/[hydra]/hydra/ChangeLog
ViewVC logotype

Contents of /hydra/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.29 - (show annotations)
Sat Oct 5 16:42:52 2002 UTC (18 years, 9 months ago) by nmav
Branch: MAIN
Changes since 1.28: +3 -1 lines
Corrected behavour in SIGHUP signal handling, and now can read
the SSL related variables.

1 ** Changes from 0.0.6 to 0.0.7 - 05/10/2002
2 * Added support for large files in 32 bit systems.
3 * Added support for SSL_* variables in CGIs.
4 * Added options in configuration file, to request and verify
5 a client certificate.
6 * Corrected behavour in SIGHUP signal handling, and now can read
7 the SSL related variables.
8
9 ** Changes from 0.0.5 to 0.0.6 - 03/10/2002
10 * Compatibility functions are now automatically included in hydra, if
11 they are not found by the configure script.
12 * Replaced the included scandir function, with the one in libc.
13 * Fixed code, which compiled fine with gcc 3.2, but didn't compile at
14 all, with any other compiler!
15 * Improved the MaxConnections directive semantics.
16 * Added a very primitive mime.types file in examples/ directory.
17
18 ** Changes from 0.0.4 to 0.0.5 - 02/10/2002
19 * If a requested CGI is not accesible then send 404 not found, instead
20 of trying to execute it.
21 * Corrected several stuff in HIC CGI handler. This allows Cookies,
22 POST data and Queries to work properly.
23
24 ** Changes from 0.0.3 to 0.0.4 - 30/09/2002
25 * Added support for If-Range, If-Match, If-None-Match HTTP/1.1 header
26 fields. The server also generates ETag headers for static content using
27 the last modified field of the file, and the file size. This makes
28 Hydra cache friendly.
29 * Added support for multiple HIC threads. This gives a boost to script generation
30 since they are no longer generated sequentially.
31
32 ** Changes from 0.0.2 to 0.0.3 - 28/09/2002
33 * Added support for dynamic modules that handle CGIs
34 internally (HIC). That way Hydra can run PHP.
35 * Fixes in CGI execution. CGIs that are not passed from aliasing
36 functions now properly set PATH_INFO and PATH_TRANSLATED.
37 (Needs further cleanup).
38 * Cleaned up SSL support. Now hydra can be compiled even if gnutls
39 is not available.
40
41 ** Changes from Boa/0.94.13 to Hydra/0.0.2 - 26/09/2002
42 * Added support for SSL 3.0 and TLS 1.0 protocols.
43 * Added support for multiple CPU's by making the server
44 run over a pool of threads.
45 * Changed the file caching code. The mmap() calls are cached until
46 the mmap list table is full.
47 * Added support for HTTP/1.1 ranges.
48 * Added support for hostname based virtual hosting.
49 Also changed the semantics of Alias, ScriptAlias and Redirect, to
50 take advantage of the host based virtual hosting.
51 * Added support for the TCP_CORK tcp option in linux.
52 * Cleaned up the CGI handling (gunzip, indexer are treated as CGIs)
53 * Enhanced grammar to handle 3 and 4 argument options.
54 * Added support for multiple directory indexes.
55 * Dropped support for gunzip.
56 * Use automake to create the distribution.
57
58 ** Changes from 0.94.12 to 0.94.13
59 * Change many instances of log_error_mesg + exit to DIE macro
60 * Change all instance of log_error_mesg (without exit) to WARN macro
61 * do a much better job of checking return values from malloc and
62 especially strdup.
63 * check results of calling umask and getrlimit
64 * server_s is no longer a global int
65 * check results of fork via switch instead of if (fork())
66 * check for getopt.h and include it if found
67 * remove unused #defines, and add WARN macro, and replace
68 many calls to log_error_mesg(..) with WARN macro
69 * fix bug in get_commonlog_time where time_offset calculation was
70 the opposite of what it should be ('-' and '+' were swapped)
71 * fix compatability bug with old and newer versions of flex/yacc
72 * add check for AC_FUNC_MMAP to configure.in
73 * fix really lame thinko in normalize_path, which would prepend the
74 results of earlier calls to results from later calls
75 * Add MaxConnections, a configuration directive which allows the
76 user to specify the maximum number of connections that Boa will
77 accept concurrently.
78 * add SERVER_ADDR and REQUEST_URI to environment of CGI
79 * handle SIGBUS during writes of data that has been memory mapped
80 * minor optimization in select.c that prevents DEAD requests from
81 being added to the block set
82 * fix bug in CGI environment script_name - closes sf.net bug #576725
83 * make 'status' variable local to requests.c, not local to every file
84 by forgetting to declare 'extern' in globals.h :-|
85 * make getsockname non-fatal, and do it every time because we may
86 need it for the CGI
87 * some minor refactoring optimizations in hash.c
88
89 ** Changes from 0.94.11 to 0.94.12
90 * Renamed Changelog ChangeLog, and moved up to top-level directory
91 * Next 3 items due in part or whole thanks to
92 Liam Widdowson
93 * when printf'ing a pid type, force to int, because it could be
94 something else on other platforms. Should probably change it to
95 a long, and use that.
96 * backported chroot commandline support from 0.95
97 * backported support for strdup, strstr, alphasort, and scandir
98 from 0.95
99 * Fixed src/Makefile.in -- it didn't remove index_dir.o
100 * backport create_temporary_file from 0.95
101 (instead of using tmpnam)
102 * Allow non-standard date format 31 September 2000 23:59:59 GMT
103 Patch by Landon Curt Noll
104 * Skip whitespace before HTTP/major.minor
105 Adapted patch from Landon Curt Noll
106 * open /dev/null first thing (affects chrooting)
107 * properly handle sigalrm -- use sigalrm_flag and sigalrm_run
108 instead of handling the signal in the signal handler
109 * update manpage slightly
110 * send 400 BAD Request when resource does not start with '/'
111 * add grp.h to boa.h's includes -- remove from boa.c and config.c
112 * removed duplicate header includes from boa.c, config.c, get.c,
113 ip.c, request.c, response.c
114 * factor out creating the server socket and dropping privs
115 into create_server_socket and drop_privs
116 * type all functions in boa.c (except main) as static
117 * set umask after opening /dev/null
118 * tie stdin/stdout to /dev/null before commandline parse
119 * removed old, unused chroot code
120 * move builds_needs_escape earlier in the startup
121 * move fork later in the startup
122 * type all c_set_* as static in config.c
123 * don't bother trying to change uid/gid (or error if the
124 requested uid/gid doesn't exist) if not UID 0
125 * return more appropriate error code when foo.html gives
126 access denied, but foo.html.gz gives some other error
127 (essentially report error associated with foo.html, not foo.html.gz)
128 * send NOT Implemented when an unknown method is attempted
129 * always attempt a 32k read right before close
130 (stopgap until blackhole can be merged)
131 * allow more than 1 space in logline between method, resource,
132 and http version
133 * don't use inline functions
134 * update configure.in so that autoconf 2.50 doesn't complain (as much)
135 * properly use VPATH and srcdir according to autoconf docs
136 * change curly-braces to parentheses in Makefilein
137 * use $^ instead of manually listing the dependencies in Makefile.in
138 * remove tests section in Makefile.in
139 * write tags not TAGS in Makefile.in
140 * Add gethostbyname and inet_aton to function checks
141 * Add code from 0.95 which checks for socket in -lsocket,
142 inet_aton in -lresolv, and gethost{by}name in -lnsl
143 * Also remove broken bc-based "how big is an unsigned int" checks:
144 assume minimum of 32 bits and check in escape.c at runtime.
145 * Added new file: README.chroot.solaris, based on a
146 modified version by Liam Widdowson
147 * Add check_struct_for.m4, which allows us to check a structure
148 for a member (found at http://www.gnu.org/software/ac-archive/
149 authored by Wes Hardaker
150 * Call "aclocal -I ." to rebuild aclocal.m4
151 * Using new check-struct-for-member autoconf macro, check
152 for tm_gmtoff and tm_zone in struct tm -- useful in
153 portability tests for localtime.
154 * Also check sockaddr_in for structure sin_len so we can set
155 it properly.
156 * index_dir.c (which ends up in boa_indexer) can now be compiled
157 with USE_LOCALTIME, and if so, it will report the local time
158 using the timezone name. Otherwise it uses UTC time and UTC
159 timezone designation.
160 * fix buglet in mmap_cache.c which shows up when under
161 heavy load by many different files.
162 Found and squashed by Michal Kara
163 * normalize paths on Aliases, log files, server root, dirmaker
164 This makes sure that paths are 'absolute'
165 * don't generate DOCUMENT_ROOT or SERVER_ROOT,
166 CGIs have no business knowing that information
167 * if CGI, chdir to the cgi's root path
168 Bug found by Matt Callaway
169 * remove ChrootPath and PidFile directives from the parser
170 (they aren't used anyway)
171 * keep track of maximum file descriptor in use to optimize call
172 to select()
173 * apply IPv6 patch from Jari Korva
174 * optimize keep-alive copy data routine
175 * try to use memcpy instead of strcpy/strcat in more places (alias.c)
176 * update .depend file
177 * use fcntl + GET_FL to get a file descriptor's flags, then
178 add or remove only the bits we want to set. This prevents
179 accidentally setting or unsettings bits we don't have anything
180 to do with inadvertantly. (removed, at least temporarily.
181 Show me a system where it is needed -- LRD)
182 * make sure to call FD_ZERO when we handle a restart
183 * in read.c, don't call boa_perror on read failure -- socket is
184 dead or messed up anyway, no reason to try to write to it.
185 * explicit .SUFFIXES in Makefile.in
186 * boa.objdump target added
187 * use @MAKE_SET@ (for when $(MAKE) != "make")
188 * add -Wundef -Wwrite-strings -Wredundant-decls -Winline to GCC_FLAGS
189 * change Paul Phillips' and Larry Doolittle's emails in source
190 * add --disable-debug, --enable-profile, --with-dmalloc, and --with-efence
191 * test for failed-but-return-was-successful setuid:
192 http://www.securityfocus.com/bid/1322
193 * use _exit not exit in CGI child
194 * always place new keepalive request on blocked list, we can't be
195 sure of the state of the active list, and since enqueue places
196 things at the *front* of the list, it doesn't do us much good
197 to place the new request on the active list anyway.
198 * update some Copyright statements for 2002
199 * When comparing the uri to an alias, only compare if
200 the uri length is greater than or equal to the length of the alias
201 * in init_script_alias, make sure to check for document_root before
202 trying to use it
203 * script_name is now just a copy of the request, rather
204 than some complicated variation on the pathname
205 * change the way the CGI environment is handled.
206 Now, it is allocated at request allocation time, and exists
207 throughout the life of the structure.
208 * check memory allocations, etc.. when creating the static
209 CGI environment and when making new CGI environment variables
210 * wait until process_option_end to call unescape_uri, clean_pathname,
211 and translate_uri
212 * remove debian package information
213 * move RedHat packaging information to contrib
214 * remove tests -- they weren't usable anyway
215 * add some new hash routines, and use djb2 (a variant on a
216 hash algorithm popularized by Dan J. Bernstein)
217 * a side-effect of the new hash routines is a bugfix,
218 involving negative return values from hash routines.
219 This has been fixed.
220 * add a routine, show_hash_stats, which is called with other
221 statistical output via sigalarm
222 * remove some duplicate prototypes from config.c
223 * make simple_itoa take an unsigned int
224 * try to make NOBLOCK handling in compat.h compatible with Solaris
225 * make sure to update current_time before calling signal handlers
226 * alter primary loop to make sure that select gets called even
227 when there are requests that are not blocking, and call fdset_update
228 and process_requests (when appropriate) after signal handlers but
229 before select to make sure that blocked requests are still handled
230 by select after a sighup. (Thanks to Karl Olsen)
231 * pull select loop into select.c
232 * poll server socket once per active connection
233 * add send_r_service_unavailable and use it when appropriate
234 * state uptime in seconds at normal program termination
235 * include sys/fcntl.h if it is found by configure
236 * fix POST bug where a content-length < 0 would cause Boa to
237 consume its full share of CPU until killed
238 Bug report by Landon Curt Noll
239 * add CGIPath configuration variable
240 based upon a patch by Landon Curt Noll
241 * add function boa_atoi, which wraps atoi, but does not
242 accept negative values. Additionally, it checks to make sure
243 the converted value and the original value are the same, avoiding
244 issues like "124.3" -> "123" and "123abc" -=> "123".
245 Either a value is an int or it isn't - no middle ground.
246 * use boa_atoi to convert content-length from client.
247 * add new #define - SINGLE_POST_LIMIT_DEFAULT, which defines
248 (in bytes) the *default* single_post_limit.
249 * single_post_limit is now in bytes.
250 * when adding aliases, only "normalize" paths that start
251 with "./" - this is a departure from previous behavior
252 * add "?" to the list of characters that it is safe to leave unescaped
253 * clean up Makefile.in of no-longer-pertinent comments
254 * add send_r_bad_gateway and use it
255 * tie stderr to either cgi_log_fd or devnullfd - either way
256 make sure stderr is a valid filehandle before cgi execution
257 * cgi_env is no longer allocated, it's part of the struct now
258 * fix bug in CgiPath logic
259 * when unable to allocate memory for an environment variable, log it
260 * add clear_common_env, which de-allocates the cgi_common_env stuff
261 [NEVER USE THIS outside of a terminal signal handler!]
262 * don't be so wasteful of memory in normalize_path
263 * adapted fix for alias expansion from Brieuc Jeunhomme
264
265 ** Changes from 0.94.10.1 to 0.94.11
266 * use LIBS in Makefile.in (which propagates from autoconf)
267 * properly free memory allocated by scandir in index_dir.c
268 * rearrange some header files and includes
269 * on reads and writes, don't check for -1, check for < 0
270 * include fix by William Meadows
271 for escape.c which fixes segfaults due to improper allocation
272 * above fix by William Meadows no longer needed;
273 escape.c and escape.h rewritten by Larry Doolittle -- requires
274 at least 32 bit words, but is correct (jdn's 1st attempt was faulty)
275
276 ** Changes from 0.94.10 to 0.94.10.1
277 * Actually update the SERVER_VERSION in src/defines.h
278
279 ** Changes from 0.94.9 to 0.94.10
280 * Fixes escaping rules
281 * Fixes segfault when directory_index is undefined and
282 directory needs to be generated
283 * adds dummy signal handlers for SIGUSR1 and SIGUSR2 (Closes SF #425921)
284 * Update documentation regarding mime.types (Closes Debian #69991)
285 * Make sure documentation builds (Closes Debian #110818)
286
287 ** Changes from 0.94.8.3 to 0.94.9
288 * src/Makefile.in updated to take CFLAGS, LIBS, and LDFLAGS
289 from autoconf
290 * Update escaping rules with latest RFC
291 * unescape_uri skips fragments and also stop parsing at '?'
292 * Don't accept fd over FD_SETSIZE in request.c:get_request
293 * use backported documentation from 0.95
294 * make sure POST fd gets closed even on client cancel
295 * use backported index_dir.c from 0.95
296 * support subdirectories in ScriptAlias directories
297 * add SinglePostLimit (int, in Kilobytes) to config system
298 * check for ENOSPC on body write
299 * use environment variable TMP (or "/tmp" if not available),
300 and chdir there when boa exits.
301 * add 1-time-only hack to make a 32kB read at the end of a request
302 on POST or PUT
303 * close unused file descriptors (/dev/null in boa.c, and the
304 unused part of the pipes call in cgi.c)
305 * made Makefile.in VPATH happy
306
307 ** Changes from 0.94.8.2 to 0.94.8.3
308 * Move unescape_uri *before* clean_pathname to prevent
309 encoding of / and .. in pathname
310 * wrap execution of GUNZIP in cgi.c with #ifdef GUNZIP
311 * stop parsing when fragment found in URL ('#')
312
313 ** Changes from 0.94.8.1 to 0.94.8.2
314 * close pipes[1] in child and generate HTTP_REFERER environment
315 variable in cgi.c
316 * Minor changes to the Debian package
317
318 ** Changes from 0.94.8 to 0.94.8.1
319 * Change umask call from (umask(0600)) to (umask(~0600))
320
321 ** Changes from 0.94.7 to 0.94.8
322 * Fix major thinko in temp file permissions
323 * unlink temporary file immediately following creation
324 * implement maximum # of active connections at 10 less than RLIMIT_NOFILE
325 to avoid or eliminate crashes resulting from running out of
326 file descriptors
327 * Fix thinko in POST
328
329 ** Changes from 0.94.6 to 0.94.7
330 * STDIN and STDOUT are now tied to /dev/null
331 * sets PATH_MAX to 2048 if not defined (for Hurd)
332 * core dumps (should never happen) would be located in /tmp
333 * alter behavior when select gets a EBADF
334 * add translation for the \" char -> &quot;
335 * remove use of sys_errlist. Use perror.
336 * better makedist.sh (still a stupid program though)
337
338 ** Changes from 0.94.5 to 0.94.6
339 * Removed doc++ commenting
340 * Removed erroneous debugging statments
341 * Move some stuff out of config.c (read_config_file) to boa.c
342 * Altered some of fixup_server_root()
343 * Bug fix in get.c re: automatic gunzip
344 * Added some stubs for chroot code (*not* ready yet)
345
346 ** Changes from 0.94.4 to 0.94.5
347 * Alteration of most of the comments and such for doc++ use
348 * Fixed buffer overflow in alias.c
349 * Fixed buffer underflow in util.c
350
351 ** Changes from 0.94.3 to 0.94.4
352 * Better escaping of data to user, both for HTTP headers and HTML body
353 * Proper escaping of output in CGI example perl scripts
354
355 ** Changes from 0.94.0 to 0.94.2
356 * Fixed obnoxious pipeline bug
357 * Fixed (sorta) a compilation/core bug for *BSD systems
358 Original code by Thomas Neumann
359 * Moved to GPLv2
360 * Changed manpage to section 8
361 * boa.sgml now references a .png file instead of evil .gif
362
363 ** Changes from 0.93.19.2 to 0.94.0
364 * Added UseGMT to the configuration parser
365 * util.c commonlog now logs in Apache-style commonlog time format
366 * Remove SO_SNDBUF on-start message
367
368 ** Changes from 0.93.19 to 0.93.19.2
369 * Changed to combined log (from NCSA access_log format) ala Drew Streib
370 * Altered POST cgi code to handle bug in Netscape
371 * SO_SNDBUF changes by Larry
372
373 ** Changes from 0.93.17.2 to 0.93.19 (all 0.93.18.x changes inclusive)
374 * Update of some copyright statements for 99
375 * Replacement of sprintf with strlen/memcpy or strcpy/strcat
376 wherever possible
377 * Significant rearrangement in alias.c, minor functional differences
378 (some CGI environment variables handled differently)
379 * Removal of die function. Replace with log_err_mesg and exit.
380 * initial IPv6 stubs and support
381 * Move #include "config.h" to top of boa.h where it will do some good
382 * Stubs and functions for strstr and strdup
383 * Seperation of buffer code into it's own file
384 * Significant changes to cgi.c et al (cgi_header.c, etc...)
385 * Speed patches by removal of "extra" calls to time(): Use global variable!
386 * pipelining changes... it works now.
387 * require content-length from clients (ala rfc1945)
388 * alter body_read and body_write to work more efficiently with known content-length
389 * move read(2) part to *after* parsing...
390 * added support for additional header message in send_redirect_temp
391 * change use of NO_ZERO_FILL_LENGTH to offsetof() use
392 * Remove SO_REUSEADDR setting on each client socket, Paul Saab
393 * Avoid SO_SNDBUF setting if possible
394 * Large quantities of otherwise not-insignificant changes
395
396 ** Changes from 0.93.17.2 to 0.93.17.3
397 * Put on-the-fly directories back in, stripped down from the 0.92 version
398 * Fixed DocumentRoot, ServerAdmin and ServerName null-value handling in
399 CGI environment generation
400 * Fixed argument order in Script* directives (bug introduced in 0.93.17.2)
401 * Got rid of MAX_CGI_VARS because it was not being used consistently, or
402 for that matter, at all, really.
403 * Added some more FASCIST_LOGGING to cgi.c
404 * Minor mmap patch by LRD for request.c
405
406 ** Changes from 0.93.17.1 to 0.93.17.2
407 * Added "Listen" directive for server bind address, as most recently
408 suggested by David N. Welton
409 * Put virtualhost feature in, was experimental in 0.92q
410
411 ** Changes from 0.93.16.2 to 0.93.17.1
412 * New config file parser (supposed to be more maintainable) (LRD)
413 * Support for "|command" and ":host:port" syntax for logfiles (untested) (LRD)
414
415 ** Changes for the 0.93 version **
416 * Huge quantities of changes
417 * keepalive Bugfix in 0.93.16.2 by Jon Nelson
418 report by Craig Silverstein of Google fame.
419 * patch for config.h by Craig Silverstein
420 * fixed "Parent Directory" problem in boa_indexer for title "/"
421 (Debian bug #36165)
422 * More Craig Silverstein
423 modifications, namely:
424 ErrorLog (if omitted, print to stderr)
425 DocumentRoot (if omitted, can only server user-dir files)
426 DirectoryIndex (if omitted, always use DirectoryMaker)
427 MimeTypes (if omitted, don't load -- users can use AddType instead)
428
429
430 ** Changes from v0.92o to v0.92p **
431
432 * Documented misbehavior of CGI, SIGHUP, short aliases, stale dircache.
433 * Documented how to patch signals.c for use on SunOS.
434 * Closed file descriptor leak when redirecting a bare directory URL to
435 one with an appended "/".
436 * Closed potential file descriptor leak if errors encountered generating
437 on-the-fly index.
438 * Cleaned up include file handling to be simultaneously compatible with
439 Linux, SunOS, HP-UX, and AIX.
440 * Supress message body for codes 302, 400, 403, 404, 500, and 501 if
441 incoming request is "HEAD".
442
443 ** Changes from v0.91 to v0.92o **
444 (0.92o released 27 December, 1996)
445
446 * Maintenance handover from Paul Phillips to Larry Doolittle
447 * Changed (char)NULL to '\0'
448 * Cleaned up signal handler prototypes in signals.c
449 * Modified handling of CGI environment variable PATH_TRANSLATED,
450 should now work the same as NCSA.
451 * More conservative buffer size in add_cgi_env()
452 * Build argv list for a CGI script according to spec
453 * Speedup process_header_line, eliminate potential memory leak
454 * Occasional spelling fixes and lint removal
455 * Added REMOTE_PORT env var for CGI scripts, to allow easy ident lookups
456 * Changed rfc822 time format
457 * Log timeouts and broken connections
458 * Fix mime suffix handling for filenames with multiple "."s
459 * Initialize conn->time_last, fixes bug with rapid-fire connections
460 * Performance tweak to req_write()
461 * Changed http_version from float to char[8]
462 * Rewrote on-the-fly directory generation; it works now
463 * Added user configurable dircache directory in boa.conf
464 * Fixed "simple" response bugs, including incorrect CGI handling
465 * Keepalive (HTTP/1.1 draft) support, mostly by Jon Nelson
466 * Close data_fd in 304 Not Modified flow of control
467 * Switch socket flags to non-blocking before cgi handoff
468 * Try to handle errno properly in the face of multiple errors
469 * Close fd's of all other transactions before cgi handoff
470 * Move real work for sighup and sigchld out of signal handler
471 * Fix free(req->cgi_env) in request.c
472 * Response message cleanup - better match to HTML-2.0 DTD
473 * Experimental Virtual Host code from Russ Nelson
474 * Expand buffer for escaped URI in init_get()
475 * SIGTERM triggers lame duck mode until all pending transactions complete
476 * Close and unlink temp file for POST in parent process
477
478 ** Changes from v0.90 to v0.91 **
479
480 * Cleaned up main while loop
481 * Optimized request line parsing
482 * Added state machine for header reads -- necessary to deal wtih
483 possibility of obtaining header data in multiple reads. This
484 also allows interactive use of server.
485 * Added 500/501 return codes for various conditions
486
487 ** v0.90 **
488
489 * Initial release
490

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26