willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 1 | ChangeLog : |
| 2 | =========== |
willy tarreau | 4302f49 | 2005-12-18 01:00:37 +0100 | [diff] [blame] | 3 | |
Willy Tarreau | 13398d3 | 2007-05-09 22:58:28 +0200 | [diff] [blame^] | 4 | 2007/05/09 : 1.3.10.1 |
| 5 | - fixed sepoll transition matrix (two states were missing) |
| 6 | |
Willy Tarreau | 61beedf | 2007-05-09 01:44:58 +0200 | [diff] [blame] | 7 | 2007/05/08 : 1.3.10 |
| 8 | - several fixes in ev_sepoll |
| 9 | - fixed some expiration dates on some tasks |
| 10 | - fixed a bug in connection establishment detection due to speculative I/O |
| 11 | - fixed rare bug occuring on TCP with early close (reported by Andy Smith) |
| 12 | - implemented URI hashing algorithm (Guillaume Dallaire) |
| 13 | - implemented SMTP health checks (Peter van Dijk) |
| 14 | - replaced the rbtree with ul2tree from old scheduler project |
| 15 | - new framework for generic ACL support |
| 16 | - added the 'acl' and 'block' keywords to the config language |
| 17 | - added several ACL criteria and matches (IP, port, URI, ...) |
| 18 | - cleaned up and better modularization for some time functions |
| 19 | - fixed list macros |
| 20 | - fixed useless memory allocation in str2net() |
| 21 | - store the original destination address in the session |
| 22 | |
Willy Tarreau | 6e0433f | 2007-04-16 01:18:12 +0200 | [diff] [blame] | 23 | 2007/04/15 : 1.3.9 |
| 24 | - modularized the polling mechanisms and use function pointers instead |
| 25 | of macros at many places |
| 26 | - implemented support for FreeBSD's kqueue() polling mechanism |
| 27 | - fixed a warning on OpenBSD : MIN/MAX redefined |
| 28 | - change socket registration order at startup to accomodate kqueue. |
| 29 | - several makefile cleanups to support old shells |
| 30 | - fix build with limits.h once for all |
| 31 | - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead. |
| 32 | - fdtab now holds the results of polling |
| 33 | - implemented support for speculative I/O processing with epoll() |
| 34 | - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost |
| 35 | - auto-registering of pollers at load time |
| 36 | |
Willy Tarreau | 42c7659 | 2007-04-03 20:30:13 +0200 | [diff] [blame] | 37 | 2007/04/03 : 1.3.8.2 |
| 38 | - rewriting either the status line or request line could crash the |
| 39 | process due to a pointer which ought to be reset before parsing. |
| 40 | - rewriting the status line in the response did not work, it caused |
| 41 | a 502 Bad Gateway due to an erroneous state during parsing |
| 42 | |
Willy Tarreau | ef6d761 | 2007-04-01 11:06:22 +0200 | [diff] [blame] | 43 | 2007/04/01 : 1.3.8.1 |
| 44 | - fix reqadd when no option httpclose is used. |
| 45 | - removed now unused fiprm and beprm from proxies |
| 46 | - split logs into two versions : TCP and HTTP |
| 47 | - added some docs about http headers storage and acls |
| 48 | - added a VIM script for syntax color highlighting (Bruno Michel) |
| 49 | |
Willy Tarreau | d661cc0 | 2007-03-26 00:24:56 +0200 | [diff] [blame] | 50 | 2007/03/25 : 1.3.8 |
| 51 | - fixed several bugs which might have caused a crash with bad configs |
| 52 | - several optimizations in header processing |
| 53 | - many progresses towards transaction-based processing |
| 54 | - option forwardfor may be used in frontends |
| 55 | - completed HTTP response processing |
| 56 | - some code refactoring between request and response processing |
| 57 | - new HTTP header manipulation functions |
| 58 | - optimizations on the recv() patch to reduce CPU usage under very |
| 59 | high data rates. |
| 60 | - more user-friendly help about the 'usesrc' keyword (CTTPROXY) |
| 61 | - username/groupname support from Marcus Rueckert |
| 62 | - added the "except" keyword to the "forwardfor" option (Bryan German) |
| 63 | - support for health-checks on other addresses (Fabrice Dulaunoy) |
| 64 | - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe) |
| 65 | - do not insert "Connection: close" in HTTP/1.0 messages |
| 66 | |
Willy Tarreau | 9cabf70 | 2007-01-26 23:49:01 +0100 | [diff] [blame] | 67 | 2007/01/26 : 1.3.7 |
| 68 | - fix critical bug introduced with 1.3.6 : an empty request header |
| 69 | may lead to a crash due to missing pointer assignment |
| 70 | - hdr_idx might be left uninitialized in debug mode |
| 71 | - fixed build on FreeBSD due to missing fd_set declaration |
| 72 | |
Willy Tarreau | e7a2438 | 2007-01-22 08:57:44 +0100 | [diff] [blame] | 73 | 2007/01/22 : 1.3.6.1 |
| 74 | - change in the header chaining broke cookies and authentication |
| 75 | |
Willy Tarreau | 49e1ee8 | 2007-01-22 00:56:46 +0100 | [diff] [blame] | 76 | 2007/01/22 : 1.3.6 |
| 77 | - stats now support the HEAD method too |
| 78 | - extracted http request from the session |
| 79 | - huge rework of the HTTP parser which is now a 28-state FSM. |
| 80 | - linux-style likely/unlikely macros for optimization hints |
| 81 | - do not create a server socket when there's no server |
| 82 | - imported lots of docs |
| 83 | |
Willy Tarreau | 5871f8e | 2007-01-07 02:47:01 +0100 | [diff] [blame] | 84 | 2007/01/07 : 1.3.5 |
| 85 | - stats: swap color sets for active and backup servers |
| 86 | - try to guess server check port when unset |
| 87 | - added complete support and doc for TCP Splicing |
| 88 | - replace the wait-queue linked list with an rbtree. |
| 89 | - a few bugfixes and cleanups |
| 90 | |
Willy Tarreau | 85270da | 2007-01-02 00:59:39 +0100 | [diff] [blame] | 91 | 2007/01/02 : 1.3.4 |
| 92 | - support for cttproxy on the server side to present the client |
| 93 | address to the server. |
| 94 | - added support for SO_REUSEPORT on Linux (needs kernel patch) |
| 95 | - new RFC2616-compliant HTTP request parser with header indexing |
| 96 | - split proxies in frontends, rulesets and backends |
| 97 | - implemented the 'req[i]setbe' to select a backend depending |
| 98 | on the contents |
| 99 | - added the 'default_backend' keyword to select a default BE. |
| 100 | - new stats page featuring FEs and BEs + bytes in both dirs |
| 101 | - improved log format to indicate the backend and the time in ms. |
| 102 | - lots of cleanups |
| 103 | |
Willy Tarreau | 9c9fea4 | 2006-10-16 00:03:35 +0200 | [diff] [blame] | 104 | 2006/10/15 : 1.3.3 |
| 105 | - fix broken redispatch option in case the connection has already |
| 106 | been marked "in progress" (ie: nearly always). |
| 107 | - support regparm on x86 to speed up some often called functions |
| 108 | - removed a few useless calls to gettimeofday() in log functions. |
| 109 | - lots of 'const char*' cleanups |
| 110 | - turn every FD_* into functions which are faster on recent CPUs |
| 111 | |
Willy Tarreau | 690f9aa | 2006-09-03 11:23:06 +0200 | [diff] [blame] | 112 | 2006/09/03 : 1.3.2 |
| 113 | - started the changes towards I/O completion callbacks. stream_sock* have |
| 114 | replaced event_*. |
| 115 | - added the new "reqtarpit" and "reqitarpit" protection features |
| 116 | |
Willy Tarreau | 8f2b855 | 2006-07-09 17:11:39 +0200 | [diff] [blame] | 117 | 2006/07/09 : 1.3.1 (1.2.15) |
| 118 | - now, haproxy warns about missing timeout during startup to try to |
| 119 | eliminate all those buggy configurations. |
| 120 | - added "Content-Type: text/html" in responses wherever appropriate, as |
| 121 | suggested by Cameron Simpson. |
| 122 | - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to |
| 123 | test server's health |
| 124 | - implemented "monitor-uri" so that haproxy can reply to a specific URI with |
| 125 | an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies |
| 126 | at once. |
| 127 | |
Willy Tarreau | b9e98b6 | 2006-07-03 10:32:46 +0200 | [diff] [blame] | 128 | 2006/06/29 : 1.3.0 |
| 129 | - exploded the whole file into multiple .c and .h. No functionnal |
Willy Tarreau | 8f2b855 | 2006-07-09 17:11:39 +0200 | [diff] [blame] | 130 | difference is expected at all. |
| 131 | - fixed a bug by which neither stats nor error messages could be returned if |
| 132 | 'clitimeout' was missing. |
Willy Tarreau | b9e98b6 | 2006-07-03 10:32:46 +0200 | [diff] [blame] | 133 | |
willy tarreau | 7e6328d | 2006-05-21 23:26:20 +0200 | [diff] [blame] | 134 | 2006/05/21 : 1.2.14 |
| 135 | - new HTML status report with the 'stats' keyword. |
| 136 | - added the 'abortonclose' option to better resist traffic surges |
| 137 | - implemented dynamic traffic regulation with the 'minconn' option |
| 138 | - show request time on denied requests |
| 139 | - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT |
| 140 | - now a proxy instance is allowed to run without servers, which is |
| 141 | useful to dedicate one instance to stats |
| 142 | - added lots of error counters |
| 143 | - a missing parenthesis preventd matching of cacheable cookies |
| 144 | - a missing parenthesis in poll_loop() might have caused missed events. |
| 145 | |
Willy TARREAU | 4404b7e | 2006-05-14 10:00:09 +0200 | [diff] [blame] | 146 | 2006/05/14 : 1.2.13.1 |
| 147 | - an uninitialized field in the struct session could cause a crash when |
| 148 | the session was freed. This has been encountered on Solaris only. |
| 149 | - Solaris and OpenBSD no not support shutdown() on listening socket. Let's |
| 150 | be nice to them by performing a soft stop if pause fails. |
| 151 | |
willy tarreau | c3a2e07 | 2006-05-13 18:51:38 +0200 | [diff] [blame] | 152 | 2006/05/13 : 1.2.13 |
| 153 | - 'maxconn' server parameter to do per-server session limitation |
| 154 | - queueing to support non-blocking session limitation |
| 155 | - fixed removal of cookies for cookie-less servers such as backup servers |
| 156 | - two separate wait queues for expirable and non-expirable tasks provide |
| 157 | better performance with lots of sessions. |
| 158 | - some code cleanups and performance improvements |
| 159 | - made state dumps a bit more verbose |
| 160 | - fixed missing checks for NULL srv in dispatch mode |
| 161 | - load balancing on backup servers was not possible in source hash mode. |
| 162 | - two session flags shared the same bit, but fortunately they were not |
| 163 | compatible. |
| 164 | |
willy tarreau | c0d4bbd | 2006-04-15 21:47:50 +0200 | [diff] [blame] | 165 | 2006/04/15 : 1.2.12 |
| 166 | Very few changes preparing for more important changes to support per-server |
| 167 | session limitations and queueing : |
| 168 | - ignore leading empty lines in HTTP requests as suggested by RFC2616. |
| 169 | - added the 'weight' parameter to the servers, limited to 1..256. It applies |
| 170 | to roundrobin and source hash. |
| 171 | - the optional '-s' option could clobber '-st' and '-sf' if compiled in. |
| 172 | |
willy tarreau | e0dd269 | 2006-03-30 16:27:34 +0200 | [diff] [blame] | 173 | 2006/03/30 : 1.2.11.1 |
| 174 | - under some conditions, it might have been possible that when the |
| 175 | last dead server became available, it would not have been used |
| 176 | till another one would have changed state. Could not be reproduced |
| 177 | at all, however seems possible from the code. |
| 178 | |
willy tarreau | d2058dc | 2006-03-25 20:35:41 +0100 | [diff] [blame] | 179 | 2006/03/25 : 1.2.11 |
| 180 | - added the '-db' command-line option to disable backgrounding. |
| 181 | - added the -sf/-st command-line arguments which are used to specify |
| 182 | a list of pids to send a FINISH or TERMINATE signal upon startup. |
| 183 | They will also be asked to release their port if a bind fails. |
| 184 | - reworked the startup mechanism to allow the sending of a signal to a list |
| 185 | of old pids if a socket cannot be bound, with a retry for a limited amount |
| 186 | of time (1 second by default). |
| 187 | - added the ability to enforce limits on memory usage. |
| 188 | - added the 'source' load-balancing algorithm which uses the source IP(v4|v6) |
| 189 | - re-architectured the server round-robin mechanism to ease integration of |
| 190 | other algorithms. It now relies on the number of active and backup servers. |
| 191 | - added a counter for the number of active and backup servers, and report |
| 192 | these numbers upon SIGHUP or state change. |
| 193 | |
willy tarreau | bfad574 | 2006-03-23 14:19:11 +0100 | [diff] [blame] | 194 | 2006/03/23 : 1.2.10.1 |
| 195 | - while fixing the backup server round-robin "feature", a new bug was |
| 196 | introduced which could miss some backup servers. |
| 197 | - the displayed proxy name was wrong when dumping upon SIGHUP. |
| 198 | |
willy tarreau | aaff30e | 2006-03-19 21:30:41 +0100 | [diff] [blame] | 199 | 2006/03/19 : 1.2.10 |
| 200 | - assert.h is needed when DEBUG is defined. |
| 201 | - ENORMOUS long standing bug affecting the epoll polling system : |
| 202 | event_data is a union, not a structure ! |
| 203 | - Make fd management more robust and easier to debug. Also some |
| 204 | micro-optimisations. |
| 205 | - Limit the number of consecutive accept() in multi-process mode. |
| 206 | This produces a more evenly distributed load across the processes and |
| 207 | slightly improves performance by reducing bottlenecks. |
| 208 | - Make health-checks be more regular, and faster to retry after a timeout. |
| 209 | - Fixed some messages to ease parsing of alerts. |
| 210 | - provided a patch to enable epoll on RHEL3 kernels. |
| 211 | - Separated OpenBSD build from the main Makefile into a new one. |
| 212 | |
willy tarreau | 50be017 | 2006-03-15 19:41:19 +0100 | [diff] [blame] | 213 | 2006/03/15 : 1.2.9 |
| 214 | - haproxy could not be stopped after being paused, it had to be woken up |
| 215 | first. This has been fixed. |
| 216 | - the 'ulimit-n' parameter is now optional and by default computed from |
| 217 | maxconn + the number of listeners + the number of health-checks. |
| 218 | - it is now possible to specify a maximum number of connections at build |
| 219 | time with the SYSTEM_MAXCONN define. The value set in the configuration |
| 220 | file will then be limited to this value, and only the command-line '-n' |
| 221 | option will be able to bypass it. It will prevent against accidental |
| 222 | high memory usage on small systems. |
| 223 | - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier |
| 224 | versions did not detect a line beginning with a space as the continuation |
| 225 | of previous header. It is now correct. |
| 226 | - health checks sent to servers configured with identical intervals were |
| 227 | sent in perfect synchronisation because the initial time was the same |
| 228 | for all. This could induce high load peaks when fragile servers were |
| 229 | hosting tens of instances for the same application. Now the load is |
| 230 | spread evenly across the smallest interval amongst a listener. |
| 231 | - a new 'forceclose' option was added to make the proxy close the outgoing |
| 232 | channel to the server once it has sent all its headers and the server |
| 233 | starts responding. This helps some servers which don't close upon the |
| 234 | 'Connection: close' header. It implies 'option httpclose'. |
| 235 | - there was a bug in the way the backup servers were handled. They were |
| 236 | erroneously load-balanced while the doc said the opposite. Since |
| 237 | load-balanced backup servers is one of the features some people have |
| 238 | been asking for, the problem was fixed to reflect the documented |
| 239 | behaviour and a new option 'allbackups' was introduced to provide the |
| 240 | feature to those who need it. |
| 241 | - a never ending connect() could lead to a fast select() loop if its |
| 242 | timeout times the number of retransmits exceeded the server read or write |
| 243 | timeout, because the later was used to compute select()'s timeout while |
| 244 | the connection timeout was not reached. |
| 245 | - now we initialize the libc's localtime structures very early so that even |
| 246 | under OOM conditions, we can still send dated error messages without |
| 247 | segfaulting. |
| 248 | - the 'daemon' mode implies 'quiet' and disables 'verbose' because file |
| 249 | descriptors are closed. |
| 250 | |
willy tarreau | 065f1c0 | 2006-01-29 22:10:07 +0100 | [diff] [blame] | 251 | 2006/01/29 : 1.2.8 |
| 252 | - fixed a nasty bug affecting poll/epoll which could return unmodified data |
| 253 | from the server to the client, and sometimes lead to memory corruption |
| 254 | crashing the process. |
| 255 | - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf. |
| 256 | |
| 257 | 2005/12/18 : 1.2.7.1 |
| 258 | - the "retries" option was ignored because connect() could not return an |
| 259 | error if the connection failed before the timeout. |
| 260 | - TCP health-checks could not detect a connection refused in poll/epoll |
| 261 | mode. |
| 262 | |
willy tarreau | a56eca7 | 2005-12-18 01:34:42 +0100 | [diff] [blame] | 263 | 2005/11/13 : 1.2.7 |
willy tarreau | 77bc854 | 2005-12-18 01:31:43 +0100 | [diff] [blame] | 264 | - building with -DUSE_PCRE should include PCRE headers and not regex.h. At |
| 265 | least on Solaris, this caused the libc's regex primitives to be used instead |
| 266 | of PCRE, which caused trouble on group references. This is now fixed. |
willy tarreau | d0fb465 | 2005-12-18 01:32:04 +0100 | [diff] [blame] | 267 | - delayed the quiet mode during startup so that most of the startup alerts can |
| 268 | be displayed even in quiet mode. |
| 269 | - display an alert when a listener has no address, invalid or no port, or when |
| 270 | there are no enabled listeners upon startup. |
willy tarreau | 4373b96 | 2005-12-18 01:32:31 +0100 | [diff] [blame] | 271 | - added "static-pcre" to the list of supported regex options in the Makefile. |
willy tarreau | 77bc854 | 2005-12-18 01:31:43 +0100 | [diff] [blame] | 272 | |
willy tarreau | b952e1d | 2005-12-18 01:31:20 +0100 | [diff] [blame] | 273 | 2005/10/09 : 1.2.7rc (1.1.33rc) |
| 274 | - second batch of socklen_t changes. |
| 275 | - clean-ups from Cameron Simpson. |
| 276 | - because tv_remain() does not know about eternity, using no timeout can |
| 277 | make select() spin around a null time-out. Bug reported by Cameron Simpson. |
| 278 | - client read timeout was not properly set to eternity initialized after an |
| 279 | accept() if it was not set in the config. It remained undetected so long |
| 280 | because eternity is 0 and newly allocated pages are zeroed by the system. |
| 281 | - do not call get_original_dst() when not in transparent mode. |
| 282 | - implemented a workaround for a bug in certain epoll() implementations on |
| 283 | linux-2.4 kernels (epoll-lt <= 0.21). |
| 284 | - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka. |
| 285 | |
willy tarreau | c5f73ed | 2005-12-18 01:26:38 +0100 | [diff] [blame] | 286 | 2005/08/07 : 1.2.6 |
| 287 | - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t). |
| 288 | |
| 289 | 2005/07/06 : 1.2.6-pre5 (1.1.32) |
willy tarreau | 0fe3965 | 2005-12-18 01:25:24 +0100 | [diff] [blame] | 290 | - added the number of active sessions (proxy/process) in the logs |
| 291 | |
| 292 | 2005/07/06 : 1.2.6-pre4 (1.1.32-pre4) |
willy tarreau | b1285d5 | 2005-12-18 01:20:14 +0100 | [diff] [blame] | 293 | - the time-out fix introduced in 1.1.25 caused a corner case where it was |
| 294 | possible for a client to keep a connection maintained regardless of the |
| 295 | timeout if the server closed the connection during the HEADER phase, |
| 296 | while the client ignored the close request while doing nothing in the |
| 297 | other direction. This has been fixed now by ensuring that read timeouts |
| 298 | are re-armed when switching to any SHUTW state. |
| 299 | |
| 300 | 2005/07/05 : 1.2.6-pre3 (1.1.32-pre3) |
| 301 | - enhanced error reporting in the logs. Now the proxy will precisely detect |
| 302 | various error conditions related to the system and/or process limits, and |
| 303 | generate LOG_EMERG logs indicating that a resource has been exhausted. |
| 304 | - logs will contain two new characters for the error cause : 'R' indicates |
| 305 | a resource exhausted, and 'I' indicates an internal error, though this |
| 306 | one should never happen. |
| 307 | - server connection timeouts can now be reported in the logs (sC), as well |
| 308 | as connections refused because of maxconn limitations (PC). |
| 309 | |
| 310 | 2005/07/05 : 1.2.6-pre2 (1.1.32-pre2) |
| 311 | - new global configuration keyword "ulimit-n" may be used to raise the FD |
| 312 | limit to usable values. |
| 313 | - a warning is now displayed on startup if the FD limit is lower than the |
| 314 | configured maximum number of sockets. |
| 315 | |
| 316 | 2005/07/05 : 1.2.6-pre1 (1.1.32-pre1) |
| 317 | - new configuration keyword "monitor-net" makes it possible to be monitored |
| 318 | by external devices which connect to the proxy without being logged nor |
| 319 | forwarded to any server. Particularly useful on generic TCPv4 relays. |
| 320 | |
willy tarreau | 5dffb60 | 2005-12-18 01:15:23 +0100 | [diff] [blame] | 321 | 2005/06/21 : 1.2.5.2 |
| 322 | - fixed build on PPC where chars are unsigned by default |
| 323 | |
willy tarreau | 08dedbe | 2005-12-18 01:13:48 +0100 | [diff] [blame] | 324 | 2005/05/02 : 1.2.5.1 |
| 325 | - dirty hack to fix a bug introduced with epoll : if we close an FD and |
| 326 | immediately reassign it to another session through a connect(), the |
| 327 | Prev{Read,Write}Events are not updated, which causes trouble detecting |
| 328 | changes, thus leading to many timeouts at high loads. |
| 329 | |
willy tarreau | 64a3cc3 | 2005-12-18 01:13:11 +0100 | [diff] [blame] | 330 | 2005/04/30 : 1.2.5 (1.1.31) |
| 331 | - changed the runtime argument to disable epoll() to '-de' |
| 332 | - changed the runtime argument to disable poll() to '-dp' |
| 333 | - added global options 'nopoll' and 'noepoll' to do the same at the |
| 334 | configuration level. |
| 335 | - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to |
| 336 | support epoll(). |
| 337 | - changed default FD_SETSIZE to 65536 on Solaris (default=1024) |
| 338 | - conditionned signals redirection to #ifdef DEBUG_MEMORY |
| 339 | |
willy tarreau | 1c2ad21 | 2005-12-18 01:11:29 +0100 | [diff] [blame] | 340 | 2005/04/26 : 1.2.5-pre4 |
| 341 | - made epoll() support a compile-time option : ENABLE_EPOLL |
| 342 | - provided a very little libc replacement for a possibly missing epoll() |
| 343 | implementation which can be enabled by -DUSE_MY_EPOLL |
| 344 | - implemented the poll() poller, which can be enabled with -DENABLE_POLL. |
| 345 | The equivalent runtime argument becomes '-P'. A few tests show that it |
| 346 | performs like select() with many fds, but slightly slower (certainly |
| 347 | because of the higher amount of memory involved). |
| 348 | - separated the 3 polling methods and the tasks scheduler into 4 distinct |
| 349 | functions which makes the code a lot more modular. |
| 350 | - moved some event tables to private static declarations inside the poller |
| 351 | functions. |
| 352 | - the poller functions can now initialize themselves, run, and cleanup. |
| 353 | - changed the runtime argument to enable epoll() to '-E'. |
| 354 | - removed buggy epoll_ctl() code in the client_retnclose() function. This |
| 355 | function was never meant to remove anything. |
| 356 | - fixed a typo which caused glibc to yell about a double free on exit. |
| 357 | - removed error checking after epoll_ctl(DEL) because we can never know if |
| 358 | the fd is still active or already closed. |
| 359 | - added a few entries in the makefile |
| 360 | |
willy tarreau | ad90a0c | 2005-12-18 01:09:15 +0100 | [diff] [blame] | 361 | 2005/04/25 : 1.2.5-pre3 |
| 362 | - experimental epoll() support (use temporary '-e' argument) |
| 363 | |
| 364 | 2005/04/24 : 1.2.5-pre2 |
willy tarreau | c1f4753 | 2005-12-18 01:08:26 +0100 | [diff] [blame] | 365 | - implemented the HTTP 303 code for error redirection. This forces the |
| 366 | browser to fetch the given URI with a GET request. The new keyword for |
| 367 | this is 'errorloc303', and a new 'errorloc302' keyword has been created |
| 368 | to make them easily distinguishable. |
| 369 | - added more controls in the parser for valid use of '\x' sequence. |
| 370 | - few fixes from Alex & Klaus |
| 371 | |
willy tarreau | ad90a0c | 2005-12-18 01:09:15 +0100 | [diff] [blame] | 372 | 2005/02/17 : 1.2.5-pre1 |
willy tarreau | c1f4753 | 2005-12-18 01:08:26 +0100 | [diff] [blame] | 373 | - fixed a few errors in the documentation |
| 374 | |
| 375 | 2005/02/13 |
| 376 | - do not pre-initialize unused file-descriptors before select() anymore. |
| 377 | |
willy tarreau | 1235015 | 2005-12-18 01:03:27 +0100 | [diff] [blame] | 378 | 2005/01/22 : 1.2.4 |
| 379 | - merged Alexander Lazic's and Klaus Wagner's work on application |
| 380 | cookie-based persistence. Since this is the first merge, this version is |
| 381 | not intended for general use and reports are more than welcome. Some |
| 382 | documentation is really needed though. |
| 383 | |
willy tarreau | 0174f31 | 2005-12-18 01:02:42 +0100 | [diff] [blame] | 384 | 2005/01/22 : 1.2.3 (1.1.30) |
| 385 | - add an architecture guide to the documentation |
| 386 | - released without any changes |
| 387 | |
| 388 | 2004/12/26 : 1.2.3-pre1 (1.1.30-pre1) |
| 389 | - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is |
| 390 | compatible with Apache. This limit can be configured in the makefile now. |
| 391 | Thanks to Eric Fehr for the checks. |
| 392 | - added a per-server "source" option which now makes it possible to bind to |
| 393 | a different source for each (potentially identical) server. |
| 394 | - changed cookie-based server selection slightly to allow several servers to |
| 395 | share a same cookie, thus making it possible to associate backup servers to |
| 396 | live servers and ease soft-stop for maintenance periods. (Alexander Lazic) |
| 397 | - added the cookie 'prefix' mode which makes it possible to use persistence |
| 398 | with thin clients which support only one cookie. The server name is prefixed |
| 399 | before the application cookie, and restore back. |
| 400 | - fixed the order of servers within an instance to match documentation. Now |
| 401 | the servers are *really* used in the order of their declaration. This is |
| 402 | particularly important when multiple backup servers are in use. |
| 403 | |
willy tarreau | 4302f49 | 2005-12-18 01:00:37 +0100 | [diff] [blame] | 404 | 2004/10/18 : 1.2.2 (1.1.29) |
| 405 | - fixed a bug where a TCP connection would be logged twice if the 'logasap' |
| 406 | option was enabled without the 'tcplog' option. |
| 407 | - encode_string() would use hdr_encode_map instead of the map argument. |
| 408 | |
| 409 | 2004/08/10 : (1.1.29-pre2) |
| 410 | - the logged request is now encoded with '#XX' for unprintable characters |
| 411 | - new keywords 'capture request header' and 'capture response header' enable |
| 412 | logging of arbitrary HTTP headers in requests and responses |
| 413 | - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton() |
| 414 | |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 415 | 2004/06/06 : 1.2.1 (1.1.28) |
| 416 | - added the '-V' command line option to verbosely report errors even though |
| 417 | the -q or 'quiet' options are specified. This is useful with '-c'. |
| 418 | - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch> |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 419 | |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 420 | 2004/06/05 : |
| 421 | - added the "logasap" option which produces a log without waiting for the data |
| 422 | to be transferred from the server to the client. |
| 423 | - added the "httpclose" option which removes any "connection:" header and adds |
| 424 | "Connection: close" in both direction. |
willy tarreau | 97f5857 | 2005-12-18 00:53:44 +0100 | [diff] [blame] | 425 | - added the 'checkcache' option which blocks cacheable responses containing |
| 426 | dangerous headers, such as 'set-cookie'. |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 427 | - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible |
| 428 | information leak from servers. |
willy tarreau | 25c4ea5 | 2005-12-18 00:49:49 +0100 | [diff] [blame] | 429 | |
| 430 | 2004/04/18 : |
willy tarreau | dd07e97 | 2005-12-18 00:48:48 +0100 | [diff] [blame] | 431 | - send an EMERG log when no server is available for a given proxy |
| 432 | - added the '-c' command line option to syntactically check the |
| 433 | configuration file without starting the service. |
| 434 | |
willy tarreau | 8a86dbf | 2005-12-18 00:45:59 +0100 | [diff] [blame] | 435 | 2003/11/09 : 1.2.0 |
| 436 | - the same as 1.1.27 + IPv6 support on the client side |
| 437 | |
willy tarreau | fe2c5c1 | 2005-12-17 14:14:34 +0100 | [diff] [blame] | 438 | 2003/10/27 : 1.1.27 |
| 439 | - the configurable HTTP health check introduced in 1.1.23 revealed a shameful |
| 440 | bug : the code still assumed that HTTP requests were the same size as the |
| 441 | original ones (22 bytes), and failed if they were not. |
| 442 | - added support for pidfiles. |
| 443 | |
willy tarreau | c58fc69 | 2005-12-17 14:13:08 +0100 | [diff] [blame] | 444 | 2003/10/22 : 1.1.26 |
| 445 | - the fix introduced in 1.1.25 for client timeouts while waiting for servers |
| 446 | broke almost all compatibility with POST requests, because the proxy |
| 447 | stopped to read anything from the client as soon as it got all of its |
| 448 | headers. |
| 449 | |
willy tarreau | c1cae63 | 2005-12-17 14:12:23 +0100 | [diff] [blame] | 450 | 2003/10/15 : 1.1.25 |
| 451 | - added the 'tcplog' option, which provides enhanced, HTTP-like logs for |
| 452 | generic TCP proxies, or lighter logs for HTTP proxies. |
| 453 | - fixed a time-out condition wrongly reported as client time-out in data |
| 454 | phase if the client timeout was lower than the connect timeout times the |
| 455 | number of retries. |
| 456 | |
willy tarreau | 197e8ec | 2005-12-17 14:10:59 +0100 | [diff] [blame] | 457 | 2003/09/21 : 1.1.24 |
| 458 | - if a client sent a full request then shut its write connection down, then |
| 459 | the request was aborted. This case was detected only when using haproxy |
| 460 | both as health-check client and as a server. |
| 461 | - if 'option httpchk' is used in a 'health' mode server, then responses will |
| 462 | change from 'OK' to 'HTTP/1.0 200 OK'. |
| 463 | - fixed a Linux-only bug in case of HTTP server health-checks, where a single |
| 464 | server response followed by a close could be ignored, and the server seen |
| 465 | as failed. |
| 466 | |
willy tarreau | eedaa9f | 2005-12-17 14:08:03 +0100 | [diff] [blame] | 467 | 2003/09/19 : 1.1.23 |
| 468 | - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent |
| 469 | 'default' sections to keep previous parameters, and not initialize logs |
| 470 | correctly. |
| 471 | - fixed a second stupid bug introduced in 1.1.22 which caused configurations |
| 472 | relying on 'dispatch' mode to segfault at the first connection. |
| 473 | - 'option httpchk' now supports method, HTTP version and a few headers. |
| 474 | - now, 'option httpchk', 'cookie' and 'capture' can be specified in |
| 475 | 'defaults' section |
| 476 | |
| 477 | 2003/09/10 : 1.1.22 |
willy tarreau | a41a8b4 | 2005-12-17 14:02:24 +0100 | [diff] [blame] | 478 | - 'listen' now supports optionnal address:port-range lists |
| 479 | - 'bind' introduced to add new listen addresses |
| 480 | - fixed a bug which caused a session to be kept established on a server till |
| 481 | it timed out if the client closed during the DATA phase. |
| 482 | - the port part of each server address can now be empty to make the proxy |
| 483 | connect to the server on the same port it was connected to, be an absolute |
| 484 | unsigned number to reflect a single port (as in older versions), or an |
| 485 | explicitly signed number (+N/-N) to indicate that this offset must be |
| 486 | applied to the port the proxy was connected to, when connecting to the |
| 487 | server. |
| 488 | - the 'port' server option allows the user to specify a different |
| 489 | health-check port than the service one. It is mandatory when only relative |
| 490 | ports have been specified and check is required. By default, the checks are |
| 491 | sent to the service port. |
| 492 | - new 'defaults' section which is rather similar to 'listen' except that all |
| 493 | values are only used as default values for future 'listen' sections, until |
| 494 | a new 'defaults' resets them. At the moment, server options, regexes, |
| 495 | cookie names and captures cannot be set in the 'defaults' section. |
| 496 | |
willy tarreau | 2f6ba65 | 2005-12-17 13:57:42 +0100 | [diff] [blame] | 497 | 2003/05/06 : 1.1.21 |
| 498 | - changed the debug output format so that it now includes the session unique |
| 499 | ID followed by the instance name at the beginning of each line. |
| 500 | - in debug mode, accept now shows the client's IP and port. |
| 501 | - added one 3 small debugging scripts to search and pretty print debug output |
| 502 | - changed the default health check request to "OPTIONS /" instead of |
| 503 | "OPTIONS *" since not all servers implement the later one. |
| 504 | - "option httpchk" now accepts an optional parameter allowing the user to |
| 505 | specify and URI other than '/' during health-checks. |
| 506 | |
willy tarreau | b1ff9db | 2005-12-17 13:51:03 +0100 | [diff] [blame] | 507 | 2003/04/21 : 1.1.20 |
| 508 | - fixed two problems with time-outs, one where a server would be logged as |
| 509 | timed out during transfer that take longer to complete than the fixed |
| 510 | time-out, and one where clients were logged as timed-out during the data |
| 511 | phase because they didn't have anything to send. This sometimes caused |
| 512 | slow client connections to close too early while in fact there was no |
| 513 | problem. The proper fix would be to have a per-fd time-out with |
| 514 | conditions depending on the state of the HTTP FSM. |
| 515 | |
willy tarreau | 906b268 | 2005-12-17 13:49:52 +0100 | [diff] [blame] | 516 | 2003/04/16 : 1.1.19 |
| 517 | - haproxy was NOT RFC compliant because it was case-sensitive on HTTP |
| 518 | "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on |
| 519 | cookie persistence because it uses "cookie:". Two memcmp() have been |
| 520 | replaced with strncasecmp(). |
| 521 | |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 522 | 2003/04/02 : 1.1.18 |
| 523 | - Haproxy can be compiled with PCRE regex instead of libc regex, by setting |
| 524 | REGEX=pcre on the make command line. |
| 525 | - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /". |
| 526 | - when explicit source address binding is required, it is now also used for |
| 527 | health-checks. |
| 528 | - added 'reqpass' and 'reqipass' to allow certain headers but not the request |
| 529 | itself. |
| 530 | - factored several strings to reduce binary size by about 2 kB. |
| 531 | - replaced setreuid() and setregid() with more standard setuid() and setgid(). |
| 532 | - added 4 status flags to the log line indicating who ended the connection |
| 533 | first, the sessions state, the validity of the cookie, and action taken on |
| 534 | the set-cookie header. |
| 535 | |
| 536 | 2002/10/18 : 1.1.17 |
| 537 | - add the notion of "backup" servers, which are used only when all other |
| 538 | servers are down. |
| 539 | - make Set-Cookie return "" instead of "(null)" when the server has no |
| 540 | cookie assigned (useful for backup servers). |
| 541 | - "log" now supports an optionnal level name (info, notice, err ...) above |
| 542 | which nothing is sent. |
| 543 | - replaced some strncmp() with memcmp() for better efficiency. |
| 544 | - added "capture cookie" option which logs client and/or server cookies |
| 545 | - cleaned up/down messages and dump servers states upon SIGHUP |
| 546 | - added a redirection feature for errors : "errorloc <errnum> <url>" |
| 547 | - now we won't insist on connecting to a dead server, even with a cookie, |
| 548 | unless option "persist" is specified. |
| 549 | - added HTTP/408 response for client request time-out and HTTP/50[234] for |
| 550 | server reply time-out or errors. |
| 551 | |
| 552 | 2002/09/01 : 1.1.16 |
| 553 | - implement HTTP health checks when option "httpchk" is specified. |
| 554 | |
| 555 | 2002/08/07 : 1.1.15 |
| 556 | - replaced setpgid()/setpgrp() with setsid() for better portability, because |
| 557 | setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD. |
| 558 | |
| 559 | 2002/07/20 : 1.1.14 |
| 560 | - added "postonly" cookie mode |
| 561 | |
| 562 | 2002/07/15 : 1.1.13 |
| 563 | - tv_diff used inverted parameters which led to negative times ! |
| 564 | |
| 565 | 2002/07/13 : 1.1.12 |
| 566 | - fixed stats monitoring, and optimized some tv_* for most common cases. |
| 567 | - replaced temporary 'newhdr' with 'trash' to reduce stack size |
| 568 | - made HTTP errors more HTML-fiendly. |
| 569 | - renamed strlcpy() to strlcpy2() because of a slightly difference between |
| 570 | their behaviour (return value), to avoid confusion. |
| 571 | - restricted HTTP messages to HTTP proxies only |
| 572 | - added a 502 message when the connection has been refused by the server, |
| 573 | to prevent clients from believing this is a zero-byte HTTP 0.9 reply. |
| 574 | - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when |
| 575 | inserting a cookie, because some caches (apache) don't understand it. |
| 576 | - fixed processing of server headers when client is in SHUTR state |
| 577 | |
| 578 | 2002/07/04 : |
| 579 | - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after |
| 580 | setpgid() |
| 581 | |
| 582 | 2002/06/04 : 1.1.11 |
| 583 | - fixed multi-cookie handling in client request to allow clean deletion |
| 584 | in insert+indirect mode. Now, only the server cookie is deleted and not |
willy tarreau | 906b268 | 2005-12-17 13:49:52 +0100 | [diff] [blame] | 585 | all the header. Should now be compliant to RFC2965. |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 586 | - added a "nocache" option to "cookie" to specify that we explicitly want |
| 587 | to add a "cache-control" header when we add a cookie. |
| 588 | It is also possible to add an "Expires: <old-date>" to keep compatibility |
| 589 | with old/broken caches. |
| 590 | |
| 591 | 2002/05/10 : 1.1.10 |
| 592 | - if a cookie is used in insert+indirect mode, it's desirable that the |
| 593 | the servers don't see it. It was not possible to remove it correctly |
| 594 | with regexps, so now it's removed automatically. |
| 595 | |
| 596 | 2002/04/19 : 1.1.9 |
| 597 | - don't use snprintf()'s return value as an end of message since it may |
| 598 | be larger. This caused bus errors and segfaults in internal libc's |
| 599 | getenv() during localtime() in send_log(). |
| 600 | - removed dead insecure send_syslog() function and all references to it. |
| 601 | - fixed warnings on Solaris due to buggy implementation of isXXXX(). |
| 602 | |
| 603 | 2002/04/18 : 1.1.8 |
| 604 | - option "dontlognull" |
| 605 | - fixed "double space" bug in config parser |
| 606 | - fixed an uninitialized server field in case of dispatch |
| 607 | with no existing server which could cause a segfault during |
| 608 | logging. |
| 609 | - the pid logged was always the father's, which was wrong for daemons. |
| 610 | - fixed wrong level "LOG_INFO" for message "proxy started". |
| 611 | |
| 612 | 2002/04/13 : |
| 613 | - http logging is now complete : |
| 614 | - ip:port, date, proxy, server |
| 615 | - req_time, conn_time, hdr_time, tot_time |
| 616 | - status, size, request |
| 617 | - source address |
| 618 | |
| 619 | 2002/04/12 : 1.1.7 |
| 620 | - added option forwardfor |
| 621 | - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel |
| 622 | - added "log global" in "listen" section. |
| 623 | |
| 624 | 2002/04/09 : |
| 625 | - added a new "global" section : |
| 626 | - logs |
| 627 | - debug, quiet, daemon modes |
| 628 | - uid, gid, chroot, nbproc, maxconn |
| 629 | |
| 630 | 2002/04/08 : 1.1.6 |
| 631 | - regex are now chained and not limited anymore. |
| 632 | - unavailable server now returns HTTP/502. |
| 633 | - increased per-line args limit to 40 |
| 634 | - added reqallow/reqdeny to block some request on matches |
| 635 | - added HTTP 400/403 responses |
| 636 | |
| 637 | 2002/04/03 : 1.1.5 |
| 638 | - connection logging displayed incorrect source address. |
| 639 | - added proxy start/stop and server up/down log events. |
| 640 | - replaced log message short buffers with larger trash. |
| 641 | - enlarged buffer to 8 kB and replace buffer to 4 kB. |
| 642 | |
| 643 | 2002/03/25 : 1.1.4 |
| 644 | - made rise/fall/interval time configurable |
| 645 | |
| 646 | 2002/03/22 : 1.1.3 |
| 647 | - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR] |
| 648 | which could lead to loops. |
| 649 | |
| 650 | 2002/03/21 : 1.1.2 |
| 651 | - fixed a bug in buffer management where we could have a loop |
| 652 | between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE. |
| 653 | => implemented an adjustable buffer limit. |
| 654 | - fixed a bug : expiration of tasks in wait queue timeout is used again, |
| 655 | and running tasks are skipped. |
| 656 | - added some debug lines for accept events. |
| 657 | - send warnings for servers up/down. |
| 658 | |
| 659 | 2002/03/12 : 1.1.1 |
| 660 | - fixed a bug in total failure handling |
| 661 | - fixed a bug in timestamp comparison within same second (tv_cmp_ms) |
| 662 | |
| 663 | 2002/03/10 : 1.1.0 |
| 664 | - fixed a few timeout bugs |
| 665 | - rearranged the task scheduler subsystem to improve performance, |
| 666 | add new tasks, and make it easier to later port to librt ; |
| 667 | - allow multiple accept() for one select() wake up ; |
| 668 | - implemented internal load balancing with basic health-check ; |
| 669 | - cookie insertion and header add/replace/delete, with better strings |
| 670 | support. |
| 671 | |
| 672 | 2002/03/08 |
| 673 | - reworked buffer handling to fix a few rewrite bugs, and |
| 674 | improve overall performance. |
| 675 | - implement the "purge" option to delete server cookies in direct mode. |
| 676 | |
| 677 | 2002/03/07 |
| 678 | - fixed some error cases where the maxfd was not decreased. |
| 679 | |
| 680 | 2002/02/26 |
| 681 | - now supports transparent proxying, at least on linux 2.4. |
| 682 | |
| 683 | 2002/02/12 |
| 684 | - soft stop works again (fixed select timeout computation). |
| 685 | - it seems that TCP proxies sometimes cannot timeout. |
| 686 | - added a "quiet" mode. |
| 687 | - enforce file descriptor limitation on socket() and accept(). |
| 688 | |
| 689 | 2001/12/30 : release of version 1.0.2 : fixed a bug in header processing |
| 690 | 2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris |
| 691 | 2001/12/16 : release of version 1.0.0. |
| 692 | 2001/12/16 : added syslog capability for each accepted connection. |
| 693 | 2001/11/19 : corrected premature end of files and occasional SIGPIPE. |
| 694 | 2001/10/31 : added health-check type servers (mode health) which replies OK then closes. |
| 695 | 2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies |
| 696 | with or without cookies (use keyword http for this). |
| 697 | 2001/09/01 : added client/server header replacing with regexps. |
| 698 | eg: |
| 699 | cliexp ^(Host:\ [^:]*).* Host:\ \1:80 |
| 700 | srvexp ^Server:\ .* Server:\ Apache |
| 701 | 2000/11/29 : first fully working release with complete FSMs and timeouts. |
| 702 | 2000/11/28 : major rewrite |
| 703 | 2000/11/26 : first write |