Commit Graph

5282 Commits

Author SHA1 Message Date
Pieter Baauw
2dcb9bc5bf DOC: fix lua use-service example 2015-10-02 00:53:57 +02:00
Thierry FOURNIER
10770faf8e MEDIUM: lua: change the timeout execution
Now, the Lua timeout is relative to the effective run time.
When the Lua is waiting for I/O, this time is not took in
lua run time account.
2015-09-29 19:13:49 +02:00
Thierry FOURNIER
bee90aeda1 MINOR: lua: remove the run flag
Only the main execution function can set the run flag, because it is
the last function before the execution time.

This patch removes the flag set by another function. It will be used
by the new lua timeout counter.
2015-09-29 18:57:03 +02:00
Willy Tarreau
31138fae9f BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings
Commit e11cfcd ("MINOR: config: new backend directives:
load-server-state-from-file and server-state-file-name") introduced a bug
which can cause haproxy to crash upon startup by sending user-controlled
data in a format string when emitting a warning. Fix the way the warning
message is built to avoid this.

No backport is needed, this was introduced in 1.6-dev6 only.
2015-09-29 18:51:40 +02:00
Willy Tarreau
e1aebb2994 BUILD: server: fix build warnings introduced by load-server-state
Commit e11cfcd ("MINOR: config: new backend directives:
load-server-state-from-file and server-state-file-name") caused these
warnings when building with Clang :

src/server.c:1972:21: warning: comparison of unsigned expression < 0 is always false [-Wtautological-compare]
                            (srv_uweight < 0) || (srv_uweight > SRV_UWGHT_MAX))
                             ~~~~~~~~~~~ ^ ~
src/server.c:1980:21: warning: comparison of unsigned expression < 0 is always false [-Wtautological-compare]
                            (srv_iweight < 0) || (srv_iweight > SRV_UWGHT_MAX))
                             ~~~~~~~~~~~ ^ ~

Indeed, srv_iweight and srv_uweight are unsigned. Just drop the offending test.
2015-09-29 18:32:57 +02:00
Willy Tarreau
ae459f3b9f BUILD: tcp: use IPPROTO_IP when SOL_IP is not available
Dmitry Sivachenko reported a build failure on FreeBSD due to SOL_IP not
being defined. IPPROTO_IP must be used there instead.
2015-09-29 18:19:32 +02:00
Willy Tarreau
fc2a2d97d6 CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled
The conn_sock_drain() call is only there to force the system to ACK
pending data in case of TCP_QUICKACK so that the client doesn't retransmit,
otherwise it leads to a real RST making the feature useless. There's no
point in draining the connection when quick ack cannot be disabled, so
let's move the call inside the ifdef part.
2015-09-29 18:15:01 +02:00
Willy Tarreau
f50ec0fdbc BUG/MINOR: tcp: make silent-drop always force a TCP reset
The silent-drop action is supposed to close with a TCP reset that is
either not sent or not too far. But since it's on the client-facing
side, the socket's lingering is enabled by default and the RST only
occurs if some pending unread data remain in the queue when closing.
This causes some clean shutdowns to occur with retransmits, which is
not good at all. Force linger_risk on the socket to flush all data
and destroy the socket.

No backport is needed, this was introduced in 1.6-dev6.
2015-09-29 18:11:32 +02:00
Willy Tarreau
971f7b6bb4 DOC: reorder misplaced res.ssl_hello_type in the doc
Entries are supposed to be in alphabetical order.
2015-09-29 14:07:32 +02:00
Pradeep Jindal
bb2acf589f MINOR: payload: add support for tls session ticket ext
req.ssl_st_ext : integer
  Returns 0 if the client didn't send a SessionTicket TLS Extension (RFC5077)
  Returns 1 if the client sent SessionTicket TLS Extension
  Returns 2 if the client also sent non-zero length TLS SessionTicket
2015-09-29 14:07:32 +02:00
Cyril Bonté
307ee1e01b DOC: documentation format cleanups
Chapter "Mailers" was missing from the summary, tabulations were used and
several lines exceeded 80 columns : some lines still exceeds the 80 columns
limit but are left as is, as it mostly concerns syntax and configuration
examples.
2015-09-29 00:34:36 +02:00
Willy Tarreau
e7ae656cf7 [RELEASE] Released version 1.6-dev6
Released version 1.6-dev6 with the following main changes :
    - BUG/MAJOR: can't enable a server through the stat socket
    - MINOR: server: Macro definition for server-state
    - MINOR: cli: new stats socket command: show servers state
    - DOC: stats socket command: show servers state
    - MINOR: config: new global directive server-state-base
    - DOC: global directive server-state-base
    - MINOR: config: new global section directive: server-state-file
    - DOC: new global directive: server-state-file
    - MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name
    - DOC: load-server-state-from-file
    - MINOR: init: server state loaded from file
    - MINOR: server: startup slowstart task when using seamless reload of HAProxy
    - MINOR: cli: new stats socket command: show backend
    - DOC: servers state seamless reload example
    - BUG: dns: can't connect UDP socket on FreeBSD
    - MINOR: cfgparse: New function cfg_unregister_sections()
    - MINOR: chunk: New function free_trash_buffers()
    - BUG/MEDIUM: main: Freeing a bunch of static pointers
    - MINOR: proto_http: Externalisation of previously internal functions
    - MINOR: global: Few new struct fields for da module
    - MAJOR: da: Update of the DeviceAtlas API module
    - DOC: DeviceAtlas new keywords
    - DOC: README: DeviceAtlas sample configuration updates
    - MEDIUM: log: replace sendto() with sendmsg() in __send_log()
    - MEDIUM: log: use a separate buffer for the header and for the message
    - MEDIUM: logs: remove the hostname, tag and pid part from the logheader
    - MEDIUM: logs: add support for RFC5424 header format per logger
    - MEDIUM: logs: add a new RFC5424 log-format for the structured-data
    - DOC: mention support for the RFC5424 syslog message format
    - MEDIUM: logs: have global.log_send_hostname not contain the trailing space
    - MEDIUM: logs: pass the trailing "\n" as an iovec
    - BUG/MEDIUM: peers: some table updates are randomly not pushed.
    - BUG/MEDIUM: peers: same table updates re-pushed after a re-connect
    - BUG/MINOR: fct peer_prepare_ackmsg should not use trash.
    - MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions
    - MINOR: global: Added new fields for 51Degrees device detection
    - DOC: Added more explanation for 51Degrees V3.2
    - BUILD: Changed 51Degrees option to support V3.2
    - MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features
    - MINOR: 51d: Improved string handling for LRU cache
    - DOC: add references to rise/fall for the fastinter explanation
    - MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD
    - BUG/MAJOR: lua: potential unexpected aborts()
    - BUG/MINOR: lua: breaks the log message if his size exceed one buffer
    - MINOR: action: add private configuration
    - MINOR: action: add reference to the original keywork matched for the called parser.
    - MINOR: lua: change actions registration
    - MEDIUM: proto_http: smp_prefetch_http initialize txn
    - MINOR: channel: rename function chn_sess to chn_strm
    - CLEANUP: lua: align defines
    - MINOR: http: export http_get_path() function
    - MINOR: http: export the get_reason() function
    - MINOR: http: export function http_msg_analyzer()
    - MINOR: http: split initialization
    - MINOR: lua: reset pointer after use
    - MINOR: lua: identify userdata objects
    - MEDIUM: lua: use the function lua_rawset in place of lua_settable
    - BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action.
    - CLEANUP: lua: use calloc in place of malloc
    - BUG/MEDIUM: lua: longjmp function must be unregistered
    - BUG/MEDIUM: lua: forces a garbage collection
    - BUG/MEDIUM: lua: wakeup task on bad conditions
    - MINOR: standard: avoid DNS resolution from the function str2sa_range()
    - MINOR: lua: extend socket address to support non-IP families
    - MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup
    - BUG/MEDIUM: lua: socket destroy before reading pending data
    - MEDIUM: lua: change the GC policy
    - OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket
    - BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume
    - MINOR: applet: add init function
    - MINOR: applet: add an execution timeout
    - MINOR: stream/applet: add use-service action
    - MINOR: lua: add AppletTCP class and service
    - MINOR: lua: add AppletHTTP class and service
    - DOC: lua: some documentation update
    - DOC: add the documentation about internal circular lists
    - DOC: add a CONTRIBUTING file
    - DOC: add a MAINTAINERS file
    - BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes
    - DOC: update coding-style to reference checkpatch.pl
    - BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries
    - BUG/MINOR: args: add name for ARGT_VAR
    - DOC: add more entries to MAINTAINERS
    - DOC: add more entries to MAINTAINERS
    - CLEANUP: stream-int: remove obsolete function si_applet_call()
    - BUG/MAJOR: cli: do not dereference strm_li()->proto->name
    - BUG/MEDIUM: http: do not dereference strm_li(stream)
    - BUG/MEDIUM: proxy: do not dereference strm_li(stream)
    - BUG/MEDIUM: stream: do not dereference strm_li(stream)
    - MINOR: stream-int: use si_release_endpoint() to close idle conns
    - BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers
    - BUG/MEDIUM: acl: always accept match "found"
    - MINOR: applet: rename applet_runq to applet_active_queue
    - BUG/MAJOR: applet: use a separate run queue to maintain list integrity
    - MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts
    - MINOR: stream-int: implement a new stream_int_update() function
    - MEDIUM: stream-int: factor out the stream update functions
    - MEDIUM: stream-int: call stream_int_update() from si_update()
    - MINOR: stream-int: export stream_int_update_*
    - MINOR: stream-int: move the applet_pause call out of the stream updates
    - MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb
    - MINOR: stream-int: implement the stream_int_notify() function
    - MEDIUM: stream-int: use the same stream notification function for applets and conns
    - MEDIUM: stream-int: completely remove stream_int_update_embedded()
    - MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb()
    - BUG/MEDIUM: applet: fix reporting of broken write situation
    - BUG/MINOR: stats: do not call cli_release_handler 3 times
    - BUG/MEDIUM: cli: properly handle closed output
    - MINOR: cli: do not call the release handler on internal error.
    - BUG/MEDIUM: stream-int: avoid double-call to applet->release
    - DEBUG: add p_malloc() to return a poisonned memory area
    - CLEANUP: lua: remove unneeded memset(0) after calloc()
    - MINOR: lua: use the proper applet wakeup mechanism
    - BUG/MEDIUM: lua: better fix for the protocol check
    - BUG/MEDIUM: lua: properly set the target on the connection
    - MEDIUM: actions: pass a new "flags" argument to custom actions
    - MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call
    - MEDIUM: http: pass ACT_FLAG_FINAL to custom actions
    - MEDIUM: lua: only allow actions to yield if not in a final call
    - DOC: clarify how to make use of abstract sockets in socat
    - CLEANUP: config: make the errorloc/errorfile messages less confusing
    - MEDIUM: action: add a new flag ACT_FLAG_FIRST
    - BUG/MINOR: config: check that tune.bufsize is always positive
    - MEDIUM: config: set tune.maxrewrite to 1024 by default
    - DOC: add David Carlier as maintainer of da.c
    - DOC: fix some broken unexpected unicode chars in the Lua doc.
    - BUG/MEDIUM: proxy: ignore stopped peers
    - BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
    - MEDIUM: init: completely deallocate unused peers
    - BUG/MEDIUM: tcp: fix inverted condition to call custom actions
    - DOC: remove outdated actions lists on tcp-request/response
    - MEDIUM: tcp: add new tcp action "silent-drop"
    - DOC: add URLs to optional libraries in the README
2015-09-28 23:46:27 +02:00
Willy Tarreau
a8fc8a2529 DOC: add URLs to optional libraries in the README
It's nice to suggest people how to build with certain libraries but
it's nicer to tell them where to fetch them.
2015-09-28 22:36:21 +02:00
Willy Tarreau
2d392c2c2f MEDIUM: tcp: add new tcp action "silent-drop"
This stops the evaluation of the rules and makes the client-facing
connection suddenly disappear using a system-dependant way that tries
to prevent the client from being notified. The effect it then that the
client still sees an established connection while there's none on
HAProxy. The purpose is to achieve a comparable effect to "tarpit"
except that it doesn't use any local resource at all on the machine
running HAProxy. It can resist much higher loads than "tarpit", and
slow down stronger attackers. It is important to undestand the impact
of using this mechanism. All stateful equipments placed between the
client and HAProxy (firewalls, proxies, load balancers) will also keep
the established connection for a long time and may suffer from this
action. On modern Linux systems running with enough privileges, the
TCP_REPAIR socket option is used to block the emission of a TCP
reset. On other systems, the socket's TTL is reduced to 1 so that the
TCP reset doesn't pass the first router, though it's still delivered to
local networks.
2015-09-28 22:14:57 +02:00
Willy Tarreau
c870bfd0e9 DOC: remove outdated actions lists on tcp-request/response
The valid actions are enumerated in the text, and the small set listed
in the definition is not accurate.
2015-09-28 18:58:55 +02:00
Willy Tarreau
45059e9b98 BUG/MEDIUM: tcp: fix inverted condition to call custom actions
tcp-request connection had an inverted condition on action_ptr, resulting
in no registered actions to be usable since commit 4214873 ("MEDIUM: actions:
remove ACTION_STOP") merged in 1.6-dev5. Very few new actions were impacted.
No backport is needed.
2015-09-28 18:32:41 +02:00
Dragan Dosen
5b78d9b437 MEDIUM: logs: pass the trailing "\n" as an iovec
This patch passes the trailing "\n" as an iovec in the function
__send_log(), so that we don't need to modify the original log message.
2015-09-28 18:31:09 +02:00
Dragan Dosen
c8cfa7b4f3 MEDIUM: logs: have global.log_send_hostname not contain the trailing space
This patch unifies global.log_send_hostname addition in the log header
processing.
2015-09-28 18:27:45 +02:00
Dragan Dosen
7ad3154cb8 DOC: mention support for the RFC5424 syslog message format
Document the new log "format" argument and the "log-format-sd" statement.
2015-09-28 18:27:22 +02:00
Willy Tarreau
47c8c029db MEDIUM: init: completely deallocate unused peers
When peers are stopped due to not being running on the appropriate
process, we want to completely release them and unregister their signals
and task in order to ensure there's no way they may be called in the
future.

Note: ideally we should have a list of all tables attached to a peers
section being disabled in order to unregister them and void their
sync_task. It doesn't appear to be *that* easy for now.
2015-09-28 16:43:48 +02:00
Willy Tarreau
20b7afbc14 BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
When performing a soft stop, we used to wake up every proxy's task and
each of their table's task. The problem is that since we're able to stop
proxies and peers not bound to a specific process, we may end up calling
random junk by doing so of the proxy we're waking up is already stopped.
This causes a segfault to appear during soft reloads for old processes
not bound to a peers section if such a section exists in other processes.

Let's only consider proxies that are not stopped when doing this.

This fix must be backported to 1.5 which also has the same issue.
2015-09-28 16:35:04 +02:00
Willy Tarreau
337a666572 BUG/MEDIUM: proxy: ignore stopped peers
Since commit f83d3fe ("MEDIUM: init: stop any peers section not bound
to the correct process"), it is possible to stop unused peers on certain
processes. The problem is that the pause/resume/stop functions are not
aware of this and will pass a NULL proxy pointer to the respective
functions, resulting in segfaults in unbound processes during soft
restarts.

Properly check that the peers' frontend is still valid before calling
them.

This bug also affects 1.5 so the fix must be backported. Note that this
fix is not enough to completely get rid of the segfault, the next one
is needed as well.
2015-09-28 16:27:44 +02:00
Willy Tarreau
61add3c064 DOC: fix some broken unexpected unicode chars in the Lua doc.
A few chars didn't render properly in some terminals and had no
reason for being there.
2015-09-28 15:39:10 +02:00
Thierry FOURNIER
a3bc513a23 DOC: lua: some documentation update
this update embbeds some fix of existing function, and the applet documentation.
2015-09-28 15:23:57 +02:00
Willy Tarreau
e4b3127d61 DOC: add David Carlier as maintainer of da.c
David is willing to handle any issue related to da.c.
2015-09-28 14:01:27 +02:00
David Carlier
00d7d61f0c DOC: README: DeviceAtlas sample configuration updates
Needs to distinguish the convertor and the fetch type samples.
More explanations are made about their specific purposes.
2015-09-28 14:01:27 +02:00
David Carlier
29b3ca3795 DOC: DeviceAtlas new keywords
A new entry in the configuration's documentation to set optionally
the name of the client's cookie used for the detection.
2015-09-28 14:01:27 +02:00
David Carlier
608c65ac6a MAJOR: da: Update of the DeviceAtlas API module
Introduction of the new keyword about the client's cookie name
via a new config entry.

Splits the work between the original convertor and the new fetch type.
The latter iterates through the whole list of HTTP headers but first,
make sure the request data are ready to process and set the input
to the string type rightly.

The API is then able to filter itself which headers are gueninely useful,
with a special care of the Client's cookie.

[WT: the immediate impact for the end user is that configs making use of
    "da-csv" won't load anymore and will need to be modified to use either
    "da-csv-conv" or "da-csv-fetch"]
2015-09-28 14:01:27 +02:00
David Carlier
5801a8247a MINOR: global: Few new struct fields for da module
The name and length of the client cookie, useful for extracting
cookie value's function and a simple bitfield one to define if
set or not.
2015-09-28 14:01:27 +02:00
David Carlier
4686f792b4 MINOR: proto_http: Externalisation of previously internal functions
Needs to expose the HTTP headers 'iterator' and the client's cookie
value extraction functions.
2015-09-28 14:01:27 +02:00
Dragan Dosen
0b85ecee53 MEDIUM: logs: add a new RFC5424 log-format for the structured-data
This patch adds a new RFC5424-specific log-format for the structured-data
that is automatically send by __send_log() when the sender is in RFC5424
mode.

A new statement "log-format-sd" should be used in order to set log-format
for the structured-data part in RFC5424 formatted syslog messages.
Example:

    log-format-sd [exampleSDID@1234\ bytes=\"%B\"\ status=\"%ST\"]
2015-09-28 14:01:27 +02:00
Dragan Dosen
1322d09a6f MEDIUM: logs: add support for RFC5424 header format per logger
The function __send_log() iterates over senders and passes the header as
the first vector to sendmsg(), thus it can send a logger-specific header
in each message.

A new logger arguments "format rfc5424" should be used in order to enable
RFC5424 header format. For example:

    log 10.2.3.4:1234 len 2048 format rfc5424 local2 info
2015-09-28 14:01:27 +02:00
Dragan Dosen
68d2e3a742 MEDIUM: logs: remove the hostname, tag and pid part from the logheader
At the moment we have to call snprintf() for every log line just to
rebuild a constant. Thanks to sendmsg(), we send the message in 3 parts:
time-based header, proxy-specific hostname+log-tag+pid, session-specific
message.
2015-09-28 14:01:27 +02:00
Dragan Dosen
59cee973cd MEDIUM: log: use a separate buffer for the header and for the message
Make sendmsg() use two vectors, one for the message header that is updated
by update_log_hdr() and one for the message buffer.
2015-09-28 14:01:27 +02:00
Dragan Dosen
609ac2ab6c MEDIUM: log: replace sendto() with sendmsg() in __send_log()
This patch replaces sendto() with sendmsg() in __send_log() and makes use
of an iovec to send the log message.
2015-09-28 14:01:27 +02:00
David Carlier
834cb2e445 BUG/MEDIUM: main: Freeing a bunch of static pointers
static_table_key, get_http_auth_buff and swap_buffer static variables
are now freed during deinit and the two previously new functions are
called as well. In addition, the 'trash' string buffer is cleared.
2015-09-28 14:00:00 +02:00
David Carlier
60deeba090 MINOR: chunk: New function free_trash_buffers()
This new function is meant to be called in the general deinit phase,
to free those two internal chunks.
2015-09-28 14:00:00 +02:00
David Carlier
845efb53c7 MINOR: cfgparse: New function cfg_unregister_sections()
A new function introduced meant to be called during general deinit phase.
During the configuration parsing, the section entries are all allocated.
This new function free them.
2015-09-28 14:00:00 +02:00
Willy Tarreau
270978492c MEDIUM: config: set tune.maxrewrite to 1024 by default
The tune.maxrewrite parameter used to be pre-initialized to half of
the buffer size since the very early days when buffers were very small.
It has grown to absurdly large values over the years to reach 8kB for a
16kB buffer. This prevents large requests from being accepted, which is
the opposite of the initial goal.

Many users fix it to 1024 which is already quite large for header
addition.

So let's change the default setting policy :
  - pre-initialize it to 1024
  - let the user tweak it
  - in any case, limit it to tune.bufsize / 2

This results in 15kB usable to buffer HTTP messages instead of 8kB, and
doesn't affect existing configurations which already force it.
2015-09-28 13:59:41 +02:00
Willy Tarreau
9b69454570 BUG/MINOR: config: check that tune.bufsize is always positive
We must not accept negative values for tune.bufsize as they will only
result in crashing the process during the parsing.
2015-09-28 13:59:38 +02:00
Thierry FOURNIER
a30b5dbf85 MINOR: lua: add AppletHTTP class and service
This class is used by Lua code for running as an applet called in HTTP mode
It defines also the associated lua service
2015-09-28 01:03:48 +02:00
Thierry FOURNIER
f0a64b676f MINOR: lua: add AppletTCP class and service
This class is used by Lua code for running as an applet called in TCP mode.
It defines also the lua service.
2015-09-28 01:03:48 +02:00
Thierry FOURNIER
5a363e71b2 MINOR: stream/applet: add use-service action
This new target can be called from the frontend or the backend. It
is evaluated just before the backend choice and just before the server
choice. So, the input stream or HTTP request can be forwarded to a
server or to an internal service.
2015-09-28 01:03:48 +02:00
Thierry FOURNIER
1245a8318a MINOR: applet: add an execution timeout
This patch only declares the execution timeout variable. The applet
must be respect or ignore it. For example an applet who doing some
network accesses and doesn't control its execution yime should use
this timeout.
2015-09-28 01:03:48 +02:00
Thierry FOURNIER
c069cfdfea MINOR: applet: add init function
this patch adds init function for the applet. the HAProxy standard
applet (peers, stats, lua) have no standard way for the applet
initialisation. This new function pointer have for goal to try to
standardize the applet initialization.
2015-09-28 01:03:48 +02:00
Thierry FOURNIER
2f3867f429 BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume
Some flags like HLUA_MUST_GC must not be cleared otherwise sessions are
not properly cleaned.
2015-09-28 01:03:43 +02:00
Willy Tarreau
acc980036f MEDIUM: action: add a new flag ACT_FLAG_FIRST
This flag is used by custom actions to know that they're called for the
first time. The only case where it's not set is when they're resuming
from a yield. It will be needed to let them know when they have to
allocate some resources.
2015-09-27 23:34:39 +02:00
Thierry FOURNIER
7c39ab4ac2 OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket
The garbage collector is a little bit heavy to run, and it was added
only for cosockets. This patch prevent useless executions when no
cosockets are used.
2015-09-27 22:56:40 +02:00
Thierry FOURNIER
6ab4d8ec0e MEDIUM: lua: change the GC policy
The GC is run each times that an Lua function exit with an error or with a success.
2015-09-27 22:22:37 +02:00
Thierry FOURNIER
6d695e6314 BUG/MEDIUM: lua: socket destroy before reading pending data
When the channel is down, the applet is waked up. Before this patch,
the applet closes the stream and the unread data are discarded.

After this patch, the stream is not closed except if the buffers are
empty.

It will be closed later by the close function, or by the garbage collector.
2015-09-27 21:50:26 +02:00