When trying to build a 32-bit binary on a 64-bit platform, we generally
need to pass "-m32" to gcc, which is not convenient with current makefile.
Note that this option requires gcc >= 3.
In order to ease parameter passing, a new ARCH= makefile option has been
added. If it receives a target architecture, according "-m32"/"-m64" and
"-march=xxxx" will be passed to gcc. Only the generic makefile has been
changed to support this option right now as the need only appeared on Linux.
The spec file now makes use of this option so that rpmbuild can automatically
build with the proper architecture.
Released version 1.3.17 with the following main changes :
- Update specfile to build for v2.6 kernel.
- [BUG] reset the stream_interface connect timeout upon connect or error
- [BUG] reject unix accepts when connection limit is reached
- [MINOR] show sess: report number of calls to each task
- [BUG] don't call epoll_ctl() on closed sockets
- [BUG] stream_sock: disable I/O on fds reporting an error
- [MINOR] sepoll: don't count two events on the same FD.
- [MINOR] show sess: report a lot more information about sessions
- [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts
- [BUG] don't set an expiration date directly from now_ms
- [MINOR] implement ulltoh() to write HTML-formatted numbers
- [MINOR] stats/html: group digits by 3 to clarify numbers
- [BUILD] remove haproxy-small.spec
- [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND
- Fix date in changelog.
- Stop using deprecated "REGEX=pcre", and start using "USE_PCRE=1" instead.
- Disable RPM-processing of perl dependencies, since haproxy
shouldn't depend on perl, and it's only the examples/check script
that's using perl.
Released version 1.3.16 with the following main changes :
- [BUILD] Fixed Makefile for linking pcre
- [CONTRIB] selinux policy for haproxy
- [MINOR] show errors: encode backslash as well as non-ascii characters
- [MINOR] cfgparse: some cleanups in the consistency checks
- [MINOR] cfgparse: set backends to "balance roundrobin" by default
- [MINOR] tcp-inspect: permit the use of no-delay inspection
- [MEDIUM] reverse internal proxy declaration order to match configuration
- [CLEANUP] config: catch and report some possibly wrong rule ordering
- [BUG] connect timeout is in the stream interface, not the buffer
- [BUG] session: errors were not reported in termination flags in TCP mode
- [MINOR] tcp_request: let the caller take care of errors and timeouts
- [CLEANUP] http: remove some commented out obsolete code in process_response
- [MINOR] update ebtree to version 4.1
- [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1
- [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present
- [BUG] scheduler: fix improper handling of duplicates __task_queue()
- [MINOR] sched: permit a task to stay up between calls
- [MINOR] task: keep a task count and clean up task creators
- [MINOR] stats: report number of tasks (active and running)
- [BUG] server check intervals must not be null
- [OPTIM] stream_sock: don't retry to read after a large read
- [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates
- [MEDIUM] session: don't resync FSMs on non-interesting changes
- [BUG] check for global.maxconn before doing accept()
- [OPTIM] sepoll: do not re-check whole list upon accepts
Released version 1.3.15 with the following main changes :
- [BUILD] Added support for 'make install'
- [BUILD] Added 'install-man' make target for installing the man page
- [BUILD] Added 'install-bin' make target
- [BUILD] Added 'install-doc' make target
- [BUILD] Removed "/" after '$(DESTDIR)' in install targets
- [BUILD] Changed 'install' target to install the binaries first
- [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
- [MEDIUM]: Inversion for options
- [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
- [BUG]: Restore clearing t->logs.bytes
- [MEDIUM]: rework checks handling
- [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
- [MEDIUM] Implement "track [<backend>/]<server>"
- [MINOR] Implement persistent id for proxies and servers
- [BUG] Don't increment server connections too much + fix retries
- [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
- [MAJOR] proto_uxst rework -> SNMP support
- [BUG] appsession lookup in URL does not work
- [BUG] transparent proxy address was ignored in backend
- [BUG] hot reconfiguration failed because of a wrong error check
- [DOC] big update to the configuration manual
- [DOC] large update to the configuration manual
- [DOC] document more options
- [BUILD] major rework of the GNU Makefile
- [STATS] add support for "show info" on the unix socket
- [DOC] document options forwardfor to logasap
- [MINOR] add support for the "backlog" parameter
- [OPTIM] introduce global parameter "tune.maxaccept"
- [MEDIUM] introduce "timeout http-request" in frontends
- [MINOR] tarpit timeout is also allowed in backends
- [BUG] increment server connections for each connect()
- [MEDIUM] add a turn-around state of one second after a connection failure
- [BUG] fix typo in redispatched connection
- [DOC] document options nolinger to ssl-hello-chk
- [DOC] added documentation for "option tcplog" to "use_backend"
- [BUG] connect_server: server might not exist when sending error report
- [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
- [MEDIUM] add non-local bind to connect() on Linux
- [MINOR] add transparent proxy support for balabit's Tproxy v4
- [BUG] use backend's source and not server's source with tproxy
- [BUG] fix overlapping server flags
- [MEDIUM] fix server health checks source address selection
- [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
- [DOC] added "server", "source" and "stats" keywords
- [DOC] all server parameters have been documented
- [DOC] document all req* and rsp* keywords.
- [DOC] added documentation about HTTP header manipulations
- [BUG] log response byte count, not request
- [BUILD] code did not build in full debug mode
- [BUG] fix truncated responses with sepoll
- [MINOR] use s->frt_addr as the server's address in transparent proxy
- [MINOR] fix configuration hint about timeouts
- [DOC] minor cleanup of the doc and notice to contributors
- [MINOR] report correct section type for unknown keywords.
- [BUILD] update MacOS Makefile to build on newer versions
- [DOC] fix erroneous "useallbackups" option in the doc
- [DOC] applied small fixes from early readers
- [MINOR] add configuration support for "redir" server keyword
- [MEDIUM] completely implement the server redirection method
- [TESTS] add a test case for the server redirection mechanism
- [DOC] add a configuration entry for "server ... redir <prefix>"
- [BUILD] backend.c and checks.c did not build without tproxy !
- Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
- [BUILD] backend.c and checks.c did not build without tproxy !
- [OPTIM] used unsigned ints for HTTP state and message offsets
- [OPTIM] GCC4's builtin_expect() is suboptimal
- [BUG] failed conns were sometimes incremented in the frontend!
- [BUG] timeout.check was not pre-set to eternity
- [TESTS] add test-pollers.cfg to easily report pollers in use
- [BUG] do not apply timeout.connect in checks if unset
- [BUILD] ensure that makefile understands USE_DLMALLOC=1
- [MINOR] silent gcc for a wrong warning
- [CLEANUP] update .gitignore to ignore more temporary files
- [CLEANUP] report dlmalloc's source path only if explictly specified
- [BUG] str2sun could leak a small buffer in case of error during parsing
- [BUG] option allbackups was not working anymore in roundrobin mode
- [MAJOR] implementation of the "leastconn" load balancing algorithm
- [BUILD] ensure that users don't build without setting the target anymore.
- [DOC] document the leastconn LB algo
- [MEDIUM] fix stats socket limitation to 16 kB
- [DOC] fix unescaped space in httpchk example.
- [BUG] fix double-decrement of server connections
- [TESTS] add a test case for port mapping
- [TESTS] add a benchmark for integer hashing
- [TESTS] add new methods in ip-hash test file
- [MAJOR] implement parameter hashing for POST requests
Released version 1.3.14 with the following main changes :
- New option http_proxy (Alexandre Cassen)
- add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
- Check for duplicated conflicting proxies (Krzysztof Oledzki)
- stats: report server and backend cumulated downtime (Krzysztof Oledzki)
- use backends only with use_backend directive (Krzysztof Oledzki)
- Handle long lines properly (Krzysztof Oledzki)
- Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
- continous statistics (Krzysztof Oledzki)
- add support for logging via a UNIX socket (Robert Tsai)
- fix error checking in strl2ic/strl2uic()
- fix calls to localtime()
- provide easier-to-use ultoa_* functions
- provide easy-to-use limit_r and LIM2A* macros
- add a simple test for the status page
- move error codes to common/errors.h
- silent warning about LIST_* being redefined on OpenBSD
- add socket address length to the protocols
- group PR_O_BALANCE_* bits into a checkable value
- externalize the "balance" option parser to backend.c
- introduce the "url_param" balance method
- make default_backend work in TCP mode too
- disable warning about localtime_r on Solaris
- adjust error messages about conflicting proxies
- avoid calling some layer7 functions if not needed
- simplify error path in event_accept()
- add an options field to the listeners
- added a new state to listeners
- unbind_listener() must use fd_delete() and not close()
- add a generic unbind_listener() primitive
- add a generic delete_listener() primitive
- add a generic unbind_all_listeners() primitive
- create proto_tcp and move initialization of proxy listeners
- stats: report numerical process ID, proxy ID and server ID
- relative_pid was not initialized
- missing header names in raw stats output
- fix missing parenthesis in check_response_for_cacheability
- small optimization on session_process_counters()
- merge ebtree version 3.0
- make ebtree headers multiple-include compatible
- ebtree: include config.h for REGPRM*
- differentiate between generic LB params and map-specific ones
- add a weight divisor to the struct proxy
- implement the Fast Weighted Round Robin (FWRR) algo
- include filltab25.c to experiment on FWRR for dynamic weights
- merge test-fwrr.cfg to validate dynamic weights
- move the load balancing algorithm to be->lbprm.algo
- change server check result to a bit field
- implement "http-check disable-on-404" for graceful shutdown
- secure the calling conditions of ->set_server_status_{up,down}
- report disabled servers as "NOLB" when they are still UP
- document the "http-check disable-on-404" option
- http-check disable-on-404 is not limited to HTTP mode
- add a test file for disable-on-404
- use distinct bits per load-balancing algorithm type
- implement the slowstart parameter for servers
- document the server's slowstart parameter
- stats: report the server warm up status in a "throttle" column
- fix 2 minor issues on AIX
- add the "nbsrv" ACL verb
- add the "fail" condition to monitor requests
- remove a warning from gcc due to htons() in standard.c
- fwrr: ensure that we never overflow in placements
- store the build options to report with -vv
- fix the status return of the init script (R.I. Pienaar)
- stats: real time monitoring script for unix socket (Prizee)
- document "nbsrv" and "monitor fail"
- restrict the set of allowed characters for identifiers
- implement a time parsing function
- add support for time units in the configuration
- add a bit of documentation about timers
- introduce separation between contimeout, and tarpit + queue
- introduce the "timeout" keyword
- grouped all timeouts in one structure
- slowstart is in ms, not seconds
- slowstart: ensure we don't start with a null weight
- report the number of times each server was selected
- fix build on AIX due to recent log changes
- fix build on Solaris due to recent log changes
R.I. Pienaar reported to me that the init script provided with
haproxy did not correctly report the status of the rhstatus()
function. In fact this was caused by the "exit $RETVAL" instead
of "exit $?" at the end.
Hello,
You will find attached an updated release of previously submitted patch.
It polish some part and extend ACL engine to match IP and PORT parsed in
HTTP request. (and take care of comments made by Willy ! ;))
Best regards,
Alexandre
- replace the code under O'Reilly license (Arnaud Cornet)
- add a small man page (Arnaud Cornet)
- stats: report haproxy's version by default (Krzysztof Oledzki)
- stats: count server retries and redispatches (Krzysztof Oledzki)
- core: added easy support for Doug Lea's malloc (dlmalloc)
- core: fade out memory usage when stopping proxies
- core: moved the sockaddr pointer to the fdtab structure
- core: add generic protocol support
- core: implement client-side support for PF_UNIX sockets
- stats: implement the CSV output
- stats: add a link to the CSV export HTML page
- stats: implement the statistics output on a unix socket
- config: introduce the "stats" keyword in global section
- build: centralize version and date into one file for each
- tests: added a new hash algorithm
- acl: smarter integer comparison support in ACLs
- acl: specify the direction during fetches
- acl: provide the argument length for fetch functions
- acl: provide a reference to the expr to fetch()
- acl: implement matching on header values
- acl: support maching on 'path' component
- acl: permit to return any header when no name specified
- errorfile: use a local file to feed error messages
- negation in ACL conds was not cleared between terms
- fix segfault at exit when using captures
- improve memory freeing upon exit
- acl: support '-i' to ignore case when matching
- str2net() must not change the const char *
- provide default ACLs
- acl: distinguish between request and response headers
- added the 'use_backend' keyword for full content-switching
- acl: added the TRUE and FALSE ACLs.
- shut warnings 'is*' macros from ctype.h on solaris
It is now possible to read error messages from local files,
using the 'errorfile' keyword. Those files are read during
parsing, so there's no I/O involved. They make it possible
to return custom error messages with custom status and headers.
- do not re-arm read timeout in SHUTR state
- optimize I/O by detecting system starvation
- the epoll FD must not be shared between processes
- limit the number of events returned by *poll*
- fixed ev_sepoll again by rewriting the state machine
- switched all timeouts to timevals instead of milliseconds
- improved memory management using mempools v2.
- several minor optimizations
- several fixes in ev_sepoll
- fixed some expiration dates on some tasks
- fixed a bug in connection establishment detection due to speculative I/O
- fixed rare bug occuring on TCP with early close (reported by Andy Smith)
- implemented URI hashing algorithm (Guillaume Dallaire)
- implemented SMTP health checks (Peter van Dijk)
- replaced the rbtree with ul2tree from old scheduler project
- new framework for generic ACL support
- added the 'acl' and 'block' keywords to the config language
- added several ACL criteria and matches (IP, port, URI, ...)
- cleaned up and better modularization for some time functions
- fixed list macros
- fixed useless memory allocation in str2net()
- store the original destination address in the session
- modularized the polling mechanisms and use function pointers instead
of macros at many places
- implemented support for FreeBSD's kqueue() polling mechanism
- fixed a warning on OpenBSD : MIN/MAX redefined
- change socket registration order at startup to accomodate kqueue.
- several makefile cleanups to support old shells
- fix build with limits.h once for all
- ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
- fdtab now holds the results of polling
- implemented support for speculative I/O processing with epoll()
- remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
- auto-registering of pollers at load time
- rewriting either the status line or request line could crash the
process due to a pointer which ought to be reset before parsing.
- rewriting the status line in the response did not work, it caused
a 502 Bad Gateway due to an erroneous state during parsing
- fix reqadd when no option httpclose is used.
- removed now unused fiprm and beprm from proxies
- split logs into two versions : TCP and HTTP
- added some docs about http headers storage and acls
- added a VIM script for syntax color highlighting (Bruno Michel)
- fixed several bugs which might have caused a crash with bad configs
- several optimizations in header processing
- many progresses towards transaction-based processing
- option forwardfor may be used in frontends
- completed HTTP response processing
- some code refactoring between request and response processing
- new HTTP header manipulation functions
- optimizations on the recv() patch to reduce CPU usage under very
high data rates.
- more user-friendly help about the 'usesrc' keyword (CTTPROXY)
- username/groupname support from Marcus Rueckert
- added the "except" keyword to the "forwardfor" option (Bryan German)
- support for health-checks on other addresses (Fabrice Dulaunoy)
- makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
- do not insert "Connection: close" in HTTP/1.0 messages
Patch from Fabrice Dulaunoy. Explanation below, and script
merged in examples/.
This patch allow to put a different address in the check part for each
server (and not only a specific port)
I need this feature because I've a complex settings where, when a specific
farm goes down, I need to switch a set of other farm either if these other
farm behave perfectly well.
For that purpose, I've made a small PERL daemon with some REGEX or PORT
test which allow me to test a bunch of thing.
- fix critical bug introduced with 1.3.6 : an empty request header
may lead to a crash due to missing pointer assignment
- hdr_idx might be left uninitialized in debug mode
- fixed build on FreeBSD due to missing fd_set declaration
- stats now support the HEAD method too
- extracted http request from the session
- huge rework of the HTTP parser which is now a 28-state FSM.
- linux-style likely/unlikely macros for optimization hints
- do not create a server socket when there's no server
- added complete support and doc for TCP Splicing
- replaced the wait-queue linked list with an rbtree.
- stats: swap color sets for active and backup servers
- try to guess server check port when unset
- a few bugfixes and cleanups
The tcp-splicing code has been merged, and a doc has been written.
A configuration example has been derived from the previous content
switching sample.
Released 1.3.3 with the following changes :
- fix broken redispatch option in case the connection has already
been marked "in progress" (ie: nearly always).
- support regparm on x86 to speed up some often called functions
- removed a few useless calls to gettimeofday() in log functions.
- lots of 'const char*' cleanups
- turn every FD_* into functions which are faster on recent CPUs
- builds again on OpenBSD and Solaris
- started the changes towards I/O completion callbacks. stream_sock* have
replaced event_*.
- added the new "reqtarpit" and "reqitarpit" protection features
Released 1.3.1 with the following changes from 1.2.15 :
- now, haproxy warns about missing timeout during startup to try to
eliminate all those buggy configurations.
- added "Content-Type: text/html" in responses wherever appropriate, as
suggested by Cameron Simpson.
- implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
test server's health
- implemented "monitor-uri" so that haproxy can reply to a specific URI with
an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
at once.
This makes it possible to relay SSL connections in pure TCP instances while
ensuring the remote end really receives our data eventhough intermediate
agents (firewalls, proxies, ...) might acknowledge the connection.
Released 1.2.14 with the following changes :
- new HTML status report with the 'stats' keyword.
- added the 'abortonclose' option to better resist traffic surges
- implemented dynamic traffic regulation with the 'minconn' option
- show request time on denied requests
- definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
- now a proxy instance is allowed to run without servers, which is
useful to dedicate one instance to stats
- added lots of error counters
- a missing parenthesis preventd matching of cacheable cookies
- a missing parenthesis in poll_loop() might have caused missed events.
Summary of changes :
- 'maxconn' server parameter to do per-server session limitation
- queueing to support non-blocking session limitation
- fixed removal of cookies for cookie-less servers such as backup servers
- two separate wait queues for expirable and non-expirable tasks provide
better performance with lots of sessions.
- some code cleanups and performance improvements
- made state dumps a bit more verbose
- fixed missing checks for NULL srv in dispatch mode
- load balancing on backup servers was not possible in source hash mode.
- two session flags shared the same bit, but fortunately they were not
compatible.
* the time-out fix introduced in 1.1.25 caused a corner case where it was
possible for a client to keep a connection maintained regardless of the
timeout if the server closed the connection during the HEADER phase,
while the client ignored the close request while doing nothing in the
other direction. This has been fixed now by ensuring that read timeouts
are re-armed when switching to any SHUTW state.
* enhanced error reporting in the logs. Now the proxy will precisely detect
various error conditions related to the system and/or process limits, and
generate LOG_EMERG logs indicating that a resource has been exhausted.
* logs will contain two new characters for the error cause : 'R' indicates
a resource exhausted, and 'I' indicates an internal error, though this
one should never happen.
* server connection timeouts can now be reported in the logs (sC), as well
as connections refused because of maxconn limitations (PC).
* new global configuration keyword "ulimit-n" may be used to raise the FD
limit to usable values.
* a warning is now displayed on startup if the FD limit is lower than the
configured maximum number of sockets.
* new configuration keyword "monitor-net" makes it possible to be monitored
by external devices which connect to the proxy without being logged nor
forwarded to any server. Particularly useful on generic TCPv4 relays.
* fixed a bug where a TCP connection would be logged twice if the 'logasap'
option was enabled without the 'tcplog' option.
* encode_string() would use hdr_encode_map instead of the map argument.
* the logged request is now encoded with '#XX' for unprintable characters
* new keywords 'capture request header' and 'capture response header' enable
logging of arbitrary HTTP headers in requests and responses
* removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
* added the '-V' command line option to verbosely report errors even though
the -q or 'quiet' options are specified. This is useful with '-c'.
* added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
* added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
information leak from servers.
* more examples added into the configuration
* the configurable HTTP health check introduced in 1.1.23 revealed a shameful
bug : the code still assumed that HTTP requests were the same size as the
original ones (22 bytes), and failed if they were not.
* added support for pidfiles.
* if a client sent a full request then shut its write connection down, then
the request was aborted. This case was detected only when using haproxy
both as health-check client and as a server.
* if 'option httpchk' is used in a 'health' mode server, then responses will
change from 'OK' to 'HTTP/1.0 200 OK'.
* fixed a Linux-only bug in case of HTTP server health-checks, where a single
server response followed by a close could be ignored, and the server seen
as failed.
* renamed 'haproxy.txt' to 'haproxy-fr.txt'
* large documentation and examples cleanups
* fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
'default' sections to keep previous parameters, and not initialize logs
correctly.
* fixed a second stupid bug introduced in 1.1.22 which caused configurations
relying on 'dispatch' mode to segfault at the first connection.
* 'option httpchk' now supports method, HTTP version and a few headers.
* now, 'option httpchk', 'cookie' and 'capture' can be specified in
'defaults' section
* a fresh new english documentation
* large Makefile cleanup for increased portability
* new build script 'build.cfg' for Formilux-0.1.8
* new startup script 'init.haproxy.flx0' for Formilux-0.1.8
* changed the debug output format so that it now includes the session unique
ID followed by the instance name at the beginning of each line.
* in debug mode, accept now shows the client's IP and port.
* added one 3 small debugging scripts to search and pretty print debug output
* changed the default health check request to "OPTIONS /" instead of
"OPTIONS *" since not all servers implement the later one.
* "option httpchk" now accepts an optional parameter allowing the user to
specify and URI other than '/' during health-checks.
* made Makefile more robust to pcre-config errors
* added 3 new pretty-print scripts : debug2ansi, debug2html and debugfind
* upgraded Formilux package to haproxy-1.1.21-flx.1.pkg
* removed the now obsolete haproxy2html.sh
* haproxy was NOT RFC compliant because it was case-sensitive on HTTP
"Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
cookie persistence because it uses "cookie:". Two memcmp() have been
replaced with strncasecmp().
* added the haproxy2html.sh script
* removed the now useless NOTES file
* made pcre-config quiet in the makefile.
* add the notion of "backup" servers, which are used only when all other
servers are down.
* make Set-Cookie return "" instead of "(null)" when the server has no
cookie assigned (useful for backup servers).
* "log" now supports an optionnal level name (info, notice, err ...) above
which nothing is sent.
* replaced some strncmp() with memcmp() for better efficiency.
* added "capture cookie" option which logs client and/or server cookies
* cleaned up/down messages and dump servers states upon SIGHUP
* added a redirection feature for errors : "errorloc <errnum> <url>"
* now we won't insist on connecting to a dead server, even with a cookie,
unless option "persist" is specified.
* added HTTP/408 response for client request time-out and HTTP/50[234] for
server reply time-out or errors.
* updates to the examples files
* added a 'do_status' command to the Formilux init script
* fixed stats monitoring, and optimized some tv_* for most common cases.
* replaced temporary 'newhdr' with 'trash' to reduce stack size
* made HTTP errors more HTML-fiendly.
* renamed strlcpy() to strlcpy2() because of a slightly difference between
their behaviour (return value), to avoid confusion.
* restricted HTTP messages to HTTP proxies only
* added a 502 message when the connection has been refused by the server,
to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
* changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
inserting a cookie, because some caches (apache) don't understand it.
* fixed processing of server headers when client is in SHUTR state
* automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
setpgid()
* updated the Makefile and the Formilux build script
* fixed multi-cookie handling in client request to allow clean deletion
in insert+indirect mode. Now, only the server cookie is deleted and not
all the header. Should now be compliant to RFC2109.
* added a "nocache" option to "cookie" to specify that we explicitly want
to add a "cache-control" header when we add a cookie.
It is also possible to add an "Expires: <old-date>" to keep compatibility
with old/broken caches.
* some doc and examples cleanups
* if a cookie is used in insert+indirect mode, it's desirable that the
the servers don't see it. It was not possible to remove it correctly
with regexps, so now it's removed automatically.
* option "dontlognull"
* fixed "double space" bug in config parser
* fixed an uninitialized server field in case of dispatch
with no existing server which could cause a segfault during
logging.
* the pid logged was always the father's, which was wrong for daemons.
* fixed wrong level "LOG_INFO" for message "proxy started".
* http logging is now complete :
- ip:port, date, proxy, server
- req_time, conn_time, hdr_time, tot_time
- status, size, request
* source address binding
* regex are now chained and not limited anymore.
* unavailable server now returns HTTP/502.
* increased per-line args limit to 40
* added reqallow/reqdeny to block some request on matches
* added HTTP 400/403 responses
* added a 'NOTES' file
* connection logging displayed incorrect source address.
* added proxy start/stop and server up/down log events.
* replaced log message short buffers with larger trash.
* enlarged buffer to 8 kB and replace buffer to 4 kB.
* added a config.rc example for Formilux
* added a build script for Formilux
* fixed a bug in buffer management where we could have a loop
between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
=> implemented an adjustable buffer limit.
* fixed a bug : expiration of tasks in wait queue timeout is used again,
and running tasks are skipped.
* added some debug lines for accept events.
* send warnings for servers up/down.
* added OpenBSD, Linux-2.2 and Linux-2.4 targets to the Makefile
* added a Formilux init script
* fixed a few timeout bugs
* rearranged the task scheduler subsystem to improve performance,
add new tasks, and make it easier to later port to librt ;
* allow multiple accept() for one select() wake up ;
* implemented internal load balancing with basic health-check ;
* cookie insertion and header add/replace/delete, with better strings
support.
* reworked buffer handling to fix a few rewrite bugs, and
improve overall performance.
* implement the "purge" option to delete server cookies in direct mode.
* fixed some error cases where the maxfd was not decreased.
* now supports transparent proxying, at least on linux 2.4.
* soft stop works again (fixed select timeout computation).
* it seems that TCP proxies sometimes cannot timeout.
* added a "quiet" mode.
* enforce file descriptor limitation on socket() and accept().