1246 lines
64 KiB
Plaintext
1246 lines
64 KiB
Plaintext
ChangeLog :
|
|
===========
|
|
|
|
2009/03/09 : 1.3.16-rc2
|
|
- [BUG] stream_sock: write timeout must be updated when forwarding !
|
|
|
|
2009/03/09 : 1.3.16-rc1
|
|
- appsessions: cleanup DEBUG_HASH and initialize request_counter
|
|
- [MINOR] acl: add new keyword "connslots"
|
|
- [MINOR] cfgparse: fix off-by 2 in error message size
|
|
- [BUILD] fix build with gcc 4.3
|
|
- [BUILD] fix MANDIR default location to match documentation
|
|
- [TESTS] add a debug patch to help trigger the stats bug
|
|
- [BUG] Flush buffers also where there are exactly 0 bytes left
|
|
- [MINOR] Allow to specify a domain for a cookie
|
|
- [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain)
|
|
- [MEDIUM] Fix memory freeing at exit
|
|
- [MEDIUM] Fix memory freeing at exit, part 2
|
|
- [BUG] Fix listen & more of 2 couples <ip>:<port>
|
|
- [DOC] remove buggy comment for use_backend
|
|
- [CRITICAL] fix server state tracking: it was O(n!) instead of O(n)
|
|
- [MEDIUM] add support for URI hash depth and length limits
|
|
- [MINOR] permit renaming of x-forwarded-for header
|
|
- [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface
|
|
- [BUILD] Haproxy won't compile if DEBUG_FULL is defined
|
|
- [MEDIUM] upgrade to ebtree v4.0
|
|
- [DOC] update the README file with new build options
|
|
- [MEDIUM] reduce risk of event starvation in ev_sepoll
|
|
- [MEDIUM] detect streaming buffers and tag them as such
|
|
- [MEDIUM] add support for conditional HTTP redirection
|
|
- [BUILD] make install should depend on haproxy not "all"
|
|
- [DEBUG] add a TRACE macro to facilitate runtime data extraction
|
|
- [BUG] event pollers must not wait if a task exists in the run queue
|
|
- [BUG] queue management: wake oldest request in queues
|
|
- [BUG] log: reported queue position was offed-by-one
|
|
- [BUG] fix the dequeuing logic to ensure that all requests get served
|
|
- [DOC] documentation for the "retries" parameter was missing.
|
|
- [MEDIUM] implement a monotonic internal clock
|
|
- [MEDIUM] further improve monotonic clock by check forward jumps
|
|
- [OPTIM] add branch prediction hints in list manipulations
|
|
- [MAJOR] replace ultree with ebtree in wait-queues
|
|
- [BUG] we could segfault during exit while freeing uri_auths
|
|
- [BUG] wqueue: perform proper timeout comparisons with wrapping values
|
|
- [MINOR] introduce now_ms, the current date in milliseconds
|
|
- [BUG] disable buffer read timeout when reading stats
|
|
- [MEDIUM] rework the wait queue mechanism
|
|
- [BUILD] change declaration of base64tab to fix build with Intel C++
|
|
- [OPTIM] shrink wake_expired_tasks() by using task_wakeup()
|
|
- [MAJOR] use an ebtree instead of a list for the run queue
|
|
- [MEDIUM] introduce task->nice and boot access to statistics
|
|
- [OPTIM] task_queue: assume most consecutive timers are equal
|
|
- [BUILD] silent a warning in unlikely() with gcc 4.x
|
|
- [MAJOR] convert all expiration timers from timeval to ticks
|
|
- [BUG] use_backend would not correctly consider "unless"
|
|
- [TESTS] added test-acl.cfg to test some ACL combinations
|
|
- [MEDIUM] add support for configuration keyword registration
|
|
- [MEDIUM] modularize the global "stats" keyword configuration parser
|
|
- [MINOR] cfgparse: add support for warnings in external functions
|
|
- [MEDIUM] modularize the "timeout" keyword configuration parser
|
|
- [MAJOR] implement tcp request content inspection
|
|
- [MINOR] acl: add a new parsing function: parse_dotted_ver
|
|
- [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version
|
|
- [CLEANUP] remove unused include/types/client.h
|
|
- [CLEANUP] remove many #include <types/xxx> from C files
|
|
- [CLEANUP] remove dependency on obsolete INTBITS macro
|
|
- [DOC] document the new "tcp-request" keyword and associated ACLs
|
|
- [MINOR] acl: add REQ_CONTENT to the list of default acls
|
|
- [MEDIUM] acl: permit fetch() functions to set the result themselves
|
|
- [MEDIUM] acl: get rid of dummy values in always_true/always_false
|
|
- [MINOR] acl: add the "wait_end" acl verb
|
|
- [MEDIUM] acl: enforce ACL type checking
|
|
- [MEDIUM] acl: set types on all currently known ACL verbs
|
|
- [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings
|
|
- [CLEANUP] remove 65 useless NULL checks before free
|
|
- [MEDIUM] memory: update pool_free2() to support NULL pointers
|
|
- [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns
|
|
- [MEDIUM] process_srv: rely on buffer flags for client shutdown
|
|
- [MEDIUM] process_srv: don't rely at all on client state
|
|
- [MEDIUM] process_cli: don't rely at all on server state
|
|
- [BUG] fix segfault with url_param + check_post
|
|
- [BUG] server timeout was not considered in some circumstances
|
|
- [BUG] client timeout incorrectly rearmed while waiting for server
|
|
- [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1)
|
|
- [MAJOR] get rid of SV_STANALYZE (step 2)
|
|
- [MEDIUM] simplify and centralize request timeout cancellation and request forwarding
|
|
- [MAJOR] completely separate HTTP and TCP states on the request path
|
|
- [BUG] fix recently introduced loop when client closes early
|
|
- [MAJOR] get rid of the SV_STHEADERS state
|
|
- [MAJOR] better separation of response processing and server state
|
|
- [MAJOR] clearly separate HTTP response processing from TCP server state
|
|
- [MEDIUM] remove unused references to {CL|SV}_STSHUT*
|
|
- [MINOR] term_trace: add better instrumentations to trace the code
|
|
- [BUG] ev_sepoll: closed file descriptors could persist in the spec list
|
|
- [BUG] process_response must not enable the read FD
|
|
- [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue
|
|
- [BUG] process_response: do not touch srv_state
|
|
- [BUG] maintain_proxies must not disable backends
|
|
- [CLEANUP] get rid of BF_SHUT*_PENDING
|
|
- [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l
|
|
- [MAJOR] process_session: rely only on buffer flags
|
|
- [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout
|
|
- [MEDIUM] centralize buffer timeout checks at the top of process_session
|
|
- [MINOR] ensure the termination flags are set by process_xxx
|
|
- [MEDIUM] session: move the analysis bit field to the buffer
|
|
- [OPTIM] process_cli/process_srv: reduce the number of tests
|
|
- [BUG] regparm is broken on gcc < 3
|
|
- [BUILD] fix warning in proto_tcp.c with gcc >= 4
|
|
- [MEDIUM] merge inspect_exp and txn->exp into request buffer
|
|
- [BUG] process_cli/process_srv: don't call shutdown when already done
|
|
- [BUG] process_request: HTTP body analysis must return zero if missing data
|
|
- [TESTS] test-fsm: 22 regression tests for state machines
|
|
- [BUG] Fix empty X-Forwarded-For header name when set in defaults section
|
|
- [BUG] fix harmless but wrong fd insertion sequence
|
|
- [MEDIUM] make it possible for analysers to follow the whole session
|
|
- [MAJOR] rework of the server FSM
|
|
- [OPTIM] remove useless fd_set(read) upon shutdown(write)
|
|
- [MEDIUM] massive cleanup of process_srv()
|
|
- [MEDIUM] second level of code cleanup for process_srv_data
|
|
- [MEDIUM] third cleanup and optimization of process_srv_data()
|
|
- [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts
|
|
- [MEDIUM] stream_sock_process_data moved to stream_sock.c
|
|
- [MAJOR] make the client side use stream_sock_process_data()
|
|
- [MEDIUM] split stream_sock_process_data
|
|
- [OPTIM] stream_sock_read must check for null-reads more often
|
|
- [MINOR] only call flow analysers when their read side is connected.
|
|
- [MEDIUM] reintroduce BF_HIJACK with produce_content
|
|
- [MINOR] re-arrange buffer flags and rename some of them
|
|
- [MINOR] do not check for BF_SHUTR when computing write timeout
|
|
- [OPTIM] ev_sepoll: detect newly created FDs and check them once
|
|
- [OPTIM] reduce the number of calls to task_wakeup()
|
|
- [OPTIM] force inlining of large functions with gcc >= 3
|
|
- [MEDIUM] indicate a reason for a task wakeup
|
|
- [MINOR] change type of fdtab[]->owner to void*
|
|
- [MAJOR] make stream sockets aware of the stream interface
|
|
- [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers
|
|
- [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT
|
|
- [MEDIUM] process_session: make use of the new buffer flags
|
|
- [CLEANUP] process_session: move debug outputs out of the critical loop
|
|
- [MEDIUM] move QUEUE and TAR timers to stream interfaces
|
|
- [OPTIM] add compiler hints in tick_is_expired()
|
|
- [MINOR] add buffer_check_timeouts() to check what timeouts have fired.
|
|
- [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts()
|
|
- [MINOR] add an expiration flag to the stream_sock_interface
|
|
- [MAJOR] migrate the connection logic to stream interface
|
|
- [MAJOR] add a connection error state to the stream_interface
|
|
- [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions
|
|
- [MEDIUM] continue layering cleanups.
|
|
- [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO
|
|
- [MEDIUM] remove stream_sock_update_data()
|
|
- [MINOR] maintain a global session list in order to ease debugging
|
|
- [BUG] shutw must imply close during a connect
|
|
- [MEDIUM] process shutw during connection attempt
|
|
- [MEDIUM] make the stream interface control the SHUT{R,W} bits
|
|
- [MAJOR] complete layer4/7 separation
|
|
- [CLEANUP] move the session-related functions to session.c
|
|
- [MINOR] call session->do_log() for logging
|
|
- [MINOR] replace the ambiguous client_return function by stream_int_return
|
|
- [MINOR] replace client_retnclose() with stream_int_retnclose()
|
|
- [MINOR] replace srv_close_with_err() with http_server_error()
|
|
- [MEDIUM] make the http server error function a pointer in the session
|
|
- [CLEANUP] session.c: removed some migration left-overs in sess_establish()
|
|
- [MINOR] stream_sock_data_finish() should not expose fd
|
|
- [MEDIUM] extract TCP request processing from HTTP
|
|
- [MEDIUM] extract the HTTP tarpit code from process_request().
|
|
- [MEDIUM] move the HTTP request body analyser out of process_request().
|
|
- [MEDIUM] rename process_request to http_process_request
|
|
- [BUG] fix forgotten server session counter
|
|
- [MINOR] declare process_session in session.h, not proto_http.h
|
|
- [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept()
|
|
- [MINOR] add an analyser code for UNIX stats request
|
|
- [MINOR] pre-set analyser flags on the listener at registration time
|
|
- [BUG] do not forward close from cons to prod with analysers
|
|
- [MEDIUM] ensure that sock->shutw() also closes read for init states
|
|
- [MINOR] add an analyser state in struct session
|
|
- [MAJOR] make unix sockets work again with stats
|
|
- [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session
|
|
- [MINOR] move the listener reference from fd to session
|
|
- [MEDIUM] reference the current hijack function in the buffer itself
|
|
- [MINOR] slightly rebalance stats_dump_{raw,http}
|
|
- [MINOR] add a new back-reference type : struct bref
|
|
- [MINOR] add back-references to sessions for later use by a dumper.
|
|
- [MEDIUM] add support for "show sess" in unix stats socket
|
|
- [BUG] do not release the connection slot during a retry
|
|
- [BUG] dynamic connection throttling could return a max of zero conns
|
|
- [BUG] do not try to pause backends during reload
|
|
- [BUG] ensure that listeners from disabled proxies are correctly unbound.
|
|
- [BUG] acl-related keywords are not allowed in defaults sections
|
|
- [BUG] cookie capture is declared in the frontend but checked on the backend
|
|
- [BUG] critical errors should be reported even in daemon mode
|
|
- [MINOR] redirect: add support for the "drop-query" option
|
|
- [MINOR] redirect: add support for "set-cookie" and "clear-cookie"
|
|
- [MINOR] redirect: in prefix mode a "/" means not to change the URI
|
|
- [BUG] do not dequeue requests on a dead server
|
|
- [BUG] do not dequeue the backend's pending connections on a dead server
|
|
- [MINOR] stats: indicate if a task is running in "show sess"
|
|
- [BUG] check timeout must not be changed if timeout.check is not set
|
|
- [BUG] "option transparent" is for backend, not frontend !
|
|
- [MINOR] transfer errors were not reported anymore in data phase
|
|
- [MEDIUM] add a send limit to a buffer
|
|
- [MEDIUM] don't report buffer timeout when there is I/O activity
|
|
- [MEDIUM] indicate when we don't care about read timeout
|
|
- [MINOR] add flags to indicate when a stream interface is waiting for space/data
|
|
- [MEDIUM] enable inter-stream_interface wakeup calls
|
|
- [MAJOR] implement autonomous inter-socket forwarding
|
|
- [MINOR] add the splice_len member to the buffer struct in preparation of splice support
|
|
- [MEDIUM] stream_sock: factor out the return path in case of no-writes
|
|
- [MEDIUM] i/o: rework ->to_forward and ->send_max
|
|
- [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read
|
|
- [OPTIM] buffer: replace rlim by max_len
|
|
- [OPTIM] stream_sock: factor out the buffer full handling out of the loop
|
|
- [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y)
|
|
- [CLEANUP] stream_sock: move the write-nothing condition out of the loop
|
|
- [MEDIUM] split stream_sock_write() into callback and core functions
|
|
- [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending
|
|
- [MINOR] stream_sock: fix a few wrong empty calculations
|
|
- [MEDIUM] stream_sock: try to send pending data on chk_snd()
|
|
- [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes
|
|
- [MEDIUM] splice: add configuration options and set global.maxpipes
|
|
- [MINOR] introduce structures required to support Linux kernel splicing
|
|
- [MEDIUM] add definitions for Linux kernel splicing
|
|
- [MAJOR] complete support for linux 2.6 kernel splicing
|
|
- [BUG] reserve some pipes for backends with splice enabled
|
|
- [MEDIUM] splice: add hints to support older buggy kernels
|
|
- [MEDIUM] introduce pipe pools
|
|
- [MEDIUM] splice: make use of pipe pools
|
|
- [STATS] report pipe usage in the statistics
|
|
- [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified
|
|
- [BUILD] fix snapshot date extraction with negative timezones
|
|
- [MEDIUM] move global tuning options to the global structure
|
|
- [MEDIUM] splice: add the global "nosplice" option
|
|
- [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
|
|
- [BUG] we must not exit if protocol binding only returns a warning
|
|
- [MINOR] add support for bind interface name
|
|
- [BUG] inform the user when root is expected but not set
|
|
- [MEDIUM] add support for source interface binding
|
|
- [MEDIUM] add support for source interface binding at the server level
|
|
- [MEDIUM] implement bind-process to limit service presence by process
|
|
- [DOC] document maxpipes, nosplice, option splice-{auto,request,response}
|
|
- [DOC] filled the logging section of the configuration manual
|
|
- [DOC] document HTTP status codes
|
|
- [DOC] document a few missing info about errorfile
|
|
- [BUG] fix random memory corruption using "show sess"
|
|
- [BUG] fix unix socket processing of interrupted output
|
|
- [DOC] add diagrams of queuing and future ACL design
|
|
- [BUILD] proto_http did not build on gcc-2.95
|
|
- [BUG] the "source" keyword must first clear optional settings
|
|
- [BUG] global.tune.maxaccept must be limited even in mono-process mode
|
|
- [MINOR] ensure that http_msg_analyzer updates pointer to invalid char
|
|
- [MEDIUM] store a complete dump of request and response errors in proxies
|
|
- [MEDIUM] implement error dump on unix socket with "show errors"
|
|
- [DOC] document "show errors"
|
|
- [MINOR] errors dump must use user-visible date, not internal date.
|
|
- [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second
|
|
- [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second.
|
|
- [MEDIUM] measure and report session rate on frontend, backends and servers
|
|
- [BUG] the "connslots" keyword was matched as "connlots"
|
|
- [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate
|
|
- [MEDIUM] implement "rate-limit sessions" for the frontend
|
|
- [BUG] interface binding: length must include the trailing zero
|
|
- [BUG] typo in timeout error reporting : report *res and not *err
|
|
- [OPTIM] maintain_proxies: only wake up when the frontend will be ready
|
|
- [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption
|
|
- [BUG] switch server-side stream interface to close in case of abort
|
|
- [CLEANUP] remove last references to term_trace
|
|
- [OPTIM] freq_ctr: do not rotate the counters when reading
|
|
- [BUG] disable any analysers for monitoring requests
|
|
- [BUG] rate-limit in defaults section was ignored
|
|
- [BUG] task: fix handling of duplicate keys
|
|
- [OPTIM] task: don't unlink a task from a wait queue when waking it up
|
|
- [OPTIM] displace tasks in the wait queue only if absolutely needed
|
|
- [MEDIUM] minor update to the task api: let the scheduler queue itself
|
|
- [BUG] event_accept() must always wake the task up, even in health mode
|
|
- [CLEANUP] task: distinguish between clock ticks and timers
|
|
- [OPTIM] task: reduce the number of calls to task_queue()
|
|
- [OPTIM] do not re-check req buffer when only response has changed
|
|
- [CLEANUP] don't enable kernel splicing when socket is closed
|
|
- [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase
|
|
- [MINOR] buffers: implement buffer_flush()
|
|
- [MEDIUM] rearrange forwarding condition to enable splice during analysis
|
|
- [BUILD] build fixes for Solaris
|
|
- [BUILD] proto_http did not build on gcc-2.95 (again)
|
|
- [CONTRIB] halog: fast log parser for haproxy
|
|
- [CONTRIB] halog: faster fgets() and add support for percentile reporting
|
|
|
|
2008/04/19 : 1.3.15
|
|
- [BUILD] Added support for 'make install'
|
|
- [BUILD] Added 'install-man' make target for installing the man page
|
|
- [BUILD] Added 'install-bin' make target
|
|
- [BUILD] Added 'install-doc' make target
|
|
- [BUILD] Removed "/" after '$(DESTDIR)' in install targets
|
|
- [BUILD] Changed 'install' target to install the binaries first
|
|
- [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
|
|
- [MEDIUM]: Inversion for options
|
|
- [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
|
|
- [BUG]: Restore clearing t->logs.bytes
|
|
- [MEDIUM]: rework checks handling
|
|
- [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
|
|
- [MEDIUM] Implement "track [<backend>/]<server>"
|
|
- [MINOR] Implement persistent id for proxies and servers
|
|
- [BUG] Don't increment server connections too much + fix retries
|
|
- [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
|
|
- [MAJOR] proto_uxst rework -> SNMP support
|
|
- [BUG] appsession lookup in URL does not work
|
|
- [BUG] transparent proxy address was ignored in backend
|
|
- [BUG] hot reconfiguration failed because of a wrong error check
|
|
- [DOC] big update to the configuration manual
|
|
- [DOC] large update to the configuration manual
|
|
- [DOC] document more options
|
|
- [BUILD] major rework of the GNU Makefile
|
|
- [STATS] add support for "show info" on the unix socket
|
|
- [DOC] document options forwardfor to logasap
|
|
- [MINOR] add support for the "backlog" parameter
|
|
- [OPTIM] introduce global parameter "tune.maxaccept"
|
|
- [MEDIUM] introduce "timeout http-request" in frontends
|
|
- [MINOR] tarpit timeout is also allowed in backends
|
|
- [BUG] increment server connections for each connect()
|
|
- [MEDIUM] add a turn-around state of one second after a connection failure
|
|
- [BUG] fix typo in redispatched connection
|
|
- [DOC] document options nolinger to ssl-hello-chk
|
|
- [DOC] added documentation for "option tcplog" to "use_backend"
|
|
- [BUG] connect_server: server might not exist when sending error report
|
|
- [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
|
|
- [MEDIUM] add non-local bind to connect() on Linux
|
|
- [MINOR] add transparent proxy support for balabit's Tproxy v4
|
|
- [BUG] use backend's source and not server's source with tproxy
|
|
- [BUG] fix overlapping server flags
|
|
- [MEDIUM] fix server health checks source address selection
|
|
- [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
|
|
- [DOC] added "server", "source" and "stats" keywords
|
|
- [DOC] all server parameters have been documented
|
|
- [DOC] document all req* and rsp* keywords.
|
|
- [DOC] added documentation about HTTP header manipulations
|
|
- [BUG] log response byte count, not request
|
|
- [BUILD] code did not build in full debug mode
|
|
- [BUG] fix truncated responses with sepoll
|
|
- [MINOR] use s->frt_addr as the server's address in transparent proxy
|
|
- [MINOR] fix configuration hint about timeouts
|
|
- [DOC] minor cleanup of the doc and notice to contributors
|
|
- [MINOR] report correct section type for unknown keywords.
|
|
- [BUILD] update MacOS Makefile to build on newer versions
|
|
- [DOC] fix erroneous "useallbackups" option in the doc
|
|
- [DOC] applied small fixes from early readers
|
|
- [MINOR] add configuration support for "redir" server keyword
|
|
- [MEDIUM] completely implement the server redirection method
|
|
- [TESTS] add a test case for the server redirection mechanism
|
|
- [DOC] add a configuration entry for "server ... redir <prefix>"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- [OPTIM] used unsigned ints for HTTP state and message offsets
|
|
- [OPTIM] GCC4's builtin_expect() is suboptimal
|
|
- [BUG] failed conns were sometimes incremented in the frontend!
|
|
- [BUG] timeout.check was not pre-set to eternity
|
|
- [TESTS] add test-pollers.cfg to easily report pollers in use
|
|
- [BUG] do not apply timeout.connect in checks if unset
|
|
- [BUILD] ensure that makefile understands USE_DLMALLOC=1
|
|
- [MINOR] silent gcc for a wrong warning
|
|
- [CLEANUP] update .gitignore to ignore more temporary files
|
|
- [CLEANUP] report dlmalloc's source path only if explictly specified
|
|
- [BUG] str2sun could leak a small buffer in case of error during parsing
|
|
- [BUG] option allbackups was not working anymore in roundrobin mode
|
|
- [MAJOR] implementation of the "leastconn" load balancing algorithm
|
|
- [BUILD] ensure that users don't build without setting the target anymore.
|
|
- [DOC] document the leastconn LB algo
|
|
- [MEDIUM] fix stats socket limitation to 16 kB
|
|
- [DOC] fix unescaped space in httpchk example.
|
|
- [BUG] fix double-decrement of server connections
|
|
- [TESTS] add a test case for port mapping
|
|
- [TESTS] add a benchmark for integer hashing
|
|
- [TESTS] add new methods in ip-hash test file
|
|
- [MAJOR] implement parameter hashing for POST requests
|
|
|
|
2007/12/06 : 1.3.14
|
|
- New option http_proxy (Alexandre Cassen)
|
|
- add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
|
|
- Check for duplicated conflicting proxies (Krzysztof Oledzki)
|
|
- stats: report server and backend cumulated downtime (Krzysztof Oledzki)
|
|
- use backends only with use_backend directive (Krzysztof Oledzki)
|
|
- Handle long lines properly (Krzysztof Oledzki)
|
|
- Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
|
|
- continous statistics (Krzysztof Oledzki)
|
|
- add support for logging via a UNIX socket (Robert Tsai)
|
|
- fix error checking in strl2ic/strl2uic()
|
|
- fix calls to localtime()
|
|
- provide easier-to-use ultoa_* functions
|
|
- provide easy-to-use limit_r and LIM2A* macros
|
|
- add a simple test for the status page
|
|
- move error codes to common/errors.h
|
|
- silent warning about LIST_* being redefined on OpenBSD
|
|
- add socket address length to the protocols
|
|
- group PR_O_BALANCE_* bits into a checkable value
|
|
- externalize the "balance" option parser to backend.c
|
|
- introduce the "url_param" balance method
|
|
- make default_backend work in TCP mode too
|
|
- disable warning about localtime_r on Solaris
|
|
- adjust error messages about conflicting proxies
|
|
- avoid calling some layer7 functions if not needed
|
|
- simplify error path in event_accept()
|
|
- add an options field to the listeners
|
|
- added a new state to listeners
|
|
- unbind_listener() must use fd_delete() and not close()
|
|
- add a generic unbind_listener() primitive
|
|
- add a generic delete_listener() primitive
|
|
- add a generic unbind_all_listeners() primitive
|
|
- create proto_tcp and move initialization of proxy listeners
|
|
- stats: report numerical process ID, proxy ID and server ID
|
|
- relative_pid was not initialized
|
|
- missing header names in raw stats output
|
|
- fix missing parenthesis in check_response_for_cacheability
|
|
- small optimization on session_process_counters()
|
|
- merge ebtree version 3.0
|
|
- make ebtree headers multiple-include compatible
|
|
- ebtree: include config.h for REGPRM*
|
|
- differentiate between generic LB params and map-specific ones
|
|
- add a weight divisor to the struct proxy
|
|
- implement the Fast Weighted Round Robin (FWRR) algo
|
|
- include filltab25.c to experiment on FWRR for dynamic weights
|
|
- merge test-fwrr.cfg to validate dynamic weights
|
|
- move the load balancing algorithm to be->lbprm.algo
|
|
- change server check result to a bit field
|
|
- implement "http-check disable-on-404" for graceful shutdown
|
|
- secure the calling conditions of ->set_server_status_{up,down}
|
|
- report disabled servers as "NOLB" when they are still UP
|
|
- document the "http-check disable-on-404" option
|
|
- http-check disable-on-404 is not limited to HTTP mode
|
|
- add a test file for disable-on-404
|
|
- use distinct bits per load-balancing algorithm type
|
|
- implement the slowstart parameter for servers
|
|
- document the server's slowstart parameter
|
|
- stats: report the server warm up status in a "throttle" column
|
|
- fix 2 minor issues on AIX
|
|
- add the "nbsrv" ACL verb
|
|
- add the "fail" condition to monitor requests
|
|
- remove a warning from gcc due to htons() in standard.c
|
|
- fwrr: ensure that we never overflow in placements
|
|
- store the build options to report with -vv
|
|
- fix the status return of the init script (R.I. Pienaar)
|
|
- stats: real time monitoring script for unix socket (Prizee)
|
|
- document "nbsrv" and "monitor fail"
|
|
- restrict the set of allowed characters for identifiers
|
|
- implement a time parsing function
|
|
- add support for time units in the configuration
|
|
- add a bit of documentation about timers
|
|
- introduce separation between contimeout, and tarpit + queue
|
|
- introduce the "timeout" keyword
|
|
- grouped all timeouts in one structure
|
|
- slowstart is in ms, not seconds
|
|
- slowstart: ensure we don't start with a null weight
|
|
- report the number of times each server was selected
|
|
- fix build on AIX due to recent log changes
|
|
- fix build on Solaris due to recent log changes
|
|
|
|
2007/10/18 : 1.3.13
|
|
- replace the code under O'Reilly license (Arnaud Cornet)
|
|
- add a small man page (Arnaud Cornet)
|
|
- stats: report haproxy's version by default (Krzysztof Oledzki)
|
|
- stats: count server retries and redispatches (Krzysztof Oledzki)
|
|
- core: added easy support for Doug Lea's malloc (dlmalloc)
|
|
- core: fade out memory usage when stopping proxies
|
|
- core: moved the sockaddr pointer to the fdtab structure
|
|
- core: add generic protocol support
|
|
- core: implement client-side support for PF_UNIX sockets
|
|
- stats: implement the CSV output
|
|
- stats: add a link to the CSV export HTML page
|
|
- stats: implement the statistics output on a unix socket
|
|
- config: introduce the "stats" keyword in global section
|
|
- build: centralize version and date into one file for each
|
|
- tests: added a new hash algorithm
|
|
|
|
2007/10/18 : 1.3.12.3
|
|
- add the "nolinger" option to disable data lingering (Alexandre Cassen)
|
|
- fix double-free during clean exit (Krzysztof Oledzki)
|
|
- prevent the system from sending an RST when closing health-checks
|
|
(Krzysztof Oledzki)
|
|
- do not add a cache-control header when on non-cacheable responses
|
|
(Krzysztof Oledzki)
|
|
- spread health checks even more (Krzysztof Oledzki)
|
|
- stats: scope "." must match the backend and not the frontend
|
|
- fixed call to chroot() during startup
|
|
- fix wrong timeout computation in event_accept()
|
|
- remove condition for exit() under fork() failure
|
|
|
|
2007/09/20 : 1.3.12.2
|
|
- fix configuration sanity checks for TCP listeners
|
|
- set the log socket receive window to zero bytes
|
|
- pre-initialize timeouts to infinity, not zero
|
|
- fix the SIGHUP message not to alert on server-less proxies
|
|
- timeouts and retries could be ignored when switching backend
|
|
- added a file to check that "retries" works.
|
|
- O'Reilly has clarified its license
|
|
|
|
2007/09/05 : 1.3.12.1
|
|
- spec I/O: fix allocations of spec entries for an FD
|
|
- ensure we never overflow in chunk_printf()
|
|
- improve behaviour with large number of servers per proxy
|
|
- add support for "stats refresh <interval>"
|
|
- stats page: added links for 'refresh' and 'hide down'
|
|
- fix backend's weight in the stats page.
|
|
- the "stats" keyword is not allowed in a pure frontend.
|
|
- provide a test configuration file for stats and checks
|
|
|
|
2007/06/17 : 1.3.12
|
|
- fix segfault at exit when using captures
|
|
- bug: negation in ACL conds was not cleared between terms
|
|
- errorfile: use a local file to feed error messages
|
|
- acl: support '-i' to ignore case when matching
|
|
- acl: smarter integer comparison with operators eq,lt,gt,le,ge
|
|
- acl: support maching on 'path' component
|
|
- acl: implement matching on header values
|
|
- acl: distinguish between request and response headers
|
|
- acl: permit to return any header when no name specified
|
|
- acl: provide default ACLs
|
|
- added the 'use_backend' keyword for full content-switching
|
|
- acl: specify the direction during fetches
|
|
- acl: provide the argument length for fetch functions
|
|
- acl: provide a reference to the expr to fetch()
|
|
- improve memory freeing upon exit
|
|
- str2net() must not change the const char *
|
|
- shut warnings 'is*' macros from ctype.h on solaris
|
|
|
|
2007/06/03 : 1.3.11.4
|
|
- do not re-arm read timeout in SHUTR state !
|
|
- optimize I/O by detecting system starvation
|
|
- the epoll FD must not be shared between processes
|
|
- limit the number of events returned by *poll*
|
|
|
|
2007/05/14 : 1.3.11.3
|
|
- pre-initialize timeouts with tv_eternity during parsing
|
|
|
|
2007/05/14 : 1.3.11.2
|
|
- fixed broken health-checks since switch to timeval
|
|
|
|
2007/05/14 : 1.3.11.1
|
|
- fixed ev_kqueue which was forgotten during the switch to timeval
|
|
- allowed null timeouts for past events in select
|
|
|
|
2007/05/14 : 1.3.11
|
|
- fixed ev_sepoll again by rewriting the state machine
|
|
- switched all timeouts to timevals instead of milliseconds
|
|
- improved memory management using mempools v2.
|
|
- several minor optimizations
|
|
|
|
2007/05/09 : 1.3.10.2
|
|
- fixed build on OpenBSD (missing types.h)
|
|
|
|
2007/05/09 : 1.3.10.1
|
|
- fixed sepoll transition matrix (two states were missing)
|
|
|
|
2007/05/08 : 1.3.10
|
|
- several fixes in ev_sepoll
|
|
- fixed some expiration dates on some tasks
|
|
- fixed a bug in connection establishment detection due to speculative I/O
|
|
- fixed rare bug occuring on TCP with early close (reported by Andy Smith)
|
|
- implemented URI hashing algorithm (Guillaume Dallaire)
|
|
- implemented SMTP health checks (Peter van Dijk)
|
|
- replaced the rbtree with ul2tree from old scheduler project
|
|
- new framework for generic ACL support
|
|
- added the 'acl' and 'block' keywords to the config language
|
|
- added several ACL criteria and matches (IP, port, URI, ...)
|
|
- cleaned up and better modularization for some time functions
|
|
- fixed list macros
|
|
- fixed useless memory allocation in str2net()
|
|
- store the original destination address in the session
|
|
|
|
2007/04/15 : 1.3.9
|
|
- modularized the polling mechanisms and use function pointers instead
|
|
of macros at many places
|
|
- implemented support for FreeBSD's kqueue() polling mechanism
|
|
- fixed a warning on OpenBSD : MIN/MAX redefined
|
|
- change socket registration order at startup to accomodate kqueue.
|
|
- several makefile cleanups to support old shells
|
|
- fix build with limits.h once for all
|
|
- ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
|
|
- fdtab now holds the results of polling
|
|
- implemented support for speculative I/O processing with epoll()
|
|
- remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
|
|
- auto-registering of pollers at load time
|
|
|
|
2007/04/03 : 1.3.8.2
|
|
- rewriting either the status line or request line could crash the
|
|
process due to a pointer which ought to be reset before parsing.
|
|
- rewriting the status line in the response did not work, it caused
|
|
a 502 Bad Gateway due to an erroneous state during parsing
|
|
|
|
2007/04/01 : 1.3.8.1
|
|
- fix reqadd when no option httpclose is used.
|
|
- removed now unused fiprm and beprm from proxies
|
|
- split logs into two versions : TCP and HTTP
|
|
- added some docs about http headers storage and acls
|
|
- added a VIM script for syntax color highlighting (Bruno Michel)
|
|
|
|
2007/03/25 : 1.3.8
|
|
- fixed several bugs which might have caused a crash with bad configs
|
|
- several optimizations in header processing
|
|
- many progresses towards transaction-based processing
|
|
- option forwardfor may be used in frontends
|
|
- completed HTTP response processing
|
|
- some code refactoring between request and response processing
|
|
- new HTTP header manipulation functions
|
|
- optimizations on the recv() patch to reduce CPU usage under very
|
|
high data rates.
|
|
- more user-friendly help about the 'usesrc' keyword (CTTPROXY)
|
|
- username/groupname support from Marcus Rueckert
|
|
- added the "except" keyword to the "forwardfor" option (Bryan German)
|
|
- support for health-checks on other addresses (Fabrice Dulaunoy)
|
|
- makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
|
|
- do not insert "Connection: close" in HTTP/1.0 messages
|
|
|
|
2007/01/26 : 1.3.7
|
|
- fix critical bug introduced with 1.3.6 : an empty request header
|
|
may lead to a crash due to missing pointer assignment
|
|
- hdr_idx might be left uninitialized in debug mode
|
|
- fixed build on FreeBSD due to missing fd_set declaration
|
|
|
|
2007/01/22 : 1.3.6.1
|
|
- change in the header chaining broke cookies and authentication
|
|
|
|
2007/01/22 : 1.3.6
|
|
- stats now support the HEAD method too
|
|
- extracted http request from the session
|
|
- huge rework of the HTTP parser which is now a 28-state FSM.
|
|
- linux-style likely/unlikely macros for optimization hints
|
|
- do not create a server socket when there's no server
|
|
- imported lots of docs
|
|
|
|
2007/01/07 : 1.3.5
|
|
- stats: swap color sets for active and backup servers
|
|
- try to guess server check port when unset
|
|
- added complete support and doc for TCP Splicing
|
|
- replace the wait-queue linked list with an rbtree.
|
|
- a few bugfixes and cleanups
|
|
|
|
2007/01/02 : 1.3.4
|
|
- support for cttproxy on the server side to present the client
|
|
address to the server.
|
|
- added support for SO_REUSEPORT on Linux (needs kernel patch)
|
|
- new RFC2616-compliant HTTP request parser with header indexing
|
|
- split proxies in frontends, rulesets and backends
|
|
- implemented the 'req[i]setbe' to select a backend depending
|
|
on the contents
|
|
- added the 'default_backend' keyword to select a default BE.
|
|
- new stats page featuring FEs and BEs + bytes in both dirs
|
|
- improved log format to indicate the backend and the time in ms.
|
|
- lots of cleanups
|
|
|
|
2006/10/15 : 1.3.3
|
|
- fix broken redispatch option in case the connection has already
|
|
been marked "in progress" (ie: nearly always).
|
|
- support regparm on x86 to speed up some often called functions
|
|
- removed a few useless calls to gettimeofday() in log functions.
|
|
- lots of 'const char*' cleanups
|
|
- turn every FD_* into functions which are faster on recent CPUs
|
|
|
|
2006/09/03 : 1.3.2
|
|
- started the changes towards I/O completion callbacks. stream_sock* have
|
|
replaced event_*.
|
|
- added the new "reqtarpit" and "reqitarpit" protection features
|
|
|
|
2006/07/09 : 1.3.1 (1.2.15)
|
|
- now, haproxy warns about missing timeout during startup to try to
|
|
eliminate all those buggy configurations.
|
|
- added "Content-Type: text/html" in responses wherever appropriate, as
|
|
suggested by Cameron Simpson.
|
|
- implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
|
|
test server's health
|
|
- implemented "monitor-uri" so that haproxy can reply to a specific URI with
|
|
an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
|
|
at once.
|
|
|
|
2006/06/29 : 1.3.0
|
|
- exploded the whole file into multiple .c and .h. No functionnal
|
|
difference is expected at all.
|
|
- fixed a bug by which neither stats nor error messages could be returned if
|
|
'clitimeout' was missing.
|
|
|
|
2006/05/21 : 1.2.14
|
|
- new HTML status report with the 'stats' keyword.
|
|
- added the 'abortonclose' option to better resist traffic surges
|
|
- implemented dynamic traffic regulation with the 'minconn' option
|
|
- show request time on denied requests
|
|
- definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
|
|
- now a proxy instance is allowed to run without servers, which is
|
|
useful to dedicate one instance to stats
|
|
- added lots of error counters
|
|
- a missing parenthesis preventd matching of cacheable cookies
|
|
- a missing parenthesis in poll_loop() might have caused missed events.
|
|
|
|
2006/05/14 : 1.2.13.1
|
|
- an uninitialized field in the struct session could cause a crash when
|
|
the session was freed. This has been encountered on Solaris only.
|
|
- Solaris and OpenBSD no not support shutdown() on listening socket. Let's
|
|
be nice to them by performing a soft stop if pause fails.
|
|
|
|
2006/05/13 : 1.2.13
|
|
- 'maxconn' server parameter to do per-server session limitation
|
|
- queueing to support non-blocking session limitation
|
|
- fixed removal of cookies for cookie-less servers such as backup servers
|
|
- two separate wait queues for expirable and non-expirable tasks provide
|
|
better performance with lots of sessions.
|
|
- some code cleanups and performance improvements
|
|
- made state dumps a bit more verbose
|
|
- fixed missing checks for NULL srv in dispatch mode
|
|
- load balancing on backup servers was not possible in source hash mode.
|
|
- two session flags shared the same bit, but fortunately they were not
|
|
compatible.
|
|
|
|
2006/04/15 : 1.2.12
|
|
Very few changes preparing for more important changes to support per-server
|
|
session limitations and queueing :
|
|
- ignore leading empty lines in HTTP requests as suggested by RFC2616.
|
|
- added the 'weight' parameter to the servers, limited to 1..256. It applies
|
|
to roundrobin and source hash.
|
|
- the optional '-s' option could clobber '-st' and '-sf' if compiled in.
|
|
|
|
2006/03/30 : 1.2.11.1
|
|
- under some conditions, it might have been possible that when the
|
|
last dead server became available, it would not have been used
|
|
till another one would have changed state. Could not be reproduced
|
|
at all, however seems possible from the code.
|
|
|
|
2006/03/25 : 1.2.11
|
|
- added the '-db' command-line option to disable backgrounding.
|
|
- added the -sf/-st command-line arguments which are used to specify
|
|
a list of pids to send a FINISH or TERMINATE signal upon startup.
|
|
They will also be asked to release their port if a bind fails.
|
|
- reworked the startup mechanism to allow the sending of a signal to a list
|
|
of old pids if a socket cannot be bound, with a retry for a limited amount
|
|
of time (1 second by default).
|
|
- added the ability to enforce limits on memory usage.
|
|
- added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
|
|
- re-architectured the server round-robin mechanism to ease integration of
|
|
other algorithms. It now relies on the number of active and backup servers.
|
|
- added a counter for the number of active and backup servers, and report
|
|
these numbers upon SIGHUP or state change.
|
|
|
|
2006/03/23 : 1.2.10.1
|
|
- while fixing the backup server round-robin "feature", a new bug was
|
|
introduced which could miss some backup servers.
|
|
- the displayed proxy name was wrong when dumping upon SIGHUP.
|
|
|
|
2006/03/19 : 1.2.10
|
|
- assert.h is needed when DEBUG is defined.
|
|
- ENORMOUS long standing bug affecting the epoll polling system :
|
|
event_data is a union, not a structure !
|
|
- Make fd management more robust and easier to debug. Also some
|
|
micro-optimisations.
|
|
- Limit the number of consecutive accept() in multi-process mode.
|
|
This produces a more evenly distributed load across the processes and
|
|
slightly improves performance by reducing bottlenecks.
|
|
- Make health-checks be more regular, and faster to retry after a timeout.
|
|
- Fixed some messages to ease parsing of alerts.
|
|
- provided a patch to enable epoll on RHEL3 kernels.
|
|
- Separated OpenBSD build from the main Makefile into a new one.
|
|
|
|
2006/03/15 : 1.2.9
|
|
- haproxy could not be stopped after being paused, it had to be woken up
|
|
first. This has been fixed.
|
|
- the 'ulimit-n' parameter is now optional and by default computed from
|
|
maxconn + the number of listeners + the number of health-checks.
|
|
- it is now possible to specify a maximum number of connections at build
|
|
time with the SYSTEM_MAXCONN define. The value set in the configuration
|
|
file will then be limited to this value, and only the command-line '-n'
|
|
option will be able to bypass it. It will prevent against accidental
|
|
high memory usage on small systems.
|
|
- RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
|
|
versions did not detect a line beginning with a space as the continuation
|
|
of previous header. It is now correct.
|
|
- health checks sent to servers configured with identical intervals were
|
|
sent in perfect synchronisation because the initial time was the same
|
|
for all. This could induce high load peaks when fragile servers were
|
|
hosting tens of instances for the same application. Now the load is
|
|
spread evenly across the smallest interval amongst a listener.
|
|
- a new 'forceclose' option was added to make the proxy close the outgoing
|
|
channel to the server once it has sent all its headers and the server
|
|
starts responding. This helps some servers which don't close upon the
|
|
'Connection: close' header. It implies 'option httpclose'.
|
|
- there was a bug in the way the backup servers were handled. They were
|
|
erroneously load-balanced while the doc said the opposite. Since
|
|
load-balanced backup servers is one of the features some people have
|
|
been asking for, the problem was fixed to reflect the documented
|
|
behaviour and a new option 'allbackups' was introduced to provide the
|
|
feature to those who need it.
|
|
- a never ending connect() could lead to a fast select() loop if its
|
|
timeout times the number of retransmits exceeded the server read or write
|
|
timeout, because the later was used to compute select()'s timeout while
|
|
the connection timeout was not reached.
|
|
- now we initialize the libc's localtime structures very early so that even
|
|
under OOM conditions, we can still send dated error messages without
|
|
segfaulting.
|
|
- the 'daemon' mode implies 'quiet' and disables 'verbose' because file
|
|
descriptors are closed.
|
|
|
|
2006/01/29 : 1.2.8
|
|
- fixed a nasty bug affecting poll/epoll which could return unmodified data
|
|
from the server to the client, and sometimes lead to memory corruption
|
|
crashing the process.
|
|
- added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.
|
|
|
|
2005/12/18 : 1.2.7.1
|
|
- the "retries" option was ignored because connect() could not return an
|
|
error if the connection failed before the timeout.
|
|
- TCP health-checks could not detect a connection refused in poll/epoll
|
|
mode.
|
|
|
|
2005/11/13 : 1.2.7
|
|
- building with -DUSE_PCRE should include PCRE headers and not regex.h. At
|
|
least on Solaris, this caused the libc's regex primitives to be used instead
|
|
of PCRE, which caused trouble on group references. This is now fixed.
|
|
- delayed the quiet mode during startup so that most of the startup alerts can
|
|
be displayed even in quiet mode.
|
|
- display an alert when a listener has no address, invalid or no port, or when
|
|
there are no enabled listeners upon startup.
|
|
- added "static-pcre" to the list of supported regex options in the Makefile.
|
|
|
|
2005/10/09 : 1.2.7rc (1.1.33rc)
|
|
- second batch of socklen_t changes.
|
|
- clean-ups from Cameron Simpson.
|
|
- because tv_remain() does not know about eternity, using no timeout can
|
|
make select() spin around a null time-out. Bug reported by Cameron Simpson.
|
|
- client read timeout was not properly set to eternity initialized after an
|
|
accept() if it was not set in the config. It remained undetected so long
|
|
because eternity is 0 and newly allocated pages are zeroed by the system.
|
|
- do not call get_original_dst() when not in transparent mode.
|
|
- implemented a workaround for a bug in certain epoll() implementations on
|
|
linux-2.4 kernels (epoll-lt <= 0.21).
|
|
- implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
|
|
|
|
2005/08/07 : 1.2.6
|
|
- clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
|
|
|
|
2005/07/06 : 1.2.6-pre5 (1.1.32)
|
|
- added the number of active sessions (proxy/process) in the logs
|
|
|
|
2005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
|
|
- the time-out fix introduced in 1.1.25 caused a corner case where it was
|
|
possible for a client to keep a connection maintained regardless of the
|
|
timeout if the server closed the connection during the HEADER phase,
|
|
while the client ignored the close request while doing nothing in the
|
|
other direction. This has been fixed now by ensuring that read timeouts
|
|
are re-armed when switching to any SHUTW state.
|
|
|
|
2005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
|
|
- enhanced error reporting in the logs. Now the proxy will precisely detect
|
|
various error conditions related to the system and/or process limits, and
|
|
generate LOG_EMERG logs indicating that a resource has been exhausted.
|
|
- logs will contain two new characters for the error cause : 'R' indicates
|
|
a resource exhausted, and 'I' indicates an internal error, though this
|
|
one should never happen.
|
|
- server connection timeouts can now be reported in the logs (sC), as well
|
|
as connections refused because of maxconn limitations (PC).
|
|
|
|
2005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
|
|
- new global configuration keyword "ulimit-n" may be used to raise the FD
|
|
limit to usable values.
|
|
- a warning is now displayed on startup if the FD limit is lower than the
|
|
configured maximum number of sockets.
|
|
|
|
2005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
|
|
- new configuration keyword "monitor-net" makes it possible to be monitored
|
|
by external devices which connect to the proxy without being logged nor
|
|
forwarded to any server. Particularly useful on generic TCPv4 relays.
|
|
|
|
2005/06/21 : 1.2.5.2
|
|
- fixed build on PPC where chars are unsigned by default
|
|
|
|
2005/05/02 : 1.2.5.1
|
|
- dirty hack to fix a bug introduced with epoll : if we close an FD and
|
|
immediately reassign it to another session through a connect(), the
|
|
Prev{Read,Write}Events are not updated, which causes trouble detecting
|
|
changes, thus leading to many timeouts at high loads.
|
|
|
|
2005/04/30 : 1.2.5 (1.1.31)
|
|
- changed the runtime argument to disable epoll() to '-de'
|
|
- changed the runtime argument to disable poll() to '-dp'
|
|
- added global options 'nopoll' and 'noepoll' to do the same at the
|
|
configuration level.
|
|
- added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
|
|
support epoll().
|
|
- changed default FD_SETSIZE to 65536 on Solaris (default=1024)
|
|
- conditionned signals redirection to #ifdef DEBUG_MEMORY
|
|
|
|
2005/04/26 : 1.2.5-pre4
|
|
- made epoll() support a compile-time option : ENABLE_EPOLL
|
|
- provided a very little libc replacement for a possibly missing epoll()
|
|
implementation which can be enabled by -DUSE_MY_EPOLL
|
|
- implemented the poll() poller, which can be enabled with -DENABLE_POLL.
|
|
The equivalent runtime argument becomes '-P'. A few tests show that it
|
|
performs like select() with many fds, but slightly slower (certainly
|
|
because of the higher amount of memory involved).
|
|
- separated the 3 polling methods and the tasks scheduler into 4 distinct
|
|
functions which makes the code a lot more modular.
|
|
- moved some event tables to private static declarations inside the poller
|
|
functions.
|
|
- the poller functions can now initialize themselves, run, and cleanup.
|
|
- changed the runtime argument to enable epoll() to '-E'.
|
|
- removed buggy epoll_ctl() code in the client_retnclose() function. This
|
|
function was never meant to remove anything.
|
|
- fixed a typo which caused glibc to yell about a double free on exit.
|
|
- removed error checking after epoll_ctl(DEL) because we can never know if
|
|
the fd is still active or already closed.
|
|
- added a few entries in the makefile
|
|
|
|
2005/04/25 : 1.2.5-pre3
|
|
- experimental epoll() support (use temporary '-e' argument)
|
|
|
|
2005/04/24 : 1.2.5-pre2
|
|
- implemented the HTTP 303 code for error redirection. This forces the
|
|
browser to fetch the given URI with a GET request. The new keyword for
|
|
this is 'errorloc303', and a new 'errorloc302' keyword has been created
|
|
to make them easily distinguishable.
|
|
- added more controls in the parser for valid use of '\x' sequence.
|
|
- few fixes from Alex & Klaus
|
|
|
|
2005/02/17 : 1.2.5-pre1
|
|
- fixed a few errors in the documentation
|
|
|
|
2005/02/13
|
|
- do not pre-initialize unused file-descriptors before select() anymore.
|
|
|
|
2005/01/22 : 1.2.4
|
|
- merged Alexander Lazic's and Klaus Wagner's work on application
|
|
cookie-based persistence. Since this is the first merge, this version is
|
|
not intended for general use and reports are more than welcome. Some
|
|
documentation is really needed though.
|
|
|
|
2005/01/22 : 1.2.3 (1.1.30)
|
|
- add an architecture guide to the documentation
|
|
- released without any changes
|
|
|
|
2004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
|
|
- increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
|
|
compatible with Apache. This limit can be configured in the makefile now.
|
|
Thanks to Eric Fehr for the checks.
|
|
- added a per-server "source" option which now makes it possible to bind to
|
|
a different source for each (potentially identical) server.
|
|
- changed cookie-based server selection slightly to allow several servers to
|
|
share a same cookie, thus making it possible to associate backup servers to
|
|
live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
|
|
- added the cookie 'prefix' mode which makes it possible to use persistence
|
|
with thin clients which support only one cookie. The server name is prefixed
|
|
before the application cookie, and restore back.
|
|
- fixed the order of servers within an instance to match documentation. Now
|
|
the servers are *really* used in the order of their declaration. This is
|
|
particularly important when multiple backup servers are in use.
|
|
|
|
2004/10/18 : 1.2.2 (1.1.29)
|
|
- fixed a bug where a TCP connection would be logged twice if the 'logasap'
|
|
option was enabled without the 'tcplog' option.
|
|
- encode_string() would use hdr_encode_map instead of the map argument.
|
|
|
|
2004/08/10 : (1.1.29-pre2)
|
|
- the logged request is now encoded with '#XX' for unprintable characters
|
|
- new keywords 'capture request header' and 'capture response header' enable
|
|
logging of arbitrary HTTP headers in requests and responses
|
|
- removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
|
|
|
|
2004/06/06 : 1.2.1 (1.1.28)
|
|
- added the '-V' command line option to verbosely report errors even though
|
|
the -q or 'quiet' options are specified. This is useful with '-c'.
|
|
- added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
|
|
|
|
2004/06/05 :
|
|
- added the "logasap" option which produces a log without waiting for the data
|
|
to be transferred from the server to the client.
|
|
- added the "httpclose" option which removes any "connection:" header and adds
|
|
"Connection: close" in both direction.
|
|
- added the 'checkcache' option which blocks cacheable responses containing
|
|
dangerous headers, such as 'set-cookie'.
|
|
- added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
|
|
information leak from servers.
|
|
|
|
2004/04/18 :
|
|
- send an EMERG log when no server is available for a given proxy
|
|
- added the '-c' command line option to syntactically check the
|
|
configuration file without starting the service.
|
|
|
|
2003/11/09 : 1.2.0
|
|
- the same as 1.1.27 + IPv6 support on the client side
|
|
|
|
2003/10/27 : 1.1.27
|
|
- the configurable HTTP health check introduced in 1.1.23 revealed a shameful
|
|
bug : the code still assumed that HTTP requests were the same size as the
|
|
original ones (22 bytes), and failed if they were not.
|
|
- added support for pidfiles.
|
|
|
|
2003/10/22 : 1.1.26
|
|
- the fix introduced in 1.1.25 for client timeouts while waiting for servers
|
|
broke almost all compatibility with POST requests, because the proxy
|
|
stopped to read anything from the client as soon as it got all of its
|
|
headers.
|
|
|
|
2003/10/15 : 1.1.25
|
|
- added the 'tcplog' option, which provides enhanced, HTTP-like logs for
|
|
generic TCP proxies, or lighter logs for HTTP proxies.
|
|
- fixed a time-out condition wrongly reported as client time-out in data
|
|
phase if the client timeout was lower than the connect timeout times the
|
|
number of retries.
|
|
|
|
2003/09/21 : 1.1.24
|
|
- if a client sent a full request then shut its write connection down, then
|
|
the request was aborted. This case was detected only when using haproxy
|
|
both as health-check client and as a server.
|
|
- if 'option httpchk' is used in a 'health' mode server, then responses will
|
|
change from 'OK' to 'HTTP/1.0 200 OK'.
|
|
- fixed a Linux-only bug in case of HTTP server health-checks, where a single
|
|
server response followed by a close could be ignored, and the server seen
|
|
as failed.
|
|
|
|
2003/09/19 : 1.1.23
|
|
- fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
|
|
'default' sections to keep previous parameters, and not initialize logs
|
|
correctly.
|
|
- fixed a second stupid bug introduced in 1.1.22 which caused configurations
|
|
relying on 'dispatch' mode to segfault at the first connection.
|
|
- 'option httpchk' now supports method, HTTP version and a few headers.
|
|
- now, 'option httpchk', 'cookie' and 'capture' can be specified in
|
|
'defaults' section
|
|
|
|
2003/09/10 : 1.1.22
|
|
- 'listen' now supports optionnal address:port-range lists
|
|
- 'bind' introduced to add new listen addresses
|
|
- fixed a bug which caused a session to be kept established on a server till
|
|
it timed out if the client closed during the DATA phase.
|
|
- the port part of each server address can now be empty to make the proxy
|
|
connect to the server on the same port it was connected to, be an absolute
|
|
unsigned number to reflect a single port (as in older versions), or an
|
|
explicitly signed number (+N/-N) to indicate that this offset must be
|
|
applied to the port the proxy was connected to, when connecting to the
|
|
server.
|
|
- the 'port' server option allows the user to specify a different
|
|
health-check port than the service one. It is mandatory when only relative
|
|
ports have been specified and check is required. By default, the checks are
|
|
sent to the service port.
|
|
- new 'defaults' section which is rather similar to 'listen' except that all
|
|
values are only used as default values for future 'listen' sections, until
|
|
a new 'defaults' resets them. At the moment, server options, regexes,
|
|
cookie names and captures cannot be set in the 'defaults' section.
|
|
|
|
2003/05/06 : 1.1.21
|
|
- changed the debug output format so that it now includes the session unique
|
|
ID followed by the instance name at the beginning of each line.
|
|
- in debug mode, accept now shows the client's IP and port.
|
|
- added one 3 small debugging scripts to search and pretty print debug output
|
|
- changed the default health check request to "OPTIONS /" instead of
|
|
"OPTIONS *" since not all servers implement the later one.
|
|
- "option httpchk" now accepts an optional parameter allowing the user to
|
|
specify and URI other than '/' during health-checks.
|
|
|
|
2003/04/21 : 1.1.20
|
|
- fixed two problems with time-outs, one where a server would be logged as
|
|
timed out during transfer that take longer to complete than the fixed
|
|
time-out, and one where clients were logged as timed-out during the data
|
|
phase because they didn't have anything to send. This sometimes caused
|
|
slow client connections to close too early while in fact there was no
|
|
problem. The proper fix would be to have a per-fd time-out with
|
|
conditions depending on the state of the HTTP FSM.
|
|
|
|
2003/04/16 : 1.1.19
|
|
- haproxy was NOT RFC compliant because it was case-sensitive on HTTP
|
|
"Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
|
|
cookie persistence because it uses "cookie:". Two memcmp() have been
|
|
replaced with strncasecmp().
|
|
|
|
2003/04/02 : 1.1.18
|
|
- Haproxy can be compiled with PCRE regex instead of libc regex, by setting
|
|
REGEX=pcre on the make command line.
|
|
- HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
|
|
- when explicit source address binding is required, it is now also used for
|
|
health-checks.
|
|
- added 'reqpass' and 'reqipass' to allow certain headers but not the request
|
|
itself.
|
|
- factored several strings to reduce binary size by about 2 kB.
|
|
- replaced setreuid() and setregid() with more standard setuid() and setgid().
|
|
- added 4 status flags to the log line indicating who ended the connection
|
|
first, the sessions state, the validity of the cookie, and action taken on
|
|
the set-cookie header.
|
|
|
|
2002/10/18 : 1.1.17
|
|
- add the notion of "backup" servers, which are used only when all other
|
|
servers are down.
|
|
- make Set-Cookie return "" instead of "(null)" when the server has no
|
|
cookie assigned (useful for backup servers).
|
|
- "log" now supports an optionnal level name (info, notice, err ...) above
|
|
which nothing is sent.
|
|
- replaced some strncmp() with memcmp() for better efficiency.
|
|
- added "capture cookie" option which logs client and/or server cookies
|
|
- cleaned up/down messages and dump servers states upon SIGHUP
|
|
- added a redirection feature for errors : "errorloc <errnum> <url>"
|
|
- now we won't insist on connecting to a dead server, even with a cookie,
|
|
unless option "persist" is specified.
|
|
- added HTTP/408 response for client request time-out and HTTP/50[234] for
|
|
server reply time-out or errors.
|
|
|
|
2002/09/01 : 1.1.16
|
|
- implement HTTP health checks when option "httpchk" is specified.
|
|
|
|
2002/08/07 : 1.1.15
|
|
- replaced setpgid()/setpgrp() with setsid() for better portability, because
|
|
setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.
|
|
|
|
2002/07/20 : 1.1.14
|
|
- added "postonly" cookie mode
|
|
|
|
2002/07/15 : 1.1.13
|
|
- tv_diff used inverted parameters which led to negative times !
|
|
|
|
2002/07/13 : 1.1.12
|
|
- fixed stats monitoring, and optimized some tv_* for most common cases.
|
|
- replaced temporary 'newhdr' with 'trash' to reduce stack size
|
|
- made HTTP errors more HTML-fiendly.
|
|
- renamed strlcpy() to strlcpy2() because of a slightly difference between
|
|
their behaviour (return value), to avoid confusion.
|
|
- restricted HTTP messages to HTTP proxies only
|
|
- added a 502 message when the connection has been refused by the server,
|
|
to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
|
|
- changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
|
|
inserting a cookie, because some caches (apache) don't understand it.
|
|
- fixed processing of server headers when client is in SHUTR state
|
|
|
|
2002/07/04 :
|
|
- automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
|
|
setpgid()
|
|
|
|
2002/06/04 : 1.1.11
|
|
- fixed multi-cookie handling in client request to allow clean deletion
|
|
in insert+indirect mode. Now, only the server cookie is deleted and not
|
|
all the header. Should now be compliant to RFC2965.
|
|
- added a "nocache" option to "cookie" to specify that we explicitly want
|
|
to add a "cache-control" header when we add a cookie.
|
|
It is also possible to add an "Expires: <old-date>" to keep compatibility
|
|
with old/broken caches.
|
|
|
|
2002/05/10 : 1.1.10
|
|
- if a cookie is used in insert+indirect mode, it's desirable that the
|
|
the servers don't see it. It was not possible to remove it correctly
|
|
with regexps, so now it's removed automatically.
|
|
|
|
2002/04/19 : 1.1.9
|
|
- don't use snprintf()'s return value as an end of message since it may
|
|
be larger. This caused bus errors and segfaults in internal libc's
|
|
getenv() during localtime() in send_log().
|
|
- removed dead insecure send_syslog() function and all references to it.
|
|
- fixed warnings on Solaris due to buggy implementation of isXXXX().
|
|
|
|
2002/04/18 : 1.1.8
|
|
- option "dontlognull"
|
|
- fixed "double space" bug in config parser
|
|
- fixed an uninitialized server field in case of dispatch
|
|
with no existing server which could cause a segfault during
|
|
logging.
|
|
- the pid logged was always the father's, which was wrong for daemons.
|
|
- fixed wrong level "LOG_INFO" for message "proxy started".
|
|
|
|
2002/04/13 :
|
|
- http logging is now complete :
|
|
- ip:port, date, proxy, server
|
|
- req_time, conn_time, hdr_time, tot_time
|
|
- status, size, request
|
|
- source address
|
|
|
|
2002/04/12 : 1.1.7
|
|
- added option forwardfor
|
|
- added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
|
|
- added "log global" in "listen" section.
|
|
|
|
2002/04/09 :
|
|
- added a new "global" section :
|
|
- logs
|
|
- debug, quiet, daemon modes
|
|
- uid, gid, chroot, nbproc, maxconn
|
|
|
|
2002/04/08 : 1.1.6
|
|
- regex are now chained and not limited anymore.
|
|
- unavailable server now returns HTTP/502.
|
|
- increased per-line args limit to 40
|
|
- added reqallow/reqdeny to block some request on matches
|
|
- added HTTP 400/403 responses
|
|
|
|
2002/04/03 : 1.1.5
|
|
- connection logging displayed incorrect source address.
|
|
- added proxy start/stop and server up/down log events.
|
|
- replaced log message short buffers with larger trash.
|
|
- enlarged buffer to 8 kB and replace buffer to 4 kB.
|
|
|
|
2002/03/25 : 1.1.4
|
|
- made rise/fall/interval time configurable
|
|
|
|
2002/03/22 : 1.1.3
|
|
- fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
|
|
which could lead to loops.
|
|
|
|
2002/03/21 : 1.1.2
|
|
- fixed a bug in buffer management where we could have a loop
|
|
between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
|
|
=> implemented an adjustable buffer limit.
|
|
- fixed a bug : expiration of tasks in wait queue timeout is used again,
|
|
and running tasks are skipped.
|
|
- added some debug lines for accept events.
|
|
- send warnings for servers up/down.
|
|
|
|
2002/03/12 : 1.1.1
|
|
- fixed a bug in total failure handling
|
|
- fixed a bug in timestamp comparison within same second (tv_cmp_ms)
|
|
|
|
2002/03/10 : 1.1.0
|
|
- fixed a few timeout bugs
|
|
- rearranged the task scheduler subsystem to improve performance,
|
|
add new tasks, and make it easier to later port to librt ;
|
|
- allow multiple accept() for one select() wake up ;
|
|
- implemented internal load balancing with basic health-check ;
|
|
- cookie insertion and header add/replace/delete, with better strings
|
|
support.
|
|
|
|
2002/03/08
|
|
- reworked buffer handling to fix a few rewrite bugs, and
|
|
improve overall performance.
|
|
- implement the "purge" option to delete server cookies in direct mode.
|
|
|
|
2002/03/07
|
|
- fixed some error cases where the maxfd was not decreased.
|
|
|
|
2002/02/26
|
|
- now supports transparent proxying, at least on linux 2.4.
|
|
|
|
2002/02/12
|
|
- soft stop works again (fixed select timeout computation).
|
|
- it seems that TCP proxies sometimes cannot timeout.
|
|
- added a "quiet" mode.
|
|
- enforce file descriptor limitation on socket() and accept().
|
|
|
|
2001/12/30 : release of version 1.0.2 : fixed a bug in header processing
|
|
2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
|
|
2001/12/16 : release of version 1.0.0.
|
|
2001/12/16 : added syslog capability for each accepted connection.
|
|
2001/11/19 : corrected premature end of files and occasional SIGPIPE.
|
|
2001/10/31 : added health-check type servers (mode health) which replies OK then closes.
|
|
2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
|
|
with or without cookies (use keyword http for this).
|
|
2001/09/01 : added client/server header replacing with regexps.
|
|
eg:
|
|
cliexp ^(Host:\ [^:]*).* Host:\ \1:80
|
|
srvexp ^Server:\ .* Server:\ Apache
|
|
2000/11/29 : first fully working release with complete FSMs and timeouts.
|
|
2000/11/28 : major rewrite
|
|
2000/11/26 : first write
|