/[hydra]/hydra/ChangeLog
ViewVC logotype

Contents of /hydra/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.35 - (show annotations)
Thu Oct 10 12:03:10 2002 UTC (19 years ago) by nmav
Branch: MAIN
CVS Tags: hydra_0_0_7
Changes since 1.34: +1 -1 lines
*** empty log message ***

1 ** Changes from 0.0.6 to 0.0.7 - 10/10/2002
2 * Added support for large files in 32 bit systems.
3 * Added support for SSL_* variables in CGIs.
4 * Added options in configuration file, to request and verify
5 a client certificate.
6 * The headers of HIC-CGIs are now parsed by the server.
7 * Corrected behavour in SIGHUP signal handling, to reread
8 the SSL related variables.
9 * Children and HIC threads are now killed using a signal, to avoid
10 unexpected errors, and memory leaks.
11
12 ** Changes from 0.0.5 to 0.0.6 - 03/10/2002
13 * Compatibility functions are now automatically included in hydra, if
14 they are not found by the configure script.
15 * Replaced the included scandir function, with the one in libc.
16 * Fixed code, which compiled fine with gcc 3.2, but didn't compile at
17 all, with any other compiler!
18 * Improved the MaxConnections directive semantics.
19 * Added a very primitive mime.types file in examples/ directory.
20
21 ** Changes from 0.0.4 to 0.0.5 - 02/10/2002
22 * If a requested CGI is not accesible then send 404 not found, instead
23 of trying to execute it.
24 * Corrected several stuff in HIC CGI handler. This allows Cookies,
25 POST data and Queries to work properly.
26
27 ** Changes from 0.0.3 to 0.0.4 - 30/09/2002
28 * Added support for If-Range, If-Match, If-None-Match HTTP/1.1 header
29 fields. The server also generates ETag headers for static content using
30 the last modified field of the file, and the file size. This makes
31 Hydra cache friendly.
32 * Added support for multiple HIC threads. This gives a boost to script generation
33 since they are no longer generated sequentially.
34
35 ** Changes from 0.0.2 to 0.0.3 - 28/09/2002
36 * Added support for dynamic modules that handle CGIs
37 internally (HIC). That way Hydra can run PHP.
38 * Fixes in CGI execution. CGIs that are not passed from aliasing
39 functions now properly set PATH_INFO and PATH_TRANSLATED.
40 (Needs further cleanup).
41 * Cleaned up SSL support. Now hydra can be compiled even if gnutls
42 is not available.
43
44 ** Changes from Boa/0.94.13 to Hydra/0.0.2 - 26/09/2002
45 * Added support for SSL 3.0 and TLS 1.0 protocols.
46 * Added support for multiple CPU's by making the server
47 run over a pool of threads.
48 * Changed the file caching code. The mmap() calls are cached until
49 the mmap list table is full.
50 * Added support for HTTP/1.1 ranges.
51 * Added support for hostname based virtual hosting.
52 Also changed the semantics of Alias, ScriptAlias and Redirect, to
53 take advantage of the host based virtual hosting.
54 * Added support for the TCP_CORK tcp option in linux.
55 * Cleaned up the CGI handling (gunzip, indexer are treated as CGIs)
56 * Enhanced grammar to handle 3 and 4 argument options.
57 * Added support for multiple directory indexes.
58 * Dropped support for gunzip.
59 * Use automake to create the distribution.
60
61 ** Changes from 0.94.12 to 0.94.13
62 * Change many instances of log_error_mesg + exit to DIE macro
63 * Change all instance of log_error_mesg (without exit) to WARN macro
64 * do a much better job of checking return values from malloc and
65 especially strdup.
66 * check results of calling umask and getrlimit
67 * server_s is no longer a global int
68 * check results of fork via switch instead of if (fork())
69 * check for getopt.h and include it if found
70 * remove unused #defines, and add WARN macro, and replace
71 many calls to log_error_mesg(..) with WARN macro
72 * fix bug in get_commonlog_time where time_offset calculation was
73 the opposite of what it should be ('-' and '+' were swapped)
74 * fix compatability bug with old and newer versions of flex/yacc
75 * add check for AC_FUNC_MMAP to configure.in
76 * fix really lame thinko in normalize_path, which would prepend the
77 results of earlier calls to results from later calls
78 * Add MaxConnections, a configuration directive which allows the
79 user to specify the maximum number of connections that Boa will
80 accept concurrently.
81 * add SERVER_ADDR and REQUEST_URI to environment of CGI
82 * handle SIGBUS during writes of data that has been memory mapped
83 * minor optimization in select.c that prevents DEAD requests from
84 being added to the block set
85 * fix bug in CGI environment script_name - closes sf.net bug #576725
86 * make 'status' variable local to requests.c, not local to every file
87 by forgetting to declare 'extern' in globals.h :-|
88 * make getsockname non-fatal, and do it every time because we may
89 need it for the CGI
90 * some minor refactoring optimizations in hash.c
91
92 ** Changes from 0.94.11 to 0.94.12
93 * Renamed Changelog ChangeLog, and moved up to top-level directory
94 * Next 3 items due in part or whole thanks to
95 Liam Widdowson
96 * when printf'ing a pid type, force to int, because it could be
97 something else on other platforms. Should probably change it to
98 a long, and use that.
99 * backported chroot commandline support from 0.95
100 * backported support for strdup, strstr, alphasort, and scandir
101 from 0.95
102 * Fixed src/Makefile.in -- it didn't remove index_dir.o
103 * backport create_temporary_file from 0.95
104 (instead of using tmpnam)
105 * Allow non-standard date format 31 September 2000 23:59:59 GMT
106 Patch by Landon Curt Noll
107 * Skip whitespace before HTTP/major.minor
108 Adapted patch from Landon Curt Noll
109 * open /dev/null first thing (affects chrooting)
110 * properly handle sigalrm -- use sigalrm_flag and sigalrm_run
111 instead of handling the signal in the signal handler
112 * update manpage slightly
113 * send 400 BAD Request when resource does not start with '/'
114 * add grp.h to boa.h's includes -- remove from boa.c and config.c
115 * removed duplicate header includes from boa.c, config.c, get.c,
116 ip.c, request.c, response.c
117 * factor out creating the server socket and dropping privs
118 into create_server_socket and drop_privs
119 * type all functions in boa.c (except main) as static
120 * set umask after opening /dev/null
121 * tie stdin/stdout to /dev/null before commandline parse
122 * removed old, unused chroot code
123 * move builds_needs_escape earlier in the startup
124 * move fork later in the startup
125 * type all c_set_* as static in config.c
126 * don't bother trying to change uid/gid (or error if the
127 requested uid/gid doesn't exist) if not UID 0
128 * return more appropriate error code when foo.html gives
129 access denied, but foo.html.gz gives some other error
130 (essentially report error associated with foo.html, not foo.html.gz)
131 * send NOT Implemented when an unknown method is attempted
132 * always attempt a 32k read right before close
133 (stopgap until blackhole can be merged)
134 * allow more than 1 space in logline between method, resource,
135 and http version
136 * don't use inline functions
137 * update configure.in so that autoconf 2.50 doesn't complain (as much)
138 * properly use VPATH and srcdir according to autoconf docs
139 * change curly-braces to parentheses in Makefilein
140 * use $^ instead of manually listing the dependencies in Makefile.in
141 * remove tests section in Makefile.in
142 * write tags not TAGS in Makefile.in
143 * Add gethostbyname and inet_aton to function checks
144 * Add code from 0.95 which checks for socket in -lsocket,
145 inet_aton in -lresolv, and gethost{by}name in -lnsl
146 * Also remove broken bc-based "how big is an unsigned int" checks:
147 assume minimum of 32 bits and check in escape.c at runtime.
148 * Added new file: README.chroot.solaris, based on a
149 modified version by Liam Widdowson
150 * Add check_struct_for.m4, which allows us to check a structure
151 for a member (found at http://www.gnu.org/software/ac-archive/
152 authored by Wes Hardaker
153 * Call "aclocal -I ." to rebuild aclocal.m4
154 * Using new check-struct-for-member autoconf macro, check
155 for tm_gmtoff and tm_zone in struct tm -- useful in
156 portability tests for localtime.
157 * Also check sockaddr_in for structure sin_len so we can set
158 it properly.
159 * index_dir.c (which ends up in boa_indexer) can now be compiled
160 with USE_LOCALTIME, and if so, it will report the local time
161 using the timezone name. Otherwise it uses UTC time and UTC
162 timezone designation.
163 * fix buglet in mmap_cache.c which shows up when under
164 heavy load by many different files.
165 Found and squashed by Michal Kara
166 * normalize paths on Aliases, log files, server root, dirmaker
167 This makes sure that paths are 'absolute'
168 * don't generate DOCUMENT_ROOT or SERVER_ROOT,
169 CGIs have no business knowing that information
170 * if CGI, chdir to the cgi's root path
171 Bug found by Matt Callaway
172 * remove ChrootPath and PidFile directives from the parser
173 (they aren't used anyway)
174 * keep track of maximum file descriptor in use to optimize call
175 to select()
176 * apply IPv6 patch from Jari Korva
177 * optimize keep-alive copy data routine
178 * try to use memcpy instead of strcpy/strcat in more places (alias.c)
179 * update .depend file
180 * use fcntl + GET_FL to get a file descriptor's flags, then
181 add or remove only the bits we want to set. This prevents
182 accidentally setting or unsettings bits we don't have anything
183 to do with inadvertantly. (removed, at least temporarily.
184 Show me a system where it is needed -- LRD)
185 * make sure to call FD_ZERO when we handle a restart
186 * in read.c, don't call boa_perror on read failure -- socket is
187 dead or messed up anyway, no reason to try to write to it.
188 * explicit .SUFFIXES in Makefile.in
189 * boa.objdump target added
190 * use @MAKE_SET@ (for when $(MAKE) != "make")
191 * add -Wundef -Wwrite-strings -Wredundant-decls -Winline to GCC_FLAGS
192 * change Paul Phillips' and Larry Doolittle's emails in source
193 * add --disable-debug, --enable-profile, --with-dmalloc, and --with-efence
194 * test for failed-but-return-was-successful setuid:
195 http://www.securityfocus.com/bid/1322
196 * use _exit not exit in CGI child
197 * always place new keepalive request on blocked list, we can't be
198 sure of the state of the active list, and since enqueue places
199 things at the *front* of the list, it doesn't do us much good
200 to place the new request on the active list anyway.
201 * update some Copyright statements for 2002
202 * When comparing the uri to an alias, only compare if
203 the uri length is greater than or equal to the length of the alias
204 * in init_script_alias, make sure to check for document_root before
205 trying to use it
206 * script_name is now just a copy of the request, rather
207 than some complicated variation on the pathname
208 * change the way the CGI environment is handled.
209 Now, it is allocated at request allocation time, and exists
210 throughout the life of the structure.
211 * check memory allocations, etc.. when creating the static
212 CGI environment and when making new CGI environment variables
213 * wait until process_option_end to call unescape_uri, clean_pathname,
214 and translate_uri
215 * remove debian package information
216 * move RedHat packaging information to contrib
217 * remove tests -- they weren't usable anyway
218 * add some new hash routines, and use djb2 (a variant on a
219 hash algorithm popularized by Dan J. Bernstein)
220 * a side-effect of the new hash routines is a bugfix,
221 involving negative return values from hash routines.
222 This has been fixed.
223 * add a routine, show_hash_stats, which is called with other
224 statistical output via sigalarm
225 * remove some duplicate prototypes from config.c
226 * make simple_itoa take an unsigned int
227 * try to make NOBLOCK handling in compat.h compatible with Solaris
228 * make sure to update current_time before calling signal handlers
229 * alter primary loop to make sure that select gets called even
230 when there are requests that are not blocking, and call fdset_update
231 and process_requests (when appropriate) after signal handlers but
232 before select to make sure that blocked requests are still handled
233 by select after a sighup. (Thanks to Karl Olsen)
234 * pull select loop into select.c
235 * poll server socket once per active connection
236 * add send_r_service_unavailable and use it when appropriate
237 * state uptime in seconds at normal program termination
238 * include sys/fcntl.h if it is found by configure
239 * fix POST bug where a content-length < 0 would cause Boa to
240 consume its full share of CPU until killed
241 Bug report by Landon Curt Noll
242 * add CGIPath configuration variable
243 based upon a patch by Landon Curt Noll
244 * add function boa_atoi, which wraps atoi, but does not
245 accept negative values. Additionally, it checks to make sure
246 the converted value and the original value are the same, avoiding
247 issues like "124.3" -> "123" and "123abc" -=> "123".
248 Either a value is an int or it isn't - no middle ground.
249 * use boa_atoi to convert content-length from client.
250 * add new #define - SINGLE_POST_LIMIT_DEFAULT, which defines
251 (in bytes) the *default* single_post_limit.
252 * single_post_limit is now in bytes.
253 * when adding aliases, only "normalize" paths that start
254 with "./" - this is a departure from previous behavior
255 * add "?" to the list of characters that it is safe to leave unescaped
256 * clean up Makefile.in of no-longer-pertinent comments
257 * add send_r_bad_gateway and use it
258 * tie stderr to either cgi_log_fd or devnullfd - either way
259 make sure stderr is a valid filehandle before cgi execution
260 * cgi_env is no longer allocated, it's part of the struct now
261 * fix bug in CgiPath logic
262 * when unable to allocate memory for an environment variable, log it
263 * add clear_common_env, which de-allocates the cgi_common_env stuff
264 [NEVER USE THIS outside of a terminal signal handler!]
265 * don't be so wasteful of memory in normalize_path
266 * adapted fix for alias expansion from Brieuc Jeunhomme
267
268 ** Changes from 0.94.10.1 to 0.94.11
269 * use LIBS in Makefile.in (which propagates from autoconf)
270 * properly free memory allocated by scandir in index_dir.c
271 * rearrange some header files and includes
272 * on reads and writes, don't check for -1, check for < 0
273 * include fix by William Meadows
274 for escape.c which fixes segfaults due to improper allocation
275 * above fix by William Meadows no longer needed;
276 escape.c and escape.h rewritten by Larry Doolittle -- requires
277 at least 32 bit words, but is correct (jdn's 1st attempt was faulty)
278
279 ** Changes from 0.94.10 to 0.94.10.1
280 * Actually update the SERVER_VERSION in src/defines.h
281
282 ** Changes from 0.94.9 to 0.94.10
283 * Fixes escaping rules
284 * Fixes segfault when directory_index is undefined and
285 directory needs to be generated
286 * adds dummy signal handlers for SIGUSR1 and SIGUSR2 (Closes SF #425921)
287 * Update documentation regarding mime.types (Closes Debian #69991)
288 * Make sure documentation builds (Closes Debian #110818)
289
290 ** Changes from 0.94.8.3 to 0.94.9
291 * src/Makefile.in updated to take CFLAGS, LIBS, and LDFLAGS
292 from autoconf
293 * Update escaping rules with latest RFC
294 * unescape_uri skips fragments and also stop parsing at '?'
295 * Don't accept fd over FD_SETSIZE in request.c:get_request
296 * use backported documentation from 0.95
297 * make sure POST fd gets closed even on client cancel
298 * use backported index_dir.c from 0.95
299 * support subdirectories in ScriptAlias directories
300 * add SinglePostLimit (int, in Kilobytes) to config system
301 * check for ENOSPC on body write
302 * use environment variable TMP (or "/tmp" if not available),
303 and chdir there when boa exits.
304 * add 1-time-only hack to make a 32kB read at the end of a request
305 on POST or PUT
306 * close unused file descriptors (/dev/null in boa.c, and the
307 unused part of the pipes call in cgi.c)
308 * made Makefile.in VPATH happy
309
310 ** Changes from 0.94.8.2 to 0.94.8.3
311 * Move unescape_uri *before* clean_pathname to prevent
312 encoding of / and .. in pathname
313 * wrap execution of GUNZIP in cgi.c with #ifdef GUNZIP
314 * stop parsing when fragment found in URL ('#')
315
316 ** Changes from 0.94.8.1 to 0.94.8.2
317 * close pipes[1] in child and generate HTTP_REFERER environment
318 variable in cgi.c
319 * Minor changes to the Debian package
320
321 ** Changes from 0.94.8 to 0.94.8.1
322 * Change umask call from (umask(0600)) to (umask(~0600))
323
324 ** Changes from 0.94.7 to 0.94.8
325 * Fix major thinko in temp file permissions
326 * unlink temporary file immediately following creation
327 * implement maximum # of active connections at 10 less than RLIMIT_NOFILE
328 to avoid or eliminate crashes resulting from running out of
329 file descriptors
330 * Fix thinko in POST
331
332 ** Changes from 0.94.6 to 0.94.7
333 * STDIN and STDOUT are now tied to /dev/null
334 * sets PATH_MAX to 2048 if not defined (for Hurd)
335 * core dumps (should never happen) would be located in /tmp
336 * alter behavior when select gets a EBADF
337 * add translation for the \" char -> &quot;
338 * remove use of sys_errlist. Use perror.
339 * better makedist.sh (still a stupid program though)
340
341 ** Changes from 0.94.5 to 0.94.6
342 * Removed doc++ commenting
343 * Removed erroneous debugging statments
344 * Move some stuff out of config.c (read_config_file) to boa.c
345 * Altered some of fixup_server_root()
346 * Bug fix in get.c re: automatic gunzip
347 * Added some stubs for chroot code (*not* ready yet)
348
349 ** Changes from 0.94.4 to 0.94.5
350 * Alteration of most of the comments and such for doc++ use
351 * Fixed buffer overflow in alias.c
352 * Fixed buffer underflow in util.c
353
354 ** Changes from 0.94.3 to 0.94.4
355 * Better escaping of data to user, both for HTTP headers and HTML body
356 * Proper escaping of output in CGI example perl scripts
357
358 ** Changes from 0.94.0 to 0.94.2
359 * Fixed obnoxious pipeline bug
360 * Fixed (sorta) a compilation/core bug for *BSD systems
361 Original code by Thomas Neumann
362 * Moved to GPLv2
363 * Changed manpage to section 8
364 * boa.sgml now references a .png file instead of evil .gif
365
366 ** Changes from 0.93.19.2 to 0.94.0
367 * Added UseGMT to the configuration parser
368 * util.c commonlog now logs in Apache-style commonlog time format
369 * Remove SO_SNDBUF on-start message
370
371 ** Changes from 0.93.19 to 0.93.19.2
372 * Changed to combined log (from NCSA access_log format) ala Drew Streib
373 * Altered POST cgi code to handle bug in Netscape
374 * SO_SNDBUF changes by Larry
375
376 ** Changes from 0.93.17.2 to 0.93.19 (all 0.93.18.x changes inclusive)
377 * Update of some copyright statements for 99
378 * Replacement of sprintf with strlen/memcpy or strcpy/strcat
379 wherever possible
380 * Significant rearrangement in alias.c, minor functional differences
381 (some CGI environment variables handled differently)
382 * Removal of die function. Replace with log_err_mesg and exit.
383 * initial IPv6 stubs and support
384 * Move #include "config.h" to top of boa.h where it will do some good
385 * Stubs and functions for strstr and strdup
386 * Seperation of buffer code into it's own file
387 * Significant changes to cgi.c et al (cgi_header.c, etc...)
388 * Speed patches by removal of "extra" calls to time(): Use global variable!
389 * pipelining changes... it works now.
390 * require content-length from clients (ala rfc1945)
391 * alter body_read and body_write to work more efficiently with known content-length
392 * move read(2) part to *after* parsing...
393 * added support for additional header message in send_redirect_temp
394 * change use of NO_ZERO_FILL_LENGTH to offsetof() use
395 * Remove SO_REUSEADDR setting on each client socket, Paul Saab
396 * Avoid SO_SNDBUF setting if possible
397 * Large quantities of otherwise not-insignificant changes
398
399 ** Changes from 0.93.17.2 to 0.93.17.3
400 * Put on-the-fly directories back in, stripped down from the 0.92 version
401 * Fixed DocumentRoot, ServerAdmin and ServerName null-value handling in
402 CGI environment generation
403 * Fixed argument order in Script* directives (bug introduced in 0.93.17.2)
404 * Got rid of MAX_CGI_VARS because it was not being used consistently, or
405 for that matter, at all, really.
406 * Added some more FASCIST_LOGGING to cgi.c
407 * Minor mmap patch by LRD for request.c
408
409 ** Changes from 0.93.17.1 to 0.93.17.2
410 * Added "Listen" directive for server bind address, as most recently
411 suggested by David N. Welton
412 * Put virtualhost feature in, was experimental in 0.92q
413
414 ** Changes from 0.93.16.2 to 0.93.17.1
415 * New config file parser (supposed to be more maintainable) (LRD)
416 * Support for "|command" and ":host:port" syntax for logfiles (untested) (LRD)
417
418 ** Changes for the 0.93 version **
419 * Huge quantities of changes
420 * keepalive Bugfix in 0.93.16.2 by Jon Nelson
421 report by Craig Silverstein of Google fame.
422 * patch for config.h by Craig Silverstein
423 * fixed "Parent Directory" problem in boa_indexer for title "/"
424 (Debian bug #36165)
425 * More Craig Silverstein
426 modifications, namely:
427 ErrorLog (if omitted, print to stderr)
428 DocumentRoot (if omitted, can only server user-dir files)
429 DirectoryIndex (if omitted, always use DirectoryMaker)
430 MimeTypes (if omitted, don't load -- users can use AddType instead)
431
432
433 ** Changes from v0.92o to v0.92p **
434
435 * Documented misbehavior of CGI, SIGHUP, short aliases, stale dircache.
436 * Documented how to patch signals.c for use on SunOS.
437 * Closed file descriptor leak when redirecting a bare directory URL to
438 one with an appended "/".
439 * Closed potential file descriptor leak if errors encountered generating
440 on-the-fly index.
441 * Cleaned up include file handling to be simultaneously compatible with
442 Linux, SunOS, HP-UX, and AIX.
443 * Supress message body for codes 302, 400, 403, 404, 500, and 501 if
444 incoming request is "HEAD".
445
446 ** Changes from v0.91 to v0.92o **
447 (0.92o released 27 December, 1996)
448
449 * Maintenance handover from Paul Phillips to Larry Doolittle
450 * Changed (char)NULL to '\0'
451 * Cleaned up signal handler prototypes in signals.c
452 * Modified handling of CGI environment variable PATH_TRANSLATED,
453 should now work the same as NCSA.
454 * More conservative buffer size in add_cgi_env()
455 * Build argv list for a CGI script according to spec
456 * Speedup process_header_line, eliminate potential memory leak
457 * Occasional spelling fixes and lint removal
458 * Added REMOTE_PORT env var for CGI scripts, to allow easy ident lookups
459 * Changed rfc822 time format
460 * Log timeouts and broken connections
461 * Fix mime suffix handling for filenames with multiple "."s
462 * Initialize conn->time_last, fixes bug with rapid-fire connections
463 * Performance tweak to req_write()
464 * Changed http_version from float to char[8]
465 * Rewrote on-the-fly directory generation; it works now
466 * Added user configurable dircache directory in boa.conf
467 * Fixed "simple" response bugs, including incorrect CGI handling
468 * Keepalive (HTTP/1.1 draft) support, mostly by Jon Nelson
469 * Close data_fd in 304 Not Modified flow of control
470 * Switch socket flags to non-blocking before cgi handoff
471 * Try to handle errno properly in the face of multiple errors
472 * Close fd's of all other transactions before cgi handoff
473 * Move real work for sighup and sigchld out of signal handler
474 * Fix free(req->cgi_env) in request.c
475 * Response message cleanup - better match to HTML-2.0 DTD
476 * Experimental Virtual Host code from Russ Nelson
477 * Expand buffer for escaped URI in init_get()
478 * SIGTERM triggers lame duck mode until all pending transactions complete
479 * Close and unlink temp file for POST in parent process
480
481 ** Changes from v0.90 to v0.91 **
482
483 * Cleaned up main while loop
484 * Optimized request line parsing
485 * Added state machine for header reads -- necessary to deal wtih
486 possibility of obtaining header data in multiple reads. This
487 also allows interactive use of server.
488 * Added 500/501 return codes for various conditions
489
490 ** v0.90 **
491
492 * Initial release
493

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26