Commit Graph

31 Commits

Author SHA1 Message Date
willy tarreau 77bc854117 * building with -DUSE_PCRE should include PCRE headers and not regex.h. At
least on Solaris, this caused the libc's regex primitives to be used instead
  of PCRE, which caused trouble on group references. This is now fixed.
2005-12-18 01:31:43 +01:00
willy tarreau b952e1db84 * released 1.2.7rc (1.1.33rc)
* second batch of socklen_t changes.
* clean-ups from Cameron Simpson.
* because tv_remain() does not know about eternity, using no timeout can
  make select() spin around a null time-out. Bug reported by Cameron Simpson.
* client read timeout was not properly set to eternity initialized after an
  accept() if it was not set in the config. It remained undetected so long
  because eternity is 0 and newly allocated pages are zeroed by the system.
* do not call get_original_dst() when not in transparent mode.
* implemented a workaround for a bug in certain epoll() implementations on
  linux-2.4 kernels (epoll-lt <= 0.21).
* implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
2005-12-18 01:31:20 +01:00
willy tarreau c5f73ed21c * released 1.2.6
* clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
2005-12-18 01:26:38 +01:00
willy tarreau 0fe396592d * released 1.2.6-pre5 (1.1.32)
* added the number of active sessions (proxy/process) in the logs
2005-12-18 01:25:24 +01:00
willy tarreau b1285d5ce0 * released 1.2.6-pre4
* the time-out fix introduced in 1.1.25 caused a corner case where it was
  possible for a client to keep a connection maintained regardless of the
  timeout if the server closed the connection during the HEADER phase,
  while the client ignored the close request while doing nothing in the
  other direction. This has been fixed now by ensuring that read timeouts
  are re-armed when switching to any SHUTW state.
* enhanced error reporting in the logs. Now the proxy will precisely detect
  various error conditions related to the system and/or process limits, and
  generate LOG_EMERG logs indicating that a resource has been exhausted.
* logs will contain two new characters for the error cause : 'R' indicates
  a resource exhausted, and 'I' indicates an internal error, though this
  one should never happen.
* server connection timeouts can now be reported in the logs (sC), as well
  as connections refused because of maxconn limitations (PC).
* new global configuration keyword "ulimit-n" may be used to raise the FD
  limit to usable values.
* a warning is now displayed on startup if the FD limit is lower than the
  configured maximum number of sockets.
* new configuration keyword "monitor-net" makes it possible to be monitored
  by external devices which connect to the proxy without being logged nor
  forwarded to any server. Particularly useful on generic TCPv4 relays.
2005-12-18 01:20:14 +01:00
willy tarreau 5dffb607d6 * released 1.2.5.2
* fixed build on PPC where chars are unsigned by default
2005-12-18 01:15:23 +01:00
willy tarreau 08dedbe898 * released 1.2.5.1
* dirty hack to fix a bug introduced with epoll : if we close an FD and
  immediately reassign it to another session through a connect(), the
  Prev{Read,Write}Events are not updated, which causes trouble detecting
  changes, thus leading to many timeouts at high loads.
2005-12-18 01:13:48 +01:00
willy tarreau 64a3cc3660 * released 1.2.5 (1.1.31)
* changed the runtime argument to disable epoll() to '-de'
* changed the runtime argument to disable poll() to '-dp'
* added global options 'nopoll' and 'noepoll' to do the same at the
  configuration level.
* added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
  support epoll().
* changed default FD_SETSIZE to 65536 on Solaris (default=1024)
* conditionned signals redirection to #ifdef DEBUG_MEMORY
2005-12-18 01:13:11 +01:00
willy tarreau 1c2ad21e0f * released 1.2.5-pre4
* made epoll() support a compile-time option : ENABLE_EPOLL
* provided a very little libc replacement for a possibly missing epoll()
  implementation which can be enabled by -DUSE_MY_EPOLL
* implemented the poll() poller, which can be enabled with -DENABLE_POLL.
  The equivalent runtime argument becomes '-P'. A few tests show that it
  performs like select() with many fds, but slightly slower (certainly
  because of the higher amount of memory involved).
* separated the 3 polling methods and the tasks scheduler into 4 distinct
  functions which makes the code a lot more modular.
* moved some event tables to private static declarations inside the poller
  functions.
* the poller functions can now initialize themselves, run, and cleanup.
* changed the runtime argument to enable epoll() to '-E'.
* removed buggy epoll_ctl() code in the client_retnclose() function. This
  function was never meant to remove anything.
* fixed a typo which caused glibc to yell about a double free on exit.
* removed error checking after epoll_ctl(DEL) because we can never know if
  the fd is still active or already closed.
* added a few entries in the makefile
2005-12-18 01:11:29 +01:00
willy tarreau ad90a0c80e * released 1.2.5-pre3
* experimental epoll() support (use temporary '-e' argument)
2005-12-18 01:09:15 +01:00
willy tarreau c1f4753d60 * released 1.2.5-pre2
* implemented the HTTP 303 code for error redirection. This forces the
  browser to fetch the given URI with a GET request. The new keyword for
  this is 'errorloc303', and a new 'errorloc302' keyword has been created
  to make them easily distinguishable.
* added more controls in the parser for valid use of '\x' sequence.
* few fixes from Alex & Klaus
* fixed a few errors in the documentation
* do not pre-initialize unused file-descriptors before select() anymore.
2005-12-18 01:08:26 +01:00
willy tarreau 12350155a4 * released 1.2.4
* merged Alexander Lazic's and Klaus Wagner's work on application
  cookie-based persistence. Since this is the first merge, this version is
  not intended for general use and reports are more than welcome. Some
  documentation is really needed though.
2005-12-18 01:03:27 +01:00
willy tarreau 0174f319a2 * released 1.2.3 (1.1.30)
* add an architecture guide to the documentation
* released without any changes
* increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
  compatible with Apache. This limit can be configured in the makefile now.
  Thanks to Eric Fehr for the checks.
* added a per-server "source" option which now makes it possible to bind to
  a different source for each (potentially identical) server.
* changed cookie-based server selection slightly to allow several servers to
  share a same cookie, thus making it possible to associate backup servers to
  live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
* added the cookie 'prefix' mode which makes it possible to use persistence
  with thin clients which support only one cookie. The server name is prefixed
  before the application cookie, and restore back.
* fixed the order of servers within an instance to match documentation. Now
  the servers are *really* used in the order of their declaration. This is
  particularly important when multiple backup servers are in use.
2005-12-18 01:02:42 +01:00
willy tarreau 4302f49525 * released 1.2.2 (1.1.29)
* fixed a bug where a TCP connection would be logged twice if the 'logasap'
  option was enabled without the 'tcplog' option.
* encode_string() would use hdr_encode_map instead of the map argument.
* the logged request is now encoded with '#XX' for unprintable characters
* new keywords 'capture request header' and 'capture response header' enable
  logging of arbitrary HTTP headers in requests and responses
* removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
2005-12-18 01:00:37 +01:00
willy tarreau 982249e9e7 * released 1.2.1 (1.1.28)
* added the '-V' command line option to verbosely report errors even though
  the -q or 'quiet' options are specified. This is useful with '-c'.
* added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
* added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
  information leak from servers.
* more examples added into the configuration
2005-12-18 00:57:06 +01:00
willy tarreau 97f58576eb * added the 'checkcache' option which blocks cacheable responses containing
dangerous headers, such as 'set-cookie'.
2005-12-18 00:53:44 +01:00
willy tarreau 25c4ea505a * released 1.2.1-pre2
* add the "logasap" option which produces a log without waiting for the data
  to be transferred from the server to the client.
* add the "httpclose" option which removes any "connection:" header and adds
  "Connection: close" in both direction.
2005-12-18 00:49:49 +01:00
willy tarreau dd07e97447 * released 1.2.1-pre1
* send an EMERG log when no server is available for a given proxy
* added the '-c' command line option to syntactically check the
  configuration file without starting the service.
2005-12-18 00:48:48 +01:00
willy tarreau 8a86dbf30e * released 1.2.0
* the same as 1.1.27 + IPv6 support on the client side
2005-12-18 00:45:59 +01:00
willy tarreau fe2c5c147b * released 1.1.27
* the configurable HTTP health check introduced in 1.1.23 revealed a shameful
  bug : the code still assumed that HTTP requests were the same size as the
  original ones (22 bytes), and failed if they were not.
* added support for pidfiles.
2005-12-17 14:14:34 +01:00
willy tarreau c58fc6943d * released 1.1.26
* the fix introduced in 1.1.25 for client timeouts while waiting for servers
  broke almost all compatibility with POST requests, because the proxy
  stopped to read anything from the client as soon as it got all of its
  headers.
2005-12-17 14:13:08 +01:00
willy tarreau c1cae63922 * released 1.1.25
* added the 'tcplog' option, which provides enhanced, HTTP-like logs for
  generic TCP proxies, or lighter logs for HTTP proxies.
* fixed a time-out condition wrongly reported as client time-out in data
  phase if the client timeout was lower than the connect timeout times the
  number of retries.
* doc: added some precisions about the log timers
2005-12-17 14:12:23 +01:00
willy tarreau 197e8ec2c3 * released 1.1.24
* if a client sent a full request then shut its write connection down, then
  the request was aborted. This case was detected only when using haproxy
  both as health-check client and as a server.
* if 'option httpchk' is used in a 'health' mode server, then responses will
  change from 'OK' to 'HTTP/1.0 200 OK'.
* fixed a Linux-only bug in case of HTTP server health-checks, where a single
  server response followed by a close could be ignored, and the server seen
  as failed.
* renamed 'haproxy.txt' to 'haproxy-fr.txt'
* large documentation and examples cleanups
2005-12-17 14:10:59 +01:00
willy tarreau eedaa9f220 * released 1.1.23
* fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
  'default' sections to keep previous parameters, and not initialize logs
  correctly.
* fixed a second stupid bug introduced in 1.1.22 which caused configurations
  relying on 'dispatch' mode to segfault at the first connection.
* 'option httpchk' now supports method, HTTP version and a few headers.
* now, 'option httpchk', 'cookie' and 'capture' can be specified in
  'defaults' section
* a fresh new english documentation
* large Makefile cleanup for increased portability
* new build script 'build.cfg' for Formilux-0.1.8
* new startup script 'init.haproxy.flx0' for Formilux-0.1.8
2005-12-17 14:08:03 +01:00
willy tarreau a41a8b4ee6 * released 1.1.22
* 'listen' now supports optionnal address:port-range lists
* 'bind' introduced to add new listen addresses
* fixed a bug which caused a session to be kept established on a server till
  it timed out if the client closed during the DATA phase.
* the port part of each server address can now be empty to make the proxy
  connect to the server on the same port it was connected to, be an absolute
  unsigned number to reflect a single port (as in older versions), or an
  explicitly signed number (+N/-N) to indicate that this offset must be
  applied to the port the proxy was connected to, when connecting to the
  server.
* the 'port' server option allows the user to specify a different
  health-check port than the service one. It is mandatory when only relative
  ports have been specified and check is required. By default, the checks are
  sent to the service port.
* new 'defaults' section which is rather similar to 'listen' except that all
  values are only used as default values for future 'listen' sections, until
  a new 'defaults' resets them. At the moment, server options, regexes,
  cookie names and captures cannot be set in the 'defaults' section.
* Makefile now optimizes for Ultrasparc by default on Solaris/Sparc
* large documentation updates and fixes
* new 'tests' directory with some debug files
2005-12-17 14:02:24 +01:00
willy tarreau 2f6ba6579f * released 1.1.21
* changed the debug output format so that it now includes the session unique
  ID followed by the instance name at the beginning of each line.
* in debug mode, accept now shows the client's IP and port.
* added one 3 small debugging scripts to search and pretty print debug output
* changed the default health check request to "OPTIONS /" instead of
  "OPTIONS *" since not all servers implement the later one.
* "option httpchk" now accepts an optional parameter allowing the user to
  specify and URI other than '/' during health-checks.
* made Makefile more robust to pcre-config errors
* added 3 new pretty-print scripts : debug2ansi, debug2html and debugfind
* upgraded Formilux package to haproxy-1.1.21-flx.1.pkg
* removed the now obsolete haproxy2html.sh
2005-12-17 13:57:42 +01:00
willy tarreau b1ff9dbde2 * released 1.1.20
* fixed two problems with time-outs, one where a server would be logged as
  timed out during transfer that take longer to complete than the fixed
  time-out, and one where clients were logged as timed-out during the data
  phase because they didn't have anything to send. This sometimes caused
  slow client connections to close too early while in fact there was no
  problem. The proper fix would be to have a per-fd time-out with
  conditions depending on the state of the HTTP FSM.
2005-12-17 13:51:03 +01:00
willy tarreau 906b268436 * released 1.1.19
* haproxy was NOT RFC compliant because it was case-sensitive on HTTP
  "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
  cookie persistence because it uses "cookie:". Two memcmp() have been
  replaced with strncasecmp().
* added the haproxy2html.sh script
* removed the now useless NOTES file
* made pcre-config quiet in the makefile.
2005-12-17 13:49:52 +01:00
willy tarreau 036e1cef51 * released 1.1.18
* Haproxy can be compiled with PCRE regex instead of libc regex, by setting
  REGEX=pcre on the make command line.
* HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
* when explicit source address binding is required, it is now also used for
  health-checks.
* added 'reqpass' and 'reqipass' to allow certain headers but not the request
  itself.
* factored several strings to reduce binary size by about 2 kB.
* replaced setreuid() and setregid() with more standard setuid() and setgid().
* added 4 status flags to the log line indicating who ended the connection
  first, the sessions state, the validity of the cookie, and action taken on
  the set-cookie header.
* rearranged the changelog and removed it from haproxy.c
* large documentation updates
2005-12-17 13:46:33 +01:00
willy tarreau 8337c6b7bd * released 1.1.17
* add the notion of "backup" servers, which are used only when all other
  servers are down.
* make Set-Cookie return "" instead of "(null)" when the server has no
  cookie assigned (useful for backup servers).
* "log" now supports an optionnal level name (info, notice, err ...) above
  which nothing is sent.
* replaced some strncmp() with memcmp() for better efficiency.
* added "capture cookie" option which logs client and/or server cookies
* cleaned up/down messages and dump servers states upon SIGHUP
* added a redirection feature for errors : "errorloc <errnum> <url>"
* now we won't insist on connecting to a dead server, even with a cookie,
  unless option "persist" is specified.
* added HTTP/408 response for client request time-out and HTTP/50[234] for
  server reply time-out or errors.
* updates to the examples files
* added a 'do_status' command to the Formilux init script
2005-12-17 13:41:01 +01:00
willy tarreau bc4e1fb68a * released 1.1.16
* implement HTTP health checks when option "httpchk" is specified.
* put the changelog into a new CHANGELOG file
* updated the Formilux init script
2005-12-17 13:32:07 +01:00