: report per-url counts, errors and times - [CONTRIB] halog: minor speed improvement in timer parser - [MINOR] buffers: add a new request analyser flag for PROXY mode - [MINOR] listener: add the "accept-proxy" option to the "bind" keyword - [MINOR] standard: add read_uint() to parse a delimited unsigned integer - [MINOR] standard: change arg type from const char* to char* - [MINOR] frontend: add a new analyser to parse a proxied connection - [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections - [DOC] add the proxy protocol's specifications - [DOC] document the 'accept-proxy' bind option - [MINOR] cfgparse: report support of <path> for the 'bind' statements - [DOC] add references to unix socket handling - [MINOR] move MAXPATHLEN definition to compat.h - [MEDIUM] unix sockets: cleanup the error reporting path - [BUG] session: don't stop forwarding of data upon last packet - [CLEANUP] accept: replace some inappropriate Alert() calls with send_log() - [BUILD] peers: shut a printf format warning (key_size is a size_t) - [BUG] accept: don't close twice upon error - [OPTIM] session: don't recheck analysers when buffer flags have not changed - [OPTIM] stream_sock: don't clear FDs that are already cleared - [BUG] proto_tcp: potential bug on pattern fetch dst and dport |
||
Willy Tarreau
|
37242fa7ce |
[RELEASE] Released version 1.5-dev2
Released version 1.5-dev2 with the following main changes : - [MINOR] startup: release unused structs after forking - [MINOR] startup: don't wait for nothing when no old pid remains - [CLEANUP] reference product branch 1.5 - [MEDIUM] signals: add support for registering functions and tasks - [MEDIUM] signals: support redistribution of signal zero when stopping - [BUG] http: don't set auto_close if more data are expected |
||
Willy Tarreau
|
fc815fddd8 |
[RELEASE] Released version 1.5-dev1
Released version 1.5-dev1 with the following main changes : - [BUG] stats: session rate limit gets garbaged in the stats - [DOC] mention 'option http-server-close' effect in Tq section - [DOC] summarize and highlight persistent connections behaviour - [DOC] add configuration samples - [BUG] http: dispatch and http_proxy modes were broken for a long time - [BUG] http: the transaction must be initialized even in TCP mode - [BUG] tcp: dropped connections must be counted as "denied" not "failed" - [BUG] consistent hash: balance on all servers, not only 2 ! - [CONTRIB] halog: report per-server status codes, errors and response times - [BUG] http: the transaction must be initialized even in TCP mode (part 2) - [BUG] client: always ensure to zero rep->analysers - [BUG] session: clear BF_READ_ATTACHED before next I/O - [BUG] http: automatically close response if req is aborted - [BUG] proxy: connection rate limiting was eating lots of CPU - [BUG] http: report correct flags in case of client aborts during body - [TESTS] refine non-regression tests and add 4 new tests - [BUG] debug: wrong pointer was used to report a status line - [BUG] debug: correctly report truncated messages - [DOC] document the "dispatch" keyword - [BUG] stick_table: fix possible memory leak in case of connection error - [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents - [MINOR] accept: count the incoming connection earlier - [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp - [CLEANUP] client: move some ACLs away to their respective locations - [CLEANUP] rename client -> frontend - [MEDIUM] separate protocol-level accept() from the frontend's - [MINOR] proxy: add a list to hold future layer 4 rules - [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject) - [MEDIUM] tcp: check for pure layer4 rules immediately after accept() - [OPTIM] frontend: tell the compiler that errors are unlikely to occur - [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener - [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set - [CLEANUP] buffer->cto is not used anymore - [MEDIUM] session: finish session establishment sequence in with I/O handlers - [MEDIUM] session: initialize server-side timeouts after connect() - [MEDIUM] backend: initialize the server stream_interface upon connect() - [MAJOR] frontend: don't initialize the server-side stream_int anymore - [MEDIUM] session: move the conn_retries attribute to the stream interface - [MEDIUM] session: don't assign conn_retries upon accept() anymore - [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR - [MAJOR] frontend: reorder the session initialization upon accept - [MINOR] proxy: add an accept() callback for the application layer - [MAJOR] frontend: split accept() into frontend_accept() and session_accept() - [MEDIUM] stats: rely on the standard session_accept() function - [MINOR] buffer: refine the flags that may wake an analyser up. - [MINOR] stream_sock: don't dereference a non-existing frontend - [MINOR] session: differenciate between accepted connections and received connections - [MEDIUM] frontend: count the incoming connection earlier - [MINOR] frontend: count denied TCP requests separately - [CLEANUP] stick_table: add/clarify some comments - [BUILD] memory: add a few missing parenthesis to the pool management macros - [MINOR] stick_table: add support for variable-sized data - [CLEANUP] stick_table: rename some stksess struct members to avoid confusion - [CLEANUP] stick_table: move pattern to key functions to stick_table.c - [MEDIUM] stick_table: add room for extra data types - [MINOR] stick_table: add support for "conn_cum" data type. - [MEDIUM] stick_table: don't overwrite data when storing an entry - [MINOR] config: initialize stick tables after all the parsing - [MINOR] stick_table: provide functions to return stksess data from a type - [MEDIUM] stick_table: move the server ID to a generic data type - [MINOR] stick_table: enable it for frontends too - [MINOR] stick_table: export the stick_table_key - [MINOR] tcp: add per-source connection rate limiting - [MEDIUM] stick_table: separate storage and update of session entries - [MEDIUM] stick-tables: add a reference counter to each entry - [MINOR] session: add a pointer to the tracked counters for the source - [CLEANUP] proto_tcp: make the config parser a little bit more flexible - [BUG] config: report the correct proxy type in tcp-request errors - [MINOR] config: provide a function to quote args in a more friendly way - [BUG] stick_table: the fix for the memory leak caused a regression - [MEDIUM] backend: support servers on 0.0.0.0 - [BUG] stick-table: correctly refresh expiration timers - [MEDIUM] stream-interface: add a ->release callback - [MINOR] proxy: add a "parent" member to the structure - [MEDIUM] session: make it possible to call an I/O handler on both SI - [MINOR] tools: add a fast div64_32 function - [MINOR] freq_ctr: add new types and functions for periods different from 1s - [MINOR] errors: provide new status codes for config parsing functions - [BUG] http: denied requests must not be counted as denied resps in listeners - [MINOR] tools: add a get_std_op() function to parse operators - [MEDIUM] acl: make use of get_std_op() to parse intger ranges - [MAJOR] stream_sock: better wakeup conditions on read() - [BUG] session: analysers must be checked when SI state changes - [MINOR] http: reset analysers to listener's, not frontend's - [MEDIUM] session: support "tcp-request content" rules in backends - [BUILD] always match official tags when doing git-tar - [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers - [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks - [MINOR] tcp: src_count acl does not have a permanent result - [MAJOR] session: add track-counters to track counters related to the session - [MINOR] stick-table: provide a table lookup function - [MINOR] stick-table: use suffix "_cnt" for cumulated counts - [MEDIUM] session: move counter ACL fetches from proto_tcp - [MEDIUM] session: add concurrent connections counter - [MEDIUM] session: add data in and out volume counters - [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts - [MEDIUM] session-counters: automatically update tracked connection count - [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection - [MINOR] session: add trk_kbytes_* ACL keywords to track data size - [MEDIUM] session: add a counter on the cumulated number of sessions - [MINOR] config: support a comma-separated list of store data types in stick-table - [MEDIUM] stick-tables: add support for arguments to data_types - [MEDIUM] stick-tables: add stored data argument type checking - [MEDIUM] session counters: add conn_rate and sess_rate counters - [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters - [MINOR] stktable: add a stktable_update_key() function - [MINOR] session-counters: add a general purpose counter (gpc0) - [MEDIUM] session-counters: add HTTP req/err tracking - [MEDIUM] stats: add "show table [<name>]" to dump a stick-table - [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries - [CLEANUP] stick-table: declare stktable_data_types as extern - [MEDIUM] stick-table: make use of generic types for stored data - [MINOR] stats: correctly report errors on "show table" and "clear table" - [MEDIUM] stats: add the ability to dump table entries matching criteria - [DOC] configuration: document all the new tracked counters - [DOC] stats: document "show table" and "clear table" - [MAJOR] session-counters: split FE and BE track counters - [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules - [MEDIUM] session counters: automatically remove expired entries. - [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection" - [MEDIUM] session-counters: make it possible to count connections from frontend - [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters" - [MEDIUM] session-counters: correctly unbind the counters tracked by the backend - [CLEANUP] stats: use stksess_kill() to remove table entries - [DOC] update the references to session counters and to tcp-request connection - [DOC] cleanup: split a few long lines - [MEDIUM] http: forward client's close when abortonclose is set - [BUG] queue: don't dequeue proxy-global requests on disabled servers - [BUG] stats: global stats timeout may be specified before stats socket. - [BUG] conf: add tcp-request content rules to the correct list |
||
Willy Tarreau
|
21475e3215 |
[DEV] open new 1.5 development branch
This new branch is based on 1.4.6, which 1.5-dev0 is 100% equivalent to. The roadmap has been updated. |
||
Willy Tarreau
|
5fdd77da56 |
[RELEASE] Released version 1.4.6
Released version 1.4.6 with the following main changes : - [BUILD] ebtree: update to v6.0.1 to remove references to dprintf() - [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test - [MINOR] acl: add srv_is_up() to check that a specific server is up or not - [DOC] add a few precisions about the use of RDP cookies |
||
Willy Tarreau
|
9d4d9e3144 |
[RELEASE] Released version 1.4.5
Released version 1.4.5 with the following main changes : - [DOC] report minimum kernel version for tproxy in the Makefile - [MINOR] add the "ignore-persist" option to conditionally ignore persistence - [DOC] add the "ignore-persist" option to conditionally ignore persistence - [DOC] fix ignore-persist/force-persist documentation - [BUG] cttproxy: socket fd leakage in check_cttproxy_version - [DOC] doc/configuration.txt: fix typos - [MINOR] option http-pretend-keepalive is both for FEs and BEs - [MINOR] fix possible crash in debug mode with invalid responses - [MINOR] halog: add support for statisticts on status codes - [OPTIM] halog: use a faster zero test in fgets() - [OPTIM] halog: minor speedup by using unlikely() - [OPTIM] halog: speed up fgets2-64 by about 10% - [DOC] refresh the README file and merge the CONTRIB file into it - [MINOR] acl: support loading values from files - [MEDIUM] ebtree: upgrade to version 6.0 - [MINOR] acl trees: add flags and union members to store values in trees - [MEDIUM] acl: add ability to insert patterns in trees - [MEDIUM] acl: add tree-based lookups of exact strings - [MEDIUM] acl: add tree-based lookups of networks - [MINOR] acl: ignore empty lines and comments in pattern files - [MINOR] stick-tables: add support for "stick on hdr" |
||
Willy Tarreau
|
9508c1c625 |
[RELEASE] Released version 1.4.4
Released version 1.4.4 with the following main changes : - [BUG] appsession should match the whole cookie name - [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag - [MEDIUM] backend: move the transparent proxy address selection to backend - [MINOR] add very fast IP parsing functions - [MINOR] add new tproxy flags for dynamic source address binding - [MEDIUM] add ability to connect to a server from an IP found in a header - [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY - [MINOR] http: make it possible to pretend keep-alive when doing close - [MINOR] config: report "default-server" instead of "(null)" in error messages |
||
Willy Tarreau
|
75934a1cd8 |
[RELEASE] Released version 1.4.3
Released version 1.4.3 with the following main changes : - [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer() - [MEDIUM] session: better fix for connection to servers with closed input - [DOC] indicate in the doc how to bind to port ranges - [BUG] backend: L7 hashing must not be performed on incomplete requests - [TESTS] add a simple program to test connection resets - [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used - [MINOR] config: emit warnings when HTTP-only options are used in TCP mode - [MINOR] config: allow "slowstart 0s" - [BUILD] 'make tags' did not consider files ending in '.c' - [MINOR] checks: add the ability to disable a server in the config |
||
Willy Tarreau
|
da618cbdbc |
[RELEASE] Released version 1.4.2
Released version 1.4.2 with the following main changes : - [CLEANUP] product branch update - [DOC] Some more documentation cleanups - [BUG] clf logs segfault when capturing a non existant header - [OPTIM] config: only allocate check buffer when checks are enabled - [MEDIUM] checks: support multi-packet health check responses - [CLEANUP] session: remove duplicate test - [BUG] http: don't wait for response data to leave buffer is client has left - [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time - [MINOR] stats: don't send empty lines in "show errors" - [MINOR] stats: make the data dump function reusable for other purposes - [MINOR] stats socket: add show sess <id> to dump details about a session - [BUG] stats: connection reset counters must be plain ascii, not HTML - [BUG] url_param hash may return a down server - [MINOR] force null-termination of hostname - [MEDIUM] connect to servers even when the input has already been closed - [BUG] don't merge anonymous ACLs ! - [BUG] config: fix endless loop when parsing "on-error" - [MINOR] http: don't mark a server as failed when it returns 501/505 - [OPTIM] checks: try to detect the end of response without polling again - [BUG] checks: don't report an error when recv() returns an error after data - [BUG] checks: don't abort when second poll returns an error - [MINOR] checks: make shutdown() silently fail - [BUG] http: fix truncated responses on chunk encoding when size divides buffer size - [BUG] init: unconditionally catch SIGPIPE - [BUG] checks: don't wait for a close to start parsing the response |
||
Willy Tarreau
|
c5e60c3360 |
[RELEASE] Released version 1.4.1
Released version 1.4.1 with the following main changes : - [BUG] Clear-cookie path issue - [DOC] fix typo on stickiness rules - [BUILD] fix BSD and OSX makefiles for missing files - [BUILD] includes order breaks OpenBSD build - [BUILD] fix some build warnings on Solaris with is* macros - [BUG] logs: don't report "last data" when we have just closed after an error - [BUG] logs: don't report "proxy request" when server closes early - [BUILD] fix platform-dependant build issues related to crypt() - [STATS] count transfer aborts caused by client and by server - [STATS] frontend requests were not accounted for failed requests - [MINOR] report total number of processed connections when stopping a proxy - [DOC] be more clear about the limitation to one single monitor-net entry |
||
Willy Tarreau
|
e18fdfdb85 |
[RELEASE] Released version 1.4.0
Released version 1.4.0 with the following main changes : - [MINOR] stats: report maint state for tracking servers too - [DOC] fix summary to add pattern extraction - [DOC] Documentation cleanups - [BUG] cfgparse memory leak and missing free calls in deinit() - [BUG] pxid/puid/luid: don't shift IDs when some of them are forced - [EXAMPLES] add auth.cfg - [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008 - [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once - [BUILD] auth: don't use unnamed unions - [BUG] config: report unresolvable host names as errors - [BUILD] fix build breakage with DEBUG_FULL - [DOC] fix a typo about timeout check and clarify the explanation. - [MEDIUM] http: don't use trash to realign large buffers - [STATS] report HTTP requests (total and rate) in frontends - [STATS] separate frontend and backend HTTP stats - [MEDIUM] http: revert to use a swap buffer for realignment - [MINOR] stats: report the request rate in frontends as cell titles - [MINOR] stats: mark areas with an underline when tooltips are available - [DOC] reorder some entries to maintain the alphabetical order - [DOC] cleanup of the keyword matrix |
||
Willy Tarreau
|
b05613d72b |
[RELEASE] Released version 1.4-rc1
Released version 1.4-rc1 with the following main changes : - [MEDIUM] add a maintenance mode to servers - [MINOR] http-auth: last fix was wrong - [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table. - [MINOR] Base64 decode - [MINOR] generic auth support with groups and encrypted passwords - [MINOR] add ACL_TEST_F_NULL_MATCH - [MINOR] http-request: allow/deny/auth support for frontend/backend/listen - [MINOR] acl: add http_auth and http_auth_group - [MAJOR] use the new auth framework for http stats - [DOC] add info about userlists, http-request and http_auth/http_auth_group acls - [STATS] make it possible to change a CLI connection timeout - [BUG] patterns: copy-paste typo in type conversion arguments - [MINOR] pattern: make the converter more flexible by supporting void* and int args - [MINOR] standard: str2mask: string to netmask converter - [MINOR] pattern: add support for argument parsers for converters - [MINOR] pattern: add the "ipmask()" converting function - [MINOR] config: off-by-one in "stick-table" after list of converters - [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy - [BUG] restore accidentely removed line in last patch ! - [MINOR] checks: make the HTTP check code add the CRLF itself - [MINOR] checks: add the server's status in the checks - [BUILD] halog: make without arch-specific optimizations - [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit |
||
Willy Tarreau
|
2eba6aaa1b |
[RELEASE] Released version 1.4-dev8
Released version 1.4-dev8 with the following main changes : - [CLEANUP] Keep in sync "defaults" support between documentation and code - [MEDIUM] http: add support for Proxy-Connection header - [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry - [MINOR] http: remove a copy-paste typo in transaction cleaning - [BUG] http: trim any excess buffer data when recycling a connection |
||
Willy Tarreau
|
6939b5522d |
[RELEASE] Released version 1.4-dev7
Released version 1.4-dev7 with the following main changes : - [BUG] appsession: possible memory leak in case of out of memory condition - [MINOR] config: don't accept 'appsession' in defaults section - [MINOR] Add function to parse a size in configuration - [MEDIUM] Add stick table (persistence) management functions and types - [MEDIUM] Add pattern fetch management types and functions - [MEDIUM] Add src dst and dport pattern fetches. - [MEDIUM] Add stick table configuration and init. - [MEDIUM] Add stick and store rules analysers. - [MINOR] add option "mysql-check" to use MySQL health checks - [BUG] health checks: fix requeued message - [OPTIM] remove SSP_O_VIA and SSP_O_STATUS - [BUG] checks: fix newline termination - [MINOR] acl: add fe_id/so_id to match frontend's and socket's id - [BUG] appsession's sessid must be reset at end of transaction - [BUILD] appsession did not build anymore under gcc-2.95 - [BUG] server redirection used an uninitialized string. - [MEDIUM] http: fix handling of message pointers - [MINOR] http: fix double slash prefix with server redirect - [MINOR] http redirect: add the ability to append a '/' to the URL - [BUG] stream_interface: fix retnclose and remove cond_close - [MINOR] http redirect: don't explicitly state keep-alive on 1.1 - [MINOR] http: move appsession 'sessid' from session to http_txn - [OPTIM] reorder http_txn to optimize cache lines placement - [MINOR] http: differentiate waiting for new request and waiting for a complete requst - [MINOR] http: add a separate "http-keep-alive" timeout - [MINOR] config: remove undocumented and buggy 'timeout appsession' - [DOC] fix various too large lines - [DOC] remove several trailing spaces - [DOC] add the doc about stickiness - [BUILD] remove a warning in standard.h on AIX - [BUG] checks: chars are unsigned on AIX, check was always true - [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv() - [BUG] check: we must not check for error before reading a response - [BUG] buffers: remove remains of wrong obsolete length check - [OPTIM] stream_sock: don't shutdown(write) when the socket is in error - [BUG] http: don't count req errors on client resets or t/o during keep-alive - [MEDIUM] http: don't switch to tunnel mode upon close - [DOC] add documentation about connection header processing - [MINOR] http: add http_remove_header2() to remove a header value. - [MINOR] tools: add a "word_match()" function to match words and ignore spaces - [MAJOR] http: rework request Connection header handling - [MAJOR] http: rework response Connection header handling - [MINOR] add the ability to force kernel socket buffer size. - [BUG] http_server_error() must not purge a previous pending response - [OPTIM] http: don't delay response if next request is incomplete - [MINOR] add the "force-persist" statement to force persistence on down servers - [MINOR] http: logs must report persistent connections to down servers - [BUG] buffer_replace2 must never change the ->w entry |
||
Willy Tarreau
|
11f8f5458f |
[RELEASE] Released version 1.4-dev6
Released version 1.4-dev6 with the following main changes : - [BUILD] warning in stream_interface.h - [BUILD] warning ultoa_r returns char * - [MINOR] hana: only report stats if it is enabled - [MINOR] stats: add "a link" & "a href" for sockets - [MINOR]: stats: add show-legends to report additional informations - [MEDIUM] default-server support - [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list - [MINOR] stats: add href to tracked server - [BUG] stats: show UP/DOWN status also in tracking servers - [DOC] Restore ability to search a keyword at the beginning of a line - [BUG] stats: cookie should be reported under backend not under proxy - [BUG] cfgparser/stats: fix error message - [BUG] http: disable auto-closing during chunk analysis - [BUG] http: fix hopefully last closing issue on data forwarding - [DEBUG] add an http_silent_debug function to debug HTTP states - [MAJOR] http: fix again the forward analysers - [BUG] http_process_res_common() must not skip the forward analyser - [BUG] http: some possible missed close remain in the forward chain - [BUG] http: redirect needed to be updated after recent changes - [BUG] http: don't set no-linger on response in case of forced close - [MEDIUM] http: restore the original behaviour of option httpclose - [TESTS] add a file to test various connection modes - [BUG] http: check options before the connection header - [MAJOR] session: fix the order by which the analysers are run - [MEDIUM] session: also consider request analysers added during response - [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags - [BUG] http: memory leak with captures when using keep-alive - [BUG] http: fix for capture memory leak was incorrect - [MINOR] http redirect: use proper call to return last response - [MEDIUM] http: wait for some flush of the response buffer before a new request - [MEDIUM] session: limit the number of analyser loops |
||
Willy Tarreau
|
1f44589b71 |
[RELEASE] Released version 1.4-dev5
Released version 1.4-dev5 with the following main changes : - [MINOR] server tracking: don't care about the tracked server's mode - [MEDIUM] appsession: add "len", "prefix" and "mode" options - [MEDIUM] appsession: add the "request-learn" option - [BUG] Configuration parser bug when escaping characters - [MINOR] CSS & HTML fun - [MINOR] Collect & provide http response codes received from servers - [BUG] Fix silly typo: hspr_other -> hrsp_other - [MINOR] Add "a name" to stats page - [MINOR] add additional "a href"s to stats page - [MINOR] Collect & provide http response codes for frontends, fix backends - [DOC] some small spell fixes and unifications - [MEDIUM] Decrease server health based on http responses / events, version 3 - [BUG] format '%d' expects type 'int', but argument 5 has type 'long int' - [BUG] config: fix erroneous check on cookie domain names, again - [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately - [DOC] trivial fix for man page - [MINOR] config: report all supported options for the "bind" keyword - [MINOR] tcp: add support for the defer_accept bind option - [MINOR] unix socket: report the socket path in case of bind error - [CONTRIB] halog: support searching by response time - [DOC] add a reminder about obsolete documents - [DOC] point to 1.4 doc, not 1.3 - [DOC] option tcp-smart-connect was missing from index - [MINOR] http: detect connection: close earlier - [CLEANUP] sepoll: clean up the fd_clr/fd_set functions - [OPTIM] move some rarely used fields out of fdtab - [MEDIUM] fd: merge fd_list into fdtab - [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required - [MINOR] http: add new transaction flags for keep-alive and content-length - [MEDIUM] http request: parse connection, content-length and transfer-encoding - [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite - [MINOR] http request: simplify the test of no-data - [MEDIUM] http request: simplify POST length detection - [MEDIUM] http request: make use of pre-parsed transfer-encoding header - [MAJOR] http: create the analyser which waits for a response - [MINOR] http: pre-set the persistent flags in the transaction - [MEDIUM] http response: check body length and set transaction flags - [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite - [MINOR] http: remove the last call to stream_int_return - [IMPORT] import ebtree v5.0 into directory ebtree/ - [MEDIUM] build: switch ebtree users to use new ebtree version - [CLEANUP] ebtree: remove old unused files - [BUG] definitely fix regparm issues between haproxy core and ebtree - [CLEANUP] ebtree: cast to char * to get rid of gcc warning - [BUILD] missing #ifndef in ebmbtree.h - [BUILD] missing #ifndef in ebsttree.h - [MINOR] tools: add hex2i() function to convert hex char to int - [MINOR] http: create new MSG_BODY sub-states - [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms - [DOC] option is "defer-accept", not "defer_accept" - [MINOR] http: keep pointer to beginning of data - [BUG] x-original-to: name was not set in default instance - [MINOR] http: detect tunnel mode and set it in the session - [BUG] config: fix error message when config file is not found - [BUG] config: fix wrong handling of too large argument count - [BUG] config: disable 'option httplog' on TCP proxies - [BUG] config: fix erroneous check on cookie domain names - [BUG] config: cookie domain was ignored in defaults sections - [MINOR] config: support passing multiple "domain" statements to cookies - [MINOR] ebtree: add functions to lookup non-null terminated strings - [MINOR] config: don't report error on all subsequent files on failure - [BUG] second fix for the printf format warning - [BUG] check_post: limit analysis to the buffer length - [MEDIUM] http: process request body in a specific analyser - [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post() - [MAJOR] http: completely process the "connection" header - [MINOR] http: only consider chunk encoding with HTTP/1.1 - [MAJOR] buffers: automatically compute the maximum buffer length - [MINOR] http: move the http transaction init/cleanup code to proto_http - [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs - [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE - [MEDIUM] http: rework chunk-size parser - [MEDIUM] http: add a new transaction flags indicating if we know the transfer length - [MINOR] buffers: add buffer_ignore() to skip some bytes - [BUG] http: offsets are relative to the buffer, not to ->som - [MEDIUM] http: automatically re-aling request buffer - [BUG] http: body parsing must consider the start of message - [MINOR] new function stream_int_cond_close() - [MAJOR] http: implement body parser - [BUG] http: typos on several unlikely() around header insertion - [BUG] stream_sock: wrong max computation on recv - [MEDIUM] http: rework the buffer alignment logic - [BUG] buffers: wrong size calculation for displaced data - [MINOR] stream_sock: prepare for closing when all pending data are sent - [MEDIUM] http: add two more states for the closing period - [MEDIUM] http: properly handle "option forceclose" - [MINOR] stream_sock: add SI_FL_NOLINGER for faster close - [MEDIUM] http: make forceclose use SI_FL_NOLINGER - [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts - [MEDIUM] http: add some SI_FL_NOLINGER around server errors - [MINOR] config: option forceclose is valid in frontends too - [BUILD] halog: insufficient include path in makefile - [MEDIUM] http: make the analyser not rely on msg being initialized anymore - [MEDIUM] http: make the parsers able to wait for a buffer flush - [MAJOR] http: add support for option http-server-close - [BUG] http: ensure we abort data transfer on write error - [BUG] last fix was overzealous and disabled server-close - [BUG] http: fix erroneous trailers size computation - [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data - [OPTIM] http: set MSG_MORE on response when a pipelined request is pending - [BUG] http: redirects were broken by chunk changes - [BUG] http: the request URI pointer is relative to the buffer - [OPTIM] http: don't immediately enable reading on request - [MINOR] http: move redirect messages to HTTP/1.1 with a content-length - [BUG] http: take care of errors, timeouts and aborts during the data phase - [MINOR] http: don't wait for sending requests to the server - [MINOR] http: make the conditional redirect support keep-alive - [BUG] http: fix cookie parser to support spaces and commas in values - [MINOR] config: some options were missing for "redirect" - [MINOR] redirect: add support for unconditional rules - [MINOR] config: centralize proxy struct initialization - [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements - [MEDIUM] config: remove the limitation of 10 config files - [CLEANUP] http: remove a remaining impossible condition - [OPTIM] http: optimize a bit the construct of the forward loops |
||
Willy Tarreau
|
c82a9e59a7 |
[RELEASE] Released version 1.4-dev4
Released version 1.4-dev4 with the following main changes : - [DOC] add missing rate_lim and rate_max - [MAJOR] struct chunk rework - [MEDIUM] Health check reporting code rework + health logging, v3 - [BUG] check if rise/fall has an argument and it is > 0 - [MINOR] health checks logging unification - [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2 - [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname. - [DOC] Add information about http://haproxy.1wt.eu/contrib.html - [MINOR] Introduce include/types/counters.h - [CLEANUP] Move counters to dedicated structures - [MINOR] Add "clear counters" to clear statistics counters - [MEDIUM] Collect & provide separate statistics for sockets, v2 - [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2 - [MINOR] acl: don't report valid acls as potential mistakes - [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim() - [MINOR] Add chunk_htmlencode and chunk_asciiencode - [MINOR] Capture & display more data from health checks, v2 - [BUG] task.c: don't assing last_timer to node-less entries - [BUG] http stats: large outputs sometimes got some parts chopped off - [MINOR] backend: export some functions to recount servers - [MINOR] backend: uninline some LB functions - [MINOR] include time.h from freq_ctr.h as is uses "now". - [CLEANUP] backend: move LB algos to individual files - [MINOR] lb_map: reorder code in order to ease integration of new hash functions - [CLEANUP] proxy: move last lb-specific bits to their respective files - [MINOR] backend: separate declarations of LB algos from their lookup method - [MINOR] backend: reorganize the LB algorithm selection - [MEDIUM] backend: introduce the "static-rr" LB algorithm - [MINOR] report list of supported pollers with -vv - [DOC] log-health-checks is an option, not a directive - [MEDIUM] new option "independant-streams" to stop updating read timeout on writes - [BUG] stats: don't call buffer_shutw(), but ->shutw() instead - [MINOR] stats: strip CR and LF from the input command line - [BUG] don't refresh timeouts late after detected activity - [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk() - [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk() - [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk - [MEDIUM] stats: don't use s->ana_state anymore - [MINOR] remove now obsolete ana_state from the session struct - [MEDIUM] stats: make HTTP stats use an I/O handler - [MEDIUM] stream_int: adjust WAIT_ROOM handling - [BUG] config: look for ID conflicts in all sockets, not only last ones. - [MINOR] config: reference file and line with any listener/proxy/server declaration - [MINOR] config: report places of duplicate names or IDs - [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules - [MINOR] tools: add a new get_next_id() function - [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners - [OPTIM] counters: move some max numbers to the counters struct - [BUG] counters: fix segfault on missing counters for a listener - [MEDIUM] backend: implement consistent hashing variation - [MINOR] acl: add fe_conn, be_conn, queue, avg_queue - [MINOR] stats: use 'clear counters all' to clear all values - [MEDIUM] add access restrictions to the stats socket - [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length - [MINOR] proxy: provide function to retrieve backend/server pointers - [MINOR] add the "initial weight" to the server struct. - [MEDIUM] stats: add the "get weight" command to report a server's weight - [MEDIUM] stats: add the "set weight" command - [BUILD] add a 'make tags' target - [MINOR] stats: add support for numeric IDs in set weight/get weight - [MINOR] stats: use a dedicated state to output static data - [OPTIM] stats: check free space before trying to print |
||
Willy Tarreau
|
9f389e0152 |
[RELEASE] Released version 1.4-dev3
Released version 1.4-dev3 with the following main changes : - [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD - [MEDIUM] Collect & show information about last health check, v3 - [MINOR] export the hostname variable so that all the code can access it - [MINOR] stats: add a new node-name setting - [MEDIUM] remove old experimental tcpsplice option - [BUILD] fix build for systems without SOL_TCP - [MEDIUM] move connection establishment from backend to the SI. - [MEDIUM] make the global stats socket part of a frontend - [MEDIUM] session: account per-listener connections - [MINOR] session: switch to established state if no connect function - [MEDIUM] make the unix stats sockets use the generic session handler - [CLEANUP] unix: remove uxst_process_session() - [CLEANUP] move remaining stats sockets code to dumpstats - [MINOR] move the initial task's nice value to the listener - [MINOR] cleanup set_session_backend by using pre-computed analysers - [MINOR] set s->srv_error according to the analysers - [MEDIUM] set rep->analysers from fe and be analysers - [MEDIUM] replace BUFSIZE with buf->size in computations - [MEDIUM] make it possible to change the buffer size in the configuration - [MEDIUM] report error on buffer writes larger than buffer size - [MEDIUM] stream_interface: add and use ->update function to resync - [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead - [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead - [BUG] tarpit did not work anymore - [MINOR] acl: add support for hdr_ip to match IP addresses in headers - [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag - [MINOR] buffers: provide more functions to handle buffer data - [MEDIUM] buffers: provide new buffer_feed*() function - [MINOR] buffers: add peekchar and peekline functions for stream interfaces - [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface - [BUG] buffer_forward() would not correctly consider data already scheduled - [MINOR] buffers: add buffer_cut_tail() to cut only unsent data - [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors - [MAJOR] http: add support for HTTP 1xx informational responses - [MINOR] buffers: inline buffer_si_putchar() - [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE - [MAJOR] buffers: fix the BF_EMPTY flag's meaning - [BUG] stream_interface: SI_ST_CLO must have buffers SHUT - [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set - [MEDIUM] add support for infinite forwarding - [BUILD] stream_interface: fix conflicting declaration - [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY - [BUG] variable buffer size ignored at initialization time - [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL - [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds - [MINOR] stream_interface: add SI_FL_DONT_WAKE flag - [MINOR] stream_interface: add iohandler callback - [MINOR] stream_interface: add functions to support running as internal/external tasks - [MEDIUM] session: call iohandler for embedded tasks (applets) - [MINOR] add a ->private member to the stream_interface - [MEDIUM] stats: prepare the connection for closing before dumping - [MEDIUM] stats: replace the stats socket analyser with an SI applet |
||
Willy Tarreau
|
68dcd25d9c |
[RELEASE] Released version 1.4-dev2
Released version 1.4-dev2 with the following main changes : - [BUG] task: fix possible crash when some timeouts are not configured - [BUG] log: option tcplog would log to global if no logger was defined |
||
Willy Tarreau
|
b03d298995 |
[RELEASE] Released version 1.4-dev1
Released version 1.4-dev1 with the following main changes : - [MINOR] acl: add support for matching of RDP cookies - [MEDIUM] add support for RDP cookie load-balancing - [MEDIUM] add support for RDP cookie persistence - [MINOR] add a new CLF log format - [MINOR] startup: don't imply -q with -D - [BUG] ensure that we correctly re-start old process in case of error - [MEDIUM] add support for binding to source port ranges during connect - [MINOR] config: track "no option"/"option" changes - [MINOR] config: support resetting options do default values - [MEDIUM] implement option tcp-smart-accept at the frontend - [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux - [MEDIUM] implement tcp-smart-connect option at the backend - [MEDIUM] add support for TCP MSS adjustment for listeners - [MEDIUM] support setting a server weight to zero - [MINOR] make DEFAULT_MAXCONN user-configurable at build time - [MAJOR] session: don't clear buffer status flags anymore - [MAJOR] session: only check for timeouts when they have just occurred. - [MAJOR] session: simplify buffer error handling - [MEDIUM] config: split parser and checker in two functions - [MEDIUM] config: support loading multiple configuration files - [MEDIUM] stream_sock: don't close prematurely when nolinger is set - [MEDIUM] session: rework buffer analysis to permit permanent analysers - [MEDIUM] splice: set the capability on each stream_interface - [BUG] http: redirect rules were processed too early - [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define - [MEDIUM] http: split request waiter from request processor - [MEDIUM] session: tell analysers what bit they were called for - [MAJOR] http: complete splitting of the remaining stages - [MINOR] report in the proxies the requirements for ACLs - [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx - [MINOR] acl: add HTTP protocol detection (req_proto_http) - [MINOR] prepare callers of session_set_backend to handle errors - [BUG] default ACLs did not properly set the ->requires flag - [MEDIUM] allow a TCP frontend to switch to an HTTP backend - [MINOR] ensure we can jump from swiching rules to http without data - [MINOR] http: take http request timeout from the backend - [MINOR] allow TCP inspection rules to make use of HTTP ACLs - [BUILD] report commit date and not author's date as build date - [MINOR] acl: don't complain anymore when using L7 acls in TCP - [BUG] stream_sock: always shutdown(SHUT_WR) before closing - [BUG] stream_sock: don't stop reading when the poller reports an error - [BUG] config: tcp-request content only accepts "if" or "unless" - [BUG] task: fix possible timer drift after update - [MINOR] apply tcp-smart-connect option for the checks too - [MINOR] stats: better displaying in MSIE - [MINOR] config: improve error reporting in global section - [MINOR] config: improve error reporting in listen sections - [MINOR] config: the "capture" keyword is not allowed in backends - [MINOR] config: improve error reporting when checking configuration - [BUILD] fix a minor build warning on AIX - [BUILD] use "git cmd" instead of "git-cmd" - [CLEANUP] report 2009 not 2008 in the copyright banner. - [MINOR] print usage on the stats sockets upon invalid commands - [MINOR] acl: detect and report potential mistakes in ACLs - [BUILD] fix incorrect printf arg count with tcp_splice - [BUG] fix random pauses on last segment of a series - [BUILD] add support for build under Cygwin |
||
Willy Tarreau
|
791588858e |
[DEV] open new 1.4 development branch
This new branch is based on 1.3.18, which 1.4-dev0 is 100% equivalent to. |
||
Willy Tarreau
|
beb05aee57 |
[RELEASE] Released version 1.3.18
Released version 1.3.18 with the following main changes : - [MEDIUM] add support for "balance hdr(name)" - [CLEANUP] give a little bit more information in error message - [MINOR] add X-Original-To: header - [BUG] x-original-to: fix missing initialization to default value - [BUILD] spec file: fix broken pipe during rpmbuild and add man file - [MINOR] improve reporting of misplaced acl/reqxxx rules - [MEDIUM] http: add options to ignore invalid header names - [MEDIUM] http: capture invalid requests/responses even if accepted - [BUILD] add format(printf) to printf-like functions - [MINOR] fix several printf formats and missing arguments - [BUG] stats: total and lbtot are unsigned - [MINOR] fix a few remaining printf-like formats on 64-bit platforms - [CLEANUP] remove unused make option from haproxy.spec - [BUILD] make it possible to pass alternative arch at build time - [MINOR] switch all stat counters to 64-bit - [MEDIUM] ensure we don't recursively call pool_gc2() - [CRITICAL] uninitialized response field can sometimes cause crashes - [BUG] fix wrong pointer arithmetics in HTTP message captures - [MINOR] rhel init script : support the reload operation - [MINOR] add basic signal handling functions - [BUILD] add signal.o to all makefiles - [MEDIUM] call signal_process_queue from run_poll_loop - [MEDIUM] pollers: don't wait if a signal is pending - [MEDIUM] convert all signals to asynchronous signals - [BUG] O(1) pollers should check their FD before closing it - [MINOR] don't close stdio fds twice - [MINOR] add options dontlog-normal and log-separate-errors - [DOC] minor fixes and rearrangements - [BUG] fix parser crash on unconditional tcp content rules - [DOC] rearrange the configuration manual and add a summary - [MINOR] standard: provide a new 'my_strndup' function - [MINOR] implement per-logger log level limitation - [MINOR] compute the max of sessions/s on fe/be/srv - [MINOR] stats: report max sessions/s and limit in CSV export - [MINOR] stats: report max sessions/s and limit in HTML stats - [MINOR] stats/html: use the arial font before helvetica |
||
Willy Tarreau
|
f459b42a32 |
[RELEASE] Released version 1.3.17
Released version 1.3.17 with the following main changes : - Update specfile to build for v2.6 kernel. - [BUG] reset the stream_interface connect timeout upon connect or error - [BUG] reject unix accepts when connection limit is reached - [MINOR] show sess: report number of calls to each task - [BUG] don't call epoll_ctl() on closed sockets - [BUG] stream_sock: disable I/O on fds reporting an error - [MINOR] sepoll: don't count two events on the same FD. - [MINOR] show sess: report a lot more information about sessions - [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts - [BUG] don't set an expiration date directly from now_ms - [MINOR] implement ulltoh() to write HTML-formatted numbers - [MINOR] stats/html: group digits by 3 to clarify numbers - [BUILD] remove haproxy-small.spec - [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND |
||
Willy Tarreau
|
8019ffa0ca |
[RELEASE] Released version 1.3.16
Released version 1.3.16 with the following main changes : - [BUILD] Fixed Makefile for linking pcre - [CONTRIB] selinux policy for haproxy - [MINOR] show errors: encode backslash as well as non-ascii characters - [MINOR] cfgparse: some cleanups in the consistency checks - [MINOR] cfgparse: set backends to "balance roundrobin" by default - [MINOR] tcp-inspect: permit the use of no-delay inspection - [MEDIUM] reverse internal proxy declaration order to match configuration - [CLEANUP] config: catch and report some possibly wrong rule ordering - [BUG] connect timeout is in the stream interface, not the buffer - [BUG] session: errors were not reported in termination flags in TCP mode - [MINOR] tcp_request: let the caller take care of errors and timeouts - [CLEANUP] http: remove some commented out obsolete code in process_response - [MINOR] update ebtree to version 4.1 - [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1 - [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present - [BUG] scheduler: fix improper handling of duplicates __task_queue() - [MINOR] sched: permit a task to stay up between calls - [MINOR] task: keep a task count and clean up task creators - [MINOR] stats: report number of tasks (active and running) - [BUG] server check intervals must not be null - [OPTIM] stream_sock: don't retry to read after a large read - [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates - [MEDIUM] session: don't resync FSMs on non-interesting changes - [BUG] check for global.maxconn before doing accept() - [OPTIM] sepoll: do not re-check whole list upon accepts |
||
Willy Tarreau
|
8185cedcb3 |
[RELEASE] Released version 1.3.16-rc2
Released version 1.3.16-rc2 with the following main changes : - [BUG] stream_sock: write timeout must be updated when forwarding ! |
||
Willy Tarreau
|
ff63b439e0 |
[RELEASE] Released version 1.3.16-rc1
Released version 1.3.16-rc1 with the following main changes : - appsessions: cleanup DEBUG_HASH and initialize request_counter - [MINOR] acl: add new keyword "connslots" - [MINOR] cfgparse: fix off-by 2 in error message size - [BUILD] fix build with gcc 4.3 - [BUILD] fix MANDIR default location to match documentation - [TESTS] add a debug patch to help trigger the stats bug - [BUG] Flush buffers also where there are exactly 0 bytes left - [MINOR] Allow to specify a domain for a cookie - [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain) - [MEDIUM] Fix memory freeing at exit - [MEDIUM] Fix memory freeing at exit, part 2 - [BUG] Fix listen & more of 2 couples <ip>:<port> - [DOC] remove buggy comment for use_backend - [CRITICAL] fix server state tracking: it was O(n!) instead of O(n) - [MEDIUM] add support for URI hash depth and length limits - [MINOR] permit renaming of x-forwarded-for header - [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface - [BUILD] Haproxy won't compile if DEBUG_FULL is defined - [MEDIUM] upgrade to ebtree v4.0 - [DOC] update the README file with new build options - [MEDIUM] reduce risk of event starvation in ev_sepoll - [MEDIUM] detect streaming buffers and tag them as such - [MEDIUM] add support for conditional HTTP redirection - [BUILD] make install should depend on haproxy not "all" - [DEBUG] add a TRACE macro to facilitate runtime data extraction - [BUG] event pollers must not wait if a task exists in the run queue - [BUG] queue management: wake oldest request in queues - [BUG] log: reported queue position was offed-by-one - [BUG] fix the dequeuing logic to ensure that all requests get served - [DOC] documentation for the "retries" parameter was missing. - [MEDIUM] implement a monotonic internal clock - [MEDIUM] further improve monotonic clock by check forward jumps - [OPTIM] add branch prediction hints in list manipulations - [MAJOR] replace ultree with ebtree in wait-queues - [BUG] we could segfault during exit while freeing uri_auths - [BUG] wqueue: perform proper timeout comparisons with wrapping values - [MINOR] introduce now_ms, the current date in milliseconds - [BUG] disable buffer read timeout when reading stats - [MEDIUM] rework the wait queue mechanism - [BUILD] change declaration of base64tab to fix build with Intel C++ - [OPTIM] shrink wake_expired_tasks() by using task_wakeup() - [MAJOR] use an ebtree instead of a list for the run queue - [MEDIUM] introduce task->nice and boot access to statistics - [OPTIM] task_queue: assume most consecutive timers are equal - [BUILD] silent a warning in unlikely() with gcc 4.x - [MAJOR] convert all expiration timers from timeval to ticks - [BUG] use_backend would not correctly consider "unless" - [TESTS] added test-acl.cfg to test some ACL combinations - [MEDIUM] add support for configuration keyword registration - [MEDIUM] modularize the global "stats" keyword configuration parser - [MINOR] cfgparse: add support for warnings in external functions - [MEDIUM] modularize the "timeout" keyword configuration parser - [MAJOR] implement tcp request content inspection - [MINOR] acl: add a new parsing function: parse_dotted_ver - [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version - [CLEANUP] remove unused include/types/client.h - [CLEANUP] remove many #include <types/xxx> from C files - [CLEANUP] remove dependency on obsolete INTBITS macro - [DOC] document the new "tcp-request" keyword and associated ACLs - [MINOR] acl: add REQ_CONTENT to the list of default acls - [MEDIUM] acl: permit fetch() functions to set the result themselves - [MEDIUM] acl: get rid of dummy values in always_true/always_false - [MINOR] acl: add the "wait_end" acl verb - [MEDIUM] acl: enforce ACL type checking - [MEDIUM] acl: set types on all currently known ACL verbs - [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings - [CLEANUP] remove 65 useless NULL checks before free - [MEDIUM] memory: update pool_free2() to support NULL pointers - [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns - [MEDIUM] process_srv: rely on buffer flags for client shutdown - [MEDIUM] process_srv: don't rely at all on client state - [MEDIUM] process_cli: don't rely at all on server state - [BUG] fix segfault with url_param + check_post - [BUG] server timeout was not considered in some circumstances - [BUG] client timeout incorrectly rearmed while waiting for server - [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1) - [MAJOR] get rid of SV_STANALYZE (step 2) - [MEDIUM] simplify and centralize request timeout cancellation and request forwarding - [MAJOR] completely separate HTTP and TCP states on the request path - [BUG] fix recently introduced loop when client closes early - [MAJOR] get rid of the SV_STHEADERS state - [MAJOR] better separation of response processing and server state - [MAJOR] clearly separate HTTP response processing from TCP server state - [MEDIUM] remove unused references to {CL|SV}_STSHUT* - [MINOR] term_trace: add better instrumentations to trace the code - [BUG] ev_sepoll: closed file descriptors could persist in the spec list - [BUG] process_response must not enable the read FD - [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue - [BUG] process_response: do not touch srv_state - [BUG] maintain_proxies must not disable backends - [CLEANUP] get rid of BF_SHUT*_PENDING - [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l - [MAJOR] process_session: rely only on buffer flags - [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout - [MEDIUM] centralize buffer timeout checks at the top of process_session - [MINOR] ensure the termination flags are set by process_xxx - [MEDIUM] session: move the analysis bit field to the buffer - [OPTIM] process_cli/process_srv: reduce the number of tests - [BUG] regparm is broken on gcc < 3 - [BUILD] fix warning in proto_tcp.c with gcc >= 4 - [MEDIUM] merge inspect_exp and txn->exp into request buffer - [BUG] process_cli/process_srv: don't call shutdown when already done - [BUG] process_request: HTTP body analysis must return zero if missing data - [TESTS] test-fsm: 22 regression tests for state machines - [BUG] Fix empty X-Forwarded-For header name when set in defaults section - [BUG] fix harmless but wrong fd insertion sequence - [MEDIUM] make it possible for analysers to follow the whole session - [MAJOR] rework of the server FSM - [OPTIM] remove useless fd_set(read) upon shutdown(write) - [MEDIUM] massive cleanup of process_srv() - [MEDIUM] second level of code cleanup for process_srv_data - [MEDIUM] third cleanup and optimization of process_srv_data() - [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts - [MEDIUM] stream_sock_process_data moved to stream_sock.c - [MAJOR] make the client side use stream_sock_process_data() - [MEDIUM] split stream_sock_process_data - [OPTIM] stream_sock_read must check for null-reads more often - [MINOR] only call flow analysers when their read side is connected. - [MEDIUM] reintroduce BF_HIJACK with produce_content - [MINOR] re-arrange buffer flags and rename some of them - [MINOR] do not check for BF_SHUTR when computing write timeout - [OPTIM] ev_sepoll: detect newly created FDs and check them once - [OPTIM] reduce the number of calls to task_wakeup() - [OPTIM] force inlining of large functions with gcc >= 3 - [MEDIUM] indicate a reason for a task wakeup - [MINOR] change type of fdtab[]->owner to void* - [MAJOR] make stream sockets aware of the stream interface - [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers - [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT - [MEDIUM] process_session: make use of the new buffer flags - [CLEANUP] process_session: move debug outputs out of the critical loop - [MEDIUM] move QUEUE and TAR timers to stream interfaces - [OPTIM] add compiler hints in tick_is_expired() - [MINOR] add buffer_check_timeouts() to check what timeouts have fired. - [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts() - [MINOR] add an expiration flag to the stream_sock_interface - [MAJOR] migrate the connection logic to stream interface - [MAJOR] add a connection error state to the stream_interface - [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions - [MEDIUM] continue layering cleanups. - [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO - [MEDIUM] remove stream_sock_update_data() - [MINOR] maintain a global session list in order to ease debugging - [BUG] shutw must imply close during a connect - [MEDIUM] process shutw during connection attempt - [MEDIUM] make the stream interface control the SHUT{R,W} bits - [MAJOR] complete layer4/7 separation - [CLEANUP] move the session-related functions to session.c - [MINOR] call session->do_log() for logging - [MINOR] replace the ambiguous client_return function by stream_int_return - [MINOR] replace client_retnclose() with stream_int_retnclose() - [MINOR] replace srv_close_with_err() with http_server_error() - [MEDIUM] make the http server error function a pointer in the session - [CLEANUP] session.c: removed some migration left-overs in sess_establish() - [MINOR] stream_sock_data_finish() should not expose fd - [MEDIUM] extract TCP request processing from HTTP - [MEDIUM] extract the HTTP tarpit code from process_request(). - [MEDIUM] move the HTTP request body analyser out of process_request(). - [MEDIUM] rename process_request to http_process_request - [BUG] fix forgotten server session counter - [MINOR] declare process_session in session.h, not proto_http.h - [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept() - [MINOR] add an analyser code for UNIX stats request - [MINOR] pre-set analyser flags on the listener at registration time - [BUG] do not forward close from cons to prod with analysers - [MEDIUM] ensure that sock->shutw() also closes read for init states - [MINOR] add an analyser state in struct session - [MAJOR] make unix sockets work again with stats - [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session - [MINOR] move the listener reference from fd to session - [MEDIUM] reference the current hijack function in the buffer itself - [MINOR] slightly rebalance stats_dump_{raw,http} - [MINOR] add a new back-reference type : struct bref - [MINOR] add back-references to sessions for later use by a dumper. - [MEDIUM] add support for "show sess" in unix stats socket - [BUG] do not release the connection slot during a retry - [BUG] dynamic connection throttling could return a max of zero conns - [BUG] do not try to pause backends during reload - [BUG] ensure that listeners from disabled proxies are correctly unbound. - [BUG] acl-related keywords are not allowed in defaults sections - [BUG] cookie capture is declared in the frontend but checked on the backend - [BUG] critical errors should be reported even in daemon mode - [MINOR] redirect: add support for the "drop-query" option - [MINOR] redirect: add support for "set-cookie" and "clear-cookie" - [MINOR] redirect: in prefix mode a "/" means not to change the URI - [BUG] do not dequeue requests on a dead server - [BUG] do not dequeue the backend's pending connections on a dead server - [MINOR] stats: indicate if a task is running in "show sess" - [BUG] check timeout must not be changed if timeout.check is not set - [BUG] "option transparent" is for backend, not frontend ! - [MINOR] transfer errors were not reported anymore in data phase - [MEDIUM] add a send limit to a buffer - [MEDIUM] don't report buffer timeout when there is I/O activity - [MEDIUM] indicate when we don't care about read timeout - [MINOR] add flags to indicate when a stream interface is waiting for space/data - [MEDIUM] enable inter-stream_interface wakeup calls - [MAJOR] implement autonomous inter-socket forwarding - [MINOR] add the splice_len member to the buffer struct in preparation of splice support - [MEDIUM] stream_sock: factor out the return path in case of no-writes - [MEDIUM] i/o: rework ->to_forward and ->send_max - [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read - [OPTIM] buffer: replace rlim by max_len - [OPTIM] stream_sock: factor out the buffer full handling out of the loop - [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y) - [CLEANUP] stream_sock: move the write-nothing condition out of the loop - [MEDIUM] split stream_sock_write() into callback and core functions - [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending - [MINOR] stream_sock: fix a few wrong empty calculations - [MEDIUM] stream_sock: try to send pending data on chk_snd() - [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes - [MEDIUM] splice: add configuration options and set global.maxpipes - [MINOR] introduce structures required to support Linux kernel splicing - [MEDIUM] add definitions for Linux kernel splicing - [MAJOR] complete support for linux 2.6 kernel splicing - [BUG] reserve some pipes for backends with splice enabled - [MEDIUM] splice: add hints to support older buggy kernels - [MEDIUM] introduce pipe pools - [MEDIUM] splice: make use of pipe pools - [STATS] report pipe usage in the statistics - [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified - [BUILD] fix snapshot date extraction with negative timezones - [MEDIUM] move global tuning options to the global structure - [MEDIUM] splice: add the global "nosplice" option - [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6 - [BUG] we must not exit if protocol binding only returns a warning - [MINOR] add support for bind interface name - [BUG] inform the user when root is expected but not set - [MEDIUM] add support for source interface binding - [MEDIUM] add support for source interface binding at the server level - [MEDIUM] implement bind-process to limit service presence by process - [DOC] document maxpipes, nosplice, option splice-{auto,request,response} - [DOC] filled the logging section of the configuration manual - [DOC] document HTTP status codes - [DOC] document a few missing info about errorfile - [BUG] fix random memory corruption using "show sess" - [BUG] fix unix socket processing of interrupted output - [DOC] add diagrams of queuing and future ACL design - [BUILD] proto_http did not build on gcc-2.95 - [BUG] the "source" keyword must first clear optional settings - [BUG] global.tune.maxaccept must be limited even in mono-process mode - [MINOR] ensure that http_msg_analyzer updates pointer to invalid char - [MEDIUM] store a complete dump of request and response errors in proxies - [MEDIUM] implement error dump on unix socket with "show errors" - [DOC] document "show errors" - [MINOR] errors dump must use user-visible date, not internal date. - [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second - [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second. - [MEDIUM] measure and report session rate on frontend, backends and servers - [BUG] the "connslots" keyword was matched as "connlots" - [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate - [MEDIUM] implement "rate-limit sessions" for the frontend - [BUG] interface binding: length must include the trailing zero - [BUG] typo in timeout error reporting : report *res and not *err - [OPTIM] maintain_proxies: only wake up when the frontend will be ready - [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption - [BUG] switch server-side stream interface to close in case of abort - [CLEANUP] remove last references to term_trace - [OPTIM] freq_ctr: do not rotate the counters when reading - [BUG] disable any analysers for monitoring requests - [BUG] rate-limit in defaults section was ignored - [BUG] task: fix handling of duplicate keys - [OPTIM] task: don't unlink a task from a wait queue when waking it up - [OPTIM] displace tasks in the wait queue only if absolutely needed - [MEDIUM] minor update to the task api: let the scheduler queue itself - [BUG] event_accept() must always wake the task up, even in health mode - [CLEANUP] task: distinguish between clock ticks and timers - [OPTIM] task: reduce the number of calls to task_queue() - [OPTIM] do not re-check req buffer when only response has changed - [CLEANUP] don't enable kernel splicing when socket is closed - [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase - [MINOR] buffers: implement buffer_flush() - [MEDIUM] rearrange forwarding condition to enable splice during analysis - [BUILD] build fixes for Solaris - [BUILD] proto_http did not build on gcc-2.95 (again) - [CONTRIB] halog: fast log parser for haproxy - [CONTRIB] halog: faster fgets() and add support for percentile reporting |
||
Willy Tarreau
|
7b4c5aee55 |
[RELEASE] Released version 1.3.15
Released version 1.3.15 with the following main changes : - [BUILD] Added support for 'make install' - [BUILD] Added 'install-man' make target for installing the man page - [BUILD] Added 'install-bin' make target - [BUILD] Added 'install-doc' make target - [BUILD] Removed "/" after '$(DESTDIR)' in install targets - [BUILD] Changed 'install' target to install the binaries first - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)' - [MEDIUM]: Inversion for options - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup - [BUG]: Restore clearing t->logs.bytes - [MEDIUM]: rework checks handling - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects - [MEDIUM] Implement "track [<backend>/]<server>" - [MINOR] Implement persistent id for proxies and servers - [BUG] Don't increment server connections too much + fix retries - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3 - [MAJOR] proto_uxst rework -> SNMP support - [BUG] appsession lookup in URL does not work - [BUG] transparent proxy address was ignored in backend - [BUG] hot reconfiguration failed because of a wrong error check - [DOC] big update to the configuration manual - [DOC] large update to the configuration manual - [DOC] document more options - [BUILD] major rework of the GNU Makefile - [STATS] add support for "show info" on the unix socket - [DOC] document options forwardfor to logasap - [MINOR] add support for the "backlog" parameter - [OPTIM] introduce global parameter "tune.maxaccept" - [MEDIUM] introduce "timeout http-request" in frontends - [MINOR] tarpit timeout is also allowed in backends - [BUG] increment server connections for each connect() - [MEDIUM] add a turn-around state of one second after a connection failure - [BUG] fix typo in redispatched connection - [DOC] document options nolinger to ssl-hello-chk - [DOC] added documentation for "option tcplog" to "use_backend" - [BUG] connect_server: server might not exist when sending error report - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY) - [MEDIUM] add non-local bind to connect() on Linux - [MINOR] add transparent proxy support for balabit's Tproxy v4 - [BUG] use backend's source and not server's source with tproxy - [BUG] fix overlapping server flags - [MEDIUM] fix server health checks source address selection - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY - [DOC] added "server", "source" and "stats" keywords - [DOC] all server parameters have been documented - [DOC] document all req* and rsp* keywords. - [DOC] added documentation about HTTP header manipulations - [BUG] log response byte count, not request - [BUILD] code did not build in full debug mode - [BUG] fix truncated responses with sepoll - [MINOR] use s->frt_addr as the server's address in transparent proxy - [MINOR] fix configuration hint about timeouts - [DOC] minor cleanup of the doc and notice to contributors - [MINOR] report correct section type for unknown keywords. - [BUILD] update MacOS Makefile to build on newer versions - [DOC] fix erroneous "useallbackups" option in the doc - [DOC] applied small fixes from early readers - [MINOR] add configuration support for "redir" server keyword - [MEDIUM] completely implement the server redirection method - [TESTS] add a test case for the server redirection mechanism - [DOC] add a configuration entry for "server ... redir <prefix>" - [BUILD] backend.c and checks.c did not build without tproxy ! - Revert "[BUILD] backend.c and checks.c did not build without tproxy !" - [BUILD] backend.c and checks.c did not build without tproxy ! - [OPTIM] used unsigned ints for HTTP state and message offsets - [OPTIM] GCC4's builtin_expect() is suboptimal - [BUG] failed conns were sometimes incremented in the frontend! - [BUG] timeout.check was not pre-set to eternity - [TESTS] add test-pollers.cfg to easily report pollers in use - [BUG] do not apply timeout.connect in checks if unset - [BUILD] ensure that makefile understands USE_DLMALLOC=1 - [MINOR] silent gcc for a wrong warning - [CLEANUP] update .gitignore to ignore more temporary files - [CLEANUP] report dlmalloc's source path only if explictly specified - [BUG] str2sun could leak a small buffer in case of error during parsing - [BUG] option allbackups was not working anymore in roundrobin mode - [MAJOR] implementation of the "leastconn" load balancing algorithm - [BUILD] ensure that users don't build without setting the target anymore. - [DOC] document the leastconn LB algo - [MEDIUM] fix stats socket limitation to 16 kB - [DOC] fix unescaped space in httpchk example. - [BUG] fix double-decrement of server connections - [TESTS] add a test case for port mapping - [TESTS] add a benchmark for integer hashing - [TESTS] add new methods in ip-hash test file - [MAJOR] implement parameter hashing for POST requests |
||
Willy Tarreau
|
e5b77e82c7 |
[RELEASE] Released version 1.3.14
Released version 1.3.14 with the following main changes : - New option http_proxy (Alexandre Cassen) - add support for "maxqueue" to limit server queue overload (Elijah Epifanov) - Check for duplicated conflicting proxies (Krzysztof Oledzki) - stats: report server and backend cumulated downtime (Krzysztof Oledzki) - use backends only with use_backend directive (Krzysztof Oledzki) - Handle long lines properly (Krzysztof Oledzki) - Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki) - continous statistics (Krzysztof Oledzki) - add support for logging via a UNIX socket (Robert Tsai) - fix error checking in strl2ic/strl2uic() - fix calls to localtime() - provide easier-to-use ultoa_* functions - provide easy-to-use limit_r and LIM2A* macros - add a simple test for the status page - move error codes to common/errors.h - silent warning about LIST_* being redefined on OpenBSD - add socket address length to the protocols - group PR_O_BALANCE_* bits into a checkable value - externalize the "balance" option parser to backend.c - introduce the "url_param" balance method - make default_backend work in TCP mode too - disable warning about localtime_r on Solaris - adjust error messages about conflicting proxies - avoid calling some layer7 functions if not needed - simplify error path in event_accept() - add an options field to the listeners - added a new state to listeners - unbind_listener() must use fd_delete() and not close() - add a generic unbind_listener() primitive - add a generic delete_listener() primitive - add a generic unbind_all_listeners() primitive - create proto_tcp and move initialization of proxy listeners - stats: report numerical process ID, proxy ID and server ID - relative_pid was not initialized - missing header names in raw stats output - fix missing parenthesis in check_response_for_cacheability - small optimization on session_process_counters() - merge ebtree version 3.0 - make ebtree headers multiple-include compatible - ebtree: include config.h for REGPRM* - differentiate between generic LB params and map-specific ones - add a weight divisor to the struct proxy - implement the Fast Weighted Round Robin (FWRR) algo - include filltab25.c to experiment on FWRR for dynamic weights - merge test-fwrr.cfg to validate dynamic weights - move the load balancing algorithm to be->lbprm.algo - change server check result to a bit field - implement "http-check disable-on-404" for graceful shutdown - secure the calling conditions of ->set_server_status_{up,down} - report disabled servers as "NOLB" when they are still UP - document the "http-check disable-on-404" option - http-check disable-on-404 is not limited to HTTP mode - add a test file for disable-on-404 - use distinct bits per load-balancing algorithm type - implement the slowstart parameter for servers - document the server's slowstart parameter - stats: report the server warm up status in a "throttle" column - fix 2 minor issues on AIX - add the "nbsrv" ACL verb - add the "fail" condition to monitor requests - remove a warning from gcc due to htons() in standard.c - fwrr: ensure that we never overflow in placements - store the build options to report with -vv - fix the status return of the init script (R.I. Pienaar) - stats: real time monitoring script for unix socket (Prizee) - document "nbsrv" and "monitor fail" - restrict the set of allowed characters for identifiers - implement a time parsing function - add support for time units in the configuration - add a bit of documentation about timers - introduce separation between contimeout, and tarpit + queue - introduce the "timeout" keyword - grouped all timeouts in one structure - slowstart is in ms, not seconds - slowstart: ensure we don't start with a null weight - report the number of times each server was selected - fix build on AIX due to recent log changes - fix build on Solaris due to recent log changes |
||
Willy Tarreau
|
e855f427cb |
[RELEASE] Released version 1.3.13 with the following main changes :
- replace the code under O'Reilly license (Arnaud Cornet) - add a small man page (Arnaud Cornet) - stats: report haproxy's version by default (Krzysztof Oledzki) - stats: count server retries and redispatches (Krzysztof Oledzki) - core: added easy support for Doug Lea's malloc (dlmalloc) - core: fade out memory usage when stopping proxies - core: moved the sockaddr pointer to the fdtab structure - core: add generic protocol support - core: implement client-side support for PF_UNIX sockets - stats: implement the CSV output - stats: add a link to the CSV export HTML page - stats: implement the statistics output on a unix socket - config: introduce the "stats" keyword in global section - build: centralize version and date into one file for each - tests: added a new hash algorithm |
||
Willy Tarreau
|
b21152be7a |
[RELEASE] Released version 1.3.12 with the following main changes :
- acl: smarter integer comparison support in ACLs - acl: specify the direction during fetches - acl: provide the argument length for fetch functions - acl: provide a reference to the expr to fetch() - acl: implement matching on header values - acl: support maching on 'path' component - acl: permit to return any header when no name specified - errorfile: use a local file to feed error messages - negation in ACL conds was not cleared between terms - fix segfault at exit when using captures - improve memory freeing upon exit - acl: support '-i' to ignore case when matching - str2net() must not change the const char * - provide default ACLs - acl: distinguish between request and response headers - added the 'use_backend' keyword for full content-switching - acl: added the TRUE and FALSE ACLs. - shut warnings 'is*' macros from ctype.h on solaris |
||
Willy Tarreau
|
a3503e0b5a |
[RELEASE] Released version 1.3.11.4 with the following main changes :
- do not re-arm read timeout in SHUTR state - optimize I/O by detecting system starvation - the epoll FD must not be shared between processes - limit the number of events returned by *poll* |
||
Willy Tarreau
|
3c6fc07e18 |
[RELEASE] Released version 1.3.11.3 with the following main changes :
- pre-initialize timeouts with tv_eternity during parsing |
||
Willy Tarreau
|
fc273c230d |
[RELEASE] Released version 1.3.11.2 with the following main changes :
- fixed broken health-checks since switch to timeval |
||
Willy Tarreau
|
3c5340c35b |
[RELEASE] Released version 1.3.11.1 with the following main changes :
- fixed ev_kqueue which was forgotten during the switch to timeval - allowed null timeouts for past events in select |