willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 1 | ChangeLog : |
| 2 | =========== |
willy tarreau | 4302f49 | 2005-12-18 01:00:37 +0100 | [diff] [blame^] | 3 | |
| 4 | 2004/10/18 : 1.2.2 (1.1.29) |
| 5 | - fixed a bug where a TCP connection would be logged twice if the 'logasap' |
| 6 | option was enabled without the 'tcplog' option. |
| 7 | - encode_string() would use hdr_encode_map instead of the map argument. |
| 8 | |
| 9 | 2004/08/10 : (1.1.29-pre2) |
| 10 | - the logged request is now encoded with '#XX' for unprintable characters |
| 11 | - new keywords 'capture request header' and 'capture response header' enable |
| 12 | logging of arbitrary HTTP headers in requests and responses |
| 13 | - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton() |
| 14 | |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 15 | 2004/06/06 : 1.2.1 (1.1.28) |
| 16 | - added the '-V' command line option to verbosely report errors even though |
| 17 | the -q or 'quiet' options are specified. This is useful with '-c'. |
| 18 | - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch> |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 19 | |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 20 | 2004/06/05 : |
| 21 | - added the "logasap" option which produces a log without waiting for the data |
| 22 | to be transferred from the server to the client. |
| 23 | - added the "httpclose" option which removes any "connection:" header and adds |
| 24 | "Connection: close" in both direction. |
willy tarreau | 97f5857 | 2005-12-18 00:53:44 +0100 | [diff] [blame] | 25 | - added the 'checkcache' option which blocks cacheable responses containing |
| 26 | dangerous headers, such as 'set-cookie'. |
willy tarreau | 982249e | 2005-12-18 00:57:06 +0100 | [diff] [blame] | 27 | - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible |
| 28 | information leak from servers. |
willy tarreau | 25c4ea5 | 2005-12-18 00:49:49 +0100 | [diff] [blame] | 29 | |
| 30 | 2004/04/18 : |
willy tarreau | dd07e97 | 2005-12-18 00:48:48 +0100 | [diff] [blame] | 31 | - send an EMERG log when no server is available for a given proxy |
| 32 | - added the '-c' command line option to syntactically check the |
| 33 | configuration file without starting the service. |
| 34 | |
willy tarreau | 8a86dbf | 2005-12-18 00:45:59 +0100 | [diff] [blame] | 35 | 2003/11/09 : 1.2.0 |
| 36 | - the same as 1.1.27 + IPv6 support on the client side |
| 37 | |
willy tarreau | fe2c5c1 | 2005-12-17 14:14:34 +0100 | [diff] [blame] | 38 | 2003/10/27 : 1.1.27 |
| 39 | - the configurable HTTP health check introduced in 1.1.23 revealed a shameful |
| 40 | bug : the code still assumed that HTTP requests were the same size as the |
| 41 | original ones (22 bytes), and failed if they were not. |
| 42 | - added support for pidfiles. |
| 43 | |
willy tarreau | c58fc69 | 2005-12-17 14:13:08 +0100 | [diff] [blame] | 44 | 2003/10/22 : 1.1.26 |
| 45 | - the fix introduced in 1.1.25 for client timeouts while waiting for servers |
| 46 | broke almost all compatibility with POST requests, because the proxy |
| 47 | stopped to read anything from the client as soon as it got all of its |
| 48 | headers. |
| 49 | |
willy tarreau | c1cae63 | 2005-12-17 14:12:23 +0100 | [diff] [blame] | 50 | 2003/10/15 : 1.1.25 |
| 51 | - added the 'tcplog' option, which provides enhanced, HTTP-like logs for |
| 52 | generic TCP proxies, or lighter logs for HTTP proxies. |
| 53 | - fixed a time-out condition wrongly reported as client time-out in data |
| 54 | phase if the client timeout was lower than the connect timeout times the |
| 55 | number of retries. |
| 56 | |
willy tarreau | 197e8ec | 2005-12-17 14:10:59 +0100 | [diff] [blame] | 57 | 2003/09/21 : 1.1.24 |
| 58 | - if a client sent a full request then shut its write connection down, then |
| 59 | the request was aborted. This case was detected only when using haproxy |
| 60 | both as health-check client and as a server. |
| 61 | - if 'option httpchk' is used in a 'health' mode server, then responses will |
| 62 | change from 'OK' to 'HTTP/1.0 200 OK'. |
| 63 | - fixed a Linux-only bug in case of HTTP server health-checks, where a single |
| 64 | server response followed by a close could be ignored, and the server seen |
| 65 | as failed. |
| 66 | |
willy tarreau | eedaa9f | 2005-12-17 14:08:03 +0100 | [diff] [blame] | 67 | 2003/09/19 : 1.1.23 |
| 68 | - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent |
| 69 | 'default' sections to keep previous parameters, and not initialize logs |
| 70 | correctly. |
| 71 | - fixed a second stupid bug introduced in 1.1.22 which caused configurations |
| 72 | relying on 'dispatch' mode to segfault at the first connection. |
| 73 | - 'option httpchk' now supports method, HTTP version and a few headers. |
| 74 | - now, 'option httpchk', 'cookie' and 'capture' can be specified in |
| 75 | 'defaults' section |
| 76 | |
| 77 | 2003/09/10 : 1.1.22 |
willy tarreau | a41a8b4 | 2005-12-17 14:02:24 +0100 | [diff] [blame] | 78 | - 'listen' now supports optionnal address:port-range lists |
| 79 | - 'bind' introduced to add new listen addresses |
| 80 | - fixed a bug which caused a session to be kept established on a server till |
| 81 | it timed out if the client closed during the DATA phase. |
| 82 | - the port part of each server address can now be empty to make the proxy |
| 83 | connect to the server on the same port it was connected to, be an absolute |
| 84 | unsigned number to reflect a single port (as in older versions), or an |
| 85 | explicitly signed number (+N/-N) to indicate that this offset must be |
| 86 | applied to the port the proxy was connected to, when connecting to the |
| 87 | server. |
| 88 | - the 'port' server option allows the user to specify a different |
| 89 | health-check port than the service one. It is mandatory when only relative |
| 90 | ports have been specified and check is required. By default, the checks are |
| 91 | sent to the service port. |
| 92 | - new 'defaults' section which is rather similar to 'listen' except that all |
| 93 | values are only used as default values for future 'listen' sections, until |
| 94 | a new 'defaults' resets them. At the moment, server options, regexes, |
| 95 | cookie names and captures cannot be set in the 'defaults' section. |
| 96 | |
willy tarreau | 2f6ba65 | 2005-12-17 13:57:42 +0100 | [diff] [blame] | 97 | 2003/05/06 : 1.1.21 |
| 98 | - changed the debug output format so that it now includes the session unique |
| 99 | ID followed by the instance name at the beginning of each line. |
| 100 | - in debug mode, accept now shows the client's IP and port. |
| 101 | - added one 3 small debugging scripts to search and pretty print debug output |
| 102 | - changed the default health check request to "OPTIONS /" instead of |
| 103 | "OPTIONS *" since not all servers implement the later one. |
| 104 | - "option httpchk" now accepts an optional parameter allowing the user to |
| 105 | specify and URI other than '/' during health-checks. |
| 106 | |
willy tarreau | b1ff9db | 2005-12-17 13:51:03 +0100 | [diff] [blame] | 107 | 2003/04/21 : 1.1.20 |
| 108 | - fixed two problems with time-outs, one where a server would be logged as |
| 109 | timed out during transfer that take longer to complete than the fixed |
| 110 | time-out, and one where clients were logged as timed-out during the data |
| 111 | phase because they didn't have anything to send. This sometimes caused |
| 112 | slow client connections to close too early while in fact there was no |
| 113 | problem. The proper fix would be to have a per-fd time-out with |
| 114 | conditions depending on the state of the HTTP FSM. |
| 115 | |
willy tarreau | 906b268 | 2005-12-17 13:49:52 +0100 | [diff] [blame] | 116 | 2003/04/16 : 1.1.19 |
| 117 | - haproxy was NOT RFC compliant because it was case-sensitive on HTTP |
| 118 | "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on |
| 119 | cookie persistence because it uses "cookie:". Two memcmp() have been |
| 120 | replaced with strncasecmp(). |
| 121 | |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 122 | 2003/04/02 : 1.1.18 |
| 123 | - Haproxy can be compiled with PCRE regex instead of libc regex, by setting |
| 124 | REGEX=pcre on the make command line. |
| 125 | - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /". |
| 126 | - when explicit source address binding is required, it is now also used for |
| 127 | health-checks. |
| 128 | - added 'reqpass' and 'reqipass' to allow certain headers but not the request |
| 129 | itself. |
| 130 | - factored several strings to reduce binary size by about 2 kB. |
| 131 | - replaced setreuid() and setregid() with more standard setuid() and setgid(). |
| 132 | - added 4 status flags to the log line indicating who ended the connection |
| 133 | first, the sessions state, the validity of the cookie, and action taken on |
| 134 | the set-cookie header. |
| 135 | |
| 136 | 2002/10/18 : 1.1.17 |
| 137 | - add the notion of "backup" servers, which are used only when all other |
| 138 | servers are down. |
| 139 | - make Set-Cookie return "" instead of "(null)" when the server has no |
| 140 | cookie assigned (useful for backup servers). |
| 141 | - "log" now supports an optionnal level name (info, notice, err ...) above |
| 142 | which nothing is sent. |
| 143 | - replaced some strncmp() with memcmp() for better efficiency. |
| 144 | - added "capture cookie" option which logs client and/or server cookies |
| 145 | - cleaned up/down messages and dump servers states upon SIGHUP |
| 146 | - added a redirection feature for errors : "errorloc <errnum> <url>" |
| 147 | - now we won't insist on connecting to a dead server, even with a cookie, |
| 148 | unless option "persist" is specified. |
| 149 | - added HTTP/408 response for client request time-out and HTTP/50[234] for |
| 150 | server reply time-out or errors. |
| 151 | |
| 152 | 2002/09/01 : 1.1.16 |
| 153 | - implement HTTP health checks when option "httpchk" is specified. |
| 154 | |
| 155 | 2002/08/07 : 1.1.15 |
| 156 | - replaced setpgid()/setpgrp() with setsid() for better portability, because |
| 157 | setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD. |
| 158 | |
| 159 | 2002/07/20 : 1.1.14 |
| 160 | - added "postonly" cookie mode |
| 161 | |
| 162 | 2002/07/15 : 1.1.13 |
| 163 | - tv_diff used inverted parameters which led to negative times ! |
| 164 | |
| 165 | 2002/07/13 : 1.1.12 |
| 166 | - fixed stats monitoring, and optimized some tv_* for most common cases. |
| 167 | - replaced temporary 'newhdr' with 'trash' to reduce stack size |
| 168 | - made HTTP errors more HTML-fiendly. |
| 169 | - renamed strlcpy() to strlcpy2() because of a slightly difference between |
| 170 | their behaviour (return value), to avoid confusion. |
| 171 | - restricted HTTP messages to HTTP proxies only |
| 172 | - added a 502 message when the connection has been refused by the server, |
| 173 | to prevent clients from believing this is a zero-byte HTTP 0.9 reply. |
| 174 | - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when |
| 175 | inserting a cookie, because some caches (apache) don't understand it. |
| 176 | - fixed processing of server headers when client is in SHUTR state |
| 177 | |
| 178 | 2002/07/04 : |
| 179 | - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after |
| 180 | setpgid() |
| 181 | |
| 182 | 2002/06/04 : 1.1.11 |
| 183 | - fixed multi-cookie handling in client request to allow clean deletion |
| 184 | in insert+indirect mode. Now, only the server cookie is deleted and not |
willy tarreau | 906b268 | 2005-12-17 13:49:52 +0100 | [diff] [blame] | 185 | all the header. Should now be compliant to RFC2965. |
willy tarreau | 036e1ce | 2005-12-17 13:46:33 +0100 | [diff] [blame] | 186 | - added a "nocache" option to "cookie" to specify that we explicitly want |
| 187 | to add a "cache-control" header when we add a cookie. |
| 188 | It is also possible to add an "Expires: <old-date>" to keep compatibility |
| 189 | with old/broken caches. |
| 190 | |
| 191 | 2002/05/10 : 1.1.10 |
| 192 | - if a cookie is used in insert+indirect mode, it's desirable that the |
| 193 | the servers don't see it. It was not possible to remove it correctly |
| 194 | with regexps, so now it's removed automatically. |
| 195 | |
| 196 | 2002/04/19 : 1.1.9 |
| 197 | - don't use snprintf()'s return value as an end of message since it may |
| 198 | be larger. This caused bus errors and segfaults in internal libc's |
| 199 | getenv() during localtime() in send_log(). |
| 200 | - removed dead insecure send_syslog() function and all references to it. |
| 201 | - fixed warnings on Solaris due to buggy implementation of isXXXX(). |
| 202 | |
| 203 | 2002/04/18 : 1.1.8 |
| 204 | - option "dontlognull" |
| 205 | - fixed "double space" bug in config parser |
| 206 | - fixed an uninitialized server field in case of dispatch |
| 207 | with no existing server which could cause a segfault during |
| 208 | logging. |
| 209 | - the pid logged was always the father's, which was wrong for daemons. |
| 210 | - fixed wrong level "LOG_INFO" for message "proxy started". |
| 211 | |
| 212 | 2002/04/13 : |
| 213 | - http logging is now complete : |
| 214 | - ip:port, date, proxy, server |
| 215 | - req_time, conn_time, hdr_time, tot_time |
| 216 | - status, size, request |
| 217 | - source address |
| 218 | |
| 219 | 2002/04/12 : 1.1.7 |
| 220 | - added option forwardfor |
| 221 | - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel |
| 222 | - added "log global" in "listen" section. |
| 223 | |
| 224 | 2002/04/09 : |
| 225 | - added a new "global" section : |
| 226 | - logs |
| 227 | - debug, quiet, daemon modes |
| 228 | - uid, gid, chroot, nbproc, maxconn |
| 229 | |
| 230 | 2002/04/08 : 1.1.6 |
| 231 | - regex are now chained and not limited anymore. |
| 232 | - unavailable server now returns HTTP/502. |
| 233 | - increased per-line args limit to 40 |
| 234 | - added reqallow/reqdeny to block some request on matches |
| 235 | - added HTTP 400/403 responses |
| 236 | |
| 237 | 2002/04/03 : 1.1.5 |
| 238 | - connection logging displayed incorrect source address. |
| 239 | - added proxy start/stop and server up/down log events. |
| 240 | - replaced log message short buffers with larger trash. |
| 241 | - enlarged buffer to 8 kB and replace buffer to 4 kB. |
| 242 | |
| 243 | 2002/03/25 : 1.1.4 |
| 244 | - made rise/fall/interval time configurable |
| 245 | |
| 246 | 2002/03/22 : 1.1.3 |
| 247 | - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR] |
| 248 | which could lead to loops. |
| 249 | |
| 250 | 2002/03/21 : 1.1.2 |
| 251 | - fixed a bug in buffer management where we could have a loop |
| 252 | between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE. |
| 253 | => implemented an adjustable buffer limit. |
| 254 | - fixed a bug : expiration of tasks in wait queue timeout is used again, |
| 255 | and running tasks are skipped. |
| 256 | - added some debug lines for accept events. |
| 257 | - send warnings for servers up/down. |
| 258 | |
| 259 | 2002/03/12 : 1.1.1 |
| 260 | - fixed a bug in total failure handling |
| 261 | - fixed a bug in timestamp comparison within same second (tv_cmp_ms) |
| 262 | |
| 263 | 2002/03/10 : 1.1.0 |
| 264 | - fixed a few timeout bugs |
| 265 | - rearranged the task scheduler subsystem to improve performance, |
| 266 | add new tasks, and make it easier to later port to librt ; |
| 267 | - allow multiple accept() for one select() wake up ; |
| 268 | - implemented internal load balancing with basic health-check ; |
| 269 | - cookie insertion and header add/replace/delete, with better strings |
| 270 | support. |
| 271 | |
| 272 | 2002/03/08 |
| 273 | - reworked buffer handling to fix a few rewrite bugs, and |
| 274 | improve overall performance. |
| 275 | - implement the "purge" option to delete server cookies in direct mode. |
| 276 | |
| 277 | 2002/03/07 |
| 278 | - fixed some error cases where the maxfd was not decreased. |
| 279 | |
| 280 | 2002/02/26 |
| 281 | - now supports transparent proxying, at least on linux 2.4. |
| 282 | |
| 283 | 2002/02/12 |
| 284 | - soft stop works again (fixed select timeout computation). |
| 285 | - it seems that TCP proxies sometimes cannot timeout. |
| 286 | - added a "quiet" mode. |
| 287 | - enforce file descriptor limitation on socket() and accept(). |
| 288 | |
| 289 | 2001/12/30 : release of version 1.0.2 : fixed a bug in header processing |
| 290 | 2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris |
| 291 | 2001/12/16 : release of version 1.0.0. |
| 292 | 2001/12/16 : added syslog capability for each accepted connection. |
| 293 | 2001/11/19 : corrected premature end of files and occasional SIGPIPE. |
| 294 | 2001/10/31 : added health-check type servers (mode health) which replies OK then closes. |
| 295 | 2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies |
| 296 | with or without cookies (use keyword http for this). |
| 297 | 2001/09/01 : added client/server header replacing with regexps. |
| 298 | eg: |
| 299 | cliexp ^(Host:\ [^:]*).* Host:\ \1:80 |
| 300 | srvexp ^Server:\ .* Server:\ Apache |
| 301 | 2000/11/29 : first fully working release with complete FSMs and timeouts. |
| 302 | 2000/11/28 : major rewrite |
| 303 | 2000/11/26 : first write |