~hww3/caudium

ref: 93d5a75fba08db71b832716377276978cdd7888d caudium/CHANGES -rw-r--r-- 19.4 KiB
93d5a75fWilliam Welliver storage: method "None" was missing stop function. should fix error on shutdown 1 year, 11 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
Changes in Caudium 1.5.1 since Caudium 1.4.1
---------------------------------------------
- Decoded queries with empty variables should now use properly decoded
   names for those variables.
  (Bill Welliver)
- Fix bugs in cimg, business_graphics, auth_sqluserdb identified when
   running under Pike 8.0
  (Bill Welliver)
- Fix prestate bug in 123sessions
  (Bill Welliver)
- SMF (illumos/Solaris) support
  (Bill Welliver)
- MD5 passwords verify correctly using auth_sqldb
  (Bill Welliver)
- Caudium works with Pike 8.0
  (Bill Welliver)
- SSL should play more nicely with streaming responses whose data isn't
   immediately available (such as CGI).
  (Bill Weliver)
- Added some "new" content types.
  (Bill Welliver)
- Un-harcoded cookie expiration time.
  (Closes Google issue #11)
  (Bertrand LUPART)
- Impliment an additional ABS check that should catch blocked servers
   while running in threaded mode that traditional ABS would not detect.
  (Bill Welliver)
- Better handling of AJP containers that don't keep track of POST data 
   they've already received, as well as better indications of situations 
   where a POST size limitation has occurred.
  (Bill Welliver)
- Fix a bug that causes Request_Id->site_id to not be updated when using
   ip-less virtual hosting. Should fix odd behavior problems when using
   try_get_file(), such as <insert file> and many other situations.
  (Bill Welliver)
- Removed a number of unsupported modules:
    ultralog
    proxies/ftpgateway
    proxies/connect
    perl
    unfinishedmodules
   (Bill Welliver)
- Response generation and sending for HTTP and SSL protocols have been
   consolidated, resulting in (hopefully) much more consistent results
  (Bill Welliver)
- Add support for not URL encoding requests when using AJP. This should 
   allow AJP to work better for containers that expec this (newer 
   Tomcats, flup on Python, etc)
  (Bill Welliver)
- Add checks to prevent a user from deleting the Configuration Interface
   virtual server (a config named "ConfigurationInterface") from within 
   the CIF.
  (Bill Welliver)
- Fixes for running Caudium using Pike 7.8
  (Bill Welliver)
- Added --dtruss support (MacOS X 10.5)
  (Bertrand LUPART)
- Fixed a bug in gtext that would try to parse the empty tag (<>) if list of
  tags to get colors from was left empty in the CIF. This used to break
  javascript code.
  (Closes Google issue #4)
  (Bertrand LUPART and Bill Welliver)
- Make the watchdog more verbose in case it has to kick in in GET mode.
  (Bertrand LUPART)
- CIF documentation about module priorities made more clear.
  Reversed order of the select list: highest priority now on top.
  (Bertrand LUPART and Benjamin GANDON)
- Caudium now display the error code and message when it can't talk to the
  watchdog.
  (Bertrand LUPART)
- Caudium RC script now display Caudium startup error if any and just tell if
  startup failed.
  (Bertrand LUPART) 
- Redirects from 123session module should mangle the original URL less
  when browsing without cookies.
  (Bill Welliver with Dave Walton)
- Caudium modules now use pike -x module for building.
  (Bill Welliver)
- Caudium.HTTP.set_cookie() added for setting a cookie to the browser.
  <set_cookie> now use it.
  (Bertrand LUPART)
- Caudium.sexpr_eval("10 + 1") and Caudium.sexpr_eval("1+1") now produce the
  expected result.
  (Closes Google issue #2)
  (Bertrand LUPART)
- install app should get proper executable permissions
  (Bill Welliver)
- install app starts caudium in --once mode, which is more friendly if 
  there's a problem starting up.
  (Bill Welliver)
- configvar is no more (script is in bin but is non-working)
  (Bill Welliver)
- Proxies: Relay module (relay2.pike) now passes X-Forwarded-For
  header to destination.
  (Bill Welliver)
- Added new upgrade support system. Allows multiple installation or 
  virtual server upgrade tasks to be performed per version.
  (Bill Welliver)
- Fixed encoding generated by  _Caudium.*_encode_mapping() and 
  _Caudium._make_container_attributes().
  (Bill Welliver) 
- Fixed _Caudium.http_encode_url test (we were testing behavior that wasn't 
  documented and may be undesirable)
  (Bill Welliver)
- Only consider specified pike when using --with-pike rather than also 
  checking a list of possible pike locations.
  (Bill Welliver and Martin Baehr)
- Added --with-any-pike-version to disable standard version compatibility
  (Bill Welliver and Martin Baehr)
- file_stat() is now just standard Pike (returns Stdio.Stat object)
  rather than an array.
  (Bill Welliver)
- Xenofarm builds can be modified using:
  CONFIGURE_ARGS (already present)
  MAKE_ARGS (just added)
  These arguments can be passed on the action line in your xenofarm  
  project cfg file.
  (Bill Welliver)
- Data returned from a scope entity will be cast to a string, allowing
  potentially mixed datasets to be returned for use by emit and friends.
  (Bill Welliver)
- New demo certificate with extended expiration date.
  (Henrik Andreasson)
- Fixed some rimage plugins with wrong Colors.parse_color() calls.
  (Bertrand LUPART)
- Fixed a bug in rimage.pike than prevented plugins to be loaded.
  Available modules and currently loaded modules are now shown in module status.
  (Bertrand LUPART)
- Avoid a backtrace when <cimg> is called without src atrribute.
  (Bertrand LUPART)
- Using <insert file="foo.php"> and setting up Uniscript to parse RXML in PHP's
  result won't freeze your server anymore.
  This feature should be still discussed.
  (Bertrand LUPART)
- PATH_INFO how allows to pass variables into URL like:
  http://domain.tld/file.html/foo=bar/baz=gazonk
  Those are stored into id->misc->path_info_variables and
  id->misc->path_info_variables id->misc->path_info_empty_variables
  (Bertrand LUPART)
- Added CAUDIUM_SITE_ID environment variables for being able to get it 
  from external scripts.
  (Bertrand LUPART)
- Added RequestID()->get_canonical_url(), which should be used
    by any code attempting to determine the "official" url of the 
    current virtual server.
    (Bill Welliver)
- Fix for using domain cookies with 123session and ports that are non-
   standard (ie other than 80 and 443).
   (Bill Welliver)
- Fix XML encoding of strings in _Caudium.xml_encode_mapping and friends.
    (Bill Welliver with Bertrand LUPART)
- Add missing characters to HTML encoding list.
    (Bill Welliver with Bertrand LUPART)
- Fix CGI processing for POSTs when running under Shuffler.
    (Bill Welliver)
- Testing out a new cache expiration technique that doesn't involve
    large amounts of I/O. This should reduce occurances of runaway
    cache expiration as well as file descriptor shortages.
    (Bill Welliver)
- Error Log tab now only stores the most recent 250 items. This should 
   prevent a source of constantly growing memory usage.
   (Bill Welliver)
- New option --with-pike-module in start-caudium allows to specify some more
  Pike modules to load at start time.
   (Bertrand LUPART)
- Added randomization to cache and storage jobs to prevent surges.
    (Bill Welliver)
- We now store cache item sizes, which should reduce fd usage and
    improve startup times.
    (Bill Welliver)
- Removed a double read on cache items, which should improve performance.
    (Bill Welliver)
- Cache tuning to prevent runaway cache expiration.
    (Bill Welliver)
- Default maximum POST size is now 5MB for new virtual servers.
    (Bill Welliver)
- An error 413 is returned for requests crossing the maximum POST size,
    even though it may be interpreted as a "premature close".
    (Bill Welliver)
- Config interface variables pertaining to cache storage engine now use
    SQL instead of MySQL.
    (Bill Welliver)
- Storage.Methods.MySQL is now Storage.Methods.SQL in honor of its newly 
    found cross-databasiness, which includes support for SQLite.
    (Bill Welliver)
- User listing toggle in User Filesystem works more properly.
    (Bill Welliver)
- Fixes for authentication providers that don't support user listings
    (Bill Welliver)
- Added a "null" slow storage backend for cache.
    (Bill Welliver)
- Fix color selector for wizards.
    (Bill Welliver)
- Make running with Shuffler the default.
    (Bill Welliver)
- Rework the module add page to make it load faster and look better.
    (Bill Welliver)
- Reverting to Pike language prestate parser; disable use of "internal" 
    prestates.
    (Bill Welliver)
- CIF pages using the wizard form now sport a unique identifier in the request
  so that the page is still up to date, even with browsers that caches a lot.
   (Bertrand LUPART)
- The CIF can now show if the server is running with Shuffler or nbio.
   (Bertrand LUPART)
- Fixed a bug where empty variables passed in the URL would totally mess up the
  other variables and empty variables in the request id object.
   (Bertrand LUPART)
- Client certificate request support added. We can specify a set of issuers
    and a root authority chain. We still need a module to equate the client
    certificate with a user.
    (Bill Welliver)
- Multi-User aware configuration interface.

  User authentication is handled by the standard Caudium authentication 
  system using authentication providers configured in the "Configuration
  Interface" virtual server. A new authentication provider is available,
  called "Authentication Provider: Configuration Interface" that knows
  about 1 user. A user configured using this provider will be a "superuser",
  with rights to do anything in the server. More than 1 superuser can be 
  defined by adding additional "Authentication Provider: Configuration 
  Interface" modules to the Configuration Interface virtual server.

  You can also set up other auth providers that provide non-superusers 
  (users whose user info mapping has no "superuser" element. These users 
  can access the configuration interface in read-only mode, and can only 
  access those configurations which they have been granted access using 
  Configuration->yourVirtualServer->Server Variables->Admin Users.

  Non-superusers do NOT have permission to change anything in their 
  virtual server's "Server Variables" section. This is to prevent folks 
  from fiddling with ports and so on.

  Functions reserved for superusers:

  restart, shutdown, delete virtual server, new virtual server, changing 
  global variables and virtual server "server variables".

  config interface actions need to be made "multi-user" aware by checking for:

  id->misc->read_only (a non-super user acting on a server config node)
  id->misc->cif_superuser (a superuser who should be able to do anything)

  Things that need to be done:

  1. provide an upgrade mechanism
  2. perhaps allow groups to be specified in a given configuration
  3. protect any necessary cif actions (wizards)
  4. ponder the situation surrounding "save" (ie, it's a global save in the CIF)

    (Bill Welliver)
- Configuration Interface is now a regular virtual server.
    (Bill Welliver)
- Added PAM Authentication provider; requires System.PAM module.
    (Bill Welliver)
- Requests on the same 1st level virtual host can now be splitted into
  different logfiles given the virtual host domain used in the HTTP request.
    (Bertrand LUPART / Olivier CHENEL)
- <scut cut_on_whites="1"></scut> ask scut to only cut on whitespaces. The
  goal is not to cut words.
  The module can be configured to do this by default in the CIF.
  Not enabled by default for backward compatibility.
    (Bertrand LUPART)
- <scut htmlencode="1"></scut> won't encode string in HTML. Volontary not
  documented on the user side, since that's not percieved as a good practice.
  See scut.pike source code for enabling this.
    (Bertrand LUPART)
- Fix to destroy file objects after the request is sent when using shuffler.
  This should fix a problem with running out of file descriptors. Also, a 
  patch was applied to Pike 7.6 CVS to fix a crash caused by using shuffler.
    (Bill Welliver)
- <cimg> now append the original image filename to the internal path, so that
  the webcrawlers can still index a <cimg> processed image.
    (Bertrand LUPART)
- The CIF can now show the system limits set for Caudium.
  See http://bertrand.gotpike.org/space/start/2006-02-27/1 for more
  informations.
    (Bertrand LUPART)
- Fixed cgi when USE_SHUFFLER is used.
    (Bill Welliver)
- Added quiet option to EMIT SQL, so that sql backtraces don't get
  sent to the browser.
    (Bill Welliver)
- Added quoting capabilities to EMIT, so that you can do &foo.bar:mysql;
  to get your entity replacements properly quoted.
    (Bill Welliver)
- 123sessions: added force_include_urls to be able to specify urls you 
  wish to trigger a redirect to include the session identifier. if left 
  empty, normal behavior is used. this augments include_urls and exclude 
  urls, which are used to specify url subtrees where session processing 
  is either performed or not performed.
    (Bill Welliver)
- Fixed a few leaks in Caudium.make_tag_attributes() and encode_mapping()
   and optimized them a bit, which should plug a fast growing leak when
   using <define>
    (Bill Welliver)
- Added --with-shuffler and --shuffler options for running with
   Pike Shuffler 
    (Bertrand LUPART)
- Fixed a bug where some CGI/uniscript pages where not fully displayed to the
   client. See http://bertrand.gotpike.org/space/start/2006-02-15/1 for more 
   informations.
   (Bertrand LUPART)
- Fixed a Virtual Host Matcher bug where the port number was not properly 
   identified from the hostname.
   (Bernd Shoeller)
- Fixed some Caudium.nbio code that where still used in socket.pike
   (Xavier Beaudouin)
- Properly decode UTF-8 requests that have been HTTP encoded.
   (Bill Welliver)
- Fix for the 2GB file limit in Caudium.nbio, which should allow
   big files to be transmitted now.
   (Bill Welliver)
- Fix in protocols/http that inadvertantly caused modules using
   HTTP.pipe_in_progress() to drop the connection with the client.
   In particular, this should fix problems in proxy modules,
   but other modules may see an impact as well.
   (Bill Welliver)
- Streaming mode now works in HTTP Relay Module.
   (Bill Welliver)
- Added support for Bonjour Advertisement of virtual servers. 
   Available under Virtual Server Global Variables. Uses either
   the virtual server config name, or the "virtual server name" 
   setting under Global Variables (click on "More Options to 
   show this option.) Available when Pike is compiled with
   DNS_SD support, available on MacOSX/Darwin and systems with
   Howl installed.
   (Bill Welliver)
- Added new showcolumns argument for <sqltable> (Caudium bug id #19, patch
  by Hex).
   (Xavier Beaudouin)
- Fixed errors in russian translations (Caudium bug id #18)
   (Xavier Beaudouin)
- Fixed _Caudium C module to compile with a non threaded Pike.
   (Xavier Beaudouin / Michel Luczak) 
- FastCGI module automatically kills any FastCGIs it created when 
   the module stops. This should eliminate "stranded" FCGIs.
   (Bill Welliver)
- Fixes for <user> tag when working with new authentication system.
   (Bill Welliver)
- Group functionality can be disabled in SQL Authentication Provider
   (Bill Welliver)
- Added vhs_syslogger module to log using Syslog to local or distant host
   (Xavier Beaudouin)
- Fixed bug #17 (ultralog not working on 1.5)
   (Xavier Beaudouin)
- Fixed syslog to work as it is advertized on CIF
   (Xavier Beaudouin)
- Fixed emit->maxrows and emit->skiprows
   (Bill Welliver)
- Added emit->sort_function and emit->sort_key to sort query results
   Example usage: sort_function="Array.oid_sort_func" sort_key="version"
   where sort_function is the name of a function compatible with 
   Array.sort_array, and sort_key is the name of a field in the resultset 
   to sort by.
   (Bill Welliver)
- Backported VHS SQLogger from 1.2. Same warnings as for 1.4 branch....
   (Xavier Beaudouin)
- Fixed bug #11
   (Xavier Beaudouin)
- Because of changes in Pike 7.6.24+ that have been not compatible with
  it self, we requires now 7.6.24 now.
   (Xavier Beaudouin)
- Fix installation script that has been stop to work with pike 7.6.24+
   (Xavier Beaudouin)
- Add Index redirect files option that allow people that use L7 load balancers
  to redirect to files that have been specified instead of listing the
  directory.
   (Xavier Beaudouin)
- Fix error on vhs_dirparser when there is no files on directory and that
  option "show dot files" is set to no
   (Xavier Beaudouin)
- The watchdog now really take care of the port configuration for each virtual
  server instead of guessing it from the server URI. As a consequence, the
  watchdog can now check multiple HTTP ports for a virtual server.
  Checks are made on the protocol used as well as on the binded interface
  before adding a new virtual server/port to the watch list.
  This fixes a bug where the watchdog would restart Caudium ever and ever on a
  fresh install until some virtual server binds to the port 80.
   (Bertrand LUPART)
- Fixed a watchdog backtrace on fresh install when there are no virtual server
  set up in the CIF, yet.
   (Bertrand LUPART)
- Starting Caudium with --gdb now turns the watchdog off.
   (Bertrand LUPART)
- Some work on accessed-sql:
  - now 2nd level virtual hosting safe
	- fix for a first loading bug that required to restart Caudium
	- now possible to use <counter add="0"> for not incrementing the counter
   (Bertrand LUPART)
- _Caudium.getip() call to get interfaces names and ips for *BSD flavors.
   (Xavier Beaudouin)
- <if> no longer evaluates true if using the "element is value" syntax and the
  element is not present.
   (Bill Welliver)
- Fixed a backtrace during load of the WebApp module.
   (Bill Welliver)
- Watchdog debug can be enabled using --watchdog-debug
   (Bertrand Lupart)
- If set using HTTP GET, the watchdog can now be set up either to check every
  1st level virtual server or either only the first one.
   (Bertrand Lupart)
- The watchdog can now check virtual servers using HTTP GET
   (Bertrand Lupart)
- The id->variables isn't set as before regarding variables with emtpy values,
  this broke the screen for adding a new virtual server.
   (Bertrand Lupart)
- Watchdog PID check can now be disabled with --without-watchdog-pidcheck
  It is disabled by default on Linuxes < 2.6, since their threads
  implementations assigned different PIDs for each thread.
   (Bertrand Lupart)
- Fixed backtrace when using <accessed since> or <accessed help> when accessed
  was handled by accessed-sql or accessed-memory.
   (Bertrand Lupart)
- Not using strftime on solaris as it does not support the POSIX %z flag
  which rendered Caudium.cern_http_date() unusable.
   (Marek Habersack)
- The id->variables wasn't set as before regarding empty values, this broke
  some applications and most notably lead to internal server error when
  reseting a variable in the configuration interface.
   (David Gourdelier)
- Comparing of empty strings didn't work in RXML so this lead to wrong
  <if match...>
   (David Gourdelier)
- Fix for the RXML parsers sending the wrong content-type header when parsing
  a non-html document.
   (James Tyson)
- Pikegraphy now likes filenames with spaces.
   (Bill Welliver)
- Watchdog should now work with servers that change uid.
   (Bill Welliver)
- Stopping/restarting of server should work properly now, especially for servers that change uid.
   (Bill Welliver)
- Fix a backtrace in Config-Action openports when there is no lsof located 
  on the hosted machine.
   (Xavier Beaudouin)
- Fixed loading of Crypto related Configuration Actions in CIF.
   (Xavier Beaudouin)
- Fixed a segfault in Caudium C module when broken variable assignments
  in the query part of the url are parsed (eg ?foo=too&hop=&gazon=zz - hop= 
  is the invalid syntax), SF bug #1028622
   (Marek Habersack)