/[hydra]/hydra/ChangeLog
ViewVC logotype

Annotation of /hydra/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.28 - (hide annotations)
Sat Oct 5 08:32:52 2002 UTC (21 years, 5 months ago) by nmav
Branch: MAIN
Changes since 1.27: +2 -0 lines
Added options in configuration file, to request and verify a client certificate.

1 nmav 1.26 ** Changes from 0.0.6 to 0.0.7
2     * Added support for large files in 32 bit systems.
3 nmav 1.27 * Added support for SSL_* variables in CGIs.
4 nmav 1.28 * Added options in configuration file, to request and verify
5     a client certificate.
6 nmav 1.26
7 nmav 1.24 ** Changes from 0.0.5 to 0.0.6 - 03/10/2002
8 nmav 1.21 * Compatibility functions are now automatically included in hydra, if
9     they are not found by the configure script.
10 nmav 1.22 * Replaced the included scandir function, with the one in libc.
11 nmav 1.23 * Fixed code, which compiled fine with gcc 3.2, but didn't compile at
12 nmav 1.22 all, with any other compiler!
13 nmav 1.23 * Improved the MaxConnections directive semantics.
14 nmav 1.25 * Added a very primitive mime.types file in examples/ directory.
15 nmav 1.21
16 nmav 1.20 ** Changes from 0.0.4 to 0.0.5 - 02/10/2002
17 nmav 1.18 * If a requested CGI is not accesible then send 404 not found, instead
18     of trying to execute it.
19 nmav 1.19 * Corrected several stuff in HIC CGI handler. This allows Cookies,
20     POST data and Queries to work properly.
21 nmav 1.18
22 nmav 1.17 ** Changes from 0.0.3 to 0.0.4 - 30/09/2002
23 nmav 1.14 * Added support for If-Range, If-Match, If-None-Match HTTP/1.1 header
24     fields. The server also generates ETag headers for static content using
25 nmav 1.15 the last modified field of the file, and the file size. This makes
26     Hydra cache friendly.
27 nmav 1.16 * Added support for multiple HIC threads. This gives a boost to script generation
28 nmav 1.22 since they are no longer generated sequentially.
29 nmav 1.14
30 nmav 1.13 ** Changes from 0.0.2 to 0.0.3 - 28/09/2002
31 nmav 1.11 * Added support for dynamic modules that handle CGIs
32     internally (HIC). That way Hydra can run PHP.
33     * Fixes in CGI execution. CGIs that are not passed from aliasing
34     functions now properly set PATH_INFO and PATH_TRANSLATED.
35     (Needs further cleanup).
36 nmav 1.12 * Cleaned up SSL support. Now hydra can be compiled even if gnutls
37     is not available.
38 nmav 1.11
39 nmav 1.9 ** Changes from Boa/0.94.13 to Hydra/0.0.2 - 26/09/2002
40 nmav 1.2 * Added support for SSL 3.0 and TLS 1.0 protocols.
41     * Added support for multiple CPU's by making the server
42     run over a pool of threads.
43     * Changed the file caching code. The mmap() calls are cached until
44     the mmap list table is full.
45     * Added support for HTTP/1.1 ranges.
46 nmav 1.4 * Added support for hostname based virtual hosting.
47 nmav 1.5 Also changed the semantics of Alias, ScriptAlias and Redirect, to
48     take advantage of the host based virtual hosting.
49 nmav 1.3 * Added support for the TCP_CORK tcp option in linux.
50     * Cleaned up the CGI handling (gunzip, indexer are treated as CGIs)
51 nmav 1.10 * Enhanced grammar to handle 3 and 4 argument options.
52 nmav 1.7 * Added support for multiple directory indexes.
53     * Dropped support for gunzip.
54 nmav 1.8 * Use automake to create the distribution.
55 nmav 1.2
56 nmav 1.1 ** Changes from 0.94.12 to 0.94.13
57     * Change many instances of log_error_mesg + exit to DIE macro
58     * Change all instance of log_error_mesg (without exit) to WARN macro
59     * do a much better job of checking return values from malloc and
60     especially strdup.
61     * check results of calling umask and getrlimit
62     * server_s is no longer a global int
63     * check results of fork via switch instead of if (fork())
64     * check for getopt.h and include it if found
65     * remove unused #defines, and add WARN macro, and replace
66     many calls to log_error_mesg(..) with WARN macro
67     * fix bug in get_commonlog_time where time_offset calculation was
68     the opposite of what it should be ('-' and '+' were swapped)
69     * fix compatability bug with old and newer versions of flex/yacc
70     * add check for AC_FUNC_MMAP to configure.in
71     * fix really lame thinko in normalize_path, which would prepend the
72     results of earlier calls to results from later calls
73     * Add MaxConnections, a configuration directive which allows the
74     user to specify the maximum number of connections that Boa will
75     accept concurrently.
76     * add SERVER_ADDR and REQUEST_URI to environment of CGI
77     * handle SIGBUS during writes of data that has been memory mapped
78     * minor optimization in select.c that prevents DEAD requests from
79     being added to the block set
80     * fix bug in CGI environment script_name - closes sf.net bug #576725
81     * make 'status' variable local to requests.c, not local to every file
82     by forgetting to declare 'extern' in globals.h :-|
83     * make getsockname non-fatal, and do it every time because we may
84     need it for the CGI
85     * some minor refactoring optimizations in hash.c
86    
87     ** Changes from 0.94.11 to 0.94.12
88     * Renamed Changelog ChangeLog, and moved up to top-level directory
89     * Next 3 items due in part or whole thanks to
90     Liam Widdowson
91     * when printf'ing a pid type, force to int, because it could be
92     something else on other platforms. Should probably change it to
93     a long, and use that.
94     * backported chroot commandline support from 0.95
95     * backported support for strdup, strstr, alphasort, and scandir
96     from 0.95
97     * Fixed src/Makefile.in -- it didn't remove index_dir.o
98     * backport create_temporary_file from 0.95
99     (instead of using tmpnam)
100     * Allow non-standard date format 31 September 2000 23:59:59 GMT
101     Patch by Landon Curt Noll
102     * Skip whitespace before HTTP/major.minor
103     Adapted patch from Landon Curt Noll
104     * open /dev/null first thing (affects chrooting)
105     * properly handle sigalrm -- use sigalrm_flag and sigalrm_run
106     instead of handling the signal in the signal handler
107     * update manpage slightly
108     * send 400 BAD Request when resource does not start with '/'
109     * add grp.h to boa.h's includes -- remove from boa.c and config.c
110     * removed duplicate header includes from boa.c, config.c, get.c,
111     ip.c, request.c, response.c
112     * factor out creating the server socket and dropping privs
113     into create_server_socket and drop_privs
114     * type all functions in boa.c (except main) as static
115     * set umask after opening /dev/null
116     * tie stdin/stdout to /dev/null before commandline parse
117     * removed old, unused chroot code
118     * move builds_needs_escape earlier in the startup
119     * move fork later in the startup
120     * type all c_set_* as static in config.c
121     * don't bother trying to change uid/gid (or error if the
122     requested uid/gid doesn't exist) if not UID 0
123     * return more appropriate error code when foo.html gives
124     access denied, but foo.html.gz gives some other error
125     (essentially report error associated with foo.html, not foo.html.gz)
126     * send NOT Implemented when an unknown method is attempted
127     * always attempt a 32k read right before close
128     (stopgap until blackhole can be merged)
129     * allow more than 1 space in logline between method, resource,
130     and http version
131     * don't use inline functions
132     * update configure.in so that autoconf 2.50 doesn't complain (as much)
133     * properly use VPATH and srcdir according to autoconf docs
134     * change curly-braces to parentheses in Makefilein
135     * use $^ instead of manually listing the dependencies in Makefile.in
136     * remove tests section in Makefile.in
137     * write tags not TAGS in Makefile.in
138     * Add gethostbyname and inet_aton to function checks
139     * Add code from 0.95 which checks for socket in -lsocket,
140     inet_aton in -lresolv, and gethost{by}name in -lnsl
141     * Also remove broken bc-based "how big is an unsigned int" checks:
142     assume minimum of 32 bits and check in escape.c at runtime.
143     * Added new file: README.chroot.solaris, based on a
144     modified version by Liam Widdowson
145     * Add check_struct_for.m4, which allows us to check a structure
146     for a member (found at http://www.gnu.org/software/ac-archive/
147     authored by Wes Hardaker
148     * Call "aclocal -I ." to rebuild aclocal.m4
149     * Using new check-struct-for-member autoconf macro, check
150     for tm_gmtoff and tm_zone in struct tm -- useful in
151     portability tests for localtime.
152     * Also check sockaddr_in for structure sin_len so we can set
153     it properly.
154     * index_dir.c (which ends up in boa_indexer) can now be compiled
155     with USE_LOCALTIME, and if so, it will report the local time
156     using the timezone name. Otherwise it uses UTC time and UTC
157     timezone designation.
158     * fix buglet in mmap_cache.c which shows up when under
159     heavy load by many different files.
160     Found and squashed by Michal Kara
161     * normalize paths on Aliases, log files, server root, dirmaker
162     This makes sure that paths are 'absolute'
163     * don't generate DOCUMENT_ROOT or SERVER_ROOT,
164     CGIs have no business knowing that information
165     * if CGI, chdir to the cgi's root path
166     Bug found by Matt Callaway
167     * remove ChrootPath and PidFile directives from the parser
168     (they aren't used anyway)
169     * keep track of maximum file descriptor in use to optimize call
170     to select()
171     * apply IPv6 patch from Jari Korva
172     * optimize keep-alive copy data routine
173     * try to use memcpy instead of strcpy/strcat in more places (alias.c)
174     * update .depend file
175     * use fcntl + GET_FL to get a file descriptor's flags, then
176     add or remove only the bits we want to set. This prevents
177     accidentally setting or unsettings bits we don't have anything
178     to do with inadvertantly. (removed, at least temporarily.
179     Show me a system where it is needed -- LRD)
180     * make sure to call FD_ZERO when we handle a restart
181     * in read.c, don't call boa_perror on read failure -- socket is
182     dead or messed up anyway, no reason to try to write to it.
183     * explicit .SUFFIXES in Makefile.in
184     * boa.objdump target added
185     * use @MAKE_SET@ (for when $(MAKE) != "make")
186     * add -Wundef -Wwrite-strings -Wredundant-decls -Winline to GCC_FLAGS
187     * change Paul Phillips' and Larry Doolittle's emails in source
188     * add --disable-debug, --enable-profile, --with-dmalloc, and --with-efence
189     * test for failed-but-return-was-successful setuid:
190     http://www.securityfocus.com/bid/1322
191     * use _exit not exit in CGI child
192     * always place new keepalive request on blocked list, we can't be
193     sure of the state of the active list, and since enqueue places
194     things at the *front* of the list, it doesn't do us much good
195     to place the new request on the active list anyway.
196     * update some Copyright statements for 2002
197     * When comparing the uri to an alias, only compare if
198     the uri length is greater than or equal to the length of the alias
199     * in init_script_alias, make sure to check for document_root before
200     trying to use it
201     * script_name is now just a copy of the request, rather
202     than some complicated variation on the pathname
203     * change the way the CGI environment is handled.
204     Now, it is allocated at request allocation time, and exists
205     throughout the life of the structure.
206     * check memory allocations, etc.. when creating the static
207     CGI environment and when making new CGI environment variables
208     * wait until process_option_end to call unescape_uri, clean_pathname,
209     and translate_uri
210     * remove debian package information
211     * move RedHat packaging information to contrib
212     * remove tests -- they weren't usable anyway
213     * add some new hash routines, and use djb2 (a variant on a
214     hash algorithm popularized by Dan J. Bernstein)
215     * a side-effect of the new hash routines is a bugfix,
216     involving negative return values from hash routines.
217     This has been fixed.
218     * add a routine, show_hash_stats, which is called with other
219     statistical output via sigalarm
220     * remove some duplicate prototypes from config.c
221     * make simple_itoa take an unsigned int
222     * try to make NOBLOCK handling in compat.h compatible with Solaris
223     * make sure to update current_time before calling signal handlers
224     * alter primary loop to make sure that select gets called even
225     when there are requests that are not blocking, and call fdset_update
226     and process_requests (when appropriate) after signal handlers but
227     before select to make sure that blocked requests are still handled
228     by select after a sighup. (Thanks to Karl Olsen)
229     * pull select loop into select.c
230     * poll server socket once per active connection
231     * add send_r_service_unavailable and use it when appropriate
232     * state uptime in seconds at normal program termination
233     * include sys/fcntl.h if it is found by configure
234     * fix POST bug where a content-length < 0 would cause Boa to
235     consume its full share of CPU until killed
236     Bug report by Landon Curt Noll
237     * add CGIPath configuration variable
238     based upon a patch by Landon Curt Noll
239     * add function boa_atoi, which wraps atoi, but does not
240     accept negative values. Additionally, it checks to make sure
241     the converted value and the original value are the same, avoiding
242     issues like "124.3" -> "123" and "123abc" -=> "123".
243     Either a value is an int or it isn't - no middle ground.
244     * use boa_atoi to convert content-length from client.
245     * add new #define - SINGLE_POST_LIMIT_DEFAULT, which defines
246     (in bytes) the *default* single_post_limit.
247     * single_post_limit is now in bytes.
248     * when adding aliases, only "normalize" paths that start
249     with "./" - this is a departure from previous behavior
250     * add "?" to the list of characters that it is safe to leave unescaped
251     * clean up Makefile.in of no-longer-pertinent comments
252     * add send_r_bad_gateway and use it
253     * tie stderr to either cgi_log_fd or devnullfd - either way
254     make sure stderr is a valid filehandle before cgi execution
255     * cgi_env is no longer allocated, it's part of the struct now
256     * fix bug in CgiPath logic
257     * when unable to allocate memory for an environment variable, log it
258     * add clear_common_env, which de-allocates the cgi_common_env stuff
259     [NEVER USE THIS outside of a terminal signal handler!]
260     * don't be so wasteful of memory in normalize_path
261     * adapted fix for alias expansion from Brieuc Jeunhomme
262    
263     ** Changes from 0.94.10.1 to 0.94.11
264     * use LIBS in Makefile.in (which propagates from autoconf)
265     * properly free memory allocated by scandir in index_dir.c
266     * rearrange some header files and includes
267     * on reads and writes, don't check for -1, check for < 0
268     * include fix by William Meadows
269     for escape.c which fixes segfaults due to improper allocation
270     * above fix by William Meadows no longer needed;
271     escape.c and escape.h rewritten by Larry Doolittle -- requires
272     at least 32 bit words, but is correct (jdn's 1st attempt was faulty)
273    
274     ** Changes from 0.94.10 to 0.94.10.1
275     * Actually update the SERVER_VERSION in src/defines.h
276    
277     ** Changes from 0.94.9 to 0.94.10
278     * Fixes escaping rules
279     * Fixes segfault when directory_index is undefined and
280     directory needs to be generated
281     * adds dummy signal handlers for SIGUSR1 and SIGUSR2 (Closes SF #425921)
282     * Update documentation regarding mime.types (Closes Debian #69991)
283     * Make sure documentation builds (Closes Debian #110818)
284    
285     ** Changes from 0.94.8.3 to 0.94.9
286     * src/Makefile.in updated to take CFLAGS, LIBS, and LDFLAGS
287     from autoconf
288     * Update escaping rules with latest RFC
289     * unescape_uri skips fragments and also stop parsing at '?'
290     * Don't accept fd over FD_SETSIZE in request.c:get_request
291     * use backported documentation from 0.95
292     * make sure POST fd gets closed even on client cancel
293     * use backported index_dir.c from 0.95
294     * support subdirectories in ScriptAlias directories
295     * add SinglePostLimit (int, in Kilobytes) to config system
296     * check for ENOSPC on body write
297     * use environment variable TMP (or "/tmp" if not available),
298     and chdir there when boa exits.
299     * add 1-time-only hack to make a 32kB read at the end of a request
300     on POST or PUT
301     * close unused file descriptors (/dev/null in boa.c, and the
302     unused part of the pipes call in cgi.c)
303     * made Makefile.in VPATH happy
304    
305     ** Changes from 0.94.8.2 to 0.94.8.3
306     * Move unescape_uri *before* clean_pathname to prevent
307     encoding of / and .. in pathname
308     * wrap execution of GUNZIP in cgi.c with #ifdef GUNZIP
309     * stop parsing when fragment found in URL ('#')
310    
311     ** Changes from 0.94.8.1 to 0.94.8.2
312     * close pipes[1] in child and generate HTTP_REFERER environment
313     variable in cgi.c
314     * Minor changes to the Debian package
315    
316     ** Changes from 0.94.8 to 0.94.8.1
317     * Change umask call from (umask(0600)) to (umask(~0600))
318    
319     ** Changes from 0.94.7 to 0.94.8
320     * Fix major thinko in temp file permissions
321     * unlink temporary file immediately following creation
322     * implement maximum # of active connections at 10 less than RLIMIT_NOFILE
323     to avoid or eliminate crashes resulting from running out of
324     file descriptors
325     * Fix thinko in POST
326    
327     ** Changes from 0.94.6 to 0.94.7
328     * STDIN and STDOUT are now tied to /dev/null
329     * sets PATH_MAX to 2048 if not defined (for Hurd)
330     * core dumps (should never happen) would be located in /tmp
331     * alter behavior when select gets a EBADF
332     * add translation for the \" char -> &quot;
333     * remove use of sys_errlist. Use perror.
334     * better makedist.sh (still a stupid program though)
335    
336     ** Changes from 0.94.5 to 0.94.6
337     * Removed doc++ commenting
338     * Removed erroneous debugging statments
339     * Move some stuff out of config.c (read_config_file) to boa.c
340     * Altered some of fixup_server_root()
341     * Bug fix in get.c re: automatic gunzip
342     * Added some stubs for chroot code (*not* ready yet)
343    
344     ** Changes from 0.94.4 to 0.94.5
345     * Alteration of most of the comments and such for doc++ use
346     * Fixed buffer overflow in alias.c
347     * Fixed buffer underflow in util.c
348    
349     ** Changes from 0.94.3 to 0.94.4
350     * Better escaping of data to user, both for HTTP headers and HTML body
351     * Proper escaping of output in CGI example perl scripts
352    
353     ** Changes from 0.94.0 to 0.94.2
354     * Fixed obnoxious pipeline bug
355     * Fixed (sorta) a compilation/core bug for *BSD systems
356     Original code by Thomas Neumann
357     * Moved to GPLv2
358     * Changed manpage to section 8
359     * boa.sgml now references a .png file instead of evil .gif
360    
361     ** Changes from 0.93.19.2 to 0.94.0
362     * Added UseGMT to the configuration parser
363     * util.c commonlog now logs in Apache-style commonlog time format
364     * Remove SO_SNDBUF on-start message
365    
366     ** Changes from 0.93.19 to 0.93.19.2
367     * Changed to combined log (from NCSA access_log format) ala Drew Streib
368     * Altered POST cgi code to handle bug in Netscape
369     * SO_SNDBUF changes by Larry
370    
371     ** Changes from 0.93.17.2 to 0.93.19 (all 0.93.18.x changes inclusive)
372     * Update of some copyright statements for 99
373     * Replacement of sprintf with strlen/memcpy or strcpy/strcat
374     wherever possible
375     * Significant rearrangement in alias.c, minor functional differences
376     (some CGI environment variables handled differently)
377     * Removal of die function. Replace with log_err_mesg and exit.
378     * initial IPv6 stubs and support
379     * Move #include "config.h" to top of boa.h where it will do some good
380     * Stubs and functions for strstr and strdup
381     * Seperation of buffer code into it's own file
382     * Significant changes to cgi.c et al (cgi_header.c, etc...)
383     * Speed patches by removal of "extra" calls to time(): Use global variable!
384     * pipelining changes... it works now.
385     * require content-length from clients (ala rfc1945)
386     * alter body_read and body_write to work more efficiently with known content-length
387     * move read(2) part to *after* parsing...
388     * added support for additional header message in send_redirect_temp
389     * change use of NO_ZERO_FILL_LENGTH to offsetof() use
390     * Remove SO_REUSEADDR setting on each client socket, Paul Saab
391     * Avoid SO_SNDBUF setting if possible
392     * Large quantities of otherwise not-insignificant changes
393    
394     ** Changes from 0.93.17.2 to 0.93.17.3
395     * Put on-the-fly directories back in, stripped down from the 0.92 version
396     * Fixed DocumentRoot, ServerAdmin and ServerName null-value handling in
397     CGI environment generation
398     * Fixed argument order in Script* directives (bug introduced in 0.93.17.2)
399     * Got rid of MAX_CGI_VARS because it was not being used consistently, or
400     for that matter, at all, really.
401     * Added some more FASCIST_LOGGING to cgi.c
402     * Minor mmap patch by LRD for request.c
403    
404     ** Changes from 0.93.17.1 to 0.93.17.2
405     * Added "Listen" directive for server bind address, as most recently
406     suggested by David N. Welton
407     * Put virtualhost feature in, was experimental in 0.92q
408    
409     ** Changes from 0.93.16.2 to 0.93.17.1
410     * New config file parser (supposed to be more maintainable) (LRD)
411     * Support for "|command" and ":host:port" syntax for logfiles (untested) (LRD)
412    
413     ** Changes for the 0.93 version **
414     * Huge quantities of changes
415     * keepalive Bugfix in 0.93.16.2 by Jon Nelson
416     report by Craig Silverstein of Google fame.
417     * patch for config.h by Craig Silverstein
418     * fixed "Parent Directory" problem in boa_indexer for title "/"
419     (Debian bug #36165)
420     * More Craig Silverstein
421     modifications, namely:
422     ErrorLog (if omitted, print to stderr)
423     DocumentRoot (if omitted, can only server user-dir files)
424     DirectoryIndex (if omitted, always use DirectoryMaker)
425     MimeTypes (if omitted, don't load -- users can use AddType instead)
426    
427    
428     ** Changes from v0.92o to v0.92p **
429    
430     * Documented misbehavior of CGI, SIGHUP, short aliases, stale dircache.
431     * Documented how to patch signals.c for use on SunOS.
432     * Closed file descriptor leak when redirecting a bare directory URL to
433     one with an appended "/".
434     * Closed potential file descriptor leak if errors encountered generating
435     on-the-fly index.
436     * Cleaned up include file handling to be simultaneously compatible with
437     Linux, SunOS, HP-UX, and AIX.
438     * Supress message body for codes 302, 400, 403, 404, 500, and 501 if
439     incoming request is "HEAD".
440    
441     ** Changes from v0.91 to v0.92o **
442     (0.92o released 27 December, 1996)
443    
444     * Maintenance handover from Paul Phillips to Larry Doolittle
445     * Changed (char)NULL to '\0'
446     * Cleaned up signal handler prototypes in signals.c
447     * Modified handling of CGI environment variable PATH_TRANSLATED,
448     should now work the same as NCSA.
449     * More conservative buffer size in add_cgi_env()
450     * Build argv list for a CGI script according to spec
451     * Speedup process_header_line, eliminate potential memory leak
452     * Occasional spelling fixes and lint removal
453     * Added REMOTE_PORT env var for CGI scripts, to allow easy ident lookups
454     * Changed rfc822 time format
455     * Log timeouts and broken connections
456     * Fix mime suffix handling for filenames with multiple "."s
457     * Initialize conn->time_last, fixes bug with rapid-fire connections
458     * Performance tweak to req_write()
459     * Changed http_version from float to char[8]
460     * Rewrote on-the-fly directory generation; it works now
461     * Added user configurable dircache directory in boa.conf
462     * Fixed "simple" response bugs, including incorrect CGI handling
463     * Keepalive (HTTP/1.1 draft) support, mostly by Jon Nelson
464     * Close data_fd in 304 Not Modified flow of control
465     * Switch socket flags to non-blocking before cgi handoff
466     * Try to handle errno properly in the face of multiple errors
467     * Close fd's of all other transactions before cgi handoff
468     * Move real work for sighup and sigchld out of signal handler
469     * Fix free(req->cgi_env) in request.c
470     * Response message cleanup - better match to HTML-2.0 DTD
471     * Experimental Virtual Host code from Russ Nelson
472     * Expand buffer for escaped URI in init_get()
473     * SIGTERM triggers lame duck mode until all pending transactions complete
474     * Close and unlink temp file for POST in parent process
475    
476     ** Changes from v0.90 to v0.91 **
477    
478     * Cleaned up main while loop
479     * Optimized request line parsing
480     * Added state machine for header reads -- necessary to deal wtih
481     possibility of obtaining header data in multiple reads. This
482     also allows interactive use of server.
483     * Added 500/501 return codes for various conditions
484    
485     ** v0.90 **
486    
487     * Initial release
488    

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26