Note that QUIC 0-RTT is not supported by haproxy QUIC stack when built against
OpenSSL. In addition to this compilation requirements, the QUIC listener
-bindings must be explicitely enabled with a specifig QUIC tuning parameter.
+bindings must be explicitly enabled with a specific QUIC tuning parameter.
(see "limited-quic" global parameter of haproxy Configuration Manual).
The ADDINC variable may be used to add some extra include paths; this is
sometimes needed when cross-compiling. Similarly the ADDLIB variable may be
-used to specifify extra paths to library files. Example :
+used to specify extra paths to library files. Example :
$ make TARGET=generic ADDINC=-I/opt/cross/include ADDLIB=-L/opt/cross/lib64
filter spoe [engine <name>] config <file>
...
-The "config" parameter is mandatory. It specififies the SPOE configuration
+The "config" parameter is mandatory. It specifies the SPOE configuration
file. The engine name is optional. It can be set to declare the scope to use in
the SPOE configuration. So it is possible to use the same SPOE configuration
for several engines. If no name is provided, the SPOE configuration must not
scope in the same file. In each scope, you must define one and only one
"spoe-agent" section to configure the SPOA linked to your SPOE and several
"spoe-message" and "spoe-group" sections to describe, respectively, messages and
-group of messages sent to servers mananged by your SPOA.
+group of messages sent to servers managed by your SPOA.
A SPOE scope starts with this kind of line :
written to in addition to the source table. <wtable> must be of
the same type as the table being defined and must have the same
key length, and source table cannot be used as a target table
- itself. Everytime an entry update will be received on the source
+ itself. Every time an entry update will be received on the source
table through a peer, haproxy will try to refresh related
<wtable> entry. If the entry doesn't exist yet, it will be
created, else its values will be updated as well as its timer.
Note that only types that are not involved in arithmetic ops such
as server_id, server_key and gpt will be written to <wtable> to
- prevent processed values from a remote table from intefering with
+ prevent processed values from a remote table from interfering with
arithmetic operations performed on the local target table.
(ie: prevent shared cumulative counter from growing indefinitely)
One common use of this option is to be able to use sticking rules
quic-force-retry
This is a QUIC specific setting which forces the use of the QUIC Retry feature
for all the connection attempts to the configured QUIC listeners. It consists
- in veryfying the peers are able to receive packets at the transport address
+ in verifying the peers are able to receive packets at the transport address
they used to initiate a new connection, sending them a Retry packet which
contains a token. This token must be sent back to the Retry packet sender,
this latter being the only one to be able to validate the token. Note that QUIC
values to 256 bytes for optimal performance.
Note that unlike fc_pp_authority and fc_pp_unique_id, fc_pp_tlv is able to
- iterate over all occurances of a requested TLV in case there are duplicate
+ iterate over all occurrences of a requested TLV in case there are duplicate
TLV IDs. The order of iteration matches the position in the PROXY protocol
header. However, relying on duplicates should mostly be avoided as TLVs are
typically assumed to be unique. Generally, finding duplicated TLV IDs
Common values are "1.0", "1.1", "2.0" or "3.0".
In the case of http/2 and http/3, the value is not extracted from the HTTP
- version in the request line but is determined by the negociated protocol
+ version in the request line but is determined by the negotiated protocol
version.
ACL derivatives :
vtest program comes with interesting options. The most interesting are:
-t Timeout in seconds to abort the test if some launched program
- -v By default, vtest does not dump the outputs of processus it launched
+ -v By default, vtest does not dump the outputs of process it launched
when the test passes. With this option the outputs are dumped even
when the test passes.
-L to always keep the temporary VTC directories.
"feature ignore_unknown_macro" is mandatory for each VTC file for haproxy.
To make vtest capable of testing haproxy, two new VTC commands have been
-implemented: "haproxy" and "syslog". "haproxy" is used to start haproxy processus.
+implemented: "haproxy" and "syslog". "haproxy" is used to start haproxy process.
"syslog" is used to start syslog servers (at this time, only used by haproxy).
As haproxy cannot work without configuration file, a VTC file for haproxy must
A 'stats.sock' UNIX socket is also created in this directory. There is no need
to declare such stats sockets in the -conf {...} section. The name of the parent
directory of the haproxy instances working directories is stored in 'tmpdir'. In
-fact this is the working directory of the current vtest processus.
+fact this is the working directory of the current vtest process.
There also exists 'testdir' macro which is the parent directory of the VTC file.
It may be useful to use other files located in the same directory than the current
-- read line
ret = tcp:receive("*l")
if ret == nil then
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
-- expected code
if string.match(ret, code) ~= nil then
if tcp:send("HELO " .. domain .. "\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^250 ')
if tcp:send("MAIL FROM: <" .. from .. ">\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^250 ')
if tcp:send("RCPT TO: <" .. to .. ">\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^250 ')
if tcp:send("DATA\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^354 ')
if tcp:send(data .. "\r\n.\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^250 ')
if tcp:send("QUIT\r\n") == nil then
tcp:close()
- return false, "Connection unexpectly closed"
+ return false, "Connection unexpectedly closed"
end
ret, reason = smtp_wait_code(tcp, '^221 ')
if (ret < 0) {
/* XXX: Handle all errors as a lack of space because callers
* don't handles other cases for now. So applets must be
- * carefull to handles shutdown (-2) and invalid calls (-3) by
+ * careful to handles shutdown (-2) and invalid calls (-3) by
* themselves.
*/
sc_need_room(se->sc, chunk->data);
if (ret < -1) {
/* XXX: Handle all errors as a lack of space because callers
* don't handles other cases for now. So applets must be
- * carefull to handles shutdown (-2) and invalid calls (-3) by
+ * careful to handles shutdown (-2) and invalid calls (-3) by
* themselves.
*/
sc_need_room(se->sc, len);
if (ret == -1) {
/* XXX: Handle all errors as a lack of space because callers
* don't handles other cases for now. So applets must be
- * carefull to handles shutdown (-2) and invalid calls (-3) by
+ * careful to handles shutdown (-2) and invalid calls (-3) by
* themselves.
*/
sc_need_room(se->sc, strlen(str));
if (ret == -1) {
/* XXX: Handle all errors as a lack of space because callers
* don't handles other cases for now. So applets must be
- * carefull to handles shutdown (-2) and invalid calls (-3) by
+ * careful to handles shutdown (-2) and invalid calls (-3) by
* themselves.
*/
sc_need_room(se->sc, 1);
struct stconn;
-/* perform minimal intializations, report 0 in case of error, 1 if OK. */
+/* perform minimal initializations, report 0 in case of error, 1 if OK. */
int init_channel();
unsigned long long __channel_forward(struct channel *chn, unsigned long long bytes);
#define TLV_HEADER_SIZE 3
#define HA_PP2_AUTHORITY_MAX 255 /* Maximum length of an authority TLV */
-#define HA_PP2_TLV_VALUE_128 128 /* E.g., accomodate unique IDs (128 B) */
-#define HA_PP2_TLV_VALUE_256 256 /* E.g., accomodate authority TLVs (currently, <= 255 B) */
+#define HA_PP2_TLV_VALUE_128 128 /* E.g., accommodate unique IDs (128 B) */
+#define HA_PP2_TLV_VALUE_256 256 /* E.g., accommodate authority TLVs (currently, <= 255 B) */
#define HA_PP2_MAX_ALLOC 1024 /* Maximum TLV value for PPv2 to prevent DoS */
struct proxy_hdr_v2 {
#define GTUNE_LISTENER_MQ_OPT (1<<28)
#define GTUNE_LISTENER_MQ_ANY (GTUNE_LISTENER_MQ_FAIR | GTUNE_LISTENER_MQ_OPT)
-extern int cluster_secret_isset; /* non zero means a cluster secret was initiliazed */
+extern int cluster_secret_isset; /* non zero means a cluster secret was initialized */
/* SSL server verify mode */
enum {
#define TX_CON_WANT_TUN 0x00008000 /* Will be a tunnel (CONNECT or 101-Switching-Protocol) */
-#define TX_CACHE_HAS_SEC_KEY 0x00010000 /* secondary key building succedeed */
+#define TX_CACHE_HAS_SEC_KEY 0x00010000 /* secondary key building succeeded */
#define TX_USE_PX_CONN 0x00020000 /* Use "Proxy-Connection" instead of "Connection" */
REDIRECT_TYPE_SCHEME, /* scheme redirect (eg: switch from http to https) */
};
-/* Perist types (force-persist, ignore-persist) */
+/* Persist types (force-persist, ignore-persist) */
enum {
PERSIST_TYPE_NONE = 0, /* no persistence */
PERSIST_TYPE_FORCE, /* force-persist */
#define MQTT_CONNECT_FL_PASSWORD 0x40
#define MQTT_CONNECT_FL_USERNAME 0x80
-/* MQTT packet properties indentifiers
+/* MQTT packet properties identifiers
* https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901029
*/
#define MQTT_PROP_PAYLOAD_FORMAT_INDICATOR 0x01
}
/*
- * Return a protobuf type enum from <s> string if succedeed, -1 if not.
+ * Return a protobuf type enum from <s> string if succeeded, -1 if not.
*/
int protobuf_type(const char *s)
{
#define PR_O2_LOGERRORS 0x00000040 /* log errors and retries at level LOG_ERR */
#define PR_O2_SMARTACC 0x00000080 /* don't immediately ACK request after accept */
#define PR_O2_SMARTCON 0x00000100 /* don't immediately send empty ACK after connect */
-#define PR_O2_RDPC_PRST 0x00000200 /* Actvate rdp cookie analyser */
+#define PR_O2_RDPC_PRST 0x00000200 /* Activate rdp cookie analyser */
#define PR_O2_CLFLOG 0x00000400 /* log into clf format */
#define PR_O2_LOGHCHKS 0x00000800 /* log health checks */
#define PR_O2_INDEPSTR 0x00001000 /* independent streams, don't update rex on write */
}
/* Return the number of bytes which may be sent from <qc> connection when
- * it has not already been validated. Note that this is the responsability
+ * it has not already been validated. Note that this is the responsibility
* of the caller to check that the case with quic_peer_validated_addr().
* This latter BUG_ON() if 3 * qc->rx.bytes < qc->tx.prep_bytes.
*/
#define QUIC_OPENSSL_COMPAT_TLS_SECRET_LEN 48
#define QUIC_OPENSSL_COMPAT_TLS_IV_LEN 12
-/* Highly inspired from nginx QUIC TLS compatibilty code */
+/* Highly inspired from nginx QUIC TLS compatibility code */
enum ssl_encryption_level_t {
ssl_encryption_initial = 0,
#ifdef USE_QUIC_OPENSSL_COMPAT
-/* Highly inspired from nginx QUIC TLS compatibilty code */
+/* Highly inspired from nginx QUIC TLS compatibility code */
#include <haproxy/listener-t.h>
#include <haproxy/quic_openssl_compat-t.h>
}
/* Map <level> TLS stack encryption level to our internal QUIC TLS encryption level
- * if succeded, or -1 if failed.
+ * if succeeded, or -1 if failed.
*/
static inline enum quic_tls_enc_level ssl_to_quic_enc_level(enum ssl_encryption_level_t level)
{
/* sets the current and previous state of a stream connector to <state>. This is
- * mainly used to create one in the established state on incoming conncetions.
+ * mainly used to create one in the established state on incoming connections.
*/
static inline void sc_set_state(struct stconn *sc, int state)
{
} reason;
struct {
int cur; /* dynamic (= check->health) */
- int rise, fall; /* config dependant */
+ int rise, fall; /* config dependent */
} health; /* check's health, see check-t.h */
};
void *cb_data;
short int block_size;
ALWAYS_ALIGN(64); /* The following member needs to be aligned to 64 in the
- cache's case because the cache struct contains an explicitely
+ cache's case because the cache struct contains an explicitly
aligned member (struct cache_tree). */
unsigned char data[VAR_ARRAY];
};
ullong response_ts; /* date the response processing starts */
long t_request; /* delay to encode and push the frame in queue (cumulative for frags) */
long t_queue; /* delay before the frame gets out the sending queue (cumulative for frags) */
- long t_waiting; /* delay before the response is reveived */
+ long t_waiting; /* delay before the response is received */
long t_response; /* delay to process the response (from the stream pov) */
long t_process; /* processing time of the last event/group */
unsigned long t_total; /* cumulative processing time */
/* Report a send blocked. This function sets <fsb> to now_ms if it was not
* already set or if something was sent (to renew <fsb>).
*
- * if somehting was sent (<did_send> != 0), a read activity is also reported for
+ * if something was sent (<did_send> != 0), a read activity is also reported for
* non-independent stream.
*/
static forceinline void sc_ep_report_blocked_send(struct stconn *sc, int did_send)
}
/* Increase the number of cumulated HTTP requests in the backend's tracked
- * counters. We don't look up the session since it cannot happen in the bakcend.
+ * counters. We don't look up the session since it cannot happen in the backend.
*/
static inline void stream_inc_be_http_req_ctr(struct stream *s)
{
} hdr; /* Matching a header pattern */
- /* custom function to eval epxect rule */
+ /* custom function to eval expect rule */
enum tcpcheck_eval_ret (*custom)(struct check *, struct tcpcheck_rule *, int);
};
struct tcpcheck_rule *head; /* first expect of a chain. */
http-after-response set-header proxy_custom_tlv_b %[var(txn.custom_tlv_b)]
# Note that we do not check for an invalid TLV ID as that would result in an
- # parser error anway.
+ # parser error anyway.
http-request return status 200
} -start
expect resp.status == 200
rxdata -all
expect resp.bodylen == 16300
- #expext resp.chunkedlen == 16300
+ #expect resp.chunkedlen == 16300
} -run
} -repeat 2 -run
* condition is returned. NULL is returned in case of error or if the first
* word is neither "if" nor "unless". It automatically sets the file name and
* the line number in the condition for better error reporting, and sets the
- * HTTP intiailization requirements in the proxy. If <err> is not NULL, it will
+ * HTTP initialization requirements in the proxy. If <err> is not NULL, it will
* be filled with a pointer to an error message in case of error, that the
* caller is responsible for freeing. The initial location must either be
* freeable or NULL.
(srv->ssl_ctx.options & SRV_SSL_O_EARLY_DATA) &&
/* Only attempt to use early data if either the client sent
* early data, so that we know it can handle a 425, or if
- * we are allwoed to retry requests on early data failure, and
+ * we are allowed to retry requests on early data failure, and
* it's our first try
*/
((cli_conn->flags & CO_FL_EARLY_DATA) ||
* is already expired, and NULL is returned. Otherwise, the expired entry is
* removed from the tree and NULL is returned.
* Returns a valid (not expired) cache_tree pointer.
- * The returned entry is not retained, it should be explicitely retained only
+ * The returned entry is not retained, it should be explicitly retained only
* when necessary.
*
* This function must be called under a cache lock, either read if
* the cache_use case which is under cache_rdlock and
* the reserve_hot case which would require the
* corresponding block to still be in the avail list,
- * which is impossible (we reverved it for a thread and
+ * which is impossible (we reserved it for a thread and
* took it out of the avail list already). The only two
* references are then the default one (upon cache_entry
* creation) and the one in this cleanup list.
REGISTER_SERVER_DEINIT(deinit_srv_check);
REGISTER_SERVER_DEINIT(deinit_srv_agent_check);
-/* perform minimal intializations */
+/* perform minimal initializations */
static void init_checks()
{
int i;
return -1;
}
- /* Ensure a valid protocol is selected if connection is targetted by a
+ /* Ensure a valid protocol is selected if connection is targeted by a
* tcp-request session attach-srv rule.
*/
if (conn->reverse.target && !(mux_ops->flags & MX_FL_REVERSABLE)) {
/* Called from the upper layer, to subscribe <es> to events <event_type>.
* The <es> struct is not allowed to differ from the one passed during a
* previous call to subscribe(). If the connection's ctrl layer is ready,
- * the wait_event is immediately woken up and the subcription is cancelled.
+ * the wait_event is immediately woken up and the subscription is cancelled.
* It always returns zero.
*/
int conn_subscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
done = 0;
- /* note: the block below could be simplied using macros but for only
+ /* note: the block below could be simplified using macros but for only
* 4 flags it's not worth it.
*/
if (item->mux->flags & MX_FL_HTX)
" <obj> = { strm.f | strm.x | scf.s | scb.s | txn.f | req.f | res.f }\n"
" <op> = {'' (show) | '=' (assign) | '^' (xor) | '+' (or) | '-' (andnot)}\n"
" <value> = 'now' | 64-bit dec/hex integer (0x prefix supported)\n"
- " 'wake' wakes the stream asssigned to 'strm' (default: current)\n"
+ " 'wake' wakes the stream assigned to 'strm' (default: current)\n"
);
}
struct pool_head *pool_head_buffer __read_mostly;
-/* perform minimal intializations, report 0 in case of error, 1 if OK. */
+/* perform minimal initializations, report 0 in case of error, 1 if OK. */
int init_buffer()
{
void *buffer;
return ACT_RET_CONT;
}
-/* Check function for "set-bandwidth-limit" aciton. It returns 1 on
+/* Check function for "set-bandwidth-limit" action. It returns 1 on
* success. Otherwise, it returns 0 and <err> is filled.
*/
int check_bwlim_action(struct act_rule *rule, struct proxy *px, char **err)
goto end;
}
- /* appply the change on the duplicate */
+ /* apply the change on the duplicate */
if (cert_ext->load(filename, payload, data, &err) != 0) {
memprintf(&err, "%sCan't load the payload for '%s'", err ? err : "", cert_ext->ext);
errcode |= ERR_ALERT | ERR_FATAL;
return 1;
}
-/* internal queue pop helper, returns 1 if it successfuly popped an item
+/* internal queue pop helper, returns 1 if it successfully popped an item
* from the queue and pushed it on lua stack.
*
* Else it returns 0 (nothing is pushed on the stack)
* call never returns, and instead Lua will call the continuation
* function after a successful resume, so the calling function will
* no longer be us, but Lua instead. And when the continuation function
- * eventually returns (because it succesfully popped an item), Lua will
+ * eventually returns (because it successfully popped an item), Lua will
* directly give the hand back to the Lua function that called us.
*
* More info here: https://www.lua.org/manual/5.4/manual.html#4.7
if ((s->scb->flags & SC_FL_SHUT_DONE) && co_data(req)) {
/* request errors are most likely due to the server aborting the
* transfer.Bit handle server aborts only if there is no
- * response. Otherwise, let a change to foward the response
+ * response. Otherwise, let a change to forward the response
* first.
*/
if (htx_is_empty(htxbuf(&s->res.buf)))
/* waiting for the last bits to leave the buffer */
if (s->scb->flags & SC_FL_SHUT_DONE) {
/* Handle server aborts only if there is no response. Otherwise,
- * let a change to foward the response first.
+ * let a change to forward the response first.
*/
if (htx_is_empty(htxbuf(&s->res.buf)))
goto return_srv_abort;
}
/* Returns a string block containing all headers including the
- * empty line which separes headers from the body. This is useful
+ * empty line which separates headers from the body. This is useful
* for some headers analysis.
*/
static int smp_fetch_hdrs(const struct arg *args, struct sample *smp, const char *kw, void *private)
*
* 1: the expansion must be performed in place, there is enough space after
* the block's payload to handle it. This is especially true if it is a
- * compression and not an expension.
+ * compression and not an expansion.
*
* 2: the block's payload must be moved at the new block address before doing
* the expansion.
}
/* This function is responsible for building the active and backup trees for
- * constistent hashing. The servers receive an array of initialized nodes
+ * consistent hashing. The servers receive an array of initialized nodes
* with their assigned keys. It also sets p->lbprm.wdiv to the eweight to
* uweight ratio.
* Return 0 in case of success, -1 in case of allocation failure.
/*
* This map is used with all the FD_* macros to check whether a particular bit
- * is set or not. Each bit represents an ACSII code. ha_bit_set() sets those
+ * is set or not. Each bit represents an ASCII code. ha_bit_set() sets those
* bytes which should be escaped. When ha_bit_test() returns non-zero, it means
* that the byte should be escaped. Be careful to always pass bytes from 0 to
* 255 exclusively to the macros.
{
struct proxy *p = srv->proxy;
- /* queue the server in the proxy lb array to make it easily searcheable by
+ /* queue the server in the proxy lb array to make it easily searchable by
* log-balance algorithms. Here we use the srv array as a general server
* pool of in-use servers, lookup is done using a relative positional id
* (array is contiguous)
if (err_code & ERR_CODE)
return err_code;
- /* First time encoutering this log backend, perform some init
+ /* First time encountering this log backend, perform some init
*/
be->lbprm.set_server_status_up = log_backend_srv_up;
be->lbprm.set_server_status_down = log_backend_srv_down;
* Returns err_code which defaults to ERR_NONE and can be set to a combination
* of ERR_WARN, ERR_ALERT, ERR_FATAL and ERR_ABORT in case of errors.
* <msg> could be set at any time (it will usually be set on error, but
- * could also be set when no error occured to report a diag warning), thus is
+ * could also be set when no error occurred to report a diag warning), thus is
* up to the caller to check it and to free it.
*/
int resolve_logger(struct logger *logger, char **msg)
h1_release_buf(h1c, &h1c->ibuf);
if (sdo->iobuf.flags & IOBUF_FL_NO_FF) {
- /* Fast forwading is not supported by the consumer */
+ /* Fast forwarding is not supported by the consumer */
h1c->flags = (h1c->flags & ~H1C_F_WANT_FASTFWD) | H1C_F_CANT_FASTFWD;
TRACE_DEVEL("Fast-forwarding not supported by opposite endpoint, disable it", H1_EV_STRM_RECV, h1c->conn, h1s);
goto end;
/* Be sure only the case differs between <from> and <to> */
if (strcasecmp(from, to) != 0) {
- memprintf(err, "<from> and <to> must not differ execpt the case");
+ memprintf(err, "<from> and <to> must not differ except the case");
return -1;
}
* For active reversal, only minor steps are required. The connection should
* then be accepted by its listener before being able to use it for transfers.
*
- * For passive reversal, connection is inserted in its targetted server idle
+ * For passive reversal, connection is inserted in its targeted server idle
* pool. It can thus be reused immediately for future transfers on this server.
*
* Returns 1 on success else 0.
goto fail;
}
- /* detect when we must stop aggragating frames */
+ /* detect when we must stop aggregating frames */
h2c->dff |= hdr.ff & H2_F_HEADERS_END_HEADERS;
/* Take as much as we can of the CONTINUATION frame's payload */
/* Move the frame's payload over the padding, hole and frame
* header. At least one of hole or dpl is null (see diagrams
- * above). The hole moves after the new aggragated frame.
+ * above). The hole moves after the new aggregated frame.
*/
b_move(&h2c->dbuf, b_peek_ofs(&h2c->dbuf, h2c->dfl + hole + 9), clen, -(h2c->dpl + hole + 9));
h2c->dfl += hdr.len - h2c->dpl;
try = se_nego_ff(sdo, &BUF_NULL, count, conn->xprt->rcv_pipe && !!(flags & CO_RFL_MAY_SPLICE) && !(sdo->iobuf.flags & IOBUF_FL_NO_SPLICING));
if (sdo->iobuf.flags & IOBUF_FL_NO_FF) {
- /* Fast forwading is not supported by the consumer */
+ /* Fast forwarding is not supported by the consumer */
se_fl_clr(ctx->sd, SE_FL_MAY_FASTFWD);
TRACE_DEVEL("Fast-forwarding not supported by opposite endpoint, disable it", PT_EV_RX_DATA, conn, sc);
goto end;
return 0;
/* Connection considered dead if either :
- * - remote error detected at tranport level
+ * - remote error detected at transport level
* - error detected locally
* - MUX timeout expired
*/
* - peer->stop_local_table is the last evaluated table. It is unset when the
* teaching process starts. But we use it as a
* restart point when the loop is interrupted. It is
- * especially useful whe the number of tables exceeds
+ * especially useful when the number of tables exceeds
* peers_max_updates_at_once value.
*
* When a teaching lopp is started, the peer's last_local_table is saved in a
/* Frees an object to the local cache, possibly pushing oldest objects to the
* shared cache, which itself may decide to release some of them to the OS.
* While it is unspecified what the object becomes past this point, it is
- * guaranteed to be released from the users' perpective. A caller address may
+ * guaranteed to be released from the users' perspective. A caller address may
* be passed and stored into the area when DEBUG_POOL_TRACING is set. Must not
* be used with pools disabled.
*/
/* replace the caller with the allocated bin: this way
* we'll the pool_free() call will be able to update our
* entry. We only do it for non-colliding entries though,
- * since thse ones store the true caller location.
+ * since these ones store the true caller location.
*/
if (bin >= &memprof_stats[0] && bin < &memprof_stats[MEMPROF_HASH_BUCKETS])
POOL_DEBUG_TRACE_CALLER(pool, (struct pool_cache_item *)p, bin);
BUG_ON(l->rx.reverse_connect.pend_conn);
}
else {
- /* Spurrious receiver task woken up despite pend_conn not ready/on error. */
+ /* Spurious receiver task woken up despite pend_conn not ready/on error. */
BUG_ON(!(conn->flags & CO_FL_ACT_REVERSING));
/* A connection is ready to be accepted. */
/* Set maxconn which is defined via the special kw nbconn for reverse
* connect. Use a default value of 1 if not set. This guarantees that
- * listener will be automatically reenable each time it fell back below
+ * listener will be automatically re-enable each time it fell back below
* it due to a connection error.
*/
listener->bind_conf->maxconn = listener->bind_conf->reverse_nbconn;
if (!conn) {
/* Reverse connect listener must have an explicit maxconn set
- * to ensure it is reenabled on connection error.
+ * to ensure it is re-enabled on connection error.
*/
BUG_ON(!l->bind_conf->maxconn);
* if succeeded, NULL if not. This function is also responsible of
* copying enough and the least possible information from <qc> original
* connection to the newly allocated connection so that to keep it
- * functionnal until its idle timer expires.
+ * functional until its idle timer expires.
*/
static struct quic_cc_conn *qc_new_cc_conn(struct quic_conn *qc)
{
quic_pktns_release(qc, &qc->ipktns);
qc_enc_level_free(qc, &qc->hel);
quic_pktns_release(qc, &qc->hpktns);
- /* Also release the negotiated Inital TLS context. */
+ /* Also release the negotiated Initial TLS context. */
quic_nictx_free(qc);
}
* <dcid> is the destination connection ID, <scid> is the source connection ID.
* This latter <scid> CID as the same value on the wire as the one for <conn_id>
* which is the first CID of this connection but a different internal representation used to build
- * NEW_CONNECTION_ID frames. This is the responsability of the caller to insert
+ * NEW_CONNECTION_ID frames. This is the responsibility of the caller to insert
* <conn_id> in the CIDs tree for this connection (qc->cids).
* <token> is the token found to be used for this connection with <token_len> as
* length. Endpoints addresses are specified via <local_addr> and <peer_addr>.
/* Decrement global counters when quic_conn is deallocated.
* quic_cc_conn instances are not accounted as they run for a short
- * time with limited ressources.
+ * time with limited resources.
*/
_HA_ATOMIC_DEC(&actconn);
_HA_ATOMIC_DEC(&global.sslconns);
#endif
#include <haproxy/openssl-compat.h>
-/* Highly inspired from nginx QUIC TLS compatibilty code */
+/* Highly inspired from nginx QUIC TLS compatibility code */
#include <openssl/kdf.h>
#include <haproxy/quic_conn.h>
#include <haproxy/tools.h>
#include <haproxy/trace.h>
-/* Log only first EACCES bind() error runtime occurence. */
+/* Log only first EACCES bind() error runtime occurrence. */
static volatile char quic_bind_eacces_warn = 0;
/* Retrieve a connection's source address. Returns -1 on failure. */
/* QUIC TLS methods */
#if defined(OPENSSL_IS_AWSLC)
-/* write/read set secret splitted */
+/* write/read set secret split */
static SSL_QUIC_METHOD ha_quic_method = {
.set_read_secret = ha_quic_set_read_secret,
.set_write_secret = ha_quic_set_write_secret,
{ .mask = QUIC_EV_STATELESS_RST, .name = "stateless_reset", .desc = "stateless reset sent"},
{ .mask = QUIC_EV_TRANSP_PARAMS, .name = "transport_params", .desc = "transport parameters"},
{ .mask = QUIC_EV_CONN_IDLE_TIMER, .name = "idle_timer", .desc = "idle timer task"},
- { .mask = QUIC_EV_CONN_SUB, .name = "xprt_sub", .desc = "RX/TX subcription or unsubscription to QUIC xprt"},
+ { .mask = QUIC_EV_CONN_SUB, .name = "xprt_sub", .desc = "RX/TX subscription or unsubscription to QUIC xprt"},
{ .mask = QUIC_EV_CONN_RCV, .name = "conn_recv", .desc = "RX on connection" },
{ .mask = QUIC_EV_CONN_SET_AFFINITY, .name = "conn_set_affinity", .desc = "set connection thread affinity" },
{ /* end */ }
/* For the moment sending function is responsible to purge the buffer
* entirely. It may change in the future but this requires to be able
* to reuse old data.
- * For the momemt we do not care to leave data in the buffer for
+ * For the moment we do not care to leave data in the buffer for
* a connection which is supposed to be killed asap.
*/
BUG_ON_HOT(buf && b_data(buf));
/* initial max = bufsize - 1 (initial RC) - 1 (payload RC) */
max = b_size(&ring->buf) - 1 - 1;
- /* substract payload VI (varint-encoded size) */
+ /* subtract payload VI (varint-encoded size) */
max -= varint_bytes(max);
return max;
}
kwl = LIST_NEXT(&sample_fetches.list, struct sample_fetch_kw_list *, list);
(*idx) = 0;
} else {
- /* Get kwl corresponding to the curret entry. */
+ /* Get kwl corresponding to the current entry. */
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_fetch_kw_list, kw);
}
kwl = LIST_NEXT(&sample_convs.list, struct sample_conv_kw_list *, list);
(*idx) = 0;
} else {
- /* Get kwl corresponding to the curret entry. */
+ /* Get kwl corresponding to the current entry. */
base = current + 1 - (*idx);
kwl = container_of(base, struct sample_conv_kw_list, kw);
}
}
/* special converter function used by pseudo types in the compatibility matrix
- * to inform that the conversion is theorically allowed at parsing time.
+ * to inform that the conversion is theoretically allowed at parsing time.
*
* However, being a pseudo type, it may not be emitted by fetches or converters
* so this function should never be called. If this is the case, then it means
* strftime(3) does not implement nanoseconds, but we still want them in our
* date format.
*
- * This function implements %N like in date(1) which gives you the nanoseconds part of the timetamp
+ * This function implements %N like in date(1) which gives you the nanoseconds part of the timestamp
* An optional field width can be specified, a maximum width of 9 is supported (ex: %3N %6N %9N)
*
* <format> is the format string
if (chunk_istcat(tmp_format, ist2(p, cpy)) == 0) /* copy before the %N */
goto error;
- if (chunk_istcat(tmp_format, ist2(ns_str, width)) == 0) /* copy the %N result with the right precison */
+ if (chunk_istcat(tmp_format, ist2(ns_str, width)) == 0) /* copy the %N result with the right precision */
goto error;
p += skip + cpy; /* skip the %N */
args[0].type = ARGT_SINT;
args[0].data.sint = meth;
} else {
- /* Check method avalaibility. A method is a token defined as :
+ /* Check method availability. A method is a token defined as :
* tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
* "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
* token = 1*tchar
cli_conn->proxy_netns = l->rx.settings->netns;
/* Active reversed connection has already been initialized before being
- * accepted. It must not be resetted.
+ * accepted. It must not be reset.
* TODO use a dedicated accept_fd callback for reverse protocol
*/
if (!cli_conn->xprt) {
ha_sigmask(SIG_SETMASK, &old_sig, NULL);
}
-/* perform minimal intializations */
+/* perform minimal initializations */
static void signal_init()
{
int sig;
}
/*
- * Task to handle connctions to forward servers
+ * Task to handle connections to forward servers
*/
static struct task *process_sink_forward(struct task * task, void *context, unsigned int state)
{
return task;
}
/*
- * Init task to manage connctions to forward servers
+ * Init task to manage connections to forward servers
*
* returns 0 in case of error.
*/
* Returns err_code which defaults to ERR_NONE and can be set to a combination
* of ERR_WARN, ERR_ALERT, ERR_FATAL and ERR_ABORT in case of errors.
* <msg> could be set at any time (it will usually be set on error, but
- * could also be set when no error occured to report a diag warning), thus is
+ * could also be set when no error occurred to report a diag warning), thus is
* up to the caller to check it and to free it.
*/
int sink_resolve_logger_buffer(struct logger *logger, char **msg)
data = new_ckchs->data;
- /* appply the change on the duplicate */
+ /* apply the change on the duplicate */
if (cert_ext->load(buf->area, payload, data, &err) != 0) {
memprintf(&err, "%sCan't load the payload\n", err ? err : "");
errcode |= ERR_ALERT | ERR_FATAL;
/* Now, we start the browsing of the references lists.
* Note that the following call to LIST_ELEM return bad pointer. The only
* available field of this pointer is <list>. It is used with the function
- * tlskeys_list_get_next() for retruning the first available entry
+ * tlskeys_list_get_next() for returning the first available entry
*/
if (ctx->next_ref == NULL)
ctx->next_ref = tlskeys_list_get_next(&tlskeys_reference, &tlskeys_reference);
*/
static inline int sc_cond_forward_shut(struct stconn *sc)
{
- /* Foward the shutdown if an write error occurred on the input channel */
+ /* Forward the shutdown if an write error occurred on the input channel */
if (sc_ic(sc)->flags & CF_WRITE_TIMEOUT)
return 1;
}
}
-/* perform minimal intializations */
+/* perform minimal initializations */
static void init_task()
{
int i, q;
if ((rule->arg.attach_srv.name && (!srv->use_ssl || !srv->sni_expr)) ||
(!rule->arg.attach_srv.name && srv->use_ssl && srv->sni_expr)) {
- memprintf(err, "attach-srv rule: connection will never be used; either specify name argument in conjonction with defined SSL SNI on targetted server or none of these");
+ memprintf(err, "attach-srv rule: connection will never be used; either specify name argument in conjunction with defined SSL SNI on targeted server or none of these");
return 0;
}
/* Try to convert IPv6 address to IPv4 address thanks to the
* following mapping methods:
- * - RFC4291 IPv4-Mapped IPv6 Address (prefered method)
+ * - RFC4291 IPv4-Mapped IPv6 Address (preferred method)
* -> ::ffff:ip:v4
* - RFC4291 IPv4-Compatible IPv6 Address (deprecated, RFC3513 legacy for
* "IPv6 Addresses with Embedded IPv4 Addresses)
}
/* This functions check an argument entry and fill it with a variable
- * type. The argumen must be a string. If the variable lookup fails,
+ * type. The argument must be a string. If the variable lookup fails,
* the function returns 0 and fill <err>, otherwise it returns 1.
*/
int vars_check_arg(struct arg *arg, char **err)
projects / thirdparty / haproxy.git / commitdiff
