Commit Graph

232 Commits

Author SHA1 Message Date
Willy Tarreau
43d8fb2d3a [REORG] build: move syscall redefinition to specific places
Some older libc don't define splice() and and don't define _syscall*()
either, which causes build errors if splicing is enabled.

To solve this, we now split the syscall redefinition into two layers :
  - one file per syscall (epoll, splice)
  - one common file to declare the _syscall*() macros

The code is cleaner because files using the syscalls just have to include
their respective file. It's not adviced to merge multiple syscall families
into a same file if all are not intended to be used simultaneously, because
defining unused static functions causes warnings to be emitted during build.

As a result, the new USE_MY_SPLICE parameter was added in order to be able
to define the splice() syscall separately.
2011-08-23 00:11:25 +02:00
Willy Tarreau
64bc40b654 [BUILD] add the USE_GETADDRINFO build option
This one is used to call getaddrinfo() to resolve IPv6 host names.
2011-03-23 22:49:56 +01:00
Willy Tarreau
3c9a3fb0b8 [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4
Gcc 4.4 enables strict aliasing by default, resuling in complaints
when casting struct sockaddr_storage to sockaddr_in. Not only doing
this does not provide any noticeable performance improvement, it also
presents a risk of strange bugs even when the compiler does not emit
a warning, so let's disable this optimization !
2010-11-28 08:57:53 +01:00
Willy Tarreau
a5899aaad5 [BUILD] add the CPU=native and ARCH=32/64 build options
Hank A. Paulson suggested to add CPU=native to optimize the code for
the build machine. This makes sense in a lot of situations. Since it
is often possible to have both 32 and 64 bits supported on recent
systems, the ARCH=32 and ARCH=64 build options were also added.
2010-11-28 07:49:59 +01:00
Willy Tarreau
48d84c10b5 [OPTIM] linux: add support for bypassing libc to force using vsyscalls
Some distros' libc are built for CPUs earlier than i686 and as such do
not offer support for Linux kernel's faster vsyscalls. This code adds
a new build option USE_VSYSCALLS to bypass libc for most commonly used
system calls. A net gain of about 10% can be observed with this change
alone.

It only works when /proc/sys/abi/vsyscall32 equals exactly 2. When it's
set to 1, the VDSO is randomized and cannot be used.
2010-11-14 17:09:33 +01:00
Emeric Brun
2b920a1af1 [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management
Add cmdline option -L to configure local peer name
2010-11-11 09:29:08 +01:00
Willy Tarreau
01312690f7 [BUILD] always match official tags when doing git-tar 2010-08-10 14:10:59 +02:00
Willy Tarreau
03fa5df64a [CLEANUP] rename client -> frontend
The 'client.c' file now only contained frontend-specific functions,
so it has naturally be renamed 'frontend.c'. Same for client.h. This
has also been an opportunity to remove some cross references from
files that should not have depended on it.

In the end, this file should contain a protocol-agnostic accept()
code, which would initialize a session, task, etc... based on an
accept() from a lower layer. Right now there are still references
to TCP.
2010-06-14 10:53:10 +02:00
Arnaud Cornet
b94af61901 [DOC] report minimum kernel version for tproxy in the Makefile 2010-04-25 22:35:17 +02:00
Willy Tarreau
42d2c6c1be [BUILD] 'make tags' did not consider files ending in '.c'
A missing parenthesis made the output of find apply only to files
'.h' making the tags useless.
2010-03-29 09:35:20 +02:00
Willy Tarreau
890a33e41f [BUILD] fix platform-dependant build issues related to crypt()
Holger Just and Ross West reported build issues on FreeBSD and
Solaris that were initially caused by the definition of
_XOPEN_SOURCE at the top of auth.c, which was required on Linux
to avoid a build warning.

Krzysztof Oledzki found that using _GNU_SOURCE instead also worked
on Linux and did not cause any issue on several versions of FreeBSD.
Solaris still reported a warning this time, which was fixed by
including <crypt.h>, which itself is not present on FreeBSD nor on
all Linux toolchains.

So by adding a new build option (NEED_CRYPT_H), we can get Solaris
to get crypt() working and stop complaining at the same time, without
impacting other platforms.

This fix was tested at least on several linux toolchains (at least
uclibc, glibc 2.2.5, 2.3.6 and 2.7), on FreeBSD 4 to 8, Solaris 8
(which needs crypt.h), and AIX 5.3 (without crypt.h).

Every time it builds without a warning.
2010-03-04 19:10:14 +01:00
Krzysztof Piotr Oledzki
961050465e [MINOR] generic auth support with groups and encrypted passwords
Add generic authentication & authorization support.

Groups are implemented as bitmaps so the count is limited to
sizeof(int)*8 == 32.

Encrypted passwords are supported with libcrypt and crypt(3), so it is
possible to use any method supported by your system. For example modern
Linux/glibc instalations support MD5/SHA-256/SHA-512 and of course classic,
DES-based encryption.
2010-01-31 19:14:07 +01:00
Emeric Brun
107ca30d54 [MEDIUM] Add pattern fetch management types and functions 2010-01-12 16:01:19 +01:00
Emeric Brun
3bd697e071 [MEDIUM] Add stick table (persistence) management functions and types 2010-01-12 11:23:15 +01:00
Willy Tarreau
cc05fba613 [BUG] definitely fix regparm issues between haproxy core and ebtree
It's a pain to enable regparm because ebtree is built in its corner
and does not depend on the rest of the config. This causes no problem
except that if the regparm settings are not exactly similar, then we
can get inconsistent function interfaces and crashes.

One solution realized in this patch consists in externalizing all
compiler settings and changing CONFIG_XXX_REGPARM into CONFIG_REGPARM
so that we ensure that any sub-component uses the same setting. Since
ebtree used a value here and not a boolean, haproxy's config has been
set to use a number too. Both haproxy's core and ebtree currently use
the same copy of the compiler.h file. That way we don't have any issue
anymore when one setting changes somewhere.
2009-10-27 21:53:58 +01:00
Willy Tarreau
45cb4fb640 [MEDIUM] build: switch ebtree users to use new ebtree version
All files referencing the previous ebtree code were changed to point
to the new one in the ebtree directory. A makefile variable (EBTREE_DIR)
is also available to use files from another directory.

The ability to build the libebtree library temporarily remains disabled
because it can have an impact on some existing toolchains and does not
appear worth it in the medium term if we add support for multi-criteria
stickiness for instance.
2009-10-26 21:10:04 +01:00
Willy Tarreau
ebe0af4b77 [BUILD] add a 'make tags' target 2009-10-10 22:20:44 +02:00
Willy Tarreau
6b2e11be1e [MEDIUM] backend: implement consistent hashing variation
Consistent hashing provides some interesting advantages over common
hashing. It avoids full redistribution in case of a server failure,
or when expanding the farm. This has a cost however, the hashing is
far from being perfect, as we associate a server to a request by
searching the server with the closest key in a tree. Since servers
appear multiple times based on their weights, it is recommended to
use weights larger than approximately 10-20 in order to smoothen
the distribution a bit.

In some cases, playing with weights will be the only solution to
make a server appear more often and increase chances of being picked,
so stats are very important with consistent hashing.

In order to indicate the type of hashing, use :

   hash-type map-based      (default, old one)
   hash-type consistent     (new one)

Consistent hashing can make sense in a cache farm, in order not
to redistribute everyone when a cache changes state. It could also
probably be used for long sessions such as terminal sessions, though
that has not be attempted yet.

More details on this method of hashing here :
  http://www.spiteful.com/2008/03/17/programmers-toolbox-part-3-consistent-hashing/
2009-10-09 07:17:58 +02:00
Willy Tarreau
f89c1873f8 [CLEANUP] backend: move LB algos to individual files
It was becoming painful to have all the LB algos in backend.c.
Let's move them to their own files. A few hashing functions still
need be broken in two parts, one for the contents and one for the
map position.
2009-10-01 11:19:37 +02:00
Willy Tarreau
b55932ddaf [MEDIUM] remove old experimental tcpsplice option
This Linux-specific option was never really used in production and
has since been superseded by new splicing options brought by recent
Linux kernels.

It caused several particular cases in the code because the kernel
would take care of the session without haproxy being able to do
anything on it, which became hard to handle in the new architecture.

Let's simply get rid of it now that there is a replacement available.
2009-08-16 13:20:32 +02:00
Willy Tarreau
63076b3f61 [BUILD] use "git cmd" instead of "git-cmd"
Newer GIT versions do not support "git-cmd" anymore, so date and version
can be wrong during development builds. Use "git cmd" now. Also fix
git-tar to use "git archive" instead of "git-tar-tree".
2009-07-26 17:32:18 +02:00
Willy Tarreau
446024e7fb [BUILD] report commit date and not author's date as build date
By default, when building from a git tree, haproxy's release date is
set to the last commit's date. But it was the wrong date which was
used, the initial patch's date, which can cause time jumps in the
past when an old patch gets merged. What we want is the commit date,
which reflects the correct code history.
2009-07-14 13:24:16 +02:00
Willy Tarreau
571ec98baa [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define
This one has become useless with the new HTTP parser.
2009-07-07 08:56:15 +02:00
Yitzhak Sapir
32087312e3 [BUILD] add support for build under Cygwin
After considering various possibilities, we compiled haproxy under cygwin.
Attached is an updated full diff that also has the TARGET=cygwin documented.
The whole thing compiles and installs with this diff only.

In cygwin 1.7 (now in beta), there is apparently support for ipv6.  Cygwin
1.5 (later versions, anyway) already includes some support in the form of a
define USE_IPV6.  When defined, it declares the sockaddr_in6 struct and
possibly other things.  The above definition AF_INET6=23 is taken from
their /usr/include/socket.h file (where it is #if 0'd out).

We are running into a socket limit.  It appears that Cygwin (running on
Windows 2003 Server) will only allow us to set ulimit -n (maximum open
files) to 3200, which means we're a little short of 1600 connections.

The limit of 3200 is an internal Cygwin limit.  Perhaps they can raise it in
the future.  Using the nbproc option, I was able to bring up 10 servers.  It
seems to me that they were able to handle over 2000 connections (even though
each had maxconn 1500 set, and the hard Cygwin fd limit).
2009-06-14 18:27:54 +02:00
Willy Tarreau
bc5258d514 [BUILD] add signal.o to all makefiles 2009-05-10 09:24:53 +02:00
Willy Tarreau
ef7341dc3d [BUILD] make it possible to pass alternative arch at build time
When trying to build a 32-bit binary on a 64-bit platform, we generally
need to pass "-m32" to gcc, which is not convenient with current makefile.
Note that this option requires gcc >= 3.

In order to ease parameter passing, a new ARCH= makefile option has been
added. If it receives a target architecture, according "-m32"/"-m64" and
"-march=xxxx" will be passed to gcc. Only the generic makefile has been
changed to support this option right now as the need only appeared on Linux.

The spec file now makes use of this option so that rpmbuild can automatically
build with the proper architecture.
2009-04-11 20:32:54 +02:00
Willy Tarreau
b181465ffd [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND
This option is not implemented anymore but still appeared in the makefile. Get
rid of it.
2009-03-29 15:08:25 +02:00
Christian Wiese
c820300adf [BUILD] Fixed Makefile for linking pcre
If both make parameters USE_PCRE and USE_STATIC_PCRE are set to 1
while building haproxy, pcre gets linked in dynamically.

Therefore we check if USE_STATIC_PCRE was explicitely enabled to
ommit the CFLAGS and LDFLAGS normally set if USE_PCRE is enabled.
2009-03-21 10:18:04 +01:00
Willy Tarreau
7f062c4193 [MEDIUM] measure and report session rate on frontend, backends and servers
With this change, all frontends, backends, and servers maintain a session
counter and a timer to compute a session rate over the last second. This
value will be very useful because it varies instantly and can be used to
check thresholds. This value is also reported in the stats in a new "rate"
column.
2009-03-05 18:43:00 +01:00
Willy Tarreau
88e458a329 [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
This will provide high performance data forwarding between sockets,
but it is broken on many kernels and will sometimes forward corrupted
data without some kernel patches. Consider this experimental for now.
2009-01-25 16:13:42 +01:00
Willy Tarreau
65ee6be6f6 [BUILD] fix snapshot date extraction with negative timezones
Building with a last commit having a negative time offset would make
"date" complain.
2009-01-25 14:10:48 +01:00
Willy Tarreau
982b6e37e4 [MEDIUM] introduce pipe pools
A new data type has been added : pipes. Some pre-allocated empty pipes
are maintained in a pool for users such as splice which use them a lot
for very short times.

Pipes are allocated using get_pipe() and released using put_pipe().
Pipes which are released with pending data are immediately killed.
The struct pipe is small (16 to 20 bytes) and may even be further
reduced by unifying ->data and ->next.

It would be nice to have a dedicated cleanup task which would watch
for the pipes usage and destroy a few of them from time to time.
2009-01-25 13:49:53 +01:00
Jeremy Hinegardner
ef3b403820 [BUILD] fix MANDIR default location to match documentation
I found this while building for Fedora.
(cherry picked from commit a2b53f8831)
(cherry picked from commit 2cac232b966a252951073d7b1a4bba4c4a730978)
2008-12-07 23:37:20 +01:00
Willy Tarreau
dded32defa [MINOR] replace client_retnclose() with stream_int_retnclose()
This makes more sense to return a message to a stream interface
than to a session.

senddata.{c,h} have been removed.
2008-11-30 19:48:07 +01:00
Willy Tarreau
cff6411f9a [MAJOR] add a connection error state to the stream_interface
Tracking connection status changes was hard, and some code was
redundant. A new SI_ST_CER state was added to the stream interface
to indicate a past connection error, and an SI_FL_ERR flag was
added to report past I/O error. The stream_sock code does not set
the connection to SI_ST_CLO anymore in case of I/O error, it's
the upper layer which does it. This makes it possible to know
exactly when the file descriptors are allocated.

The new SI_ST_CER state permitted to split tcp_connection_status()
in two parts, one processing SI_ST_CON and the other one SI_ST_CER.
Synchronous connection errors now make use of this last state, hence
eliminating duplicate code.

Some ib<->ob copy paste errors were found and fixed, and all entities
setting SI_ST_CLO also shut the buffers down.

Some of these stream_interface specific functions and structures
have migrated to a new stream_interface.c file.

Some types of errors are still not detected by the buffers. For
instance, let's assume the following scenario in one single pass
of process_session: a connection sits in SI_ST_TAR state during
a retry. At TAR expiration, a new connection attempt is made, the
connection is obtained and srv->cur_sess is increased. Then the
buffer timeout is fires and everything is cleared, the new state
becomes SI_ST_CLO. The cleaning code checks that previous state
was either SI_ST_CON or SI_ST_EST to release the connection. But
that's wrong because last state is still SI_ST_TAR. So the
server's connection count does not get decreased.

This means that prev_state must not be used, and must be replaced
by some transition detection instead of level detection.

The following debugging line was useful to track state changes :

  fprintf(stderr, "%s:%d: cs=%d ss=%d(%d) rqf=0x%08x rpf=0x%08x\n", __FUNCTION__, __LINE__,
          s->si[0].state, s->si[1].state, s->si[1].err_type, s->req->flags, s-> rep->flags);
2008-11-03 06:26:53 +01:00
Willy Tarreau
e9bc01e39b [BUILD] make install should depend on haproxy not "all"
Reported by Cherife Li : just doing a "make install" fails because it
depends on "all" which is equivalent to "help" if no TARGET was specified.
Make it depend on "haproxy" instead.
2008-06-12 00:25:46 +02:00
Christian Wiese
f630830b60 [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
haproxy relies on linking the binary using gcc, so there is no real need to
hardcode both (CC and LD). Setting 'LD = $(CC)' will make the build system
a bit more cross-compile friendly because only the right cross-compiler has
to be passed via make.
2008-03-17 22:49:28 +01:00
Christian Wiese
db5238d3a4 [BUILD] Changed 'install' target to install the binaries first 2008-03-17 08:59:07 +01:00
Christian Wiese
ce8f3428a2 [BUILD] Removed "/" after '$(DESTDIR)' in install targets
SBINDIR, MANDIR and DOCDIR use an absolute path
2008-03-17 08:59:07 +01:00
Christian Wiese
bf34eb4f73 [BUILD] Added 'install-doc' make target
This change is also introducing a new make variable called DOCDIR,
which is set to "$(PREFIX)/doc/haproxy" by default.
2008-03-17 08:59:07 +01:00
Christian Wiese
4cf5d575b5 [BUILD] Added 'install-bin' make target 2008-03-17 08:59:07 +01:00
Christian Wiese
19b5029318 [BUILD] Added 'install-man' make target for installing the man page
This change is also introducing a new variable in the Makefile called
MANDIR, which is set to "$PREFIX/share/man" by default.
2008-03-17 08:59:06 +01:00
Christian Wiese
a184aa273c [BUILD] Added support for 'make install'
To be flexible while installing haproxy following variables have been
added to the Makefile:
- DESTDIR useful i.e. while installing in a sandbox (not set by default)
- PREFIX  defines the default install prefix (default: /usr/local)
- SBINDIR defines the dir the haproxy binary gets installed
  (default: $PREFIX/sbin)
2008-03-17 08:59:06 +01:00
Willy Tarreau
e4208cbc9d [BUILD] ensure that users don't build without setting the target anymore.
Too often, people report performance issues on Linux 2.6 because they don't
use the available optimizations. We need to ensure that people are aware of
the available features, and for this, we must force them to choose a target
OS (or "generic"), but at least prevent them from blindly building for a
generic target.
2008-03-11 06:37:39 +01:00
Willy Tarreau
f32d19a395 [CLEANUP] report dlmalloc's source path only if explictly specified
There's no point in reporting dlmalloc's source path if it was the
default one.
2008-03-07 10:02:14 +01:00
Willy Tarreau
f14358bd1a [BUILD] ensure that makefile understands USE_DLMALLOC=1
USE_DLMALLOC=1 was ignored since last makefile update. It's better
to keep it running for existing setups.
2008-02-19 10:53:32 +01:00
Willy Tarreau
b1e52e8c44 [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
Using some Linux kernel patches, it is possible to redirect non-local
traffic to local sockets when IP forwarding is enabled. In order to
enable this option, we introduce the "transparent" option keyword on
the "bind" command line. It will make the socket reachable by remote
sources even if the destination address does not belong to the machine.
2008-01-13 14:49:51 +01:00
Willy Tarreau
9f2b73064b [BUILD] major rework of the GNU Makefile
The build process was getting annoying under some conditions,
especially on platforms which are used to set CFLAGS, as well
as those which set a lot of complex defines. The new Makefile
takes care of this situation by not mixing TARGET, CPU and user
values, and by making privileging the pre-setting of common
variables with the ability to override them.

Now CFLAGS and LDFLAGS are set by default and may be overridden
without the risk of breaking useful defines. Options are better
dealt with, and as a bonus, it was possible to merge the FreeBSD
and OpenBSD targets into the common GNU Makefile.

The report of build options by "haproxy -vv" has been slightly
adapted to the new mode. Options implied by architecture are not
reported, only user-specified options are. It is also possible to
add options which will not be reported in order not to mangle the
output when specifying dirty informations such as URLs...

The Makefile was copiously documented and it should be easier to
build for any target now. Backwards compatibility with older
build processes was kept, and warnings are emitted for deprecated
build options.
2008-01-02 20:48:34 +01:00
Willy Tarreau
7b066db3bf [MINOR] store the build options to report with -vv
Sometimes it is useful to find out how a given binary version was
built. The build compiler and options are now provided for this,
and it's possible to get them with the -vv option.
2007-12-02 11:28:59 +01:00
Willy Tarreau
e6d2e4dbdf [MINOR] merge ebtree version 3.0
Version 3.0 of ebtree has been merged in but is not used yet.
2007-11-28 14:20:44 +01:00
Willy Tarreau
e6b989479c [MAJOR] create proto_tcp and move initialization of proxy listeners
Proxy listeners were very special and not very easy to manipulate.
A proto_tcp file has been created with all that is required to
manage TCPv4/TCPv6 as raw protocols, and provide generic listeners.

The code of start_proxies() and maintain_proxies() now looks less
like spaghetti. Also, event_accept will need a serious lifting in
order to use more of the information provided by the listener.
2007-11-04 22:42:49 +01:00
Willy Tarreau
2ee30416af [BUILD] disable warning about localtime_r on Solaris
Solaris only declares localtime_r() if _REENTRANT is defined. Update
the makefile to silent the warning.
2007-11-03 16:18:11 +01:00
Willy Tarreau
9186126e1c [MEDIUM] moved stats and buffer generic functions to new files
Neither the primitives used to write data to a buffer, nor the stats
dump functions are HTTP-specific anymore. Move them to dedicated
files
2007-10-18 14:12:21 +02:00
Willy Tarreau
92fb9836ee [MAJOR] implemented client-side support for PF_UNIX sockets
A new file, proto_uxst.c, implements support of PF_UNIX sockets
of type SOCK_STREAM. It relies on generic stream_sock_read/write
and uses its own accept primitive which also tries to be generic.

Right now it only implements an echo service in sight of a general
support for start dumping via unix socket. The echo code is more
of a proof of concept than useful code.
2007-10-18 14:11:15 +02:00
Willy Tarreau
dd81598553 [MAJOR] added generic protocol support
A new generic protocol mechanism has been added. It provides
an easy method to implement new protocols with different
listeners (eg: unix sockets).

The listeners are automatically started at the right moment
and enabled after the possible fork().
2007-10-18 14:11:12 +02:00
Willy Tarreau
ec69256382 [BUILD] centralize version and date into one file for each
The version does not appear anymore in the Makefiles nor in
the include files. It was a nightmare to maintain. Now there
is a VERSION file which contains the major version, a VERDATE
file which contains the date for this version and a SUBVERS
file which may contain a sub-version.

A "make version" target has been added to all makefiles to
check the version. The GNU Makefile also has an update-version
target to update those files. This should never be used.

It is still possible to override those values by specifying
them in the equivalent make variables. By default, the GNU
makefile tries to detect a GIT repository and always uses the
version and date from the current repository. This can be
disabled by setting IGNOREGIT to a non-void value.
2007-09-09 23:31:11 +02:00
Willy Tarreau
51041c737c [MAJOR] remove files distributed under an obscure license
src/chtbl.c, src/hashpjw.c and src/list.c are distributed under
an obscure license. While Aleks and I believe that this license
is OK for haproxy, other people think it is not compatible with
the GPL.

Whether it is or not is not the problem. The fact that it rises
a doubt is sufficient for this problem to be addressed. Arnaud
Cornet rewrote the unclear parts with clean GPLv2 and LGPL code.
The hash algorithm has changed too and the code has been slightly
simplified in the process. A lot of care has been taken in order
to respect the original API as much as possible, including the
LGPL for the exportable parts.

The new code has not been thoroughly tested but it looks OK now.
2007-09-09 21:56:53 +02:00
Willy Tarreau
f2ef8c50b9 [MEDIUM] Added easier support for Doug Lea's malloc (dlmalloc)
It's now as easy as passing "DLMALLOC_SRC=<path_to_dlmalloc.c>" to
build with support for dlmalloc. The dlmalloc source is not provided
with haproxy in order to ensure that people will use either the most
recent, or the most suited version for their platform. The minimal
mmap size is specified in DLMALLOC_THRES, which defaults to 4096. It
should be increased on platforms with larger pages (eg: 8 kB on some
64 bit systems).
2007-07-11 09:19:31 +02:00
Willy Tarreau
b21152be7a [RELEASE] Released version 1.3.12 with the following main changes :
- acl: smarter integer comparison support in ACLs
    - acl: specify the direction during fetches
    - acl: provide the argument length for fetch functions
    - acl: provide a reference to the expr to fetch()
    - acl: implement matching on header values
    - acl: support maching on 'path' component
    - acl: permit to return any header when no name specified
    - errorfile: use a local file to feed error messages
    - negation in ACL conds was not cleared between terms
    - fix segfault at exit when using captures
    - improve memory freeing upon exit
    - acl: support '-i' to ignore case when matching
    - str2net() must not change the const char *
    - provide default ACLs
    - acl: distinguish between request and response headers
    - added the 'use_backend' keyword for full content-switching
    - acl: added the TRUE and FALSE ACLs.
    - shut warnings 'is*' macros from ctype.h on solaris
2007-06-17 23:41:40 +02:00
Willy Tarreau
a3503e0b5a [RELEASE] Released version 1.3.11.4 with the following main changes :
- do not re-arm read timeout in SHUTR state
    - optimize I/O by detecting system starvation
    - the epoll FD must not be shared between processes
    - limit the number of events returned by *poll*
2007-06-03 17:27:07 +02:00
Willy Tarreau
3c6fc07e18 [RELEASE] Released version 1.3.11.3 with the following main changes :
- pre-initialize timeouts with tv_eternity during parsing
2007-05-14 14:40:25 +02:00
Willy Tarreau
fc273c230d [RELEASE] Released version 1.3.11.2 with the following main changes :
- fixed broken health-checks since switch to timeval
2007-05-14 03:42:47 +02:00
Willy Tarreau
3c5340c35b [RELEASE] Released version 1.3.11.1 with the following main changes :
- fixed ev_kqueue which was forgotten during the switch to timeval
    - allowed null timeouts for past events in select
2007-05-14 03:18:43 +02:00
Willy Tarreau
544eb40f29 [RELEASE] Released version 1.3.11 with the following main changes :
- fixed ev_sepoll again by rewriting the state machine
    - switched all timeouts to timevals instead of milliseconds
    - improved memory management using mempools v2.
    - several minor optimizations
2007-05-14 02:42:33 +02:00
Willy Tarreau
086b3b4c9f [MAJOR] ported the captures to use the new mempool v2
The "capture.c" file has also been removed since it was empty.
2007-05-13 21:45:51 +02:00
Willy Tarreau
50e608d721 [MEDIUM] implement memory pools version 2
The new pools know about their size and usage. Malloc is not used
anymore, instead a dedicated function to refill the entries is used.
2007-05-13 18:26:08 +02:00
Willy Tarreau
9ca931f976 [RELEASE] Released version 1.3.10.2 with the following main changes :
- fixed build of files including standard.h on OpenBSD
2007-05-10 07:51:17 +02:00
Willy Tarreau
13398d3896 [RELEASE] Released version 1.3.10.1 with the following main changes :
- fixed sepoll transition matrix (two states were missing)
2007-05-09 22:58:28 +02:00
Willy Tarreau
61beedfb8c [RELEASE] Released version 1.3.10 with the following main changes :
- several fixes in ev_sepoll
    - fixed some expiration dates on some tasks
    - fixed a bug in connection establishment detection due to speculative I/O
    - fixed rare bug occuring on TCP with early close (reported by Andy Smith)
    - implemented URI hashing algorithm (Guillaume Dallaire)
    - implemented SMTP health checks (Peter van Dijk)
    - replaced the rbtree with ul2tree from old scheduler project
    - new framework for generic ACL support
    - added the 'acl' and 'block' keywords to the config language
    - added several ACL criteria and matches (IP, port, URI, ...)
    - cleaned up and better modularization for some time functions
    - fixed list macros
    - fixed useless memory allocation in str2net()
    - store the original destination address in the session
2007-05-09 01:44:58 +02:00
Willy Tarreau
a84d374367 [MAJOR] new framework for generic ACL support
This framework offers all other subsystems the ability to register
ACL matching criteria. Some generic matching functions are already
provided. Others will come soon and the framework shall evolve.
2007-05-08 23:24:50 +02:00
Willy Tarreau
2e8eb67762 [BUILD] do not build rbtree anymore
Rbtree is not used anymore. Remove it from the makefiles.
2007-04-30 17:30:59 +02:00
Willy Tarreau
6e0433f0e9 [RELEASE] Released version 1.3.9 with the following changes :
- modularized the polling mechanisms and use function pointers instead
      of macros at many places
    - implemented support for FreeBSD's kqueue() polling mechanism
    - fixed a warning on OpenBSD : MIN/MAX redefined
    - change socket registration order at startup to accomodate kqueue.
    - several makefile cleanups to support old shells
    - fix build with limits.h once for all
    - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
    - fdtab now holds the results of polling
    - implemented support for speculative I/O processing with epoll()
    - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
    - auto-registering of pollers at load time
2007-04-16 01:33:37 +02:00
Willy Tarreau
de99e99ecf [MAJOR] introduced speculative I/O with epoll()
The principle behind speculative I/O is to speculatively try to
perform I/O before registering the events in the system. This
considerably reduces the number of calls to epoll_ctl() and
sometimes even epoll_wait(), and manages to increase overall
performance by about 10%.

The new poller has been called "sepoll". It is used by default
on Linux when it works. A corresponding option "nosepoll" and
the command line argument "-ds" allow to disable it.
2007-04-16 00:53:59 +02:00
Willy Tarreau
a1973c4d82 [CLEANUP] make makefile more old sh-friendly
Older SH on Solaris does not know about $(cmd) but only know `cmd`.
2007-04-09 22:07:11 +02:00
Willy Tarreau
4f60f16dd3 [MAJOR] modularize the polling mechanisms
select, poll and epoll now have their dedicated functions and have
been split into distinct files. Several FD manipulation primitives
have been provided with each poller.

The rest of the code needs to be cleaned to remove traces of
StaticReadEvent/StaticWriteEvent. A trick involving a macro has
temporarily been used right now. Some work needs to be done to
factorize tests and sets everywhere.
2007-04-08 16:39:58 +02:00
Willy Tarreau
42c7659669 [RELEASE] Released version 1.3.8.2 with the following changes :
- rewriting either the status line or request line could crash the
      process due to a pointer which ought to be reset before parsing.
    - rewriting the status line in the response did not work, it caused
      a 502 Bad Gateway due to an erroneous state during parsing
2007-04-03 20:30:13 +02:00
Willy Tarreau
ef6d7612d6 [RELEASE] Released version 1.3.8.1 with the following changes :
- fix reqadd when no option httpclose is used.
    - removed now unused fiprm and beprm from proxies
    - split logs into two versions : TCP and HTTP
    - added some docs about http headers storage and acls
    - added a VIM script for syntax color highlighting (Bruno Michel)
2007-04-01 11:06:22 +02:00
Willy Tarreau
d661cc06af [RELEASE] Released version 1.3.8 with the following changes :
- fixed several bugs which might have caused a crash with bad configs
    - several optimizations in header processing
    - many progresses towards transaction-based processing
    - option forwardfor may be used in frontends
    - completed HTTP response processing
    - some code refactoring between request and response processing
    - new HTTP header manipulation functions
    - optimizations on the recv() patch to reduce CPU usage under very
      high data rates.
    - more user-friendly help about the 'usesrc' keyword (CTTPROXY)
    - username/groupname support from Marcus Rueckert
    - added the "except" keyword to the "forwardfor" option (Bryan German)
    - support for health-checks on other addresses (Fabrice Dulaunoy)
    - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
    - do not insert "Connection: close" in HTTP/1.0 messages
2007-03-26 00:24:56 +02:00
Willy Tarreau
b38651a435 [MEDIUM] check for cttproxy support when required
Previously, use of the "usesrc" keyword could silently fail if
either the module was not loaded, or the user did not have enough
permissions. Now the errors are better diagnosed and more appropriate
advices are given.
2007-03-24 17:24:39 +01:00
Willy Tarreau
9cabf70db7 [RELEASE] Released version 1.3.7 with the following changes :
- fix critical bug introduced with 1.3.6 : an empty request header
      may lead to a crash due to missing pointer assignment
    - hdr_idx might be left uninitialized in debug mode
    - fixed build on FreeBSD due to missing fd_set declaration
2007-01-26 23:49:01 +01:00
Willy Tarreau
e7a2438cae [RELEASE] Released version 1.3.6.1 with the following change :
- change in the header chaining broke cookies and authentication
2007-01-22 08:57:44 +01:00
Willy Tarreau
49e1ee83be [RELEASE] Released 1.3.6 with the following changes :
- stats now support the HEAD method too
    - extracted http request from the session
    - huge rework of the HTTP parser which is now a 28-state FSM.
    - linux-style likely/unlikely macros for optimization hints
    - do not create a server socket when there's no server
2007-01-22 00:56:46 +01:00
Willy Tarreau
5871f8e9bf [RELEASE] Released 1.3.5 with the following major changes :
- added complete support and doc for TCP Splicing
    - replaced the wait-queue linked list with an rbtree.
    - stats: swap color sets for active and backup servers
    - try to guess server check port when unset
    - a few bugfixes and cleanups
2007-01-07 02:47:01 +01:00
Willy Tarreau
86efac8411 Merge branch 'rbtree' 2007-01-07 02:17:18 +01:00
Willy Tarreau
733fef4add Merge branch 'tcpsplice' 2007-01-07 02:16:59 +01:00
Willy Tarreau
964c936b04 [MAJOR] replace the wait-queue linked list with an rbtree.
This patch from Sin Yu makes use of an rbtree for the wait queue,
which will solve the slowdown problem encountered when timeouts
are heterogenous in the configuration. The next step will be to
turn maintain_proxies() into a per-proxy task so that we won't
have to scan them all after each poll() loop.
2007-01-07 02:14:23 +01:00
Willy Tarreau
42afc3b5a3 [MINOR] Makefile: git-log may return multiple dates in case of merges. 2007-01-07 02:08:22 +01:00
Willy Tarreau
6d1a9884f9 [MAJOR] complete support and doc for tcp-splicing
The tcp-splicing code has been merged, and a doc has been written.
A configuration example has been derived from the previous content
switching sample.
2007-01-07 02:03:04 +01:00
Willy Tarreau
6620dbb47a [RELEASE] released 1.3.4
Released 1.3.4 with the following major changes :
    - support for cttproxy on the server side to present the client
      address to the server.
    - added support for SO_REUSEPORT on Linux (needs kernel patch)
    - new RFC2616-compliant HTTP request parser with header indexing
    - split proxies in frontends, rulesets and backends
    - implemented the 'req[i]setbe' to select a backend depending
      on the contents
    - added the 'default_backend' keyword to select a default BE.
    - new stats page featuring FEs and BEs + bytes in both dirs
    - improved log format to indicate the backend and the time in ms.
    - lots of cleanups
2007-01-02 00:44:53 +01:00
Willy Tarreau
9bf6c6e24f [BUILD] makefile now detects and uses git to set the version
If git is found during the build process, then it will be used
to set the version, the commit number and the commit date. This
way, it will not be needed anymore to update the code to change
the version. The version is the last tag, and the commit number
is the number of commits since the last tag.
2006-12-23 11:12:04 +01:00
Willy Tarreau
79b34bfe0f [BUILD] version and date now come from the makefile 2006-12-22 15:28:43 +01:00
Willy Tarreau
c21aa083df [BUILD] fixed the "git-tar" target in the Makefile
The git-tar target did not work correctly anymore, probably because
of a recent change in the output of "git-describe --tags". This is
now fixed.
2006-12-18 00:15:06 +01:00
Willy Tarreau
e5f20dcea8 [MEDIUM] added the hdr_idx structure for future HTTP header indexing
This structure will consume 4 bytes per header to keep track of
headers within a request or a response without having to parse
the whole request for each regex. As it's not possible to allocate
only 4 bytes, we define a max number of HTTP headers. We set it
to (BUFSIZE+79)/80 so that 8kB buffers can contain 100 headers
(like Apache), resulting in 400 bytes dedicated to indexation,
or about 400/(2*8kB) ~= 2.4% of the memory usage.
2006-12-03 15:21:35 +01:00
Willy Tarreau
77074d548b [MAJOR] support for source binding via cttproxy
Using the cttproxy kernel patch, it's possible to bind to any source
address. It is highly recommended to use the 03-natdel patch with the
other ones.

A new keyword appears as a complement to the "source" keyword : "usesrc".
The source address is mandatory and must be valid on the interface which
will see the packets. The "usesrc" option supports "client" (for full
client_ip:client_port spoofing), "client_ip" (for client_ip spoofing)
and any 'IP[:port]' combination to pretend to be another machine.

Right now, the source binding is missing from server health-checks if
set to another address. It must be implemented (think restricted firewalls).
The doc is still missing too.
2006-11-12 23:57:19 +01:00
Willy Tarreau
9c9fea4617 [RELEASE] released 1.3.3
Released 1.3.3 with the following changes :
    - fix broken redispatch option in case the connection has already
      been marked "in progress" (ie: nearly always).
    - support regparm on x86 to speed up some often called functions
    - removed a few useless calls to gettimeofday() in log functions.
    - lots of 'const char*' cleanups
    - turn every FD_* into functions which are faster on recent CPUs
    - builds again on OpenBSD and Solaris
2006-10-16 00:03:35 +02:00
Willy Tarreau
390223bc32 [BUILD] only enable regparm on x86 to avoid useless warnings
It complains at least on Solaris/sparc64 and OpenBSD/vax.
2006-10-15 23:43:42 +02:00
Willy Tarreau
1a587498e8 [BUILD] make clean did not work on anything but bash 2006-10-15 23:40:58 +02:00
Willy Tarreau
9f0a90145f [BUILD] added the 'git-tar' target to the Makefile
Now, doing a "make git-tar" will automaticall build the tar.gz archive
from the versionned tree.
2006-10-15 14:24:14 +02:00
Willy Tarreau
690f9aa028 [RELEASE] released 1.3.2
- started the changes towards I/O completion callbacks. stream_sock* have
      replaced event_*.
    - added the new "reqtarpit" and "reqitarpit" protection features
2006-09-03 11:23:06 +02:00
Willy Tarreau
8f2b855ab2 [RELEASE] released 1.3.1 after resyncing with 1.2.15
Released 1.3.1 with the following changes from 1.2.15 :
   - now, haproxy warns about missing timeout during startup to try to
     eliminate all those buggy configurations.
   - added "Content-Type: text/html" in responses wherever appropriate, as
     suggested by Cameron Simpson.
   - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
     test server's health
   - implemented "monitor-uri" so that haproxy can reply to a specific URI with
     an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
     at once.
2006-07-09 17:11:39 +02:00
Willy Tarreau
baaee00406 [BIGMOVE] exploded the monolithic haproxy.c file into multiple files.
The files are now stored under :
  - include/haproxy for the generic includes
  - include/types.h for the structures needed within prototypes
  - include/proto.h for function prototypes and inline functions
  - src/*.c for the C files

Most include files are now covered by LGPL. A last move still needs
to be done to put inline functions under GPL and not LGPL.

Version has been set to 1.3.0 in the code but some control still
needs to be done before releasing.
2006-06-26 02:48:02 +02:00
willy tarreau
7e6328df2a [RELEASE] released 1.2.14
Released 1.2.14 with the following changes :

   - new HTML status report with the 'stats' keyword.
   - added the 'abortonclose' option to better resist traffic surges
   - implemented dynamic traffic regulation with the 'minconn' option
   - show request time on denied requests
   - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
   - now a proxy instance is allowed to run without servers, which is
     useful to dedicate one instance to stats
   - added lots of error counters
   - a missing parenthesis preventd matching of cacheable cookies
   - a missing parenthesis in poll_loop() might have caused missed events.
2006-05-21 23:26:20 +02:00
willy tarreau
9e1388671a [MEDIUM] added the new 'stats' keyword with user authentication subsystem.
Right now it only validates the user/passwd according to a specified list,
and lets the user pass through the proxy if the authentication is OK, and
it refuses any invalid access with a 401 Unauthorized response.
2006-05-14 23:06:28 +02:00
Willy TARREAU
4404b7ebcc [RELEASE] released version 1.2.13.1
- an uninitialized field in the struct session could cause a crash when
     the session was freed. This has been encountered on Solaris only.
   - Solaris and OpenBSD no not support shutdown() on listening socket. Let's
     be nice to them by performing a soft stop if pause fails.
2006-05-14 10:00:09 +02:00
willy tarreau
c3a2e0713f [RELEASE] released version 1.2.13
Summary of changes :
   - 'maxconn' server parameter to do per-server session limitation
   - queueing to support non-blocking session limitation
   - fixed removal of cookies for cookie-less servers such as backup servers
   - two separate wait queues for expirable and non-expirable tasks provide
     better performance with lots of sessions.
   - some code cleanups and performance improvements
   - made state dumps a bit more verbose
   - fixed missing checks for NULL srv in dispatch mode
   - load balancing on backup servers was not possible in source hash mode.
   - two session flags shared the same bit, but fortunately they were not
     compatible.
2006-05-13 18:51:38 +02:00
willy tarreau
c0d4bbdc8d [VERSION] updated everything to reflect version 1.2.12. 2006-04-15 21:47:50 +02:00
willy tarreau
e0dd269db8 * Released version 1.2.11.1 2006-03-30 16:27:34 +02:00
willy tarreau
e114bf94a3 cleaned the 'tar' target and allowed the 'clean' target to remove the tar.gz file. 2006-03-19 21:30:14 +01:00
willy tarreau
cee272fff4 Added the 'tar' target to build the tar.gz archive directly from git. 2006-03-19 21:16:26 +01:00
willy tarreau
d38e72d567 Separated OpenBSD build from the main Makefile into a new one. 2006-03-19 20:56:52 +01:00
Willy TARREAU
13032e769e * added the ability to enforce a maximum number of connections at compile time via SYSTEM_MAXCONN. 2006-03-12 17:49:02 +01:00
Willy TARREAU
edb12df477 * Added a 'haproxy.bsd' entry to fix openbsd build 2006-01-29 23:19:04 +01:00
willy tarreau
4373b967e9 * added "static-pcre" to the list of supported regex options in the Makefile. 2005-12-18 01:32:31 +01:00
willy tarreau
b952e1db84 * released 1.2.7rc (1.1.33rc)
* second batch of socklen_t changes.
* clean-ups from Cameron Simpson.
* because tv_remain() does not know about eternity, using no timeout can
  make select() spin around a null time-out. Bug reported by Cameron Simpson.
* client read timeout was not properly set to eternity initialized after an
  accept() if it was not set in the config. It remained undetected so long
  because eternity is 0 and newly allocated pages are zeroed by the system.
* do not call get_original_dst() when not in transparent mode.
* implemented a workaround for a bug in certain epoll() implementations on
  linux-2.4 kernels (epoll-lt <= 0.21).
* implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
2005-12-18 01:31:20 +01:00
willy tarreau
64a3cc3660 * released 1.2.5 (1.1.31)
* changed the runtime argument to disable epoll() to '-de'
* changed the runtime argument to disable poll() to '-dp'
* added global options 'nopoll' and 'noepoll' to do the same at the
  configuration level.
* added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
  support epoll().
* changed default FD_SETSIZE to 65536 on Solaris (default=1024)
* conditionned signals redirection to #ifdef DEBUG_MEMORY
2005-12-18 01:13:11 +01:00
willy tarreau
1c2ad21e0f * released 1.2.5-pre4
* made epoll() support a compile-time option : ENABLE_EPOLL
* provided a very little libc replacement for a possibly missing epoll()
  implementation which can be enabled by -DUSE_MY_EPOLL
* implemented the poll() poller, which can be enabled with -DENABLE_POLL.
  The equivalent runtime argument becomes '-P'. A few tests show that it
  performs like select() with many fds, but slightly slower (certainly
  because of the higher amount of memory involved).
* separated the 3 polling methods and the tasks scheduler into 4 distinct
  functions which makes the code a lot more modular.
* moved some event tables to private static declarations inside the poller
  functions.
* the poller functions can now initialize themselves, run, and cleanup.
* changed the runtime argument to enable epoll() to '-E'.
* removed buggy epoll_ctl() code in the client_retnclose() function. This
  function was never meant to remove anything.
* fixed a typo which caused glibc to yell about a double free on exit.
* removed error checking after epoll_ctl(DEL) because we can never know if
  the fd is still active or already closed.
* added a few entries in the makefile
2005-12-18 01:11:29 +01:00
willy tarreau
ad90a0c80e * released 1.2.5-pre3
* experimental epoll() support (use temporary '-e' argument)
2005-12-18 01:09:15 +01:00
willy tarreau
12350155a4 * released 1.2.4
* merged Alexander Lazic's and Klaus Wagner's work on application
  cookie-based persistence. Since this is the first merge, this version is
  not intended for general use and reports are more than welcome. Some
  documentation is really needed though.
2005-12-18 01:03:27 +01:00
willy tarreau
0174f319a2 * released 1.2.3 (1.1.30)
* add an architecture guide to the documentation
* released without any changes
* increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
  compatible with Apache. This limit can be configured in the makefile now.
  Thanks to Eric Fehr for the checks.
* added a per-server "source" option which now makes it possible to bind to
  a different source for each (potentially identical) server.
* changed cookie-based server selection slightly to allow several servers to
  share a same cookie, thus making it possible to associate backup servers to
  live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
* added the cookie 'prefix' mode which makes it possible to use persistence
  with thin clients which support only one cookie. The server name is prefixed
  before the application cookie, and restore back.
* fixed the order of servers within an instance to match documentation. Now
  the servers are *really* used in the order of their declaration. This is
  particularly important when multiple backup servers are in use.
2005-12-18 01:02:42 +01:00
willy tarreau
25c4ea505a * released 1.2.1-pre2
* add the "logasap" option which produces a log without waiting for the data
  to be transferred from the server to the client.
* add the "httpclose" option which removes any "connection:" header and adds
  "Connection: close" in both direction.
2005-12-18 00:49:49 +01:00
willy tarreau
eedaa9f220 * released 1.1.23
* fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
  'default' sections to keep previous parameters, and not initialize logs
  correctly.
* fixed a second stupid bug introduced in 1.1.22 which caused configurations
  relying on 'dispatch' mode to segfault at the first connection.
* 'option httpchk' now supports method, HTTP version and a few headers.
* now, 'option httpchk', 'cookie' and 'capture' can be specified in
  'defaults' section
* a fresh new english documentation
* large Makefile cleanup for increased portability
* new build script 'build.cfg' for Formilux-0.1.8
* new startup script 'init.haproxy.flx0' for Formilux-0.1.8
2005-12-17 14:08:03 +01:00
willy tarreau
a41a8b4ee6 * released 1.1.22
* 'listen' now supports optionnal address:port-range lists
* 'bind' introduced to add new listen addresses
* fixed a bug which caused a session to be kept established on a server till
  it timed out if the client closed during the DATA phase.
* the port part of each server address can now be empty to make the proxy
  connect to the server on the same port it was connected to, be an absolute
  unsigned number to reflect a single port (as in older versions), or an
  explicitly signed number (+N/-N) to indicate that this offset must be
  applied to the port the proxy was connected to, when connecting to the
  server.
* the 'port' server option allows the user to specify a different
  health-check port than the service one. It is mandatory when only relative
  ports have been specified and check is required. By default, the checks are
  sent to the service port.
* new 'defaults' section which is rather similar to 'listen' except that all
  values are only used as default values for future 'listen' sections, until
  a new 'defaults' resets them. At the moment, server options, regexes,
  cookie names and captures cannot be set in the 'defaults' section.
* Makefile now optimizes for Ultrasparc by default on Solaris/Sparc
* large documentation updates and fixes
* new 'tests' directory with some debug files
2005-12-17 14:02:24 +01:00
willy tarreau
2f6ba6579f * released 1.1.21
* changed the debug output format so that it now includes the session unique
  ID followed by the instance name at the beginning of each line.
* in debug mode, accept now shows the client's IP and port.
* added one 3 small debugging scripts to search and pretty print debug output
* changed the default health check request to "OPTIONS /" instead of
  "OPTIONS *" since not all servers implement the later one.
* "option httpchk" now accepts an optional parameter allowing the user to
  specify and URI other than '/' during health-checks.
* made Makefile more robust to pcre-config errors
* added 3 new pretty-print scripts : debug2ansi, debug2html and debugfind
* upgraded Formilux package to haproxy-1.1.21-flx.1.pkg
* removed the now obsolete haproxy2html.sh
2005-12-17 13:57:42 +01:00
willy tarreau
906b268436 * released 1.1.19
* haproxy was NOT RFC compliant because it was case-sensitive on HTTP
  "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
  cookie persistence because it uses "cookie:". Two memcmp() have been
  replaced with strncasecmp().
* added the haproxy2html.sh script
* removed the now useless NOTES file
* made pcre-config quiet in the makefile.
2005-12-17 13:49:52 +01:00
willy tarreau
036e1cef51 * released 1.1.18
* Haproxy can be compiled with PCRE regex instead of libc regex, by setting
  REGEX=pcre on the make command line.
* HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
* when explicit source address binding is required, it is now also used for
  health-checks.
* added 'reqpass' and 'reqipass' to allow certain headers but not the request
  itself.
* factored several strings to reduce binary size by about 2 kB.
* replaced setreuid() and setregid() with more standard setuid() and setgid().
* added 4 status flags to the log line indicating who ended the connection
  first, the sessions state, the validity of the cookie, and action taken on
  the set-cookie header.
* rearranged the changelog and removed it from haproxy.c
* large documentation updates
2005-12-17 13:46:33 +01:00
willy tarreau
750a47265a * released 1.1.12
* fixed stats monitoring, and optimized some tv_* for most common cases.
* replaced temporary 'newhdr' with 'trash' to reduce stack size
* made HTTP errors more HTML-fiendly.
* renamed strlcpy() to strlcpy2() because of a slightly difference between
  their behaviour (return value), to avoid confusion.
* restricted HTTP messages to HTTP proxies only
* added a 502 message when the connection has been refused by the server,
  to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
* changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
  inserting a cookie, because some caches (apache) don't understand it.
* fixed processing of server headers when client is in SHUTR state
* automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
  setpgid()
* updated the Makefile and the Formilux build script
2005-12-17 13:21:24 +01:00
willy tarreau
c29948c439 * released 1.1.9 : SECURITY FIX
* don't use snprintf()'s return value as an end of message since it may
  be larger. This caused bus errors and segfaults in internal libc's
  getenv() during localtime() in send_log().
* removed dead insecure send_syslog() function and all references to it.
* fixed warnings on Solaris due to buggy implementation of isXXXX().
2005-12-17 13:10:27 +01:00
willy tarreau
a159808bf2 * released 1.1.8
* option "dontlognull"
* fixed "double space" bug in config parser
* fixed an uninitialized server field in case of dispatch
  with no existing server which could cause a segfault during
  logging.
* the pid logged was always the father's, which was wrong for daemons.
* fixed wrong level "LOG_INFO" for message "proxy started".
* http logging is now complete :
  - ip:port, date, proxy, server
  - req_time, conn_time, hdr_time, tot_time
  - status, size, request
* source address binding
2005-12-17 13:08:06 +01:00
willy tarreau
efae1847c3 * released 1.1.1
* fixed a bug in total failure handling
* fixed a bug in timestamp comparison within same second (tv_cmp_ms)
2005-12-17 12:51:03 +01:00
willy tarreau
5cbea6fd41 * released 1.1.0
* added OpenBSD, Linux-2.2 and Linux-2.4 targets to the Makefile
* added a Formilux init script
* fixed a few timeout bugs
* rearranged the task scheduler subsystem to improve performance,
  add new tasks, and make it easier to later port to librt ;
* allow multiple accept() for one select() wake up ;
* implemented internal load balancing with basic health-check ;
* cookie insertion and header add/replace/delete, with better strings
  support.
* reworked buffer handling to fix a few rewrite bugs, and
  improve overall performance.
* implement the "purge" option to delete server cookies in direct mode.
* fixed some error cases where the maxfd was not decreased.
* now supports transparent proxying, at least on linux 2.4.
* soft stop works again (fixed select timeout computation).
* it seems that TCP proxies sometimes cannot timeout.
* added a "quiet" mode.
* enforce file descriptor limitation on socket() and accept().
2005-12-17 12:48:26 +01:00
willy tarreau
9da061b40b * updated to version 1.0.2
* fixed a bug in header processing
* Makefile now supports a Solaris target
2005-12-17 12:29:56 +01:00
willy tarreau
0f7af91265 * initial commit of version 1.0.0 2005-12-17 12:21:26 +01:00