forked from fireeye/RProxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathChangeLog
307 lines (268 loc) · 15.4 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
v2.0.17
o Fixes for redirection and client socket handling. (0f09bfe Mark Ellzey)
o Extra logging for redirection responses. (05d9cb8 Mark Ellzey)
o Append X-Redirected-Via for redirected requests (06613e7 Mark Ellzey)
o redirect cleanup and documentation (f81fa6e Mark Ellzey)
v2.0.16
o Fix potential null deref with method logging. (d26ca8f Mark Ellzey)
o Set method str to '-' if method is unknown. (f573411 Mark Ellzey)
o Ability to turn off nagle on client/listener/downstream sockets. (0b1b4db Mark Ellzey)
o Bugfix for methstr assignment. (fc5a326 Mark Ellzey)
v2.0.15
o Initial CRL verification support. (d367397 Mark Ellzey)
o OSX returns struct timespec for stat while linux returns a time_t. This was fixed. (781e3ca Mark Ellzey)
o Actually add the crl config to ssl {} (ee5f428 Mark Ellzey)
o SSL proto opts were not being placed in the config, this got removed somehow, so I readded it. (6f9add7 Mark Ellzey)
o Add logging, fix leak. (04dc43c Sean Cunningham)
o Added locking around CRL ent checks. (7266970 Mark Ellzey)
o Fix pthread_mutex_init() call. (b8aea13 Mark Ellzey)
o Apply vhost args from main evhtp if ssl not local (18c6cc4 Mark Ellzey)
v2.0.14
o Fix bug where connection->request was not being set to NULL on error. (f7da115 Mark Ellzey)
o use evhtp_disable_100_continue for each new evhtp. (7f0d2fd Mark Ellzey)
o Fix bug where evhtp_disable_100_continue was being called on main evhtp instead of the vhost. (450d715 Mark Ellzey)
o Deal with downstream -> rproxy -> upstream 1xx response. (c4d923c Mark Ellzey)
v2.0.13
o during cfg parsing, stat SSL configuration files to ensure that they exist (51386c7 Steven Ross)
o use htparser_get_content_pending (c972ff3 Mark Ellzey)
v2.0.11
o Updating the README (unfinished) (83cb952 Mark Ellzey)
o Close connection if no rules are matched. (18d5009 Mark Ellzey)
o Version 2.0.10, see ChangeLog for details (ccdbc31 Mark Ellzey)
o Added resource utilization reporting on startup (cfcbfe9 Mark Ellzey)
o Add support for sha-1 fingerprint. (072598e Sean Cunningham)
o Formatting fixup. (e3a81e8 Mark Ellzey)
o Fix for trailing } on ifdef. (b05fe7f Mark Ellzey)
v2.0.10
o resume client request if pending timeout hits. (c282793 Mark Ellzey)
o Updating the README (unfinished) (83cb952 Mark Ellzey)
o Close connection if no rules are matched. (18d5009 Mark Ellzey)
v2.0.9
o Default logging level is now error. (4c8e275 Mark Ellzey)
o Set "downstream down" messages log at level 'info'. (6e7d902 Mark Ellzey)
o Add strip-headers config, see commit msg for details. (78a1075 Mark Ellzey)
v2.0.8
o Make @b6n not mad at me with default ciphers. (4911743 Mark Ellzey)
o Added upstream high-watermark logic. (0c8064d Mark Ellzey)
o Require libevhtp 1.1.7 (7d43a20 Mark Ellzey)
v2.0.7
o Added redirect host filtering. (4ef9155 Mark Ellzey)
v2.0.6
o Log ssl errors. (2e2c647 Mark Ellzey)
o Rules with no downstreams configured now return 404 and log. (49d0a03 Mark Ellzey)
o Default log level to error. (7c0d840 Mark Ellzey)
o Convert \n in x-ssl-certificates to \r\n's. (1d0ad8c Mark Ellzey)
o Use ASL logging for OSX instead of syslog. (cb26a3a Mark Ellzey)
v2.0.5
o default ciphers from google defaults (2305454 Mark Ellzey)
o Fixed race bug when odd upstream errors happen. (46cfc9e Mark Ellzey)
v2.0.4
o Error on invalid rule pattern, log source port on set_idle. (b7ecd58 Mark Ellzey)
o Rule configuration directive changes. (21b6191 Mark Ellzey)
o Fix memoryleak in log_error_request. (1849bcf Mark Ellzey)
o Added {RULE} logging argument. (6a77ae9 Mark Ellzey)
o Fix smoke tests for new rule configuration. (f130c8e Mark Ellzey)
v2.0.3
o Added a "default" rule type. (934bb6d Mark Ellzey)
o Logging heiarchy server -> vhost -> rule (6b2de9c Mark Ellzey)
o Set event errors as INFO error logging. (d044e91 Mark Ellzey)
o Fixu non-request logging bugs. (4c050e5 Mark Ellzey)
o Require evhtp v1.0.0 (c8b3497 Mark Ellzey)
v2.0.2
o set connection->request NULL when passthrough event (7585256 Mark Ellzey)
o Require evhtp 0.4.16 (017b93c Mark Ellzey)
v2.0.1
o set downstream down when request is null. (7c5992d Mark Ellzey)
o Removing doxygen output. (3031101 Mark Ellzey)
o Fixed issue with timeouts and passthrough's. (56d7583 Mark Ellzey)
v2.0.0
o Moving into the 2.x rule-based proxy architecture. (2dac0cb Mark Ellzey)
o vhost / SNI support. (a08a68b Mark Ellzey)
o Fixed thread race condition bug for downstream IO (258cea1 Mark Ellzey)
o Cleanup and documentation. (4081e75 Mark Ellzey)
o Initial checkin of 'passthrough' feature. (9af3453 Mark Ellzey)
o Move passthrough ownership transition after upstream headers have been processed. (01b2404 Mark Ellzey)
o Added log abstraction API "lzlog" (e3a23b6 Mark Ellzey)
o Set -Wno-deprecated-declarations cflag for OSX (710b735 Mark Ellzey)
o Request logging initial re-commit. (b7d9841 Mark Ellzey)
o downstream host cfg can now be a hostname. (7a74627 Mark Ellzey)
o Finished up logging API conversion over to lzlog. (a146877 Mark Ellzey)
o Replaced old logging calls with new API (e188b54 Mark Ellzey)
o Removed old logging calls. (cd551fe Mark Ellzey)
o upstream_request_start is now an on_hostname hook. (d30816a Mark Ellzey)
o Initial commit of the internal redirect feature. (aab993d Mark Ellzey)
o Working internal redirect initial commit. (4b8eb58 Mark Ellzey)
o Redirect now enabled on a per-rule basis. (94cbbf2 Mark Ellzey)
o Smoketest updates, bugfixes, extra config opts. (49151d1 Mark Ellzey)
o Remove sensitive x-headers even if not configured. (7cb57dd Mark Ellzey)
o Added mem_trimsz for mallopt config. (77b4e81 Mark Ellzey)
o Set upstream req to NULL when take_ownership is on (1ec8fc0 Mark Ellzey)
o Free request if passthrough enabled. (2a40e46 Mark Ellzey)
o Logging updates, potential doublewrite fix. (a37b22c Mark Ellzey)
o Fix for double write, hopefully. (d0a4459 Mark Ellzey)
o removed x509 verify logging for now. (3f0366d Mark Ellzey)
o Fixed up file logging. (c0cf17d Mark Ellzey)
o Documentation updates. (693a194 Mark Ellzey)
v1.0.22
o Fix potential garbage ret from ssl_x509_ext_tostr (5a29cf5 Mark Ellzey)
v1.0.21
o Fixed an assert logic error. (b711410 Mark Ellzey)
v1.0.19
o Log before write. (3a00ff9 Mark Ellzey)
o Error handling refactoring, new logging formats, and much more, see full commit log. (c20e8bd Mark Ellzey)
o Cleanup - Updated documentation for new log formats. (ad0cc31 Mark Ellzey)
o Require use of libevhtp v0.4.12 or higher. (6033ba0 Mark Ellzey)
o Updating API docs. (ef1b46a Mark Ellzey)
o Make sure we use libevhtp-v0.4.13 (ccbbaaf Mark Ellzey)
o Prep release v1.0.20. (606bcb0 Mark Ellzey)
v1.0.18
o Force pending timeout on requests in the high-watermark wait phase. (26fd21e Mark Ellzey)
o delete the pending_ev if the writecb is called. (6901add Mark Ellzey)
o Added high-watermark-timeout config option for timing out dead downstreams when a high-watermark is hit. Additionally added functionality to stagger pending timers to stop huge bursts of timeouts. (1a8baf6 Mark Ellzey)
o Last commit was buggy, adding some debug msgs. (538ed54 Mark Ellzey)
o More debug. (e0e878a Mark Ellzey)
o Unset hooks on timeout. (2f03648 Mark Ellzey)
o Fixes (82d5ccd Mark Ellzey)
o More debug info. (8527eab Mark Ellzey)
o derp (641502c Mark Ellzey)
o fjkdsla (cd2ffd3 Mark Ellzey)
o More. (bbe92a1 Mark Ellzey)
o updates (51c635d Mark Ellzey)
o Apply read/write timeouts to downstreams too. (42fc67a Mark Ellzey)
o per-downstream read/write timeouts. (8dd4a28 Mark Ellzey)
o Set default build-type to Release. (546d1b6 Mark Ellzey)
o Adding Apache2.0 license to all source. (773c902 Mark Ellzey)
o Updating documentation. (585a765 Mark Ellzey)
o Updated documentation on setting file limits. (c387e12 Mark Ellzey)
o send_upstream_* now handles errors gracefully. (b607209 Mark Ellzey)
o Fixing up sample.cfg (cc4bea2 Mark Ellzey)
o Making NDEBUG == RPROXY_DEBUG (4ed028d Mark Ellzey)
o Adding source port information for connected downstream sockets. (937ce7a Mark Ellzey)
o Adding a more verbose event error log. (2bedd9c Mark Ellzey)
o New req logging fmts for up/downstream src ports. (cf5b2da Mark Ellzey)
o Prep release v1.0.19 (106b2d5 Mark Ellzey)
v1.0.17
o Pending timers now staggered, avoiding bursts. (5fbf068 Mark Ellzey)
o Replaced high-watermark-timeout with downstream r/w timeouts. (e4c9d3e Mark Ellzey)
o per-downstream read/write timeouts. (9c8cccb Mark Ellzey)
o Updating documentation for new config options. (85d1611 Mark Ellzey)
o Set default build-type to Release. (3ec8caa Mark Ellzey)
o Adding Apache2.0 license to all source. (3f0044b Mark Ellzey)
o Prep release v1.0.18 (08c458a Mark Ellzey)
v1.0.16
o Added max-nofile config for setting max file open fd's. Updated documentation. (bc2d422 Mark Ellzey)
o Fixed memory leak in ssl_x509_ext_tostr() (3503944 Mark Ellzey)
o Prep release v1.0.17 (5601da1 Mark Ellzey)
v1.0.15
o Only display downstream down logs if the previous state was NOT down. (8b80172 Mark Ellzey)
o Added more restrictive error logging for socket errors. (ba1f386 Mark Ellzey)
o Prep release v1.0.16 (003542d Mark Ellzey)
v1.0.14
o Fixed bug in round-robin lb-method where if a wrap occurs, it does not check to see if it has any idle connections to use. This would potentially never return an idle connection if one goes down. (c43d370 Mark Ellzey)
o Prep release v1.0.15 (8041d2c Mark Ellzey)
v1.0.13
o Add port to X-Forwarded-For. Support IPv6. (1b17c0c Sean Cunningham)
o Fix formatting and host order. (560bfb4 Sean Cunningham)
o Moar logging fixes (6f40145 Stephen Cox)
o Format cleanup (9405368 Mark Ellzey)
o Initial commit of different load-balancing methods. (4923249 Mark Ellzey)
o Added round-robin lb method; Removed "ping" stuff as it is just an extra layer of complexity which won't be used. Updated documentation to reflect these changes. (02a27ee Mark Ellzey)
o Cleaning up unused code. (610ec3e Mark Ellzey)
o Formatting cleanup. (0caa904 Mark Ellzey)
o Added smoke tests for round-robin functionality + updated unit-tests + minor bugfixes (d9ee51b Mark Ellzey)
o updated sample.cfg to use lb-method = roundrobin (97934e9 Mark Ellzey)
o Added lb-method none, which simply chooses the the first available connection without any calculations. (7eaddc5 Mark Ellzey)
o Fixed smoke test to not use 'seq' command. (ddbed8d Mark Ellzey)
o Prepping release v1.0.14 (1192938 Mark Ellzey)
v1.0.12
o Fixed issue where request_free() was called before error logging. (74cdc44 Mark Ellzey)
o Prep release v1.0.13 (0d8cf12 Mark Ellzey)
v1.0.11
o Updating the README documentation. (152e8c0 Mark Ellzey)
o Add error log helper for including the request in the logs; Minor tweak to smoke test build. (81ec5a5 Stephen Cox)
o Cleanup - some error checking additions. (fbaaa9a Mark Ellzey)
o Removed unnecessary newlines from error logging. (43496f4 Mark Ellzey)
o Prepping release v1.0.12 (6f2d3d9 Mark Ellzey)
v1.0.10
o Don't use mallopt on systems without it. (2f91c7d Mark Ellzey)
o Fixes for strn* functions not avail on system. (4f60c91 Mark Ellzey)
o Prepping v1.0.11 (809393e Mark Ellzey)
v1.0.9
o Fixed comparison error. (3b83c21 Mark Ellzey)
o Upping version (0ce2635 Mark Ellzey)
v1.0.8
o Added upstream_pre_accept to close a connection before SSL handshake if the backlog is full. (4aa401b Mark Ellzey)
o smoke_backend cleanups (3bb1b88 Mark Ellzey)
o Fixup for checking pending count. (d4cb39e Mark Ellzey)
o Added libevhtp version to output. (ae6adf3 Mark Ellzey)
o Added some extra debug logging. (117d65d Mark Ellzey)
o More debug logging. (20738a6 Mark Ellzey)
o even more debug logging. (6f7a513 Mark Ellzey)
o even more debug logging. (53f4305 Mark Ellzey)
o draining on idle, potential fix, prob. not. (b968888 Mark Ellzey)
o adding NODELAY to downstream connections. (e385089 Mark Ellzey)
o Add smoke test for invalid upstream chunking (b1e028e Stephen Cox)
o testing. (7c06d69 Mark Ellzey)
o Add config/backend support for chunking test (c233b6d Stephen Cox)
o active when pending is full in start (0ef3f91 Mark Ellzey)
o removing setsockopt (9b068ba Mark Ellzey)
o removing drain from set_idle() (4eea75b Mark Ellzey)
o removing event_active (f233970 Mark Ellzey)
o test (a223831 Mark Ellzey)
o rearrange timer_del (6fcff90 Mark Ellzey)
o Added some pending debug logs (eda3a38 Mark Ellzey)
o Fix potential hanging-connection issue if client sends connection: close header. (63e1372 Mark Ellzey)
o Make various timers fire at a lower priority than other events. (d30f3fa Mark Ellzey)
o removing priorities. (82eb732 Mark Ellzey)
o testing thresholds (5001246 Mark Ellzey)
o updating tests (999a86a Mark Ellzey)
o Made high-watermark for downstreams configurable (8736fd6 Mark Ellzey)
o Removing stupid debug log. (aaadb84 Mark Ellzey)
o Testing removal of pending check when it's already been accepted. (59ba13f Mark Ellzey)
o Prepping v1.0.9 (449a3e7 Mark Ellzey)
v1.0.7
o Fix logging param on downstream reconnect (44bb5aa Stephen Cox)
o Allow SSL context timeout to be passed in via config (7d016e2 Stephen Cox)
o Add smoke tests (0c48048 Stephen Cox)
o Prefer x-ssl-certificate instead of x-ssl-cert for consistency (354134f Stephen Cox)
o Implement missing tostr functions (x-ssl header support) (41fd76c Stephen Cox)
o Add additional test rewrite rules; Clean up spacing (e956cb2 Stephen Cox)
o Allow arbitrary x509 extension to be added as a header to downstream; Fix directory issues with smoke test (b4589f8 Stephen Cox)
o Revert cfg user/group to rproxy (901e154 Stephen Cox)
o Add smoke tests for slow connections and invalid chunk length. (b759937 Stephen Cox)
o cleanup (6c8933b Mark Ellzey)
o Have smoke tests run in build directory without install. (0b71ef9 Mark Ellzey)
o Updating README.md (cd23e34 Mark Ellzey)
o Prepping release v1.0.8 (785b380 Mark Ellzey)
v1.0.6
o tp2656 - fix to immediately re-ping upon down -> idle downstream state transitions. (236f1b5 Mark Ellzey)
o TP-2653 protocols-(on|off) directives being ignored. (7b1cbf1 Mark Ellzey)
o Various bugfixes (b184ef6 Mark Ellzey)
o Prepping release v1.0.7 (c18f337 Mark Ellzey)
v1.0.5
o Inform evhtp to not keep the connection alive if pending timeout is reached. (75dd245 Mark Ellzey)
o Set connection: close header if pending timeout occurs (acf3983 Mark Ellzey)
o Require libevhtp version >= 0.4.5 (f6c984a Mark Ellzey)
o Prepping release v1.0.6 (92c0fa0 Mark Ellzey)
v1.0.4
o When a downstream errors during a response to the upstream, we must force the client connection closed instead of sending back just a 503. (6d66efd Mark Ellzey)
o Fixed syntax error. (67ad8e6 Mark Ellzey)
o fix with unsetting hooks before connection_free (851af51 Mark Ellzey)
o Prepping release 1.0.5 (951ae40 Mark Ellzey)
v1.0.3
o Cert buffer not large enough to accomodate NULL byte. Do not assume last character in input is '\n'. (000708a Sean Cunningham)
o Prep release v1.0.4 (11abee1 Mark Ellzey)
v1.0.2
o Modified ChangeLog (f15529b Mark Ellzey)
o Added enforce-peer-cert and updated documentation. (dc4bd2d Mark Ellzey)
o If the system contains the daemon() function, then use that instead of the built-in one. (02367ac Mark Ellzey)
o Removed x509_chk_issued_cb callback. (773517f Mark Ellzey)
o Daemonize fix (99b0037 Mark Ellzey)
o Prepping release v1.0.3 (507fee5 Mark Ellzey)
v1.0.1
o Added max-pending config directive to limit the number of requests in a pending state. (399b30c Mark Ellzey)
o Prepping release 1.0.2 (ba2a353 Mark Ellzey)
v1.0.0
o Updated unit tests. (2716cef Mark Ellzey)
o Fix crash when pending-timeout = 0 then attempts to delete the event. (1926c7e Mark Ellzey)
o Updating version information. (82d80f6 Mark Ellzey)