commit 85270da1d9b5cbdace5bb6a3c656c4dbf5016883 Author: Willy Tarreau Date: Tue Jan 2 00:59:39 2007 +0100 [MINOR] updated versions and docs The version was not updated in some files. Also, added a few example configs. commit 6620dbb47a1b1781b98ca457b38ddd031fcd8891 Author: Willy Tarreau Date: Tue Jan 2 00:44:53 2007 +0100 [RELEASE] released 1.3.4 Released 1.3.4 with the following major changes : - support for cttproxy on the server side to present the client address to the server. - added support for SO_REUSEPORT on Linux (needs kernel patch) - new RFC2616-compliant HTTP request parser with header indexing - split proxies in frontends, rulesets and backends - implemented the 'req[i]setbe' to select a backend depending on the contents - added the 'default_backend' keyword to select a default BE. - new stats page featuring FEs and BEs + bytes in both dirs - improved log format to indicate the backend and the time in ms. - lots of cleanups commit 35d66b0c28cfda764da02dbcb746c68d0c5baea8 Author: Willy Tarreau Date: Tue Jan 2 00:28:21 2007 +0100 [MINOR] added byte count to sessions and statistics. Now the stats page reports the IN and OUT byte counts per FE, BE and SRV. commit 41dff82b54640e4b17ee0c9c17917dd6396fd90f Author: Willy Tarreau Date: Mon Jan 1 23:32:30 2007 +0100 [CRITICAL] fixed memory leak in session_free() Since the introduction of hdr_idx, session_free() had not been updated to free the header ! It implied a consumption of about 400 bytes per new session. commit 5fdfb911a013b806d9ef766ed72442e3789528c4 Author: Willy Tarreau Date: Mon Jan 1 23:11:07 2007 +0100 [MEDIUM] implemented the "default_backend" keyword The "default_backend" keyword used in a frontend sets the default backend which will be used if no setbe rule matches. commit 128e9546637960ad8806606b2e3b3d2b9561eaf8 Author: Willy Tarreau Date: Mon Jan 1 22:01:43 2007 +0100 [MINOR] stats: factorize many chunk_printf() Improve code size, speed and readability by factoring many calls to chunk_printf(). commit c0dde7a8ed3a15c4f36a07187370ace18e51d17a Author: Willy Tarreau Date: Mon Jan 1 21:38:07 2007 +0100 [MAJOR] udpated the stats page to clearly distinguish FEs and BEs The stats page could not tell the difference between a FE and a BE. It has been revamped to indicate all relevant information. The font is also slightly smaller in order for all the info to fit into small screens. The data output path has been greatly simplified to use string chunks. commit 2b5652f9fa2be87acedd5937e03ec531186c6643 Author: Willy Tarreau Date: Sun Dec 31 17:46:05 2006 +0100 [MINOR] indicate the proxy type in the logs after a loss of servers When the last server goes down in a backend, indicate 'backend' or 'listener' in the log message depending on the type of the backend. commit 13943abbd2fbced45096d44af6adc130fab31c6b Author: Willy Tarreau Date: Sun Dec 31 00:24:10 2006 +0100 [MEDIUM] use an array to store most common options Most common options are now stored in an array which eases the parsing and which also permits reporting of ignored options depending on the proxy's capabilities (back/front). commit e01954f45ed6647cb8b27d1ebb24dc39c240a3d7 Author: Willy Tarreau Date: Sat Dec 30 23:43:54 2006 +0100 [MINOR] option httpclose is now checked both in FE and BE The "httpclose" option affects both frontend and backend, so it was logical to check for its presence at both places. A request which traverses either a frontend or a backend with this option set will have a "Connection: close" header appended. commit ebd6160dd3c5332a5446106efeb23f0d1f0f9838 Author: Willy Tarreau Date: Sat Dec 30 11:54:15 2006 +0100 [MEDIUM] updated log format to report frontend and backend The log format has been slightly updated to separately report the name of the frontend and the name of the backend. The accept date has been enhanced to report the millisecond. The number of remaining connections has also been updated and their order reversed, to include the number of connections on the frontend. The new log format is now : - $1: IP:port - $2: accept date in this format : [dd/mm/YYYY:HH:MM:SS.ttt] - $3: frontend name - $4: backend name '/' server name - $5: req time '/' queue time '/' conn time '/' header time '/' total time - $6: HTTP status code - $7: number of bytes returned - $8: captures (request) - $9: captures (response) - $10: completion flags - $11: remaining conns on process '/' frontend '/' backend '/' server - $12: srv queue size '/' backend queue size - $13..: '"' full request '"' commit 977b8e41ba077cc2085af88e6c3b5f9645bb9488 Author: Willy Tarreau Date: Fri Dec 29 14:19:17 2006 +0100 [MAJOR] distinguish between frontend, backend, ruleset and listen The notion of capabilities has been added to the proxy so that we know whether a proxy supports frontend, backend, or rulesets. Given this, some parameters are optionnal, some are ignored with a warning and others are forbidden. It is now possible to write valid two level configs without binding to dummy address/ports. commit 86034318226029458c51d26a06e96e084e402f72 Author: Willy Tarreau Date: Fri Dec 29 00:10:33 2006 +0100 [MEDIUM] split fe->maxconn into fe->maxconn and be->fullconn The maxconn argument is used only for the listeners, and the fullconn is used only for the backends. If unset, it inherits maxconn's value which itself can inherit the default or the global value (we might need to change this). commit 97de624c17bc431179aca55b89faa6066f2fea4f Author: Willy Tarreau Date: Wed Dec 27 17:18:38 2006 +0100 [MEDIUM] session logging is now defined by the frontend To solve the logging maze, it has been decided that the frontend and nothing else will define how a session will be logged. It might change in the future but at least this choice allows all sort of fantasies. commit 8058743d7a96b2bd1ec7a2831df227c385a905f6 Author: Willy Tarreau Date: Sun Dec 24 17:47:20 2006 +0100 [MEDIUM] errorloc now checked first from backend then from frontend It is now possible to define an errorloc in the backend as well as in the frontend. The backend's will be used first, and if undefined, then the frontend's will be used instead. If none is used, then the original error messages will be used. commit 0f77253a22289ac27ba3ff308c481879dddb50ea Author: Willy Tarreau Date: Sat Dec 23 20:51:41 2006 +0100 [MINOR] store HTTP error messages into a chunk array HTTP error messages were all specific cases handled by an IF. Now they are all in an array so that it will be easier to add new ones. Also, the return functions now use chunks as inputs so that it should be easier to provide alternative return messages if needed. commit 9bf6c6e24fb1dac49fbf2df50eb166a6c45688ce Author: Willy Tarreau Date: Sat Dec 23 11:12:04 2006 +0100 [BUILD] makefile now detects and uses git to set the version If git is found during the build process, then it will be used to set the version, the commit number and the commit date. This way, it will not be needed anymore to update the code to change the version. The version is the last tag, and the commit number is the number of commits since the last tag. commit 79b34bfe0f8765106ccf25c98ae8d1e03de0a8d5 Author: Willy Tarreau Date: Fri Dec 22 15:28:43 2006 +0100 [BUILD] version and date now come from the makefile commit 075a12284c62ba0fff315247d81bee174212cbeb Author: Willy Tarreau Date: Fri Dec 22 14:40:41 2006 +0100 [MINOR] forgot to include common/tools.h in the archive. tools.h contains several commonly-used macros such as MIN() and MAX(). commit 14d43834f5a64453c10fbbf978bf4d329fefb507 Author: Willy Tarreau Date: Tue Dec 19 18:03:12 2006 +0100 [BUILD] updated .gitignore commit 0ea7c431fc7072e6adba59f42dc7d43d318e6ab8 Author: Willy Tarreau Date: Mon Dec 18 00:24:49 2006 +0100 [DOC] added a short descriptive of the backend mechanism commit c21aa083df0fd6ba442c3f17c7fbf2ee96de3f2c Author: Willy Tarreau Date: Mon Dec 18 00:15:06 2006 +0100 [BUILD] fixed the "git-tar" target in the Makefile The git-tar target did not work correctly anymore, probably because of a recent change in the output of "git-describe --tags". This is now fixed. commit 5fc49f2fc37a1be52844a8b2869b7473ad7763a5 Author: Willy Tarreau Date: Sun Dec 17 23:32:53 2006 +0100 [DOC] updated TODO with remaining l7-switch work commit a496b6042b52a6500c19fdf4ce679295bea29c3b Author: Willy Tarreau Date: Sun Dec 17 23:15:24 2006 +0100 [MAJOR] merged the 'setbe' actions to switch the backend on a regex Sin Yu's patch to permit to change the proxy from a regex was merged with little changes : - req_cap/rsp_cap are not reassigned to the new proxy, they stay attached to the frontend - the actions have been renamed "reqsetbe" and "reqisetbe" for "set BackEnd". - the buffer is not reset after the switch, instead, the headers are parsed again by the backend - in Sin's patch, it was theorically possible to switch multiple times, but the switching track was lost, making it impossible to apply server responsesin the reverse order. Now switching is limited to 1 action (separation between frontend and backend) but the filters remain. Now it will be extremely easy to add other switching conditions, such as host matching, URI matching, etc... There's still a hard work to be done on the logs and stats. commit ddb358d932f99baf10d4ac3c139e6cd461af136c Author: Willy Tarreau Date: Sun Dec 17 22:55:52 2006 +0100 [MEDIUM] tried to clean the logs up a little bit The logs have become a real mess. It is now very hard to tell which frontend/backend will impose its configuration for the logs. This needs a complete rework but at least it should work. commit f1221aa19ff64d0702df0fa1af0808cfa019e435 Author: Willy Tarreau Date: Sun Dec 17 22:14:12 2006 +0100 [MEDIUM] separated nbconn into feconn and beconn The nbconn attribute in the proxies was not relevant anymore because a frontend A may use backend B and both of them must account for their respective connections. For this reason, there now are two separate counters for frontend and backend connections. The stats page has been updated to reflect the backend, but a separate line entry for the frontend with error counts would be good. Note that as of now, beconn may be higher than maxconn, because maxconn applies to the frontend, while beconn may be increased due to sessions passed from another frontend. commit 830ff458deeebb202ef9f73d2b2b4b36ac899b55 Author: Willy Tarreau Date: Sun Dec 17 19:31:23 2006 +0100 [MAJOR] reworked ->be, ->fe and ->fi in sessions There was a confusion about the way to find filters and backend parameters from sessions. The chaining has been changed between the session and the proxy. Now, a session knows only two proxies : one frontend (->fe) and one backend (->be). Each proxy has a link to the proxy providing filters and to the proxy providing backend parameters (both self by default). The captures (cookies and headers) have been attached to the frontend's filters for now. The uri_auth and the statistics are attached to the backend's filters so that the uri can depend on a hostname for instance. commit 97a738f32ca2963925f274d0c60931bf1caf4618 Author: Willy Tarreau Date: Sun Dec 17 18:02:30 2006 +0100 [MINOR] add the fiprm and beprm indirections to struct proxy A proxy will be able to borrow parameters from another one. In particular, the filters will be inheritable from another proxy, and the backend parameters too. commit b251390f7ec9d2e91ef5a50059b19d1c7243afc3 Author: Willy Tarreau Date: Sun Dec 17 14:52:38 2006 +0100 [MEDIUM] moved uri_auth check to a separate function The check of uri_auth is now in a separate function which is checked after every backend switch, so that it will be possible to have an uri_auth for the frontend and another one for the backend. commit 921d7c0a7034b2a98a9c5751baea659ecc784906 Author: Willy Tarreau Date: Sun Dec 17 13:50:27 2006 +0100 [MINOR] removed the SN_POST flag and string checks on method Now that hreq.meth is known, use it everywhere a method is required. commit 53b6c74d06593cf39279fc9cbea4eee7f7908e69 Author: Willy Tarreau Date: Sun Dec 17 13:37:46 2006 +0100 [MEDIUM] check the HTTP method after all filters have been applied The HTTP method is now checked and saved into hreq.meth. It will be usable at several places instead of those dirty string comparisons. commit 230fd0bfdfec5df9e76e918a31ba6f0ff61930af Author: Willy Tarreau Date: Sun Dec 17 12:05:00 2006 +0100 [MEDIUM] optimized the request parser a bit more Some while() constructs are not very efficient with gcc, yet they are used to scan all the text in the start line and the headers. Replacing them with more efficient (but ugly) loops provides a global gain of about 2%, which is not bad at all ! commit 976f1ee561f9cb5167cfc2aeee218a345e730b13 Author: Willy Tarreau Date: Sun Dec 17 10:06:03 2006 +0100 [MINOR] reorganized the request parser states to improve speed The most commonly branched states have been grouped in the first ifs. commit 06619265b16dd7f0b2963652cfd1530338616ab8 Author: Willy Tarreau Date: Sun Dec 17 08:37:22 2006 +0100 [MEDIUM] reorganized request handling to prepare for content-switching The filters are now iterated for FE, FI, BE. Some grey areas remain : - uri_auth has been propagated to the backend, but in fact it should be checked at every level (fe, fi, be), depending where it is declared, and before the filters. - the HTTP method and URI should be stored and propagated everywhere they are used. For this, we would need to first apply filters to be aware of filter changes which affect them. - there seems to be no need anymore for hdr_idx[0] being empty. It may contain the start line, which will slightly improve performance and make the code easier to read. commit 45e73e3cd9679ad5da6f4aa9e62227233d32507a Author: Willy Tarreau Date: Sun Dec 17 00:05:15 2006 +0100 [MEDIUM] move all HTTP Request-related session material to struct hreq The req_cap, hdr_state, hdr_idx, auth_hdr and req_line have been moved to a dedicated hreq structure in the session. It makes is easier to add HTTP-specific fields such as SOR (start of request) and EOF (end of headers). It also made it possible to fix two bugs introduced by last commit : - end of headers not correctly detected - hdr_idx not freed upon one specific error during session creation When the backend side will be reworked, it should rely on a similar structure. commit 8a68c24b9190c37f6ae652b7d7049c22f952436f Author: Willy Tarreau Date: Sat Dec 16 23:22:58 2006 +0100 [BUILD] debug.h had a typo. Also add FSM_PRINTF to debug FSM only. commit a4cd1f50ccbe3badf6b79502c10c46333134cb18 Author: Willy Tarreau Date: Sat Dec 16 19:57:26 2006 +0100 [MEDIUM] make process_cli() not depend on req->h anymore Local variables now keep the start and end of line at any moment. req->h has been removed and will soon be removable from the buffer. commit 09733ab10906ab5a8bc2cd5d15a98f2df57e3fc1 Author: Willy Tarreau Date: Sat Dec 16 19:56:22 2006 +0100 [MINOR] add .gitignore commit 1d488b6e10875cfc578cc15689f3ef4d34c813ff Author: Willy Tarreau Date: Sat Dec 16 19:54:02 2006 +0100 [MINOR] added include/common/debug.h This file will provide debugging macros such as DPRINTF. commit f224273df3932c5180bd13b9e535210cba407b85 Author: Willy Tarreau Date: Sat Dec 16 19:00:29 2006 +0100 [BUILD] last commit did not build commit e15d9132df14c5242488ec78171fd47bee70a195 Author: Willy Tarreau Date: Thu Dec 14 22:26:42 2006 +0100 [MEDIUM] reference and index appended request headers When headers are appended to the end of a request, they must be indexed. commit 2a32428926f75d9c409e44890e7a4bfdd0b238a0 Author: Willy Tarreau Date: Tue Dec 5 00:05:46 2006 +0100 [MAJOR] finished replacement of the client-side HTTP parser with a new one The code is working again, but not as clean as it could be. Many blocks should still move to dedicated functions. req->h must be removed everywhere and updated everytime needed. A few functions or macros should take care of the headers during header insertion/deletion/change. commit 58f10d7478639cb820266b4ef8a1f2fc30dec460 Author: Willy Tarreau Date: Mon Dec 4 02:26:12 2006 +0100 [MAJOR] replaced the client-side HTTP parser with a new one The new parser uses an FSM to strictly follow RFC2616. Headers are indexed and parsed only once they're all available. That way, complex regexes make more sense. HTTP processing is now performed in several phases by calling multiple functions, making the code cleaner and easier to read. Note that req[i]pass does not work anymore because it would require that we mark a header to be ignored. What is really needed is to have the ability to add an exception to a matching (match xx except yy). Several bugs have been fixed in appsession during the conversion to the new FSM (method length and recovery on malloc errors). The code does build and work with the debug examples, but is not usable yet to connect to anything as it does not forward the requests yet. commit b7eba103048b82bc5740cf660c40948506354540 Author: Willy Tarreau Date: Mon Dec 4 02:20:02 2006 +0100 [BUG] files were missing for hdr_idx in previous commit commit e5f20dcea81529938ec4a6b1386b8ace36b0ce58 Author: Willy Tarreau Date: Sun Dec 3 15:21:35 2006 +0100 [MEDIUM] added the hdr_idx structure for future HTTP header indexing This structure will consume 4 bytes per header to keep track of headers within a request or a response without having to parse the whole request for each regex. As it's not possible to allocate only 4 bytes, we define a max number of HTTP headers. We set it to (BUFSIZE+79)/80 so that 8kB buffers can contain 100 headers (like Apache), resulting in 400 bytes dedicated to indexation, or about 400/(2*8kB) ~= 2.4% of the memory usage. commit 669e6da163954718e7a8fcb5256b9910e89487b0 Author: Willy Tarreau Date: Sat Dec 2 20:12:09 2006 +0100 [BUG] implemented support for multi-line headers as required by RFC2616. This patch was added in 1.2.9 but was then incidentely reverted by manipulation error when merging next patch (enforce max number of conns). It's now merged again. commit 73de9899a69a7a0f405c21e4b31e8448bf462c12 Author: Willy Tarreau Date: Thu Nov 30 11:40:23 2006 +0100 [MAJOR] separate sess->proxy into sess->{fe,fi,be} The references to the proxy from the session have been turned into Frontend (fe), Filters (fi) and Backend (be). This should ease the migration to the L7 switching features. Next step will be to kill the struct proxy and have 3 independant structs instead, each referenced from entities called listener, frontend, filters and backend. commit 163c53253cc818b004a94e2382d81472cc470fdf Author: Willy Tarreau Date: Tue Nov 14 16:18:41 2006 +0100 [MEDIUM] use tproxy address as source of health checks If a tproxy address is defined, then use it for health checks too. commit f19cf370314c47e14de9ca8d137f5bb1520504c3 Author: Willy Tarreau Date: Tue Nov 14 15:40:51 2006 +0100 [BUILD] remove a warning in backend.c include to remove a warning on memset commit 58b2f836851b78029ac5a7803ee8531709cec888 Author: Willy Tarreau Date: Mon Nov 13 01:22:38 2006 +0100 [MEDIUM] add support for SO_REUSEPORT on Linux SO_REUSEPORT does not exist on Linux but the checks are available in the code. With a little patch, it's possible to implement the feature, but the value of SO_REUSEPORT will still have to be known from userland. This patch adds a workaround to this problem by figuring out the value for the one used by SO_REUSEADDR. commit 77074d548b1149c2727a0a080f8356c2a08c1991 Author: Willy Tarreau Date: Sun Nov 12 23:57:19 2006 +0100 [MAJOR] support for source binding via cttproxy Using the cttproxy kernel patch, it's possible to bind to any source address. It is highly recommended to use the 03-natdel patch with the other ones. A new keyword appears as a complement to the "source" keyword : "usesrc". The source address is mandatory and must be valid on the interface which will see the packets. The "usesrc" option supports "client" (for full client_ip:client_port spoofing), "client_ip" (for client_ip spoofing) and any 'IP[:port]' combination to pretend to be another machine. Right now, the source binding is missing from server health-checks if set to another address. It must be implemented (think restricted firewalls). The doc is still missing too. commit 2152cb5b59409d5e4085b2e366c1d4ba7d780fa0 Author: Willy Tarreau Date: Sun Nov 12 23:50:48 2006 +0100 [MEDIUM] import ip_tproxy.h from cttproxy The file "ip_tproxy.h" will be needed to build with cttproxy support. Let's include it to ease the build process.