Commit Graph

48 Commits

Author SHA1 Message Date
Willy Tarreau
42c7659669 [RELEASE] Released version 1.3.8.2 with the following changes :
- rewriting either the status line or request line could crash the
      process due to a pointer which ought to be reset before parsing.
    - rewriting the status line in the response did not work, it caused
      a 502 Bad Gateway due to an erroneous state during parsing
2007-04-03 20:30:13 +02:00
Willy Tarreau
1e443e9084 [CONTRIB] the URLs in the SPEC files were obsolete 2007-04-01 11:37:02 +02:00
Willy Tarreau
ef6d7612d6 [RELEASE] Released version 1.3.8.1 with the following changes :
- fix reqadd when no option httpclose is used.
    - removed now unused fiprm and beprm from proxies
    - split logs into two versions : TCP and HTTP
    - added some docs about http headers storage and acls
    - added a VIM script for syntax color highlighting (Bruno Michel)
2007-04-01 11:06:22 +02:00
Willy Tarreau
f40110248b [CONTRIB] added the 'except' keyword to haproxy.vim 2007-04-01 11:05:06 +02:00
Willy Tarreau
5e47a72f34 [CONTRIB] added a VIM script for syntax coloring 2007-04-01 10:09:10 +02:00
Willy Tarreau
d661cc06af [RELEASE] Released version 1.3.8 with the following changes :
- fixed several bugs which might have caused a crash with bad configs
    - several optimizations in header processing
    - many progresses towards transaction-based processing
    - option forwardfor may be used in frontends
    - completed HTTP response processing
    - some code refactoring between request and response processing
    - new HTTP header manipulation functions
    - optimizations on the recv() patch to reduce CPU usage under very
      high data rates.
    - more user-friendly help about the 'usesrc' keyword (CTTPROXY)
    - username/groupname support from Marcus Rueckert
    - added the "except" keyword to the "forwardfor" option (Bryan German)
    - support for health-checks on other addresses (Fabrice Dulaunoy)
    - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
    - do not insert "Connection: close" in HTTP/1.0 messages
2007-03-26 00:24:56 +02:00
Willy Tarreau
2ea3abb7bf [MEDIUM] add support for health-checks on other addresses
Patch from Fabrice Dulaunoy. Explanation below, and script
merged in examples/.

This patch allow to put a different address in the check part for each
server (and not only a specific port)

I need this feature because I've a complex settings where, when a specific
farm goes down, I need to switch a set of other farm either if these other
farm behave perfectly well.

For that purpose, I've made a small PERL daemon with some REGEX or PORT
test which allow me to test a bunch of thing.
2007-03-25 16:45:16 +02:00
Willy Tarreau
9cabf70db7 [RELEASE] Released version 1.3.7 with the following changes :
- fix critical bug introduced with 1.3.6 : an empty request header
      may lead to a crash due to missing pointer assignment
    - hdr_idx might be left uninitialized in debug mode
    - fixed build on FreeBSD due to missing fd_set declaration
2007-01-26 23:49:01 +01:00
Willy Tarreau
49e1ee83be [RELEASE] Released 1.3.6 with the following changes :
- stats now support the HEAD method too
    - extracted http request from the session
    - huge rework of the HTTP parser which is now a 28-state FSM.
    - linux-style likely/unlikely macros for optimization hints
    - do not create a server socket when there's no server
2007-01-22 00:56:46 +01:00
Willy Tarreau
5871f8e9bf [RELEASE] Released 1.3.5 with the following major changes :
- added complete support and doc for TCP Splicing
    - replaced the wait-queue linked list with an rbtree.
    - stats: swap color sets for active and backup servers
    - try to guess server check port when unset
    - a few bugfixes and cleanups
2007-01-07 02:47:01 +01:00
Willy Tarreau
6d1a9884f9 [MAJOR] complete support and doc for tcp-splicing
The tcp-splicing code has been merged, and a doc has been written.
A configuration example has been derived from the previous content
switching sample.
2007-01-07 02:03:04 +01:00
Willy Tarreau
85270da1d9 [MINOR] updated versions and docs
The version was not updated in some files. Also, added a few
example configs.
2007-01-02 00:59:39 +01:00
Willy Tarreau
9c9fea4617 [RELEASE] released 1.3.3
Released 1.3.3 with the following changes :
    - fix broken redispatch option in case the connection has already
      been marked "in progress" (ie: nearly always).
    - support regparm on x86 to speed up some often called functions
    - removed a few useless calls to gettimeofday() in log functions.
    - lots of 'const char*' cleanups
    - turn every FD_* into functions which are faster on recent CPUs
    - builds again on OpenBSD and Solaris
2006-10-16 00:03:35 +02:00
Willy Tarreau
690f9aa028 [RELEASE] released 1.3.2
- started the changes towards I/O completion callbacks. stream_sock* have
      replaced event_*.
    - added the new "reqtarpit" and "reqitarpit" protection features
2006-09-03 11:23:06 +02:00
Willy Tarreau
2272dc14bb [DOC] add docs and examples of tarpit configuration 2006-09-03 10:19:38 +02:00
Willy Tarreau
8f2b855ab2 [RELEASE] released 1.3.1 after resyncing with 1.2.15
Released 1.3.1 with the following changes from 1.2.15 :
   - now, haproxy warns about missing timeout during startup to try to
     eliminate all those buggy configurations.
   - added "Content-Type: text/html" in responses wherever appropriate, as
     suggested by Cameron Simpson.
   - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
     test server's health
   - implemented "monitor-uri" so that haproxy can reply to a specific URI with
     an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
     at once.
2006-07-09 17:11:39 +02:00
Willy Tarreau
6bbf14c154 [DOC] provided an example of configuration involving URL switching. 2006-07-09 17:02:06 +02:00
Willy Tarreau
f3c692090e [MEDIUM] implement 'option ssl-hello-chk' to use CLIENT HELLO health checks.
This makes it possible to relay SSL connections in pure TCP instances while
ensuring the remote end really receives our data eventhough intermediate
agents (firewalls, proxies, ...) might acknowledge the connection.
2006-07-09 16:42:34 +02:00
willy tarreau
7e6328df2a [RELEASE] released 1.2.14
Released 1.2.14 with the following changes :

   - new HTML status report with the 'stats' keyword.
   - added the 'abortonclose' option to better resist traffic surges
   - implemented dynamic traffic regulation with the 'minconn' option
   - show request time on denied requests
   - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
   - now a proxy instance is allowed to run without servers, which is
     useful to dedicate one instance to stats
   - added lots of error counters
   - a missing parenthesis preventd matching of cacheable cookies
   - a missing parenthesis in poll_loop() might have caused missed events.
2006-05-21 23:26:20 +02:00
willy tarreau
c3a2e0713f [RELEASE] released version 1.2.13
Summary of changes :
   - 'maxconn' server parameter to do per-server session limitation
   - queueing to support non-blocking session limitation
   - fixed removal of cookies for cookie-less servers such as backup servers
   - two separate wait queues for expirable and non-expirable tasks provide
     better performance with lots of sessions.
   - some code cleanups and performance improvements
   - made state dumps a bit more verbose
   - fixed missing checks for NULL srv in dispatch mode
   - load balancing on backup servers was not possible in source hash mode.
   - two session flags shared the same bit, but fortunately they were not
     compatible.
2006-05-13 18:51:38 +02:00
willy tarreau
c0d4bbdc8d [VERSION] updated everything to reflect version 1.2.12. 2006-04-15 21:47:50 +02:00
willy tarreau
9974d73d98 [BUILD] added haproxy-small.spec for smaller and embedded systems.
Not sure if it's the best way to proceed though...
2006-04-15 21:47:17 +02:00
willy tarreau
a60214e260 * once again, forgot to update haproxy.spec 2006-03-30 18:03:39 +02:00
willy tarreau
d8b1fa5269 Released version 1.2.10 2006-03-19 21:01:07 +01:00
willy tarreau
fd6e535154 provided a patch to enable epoll on RHEL3 kernels. 2006-03-19 20:13:37 +01:00
willy tarreau
e4c2e10a98 fixed haproxy.spec to build correctly on RHEL3 2006-03-15 20:47:25 +01:00
willy tarreau
b6da47990b New .spec for RHEL from DAG 2006-03-15 19:41:10 +01:00
willy tarreau
b1285d5ce0 * released 1.2.6-pre4
* the time-out fix introduced in 1.1.25 caused a corner case where it was
  possible for a client to keep a connection maintained regardless of the
  timeout if the server closed the connection during the HEADER phase,
  while the client ignored the close request while doing nothing in the
  other direction. This has been fixed now by ensuring that read timeouts
  are re-armed when switching to any SHUTW state.
* enhanced error reporting in the logs. Now the proxy will precisely detect
  various error conditions related to the system and/or process limits, and
  generate LOG_EMERG logs indicating that a resource has been exhausted.
* logs will contain two new characters for the error cause : 'R' indicates
  a resource exhausted, and 'I' indicates an internal error, though this
  one should never happen.
* server connection timeouts can now be reported in the logs (sC), as well
  as connections refused because of maxconn limitations (PC).
* new global configuration keyword "ulimit-n" may be used to raise the FD
  limit to usable values.
* a warning is now displayed on startup if the FD limit is lower than the
  configured maximum number of sockets.
* new configuration keyword "monitor-net" makes it possible to be monitored
  by external devices which connect to the proxy without being logged nor
  forwarded to any server. Particularly useful on generic TCPv4 relays.
2005-12-18 01:20:14 +01:00
willy tarreau
4302f49525 * released 1.2.2 (1.1.29)
* fixed a bug where a TCP connection would be logged twice if the 'logasap'
  option was enabled without the 'tcplog' option.
* encode_string() would use hdr_encode_map instead of the map argument.
* the logged request is now encoded with '#XX' for unprintable characters
* new keywords 'capture request header' and 'capture response header' enable
  logging of arbitrary HTTP headers in requests and responses
* removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
2005-12-18 01:00:37 +01:00
willy tarreau
982249e9e7 * released 1.2.1 (1.1.28)
* added the '-V' command line option to verbosely report errors even though
  the -q or 'quiet' options are specified. This is useful with '-c'.
* added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
* added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
  information leak from servers.
* more examples added into the configuration
2005-12-18 00:57:06 +01:00
willy tarreau
fe2c5c147b * released 1.1.27
* the configurable HTTP health check introduced in 1.1.23 revealed a shameful
  bug : the code still assumed that HTTP requests were the same size as the
  original ones (22 bytes), and failed if they were not.
* added support for pidfiles.
2005-12-17 14:14:34 +01:00
willy tarreau
197e8ec2c3 * released 1.1.24
* if a client sent a full request then shut its write connection down, then
  the request was aborted. This case was detected only when using haproxy
  both as health-check client and as a server.
* if 'option httpchk' is used in a 'health' mode server, then responses will
  change from 'OK' to 'HTTP/1.0 200 OK'.
* fixed a Linux-only bug in case of HTTP server health-checks, where a single
  server response followed by a close could be ignored, and the server seen
  as failed.
* renamed 'haproxy.txt' to 'haproxy-fr.txt'
* large documentation and examples cleanups
2005-12-17 14:10:59 +01:00
willy tarreau
eedaa9f220 * released 1.1.23
* fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
  'default' sections to keep previous parameters, and not initialize logs
  correctly.
* fixed a second stupid bug introduced in 1.1.22 which caused configurations
  relying on 'dispatch' mode to segfault at the first connection.
* 'option httpchk' now supports method, HTTP version and a few headers.
* now, 'option httpchk', 'cookie' and 'capture' can be specified in
  'defaults' section
* a fresh new english documentation
* large Makefile cleanup for increased portability
* new build script 'build.cfg' for Formilux-0.1.8
* new startup script 'init.haproxy.flx0' for Formilux-0.1.8
2005-12-17 14:08:03 +01:00
willy tarreau
2f6ba6579f * released 1.1.21
* changed the debug output format so that it now includes the session unique
  ID followed by the instance name at the beginning of each line.
* in debug mode, accept now shows the client's IP and port.
* added one 3 small debugging scripts to search and pretty print debug output
* changed the default health check request to "OPTIONS /" instead of
  "OPTIONS *" since not all servers implement the later one.
* "option httpchk" now accepts an optional parameter allowing the user to
  specify and URI other than '/' during health-checks.
* made Makefile more robust to pcre-config errors
* added 3 new pretty-print scripts : debug2ansi, debug2html and debugfind
* upgraded Formilux package to haproxy-1.1.21-flx.1.pkg
* removed the now obsolete haproxy2html.sh
2005-12-17 13:57:42 +01:00
willy tarreau
906b268436 * released 1.1.19
* haproxy was NOT RFC compliant because it was case-sensitive on HTTP
  "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
  cookie persistence because it uses "cookie:". Two memcmp() have been
  replaced with strncasecmp().
* added the haproxy2html.sh script
* removed the now useless NOTES file
* made pcre-config quiet in the makefile.
2005-12-17 13:49:52 +01:00
willy tarreau
8337c6b7bd * released 1.1.17
* add the notion of "backup" servers, which are used only when all other
  servers are down.
* make Set-Cookie return "" instead of "(null)" when the server has no
  cookie assigned (useful for backup servers).
* "log" now supports an optionnal level name (info, notice, err ...) above
  which nothing is sent.
* replaced some strncmp() with memcmp() for better efficiency.
* added "capture cookie" option which logs client and/or server cookies
* cleaned up/down messages and dump servers states upon SIGHUP
* added a redirection feature for errors : "errorloc <errnum> <url>"
* now we won't insist on connecting to a dead server, even with a cookie,
  unless option "persist" is specified.
* added HTTP/408 response for client request time-out and HTTP/50[234] for
  server reply time-out or errors.
* updates to the examples files
* added a 'do_status' command to the Formilux init script
2005-12-17 13:41:01 +01:00
willy tarreau
bc4e1fb68a * released 1.1.16
* implement HTTP health checks when option "httpchk" is specified.
* put the changelog into a new CHANGELOG file
* updated the Formilux init script
2005-12-17 13:32:07 +01:00
willy tarreau
750a47265a * released 1.1.12
* fixed stats monitoring, and optimized some tv_* for most common cases.
* replaced temporary 'newhdr' with 'trash' to reduce stack size
* made HTTP errors more HTML-fiendly.
* renamed strlcpy() to strlcpy2() because of a slightly difference between
  their behaviour (return value), to avoid confusion.
* restricted HTTP messages to HTTP proxies only
* added a 502 message when the connection has been refused by the server,
  to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
* changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
  inserting a cookie, because some caches (apache) don't understand it.
* fixed processing of server headers when client is in SHUTR state
* automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
  setpgid()
* updated the Makefile and the Formilux build script
2005-12-17 13:21:24 +01:00
willy tarreau
240afa6d23 * released 1.1.11
* fixed multi-cookie handling in client request to allow clean deletion
  in insert+indirect mode. Now, only the server cookie is deleted and not
  all the header. Should now be compliant to RFC2109.
* added a "nocache" option to "cookie" to specify that we explicitly want
  to add a "cache-control" header when we add a cookie.
  It is also possible to add an "Expires: <old-date>" to keep compatibility
  with old/broken caches.
* some doc and examples cleanups
2005-12-17 13:14:35 +01:00
willy tarreau
96d4037194 * released 1.1.10
* if a cookie is used in insert+indirect mode, it's desirable that the
  the servers don't see it. It was not possible to remove it correctly
  with regexps, so now it's removed automatically.
2005-12-17 13:11:56 +01:00
willy tarreau
a159808bf2 * released 1.1.8
* option "dontlognull"
* fixed "double space" bug in config parser
* fixed an uninitialized server field in case of dispatch
  with no existing server which could cause a segfault during
  logging.
* the pid logged was always the father's, which was wrong for daemons.
* fixed wrong level "LOG_INFO" for message "proxy started".
* http logging is now complete :
  - ip:port, date, proxy, server
  - req_time, conn_time, hdr_time, tot_time
  - status, size, request
* source address binding
2005-12-17 13:08:06 +01:00
willy tarreau
9fe663a113 * released 1.1.7
* added option forwardfor
* added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
* added "log global" in "listen" section.
* added a new "global" section :
  - logs
  - debug, quiet, daemon modes
  - uid, gid, chroot, nbproc, maxconn
* added a TODO file
* updated example files
2005-12-17 13:02:59 +01:00
willy tarreau
e39cd137b3 * released 1.1.6
* regex are now chained and not limited anymore.
* unavailable server now returns HTTP/502.
* increased per-line args limit to 40
* added reqallow/reqdeny to block some request on matches
* added HTTP 400/403 responses
* added a 'NOTES' file
2005-12-17 13:00:18 +01:00
willy tarreau
535ae7aee2 * released 1.1.5
* connection logging displayed incorrect source address.
* added proxy start/stop and server up/down log events.
* replaced log message short buffers with larger trash.
* enlarged buffer to 8 kB and replace buffer to 4 kB.
* added a config.rc example for Formilux
* added a build script for Formilux
2005-12-17 12:58:00 +01:00
willy tarreau
b719f009c6 * released 1.1.3
* added a script to tune the network stack
* fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
  which could lead to loops.
2005-12-17 12:55:07 +01:00
willy tarreau
ef900ab0f4 * released 1.1.2
* fixed a bug in buffer management where we could have a loop
  between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
  => implemented an adjustable buffer limit.
* fixed a bug : expiration of tasks in wait queue timeout is used again,
  and running tasks are skipped.
* added some debug lines for accept events.
* send warnings for servers up/down.
2005-12-17 12:52:52 +01:00
willy tarreau
5cbea6fd41 * released 1.1.0
* added OpenBSD, Linux-2.2 and Linux-2.4 targets to the Makefile
* added a Formilux init script
* fixed a few timeout bugs
* rearranged the task scheduler subsystem to improve performance,
  add new tasks, and make it easier to later port to librt ;
* allow multiple accept() for one select() wake up ;
* implemented internal load balancing with basic health-check ;
* cookie insertion and header add/replace/delete, with better strings
  support.
* reworked buffer handling to fix a few rewrite bugs, and
  improve overall performance.
* implement the "purge" option to delete server cookies in direct mode.
* fixed some error cases where the maxfd was not decreased.
* now supports transparent proxying, at least on linux 2.4.
* soft stop works again (fixed select timeout computation).
* it seems that TCP proxies sometimes cannot timeout.
* added a "quiet" mode.
* enforce file descriptor limitation on socket() and accept().
2005-12-17 12:48:26 +01:00
willy tarreau
0f7af91265 * initial commit of version 1.0.0 2005-12-17 12:21:26 +01:00