/[hydra]/hydra/ChangeLog
ViewVC logotype

Contents of /hydra/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.32 - (show annotations)
Sun Oct 6 09:42:50 2002 UTC (21 years, 5 months ago) by nmav
Branch: MAIN
Changes since 1.31: +1 -0 lines
The headers of HIC-CGIs are now parsed by the server.

1 ** Changes from 0.0.6 to 0.0.7
2 * Added support for large files in 32 bit systems.
3 * Added support for SSL_* variables in CGIs.
4 * Added options in configuration file, to request and verify
5 a client certificate.
6 * Corrected behavour in SIGHUP signal handling, and now can read
7 the SSL related variables.
8 * The headers of HIC-CGIs are now parsed by the server.
9
10 ** Changes from 0.0.5 to 0.0.6 - 03/10/2002
11 * Compatibility functions are now automatically included in hydra, if
12 they are not found by the configure script.
13 * Replaced the included scandir function, with the one in libc.
14 * Fixed code, which compiled fine with gcc 3.2, but didn't compile at
15 all, with any other compiler!
16 * Improved the MaxConnections directive semantics.
17 * Added a very primitive mime.types file in examples/ directory.
18
19 ** Changes from 0.0.4 to 0.0.5 - 02/10/2002
20 * If a requested CGI is not accesible then send 404 not found, instead
21 of trying to execute it.
22 * Corrected several stuff in HIC CGI handler. This allows Cookies,
23 POST data and Queries to work properly.
24
25 ** Changes from 0.0.3 to 0.0.4 - 30/09/2002
26 * Added support for If-Range, If-Match, If-None-Match HTTP/1.1 header
27 fields. The server also generates ETag headers for static content using
28 the last modified field of the file, and the file size. This makes
29 Hydra cache friendly.
30 * Added support for multiple HIC threads. This gives a boost to script generation
31 since they are no longer generated sequentially.
32
33 ** Changes from 0.0.2 to 0.0.3 - 28/09/2002
34 * Added support for dynamic modules that handle CGIs
35 internally (HIC). That way Hydra can run PHP.
36 * Fixes in CGI execution. CGIs that are not passed from aliasing
37 functions now properly set PATH_INFO and PATH_TRANSLATED.
38 (Needs further cleanup).
39 * Cleaned up SSL support. Now hydra can be compiled even if gnutls
40 is not available.
41
42 ** Changes from Boa/0.94.13 to Hydra/0.0.2 - 26/09/2002
43 * Added support for SSL 3.0 and TLS 1.0 protocols.
44 * Added support for multiple CPU's by making the server
45 run over a pool of threads.
46 * Changed the file caching code. The mmap() calls are cached until
47 the mmap list table is full.
48 * Added support for HTTP/1.1 ranges.
49 * Added support for hostname based virtual hosting.
50 Also changed the semantics of Alias, ScriptAlias and Redirect, to
51 take advantage of the host based virtual hosting.
52 * Added support for the TCP_CORK tcp option in linux.
53 * Cleaned up the CGI handling (gunzip, indexer are treated as CGIs)
54 * Enhanced grammar to handle 3 and 4 argument options.
55 * Added support for multiple directory indexes.
56 * Dropped support for gunzip.
57 * Use automake to create the distribution.
58
59 ** Changes from 0.94.12 to 0.94.13
60 * Change many instances of log_error_mesg + exit to DIE macro
61 * Change all instance of log_error_mesg (without exit) to WARN macro
62 * do a much better job of checking return values from malloc and
63 especially strdup.
64 * check results of calling umask and getrlimit
65 * server_s is no longer a global int
66 * check results of fork via switch instead of if (fork())
67 * check for getopt.h and include it if found
68 * remove unused #defines, and add WARN macro, and replace
69 many calls to log_error_mesg(..) with WARN macro
70 * fix bug in get_commonlog_time where time_offset calculation was
71 the opposite of what it should be ('-' and '+' were swapped)
72 * fix compatability bug with old and newer versions of flex/yacc
73 * add check for AC_FUNC_MMAP to configure.in
74 * fix really lame thinko in normalize_path, which would prepend the
75 results of earlier calls to results from later calls
76 * Add MaxConnections, a configuration directive which allows the
77 user to specify the maximum number of connections that Boa will
78 accept concurrently.
79 * add SERVER_ADDR and REQUEST_URI to environment of CGI
80 * handle SIGBUS during writes of data that has been memory mapped
81 * minor optimization in select.c that prevents DEAD requests from
82 being added to the block set
83 * fix bug in CGI environment script_name - closes sf.net bug #576725
84 * make 'status' variable local to requests.c, not local to every file
85 by forgetting to declare 'extern' in globals.h :-|
86 * make getsockname non-fatal, and do it every time because we may
87 need it for the CGI
88 * some minor refactoring optimizations in hash.c
89
90 ** Changes from 0.94.11 to 0.94.12
91 * Renamed Changelog ChangeLog, and moved up to top-level directory
92 * Next 3 items due in part or whole thanks to
93 Liam Widdowson
94 * when printf'ing a pid type, force to int, because it could be
95 something else on other platforms. Should probably change it to
96 a long, and use that.
97 * backported chroot commandline support from 0.95
98 * backported support for strdup, strstr, alphasort, and scandir
99 from 0.95
100 * Fixed src/Makefile.in -- it didn't remove index_dir.o
101 * backport create_temporary_file from 0.95
102 (instead of using tmpnam)
103 * Allow non-standard date format 31 September 2000 23:59:59 GMT
104 Patch by Landon Curt Noll
105 * Skip whitespace before HTTP/major.minor
106 Adapted patch from Landon Curt Noll
107 * open /dev/null first thing (affects chrooting)
108 * properly handle sigalrm -- use sigalrm_flag and sigalrm_run
109 instead of handling the signal in the signal handler
110 * update manpage slightly
111 * send 400 BAD Request when resource does not start with '/'
112 * add grp.h to boa.h's includes -- remove from boa.c and config.c
113 * removed duplicate header includes from boa.c, config.c, get.c,
114 ip.c, request.c, response.c
115 * factor out creating the server socket and dropping privs
116 into create_server_socket and drop_privs
117 * type all functions in boa.c (except main) as static
118 * set umask after opening /dev/null
119 * tie stdin/stdout to /dev/null before commandline parse
120 * removed old, unused chroot code
121 * move builds_needs_escape earlier in the startup
122 * move fork later in the startup
123 * type all c_set_* as static in config.c
124 * don't bother trying to change uid/gid (or error if the
125 requested uid/gid doesn't exist) if not UID 0
126 * return more appropriate error code when foo.html gives
127 access denied, but foo.html.gz gives some other error
128 (essentially report error associated with foo.html, not foo.html.gz)
129 * send NOT Implemented when an unknown method is attempted
130 * always attempt a 32k read right before close
131 (stopgap until blackhole can be merged)
132 * allow more than 1 space in logline between method, resource,
133 and http version
134 * don't use inline functions
135 * update configure.in so that autoconf 2.50 doesn't complain (as much)
136 * properly use VPATH and srcdir according to autoconf docs
137 * change curly-braces to parentheses in Makefilein
138 * use $^ instead of manually listing the dependencies in Makefile.in
139 * remove tests section in Makefile.in
140 * write tags not TAGS in Makefile.in
141 * Add gethostbyname and inet_aton to function checks
142 * Add code from 0.95 which checks for socket in -lsocket,
143 inet_aton in -lresolv, and gethost{by}name in -lnsl
144 * Also remove broken bc-based "how big is an unsigned int" checks:
145 assume minimum of 32 bits and check in escape.c at runtime.
146 * Added new file: README.chroot.solaris, based on a
147 modified version by Liam Widdowson
148 * Add check_struct_for.m4, which allows us to check a structure
149 for a member (found at http://www.gnu.org/software/ac-archive/
150 authored by Wes Hardaker
151 * Call "aclocal -I ." to rebuild aclocal.m4
152 * Using new check-struct-for-member autoconf macro, check
153 for tm_gmtoff and tm_zone in struct tm -- useful in
154 portability tests for localtime.
155 * Also check sockaddr_in for structure sin_len so we can set
156 it properly.
157 * index_dir.c (which ends up in boa_indexer) can now be compiled
158 with USE_LOCALTIME, and if so, it will report the local time
159 using the timezone name. Otherwise it uses UTC time and UTC
160 timezone designation.
161 * fix buglet in mmap_cache.c which shows up when under
162 heavy load by many different files.
163 Found and squashed by Michal Kara
164 * normalize paths on Aliases, log files, server root, dirmaker
165 This makes sure that paths are 'absolute'
166 * don't generate DOCUMENT_ROOT or SERVER_ROOT,
167 CGIs have no business knowing that information
168 * if CGI, chdir to the cgi's root path
169 Bug found by Matt Callaway
170 * remove ChrootPath and PidFile directives from the parser
171 (they aren't used anyway)
172 * keep track of maximum file descriptor in use to optimize call
173 to select()
174 * apply IPv6 patch from Jari Korva
175 * optimize keep-alive copy data routine
176 * try to use memcpy instead of strcpy/strcat in more places (alias.c)
177 * update .depend file
178 * use fcntl + GET_FL to get a file descriptor's flags, then
179 add or remove only the bits we want to set. This prevents
180 accidentally setting or unsettings bits we don't have anything
181 to do with inadvertantly. (removed, at least temporarily.
182 Show me a system where it is needed -- LRD)
183 * make sure to call FD_ZERO when we handle a restart
184 * in read.c, don't call boa_perror on read failure -- socket is
185 dead or messed up anyway, no reason to try to write to it.
186 * explicit .SUFFIXES in Makefile.in
187 * boa.objdump target added
188 * use @MAKE_SET@ (for when $(MAKE) != "make")
189 * add -Wundef -Wwrite-strings -Wredundant-decls -Winline to GCC_FLAGS
190 * change Paul Phillips' and Larry Doolittle's emails in source
191 * add --disable-debug, --enable-profile, --with-dmalloc, and --with-efence
192 * test for failed-but-return-was-successful setuid:
193 http://www.securityfocus.com/bid/1322
194 * use _exit not exit in CGI child
195 * always place new keepalive request on blocked list, we can't be
196 sure of the state of the active list, and since enqueue places
197 things at the *front* of the list, it doesn't do us much good
198 to place the new request on the active list anyway.
199 * update some Copyright statements for 2002
200 * When comparing the uri to an alias, only compare if
201 the uri length is greater than or equal to the length of the alias
202 * in init_script_alias, make sure to check for document_root before
203 trying to use it
204 * script_name is now just a copy of the request, rather
205 than some complicated variation on the pathname
206 * change the way the CGI environment is handled.
207 Now, it is allocated at request allocation time, and exists
208 throughout the life of the structure.
209 * check memory allocations, etc.. when creating the static
210 CGI environment and when making new CGI environment variables
211 * wait until process_option_end to call unescape_uri, clean_pathname,
212 and translate_uri
213 * remove debian package information
214 * move RedHat packaging information to contrib
215 * remove tests -- they weren't usable anyway
216 * add some new hash routines, and use djb2 (a variant on a
217 hash algorithm popularized by Dan J. Bernstein)
218 * a side-effect of the new hash routines is a bugfix,
219 involving negative return values from hash routines.
220 This has been fixed.
221 * add a routine, show_hash_stats, which is called with other
222 statistical output via sigalarm
223 * remove some duplicate prototypes from config.c
224 * make simple_itoa take an unsigned int
225 * try to make NOBLOCK handling in compat.h compatible with Solaris
226 * make sure to update current_time before calling signal handlers
227 * alter primary loop to make sure that select gets called even
228 when there are requests that are not blocking, and call fdset_update
229 and process_requests (when appropriate) after signal handlers but
230 before select to make sure that blocked requests are still handled
231 by select after a sighup. (Thanks to Karl Olsen)
232 * pull select loop into select.c
233 * poll server socket once per active connection
234 * add send_r_service_unavailable and use it when appropriate
235 * state uptime in seconds at normal program termination
236 * include sys/fcntl.h if it is found by configure
237 * fix POST bug where a content-length < 0 would cause Boa to
238 consume its full share of CPU until killed
239 Bug report by Landon Curt Noll
240 * add CGIPath configuration variable
241 based upon a patch by Landon Curt Noll
242 * add function boa_atoi, which wraps atoi, but does not
243 accept negative values. Additionally, it checks to make sure
244 the converted value and the original value are the same, avoiding
245 issues like "124.3" -> "123" and "123abc" -=> "123".
246 Either a value is an int or it isn't - no middle ground.
247 * use boa_atoi to convert content-length from client.
248 * add new #define - SINGLE_POST_LIMIT_DEFAULT, which defines
249 (in bytes) the *default* single_post_limit.
250 * single_post_limit is now in bytes.
251 * when adding aliases, only "normalize" paths that start
252 with "./" - this is a departure from previous behavior
253 * add "?" to the list of characters that it is safe to leave unescaped
254 * clean up Makefile.in of no-longer-pertinent comments
255 * add send_r_bad_gateway and use it
256 * tie stderr to either cgi_log_fd or devnullfd - either way
257 make sure stderr is a valid filehandle before cgi execution
258 * cgi_env is no longer allocated, it's part of the struct now
259 * fix bug in CgiPath logic
260 * when unable to allocate memory for an environment variable, log it
261 * add clear_common_env, which de-allocates the cgi_common_env stuff
262 [NEVER USE THIS outside of a terminal signal handler!]
263 * don't be so wasteful of memory in normalize_path
264 * adapted fix for alias expansion from Brieuc Jeunhomme
265
266 ** Changes from 0.94.10.1 to 0.94.11
267 * use LIBS in Makefile.in (which propagates from autoconf)
268 * properly free memory allocated by scandir in index_dir.c
269 * rearrange some header files and includes
270 * on reads and writes, don't check for -1, check for < 0
271 * include fix by William Meadows
272 for escape.c which fixes segfaults due to improper allocation
273 * above fix by William Meadows no longer needed;
274 escape.c and escape.h rewritten by Larry Doolittle -- requires
275 at least 32 bit words, but is correct (jdn's 1st attempt was faulty)
276
277 ** Changes from 0.94.10 to 0.94.10.1
278 * Actually update the SERVER_VERSION in src/defines.h
279
280 ** Changes from 0.94.9 to 0.94.10
281 * Fixes escaping rules
282 * Fixes segfault when directory_index is undefined and
283 directory needs to be generated
284 * adds dummy signal handlers for SIGUSR1 and SIGUSR2 (Closes SF #425921)
285 * Update documentation regarding mime.types (Closes Debian #69991)
286 * Make sure documentation builds (Closes Debian #110818)
287
288 ** Changes from 0.94.8.3 to 0.94.9
289 * src/Makefile.in updated to take CFLAGS, LIBS, and LDFLAGS
290 from autoconf
291 * Update escaping rules with latest RFC
292 * unescape_uri skips fragments and also stop parsing at '?'
293 * Don't accept fd over FD_SETSIZE in request.c:get_request
294 * use backported documentation from 0.95
295 * make sure POST fd gets closed even on client cancel
296 * use backported index_dir.c from 0.95
297 * support subdirectories in ScriptAlias directories
298 * add SinglePostLimit (int, in Kilobytes) to config system
299 * check for ENOSPC on body write
300 * use environment variable TMP (or "/tmp" if not available),
301 and chdir there when boa exits.
302 * add 1-time-only hack to make a 32kB read at the end of a request
303 on POST or PUT
304 * close unused file descriptors (/dev/null in boa.c, and the
305 unused part of the pipes call in cgi.c)
306 * made Makefile.in VPATH happy
307
308 ** Changes from 0.94.8.2 to 0.94.8.3
309 * Move unescape_uri *before* clean_pathname to prevent
310 encoding of / and .. in pathname
311 * wrap execution of GUNZIP in cgi.c with #ifdef GUNZIP
312 * stop parsing when fragment found in URL ('#')
313
314 ** Changes from 0.94.8.1 to 0.94.8.2
315 * close pipes[1] in child and generate HTTP_REFERER environment
316 variable in cgi.c
317 * Minor changes to the Debian package
318
319 ** Changes from 0.94.8 to 0.94.8.1
320 * Change umask call from (umask(0600)) to (umask(~0600))
321
322 ** Changes from 0.94.7 to 0.94.8
323 * Fix major thinko in temp file permissions
324 * unlink temporary file immediately following creation
325 * implement maximum # of active connections at 10 less than RLIMIT_NOFILE
326 to avoid or eliminate crashes resulting from running out of
327 file descriptors
328 * Fix thinko in POST
329
330 ** Changes from 0.94.6 to 0.94.7
331 * STDIN and STDOUT are now tied to /dev/null
332 * sets PATH_MAX to 2048 if not defined (for Hurd)
333 * core dumps (should never happen) would be located in /tmp
334 * alter behavior when select gets a EBADF
335 * add translation for the \" char -> &quot;
336 * remove use of sys_errlist. Use perror.
337 * better makedist.sh (still a stupid program though)
338
339 ** Changes from 0.94.5 to 0.94.6
340 * Removed doc++ commenting
341 * Removed erroneous debugging statments
342 * Move some stuff out of config.c (read_config_file) to boa.c
343 * Altered some of fixup_server_root()
344 * Bug fix in get.c re: automatic gunzip
345 * Added some stubs for chroot code (*not* ready yet)
346
347 ** Changes from 0.94.4 to 0.94.5
348 * Alteration of most of the comments and such for doc++ use
349 * Fixed buffer overflow in alias.c
350 * Fixed buffer underflow in util.c
351
352 ** Changes from 0.94.3 to 0.94.4
353 * Better escaping of data to user, both for HTTP headers and HTML body
354 * Proper escaping of output in CGI example perl scripts
355
356 ** Changes from 0.94.0 to 0.94.2
357 * Fixed obnoxious pipeline bug
358 * Fixed (sorta) a compilation/core bug for *BSD systems
359 Original code by Thomas Neumann
360 * Moved to GPLv2
361 * Changed manpage to section 8
362 * boa.sgml now references a .png file instead of evil .gif
363
364 ** Changes from 0.93.19.2 to 0.94.0
365 * Added UseGMT to the configuration parser
366 * util.c commonlog now logs in Apache-style commonlog time format
367 * Remove SO_SNDBUF on-start message
368
369 ** Changes from 0.93.19 to 0.93.19.2
370 * Changed to combined log (from NCSA access_log format) ala Drew Streib
371 * Altered POST cgi code to handle bug in Netscape
372 * SO_SNDBUF changes by Larry
373
374 ** Changes from 0.93.17.2 to 0.93.19 (all 0.93.18.x changes inclusive)
375 * Update of some copyright statements for 99
376 * Replacement of sprintf with strlen/memcpy or strcpy/strcat
377 wherever possible
378 * Significant rearrangement in alias.c, minor functional differences
379 (some CGI environment variables handled differently)
380 * Removal of die function. Replace with log_err_mesg and exit.
381 * initial IPv6 stubs and support
382 * Move #include "config.h" to top of boa.h where it will do some good
383 * Stubs and functions for strstr and strdup
384 * Seperation of buffer code into it's own file
385 * Significant changes to cgi.c et al (cgi_header.c, etc...)
386 * Speed patches by removal of "extra" calls to time(): Use global variable!
387 * pipelining changes... it works now.
388 * require content-length from clients (ala rfc1945)
389 * alter body_read and body_write to work more efficiently with known content-length
390 * move read(2) part to *after* parsing...
391 * added support for additional header message in send_redirect_temp
392 * change use of NO_ZERO_FILL_LENGTH to offsetof() use
393 * Remove SO_REUSEADDR setting on each client socket, Paul Saab
394 * Avoid SO_SNDBUF setting if possible
395 * Large quantities of otherwise not-insignificant changes
396
397 ** Changes from 0.93.17.2 to 0.93.17.3
398 * Put on-the-fly directories back in, stripped down from the 0.92 version
399 * Fixed DocumentRoot, ServerAdmin and ServerName null-value handling in
400 CGI environment generation
401 * Fixed argument order in Script* directives (bug introduced in 0.93.17.2)
402 * Got rid of MAX_CGI_VARS because it was not being used consistently, or
403 for that matter, at all, really.
404 * Added some more FASCIST_LOGGING to cgi.c
405 * Minor mmap patch by LRD for request.c
406
407 ** Changes from 0.93.17.1 to 0.93.17.2
408 * Added "Listen" directive for server bind address, as most recently
409 suggested by David N. Welton
410 * Put virtualhost feature in, was experimental in 0.92q
411
412 ** Changes from 0.93.16.2 to 0.93.17.1
413 * New config file parser (supposed to be more maintainable) (LRD)
414 * Support for "|command" and ":host:port" syntax for logfiles (untested) (LRD)
415
416 ** Changes for the 0.93 version **
417 * Huge quantities of changes
418 * keepalive Bugfix in 0.93.16.2 by Jon Nelson
419 report by Craig Silverstein of Google fame.
420 * patch for config.h by Craig Silverstein
421 * fixed "Parent Directory" problem in boa_indexer for title "/"
422 (Debian bug #36165)
423 * More Craig Silverstein
424 modifications, namely:
425 ErrorLog (if omitted, print to stderr)
426 DocumentRoot (if omitted, can only server user-dir files)
427 DirectoryIndex (if omitted, always use DirectoryMaker)
428 MimeTypes (if omitted, don't load -- users can use AddType instead)
429
430
431 ** Changes from v0.92o to v0.92p **
432
433 * Documented misbehavior of CGI, SIGHUP, short aliases, stale dircache.
434 * Documented how to patch signals.c for use on SunOS.
435 * Closed file descriptor leak when redirecting a bare directory URL to
436 one with an appended "/".
437 * Closed potential file descriptor leak if errors encountered generating
438 on-the-fly index.
439 * Cleaned up include file handling to be simultaneously compatible with
440 Linux, SunOS, HP-UX, and AIX.
441 * Supress message body for codes 302, 400, 403, 404, 500, and 501 if
442 incoming request is "HEAD".
443
444 ** Changes from v0.91 to v0.92o **
445 (0.92o released 27 December, 1996)
446
447 * Maintenance handover from Paul Phillips to Larry Doolittle
448 * Changed (char)NULL to '\0'
449 * Cleaned up signal handler prototypes in signals.c
450 * Modified handling of CGI environment variable PATH_TRANSLATED,
451 should now work the same as NCSA.
452 * More conservative buffer size in add_cgi_env()
453 * Build argv list for a CGI script according to spec
454 * Speedup process_header_line, eliminate potential memory leak
455 * Occasional spelling fixes and lint removal
456 * Added REMOTE_PORT env var for CGI scripts, to allow easy ident lookups
457 * Changed rfc822 time format
458 * Log timeouts and broken connections
459 * Fix mime suffix handling for filenames with multiple "."s
460 * Initialize conn->time_last, fixes bug with rapid-fire connections
461 * Performance tweak to req_write()
462 * Changed http_version from float to char[8]
463 * Rewrote on-the-fly directory generation; it works now
464 * Added user configurable dircache directory in boa.conf
465 * Fixed "simple" response bugs, including incorrect CGI handling
466 * Keepalive (HTTP/1.1 draft) support, mostly by Jon Nelson
467 * Close data_fd in 304 Not Modified flow of control
468 * Switch socket flags to non-blocking before cgi handoff
469 * Try to handle errno properly in the face of multiple errors
470 * Close fd's of all other transactions before cgi handoff
471 * Move real work for sighup and sigchld out of signal handler
472 * Fix free(req->cgi_env) in request.c
473 * Response message cleanup - better match to HTML-2.0 DTD
474 * Experimental Virtual Host code from Russ Nelson
475 * Expand buffer for escaped URI in init_get()
476 * SIGTERM triggers lame duck mode until all pending transactions complete
477 * Close and unlink temp file for POST in parent process
478
479 ** Changes from v0.90 to v0.91 **
480
481 * Cleaned up main while loop
482 * Optimized request line parsing
483 * Added state machine for header reads -- necessary to deal wtih
484 possibility of obtaining header data in multiple reads. This
485 also allows interactive use of server.
486 * Added 500/501 return codes for various conditions
487
488 ** v0.90 **
489
490 * Initial release
491

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26