Commit Graph

5258 Commits

Author SHA1 Message Date
James Rosewell
91a41cb32d MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions
Added the definition of CHECK_HTTP_MESSAGE_FIRST and the declaration of
smp_prefetch_http to the header.

Changed smp_prefetch_http implementation to remove the static qualifier.
2015-09-21 12:05:26 +02:00
Willy Tarreau
11e334d972 DOC: add a CONTRIBUTING file
This file tries to explain in the most detailed way how to contribute
patches. A few parts of it were moved from the README. .gitignore was
updated.
2015-09-20 22:43:56 +02:00
Willy Tarreau
2f5cd60ed0 DOC: add the documentation about internal circular lists
This file was recovered from the first project where it was born 12 years
ago, but it's still convenient to understand how our circular lists work,
so let's add it.
2015-09-20 22:43:56 +02:00
Baptiste Assmann
71503d32a7 DOC: servers state seamless reload example
A short doc + example to help people start using seamless reload for
server state
2015-09-19 17:05:29 +02:00
Baptiste Assmann
9b6857e9b5 MINOR: cli: new stats socket command: show backend
new stats socket command which displays only the list of backends
available in the current process.
For now only the backend name is displayed.
2015-09-19 17:05:29 +02:00
Baptiste Assmann
6076d1c02d MINOR: server: startup slowstart task when using seamless reload of HAProxy
This patch uses the start up of the health check task to also start
the warmup task when required.

This is executed only once: when HAProxy has just started up and can
be started only if the load-server-state-from-file feature is enabled
and the server was in the warmup state before a reload occurs.
2015-09-19 17:05:28 +02:00
Baptiste Assmann
fecd2b53af MINOR: init: server state loaded from file
With this patch, HAProxy reads the content of server state file and
update state of servers accordingly.
2015-09-19 17:05:28 +02:00
Baptiste Assmann
01c6cc3670 DOC: load-server-state-from-file 2015-09-19 17:05:28 +02:00
Baptiste Assmann
e11cfcd2c9 MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name
This directive gives HAProxy the ability to use the either the global
server-state-file directive or a local one using server-state-file-name to
load server states.
The state can be saved right before the reload by the init script, using
the "show servers state" command on the stats socket redirecting output into
a file.
2015-09-19 17:05:28 +02:00
Baptiste Assmann
ef1f0fc033 DOC: new global directive: server-state-file
Documentation related to a new global directive.
Purpose of this directive is to store a file path into the global
structure of HAProxy. The file pointed by the path may be used by
HAProxy to retrieve server state from the previous running process
after a reload occured.
2015-09-19 17:05:27 +02:00
Baptiste Assmann
e0882263e0 MINOR: config: new global section directive: server-state-file
This new global section directive is used to store the path to the file
where HAProxy will be able to retrieve server states across reloads.

The file pointed by this path is used to store a file which can contains
state of all servers from all backends.
2015-09-19 17:05:27 +02:00
Baptiste Assmann
5626f489ec DOC: global directive server-state-base
Documentation relative to the new global directive server-state-file.
2015-09-19 17:05:27 +02:00
Baptiste Assmann
6bc89366bb MINOR: config: new global directive server-state-base
This new global directive can be used to provide a base directory where
all the server state files could be loaded.
If a server state file name starts with a slash '/', then this directive
must not be applied.
2015-09-19 17:05:26 +02:00
Baptiste Assmann
6f9225ab55 DOC: stats socket command: show servers state
Documentation related to the new command available over the stats socket
"show servers state".

A description of the fields is also included.
2015-09-19 17:05:26 +02:00
Baptiste Assmann
2828946cb5 MINOR: cli: new stats socket command: show servers state
new command 'show servers state' which dumps all variable parameters
of a server during an HAProxy process life.
Purpose is to dump current server state at current run time in order to
read them right after the reload.

The format of the output is versionned and we support version 1 for now.
2015-09-19 16:52:46 +02:00
Baptiste Assmann
41472f4d98 MINOR: server: Macro definition for server-state
Introduces a few new macros used by server state save and application accros reloads:
- currently used state server file format version
- currently used state server file header fields
- MIN and MAX value for version number
- maximum number of fields that could be found in a server-state file
- an arbitrary state-file max line length
2015-09-19 11:34:41 +02:00
Baptiste Assmann
54a4730c65 BUG/MAJOR: can't enable a server through the stat socket
When a server is disabled in the configuration using the "disabled"
keyword, a single flag is positionned: SRV_ADMF_CMAINT (use to be
SRV_ADMF_FMAINT)..
That said, when providing the first version of this code, we also
changed the SRV_ADMF_MAINT mask to match any of the possible MAINT
cases: SRV_ADMF_FMAINT, SRV_ADMF_IMAINT, SRV_ADMF_CMAINT

Since SRV_ADMF_CMAINT is never (and is not supposed to be) altered at
run time, once a server has this flag set up, it can never ever be
enabled again using the stats socket.

In order to fix this, we should:
- consider SRV_ADMF_CMAINT as a simple flag to report the state in the
  old configuration file (will be used after a reload to deduce the
  state of the server in a new running process)
- enabling both SRV_ADMF_CMAINT and SRV_ADMF_FMAINT when the keyword
  "disabled" is in use in the configuration
- update the mask SRV_ADMF_MAINT as it was before, to only match
  SRV_ADMF_FMAINT and SRV_ADMF_IMAINT.

The following patch perform the changes above.
It allows fixing the regression without breaking the way the up coming
feature (seamless server state accross reloads) is going to work.

Note: this is 1.6-only, no backport needed.
2015-09-18 12:38:23 +02:00
Pieter Baauw
caa6a1bb46 MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD 2015-09-17 22:11:09 +02:00
Pieter Baauw
44fc9dfa6d DOC: add references to rise/fall for the fastinter explanation 2015-09-17 22:11:04 +02:00
Thierry FOURNIER
ccf0063896 BUG/MINOR: lua: breaks the log message if his size exceed one buffer
Previously, the log was ignored if the log message exceed one buffer.
This patch doens't ignore the log, but trancate the message.
2015-09-17 17:51:51 +02:00
Thierry FOURNIER
babae28c87 BUG/MAJOR: lua: potential unexpected aborts()
This couple of function executes securely some Lua calls outside of
the lua runtime environment. Each Lua call can return a longjmp
if it encounter a memory error.

Lua documentation extract:

   If an error happens outside any protected environment, Lua calls
   a panic function (see lua_atpanic) and then calls abort, thus
   exiting the host application. Your panic function can avoid this
   exit by never returning (e.g., doing a long jump to your own
   recovery point outside Lua).

   The panic function runs as if it were a message handler (see
   §2.3); in particular, the error message is at the top of the
   stack. However, there is no guarantee about stack space. To push
   anything on the stack, the panic function must first check the
   available space (see §4.2).

We must check all the Lua entry point. This includes:
 - The include/proto/hlua.h exported functions
 - the task wrapper function
 - The action wrapper function
 - The converters wrapper function
 - The sample-fetch wrapper functions

It is tolerated that the initilisation function returns an abort.
Before each Lua abort, an error message is writed on stderr.

The macro SET_SAFE_LJMP initialise the longjmp. The Macro
RESET_SAFE_LJMP reset the longjmp. These function must be macro
because they must be exists in the program stack when the longjmp
is called
2015-09-17 17:51:29 +02:00
Willy Tarreau
a02e8a6cdf [RELEASE] Released version 1.6-dev5
Released version 1.6-dev5 with the following main changes :
    - MINOR: dns: dns_resolution structure update: time_t to unsigned int
    - BUG/MEDIUM: dns: DNS resolution doesn't start
    - BUG/MAJOR: dns: dns client resolution infinite loop
    - MINOR: dns: coding style update
    - MINOR: dns: new bitmasks to use against DNS flags
    - MINOR: dns: dns_nameserver structure update: new counter for truncated response
    - MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED
    - MEDIUM: dns: handling of truncated response
    - MINOR: DNS client query type failover management
    - MINOR: dns: no expected DNS record type found
    - MINOR: dns: new flag to report that no IP can be found in a DNS response packet
    - BUG/MINOR: DNS request retry counter used for retry only
    - DOC: DNS documentation updated
    - MEDIUM: actions: remove ACTION_STOP
    - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis)
    - BUG/MINOR: lua: last log character truncated.
    - CLEANUP: typo: bad indent
    - CLEANUP: actions: missplaced includes
    - MINOR: build: missing header
    - CLEANUP: lua: Merge log functions
    - BUG/MAJOR: http: don't manipulate the server connection if it's killed
    - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
    - BUG/MAJOR: http: don't call http_send_name_header() after an error
    - MEDIUM: tools: make str2sa_range() optionally return the FQDN
    - BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
    - BUG/MEDIUM: dns: use the correct server hostname when resolving
2015-09-14 12:23:10 +02:00
Thierry FOURNIER
23bc375c59 CLEANUP: lua: Merge log functions
All the code which emits error log have the same pattern. Its:
Send log with syslog system, and if it is allowed, display error
log on screen.

This patch replace this pattern by a macro. This reduces the number
of lines.
2015-09-11 20:58:04 +02:00
Thierry FOURNIER
007ff4ce0f MINOR: build: missing header
Regex header file is missing in types/action.h

Repported by Conrad Hoffmann

I cannot build the current dev's master HEAD (ec3c37d) because of this error:

> In file included from include/proto/proto_http.h:26:0,
>                  from src/stick_table.c:26:
> include/types/action.h:102:20: error: field ‘re’ has incomplete type
>     struct my_regex re;    /* used by replace-header and replace-value */
>                     ^
> Makefile:771: recipe for target 'src/stick_table.o' failed
> make: *** [src/stick_table.o] Error 1

The struct act_rule defined in action.h includes a full struct my_regex
without #include-ing regex.h. Both gcc 5.2.0 and clang 3.6.2 do not allow this.
2015-09-11 17:34:56 +02:00
Thierry FOURNIER
ec3c37db3b CLEANUP: actions: missplaced includes
The include of action.h are misplaced.
2015-09-10 21:17:04 +02:00
Thierry FOURNIER
5bc2cbf8f4 CLEANUP: typo: bad indent
A space alignment remains in the stream_interface.c file
2015-09-10 21:16:55 +02:00
Baptiste Assmann
62b75b44e6 DOC: DNS documentation updated
More information regarding DNS resolution:
- behavior in case of errors
- behavior when multiple name servers are configured in a resolvers
  section
- when a retry is performed
- when a query type change is performed
- make it clear that DNS resolution requires health checking enabled
  on the server
2015-09-10 15:50:50 +02:00
Baptiste Assmann
f778bb46d6 BUG/MINOR: DNS request retry counter used for retry only
There are two types of retries when performing a DNS resolution:
1. retry because of a timeout
2. retry of the full sequence of requests (query types failover)

Before this patch, the 'resolution->try' counter was incremented
after each send of a DNS request, which does not cover the 2 cases
above.
This patch fix this behavior.
2015-09-10 15:46:03 +02:00
Baptiste Assmann
0453a1dd45 MINOR: dns: new flag to report that no IP can be found in a DNS response packet
Some DNS response may be valid from a protocol point of view but may not
contain any IP addresses.
This patch gives a new flag to the function dns_get_ip_from_response to
report such case.
It's up to the upper layer to decide what to do with this information.
2015-09-10 15:42:55 +02:00
Baptiste Assmann
96972bcd36 MINOR: dns: no expected DNS record type found
Some DNS responses may be valid from a protocol point of view, but may
not contain any information considered as interested by the requester..
Purpose of the flag DNS_RESP_NO_EXPECTED_RECORD introduced by this patch is
to allow reporting such situation.

When this happens, a new DNS query is sent with a new query type.

For now, the function only expect A and AAAA query types which is enough
to cover current cases.
In a next future, it will be up to the caller to tell the function which
query types are expected.
2015-09-10 15:41:53 +02:00
Thierry FOURNIER
5554e2983d BUG/MINOR: lua: last log character truncated.
The send_log function needs a final \n.

This bug is repported by Michael Ezzell.

Minor bug: when writing to syslog from Lua scripts, the last character from
each log entry is truncated.

core.Alert("this is truncated");

Sep  7 15:07:56 localhost haproxy[7055]: this is truncate

This issue appears to be related to the fact that send_log() (in src/log.c)
is expecting a newline at the end of the message's format string:

/*
 * This function adds a header to the message and sends the syslog message
 * using a printf format string. It expects an LF-terminated message.
 */
void send_log(struct proxy *p, int level, const char *format, ...)

I believe the fix would be in in src/hlua.c at line 760
<http://git.haproxy.org/?p=haproxy.git;a=blob;f=src/hlua.c;h=1e4d47c31e66c16c837ff2aa5ef577f6cafdc7e7;hb=316e3196285b89a917c7d84794ced59a6a5b4eba#l760>,
where this...

   send_log(px, level, "%s", trash.str);

...should be adding a newline into the format string to accommodate what
the code expects.

    send_log(px, level, "%s\n", trash.str);

This change provides what seems to be the correct behavior:

Sep  7 15:08:30 localhost haproxy[7150]: this is truncated

All other uses of send_log() in hlua.c have a trailing dot "." in the
message that is masking the truncation issue because the output message
stops on a clean word boundary.  I suspect these would also benefit from
"\n" appended to their format strings as well, since this appears to be the
pattern seen throughout the rest of the code base.

Reported-by: Michael Ezzell <michael@ezzell.net>
2015-09-09 22:12:27 +02:00
Willy Tarreau
07101d5a16 BUG/MEDIUM: dns: use the correct server hostname when resolving
The server's host name picked for resolution was incorrect, it did not
skip the address family specifier, did not resolve environment variables,
and messed up with the optional trailing colon.

Instead, let's get the fqdn returned by str2sa_range() and use that
exclusively.
2015-09-08 16:16:35 +02:00
Willy Tarreau
9f69f46d1f BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
If an environment variable is used in an address, and is not set, it's
silently considered as ":" or "0.0.0.0:0" which is not correct as it
can hide environment issues and lead to unexpected behaviours. Let's
report this case when it happens.

This fix should be backported to 1.5.
2015-09-08 16:01:25 +02:00
Willy Tarreau
72b8c1f0aa MEDIUM: tools: make str2sa_range() optionally return the FQDN
The function does a bunch of things among which resolving environment
variables, skipping address family specifiers and trimming port ranges.
It is the only one which sees the complete host name before trying to
resolve it. The DNS resolving code needs to know the original hostname,
so we modify this function to optionally provide it to the caller.

Note that the function itself doesn't know if the host part was a host
or an address, but str2ip() knows that and can be asked not to try to
resolve. So we first try to parse the address without resolving and
try again with resolving enabled. This way we know if the address is
explicit or needs some kind of resolution.
2015-09-08 15:50:19 +02:00
Baptiste Assmann
90447582d7 MINOR: DNS client query type failover management
In the first version of the DNS resolver, HAProxy sends an ANY query
type and in case of issue fails over to the type pointed by the
directive in 'resolve-prefer'.
This patch allows the following new failover management:
1. default query type is still ANY
2. if response is truncated or in error because ANY is not supported by
   the server, then a fail over to a new query type is performed. The
   new query type is the one pointed by the directive 'resolve-prefer'.
3. if no response or still some errors occurs, then a query type fail over
   is performed to the remaining IP address family.
2015-09-08 15:04:17 +02:00
Baptiste Assmann
3440f0da2a MEDIUM: dns: handling of truncated response
First dns client implementation simply ignored most of DNS response
flags.
This patch changes the way the flags are parsed, using bit masks and
also take care of truncated responses.
Such response are reported to the above layer which can handle it
properly.
2015-09-08 14:59:49 +02:00
Baptiste Assmann
0df5d9669a MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED
This patch introduces a new internal response state about the analysis
of a DNS response received by a server.
It is dedicated to report to above layer that the response is
'truncated'.
2015-09-08 14:58:07 +02:00
Baptiste Assmann
6cdea9359b MINOR: dns: dns_nameserver structure update: new counter for truncated response
This patch updates the dns_nameserver structure to integrate a counter
dedicated to 'truncated' response sent by servers.
Such response are important to track, since HAProxy is supposed to
replay its request.
2015-09-08 14:57:28 +02:00
Baptiste Assmann
042d0a1f8c MINOR: dns: new bitmasks to use against DNS flags
Current DNS client code implementation doesn't take care of response
flags setup by the server.
This patch introduces a couple of bitmasks one can use to retrieve the
truncated flag and the reply code available in the 2-bytes flag field.
2015-09-08 12:14:03 +02:00
Baptiste Assmann
01daef3162 MINOR: dns: coding style update
No affectation in a if condition.
2015-09-08 10:52:09 +02:00
Baptiste Assmann
11c4e4eefb BUG/MAJOR: dns: dns client resolution infinite loop
Under certain circonstance (a configuration with many servers relying on
DNS resolution and one of them triggering the replay of a request
because of a timeout or invalid response to an ANY query), HAProxy could
end up in an infinite loop over the currently supposed running DNS
queries.

This was caused because the FIFO list of running queries was improperly
updated in snr_resolution_error_cb. The head of the list was removed
instead of the resolution in error, when moving the resolution to the
end of the list.

In the mean time, a LIST_DEL statement is removed since useless. This
action is already performed by the dns_reset_resolution function.
2015-09-08 10:51:50 +02:00
Baptiste Assmann
f0d9370f6b BUG/MEDIUM: dns: DNS resolution doesn't start
Patch f046f1156149d3d8563cc45d7608f2c42ef5b596 introduced a regression:
DNS resolution doesn't start anymore, while it was supposed to make it
start with first health check.

Current patch fix this issue by triggering a new DNS resolution if the
last_resolution time is not set.
2015-09-08 10:51:22 +02:00
Baptiste Assmann
189363e35a MINOR: dns: dns_resolution structure update: time_t to unsigned int
3 variables of the dns_resolution structure are set to 'time_t' type.
Since they are all set by 'now_ms' and used as 'ticks' in HAProxy's
internal, it is safer to set them to the same type than now_ms:
'unsigned int'.
2015-09-08 10:50:17 +02:00
Willy Tarreau
9c03b33329 BUG/MAJOR: http: don't call http_send_name_header() after an error
A crash was reported when using the "famous" http-send-name-header
directive. This time it's a bit tricky, it requires a certain number of
conditions to be met including maxconn on a server, queuing, timeout in
the queue and cookie-based persistence.

The problem is that in stream.c, before calling http_send_name_header(),
we check a number of conditions to know if we have to replace the header
name. But prior to reaching this place, it's possible for
sess_update_stream_int() to fail and change the stream-int's state to
SI_ST_CLO, send an error 503 to the client, and flush all buffers. But
http_send_name_header() can only be called with valid buffer contents
matching the http_msg's description. So when it rewinds the stream to
modify the header, buf->o becomes negative by the size of the incoming
request and is used as the argument to memmove() which basically
displaces 4GB of memory off a few bytes to write the new name, resulting
in a core and a core file that's really not fun to play with.

The solution obviously consists in refraining from calling this nasty
function when the stream interface is already closed.

This bug also affects 1.5 and possibly 1.4, so the fix must be backported
there.
2015-09-07 19:41:42 +02:00
Thierry FOURNIER
316e319628 BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis)
See commit id bdc97a8795c52af94683db25a4984578e26f4857

Michael Ezzell reported that the following Lua code fails in
dev4 when the TCP is not established immediately (due to a little
bit of latency):

   function tricky_socket()
        local sock = core.tcp();
        sock:settimeout(3);
        core.log(core.alert,"calling connect()\n");
        local connected, con_err = sock:connect("x.x.x.x",80);
        core.log(core.alert,"returned from connect()\n");
        if con_err ~= nil then
          core.log(core.alert,"connect() failed with error: '" .. con_err .. "'\n");
        end

The problem is that the flags who want to wake up the applet are
resetted before each applet call, so the applet must set again the
flags if the connection is not established.
2015-09-06 08:22:49 +02:00
Willy Tarreau
b7ce424be2 BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
When converting the "method" fetch to a string, we used to get an empty
string if the first character was not an upper case. This was caused by
the lookup function which returns HTTP_METH_NONE when a lookup is not
possible, and this method being mapped to an empty string in the array.

This is a totally stupid mechanism, there's no reason for having the
result depend on the first char. In fact the message parser already
checks that the syntax matches an HTTP token so we can only land there
with a valid token, hence only HTTP_METH_OTHER should be returned.

This fix should be backported to all actively supported branches.
2015-09-03 17:15:21 +02:00
Thierry FOURNIER
42148735bc MEDIUM: actions: remove ACTION_STOP
Before this patch, two type of custom actions exists: ACT_ACTION_CONT and
ACT_ACTION_STOP. ACT_ACTION_CONT is a non terminal action and ACT_ACTION_STOP is
a terminal action.

Note that ACT_ACTION_STOP is not used in HAProxy.

This patch remove this behavior. Only type type of custom action exists, and it
is called ACT_CUSTOM. Now, the custion action can return a code indicating the
required behavior. ACT_RET_CONT wants that HAProxy continue the current rule
list evaluation, and ACT_RET_STOP wants that HAPRoxy stops the the current rule
list evaluation.
2015-09-02 18:36:38 +02:00
Willy Tarreau
bd99d5818d BUG/MAJOR: http: don't manipulate the server connection if it's killed
Jesse Hathaway reported a crash that Cyril Bonté diagnosed as being
caused by the manipulation of srv_conn after setting it to NULL. This
happens in http-server-close mode when the server returns either a 401
or a 407, because the connection was previously closed then it's being
assigned the CO_FL_PRIVATE flag.

This bug only affects 1.6-dev as it was introduced by connection reuse code
with commit 387ebf8 ("MINOR: connection: add a new flag CO_FL_PRIVATE").
2015-09-02 10:52:05 +02:00
Willy Tarreau
61d301fbfb [RELEASE] Released version 1.6-dev4
Released version 1.6-dev4 with the following main changes :
    - MINOR: log: Add log-format variable %HQ, to log HTTP query strings
    - DOC: typo in 'redirect', 302 code meaning
    - DOC: typos in tcp-check expect examples
    - DOC: resolve-prefer default value and default-server update
    - MINOR: DNS counters: increment valid counter
    - BUG/MEDIUM: DNS resolution response parsing broken
    - MINOR: server: add new SRV_ADMF_CMAINT flag
    - MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT
    - BUG/MEDIUM: dns: wrong first time DNS resolution
    - BUG/MEDIUM: lua: Lua tasks fail to start.
    - BUILD: add USE_LUA to BUILD_OPTIONS when it's used
    - DOC/MINOR: fix OpenBSD versions where haproxy works
    - MINOR: 51d: unable to start haproxy without "51degrees-data-file"
    - BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement.
    - BUG/MAJOR: peers: fix current table pointer not re-initialized on session release.
    - BUILD: ssl: Allow building against libssl without SSLv3.
    - DOC: clarify some points about SSL and the proxy protocol
    - DOC: mention support for RFC 5077 TLS Ticket extension in starter guide
    - BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF>
    - DOC: match several lua configuration option names to those implemented in code
    - MINOR cfgparse: Correct the mailer warning text to show the right names to the user
    - BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
    - MINOR: stream: initialize the current_rule field to NULL on stream init
    - BUG/MEDIUM: lua: timeout error with converters, wrapper and actions.
    - CLEANUP: proto_http: remove useless initialisation
    - CLEANUP: http/tcp actions: remove the scope member
    - BUG/MINOR: proto_tcp: custom action continue is ignored
    - MINOR: proto_tcp: add session in the action prototype
    - MINOR: vars: reduce the code size of some wrappers
    - MINOR: Move http method enum from proto_http to sample
    - MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts
    - MINOR: sample/proto_tcp: export "smp_fetch_src"
    - MEDIUM: cli: rely on the map's output type instead of the sample type
    - BUG/MEDIUM: stream: The stream doen't inherit SC from the session
    - BUG/MEDIUM: vars: segfault during the configuration parsing
    - BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream
    - BUG/MEDIUM: lua: bad error processing
    - MINOR: samples: rename a struct from sample_storage to sample_data
    - MINOR: samples: rename some struct member from "smp" to "data"
    - MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
    - MINOR: samples: extract the anonymous union and create the union sample_value
    - MINOR: samples: rename union from "data" to "u"
    - MEDIUM: 51degrees: Adapt the 51Degrees library
    - MINOR: samples: data assignation simplification
    - MEDIUM: pattern/map: Maps can returns various types
    - MINOR: map: The map can return IPv4 and IPv6
    - MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs
    - MINOR: actions: Remove the data opaque pointer
    - MINOR: lua: use the hlua_rule type in place of opaque type
    - MINOR: vars: use the vars types as argument in place of opaque type
    - MINOR: proto_http: use an "expr" type in place of generic opaque type.
    - MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line
    - MINOR: proto_http: replace generic opaque types by real used types in "http_capture"
    - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id
    - MEDIUM: track-sc: Move the track-sc configuration storage in the union
    - MEDIUM: capture: Move the capture configuration storage in the union
    - MINOR: actions: add "from" information
    - MINOR: actions: remove the mark indicating the last entry in enum
    - MINOR: actions: Declare all the embedded actions in the same header file
    - MINOR: actions: change actions names
    - MEDIUM: actions: Add standard return code for the action API
    - MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs
    - MINOR: proto_tcp: proto_tcp.h is now useles
    - MINOR: actions: mutualise the action keyword lookup
    - MEDIUM: actions: Normalize the return code of the configuration parsers
    - MINOR: actions: Remove wrappers
    - MAJOR: stick-tables: use sample types in place of dedicated types
    - MEDIUM: stick-tables: use the sample type names
    - MAJOR: stick-tables: remove key storage from the key struct
    - MEDIUM: stick-tables: Add GPT0 in the stick tables
    - MINOR: stick-tables: Add GPT0 access
    - MINOR: stick-tables: Add GPC0 actions
    - BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault
    - DOC: ssl: missing LF
    - MINOR: lua: add core.done() function
    - DOC: fix function name
    - BUG/MINOR: lua: in some case a sample may remain undefined
    - DOC: fix "http_action_set_req_line()" comments
    - MINOR: http: Action for manipulating the returned status code.
    - MEDIUM: lua: turns txn:close into txn:done
    - BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call
    - BUILD: link with libdl if needed for Lua support
    - CLEANUP: backend: factor out objt_server() in connect_server()
    - MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection
    - MEDIUM: stream-int: simplify si_alloc_conn()
    - MINOR: stream-int: add new function si_detach_endpoint()
    - MINOR: server: add a list of private idle connections
    - MINOR: connection: add a new list member in the connection struct
    - MEDIUM: stream-int: queue idle connections at the server
    - MINOR: stream-int: make si_idle_conn() only accept valid connections
    - MINOR: server: add a list of already used idle connections
    - MINOR: connection: add a new flag CO_FL_PRIVATE
    - MINOR: config: add new setting "http-reuse"
    - MAJOR: backend: initial work towards connection reuse
    - MAJOR: backend: improve the connection reuse mechanism
    - MEDIUM: backend: implement "http-reuse safe"
    - MINOR: server: add a list of safe, already reused idle connections
    - MEDIUM: backend: add the "http-reuse aggressive" strategy
    - DOC: document the new http-reuse directive
    - DOC: internals: document next steps for HTTP connection reuse
    - DOC: mention that %ms is left-padded with zeroes.
    - MINOR: init: indicate to check 'bind' lines when no listeners were found.
    - MAJOR: http: remove references to appsession
    - CLEANUP: config: remove appsession initialization
    - CLEANUP: appsession: remove appsession.c and sessionhash.c
    - CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg
    - CLEANUP: proxy: remove last references to appsession
    - CLEANUP: appsession: remove the last include files
    - DOC: remove documentation about appsession
    - CLEANUP: .gitignore: ignore more test files
    - CLEANUP: .gitignore: finally ignore everything but what is known.
    - MEDIUM: config: emit a warning on a frontend without listener
    - DOC: add doc/internals/entities-v2.txt
    - DOC: add doc/linux-syn-cookies.txt
    - DOC: add design thoughts on HTTP/2
    - DOC: add some thoughts on connection sharing for HTTP/2
    - DOC: add design thoughts on dynamic buffer allocation
    - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
    - DOC: add new file intro.txt
    - MAJOR: tproxy: remove support for cttproxy
    - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2
    - DOC: lua: replace txn:close with txn:done in lua-api
    - DOC: intro: minor updates and fixes
    - DOC: intro: fix too long line.
    - DOC: fix example of http-request using ssl_fc_session_id
    - BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode
    - CLEANUP: lua: fix some indent issues
    - BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice
    - DOC: lua: mention than txn:close was renamed txn:done.
2015-08-30 00:17:17 +02:00
Baptiste Assmann
f046f11561 BUG/MEDIUM: dns: wrong first time DNS resolution
First DNS resolution is supposed to be triggered by first health check,
which is not the case with current code.
This patch fixes this behavior by setting the
resolution->last_resolution time to 0 instead of now_ms when parsing
server's configuration at startup.
2015-08-28 17:23:04 +02:00