mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-15 07:54:33 +00:00
991b47831a
Released version 1.7-dev0 with the following main changes : - exact copy of 1.6.0
5541 lines
338 KiB
Plaintext
5541 lines
338 KiB
Plaintext
ChangeLog :
|
|
===========
|
|
|
|
2015/10/13 : 1.7-dev0
|
|
- exact copy of 1.6.0
|
|
|
|
2015/10/13 : 1.6.0
|
|
- BUG/MINOR: Handle interactive mode in cli handler
|
|
- DOC: global section missing parameters
|
|
- DOC: backend section missing parameters
|
|
- DOC: stats paramaters available in frontend
|
|
- MINOR: lru: do not allocate useless memory in lru64_lookup
|
|
- BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
|
|
- BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
|
|
- MINOR: ssl: Release Servers SSL context when HAProxy is shut down
|
|
- MINOR: ssl: Read the file used to generate certificates in any order
|
|
- MINOR: ssl: Add support for EC for the CA used to sign generated certificates
|
|
- MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
|
|
- BUG/MEDIUM: logs: fix time zone offset format in RFC5424
|
|
- BUILD: Fix the build on OSX (htonll/ntohll)
|
|
- BUILD: enable build on Linux/s390x
|
|
- BUG/MEDIUM: lua: direction test failed
|
|
- MINOR: lua: fix a spelling error in some error messages
|
|
- CLEANUP: cli: ensure we can never double-free error messages
|
|
- BUG/MEDIUM: lua: force server-close mode on Lua services
|
|
- MEDIUM: init: support more command line arguments after pid list
|
|
- MEDIUM: init: support a list of files on the command line
|
|
- MINOR: debug: enable memory poisonning to use byte 0
|
|
- BUILD: ssl: fix build error introduced by recent commit
|
|
- BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
|
|
- MEDIUM: server: implement TCP_USER_TIMEOUT on the server
|
|
- DOC: mention the "namespace" options for bind and server lines
|
|
- DOC: add the "management" documentation
|
|
- DOC: move the stats socket documentation from config to management
|
|
- MINOR: examples: update haproxy.spec to mention new docs
|
|
- DOC: mention management.txt in README
|
|
- DOC: remove haproxy-{en,fr}.txt
|
|
- BUILD: properly report when USE_ZLIB and USE_SLZ are used together
|
|
- MINOR: init: report use of libslz instead of "no compression"
|
|
- CLEANUP: examples: remove some obsolete and confusing files
|
|
- CLEANUP: examples: remove obsolete configuration file samples
|
|
- CLEANUP: examples: fix the example file content-sw-sample.cfg
|
|
- CLEANUP: examples: update sample file option-http_proxy.cfg
|
|
- CLEANUP: examples: update sample file ssl.cfg
|
|
- CLEANUP: tests: move a test file from examples/ to tests/
|
|
- CLEANUP: examples: shut up warnings in transparent proxy example
|
|
- CLEANUP: tests: removed completely obsolete test files
|
|
- DOC: update ROADMAP to remove what was done in 1.6
|
|
- BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id
|
|
|
|
2015/10/06 : 1.6-dev7
|
|
- MINOR: cli: Dump all resolvers stats if no resolver section is given
|
|
- BUG: config: external-check command validation is checking for incorrect arguments.
|
|
- DOC: documentation format cleanups
|
|
- DOC: lua: few typos.
|
|
- BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy
|
|
- BUG/MEDIUM: logs: segfault writing to log from Lua
|
|
- DOC: fix lua use-service example
|
|
- MINOR: payload: add support for tls session ticket ext
|
|
- MINOR: lua: remove the run flag
|
|
- MEDIUM: lua: change the timeout execution
|
|
- MINOR: lua: rename the tune.lua.applet-timeout
|
|
- DOC: lua: update Lua doc
|
|
- DOC: lua: update doc according with the last Lua changes
|
|
- MINOR: http/tcp: fill the avalaible actions
|
|
- DOC: reorder misplaced res.ssl_hello_type in the doc
|
|
- BUG/MINOR: tcp: make silent-drop always force a TCP reset
|
|
- CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled
|
|
- BUILD: tcp: use IPPROTO_IP when SOL_IP is not available
|
|
- BUILD: server: fix build warnings introduced by load-server-state
|
|
- BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings
|
|
|
|
2015/09/28 : 1.6-dev6
|
|
- BUG/MAJOR: can't enable a server through the stat socket
|
|
- MINOR: server: Macro definition for server-state
|
|
- MINOR: cli: new stats socket command: show servers state
|
|
- DOC: stats socket command: show servers state
|
|
- MINOR: config: new global directive server-state-base
|
|
- DOC: global directive server-state-base
|
|
- MINOR: config: new global section directive: server-state-file
|
|
- DOC: new global directive: server-state-file
|
|
- MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name
|
|
- DOC: load-server-state-from-file
|
|
- MINOR: init: server state loaded from file
|
|
- MINOR: server: startup slowstart task when using seamless reload of HAProxy
|
|
- MINOR: cli: new stats socket command: show backend
|
|
- DOC: servers state seamless reload example
|
|
- BUG: dns: can't connect UDP socket on FreeBSD
|
|
- MINOR: cfgparse: New function cfg_unregister_sections()
|
|
- MINOR: chunk: New function free_trash_buffers()
|
|
- BUG/MEDIUM: main: Freeing a bunch of static pointers
|
|
- MINOR: proto_http: Externalisation of previously internal functions
|
|
- MINOR: global: Few new struct fields for da module
|
|
- MAJOR: da: Update of the DeviceAtlas API module
|
|
- DOC: DeviceAtlas new keywords
|
|
- DOC: README: DeviceAtlas sample configuration updates
|
|
- MEDIUM: log: replace sendto() with sendmsg() in __send_log()
|
|
- MEDIUM: log: use a separate buffer for the header and for the message
|
|
- MEDIUM: logs: remove the hostname, tag and pid part from the logheader
|
|
- MEDIUM: logs: add support for RFC5424 header format per logger
|
|
- MEDIUM: logs: add a new RFC5424 log-format for the structured-data
|
|
- DOC: mention support for the RFC5424 syslog message format
|
|
- MEDIUM: logs: have global.log_send_hostname not contain the trailing space
|
|
- MEDIUM: logs: pass the trailing "\n" as an iovec
|
|
- BUG/MEDIUM: peers: some table updates are randomly not pushed.
|
|
- BUG/MEDIUM: peers: same table updates re-pushed after a re-connect
|
|
- BUG/MINOR: fct peer_prepare_ackmsg should not use trash.
|
|
- MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions
|
|
- MINOR: global: Added new fields for 51Degrees device detection
|
|
- DOC: Added more explanation for 51Degrees V3.2
|
|
- BUILD: Changed 51Degrees option to support V3.2
|
|
- MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features
|
|
- MINOR: 51d: Improved string handling for LRU cache
|
|
- DOC: add references to rise/fall for the fastinter explanation
|
|
- MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD
|
|
- BUG/MAJOR: lua: potential unexpected aborts()
|
|
- BUG/MINOR: lua: breaks the log message if his size exceed one buffer
|
|
- MINOR: action: add private configuration
|
|
- MINOR: action: add reference to the original keywork matched for the called parser.
|
|
- MINOR: lua: change actions registration
|
|
- MEDIUM: proto_http: smp_prefetch_http initialize txn
|
|
- MINOR: channel: rename function chn_sess to chn_strm
|
|
- CLEANUP: lua: align defines
|
|
- MINOR: http: export http_get_path() function
|
|
- MINOR: http: export the get_reason() function
|
|
- MINOR: http: export function http_msg_analyzer()
|
|
- MINOR: http: split initialization
|
|
- MINOR: lua: reset pointer after use
|
|
- MINOR: lua: identify userdata objects
|
|
- MEDIUM: lua: use the function lua_rawset in place of lua_settable
|
|
- BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action.
|
|
- CLEANUP: lua: use calloc in place of malloc
|
|
- BUG/MEDIUM: lua: longjmp function must be unregistered
|
|
- BUG/MEDIUM: lua: forces a garbage collection
|
|
- BUG/MEDIUM: lua: wakeup task on bad conditions
|
|
- MINOR: standard: avoid DNS resolution from the function str2sa_range()
|
|
- MINOR: lua: extend socket address to support non-IP families
|
|
- MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup
|
|
- BUG/MEDIUM: lua: socket destroy before reading pending data
|
|
- MEDIUM: lua: change the GC policy
|
|
- OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket
|
|
- BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume
|
|
- MINOR: applet: add init function
|
|
- MINOR: applet: add an execution timeout
|
|
- MINOR: stream/applet: add use-service action
|
|
- MINOR: lua: add AppletTCP class and service
|
|
- MINOR: lua: add AppletHTTP class and service
|
|
- DOC: lua: some documentation update
|
|
- DOC: add the documentation about internal circular lists
|
|
- DOC: add a CONTRIBUTING file
|
|
- DOC: add a MAINTAINERS file
|
|
- BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes
|
|
- DOC: update coding-style to reference checkpatch.pl
|
|
- BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries
|
|
- BUG/MINOR: args: add name for ARGT_VAR
|
|
- DOC: add more entries to MAINTAINERS
|
|
- DOC: add more entries to MAINTAINERS
|
|
- CLEANUP: stream-int: remove obsolete function si_applet_call()
|
|
- BUG/MAJOR: cli: do not dereference strm_li()->proto->name
|
|
- BUG/MEDIUM: http: do not dereference strm_li(stream)
|
|
- BUG/MEDIUM: proxy: do not dereference strm_li(stream)
|
|
- BUG/MEDIUM: stream: do not dereference strm_li(stream)
|
|
- MINOR: stream-int: use si_release_endpoint() to close idle conns
|
|
- BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers
|
|
- BUG/MEDIUM: acl: always accept match "found"
|
|
- MINOR: applet: rename applet_runq to applet_active_queue
|
|
- BUG/MAJOR: applet: use a separate run queue to maintain list integrity
|
|
- MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts
|
|
- MINOR: stream-int: implement a new stream_int_update() function
|
|
- MEDIUM: stream-int: factor out the stream update functions
|
|
- MEDIUM: stream-int: call stream_int_update() from si_update()
|
|
- MINOR: stream-int: export stream_int_update_*
|
|
- MINOR: stream-int: move the applet_pause call out of the stream updates
|
|
- MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb
|
|
- MINOR: stream-int: implement the stream_int_notify() function
|
|
- MEDIUM: stream-int: use the same stream notification function for applets and conns
|
|
- MEDIUM: stream-int: completely remove stream_int_update_embedded()
|
|
- MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb()
|
|
- BUG/MEDIUM: applet: fix reporting of broken write situation
|
|
- BUG/MINOR: stats: do not call cli_release_handler 3 times
|
|
- BUG/MEDIUM: cli: properly handle closed output
|
|
- MINOR: cli: do not call the release handler on internal error.
|
|
- BUG/MEDIUM: stream-int: avoid double-call to applet->release
|
|
- DEBUG: add p_malloc() to return a poisonned memory area
|
|
- CLEANUP: lua: remove unneeded memset(0) after calloc()
|
|
- MINOR: lua: use the proper applet wakeup mechanism
|
|
- BUG/MEDIUM: lua: better fix for the protocol check
|
|
- BUG/MEDIUM: lua: properly set the target on the connection
|
|
- MEDIUM: actions: pass a new "flags" argument to custom actions
|
|
- MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call
|
|
- MEDIUM: http: pass ACT_FLAG_FINAL to custom actions
|
|
- MEDIUM: lua: only allow actions to yield if not in a final call
|
|
- DOC: clarify how to make use of abstract sockets in socat
|
|
- CLEANUP: config: make the errorloc/errorfile messages less confusing
|
|
- MEDIUM: action: add a new flag ACT_FLAG_FIRST
|
|
- BUG/MINOR: config: check that tune.bufsize is always positive
|
|
- MEDIUM: config: set tune.maxrewrite to 1024 by default
|
|
- DOC: add David Carlier as maintainer of da.c
|
|
- DOC: fix some broken unexpected unicode chars in the Lua doc.
|
|
- BUG/MEDIUM: proxy: ignore stopped peers
|
|
- BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
|
|
- MEDIUM: init: completely deallocate unused peers
|
|
- BUG/MEDIUM: tcp: fix inverted condition to call custom actions
|
|
- DOC: remove outdated actions lists on tcp-request/response
|
|
- MEDIUM: tcp: add new tcp action "silent-drop"
|
|
- DOC: add URLs to optional libraries in the README
|
|
|
|
2015/09/14 : 1.6-dev5
|
|
- MINOR: dns: dns_resolution structure update: time_t to unsigned int
|
|
- BUG/MEDIUM: dns: DNS resolution doesn't start
|
|
- BUG/MAJOR: dns: dns client resolution infinite loop
|
|
- MINOR: dns: coding style update
|
|
- MINOR: dns: new bitmasks to use against DNS flags
|
|
- MINOR: dns: dns_nameserver structure update: new counter for truncated response
|
|
- MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED
|
|
- MEDIUM: dns: handling of truncated response
|
|
- MINOR: DNS client query type failover management
|
|
- MINOR: dns: no expected DNS record type found
|
|
- MINOR: dns: new flag to report that no IP can be found in a DNS response packet
|
|
- BUG/MINOR: DNS request retry counter used for retry only
|
|
- DOC: DNS documentation updated
|
|
- MEDIUM: actions: remove ACTION_STOP
|
|
- BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis)
|
|
- BUG/MINOR: lua: last log character truncated.
|
|
- CLEANUP: typo: bad indent
|
|
- CLEANUP: actions: missplaced includes
|
|
- MINOR: build: missing header
|
|
- CLEANUP: lua: Merge log functions
|
|
- BUG/MAJOR: http: don't manipulate the server connection if it's killed
|
|
- BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
|
|
- BUG/MAJOR: http: don't call http_send_name_header() after an error
|
|
- MEDIUM: tools: make str2sa_range() optionally return the FQDN
|
|
- BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
|
|
- BUG/MEDIUM: dns: use the correct server hostname when resolving
|
|
|
|
2015/08/30 : 1.6-dev4
|
|
- MINOR: log: Add log-format variable %HQ, to log HTTP query strings
|
|
- DOC: typo in 'redirect', 302 code meaning
|
|
- DOC: typos in tcp-check expect examples
|
|
- DOC: resolve-prefer default value and default-server update
|
|
- MINOR: DNS counters: increment valid counter
|
|
- BUG/MEDIUM: DNS resolution response parsing broken
|
|
- MINOR: server: add new SRV_ADMF_CMAINT flag
|
|
- MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT
|
|
- BUG/MEDIUM: dns: wrong first time DNS resolution
|
|
- BUG/MEDIUM: lua: Lua tasks fail to start.
|
|
- BUILD: add USE_LUA to BUILD_OPTIONS when it's used
|
|
- DOC/MINOR: fix OpenBSD versions where haproxy works
|
|
- MINOR: 51d: unable to start haproxy without "51degrees-data-file"
|
|
- BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement.
|
|
- BUG/MAJOR: peers: fix current table pointer not re-initialized on session release.
|
|
- BUILD: ssl: Allow building against libssl without SSLv3.
|
|
- DOC: clarify some points about SSL and the proxy protocol
|
|
- DOC: mention support for RFC 5077 TLS Ticket extension in starter guide
|
|
- BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF>
|
|
- DOC: match several lua configuration option names to those implemented in code
|
|
- MINOR cfgparse: Correct the mailer warning text to show the right names to the user
|
|
- BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
|
|
- MINOR: stream: initialize the current_rule field to NULL on stream init
|
|
- BUG/MEDIUM: lua: timeout error with converters, wrapper and actions.
|
|
- CLEANUP: proto_http: remove useless initialisation
|
|
- CLEANUP: http/tcp actions: remove the scope member
|
|
- BUG/MINOR: proto_tcp: custom action continue is ignored
|
|
- MINOR: proto_tcp: add session in the action prototype
|
|
- MINOR: vars: reduce the code size of some wrappers
|
|
- MINOR: Move http method enum from proto_http to sample
|
|
- MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts
|
|
- MINOR: sample/proto_tcp: export "smp_fetch_src"
|
|
- MEDIUM: cli: rely on the map's output type instead of the sample type
|
|
- BUG/MEDIUM: stream: The stream doen't inherit SC from the session
|
|
- BUG/MEDIUM: vars: segfault during the configuration parsing
|
|
- BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream
|
|
- BUG/MEDIUM: lua: bad error processing
|
|
- MINOR: samples: rename a struct from sample_storage to sample_data
|
|
- MINOR: samples: rename some struct member from "smp" to "data"
|
|
- MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
|
|
- MINOR: samples: extract the anonymous union and create the union sample_value
|
|
- MINOR: samples: rename union from "data" to "u"
|
|
- MEDIUM: 51degrees: Adapt the 51Degrees library
|
|
- MINOR: samples: data assignation simplification
|
|
- MEDIUM: pattern/map: Maps can returns various types
|
|
- MINOR: map: The map can return IPv4 and IPv6
|
|
- MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs
|
|
- MINOR: actions: Remove the data opaque pointer
|
|
- MINOR: lua: use the hlua_rule type in place of opaque type
|
|
- MINOR: vars: use the vars types as argument in place of opaque type
|
|
- MINOR: proto_http: use an "expr" type in place of generic opaque type.
|
|
- MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line
|
|
- MINOR: proto_http: replace generic opaque types by real used types in "http_capture"
|
|
- MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id
|
|
- MEDIUM: track-sc: Move the track-sc configuration storage in the union
|
|
- MEDIUM: capture: Move the capture configuration storage in the union
|
|
- MINOR: actions: add "from" information
|
|
- MINOR: actions: remove the mark indicating the last entry in enum
|
|
- MINOR: actions: Declare all the embedded actions in the same header file
|
|
- MINOR: actions: change actions names
|
|
- MEDIUM: actions: Add standard return code for the action API
|
|
- MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs
|
|
- MINOR: proto_tcp: proto_tcp.h is now useles
|
|
- MINOR: actions: mutualise the action keyword lookup
|
|
- MEDIUM: actions: Normalize the return code of the configuration parsers
|
|
- MINOR: actions: Remove wrappers
|
|
- MAJOR: stick-tables: use sample types in place of dedicated types
|
|
- MEDIUM: stick-tables: use the sample type names
|
|
- MAJOR: stick-tables: remove key storage from the key struct
|
|
- MEDIUM: stick-tables: Add GPT0 in the stick tables
|
|
- MINOR: stick-tables: Add GPT0 access
|
|
- MINOR: stick-tables: Add GPC0 actions
|
|
- BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault
|
|
- DOC: ssl: missing LF
|
|
- MINOR: lua: add core.done() function
|
|
- DOC: fix function name
|
|
- BUG/MINOR: lua: in some case a sample may remain undefined
|
|
- DOC: fix "http_action_set_req_line()" comments
|
|
- MINOR: http: Action for manipulating the returned status code.
|
|
- MEDIUM: lua: turns txn:close into txn:done
|
|
- BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call
|
|
- BUILD: link with libdl if needed for Lua support
|
|
- CLEANUP: backend: factor out objt_server() in connect_server()
|
|
- MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection
|
|
- MEDIUM: stream-int: simplify si_alloc_conn()
|
|
- MINOR: stream-int: add new function si_detach_endpoint()
|
|
- MINOR: server: add a list of private idle connections
|
|
- MINOR: connection: add a new list member in the connection struct
|
|
- MEDIUM: stream-int: queue idle connections at the server
|
|
- MINOR: stream-int: make si_idle_conn() only accept valid connections
|
|
- MINOR: server: add a list of already used idle connections
|
|
- MINOR: connection: add a new flag CO_FL_PRIVATE
|
|
- MINOR: config: add new setting "http-reuse"
|
|
- MAJOR: backend: initial work towards connection reuse
|
|
- MAJOR: backend: improve the connection reuse mechanism
|
|
- MEDIUM: backend: implement "http-reuse safe"
|
|
- MINOR: server: add a list of safe, already reused idle connections
|
|
- MEDIUM: backend: add the "http-reuse aggressive" strategy
|
|
- DOC: document the new http-reuse directive
|
|
- DOC: internals: document next steps for HTTP connection reuse
|
|
- DOC: mention that %ms is left-padded with zeroes.
|
|
- MINOR: init: indicate to check 'bind' lines when no listeners were found.
|
|
- MAJOR: http: remove references to appsession
|
|
- CLEANUP: config: remove appsession initialization
|
|
- CLEANUP: appsession: remove appsession.c and sessionhash.c
|
|
- CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg
|
|
- CLEANUP: proxy: remove last references to appsession
|
|
- CLEANUP: appsession: remove the last include files
|
|
- DOC: remove documentation about appsession
|
|
- CLEANUP: .gitignore: ignore more test files
|
|
- CLEANUP: .gitignore: finally ignore everything but what is known.
|
|
- MEDIUM: config: emit a warning on a frontend without listener
|
|
- DOC: add doc/internals/entities-v2.txt
|
|
- DOC: add doc/linux-syn-cookies.txt
|
|
- DOC: add design thoughts on HTTP/2
|
|
- DOC: add some thoughts on connection sharing for HTTP/2
|
|
- DOC: add design thoughts on dynamic buffer allocation
|
|
- BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
|
|
- DOC: add new file intro.txt
|
|
- MAJOR: tproxy: remove support for cttproxy
|
|
- BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2
|
|
- DOC: lua: replace txn:close with txn:done in lua-api
|
|
- DOC: intro: minor updates and fixes
|
|
- DOC: intro: fix too long line.
|
|
- DOC: fix example of http-request using ssl_fc_session_id
|
|
- BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode
|
|
- CLEANUP: lua: fix some indent issues
|
|
- BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice
|
|
- DOC: lua: mention than txn:close was renamed txn:done.
|
|
|
|
2015/07/22 : 1.6-dev3
|
|
- CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type()
|
|
- MEDIUM: http: Add new 'set-src' option to http-request
|
|
- DOC usesrc root privileges requirments
|
|
- BUG/MINOR: dns: wrong time unit for some DNS default parameters
|
|
- MINOR: proxy: bit field for proxy_find_best_match diff status
|
|
- MINOR: server: new server flag: SRV_F_FORCED_ID
|
|
- MINOR: server: server_find functions: id, name, best_match
|
|
- DOC: dns: fix chapters syntax
|
|
- BUILD/MINOR: tools: rename popcount to my_popcountl
|
|
- BUILD: add netbsd TARGET
|
|
- MEDIUM: 51Degrees code refactoring and cleanup
|
|
- MEDIUM: 51d: add LRU-based cache on User-Agent string detection
|
|
- DOC: add notes about the "51degrees-cache-size" parameter
|
|
- BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str
|
|
- BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing
|
|
- MINOR: Add sample fetch to detect Supported Elliptic Curves Extension
|
|
- BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext
|
|
- BUG/MINOR: lua: type error in the arguments wrapper
|
|
- CLEANUP: vars: remove unused struct
|
|
- BUG/MINOR: http/sample: gmtime/localtime can fail
|
|
- MINOR: standard: add 64 bits conversion functions
|
|
- MAJOR: sample: converts uint and sint in 64 bits signed integer
|
|
- MAJOR: arg: converts uint and sint in sint
|
|
- MEDIUM: sample: switch to saturated arithmetic
|
|
- MINOR: vars: returns variable content
|
|
- MEDIUM: vars/sample: operators can use variables as parameter
|
|
- BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
|
|
- BUILD/MINOR: lua: fix a harmless build warning
|
|
- BUILD/MINOR: stats: fix build warning due to condition always true
|
|
- BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon
|
|
- BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags
|
|
- BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined
|
|
- BUG/MEDIUM: lru: fix possible memory leak when ->free() is used
|
|
- MINOR: vars: make the accounting not depend on the stream
|
|
- MEDIUM: vars: move the session variables to the session, not the stream
|
|
- BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched
|
|
- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
|
|
- BUG/MAJOR: tcp: tcp rulesets were still broken
|
|
- MINOR: stats: improve compression stats reporting
|
|
- MINOR: ssl: make self-generated certs also work with raw IPv6 addresses
|
|
- CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const
|
|
- CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial()
|
|
- BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
|
|
- MINOR: args: add new context for servers
|
|
- MINOR: stream: maintain consistence between channel_forward and HTTP forward
|
|
- MINOR: ssl: provide ia function to set the SNI extension on a connection
|
|
- MEDIUM: ssl: add sni support on the server lines
|
|
- CLEANUP: stream: remove a useless call to si_detach()
|
|
- CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler()
|
|
- CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach()
|
|
- MINOR: stream-int: only use si_release_endpoint() to release a connection
|
|
- MINOR: standard: provide htonll() and ntohll()
|
|
- CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char
|
|
- BUG/MAJOR: dns: fix the length of the string to be copied
|
|
|
|
2015/06/17 : 1.6-dev2
|
|
- BUG/MINOR: ssl: Display correct filename in error message
|
|
- MEDIUM: logs: Add HTTP request-line log format directives
|
|
- BUG/MEDIUM: check: tcpcheck regression introduced by e16c1b3f
|
|
- BUG/MINOR: check: fix tcpcheck error message
|
|
- MINOR: use an int instead of calling tcpcheck_get_step_id
|
|
- MINOR: tcpcheck_rule structure update
|
|
- MINOR: include comment in tcpcheck error log
|
|
- DOC: tcpcheck comment documentation
|
|
- MEDIUM: server: add support for changing a server's address
|
|
- MEDIUM: server: change server ip address from stats socket
|
|
- MEDIUM: protocol: add minimalist UDP protocol client
|
|
- MEDIUM: dns: implement a DNS resolver
|
|
- MAJOR: server: add DNS-based server name resolution
|
|
- DOC: server name resolution + proto DNS
|
|
- MINOR: dns: add DNS statistics
|
|
- MEDIUM: http: configurable http result codes for http-request deny
|
|
- BUILD: Compile clean when debug options defined
|
|
- MINOR: lru: Add the possibility to free data when an item is removed
|
|
- MINOR: lru: Add lru64_lookup function
|
|
- MEDIUM: ssl: Add options to forge SSL certificates
|
|
- MINOR: ssl: Export functions to manipulate generated certificates
|
|
- MEDIUM: config: add DeviceAtlas global keywords
|
|
- MEDIUM: global: add the DeviceAtlas required elements to struct global
|
|
- MEDIUM: sample: add the da-csv converter
|
|
- MEDIUM: init: DeviceAtlas initialization
|
|
- BUILD: Makefile: add options to build with DeviceAtlas
|
|
- DOC: README: explain how to build with DeviceAtlas
|
|
- BUG/MEDIUM: http: fix the url_param fetch
|
|
- BUG/MEDIUM: init: segfault if global._51d_property_names is not initialized
|
|
- MAJOR: peers: peers protocol version 2.0
|
|
- MINOR: peers: avoid re-scheduling of pending stick-table's updates still not pushed.
|
|
- MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified.
|
|
- MEDIUM: peers: support of any stick-table data-types for sync
|
|
- BUG/MAJOR: sample: regression on sample cast to stick table types.
|
|
- CLEANUP: deinit: remove codes for cleaning p->block_rules
|
|
- DOC: Fix L4TOUT typo in documentation
|
|
- DOC: set-log-level in Logging section preamble
|
|
- BUG/MEDIUM: compat: fix segfault on FreeBSD
|
|
- MEDIUM: check: include server address and port in the send-state header
|
|
- MEDIUM: backend: Allow redispatch on retry intervals
|
|
- MINOR: Add TLS ticket keys reference and use it in the listener struct
|
|
- MEDIUM: Add support for updating TLS ticket keys via socket
|
|
- DOC: Document new socket commands "show tls-keys" and "set ssl tls-key"
|
|
- MINOR: Add sample fetch which identifies if the SSL session has been resumed
|
|
- DOC: Update doc about weight, act and bck fields in the statistics
|
|
- BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
|
|
- MINOR: ssl: add a destructor to free allocated SSL ressources
|
|
- MEDIUM: ssl: add the possibility to use a global DH parameters file
|
|
- MEDIUM: ssl: replace standards DH groups with custom ones
|
|
- MEDIUM: stats: Add enum srv_stats_state
|
|
- MEDIUM: stats: Separate server state and colour in stats
|
|
- MEDIUM: stats: Only report drain state in stats if server has SRV_ADMF_DRAIN set
|
|
- MEDIUM: stats: Differentiate between DRAIN and DRAIN (agent)
|
|
- MEDIUM: Lower priority of email alerts for log-health-checks messages
|
|
- MEDIUM: Send email alerts when servers are marked as UP or enter the drain state
|
|
- MEDIUM: Document when email-alerts are sent
|
|
- BUG/MEDIUM: lua: bad argument number in analyser and in error message
|
|
- MEDIUM: lua: automatically converts strings in proxy, tables, server and ip
|
|
- BUG/MINOR: utf8: remove compilator warning
|
|
- MEDIUM: map: uses HAProxy facilities to store default value
|
|
- BUG/MINOR: lua: error in detection of mandatory arguments
|
|
- BUG/MINOR: lua: set current proxy as default value if it is possible
|
|
- BUG/MEDIUM: http: the action set-{method|path|query|uri} doesn't run.
|
|
- BUG/MEDIUM: lua: undetected infinite loop
|
|
- BUG/MAJOR: http: don't read past buffer's end in http_replace_value
|
|
- BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
|
|
- MEDIUM/CLEANUP: http: rewrite and lighten http_transform_header() prototype
|
|
- BUILD: lua: it miss the '-ldl' directive
|
|
- MEDIUM: http: allows 'R' and 'S' in the protocol alphabet
|
|
- MINOR: http: split the function http_action_set_req_line() in two parts
|
|
- MINOR: http: split http_transform_header() function in two parts.
|
|
- MINOR: http: export function inet_set_tos()
|
|
- MINOR: lua: txn: add function set_(loglevel|tos|mark)
|
|
- MINOR: lua: create and register HTTP class
|
|
- DOC: lua: fix some typos
|
|
- MINOR: lua: add log functions
|
|
- BUG/MINOR: lua: Fix SSL initialisation
|
|
- DOC: lua: some fixes
|
|
- MINOR: lua: (req|res)_get_headers return more than one header value
|
|
- MINOR: lua: map system integration in Lua
|
|
- BUG/MEDIUM: http: functions set-{path,query,method,uri} breaks the HTTP parser
|
|
- MINOR: sample: add url_dec converter
|
|
- MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers
|
|
- MEDIUM: sample change the prototype of sample-fetches and converters functions
|
|
- MINOR: sample: fill the struct sample with the options.
|
|
- MEDIUM: sample: change the prototype of sample-fetches functions
|
|
- MINOR: http: split the url_param in two parts
|
|
- CLEANUP: http: bad indentation
|
|
- MINOR: http: add body_param fetch
|
|
- MEDIUM: http: url-encoded parsing function can run throught wrapped buffer
|
|
- DOC: http: req.body_param documentation
|
|
- MINOR: proxy: custom capture declaration
|
|
- MINOR: capture: add two "capture" converters
|
|
- MEDIUM: capture: Allow capture with slot identifier
|
|
- MINOR: http: add array of generic pointers in http_res_rules
|
|
- MEDIUM: capture: adds http-response capture
|
|
- MINOR: common: escape CSV strings
|
|
- MEDIUM: stats: escape some strings in the CSV dump
|
|
- MINOR: tcp: add custom actions that can continue tcp-(request|response) processing
|
|
- MINOR: lua: Lua tcp action are not final action
|
|
- DOC: lua: schematics about lua socket organization
|
|
- BUG/MINOR: debug: display (null) in place of "meth"
|
|
- DOC: mention the "lua action" in documentation
|
|
- MINOR: standard: add function that converts signed int to a string
|
|
- BUG/MINOR: sample: wrong conversion of signed values
|
|
- MEDIUM: sample: Add type any
|
|
- MINOR: debug: add a special converter which display its input sample content.
|
|
- MINOR: tcp: increase the opaque data array
|
|
- MINOR: tcp/http/conf: extends the keyword registration options
|
|
- MINOR: build: fix build dependency
|
|
- MEDIUM: vars: adds support of variables
|
|
- MINOR: vars: adds get and set functions
|
|
- MINOR: lua: Variable access
|
|
- MINOR: samples: add samples which returns constants
|
|
- BUG/MINOR: vars/compil: fix some warnings
|
|
- BUILD: add 51degrees options to makefile.
|
|
- MINOR: global: add several 51Degrees members to global
|
|
- MINOR: config: add 51Degrees config parsing.
|
|
- MINOR: init: add 51Degrees initialisation code
|
|
- MEDIUM: sample: add fiftyone_degrees converter.
|
|
- MEDIUM: deinit: add cleanup for 51Degrees to deinit
|
|
- MEDIUM: sample: add trie support to 51Degrees
|
|
- DOC: add 51Degrees notes to configuration.txt.
|
|
- DOC: add build indications for 51Degrees to README.
|
|
- MEDIUM: cfgparse: introduce weak and strong quoting
|
|
- BUG/MEDIUM: cfgparse: incorrect memmove in quotes management
|
|
- MINOR: cfgparse: remove line size limitation
|
|
- MEDIUM: cfgparse: expand environment variables
|
|
- BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
|
|
- BUG/MEDIUM: cfgparse: segfault when userlist is misused
|
|
- CLEANUP: cfgparse: remove reference to 'ruleset' section
|
|
- MEDIUM: cfgparse: check section maximum number of arguments
|
|
- MEDIUM: cfgparse: max arguments check in the global section
|
|
- MEDIUM: cfgparse: check max arguments in the proxies sections
|
|
- CLEANUP: stream-int: remove a redundant clearing of the linger_risk flag
|
|
- MINOR: connection: make conn_sock_shutw() actually perform the shutdown() call
|
|
- MINOR: stream-int: use conn_sock_shutw() to shutdown a connection
|
|
- MINOR: connection: perform the call to xprt->shutw() in conn_data_shutw()
|
|
- MEDIUM: stream-int: replace xprt->shutw calls with conn_data_shutw()
|
|
- MINOR: checks: use conn_data_shutw_hard() instead of call via xprt
|
|
- MINOR: connection: implement conn_sock_send()
|
|
- MEDIUM: stream-int: make conn_si_send_proxy() use conn_sock_send()
|
|
- MEDIUM: connection: make conn_drain() perform more controls
|
|
- REORG: connection: move conn_drain() to connection.c and rename it
|
|
- CLEANUP: stream-int: remove inclusion of fd.h that is not used anymore
|
|
- MEDIUM: channel: don't always set CF_WAKE_WRITE on bi_put*
|
|
- CLEANUP: lua: don't use si_ic/si_oc on known stream-ints
|
|
- BUG/MEDIUM: peers: correctly configure the client timeout
|
|
- MINOR: peers: centralize configuration of the peers frontend
|
|
- MINOR: proxy: store the default target into the frontend's configuration
|
|
- MEDIUM: stats: use frontend_accept() as the accept function
|
|
- MEDIUM: peers: use frontend_accept() instead of peer_accept()
|
|
- CLEANUP: listeners: remove unused timeout
|
|
- MEDIUM: listener: store the default target per listener
|
|
- BUILD: fix automatic inclusion of libdl.
|
|
- MEDIUM: lua: implement a simple memory allocator
|
|
- MEDIUM: compression: postpone buffer adjustments after compression
|
|
- MEDIUM: compression: don't send leading zeroes with chunk size
|
|
- BUG/MINOR: compression: consider the expansion factor in init
|
|
- MINOR: http: check the algo name "identity" instead of the function pointer
|
|
- CLEANUP: compression: statify all algo-specific functions
|
|
- MEDIUM: compression: add a distinction between UA- and config- algorithms
|
|
- MEDIUM: compression: add new "raw-deflate" compression algorithm
|
|
- MEDIUM: compression: split deflate_flush() into flush and finish
|
|
- CLEANUP: compression: remove unused reset functions
|
|
- MAJOR: compression: integrate support for libslz
|
|
- BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
|
|
- BUG/MAJOR: http: null-terminate the http actions keywords list
|
|
- CLEANUP: lua: remove the unused hlua_sleep memory pool
|
|
- BUG/MAJOR: lua: use correct object size when initializing a new converter
|
|
- CLEANUP: lua: remove hard-coded sizeof() in object creations and mallocs
|
|
- CLEANUP: lua: fix confusing local variable naming in hlua_txn_new()
|
|
- CLEANUP: hlua: stop using variable name "s" alternately for hlua_txn and hlua_smp
|
|
- CLEANUP: lua: get rid of the last "*ht" for struct hlua_txn.
|
|
- CLEANUP: lua: rename last occurrences of "*s" to "*htxn" for hlua_txn
|
|
- CLEANUP: lua: rename variable "sc" for struct hlua_smp
|
|
- CLEANUP: lua: get rid of the last two "*hs" for hlua_smp
|
|
- REORG/MAJOR: session: rename the "session" entity to "stream"
|
|
- REORG/MEDIUM: stream: rename stream flags from SN_* to SF_*
|
|
- MINOR: session: start to reintroduce struct session
|
|
- MEDIUM: stream: allocate the session when a stream is created
|
|
- MEDIUM: stream: move the listener's pointer to the session
|
|
- MEDIUM: stream: move the frontend's pointer to the session
|
|
- MINOR: session: add a pointer to the session's origin
|
|
- MEDIUM: session: use the pointer to the origin instead of s->si[0].end
|
|
- CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL
|
|
- MEDIUM: http: move header captures from http_txn to struct stream
|
|
- MINOR: http: create a dedicated pool for http_txn
|
|
- MAJOR: http: move http_txn out of struct stream
|
|
- MAJOR: sample: don't pass l7 anymore to sample fetch functions
|
|
- CLEANUP: lua: remove unused hlua_smp->l7 and hlua_txn->l7
|
|
- MEDIUM: http: remove the now useless http_txn from {req/res} rules
|
|
- CLEANUP: lua: don't pass http_txn anymore to hlua_request_act_wrapper()
|
|
- MAJOR: sample: pass a pointer to the session to each sample fetch function
|
|
- MINOR: stream: provide a few helpers to retrieve frontend, listener and origin
|
|
- CLEANUP: stream: don't set ->target to the incoming connection anymore
|
|
- MINOR: stream: move session initialization before the stream's
|
|
- MINOR: session: store the session's accept date
|
|
- MINOR: session: don't rely on s->logs.logwait in embryonic sessions
|
|
- MINOR: session: implement session_free() and use it everywhere
|
|
- MINOR: session: add stick counters to the struct session
|
|
- REORG: stktable: move the stkctr_* functions from stream to sticktable
|
|
- MEDIUM: streams: support looking up stkctr in the session
|
|
- MEDIUM: session: update the session's stick counters upon session_free()
|
|
- MEDIUM: proto_tcp: track the session's counters in the connection ruleset
|
|
- MAJOR: tcp: make tcp_exec_req_rules() only rely on the session
|
|
- MEDIUM: stream: don't call stream_store_counters() in kill_mini_session() nor session_accept()
|
|
- MEDIUM: stream: move all the session-specific stuff of stream_accept() earlier
|
|
- MAJOR: stream: don't initialize the stream anymore in stream_accept
|
|
- MEDIUM: session: remove the task pointer from the session
|
|
- REORG: session: move the session parts out of stream.c
|
|
- MINOR: stream-int: make appctx_new() take the applet in argument
|
|
- MEDIUM: peers: move the appctx initialization earlier
|
|
- MINOR: session: introduce session_new()
|
|
- MINOR: session: make use of session_new() when creating a new session
|
|
- MINOR: peers: make use of session_new() when creating a new session
|
|
- MEDIUM: peers: initialize the task before the stream
|
|
- MINOR: session: set the CO_FL_CONNECTED flag on the connection once ready
|
|
- CLEANUP: stream.c: do not re-attach the connection to the stream
|
|
- MEDIUM: stream: isolate connection-specific initialization code
|
|
- MEDIUM: stream: also accept appctx as origin in stream_accept_session()
|
|
- MEDIUM: peers: make use of stream_accept_session()
|
|
- MEDIUM: frontend: make ->accept only return +/-1
|
|
- MEDIUM: stream: return the stream upon accept()
|
|
- MEDIUM: frontend: move some stream initialisation to stream_new()
|
|
- MEDIUM: frontend: move the fd-specific settings to session_accept_fd()
|
|
- MEDIUM: frontend: don't restrict frontend_accept() to connections anymore
|
|
- MEDIUM: frontend: move some remaining stream settings to stream_new()
|
|
- CLEANUP: frontend: remove one useless local variable
|
|
- MEDIUM: stream: don't rely on the session's listener anymore in stream_new()
|
|
- MEDIUM: lua: make use of stream_new() to create an outgoing connection
|
|
- MINOR: lua: minor cleanup in hlua_socket_new()
|
|
- MINOR: lua: no need for setting timeouts / conn_retries in hlua_socket_new()
|
|
- MINOR: peers: no need for setting timeouts / conn_retries in peer_session_create()
|
|
- CLEANUP: stream-int: swap stream-int and appctx declarations
|
|
- CLEANUP: namespaces: fix protection against multiple inclusions
|
|
- MINOR: session: maintain the session count stats in the session, not the stream
|
|
- MEDIUM: session: adjust the connection flags before stream_new()
|
|
- MINOR: stream: pass the pointer to the origin explicitly to stream_new()
|
|
- CLEANUP: poll: move the conditions for waiting out of the poll functions
|
|
- BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
|
|
- BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
|
|
- BUG/MAJOR: tcp/http: fix current_rule assignment when restarting over a ruleset
|
|
- BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
|
|
- DOC: update the entities diagrams
|
|
- BUG/MEDIUM: http: properly retrieve the front connection
|
|
- MINOR: applet: add a new "owner" pointer in the appctx
|
|
- MEDIUM: applet: make the applet not depend on a stream interface anymore
|
|
- REORG: applet: move the applet definitions out of stream_interface
|
|
- CLEANUP: applet: rename struct si_applet to applet
|
|
- REORG: stream-int: create si_applet_ops dedicated to applets
|
|
- MEDIUM: applet: add basic support for an applet run queue
|
|
- MEDIUM: applet: implement a run queue for active appctx
|
|
- MEDIUM: stream-int: add a new function si_applet_done()
|
|
- MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers
|
|
- MAJOR: stream: use a regular ->update for all stream interfaces
|
|
- MEDIUM: dumpstats: don't unregister the applet anymore
|
|
- MEDIUM: applet: centralize the call to si_applet_done() in the I/O handler
|
|
- MAJOR: stream: do not allocate request buffers anymore when the left side is an applet
|
|
- MINOR: stream-int: add two flags to indicate an applet's wishes regarding I/O
|
|
- MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put}
|
|
- MEDIUM: stream-int: pause the appctx if the task is woken up
|
|
- BUG/MAJOR: tcp: only call registered actions when they're registered
|
|
- BUG/MEDIUM: peers: fix applet scheduling
|
|
- BUG/MEDIUM: peers: recent applet changes broke peers updates scheduling
|
|
- MINOR: tools: provide an rdtsc() function for time comparisons
|
|
- IMPORT: lru: import simple ebtree-based LRU functions
|
|
- IMPORT: hash: import xxhash-r39
|
|
- MEDIUM: pattern: add a revision to all pattern expressions
|
|
- MAJOR: pattern: add LRU-based cache on pattern matching
|
|
- BUG/MEDIUM: http: remove content-length from chunked messages
|
|
- DOC: http: update the comments about the rules for determining transfer-length
|
|
- BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
|
|
- BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
|
|
- BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
|
|
- MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
|
|
- MEDIUM: http: disable support for HTTP/0.9 by default
|
|
- MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
|
|
- BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
|
|
- MEDIUM: init: don't stop proxies in parent process when exiting
|
|
- MINOR: stick-table: don't attach to peers in stopped state
|
|
- MEDIUM: config: initialize stick-tables after peers, not before
|
|
- MEDIUM: peers: add the ability to disable a peers section
|
|
- MINOR: peers: store the pointer to the signal handler
|
|
- MEDIUM: peers: unregister peers that were never started
|
|
- MEDIUM: config: propagate the table's process list to the peers sections
|
|
- MEDIUM: init: stop any peers section not bound to the correct process
|
|
- MEDIUM: config: validate that peers sections are bound to exactly one process
|
|
- MAJOR: peers: allow peers section to be used with nbproc > 1
|
|
- DOC: relax the peers restriction to single-process
|
|
- DOC: document option http-ignore-probes
|
|
- DOC: fix the comments about the meaning of msg->sol in HTTP
|
|
- BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
|
|
- BUG/MAJOR: http: prevent risk of reading past end with balance url_param
|
|
- MEDIUM: stream: move HTTP request body analyser before process_common
|
|
- MEDIUM: http: add a new option http-buffer-request
|
|
- MEDIUM: http: provide 3 fetches for the body
|
|
- DOC: update the doc on the proxy protocol
|
|
- BUILD: pattern: fix build warnings introduced in the LRU cache
|
|
- BUG/MEDIUM: stats: properly initialize the scope before dumping stats
|
|
- CLEANUP: config: fix misleading information in error message.
|
|
- MINOR: config: report the number of processes using a peers section in the error case
|
|
- BUG/MEDIUM: config: properly compute the default number of processes for a proxy
|
|
- MEDIUM: http: add new "capture" action for http-request
|
|
- BUG/MEDIUM: http: fix the http-request capture parser
|
|
- BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
|
|
- BUILD/MINOR: ssl: fix build failure introduced by recent patch
|
|
- BUG/MAJOR: check: fix breakage of inverted tcp-check rules
|
|
- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
|
|
- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
|
|
- CLEANUP: checks: simplify the loop processing of tcp-checks
|
|
- BUG/MAJOR: checks: always check for end of list before proceeding
|
|
- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
|
|
- BUG/MAJOR: checks: break infinite loops when tcp-checks starts with comment
|
|
- MEDIUM: http: make url_param iterate over multiple occurrences
|
|
- BUG/MEDIUM: peers: apply a random reconnection timeout
|
|
- MEDIUM: config: reject invalid config with name duplicates
|
|
- MEDIUM: config: reject conflicts in table names
|
|
- CLEANUP: proxy: make the proxy lookup functions more user-friendly
|
|
- MINOR: proxy: simply ignore duplicates in proxy name lookups
|
|
- MINOR: config: don't open-code proxy name lookups
|
|
- MEDIUM: config: clarify the conflicting modes detection for backend rules
|
|
- CLEANUP: proxy: remove now unused function findproxy_mode()
|
|
- MEDIUM: stick-table: remove the now duplicate find_stktable() function
|
|
- MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions
|
|
- MINOR: proxy: add a new function proxy_find_by_id()
|
|
- MINOR: proxy: add a flag to memorize that the proxy's ID was forced
|
|
- MEDIUM: proxy: add a new proxy_find_best_match() function
|
|
- CLEANUP: http: explicitly reference request in http_apply_redirect_rules()
|
|
- MINOR: http: prepare support for parsing redirect actions on responses
|
|
- MEDIUM: http: implement http-response redirect rules
|
|
- MEDIUM: http: no need to close the request on redirect if data was parsed
|
|
- BUG/MEDIUM: http: fix body processing for the stats applet
|
|
- BUG/MINOR: da: fix log-level comparison to emove annoying warning
|
|
- CLEANUP: global: remove one ifdef USE_DEVICEATLAS
|
|
- CLEANUP: da: move the converter registration to da.c
|
|
- CLEANUP: da: register the config keywords in da.c
|
|
- CLEANUP: adjust the envelope name in da.h to reflect the file name
|
|
- CLEANUP: da: remove ifdef USE_DEVICEATLAS from da.c
|
|
- BUILD: make 51D easier to build by defaulting to 51DEGREES_SRC
|
|
- BUILD: fix build warning when not using 51degrees
|
|
- BUILD: make DeviceAtlas easier to build by defaulting to DEVICEATLAS_SRC
|
|
- BUILD: ssl: fix recent build breakage on older SSL libs
|
|
|
|
2015/03/11 : 1.6-dev1
|
|
- CLEANUP: extract temporary $CFG to eliminate duplication
|
|
- CLEANUP: extract temporary $BIN to eliminate duplication
|
|
- CLEANUP: extract temporary $PIDFILE to eliminate duplication
|
|
- CLEANUP: extract temporary $LOCKFILE to eliminate duplication
|
|
- CLEANUP: extract quiet_check() to avoid duplication
|
|
- BUG/MINOR: don't start haproxy on reload
|
|
- DOC: Address issue where documentation is excluded due to a gitignore rule.
|
|
- BUG/MEDIUM: systemd: set KillMode to 'mixed'
|
|
- BUILD: fix "make install" to support spaces in the install dirs
|
|
- BUG/MINOR: config: http-request replace-header arg typo
|
|
- BUG: config: error in http-response replace-header number of arguments
|
|
- DOC: missing track-sc* in http-request rules
|
|
- BUILD: lua: missing ifdef related to SSL when enabling LUA
|
|
- BUG/MEDIUM: regex: fix pcre_study error handling
|
|
- MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT
|
|
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
|
|
- MEDIUM: Improve signal handling in systemd wrapper.
|
|
- DOC: fix typo in Unix Socket commands
|
|
- BUG/MEDIUM: checks: external checks can't change server status to UP
|
|
- BUG/MEDIUM: checks: segfault with external checks in a backend section
|
|
- BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result
|
|
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
|
|
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
|
|
- BUG/MINOR: config: don't propagate process binding for dynamic use_backend
|
|
- BUG/MINOR: log: fix request flags when keep-alive is enabled
|
|
- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
|
|
- MINOR: checks: allow external checks in backend sections
|
|
- MEDIUM: checks: provide environment variables to the external checks
|
|
- MINOR: checks: update dynamic environment variables in external checks
|
|
- DOC: checks: environment variables used by "external-check command"
|
|
- BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
|
|
- MINOR: ssl: load certificates in alphabetical order
|
|
- BUG/MINOR: checks: prevent http keep-alive with http-check expect
|
|
- MINOR: lua: typo in an error message
|
|
- MINOR: report the Lua version in -vv
|
|
- MINOR: lua: add a compilation error message when compiled with an incompatible version
|
|
- BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua
|
|
- BUILD: try to automatically detect the Lua library name
|
|
- BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration
|
|
- BUG/MEDIUM: backend: Update hash to use unsigned int throughout
|
|
- BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header
|
|
- MEDIUM: connection: add new bit in Proxy Protocol V2
|
|
- BUG/MINOR: ssl: rejects OCSP response without nextupdate.
|
|
- BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses.
|
|
- BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice.
|
|
- BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
|
|
- MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
|
|
- MINOR: ssl: add statement to force some ssl options in global.
|
|
- BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
|
|
- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
|
|
- BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
|
|
- MINOR: samples: adds the bytes converter.
|
|
- MINOR: samples: adds the field converter.
|
|
- MINOR: samples: add the word converter.
|
|
- BUG/MINOR: server: move the directive #endif to the end of file
|
|
- BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped
|
|
- DOC: fix a few typos
|
|
- CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents
|
|
- BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
|
|
- BUG/MINOR: parse: refer curproxy instead of proxy
|
|
- BUG/MINOR: parse: check the validity of size string in a more strict way
|
|
- BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS
|
|
- DOC: expand the docs for the provided stats.
|
|
- BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure.
|
|
- MEDIUM: ssl: Certificate Transparency support
|
|
- MEDIUM: stats: proxied stats admin forms fix
|
|
- MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200
|
|
- BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
|
|
- MAJOR: namespace: add Linux network namespace support
|
|
- MINOR: systemd: Check configuration before start
|
|
- BUILD: ssl: handle boringssl in openssl version detection
|
|
- BUILD: ssl: disable OCSP when using boringssl
|
|
- BUILD: ssl: don't call get_rfc2409_prime when using boringssl
|
|
- MINOR: ssl: don't use boringssl's cipher_list
|
|
- BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support
|
|
- MINOR: stats: fix minor typo in HTML page
|
|
- MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
|
|
- MEDIUM: Add support for configurable TLS ticket keys
|
|
- DOC: Document the new tls-ticket-keys bind keyword
|
|
- DOC: clearly state that the "show sess" output format is not fixed
|
|
- MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
|
|
- DOC: httplog does not support 'no'
|
|
- BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
|
|
- MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list.
|
|
- BUG/MEDIUM: Consistently use 'check' in process_chk
|
|
- MEDIUM: Add external check
|
|
- BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
|
|
- MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
|
|
- MEDIUM: Remove connect_chk
|
|
- MEDIUM: Refactor init_check and move to checks.c
|
|
- MEDIUM: Add free_check() helper
|
|
- MEDIUM: Move proto and addr fields struct check
|
|
- MEDIUM: Attach tcpcheck_rules to check
|
|
- MEDIUM: Add parsing of mailers section
|
|
- MEDIUM: Allow configuration of email alerts
|
|
- MEDIUM: Support sending email alerts
|
|
- DOC: Document email alerts
|
|
- MINOR: Remove trailing '.' from email alert messages
|
|
- MEDIUM: Allow suppression of email alerts by log level
|
|
- BUG/MEDIUM: Do not consider an agent check as failed on L7 error
|
|
- MINOR: deinit: fix memory leak
|
|
- MINOR: http: export the function 'smp_fetch_base32'
|
|
- BUG/MEDIUM: http: tarpit timeout is reset
|
|
- MINOR: sample: add "json" converter
|
|
- BUG/MEDIUM: pattern: don't load more than once a pattern list.
|
|
- MINOR: map/acl/dumpstats: remove the "Done." message
|
|
- BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection
|
|
- BUG/MINOR: pattern: error message missing
|
|
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
|
|
- BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word
|
|
- MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay
|
|
- MEDIUM: task: call session analyzers if the task is woken by a message.
|
|
- MEDIUM: protocol: automatically pick the proto associated to the connection.
|
|
- MEDIUM: channel: wake up any request analyzer on response activity
|
|
- MINOR: converters: add a "void *private" argument to converters
|
|
- MINOR: converters: give the session pointer as converter argument
|
|
- MINOR: sample: add private argument to the struct sample_fetch
|
|
- MINOR: global: export function and permits to not resolve DNS names
|
|
- MINOR: sample: add function for browsing samples.
|
|
- MINOR: global: export many symbols.
|
|
- MINOR: includes: fix a lot of missing or useless includes
|
|
- MEDIUM: tcp: add register keyword system.
|
|
- MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied.
|
|
- MEDIUM: http: change the code returned by the response processing rule functions
|
|
- MEDIUM: http/tcp: permit to resume http and tcp custom actions
|
|
- MINOR: channel: functions to get data from a buffer without copy
|
|
- MEDIUM: lua: lua integration in the build and init system.
|
|
- MINOR: lua: add ease functions
|
|
- MINOR: lua: add runtime execution context
|
|
- MEDIUM: lua: "com" signals
|
|
- MINOR: lua: add the configuration directive "lua-load"
|
|
- MINOR: lua: core: create "core" class and object
|
|
- MINOR: lua: post initialisation bindings
|
|
- MEDIUM: lua: add coroutine as tasks.
|
|
- MINOR: lua: add sample and args type converters
|
|
- MINOR: lua: txn: create class TXN associated with the transaction.
|
|
- MINOR: lua: add shared context in the lua stack
|
|
- MINOR: lua: txn: import existing sample-fetches in the class TXN
|
|
- MINOR: lua: txn: add lua function in TXN that returns an array of http headers
|
|
- MINOR: lua: register and execute sample-fetches in LUA
|
|
- MINOR: lua: register and execute converters in LUA
|
|
- MINOR: lua: add bindings for tcp and http actions
|
|
- MINOR: lua: core: add sleep functions
|
|
- MEDIUM: lua: socket: add "socket" class for TCP I/O
|
|
- MINOR: lua: core: pattern and acl manipulation
|
|
- MINOR: lua: channel: add "channel" class
|
|
- MINOR: lua: txn: object "txn" provides two objects "channel"
|
|
- MINOR: lua: core: can set the nice of the current task
|
|
- MINOR: lua: core: can yield an execution stack
|
|
- MINOR: lua: txn: add binding for closing the client connection.
|
|
- MEDIUM: lua: Lua initialisation "on demand"
|
|
- BUG/MAJOR: lua: send function fails and return bad bytes
|
|
- MINOR: remove unused declaration.
|
|
- MINOR: lua: remove some #define
|
|
- MINOR: lua: use bitfield and macro in place of integer and enum
|
|
- MINOR: lua: set skeleton for Lua execution expiration
|
|
- MEDIUM: lua: each yielding function returns a wake up time.
|
|
- MINOR: lua: adds "forced yield" flag
|
|
- MEDIUM: lua: interrupt the Lua execution for running other process
|
|
- MEDIUM: lua: change the sleep function core
|
|
- BUG/MEDIUM: lua: the execution timeout is ignored in yield case
|
|
- DOC: lua: Lua configuration documentation
|
|
- MINOR: lua: add the struct session in the lua channel struct
|
|
- BUG/MINOR: lua: set buffer if it is nnot avalaible.
|
|
- BUG/MEDIUM: lua: reset flags before resuming execution
|
|
- BUG/MEDIUM: lua: fix infinite loop about channel
|
|
- BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side
|
|
- BUG/MEDIUM: lua: many errors when we try to send data with the channel API
|
|
- MEDIUM: lua: use the Lua-5.3 version of the library
|
|
- BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors
|
|
- BUG/MEDIUM: lua: can't handle the response bytes
|
|
- BUG/MEDIUM: lua: segfault with buffer_replace2
|
|
- BUG/MINOR: lua: check buffers before initializing socket
|
|
- BUG/MINOR: log: segfault if there are no proxy reference
|
|
- BUG/MEDIUM: lua: sockets don't have buffer to write data
|
|
- BUG/MEDIUM: lua: cannot connect socket
|
|
- BUG/MINOR: lua: sockets receive behavior doesn't follows the specs
|
|
- BUG/BUILD: lua: The strict Lua 5.3 version check is not done.
|
|
- BUG/MEDIUM: buffer: one byte miss in buffer free space check
|
|
- MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster
|
|
- MINOR: replace the Core object by a simple model.
|
|
- MEDIUM: lua: change the objects configuration
|
|
- MEDIUM: lua: create a namespace for the fetches
|
|
- MINOR: converters: add function to browse converters
|
|
- MINOR: lua: wrapper for converters
|
|
- MINOR: lua: replace function (req|get)_channel by a variable
|
|
- MINOR: lua: fetches and converters can return an empty string in place of nil
|
|
- DOC: lua api
|
|
- BUG/MEDIUM: sample: fix random number upper-bound
|
|
- BUG/MINOR: stats:Fix incorrect printf type.
|
|
- BUG/MAJOR: session: revert all the crappy client-side timeout changes
|
|
- BUG/MINOR: logs: properly initialize and count log sockets
|
|
- BUG/MEDIUM: http: fetch "base" is not compatible with set-header
|
|
- BUG/MINOR: counters: do not untrack counters before logging
|
|
- BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process()
|
|
- MINOR: stick-table: make stktable_fetch_key() indicate why it failed
|
|
- BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents
|
|
- BUILD: remove TODO from the spec file and add README
|
|
- MINOR: log: make MAX_SYSLOG_LEN overridable at build time
|
|
- MEDIUM: log: support a user-configurable max log line length
|
|
- DOC: provide an example of how to use ssl_c_sha1
|
|
- BUILD: checks: external checker needs signal.h
|
|
- BUILD: checks: kill a minor warning on Solaris in external checks
|
|
- BUILD: http: fix isdigit & isspace warnings on Solaris
|
|
- BUG/MINOR: listener: set the listener's fd to -1 after deletion
|
|
- BUG/MEDIUM: unix: failed abstract socket binding is retryable
|
|
- MEDIUM: listener: implement a per-protocol pause() function
|
|
- MEDIUM: listener: support rebinding during resume()
|
|
- BUG/MEDIUM: unix: completely unbind abstract sockets during a pause()
|
|
- DOC: explicitly mention the limits of abstract namespace sockets
|
|
- DOC: minor fix on {sc,src}_kbytes_{in,out}
|
|
- DOC: fix alphabetical sort of converters
|
|
- MEDIUM: stick-table: implement lookup from a sample fetch
|
|
- MEDIUM: stick-table: add new converters to fetch table data
|
|
- MINOR: samples: add two converters for the date format
|
|
- BUG/MAJOR: http: correctly rewind the request body after start of forwarding
|
|
- DOC: remove references to CPU=native in the README
|
|
- DOC: mention that "compression offload" is ignored in defaults section
|
|
- DOC: mention that Squid correctly responds 400 to PPv2 header
|
|
- BUILD: fix dependencies between config and compat.h
|
|
- MINOR: session: export the function 'smp_fetch_sc_stkctr'
|
|
- MEDIUM: stick-table: make it easier to register extra data types
|
|
- BUG/MINOR: http: base32+src should use the big endian version of base32
|
|
- MINOR: sample: allow IP address to cast to binary
|
|
- MINOR: sample: add new converters to hash input
|
|
- MINOR: sample: allow integers to cast to binary
|
|
- BUILD: report commit ID in git versions as well
|
|
- CLEANUP: session: move the stick counters declarations to stick_table.h
|
|
- MEDIUM: http: add the track-sc* actions to http-request rules
|
|
- BUG/MEDIUM: connection: fix proxy v2 header again!
|
|
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
|
|
- OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs
|
|
- MINOR: log: add a new field "%lc" to implement a per-frontend log counter
|
|
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
|
|
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
|
|
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
|
|
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
|
|
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
|
|
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
|
|
- MEDIUM: http: enable header manipulation for 101 responses
|
|
- BUG/MEDIUM: config: propagate frontend to backend process binding again.
|
|
- MEDIUM: config: properly propagate process binding between proxies
|
|
- MEDIUM: config: make the frontends automatically bind to the listeners' processes
|
|
- MEDIUM: config: compute the exact bind-process before listener's maxaccept
|
|
- MEDIUM: config: only warn if stats are attached to multi-process bind directives
|
|
- MEDIUM: config: report it when tcp-request rules are misplaced
|
|
- DOC: indicate in the doc that track-sc* can wait if data are missing
|
|
- MINOR: config: detect the case where a tcp-request content rule has no inspect-delay
|
|
- MEDIUM: systemd-wrapper: support multiple executable versions and names
|
|
- BUG/MEDIUM: remove debugging code from systemd-wrapper
|
|
- BUG/MEDIUM: http: adjust close mode when switching to backend
|
|
- BUG/MINOR: config: don't propagate process binding on fatal errors.
|
|
- BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
|
|
- BUG/MINOR: tcp-check: report the correct failed step in the status
|
|
- DOC: indicate that weight zero is reported as DRAIN
|
|
- BUG/MEDIUM: config: avoid skipping disabled proxies
|
|
- BUG/MINOR: config: do not accept more track-sc than configured
|
|
- BUG/MEDIUM: backend: fix URI hash when a query string is present
|
|
- BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
|
|
- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
|
|
- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
|
|
- BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8
|
|
- BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
|
|
- BUG/BUILD: revert accidental change in the makefile from latest SSL fix
|
|
- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
|
|
- MEDIUM: ssl: add support for smaller SSL records
|
|
- MINOR: session: release a few other pools when stopping
|
|
- MINOR: task: release the task pool when stopping
|
|
- BUG/MINOR: config: don't inherit the default balance algorithm in frontends
|
|
- BUG/MAJOR: frontend: initialize capture pointers earlier
|
|
- BUG/MINOR: stats: correctly set the request/response analysers
|
|
- MAJOR: polling: centralize calls to I/O callbacks
|
|
- DOC: fix typo in the body parser documentation for msg.sov
|
|
- BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
|
|
- MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
|
|
- DEBUG: pools: apply poisonning on every allocated pool
|
|
- BUG/MAJOR: sessions: unlink session from list on out of memory
|
|
- BUG/MEDIUM: patterns: previous fix was incomplete
|
|
- BUG/MEDIUM: payload: ensure that a request channel is available
|
|
- BUG/MINOR: tcp-check: don't condition data polling on check type
|
|
- BUG/MEDIUM: tcp-check: don't rely on random memory contents
|
|
- BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
|
|
- BUG/MINOR: config: fix typo in condition when propagating process binding
|
|
- BUG/MEDIUM: config: do not propagate processes between stopped processes
|
|
- BUG/MAJOR: stream-int: properly check the memory allocation return
|
|
- BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
|
|
- BUG/MAJOR: namespaces: conn->target is not necessarily a server
|
|
- BUG/MEDIUM: compression: correctly report zlib_mem
|
|
- CLEANUP: lists: remove dead code
|
|
- CLEANUP: memory: remove dead code
|
|
- CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions
|
|
- MINOR: memory: cut pool allocator in 3 layers
|
|
- MEDIUM: memory: improve pool_refill_alloc() to pass a refill count
|
|
- MINOR: stream-int: retrieve session pointer from stream-int
|
|
- MINOR: buffer: reset a buffer in b_reset() and not channel_init()
|
|
- MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer
|
|
- MINOR: buffer: move buffer initialization after channel initialization
|
|
- MINOR: buffer: only use b_free to release buffers
|
|
- MEDIUM: buffer: always assign a dummy empty buffer to channels
|
|
- MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations
|
|
- MEDIUM: channel: do not report full when buf_empty is present on a channel
|
|
- MINOR: session: group buffer allocations together
|
|
- MINOR: buffer: implement b_alloc_fast()
|
|
- MEDIUM: buffer: implement b_alloc_margin()
|
|
- MEDIUM: session: implement a basic atomic buffer allocator
|
|
- MAJOR: session: implement a wait-queue for sessions who need a buffer
|
|
- MAJOR: session: only allocate buffers when needed
|
|
- MINOR: stats: report a "waiting" flags for sessions
|
|
- MAJOR: session: only wake up as many sessions as available buffers permit
|
|
- MINOR: config: implement global setting tune.buffers.reserve
|
|
- MINOR: config: implement global setting tune.buffers.limit
|
|
- MEDIUM: channel: implement a zero-copy buffer transfer
|
|
- MEDIUM: stream-int: support splicing from applets
|
|
- OPTIM: stream-int: try to send pending spliced data
|
|
- CLEANUP: session: remove session_from_task()
|
|
- DOC: add missing entry for log-format and clarify the text
|
|
- MINOR: logs: add a new per-proxy "log-tag" directive
|
|
- BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
|
|
- MINOR: config: extend the default max hostname length to 64 and beyond
|
|
- BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
|
|
- BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
|
|
- MINOR: channel: add channel_in_transit()
|
|
- MEDIUM: channel: make buffer_reserved() use channel_in_transit()
|
|
- MEDIUM: channel: make bi_avail() use channel_in_transit()
|
|
- BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
|
|
- CLEANUP: channel: rename channel_reserved -> channel_is_rewritable
|
|
- MINOR: channel: rename channel_full() to !channel_may_recv()
|
|
- MINOR: channel: rename buffer_reserved() to channel_reserved()
|
|
- MINOR: channel: rename buffer_max_len() to channel_recv_limit()
|
|
- MINOR: channel: rename bi_avail() to channel_recv_max()
|
|
- MINOR: channel: rename bi_erase() to channel_truncate()
|
|
- BUG/MAJOR: log: don't try to emit a log if no logger is set
|
|
- MINOR: tools: add new round_2dig() function to round integers
|
|
- MINOR: global: always export some SSL-specific metrics
|
|
- MINOR: global: report information about the cost of SSL connections
|
|
- MAJOR: init: automatically set maxconn and/or maxsslconn when possible
|
|
- MINOR: http: add a new fetch "query" to extract the request's query string
|
|
- MINOR: hash: add new function hash_crc32
|
|
- MINOR: samples: provide a "crc32" converter
|
|
- MEDIUM: backend: add the crc32 hash algorithm for load balancing
|
|
- BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
|
|
- BUG/MEDIUM: http: make http-request set-header compute the string before removal
|
|
- MEDIUM: args: use #define to specify the number of bits used by arg types and counts
|
|
- MEDIUM: args: increase arg type to 5 bits and limit arg count to 5
|
|
- MINOR: args: add type-specific flags for each arg in a list
|
|
- MINOR: args: implement a new arg type for regex : ARGT_REG
|
|
- MEDIUM: regex: add support for passing regex flags to regex_exec_match()
|
|
- MEDIUM: samples: add a regsub converter to perform regex-based transformations
|
|
- BUG/MINOR: sample: fix case sensitivity for the regsub converter
|
|
- MEDIUM: http: implement http-request set-{method,path,query,uri}
|
|
- DOC: fix missing closing brackend on regsub
|
|
- MEDIUM: samples: provide basic arithmetic and bitwise operators
|
|
- MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set
|
|
- BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
|
|
- BUG/MINOR: http: abort request processing on filter failure
|
|
- MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT
|
|
- MINOR: ssl/server: add the "no-ssl-reuse" server option
|
|
- BUG/MAJOR: peers: initialize s->buffer_wait when creating the session
|
|
- MINOR: http: add a new function to iterate over each header line
|
|
- MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names
|
|
- MEDIUM: task: always ensure that the run queue is consistent
|
|
- BUILD: Makefile: add -Wdeclaration-after-statement
|
|
- BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration
|
|
- BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code
|
|
- MEDIUM: protocol: use a family array to index the protocol handlers
|
|
- BUILD: lua: cleanup many mixed occurrences declarations & code
|
|
- BUG/MEDIUM: task: fix recently introduced scheduler skew
|
|
- BUG/MINOR: lua: report the correct function name in an error message
|
|
- BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD
|
|
- Revert "BUG/MEDIUM: lua: can't handle the response bytes"
|
|
- MINOR: lua: convert IP addresses to type string
|
|
- CLEANUP: lua: use the same function names in C and Lua
|
|
- REORG/MAJOR: move session's req and resp channels back into the session
|
|
- CLEANUP: remove now unused channel pool
|
|
- REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels
|
|
- MEDIUM: stream-int: add a flag indicating which side the SI is on
|
|
- MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel
|
|
- MEDIUM: stream-interface: remove now unused pointers to channels
|
|
- MEDIUM: stream-int: make si_sess() use the stream int's side
|
|
- MEDIUM: stream-int: use si_task() to retrieve the task from the stream int
|
|
- MEDIUM: stream-int: remove any reference to the owner
|
|
- CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers
|
|
- CLEANUP: stream-int: add si_opposite() to find the other stream interface
|
|
- REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces
|
|
- MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel
|
|
- MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI
|
|
- MEDIUM: channel: remove now unused ->prod and ->cons pointers
|
|
- CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res})
|
|
- CLEANUP: session: use local variables to access channels / stream ints
|
|
- CLEANUP: session: don't needlessly pass a pointer to the stream-int
|
|
- CLEANUP: session: don't use si_{ic,oc} when we know the session.
|
|
- CLEANUP: stream-int: limit usage of si_ic/si_oc
|
|
- CLEANUP: lua: limit usage of si_ic/si_oc
|
|
- MINOR: channel: add chn_sess() helper to retrieve session from channel
|
|
- MEDIUM: session: simplify receive buffer allocator to only use the channel
|
|
- MEDIUM: lua: use CF_ISRESP to detect the channel's side
|
|
- CLEANUP: lua: remove the session pointer from hlua_channel
|
|
- CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore
|
|
- MEDIUM: lua: remove struct hlua_channel
|
|
- MEDIUM: lua: remove hlua_sample_fetch
|
|
|
|
2014/06/19 : 1.6-dev0
|
|
- exact copy of 1.5.0
|
|
|
|
2014/06/19 : 1.5.0
|
|
- MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'.
|
|
- MEDIUM: ssl: basic OCSP stapling support.
|
|
- MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response'
|
|
- MEDIUM: ssl: add 300s supported time skew on OCSP response update.
|
|
- MINOR: checks: mysql-check: Add support for v4.1+ authentication
|
|
- MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits
|
|
- MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description.
|
|
- MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp
|
|
- MEDIUM: Break out check establishment into connect_chk()
|
|
- MEDIUM: Add port_to_str helper
|
|
- BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section.
|
|
- BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT.
|
|
- MINOR: regex: fix a little configuration memory leak.
|
|
- MINOR: regex: Create JIT compatible function that return match strings
|
|
- MEDIUM: regex: replace all standard regex function by own functions
|
|
- MEDIUM: regex: Remove null terminated strings.
|
|
- MINOR: regex: Use native PCRE API.
|
|
- MINOR: missing regex.h include
|
|
- DOC: Add Exim as Proxy Protocol implementer.
|
|
- BUILD: don't use type "uint" which is not portable
|
|
- BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour
|
|
- BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction
|
|
- CLEANUP: http: don't clear CF_READ_NOEXP twice
|
|
- DOC: fix proxy protocol v2 decoder example
|
|
- DOC: fix remaining occurrences of "pattern extraction"
|
|
- MINOR: log: allow the HTTP status code to be logged even in TCP frontends
|
|
- MINOR: logs: don't limit HTTP header captures to HTTP frontends
|
|
- MINOR: sample: improve sample_fetch_string() to report partial contents
|
|
- MINOR: capture: extend the captures to support non-header keys
|
|
- MINOR: tcp: prepare support for the "capture" action
|
|
- MEDIUM: tcp: add a new tcp-request capture directive
|
|
- MEDIUM: session: allow shorter retry delay if timeout connect is small
|
|
- MEDIUM: session: don't apply the retry delay when redispatching
|
|
- MEDIUM: session: redispatch earlier when possible
|
|
- MINOR: config: warn when tcp-check rules are used without option tcp-check
|
|
- BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol
|
|
- DOC: proxy protocol example parser was still wrong
|
|
- DOC: minor updates to the proxy protocol doc
|
|
- CLEANUP: connection: merge proxy proto v2 header and address block
|
|
- MEDIUM: connection: add support for proxy protocol v2 in accept-proxy
|
|
- MINOR: tools: add new functions to quote-encode strings
|
|
- DOC: clarify the CSV format
|
|
- MEDIUM: stats: report the last check and last agent's output on the CSV status
|
|
- MINOR: freq_ctr: introduce a new averaging method
|
|
- MEDIUM: session: maintain per-backend and per-server time statistics
|
|
- MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs
|
|
- BUG/MINOR: http: fix typos in previous patch
|
|
- DOC: remove the ultra-obsolete TODO file
|
|
- DOC: update roadmap
|
|
- DOC: minor updates to the README
|
|
- DOC: mention the maxconn limitations with the select poller
|
|
- DOC: commit a few old design thoughts files
|
|
|
|
2014/05/28 : 1.5-dev26
|
|
- BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1.
|
|
- BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one
|
|
- OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance
|
|
- MINOR: fix a few memory usage errors
|
|
- CONTRIB: halog: Filter input lines by date and time through timestamp
|
|
- MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int
|
|
- BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()
|
|
- MINOR: acl: set "str" as default match for strings
|
|
- DOC: Add some precisions about acl default matching method
|
|
- MEDIUM: acl: strenghten the option parser to report invalid options
|
|
- BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25
|
|
- BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks
|
|
- MINOR: stats: improve alignment of color codes to save one line of header
|
|
- MINOR: checks: simplify and improve reporting of state changes when using log-health-checks
|
|
- MINOR: server: remove the SRV_DRAIN flag which can always be deduced
|
|
- MINOR: server: use functions to detect state changes and to update them
|
|
- MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer
|
|
- BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining
|
|
- BUG/MAJOR: config: don't free valid regex memory
|
|
- BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called
|
|
- BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status
|
|
- MEDIUM: proxy: make timeout parser a bit stricter
|
|
- REORG/MEDIUM: server: split server state and flags in two different variables
|
|
- REORG/MEDIUM: server: move the maintenance bits out of the server state
|
|
- MAJOR: server: use states instead of flags to store the server state
|
|
- REORG: checks: put the functions in the appropriate files !
|
|
- MEDIUM: server: properly support and propagate the maintenance status
|
|
- MEDIUM: server: allow multi-level server tracking
|
|
- CLEANUP: checks: rename the server_status_printf function
|
|
- MEDIUM: checks: simplify server up/down/nolb transitions
|
|
- MAJOR: checks: move health checks changes to set_server_check_status()
|
|
- MINOR: server: make the status reporting function support a reason
|
|
- MINOR: checks: simplify health check reporting functions
|
|
- MINOR: server: implement srv_set_stopped()
|
|
- MINOR: server: implement srv_set_running()
|
|
- MINOR: server: implement srv_set_stopping()
|
|
- MEDIUM: checks: simplify failure notification using srv_set_stopped()
|
|
- MEDIUM: checks: simplify success notification using srv_set_running()
|
|
- MEDIUM: checks: simplify stopping mode notification using srv_set_stopping()
|
|
- MEDIUM: stats: report a server's own state instead of the tracked one's
|
|
- MINOR: server: make use of srv_is_usable() instead of checking eweight
|
|
- MAJOR: checks: add support for a new "drain" administrative mode
|
|
- MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page
|
|
- MEDIUM: stats: introduce new actions to simplify admin status management
|
|
- MINOR: cli: introduce a new "set server" command
|
|
- MINOR: stats: report a distinct output for DOWN caused by agent
|
|
- MINOR: checks: support specific check reporting for the agent
|
|
- MINOR: checks: support a neutral check result
|
|
- BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message
|
|
- MEDIUM: cli: add support for enabling/disabling health checks.
|
|
- MEDIUM: stats: report down caused by agent prior to reporting up
|
|
- MAJOR: agent: rework the response processing and support additional actions
|
|
- MINOR: stats: improve the stats web page to support more actions
|
|
- CONTRIB: halog: avoid calling time/localtime/mktime for each line
|
|
- DOC: document the workarouds for Google Chrome's bogus pre-connect
|
|
- MINOR: stats: report SSL key computations per second
|
|
- MINOR: stats: add counters for SSL cache lookups and misses
|
|
|
|
2014/05/10 : 1.5-dev25
|
|
- MEDIUM: connection: Implement and extented PROXY Protocol V2
|
|
- MINOR: ssl: clean unused ACLs declarations
|
|
- MINOR: ssl: adds fetchs and ACLs for ssl back connection.
|
|
- MINOR: ssl: merge client's and frontend's certificate functions.
|
|
- MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint
|
|
- MINOR: ssl: adds sample converter base64 for binary type.
|
|
- MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id.
|
|
- BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported.
|
|
- MAJOR: ssl: Change default locks on ssl session cache.
|
|
- BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring.
|
|
- MINOR: ssl: add global statement tune.ssl.force-private-cache.
|
|
- MINOR: ssl: remove fallback to SSL session private cache if lock init fails.
|
|
- BUG/MEDIUM: patterns: last fix was still not enough
|
|
- MINOR: http: export the smp_fetch_cookie function
|
|
- MINOR: http: generic pointer to rule argument
|
|
- BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering
|
|
- BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns
|
|
- BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend
|
|
- BUG/MINOR: http: log 407 in case of proxy auth
|
|
- MINOR: http: rely on the message body parser to send 100-continue
|
|
- MEDIUM: http: move reqadd after execution of http_request redirect
|
|
- MEDIUM: http: jump to dedicated labels after http-request processing
|
|
- BUG/MINOR: http: block rules forgot to increment the denied_req counter
|
|
- BUG/MINOR: http: block rules forgot to increment the session's request counter
|
|
- MEDIUM: http: move Connection header processing earlier
|
|
- MEDIUM: http: remove even more of the spaghetti in the request path
|
|
- MINOR: http: silently support the "block" action for http-request
|
|
- CLEANUP: proxy: rename "block_cond" to "block_rules"
|
|
- MEDIUM: http: emulate "block" rules using "http-request" rules
|
|
- MINOR: http: remove the now unused loop over "block" rules
|
|
- MEDIUM: http: factorize the "auth" action of http-request and stats
|
|
- MEDIUM: http: make http-request rules processing return a verdict instead of a rule
|
|
- MINOR: config: add minimum support for emitting warnings only once
|
|
- MEDIUM: config: inform the user about the deprecatedness of "block" rules
|
|
- MEDIUM: config: inform the user that "reqsetbe" is deprecated
|
|
- MEDIUM: config: inform the user only once that "redispatch" is deprecated
|
|
- MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated
|
|
- BUG/MINOR: auth: fix wrong return type in pat_match_auth()
|
|
- BUILD: config: remove a warning with clang
|
|
- BUG/MAJOR: http: connection setup may stall on balance url_param
|
|
- BUG/MEDIUM: http/session: disable client-side expiration only after body
|
|
- BUG/MEDIUM: http: correctly report request body timeouts
|
|
- BUG/MEDIUM: http: disable server-side expiration until client has sent the body
|
|
- MEDIUM: listener: make the accept function more robust against pauses
|
|
- BUILD: syscalls: remove improper inline statement in front of syscalls
|
|
- BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7
|
|
- BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions
|
|
- DOC: add some explanation on the shared cache build options in the readme.
|
|
- MEDIUM: proxy: only adjust the backend's bind-process when already set
|
|
- MEDIUM: config: limit nbproc to the machine's word size
|
|
- MEDIUM: config: check the bind-process settings according to nbproc
|
|
- MEDIUM: listener: parse the new "process" bind keyword
|
|
- MEDIUM: listener: inherit the process mask from the proxy
|
|
- MAJOR: listener: only start listeners bound to the same processes
|
|
- MINOR: config: only report a warning when stats sockets are bound to more than 1 process
|
|
- CLEANUP: config: set the maxaccept value for peers listeners earlier
|
|
- BUG/MINOR: backend: only match IPv4 addresses with RDP cookies
|
|
- BUG/MINOR: checks: correctly configure the address family and protocol
|
|
- MINOR: tools: split is_addr() and is_inet_addr()
|
|
- MINOR: protocols: use is_inet_addr() when only INET addresses are desired
|
|
- MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets
|
|
- MEDIUM: checks: only complain about the missing port when the check uses TCP
|
|
- MEDIUM: unix: implement support for Linux abstract namespace sockets
|
|
- DOC: map_beg was missing from the table of map_* converters
|
|
- DOC: ebtree: indicate that prefix insertion/lookup may be used with strings
|
|
- MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning
|
|
- BUILD: remove the obsolete BSD and OSX makefiles
|
|
- MEDIUM: unix: avoid a double connect probe when no data are sent
|
|
- DOC: stop referencing the slow git repository in the README
|
|
- BUILD: only build the systemd wrapper on Linux 2.6 and above
|
|
- DOC: update roadmap with completed tasks
|
|
- MEDIUM: session: implement half-closed timeouts (client-fin and server-fin)
|
|
|
|
2014/04/26 : 1.5-dev24
|
|
- MINOR: pattern: find element in a reference
|
|
- MEDIUM: http: ACL and MAP updates through http-(request|response) rules
|
|
- MEDIUM: ssl: explicitly log failed handshakes after a heartbeat
|
|
- DOC: Full section dedicated to the converters
|
|
- MEDIUM: http: register http-request and http-response keywords
|
|
- BUG/MINOR: compression: correctly report incoming byte count
|
|
- BUG/MINOR: http: don't report server aborts as client aborts
|
|
- BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer
|
|
- CLEANUP: buffers: remove unused function buffer_contig_space_with_res()
|
|
- MEDIUM: stats: reimplement HTTP keep-alive on the stats page
|
|
- BUG/MAJOR: http: fix timeouts during data forwarding
|
|
- BUG/MEDIUM: http: 100-continue responses must process the next part immediately
|
|
- MEDIUM: http: move skipping of 100-continue earlier
|
|
- BUILD: stats: let gcc know that last_fwd cannot be used uninitialized...
|
|
- CLEANUP: general: get rid of all old occurrences of "session *t"
|
|
- CLEANUP: http: remove the useless "if (1)" inherited from version 1.4
|
|
- BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back
|
|
- MEDIUM: http: enable analysers to have keep-alive on stats
|
|
- REORG: http: move HTTP Connection response header parsing earlier
|
|
- MINOR: stats: always emit HTTP/1.1 in responses
|
|
- MINOR: http: add capture.req.ver and capture.res.ver
|
|
- MINOR: checks: add a new global max-spread-checks directive
|
|
- BUG/MAJOR: http: fix the 'next' pointer when performing a redirect
|
|
- MINOR: http: implement the max-keep-alive-queue setting
|
|
- DOC: fix alphabetic order of tcp-check
|
|
- MINOR: connection: add a new error code for SSL with heartbeat
|
|
- MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack
|
|
- BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits"
|
|
- BUILD: http: remove a warning on strndup
|
|
- BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1
|
|
- BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack
|
|
- MINOR: ssl: finally catch the heartbeats missing the padding
|
|
|
|
2014/04/23 : 1.5-dev23
|
|
- BUG/MINOR: reject malformed HTTP/0.9 requests
|
|
- MINOR: systemd wrapper: re-execute on SIGUSR2
|
|
- MINOR: systemd wrapper: improve logging
|
|
- MINOR: systemd wrapper: propagate exit status
|
|
- BUG/MINOR: tcpcheck connect wrong behavior
|
|
- MEDIUM: proxy: support use_backend with dynamic names
|
|
- MINOR: stats: Enhancement to stats page to provide information of last session time.
|
|
- BUG/MEDIUM: peers: fix key consistency for integer stick tables
|
|
- DOC: fix a typo on http-server-close and encapsulate options with double-quotes
|
|
- DOC: fix fetching samples syntax
|
|
- MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID
|
|
- MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2
|
|
- DOC: fix typo
|
|
- CLEANUP: code style: use tabs to indent codes instead of spaces
|
|
- DOC: fix a few config typos.
|
|
- BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv()
|
|
- DOC: lowercase format string in unique-id
|
|
- MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode
|
|
- BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version
|
|
- BUG/MINOR: build: add missing objects in osx and bsd Makefiles
|
|
- BUG/MINOR: build: handle whitespaces in wc -l output
|
|
- BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO
|
|
- MEDIUM: ssl: Add standardized DH parameters >= 1024 bits
|
|
- BUG/MEDIUM: map: The map parser includes blank lines.
|
|
- BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes.
|
|
- MINOR: standard: add function "encode_chunk"
|
|
- BUG/MINOR: http: fix encoding of samples used in http headers
|
|
- MINOR: sample: add hex converter
|
|
- MEDIUM: sample: change the behavior of the bin2str cast
|
|
- MAJOR: auth: Change the internal authentication system.
|
|
- MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()"
|
|
- MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string.
|
|
- MEDIUM: pattern: Change the prototype of the function pattern_register().
|
|
- CONTRIB: ip6range: add a network IPv6 range to mask converter
|
|
- MINOR: pattern: separe list element from the data part.
|
|
- MEDIUM: pattern: add indexation function.
|
|
- MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation
|
|
- MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree"
|
|
- MINOR: sample: dont call the sample cast function "c_none"
|
|
- MINOR: standard: Add function for converting cidr to network mask.
|
|
- MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags
|
|
- MEDIUM: sample/http_proto: Add new type called method
|
|
- MINOR: dumpstats: Group map inline help
|
|
- MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match.
|
|
- MINOR: dumpstats: change map inline sentences
|
|
- MINOR: dumpstats: change the "get map" display management
|
|
- MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format.
|
|
- MEDIUM: pattern: The match function browse itself the list or the tree.
|
|
- MEDIUM: pattern: Index IPv6 addresses in a tree.
|
|
- MEDIUM: pattern: add delete functions
|
|
- MEDIUM: pattern: add prune function
|
|
- MEDIUM: pattern: add sample lookup function.
|
|
- MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used
|
|
- MINOR: map/pattern: The sample parser is stored in the pattern
|
|
- MAJOR: pattern/map: Extends the map edition system in the patterns
|
|
- MEDIUM: pattern: merge same pattern
|
|
- MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once.
|
|
- MINOR: pattern: Each pattern is identified by unique id.
|
|
- MINOR: pattern/acl: Each pattern of each acl can be load with specified id
|
|
- MINOR: pattern: The function "pattern_register()" is no longer used.
|
|
- MINOR: pattern: Merge function pattern_add() with pat_ref_push().
|
|
- MINOR: pattern: store configuration reference for each acl or map pattern.
|
|
- MINOR: pattern: Each pattern expression element store the reference struct.
|
|
- MINOR: dumpstats: display the reference for th key/pattern and value.
|
|
- MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed
|
|
- MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed
|
|
- MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped
|
|
- MINOR: pattern/map/acl: Centralization of the file parsers
|
|
- MINOR: pattern: Check if the file reference is not used with acl and map
|
|
- MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns
|
|
- MEDIUM: dumpstats: Display error message during add of values.
|
|
- MINOR: pattern: The function pat_ref_set() have now atomic behavior
|
|
- MINOR: regex: The pointer regstr in the struc regex is no longer used.
|
|
- MINOR: cli: Block the usage of the command "acl add" in many cases.
|
|
- MINOR: doc: Update the documentation about the map and acl
|
|
- MINOR: pattern: index duplicates
|
|
- MINOR: configuration: File and line propagation
|
|
- MINOR: dumpstat/conf: display all the configuration lines that using pattern reference
|
|
- MINOR: standard: Disable ip resolution during the runtime
|
|
- MINOR: pattern: Remove the flag "PAT_F_FROM_FILE".
|
|
- MINOR: pattern: forbid dns resolutions
|
|
- DOC: document "get map" / "get acl" on the CLI
|
|
- MEDIUM: acl: Change the acl register struct
|
|
- BUG/MEDIUM: acl: boolean only matches were broken by recent changes
|
|
- DOC: pattern: pattern organisation schematics
|
|
- MINOR: pattern/cli: Update used terms in documentation and cli
|
|
- MINOR: cli: remove information about acl or map owner.
|
|
- MINOR: session: don't always assume there's a listener
|
|
- MINOR: pattern: Add function to prune and reload pattern list.
|
|
- MINOR: standard: Add ipv6 support in the function url2sa().
|
|
- MEDIUM: config: Dynamic sections.
|
|
- BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches
|
|
- MINOR: http: Add the "language" converter to for use with accept-language
|
|
- BUG/MINOR: log: Don't dump empty unique-id
|
|
- BUG/MAJOR: session: fix a possible crash with src_tracked
|
|
- DOC: Update "language" documentation
|
|
- MINOR: http: add the function "del-header" to the directives http-request and http-response
|
|
- DOC: add some information on capture.(req|res).hdr
|
|
- MINOR: http: capture.req.method and capture.req.uri
|
|
- MINOR: http: optimize capture.req.method and capture.req.uri
|
|
- MINOR: session: clean up the connection free code
|
|
- BUG/MEDIUM: checks: immediately report a connection success
|
|
- MEDIUM: connection: don't use real send() flags in snd_buf()
|
|
- OPTIM: ssl: implement dynamic record size adjustment
|
|
- MINOR: stats: report exact last session time in backend too
|
|
- BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV.
|
|
- BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL
|
|
- BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
|
|
- MINOR: channel: add the date of last read in the channel
|
|
- MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle
|
|
- MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time
|
|
- MINOR: config: make the stream interface idle timer user-configurable
|
|
- MINOR: config: add global directives to set default SSL ciphers
|
|
- MINOR: sample: add a rand() sample fetch to return a sample.
|
|
- BUG/MEDIUM: config: immediately abort if peers section has no name
|
|
- BUG/MINOR: ssl: fix syntax in config error message
|
|
- BUG/MEDIUM: ssl: always send a full buffer after EAGAIN
|
|
- BUG/MINOR: config: server on-marked-* statement is ignored in default-server
|
|
- BUG/MEDIUM: backend: prefer-last-server breaks redispatch
|
|
- BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server
|
|
- MEDIUM: acl: fix pattern type for payload / payload_lv
|
|
- BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer
|
|
- BUG/MEDIUM: compression: fix the output type of the compressor name
|
|
- BUG/MEDIUM: http: don't start to forward request data before the connect
|
|
- MINOR: http: release compression context only in http_end_txn()
|
|
- MINOR: protect ebimtree/ebistree against multiple inclusions
|
|
- MEDIUM: proxy: create a tree to store proxies by name
|
|
- MEDIUM: proxy: make findproxy() use trees to look up proxies
|
|
- MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies
|
|
- MEDIUM: stick-table: lookup table names using trees.
|
|
- MEDIUM: config: faster lookup for duplicated proxy name
|
|
- CLEANUP: acl: remove obsolete test in parse_acl_expr()
|
|
- MINOR: sample: move smp_to_type to sample.c
|
|
- MEDIUM: compression: consider the "q=" attribute in Accept-Encoding
|
|
- REORG: cfgparse: move server keyword parsing to server.c
|
|
- BUILD: adjust makefile for AIX 5.1
|
|
- BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array
|
|
- CLEANUP: pattern: move array definitions to proto/ and not types/
|
|
- BUG/MAJOR: counters: check for null-deref when looking up an alternate table
|
|
- BUILD: ssl: previous patch failed
|
|
- BUILD/MEDIUM: standard: get rid of the last strcpy()
|
|
- BUILD/MEDIUM: standard: get rid of sprintf()
|
|
- BUILD/MEDIUM: cfgparse: get rid of sprintf()
|
|
- BUILD/MEDIUM: checks: get rid of sprintf()
|
|
- BUILD/MEDIUM: http: remove calls to sprintf()
|
|
- BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary
|
|
- BUILD/MINOR: ssl: remove one call to sprintf()
|
|
- MEDIUM: http: don't reject anymore message bodies not containing the url param
|
|
- MEDIUM: http: wait for the first chunk or message body length in http_process_body
|
|
- CLEANUP: http: rename http_process_request_body()
|
|
- CLEANUP: http: prepare dedicated processing for chunked encoded message bodies
|
|
- MINOR: http: make msg->eol carry the last CRLF length
|
|
- MAJOR: http: do not use msg->sol while processing messages or forwarding data
|
|
- MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer
|
|
- MAJOR: http: don't update msg->sov anymore while processing the body
|
|
- MINOR: http: add a small helper to compute the amount of body bytes present
|
|
- MEDIUM: http: add a small helper to compute how far to rewind to find headers
|
|
- MINOR: http: add a small helper to compute how far to rewind to find URI
|
|
- MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA
|
|
- MAJOR: http: reset msg->sov after headers are forwarded
|
|
- MEDIUM: http: forward headers again while waiting for connection to complete
|
|
- BUG/MINOR: http: deinitialize compression after a parsing error
|
|
- BUG/MINOR: http: deinitialize compression after a compression error
|
|
- MEDIUM: http: headers must be forwarded even if data was already inspected
|
|
- MAJOR: http: re-enable compression on chunked encoding
|
|
- MAJOR: http/compression: fix chunked-encoded response processing
|
|
- MEDIUM: http: cleanup: centralize a little bit HTTP compression end
|
|
- MEDIUM: http: start to centralize the forwarding code
|
|
- MINOR: http: further cleanups of response forwarding function
|
|
- MEDIUM: http: only allocate the temporary compression buffer when needed
|
|
- MAJOR: http: centralize data forwarding in the request path
|
|
- CLEANUP: http: document the response forwarding states
|
|
- CLEANUP: http: remove all calls to http_silent_debug()
|
|
- DOC: internal: add some reminders about HTTP parsing and pointer states
|
|
- BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo
|
|
- BUG/MINOR: stats: last session was not always set
|
|
- DOC: add pointer to the Cyril's HTML doc in the README
|
|
- MEDIUM: config: relax use_backend check to make the condition optional
|
|
- MEDIUM: config: report misplaced http-request rules
|
|
- MEDIUM: config: report misplaced use-server rules
|
|
- DOC: update roadmap with what was done.
|
|
|
|
2014/02/03 : 1.5-dev22
|
|
- MEDIUM: tcp-check new feature: connect
|
|
- MEDIUM: ssl: Set verify 'required' as global default for servers side.
|
|
- MINOR: ssl: handshake optim for long certificate chains.
|
|
- BUG/MINOR: pattern: pattern comparison executed twice
|
|
- BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..."
|
|
- BUG/MEDIUM: pattern: Segfault in binary parser
|
|
- MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation.
|
|
- MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated
|
|
- BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function.
|
|
- BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type.
|
|
- BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer
|
|
- BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
|
|
- MINOR: doc: Bad cli function name.
|
|
- MINOR: http: smp_fetch_capture_header_* fetch captured headers
|
|
- BUILD: last release inadvertently prepended a "+" in front of the date
|
|
- BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler
|
|
- BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse
|
|
- BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes"
|
|
- BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
|
|
- MINOR: http: try to stick to same server after status 401/407
|
|
- BUG/MINOR: http: always disable compression on HTTP/1.0
|
|
- OPTIM: poll: restore polling after a poll/stop/want sequence
|
|
- OPTIM: http: don't stop polling for read on the client side after a request
|
|
- BUG/MEDIUM: checks: unchecked servers could not be enabled anymore
|
|
- BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
|
|
- BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned
|
|
- BUG/MINOR: stream-int: do not clear the owner upon unregister
|
|
- MEDIUM: stats: add support for HTTP keep-alive on the stats page
|
|
- BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch
|
|
- Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page"
|
|
- MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes
|
|
- OPTIM: session: set the READ_DONTWAIT flag when connecting
|
|
- BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests
|
|
- MINOR: session: factor out the connect time measurement
|
|
- MEDIUM: session: prepare to support earlier transitions to the established state
|
|
- MEDIUM: stream-int: make si_connect() return an established state when possible
|
|
- MINOR: checks: use an inline function for health_adjust()
|
|
- OPTIM: session: put unlikely() around the freewheeling code
|
|
- MEDIUM: config: report a warning when multiple servers have the same name
|
|
- BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence"
|
|
- BUILD/MINOR: listener: remove a glibc warning on accept4()
|
|
- BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage
|
|
- BUILD: listener: fix recent accept4() again
|
|
- BUG/MAJOR: ssl: fix breakage caused by recent fix abf08d9
|
|
- BUG/MEDIUM: polling: ensure we update FD status when there's no more activity
|
|
- MEDIUM: listener: fix polling management in the accept loop
|
|
- MINOR: protocol: improve the proto->drain() API
|
|
- MINOR: connection: add a new conn_drain() function
|
|
- MEDIUM: tcp: report in tcp_drain() that lingering is already disabled on close
|
|
- MEDIUM: connection: update callers of ctrl->drain() to use conn_drain()
|
|
- MINOR: connection: add more error codes to report connection errors
|
|
- MEDIUM: tcp: report connection error at the connection level
|
|
- MEDIUM: checks: make use of chk_report_conn_err() for connection errors
|
|
- BUG/MEDIUM: unique_id: HTTP request counter is not stable
|
|
- DOC: fix misleading information about SIGQUIT
|
|
- BUG/MAJOR: fix freezes during compression
|
|
- BUG/MEDIUM: stream-interface: don't wake the task up before end of transfer
|
|
- BUILD: fix VERDATE exclusion regex
|
|
- CLEANUP: polling: rename "spec_e" to "state"
|
|
- DOC: add a diagram showing polling state transitions
|
|
- REORG: polling: rename "spec_e" to "state" and "spec_p" to "cache"
|
|
- REORG: polling: rename "fd_spec" to "fd_cache"
|
|
- REORG: polling: rename the cache allocation functions
|
|
- REORG: polling: rename "fd_process_spec_events()" to "fd_process_cached_events()"
|
|
- MAJOR: polling: rework the whole polling system
|
|
- MAJOR: connection: remove the CO_FL_WAIT_{RD,WR} flags
|
|
- MEDIUM: connection: remove conn_{data,sock}_poll_{recv,send}
|
|
- MEDIUM: connection: add check for readiness in I/O handlers
|
|
- MEDIUM: stream-interface: the polling flags must always be updated in chk_snd_conn
|
|
- MINOR: stream-interface: no need to call fd_stop_both() on error
|
|
- MEDIUM: connection: no need to recheck FD state
|
|
- CLEANUP: connection: use conn_ctrl_ready() instead of checking the flag
|
|
- CLEANUP: connection: use conn_xprt_ready() instead of checking the flag
|
|
- CLEANUP: connection: fix comments in connection.h to reflect new behaviour.
|
|
- OPTIM: raw-sock: don't speculate after a short read if polling is enabled
|
|
- MEDIUM: polling: centralize polled events processing
|
|
- MINOR: polling: create function fd_compute_new_polled_status()
|
|
- MINOR: cli: add more information to the "show info" output
|
|
- MEDIUM: listener: add support for limiting the session rate in addition to the connection rate
|
|
- MEDIUM: listener: apply a limit on the session rate submitted to SSL
|
|
- REORG: stats: move the stats socket states to dumpstats.c
|
|
- MINOR: cli: add the new "show pools" command
|
|
- BUG/MEDIUM: counters: flush content counters after each request
|
|
- BUG/MEDIUM: counters: fix stick-table entry leak when using track-sc2 in connection
|
|
- MINOR: tools: add very basic support for composite pointers
|
|
- MEDIUM: counters: stop relying on session flags at all
|
|
- BUG/MINOR: cli: fix missing break in command line parser
|
|
- BUG/MINOR: config: correctly report when log-format headers require HTTP mode
|
|
- MAJOR: http: update connection mode configuration
|
|
- MEDIUM: http: make keep-alive + httpclose be passive mode
|
|
- MAJOR: http: switch to keep-alive mode by default
|
|
- BUG/MEDIUM: http: fix regression caused by recent switch to keep-alive by default
|
|
- BUG/MEDIUM: listener: improve detection of non-working accept4()
|
|
- BUILD: listener: add fcntl.h and unistd.h
|
|
- BUG/MINOR: raw_sock: correctly set the MSG_MORE flag
|
|
|
|
2013/12/17 : 1.5-dev21
|
|
- MINOR: stats: don't use a monospace font to report numbers
|
|
- MINOR: session: remove debugging code
|
|
- BUG/MAJOR: patterns: fix double free caused by loading strings from files
|
|
- MEDIUM: http: make option http_proxy automatically rewrite the URL
|
|
- BUG/MEDIUM: http: cook_cnt() forgets to set its output type
|
|
- BUG/MINOR: stats: correctly report throttle rate of low weight servers
|
|
- BUG/MEDIUM: checks: servers must not start in slowstart mode
|
|
- BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords
|
|
- MEDIUM: stream-int: implement a very simplistic idle connection manager
|
|
- DOC: update the ROADMAP file
|
|
|
|
2013/12/16 : 1.5-dev20
|
|
- DOC: add missing options to the manpage
|
|
- DOC: add manpage references to all system calls
|
|
- DOC: update manpage reference to haproxy-en.txt
|
|
- DOC: remove -s and -l options from the manpage
|
|
- DOC: missing information for the "description" keyword
|
|
- DOC: missing http-send-name-header keyword in keyword table
|
|
- MINOR: tools: function my_memmem() to lookup binary contents
|
|
- MEDIUM: checks: add send/expect tcp based check
|
|
- MEDIUM: backend: Enhance hash-type directive with an algorithm options
|
|
- MEDIUM: backend: Implement avalanche as a modifier of the hashing functions.
|
|
- DOC: Documentation for hashing function, with test results.
|
|
- BUG/MEDIUM: ssl: potential memory leak using verifyhost
|
|
- BUILD: ssl: compilation issue with openssl v0.9.6.
|
|
- BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg.
|
|
- MINOR: ssl: optimization of verifyhost on wildcard certificates.
|
|
- BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard.
|
|
- MINOR: ssl: Add statement 'verifyhost' to "server" statements
|
|
- CLEANUP: session: remove event_accept() which was not used anymore
|
|
- BUG/MINOR: deinit: free fdinfo while doing cleanup
|
|
- DOC: minor typo fix in documentation
|
|
- BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE
|
|
- BUG/MINOR: use the same check condition for server as other algorithms
|
|
- DOC: fix typo in comments
|
|
- BUG/MINOR: deinit: free server map which is allocated in init_server_map()
|
|
- CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop()
|
|
- MINOR: buffer: align the last output line of buffer_dump()
|
|
- MINOR: buffer: align the last output line if there are less than 8 characters left
|
|
- DOC: stick-table: modify the description
|
|
- OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set
|
|
- CLEANUP: code style: use tabs to indent codes
|
|
- DOC: checkcache: block responses with cacheable cookies
|
|
- BUG/MINOR: check_config_validity: check the returned value of stktable_init()
|
|
- MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory
|
|
- MEDIUM: systemd-wrapper: Kill child processes when interrupted
|
|
- LOW: systemd-wrapper: Write debug information to stdout
|
|
- BUG/MINOR: http: fix "set-tos" not working in certain configurations
|
|
- MEDIUM: http: add IPv6 support for "set-tos"
|
|
- DOC: ssl: update build instructions to use new SSL_* variables
|
|
- BUILD/MINOR: systemd: fix compiler warning about unused result
|
|
- url32+src - like base32+src but whole url including parameters
|
|
- BUG/MINOR: fix forcing fastinter in "on-error"
|
|
- CLEANUP: Make parameters of srv_downtime and srv_getinter const
|
|
- CLEANUP: Remove unused 'last_slowstart_change' field from struct peer
|
|
- MEDIUM: Split up struct server's check element
|
|
- MEDIUM: Move result element to struct check
|
|
- MEDIUM: Paramatise functions over the check of a server
|
|
- MEDIUM: cfgparse: Factor out check initialisation
|
|
- MEDIUM: Add state to struct check
|
|
- MEDIUM: Move health element to struct check
|
|
- MEDIUM: Add helper for task creation for checks
|
|
- MEDIUM: Add helper function for failed checks
|
|
- MEDIUM: Log agent fail, stopped or down as info
|
|
- MEDIUM: Remove option lb-agent-chk
|
|
- MEDIUM: checks: Add supplementary agent checks
|
|
- MEDIUM: Do not mark a server as down if the agent is unavailable
|
|
- MEDIUM: Set rise and fall of agent checks to 1
|
|
- MEDIUM: Add enable and disable agent unix socket commands
|
|
- MEDIUM: Add DRAIN state and report it on the stats page
|
|
- BUILD/MINOR: missing header file
|
|
- CLEANUP: regex: Create regex_comp function that compiles regex using compilation options
|
|
- CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char.
|
|
- MINOR: http: some exported functions were not in the header file
|
|
- MINOR: http: change url_decode to return the size of the decoded string.
|
|
- BUILD/MINOR: missing header file
|
|
- BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap
|
|
- BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments
|
|
- MINOR: sample: export the generic sample conversion parser
|
|
- MINOR: sample: export sample_casts
|
|
- MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword
|
|
- MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr"
|
|
- MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function.
|
|
- MINOR: tools: Add a function to convert buffer to an ipv6 address
|
|
- MINOR: acl: export acl arrays
|
|
- MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function
|
|
- MINOR: acl: Extract the pattern matching function
|
|
- MINOR: sample: Define new struct sample_storage
|
|
- MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern"
|
|
- REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c
|
|
- MEDIUM: pattern: create pattern expression
|
|
- MEDIUM: pattern: rename "acl" prefix to "pat"
|
|
- MEDIUM: sample: let the cast functions set their output type
|
|
- MINOR: sample: add a private field to the struct sample_conv
|
|
- MINOR: map: Define map types
|
|
- MEDIUM: sample: add the "map" converter
|
|
- MEDIUM: http: The redirect strings follows the log format rules.
|
|
- BUG/MINOR: acl: acl parser does not recognize empty converter list
|
|
- BUG/MINOR: map: The map list was declared in the map.h file
|
|
- MINOR: map: Cleanup the initialisation of map descriptors.
|
|
- MEDIUM: map: merge identical maps
|
|
- BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node"
|
|
- BUG/MEDIUM: map: Bad map file parser
|
|
- CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN
|
|
- BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end
|
|
- MINOR: map: export map_get_reference() function
|
|
- MINOR: pattern: Each pattern sets the expected input type
|
|
- MEDIUM: acl: Last patch change the output type
|
|
- MEDIUM: pattern: Extract the index process from the pat_parse_*() functions
|
|
- MINOR: standard: The function parse_binary() can use preallocated buffer
|
|
- MINOR: regex: Change the struct containing regex
|
|
- MINOR: regex: Copy the original regex expression into string.
|
|
- MINOR: pattern: add support for compiling patterns for lookups
|
|
- MINOR: pattern: make the pattern matching function return a pointer to the matched element
|
|
- MINOR: map: export parse output sample functions
|
|
- MINOR: pattern: add function to lookup a specific entry in pattern list
|
|
- MINOR: pattern/map: Each pattern must free the associated sample
|
|
- MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char
|
|
- MEDIUM: map: dynamic manipulation of maps
|
|
- BUG/MEDIUM: unique_id: junk in log on empty unique_id
|
|
- BUG/MINOR: log: junk at the end of syslog packet
|
|
- MINOR: Makefile: provide cscope rule
|
|
- DOC: compression: chunk are not compressed anymore
|
|
- MEDIUM: session: disable lingering on the server when the client aborts
|
|
- BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS
|
|
- DOC: remove the comment saying that SSL certs are not checked on the server side
|
|
- BUG: counters: third counter was not stored if others unset
|
|
- BUG/MAJOR: http: don't emit the send-name-header when no server is available
|
|
- BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
|
|
- BUG/MAJOR: http: sample prefetch code was not properly migrated
|
|
- BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing
|
|
- BUG/MINOR: stream_interface: don't call chk_snd() on polled events
|
|
- OPTIM: splicing: use splice() for the last block when relevant
|
|
- MEDIUM: sample: handle comma-delimited converter list
|
|
- MINOR: sample: fix sample_process handling of unstable data
|
|
- CLEANUP: acl: move the 3 remaining sample fetches to samples.c
|
|
- MINOR: sample: add a new "date" fetch to return the current date
|
|
- MINOR: samples: add the http_date([<offset>]) sample converter.
|
|
- DOC: minor improvements to the part on the stats socket.
|
|
- MEDIUM: sample: systematically pass the keyword pointer to the keyword
|
|
- MINOR: payload: split smp_fetch_rdp_cookie()
|
|
- MINOR: counters: factor out smp_fetch_sc*_tracked
|
|
- MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src.
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_cur
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_sess_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_trackers
|
|
- MINOR: session: make the number of stick counter entries more configurable
|
|
- MEDIUM: counters: support passing the counter number as a fetch argument
|
|
- MEDIUM: counters: support looking up a key in an alternate table
|
|
- MEDIUM: cli: adjust the method for feeding frequency counters in tables
|
|
- MINOR: cli: make it possible to enter multiple values at once with "set table"
|
|
- MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths
|
|
- BUG/MINOR: cli: "clear table" must not kill entries that don't match condition
|
|
- MINOR: ssl: use MAXPATHLEN instead of PATH_MAX
|
|
- MINOR: config: warn when a server with no specific port uses rdp-cookie
|
|
- BUG/MEDIUM: unique_id: HTTP request counter must be unique!
|
|
- DOC: add a mention about the limited chunk size
|
|
- BUG/MEDIUM: fix broken send_proxy on FreeBSD
|
|
- MEDIUM: stick-tables: flush old entries upon soft-stop
|
|
- MINOR: tcp: add new "close" action for tcp-response
|
|
- MINOR: payload: provide the "res.len" fetch method
|
|
- BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl
|
|
- MINOR: http: compute response time before processing headers
|
|
- BUG/MINOR: acl: fix improper string size assignment in proxy argument
|
|
- BUG/MEDIUM: http: accept full buffers on smp_prefetch_http
|
|
- BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved
|
|
- BUG/MEDIUM: session: risk of crash on out of memory conditions
|
|
- BUG/MINOR: peers: set the accept date in outgoing connections
|
|
- BUG/MEDIUM: tcp: do not skip tracking rules on second pass
|
|
- BUG/MEDIUM: acl: do not evaluate next terms after a miss
|
|
- MINOR: acl: add a warning when an ACL keyword is used without any value
|
|
- MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set
|
|
- BUG/MINOR: acl: remove patterns from the tree before freeing them
|
|
- MEDIUM: backend: add support for the wt6 hash
|
|
- OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes
|
|
- OPTIM/MINOR: mark the source address as already known on accept()
|
|
- BUG/MINOR: stats: don't count tarpitted connections twice
|
|
- CLEANUP: http: homogenize processing of denied req counter
|
|
- CLEANUP: http: merge error handling for req* and http-request *
|
|
- BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules
|
|
- BUG/MINOR: http: fix build warning introduced with url32/url32_src
|
|
- BUG/MEDIUM: checks: fix slow start regression after fix attempt
|
|
- BUG/MAJOR: server: weight calculation fails for map-based algorithms
|
|
- MINOR: stats: report correct throttling percentage for servers in slowstart
|
|
- OPTIM: connection: fold the error handling with handshake handling
|
|
- MINOR: peers: accept to learn strings of different lengths
|
|
- BUG/MAJOR: fix haproxy crash when using server tracking instead of checks
|
|
- BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start
|
|
- BUG/MINOR: stats: do not report "via" on tracking servers in maintenance
|
|
- BUG/MINOR: connection: fix typo in error message report
|
|
- BUG/MINOR: backend: fix target address retrieval in transparent mode
|
|
- BUG/MINOR: config: report the correct track-sc number in tcp-rules
|
|
- BUG/MINOR: log: fix log-format parsing errors
|
|
- DOC: add some information about how to apply converters to samples
|
|
- MINOR: acl/pattern: use types different from int to clarify who does what.
|
|
- MINOR: pattern: import acl_find_match_name() into pattern.h
|
|
- MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6
|
|
- MEDIUM: log-format: relax parsing of '%' followed by unsupported characters
|
|
- BUG/MINOR: http: usual deinit stuff in last commit
|
|
- BUILD: log: silent a warning about isblank() with latest patches
|
|
- BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order
|
|
- BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors
|
|
- BUG/MINOR: checks: don't consider errno and use conn->err_code
|
|
- BUG/MEDIUM: checks: also update the DRAIN state from the web interface
|
|
- MINOR: stats: remove some confusion between the DRAIN state and NOLB
|
|
- BUG/MINOR: tcp: check that no error is pending during a connect probe
|
|
- BUG/MINOR: connection: check EINTR when sending a PROXY header
|
|
- MEDIUM: connection: set the socket shutdown flags on socket errors
|
|
- BUG/MEDIUM: acl: fix regression introduced by latest converters support
|
|
- MINOR: connection: clear errno prior to checking for errors
|
|
- BUG/MINOR: checks: do not trust errno in write event before any syscall
|
|
- MEDIUM: checks: centralize error reporting
|
|
- OPTIM: checks: don't poll on recv when using plain TCP connects
|
|
- OPTIM: checks: avoid setting SO_LINGER twice
|
|
- MINOR: tools: add a generic binary hex string parser
|
|
- BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send
|
|
- BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full
|
|
- BUG/MEDIUM: args: fix double free on error path in argument expression parser
|
|
- BUG/MINOR: acl: fix sample expression error reporting
|
|
- BUG/MINOR: checks: tcp-check actions are enums, not flags
|
|
- MEDIUM: checks: make tcp-check perform multiple send() at once
|
|
- BUG/MEDIUM: stick: completely remove the unused flag from the store entries
|
|
- OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit
|
|
- BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
|
|
- CLEANUP: stream_interface: remove unused field err_loc
|
|
- MEDIUM: stats: don't use conn->xprt_st anymore
|
|
- MINOR: session: add a simple function to retrieve a session from a task
|
|
- MEDIUM: stats: don't use conn->xprt_ctx anymore
|
|
- MEDIUM: peers: don't rely on conn->xprt_ctx anymore
|
|
- MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn
|
|
- MINOR: connection: make it easier to emit proxy protocol for unknown addresses
|
|
- MEDIUM: stats: prepare the HTTP stats I/O handler to support more states
|
|
- MAJOR: stats: move the HTTP stats handling to its applet
|
|
- MEDIUM: stats: move request argument processing to the final step
|
|
- MEDIUM: session: detect applets from the session by using s->target
|
|
- MAJOR: session: check for a connection to an applet in sess_prepare_conn_req()
|
|
- MAJOR: session: pass applet return traffic through the response analysers
|
|
- MEDIUM: stream-int: split the shutr/shutw functions between applet and conn
|
|
- MINOR: stream-int: make the shutr/shutw functions void
|
|
- MINOR: obj: provide a safe and an unsafe access to pointed objects
|
|
- MINOR: connection: add a field to store an object type
|
|
- MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN
|
|
- MEDIUM: stream interface: move the peers' ptr into the applet context
|
|
- MINOR: stream-interface: move the applet context to its own struct
|
|
- MINOR: obj: introduce a new type appctx
|
|
- MINOR: stream-int: rename ->applet to ->appctx
|
|
- MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet
|
|
- MINOR: stream-int: add a new pointer to the end point
|
|
- MEDIUM: stream-interface: set the pointer to the applet into the applet context
|
|
- MAJOR: stream interface: remove the ->release function pointer
|
|
- MEDIUM: stream-int: make ->end point to the connection or the appctx
|
|
- CLEANUP: stream-int: remove obsolete si_ctrl function
|
|
- MAJOR: stream-int: stop using si->conn and use si->end instead
|
|
- MEDIUM: stream-int: do not allocate a connection in parallel to applets
|
|
- MEDIUM: session: attach incoming connection to target on embryonic sessions
|
|
- MINOR: connection: add conn_init() to (re)initialize a connection
|
|
- MINOR: checks: call conn_init() to properly initialize the connection.
|
|
- MINOR: peers: make use of conn_init() to initialize the connection
|
|
- MINOR: session: use conn_init() to initialize the connections
|
|
- MINOR: http: use conn_init() to reinitialize the server connection
|
|
- MEDIUM: connection: replace conn_prepare with conn_assign
|
|
- MINOR: get rid of si_takeover_conn()
|
|
- MINOR: connection: add conn_new() / conn_free()
|
|
- MAJOR: connection: add two new flags to indicate readiness of control/transport
|
|
- MINOR: stream-interface: introduce si_reset() and si_set_state()
|
|
- MINOR: connection: reintroduce conn_prepare to set the protocol and transport
|
|
- MINOR: connection: replace conn_assign with conn_attach
|
|
- MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn
|
|
- MAJOR: stream interface: dynamically allocate the outgoing connection
|
|
- MEDIUM: connection: move the send_proxy offset to the connection
|
|
- MINOR: connection: check for send_proxy during the connect(), not the SI
|
|
- MEDIUM: connection: merge the send_proxy and local_send_proxy calls
|
|
- MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx()
|
|
- MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler()
|
|
- MAJOR: stream-interface: dynamically allocate the applet context
|
|
- MEDIUM: session: automatically register the applet designated by the target
|
|
- MEDIUM: stats: delay appctx initialization
|
|
- CLEANUP: peers: use less confusing state/status code names
|
|
- MEDIUM: peers: delay appctx initialization
|
|
- MINOR: stats: provide some appctx information in "show sess all"
|
|
- DIET/MINOR: obj: pack the obj_type enum to 8 bits
|
|
- DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct
|
|
- DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes
|
|
- DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes
|
|
- DIET/MINOR: session: reduce the struct session size by 8 bytes
|
|
- DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes
|
|
- DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes
|
|
- MINOR: http: switch the http state to an enum
|
|
- MINOR: http: use an enum for the auth method in http_auth_data
|
|
- DIET/MINOR: task: reduce struct task size by 8 bytes
|
|
- MINOR: stream_interface: add reporting of ressouce allocation errors
|
|
- MINOR: session: report lack of resources using the new stream-interface's error code
|
|
- BUILD: simplify the date and version retrieval in the makefile
|
|
- BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE
|
|
- BUILD: use format tags in VERDATE and SUBVERS files
|
|
- BUG/MEDIUM: channel: bo_getline() must wait for \n until buffer is full
|
|
- CLEANUP: check: server port is unsigned
|
|
- BUG/MEDIUM: checks: agent doesn't get the response if server does not closes
|
|
- MINOR: tools: buf2ip6 must not modify output on failure
|
|
- MINOR: pattern: do not assign SMP_TYPES by default to patterns
|
|
- MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors
|
|
- MINOR: arg: improve wording on error reporting
|
|
- BUG/MEDIUM: sample: simplify and fix the argument parsing
|
|
- MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors
|
|
- MEDIUM: acl: fix the initialization order of the ACL expression
|
|
- CLEANUP: acl: remove useless blind copy-paste from sample converters
|
|
- TESTS: add regression tests for ACL and sample expression parsers
|
|
- BUILD: time: adapt the type of TV_ETERNITY to the local system
|
|
- MINOR: chunks: allocate the trash chunks before parsing the config
|
|
- BUILD: definitely silence some stupid GCC warnings
|
|
- MINOR: chunks: always initialize the output chunk in get_trash_chunk()
|
|
- MINOR: checks: improve handling of the servers tracking chain
|
|
- REORG: checks: retrieve the check-specific defines from server.h to checks.h
|
|
- MINOR: checks: use an enum instead of flags to report a check result
|
|
- MINOR: checks: rename the state flags
|
|
- MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED
|
|
- MINOR: checks: use check->state instead of srv->state & SRV_CHECKED
|
|
- MINOR: checks: fix agent check interval computation
|
|
- MINOR: checks: add a PAUSED state for the checks
|
|
- MINOR: checks: create the agent tasks even when no check is configured
|
|
- MINOR: checks: add a flag to indicate what check is an agent
|
|
- MEDIUM: checks: enable agent checks even if health checks are disabled
|
|
- BUG/MEDIUM: checks: ensure we can enable a server after boot
|
|
- BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
|
|
- BUG/MAJOR: session: repair tcp-request connection rules
|
|
- BUILD: fix SUBVERS extraction in the Makefile
|
|
- BUILD: pattern: silence a warning about uninitialized value
|
|
- BUILD: log: fix build warning on Solaris
|
|
- BUILD: dumpstats: fix build error on Solaris
|
|
- DOC: move option pgsql-check to the correct place
|
|
- DOC: move option tcp-check to the proper place
|
|
- MINOR: connection: add simple functions to report connection readiness
|
|
- MEDIUM: connection: centralize handling of nolinger in fd management
|
|
- OPTIM: http: set CF_READ_DONTWAIT on response message
|
|
- OPTIM: http: do not re-enable reading on client side while closing the server side
|
|
- MINOR: config: add option http-keep-alive
|
|
- MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not
|
|
- MAJOR: stream-int: handle the connection reuse in si_connect()
|
|
- MAJOR: http: add the keep-alive transition on the server side
|
|
- MAJOR: backend: enable connection reuse
|
|
- MINOR: http: add option prefer-last-server
|
|
- MEDIUM: http: do not report connection errors for second and further requests
|
|
|
|
2013/06/17 : 1.5-dev19
|
|
- MINOR: stats: remove the autofocus on the scope input field
|
|
- BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored.
|
|
- BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file.
|
|
- BUG/MEDIUM: shctx: makes the code independent on SSL runtime version.
|
|
- MEDIUM: ssl: improve crt-list format to support negation
|
|
- BUG: ssl: fix crt-list for clients not supporting SNI
|
|
- MINOR: stats: show soft-stopped servers in different color
|
|
- BUG/MINOR: config: "source" does not work in defaults section
|
|
- BUG: regex: fix pcre compile error when using JIT
|
|
- MINOR: ssl: add pattern fetch 'ssl_c_sha1'
|
|
- BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used
|
|
- MINOR: show PCRE version and JIT status in -vv
|
|
- BUG/MINOR: jit: don't rely on USE flag to detect support
|
|
- DOC: readme: add suggestion to link against static openssl
|
|
- DOC: examples: provide simplified ssl configuration
|
|
- REORG: tproxy: prepare the transparent proxy defines for accepting other OSes
|
|
- MINOR: tproxy: add support for FreeBSD
|
|
- MINOR: tproxy: add support for OpenBSD
|
|
- DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8
|
|
- CLEANUP: fix minor typo in error message.
|
|
- CLEANUP: fix missing include <string.h> in proto/listener.h
|
|
- CLEANUP: protect checks.h from multiple inclusions
|
|
- MINOR: compression: acl "res.comp" and fetch "res.comp_algo"
|
|
- BUG/MINOR: http: add-header/set-header did not accept the ACL condition
|
|
- BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32
|
|
- BUG/MEDIUM: splicing is broken since 1.5-dev12
|
|
- BUG/MAJOR: acl: add implicit arguments to the resolve list
|
|
- BUG/MINOR: tcp: fix error reporting for TCP rules
|
|
- CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix
|
|
- MINOR: stick-table: allow to allocate an entry without filling it
|
|
- BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes
|
|
- MINOR: session: only call http_send_name_header() when changing the server
|
|
- MINOR: tcp: report the erroneous word in tcp-request track*
|
|
- BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
|
|
- BUG/MEDIUM: log: fix regression on log-format handling
|
|
- MEDIUM: log: report file name, line number, and directive name with log-format errors
|
|
- BUG/MINOR: cli: "clear table" did not work anymore without a key
|
|
- BUG/MINOR: cli: "clear table xx data.xx" does not work anymore
|
|
- BUG/MAJOR: http: compression still has defects on chunked responses
|
|
- BUG/MINOR: stats: fix confirmation links on the stats interface
|
|
- BUG/MINOR: stats: the status bar does not appear anymore after a change
|
|
- BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process"
|
|
- BUG/MEDIUM: stats: fix a regression when dealing with POST requests
|
|
- BUG/MINOR: fix unterminated ACL array in compression
|
|
- BUILD: last fix broke non-linux platforms
|
|
- MINOR: init: indicate the SSL runtime version on -vv.
|
|
- BUG/MEDIUM: compression: the deflate algorithm must use global settings as well
|
|
- BUILD: stdbool is not portable (again)
|
|
- DOC: readme: add a small reminder about restrictions to respect in the code
|
|
- MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates
|
|
- BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT
|
|
- DOC: fix wrong copy-paste in the rspdel example
|
|
- MINOR: counters: make it easier to extend the amount of tracked counters
|
|
- MEDIUM: counters: add support for tracking a third counter
|
|
- MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables
|
|
- BUG/MAJOR: http: always ensure response buffer has some room for a response
|
|
- MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked
|
|
- MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined
|
|
- MINOR: log: add a new flag 'L' for locally processed requests
|
|
- MINOR: http: add full-length header fetch methods
|
|
- MEDIUM: protocol: implement a "drain" function in protocol layers
|
|
- MEDIUM: http: add a new "http-response" ruleset
|
|
- MEDIUM: http: add the "set-nice" action to http-request and http-response
|
|
- MEDIUM: log: add a log level override value in struct session
|
|
- MEDIUM: http: add support for action "set-log-level" in http-request/http-response
|
|
- MEDIUM: http: add support for "set-tos" in http-request/http-response
|
|
- MEDIUM: http: add the "set-mark" action on http-request/http-response rules
|
|
- MEDIUM: tcp: add "tcp-request connection expect-proxy layer4"
|
|
- MEDIUM: acl: automatically detect the type of certain fetches
|
|
- MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches
|
|
- MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches
|
|
- DOC: major reorg of ACL + sample fetch
|
|
- CLEANUP: http: remove the bogus urlp_ip ACL match
|
|
- MINOR: acl: add the new "env()" fetch method to retrieve an environment variable
|
|
- BUG/MINOR: acl: correctly consider boolean fetches when doing casts
|
|
- BUG/CRITICAL: fix a possible crash when using negative header occurrences
|
|
- DOC: update ROADMAP file
|
|
- MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3
|
|
- MEDIUM: stats: add proxy name filtering on the statistic page
|
|
|
|
2013/04/03 : 1.5-dev18
|
|
- DOCS: Add explanation of intermediate certs to crt paramater
|
|
- DOC: typo and minor fixes in compression paragraph
|
|
- MINOR: config: http-request configuration error message misses new keywords
|
|
- DOC: minor typo fix in documentation
|
|
- BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured.
|
|
- MEDIUM: ssl: add bind-option "strict-sni"
|
|
- MEDIUM: ssl: add mapping from SNI to cert file using "crt-list"
|
|
- MEDIUM: regex: Use PCRE JIT in acl
|
|
- DOC: simplify bind option "interface" explanation
|
|
- DOC: tfo: bump required kernel to linux-3.7
|
|
- BUILD: add explicit support for TFO with USE_TFO
|
|
- MEDIUM: New cli option -Ds for systemd compatibility
|
|
- MEDIUM: add haproxy-systemd-wrapper
|
|
- MEDIUM: add systemd service
|
|
- BUG/MEDIUM: systemd-wrapper: don't leak zombie processes
|
|
- BUG/MEDIUM: remove supplementary groups when changing gid
|
|
- BUG/MEDIUM: config: fix parser crash with bad bind or server address
|
|
- BUG/MINOR: Correct logic in cut_crlf()
|
|
- CLEANUP: checks: Make desc argument to set_server_check_status const
|
|
- CLEANUP: dumpstats: Make cli_release_handler() static
|
|
- MEDIUM: server: Break out set weight processing code
|
|
- MEDIUM: server: Allow relative weights greater than 100%
|
|
- MEDIUM: server: Tighten up parsing of weight string
|
|
- MEDIUM: checks: Add agent health check
|
|
- BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot
|
|
- BUG/MINOR: time: frequency counters are not totally accurate
|
|
- BUG/MINOR: http: don't process abortonclose when request was sent
|
|
- BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw()
|
|
- BUG/MEDIUM: checks: ignore late resets after valid responses
|
|
- DOC: fix bogus recommendation on usage of gpc0 counter
|
|
- BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request
|
|
- MINOR: signal: don't block SIGPROF by default
|
|
- OPTIM: epoll: make use of EPOLLRDHUP
|
|
- OPTIM: splice: detect shutdowns and avoid splice() == 0
|
|
- OPTIM: splice: assume by default that splice is working correctly
|
|
- BUG/MINOR: log: temporary fix for lost SSL info in some situations
|
|
- BUG/MEDIUM: peers: only the last peers section was used by tables
|
|
- BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers
|
|
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
|
|
- BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
|
|
- BUG/MINOR: config: free peer's address when exiting upon parsing error
|
|
- BUG/MINOR: config: check the proper variable when parsing log minlvl
|
|
- BUG/MEDIUM: checks: ensure the health_status is always within bounds
|
|
- BUG/MINOR: cli: show sess should always validate s->listener
|
|
- BUG/MINOR: log: improper NULL return check on utoa_pad()
|
|
- CLEANUP: http: remove a useless null check
|
|
- CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener()
|
|
- BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
|
|
- BUG/MEDIUM: tools: off-by-one in quote_arg()
|
|
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
|
|
- BUG/MINOR: unix: remove the 'level' field from the ux struct
|
|
- CLEANUP: http: don't try to deinitialize http compression if it fails before init
|
|
- CLEANUP: config: slowstart is never negative
|
|
- CLEANUP: config: maxcompcpuusage is never negative
|
|
- BUG/MEDIUM: log: emit '-' for empty fields again
|
|
- BUG/MEDIUM: checks: fix a race condition between checks and observe layer7
|
|
- BUILD: fix a warning emitted by isblank() on non-c99 compilers
|
|
- BUILD: improve the makefile's support for libpcre
|
|
- MEDIUM: halog: add support for counting per source address (-ic)
|
|
- MEDIUM: tools: make str2sa_range support all address syntaxes
|
|
- MEDIUM: config: make use of str2sa_range() instead of str2sa()
|
|
- MEDIUM: config: use str2sa_range() to parse server addresses
|
|
- MEDIUM: config: use str2sa_range() to parse peers addresses
|
|
- MINOR: tests: add a config file to ease address parsing tests.
|
|
- MINOR: ssl: add a global tunable for the max SSL/TLS record size
|
|
- BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux
|
|
- BUILD/MINOR: syscall: add definition of NR_accept4 for ARM
|
|
- MINOR: config: report missing peers section name
|
|
- BUG/MEDIUM: tools: fix bad character handling in str2sa_range()
|
|
- BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket
|
|
- MINOR: tools: prepare str2sa_range() to return an error message
|
|
- BUG/MEDIUM: checks: don't call connect() on unsupported address families
|
|
- MINOR: tools: prepare str2sa_range() to accept a prefix
|
|
- MEDIUM: tools: make str2sa_range() parse unix addresses too
|
|
- MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses
|
|
- MEDIUM: config: use a single str2sa_range() call to parse bind addresses
|
|
- MEDIUM: config: use str2sa_range() to parse log addresses
|
|
- CLEANUP: tools: remove str2sun() which is not used anymore.
|
|
- MEDIUM: config: add complete support for str2sa_range() in dispatch
|
|
- MEDIUM: config: add complete support for str2sa_range() in server addr
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'server'
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'peer'
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc'
|
|
- CLEANUP: minor cleanup in str2sa_range() and str2ip()
|
|
- CLEANUP: config: do not use multiple errmsg at once
|
|
- MEDIUM: tools: support specifying explicit address families in str2sa_range()
|
|
- MAJOR: listener: support inheriting a listening fd from the parent
|
|
- MAJOR: tools: support environment variables in addresses
|
|
- BUG/MEDIUM: http: add-header should not emit "-" for empty fields
|
|
- BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong
|
|
- BUG/MEDIUM: http: fix another issue caused by http-send-name-header
|
|
- DOC: mention the new HTTP 307 and 308 redirect statues
|
|
- MEDIUM: poll: do not use FD_* macros anymore
|
|
- BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
|
|
- BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings
|
|
- BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern
|
|
- BUILD: fix usual isdigit() warning on solaris
|
|
- BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris
|
|
- OPTIM: buffer: remove one jump in buffer_count()
|
|
- OPTIM: http: improve branching in chunk size parser
|
|
- OPTIM: http: optimize the response forward state machine
|
|
- BUILD: enable poll() by default in the makefile
|
|
- BUILD: add explicit support for Mac OS/X
|
|
- BUG/MAJOR: http: use a static storage for sample fetch context
|
|
- BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file()
|
|
- BUG/MAJOR: http: fix regression introduced by commit a890d072
|
|
- BUG/MAJOR: http: fix regression introduced by commit d655ffe
|
|
- BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
|
|
- MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used
|
|
- MEDIUM: samples: use new flags to describe compatibility between fetches and their usages
|
|
- MINOR: log: indicate it when some unreliable sample fetches are logged
|
|
- MEDIUM: samples: move payload-based fetches and ACLs to their own file
|
|
- MINOR: backend: rename sample fetch functions and declare the sample keywords
|
|
- MINOR: frontend: rename sample fetch functions and declare the sample keywords
|
|
- MINOR: listener: rename sample fetch functions and declare the sample keywords
|
|
- MEDIUM: http: unify acl and sample fetch functions
|
|
- MINOR: session: rename sample fetch functions and declare the sample keywords
|
|
- MAJOR: acl: make all ACLs reference the fetch function via a sample.
|
|
- MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
|
|
- MAJOR: acl: remove fetch argument validation from the ACL struct
|
|
- MINOR: http: add new direction-explicit sample fetches for headers and cookies
|
|
- MINOR: payload: add new direction-explicit sample fetches
|
|
- CLEANUP: acl: remove ACL hooks which were never used
|
|
- MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed"
|
|
- MINOR: sample: provide a function to report the name of a sample check point
|
|
- MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires
|
|
- CLEANUP: acl: remove unused references to ACL_USE_*
|
|
- MINOR: http: replace acl_parse_ver with acl_parse_str
|
|
- MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr
|
|
- MAJOR: acl: add option -m to change the pattern matching method
|
|
- MINOR: acl: remove the use_count in acl keywords
|
|
- MEDIUM: acl: have a pointer to the keyword name in acl_expr
|
|
- MEDIUM: acl: support using sample fetches directly in ACLs
|
|
- MEDIUM: http: remove val_usr() to validate user_lists
|
|
- MAJOR: sample: maintain a per-proxy list of the fetch args to resolve
|
|
- MINOR: ssl: add support for the "alpn" bind keyword
|
|
- MINOR: http: status code 303 is HTTP/1.1 only
|
|
- MEDIUM: http: implement redirect 307 and 308
|
|
- MINOR: http: status 301 should not be marked non-cacheable
|
|
|
|
2012/12/28 : 1.5-dev17
|
|
- MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
|
|
- BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5
|
|
- BUG/MINOR: stats: last fix was still wrong
|
|
- BUG/MINOR: stats: http-request rules still don't cope with stats
|
|
- BUG/MINOR: http: http-request add-header emits a corrupted header
|
|
- BUG/MEDIUM: stats: disable request analyser when processing POST or HEAD
|
|
- BUG/MINOR: log: make log-format, unique-id-format and add-header more independant
|
|
- BUILD: log: unused variable svid
|
|
- CLEANUP: http: rename the misleading http_check_access_rule
|
|
- MINOR: http: move redirect rule processing to its own function
|
|
- REORG: config: move the http redirect rule parser to proto_http.c
|
|
- MEDIUM: http: add support for "http-request redirect" rules
|
|
- MEDIUM: http: add support for "http-request tarpit" rule
|
|
|
|
2012/12/24 : 1.5-dev16
|
|
- BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections.
|
|
- BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection.
|
|
- MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate.
|
|
- MINOR: contrib: make the iprange tool grep for addresses
|
|
- CLEANUP: polling: gcc doesn't always optimize constants away
|
|
- OPTIM: poll: optimize fd management functions for low register count CPUs
|
|
- CLEANUP: poll: remove a useless double-check on fdtab[fd].owner
|
|
- OPTIM: epoll: use a temp variable for intermediary flag computations
|
|
- OPTIM: epoll: current fd does not count as a new one
|
|
- BUG/MINOR: poll: the I/O handler was called twice for polled I/Os
|
|
- MINOR: http: make resp_ver and status ACLs check for the presence of a response
|
|
- BUG/MEDIUM: stream-interface: fix possible stalls during transfers
|
|
- BUG/MINOR: stream_interface: don't return when the fd is already set
|
|
- BUG/MEDIUM: connection: always update connection flags prior to computing polling
|
|
- CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0
|
|
- BUG/MAJOR: stream_interface: fix occasional data transfer freezes
|
|
- BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up
|
|
- BUG/MINOR: http: don't abort client connection on premature responses
|
|
- BUILD: no need to clean up when making git-tar
|
|
- MINOR: log: add a tag for amount of bytes uploaded from client to server
|
|
- BUG/MEDIUM: log: fix possible segfault during config parsing
|
|
- MEDIUM: log: change a few log tokens to make them easier to remember
|
|
- BUG/MINOR: log: add_to_logformat_list() used the wrong constants
|
|
- MEDIUM: log-format: make the format parser more robust and more extensible
|
|
- MINOR: sample: support cast from bool to string
|
|
- MINOR: samples: add a function to fetch and convert any sample to a string
|
|
- MINOR: log: add lf_text_len
|
|
- MEDIUM: log: add the ability to include samples in logs
|
|
- REORG: stats: massive code reorg and cleanup
|
|
- REORG: stats: move the HTTP header injection to proto_http
|
|
- REORG: stats: functions are now HTTP/CLI agnostic
|
|
- BUG/MINOR: log: fix regression introduced by commit 8a3f52
|
|
- MINOR: chunks: centralize the trash chunk allocation
|
|
- MEDIUM: stats: use hover boxes instead of title to report details
|
|
- MEDIUM: stats: use multi-line tips to display detailed counters
|
|
- MINOR: tools: simplify the use of the int to ascii macros
|
|
- MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML
|
|
- MINOR: http: prepare to support more http-request actions
|
|
- MINOR: log: make parse_logformat_string() take a const char *
|
|
- MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers
|
|
|
|
2012/12/12 : 1.5-dev15
|
|
- DOC: add a few precisions on compression
|
|
- BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert.
|
|
- BUG/MINOR: ssl: One free session in cache remains unused.
|
|
- BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err
|
|
- MEDIUM: ssl: manage shared cache by blocks for huge sessions.
|
|
- MINOR: acl: add fetch for server session rate
|
|
- BUG/MINOR: compression: Content-Type is case insensitive
|
|
- MINOR: compression: disable on multipart or status != 200
|
|
- BUG/MINOR: http: don't report client aborts as server errors
|
|
- MINOR: stats: compute the ratio of compressed response based on 2xx responses
|
|
- MINOR: http: factor out the content-type checks
|
|
- BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios
|
|
- BUILD: ssl: OpenSSL 0.9.6 has no renegociation
|
|
- BUG/MINOR: http: disable compression when message has no body
|
|
- MINOR: compression: make the stats a bit more robust
|
|
- BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes
|
|
- MINOR: connection: don't remove failed handshake flags
|
|
- MEDIUM: connection: add an error code in connections
|
|
- MEDIUM: connection: add minimal error reporting in logs for incomplete connections
|
|
- MEDIUM: connection: add error reporting for the PROXY protocol header
|
|
- MEDIUM: connection: add error reporting for the SSL
|
|
- DOC: document the connection error format in logs
|
|
- BUG/MINOR: http: don't log a 503 on client errors while waiting for requests
|
|
- BUILD: stdbool is not portable
|
|
- BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead
|
|
- BUG/MAJOR: raw_sock: must check error code on hangup
|
|
- BUG/MAJOR: polling: do not set speculative events on ERR nor HUP
|
|
- BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled
|
|
- MINOR: stats: add a few more information on session dump
|
|
- BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections
|
|
- CLEANUP: connection: remove unused server/proxy/task/si_applet declarations
|
|
- BUG/MEDIUM: tcp: process could theorically crash on lack of source ports
|
|
- MINOR: cfgparse: mention "interface" in the list of allowed "source" options
|
|
- MEDIUM: connection: introduce "struct conn_src" for servers and proxies
|
|
- CLEANUP: proto_tcp: use the same code to bind servers and backends
|
|
- CLEANUP: backend: use the same tproxy address selection code for servers and backends
|
|
- BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13
|
|
- MEDIUM: proto_tcp: add support for tracking L7 information
|
|
- MEDIUM: counters: add sc1_trackers/sc2_trackers
|
|
- MINOR: http: add the "base32" pattern fetch function
|
|
- MINOR: http: add the "base32+src" fetch method.
|
|
- CLEANUP: session: use an array for the stick counters
|
|
- BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2
|
|
- BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2
|
|
- BUG/MAJOR: connection: always recompute polling status upon I/O
|
|
- BUG/MINOR: connection: remove a few synchronous calls to polling updates
|
|
- MINOR: config: improve error checking on TCP stick-table tracking
|
|
- DOC: add some clarifications to the readme
|
|
|
|
2012/11/26 : 1.5-dev14
|
|
- DOC: fix minor typos
|
|
- BUG/MEDIUM: compression: does not forward trailers
|
|
- MINOR: buffer_dump with ASCII
|
|
- BUG/MEDIUM: checks: mark the check as stopped after a connect error
|
|
- BUG/MEDIUM: checks: ensure we completely disable polling upon success
|
|
- BUG/MINOR: checks: don't mark the FD as closed before transport close
|
|
- MEDIUM: checks: avoid accumulating TIME_WAITs during checks
|
|
- MINOR: cli: report the msg state in full text in "show sess $PTR"
|
|
- CLEANUP: checks: rename some server check flags
|
|
- MAJOR: checks: rework completely bogus state machine
|
|
- BUG/MINOR: checks: slightly clean the state machine up
|
|
- MEDIUM: checks: avoid waking the application up for pure TCP checks
|
|
- MEDIUM: checks: close the socket as soon as we have a response
|
|
- BUG/MAJOR: checks: close FD on all timeouts
|
|
- MINOR: checks: fix recv polling after connect()
|
|
- MEDIUM: connection: provide a common conn_full_close() function
|
|
- BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts
|
|
- BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops
|
|
- MINOR: listeners: make the accept loop more robust when maxaccept==0
|
|
- BUG/MEDIUM: acl: correctly resolve all args, not just the first one
|
|
- BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit
|
|
- BUG/MINOR: stats: fix inversion of the report of a check in progress
|
|
- MEDIUM: tcp: add explicit support for delayed ACK in connect()
|
|
- BUG/MEDIUM: connection: always disable polling upon error
|
|
- MINOR: connection: abort earlier when errors are detected
|
|
- BUG/MEDIUM: checks: report handshake failures
|
|
- BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish
|
|
- MINOR: tcp: add support for the "v6only" bind option
|
|
- MINOR: stats: also report the computed compression savings in html stats
|
|
- MINOR: stats: report the total number of compressed responses per front/back
|
|
- MINOR: tcp: add support for the "v4v6" bind option
|
|
- DOC: stats: document the comp_rsp stats column
|
|
- BUILD: buffer: fix another isprint() warning on solaris
|
|
- MINOR: cli: add support for the "show sess all" command
|
|
- BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list
|
|
- MINOR: cli: improve output format for show sess $ptr
|
|
|
|
2012/11/22 : 1.5-dev13
|
|
- BUILD: fix build issue without USE_OPENSSL
|
|
- BUILD: fix compilation error with DEBUG_FULL
|
|
- DOC: ssl: remove prefer-server-ciphers documentation
|
|
- DOC: ssl: surround keywords with quotes
|
|
- DOC: fix minor typo on http-send-name-header
|
|
- BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs
|
|
- BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl
|
|
- MEDIUM: http: accept IPv6 values with (s)hdr_ip acl
|
|
- BUILD: report zlib support in haproxy -vv
|
|
- DOC: compression: add some details and clean up the formatting
|
|
- DOC: Change is_ssl acl to ssl_fc acl in example
|
|
- DOC: make it clear what the HTTP request size is
|
|
- MINOR: ssl: try to load Diffie-Hellman parameters from cert file
|
|
- DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading
|
|
- MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation
|
|
- DOC: ssl: add 'ecdhe' statement on 'bind'
|
|
- MEDIUM: ssl: add client certificate authentication support
|
|
- DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind'
|
|
- MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present
|
|
- DOC: ssl: add fetch and ACL 'client_cert'
|
|
- MINOR: ssl: add ignore verify errors options
|
|
- DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind'
|
|
- MINOR: ssl: add fetch and ACL 'ssl_verify_result'
|
|
- DOC: ssl: add fetch and ACL 'ssl_verify_result'
|
|
- MINOR: ssl: add fetches and ACLs to return verify errors
|
|
- DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth'
|
|
- MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1
|
|
- MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory
|
|
- MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
|
|
- DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
|
|
- MEDIUM: config: authorize frontend and listen without bind.
|
|
- MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption
|
|
- DOC: ssl: add 'no-tls-tickets' statement documentation.
|
|
- BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified.
|
|
- BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature.
|
|
- BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL.
|
|
- BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686.
|
|
- MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners.
|
|
- BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes
|
|
- MINOR: ssl: add 'crt-base' and 'ca-base' global statements.
|
|
- MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'.
|
|
- MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file'
|
|
- MINOR: ssl: use bit fields to store ssl options instead of one int each
|
|
- MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind.
|
|
- MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server
|
|
- MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS.
|
|
- BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3'
|
|
- MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c
|
|
- MEDIUM: ssl: reject ssl server keywords in default-server statement
|
|
- MINOR: ssl: add statement 'no-tls-tickets' on server side.
|
|
- MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers.
|
|
- DOC: Fix rename of options cafile and crlfile to ca-file and crl-file.
|
|
- MINOR: sample: manage binary to string type convertion in stick-table and samples.
|
|
- MINOR: acl: add parse and match primitives to use binary type on ACLs
|
|
- MINOR: sample: export 'sample_get_trash_chunk(void)'
|
|
- MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize'
|
|
- MINOR: ssl: add pattern fetch 'ssl_fc_session_id'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn'
|
|
- MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter'
|
|
- MINOR: ssl: add 'crt' statement on server.
|
|
- MINOR: ssl: checks the consistency of a private key with the corresponding certificate
|
|
- BUG/MEDIUM: ssl: review polling on reneg.
|
|
- BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled.
|
|
- BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server.
|
|
- MINOR: build: allow packagers to specify the ssl cache size
|
|
- MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind.
|
|
- MINOR: ssl: Add tune.ssl.lifetime statement in global.
|
|
- MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8
|
|
- BUG: http: revert broken optimisation from 82fe75c1a79dac933391501b9d293bce34513755
|
|
- DOC: duplicate ssl_sni section
|
|
- MEDIUM: HTTP compression (zlib library support)
|
|
- CLEANUP: use struct comp_ctx instead of union
|
|
- BUILD: remove dependency to zlib.h
|
|
- MINOR: compression: memlevel and windowsize
|
|
- MEDIUM: use pool for zlib
|
|
- MINOR: compression: try init in cfgparse.c
|
|
- MINOR: compression: init before deleting headers
|
|
- MEDIUM: compression: limit RAM usage
|
|
- MINOR: compression: tune.comp.maxlevel
|
|
- MINOR: compression: maximum compression rate limit
|
|
- MINOR: log-format: check number of arguments in cfgparse.c
|
|
- BUG/MEDIUM: compression: no Content-Type header but type in configuration
|
|
- BUG/MINOR: compression: deinit zlib only when required
|
|
- MEDIUM: compression: don't compress when no data
|
|
- MEDIUM: compression: use pool for comp_ctx
|
|
- MINOR: compression: rate limit in 'show info'
|
|
- MINOR: compression: report zlib memory usage
|
|
- BUG/MINOR: compression: dynamic level increase
|
|
- DOC: compression: unsupported cases.
|
|
- MINOR: compression: CPU usage limit
|
|
- MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection
|
|
- BUG/MAJOR: ssl: missing tests in ACL fetch functions
|
|
- MINOR: config: add a function to indent error messages
|
|
- REORG: split "protocols" files into protocol and listener
|
|
- MEDIUM: config: replace ssl_conf by bind_conf
|
|
- CLEANUP: listener: remove unused conf->file and conf->line
|
|
- MEDIUM: listener: add a minimal framework to register "bind" keyword options
|
|
- MEDIUM: config: move the "bind" TCP parameters to proto_tcp
|
|
- MEDIUM: move bind SSL parsing to ssl_sock
|
|
- MINOR: config: improve error reporting for "bind" lines
|
|
- MEDIUM: config: move the common "bind" settings to listener.c
|
|
- MEDIUM: config: move all unix-specific bind keywords to proto_uxst.c
|
|
- MEDIUM: config: enumerate full list of registered "bind" keywords upon error
|
|
- MINOR: listener: add a scope field in the bind keyword lists
|
|
- MINOR: config: pass the file and line to config keyword parsers
|
|
- MINOR: stats: fill the file and line numbers in the stats frontend
|
|
- MINOR: config: set the bind_conf entry on listeners created from a "listen" line.
|
|
- MAJOR: listeners: use dual-linked lists to chain listeners with frontends
|
|
- REORG: listener: move unix perms from the listener to the bind_conf
|
|
- BUG: backend: balance hdr was broken since 1.5-dev11
|
|
- MINOR: standard: make memprintf() support a NULL destination
|
|
- MINOR: config: make str2listener() use memprintf() to report errors.
|
|
- MEDIUM: stats: remove the stats_sock struct from the global struct
|
|
- MINOR: ssl: set the listeners' data layer to ssl during parsing
|
|
- MEDIUM: stats: make use of the standard "bind" parsers to parse global socket
|
|
- DOC: move bind options to their own section
|
|
- DOC: stats: refer to "bind" section for "stats socket" settings
|
|
- DOC: fix index to reference bind and server options
|
|
- BUG: http: do not print garbage on invalid requests in debug mode
|
|
- BUG/MINOR: config: check the proper pointer to report unknown protocol
|
|
- CLEANUP: connection: offer conn_prepare() to set up a connection
|
|
- CLEANUP: config: fix typo inteface => interface
|
|
- BUG: stats: fix regression introduced by commit 4348fad1
|
|
- MINOR: cli: allow to set frontend maxconn to zero
|
|
- BUG/MAJOR: http: chunk parser was broken with buffer changes
|
|
- MEDIUM: monitor: simplify handling of monitor-net and mode health
|
|
- MINOR: connection: add a pointer to the connection owner
|
|
- MEDIUM: connection: make use of the owner instead of container_of
|
|
- BUG/MINOR: ssl: report the L4 connection as established when possible
|
|
- BUG/MEDIUM: proxy: must not try to stop disabled proxies upon reload
|
|
- BUG/MINOR: config: use a copy of the file name in proxy configurations
|
|
- BUG/MEDIUM: listener: don't pause protocols that do not support it
|
|
- MEDIUM: proxy: add the global frontend to the list of normal proxies
|
|
- BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
|
|
- MINOR: signal: really ignore signals configured with no handler
|
|
- MINOR: buffers: add a few functions to write chars, strings and blocks
|
|
- MINOR: raw_sock: always report asynchronous connection errors
|
|
- MEDIUM: raw_sock: improve connection error reporting
|
|
- REORG: connection: rename the data layer the "transport layer"
|
|
- REORG: connection: rename app_cb "data"
|
|
- MINOR: connection: provide a generic data layer wakeup callback
|
|
- MINOR: connection: split conn_prepare() in two functions
|
|
- MINOR: connection: add an init callback to the data_cb struct
|
|
- MEDIUM: session: use a specific data_cb for embryonic sessions
|
|
- MEDIUM: connection: use a generic data-layer init() callback
|
|
- MEDIUM: connection: reorganize connection flags
|
|
- MEDIUM: connection: only call the data->wake callback on activity
|
|
- MEDIUM: connection: make it possible for data->wake to return an error
|
|
- MEDIUM: session: register a data->wake callback to process errors
|
|
- MEDIUM: connection: don't call the data->init callback upon error
|
|
- MEDIUM: connection: it's not the data layer's role to validate the connection
|
|
- MEDIUM: connection: automatically disable polling on error
|
|
- REORG: connection: move the PROXY protocol management to connection.c
|
|
- MEDIUM: connection: add a new local send-proxy transport callback
|
|
- MAJOR: checks: make use of the connection layer to send checks
|
|
- REORG: server: move the check-specific parts into a check subsection
|
|
- MEDIUM: checks: use real buffers to store requests and responses
|
|
- MEDIUM: check: add the ctrl and transport layers in the server check structure
|
|
- MAJOR: checks: completely use the connection transport layer
|
|
- MEDIUM: checks: add the "check-ssl" server option
|
|
- MEDIUM: checks: enable the PROXY protocol with health checks
|
|
- CLEANUP: checks: remove minor warnings for assigned but not used variables
|
|
- MEDIUM: tcp: enable TCP Fast Open on systems which support it
|
|
- BUG: connection: fix regression from commit 9e272bf9
|
|
- CLEANUP: cttproxy: remove a warning on undeclared close()
|
|
- BUG/MAJOR: ensure that hdr_idx is always reserved when L7 fetches are used
|
|
- MEDIUM: listener: add support for linux's accept4() syscall
|
|
- MINOR: halog: sort output by cookie code
|
|
- BUG/MINOR: halog: -ad/-ac report the correct number of output lines
|
|
- BUG/MINOR: halog: fix help message for -ut/-uto
|
|
- MINOR: halog: add a parameter to limit output line count
|
|
- BUILD: accept4: move the socketcall declaration outside of accept4()
|
|
- MINOR: server: add minimal infrastructure to parse keywords
|
|
- MINOR: standard: make indent_msg() support empty messages
|
|
- MEDIUM: server: check for registered keywords when parsing unknown keywords
|
|
- MEDIUM: server: move parsing of keyword "id" to server.c
|
|
- BUG/MEDIUM: config: check-send-proxy was ignored if SSL was not builtin
|
|
- MEDIUM: ssl: move "server" keyword SSL options parsing to ssl_sock.c
|
|
- MEDIUM: log: suffix the frontend's name with '~' when using SSL
|
|
- MEDIUM: connection: always unset the transport layer upon close
|
|
- BUG/MINOR: session: fix some leftover from debug code
|
|
- BUG/MEDIUM: session: enable the conn_session_update() callback
|
|
- MEDIUM: connection: add a flag to hold the transport layer
|
|
- MEDIUM: log: add a new LW_XPRT flag to pin the transport layer
|
|
- MINOR: log: make lf_text use a const char *
|
|
- MEDIUM: log: report SSL ciphers and version in logs using logformat %sslc/%sslv
|
|
- REORG: http: rename msg->buf to msg->chn since it's a channel
|
|
- CLEANUP: http: use 'chn' to name channel variables, not 'buf'
|
|
- CLEANUP: channel: use 'chn' instead of 'buf' as local variable names
|
|
- CLEANUP: tcp: use 'chn' instead of 'buf' or 'b' for channel pointer names
|
|
- CLEANUP: stream_interface: use 'chn' instead of 'b' to name channel pointers
|
|
- CLEANUP: acl: use 'chn' instead of 'b' to name channel pointers
|
|
- MAJOR: channel: replace the struct buffer with a pointer to a buffer
|
|
- OPTIM: channel: reorganize struct members to improve cache efficiency
|
|
- CLEANUP: session: remove term_trace which is not used anymore
|
|
- OPTIM: session: reorder struct session fields
|
|
- OPTIM: connection: pack the struct target
|
|
- DOC: document relations between internal entities
|
|
- MINOR: ssl: add 'ssl_npn' sample/acl to extract TLS/NPN information
|
|
- BUILD: ssl: fix shctx build on older compilers
|
|
- MEDIUM: ssl: add support for the "npn" bind keyword
|
|
- BUG: ssl: fix ssl_sni ACLs to correctly process regular expressions
|
|
- MINOR: chunk: provide string compare functions
|
|
- MINOR: sample: accept fetch keywords without parenthesis
|
|
- MEDIUM: sample: pass an empty list instead of a null for fetch args
|
|
- MINOR: ssl: improve socket behaviour upon handshake abort.
|
|
- BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode
|
|
- MEDIUM: listener: provide a fallback for accept4() when not supported
|
|
- BUG/MAJOR: connection: risk of crash on certain tricky close scenario
|
|
- MEDIUM: cli: allow the stats socket to be bound to a specific set of processes
|
|
- OPTIM: channel: inline channel_forward's fast path
|
|
- OPTIM: http: inline http_parse_chunk_size() and http_skip_chunk_crlf()
|
|
- OPTIM: tools: inline hex2i()
|
|
- CLEANUP: http: rename HTTP_MSG_DATA_CRLF state
|
|
- MINOR: compression: automatically disable compression for older browsers
|
|
- MINOR: compression: optimize memLevel to improve byte rate
|
|
- BUG/MINOR: http: compression should consider all Accept-Encoding header values
|
|
- BUILD: fix coexistence of openssl and zlib
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_serial' and 'ssl_f_serial'
|
|
- BUG/MEDIUM: command-line option -D must have precedence over "debug"
|
|
- MINOR: tools: add a clear_addr() function to unset an address
|
|
- BUG/MEDIUM: tcp: transparent bind to the source only when address is set
|
|
- CLEANUP: remove trashlen
|
|
- MAJOR: session: detach the connections from the stream interfaces
|
|
- DOC: update document describing relations between internal entities
|
|
- BUILD: make it possible to specify ZLIB path
|
|
- MINOR: compression: add an offload option to remove the Accept-Encoding header
|
|
- BUG: compression: disable auto-close and enable MSG_MORE during transfer
|
|
- CLEANUP: completely remove trashlen
|
|
- MINOR: chunk: add a function to reset a chunk
|
|
- CLEANUP: replace chunk_printf() with chunk_appendf()
|
|
- MEDIUM: make the trash be a chunk instead of a char *
|
|
- MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions
|
|
- MEDIUM: stick-table: allocate the table key of size buffer size
|
|
- BUG/MINOR: stream_interface: don't loop over ->snd_buf()
|
|
- BUG/MINOR: session: ensure that we don't retry connection if some data were sent
|
|
- OPTIM: session: don't process the whole session when only timers need a refresh
|
|
- BUG/MINOR: session: mark the handshake as complete earlier
|
|
- MAJOR: connection: remove the CO_FL_CURR_*_POL flag
|
|
- BUG/MAJOR: always clear the CO_FL_WAIT_* flags after updating polling flags
|
|
- MAJOR: sepoll: make the poller totally event-driven
|
|
- OPTIM: stream_interface: disable reading when CF_READ_DONTWAIT is set
|
|
- BUILD: compression: remove a build warning
|
|
- MEDIUM: fd: don't unset fdtab[].updated upon delete
|
|
- REORG: fd: move the speculative I/O management from ev_sepoll
|
|
- REORG: fd: move the fd state management from ev_sepoll
|
|
- REORG: fd: centralize the processing of speculative events
|
|
- BUG: raw_sock: also consider ENOTCONN in addition to EAGAIN
|
|
- BUILD: stream_interface: remove si_fd() and its references
|
|
- BUILD: compression: enable build in BSD and OSX Makefiles
|
|
- MAJOR: ev_select: make the poller support speculative events
|
|
- MAJOR: ev_poll: make the poller support speculative events
|
|
- MAJOR: ev_kqueue: make the poller support speculative events
|
|
- MAJOR: polling: replace epoll with sepoll and remove sepoll
|
|
- MAJOR: polling: remove unused callbacks from the poller struct
|
|
- MEDIUM: http: refrain from sending "Connection: close" when Upgrade is present
|
|
- CLEANUP: channel: remove any reference of the hijackers
|
|
- CLEANUP: stream_interface: remove the external task type target
|
|
- MAJOR: connection: replace struct target with a pointer to an enum
|
|
- BUG: connection: fix typo in previous commit
|
|
- BUG: polling: don't skip polled events in the spec list
|
|
- MINOR: splice: disable it when the system returns EBADF
|
|
- MINOR: build: allow packagers to specify the default maxzlibmem
|
|
- BUG: halog: fix broken output limitation
|
|
- BUG: proxy: fix server name lookup in get_backend_server()
|
|
- BUG: compression: do not always increment the round counter on allocation failure
|
|
- BUG/MEDIUM: compression: release the zlib pools between keep-alive requests
|
|
- MINOR: global: don't prevent nbproc from being redefined
|
|
- MINOR: config: support process ranges for "bind-process"
|
|
- MEDIUM: global: add support for CPU binding on Linux ("cpu-map")
|
|
- MINOR: ssl: rename and document the tune.ssl.cachesize option
|
|
- DOC: update the PROXY protocol spec to support v2
|
|
- MINOR: standard: add a simple popcount function
|
|
- MEDIUM: adjust the maxaccept per listener depending on the number of processes
|
|
- BUG: compression: properly disable compression when content-type does not match
|
|
- MINOR: cli: report connection status in "show sess xxx"
|
|
- BUG/MAJOR: stream_interface: certain workloads could cause get stuck
|
|
- BUILD: cli: fix build when SSL is enabled
|
|
- MINOR: cli: report the fd state in "show sess xxx"
|
|
- MINOR: cli: report an error message on missing argument to compression rate
|
|
- MINOR: http: add some debugging functions to pretty-print msg state names
|
|
- BUG/MAJOR: stream_interface: read0 not always handled since dev12
|
|
- DOC: documentation on http header capture is wrong
|
|
- MINOR: http: allow the cookie capture size to be changed
|
|
- DOC: http header capture has not been limited in size for a long time
|
|
- DOC: update readme with build methods for BSD
|
|
- BUILD: silence a warning on Solaris about usage of isdigit()
|
|
- MINOR: stats: report HTTP compression stats per frontend and per backend
|
|
- MINOR: log: add '%Tl' to log-format
|
|
- MINOR: samples: update the url_param fetch to match parameters in the path
|
|
|
|
2012/09/10 : 1.5-dev12
|
|
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
|
|
- MEDIUM: ssl: add support for prefer-server-ciphers option
|
|
- MINOR: IPv6 support for transparent proxy
|
|
- MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined
|
|
- MINOR: server: add SSL context to servers if USE_OPENSSL is defined
|
|
- MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS).
|
|
- MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer
|
|
- MEDIUM: config: add the 'ssl' keyword on 'bind' lines
|
|
- MEDIUM: config: add support for the 'ssl' option on 'server' lines
|
|
- MEDIUM: ssl: protect against client-initiated renegociation
|
|
- BUILD: add optional support for SSL via the USE_OPENSSL flag
|
|
- MEDIUM: ssl: add shared memory session cache implementation.
|
|
- MEDIUM: ssl: replace OpenSSL's session cache with the shared cache
|
|
- MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.
|
|
- MEDIUM: ssl: add support for SNI and wildcard certificates
|
|
- DOC: Typos cleanup
|
|
- DOC: fix name for "option independant-streams"
|
|
- DOC: specify the default value for maxconn in the context of a proxy
|
|
- BUG/MINOR: to_log erased with unique-id-format
|
|
- LICENSE: add licence exception for OpenSSL
|
|
- BUG/MAJOR: cookie prefix doesn't support cookie-less servers
|
|
- BUILD: add an AIX 5.2 (and later) target.
|
|
- MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection
|
|
- MINOR: halog: use the more recent dual-mode fgets2 implementation
|
|
- BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches
|
|
- CLEANUP: halog: make clean should also remove .o files
|
|
- OPTIM: halog: make use of memchr() on platforms which provide a fast one
|
|
- OPTIM: halog: improve cold-cache behaviour when loading a file
|
|
- BUG/MINOR: ACL implicit arguments must be created with unresolved flag
|
|
- MINOR: replace acl_fetch_{path,url}* with smp_fetch_*
|
|
- MEDIUM: pattern: add the "base" sample fetch method
|
|
- OPTIM: i386: make use of kernel-mode-linux when available
|
|
- BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
|
|
- BUG/MINOR: polling: some events were not set in various pollers
|
|
- MINOR: http: add the urlp_val ACL match
|
|
- BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families
|
|
- MINOR: stats/cli: add plans to support more stick-table actions
|
|
- MEDIUM: stats/cli: add support for "set table key" to enter values
|
|
- REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab
|
|
- REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll
|
|
- REORG/MEDIUM: fd: get rid of FD_STLISTEN
|
|
- REORG/MINOR: connection: move declaration to its own include file
|
|
- REORG/MINOR: checks: put a struct connection into the server
|
|
- MINOR: connection: add flags to the connection struct
|
|
- MAJOR: get rid of fdtab[].state and use connection->flags instead
|
|
- MINOR: fd: add a new I/O handler to fdtab
|
|
- MEDIUM: polling: prepare to call the iocb() function when defined.
|
|
- MEDIUM: checks: make use of fdtab->iocb instead of cb[]
|
|
- MEDIUM: protocols: use the generic I/O callback for accept callbacks
|
|
- MINOR: connection: add a handler for fd-based connections
|
|
- MAJOR: connection: replace direct I/O callbacks with the connection callback
|
|
- MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore
|
|
- MEDIUM: connection: remove the FD_POLL_* flags only once
|
|
- MEDIUM: connection: extract the send_proxy callback from proto_tcp
|
|
- MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes
|
|
- CLEANUP: remove the now unused fdtab direct I/O callbacks
|
|
- MAJOR: remove the stream interface and task management code from sock_*
|
|
- MEDIUM: stream_interface: pass connection instead of fd in sock_ops
|
|
- MEDIUM: stream_interface: centralize the SI_FL_ERR management
|
|
- MAJOR: connection: add a new CO_FL_CONNECTED flag
|
|
- MINOR: rearrange tcp_connect_probe() and fix wrong return codes
|
|
- MAJOR: connection: call data layer handshakes from the handler
|
|
- MEDIUM: fd: remove the EV_FD_COND_* primitives
|
|
- MINOR: sock_raw: move calls to si_data_close upper
|
|
- REORG: connection: replace si_data_close() with conn_data_close()
|
|
- MEDIUM: sock_raw: introduce a read0 callback that is different from shutr
|
|
- MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer
|
|
- MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls
|
|
- MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required
|
|
- MEDIUM: connection: add definitions for dual polling mechanisms
|
|
- MEDIUM: connection: make use of the new polling functions
|
|
- MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers
|
|
- MEDIUM: checks: don't use FD_WAIT_* anymore
|
|
- MINOR: fd: get rid of FD_WAIT_*
|
|
- MEDIUM: stream_interface: offer a generic function for connection updates
|
|
- MEDIUM: stream-interface: offer a generic chk_rcv function for connections
|
|
- MEDIUM: stream-interface: add a snd_buf() callback to sock_ops
|
|
- MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function
|
|
- MEDIUM: stream-interface: provide a generic si_conn_send_cb callback
|
|
- MEDIUM: stream-interface: provide a generic stream_sock_read0() function
|
|
- REORG/MAJOR: use "struct channel" instead of "struct buffer"
|
|
- REORG/MAJOR: extract "struct buffer" from "struct channel"
|
|
- MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions
|
|
- REORG: sock_raw: rename the files raw_sock*
|
|
- MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read()
|
|
- MAJOR: raw_sock: temporarily disable splicing
|
|
- MINOR: stream-interface: add an rcv_buf callback to sock_ops
|
|
- REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb()
|
|
- MAJOR: connection: split the send call into connection and stream interface
|
|
- MAJOR: stream-interface: restore splicing mechanism
|
|
- MAJOR: stream-interface: make conn_notify_si() more robust
|
|
- MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy()
|
|
- MAJOR: stream-interface: don't commit polling changes in every callback
|
|
- MAJOR: stream-interface: fix splice not to call chk_snd by itself
|
|
- MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress
|
|
- CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops
|
|
- REORG: buffers: split buffers into chunk,buffer,channel
|
|
- MAJOR: channel: remove the BF_OUT_EMPTY flag
|
|
- REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h
|
|
- MINOR: channel: rename bi_full to channel_full as it checks the whole channel
|
|
- MINOR: buffer: provide a new buffer_full() function
|
|
- MAJOR: channel: stop relying on BF_FULL to take action
|
|
- MAJOR: channel: remove the BF_FULL flag
|
|
- REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h}
|
|
- CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_
|
|
- CLEANUP: channel: use "channel" instead of "buffer" in function names
|
|
- REORG: connection: move the target pointer from si to connection
|
|
- MAJOR: connection: move the addr field from the stream_interface
|
|
- MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags
|
|
- MEDIUM: proto_tcp: remove any dependence on stream_interface
|
|
- MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key
|
|
- MEDIUM: connection: add an ->init function to data layer
|
|
- MAJOR: session: introduce embryonic sessions
|
|
- MAJOR: connection: make the PROXY decoder a handshake handler
|
|
- CLEANUP: frontend: remove the old proxy protocol decoder
|
|
- MAJOR: connection: rearrange the polling flags.
|
|
- MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet
|
|
- MEDIUM: connection: complete the polling cleanups
|
|
- MEDIUM: connection: avoid calling handshakes when polling is required
|
|
- MAJOR: stream_interface: continue to update data polling flags during handshakes
|
|
- CLEANUP: fd: remove fdtab->flags
|
|
- CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest
|
|
- CLEANUP: includes: fix includes for a number of users of fd.h
|
|
- MINOR: ssl: disable TCP quick-ack by default on SSL listeners
|
|
- MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites
|
|
- MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines
|
|
- BUG: ssl: mark the connection as waiting for an SSL connection during the handshake
|
|
- BUILD: http: rename error_message http_error_message to fix conflicts on RHEL
|
|
- BUILD: ssl: fix shctx build on RHEL with futex
|
|
- BUILD: include sys/socket.h to fix build failure on FreeBSD
|
|
- BUILD: fix build error without SSL (ssl_cert)
|
|
- BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS
|
|
- BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1
|
|
- MEDIUM: config: support per-listener backlog and maxconn
|
|
- MINOR: session: do not send an HTTP/500 error on SSL sockets
|
|
- MEDIUM: config: implement maxsslconn in the global section
|
|
- BUG: tcp: close socket fd upon connect error
|
|
- MEDIUM: connection: improve error handling around the data layer
|
|
- MINOR: config: make the tasks "nice" value configurable on "bind" lines.
|
|
- BUILD: shut a gcc warning introduced by commit 269ab31
|
|
- MEDIUM: config: centralize handling of SSL config per bind line
|
|
- BUILD: makefile: report USE_OPENSSL status in build options
|
|
- BUILD: report openssl build settings in haproxy -vv
|
|
- MEDIUM: ssl: add sample fetches for is_ssl, ssl_has_sni, ssl_sni_*
|
|
- DOC: add a special acknowledgement for the stud project
|
|
- DOC: add missing SSL options for servers and listeners
|
|
- BUILD: automatically add -lcrypto for SSL
|
|
- DOC: add some info about openssl build in the README
|
|
|
|
2012/06/04 : 1.5-dev11
|
|
- BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations
|
|
- BUG/MAJOR: trash must always be the size of a buffer
|
|
- DOC: fix minor regex example issue and improve doc on stats
|
|
- MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT
|
|
- MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct
|
|
- MINOR: checks: add on-marked-up option
|
|
- MINOR: balance uri: added 'whole' parameter to include query string in hash calculation
|
|
- MEDIUM: stream_interface: remove the si->init
|
|
- MINOR: buffers: add a rewind function
|
|
- BUG/MAJOR: fix regression on content-based hashing and http-send-name-header
|
|
- MAJOR: http: stop using msg->sol outside the parsers
|
|
- CLEANUP: http: make it more obvious that msg->som is always null outside of chunks
|
|
- MEDIUM: http: get rid of msg->som which is not used anymore
|
|
- MEDIUM: http: msg->sov and msg->sol will never wrap
|
|
- BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
|
|
- BUG/MINOR: stop connect timeout when connect succeeds
|
|
- REORG: move the send-proxy code to tcp_connect_write()
|
|
- REORG/MINOR: session: detect the TCP monitor checks at the protocol accept
|
|
- MINOR: stream_interface: introduce a new "struct connection" type
|
|
- REORG/MINOR: stream_interface: move si->fd to struct connection
|
|
- REORG/MEDIUM: stream_interface: move applet->state and private to connection
|
|
- MINOR: stream_interface: add a data channel close function
|
|
- MEDIUM: stream_interface: call si_data_close() before releasing the si
|
|
- MINOR: peers: use the socket layer operations from the peer instead of sock_raw
|
|
- BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect
|
|
- MINOR: add a new function call tracer for debugging purposes
|
|
- BUG/MINOR: perform_http_redirect also needs to rewind the buffer
|
|
- BUG/MAJOR: b_rew() must pass a signed offset to b_ptr()
|
|
- BUG/MEDIUM: register peer sync handler in the proper order
|
|
- BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer
|
|
- BUG/MINOR: fix option httplog validation with TCP frontends
|
|
- BUG/MINOR: log: don't report logformat errors in backends
|
|
- REORG/MINOR: use dedicated proxy flags for the cookie handling
|
|
- BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http
|
|
- MINOR: http: add support for "httponly" and "secure" cookie attributes
|
|
- BUG/MEDIUM: ensure that unresolved arguments are freed exactly once
|
|
- BUG/MINOR: commit 196729ef used wrong condition resulting in freeing constants
|
|
- MEDIUM: stats: add support for soft stop/soft start in the admin interface
|
|
- MEDIUM: stats: add the ability to kill sessions from the admin interface
|
|
- BUILD: add support for linux kernels >= 2.6.28
|
|
|
|
2012/05/14 : 1.5-dev10
|
|
- BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally
|
|
- BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist
|
|
- CLEANUP: auth: make the code build again with DEBUG_AUTH
|
|
- BUG/MEDIUM: config: don't crash at config load time on invalid userlist names
|
|
- REORG: use the name sock_raw instead of stream_sock
|
|
- MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT
|
|
- BUG/MEDIUM: stream_interface: restore get_src/get_dst
|
|
- CLEANUP: sock_raw: remove last references to stream_sock
|
|
- CLEANUP: stream_interface: stop exporting socket layer functions
|
|
- MINOR: stream_interface: add an init callback to sock_ops
|
|
- MEDIUM: stream_interface: derive the socket operations from the target
|
|
- MAJOR: fd: remove the need for the socket layer to recheck the connection
|
|
- MINOR: session: call the socket layer init function when a session establishes
|
|
- MEDIUM: session: add support for tunnel timeouts
|
|
- MINOR: standard: add a new debug macro : fddebug()
|
|
- CLEANUP: fd: remove unused cb->b pointers in the struct fdtab
|
|
- OPTIM: proto_http: don't enable quick-ack on empty buffers
|
|
- OPTIM/MAJOR: ev_sepoll: process spec events after polled events
|
|
- OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag
|
|
|
|
2012/05/08 : 1.5-dev9
|
|
- MINOR: Add release callback to si_applet
|
|
- CLEANUP: Fix some minor typos
|
|
- MINOR: Add TO/FROM_SET flags to struct stream_interface
|
|
- CLEANUP: Fix some minor whitespace issues
|
|
- MINOR: stats admin: allow unordered parameters in POST requests
|
|
- CLEANUP: fix typo in findserver() log message
|
|
- MINOR: stats admin: use the backend id instead of its name in the form
|
|
- MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes
|
|
- DOC: cleanup indentation, alignment, columns and chapters
|
|
- DOC: fix some keywords arguments documentation
|
|
- MINOR: cli: display the 4 IP addresses and ports on "show sess XXX"
|
|
- BUG/MAJOR: log: possible segfault with logformat
|
|
- MEDIUM: log: split of log_format generation
|
|
- MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid
|
|
- MEDIUM: log: Unique ID
|
|
- MINOR: log: log-format: usable without httplog and tcplog
|
|
- BUG/MEDIUM: balance source did not properly hash IPv6 addresses
|
|
- MINOR: contrib/iprange: add a network IP range to mask converter
|
|
- MEDIUM: session: implement the "use-server" directive
|
|
- MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used
|
|
- MEDIUM: http: make extract_cookie_value() iterate over cookie values
|
|
- MEDIUM: http: add cookie and scookie ACLs
|
|
- CLEANUP: lb_first: add reference to a paper describing the original idea
|
|
- MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET
|
|
- BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present
|
|
- BUILD: http: make extract_cookie_value() return an int not size_t
|
|
- BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values
|
|
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
|
|
- MINOR: standard: add a memprintf() function to build formatted error messages
|
|
- CLEANUP: remove a few warning about unchecked return values in debug code
|
|
- MEDIUM: move message-related flags from transaction to message
|
|
- DOC: add a diagram to explain how circular buffers work
|
|
- MAJOR: buffer rework: replace ->send_max with ->o
|
|
- MAJOR: buffer: replace buf->l with buf->{o+i}
|
|
- MINOR: buffers: provide simple pointer normalization functions
|
|
- MINOR: buffers: remove unused function buffer_contig_data()
|
|
- MAJOR: buffers: replace buf->w with buf->p - buf->o
|
|
- MAJOR: buffers: replace buf->r with buf->p + buf->i
|
|
- MAJOR: http: move buffer->lr to http_msg->next
|
|
- MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin
|
|
- CLEANUP: http: remove unused http_msg->col
|
|
- MAJOR: http: turn http_msg->eol to a buffer-relative offset
|
|
- MEDIUM: http: add a pointer to the buffer in http_msg
|
|
- MAJOR: http: make http_msg->sol relative to buffer's origin
|
|
- MEDIUM: http: http_send_name_header: remove references to msg and buffer
|
|
- MEDIUM: http: remove buffer arg in a few header manipulation functions
|
|
- MEDIUM: http: remove buffer arg in http_capture_bad_message
|
|
- MEDIUM: http: remove buffer arg in http_msg_analyzer
|
|
- MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10
|
|
- MEDIUM: http: remove buffer arg in http_buffer_heavy_realign
|
|
- MEDIUM: http: remove buffer arg in chunk parsing functions
|
|
- MINOR: http: remove useless wrapping checks in http_msg_analyzer
|
|
- MEDIUM: buffers: fix unsafe use of buffer_ignore at some places
|
|
- MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls
|
|
- MEDIUM: buffers: implement b_adv() to advance a buffer's pointer
|
|
- MEDIUM: buffers: rename a number of buffer management functions
|
|
- MEDIUM: http: add a prefetch function for ACL pattern fetch
|
|
- MEDIUM: http: make all ACL fetch function use acl_prefetch_http()
|
|
- BUG/MINOR: http_auth: ACLs are volatile, not permanent
|
|
- MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies
|
|
- MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr()
|
|
- MEDIUM: add a new typed argument list parsing framework
|
|
- MAJOR: acl: make use of the new argument parsing framework
|
|
- MAJOR: acl: store the ACL argument types in the ACL keyword declaration
|
|
- MEDIUM: acl: acl_find_target() now resolves arguments based on their types
|
|
- MAJOR: acl: make acl_find_targets also resolve proxy names at config time
|
|
- MAJOR: acl: ensure that implicit table and proxies are valid
|
|
- MEDIUM: acl: remove unused tests for missing args when args are mandatory
|
|
- MEDIUM: pattern: replace type pattern_arg with type arg
|
|
- MEDIUM: pattern: get rid of arg_i in all functions making use of arguments
|
|
- MEDIUM: pattern: use the standard arg parser
|
|
- MEDIUM: pattern: add an argument validation callback to pattern descriptors
|
|
- MEDIUM: pattern: report the precise argument parsing error when known.
|
|
- MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag
|
|
- MINOR: pattern: add a new 'sample' type to store fetched data
|
|
- MEDIUM: pattern: add new sample types to replace pattern types
|
|
- MAJOR: acl: make use of the new sample struct and get rid of acl_test
|
|
- MEDIUM: pattern/acl: get rid of temp_pattern in ACLs
|
|
- MEDIUM: acl: get rid of the SET_RES flags
|
|
- MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE
|
|
- MINOR: pattern: replace struct pattern with struct sample
|
|
- MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere
|
|
- MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description
|
|
- MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down
|
|
- MEDIUM: acl: replace acl_expr with args in acl fetch_* functions
|
|
- MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie
|
|
- MEDIUM: acl/pattern: use the same direction scheme
|
|
- MEDIUM: acl/pattern: start merging common sample fetch functions
|
|
- MEDIUM: pattern: ensure that sample types always cast into other types.
|
|
- MEDIUM: acl/pattern: factor out the src/dst address fetches
|
|
- MEDIUM: acl: implement payload and payload_lv
|
|
- CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer
|
|
- MINOR: stick_table: centralize the handling of empty keys
|
|
- MINOR: pattern: centralize handling of unstable data in pattern_process()
|
|
- MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version
|
|
- MINOR: acl: set SMP_OPT_ITERATE on fetch functions
|
|
- MINOR: acl: add a val_args field to keywords
|
|
- MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs
|
|
- MEDIUM: http: merge acl and pattern header fetch functions
|
|
- MEDIUM: http: merge ACL and pattern cookie fetches into a single one
|
|
- MEDIUM: acl: report parsing errors to the caller
|
|
- MINOR: arg: improve error reporting on invalid arguments
|
|
- MINOR: acl: report errors encountered when loading patterns from files
|
|
- MEDIUM: acl: extend the pattern parsers to report meaningful errors
|
|
- REORG: use the name "sample" instead of "pattern" to designate extracted data
|
|
- REORG: rename "pattern" files
|
|
- MINOR: acl: add types to ACL patterns
|
|
- MINOR: standard: add an IPv6 parsing function (str62net)
|
|
- MEDIUM: acl: support IPv6 address matching
|
|
- REORG: stream_interface: create a struct sock_ops to hold socket operations
|
|
- REORG/MEDIUM: move protocol->{read,write} to sock_ops
|
|
- REORG/MEDIUM: stream_interface: initialize socket ops from descriptors
|
|
- REORG/MEDIUM: replace stream interface protocol functions by a proto pointer
|
|
- REORG/MEDIUM: move the default accept function from sockstream to protocols.c
|
|
- MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods
|
|
- BUG/MINOR: http: error snapshots are wrong if buffer wraps
|
|
- BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p
|
|
- MEDIUM: http: improve error capture reports
|
|
- MINOR: acl: add the cook_val() match to match a cookie against an integer
|
|
- BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs
|
|
- MEDIUM: memory: add the ability to poison memory at run time
|
|
- BUG/MEDIUM: log: ensure that unique_id is properly initialized
|
|
- MINOR: cfgparse: use a common errmsg pointer for all parsers
|
|
- MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors
|
|
- MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords
|
|
- MINOR: http: replace http_message_realign() with buffer_slow_realign()
|
|
|
|
2012/03/26 : 1.5-dev8
|
|
- MINOR: patch for minor typo (ressources/resources)
|
|
- MEDIUM: http: add support for sending the server's name in the outgoing request
|
|
- DOC: mention that default checks are TCP connections
|
|
- BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified
|
|
- CLEANUP: Make check_statuses, analyze_statuses and process_chk static
|
|
- CLEANUP: Fix HCHK spelling errors
|
|
- BUG/MINOR: fix typo in processing of http-send-name-header
|
|
- MEDIUM: log: Use linked lists for loggers
|
|
- BUILD: fix declaration inside a scope block
|
|
- REORG: log: split send_log function
|
|
- MINOR: config: Parse the string of the log-format config keyword
|
|
- MINOR: add ultoa, ulltoa, ltoa, lltoa implementations
|
|
- MINOR: Date and time fonctions that don't use snprintf
|
|
- MEDIUM: log: make http_sess_log use log_format
|
|
- DOC: log-format documentation
|
|
- MEDIUM: log: use log_format for mode tcplog
|
|
- MEDIUM: log-format: backend source address %Bi %Bp
|
|
- BUG/MINOR: log-format: fix %o flag
|
|
- BUG/MEDIUM: bad length in log_format and __send_log
|
|
- MINOR: logformat %st is signed
|
|
- BUILD/MINOR: fix the source URL in the spec file
|
|
- DOC: acl is http_first_req, not http_req_first
|
|
- BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces
|
|
- MINOR: acl: add new matches for header/path/url length
|
|
- BUILD: halog: make halog build on solaris
|
|
- BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports
|
|
- MINOR: remove the client/server side distinction in SI addresses
|
|
- MINOR: halog: add support for matching queued requests
|
|
- DOC: indicate that cookie "prefix" and "indirect" should not be mixed
|
|
- OPTIM/MINOR: move struct sockaddr_storage to the tail of structs
|
|
- OPTIM/MINOR: make it possible to change pipe size (tune.pipesize)
|
|
- BUILD/MINOR: silent a build warning in src/pipe.c (fcntl)
|
|
- OPTIM/MINOR: move the hdr_idx pools out of the proxy struct
|
|
- MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers
|
|
- BUG/MINOR: fix a segfault when parsing a config with undeclared peers
|
|
- CLEANUP: rename possibly confusing struct field "tracked"
|
|
- BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use
|
|
- MINOR: config: tolerate server "cookie" setting in non-HTTP mode
|
|
- MEDIUM: buffers: add some new primitives and rework existing ones
|
|
- BUG: buffers: don't return a negative value on buffer_total_space_res()
|
|
- MINOR: buffers: make buffer_pointer() support negative pointers too
|
|
- CLEANUP: kill buffer_replace() and use an inline instead
|
|
- BUG: tcp: option nolinger does not work on backends
|
|
- CLEANUP: ebtree: remove a few annoying signedness warnings
|
|
- CLEANUP: ebtree: clarify licence and update to 6.0.6
|
|
- CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code
|
|
- CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code
|
|
- BUG: ebtree: ebst_lookup() could return the wrong entry
|
|
- OPTIM: stream_sock: reduce the amount of in-flight spliced data
|
|
- OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN
|
|
- MINOR: acl: add support for TLS server name matching using SNI
|
|
- BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests
|
|
- BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown
|
|
- MINOR: pattern: export the global temporary pattern
|
|
- CLEANUP: patterns: get rid of pattern_data_setstring()
|
|
- MEDIUM: acl: use temp_pattern to store fetched information in the "method" match
|
|
- MINOR: acl: include pattern.h to make pattern migration more transparent
|
|
- MEDIUM: pattern: change the pattern data integer from unsigned to signed
|
|
- MEDIUM: acl: use temp_pattern to store any integer-type information
|
|
- MEDIUM: acl: use temp_pattern to store any address-type information
|
|
- CLEANUP: acl: integer part of acl_test is not used anymore
|
|
- MEDIUM: acl: use temp_pattern to store any string-type information
|
|
- CLEANUP: acl: remove last data fields from the acl_test struct
|
|
- MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr()
|
|
- MEDIUM: patterns: the hdr() pattern is now of type string
|
|
- DOC: add minimal documentation on how ACLs work internally
|
|
- DOC: add a coding-style file
|
|
- OPTIM: halog: keep a fast path for the lines-count only
|
|
- CLEANUP: silence a warning when building on sparc
|
|
- BUG: http: tighten the list of allowed characters in a URI
|
|
- MEDIUM: http: block non-ASCII characters in URIs by default
|
|
- DOC: add some documentation from RFC3986 about URI format
|
|
- BUG/MINOR: cli: correctly remove the whole table on "clear table"
|
|
- BUG/MEDIUM: correctly disable servers tracking another disabled servers.
|
|
- BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
|
|
- MINOR: halog: add some help on the command line
|
|
- BUILD: fix build error on FreeBSD
|
|
- BUG: fix double free in peers config error path
|
|
- MEDIUM: improve config check return codes
|
|
- BUILD: make it possible to look for pcre in the default system paths
|
|
- MINOR: config: emit a warning when 'default_backend' masks servers
|
|
- MINOR: backend: rework the LC definition to support other connection-based algos
|
|
- MEDIUM: backend: add the 'first' balancing algorithm
|
|
- BUG: fix httplog trailing LF
|
|
- MEDIUM: increase chunk-size limit to 2GB-1
|
|
- BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
|
|
- BUG: http: disable TCP delayed ACKs when forwarding content-length data
|
|
- BUG: checks: fix server maintenance exit sequence
|
|
- BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes
|
|
- DOC: enumerate valid status codes for "observe layer7"
|
|
- MINOR: buffer: switch a number of buffer args to const
|
|
- CLEANUP: silence signedness warning in acl.c
|
|
- BUG: stream_sock: si->release was not called upon shutw()
|
|
- MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie
|
|
- BUG/CRITICAL: log: fix risk of crash in development snapshot
|
|
- BUG/MAJOR: possible crash when using capture headers on TCP frontends
|
|
- MINOR: config: disable header captures in TCP mode and complain
|
|
|
|
2011/09/10 : 1.5-dev7
|
|
- [BUG] fix binary stick-tables
|
|
- [MINOR] http: *_dom matching header functions now also split on ":"
|
|
- [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
|
|
- [MINOR] acl: add srv_conn acl to count connections on a specific backend server
|
|
- [MINOR] check: add redis check support
|
|
- [DOC] small fixes to clearly distinguish between keyword and variables
|
|
- [MINOR] halog: add support for termination code matching (-tcn/-TCN)
|
|
- [DOC] Minor spelling fixes and grammatical enhancements
|
|
- [CLEANUP] dumpstats: make symbols static where possible
|
|
- [MINOR] Break out dumping table
|
|
- [MINOR] Break out processing of clear table
|
|
- [MINOR] Allow listing of stick table by key
|
|
- [MINOR] Break out all stick table socat command parsing
|
|
- [MINOR] More flexible clearing of stick table
|
|
- [MINOR] Allow showing and clearing by key of ipv6 stick tables
|
|
- [MINOR] Allow showing and clearing by key of integer stick tables
|
|
- [MINOR] Allow showing and clearing by key of string stick tables
|
|
- [CLEANUP] Remove assigned but unused variables
|
|
- [CLEANUP] peers.h: fix declarations
|
|
- [CLEANUP] session.c: Make functions static where possible
|
|
- [MINOR] Add active connection list to server
|
|
- [MINOR] Allow shutdown of sessions when a server becomes unavailable
|
|
- [MINOR] Add down termination condition
|
|
- [MINOR] Make appsess{,ion}_refresh static
|
|
- [MINOR] Add rdp_cookie pattern fetch function
|
|
- [CLEANUP] Remove unnecessary casts
|
|
- [MINOR] Add non-stick server option
|
|
- [MINOR] Consistently use error in tcp_parse_tcp_req()
|
|
- [MINOR] Consistently free expr on error in cfg_parse_listen()
|
|
- [MINOR] Free rdp_cookie_name on denint()
|
|
- [MINOR] Free tcp rules on denint()
|
|
- [MINOR] Free stick table pool on denint()
|
|
- [MINOR] Free stick rules on denint()
|
|
- [MEDIUM] Fix stick-table replication on soft-restart
|
|
- [MEDIUM] Correct ipmask() logic
|
|
- [MINOR] Correct type in table dump examples
|
|
- [MINOR] Fix build error in stream_int_register_handler()
|
|
- [MINOR] Use DPRINTF in assign_server()
|
|
- [BUG] checks: http-check expect could fail a check on multi-packet responses
|
|
- [DOC] fix minor typo in the "dispatch" doc
|
|
- [BUG] proto_tcp: fix address binding on remote source
|
|
- [MINOR] http: don't report the "haproxy" word on the monitoring response
|
|
- [REORG] http: move HTTP error codes back to proto_http.h
|
|
- [MINOR] http: make the "HTTP 200" status code configurable.
|
|
- [MINOR] http: partially revert the chunking optimization for now
|
|
- [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer
|
|
- [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test
|
|
- [MEDIUM] http: add support for "http-no-delay"
|
|
- [OPTIM] http: optimize chunking again in non-interactive mode
|
|
- [OPTIM] stream_sock: avoid fast-forwarding of partial data
|
|
- [OPTIM] stream_sock: don't use splice on too small payloads
|
|
- [MINOR] config: make it possible to specify a cookie even without a server
|
|
- [BUG] stats: support url-encoded forms
|
|
- [MINOR] config: automatically compute a default fullconn value
|
|
- [CLEANUP] config: remove some left-over printf debugging code from previous patch
|
|
- [DOC] add missing entry or stick store-response
|
|
- [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns
|
|
- [BUG] halog: correctly handle truncated last line
|
|
- [MINOR] halog: make SKIP_CHAR stop on field delimiters
|
|
- [MINOR] halog: add support for HTTP log matching (-H)
|
|
- [MINOR] halog: gain back performance before SKIP_CHAR fix
|
|
- [OPTIM] halog: cache some common fields positions
|
|
- [OPTIM] halog: check once for correct line format and reuse the pointer
|
|
- [OPTIM] halog: remove many 'if' by using a function pointer for the filters
|
|
- [OPTIM] halog: remove support for tab delimiters in input data
|
|
- [BUG] session: risk of crash on out of memory (1.5-dev regression)
|
|
- [MINOR] session: try to emit a 500 response on memory allocation errors
|
|
- [OPTIM] stream_sock: reduce the default number of accepted connections at once
|
|
- [BUG] stream_sock: disable listener when system resources are exhausted
|
|
- [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c
|
|
- [BUG] stream_sock: ensure orphan listeners don't accept too many connections
|
|
- [MINOR] listeners: add listen_full() to mark a listener full
|
|
- [MINOR] listeners: add support for queueing resource limited listeners
|
|
- [MEDIUM] listeners: put listeners in queue upon resource shortage
|
|
- [MEDIUM] listeners: queue proxy-bound listeners at the proxy's
|
|
- [MEDIUM] listeners: don't stop proxies when global maxconn is reached
|
|
- [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies
|
|
- [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN)
|
|
- [MINOR] stats: report a "WAITING" state for sockets waiting for resource
|
|
- [MINOR] proxy: make session rate-limit more accurate
|
|
- [MINOR] sessions: only wake waiting listeners up if rate limit is OK
|
|
- [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies
|
|
- [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop
|
|
- [MINOR] task: new function task_schedule() to schedule a wake up
|
|
- [MAJOR] proxy: finally get rid of maintain_proxies()
|
|
- [BUG] proxy: stats frontend and peers were missing many initializers
|
|
- [MEDIUM] listeners: add a global listener management task
|
|
- [MINOR] proxy: make findproxy() return proxies from numeric IDs too
|
|
- [DOC] fix typos, "#" is a sharp, not a dash
|
|
- [MEDIUM] stats: add support for changing frontend's maxconn at runtime
|
|
- [MEDIUM] checks: group health checks methods by values and save option bits
|
|
- [MINOR] session-counters: add the ability to clear the counters
|
|
- [BUG] check: http-check expect + regex would crash in defaults section
|
|
- [MEDIUM] http: make x-forwarded-for addition conditional
|
|
- [REORG] build: move syscall redefinition to specific places
|
|
- [CLEANUP] update the year in the copyright banner
|
|
- [BUG] possible crash in 'show table' on stats socket
|
|
- [BUG] checks: use the correct destination port for sending checks
|
|
- [BUG] backend: risk of picking a wrong port when mapping is used with crossed families
|
|
- [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches
|
|
- [DOC] fixed a few "sensible" -> "sensitive" errors
|
|
- [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop()
|
|
- [BUG] http: trailing white spaces must also be trimmed after headers
|
|
- [MINOR] stats: display "<NONE>" instead of the frontend name when unknown
|
|
- [MINOR] http: take a capture of too large requests and responses
|
|
- [MINOR] http: take a capture of truncated responses
|
|
- [MINOR] http: take a capture of bad content-lengths.
|
|
- [DOC] add a few old and uncommitted docs
|
|
- [CLEANUP] cfgparse: fix reported options for the "bind" keyword
|
|
- [MINOR] halog: add -hs/-HS to filter by HTTP status code range
|
|
- [MINOR] halog: support backslash-escaped quotes
|
|
- [CLEANUP] remove dirty left-over of a debugging message
|
|
- [MEDIUM] stats: disable complex socket reservation for stats socket
|
|
- [CLEANUP] remove a useless test in manage_global_listener_queue()
|
|
- [MEDIUM] stats: add the "set maxconn" setting to the command line interface
|
|
- [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate.
|
|
- [MINOR] stats: report the current and max global connection rates
|
|
- [MEDIUM] stats: add the ability to adjust the global maxconnrate
|
|
- [BUG] peers: don't pre-allocate 65000 connections to each peer
|
|
- [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate
|
|
- [BUG] peers: the peer frontend must not emit any log
|
|
- [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs
|
|
- [BUG] peers: don't keep a peers section which has a NULL frontend
|
|
- [BUG] peers: ensure the peers are resumed if they were paused
|
|
- [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime
|
|
- [MEDIUM] session: make session_shutdown() an independant function
|
|
- [MEDIUM] stats: offer the possibility to kill a session from the CLI
|
|
- [CLEANUP] stats: centralize tests for backend/server inputs on the CLI
|
|
- [MEDIUM] stats: offer the possibility to kill sessions by server
|
|
- [MINOR] halog: do not consider byte 0x8A as end of line
|
|
- [MINOR] frontend: ensure debug message length is always initialized
|
|
- [OPTIM] halog: make fgets parse more bytes by blocks
|
|
- [OPTIM] halog: add assembly version of the field lookup code
|
|
- [MEDIUM] poll: add a measurement of idle vs work time
|
|
- [CLEANUP] startup: report only the basename in the usage message
|
|
- [MINOR] startup: add an option to change to a new directory
|
|
- [OPTIM] task: don't scan the run queue if we know it's empty
|
|
- [BUILD] stats: stdint is not present on solaris
|
|
- [DOC] update the README file to reflect new naming rules for patches
|
|
- [MINOR] stats: report the number of requests intercepted by the frontend
|
|
- [DOC] update ROADMAP file
|
|
|
|
2011/04/08 : 1.5-dev6
|
|
- [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage
|
|
- [BUG] TCP source tracking was broken with IPv6 changes
|
|
- [BUG] stick-tables did not work when converting IPv6 to IPv4
|
|
- [CRITICAL] fix risk of crash when dealing with space in response cookies
|
|
|
|
2011/03/29 : 1.5-dev5
|
|
- [BUG] standard: is_addr return value for IPv4 was inverted
|
|
- [MINOR] update comment about IPv6 support for server
|
|
- [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail
|
|
- [DOC] update IPv6 support for bind
|
|
- [DOC] document IPv6 support for server
|
|
- [DOC] fix a minor typo
|
|
- [MEDIUM] IPv6 support for syslog
|
|
- [DOC] document IPv6 support for syslog
|
|
- [MEDIUM] IPv6 support for stick-tables
|
|
- [DOC] document IPv6 support for stick-tables
|
|
- [DOC] update ROADMAP file
|
|
- [BUG] session: src_conn_cur was returning src_conn_cnt instead
|
|
- [MINOR] frontend: add a make_proxy_line function
|
|
- [MEDIUM] stream_sock: add support for sending the proxy protocol header line
|
|
- [MEDIUM] server: add support for the "send-proxy" option
|
|
- [DOC] update the spec on the proxy protocol
|
|
- [BUILD] proto_tcp: fix build issue with CTTPROXY
|
|
- [DOC] update ROADMAP file
|
|
- [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses
|
|
- [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range
|
|
- [BUILD] add the USE_GETADDRINFO build option
|
|
- [TESTS] provide a test case for various address formats
|
|
- [BUG] session: conn_retries was not always initialized
|
|
- [BUG] log: retrieve the target from the session, not the SI
|
|
- [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2)
|
|
- [MINOR] tools: add two macros MID_RANGE and MAX_RANGE
|
|
- [BUG] http: fix content-length handling on 32-bit platforms
|
|
- [OPTIM] buffers: uninline buffer_forward()
|
|
- [BUG] stream_sock: fix handling for server side PROXY protocol
|
|
- [MINOR] acl: add support for table_cnt and table_avl matches
|
|
- [DOC] update ROADMAP file
|
|
|
|
2011/03/13 : 1.5-dev4
|
|
- [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation.
|
|
- [MINOR] unix sockets : inherits the backlog size from the listener
|
|
- [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener()
|
|
- [DOC] fix a minor typo
|
|
- [DOC] fix ignore-persist documentation
|
|
- [MINOR] add warnings on features not compatible with multi-process mode
|
|
- [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode
|
|
- [MINOR] stats: add support for several packets in stats admin
|
|
- [BUG] stats: admin commands must check the proxy state
|
|
- [BUG] stats: admin web interface must check the proxy state
|
|
- [MINOR] http: add pattern extraction method to stick on query string parameter
|
|
- [MEDIUM] add internal support for IPv6 server addresses
|
|
- [MINOR] acl: add be_id/srv_id to match backend's and server's id
|
|
- [MINOR] log: add support for passing the forwarded hostname
|
|
- [MINOR] log: ability to override the syslog tag
|
|
- [MINOR] checks: add PostgreSQL health check
|
|
- [DOC] update ROADMAP file
|
|
- [BUILD] pattern: use 'int' instead of 'int32_t'
|
|
- [OPTIM] linux: add support for bypassing libc to force using vsyscalls
|
|
- [BUG] debug: report the correct poller list in verbose mode
|
|
- [BUG] capture: do not capture a cookie if there is no memory left
|
|
- [BUG] appsession: fix possible double free in case of out of memory
|
|
- [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process
|
|
- [BUG] http: correctly update the header list when removing two consecutive headers
|
|
- [BUILD] add the CPU=native and ARCH=32/64 build options
|
|
- [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4
|
|
- [CLEANUP] hash: move the avalanche hash code globally available
|
|
- [MEDIUM] hash: add support for an 'avalanche' hash-type
|
|
- [DOC] update roadmap file
|
|
- [BUG] http: do not re-enable the PROXY analyser on keep-alive
|
|
- [OPTIM] http: don't send each chunk in a separate packet
|
|
- [DOC] fix minor typos reported recently in the peers section
|
|
- [DOC] fix another typo in the doc
|
|
- [MINOR] stats: report HTTP message state and buffer flags in error dumps
|
|
- [BUG] http chunking: don't report a parsing error on connection errors
|
|
- [BUG] stream_interface: truncate buffers when sending error messages
|
|
- [MINOR] http: support wrapping messages in error captures
|
|
- [MINOR] http: capture incorrectly chunked message bodies
|
|
- [MINOR] stats: add global event ID and count
|
|
- [BUG] http: analyser optimizations broke pipelining
|
|
- [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets
|
|
- [BUG] http: fix incorrect error reporting during data transfers
|
|
- [CRITICAL] session: correctly leave turn-around and queue states on abort
|
|
- [BUG] session: release slot before processing pending connections
|
|
- [MINOR] tcp: add support for dynamic MSS setting
|
|
- [BUG] stick-table: correctly terminate string keys during lookups
|
|
- [BUG] acl: fix handling of empty lines in pattern files
|
|
- [BUG] stick-table: use the private buffer when padding strings
|
|
- [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys
|
|
- [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop
|
|
- [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len
|
|
- [REVERT] undo the stick-table string key lookup fixes
|
|
- [MINOR] http: improve url_param pattern extraction to ignore empty values
|
|
- [BUILD] frontend: shut a warning with TCP_MAXSEG
|
|
- [BUG] http: update the header list's tail when removing the last header
|
|
- [DOC] fix minor typo in the proxy protocol doc
|
|
- [DOC] fix typos (http-request instead of http-check)
|
|
- [BUG] http: use correct ACL pointer when evaluating authentication
|
|
- [BUG] cfgparse: correctly count one socket per port in ranges
|
|
- [BUG] startup: set the rlimits before binding ports, not after.
|
|
- [BUG] acl: srv_id must return no match when the server is NULL
|
|
- [MINOR] acl: add ability to check for internal response-only parameters
|
|
- [MINOR] acl: srv_id is only valid in responses
|
|
- [MINOR] config: warn if response-only conditions are used in "redirect" rules
|
|
- [BUG] acl: fd leak when reading patterns from file
|
|
- [DOC] fix minor typo in "usesrc"
|
|
- [BUG] http: fix possible incorrect forwarded wrapping chunk size
|
|
- [BUG] http: fix computation of message body length after forwarding has started
|
|
- [BUG] http: balance url_param did not work with first parameters on POST
|
|
- [TESTS] update the url_param regression test to test check_post too
|
|
- [DOC] update ROADMAP
|
|
- [DOC] internal: reflect the fact that SI_ST_ASS is transient
|
|
- [BUG] config: don't crash on empty pattern files.
|
|
- [MINOR] stream_interface: make use of an applet descriptor for IO handlers
|
|
- [REORG] stream_interface: move the st0, st1 and private members to the applet
|
|
- [REORG] stream_interface: split the struct members in 3 parts
|
|
- [REORG] session: move client and server address to the stream interface
|
|
- [REORG] tcp: make tcpv4_connect_server() take the target address from the SI
|
|
- [MEDIUM] stream_interface: store the target pointer and type
|
|
- [CLEANUP] stream_interface: remove the applet.handler pointer
|
|
- [MEDIUM] log: take the logged server name from the stream interface
|
|
- [CLEANUP] session: remove data_source from struct session
|
|
- [CLEANUP] stats: make all dump functions only rely on the stream interface
|
|
- [REORG] session: move the data_ctx struct to the stream interface's applet
|
|
- [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode
|
|
- [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy
|
|
- [MINOR] session: add a pointer to the new target into the session
|
|
- [MEDIUM] session: remove s->prev_srv which is not needed anymore
|
|
- [CLEANUP] stream_interface: use inline functions to manipulate targets
|
|
- [MAJOR] session: remove the ->srv pointer from struct session
|
|
- [MEDIUM] stats: split frontend and backend stats
|
|
- [MEDIUM] http: always evaluate http-request rules before stats http-request
|
|
- [REORG] http: move the http-request rules to proto_http
|
|
- [BUG] http: stats were not incremented on http-request deny
|
|
- [MINOR] checks: report it if checks fail due to socket creation error
|
|
|
|
2010/11/11 : 1.5-dev3
|
|
- [DOC] fix http-request documentation
|
|
- [MEDIUM] enable/disable servers from the stats web interface
|
|
- [MEDIUM] stats: add an admin level
|
|
- [DOC] stats: document the "stats admin" statement
|
|
- [MINOR] startup: print the proxy socket which caused an error
|
|
- [CLEANUP] Remove unneeded chars allocation
|
|
- [MINOR] config: detect options not supported due to compilation options
|
|
- [MINOR] Add pattern's fetchs payload and payload_lv
|
|
- [MINOR] frontend: improve accept-proxy header parsing
|
|
- [MINOR] frontend: add tcpv6 support on accept-proxy bind
|
|
- [MEDIUM] Enhance message errors management on binds
|
|
- [MINOR] Manage unix socket source field on logs
|
|
- [MINOR] Manage unix socket source field on session dump on sock stats
|
|
- [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c
|
|
- [MINOR] Add some tests on sockets family for port remapping and mode transparent.
|
|
- [MINOR] Manage socket type unix for some logs
|
|
- [MINOR] Enhance controls of socket's family on acls and pattern fetch
|
|
- [MINOR] Support listener's sockets unix on http logs.
|
|
- [MEDIUM] Add supports of bind on unix sockets.
|
|
- [BUG] stick table purge failure if size less than 255
|
|
- [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter
|
|
- [MEDIUM] Implement tcp inspect response rules
|
|
- [DOC] tcp-response content and inspect
|
|
- [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type
|
|
- [DOC] acls rep_ssl_hello and req_ssl_hello
|
|
- [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated.
|
|
- [DOC] new type binary in stick-table
|
|
- [DOC] stick store-response and new patterns payload and payload_lv
|
|
- [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command
|
|
- [MEDIUM] Create updates tree on stick table to manage sync.
|
|
- [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management
|
|
- [MEDIUM] Manage peers section parsing and stick table registration on peers.
|
|
- [MEDIUM] Manage soft stop on peers proxy
|
|
- [DOC] add documentation for peers section
|
|
- [MINOR] checks: add support for LDAPv3 health checks
|
|
- [MINOR] add better support to "mysql-check"
|
|
- [BUG] Restore info about available active/backup servers
|
|
- [CONTRIB] Update haproxy.pl
|
|
- [CONTRIB] Update Cacti Tempates
|
|
- [CONTRIB] add templates for Cacti.
|
|
- [BUG] http: don't consider commas as a header delimitor within quotes
|
|
- [MINOR] support a global jobs counter
|
|
- [DOC] add a summary about cookie incompatibilities between specs and browsers
|
|
- [DOC] fix description of cookie "insert" and "indirect" modes
|
|
- [MEDIUM] http: fix space handling in the request cookie parser
|
|
- [MEDIUM] http: fix space handling in the response cookie parser
|
|
- [DOC] fix typo in the queue() definition (backend, not frontend)
|
|
- [BUG] deinit: unbind listeners before freeing them
|
|
- [BUG] stream_interface: only call si->release when both dirs are closed
|
|
- [MEDIUM] buffers: rework the functions to exchange between SI and buffers
|
|
- [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend)
|
|
- [MINOR] halog: add '-tc' to sort by termination codes
|
|
- [MINOR] halog: skip non-traffic logs for -st and -tc
|
|
- [BUG] stream_sock: cleanly disable the listener in case of resource shortage
|
|
- [BUILD] stream_sock: previous fix lacked the #include, causing a warning.
|
|
- [DOC] bind option is "defer-accept", not "defer_accept"
|
|
- [DOC] missing index entry for http-check send-state
|
|
- [DOC] tcp-request inspect-delay is for backends too
|
|
- [BUG] ebtree: string_equal_bits() could return garbage on identical strings
|
|
- [BUG] stream_sock: try to flush any extra pending request data after a POST
|
|
- [BUILD] proto_http: eliminate some build warnings with gcc-2.95
|
|
- [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose
|
|
- [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full
|
|
- [MEDIUM] checks: add support for HTTP contents lookup
|
|
- [TESTS] add test-check-expect to test various http-check methods
|
|
- [MINOR] global: add "tune.chksize" to change the default check buffer size
|
|
- [MINOR] cookie: add options "maxidle" and "maxlife"
|
|
- [MEDIUM] cookie: support client cookies with some contents appended to their value
|
|
- [MINOR] http: make some room in the transaction flags to extend cookies
|
|
- [MINOR] cookie: add the expired (E) and old (O) flags for request cookies
|
|
- [MEDIUM] cookie: reassign set-cookie status flags to store more states
|
|
- [MINOR] add encode/decode function for 30-bit integers from/to base64
|
|
- [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies
|
|
- [MEDIUM] cookie: set the date in the cookie if needed
|
|
- [DOC] document the cookie maxidle and maxlife parameters
|
|
- [BUG] checks: don't log backend down for all zero-weight servers
|
|
- [MEDIUM] checks: set server state to one state from failure when leaving maintenance
|
|
- [BUG] config: report correct keywords for "observe"
|
|
- [MINOR] checks: ensure that we can inherit binary checks from the defaults section
|
|
- [MINOR] acl: add the http_req_first match
|
|
- [DOC] fix typos about bind-process syntax
|
|
- [BUG] cookie: correctly unset default cookie parameters
|
|
- [MINOR] cookie: add support for the "preserve" option
|
|
- [BUG] ebtree: fix duplicate strings insertion
|
|
- [CONTRIB] halog: report per-url counts, errors and times
|
|
- [CONTRIB] halog: minor speed improvement in timer parser
|
|
- [MINOR] buffers: add a new request analyser flag for PROXY mode
|
|
- [MINOR] listener: add the "accept-proxy" option to the "bind" keyword
|
|
- [MINOR] standard: add read_uint() to parse a delimited unsigned integer
|
|
- [MINOR] standard: change arg type from const char* to char*
|
|
- [MINOR] frontend: add a new analyser to parse a proxied connection
|
|
- [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections
|
|
- [DOC] add the proxy protocol's specifications
|
|
- [DOC] document the 'accept-proxy' bind option
|
|
- [MINOR] cfgparse: report support of <path> for the 'bind' statements
|
|
- [DOC] add references to unix socket handling
|
|
- [MINOR] move MAXPATHLEN definition to compat.h
|
|
- [MEDIUM] unix sockets: cleanup the error reporting path
|
|
- [BUG] session: don't stop forwarding of data upon last packet
|
|
- [CLEANUP] accept: replace some inappropriate Alert() calls with send_log()
|
|
- [BUILD] peers: shut a printf format warning (key_size is a size_t)
|
|
- [BUG] accept: don't close twice upon error
|
|
- [OPTIM] session: don't recheck analysers when buffer flags have not changed
|
|
- [OPTIM] stream_sock: don't clear FDs that are already cleared
|
|
- [BUG] proto_tcp: potential bug on pattern fetch dst and dport
|
|
|
|
2010/08/28 : 1.5-dev2
|
|
- [MINOR] startup: release unused structs after forking
|
|
- [MINOR] startup: don't wait for nothing when no old pid remains
|
|
- [CLEANUP] reference product branch 1.5
|
|
- [MEDIUM] signals: add support for registering functions and tasks
|
|
- [MEDIUM] signals: support redistribution of signal zero when stopping
|
|
- [BUG] http: don't set auto_close if more data are expected
|
|
|
|
2010/08/25 : 1.5-dev1
|
|
- [BUG] stats: session rate limit gets garbaged in the stats
|
|
- [DOC] mention 'option http-server-close' effect in Tq section
|
|
- [DOC] summarize and highlight persistent connections behaviour
|
|
- [DOC] add configuration samples
|
|
- [BUG] http: dispatch and http_proxy modes were broken for a long time
|
|
- [BUG] http: the transaction must be initialized even in TCP mode
|
|
- [BUG] tcp: dropped connections must be counted as "denied" not "failed"
|
|
- [BUG] consistent hash: balance on all servers, not only 2 !
|
|
- [CONTRIB] halog: report per-server status codes, errors and response times
|
|
- [BUG] http: the transaction must be initialized even in TCP mode (part 2)
|
|
- [BUG] client: always ensure to zero rep->analysers
|
|
- [BUG] session: clear BF_READ_ATTACHED before next I/O
|
|
- [BUG] http: automatically close response if req is aborted
|
|
- [BUG] proxy: connection rate limiting was eating lots of CPU
|
|
- [BUG] http: report correct flags in case of client aborts during body
|
|
- [TESTS] refine non-regression tests and add 4 new tests
|
|
- [BUG] debug: wrong pointer was used to report a status line
|
|
- [BUG] debug: correctly report truncated messages
|
|
- [DOC] document the "dispatch" keyword
|
|
- [BUG] stick_table: fix possible memory leak in case of connection error
|
|
- [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents
|
|
- [MINOR] accept: count the incoming connection earlier
|
|
- [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp
|
|
- [CLEANUP] client: move some ACLs away to their respective locations
|
|
- [CLEANUP] rename client -> frontend
|
|
- [MEDIUM] separate protocol-level accept() from the frontend's
|
|
- [MINOR] proxy: add a list to hold future layer 4 rules
|
|
- [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject)
|
|
- [MEDIUM] tcp: check for pure layer4 rules immediately after accept()
|
|
- [OPTIM] frontend: tell the compiler that errors are unlikely to occur
|
|
- [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener
|
|
- [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set
|
|
- [CLEANUP] buffer->cto is not used anymore
|
|
- [MEDIUM] session: finish session establishment sequence in with I/O handlers
|
|
- [MEDIUM] session: initialize server-side timeouts after connect()
|
|
- [MEDIUM] backend: initialize the server stream_interface upon connect()
|
|
- [MAJOR] frontend: don't initialize the server-side stream_int anymore
|
|
- [MEDIUM] session: move the conn_retries attribute to the stream interface
|
|
- [MEDIUM] session: don't assign conn_retries upon accept() anymore
|
|
- [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR
|
|
- [MAJOR] frontend: reorder the session initialization upon accept
|
|
- [MINOR] proxy: add an accept() callback for the application layer
|
|
- [MAJOR] frontend: split accept() into frontend_accept() and session_accept()
|
|
- [MEDIUM] stats: rely on the standard session_accept() function
|
|
- [MINOR] buffer: refine the flags that may wake an analyser up.
|
|
- [MINOR] stream_sock: don't dereference a non-existing frontend
|
|
- [MINOR] session: differenciate between accepted connections and received connections
|
|
- [MEDIUM] frontend: count the incoming connection earlier
|
|
- [MINOR] frontend: count denied TCP requests separately
|
|
- [CLEANUP] stick_table: add/clarify some comments
|
|
- [BUILD] memory: add a few missing parenthesis to the pool management macros
|
|
- [MINOR] stick_table: add support for variable-sized data
|
|
- [CLEANUP] stick_table: rename some stksess struct members to avoid confusion
|
|
- [CLEANUP] stick_table: move pattern to key functions to stick_table.c
|
|
- [MEDIUM] stick_table: add room for extra data types
|
|
- [MINOR] stick_table: add support for "conn_cum" data type.
|
|
- [MEDIUM] stick_table: don't overwrite data when storing an entry
|
|
- [MINOR] config: initialize stick tables after all the parsing
|
|
- [MINOR] stick_table: provide functions to return stksess data from a type
|
|
- [MEDIUM] stick_table: move the server ID to a generic data type
|
|
- [MINOR] stick_table: enable it for frontends too
|
|
- [MINOR] stick_table: export the stick_table_key
|
|
- [MINOR] tcp: add per-source connection rate limiting
|
|
- [MEDIUM] stick_table: separate storage and update of session entries
|
|
- [MEDIUM] stick-tables: add a reference counter to each entry
|
|
- [MINOR] session: add a pointer to the tracked counters for the source
|
|
- [CLEANUP] proto_tcp: make the config parser a little bit more flexible
|
|
- [BUG] config: report the correct proxy type in tcp-request errors
|
|
- [MINOR] config: provide a function to quote args in a more friendly way
|
|
- [BUG] stick_table: the fix for the memory leak caused a regression
|
|
- [MEDIUM] backend: support servers on 0.0.0.0
|
|
- [BUG] stick-table: correctly refresh expiration timers
|
|
- [MEDIUM] stream-interface: add a ->release callback
|
|
- [MINOR] proxy: add a "parent" member to the structure
|
|
- [MEDIUM] session: make it possible to call an I/O handler on both SI
|
|
- [MINOR] tools: add a fast div64_32 function
|
|
- [MINOR] freq_ctr: add new types and functions for periods different from 1s
|
|
- [MINOR] errors: provide new status codes for config parsing functions
|
|
- [BUG] http: denied requests must not be counted as denied resps in listeners
|
|
- [MINOR] tools: add a get_std_op() function to parse operators
|
|
- [MEDIUM] acl: make use of get_std_op() to parse intger ranges
|
|
- [MAJOR] stream_sock: better wakeup conditions on read()
|
|
- [BUG] session: analysers must be checked when SI state changes
|
|
- [MINOR] http: reset analysers to listener's, not frontend's
|
|
- [MEDIUM] session: support "tcp-request content" rules in backends
|
|
- [BUILD] always match official tags when doing git-tar
|
|
- [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers
|
|
- [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks
|
|
- [MINOR] tcp: src_count acl does not have a permanent result
|
|
- [MAJOR] session: add track-counters to track counters related to the session
|
|
- [MINOR] stick-table: provide a table lookup function
|
|
- [MINOR] stick-table: use suffix "_cnt" for cumulated counts
|
|
- [MEDIUM] session: move counter ACL fetches from proto_tcp
|
|
- [MEDIUM] session: add concurrent connections counter
|
|
- [MEDIUM] session: add data in and out volume counters
|
|
- [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts
|
|
- [MEDIUM] session-counters: automatically update tracked connection count
|
|
- [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection
|
|
- [MINOR] session: add trk_kbytes_* ACL keywords to track data size
|
|
- [MEDIUM] session: add a counter on the cumulated number of sessions
|
|
- [MINOR] config: support a comma-separated list of store data types in stick-table
|
|
- [MEDIUM] stick-tables: add support for arguments to data_types
|
|
- [MEDIUM] stick-tables: add stored data argument type checking
|
|
- [MEDIUM] session counters: add conn_rate and sess_rate counters
|
|
- [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters
|
|
- [MINOR] stktable: add a stktable_update_key() function
|
|
- [MINOR] session-counters: add a general purpose counter (gpc0)
|
|
- [MEDIUM] session-counters: add HTTP req/err tracking
|
|
- [MEDIUM] stats: add "show table [<name>]" to dump a stick-table
|
|
- [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries
|
|
- [CLEANUP] stick-table: declare stktable_data_types as extern
|
|
- [MEDIUM] stick-table: make use of generic types for stored data
|
|
- [MINOR] stats: correctly report errors on "show table" and "clear table"
|
|
- [MEDIUM] stats: add the ability to dump table entries matching criteria
|
|
- [DOC] configuration: document all the new tracked counters
|
|
- [DOC] stats: document "show table" and "clear table"
|
|
- [MAJOR] session-counters: split FE and BE track counters
|
|
- [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules
|
|
- [MEDIUM] session counters: automatically remove expired entries.
|
|
- [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection"
|
|
- [MEDIUM] session-counters: make it possible to count connections from frontend
|
|
- [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters"
|
|
- [MEDIUM] session-counters: correctly unbind the counters tracked by the backend
|
|
- [CLEANUP] stats: use stksess_kill() to remove table entries
|
|
- [DOC] update the references to session counters and to tcp-request connection
|
|
- [DOC] cleanup: split a few long lines
|
|
- [MEDIUM] http: forward client's close when abortonclose is set
|
|
- [BUG] queue: don't dequeue proxy-global requests on disabled servers
|
|
- [BUG] stats: global stats timeout may be specified before stats socket.
|
|
- [BUG] conf: add tcp-request content rules to the correct list
|
|
|
|
2010/05/23 : 1.5-dev0
|
|
- exact copy of 1.4.6
|
|
|
|
2010/05/16 : 1.4.6
|
|
- [BUILD] ebtree: update to v6.0.1 to remove references to dprintf()
|
|
- [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test
|
|
- [MINOR] acl: add srv_is_up() to check that a specific server is up or not
|
|
- [DOC] add a few precisions about the use of RDP cookies
|
|
|
|
2010/05/13 : 1.4.5
|
|
- [DOC] report minimum kernel version for tproxy in the Makefile
|
|
- [MINOR] add the "ignore-persist" option to conditionally ignore persistence
|
|
- [DOC] add the "ignore-persist" option to conditionally ignore persistence
|
|
- [DOC] fix ignore-persist/force-persist documentation
|
|
- [BUG] cttproxy: socket fd leakage in check_cttproxy_version
|
|
- [DOC] doc/configuration.txt: fix typos
|
|
- [MINOR] option http-pretend-keepalive is both for FEs and BEs
|
|
- [MINOR] fix possible crash in debug mode with invalid responses
|
|
- [MINOR] halog: add support for statisticts on status codes
|
|
- [OPTIM] halog: use a faster zero test in fgets()
|
|
- [OPTIM] halog: minor speedup by using unlikely()
|
|
- [OPTIM] halog: speed up fgets2-64 by about 10%
|
|
- [DOC] refresh the README file and merge the CONTRIB file into it
|
|
- [MINOR] acl: support loading values from files
|
|
- [MEDIUM] ebtree: upgrade to version 6.0
|
|
- [MINOR] acl trees: add flags and union members to store values in trees
|
|
- [MEDIUM] acl: add ability to insert patterns in trees
|
|
- [MEDIUM] acl: add tree-based lookups of exact strings
|
|
- [MEDIUM] acl: add tree-based lookups of networks
|
|
- [MINOR] acl: ignore empty lines and comments in pattern files
|
|
- [MINOR] stick-tables: add support for "stick on hdr"
|
|
|
|
2010/04/07 : 1.4.4
|
|
- [BUG] appsession should match the whole cookie name
|
|
- [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag
|
|
- [MEDIUM] backend: move the transparent proxy address selection to backend
|
|
- [MINOR] add very fast IP parsing functions
|
|
- [MINOR] add new tproxy flags for dynamic source address binding
|
|
- [MEDIUM] add ability to connect to a server from an IP found in a header
|
|
- [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY
|
|
- [MINOR] http: make it possible to pretend keep-alive when doing close
|
|
- [MINOR] config: report "default-server" instead of "(null)" in error messages
|
|
|
|
2010/03/30 : 1.4.3
|
|
- [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer()
|
|
- [MEDIUM] session: better fix for connection to servers with closed input
|
|
- [DOC] indicate in the doc how to bind to port ranges
|
|
- [BUG] backend: L7 hashing must not be performed on incomplete requests
|
|
- [TESTS] add a simple program to test connection resets
|
|
- [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used
|
|
- [MINOR] config: emit warnings when HTTP-only options are used in TCP mode
|
|
- [MINOR] config: allow "slowstart 0s"
|
|
- [BUILD] 'make tags' did not consider files ending in '.c'
|
|
- [MINOR] checks: add the ability to disable a server in the config
|
|
|
|
2010/03/17 : 1.4.2
|
|
- [CLEANUP] product branch update
|
|
- [DOC] Some more documentation cleanups
|
|
- [BUG] clf logs segfault when capturing a non existant header
|
|
- [OPTIM] config: only allocate check buffer when checks are enabled
|
|
- [MEDIUM] checks: support multi-packet health check responses
|
|
- [CLEANUP] session: remove duplicate test
|
|
- [BUG] http: don't wait for response data to leave buffer is client has left
|
|
- [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time
|
|
- [MINOR] stats: don't send empty lines in "show errors"
|
|
- [MINOR] stats: make the data dump function reusable for other purposes
|
|
- [MINOR] stats socket: add show sess <id> to dump details about a session
|
|
- [BUG] stats: connection reset counters must be plain ascii, not HTML
|
|
- [BUG] url_param hash may return a down server
|
|
- [MINOR] force null-termination of hostname
|
|
- [MEDIUM] connect to servers even when the input has already been closed
|
|
- [BUG] don't merge anonymous ACLs !
|
|
- [BUG] config: fix endless loop when parsing "on-error"
|
|
- [MINOR] http: don't mark a server as failed when it returns 501/505
|
|
- [OPTIM] checks: try to detect the end of response without polling again
|
|
- [BUG] checks: don't report an error when recv() returns an error after data
|
|
- [BUG] checks: don't abort when second poll returns an error
|
|
- [MINOR] checks: make shutdown() silently fail
|
|
- [BUG] http: fix truncated responses on chunk encoding when size divides buffer size
|
|
- [BUG] init: unconditionally catch SIGPIPE
|
|
- [BUG] checks: don't wait for a close to start parsing the response
|
|
|
|
2010/03/04 : 1.4.1
|
|
- [BUG] Clear-cookie path issue
|
|
- [DOC] fix typo on stickiness rules
|
|
- [BUILD] fix BSD and OSX makefiles for missing files
|
|
- [BUILD] includes order breaks OpenBSD build
|
|
- [BUILD] fix some build warnings on Solaris with is* macros
|
|
- [BUG] logs: don't report "last data" when we have just closed after an error
|
|
- [BUG] logs: don't report "proxy request" when server closes early
|
|
- [BUILD] fix platform-dependant build issues related to crypt()
|
|
- [STATS] count transfer aborts caused by client and by server
|
|
- [STATS] frontend requests were not accounted for failed requests
|
|
- [MINOR] report total number of processed connections when stopping a proxy
|
|
- [DOC] be more clear about the limitation to one single monitor-net entry
|
|
|
|
2010/02/26 : 1.4.0
|
|
- [MINOR] stats: report maint state for tracking servers too
|
|
- [DOC] fix summary to add pattern extraction
|
|
- [DOC] Documentation cleanups
|
|
- [BUG] cfgparse memory leak and missing free calls in deinit()
|
|
- [BUG] pxid/puid/luid: don't shift IDs when some of them are forced
|
|
- [EXAMPLES] add auth.cfg
|
|
- [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008
|
|
- [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once
|
|
- [BUILD] auth: don't use unnamed unions
|
|
- [BUG] config: report unresolvable host names as errors
|
|
- [BUILD] fix build breakage with DEBUG_FULL
|
|
- [DOC] fix a typo about timeout check and clarify the explanation.
|
|
- [MEDIUM] http: don't use trash to realign large buffers
|
|
- [STATS] report HTTP requests (total and rate) in frontends
|
|
- [STATS] separate frontend and backend HTTP stats
|
|
- [MEDIUM] http: revert to use a swap buffer for realignment
|
|
- [MINOR] stats: report the request rate in frontends as cell titles
|
|
- [MINOR] stats: mark areas with an underline when tooltips are available
|
|
- [DOC] reorder some entries to maintain the alphabetical order
|
|
- [DOC] cleanup of the keyword matrix
|
|
|
|
2010/02/02 : 1.4-rc1
|
|
- [MEDIUM] add a maintenance mode to servers
|
|
- [MINOR] http-auth: last fix was wrong
|
|
- [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table.
|
|
- [MINOR] Base64 decode
|
|
- [MINOR] generic auth support with groups and encrypted passwords
|
|
- [MINOR] add ACL_TEST_F_NULL_MATCH
|
|
- [MINOR] http-request: allow/deny/auth support for frontend/backend/listen
|
|
- [MINOR] acl: add http_auth and http_auth_group
|
|
- [MAJOR] use the new auth framework for http stats
|
|
- [DOC] add info about userlists, http-request and http_auth/http_auth_group acls
|
|
- [STATS] make it possible to change a CLI connection timeout
|
|
- [BUG] patterns: copy-paste typo in type conversion arguments
|
|
- [MINOR] pattern: make the converter more flexible by supporting void* and int args
|
|
- [MINOR] standard: str2mask: string to netmask converter
|
|
- [MINOR] pattern: add support for argument parsers for converters
|
|
- [MINOR] pattern: add the "ipmask()" converting function
|
|
- [MINOR] config: off-by-one in "stick-table" after list of converters
|
|
- [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy
|
|
- [BUG] restore accidentely removed line in last patch !
|
|
- [MINOR] checks: make the HTTP check code add the CRLF itself
|
|
- [MINOR] checks: add the server's status in the checks
|
|
- [BUILD] halog: make without arch-specific optimizations
|
|
- [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit fe362fe4762151d209b9656639ee1651bc2b329d)
|
|
- [MINOR] http: disable keep-alive when process is going down
|
|
- [MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config
|
|
- [CLEANUP] config: use build_acl_cond() instead of parse_acl_cond()
|
|
- [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs
|
|
- [MINOR] prepare req_*/rsp_* to receive a condition
|
|
- [CLEANUP] config: specify correct const char types to warnif_* functions
|
|
- [MEDIUM] config: factor out the parsing of 20 req*/rsp* keywords
|
|
- [MEDIUM] http: make the request filter loop check for optional conditions
|
|
- [MEDIUM] http: add support for conditional request filter execution
|
|
- [DOC] add some build info about the AIX platform (cherry picked from commit e41914c77edbc40aebf827b37542d37d758e371e)
|
|
- [MEDIUM] http: add support for conditional request header addition
|
|
- [MEDIUM] http: add support for conditional response header rewriting
|
|
- [DOC] add some missing ACLs about response header matching
|
|
- [MEDIUM] http: add support for proxy authentication
|
|
- [MINOR] http-auth: make the 'unless' keyword work as expected
|
|
- [CLEANUP] config: use build_acl_cond() to simplify http-request ACL parsing
|
|
- [MEDIUM] add support for anonymous ACLs
|
|
- [MEDIUM] http: switch to tunnel mode after status 101 responses
|
|
- [MEDIUM] http: stricter processing of the CONNECT method
|
|
- [BUG] config: reset check request to avoid double free when switching to ssl/sql
|
|
- [MINOR] config: fix too large ssl-hello-check message.
|
|
- [BUG] fix error response in case of server error
|
|
|
|
2010/01/25 : 1.4-dev8
|
|
- [CLEANUP] Keep in sync "defaults" support between documentation and code
|
|
- [MEDIUM] http: add support for Proxy-Connection header
|
|
- [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry
|
|
- [MINOR] http: remove a copy-paste typo in transaction cleaning
|
|
- [BUG] http: trim any excess buffer data when recycling a connection
|
|
|
|
2010/01/25 : 1.4-dev7
|
|
- [BUG] appsession: possible memory leak in case of out of memory condition
|
|
- [MINOR] config: don't accept 'appsession' in defaults section
|
|
- [MINOR] Add function to parse a size in configuration
|
|
- [MEDIUM] Add stick table (persistence) management functions and types
|
|
- [MEDIUM] Add pattern fetch management types and functions
|
|
- [MEDIUM] Add src dst and dport pattern fetches.
|
|
- [MEDIUM] Add stick table configuration and init.
|
|
- [MEDIUM] Add stick and store rules analysers.
|
|
- [MINOR] add option "mysql-check" to use MySQL health checks
|
|
- [BUG] health checks: fix requeued message
|
|
- [OPTIM] remove SSP_O_VIA and SSP_O_STATUS
|
|
- [BUG] checks: fix newline termination
|
|
- [MINOR] acl: add fe_id/so_id to match frontend's and socket's id
|
|
- [BUG] appsession's sessid must be reset at end of transaction
|
|
- [BUILD] appsession did not build anymore under gcc-2.95
|
|
- [BUG] server redirection used an uninitialized string.
|
|
- [MEDIUM] http: fix handling of message pointers
|
|
- [MINOR] http: fix double slash prefix with server redirect
|
|
- [MINOR] http redirect: add the ability to append a '/' to the URL
|
|
- [BUG] stream_interface: fix retnclose and remove cond_close
|
|
- [MINOR] http redirect: don't explicitly state keep-alive on 1.1
|
|
- [MINOR] http: move appsession 'sessid' from session to http_txn
|
|
- [OPTIM] reorder http_txn to optimize cache lines placement
|
|
- [MINOR] http: differentiate waiting for new request and waiting for a complete requst
|
|
- [MINOR] http: add a separate "http-keep-alive" timeout
|
|
- [MINOR] config: remove undocumented and buggy 'timeout appsession'
|
|
- [DOC] fix various too large lines
|
|
- [DOC] remove several trailing spaces
|
|
- [DOC] add the doc about stickiness
|
|
- [BUILD] remove a warning in standard.h on AIX
|
|
- [BUG] checks: chars are unsigned on AIX, check was always true
|
|
- [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv()
|
|
- [BUG] check: we must not check for error before reading a response
|
|
- [BUG] buffers: remove remains of wrong obsolete length check
|
|
- [OPTIM] stream_sock: don't shutdown(write) when the socket is in error
|
|
- [BUG] http: don't count req errors on client resets or t/o during keep-alive
|
|
- [MEDIUM] http: don't switch to tunnel mode upon close
|
|
- [DOC] add documentation about connection header processing
|
|
- [MINOR] http: add http_remove_header2() to remove a header value.
|
|
- [MINOR] tools: add a "word_match()" function to match words and ignore spaces
|
|
- [MAJOR] http: rework request Connection header handling
|
|
- [MAJOR] http: rework response Connection header handling
|
|
- [MINOR] add the ability to force kernel socket buffer size.
|
|
- [BUG] http_server_error() must not purge a previous pending response
|
|
- [OPTIM] http: don't delay response if next request is incomplete
|
|
- [MINOR] add the "force-persist" statement to force persistence on down servers
|
|
- [MINOR] http: logs must report persistent connections to down servers
|
|
- [BUG] buffer_replace2 must never change the ->w entry
|
|
|
|
2010/01/08 : 1.4-dev6
|
|
- [BUILD] warning in stream_interface.h
|
|
- [BUILD] warning ultoa_r returns char *
|
|
- [MINOR] hana: only report stats if it is enabled
|
|
- [MINOR] stats: add "a link" & "a href" for sockets
|
|
- [MINOR]: stats: add show-legends to report additional informations
|
|
- [MEDIUM] default-server support
|
|
- [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list
|
|
- [MINOR] stats: add href to tracked server
|
|
- [BUG] stats: show UP/DOWN status also in tracking servers
|
|
- [DOC] Restore ability to search a keyword at the beginning of a line
|
|
- [BUG] stats: cookie should be reported under backend not under proxy
|
|
- [BUG] cfgparser/stats: fix error message
|
|
- [BUG] http: disable auto-closing during chunk analysis
|
|
- [BUG] http: fix hopefully last closing issue on data forwarding
|
|
- [DEBUG] add an http_silent_debug function to debug HTTP states
|
|
- [MAJOR] http: fix again the forward analysers
|
|
- [BUG] http_process_res_common() must not skip the forward analyser
|
|
- [BUG] http: some possible missed close remain in the forward chain
|
|
- [BUG] http: redirect needed to be updated after recent changes
|
|
- [BUG] http: don't set no-linger on response in case of forced close
|
|
- [MEDIUM] http: restore the original behaviour of option httpclose
|
|
- [TESTS] add a file to test various connection modes
|
|
- [BUG] http: check options before the connection header
|
|
- [MAJOR] session: fix the order by which the analysers are run
|
|
- [MEDIUM] session: also consider request analysers added during response
|
|
- [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags
|
|
- [BUG] http: memory leak with captures when using keep-alive
|
|
- [BUG] http: fix for capture memory leak was incorrect
|
|
- [MINOR] http redirect: use proper call to return last response
|
|
- [MEDIUM] http: wait for some flush of the response buffer before a new request
|
|
- [MEDIUM] session: limit the number of analyser loops
|
|
|
|
2010/01/03 : 1.4-dev5
|
|
- [MINOR] server tracking: don't care about the tracked server's mode
|
|
- [MEDIUM] appsession: add "len", "prefix" and "mode" options
|
|
- [MEDIUM] appsession: add the "request-learn" option
|
|
- [BUG] Configuration parser bug when escaping characters
|
|
- [MINOR] CSS & HTML fun
|
|
- [MINOR] Collect & provide http response codes received from servers
|
|
- [BUG] Fix silly typo: hspr_other -> hrsp_other
|
|
- [MINOR] Add "a name" to stats page
|
|
- [MINOR] add additional "a href"s to stats page
|
|
- [MINOR] Collect & provide http response codes for frontends, fix backends
|
|
- [DOC] some small spell fixes and unifications
|
|
- [MEDIUM] Decrease server health based on http responses / events, version 3
|
|
- [BUG] format '%d' expects type 'int', but argument 5 has type 'long int'
|
|
- [BUG] config: fix erroneous check on cookie domain names, again
|
|
- [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately
|
|
- [DOC] trivial fix for man page
|
|
- [MINOR] config: report all supported options for the "bind" keyword
|
|
- [MINOR] tcp: add support for the defer_accept bind option
|
|
- [MINOR] unix socket: report the socket path in case of bind error
|
|
- [CONTRIB] halog: support searching by response time
|
|
- [DOC] add a reminder about obsolete documents
|
|
- [DOC] point to 1.4 doc, not 1.3
|
|
- [DOC] option tcp-smart-connect was missing from index
|
|
- [MINOR] http: detect connection: close earlier
|
|
- [CLEANUP] sepoll: clean up the fd_clr/fd_set functions
|
|
- [OPTIM] move some rarely used fields out of fdtab
|
|
- [MEDIUM] fd: merge fd_list into fdtab
|
|
- [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required
|
|
- [MINOR] http: add new transaction flags for keep-alive and content-length
|
|
- [MEDIUM] http request: parse connection, content-length and transfer-encoding
|
|
- [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite
|
|
- [MINOR] http request: simplify the test of no-data
|
|
- [MEDIUM] http request: simplify POST length detection
|
|
- [MEDIUM] http request: make use of pre-parsed transfer-encoding header
|
|
- [MAJOR] http: create the analyser which waits for a response
|
|
- [MINOR] http: pre-set the persistent flags in the transaction
|
|
- [MEDIUM] http response: check body length and set transaction flags
|
|
- [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite
|
|
- [MINOR] http: remove the last call to stream_int_return
|
|
- [IMPORT] import ebtree v5.0 into directory ebtree/
|
|
- [MEDIUM] build: switch ebtree users to use new ebtree version
|
|
- [CLEANUP] ebtree: remove old unused files
|
|
- [BUG] definitely fix regparm issues between haproxy core and ebtree
|
|
- [CLEANUP] ebtree: cast to char * to get rid of gcc warning
|
|
- [BUILD] missing #ifndef in ebmbtree.h
|
|
- [BUILD] missing #ifndef in ebsttree.h
|
|
- [MINOR] tools: add hex2i() function to convert hex char to int
|
|
- [MINOR] http: create new MSG_BODY sub-states
|
|
- [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms
|
|
- [DOC] option is "defer-accept", not "defer_accept"
|
|
- [MINOR] http: keep pointer to beginning of data
|
|
- [BUG] x-original-to: name was not set in default instance
|
|
- [MINOR] http: detect tunnel mode and set it in the session
|
|
- [BUG] config: fix error message when config file is not found
|
|
- [BUG] config: fix wrong handling of too large argument count
|
|
- [BUG] config: disable 'option httplog' on TCP proxies
|
|
- [BUG] config: fix erroneous check on cookie domain names
|
|
- [BUG] config: cookie domain was ignored in defaults sections
|
|
- [MINOR] config: support passing multiple "domain" statements to cookies
|
|
- [MINOR] ebtree: add functions to lookup non-null terminated strings
|
|
- [MINOR] config: don't report error on all subsequent files on failure
|
|
- [BUG] second fix for the printf format warning
|
|
- [BUG] check_post: limit analysis to the buffer length
|
|
- [MEDIUM] http: process request body in a specific analyser
|
|
- [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post()
|
|
- [MAJOR] http: completely process the "connection" header
|
|
- [MINOR] http: only consider chunk encoding with HTTP/1.1
|
|
- [MAJOR] buffers: automatically compute the maximum buffer length
|
|
- [MINOR] http: move the http transaction init/cleanup code to proto_http
|
|
- [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs
|
|
- [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE
|
|
- [MEDIUM] http: rework chunk-size parser
|
|
- [MEDIUM] http: add a new transaction flags indicating if we know the transfer length
|
|
- [MINOR] buffers: add buffer_ignore() to skip some bytes
|
|
- [BUG] http: offsets are relative to the buffer, not to ->som
|
|
- [MEDIUM] http: automatically re-aling request buffer
|
|
- [BUG] http: body parsing must consider the start of message
|
|
- [MINOR] new function stream_int_cond_close()
|
|
- [MAJOR] http: implement body parser
|
|
- [BUG] http: typos on several unlikely() around header insertion
|
|
- [BUG] stream_sock: wrong max computation on recv
|
|
- [MEDIUM] http: rework the buffer alignment logic
|
|
- [BUG] buffers: wrong size calculation for displaced data
|
|
- [MINOR] stream_sock: prepare for closing when all pending data are sent
|
|
- [MEDIUM] http: add two more states for the closing period
|
|
- [MEDIUM] http: properly handle "option forceclose"
|
|
- [MINOR] stream_sock: add SI_FL_NOLINGER for faster close
|
|
- [MEDIUM] http: make forceclose use SI_FL_NOLINGER
|
|
- [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts
|
|
- [MEDIUM] http: add some SI_FL_NOLINGER around server errors
|
|
- [MINOR] config: option forceclose is valid in frontends too
|
|
- [BUILD] halog: insufficient include path in makefile
|
|
- [MEDIUM] http: make the analyser not rely on msg being initialized anymore
|
|
- [MEDIUM] http: make the parsers able to wait for a buffer flush
|
|
- [MAJOR] http: add support for option http-server-close
|
|
- [BUG] http: ensure we abort data transfer on write error
|
|
- [BUG] last fix was overzealous and disabled server-close
|
|
- [BUG] http: fix erroneous trailers size computation
|
|
- [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data
|
|
- [OPTIM] http: set MSG_MORE on response when a pipelined request is pending
|
|
- [BUG] http: redirects were broken by chunk changes
|
|
- [BUG] http: the request URI pointer is relative to the buffer
|
|
- [OPTIM] http: don't immediately enable reading on request
|
|
- [MINOR] http: move redirect messages to HTTP/1.1 with a content-length
|
|
- [BUG] http: take care of errors, timeouts and aborts during the data phase
|
|
- [MINOR] http: don't wait for sending requests to the server
|
|
- [MINOR] http: make the conditional redirect support keep-alive
|
|
- [BUG] http: fix cookie parser to support spaces and commas in values
|
|
- [MINOR] config: some options were missing for "redirect"
|
|
- [MINOR] redirect: add support for unconditional rules
|
|
- [MINOR] config: centralize proxy struct initialization
|
|
- [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements
|
|
- [MEDIUM] config: remove the limitation of 10 config files
|
|
- [CLEANUP] http: remove a remaining impossible condition
|
|
- [OPTIM] http: optimize a bit the construct of the forward loops
|
|
|
|
2009/10/12 : 1.4-dev4
|
|
- [DOC] add missing rate_lim and rate_max
|
|
- [MAJOR] struct chunk rework
|
|
- [MEDIUM] Health check reporting code rework + health logging, v3
|
|
- [BUG] check if rise/fall has an argument and it is > 0
|
|
- [MINOR] health checks logging unification
|
|
- [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2
|
|
- [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname.
|
|
- [DOC] Add information about http://haproxy.1wt.eu/contrib.html
|
|
- [MINOR] Introduce include/types/counters.h
|
|
- [CLEANUP] Move counters to dedicated structures
|
|
- [MINOR] Add "clear counters" to clear statistics counters
|
|
- [MEDIUM] Collect & provide separate statistics for sockets, v2
|
|
- [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
|
|
- [MINOR] acl: don't report valid acls as potential mistakes
|
|
- [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim()
|
|
- [MINOR] Add chunk_htmlencode and chunk_asciiencode
|
|
- [MINOR] Capture & display more data from health checks, v2
|
|
- [BUG] task.c: don't assing last_timer to node-less entries
|
|
- [BUG] http stats: large outputs sometimes got some parts chopped off
|
|
- [MINOR] backend: export some functions to recount servers
|
|
- [MINOR] backend: uninline some LB functions
|
|
- [MINOR] include time.h from freq_ctr.h as is uses "now".
|
|
- [CLEANUP] backend: move LB algos to individual files
|
|
- [MINOR] lb_map: reorder code in order to ease integration of new hash functions
|
|
- [CLEANUP] proxy: move last lb-specific bits to their respective files
|
|
- [MINOR] backend: separate declarations of LB algos from their lookup method
|
|
- [MINOR] backend: reorganize the LB algorithm selection
|
|
- [MEDIUM] backend: introduce the "static-rr" LB algorithm
|
|
- [MINOR] report list of supported pollers with -vv
|
|
- [DOC] log-health-checks is an option, not a directive
|
|
- [MEDIUM] new option "independant-streams" to stop updating read timeout on writes
|
|
- [BUG] stats: don't call buffer_shutw(), but ->shutw() instead
|
|
- [MINOR] stats: strip CR and LF from the input command line
|
|
- [BUG] don't refresh timeouts late after detected activity
|
|
- [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk()
|
|
- [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk()
|
|
- [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk
|
|
- [MEDIUM] stats: don't use s->ana_state anymore
|
|
- [MINOR] remove now obsolete ana_state from the session struct
|
|
- [MEDIUM] stats: make HTTP stats use an I/O handler
|
|
- [MEDIUM] stream_int: adjust WAIT_ROOM handling
|
|
- [BUG] config: look for ID conflicts in all sockets, not only last ones.
|
|
- [MINOR] config: reference file and line with any listener/proxy/server declaration
|
|
- [MINOR] config: report places of duplicate names or IDs
|
|
- [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules
|
|
- [MINOR] tools: add a new get_next_id() function
|
|
- [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners
|
|
- [OPTIM] counters: move some max numbers to the counters struct
|
|
- [BUG] counters: fix segfault on missing counters for a listener
|
|
- [MEDIUM] backend: implement consistent hashing variation
|
|
- [MINOR] acl: add fe_conn, be_conn, queue, avg_queue
|
|
- [MINOR] stats: use 'clear counters all' to clear all values
|
|
- [MEDIUM] add access restrictions to the stats socket
|
|
- [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length
|
|
- [MINOR] proxy: provide function to retrieve backend/server pointers
|
|
- [MINOR] add the "initial weight" to the server struct.
|
|
- [MEDIUM] stats: add the "get weight" command to report a server's weight
|
|
- [MEDIUM] stats: add the "set weight" command
|
|
- [BUILD] add a 'make tags' target
|
|
- [MINOR] stats: add support for numeric IDs in set weight/get weight
|
|
- [MINOR] stats: use a dedicated state to output static data
|
|
- [OPTIM] stats: check free space before trying to print
|
|
|
|
2009/09/24 : 1.4-dev3
|
|
- [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD
|
|
- [MEDIUM] Collect & show information about last health check, v3
|
|
- [MINOR] export the hostname variable so that all the code can access it
|
|
- [MINOR] stats: add a new node-name setting
|
|
- [MEDIUM] remove old experimental tcpsplice option
|
|
- [BUILD] fix build for systems without SOL_TCP
|
|
- [MEDIUM] move connection establishment from backend to the SI.
|
|
- [MEDIUM] make the global stats socket part of a frontend
|
|
- [MEDIUM] session: account per-listener connections
|
|
- [MINOR] session: switch to established state if no connect function
|
|
- [MEDIUM] make the unix stats sockets use the generic session handler
|
|
- [CLEANUP] unix: remove uxst_process_session()
|
|
- [CLEANUP] move remaining stats sockets code to dumpstats
|
|
- [MINOR] move the initial task's nice value to the listener
|
|
- [MINOR] cleanup set_session_backend by using pre-computed analysers
|
|
- [MINOR] set s->srv_error according to the analysers
|
|
- [MEDIUM] set rep->analysers from fe and be analysers
|
|
- [MEDIUM] replace BUFSIZE with buf->size in computations
|
|
- [MEDIUM] make it possible to change the buffer size in the configuration
|
|
- [MEDIUM] report error on buffer writes larger than buffer size
|
|
- [MEDIUM] stream_interface: add and use ->update function to resync
|
|
- [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead
|
|
- [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead
|
|
- [BUG] tarpit did not work anymore
|
|
- [MINOR] acl: add support for hdr_ip to match IP addresses in headers
|
|
- [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag
|
|
- [MINOR] buffers: provide more functions to handle buffer data
|
|
- [MEDIUM] buffers: provide new buffer_feed*() function
|
|
- [MINOR] buffers: add peekchar and peekline functions for stream interfaces
|
|
- [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface
|
|
- [BUG] buffer_forward() would not correctly consider data already scheduled
|
|
- [MINOR] buffers: add buffer_cut_tail() to cut only unsent data
|
|
- [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors
|
|
- [MAJOR] http: add support for HTTP 1xx informational responses
|
|
- [MINOR] buffers: inline buffer_si_putchar()
|
|
- [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE
|
|
- [MAJOR] buffers: fix the BF_EMPTY flag's meaning
|
|
- [BUG] stream_interface: SI_ST_CLO must have buffers SHUT
|
|
- [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set
|
|
- [MEDIUM] add support for infinite forwarding
|
|
- [BUILD] stream_interface: fix conflicting declaration
|
|
- [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY
|
|
- [BUG] variable buffer size ignored at initialization time
|
|
- [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL
|
|
- [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds
|
|
- [MINOR] stream_interface: add SI_FL_DONT_WAKE flag
|
|
- [MINOR] stream_interface: add iohandler callback
|
|
- [MINOR] stream_interface: add functions to support running as internal/external tasks
|
|
- [MEDIUM] session: call iohandler for embedded tasks (applets)
|
|
- [MINOR] add a ->private member to the stream_interface
|
|
- [MEDIUM] stats: prepare the connection for closing before dumping
|
|
- [MEDIUM] stats: replace the stats socket analyser with an SI applet
|
|
|
|
2009/08/09 : 1.4-dev2
|
|
- [BUG] task: fix possible crash when some timeouts are not configured
|
|
- [BUG] log: option tcplog would log to global if no logger was defined
|
|
|
|
2009/07/29 : 1.4-dev1
|
|
- [MINOR] acl: add support for matching of RDP cookies
|
|
- [MEDIUM] add support for RDP cookie load-balancing
|
|
- [MEDIUM] add support for RDP cookie persistence
|
|
- [MINOR] add a new CLF log format
|
|
- [MINOR] startup: don't imply -q with -D
|
|
- [BUG] ensure that we correctly re-start old process in case of error
|
|
- [MEDIUM] add support for binding to source port ranges during connect
|
|
- [MINOR] config: track "no option"/"option" changes
|
|
- [MINOR] config: support resetting options do default values
|
|
- [MEDIUM] implement option tcp-smart-accept at the frontend
|
|
- [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux
|
|
- [MEDIUM] implement tcp-smart-connect option at the backend
|
|
- [MEDIUM] add support for TCP MSS adjustment for listeners
|
|
- [MEDIUM] support setting a server weight to zero
|
|
- [MINOR] make DEFAULT_MAXCONN user-configurable at build time
|
|
- [MAJOR] session: don't clear buffer status flags anymore
|
|
- [MAJOR] session: only check for timeouts when they have just occurred.
|
|
- [MAJOR] session: simplify buffer error handling
|
|
- [MEDIUM] config: split parser and checker in two functions
|
|
- [MEDIUM] config: support loading multiple configuration files
|
|
- [MEDIUM] stream_sock: don't close prematurely when nolinger is set
|
|
- [MEDIUM] session: rework buffer analysis to permit permanent analysers
|
|
- [MEDIUM] splice: set the capability on each stream_interface
|
|
- [BUG] http: redirect rules were processed too early
|
|
- [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define
|
|
- [MEDIUM] http: split request waiter from request processor
|
|
- [MEDIUM] session: tell analysers what bit they were called for
|
|
- [MAJOR] http: complete splitting of the remaining stages
|
|
- [MINOR] report in the proxies the requirements for ACLs
|
|
- [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx
|
|
- [MINOR] acl: add HTTP protocol detection (req_proto_http)
|
|
- [MINOR] prepare callers of session_set_backend to handle errors
|
|
- [BUG] default ACLs did not properly set the ->requires flag
|
|
- [MEDIUM] allow a TCP frontend to switch to an HTTP backend
|
|
- [MINOR] ensure we can jump from swiching rules to http without data
|
|
- [MINOR] http: take http request timeout from the backend
|
|
- [MINOR] allow TCP inspection rules to make use of HTTP ACLs
|
|
- [BUILD] report commit date and not author's date as build date
|
|
- [MINOR] acl: don't complain anymore when using L7 acls in TCP
|
|
- [BUG] stream_sock: always shutdown(SHUT_WR) before closing
|
|
- [BUG] stream_sock: don't stop reading when the poller reports an error
|
|
- [BUG] config: tcp-request content only accepts "if" or "unless"
|
|
- [BUG] task: fix possible timer drift after update
|
|
- [MINOR] apply tcp-smart-connect option for the checks too
|
|
- [MINOR] stats: better displaying in MSIE
|
|
- [MINOR] config: improve error reporting in global section
|
|
- [MINOR] config: improve error reporting in listen sections
|
|
- [MINOR] config: the "capture" keyword is not allowed in backends
|
|
- [MINOR] config: improve error reporting when checking configuration
|
|
- [BUILD] fix a minor build warning on AIX
|
|
- [BUILD] use "git cmd" instead of "git-cmd"
|
|
- [CLEANUP] report 2009 not 2008 in the copyright banner.
|
|
- [MINOR] print usage on the stats sockets upon invalid commands
|
|
- [MINOR] acl: detect and report potential mistakes in ACLs
|
|
- [BUILD] fix incorrect printf arg count with tcp_splice
|
|
- [BUG] fix random pauses on last segment of a series
|
|
- [BUILD] add support for build under Cygwin
|
|
|
|
2009/06/09 : 1.4-dev0
|
|
- exact copy of 1.3.18
|
|
|
|
2009/05/10 : 1.3.18
|
|
- [MEDIUM] add support for "balance hdr(name)"
|
|
- [CLEANUP] give a little bit more information in error message
|
|
- [MINOR] add X-Original-To: header
|
|
- [BUG] x-original-to: fix missing initialization to default value
|
|
- [BUILD] spec file: fix broken pipe during rpmbuild and add man file
|
|
- [MINOR] improve reporting of misplaced acl/reqxxx rules
|
|
- [MEDIUM] http: add options to ignore invalid header names
|
|
- [MEDIUM] http: capture invalid requests/responses even if accepted
|
|
- [BUILD] add format(printf) to printf-like functions
|
|
- [MINOR] fix several printf formats and missing arguments
|
|
- [BUG] stats: total and lbtot are unsigned
|
|
- [MINOR] fix a few remaining printf-like formats on 64-bit platforms
|
|
- [CLEANUP] remove unused make option from haproxy.spec
|
|
- [BUILD] make it possible to pass alternative arch at build time
|
|
- [MINOR] switch all stat counters to 64-bit
|
|
- [MEDIUM] ensure we don't recursively call pool_gc2()
|
|
- [CRITICAL] uninitialized response field can sometimes cause crashes
|
|
- [BUG] fix wrong pointer arithmetics in HTTP message captures
|
|
- [MINOR] rhel init script : support the reload operation
|
|
- [MINOR] add basic signal handling functions
|
|
- [BUILD] add signal.o to all makefiles
|
|
- [MEDIUM] call signal_process_queue from run_poll_loop
|
|
- [MEDIUM] pollers: don't wait if a signal is pending
|
|
- [MEDIUM] convert all signals to asynchronous signals
|
|
- [BUG] O(1) pollers should check their FD before closing it
|
|
- [MINOR] don't close stdio fds twice
|
|
- [MINOR] add options dontlog-normal and log-separate-errors
|
|
- [DOC] minor fixes and rearrangements
|
|
- [BUG] fix parser crash on unconditional tcp content rules
|
|
- [DOC] rearrange the configuration manual and add a summary
|
|
- [MINOR] standard: provide a new 'my_strndup' function
|
|
- [MINOR] implement per-logger log level limitation
|
|
- [MINOR] compute the max of sessions/s on fe/be/srv
|
|
- [MINOR] stats: report max sessions/s and limit in CSV export
|
|
- [MINOR] stats: report max sessions/s and limit in HTML stats
|
|
- [MINOR] stats/html: use the arial font before helvetica
|
|
|
|
2009/03/29 : 1.3.17
|
|
- Update specfile to build for v2.6 kernel.
|
|
- [BUG] reset the stream_interface connect timeout upon connect or error
|
|
- [BUG] reject unix accepts when connection limit is reached
|
|
- [MINOR] show sess: report number of calls to each task
|
|
- [BUG] don't call epoll_ctl() on closed sockets
|
|
- [BUG] stream_sock: disable I/O on fds reporting an error
|
|
- [MINOR] sepoll: don't count two events on the same FD.
|
|
- [MINOR] show sess: report a lot more information about sessions
|
|
- [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts
|
|
- [BUG] don't set an expiration date directly from now_ms
|
|
- [MINOR] implement ulltoh() to write HTML-formatted numbers
|
|
- [MINOR] stats/html: group digits by 3 to clarify numbers
|
|
- [BUILD] remove haproxy-small.spec
|
|
- [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND
|
|
|
|
2009/03/22 : 1.3.16
|
|
- [BUILD] Fixed Makefile for linking pcre
|
|
- [CONTRIB] selinux policy for haproxy
|
|
- [MINOR] show errors: encode backslash as well as non-ascii characters
|
|
- [MINOR] cfgparse: some cleanups in the consistency checks
|
|
- [MINOR] cfgparse: set backends to "balance roundrobin" by default
|
|
- [MINOR] tcp-inspect: permit the use of no-delay inspection
|
|
- [MEDIUM] reverse internal proxy declaration order to match configuration
|
|
- [CLEANUP] config: catch and report some possibly wrong rule ordering
|
|
- [BUG] connect timeout is in the stream interface, not the buffer
|
|
- [BUG] session: errors were not reported in termination flags in TCP mode
|
|
- [MINOR] tcp_request: let the caller take care of errors and timeouts
|
|
- [CLEANUP] http: remove some commented out obsolete code in process_response
|
|
- [MINOR] update ebtree to version 4.1
|
|
- [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1
|
|
- [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present
|
|
- [BUG] scheduler: fix improper handling of duplicates __task_queue()
|
|
- [MINOR] sched: permit a task to stay up between calls
|
|
- [MINOR] task: keep a task count and clean up task creators
|
|
- [MINOR] stats: report number of tasks (active and running)
|
|
- [BUG] server check intervals must not be null
|
|
- [OPTIM] stream_sock: don't retry to read after a large read
|
|
- [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates
|
|
- [MEDIUM] session: don't resync FSMs on non-interesting changes
|
|
- [BUG] check for global.maxconn before doing accept()
|
|
- [OPTIM] sepoll: do not re-check whole list upon accepts
|
|
|
|
2009/03/09 : 1.3.16-rc2
|
|
- [BUG] stream_sock: write timeout must be updated when forwarding !
|
|
|
|
2009/03/09 : 1.3.16-rc1
|
|
- appsessions: cleanup DEBUG_HASH and initialize request_counter
|
|
- [MINOR] acl: add new keyword "connslots"
|
|
- [MINOR] cfgparse: fix off-by 2 in error message size
|
|
- [BUILD] fix build with gcc 4.3
|
|
- [BUILD] fix MANDIR default location to match documentation
|
|
- [TESTS] add a debug patch to help trigger the stats bug
|
|
- [BUG] Flush buffers also where there are exactly 0 bytes left
|
|
- [MINOR] Allow to specify a domain for a cookie
|
|
- [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain)
|
|
- [MEDIUM] Fix memory freeing at exit
|
|
- [MEDIUM] Fix memory freeing at exit, part 2
|
|
- [BUG] Fix listen & more of 2 couples <ip>:<port>
|
|
- [DOC] remove buggy comment for use_backend
|
|
- [CRITICAL] fix server state tracking: it was O(n!) instead of O(n)
|
|
- [MEDIUM] add support for URI hash depth and length limits
|
|
- [MINOR] permit renaming of x-forwarded-for header
|
|
- [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface
|
|
- [BUILD] Haproxy won't compile if DEBUG_FULL is defined
|
|
- [MEDIUM] upgrade to ebtree v4.0
|
|
- [DOC] update the README file with new build options
|
|
- [MEDIUM] reduce risk of event starvation in ev_sepoll
|
|
- [MEDIUM] detect streaming buffers and tag them as such
|
|
- [MEDIUM] add support for conditional HTTP redirection
|
|
- [BUILD] make install should depend on haproxy not "all"
|
|
- [DEBUG] add a TRACE macro to facilitate runtime data extraction
|
|
- [BUG] event pollers must not wait if a task exists in the run queue
|
|
- [BUG] queue management: wake oldest request in queues
|
|
- [BUG] log: reported queue position was offed-by-one
|
|
- [BUG] fix the dequeuing logic to ensure that all requests get served
|
|
- [DOC] documentation for the "retries" parameter was missing.
|
|
- [MEDIUM] implement a monotonic internal clock
|
|
- [MEDIUM] further improve monotonic clock by check forward jumps
|
|
- [OPTIM] add branch prediction hints in list manipulations
|
|
- [MAJOR] replace ultree with ebtree in wait-queues
|
|
- [BUG] we could segfault during exit while freeing uri_auths
|
|
- [BUG] wqueue: perform proper timeout comparisons with wrapping values
|
|
- [MINOR] introduce now_ms, the current date in milliseconds
|
|
- [BUG] disable buffer read timeout when reading stats
|
|
- [MEDIUM] rework the wait queue mechanism
|
|
- [BUILD] change declaration of base64tab to fix build with Intel C++
|
|
- [OPTIM] shrink wake_expired_tasks() by using task_wakeup()
|
|
- [MAJOR] use an ebtree instead of a list for the run queue
|
|
- [MEDIUM] introduce task->nice and boot access to statistics
|
|
- [OPTIM] task_queue: assume most consecutive timers are equal
|
|
- [BUILD] silent a warning in unlikely() with gcc 4.x
|
|
- [MAJOR] convert all expiration timers from timeval to ticks
|
|
- [BUG] use_backend would not correctly consider "unless"
|
|
- [TESTS] added test-acl.cfg to test some ACL combinations
|
|
- [MEDIUM] add support for configuration keyword registration
|
|
- [MEDIUM] modularize the global "stats" keyword configuration parser
|
|
- [MINOR] cfgparse: add support for warnings in external functions
|
|
- [MEDIUM] modularize the "timeout" keyword configuration parser
|
|
- [MAJOR] implement tcp request content inspection
|
|
- [MINOR] acl: add a new parsing function: parse_dotted_ver
|
|
- [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version
|
|
- [CLEANUP] remove unused include/types/client.h
|
|
- [CLEANUP] remove many #include <types/xxx> from C files
|
|
- [CLEANUP] remove dependency on obsolete INTBITS macro
|
|
- [DOC] document the new "tcp-request" keyword and associated ACLs
|
|
- [MINOR] acl: add REQ_CONTENT to the list of default acls
|
|
- [MEDIUM] acl: permit fetch() functions to set the result themselves
|
|
- [MEDIUM] acl: get rid of dummy values in always_true/always_false
|
|
- [MINOR] acl: add the "wait_end" acl verb
|
|
- [MEDIUM] acl: enforce ACL type checking
|
|
- [MEDIUM] acl: set types on all currently known ACL verbs
|
|
- [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings
|
|
- [CLEANUP] remove 65 useless NULL checks before free
|
|
- [MEDIUM] memory: update pool_free2() to support NULL pointers
|
|
- [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns
|
|
- [MEDIUM] process_srv: rely on buffer flags for client shutdown
|
|
- [MEDIUM] process_srv: don't rely at all on client state
|
|
- [MEDIUM] process_cli: don't rely at all on server state
|
|
- [BUG] fix segfault with url_param + check_post
|
|
- [BUG] server timeout was not considered in some circumstances
|
|
- [BUG] client timeout incorrectly rearmed while waiting for server
|
|
- [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1)
|
|
- [MAJOR] get rid of SV_STANALYZE (step 2)
|
|
- [MEDIUM] simplify and centralize request timeout cancellation and request forwarding
|
|
- [MAJOR] completely separate HTTP and TCP states on the request path
|
|
- [BUG] fix recently introduced loop when client closes early
|
|
- [MAJOR] get rid of the SV_STHEADERS state
|
|
- [MAJOR] better separation of response processing and server state
|
|
- [MAJOR] clearly separate HTTP response processing from TCP server state
|
|
- [MEDIUM] remove unused references to {CL|SV}_STSHUT*
|
|
- [MINOR] term_trace: add better instrumentations to trace the code
|
|
- [BUG] ev_sepoll: closed file descriptors could persist in the spec list
|
|
- [BUG] process_response must not enable the read FD
|
|
- [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue
|
|
- [BUG] process_response: do not touch srv_state
|
|
- [BUG] maintain_proxies must not disable backends
|
|
- [CLEANUP] get rid of BF_SHUT*_PENDING
|
|
- [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l
|
|
- [MAJOR] process_session: rely only on buffer flags
|
|
- [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout
|
|
- [MEDIUM] centralize buffer timeout checks at the top of process_session
|
|
- [MINOR] ensure the termination flags are set by process_xxx
|
|
- [MEDIUM] session: move the analysis bit field to the buffer
|
|
- [OPTIM] process_cli/process_srv: reduce the number of tests
|
|
- [BUG] regparm is broken on gcc < 3
|
|
- [BUILD] fix warning in proto_tcp.c with gcc >= 4
|
|
- [MEDIUM] merge inspect_exp and txn->exp into request buffer
|
|
- [BUG] process_cli/process_srv: don't call shutdown when already done
|
|
- [BUG] process_request: HTTP body analysis must return zero if missing data
|
|
- [TESTS] test-fsm: 22 regression tests for state machines
|
|
- [BUG] Fix empty X-Forwarded-For header name when set in defaults section
|
|
- [BUG] fix harmless but wrong fd insertion sequence
|
|
- [MEDIUM] make it possible for analysers to follow the whole session
|
|
- [MAJOR] rework of the server FSM
|
|
- [OPTIM] remove useless fd_set(read) upon shutdown(write)
|
|
- [MEDIUM] massive cleanup of process_srv()
|
|
- [MEDIUM] second level of code cleanup for process_srv_data
|
|
- [MEDIUM] third cleanup and optimization of process_srv_data()
|
|
- [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts
|
|
- [MEDIUM] stream_sock_process_data moved to stream_sock.c
|
|
- [MAJOR] make the client side use stream_sock_process_data()
|
|
- [MEDIUM] split stream_sock_process_data
|
|
- [OPTIM] stream_sock_read must check for null-reads more often
|
|
- [MINOR] only call flow analysers when their read side is connected.
|
|
- [MEDIUM] reintroduce BF_HIJACK with produce_content
|
|
- [MINOR] re-arrange buffer flags and rename some of them
|
|
- [MINOR] do not check for BF_SHUTR when computing write timeout
|
|
- [OPTIM] ev_sepoll: detect newly created FDs and check them once
|
|
- [OPTIM] reduce the number of calls to task_wakeup()
|
|
- [OPTIM] force inlining of large functions with gcc >= 3
|
|
- [MEDIUM] indicate a reason for a task wakeup
|
|
- [MINOR] change type of fdtab[]->owner to void*
|
|
- [MAJOR] make stream sockets aware of the stream interface
|
|
- [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers
|
|
- [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT
|
|
- [MEDIUM] process_session: make use of the new buffer flags
|
|
- [CLEANUP] process_session: move debug outputs out of the critical loop
|
|
- [MEDIUM] move QUEUE and TAR timers to stream interfaces
|
|
- [OPTIM] add compiler hints in tick_is_expired()
|
|
- [MINOR] add buffer_check_timeouts() to check what timeouts have fired.
|
|
- [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts()
|
|
- [MINOR] add an expiration flag to the stream_sock_interface
|
|
- [MAJOR] migrate the connection logic to stream interface
|
|
- [MAJOR] add a connection error state to the stream_interface
|
|
- [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions
|
|
- [MEDIUM] continue layering cleanups.
|
|
- [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO
|
|
- [MEDIUM] remove stream_sock_update_data()
|
|
- [MINOR] maintain a global session list in order to ease debugging
|
|
- [BUG] shutw must imply close during a connect
|
|
- [MEDIUM] process shutw during connection attempt
|
|
- [MEDIUM] make the stream interface control the SHUT{R,W} bits
|
|
- [MAJOR] complete layer4/7 separation
|
|
- [CLEANUP] move the session-related functions to session.c
|
|
- [MINOR] call session->do_log() for logging
|
|
- [MINOR] replace the ambiguous client_return function by stream_int_return
|
|
- [MINOR] replace client_retnclose() with stream_int_retnclose()
|
|
- [MINOR] replace srv_close_with_err() with http_server_error()
|
|
- [MEDIUM] make the http server error function a pointer in the session
|
|
- [CLEANUP] session.c: removed some migration left-overs in sess_establish()
|
|
- [MINOR] stream_sock_data_finish() should not expose fd
|
|
- [MEDIUM] extract TCP request processing from HTTP
|
|
- [MEDIUM] extract the HTTP tarpit code from process_request().
|
|
- [MEDIUM] move the HTTP request body analyser out of process_request().
|
|
- [MEDIUM] rename process_request to http_process_request
|
|
- [BUG] fix forgotten server session counter
|
|
- [MINOR] declare process_session in session.h, not proto_http.h
|
|
- [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept()
|
|
- [MINOR] add an analyser code for UNIX stats request
|
|
- [MINOR] pre-set analyser flags on the listener at registration time
|
|
- [BUG] do not forward close from cons to prod with analysers
|
|
- [MEDIUM] ensure that sock->shutw() also closes read for init states
|
|
- [MINOR] add an analyser state in struct session
|
|
- [MAJOR] make unix sockets work again with stats
|
|
- [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session
|
|
- [MINOR] move the listener reference from fd to session
|
|
- [MEDIUM] reference the current hijack function in the buffer itself
|
|
- [MINOR] slightly rebalance stats_dump_{raw,http}
|
|
- [MINOR] add a new back-reference type : struct bref
|
|
- [MINOR] add back-references to sessions for later use by a dumper.
|
|
- [MEDIUM] add support for "show sess" in unix stats socket
|
|
- [BUG] do not release the connection slot during a retry
|
|
- [BUG] dynamic connection throttling could return a max of zero conns
|
|
- [BUG] do not try to pause backends during reload
|
|
- [BUG] ensure that listeners from disabled proxies are correctly unbound.
|
|
- [BUG] acl-related keywords are not allowed in defaults sections
|
|
- [BUG] cookie capture is declared in the frontend but checked on the backend
|
|
- [BUG] critical errors should be reported even in daemon mode
|
|
- [MINOR] redirect: add support for the "drop-query" option
|
|
- [MINOR] redirect: add support for "set-cookie" and "clear-cookie"
|
|
- [MINOR] redirect: in prefix mode a "/" means not to change the URI
|
|
- [BUG] do not dequeue requests on a dead server
|
|
- [BUG] do not dequeue the backend's pending connections on a dead server
|
|
- [MINOR] stats: indicate if a task is running in "show sess"
|
|
- [BUG] check timeout must not be changed if timeout.check is not set
|
|
- [BUG] "option transparent" is for backend, not frontend !
|
|
- [MINOR] transfer errors were not reported anymore in data phase
|
|
- [MEDIUM] add a send limit to a buffer
|
|
- [MEDIUM] don't report buffer timeout when there is I/O activity
|
|
- [MEDIUM] indicate when we don't care about read timeout
|
|
- [MINOR] add flags to indicate when a stream interface is waiting for space/data
|
|
- [MEDIUM] enable inter-stream_interface wakeup calls
|
|
- [MAJOR] implement autonomous inter-socket forwarding
|
|
- [MINOR] add the splice_len member to the buffer struct in preparation of splice support
|
|
- [MEDIUM] stream_sock: factor out the return path in case of no-writes
|
|
- [MEDIUM] i/o: rework ->to_forward and ->send_max
|
|
- [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read
|
|
- [OPTIM] buffer: replace rlim by max_len
|
|
- [OPTIM] stream_sock: factor out the buffer full handling out of the loop
|
|
- [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y)
|
|
- [CLEANUP] stream_sock: move the write-nothing condition out of the loop
|
|
- [MEDIUM] split stream_sock_write() into callback and core functions
|
|
- [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending
|
|
- [MINOR] stream_sock: fix a few wrong empty calculations
|
|
- [MEDIUM] stream_sock: try to send pending data on chk_snd()
|
|
- [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes
|
|
- [MEDIUM] splice: add configuration options and set global.maxpipes
|
|
- [MINOR] introduce structures required to support Linux kernel splicing
|
|
- [MEDIUM] add definitions for Linux kernel splicing
|
|
- [MAJOR] complete support for linux 2.6 kernel splicing
|
|
- [BUG] reserve some pipes for backends with splice enabled
|
|
- [MEDIUM] splice: add hints to support older buggy kernels
|
|
- [MEDIUM] introduce pipe pools
|
|
- [MEDIUM] splice: make use of pipe pools
|
|
- [STATS] report pipe usage in the statistics
|
|
- [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified
|
|
- [BUILD] fix snapshot date extraction with negative timezones
|
|
- [MEDIUM] move global tuning options to the global structure
|
|
- [MEDIUM] splice: add the global "nosplice" option
|
|
- [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
|
|
- [BUG] we must not exit if protocol binding only returns a warning
|
|
- [MINOR] add support for bind interface name
|
|
- [BUG] inform the user when root is expected but not set
|
|
- [MEDIUM] add support for source interface binding
|
|
- [MEDIUM] add support for source interface binding at the server level
|
|
- [MEDIUM] implement bind-process to limit service presence by process
|
|
- [DOC] document maxpipes, nosplice, option splice-{auto,request,response}
|
|
- [DOC] filled the logging section of the configuration manual
|
|
- [DOC] document HTTP status codes
|
|
- [DOC] document a few missing info about errorfile
|
|
- [BUG] fix random memory corruption using "show sess"
|
|
- [BUG] fix unix socket processing of interrupted output
|
|
- [DOC] add diagrams of queuing and future ACL design
|
|
- [BUILD] proto_http did not build on gcc-2.95
|
|
- [BUG] the "source" keyword must first clear optional settings
|
|
- [BUG] global.tune.maxaccept must be limited even in mono-process mode
|
|
- [MINOR] ensure that http_msg_analyzer updates pointer to invalid char
|
|
- [MEDIUM] store a complete dump of request and response errors in proxies
|
|
- [MEDIUM] implement error dump on unix socket with "show errors"
|
|
- [DOC] document "show errors"
|
|
- [MINOR] errors dump must use user-visible date, not internal date.
|
|
- [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second
|
|
- [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second.
|
|
- [MEDIUM] measure and report session rate on frontend, backends and servers
|
|
- [BUG] the "connslots" keyword was matched as "connlots"
|
|
- [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate
|
|
- [MEDIUM] implement "rate-limit sessions" for the frontend
|
|
- [BUG] interface binding: length must include the trailing zero
|
|
- [BUG] typo in timeout error reporting : report *res and not *err
|
|
- [OPTIM] maintain_proxies: only wake up when the frontend will be ready
|
|
- [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption
|
|
- [BUG] switch server-side stream interface to close in case of abort
|
|
- [CLEANUP] remove last references to term_trace
|
|
- [OPTIM] freq_ctr: do not rotate the counters when reading
|
|
- [BUG] disable any analysers for monitoring requests
|
|
- [BUG] rate-limit in defaults section was ignored
|
|
- [BUG] task: fix handling of duplicate keys
|
|
- [OPTIM] task: don't unlink a task from a wait queue when waking it up
|
|
- [OPTIM] displace tasks in the wait queue only if absolutely needed
|
|
- [MEDIUM] minor update to the task api: let the scheduler queue itself
|
|
- [BUG] event_accept() must always wake the task up, even in health mode
|
|
- [CLEANUP] task: distinguish between clock ticks and timers
|
|
- [OPTIM] task: reduce the number of calls to task_queue()
|
|
- [OPTIM] do not re-check req buffer when only response has changed
|
|
- [CLEANUP] don't enable kernel splicing when socket is closed
|
|
- [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase
|
|
- [MINOR] buffers: implement buffer_flush()
|
|
- [MEDIUM] rearrange forwarding condition to enable splice during analysis
|
|
- [BUILD] build fixes for Solaris
|
|
- [BUILD] proto_http did not build on gcc-2.95 (again)
|
|
- [CONTRIB] halog: fast log parser for haproxy
|
|
- [CONTRIB] halog: faster fgets() and add support for percentile reporting
|
|
|
|
2008/04/19 : 1.3.15
|
|
- [BUILD] Added support for 'make install'
|
|
- [BUILD] Added 'install-man' make target for installing the man page
|
|
- [BUILD] Added 'install-bin' make target
|
|
- [BUILD] Added 'install-doc' make target
|
|
- [BUILD] Removed "/" after '$(DESTDIR)' in install targets
|
|
- [BUILD] Changed 'install' target to install the binaries first
|
|
- [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
|
|
- [MEDIUM]: Inversion for options
|
|
- [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
|
|
- [BUG]: Restore clearing t->logs.bytes
|
|
- [MEDIUM]: rework checks handling
|
|
- [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
|
|
- [MEDIUM] Implement "track [<backend>/]<server>"
|
|
- [MINOR] Implement persistent id for proxies and servers
|
|
- [BUG] Don't increment server connections too much + fix retries
|
|
- [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
|
|
- [MAJOR] proto_uxst rework -> SNMP support
|
|
- [BUG] appsession lookup in URL does not work
|
|
- [BUG] transparent proxy address was ignored in backend
|
|
- [BUG] hot reconfiguration failed because of a wrong error check
|
|
- [DOC] big update to the configuration manual
|
|
- [DOC] large update to the configuration manual
|
|
- [DOC] document more options
|
|
- [BUILD] major rework of the GNU Makefile
|
|
- [STATS] add support for "show info" on the unix socket
|
|
- [DOC] document options forwardfor to logasap
|
|
- [MINOR] add support for the "backlog" parameter
|
|
- [OPTIM] introduce global parameter "tune.maxaccept"
|
|
- [MEDIUM] introduce "timeout http-request" in frontends
|
|
- [MINOR] tarpit timeout is also allowed in backends
|
|
- [BUG] increment server connections for each connect()
|
|
- [MEDIUM] add a turn-around state of one second after a connection failure
|
|
- [BUG] fix typo in redispatched connection
|
|
- [DOC] document options nolinger to ssl-hello-chk
|
|
- [DOC] added documentation for "option tcplog" to "use_backend"
|
|
- [BUG] connect_server: server might not exist when sending error report
|
|
- [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
|
|
- [MEDIUM] add non-local bind to connect() on Linux
|
|
- [MINOR] add transparent proxy support for balabit's Tproxy v4
|
|
- [BUG] use backend's source and not server's source with tproxy
|
|
- [BUG] fix overlapping server flags
|
|
- [MEDIUM] fix server health checks source address selection
|
|
- [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
|
|
- [DOC] added "server", "source" and "stats" keywords
|
|
- [DOC] all server parameters have been documented
|
|
- [DOC] document all req* and rsp* keywords.
|
|
- [DOC] added documentation about HTTP header manipulations
|
|
- [BUG] log response byte count, not request
|
|
- [BUILD] code did not build in full debug mode
|
|
- [BUG] fix truncated responses with sepoll
|
|
- [MINOR] use s->frt_addr as the server's address in transparent proxy
|
|
- [MINOR] fix configuration hint about timeouts
|
|
- [DOC] minor cleanup of the doc and notice to contributors
|
|
- [MINOR] report correct section type for unknown keywords.
|
|
- [BUILD] update MacOS Makefile to build on newer versions
|
|
- [DOC] fix erroneous "useallbackups" option in the doc
|
|
- [DOC] applied small fixes from early readers
|
|
- [MINOR] add configuration support for "redir" server keyword
|
|
- [MEDIUM] completely implement the server redirection method
|
|
- [TESTS] add a test case for the server redirection mechanism
|
|
- [DOC] add a configuration entry for "server ... redir <prefix>"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- [OPTIM] used unsigned ints for HTTP state and message offsets
|
|
- [OPTIM] GCC4's builtin_expect() is suboptimal
|
|
- [BUG] failed conns were sometimes incremented in the frontend!
|
|
- [BUG] timeout.check was not pre-set to eternity
|
|
- [TESTS] add test-pollers.cfg to easily report pollers in use
|
|
- [BUG] do not apply timeout.connect in checks if unset
|
|
- [BUILD] ensure that makefile understands USE_DLMALLOC=1
|
|
- [MINOR] silent gcc for a wrong warning
|
|
- [CLEANUP] update .gitignore to ignore more temporary files
|
|
- [CLEANUP] report dlmalloc's source path only if explictly specified
|
|
- [BUG] str2sun could leak a small buffer in case of error during parsing
|
|
- [BUG] option allbackups was not working anymore in roundrobin mode
|
|
- [MAJOR] implementation of the "leastconn" load balancing algorithm
|
|
- [BUILD] ensure that users don't build without setting the target anymore.
|
|
- [DOC] document the leastconn LB algo
|
|
- [MEDIUM] fix stats socket limitation to 16 kB
|
|
- [DOC] fix unescaped space in httpchk example.
|
|
- [BUG] fix double-decrement of server connections
|
|
- [TESTS] add a test case for port mapping
|
|
- [TESTS] add a benchmark for integer hashing
|
|
- [TESTS] add new methods in ip-hash test file
|
|
- [MAJOR] implement parameter hashing for POST requests
|
|
|
|
2007/12/06 : 1.3.14
|
|
- New option http_proxy (Alexandre Cassen)
|
|
- add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
|
|
- Check for duplicated conflicting proxies (Krzysztof Oledzki)
|
|
- stats: report server and backend cumulated downtime (Krzysztof Oledzki)
|
|
- use backends only with use_backend directive (Krzysztof Oledzki)
|
|
- Handle long lines properly (Krzysztof Oledzki)
|
|
- Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
|
|
- continous statistics (Krzysztof Oledzki)
|
|
- add support for logging via a UNIX socket (Robert Tsai)
|
|
- fix error checking in strl2ic/strl2uic()
|
|
- fix calls to localtime()
|
|
- provide easier-to-use ultoa_* functions
|
|
- provide easy-to-use limit_r and LIM2A* macros
|
|
- add a simple test for the status page
|
|
- move error codes to common/errors.h
|
|
- silent warning about LIST_* being redefined on OpenBSD
|
|
- add socket address length to the protocols
|
|
- group PR_O_BALANCE_* bits into a checkable value
|
|
- externalize the "balance" option parser to backend.c
|
|
- introduce the "url_param" balance method
|
|
- make default_backend work in TCP mode too
|
|
- disable warning about localtime_r on Solaris
|
|
- adjust error messages about conflicting proxies
|
|
- avoid calling some layer7 functions if not needed
|
|
- simplify error path in event_accept()
|
|
- add an options field to the listeners
|
|
- added a new state to listeners
|
|
- unbind_listener() must use fd_delete() and not close()
|
|
- add a generic unbind_listener() primitive
|
|
- add a generic delete_listener() primitive
|
|
- add a generic unbind_all_listeners() primitive
|
|
- create proto_tcp and move initialization of proxy listeners
|
|
- stats: report numerical process ID, proxy ID and server ID
|
|
- relative_pid was not initialized
|
|
- missing header names in raw stats output
|
|
- fix missing parenthesis in check_response_for_cacheability
|
|
- small optimization on session_process_counters()
|
|
- merge ebtree version 3.0
|
|
- make ebtree headers multiple-include compatible
|
|
- ebtree: include config.h for REGPRM*
|
|
- differentiate between generic LB params and map-specific ones
|
|
- add a weight divisor to the struct proxy
|
|
- implement the Fast Weighted Round Robin (FWRR) algo
|
|
- include filltab25.c to experiment on FWRR for dynamic weights
|
|
- merge test-fwrr.cfg to validate dynamic weights
|
|
- move the load balancing algorithm to be->lbprm.algo
|
|
- change server check result to a bit field
|
|
- implement "http-check disable-on-404" for graceful shutdown
|
|
- secure the calling conditions of ->set_server_status_{up,down}
|
|
- report disabled servers as "NOLB" when they are still UP
|
|
- document the "http-check disable-on-404" option
|
|
- http-check disable-on-404 is not limited to HTTP mode
|
|
- add a test file for disable-on-404
|
|
- use distinct bits per load-balancing algorithm type
|
|
- implement the slowstart parameter for servers
|
|
- document the server's slowstart parameter
|
|
- stats: report the server warm up status in a "throttle" column
|
|
- fix 2 minor issues on AIX
|
|
- add the "nbsrv" ACL verb
|
|
- add the "fail" condition to monitor requests
|
|
- remove a warning from gcc due to htons() in standard.c
|
|
- fwrr: ensure that we never overflow in placements
|
|
- store the build options to report with -vv
|
|
- fix the status return of the init script (R.I. Pienaar)
|
|
- stats: real time monitoring script for unix socket (Prizee)
|
|
- document "nbsrv" and "monitor fail"
|
|
- restrict the set of allowed characters for identifiers
|
|
- implement a time parsing function
|
|
- add support for time units in the configuration
|
|
- add a bit of documentation about timers
|
|
- introduce separation between contimeout, and tarpit + queue
|
|
- introduce the "timeout" keyword
|
|
- grouped all timeouts in one structure
|
|
- slowstart is in ms, not seconds
|
|
- slowstart: ensure we don't start with a null weight
|
|
- report the number of times each server was selected
|
|
- fix build on AIX due to recent log changes
|
|
- fix build on Solaris due to recent log changes
|
|
|
|
2007/10/18 : 1.3.13
|
|
- replace the code under O'Reilly license (Arnaud Cornet)
|
|
- add a small man page (Arnaud Cornet)
|
|
- stats: report haproxy's version by default (Krzysztof Oledzki)
|
|
- stats: count server retries and redispatches (Krzysztof Oledzki)
|
|
- core: added easy support for Doug Lea's malloc (dlmalloc)
|
|
- core: fade out memory usage when stopping proxies
|
|
- core: moved the sockaddr pointer to the fdtab structure
|
|
- core: add generic protocol support
|
|
- core: implement client-side support for PF_UNIX sockets
|
|
- stats: implement the CSV output
|
|
- stats: add a link to the CSV export HTML page
|
|
- stats: implement the statistics output on a unix socket
|
|
- config: introduce the "stats" keyword in global section
|
|
- build: centralize version and date into one file for each
|
|
- tests: added a new hash algorithm
|
|
|
|
2007/10/18 : 1.3.12.3
|
|
- add the "nolinger" option to disable data lingering (Alexandre Cassen)
|
|
- fix double-free during clean exit (Krzysztof Oledzki)
|
|
- prevent the system from sending an RST when closing health-checks
|
|
(Krzysztof Oledzki)
|
|
- do not add a cache-control header when on non-cacheable responses
|
|
(Krzysztof Oledzki)
|
|
- spread health checks even more (Krzysztof Oledzki)
|
|
- stats: scope "." must match the backend and not the frontend
|
|
- fixed call to chroot() during startup
|
|
- fix wrong timeout computation in event_accept()
|
|
- remove condition for exit() under fork() failure
|
|
|
|
2007/09/20 : 1.3.12.2
|
|
- fix configuration sanity checks for TCP listeners
|
|
- set the log socket receive window to zero bytes
|
|
- pre-initialize timeouts to infinity, not zero
|
|
- fix the SIGHUP message not to alert on server-less proxies
|
|
- timeouts and retries could be ignored when switching backend
|
|
- added a file to check that "retries" works.
|
|
- O'Reilly has clarified its license
|
|
|
|
2007/09/05 : 1.3.12.1
|
|
- spec I/O: fix allocations of spec entries for an FD
|
|
- ensure we never overflow in chunk_printf()
|
|
- improve behaviour with large number of servers per proxy
|
|
- add support for "stats refresh <interval>"
|
|
- stats page: added links for 'refresh' and 'hide down'
|
|
- fix backend's weight in the stats page.
|
|
- the "stats" keyword is not allowed in a pure frontend.
|
|
- provide a test configuration file for stats and checks
|
|
|
|
2007/06/17 : 1.3.12
|
|
- fix segfault at exit when using captures
|
|
- bug: negation in ACL conds was not cleared between terms
|
|
- errorfile: use a local file to feed error messages
|
|
- acl: support '-i' to ignore case when matching
|
|
- acl: smarter integer comparison with operators eq,lt,gt,le,ge
|
|
- acl: support maching on 'path' component
|
|
- acl: implement matching on header values
|
|
- acl: distinguish between request and response headers
|
|
- acl: permit to return any header when no name specified
|
|
- acl: provide default ACLs
|
|
- added the 'use_backend' keyword for full content-switching
|
|
- acl: specify the direction during fetches
|
|
- acl: provide the argument length for fetch functions
|
|
- acl: provide a reference to the expr to fetch()
|
|
- improve memory freeing upon exit
|
|
- str2net() must not change the const char *
|
|
- shut warnings 'is*' macros from ctype.h on solaris
|
|
|
|
2007/06/03 : 1.3.11.4
|
|
- do not re-arm read timeout in SHUTR state !
|
|
- optimize I/O by detecting system starvation
|
|
- the epoll FD must not be shared between processes
|
|
- limit the number of events returned by *poll*
|
|
|
|
2007/05/14 : 1.3.11.3
|
|
- pre-initialize timeouts with tv_eternity during parsing
|
|
|
|
2007/05/14 : 1.3.11.2
|
|
- fixed broken health-checks since switch to timeval
|
|
|
|
2007/05/14 : 1.3.11.1
|
|
- fixed ev_kqueue which was forgotten during the switch to timeval
|
|
- allowed null timeouts for past events in select
|
|
|
|
2007/05/14 : 1.3.11
|
|
- fixed ev_sepoll again by rewriting the state machine
|
|
- switched all timeouts to timevals instead of milliseconds
|
|
- improved memory management using mempools v2.
|
|
- several minor optimizations
|
|
|
|
2007/05/09 : 1.3.10.2
|
|
- fixed build on OpenBSD (missing types.h)
|
|
|
|
2007/05/09 : 1.3.10.1
|
|
- fixed sepoll transition matrix (two states were missing)
|
|
|
|
2007/05/08 : 1.3.10
|
|
- several fixes in ev_sepoll
|
|
- fixed some expiration dates on some tasks
|
|
- fixed a bug in connection establishment detection due to speculative I/O
|
|
- fixed rare bug occuring on TCP with early close (reported by Andy Smith)
|
|
- implemented URI hashing algorithm (Guillaume Dallaire)
|
|
- implemented SMTP health checks (Peter van Dijk)
|
|
- replaced the rbtree with ul2tree from old scheduler project
|
|
- new framework for generic ACL support
|
|
- added the 'acl' and 'block' keywords to the config language
|
|
- added several ACL criteria and matches (IP, port, URI, ...)
|
|
- cleaned up and better modularization for some time functions
|
|
- fixed list macros
|
|
- fixed useless memory allocation in str2net()
|
|
- store the original destination address in the session
|
|
|
|
2007/04/15 : 1.3.9
|
|
- modularized the polling mechanisms and use function pointers instead
|
|
of macros at many places
|
|
- implemented support for FreeBSD's kqueue() polling mechanism
|
|
- fixed a warning on OpenBSD : MIN/MAX redefined
|
|
- change socket registration order at startup to accomodate kqueue.
|
|
- several makefile cleanups to support old shells
|
|
- fix build with limits.h once for all
|
|
- ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
|
|
- fdtab now holds the results of polling
|
|
- implemented support for speculative I/O processing with epoll()
|
|
- remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
|
|
- auto-registering of pollers at load time
|
|
|
|
2007/04/03 : 1.3.8.2
|
|
- rewriting either the status line or request line could crash the
|
|
process due to a pointer which ought to be reset before parsing.
|
|
- rewriting the status line in the response did not work, it caused
|
|
a 502 Bad Gateway due to an erroneous state during parsing
|
|
|
|
2007/04/01 : 1.3.8.1
|
|
- fix reqadd when no option httpclose is used.
|
|
- removed now unused fiprm and beprm from proxies
|
|
- split logs into two versions : TCP and HTTP
|
|
- added some docs about http headers storage and acls
|
|
- added a VIM script for syntax color highlighting (Bruno Michel)
|
|
|
|
2007/03/25 : 1.3.8
|
|
- fixed several bugs which might have caused a crash with bad configs
|
|
- several optimizations in header processing
|
|
- many progresses towards transaction-based processing
|
|
- option forwardfor may be used in frontends
|
|
- completed HTTP response processing
|
|
- some code refactoring between request and response processing
|
|
- new HTTP header manipulation functions
|
|
- optimizations on the recv() patch to reduce CPU usage under very
|
|
high data rates.
|
|
- more user-friendly help about the 'usesrc' keyword (CTTPROXY)
|
|
- username/groupname support from Marcus Rueckert
|
|
- added the "except" keyword to the "forwardfor" option (Bryan German)
|
|
- support for health-checks on other addresses (Fabrice Dulaunoy)
|
|
- makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
|
|
- do not insert "Connection: close" in HTTP/1.0 messages
|
|
|
|
2007/01/26 : 1.3.7
|
|
- fix critical bug introduced with 1.3.6 : an empty request header
|
|
may lead to a crash due to missing pointer assignment
|
|
- hdr_idx might be left uninitialized in debug mode
|
|
- fixed build on FreeBSD due to missing fd_set declaration
|
|
|
|
2007/01/22 : 1.3.6.1
|
|
- change in the header chaining broke cookies and authentication
|
|
|
|
2007/01/22 : 1.3.6
|
|
- stats now support the HEAD method too
|
|
- extracted http request from the session
|
|
- huge rework of the HTTP parser which is now a 28-state FSM.
|
|
- linux-style likely/unlikely macros for optimization hints
|
|
- do not create a server socket when there's no server
|
|
- imported lots of docs
|
|
|
|
2007/01/07 : 1.3.5
|
|
- stats: swap color sets for active and backup servers
|
|
- try to guess server check port when unset
|
|
- added complete support and doc for TCP Splicing
|
|
- replace the wait-queue linked list with an rbtree.
|
|
- a few bugfixes and cleanups
|
|
|
|
2007/01/02 : 1.3.4
|
|
- support for cttproxy on the server side to present the client
|
|
address to the server.
|
|
- added support for SO_REUSEPORT on Linux (needs kernel patch)
|
|
- new RFC2616-compliant HTTP request parser with header indexing
|
|
- split proxies in frontends, rulesets and backends
|
|
- implemented the 'req[i]setbe' to select a backend depending
|
|
on the contents
|
|
- added the 'default_backend' keyword to select a default BE.
|
|
- new stats page featuring FEs and BEs + bytes in both dirs
|
|
- improved log format to indicate the backend and the time in ms.
|
|
- lots of cleanups
|
|
|
|
2006/10/15 : 1.3.3
|
|
- fix broken redispatch option in case the connection has already
|
|
been marked "in progress" (ie: nearly always).
|
|
- support regparm on x86 to speed up some often called functions
|
|
- removed a few useless calls to gettimeofday() in log functions.
|
|
- lots of 'const char*' cleanups
|
|
- turn every FD_* into functions which are faster on recent CPUs
|
|
|
|
2006/09/03 : 1.3.2
|
|
- started the changes towards I/O completion callbacks. stream_sock* have
|
|
replaced event_*.
|
|
- added the new "reqtarpit" and "reqitarpit" protection features
|
|
|
|
2006/07/09 : 1.3.1 (1.2.15)
|
|
- now, haproxy warns about missing timeout during startup to try to
|
|
eliminate all those buggy configurations.
|
|
- added "Content-Type: text/html" in responses wherever appropriate, as
|
|
suggested by Cameron Simpson.
|
|
- implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
|
|
test server's health
|
|
- implemented "monitor-uri" so that haproxy can reply to a specific URI with
|
|
an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
|
|
at once.
|
|
|
|
2006/06/29 : 1.3.0
|
|
- exploded the whole file into multiple .c and .h. No functionnal
|
|
difference is expected at all.
|
|
- fixed a bug by which neither stats nor error messages could be returned if
|
|
'clitimeout' was missing.
|
|
|
|
2006/05/21 : 1.2.14
|
|
- new HTML status report with the 'stats' keyword.
|
|
- added the 'abortonclose' option to better resist traffic surges
|
|
- implemented dynamic traffic regulation with the 'minconn' option
|
|
- show request time on denied requests
|
|
- definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
|
|
- now a proxy instance is allowed to run without servers, which is
|
|
useful to dedicate one instance to stats
|
|
- added lots of error counters
|
|
- a missing parenthesis preventd matching of cacheable cookies
|
|
- a missing parenthesis in poll_loop() might have caused missed events.
|
|
|
|
2006/05/14 : 1.2.13.1
|
|
- an uninitialized field in the struct session could cause a crash when
|
|
the session was freed. This has been encountered on Solaris only.
|
|
- Solaris and OpenBSD no not support shutdown() on listening socket. Let's
|
|
be nice to them by performing a soft stop if pause fails.
|
|
|
|
2006/05/13 : 1.2.13
|
|
- 'maxconn' server parameter to do per-server session limitation
|
|
- queueing to support non-blocking session limitation
|
|
- fixed removal of cookies for cookie-less servers such as backup servers
|
|
- two separate wait queues for expirable and non-expirable tasks provide
|
|
better performance with lots of sessions.
|
|
- some code cleanups and performance improvements
|
|
- made state dumps a bit more verbose
|
|
- fixed missing checks for NULL srv in dispatch mode
|
|
- load balancing on backup servers was not possible in source hash mode.
|
|
- two session flags shared the same bit, but fortunately they were not
|
|
compatible.
|
|
|
|
2006/04/15 : 1.2.12
|
|
Very few changes preparing for more important changes to support per-server
|
|
session limitations and queueing :
|
|
- ignore leading empty lines in HTTP requests as suggested by RFC2616.
|
|
- added the 'weight' parameter to the servers, limited to 1..256. It applies
|
|
to roundrobin and source hash.
|
|
- the optional '-s' option could clobber '-st' and '-sf' if compiled in.
|
|
|
|
2006/03/30 : 1.2.11.1
|
|
- under some conditions, it might have been possible that when the
|
|
last dead server became available, it would not have been used
|
|
till another one would have changed state. Could not be reproduced
|
|
at all, however seems possible from the code.
|
|
|
|
2006/03/25 : 1.2.11
|
|
- added the '-db' command-line option to disable backgrounding.
|
|
- added the -sf/-st command-line arguments which are used to specify
|
|
a list of pids to send a FINISH or TERMINATE signal upon startup.
|
|
They will also be asked to release their port if a bind fails.
|
|
- reworked the startup mechanism to allow the sending of a signal to a list
|
|
of old pids if a socket cannot be bound, with a retry for a limited amount
|
|
of time (1 second by default).
|
|
- added the ability to enforce limits on memory usage.
|
|
- added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
|
|
- re-architectured the server round-robin mechanism to ease integration of
|
|
other algorithms. It now relies on the number of active and backup servers.
|
|
- added a counter for the number of active and backup servers, and report
|
|
these numbers upon SIGHUP or state change.
|
|
|
|
2006/03/23 : 1.2.10.1
|
|
- while fixing the backup server round-robin "feature", a new bug was
|
|
introduced which could miss some backup servers.
|
|
- the displayed proxy name was wrong when dumping upon SIGHUP.
|
|
|
|
2006/03/19 : 1.2.10
|
|
- assert.h is needed when DEBUG is defined.
|
|
- ENORMOUS long standing bug affecting the epoll polling system :
|
|
event_data is a union, not a structure !
|
|
- Make fd management more robust and easier to debug. Also some
|
|
micro-optimisations.
|
|
- Limit the number of consecutive accept() in multi-process mode.
|
|
This produces a more evenly distributed load across the processes and
|
|
slightly improves performance by reducing bottlenecks.
|
|
- Make health-checks be more regular, and faster to retry after a timeout.
|
|
- Fixed some messages to ease parsing of alerts.
|
|
- provided a patch to enable epoll on RHEL3 kernels.
|
|
- Separated OpenBSD build from the main Makefile into a new one.
|
|
|
|
2006/03/15 : 1.2.9
|
|
- haproxy could not be stopped after being paused, it had to be woken up
|
|
first. This has been fixed.
|
|
- the 'ulimit-n' parameter is now optional and by default computed from
|
|
maxconn + the number of listeners + the number of health-checks.
|
|
- it is now possible to specify a maximum number of connections at build
|
|
time with the SYSTEM_MAXCONN define. The value set in the configuration
|
|
file will then be limited to this value, and only the command-line '-n'
|
|
option will be able to bypass it. It will prevent against accidental
|
|
high memory usage on small systems.
|
|
- RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
|
|
versions did not detect a line beginning with a space as the continuation
|
|
of previous header. It is now correct.
|
|
- health checks sent to servers configured with identical intervals were
|
|
sent in perfect synchronisation because the initial time was the same
|
|
for all. This could induce high load peaks when fragile servers were
|
|
hosting tens of instances for the same application. Now the load is
|
|
spread evenly across the smallest interval amongst a listener.
|
|
- a new 'forceclose' option was added to make the proxy close the outgoing
|
|
channel to the server once it has sent all its headers and the server
|
|
starts responding. This helps some servers which don't close upon the
|
|
'Connection: close' header. It implies 'option httpclose'.
|
|
- there was a bug in the way the backup servers were handled. They were
|
|
erroneously load-balanced while the doc said the opposite. Since
|
|
load-balanced backup servers is one of the features some people have
|
|
been asking for, the problem was fixed to reflect the documented
|
|
behaviour and a new option 'allbackups' was introduced to provide the
|
|
feature to those who need it.
|
|
- a never ending connect() could lead to a fast select() loop if its
|
|
timeout times the number of retransmits exceeded the server read or write
|
|
timeout, because the later was used to compute select()'s timeout while
|
|
the connection timeout was not reached.
|
|
- now we initialize the libc's localtime structures very early so that even
|
|
under OOM conditions, we can still send dated error messages without
|
|
segfaulting.
|
|
- the 'daemon' mode implies 'quiet' and disables 'verbose' because file
|
|
descriptors are closed.
|
|
|
|
2006/01/29 : 1.2.8
|
|
- fixed a nasty bug affecting poll/epoll which could return unmodified data
|
|
from the server to the client, and sometimes lead to memory corruption
|
|
crashing the process.
|
|
- added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.
|
|
|
|
2005/12/18 : 1.2.7.1
|
|
- the "retries" option was ignored because connect() could not return an
|
|
error if the connection failed before the timeout.
|
|
- TCP health-checks could not detect a connection refused in poll/epoll
|
|
mode.
|
|
|
|
2005/11/13 : 1.2.7
|
|
- building with -DUSE_PCRE should include PCRE headers and not regex.h. At
|
|
least on Solaris, this caused the libc's regex primitives to be used instead
|
|
of PCRE, which caused trouble on group references. This is now fixed.
|
|
- delayed the quiet mode during startup so that most of the startup alerts can
|
|
be displayed even in quiet mode.
|
|
- display an alert when a listener has no address, invalid or no port, or when
|
|
there are no enabled listeners upon startup.
|
|
- added "static-pcre" to the list of supported regex options in the Makefile.
|
|
|
|
2005/10/09 : 1.2.7rc (1.1.33rc)
|
|
- second batch of socklen_t changes.
|
|
- clean-ups from Cameron Simpson.
|
|
- because tv_remain() does not know about eternity, using no timeout can
|
|
make select() spin around a null time-out. Bug reported by Cameron Simpson.
|
|
- client read timeout was not properly set to eternity initialized after an
|
|
accept() if it was not set in the config. It remained undetected so long
|
|
because eternity is 0 and newly allocated pages are zeroed by the system.
|
|
- do not call get_original_dst() when not in transparent mode.
|
|
- implemented a workaround for a bug in certain epoll() implementations on
|
|
linux-2.4 kernels (epoll-lt <= 0.21).
|
|
- implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
|
|
|
|
2005/08/07 : 1.2.6
|
|
- clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
|
|
|
|
2005/07/06 : 1.2.6-pre5 (1.1.32)
|
|
- added the number of active sessions (proxy/process) in the logs
|
|
|
|
2005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
|
|
- the time-out fix introduced in 1.1.25 caused a corner case where it was
|
|
possible for a client to keep a connection maintained regardless of the
|
|
timeout if the server closed the connection during the HEADER phase,
|
|
while the client ignored the close request while doing nothing in the
|
|
other direction. This has been fixed now by ensuring that read timeouts
|
|
are re-armed when switching to any SHUTW state.
|
|
|
|
2005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
|
|
- enhanced error reporting in the logs. Now the proxy will precisely detect
|
|
various error conditions related to the system and/or process limits, and
|
|
generate LOG_EMERG logs indicating that a resource has been exhausted.
|
|
- logs will contain two new characters for the error cause : 'R' indicates
|
|
a resource exhausted, and 'I' indicates an internal error, though this
|
|
one should never happen.
|
|
- server connection timeouts can now be reported in the logs (sC), as well
|
|
as connections refused because of maxconn limitations (PC).
|
|
|
|
2005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
|
|
- new global configuration keyword "ulimit-n" may be used to raise the FD
|
|
limit to usable values.
|
|
- a warning is now displayed on startup if the FD limit is lower than the
|
|
configured maximum number of sockets.
|
|
|
|
2005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
|
|
- new configuration keyword "monitor-net" makes it possible to be monitored
|
|
by external devices which connect to the proxy without being logged nor
|
|
forwarded to any server. Particularly useful on generic TCPv4 relays.
|
|
|
|
2005/06/21 : 1.2.5.2
|
|
- fixed build on PPC where chars are unsigned by default
|
|
|
|
2005/05/02 : 1.2.5.1
|
|
- dirty hack to fix a bug introduced with epoll : if we close an FD and
|
|
immediately reassign it to another session through a connect(), the
|
|
Prev{Read,Write}Events are not updated, which causes trouble detecting
|
|
changes, thus leading to many timeouts at high loads.
|
|
|
|
2005/04/30 : 1.2.5 (1.1.31)
|
|
- changed the runtime argument to disable epoll() to '-de'
|
|
- changed the runtime argument to disable poll() to '-dp'
|
|
- added global options 'nopoll' and 'noepoll' to do the same at the
|
|
configuration level.
|
|
- added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
|
|
support epoll().
|
|
- changed default FD_SETSIZE to 65536 on Solaris (default=1024)
|
|
- conditionned signals redirection to #ifdef DEBUG_MEMORY
|
|
|
|
2005/04/26 : 1.2.5-pre4
|
|
- made epoll() support a compile-time option : ENABLE_EPOLL
|
|
- provided a very little libc replacement for a possibly missing epoll()
|
|
implementation which can be enabled by -DUSE_MY_EPOLL
|
|
- implemented the poll() poller, which can be enabled with -DENABLE_POLL.
|
|
The equivalent runtime argument becomes '-P'. A few tests show that it
|
|
performs like select() with many fds, but slightly slower (certainly
|
|
because of the higher amount of memory involved).
|
|
- separated the 3 polling methods and the tasks scheduler into 4 distinct
|
|
functions which makes the code a lot more modular.
|
|
- moved some event tables to private static declarations inside the poller
|
|
functions.
|
|
- the poller functions can now initialize themselves, run, and cleanup.
|
|
- changed the runtime argument to enable epoll() to '-E'.
|
|
- removed buggy epoll_ctl() code in the client_retnclose() function. This
|
|
function was never meant to remove anything.
|
|
- fixed a typo which caused glibc to yell about a double free on exit.
|
|
- removed error checking after epoll_ctl(DEL) because we can never know if
|
|
the fd is still active or already closed.
|
|
- added a few entries in the makefile
|
|
|
|
2005/04/25 : 1.2.5-pre3
|
|
- experimental epoll() support (use temporary '-e' argument)
|
|
|
|
2005/04/24 : 1.2.5-pre2
|
|
- implemented the HTTP 303 code for error redirection. This forces the
|
|
browser to fetch the given URI with a GET request. The new keyword for
|
|
this is 'errorloc303', and a new 'errorloc302' keyword has been created
|
|
to make them easily distinguishable.
|
|
- added more controls in the parser for valid use of '\x' sequence.
|
|
- few fixes from Alex & Klaus
|
|
|
|
2005/02/17 : 1.2.5-pre1
|
|
- fixed a few errors in the documentation
|
|
|
|
2005/02/13
|
|
- do not pre-initialize unused file-descriptors before select() anymore.
|
|
|
|
2005/01/22 : 1.2.4
|
|
- merged Alexander Lazic's and Klaus Wagner's work on application
|
|
cookie-based persistence. Since this is the first merge, this version is
|
|
not intended for general use and reports are more than welcome. Some
|
|
documentation is really needed though.
|
|
|
|
2005/01/22 : 1.2.3 (1.1.30)
|
|
- add an architecture guide to the documentation
|
|
- released without any changes
|
|
|
|
2004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
|
|
- increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
|
|
compatible with Apache. This limit can be configured in the makefile now.
|
|
Thanks to Eric Fehr for the checks.
|
|
- added a per-server "source" option which now makes it possible to bind to
|
|
a different source for each (potentially identical) server.
|
|
- changed cookie-based server selection slightly to allow several servers to
|
|
share a same cookie, thus making it possible to associate backup servers to
|
|
live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
|
|
- added the cookie 'prefix' mode which makes it possible to use persistence
|
|
with thin clients which support only one cookie. The server name is prefixed
|
|
before the application cookie, and restore back.
|
|
- fixed the order of servers within an instance to match documentation. Now
|
|
the servers are *really* used in the order of their declaration. This is
|
|
particularly important when multiple backup servers are in use.
|
|
|
|
2004/10/18 : 1.2.2 (1.1.29)
|
|
- fixed a bug where a TCP connection would be logged twice if the 'logasap'
|
|
option was enabled without the 'tcplog' option.
|
|
- encode_string() would use hdr_encode_map instead of the map argument.
|
|
|
|
2004/08/10 : (1.1.29-pre2)
|
|
- the logged request is now encoded with '#XX' for unprintable characters
|
|
- new keywords 'capture request header' and 'capture response header' enable
|
|
logging of arbitrary HTTP headers in requests and responses
|
|
- removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
|
|
|
|
2004/06/06 : 1.2.1 (1.1.28)
|
|
- added the '-V' command line option to verbosely report errors even though
|
|
the -q or 'quiet' options are specified. This is useful with '-c'.
|
|
- added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
|
|
|
|
2004/06/05 :
|
|
- added the "logasap" option which produces a log without waiting for the data
|
|
to be transferred from the server to the client.
|
|
- added the "httpclose" option which removes any "connection:" header and adds
|
|
"Connection: close" in both direction.
|
|
- added the 'checkcache' option which blocks cacheable responses containing
|
|
dangerous headers, such as 'set-cookie'.
|
|
- added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
|
|
information leak from servers.
|
|
|
|
2004/04/18 :
|
|
- send an EMERG log when no server is available for a given proxy
|
|
- added the '-c' command line option to syntactically check the
|
|
configuration file without starting the service.
|
|
|
|
2003/11/09 : 1.2.0
|
|
- the same as 1.1.27 + IPv6 support on the client side
|
|
|
|
2003/10/27 : 1.1.27
|
|
- the configurable HTTP health check introduced in 1.1.23 revealed a shameful
|
|
bug : the code still assumed that HTTP requests were the same size as the
|
|
original ones (22 bytes), and failed if they were not.
|
|
- added support for pidfiles.
|
|
|
|
2003/10/22 : 1.1.26
|
|
- the fix introduced in 1.1.25 for client timeouts while waiting for servers
|
|
broke almost all compatibility with POST requests, because the proxy
|
|
stopped to read anything from the client as soon as it got all of its
|
|
headers.
|
|
|
|
2003/10/15 : 1.1.25
|
|
- added the 'tcplog' option, which provides enhanced, HTTP-like logs for
|
|
generic TCP proxies, or lighter logs for HTTP proxies.
|
|
- fixed a time-out condition wrongly reported as client time-out in data
|
|
phase if the client timeout was lower than the connect timeout times the
|
|
number of retries.
|
|
|
|
2003/09/21 : 1.1.24
|
|
- if a client sent a full request then shut its write connection down, then
|
|
the request was aborted. This case was detected only when using haproxy
|
|
both as health-check client and as a server.
|
|
- if 'option httpchk' is used in a 'health' mode server, then responses will
|
|
change from 'OK' to 'HTTP/1.0 200 OK'.
|
|
- fixed a Linux-only bug in case of HTTP server health-checks, where a single
|
|
server response followed by a close could be ignored, and the server seen
|
|
as failed.
|
|
|
|
2003/09/19 : 1.1.23
|
|
- fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
|
|
'default' sections to keep previous parameters, and not initialize logs
|
|
correctly.
|
|
- fixed a second stupid bug introduced in 1.1.22 which caused configurations
|
|
relying on 'dispatch' mode to segfault at the first connection.
|
|
- 'option httpchk' now supports method, HTTP version and a few headers.
|
|
- now, 'option httpchk', 'cookie' and 'capture' can be specified in
|
|
'defaults' section
|
|
|
|
2003/09/10 : 1.1.22
|
|
- 'listen' now supports optionnal address:port-range lists
|
|
- 'bind' introduced to add new listen addresses
|
|
- fixed a bug which caused a session to be kept established on a server till
|
|
it timed out if the client closed during the DATA phase.
|
|
- the port part of each server address can now be empty to make the proxy
|
|
connect to the server on the same port it was connected to, be an absolute
|
|
unsigned number to reflect a single port (as in older versions), or an
|
|
explicitly signed number (+N/-N) to indicate that this offset must be
|
|
applied to the port the proxy was connected to, when connecting to the
|
|
server.
|
|
- the 'port' server option allows the user to specify a different
|
|
health-check port than the service one. It is mandatory when only relative
|
|
ports have been specified and check is required. By default, the checks are
|
|
sent to the service port.
|
|
- new 'defaults' section which is rather similar to 'listen' except that all
|
|
values are only used as default values for future 'listen' sections, until
|
|
a new 'defaults' resets them. At the moment, server options, regexes,
|
|
cookie names and captures cannot be set in the 'defaults' section.
|
|
|
|
2003/05/06 : 1.1.21
|
|
- changed the debug output format so that it now includes the session unique
|
|
ID followed by the instance name at the beginning of each line.
|
|
- in debug mode, accept now shows the client's IP and port.
|
|
- added one 3 small debugging scripts to search and pretty print debug output
|
|
- changed the default health check request to "OPTIONS /" instead of
|
|
"OPTIONS *" since not all servers implement the later one.
|
|
- "option httpchk" now accepts an optional parameter allowing the user to
|
|
specify and URI other than '/' during health-checks.
|
|
|
|
2003/04/21 : 1.1.20
|
|
- fixed two problems with time-outs, one where a server would be logged as
|
|
timed out during transfer that take longer to complete than the fixed
|
|
time-out, and one where clients were logged as timed-out during the data
|
|
phase because they didn't have anything to send. This sometimes caused
|
|
slow client connections to close too early while in fact there was no
|
|
problem. The proper fix would be to have a per-fd time-out with
|
|
conditions depending on the state of the HTTP FSM.
|
|
|
|
2003/04/16 : 1.1.19
|
|
- haproxy was NOT RFC compliant because it was case-sensitive on HTTP
|
|
"Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
|
|
cookie persistence because it uses "cookie:". Two memcmp() have been
|
|
replaced with strncasecmp().
|
|
|
|
2003/04/02 : 1.1.18
|
|
- Haproxy can be compiled with PCRE regex instead of libc regex, by setting
|
|
REGEX=pcre on the make command line.
|
|
- HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
|
|
- when explicit source address binding is required, it is now also used for
|
|
health-checks.
|
|
- added 'reqpass' and 'reqipass' to allow certain headers but not the request
|
|
itself.
|
|
- factored several strings to reduce binary size by about 2 kB.
|
|
- replaced setreuid() and setregid() with more standard setuid() and setgid().
|
|
- added 4 status flags to the log line indicating who ended the connection
|
|
first, the sessions state, the validity of the cookie, and action taken on
|
|
the set-cookie header.
|
|
|
|
2002/10/18 : 1.1.17
|
|
- add the notion of "backup" servers, which are used only when all other
|
|
servers are down.
|
|
- make Set-Cookie return "" instead of "(null)" when the server has no
|
|
cookie assigned (useful for backup servers).
|
|
- "log" now supports an optionnal level name (info, notice, err ...) above
|
|
which nothing is sent.
|
|
- replaced some strncmp() with memcmp() for better efficiency.
|
|
- added "capture cookie" option which logs client and/or server cookies
|
|
- cleaned up/down messages and dump servers states upon SIGHUP
|
|
- added a redirection feature for errors : "errorloc <errnum> <url>"
|
|
- now we won't insist on connecting to a dead server, even with a cookie,
|
|
unless option "persist" is specified.
|
|
- added HTTP/408 response for client request time-out and HTTP/50[234] for
|
|
server reply time-out or errors.
|
|
|
|
2002/09/01 : 1.1.16
|
|
- implement HTTP health checks when option "httpchk" is specified.
|
|
|
|
2002/08/07 : 1.1.15
|
|
- replaced setpgid()/setpgrp() with setsid() for better portability, because
|
|
setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.
|
|
|
|
2002/07/20 : 1.1.14
|
|
- added "postonly" cookie mode
|
|
|
|
2002/07/15 : 1.1.13
|
|
- tv_diff used inverted parameters which led to negative times !
|
|
|
|
2002/07/13 : 1.1.12
|
|
- fixed stats monitoring, and optimized some tv_* for most common cases.
|
|
- replaced temporary 'newhdr' with 'trash' to reduce stack size
|
|
- made HTTP errors more HTML-fiendly.
|
|
- renamed strlcpy() to strlcpy2() because of a slightly difference between
|
|
their behaviour (return value), to avoid confusion.
|
|
- restricted HTTP messages to HTTP proxies only
|
|
- added a 502 message when the connection has been refused by the server,
|
|
to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
|
|
- changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
|
|
inserting a cookie, because some caches (apache) don't understand it.
|
|
- fixed processing of server headers when client is in SHUTR state
|
|
|
|
2002/07/04 :
|
|
- automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
|
|
setpgid()
|
|
|
|
2002/06/04 : 1.1.11
|
|
- fixed multi-cookie handling in client request to allow clean deletion
|
|
in insert+indirect mode. Now, only the server cookie is deleted and not
|
|
all the header. Should now be compliant to RFC2965.
|
|
- added a "nocache" option to "cookie" to specify that we explicitly want
|
|
to add a "cache-control" header when we add a cookie.
|
|
It is also possible to add an "Expires: <old-date>" to keep compatibility
|
|
with old/broken caches.
|
|
|
|
2002/05/10 : 1.1.10
|
|
- if a cookie is used in insert+indirect mode, it's desirable that the
|
|
the servers don't see it. It was not possible to remove it correctly
|
|
with regexps, so now it's removed automatically.
|
|
|
|
2002/04/19 : 1.1.9
|
|
- don't use snprintf()'s return value as an end of message since it may
|
|
be larger. This caused bus errors and segfaults in internal libc's
|
|
getenv() during localtime() in send_log().
|
|
- removed dead insecure send_syslog() function and all references to it.
|
|
- fixed warnings on Solaris due to buggy implementation of isXXXX().
|
|
|
|
2002/04/18 : 1.1.8
|
|
- option "dontlognull"
|
|
- fixed "double space" bug in config parser
|
|
- fixed an uninitialized server field in case of dispatch
|
|
with no existing server which could cause a segfault during
|
|
logging.
|
|
- the pid logged was always the father's, which was wrong for daemons.
|
|
- fixed wrong level "LOG_INFO" for message "proxy started".
|
|
|
|
2002/04/13 :
|
|
- http logging is now complete :
|
|
- ip:port, date, proxy, server
|
|
- req_time, conn_time, hdr_time, tot_time
|
|
- status, size, request
|
|
- source address
|
|
|
|
2002/04/12 : 1.1.7
|
|
- added option forwardfor
|
|
- added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
|
|
- added "log global" in "listen" section.
|
|
|
|
2002/04/09 :
|
|
- added a new "global" section :
|
|
- logs
|
|
- debug, quiet, daemon modes
|
|
- uid, gid, chroot, nbproc, maxconn
|
|
|
|
2002/04/08 : 1.1.6
|
|
- regex are now chained and not limited anymore.
|
|
- unavailable server now returns HTTP/502.
|
|
- increased per-line args limit to 40
|
|
- added reqallow/reqdeny to block some request on matches
|
|
- added HTTP 400/403 responses
|
|
|
|
2002/04/03 : 1.1.5
|
|
- connection logging displayed incorrect source address.
|
|
- added proxy start/stop and server up/down log events.
|
|
- replaced log message short buffers with larger trash.
|
|
- enlarged buffer to 8 kB and replace buffer to 4 kB.
|
|
|
|
2002/03/25 : 1.1.4
|
|
- made rise/fall/interval time configurable
|
|
|
|
2002/03/22 : 1.1.3
|
|
- fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
|
|
which could lead to loops.
|
|
|
|
2002/03/21 : 1.1.2
|
|
- fixed a bug in buffer management where we could have a loop
|
|
between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
|
|
=> implemented an adjustable buffer limit.
|
|
- fixed a bug : expiration of tasks in wait queue timeout is used again,
|
|
and running tasks are skipped.
|
|
- added some debug lines for accept events.
|
|
- send warnings for servers up/down.
|
|
|
|
2002/03/12 : 1.1.1
|
|
- fixed a bug in total failure handling
|
|
- fixed a bug in timestamp comparison within same second (tv_cmp_ms)
|
|
|
|
2002/03/10 : 1.1.0
|
|
- fixed a few timeout bugs
|
|
- rearranged the task scheduler subsystem to improve performance,
|
|
add new tasks, and make it easier to later port to librt ;
|
|
- allow multiple accept() for one select() wake up ;
|
|
- implemented internal load balancing with basic health-check ;
|
|
- cookie insertion and header add/replace/delete, with better strings
|
|
support.
|
|
|
|
2002/03/08
|
|
- reworked buffer handling to fix a few rewrite bugs, and
|
|
improve overall performance.
|
|
- implement the "purge" option to delete server cookies in direct mode.
|
|
|
|
2002/03/07
|
|
- fixed some error cases where the maxfd was not decreased.
|
|
|
|
2002/02/26
|
|
- now supports transparent proxying, at least on linux 2.4.
|
|
|
|
2002/02/12
|
|
- soft stop works again (fixed select timeout computation).
|
|
- it seems that TCP proxies sometimes cannot timeout.
|
|
- added a "quiet" mode.
|
|
- enforce file descriptor limitation on socket() and accept().
|
|
|
|
2001/12/30 : release of version 1.0.2 : fixed a bug in header processing
|
|
2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
|
|
2001/12/16 : release of version 1.0.0.
|
|
2001/12/16 : added syslog capability for each accepted connection.
|
|
2001/11/19 : corrected premature end of files and occasional SIGPIPE.
|
|
2001/10/31 : added health-check type servers (mode health) which replies OK then closes.
|
|
2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
|
|
with or without cookies (use keyword http for this).
|
|
2001/09/01 : added client/server header replacing with regexps.
|
|
eg:
|
|
cliexp ^(Host:\ [^:]*).* Host:\ \1:80
|
|
srvexp ^Server:\ .* Server:\ Apache
|
|
2000/11/29 : first fully working release with complete FSMs and timeouts.
|
|
2000/11/28 : major rewrite
|
|
2000/11/26 : first write
|