blob: 15e3c86b451f62d5da861883d5bced990e88edb0 [file] [log] [blame]
willy tarreau036e1ce2005-12-17 13:46:33 +01001ChangeLog :
2===========
willy tarreau4302f492005-12-18 01:00:37 +01003
Willy Tarreauff63b432009-03-09 01:03:42 +010042009/03/09 : 1.3.16-rc1
5 - appsessions: cleanup DEBUG_HASH and initialize request_counter
6 - [MINOR] acl: add new keyword "connslots"
7 - [MINOR] cfgparse: fix off-by 2 in error message size
8 - [BUILD] fix build with gcc 4.3
9 - [BUILD] fix MANDIR default location to match documentation
10 - [TESTS] add a debug patch to help trigger the stats bug
11 - [BUG] Flush buffers also where there are exactly 0 bytes left
12 - [MINOR] Allow to specify a domain for a cookie
13 - [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain)
14 - [MEDIUM] Fix memory freeing at exit
15 - [MEDIUM] Fix memory freeing at exit, part 2
16 - [BUG] Fix listen & more of 2 couples <ip>:<port>
17 - [DOC] remove buggy comment for use_backend
18 - [CRITICAL] fix server state tracking: it was O(n!) instead of O(n)
19 - [MEDIUM] add support for URI hash depth and length limits
20 - [MINOR] permit renaming of x-forwarded-for header
21 - [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface
22 - [BUILD] Haproxy won't compile if DEBUG_FULL is defined
23 - [MEDIUM] upgrade to ebtree v4.0
24 - [DOC] update the README file with new build options
25 - [MEDIUM] reduce risk of event starvation in ev_sepoll
26 - [MEDIUM] detect streaming buffers and tag them as such
27 - [MEDIUM] add support for conditional HTTP redirection
28 - [BUILD] make install should depend on haproxy not "all"
29 - [DEBUG] add a TRACE macro to facilitate runtime data extraction
30 - [BUG] event pollers must not wait if a task exists in the run queue
31 - [BUG] queue management: wake oldest request in queues
32 - [BUG] log: reported queue position was offed-by-one
33 - [BUG] fix the dequeuing logic to ensure that all requests get served
34 - [DOC] documentation for the "retries" parameter was missing.
35 - [MEDIUM] implement a monotonic internal clock
36 - [MEDIUM] further improve monotonic clock by check forward jumps
37 - [OPTIM] add branch prediction hints in list manipulations
38 - [MAJOR] replace ultree with ebtree in wait-queues
39 - [BUG] we could segfault during exit while freeing uri_auths
40 - [BUG] wqueue: perform proper timeout comparisons with wrapping values
41 - [MINOR] introduce now_ms, the current date in milliseconds
42 - [BUG] disable buffer read timeout when reading stats
43 - [MEDIUM] rework the wait queue mechanism
44 - [BUILD] change declaration of base64tab to fix build with Intel C++
45 - [OPTIM] shrink wake_expired_tasks() by using task_wakeup()
46 - [MAJOR] use an ebtree instead of a list for the run queue
47 - [MEDIUM] introduce task->nice and boot access to statistics
48 - [OPTIM] task_queue: assume most consecutive timers are equal
49 - [BUILD] silent a warning in unlikely() with gcc 4.x
50 - [MAJOR] convert all expiration timers from timeval to ticks
51 - [BUG] use_backend would not correctly consider "unless"
52 - [TESTS] added test-acl.cfg to test some ACL combinations
53 - [MEDIUM] add support for configuration keyword registration
54 - [MEDIUM] modularize the global "stats" keyword configuration parser
55 - [MINOR] cfgparse: add support for warnings in external functions
56 - [MEDIUM] modularize the "timeout" keyword configuration parser
57 - [MAJOR] implement tcp request content inspection
58 - [MINOR] acl: add a new parsing function: parse_dotted_ver
59 - [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version
60 - [CLEANUP] remove unused include/types/client.h
61 - [CLEANUP] remove many #include <types/xxx> from C files
62 - [CLEANUP] remove dependency on obsolete INTBITS macro
63 - [DOC] document the new "tcp-request" keyword and associated ACLs
64 - [MINOR] acl: add REQ_CONTENT to the list of default acls
65 - [MEDIUM] acl: permit fetch() functions to set the result themselves
66 - [MEDIUM] acl: get rid of dummy values in always_true/always_false
67 - [MINOR] acl: add the "wait_end" acl verb
68 - [MEDIUM] acl: enforce ACL type checking
69 - [MEDIUM] acl: set types on all currently known ACL verbs
70 - [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings
71 - [CLEANUP] remove 65 useless NULL checks before free
72 - [MEDIUM] memory: update pool_free2() to support NULL pointers
73 - [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns
74 - [MEDIUM] process_srv: rely on buffer flags for client shutdown
75 - [MEDIUM] process_srv: don't rely at all on client state
76 - [MEDIUM] process_cli: don't rely at all on server state
77 - [BUG] fix segfault with url_param + check_post
78 - [BUG] server timeout was not considered in some circumstances
79 - [BUG] client timeout incorrectly rearmed while waiting for server
80 - [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1)
81 - [MAJOR] get rid of SV_STANALYZE (step 2)
82 - [MEDIUM] simplify and centralize request timeout cancellation and request forwarding
83 - [MAJOR] completely separate HTTP and TCP states on the request path
84 - [BUG] fix recently introduced loop when client closes early
85 - [MAJOR] get rid of the SV_STHEADERS state
86 - [MAJOR] better separation of response processing and server state
87 - [MAJOR] clearly separate HTTP response processing from TCP server state
88 - [MEDIUM] remove unused references to {CL|SV}_STSHUT*
89 - [MINOR] term_trace: add better instrumentations to trace the code
90 - [BUG] ev_sepoll: closed file descriptors could persist in the spec list
91 - [BUG] process_response must not enable the read FD
92 - [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue
93 - [BUG] process_response: do not touch srv_state
94 - [BUG] maintain_proxies must not disable backends
95 - [CLEANUP] get rid of BF_SHUT*_PENDING
96 - [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l
97 - [MAJOR] process_session: rely only on buffer flags
98 - [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout
99 - [MEDIUM] centralize buffer timeout checks at the top of process_session
100 - [MINOR] ensure the termination flags are set by process_xxx
101 - [MEDIUM] session: move the analysis bit field to the buffer
102 - [OPTIM] process_cli/process_srv: reduce the number of tests
103 - [BUG] regparm is broken on gcc < 3
104 - [BUILD] fix warning in proto_tcp.c with gcc >= 4
105 - [MEDIUM] merge inspect_exp and txn->exp into request buffer
106 - [BUG] process_cli/process_srv: don't call shutdown when already done
107 - [BUG] process_request: HTTP body analysis must return zero if missing data
108 - [TESTS] test-fsm: 22 regression tests for state machines
109 - [BUG] Fix empty X-Forwarded-For header name when set in defaults section
110 - [BUG] fix harmless but wrong fd insertion sequence
111 - [MEDIUM] make it possible for analysers to follow the whole session
112 - [MAJOR] rework of the server FSM
113 - [OPTIM] remove useless fd_set(read) upon shutdown(write)
114 - [MEDIUM] massive cleanup of process_srv()
115 - [MEDIUM] second level of code cleanup for process_srv_data
116 - [MEDIUM] third cleanup and optimization of process_srv_data()
117 - [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts
118 - [MEDIUM] stream_sock_process_data moved to stream_sock.c
119 - [MAJOR] make the client side use stream_sock_process_data()
120 - [MEDIUM] split stream_sock_process_data
121 - [OPTIM] stream_sock_read must check for null-reads more often
122 - [MINOR] only call flow analysers when their read side is connected.
123 - [MEDIUM] reintroduce BF_HIJACK with produce_content
124 - [MINOR] re-arrange buffer flags and rename some of them
125 - [MINOR] do not check for BF_SHUTR when computing write timeout
126 - [OPTIM] ev_sepoll: detect newly created FDs and check them once
127 - [OPTIM] reduce the number of calls to task_wakeup()
128 - [OPTIM] force inlining of large functions with gcc >= 3
129 - [MEDIUM] indicate a reason for a task wakeup
130 - [MINOR] change type of fdtab[]->owner to void*
131 - [MAJOR] make stream sockets aware of the stream interface
132 - [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers
133 - [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT
134 - [MEDIUM] process_session: make use of the new buffer flags
135 - [CLEANUP] process_session: move debug outputs out of the critical loop
136 - [MEDIUM] move QUEUE and TAR timers to stream interfaces
137 - [OPTIM] add compiler hints in tick_is_expired()
138 - [MINOR] add buffer_check_timeouts() to check what timeouts have fired.
139 - [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts()
140 - [MINOR] add an expiration flag to the stream_sock_interface
141 - [MAJOR] migrate the connection logic to stream interface
142 - [MAJOR] add a connection error state to the stream_interface
143 - [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions
144 - [MEDIUM] continue layering cleanups.
145 - [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO
146 - [MEDIUM] remove stream_sock_update_data()
147 - [MINOR] maintain a global session list in order to ease debugging
148 - [BUG] shutw must imply close during a connect
149 - [MEDIUM] process shutw during connection attempt
150 - [MEDIUM] make the stream interface control the SHUT{R,W} bits
151 - [MAJOR] complete layer4/7 separation
152 - [CLEANUP] move the session-related functions to session.c
153 - [MINOR] call session->do_log() for logging
154 - [MINOR] replace the ambiguous client_return function by stream_int_return
155 - [MINOR] replace client_retnclose() with stream_int_retnclose()
156 - [MINOR] replace srv_close_with_err() with http_server_error()
157 - [MEDIUM] make the http server error function a pointer in the session
158 - [CLEANUP] session.c: removed some migration left-overs in sess_establish()
159 - [MINOR] stream_sock_data_finish() should not expose fd
160 - [MEDIUM] extract TCP request processing from HTTP
161 - [MEDIUM] extract the HTTP tarpit code from process_request().
162 - [MEDIUM] move the HTTP request body analyser out of process_request().
163 - [MEDIUM] rename process_request to http_process_request
164 - [BUG] fix forgotten server session counter
165 - [MINOR] declare process_session in session.h, not proto_http.h
166 - [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept()
167 - [MINOR] add an analyser code for UNIX stats request
168 - [MINOR] pre-set analyser flags on the listener at registration time
169 - [BUG] do not forward close from cons to prod with analysers
170 - [MEDIUM] ensure that sock->shutw() also closes read for init states
171 - [MINOR] add an analyser state in struct session
172 - [MAJOR] make unix sockets work again with stats
173 - [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session
174 - [MINOR] move the listener reference from fd to session
175 - [MEDIUM] reference the current hijack function in the buffer itself
176 - [MINOR] slightly rebalance stats_dump_{raw,http}
177 - [MINOR] add a new back-reference type : struct bref
178 - [MINOR] add back-references to sessions for later use by a dumper.
179 - [MEDIUM] add support for "show sess" in unix stats socket
180 - [BUG] do not release the connection slot during a retry
181 - [BUG] dynamic connection throttling could return a max of zero conns
182 - [BUG] do not try to pause backends during reload
183 - [BUG] ensure that listeners from disabled proxies are correctly unbound.
184 - [BUG] acl-related keywords are not allowed in defaults sections
185 - [BUG] cookie capture is declared in the frontend but checked on the backend
186 - [BUG] critical errors should be reported even in daemon mode
187 - [MINOR] redirect: add support for the "drop-query" option
188 - [MINOR] redirect: add support for "set-cookie" and "clear-cookie"
189 - [MINOR] redirect: in prefix mode a "/" means not to change the URI
190 - [BUG] do not dequeue requests on a dead server
191 - [BUG] do not dequeue the backend's pending connections on a dead server
192 - [MINOR] stats: indicate if a task is running in "show sess"
193 - [BUG] check timeout must not be changed if timeout.check is not set
194 - [BUG] "option transparent" is for backend, not frontend !
195 - [MINOR] transfer errors were not reported anymore in data phase
196 - [MEDIUM] add a send limit to a buffer
197 - [MEDIUM] don't report buffer timeout when there is I/O activity
198 - [MEDIUM] indicate when we don't care about read timeout
199 - [MINOR] add flags to indicate when a stream interface is waiting for space/data
200 - [MEDIUM] enable inter-stream_interface wakeup calls
201 - [MAJOR] implement autonomous inter-socket forwarding
202 - [MINOR] add the splice_len member to the buffer struct in preparation of splice support
203 - [MEDIUM] stream_sock: factor out the return path in case of no-writes
204 - [MEDIUM] i/o: rework ->to_forward and ->send_max
205 - [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read
206 - [OPTIM] buffer: replace rlim by max_len
207 - [OPTIM] stream_sock: factor out the buffer full handling out of the loop
208 - [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y)
209 - [CLEANUP] stream_sock: move the write-nothing condition out of the loop
210 - [MEDIUM] split stream_sock_write() into callback and core functions
211 - [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending
212 - [MINOR] stream_sock: fix a few wrong empty calculations
213 - [MEDIUM] stream_sock: try to send pending data on chk_snd()
214 - [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes
215 - [MEDIUM] splice: add configuration options and set global.maxpipes
216 - [MINOR] introduce structures required to support Linux kernel splicing
217 - [MEDIUM] add definitions for Linux kernel splicing
218 - [MAJOR] complete support for linux 2.6 kernel splicing
219 - [BUG] reserve some pipes for backends with splice enabled
220 - [MEDIUM] splice: add hints to support older buggy kernels
221 - [MEDIUM] introduce pipe pools
222 - [MEDIUM] splice: make use of pipe pools
223 - [STATS] report pipe usage in the statistics
224 - [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified
225 - [BUILD] fix snapshot date extraction with negative timezones
226 - [MEDIUM] move global tuning options to the global structure
227 - [MEDIUM] splice: add the global "nosplice" option
228 - [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
229 - [BUG] we must not exit if protocol binding only returns a warning
230 - [MINOR] add support for bind interface name
231 - [BUG] inform the user when root is expected but not set
232 - [MEDIUM] add support for source interface binding
233 - [MEDIUM] add support for source interface binding at the server level
234 - [MEDIUM] implement bind-process to limit service presence by process
235 - [DOC] document maxpipes, nosplice, option splice-{auto,request,response}
236 - [DOC] filled the logging section of the configuration manual
237 - [DOC] document HTTP status codes
238 - [DOC] document a few missing info about errorfile
239 - [BUG] fix random memory corruption using "show sess"
240 - [BUG] fix unix socket processing of interrupted output
241 - [DOC] add diagrams of queuing and future ACL design
242 - [BUILD] proto_http did not build on gcc-2.95
243 - [BUG] the "source" keyword must first clear optional settings
244 - [BUG] global.tune.maxaccept must be limited even in mono-process mode
245 - [MINOR] ensure that http_msg_analyzer updates pointer to invalid char
246 - [MEDIUM] store a complete dump of request and response errors in proxies
247 - [MEDIUM] implement error dump on unix socket with "show errors"
248 - [DOC] document "show errors"
249 - [MINOR] errors dump must use user-visible date, not internal date.
250 - [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second
251 - [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second.
252 - [MEDIUM] measure and report session rate on frontend, backends and servers
253 - [BUG] the "connslots" keyword was matched as "connlots"
254 - [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate
255 - [MEDIUM] implement "rate-limit sessions" for the frontend
256 - [BUG] interface binding: length must include the trailing zero
257 - [BUG] typo in timeout error reporting : report *res and not *err
258 - [OPTIM] maintain_proxies: only wake up when the frontend will be ready
259 - [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption
260 - [BUG] switch server-side stream interface to close in case of abort
261 - [CLEANUP] remove last references to term_trace
262 - [OPTIM] freq_ctr: do not rotate the counters when reading
263 - [BUG] disable any analysers for monitoring requests
264 - [BUG] rate-limit in defaults section was ignored
265 - [BUG] task: fix handling of duplicate keys
266 - [OPTIM] task: don't unlink a task from a wait queue when waking it up
267 - [OPTIM] displace tasks in the wait queue only if absolutely needed
268 - [MEDIUM] minor update to the task api: let the scheduler queue itself
269 - [BUG] event_accept() must always wake the task up, even in health mode
270 - [CLEANUP] task: distinguish between clock ticks and timers
271 - [OPTIM] task: reduce the number of calls to task_queue()
272 - [OPTIM] do not re-check req buffer when only response has changed
273 - [CLEANUP] don't enable kernel splicing when socket is closed
274 - [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase
275 - [MINOR] buffers: implement buffer_flush()
276 - [MEDIUM] rearrange forwarding condition to enable splice during analysis
277 - [BUILD] build fixes for Solaris
278 - [BUILD] proto_http did not build on gcc-2.95 (again)
279 - [CONTRIB] halog: fast log parser for haproxy
280 - [CONTRIB] halog: faster fgets() and add support for percentile reporting
281
Willy Tarreau7b4c5ae2008-04-19 21:06:14 +02002822008/04/19 : 1.3.15
283 - [BUILD] Added support for 'make install'
284 - [BUILD] Added 'install-man' make target for installing the man page
285 - [BUILD] Added 'install-bin' make target
286 - [BUILD] Added 'install-doc' make target
287 - [BUILD] Removed "/" after '$(DESTDIR)' in install targets
288 - [BUILD] Changed 'install' target to install the binaries first
289 - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
290 - [MEDIUM]: Inversion for options
291 - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
292 - [BUG]: Restore clearing t->logs.bytes
293 - [MEDIUM]: rework checks handling
294 - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
295 - [MEDIUM] Implement "track [<backend>/]<server>"
296 - [MINOR] Implement persistent id for proxies and servers
297 - [BUG] Don't increment server connections too much + fix retries
298 - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
299 - [MAJOR] proto_uxst rework -> SNMP support
300 - [BUG] appsession lookup in URL does not work
301 - [BUG] transparent proxy address was ignored in backend
302 - [BUG] hot reconfiguration failed because of a wrong error check
303 - [DOC] big update to the configuration manual
304 - [DOC] large update to the configuration manual
305 - [DOC] document more options
306 - [BUILD] major rework of the GNU Makefile
307 - [STATS] add support for "show info" on the unix socket
308 - [DOC] document options forwardfor to logasap
309 - [MINOR] add support for the "backlog" parameter
310 - [OPTIM] introduce global parameter "tune.maxaccept"
311 - [MEDIUM] introduce "timeout http-request" in frontends
312 - [MINOR] tarpit timeout is also allowed in backends
313 - [BUG] increment server connections for each connect()
314 - [MEDIUM] add a turn-around state of one second after a connection failure
315 - [BUG] fix typo in redispatched connection
316 - [DOC] document options nolinger to ssl-hello-chk
317 - [DOC] added documentation for "option tcplog" to "use_backend"
318 - [BUG] connect_server: server might not exist when sending error report
319 - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
320 - [MEDIUM] add non-local bind to connect() on Linux
321 - [MINOR] add transparent proxy support for balabit's Tproxy v4
322 - [BUG] use backend's source and not server's source with tproxy
323 - [BUG] fix overlapping server flags
324 - [MEDIUM] fix server health checks source address selection
325 - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
326 - [DOC] added "server", "source" and "stats" keywords
327 - [DOC] all server parameters have been documented
328 - [DOC] document all req* and rsp* keywords.
329 - [DOC] added documentation about HTTP header manipulations
330 - [BUG] log response byte count, not request
331 - [BUILD] code did not build in full debug mode
332 - [BUG] fix truncated responses with sepoll
333 - [MINOR] use s->frt_addr as the server's address in transparent proxy
334 - [MINOR] fix configuration hint about timeouts
335 - [DOC] minor cleanup of the doc and notice to contributors
336 - [MINOR] report correct section type for unknown keywords.
337 - [BUILD] update MacOS Makefile to build on newer versions
338 - [DOC] fix erroneous "useallbackups" option in the doc
339 - [DOC] applied small fixes from early readers
340 - [MINOR] add configuration support for "redir" server keyword
341 - [MEDIUM] completely implement the server redirection method
342 - [TESTS] add a test case for the server redirection mechanism
343 - [DOC] add a configuration entry for "server ... redir <prefix>"
344 - [BUILD] backend.c and checks.c did not build without tproxy !
345 - Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
346 - [BUILD] backend.c and checks.c did not build without tproxy !
347 - [OPTIM] used unsigned ints for HTTP state and message offsets
348 - [OPTIM] GCC4's builtin_expect() is suboptimal
349 - [BUG] failed conns were sometimes incremented in the frontend!
350 - [BUG] timeout.check was not pre-set to eternity
351 - [TESTS] add test-pollers.cfg to easily report pollers in use
352 - [BUG] do not apply timeout.connect in checks if unset
353 - [BUILD] ensure that makefile understands USE_DLMALLOC=1
354 - [MINOR] silent gcc for a wrong warning
355 - [CLEANUP] update .gitignore to ignore more temporary files
356 - [CLEANUP] report dlmalloc's source path only if explictly specified
357 - [BUG] str2sun could leak a small buffer in case of error during parsing
358 - [BUG] option allbackups was not working anymore in roundrobin mode
359 - [MAJOR] implementation of the "leastconn" load balancing algorithm
360 - [BUILD] ensure that users don't build without setting the target anymore.
361 - [DOC] document the leastconn LB algo
362 - [MEDIUM] fix stats socket limitation to 16 kB
363 - [DOC] fix unescaped space in httpchk example.
364 - [BUG] fix double-decrement of server connections
365 - [TESTS] add a test case for port mapping
366 - [TESTS] add a benchmark for integer hashing
367 - [TESTS] add new methods in ip-hash test file
368 - [MAJOR] implement parameter hashing for POST requests
369
Willy Tarreaue5b77e82007-12-06 01:25:44 +01003702007/12/06 : 1.3.14
371 - New option http_proxy (Alexandre Cassen)
372 - add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
373 - Check for duplicated conflicting proxies (Krzysztof Oledzki)
374 - stats: report server and backend cumulated downtime (Krzysztof Oledzki)
375 - use backends only with use_backend directive (Krzysztof Oledzki)
376 - Handle long lines properly (Krzysztof Oledzki)
377 - Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
378 - continous statistics (Krzysztof Oledzki)
379 - add support for logging via a UNIX socket (Robert Tsai)
380 - fix error checking in strl2ic/strl2uic()
381 - fix calls to localtime()
382 - provide easier-to-use ultoa_* functions
383 - provide easy-to-use limit_r and LIM2A* macros
384 - add a simple test for the status page
385 - move error codes to common/errors.h
386 - silent warning about LIST_* being redefined on OpenBSD
387 - add socket address length to the protocols
388 - group PR_O_BALANCE_* bits into a checkable value
389 - externalize the "balance" option parser to backend.c
390 - introduce the "url_param" balance method
391 - make default_backend work in TCP mode too
392 - disable warning about localtime_r on Solaris
393 - adjust error messages about conflicting proxies
394 - avoid calling some layer7 functions if not needed
395 - simplify error path in event_accept()
396 - add an options field to the listeners
397 - added a new state to listeners
398 - unbind_listener() must use fd_delete() and not close()
399 - add a generic unbind_listener() primitive
400 - add a generic delete_listener() primitive
401 - add a generic unbind_all_listeners() primitive
402 - create proto_tcp and move initialization of proxy listeners
403 - stats: report numerical process ID, proxy ID and server ID
404 - relative_pid was not initialized
405 - missing header names in raw stats output
406 - fix missing parenthesis in check_response_for_cacheability
407 - small optimization on session_process_counters()
408 - merge ebtree version 3.0
409 - make ebtree headers multiple-include compatible
410 - ebtree: include config.h for REGPRM*
411 - differentiate between generic LB params and map-specific ones
412 - add a weight divisor to the struct proxy
413 - implement the Fast Weighted Round Robin (FWRR) algo
414 - include filltab25.c to experiment on FWRR for dynamic weights
415 - merge test-fwrr.cfg to validate dynamic weights
416 - move the load balancing algorithm to be->lbprm.algo
417 - change server check result to a bit field
418 - implement "http-check disable-on-404" for graceful shutdown
419 - secure the calling conditions of ->set_server_status_{up,down}
420 - report disabled servers as "NOLB" when they are still UP
421 - document the "http-check disable-on-404" option
422 - http-check disable-on-404 is not limited to HTTP mode
423 - add a test file for disable-on-404
424 - use distinct bits per load-balancing algorithm type
425 - implement the slowstart parameter for servers
426 - document the server's slowstart parameter
427 - stats: report the server warm up status in a "throttle" column
428 - fix 2 minor issues on AIX
429 - add the "nbsrv" ACL verb
430 - add the "fail" condition to monitor requests
431 - remove a warning from gcc due to htons() in standard.c
432 - fwrr: ensure that we never overflow in placements
433 - store the build options to report with -vv
434 - fix the status return of the init script (R.I. Pienaar)
435 - stats: real time monitoring script for unix socket (Prizee)
436 - document "nbsrv" and "monitor fail"
437 - restrict the set of allowed characters for identifiers
438 - implement a time parsing function
439 - add support for time units in the configuration
440 - add a bit of documentation about timers
441 - introduce separation between contimeout, and tarpit + queue
442 - introduce the "timeout" keyword
443 - grouped all timeouts in one structure
444 - slowstart is in ms, not seconds
445 - slowstart: ensure we don't start with a null weight
446 - report the number of times each server was selected
447 - fix build on AIX due to recent log changes
448 - fix build on Solaris due to recent log changes
449
Willy Tarreaue855f422007-10-18 22:38:22 +02004502007/10/18 : 1.3.13
451 - replace the code under O'Reilly license (Arnaud Cornet)
452 - add a small man page (Arnaud Cornet)
453 - stats: report haproxy's version by default (Krzysztof Oledzki)
454 - stats: count server retries and redispatches (Krzysztof Oledzki)
455 - core: added easy support for Doug Lea's malloc (dlmalloc)
456 - core: fade out memory usage when stopping proxies
457 - core: moved the sockaddr pointer to the fdtab structure
458 - core: add generic protocol support
459 - core: implement client-side support for PF_UNIX sockets
460 - stats: implement the CSV output
461 - stats: add a link to the CSV export HTML page
462 - stats: implement the statistics output on a unix socket
463 - config: introduce the "stats" keyword in global section
464 - build: centralize version and date into one file for each
465 - tests: added a new hash algorithm
466
4672007/10/18 : 1.3.12.3
468 - add the "nolinger" option to disable data lingering (Alexandre Cassen)
469 - fix double-free during clean exit (Krzysztof Oledzki)
470 - prevent the system from sending an RST when closing health-checks
471 (Krzysztof Oledzki)
472 - do not add a cache-control header when on non-cacheable responses
473 (Krzysztof Oledzki)
474 - spread health checks even more (Krzysztof Oledzki)
475 - stats: scope "." must match the backend and not the frontend
476 - fixed call to chroot() during startup
477 - fix wrong timeout computation in event_accept()
478 - remove condition for exit() under fork() failure
479
4802007/09/20 : 1.3.12.2
481 - fix configuration sanity checks for TCP listeners
482 - set the log socket receive window to zero bytes
483 - pre-initialize timeouts to infinity, not zero
484 - fix the SIGHUP message not to alert on server-less proxies
485 - timeouts and retries could be ignored when switching backend
486 - added a file to check that "retries" works.
487 - O'Reilly has clarified its license
488
4892007/09/05 : 1.3.12.1
490 - spec I/O: fix allocations of spec entries for an FD
491 - ensure we never overflow in chunk_printf()
492 - improve behaviour with large number of servers per proxy
493 - add support for "stats refresh <interval>"
494 - stats page: added links for 'refresh' and 'hide down'
495 - fix backend's weight in the stats page.
496 - the "stats" keyword is not allowed in a pure frontend.
497 - provide a test configuration file for stats and checks
498
Willy Tarreaub21152b2007-06-17 23:41:40 +02004992007/06/17 : 1.3.12
500 - fix segfault at exit when using captures
501 - bug: negation in ACL conds was not cleared between terms
502 - errorfile: use a local file to feed error messages
503 - acl: support '-i' to ignore case when matching
504 - acl: smarter integer comparison with operators eq,lt,gt,le,ge
505 - acl: support maching on 'path' component
506 - acl: implement matching on header values
507 - acl: distinguish between request and response headers
508 - acl: permit to return any header when no name specified
509 - acl: provide default ACLs
510 - added the 'use_backend' keyword for full content-switching
511 - acl: specify the direction during fetches
512 - acl: provide the argument length for fetch functions
513 - acl: provide a reference to the expr to fetch()
514 - improve memory freeing upon exit
515 - str2net() must not change the const char *
516 - shut warnings 'is*' macros from ctype.h on solaris
517
Willy Tarreaua3503e02007-06-03 17:27:07 +02005182007/06/03 : 1.3.11.4
519 - do not re-arm read timeout in SHUTR state !
520 - optimize I/O by detecting system starvation
521 - the epoll FD must not be shared between processes
522 - limit the number of events returned by *poll*
523
Willy Tarreau3c6fc072007-05-14 14:40:25 +02005242007/05/14 : 1.3.11.3
525 - pre-initialize timeouts with tv_eternity during parsing
526
Willy Tarreaufc273c22007-05-14 03:42:47 +02005272007/05/14 : 1.3.11.2
528 - fixed broken health-checks since switch to timeval
529
Willy Tarreau3c5340c2007-05-14 03:18:43 +02005302007/05/14 : 1.3.11.1
531 - fixed ev_kqueue which was forgotten during the switch to timeval
532 - allowed null timeouts for past events in select
533
Willy Tarreau544eb402007-05-14 02:42:33 +02005342007/05/14 : 1.3.11
535 - fixed ev_sepoll again by rewriting the state machine
536 - switched all timeouts to timevals instead of milliseconds
537 - improved memory management using mempools v2.
538 - several minor optimizations
539
Willy Tarreau9ca931f2007-05-10 07:51:17 +02005402007/05/09 : 1.3.10.2
541 - fixed build on OpenBSD (missing types.h)
542
Willy Tarreau13398d32007-05-09 22:58:28 +02005432007/05/09 : 1.3.10.1
544 - fixed sepoll transition matrix (two states were missing)
545
Willy Tarreau61beedf2007-05-09 01:44:58 +02005462007/05/08 : 1.3.10
547 - several fixes in ev_sepoll
548 - fixed some expiration dates on some tasks
549 - fixed a bug in connection establishment detection due to speculative I/O
550 - fixed rare bug occuring on TCP with early close (reported by Andy Smith)
551 - implemented URI hashing algorithm (Guillaume Dallaire)
552 - implemented SMTP health checks (Peter van Dijk)
553 - replaced the rbtree with ul2tree from old scheduler project
554 - new framework for generic ACL support
555 - added the 'acl' and 'block' keywords to the config language
556 - added several ACL criteria and matches (IP, port, URI, ...)
557 - cleaned up and better modularization for some time functions
558 - fixed list macros
559 - fixed useless memory allocation in str2net()
560 - store the original destination address in the session
561
Willy Tarreau6e0433f2007-04-16 01:18:12 +02005622007/04/15 : 1.3.9
563 - modularized the polling mechanisms and use function pointers instead
564 of macros at many places
565 - implemented support for FreeBSD's kqueue() polling mechanism
566 - fixed a warning on OpenBSD : MIN/MAX redefined
567 - change socket registration order at startup to accomodate kqueue.
568 - several makefile cleanups to support old shells
569 - fix build with limits.h once for all
570 - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
571 - fdtab now holds the results of polling
572 - implemented support for speculative I/O processing with epoll()
573 - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
574 - auto-registering of pollers at load time
575
Willy Tarreau42c76592007-04-03 20:30:13 +02005762007/04/03 : 1.3.8.2
577 - rewriting either the status line or request line could crash the
578 process due to a pointer which ought to be reset before parsing.
579 - rewriting the status line in the response did not work, it caused
580 a 502 Bad Gateway due to an erroneous state during parsing
581
Willy Tarreauef6d7612007-04-01 11:06:22 +02005822007/04/01 : 1.3.8.1
583 - fix reqadd when no option httpclose is used.
584 - removed now unused fiprm and beprm from proxies
585 - split logs into two versions : TCP and HTTP
586 - added some docs about http headers storage and acls
587 - added a VIM script for syntax color highlighting (Bruno Michel)
588
Willy Tarreaud661cc02007-03-26 00:24:56 +02005892007/03/25 : 1.3.8
590 - fixed several bugs which might have caused a crash with bad configs
591 - several optimizations in header processing
592 - many progresses towards transaction-based processing
593 - option forwardfor may be used in frontends
594 - completed HTTP response processing
595 - some code refactoring between request and response processing
596 - new HTTP header manipulation functions
597 - optimizations on the recv() patch to reduce CPU usage under very
598 high data rates.
599 - more user-friendly help about the 'usesrc' keyword (CTTPROXY)
600 - username/groupname support from Marcus Rueckert
601 - added the "except" keyword to the "forwardfor" option (Bryan German)
602 - support for health-checks on other addresses (Fabrice Dulaunoy)
603 - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
604 - do not insert "Connection: close" in HTTP/1.0 messages
605
Willy Tarreau9cabf702007-01-26 23:49:01 +01006062007/01/26 : 1.3.7
607 - fix critical bug introduced with 1.3.6 : an empty request header
608 may lead to a crash due to missing pointer assignment
609 - hdr_idx might be left uninitialized in debug mode
610 - fixed build on FreeBSD due to missing fd_set declaration
611
Willy Tarreaue7a24382007-01-22 08:57:44 +01006122007/01/22 : 1.3.6.1
613 - change in the header chaining broke cookies and authentication
614
Willy Tarreau49e1ee82007-01-22 00:56:46 +01006152007/01/22 : 1.3.6
616 - stats now support the HEAD method too
617 - extracted http request from the session
618 - huge rework of the HTTP parser which is now a 28-state FSM.
619 - linux-style likely/unlikely macros for optimization hints
620 - do not create a server socket when there's no server
621 - imported lots of docs
622
Willy Tarreau5871f8e2007-01-07 02:47:01 +01006232007/01/07 : 1.3.5
624 - stats: swap color sets for active and backup servers
625 - try to guess server check port when unset
626 - added complete support and doc for TCP Splicing
627 - replace the wait-queue linked list with an rbtree.
628 - a few bugfixes and cleanups
629
Willy Tarreau85270da2007-01-02 00:59:39 +01006302007/01/02 : 1.3.4
631 - support for cttproxy on the server side to present the client
632 address to the server.
633 - added support for SO_REUSEPORT on Linux (needs kernel patch)
634 - new RFC2616-compliant HTTP request parser with header indexing
635 - split proxies in frontends, rulesets and backends
636 - implemented the 'req[i]setbe' to select a backend depending
637 on the contents
638 - added the 'default_backend' keyword to select a default BE.
639 - new stats page featuring FEs and BEs + bytes in both dirs
640 - improved log format to indicate the backend and the time in ms.
641 - lots of cleanups
642
Willy Tarreau9c9fea42006-10-16 00:03:35 +02006432006/10/15 : 1.3.3
644 - fix broken redispatch option in case the connection has already
645 been marked "in progress" (ie: nearly always).
646 - support regparm on x86 to speed up some often called functions
647 - removed a few useless calls to gettimeofday() in log functions.
648 - lots of 'const char*' cleanups
649 - turn every FD_* into functions which are faster on recent CPUs
650
Willy Tarreau690f9aa2006-09-03 11:23:06 +02006512006/09/03 : 1.3.2
652 - started the changes towards I/O completion callbacks. stream_sock* have
653 replaced event_*.
654 - added the new "reqtarpit" and "reqitarpit" protection features
655
Willy Tarreau8f2b8552006-07-09 17:11:39 +02006562006/07/09 : 1.3.1 (1.2.15)
657 - now, haproxy warns about missing timeout during startup to try to
658 eliminate all those buggy configurations.
659 - added "Content-Type: text/html" in responses wherever appropriate, as
660 suggested by Cameron Simpson.
661 - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
662 test server's health
663 - implemented "monitor-uri" so that haproxy can reply to a specific URI with
664 an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
665 at once.
666
Willy Tarreaub9e98b62006-07-03 10:32:46 +02006672006/06/29 : 1.3.0
668 - exploded the whole file into multiple .c and .h. No functionnal
Willy Tarreau8f2b8552006-07-09 17:11:39 +0200669 difference is expected at all.
670 - fixed a bug by which neither stats nor error messages could be returned if
671 'clitimeout' was missing.
Willy Tarreaub9e98b62006-07-03 10:32:46 +0200672
willy tarreau7e6328d2006-05-21 23:26:20 +02006732006/05/21 : 1.2.14
674 - new HTML status report with the 'stats' keyword.
675 - added the 'abortonclose' option to better resist traffic surges
676 - implemented dynamic traffic regulation with the 'minconn' option
677 - show request time on denied requests
678 - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
679 - now a proxy instance is allowed to run without servers, which is
680 useful to dedicate one instance to stats
681 - added lots of error counters
682 - a missing parenthesis preventd matching of cacheable cookies
683 - a missing parenthesis in poll_loop() might have caused missed events.
684
Willy TARREAU4404b7e2006-05-14 10:00:09 +02006852006/05/14 : 1.2.13.1
686 - an uninitialized field in the struct session could cause a crash when
687 the session was freed. This has been encountered on Solaris only.
688 - Solaris and OpenBSD no not support shutdown() on listening socket. Let's
689 be nice to them by performing a soft stop if pause fails.
690
willy tarreauc3a2e072006-05-13 18:51:38 +02006912006/05/13 : 1.2.13
692 - 'maxconn' server parameter to do per-server session limitation
693 - queueing to support non-blocking session limitation
694 - fixed removal of cookies for cookie-less servers such as backup servers
695 - two separate wait queues for expirable and non-expirable tasks provide
696 better performance with lots of sessions.
697 - some code cleanups and performance improvements
698 - made state dumps a bit more verbose
699 - fixed missing checks for NULL srv in dispatch mode
700 - load balancing on backup servers was not possible in source hash mode.
701 - two session flags shared the same bit, but fortunately they were not
702 compatible.
703
willy tarreauc0d4bbd2006-04-15 21:47:50 +02007042006/04/15 : 1.2.12
705 Very few changes preparing for more important changes to support per-server
706 session limitations and queueing :
707 - ignore leading empty lines in HTTP requests as suggested by RFC2616.
708 - added the 'weight' parameter to the servers, limited to 1..256. It applies
709 to roundrobin and source hash.
710 - the optional '-s' option could clobber '-st' and '-sf' if compiled in.
711
willy tarreaue0dd2692006-03-30 16:27:34 +02007122006/03/30 : 1.2.11.1
713 - under some conditions, it might have been possible that when the
714 last dead server became available, it would not have been used
715 till another one would have changed state. Could not be reproduced
716 at all, however seems possible from the code.
717
willy tarreaud2058dc2006-03-25 20:35:41 +01007182006/03/25 : 1.2.11
719 - added the '-db' command-line option to disable backgrounding.
720 - added the -sf/-st command-line arguments which are used to specify
721 a list of pids to send a FINISH or TERMINATE signal upon startup.
722 They will also be asked to release their port if a bind fails.
723 - reworked the startup mechanism to allow the sending of a signal to a list
724 of old pids if a socket cannot be bound, with a retry for a limited amount
725 of time (1 second by default).
726 - added the ability to enforce limits on memory usage.
727 - added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
728 - re-architectured the server round-robin mechanism to ease integration of
729 other algorithms. It now relies on the number of active and backup servers.
730 - added a counter for the number of active and backup servers, and report
731 these numbers upon SIGHUP or state change.
732
willy tarreaubfad5742006-03-23 14:19:11 +01007332006/03/23 : 1.2.10.1
734 - while fixing the backup server round-robin "feature", a new bug was
735 introduced which could miss some backup servers.
736 - the displayed proxy name was wrong when dumping upon SIGHUP.
737
willy tarreauaaff30e2006-03-19 21:30:41 +01007382006/03/19 : 1.2.10
739 - assert.h is needed when DEBUG is defined.
740 - ENORMOUS long standing bug affecting the epoll polling system :
741 event_data is a union, not a structure !
742 - Make fd management more robust and easier to debug. Also some
743 micro-optimisations.
744 - Limit the number of consecutive accept() in multi-process mode.
745 This produces a more evenly distributed load across the processes and
746 slightly improves performance by reducing bottlenecks.
747 - Make health-checks be more regular, and faster to retry after a timeout.
748 - Fixed some messages to ease parsing of alerts.
749 - provided a patch to enable epoll on RHEL3 kernels.
750 - Separated OpenBSD build from the main Makefile into a new one.
751
willy tarreau50be0172006-03-15 19:41:19 +01007522006/03/15 : 1.2.9
753 - haproxy could not be stopped after being paused, it had to be woken up
754 first. This has been fixed.
755 - the 'ulimit-n' parameter is now optional and by default computed from
756 maxconn + the number of listeners + the number of health-checks.
757 - it is now possible to specify a maximum number of connections at build
758 time with the SYSTEM_MAXCONN define. The value set in the configuration
759 file will then be limited to this value, and only the command-line '-n'
760 option will be able to bypass it. It will prevent against accidental
761 high memory usage on small systems.
762 - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
763 versions did not detect a line beginning with a space as the continuation
764 of previous header. It is now correct.
765 - health checks sent to servers configured with identical intervals were
766 sent in perfect synchronisation because the initial time was the same
767 for all. This could induce high load peaks when fragile servers were
768 hosting tens of instances for the same application. Now the load is
769 spread evenly across the smallest interval amongst a listener.
770 - a new 'forceclose' option was added to make the proxy close the outgoing
771 channel to the server once it has sent all its headers and the server
772 starts responding. This helps some servers which don't close upon the
773 'Connection: close' header. It implies 'option httpclose'.
774 - there was a bug in the way the backup servers were handled. They were
775 erroneously load-balanced while the doc said the opposite. Since
776 load-balanced backup servers is one of the features some people have
777 been asking for, the problem was fixed to reflect the documented
778 behaviour and a new option 'allbackups' was introduced to provide the
779 feature to those who need it.
780 - a never ending connect() could lead to a fast select() loop if its
781 timeout times the number of retransmits exceeded the server read or write
782 timeout, because the later was used to compute select()'s timeout while
783 the connection timeout was not reached.
784 - now we initialize the libc's localtime structures very early so that even
785 under OOM conditions, we can still send dated error messages without
786 segfaulting.
787 - the 'daemon' mode implies 'quiet' and disables 'verbose' because file
788 descriptors are closed.
789
willy tarreau065f1c02006-01-29 22:10:07 +01007902006/01/29 : 1.2.8
791 - fixed a nasty bug affecting poll/epoll which could return unmodified data
792 from the server to the client, and sometimes lead to memory corruption
793 crashing the process.
794 - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.
795
7962005/12/18 : 1.2.7.1
797 - the "retries" option was ignored because connect() could not return an
798 error if the connection failed before the timeout.
799 - TCP health-checks could not detect a connection refused in poll/epoll
800 mode.
801
willy tarreaua56eca72005-12-18 01:34:42 +01008022005/11/13 : 1.2.7
willy tarreau77bc8542005-12-18 01:31:43 +0100803 - building with -DUSE_PCRE should include PCRE headers and not regex.h. At
804 least on Solaris, this caused the libc's regex primitives to be used instead
805 of PCRE, which caused trouble on group references. This is now fixed.
willy tarreaud0fb4652005-12-18 01:32:04 +0100806 - delayed the quiet mode during startup so that most of the startup alerts can
807 be displayed even in quiet mode.
808 - display an alert when a listener has no address, invalid or no port, or when
809 there are no enabled listeners upon startup.
willy tarreau4373b962005-12-18 01:32:31 +0100810 - added "static-pcre" to the list of supported regex options in the Makefile.
willy tarreau77bc8542005-12-18 01:31:43 +0100811
willy tarreaub952e1d2005-12-18 01:31:20 +01008122005/10/09 : 1.2.7rc (1.1.33rc)
813 - second batch of socklen_t changes.
814 - clean-ups from Cameron Simpson.
815 - because tv_remain() does not know about eternity, using no timeout can
816 make select() spin around a null time-out. Bug reported by Cameron Simpson.
817 - client read timeout was not properly set to eternity initialized after an
818 accept() if it was not set in the config. It remained undetected so long
819 because eternity is 0 and newly allocated pages are zeroed by the system.
820 - do not call get_original_dst() when not in transparent mode.
821 - implemented a workaround for a bug in certain epoll() implementations on
822 linux-2.4 kernels (epoll-lt <= 0.21).
823 - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
824
willy tarreauc5f73ed2005-12-18 01:26:38 +01008252005/08/07 : 1.2.6
826 - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
827
8282005/07/06 : 1.2.6-pre5 (1.1.32)
willy tarreau0fe39652005-12-18 01:25:24 +0100829 - added the number of active sessions (proxy/process) in the logs
830
8312005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
willy tarreaub1285d52005-12-18 01:20:14 +0100832 - the time-out fix introduced in 1.1.25 caused a corner case where it was
833 possible for a client to keep a connection maintained regardless of the
834 timeout if the server closed the connection during the HEADER phase,
835 while the client ignored the close request while doing nothing in the
836 other direction. This has been fixed now by ensuring that read timeouts
837 are re-armed when switching to any SHUTW state.
838
8392005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
840 - enhanced error reporting in the logs. Now the proxy will precisely detect
841 various error conditions related to the system and/or process limits, and
842 generate LOG_EMERG logs indicating that a resource has been exhausted.
843 - logs will contain two new characters for the error cause : 'R' indicates
844 a resource exhausted, and 'I' indicates an internal error, though this
845 one should never happen.
846 - server connection timeouts can now be reported in the logs (sC), as well
847 as connections refused because of maxconn limitations (PC).
848
8492005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
850 - new global configuration keyword "ulimit-n" may be used to raise the FD
851 limit to usable values.
852 - a warning is now displayed on startup if the FD limit is lower than the
853 configured maximum number of sockets.
854
8552005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
856 - new configuration keyword "monitor-net" makes it possible to be monitored
857 by external devices which connect to the proxy without being logged nor
858 forwarded to any server. Particularly useful on generic TCPv4 relays.
859
willy tarreau5dffb602005-12-18 01:15:23 +01008602005/06/21 : 1.2.5.2
861 - fixed build on PPC where chars are unsigned by default
862
willy tarreau08dedbe2005-12-18 01:13:48 +01008632005/05/02 : 1.2.5.1
864 - dirty hack to fix a bug introduced with epoll : if we close an FD and
865 immediately reassign it to another session through a connect(), the
866 Prev{Read,Write}Events are not updated, which causes trouble detecting
867 changes, thus leading to many timeouts at high loads.
868
willy tarreau64a3cc32005-12-18 01:13:11 +01008692005/04/30 : 1.2.5 (1.1.31)
870 - changed the runtime argument to disable epoll() to '-de'
871 - changed the runtime argument to disable poll() to '-dp'
872 - added global options 'nopoll' and 'noepoll' to do the same at the
873 configuration level.
874 - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
875 support epoll().
876 - changed default FD_SETSIZE to 65536 on Solaris (default=1024)
877 - conditionned signals redirection to #ifdef DEBUG_MEMORY
878
willy tarreau1c2ad212005-12-18 01:11:29 +01008792005/04/26 : 1.2.5-pre4
880 - made epoll() support a compile-time option : ENABLE_EPOLL
881 - provided a very little libc replacement for a possibly missing epoll()
882 implementation which can be enabled by -DUSE_MY_EPOLL
883 - implemented the poll() poller, which can be enabled with -DENABLE_POLL.
884 The equivalent runtime argument becomes '-P'. A few tests show that it
885 performs like select() with many fds, but slightly slower (certainly
886 because of the higher amount of memory involved).
887 - separated the 3 polling methods and the tasks scheduler into 4 distinct
888 functions which makes the code a lot more modular.
889 - moved some event tables to private static declarations inside the poller
890 functions.
891 - the poller functions can now initialize themselves, run, and cleanup.
892 - changed the runtime argument to enable epoll() to '-E'.
893 - removed buggy epoll_ctl() code in the client_retnclose() function. This
894 function was never meant to remove anything.
895 - fixed a typo which caused glibc to yell about a double free on exit.
896 - removed error checking after epoll_ctl(DEL) because we can never know if
897 the fd is still active or already closed.
898 - added a few entries in the makefile
899
willy tarreauad90a0c2005-12-18 01:09:15 +01009002005/04/25 : 1.2.5-pre3
901 - experimental epoll() support (use temporary '-e' argument)
902
9032005/04/24 : 1.2.5-pre2
willy tarreauc1f47532005-12-18 01:08:26 +0100904 - implemented the HTTP 303 code for error redirection. This forces the
905 browser to fetch the given URI with a GET request. The new keyword for
906 this is 'errorloc303', and a new 'errorloc302' keyword has been created
907 to make them easily distinguishable.
908 - added more controls in the parser for valid use of '\x' sequence.
909 - few fixes from Alex & Klaus
910
willy tarreauad90a0c2005-12-18 01:09:15 +01009112005/02/17 : 1.2.5-pre1
willy tarreauc1f47532005-12-18 01:08:26 +0100912 - fixed a few errors in the documentation
913
9142005/02/13
915 - do not pre-initialize unused file-descriptors before select() anymore.
916
willy tarreau12350152005-12-18 01:03:27 +01009172005/01/22 : 1.2.4
918 - merged Alexander Lazic's and Klaus Wagner's work on application
919 cookie-based persistence. Since this is the first merge, this version is
920 not intended for general use and reports are more than welcome. Some
921 documentation is really needed though.
922
willy tarreau0174f312005-12-18 01:02:42 +01009232005/01/22 : 1.2.3 (1.1.30)
924 - add an architecture guide to the documentation
925 - released without any changes
926
9272004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
928 - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
929 compatible with Apache. This limit can be configured in the makefile now.
930 Thanks to Eric Fehr for the checks.
931 - added a per-server "source" option which now makes it possible to bind to
932 a different source for each (potentially identical) server.
933 - changed cookie-based server selection slightly to allow several servers to
934 share a same cookie, thus making it possible to associate backup servers to
935 live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
936 - added the cookie 'prefix' mode which makes it possible to use persistence
937 with thin clients which support only one cookie. The server name is prefixed
938 before the application cookie, and restore back.
939 - fixed the order of servers within an instance to match documentation. Now
940 the servers are *really* used in the order of their declaration. This is
941 particularly important when multiple backup servers are in use.
942
willy tarreau4302f492005-12-18 01:00:37 +01009432004/10/18 : 1.2.2 (1.1.29)
944 - fixed a bug where a TCP connection would be logged twice if the 'logasap'
945 option was enabled without the 'tcplog' option.
946 - encode_string() would use hdr_encode_map instead of the map argument.
947
9482004/08/10 : (1.1.29-pre2)
949 - the logged request is now encoded with '#XX' for unprintable characters
950 - new keywords 'capture request header' and 'capture response header' enable
951 logging of arbitrary HTTP headers in requests and responses
952 - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
953
willy tarreau982249e2005-12-18 00:57:06 +01009542004/06/06 : 1.2.1 (1.1.28)
955 - added the '-V' command line option to verbosely report errors even though
956 the -q or 'quiet' options are specified. This is useful with '-c'.
957 - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
willy tarreau036e1ce2005-12-17 13:46:33 +0100958
willy tarreau982249e2005-12-18 00:57:06 +01009592004/06/05 :
960 - added the "logasap" option which produces a log without waiting for the data
961 to be transferred from the server to the client.
962 - added the "httpclose" option which removes any "connection:" header and adds
963 "Connection: close" in both direction.
willy tarreau97f58572005-12-18 00:53:44 +0100964 - added the 'checkcache' option which blocks cacheable responses containing
965 dangerous headers, such as 'set-cookie'.
willy tarreau982249e2005-12-18 00:57:06 +0100966 - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
967 information leak from servers.
willy tarreau25c4ea52005-12-18 00:49:49 +0100968
9692004/04/18 :
willy tarreaudd07e972005-12-18 00:48:48 +0100970 - send an EMERG log when no server is available for a given proxy
971 - added the '-c' command line option to syntactically check the
972 configuration file without starting the service.
973
willy tarreau8a86dbf2005-12-18 00:45:59 +01009742003/11/09 : 1.2.0
975 - the same as 1.1.27 + IPv6 support on the client side
976
willy tarreaufe2c5c12005-12-17 14:14:34 +01009772003/10/27 : 1.1.27
978 - the configurable HTTP health check introduced in 1.1.23 revealed a shameful
979 bug : the code still assumed that HTTP requests were the same size as the
980 original ones (22 bytes), and failed if they were not.
981 - added support for pidfiles.
982
willy tarreauc58fc692005-12-17 14:13:08 +01009832003/10/22 : 1.1.26
984 - the fix introduced in 1.1.25 for client timeouts while waiting for servers
985 broke almost all compatibility with POST requests, because the proxy
986 stopped to read anything from the client as soon as it got all of its
987 headers.
988
willy tarreauc1cae632005-12-17 14:12:23 +01009892003/10/15 : 1.1.25
990 - added the 'tcplog' option, which provides enhanced, HTTP-like logs for
991 generic TCP proxies, or lighter logs for HTTP proxies.
992 - fixed a time-out condition wrongly reported as client time-out in data
993 phase if the client timeout was lower than the connect timeout times the
994 number of retries.
995
willy tarreau197e8ec2005-12-17 14:10:59 +01009962003/09/21 : 1.1.24
997 - if a client sent a full request then shut its write connection down, then
998 the request was aborted. This case was detected only when using haproxy
999 both as health-check client and as a server.
1000 - if 'option httpchk' is used in a 'health' mode server, then responses will
1001 change from 'OK' to 'HTTP/1.0 200 OK'.
1002 - fixed a Linux-only bug in case of HTTP server health-checks, where a single
1003 server response followed by a close could be ignored, and the server seen
1004 as failed.
1005
willy tarreaueedaa9f2005-12-17 14:08:03 +010010062003/09/19 : 1.1.23
1007 - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
1008 'default' sections to keep previous parameters, and not initialize logs
1009 correctly.
1010 - fixed a second stupid bug introduced in 1.1.22 which caused configurations
1011 relying on 'dispatch' mode to segfault at the first connection.
1012 - 'option httpchk' now supports method, HTTP version and a few headers.
1013 - now, 'option httpchk', 'cookie' and 'capture' can be specified in
1014 'defaults' section
1015
10162003/09/10 : 1.1.22
willy tarreaua41a8b42005-12-17 14:02:24 +01001017 - 'listen' now supports optionnal address:port-range lists
1018 - 'bind' introduced to add new listen addresses
1019 - fixed a bug which caused a session to be kept established on a server till
1020 it timed out if the client closed during the DATA phase.
1021 - the port part of each server address can now be empty to make the proxy
1022 connect to the server on the same port it was connected to, be an absolute
1023 unsigned number to reflect a single port (as in older versions), or an
1024 explicitly signed number (+N/-N) to indicate that this offset must be
1025 applied to the port the proxy was connected to, when connecting to the
1026 server.
1027 - the 'port' server option allows the user to specify a different
1028 health-check port than the service one. It is mandatory when only relative
1029 ports have been specified and check is required. By default, the checks are
1030 sent to the service port.
1031 - new 'defaults' section which is rather similar to 'listen' except that all
1032 values are only used as default values for future 'listen' sections, until
1033 a new 'defaults' resets them. At the moment, server options, regexes,
1034 cookie names and captures cannot be set in the 'defaults' section.
1035
willy tarreau2f6ba652005-12-17 13:57:42 +010010362003/05/06 : 1.1.21
1037 - changed the debug output format so that it now includes the session unique
1038 ID followed by the instance name at the beginning of each line.
1039 - in debug mode, accept now shows the client's IP and port.
1040 - added one 3 small debugging scripts to search and pretty print debug output
1041 - changed the default health check request to "OPTIONS /" instead of
1042 "OPTIONS *" since not all servers implement the later one.
1043 - "option httpchk" now accepts an optional parameter allowing the user to
1044 specify and URI other than '/' during health-checks.
1045
willy tarreaub1ff9db2005-12-17 13:51:03 +010010462003/04/21 : 1.1.20
1047 - fixed two problems with time-outs, one where a server would be logged as
1048 timed out during transfer that take longer to complete than the fixed
1049 time-out, and one where clients were logged as timed-out during the data
1050 phase because they didn't have anything to send. This sometimes caused
1051 slow client connections to close too early while in fact there was no
1052 problem. The proper fix would be to have a per-fd time-out with
1053 conditions depending on the state of the HTTP FSM.
1054
willy tarreau906b2682005-12-17 13:49:52 +010010552003/04/16 : 1.1.19
1056 - haproxy was NOT RFC compliant because it was case-sensitive on HTTP
1057 "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
1058 cookie persistence because it uses "cookie:". Two memcmp() have been
1059 replaced with strncasecmp().
1060
willy tarreau036e1ce2005-12-17 13:46:33 +010010612003/04/02 : 1.1.18
1062 - Haproxy can be compiled with PCRE regex instead of libc regex, by setting
1063 REGEX=pcre on the make command line.
1064 - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
1065 - when explicit source address binding is required, it is now also used for
1066 health-checks.
1067 - added 'reqpass' and 'reqipass' to allow certain headers but not the request
1068 itself.
1069 - factored several strings to reduce binary size by about 2 kB.
1070 - replaced setreuid() and setregid() with more standard setuid() and setgid().
1071 - added 4 status flags to the log line indicating who ended the connection
1072 first, the sessions state, the validity of the cookie, and action taken on
1073 the set-cookie header.
1074
10752002/10/18 : 1.1.17
1076 - add the notion of "backup" servers, which are used only when all other
1077 servers are down.
1078 - make Set-Cookie return "" instead of "(null)" when the server has no
1079 cookie assigned (useful for backup servers).
1080 - "log" now supports an optionnal level name (info, notice, err ...) above
1081 which nothing is sent.
1082 - replaced some strncmp() with memcmp() for better efficiency.
1083 - added "capture cookie" option which logs client and/or server cookies
1084 - cleaned up/down messages and dump servers states upon SIGHUP
1085 - added a redirection feature for errors : "errorloc <errnum> <url>"
1086 - now we won't insist on connecting to a dead server, even with a cookie,
1087 unless option "persist" is specified.
1088 - added HTTP/408 response for client request time-out and HTTP/50[234] for
1089 server reply time-out or errors.
1090
10912002/09/01 : 1.1.16
1092 - implement HTTP health checks when option "httpchk" is specified.
1093
10942002/08/07 : 1.1.15
1095 - replaced setpgid()/setpgrp() with setsid() for better portability, because
1096 setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.
1097
10982002/07/20 : 1.1.14
1099 - added "postonly" cookie mode
1100
11012002/07/15 : 1.1.13
1102 - tv_diff used inverted parameters which led to negative times !
1103
11042002/07/13 : 1.1.12
1105 - fixed stats monitoring, and optimized some tv_* for most common cases.
1106 - replaced temporary 'newhdr' with 'trash' to reduce stack size
1107 - made HTTP errors more HTML-fiendly.
1108 - renamed strlcpy() to strlcpy2() because of a slightly difference between
1109 their behaviour (return value), to avoid confusion.
1110 - restricted HTTP messages to HTTP proxies only
1111 - added a 502 message when the connection has been refused by the server,
1112 to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
1113 - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
1114 inserting a cookie, because some caches (apache) don't understand it.
1115 - fixed processing of server headers when client is in SHUTR state
1116
11172002/07/04 :
1118 - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
1119 setpgid()
1120
11212002/06/04 : 1.1.11
1122 - fixed multi-cookie handling in client request to allow clean deletion
1123 in insert+indirect mode. Now, only the server cookie is deleted and not
willy tarreau906b2682005-12-17 13:49:52 +01001124 all the header. Should now be compliant to RFC2965.
willy tarreau036e1ce2005-12-17 13:46:33 +01001125 - added a "nocache" option to "cookie" to specify that we explicitly want
1126 to add a "cache-control" header when we add a cookie.
1127 It is also possible to add an "Expires: <old-date>" to keep compatibility
1128 with old/broken caches.
1129
11302002/05/10 : 1.1.10
1131 - if a cookie is used in insert+indirect mode, it's desirable that the
1132 the servers don't see it. It was not possible to remove it correctly
1133 with regexps, so now it's removed automatically.
1134
11352002/04/19 : 1.1.9
1136 - don't use snprintf()'s return value as an end of message since it may
1137 be larger. This caused bus errors and segfaults in internal libc's
1138 getenv() during localtime() in send_log().
1139 - removed dead insecure send_syslog() function and all references to it.
1140 - fixed warnings on Solaris due to buggy implementation of isXXXX().
1141
11422002/04/18 : 1.1.8
1143 - option "dontlognull"
1144 - fixed "double space" bug in config parser
1145 - fixed an uninitialized server field in case of dispatch
1146 with no existing server which could cause a segfault during
1147 logging.
1148 - the pid logged was always the father's, which was wrong for daemons.
1149 - fixed wrong level "LOG_INFO" for message "proxy started".
1150
11512002/04/13 :
1152 - http logging is now complete :
1153 - ip:port, date, proxy, server
1154 - req_time, conn_time, hdr_time, tot_time
1155 - status, size, request
1156 - source address
1157
11582002/04/12 : 1.1.7
1159 - added option forwardfor
1160 - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
1161 - added "log global" in "listen" section.
1162
11632002/04/09 :
1164 - added a new "global" section :
1165 - logs
1166 - debug, quiet, daemon modes
1167 - uid, gid, chroot, nbproc, maxconn
1168
11692002/04/08 : 1.1.6
1170 - regex are now chained and not limited anymore.
1171 - unavailable server now returns HTTP/502.
1172 - increased per-line args limit to 40
1173 - added reqallow/reqdeny to block some request on matches
1174 - added HTTP 400/403 responses
1175
11762002/04/03 : 1.1.5
1177 - connection logging displayed incorrect source address.
1178 - added proxy start/stop and server up/down log events.
1179 - replaced log message short buffers with larger trash.
1180 - enlarged buffer to 8 kB and replace buffer to 4 kB.
1181
11822002/03/25 : 1.1.4
1183 - made rise/fall/interval time configurable
1184
11852002/03/22 : 1.1.3
1186 - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
1187 which could lead to loops.
1188
11892002/03/21 : 1.1.2
1190 - fixed a bug in buffer management where we could have a loop
1191 between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
1192 => implemented an adjustable buffer limit.
1193 - fixed a bug : expiration of tasks in wait queue timeout is used again,
1194 and running tasks are skipped.
1195 - added some debug lines for accept events.
1196 - send warnings for servers up/down.
1197
11982002/03/12 : 1.1.1
1199 - fixed a bug in total failure handling
1200 - fixed a bug in timestamp comparison within same second (tv_cmp_ms)
1201
12022002/03/10 : 1.1.0
1203 - fixed a few timeout bugs
1204 - rearranged the task scheduler subsystem to improve performance,
1205 add new tasks, and make it easier to later port to librt ;
1206 - allow multiple accept() for one select() wake up ;
1207 - implemented internal load balancing with basic health-check ;
1208 - cookie insertion and header add/replace/delete, with better strings
1209 support.
1210
12112002/03/08
1212 - reworked buffer handling to fix a few rewrite bugs, and
1213 improve overall performance.
1214 - implement the "purge" option to delete server cookies in direct mode.
1215
12162002/03/07
1217 - fixed some error cases where the maxfd was not decreased.
1218
12192002/02/26
1220 - now supports transparent proxying, at least on linux 2.4.
1221
12222002/02/12
1223 - soft stop works again (fixed select timeout computation).
1224 - it seems that TCP proxies sometimes cannot timeout.
1225 - added a "quiet" mode.
1226 - enforce file descriptor limitation on socket() and accept().
1227
12282001/12/30 : release of version 1.0.2 : fixed a bug in header processing
12292001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
12302001/12/16 : release of version 1.0.0.
12312001/12/16 : added syslog capability for each accepted connection.
12322001/11/19 : corrected premature end of files and occasional SIGPIPE.
12332001/10/31 : added health-check type servers (mode health) which replies OK then closes.
12342001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
1235 with or without cookies (use keyword http for this).
12362001/09/01 : added client/server header replacing with regexps.
1237 eg:
1238 cliexp ^(Host:\ [^:]*).* Host:\ \1:80
1239 srvexp ^Server:\ .* Server:\ Apache
12402000/11/29 : first fully working release with complete FSMs and timeouts.
12412000/11/28 : major rewrite
12422000/11/26 : first write