CHANGELOG

ChangeLog :
===========

2006/05/14 : 1.2.13.1
   - an uninitialized field in the struct session could cause a crash when
     the session was freed. This has been encountered on Solaris only.
   - Solaris and OpenBSD no not support shutdown() on listening socket. Let's
     be nice to them by performing a soft stop if pause fails.

2006/05/13 : 1.2.13
   - 'maxconn' server parameter to do per-server session limitation
   - queueing to support non-blocking session limitation
   - fixed removal of cookies for cookie-less servers such as backup servers
   - two separate wait queues for expirable and non-expirable tasks provide
     better performance with lots of sessions.
   - some code cleanups and performance improvements
   - made state dumps a bit more verbose
   - fixed missing checks for NULL srv in dispatch mode
   - load balancing on backup servers was not possible in source hash mode.
   - two session flags shared the same bit, but fortunately they were not
     compatible.

2006/04/15 : 1.2.12
   Very few changes preparing for more important changes to support per-server
   session limitations and queueing :
   - ignore leading empty lines in HTTP requests as suggested by RFC2616.
   - added the 'weight' parameter to the servers, limited to 1..256. It applies
     to roundrobin and source hash.
   - the optional '-s' option could clobber '-st' and '-sf' if compiled in.

2006/03/30 : 1.2.11.1
   - under some conditions, it might have been possible that when the
     last dead server became available, it would not have been used
     till another one would have changed state. Could not be reproduced
     at all, however seems possible from the code.

2006/03/25 : 1.2.11
   - added the '-db' command-line option to disable backgrounding.
   - added the -sf/-st command-line arguments which are used to specify
     a list of pids to send a FINISH or TERMINATE signal upon startup.
     They will also be asked to release their port if a bind fails.
   - reworked the startup mechanism to allow the sending of a signal to a list
     of old pids if a socket cannot be bound, with a retry for a limited amount
     of time (1 second by default).
   - added the ability to enforce limits on memory usage.
   - added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
   - re-architectured the server round-robin mechanism to ease integration of
     other algorithms. It now relies on the number of active and backup servers.
   - added a counter for the number of active and backup servers, and report
     these numbers upon SIGHUP or state change.

2006/03/23 : 1.2.10.1
  - while fixing the backup server round-robin "feature", a new bug was
    introduced which could miss some backup servers.
  - the displayed proxy name was wrong when dumping upon SIGHUP.

2006/03/19 : 1.2.10
  - assert.h is needed when DEBUG is defined.
  - ENORMOUS long standing bug affecting the epoll polling system :
    event_data is a union, not a structure !
  - Make fd management more robust and easier to debug. Also some
    micro-optimisations.
  - Limit the number of consecutive accept() in multi-process mode.
    This produces a more evenly distributed load across the processes and
    slightly improves performance by reducing bottlenecks.
  - Make health-checks be more regular, and faster to retry after a timeout.
  - Fixed some messages to ease parsing of alerts.
  - provided a patch to enable epoll on RHEL3 kernels.
  - Separated OpenBSD build from the main Makefile into a new one.

2006/03/15 : 1.2.9
  - haproxy could not be stopped after being paused, it had to be woken up
    first. This has been fixed.
  - the 'ulimit-n' parameter is now optional and by default computed from
    maxconn + the number of listeners + the number of health-checks.
  - it is now possible to specify a maximum number of connections at build
    time with the SYSTEM_MAXCONN define. The value set in the configuration
    file will then be limited to this value, and only the command-line '-n'
    option will be able to bypass it. It will prevent against accidental
    high memory usage on small systems.
  - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
    versions did not detect a line beginning with a space as the continuation
    of previous header. It is now correct.
  - health checks sent to servers configured with identical intervals were
    sent in perfect synchronisation because the initial time was the same
    for all. This could induce high load peaks when fragile servers were
    hosting tens of instances for the same application.  Now the load is
    spread evenly across the smallest interval amongst a listener.
  - a new 'forceclose' option was added to make the proxy close the outgoing
    channel to the server once it has sent all its headers and the server
    starts responding. This helps some servers which don't close upon the
    'Connection: close' header. It implies 'option httpclose'.
  - there was a bug in the way the backup servers were handled. They were
    erroneously load-balanced while the doc said the opposite. Since
    load-balanced backup servers is one of the features some people have
    been asking for, the problem was fixed to reflect the documented
    behaviour and a new option 'allbackups' was introduced to provide the
    feature to those who need it.
  - a never ending connect() could lead to a fast select() loop if its
    timeout times the number of retransmits exceeded the server read or write
    timeout, because the later was used to compute select()'s timeout while
    the connection timeout was not reached.
  - now we initialize the libc's localtime structures very early so that even
    under OOM conditions, we can still send dated error messages without
    segfaulting.
  - the 'daemon' mode implies 'quiet' and disables 'verbose' because file
    descriptors are closed.

2006/01/29 : 1.2.8
  - fixed a nasty bug affecting poll/epoll which could return unmodified data
    from the server to the client, and sometimes lead to memory corruption
    crashing the process.
  - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.

2005/12/18 : 1.2.7.1
  - the "retries" option was ignored because connect() could not return an
    error if the connection failed before the timeout.
  - TCP health-checks could not detect a connection refused in poll/epoll
    mode.

2005/11/13 : 1.2.7
  - building with -DUSE_PCRE should include PCRE headers and not regex.h. At
    least on Solaris, this caused the libc's regex primitives to be used instead
    of PCRE, which caused trouble on group references. This is now fixed.
  - delayed the quiet mode during startup so that most of the startup alerts can
    be displayed even in quiet mode.
  - display an alert when a listener has no address, invalid or no port, or when
    there are no enabled listeners upon startup.
  - added "static-pcre" to the list of supported regex options in the Makefile.

2005/10/09 : 1.2.7rc (1.1.33rc)
  - second batch of socklen_t changes.
  - clean-ups from Cameron Simpson.
  - because tv_remain() does not know about eternity, using no timeout can
    make select() spin around a null time-out. Bug reported by Cameron Simpson.
  - client read timeout was not properly set to eternity initialized after an
    accept() if it was not set in the config. It remained undetected so long
    because eternity is 0 and newly allocated pages are zeroed by the system.
  - do not call get_original_dst() when not in transparent mode.
  - implemented a workaround for a bug in certain epoll() implementations on
    linux-2.4 kernels (epoll-lt <= 0.21).
  - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.

2005/08/07 : 1.2.6
  - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).

2005/07/06 : 1.2.6-pre5 (1.1.32)
  - added the number of active sessions (proxy/process) in the logs

2005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
  - the time-out fix introduced in 1.1.25 caused a corner case where it was
    possible for a client to keep a connection maintained regardless of the
    timeout if the server closed the connection during the HEADER phase,
    while the client ignored the close request while doing nothing in the
    other direction. This has been fixed now by ensuring that read timeouts
    are re-armed when switching to any SHUTW state.

2005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
  - enhanced error reporting in the logs. Now the proxy will precisely detect
    various error conditions related to the system and/or process limits, and
    generate LOG_EMERG logs indicating that a resource has been exhausted.
  - logs will contain two new characters for the error cause : 'R' indicates
    a resource exhausted, and 'I' indicates an internal error, though this
    one should never happen.
  - server connection timeouts can now be reported in the logs (sC), as well
    as connections refused because of maxconn limitations (PC).

2005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
  - new global configuration keyword "ulimit-n" may be used to raise the FD
    limit to usable values.
  - a warning is now displayed on startup if the FD limit is lower than the
    configured maximum number of sockets.

2005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
  - new configuration keyword "monitor-net" makes it possible to be monitored
    by external devices which connect to the proxy without being logged nor
    forwarded to any server. Particularly useful on generic TCPv4 relays.

2005/06/21 : 1.2.5.2
  - fixed build on PPC where chars are unsigned by default

2005/05/02 : 1.2.5.1
  - dirty hack to fix a bug introduced with epoll : if we close an FD and
    immediately reassign it to another session through a connect(), the
    Prev{Read,Write}Events are not updated, which causes trouble detecting
    changes, thus leading to many timeouts at high loads.

2005/04/30 : 1.2.5 (1.1.31)
  - changed the runtime argument to disable epoll() to '-de'
  - changed the runtime argument to disable poll() to '-dp'
  - added global options 'nopoll' and 'noepoll' to do the same at the
    configuration level.
  - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
    support epoll().
  - changed default FD_SETSIZE to 65536 on Solaris (default=1024)
  - conditionned signals redirection to #ifdef DEBUG_MEMORY

2005/04/26 : 1.2.5-pre4
  - made epoll() support a compile-time option : ENABLE_EPOLL
  - provided a very little libc replacement for a possibly missing epoll()
    implementation which can be enabled by -DUSE_MY_EPOLL
  - implemented the poll() poller, which can be enabled with -DENABLE_POLL.
    The equivalent runtime argument becomes '-P'. A few tests show that it
    performs like select() with many fds, but slightly slower (certainly
    because of the higher amount of memory involved).
  - separated the 3 polling methods and the tasks scheduler into 4 distinct
    functions which makes the code a lot more modular.
  - moved some event tables to private static declarations inside the poller
    functions.
  - the poller functions can now initialize themselves, run, and cleanup.
  - changed the runtime argument to enable epoll() to '-E'.
  - removed buggy epoll_ctl() code in the client_retnclose() function. This
    function was never meant to remove anything.
  - fixed a typo which caused glibc to yell about a double free on exit.
  - removed error checking after epoll_ctl(DEL) because we can never know if
    the fd is still active or already closed.
  - added a few entries in the makefile

2005/04/25 : 1.2.5-pre3
  - experimental epoll() support (use temporary '-e' argument)

2005/04/24 : 1.2.5-pre2
  - implemented the HTTP 303 code for error redirection. This forces the
    browser to fetch the given URI with a GET request. The new keyword for
    this is 'errorloc303', and a new 'errorloc302' keyword has been created
    to make them easily distinguishable.
  - added more controls in the parser for valid use of '\x' sequence.
  - few fixes from Alex & Klaus

2005/02/17 : 1.2.5-pre1
  - fixed a few errors in the documentation

2005/02/13
  - do not pre-initialize unused file-descriptors before select() anymore.

2005/01/22 : 1.2.4
  - merged Alexander Lazic's and Klaus Wagner's work on application
    cookie-based persistence. Since this is the first merge, this version is
    not intended for general use and reports are more than welcome. Some
    documentation is really needed though.

2005/01/22 : 1.2.3 (1.1.30)
  - add an architecture guide to the documentation
  - released without any changes

2004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
  - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
    compatible with Apache. This limit can be configured in the makefile now.
    Thanks to Eric Fehr for the checks.
  - added a per-server "source" option which now makes it possible to bind to
    a different source for each (potentially identical) server.
  - changed cookie-based server selection slightly to allow several servers to
    share a same cookie, thus making it possible to associate backup servers to
    live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
  - added the cookie 'prefix' mode which makes it possible to use persistence
    with thin clients which support only one cookie. The server name is prefixed
    before the application cookie, and restore back.
  - fixed the order of servers within an instance to match documentation. Now
    the servers are *really* used in the order of their declaration. This is
    particularly important when multiple backup servers are in use.

2004/10/18 : 1.2.2 (1.1.29)
  - fixed a bug where a TCP connection would be logged twice if the 'logasap'
    option was enabled without the 'tcplog' option.
  - encode_string() would use hdr_encode_map instead of the map argument.

2004/08/10 : (1.1.29-pre2)
  - the logged request is now encoded with '#XX' for unprintable characters
  - new keywords 'capture request header' and 'capture response header' enable
    logging of arbitrary HTTP headers in requests and responses
  - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()

2004/06/06 : 1.2.1 (1.1.28)
  - added the '-V' command line option to verbosely report errors even though
    the -q or 'quiet' options are specified. This is useful with '-c'.
  - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>

2004/06/05 :
  - added the "logasap" option which produces a log without waiting for the data
    to be transferred from the server to the client.
  - added the "httpclose" option which removes any "connection:" header and adds
    "Connection: close" in both direction.
  - added the 'checkcache' option which blocks cacheable responses containing
    dangerous headers, such as 'set-cookie'.
  - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
    information leak from servers.

2004/04/18 :
  - send an EMERG log when no server is available for a given proxy
  - added the '-c' command line option to syntactically check the
    configuration file without starting the service.

2003/11/09 : 1.2.0
  - the same as 1.1.27 + IPv6 support on the client side

2003/10/27 : 1.1.27
  - the configurable HTTP health check introduced in 1.1.23 revealed a shameful
    bug : the code still assumed that HTTP requests were the same size as the
    original ones (22 bytes), and failed if they were not.
  - added support for pidfiles.

2003/10/22 : 1.1.26
  - the fix introduced in 1.1.25 for client timeouts while waiting for servers
    broke almost all compatibility with POST requests, because the proxy
    stopped to read anything from the client as soon as it got all of its
    headers.

2003/10/15 : 1.1.25
  - added the 'tcplog' option, which provides enhanced, HTTP-like logs for
    generic TCP proxies, or lighter logs for HTTP proxies.
  - fixed a time-out condition wrongly reported as client time-out in data
    phase if the client timeout was lower than the connect timeout times the
    number of retries.

2003/09/21 : 1.1.24
  - if a client sent a full request then shut its write connection down, then
    the request was aborted. This case was detected only when using haproxy
    both as health-check client and as a server.
  - if 'option httpchk' is used in a 'health' mode server, then responses will
    change from 'OK' to 'HTTP/1.0 200 OK'.
  - fixed a Linux-only bug in case of HTTP server health-checks, where a single
    server response followed by a close could be ignored, and the server seen
    as failed.

2003/09/19 : 1.1.23
  - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
    'default' sections to keep previous parameters, and not initialize logs
    correctly.
  - fixed a second stupid bug introduced in 1.1.22 which caused configurations
    relying on 'dispatch' mode to segfault at the first connection.
  - 'option httpchk' now supports method, HTTP version and a few headers.
  - now, 'option httpchk', 'cookie' and 'capture' can be specified in
    'defaults' section

2003/09/10 : 1.1.22
  - 'listen' now supports optionnal address:port-range lists
  - 'bind' introduced to add new listen addresses
  - fixed a bug which caused a session to be kept established on a server till
    it timed out if the client closed during the DATA phase.
  - the port part of each server address can now be empty to make the proxy
    connect to the server on the same port it was connected to, be an absolute
    unsigned number to reflect a single port (as in older versions), or an
    explicitly signed number (+N/-N) to indicate that this offset must be
    applied to the port the proxy was connected to, when connecting to the
    server.
  - the 'port' server option allows the user to specify a different
    health-check port than the service one. It is mandatory when only relative
    ports have been specified and check is required. By default, the checks are
    sent to the service port.
  - new 'defaults' section which is rather similar to 'listen' except that all
    values are only used as default values for future 'listen' sections, until
    a new 'defaults' resets them. At the moment, server options, regexes,
    cookie names and captures cannot be set in the 'defaults' section.

2003/05/06 : 1.1.21
  - changed the debug output format so that it now includes the session unique
    ID followed by the instance name at the beginning of each line.
  - in debug mode, accept now shows the client's IP and port.
  - added one 3 small debugging scripts to search and pretty print debug output
  - changed the default health check request to "OPTIONS /" instead of
    "OPTIONS *" since not all servers implement the later one.
  - "option httpchk" now accepts an optional parameter allowing the user to
    specify and URI other than '/' during health-checks.

2003/04/21 : 1.1.20
  - fixed two problems with time-outs, one where a server would be logged as
    timed out during transfer that take longer to complete than the fixed
    time-out, and one where clients were logged as timed-out during the data
    phase because they didn't have anything to send. This sometimes caused
    slow client connections to close too early while in fact there was no
    problem. The proper fix would be to have a per-fd time-out with
    conditions depending on the state of the HTTP FSM.

2003/04/16 : 1.1.19
  - haproxy was NOT RFC compliant because it was case-sensitive on HTTP
    "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
    cookie persistence because it uses "cookie:". Two memcmp() have been
    replaced with strncasecmp().

2003/04/02 : 1.1.18
  - Haproxy can be compiled with PCRE regex instead of libc regex, by setting
    REGEX=pcre on the make command line.
  - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
  - when explicit source address binding is required, it is now also used for
    health-checks.
  - added 'reqpass' and 'reqipass' to allow certain headers but not the request
    itself.
  - factored several strings to reduce binary size by about 2 kB.
  - replaced setreuid() and setregid() with more standard setuid() and setgid().
  - added 4 status flags to the log line indicating who ended the connection
    first, the sessions state, the validity of the cookie, and action taken on
    the set-cookie header.

2002/10/18 : 1.1.17
  - add the notion of "backup" servers, which are used only when all other
    servers are down.
  - make Set-Cookie return "" instead of "(null)" when the server has no
    cookie assigned (useful for backup servers).
  - "log" now supports an optionnal level name (info, notice, err ...) above
    which nothing is sent.
  - replaced some strncmp() with memcmp() for better efficiency.
  - added "capture cookie" option which logs client and/or server cookies
  - cleaned up/down messages and dump servers states upon SIGHUP
  - added a redirection feature for errors : "errorloc <errnum> <url>"
  - now we won't insist on connecting to a dead server, even with a cookie,
    unless option "persist" is specified.
  - added HTTP/408 response for client request time-out and HTTP/50[234] for
    server reply time-out or errors.

2002/09/01 : 1.1.16
  - implement HTTP health checks when option "httpchk" is specified.

2002/08/07 : 1.1.15
  - replaced setpgid()/setpgrp() with setsid() for better portability, because
    setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.

2002/07/20 : 1.1.14
  - added "postonly" cookie mode

2002/07/15 : 1.1.13
  - tv_diff used inverted parameters which led to negative times !

2002/07/13 : 1.1.12
  - fixed stats monitoring, and optimized some tv_* for most common cases.
  - replaced temporary 'newhdr' with 'trash' to reduce stack size
  - made HTTP errors more HTML-fiendly.
  - renamed strlcpy() to strlcpy2() because of a slightly difference between
    their behaviour (return value), to avoid confusion.
  - restricted HTTP messages to HTTP proxies only
  - added a 502 message when the connection has been refused by the server,
    to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
  - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
    inserting a cookie, because some caches (apache) don't understand it.
  - fixed processing of server headers when client is in SHUTR state

2002/07/04 :
  - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
    setpgid()

2002/06/04 : 1.1.11
  - fixed multi-cookie handling in client request to allow clean deletion
    in insert+indirect mode. Now, only the server cookie is deleted and not
    all the header. Should now be compliant to RFC2965.
  - added a "nocache" option to "cookie" to specify that we explicitly want
    to add a "cache-control" header when we add a cookie.
    It is also possible to add an "Expires: <old-date>" to keep compatibility
    with old/broken caches.

2002/05/10 : 1.1.10
  - if a cookie is used in insert+indirect mode, it's desirable that the
    the servers don't see it. It was not possible to remove it correctly
    with regexps, so now it's removed automatically.

2002/04/19 : 1.1.9
  - don't use snprintf()'s return value as an end of message since it may
    be larger. This caused bus errors and segfaults in internal libc's
    getenv() during localtime() in send_log().
  - removed dead insecure send_syslog() function and all references to it.
  - fixed warnings on Solaris due to buggy implementation of isXXXX().

2002/04/18 : 1.1.8
  - option "dontlognull"
  - fixed "double space" bug in config parser
  - fixed an uninitialized server field in case of dispatch
    with no existing server which could cause a segfault during
    logging.
  - the pid logged was always the father's, which was wrong for daemons.
  - fixed wrong level "LOG_INFO" for message "proxy started".

2002/04/13 :
  - http logging is now complete :
    - ip:port, date, proxy, server
    - req_time, conn_time, hdr_time, tot_time
    - status, size, request
  - source address

2002/04/12 : 1.1.7
  - added option forwardfor
  - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
  - added "log global" in "listen" section.

2002/04/09 :
  - added a new "global" section :
    - logs
    - debug, quiet, daemon modes
    - uid, gid, chroot, nbproc, maxconn

2002/04/08 : 1.1.6
  - regex are now chained and not limited anymore.
  - unavailable server now returns HTTP/502.
  - increased per-line args limit to 40
  - added reqallow/reqdeny to block some request on matches
  - added HTTP 400/403 responses

2002/04/03 : 1.1.5
  - connection logging displayed incorrect source address.
  - added proxy start/stop and server up/down log events.
  - replaced log message short buffers with larger trash.
  - enlarged buffer to 8 kB and replace buffer to 4 kB.

2002/03/25 : 1.1.4
  - made rise/fall/interval time configurable

2002/03/22 : 1.1.3
  - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
    which could lead to loops.

2002/03/21 : 1.1.2
  - fixed a bug in buffer management where we could have a loop
    between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
    => implemented an adjustable buffer limit.
  - fixed a bug : expiration of tasks in wait queue timeout is used again,
    and running tasks are skipped.
  - added some debug lines for accept events.
  - send warnings for servers up/down.

2002/03/12 : 1.1.1
  - fixed a bug in total failure handling
  - fixed a bug in timestamp comparison within same second (tv_cmp_ms)

2002/03/10 : 1.1.0
  - fixed a few timeout bugs
  - rearranged the task scheduler subsystem to improve performance,
    add new tasks, and make it easier to later port to librt ;
  - allow multiple accept() for one select() wake up ;
  - implemented internal load balancing with basic health-check ;
  - cookie insertion and header add/replace/delete, with better strings
    support.

2002/03/08
  - reworked buffer handling to fix a few rewrite bugs, and
    improve overall performance.
  - implement the "purge" option to delete server cookies in direct mode.

2002/03/07
  - fixed some error cases where the maxfd was not decreased.

2002/02/26
  - now supports transparent proxying, at least on linux 2.4.

2002/02/12
  - soft stop works again (fixed select timeout computation).
  - it seems that TCP proxies sometimes cannot timeout.
  - added a "quiet" mode.
  - enforce file descriptor limitation on socket() and accept().

2001/12/30 : release of version 1.0.2 : fixed a bug in header processing
2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
2001/12/16 : release of version 1.0.0.
2001/12/16 : added syslog capability for each accepted connection.
2001/11/19 : corrected premature end of files and occasional SIGPIPE.
2001/10/31 : added health-check type servers (mode health) which replies OK then closes.
2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
		with or without cookies (use keyword http for this).
2001/09/01 : added client/server header replacing with regexps.
		eg:
       		cliexp ^(Host:\ [^:]*).* Host:\ \1:80
       		srvexp ^Server:\ .* Server:\ Apache
2000/11/29 : first fully working release with complete FSMs and timeouts.
2000/11/28 : major rewrite
2000/11/26 : first write