blob: a9fc400b10e3aff6ed4dff943a9f9dd18a5420d2 [file] [log] [blame]
willy tarreau036e1ce2005-12-17 13:46:33 +01001ChangeLog :
2===========
willy tarreau4302f492005-12-18 01:00:37 +01003
willy tarreauc5f73ed2005-12-18 01:26:38 +010042005/08/07 : 1.2.6
5 - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
6
72005/07/06 : 1.2.6-pre5 (1.1.32)
willy tarreau0fe39652005-12-18 01:25:24 +01008 - added the number of active sessions (proxy/process) in the logs
9
102005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
willy tarreaub1285d52005-12-18 01:20:14 +010011 - the time-out fix introduced in 1.1.25 caused a corner case where it was
12 possible for a client to keep a connection maintained regardless of the
13 timeout if the server closed the connection during the HEADER phase,
14 while the client ignored the close request while doing nothing in the
15 other direction. This has been fixed now by ensuring that read timeouts
16 are re-armed when switching to any SHUTW state.
17
182005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
19 - enhanced error reporting in the logs. Now the proxy will precisely detect
20 various error conditions related to the system and/or process limits, and
21 generate LOG_EMERG logs indicating that a resource has been exhausted.
22 - logs will contain two new characters for the error cause : 'R' indicates
23 a resource exhausted, and 'I' indicates an internal error, though this
24 one should never happen.
25 - server connection timeouts can now be reported in the logs (sC), as well
26 as connections refused because of maxconn limitations (PC).
27
282005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
29 - new global configuration keyword "ulimit-n" may be used to raise the FD
30 limit to usable values.
31 - a warning is now displayed on startup if the FD limit is lower than the
32 configured maximum number of sockets.
33
342005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
35 - new configuration keyword "monitor-net" makes it possible to be monitored
36 by external devices which connect to the proxy without being logged nor
37 forwarded to any server. Particularly useful on generic TCPv4 relays.
38
willy tarreau5dffb602005-12-18 01:15:23 +0100392005/06/21 : 1.2.5.2
40 - fixed build on PPC where chars are unsigned by default
41
willy tarreau08dedbe2005-12-18 01:13:48 +0100422005/05/02 : 1.2.5.1
43 - dirty hack to fix a bug introduced with epoll : if we close an FD and
44 immediately reassign it to another session through a connect(), the
45 Prev{Read,Write}Events are not updated, which causes trouble detecting
46 changes, thus leading to many timeouts at high loads.
47
willy tarreau64a3cc32005-12-18 01:13:11 +0100482005/04/30 : 1.2.5 (1.1.31)
49 - changed the runtime argument to disable epoll() to '-de'
50 - changed the runtime argument to disable poll() to '-dp'
51 - added global options 'nopoll' and 'noepoll' to do the same at the
52 configuration level.
53 - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
54 support epoll().
55 - changed default FD_SETSIZE to 65536 on Solaris (default=1024)
56 - conditionned signals redirection to #ifdef DEBUG_MEMORY
57
willy tarreau1c2ad212005-12-18 01:11:29 +0100582005/04/26 : 1.2.5-pre4
59 - made epoll() support a compile-time option : ENABLE_EPOLL
60 - provided a very little libc replacement for a possibly missing epoll()
61 implementation which can be enabled by -DUSE_MY_EPOLL
62 - implemented the poll() poller, which can be enabled with -DENABLE_POLL.
63 The equivalent runtime argument becomes '-P'. A few tests show that it
64 performs like select() with many fds, but slightly slower (certainly
65 because of the higher amount of memory involved).
66 - separated the 3 polling methods and the tasks scheduler into 4 distinct
67 functions which makes the code a lot more modular.
68 - moved some event tables to private static declarations inside the poller
69 functions.
70 - the poller functions can now initialize themselves, run, and cleanup.
71 - changed the runtime argument to enable epoll() to '-E'.
72 - removed buggy epoll_ctl() code in the client_retnclose() function. This
73 function was never meant to remove anything.
74 - fixed a typo which caused glibc to yell about a double free on exit.
75 - removed error checking after epoll_ctl(DEL) because we can never know if
76 the fd is still active or already closed.
77 - added a few entries in the makefile
78
willy tarreauad90a0c2005-12-18 01:09:15 +0100792005/04/25 : 1.2.5-pre3
80 - experimental epoll() support (use temporary '-e' argument)
81
822005/04/24 : 1.2.5-pre2
willy tarreauc1f47532005-12-18 01:08:26 +010083 - implemented the HTTP 303 code for error redirection. This forces the
84 browser to fetch the given URI with a GET request. The new keyword for
85 this is 'errorloc303', and a new 'errorloc302' keyword has been created
86 to make them easily distinguishable.
87 - added more controls in the parser for valid use of '\x' sequence.
88 - few fixes from Alex & Klaus
89
willy tarreauad90a0c2005-12-18 01:09:15 +0100902005/02/17 : 1.2.5-pre1
willy tarreauc1f47532005-12-18 01:08:26 +010091 - fixed a few errors in the documentation
92
932005/02/13
94 - do not pre-initialize unused file-descriptors before select() anymore.
95
willy tarreau12350152005-12-18 01:03:27 +0100962005/01/22 : 1.2.4
97 - merged Alexander Lazic's and Klaus Wagner's work on application
98 cookie-based persistence. Since this is the first merge, this version is
99 not intended for general use and reports are more than welcome. Some
100 documentation is really needed though.
101
willy tarreau0174f312005-12-18 01:02:42 +01001022005/01/22 : 1.2.3 (1.1.30)
103 - add an architecture guide to the documentation
104 - released without any changes
105
1062004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
107 - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
108 compatible with Apache. This limit can be configured in the makefile now.
109 Thanks to Eric Fehr for the checks.
110 - added a per-server "source" option which now makes it possible to bind to
111 a different source for each (potentially identical) server.
112 - changed cookie-based server selection slightly to allow several servers to
113 share a same cookie, thus making it possible to associate backup servers to
114 live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
115 - added the cookie 'prefix' mode which makes it possible to use persistence
116 with thin clients which support only one cookie. The server name is prefixed
117 before the application cookie, and restore back.
118 - fixed the order of servers within an instance to match documentation. Now
119 the servers are *really* used in the order of their declaration. This is
120 particularly important when multiple backup servers are in use.
121
willy tarreau4302f492005-12-18 01:00:37 +01001222004/10/18 : 1.2.2 (1.1.29)
123 - fixed a bug where a TCP connection would be logged twice if the 'logasap'
124 option was enabled without the 'tcplog' option.
125 - encode_string() would use hdr_encode_map instead of the map argument.
126
1272004/08/10 : (1.1.29-pre2)
128 - the logged request is now encoded with '#XX' for unprintable characters
129 - new keywords 'capture request header' and 'capture response header' enable
130 logging of arbitrary HTTP headers in requests and responses
131 - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
132
willy tarreau982249e2005-12-18 00:57:06 +01001332004/06/06 : 1.2.1 (1.1.28)
134 - added the '-V' command line option to verbosely report errors even though
135 the -q or 'quiet' options are specified. This is useful with '-c'.
136 - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
willy tarreau036e1ce2005-12-17 13:46:33 +0100137
willy tarreau982249e2005-12-18 00:57:06 +01001382004/06/05 :
139 - added the "logasap" option which produces a log without waiting for the data
140 to be transferred from the server to the client.
141 - added the "httpclose" option which removes any "connection:" header and adds
142 "Connection: close" in both direction.
willy tarreau97f58572005-12-18 00:53:44 +0100143 - added the 'checkcache' option which blocks cacheable responses containing
144 dangerous headers, such as 'set-cookie'.
willy tarreau982249e2005-12-18 00:57:06 +0100145 - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
146 information leak from servers.
willy tarreau25c4ea52005-12-18 00:49:49 +0100147
1482004/04/18 :
willy tarreaudd07e972005-12-18 00:48:48 +0100149 - send an EMERG log when no server is available for a given proxy
150 - added the '-c' command line option to syntactically check the
151 configuration file without starting the service.
152
willy tarreau8a86dbf2005-12-18 00:45:59 +01001532003/11/09 : 1.2.0
154 - the same as 1.1.27 + IPv6 support on the client side
155
willy tarreaufe2c5c12005-12-17 14:14:34 +01001562003/10/27 : 1.1.27
157 - the configurable HTTP health check introduced in 1.1.23 revealed a shameful
158 bug : the code still assumed that HTTP requests were the same size as the
159 original ones (22 bytes), and failed if they were not.
160 - added support for pidfiles.
161
willy tarreauc58fc692005-12-17 14:13:08 +01001622003/10/22 : 1.1.26
163 - the fix introduced in 1.1.25 for client timeouts while waiting for servers
164 broke almost all compatibility with POST requests, because the proxy
165 stopped to read anything from the client as soon as it got all of its
166 headers.
167
willy tarreauc1cae632005-12-17 14:12:23 +01001682003/10/15 : 1.1.25
169 - added the 'tcplog' option, which provides enhanced, HTTP-like logs for
170 generic TCP proxies, or lighter logs for HTTP proxies.
171 - fixed a time-out condition wrongly reported as client time-out in data
172 phase if the client timeout was lower than the connect timeout times the
173 number of retries.
174
willy tarreau197e8ec2005-12-17 14:10:59 +01001752003/09/21 : 1.1.24
176 - if a client sent a full request then shut its write connection down, then
177 the request was aborted. This case was detected only when using haproxy
178 both as health-check client and as a server.
179 - if 'option httpchk' is used in a 'health' mode server, then responses will
180 change from 'OK' to 'HTTP/1.0 200 OK'.
181 - fixed a Linux-only bug in case of HTTP server health-checks, where a single
182 server response followed by a close could be ignored, and the server seen
183 as failed.
184
willy tarreaueedaa9f2005-12-17 14:08:03 +01001852003/09/19 : 1.1.23
186 - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
187 'default' sections to keep previous parameters, and not initialize logs
188 correctly.
189 - fixed a second stupid bug introduced in 1.1.22 which caused configurations
190 relying on 'dispatch' mode to segfault at the first connection.
191 - 'option httpchk' now supports method, HTTP version and a few headers.
192 - now, 'option httpchk', 'cookie' and 'capture' can be specified in
193 'defaults' section
194
1952003/09/10 : 1.1.22
willy tarreaua41a8b42005-12-17 14:02:24 +0100196 - 'listen' now supports optionnal address:port-range lists
197 - 'bind' introduced to add new listen addresses
198 - fixed a bug which caused a session to be kept established on a server till
199 it timed out if the client closed during the DATA phase.
200 - the port part of each server address can now be empty to make the proxy
201 connect to the server on the same port it was connected to, be an absolute
202 unsigned number to reflect a single port (as in older versions), or an
203 explicitly signed number (+N/-N) to indicate that this offset must be
204 applied to the port the proxy was connected to, when connecting to the
205 server.
206 - the 'port' server option allows the user to specify a different
207 health-check port than the service one. It is mandatory when only relative
208 ports have been specified and check is required. By default, the checks are
209 sent to the service port.
210 - new 'defaults' section which is rather similar to 'listen' except that all
211 values are only used as default values for future 'listen' sections, until
212 a new 'defaults' resets them. At the moment, server options, regexes,
213 cookie names and captures cannot be set in the 'defaults' section.
214
willy tarreau2f6ba652005-12-17 13:57:42 +01002152003/05/06 : 1.1.21
216 - changed the debug output format so that it now includes the session unique
217 ID followed by the instance name at the beginning of each line.
218 - in debug mode, accept now shows the client's IP and port.
219 - added one 3 small debugging scripts to search and pretty print debug output
220 - changed the default health check request to "OPTIONS /" instead of
221 "OPTIONS *" since not all servers implement the later one.
222 - "option httpchk" now accepts an optional parameter allowing the user to
223 specify and URI other than '/' during health-checks.
224
willy tarreaub1ff9db2005-12-17 13:51:03 +01002252003/04/21 : 1.1.20
226 - fixed two problems with time-outs, one where a server would be logged as
227 timed out during transfer that take longer to complete than the fixed
228 time-out, and one where clients were logged as timed-out during the data
229 phase because they didn't have anything to send. This sometimes caused
230 slow client connections to close too early while in fact there was no
231 problem. The proper fix would be to have a per-fd time-out with
232 conditions depending on the state of the HTTP FSM.
233
willy tarreau906b2682005-12-17 13:49:52 +01002342003/04/16 : 1.1.19
235 - haproxy was NOT RFC compliant because it was case-sensitive on HTTP
236 "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
237 cookie persistence because it uses "cookie:". Two memcmp() have been
238 replaced with strncasecmp().
239
willy tarreau036e1ce2005-12-17 13:46:33 +01002402003/04/02 : 1.1.18
241 - Haproxy can be compiled with PCRE regex instead of libc regex, by setting
242 REGEX=pcre on the make command line.
243 - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
244 - when explicit source address binding is required, it is now also used for
245 health-checks.
246 - added 'reqpass' and 'reqipass' to allow certain headers but not the request
247 itself.
248 - factored several strings to reduce binary size by about 2 kB.
249 - replaced setreuid() and setregid() with more standard setuid() and setgid().
250 - added 4 status flags to the log line indicating who ended the connection
251 first, the sessions state, the validity of the cookie, and action taken on
252 the set-cookie header.
253
2542002/10/18 : 1.1.17
255 - add the notion of "backup" servers, which are used only when all other
256 servers are down.
257 - make Set-Cookie return "" instead of "(null)" when the server has no
258 cookie assigned (useful for backup servers).
259 - "log" now supports an optionnal level name (info, notice, err ...) above
260 which nothing is sent.
261 - replaced some strncmp() with memcmp() for better efficiency.
262 - added "capture cookie" option which logs client and/or server cookies
263 - cleaned up/down messages and dump servers states upon SIGHUP
264 - added a redirection feature for errors : "errorloc <errnum> <url>"
265 - now we won't insist on connecting to a dead server, even with a cookie,
266 unless option "persist" is specified.
267 - added HTTP/408 response for client request time-out and HTTP/50[234] for
268 server reply time-out or errors.
269
2702002/09/01 : 1.1.16
271 - implement HTTP health checks when option "httpchk" is specified.
272
2732002/08/07 : 1.1.15
274 - replaced setpgid()/setpgrp() with setsid() for better portability, because
275 setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.
276
2772002/07/20 : 1.1.14
278 - added "postonly" cookie mode
279
2802002/07/15 : 1.1.13
281 - tv_diff used inverted parameters which led to negative times !
282
2832002/07/13 : 1.1.12
284 - fixed stats monitoring, and optimized some tv_* for most common cases.
285 - replaced temporary 'newhdr' with 'trash' to reduce stack size
286 - made HTTP errors more HTML-fiendly.
287 - renamed strlcpy() to strlcpy2() because of a slightly difference between
288 their behaviour (return value), to avoid confusion.
289 - restricted HTTP messages to HTTP proxies only
290 - added a 502 message when the connection has been refused by the server,
291 to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
292 - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
293 inserting a cookie, because some caches (apache) don't understand it.
294 - fixed processing of server headers when client is in SHUTR state
295
2962002/07/04 :
297 - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
298 setpgid()
299
3002002/06/04 : 1.1.11
301 - fixed multi-cookie handling in client request to allow clean deletion
302 in insert+indirect mode. Now, only the server cookie is deleted and not
willy tarreau906b2682005-12-17 13:49:52 +0100303 all the header. Should now be compliant to RFC2965.
willy tarreau036e1ce2005-12-17 13:46:33 +0100304 - added a "nocache" option to "cookie" to specify that we explicitly want
305 to add a "cache-control" header when we add a cookie.
306 It is also possible to add an "Expires: <old-date>" to keep compatibility
307 with old/broken caches.
308
3092002/05/10 : 1.1.10
310 - if a cookie is used in insert+indirect mode, it's desirable that the
311 the servers don't see it. It was not possible to remove it correctly
312 with regexps, so now it's removed automatically.
313
3142002/04/19 : 1.1.9
315 - don't use snprintf()'s return value as an end of message since it may
316 be larger. This caused bus errors and segfaults in internal libc's
317 getenv() during localtime() in send_log().
318 - removed dead insecure send_syslog() function and all references to it.
319 - fixed warnings on Solaris due to buggy implementation of isXXXX().
320
3212002/04/18 : 1.1.8
322 - option "dontlognull"
323 - fixed "double space" bug in config parser
324 - fixed an uninitialized server field in case of dispatch
325 with no existing server which could cause a segfault during
326 logging.
327 - the pid logged was always the father's, which was wrong for daemons.
328 - fixed wrong level "LOG_INFO" for message "proxy started".
329
3302002/04/13 :
331 - http logging is now complete :
332 - ip:port, date, proxy, server
333 - req_time, conn_time, hdr_time, tot_time
334 - status, size, request
335 - source address
336
3372002/04/12 : 1.1.7
338 - added option forwardfor
339 - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
340 - added "log global" in "listen" section.
341
3422002/04/09 :
343 - added a new "global" section :
344 - logs
345 - debug, quiet, daemon modes
346 - uid, gid, chroot, nbproc, maxconn
347
3482002/04/08 : 1.1.6
349 - regex are now chained and not limited anymore.
350 - unavailable server now returns HTTP/502.
351 - increased per-line args limit to 40
352 - added reqallow/reqdeny to block some request on matches
353 - added HTTP 400/403 responses
354
3552002/04/03 : 1.1.5
356 - connection logging displayed incorrect source address.
357 - added proxy start/stop and server up/down log events.
358 - replaced log message short buffers with larger trash.
359 - enlarged buffer to 8 kB and replace buffer to 4 kB.
360
3612002/03/25 : 1.1.4
362 - made rise/fall/interval time configurable
363
3642002/03/22 : 1.1.3
365 - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
366 which could lead to loops.
367
3682002/03/21 : 1.1.2
369 - fixed a bug in buffer management where we could have a loop
370 between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
371 => implemented an adjustable buffer limit.
372 - fixed a bug : expiration of tasks in wait queue timeout is used again,
373 and running tasks are skipped.
374 - added some debug lines for accept events.
375 - send warnings for servers up/down.
376
3772002/03/12 : 1.1.1
378 - fixed a bug in total failure handling
379 - fixed a bug in timestamp comparison within same second (tv_cmp_ms)
380
3812002/03/10 : 1.1.0
382 - fixed a few timeout bugs
383 - rearranged the task scheduler subsystem to improve performance,
384 add new tasks, and make it easier to later port to librt ;
385 - allow multiple accept() for one select() wake up ;
386 - implemented internal load balancing with basic health-check ;
387 - cookie insertion and header add/replace/delete, with better strings
388 support.
389
3902002/03/08
391 - reworked buffer handling to fix a few rewrite bugs, and
392 improve overall performance.
393 - implement the "purge" option to delete server cookies in direct mode.
394
3952002/03/07
396 - fixed some error cases where the maxfd was not decreased.
397
3982002/02/26
399 - now supports transparent proxying, at least on linux 2.4.
400
4012002/02/12
402 - soft stop works again (fixed select timeout computation).
403 - it seems that TCP proxies sometimes cannot timeout.
404 - added a "quiet" mode.
405 - enforce file descriptor limitation on socket() and accept().
406
4072001/12/30 : release of version 1.0.2 : fixed a bug in header processing
4082001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
4092001/12/16 : release of version 1.0.0.
4102001/12/16 : added syslog capability for each accepted connection.
4112001/11/19 : corrected premature end of files and occasional SIGPIPE.
4122001/10/31 : added health-check type servers (mode health) which replies OK then closes.
4132001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
414 with or without cookies (use keyword http for this).
4152001/09/01 : added client/server header replacing with regexps.
416 eg:
417 cliexp ^(Host:\ [^:]*).* Host:\ \1:80
418 srvexp ^Server:\ .* Server:\ Apache
4192000/11/29 : first fully working release with complete FSMs and timeouts.
4202000/11/28 : major rewrite
4212000/11/26 : first write