Roxen WebServer X Changelog

What's new in Roxen WebServer X 5.4.66

Mar 27, 2014

Administration Interface improvements:
Fix bug when restoring DB backups. [Bug 6963]
Improve module info display now that package system and git hashes are used. [Bug 6267]
Fix error when scheduling backups on tables with views. [Bug 7002]
Fix a backtrace seen when dropping a site. [Bug 6237]
Patch system now correctly handles mode bits on updated files.
Added documentation link for SMF manifest.
Implemented new RoxenPatch format.
Support stronger passwords for administration interface accounts.
Added centralized garbage collection of directories on server disk.
Deprecate the use of site templates due to various design issues. [Bug 5600]
Include version number and non-empty administration interface name in window header.
Fixed issues with Memory Logger functionality.
Fixed error in DB backup scheduler where changed settings didn't take effect.
Improve memory calculation correctness in Pike Memory Usage wizard.
Support removal of imported patch packages.
Patch system can now import archives of multiple patches.
Repeated import of same patch will now overwrite older copy.
Added XHTML extension.
Added $scheme for logging URL scheme.
Updated support for Cacti monitoring.
Added support for optional host header to Periodic Fetcher module.
Fix missing privilege elevation in patch system when writing to disk. [Bug 6036]
Added support for running MySQL upgrade binary.
Implement support for newer patch format with fat binaries and platform-specific patches.
Check for required binaries before attempting to patch. [Bug 6587]
Support stronger password hashing algoritms. [Bug 6358]
RXML improvements:
Allow min and max for HTML5 ranges in .
Fixed regression from Roxen 4.5 concerning old PS font names in graphics rendering tags.
Improved HTML5 support in .
Added mutex and generation variables to .
Add optional disabling for run-together words in Aspell.
Improved . [Bug 6903]
Fix quoting issue in .
Make more tolerant to database connection issues.
Extend with remove-unwanted-tags attribute.
Support Russian locale in .
Improve database performance for .
Added a compatibility NULL object for . [Bug 5900]
Support custom spell checker dictionaries. [Bug 5737]
The tag can now use prestates to verify its cookie.
Clarified documentation for vs HTML5 compatibility.
Improved documentation for . [Bug 6343]
Allow overriding return code in 401 and 404 pages. [Bug 6287]
Fix a problem with unwanted data sharing in mappings. [Bug 6342]
Fix expansion of RXML variables in inside . [Bug 6359]
Added the showscope attribute in .
Avoid internal server error in when passing wide string data.
Extended syntax with new functions floor(), ceil(), round() and log(), and fixed infinite loop bug in search().
Fixed error that could manifest in e.g . [Bug 6425]
Added as a new data source.
Compiled RXML will now be split in 64K segments to improve threading. [Bug 6467]
will now exclude port numbers from Host header for HTTPS (443) requests.
Improve HTML markup compatibility in . [Bug 6051]
Added soap-method attribute to to post tag data as SOAP request. [Bug 6523]
Don't send linebreaks in auth headers. [Bug 6592]
Added a set of decoding methods to entity syntax: -utf8, -hex, -base64 and -html. Example:
Improved russian language support.
Less noise in HTML output when using some attributes.
Fix conflict between inside and HTML5.
Avoid table scan when clearing old entries in . [Bug 6680]
Fixed some weekday/-number calculation bugs in >, and added some new ISO 8601 formatters.
Extend with some new styling attributes: background-color, background-image, color and font.
Core improvements:
Switched to modern MariaDB library for MySQL connections.
Fix Windows problem with mysql_upgrade binary. [Bug 7007] [Bug 7018]
Updated default 404 page to work better on small screens.
Show thread name in slow thread dump header.
Avoid DNS timeout for resolving IPv6 link-local addresses (fe80::1).
HTTP output of wide strings with narrow charset will now force UTF-8 conversion instead of error.
Improve robustness in start script in directory permission checks. [Bug 6980]
Fix issue with internal request object observed on Windows.
Fix module initialization problem seen on Windows. [Bug 7059]
Fixed internal locking issues in protocol layer.
Fix issue with domain resolving from /etc/resolv.conf. [Bug 6357]
Support quoted strings in cookie header parser.
Cleaned up error reporting in image caches.
Fixed handling of charset errors in case-insensitive path lookup code.
Support Java modules located in local/modules/.
Don't load old Java class files if current process doesn't support Java.
Shorten very large argument lists in thread dump output.
Name more internal threads for easier thread dump analysis.
Refactored PID file handling to protect against multiple launches. [Bug 6516]
Improved calculation of RAM cache entry sizes, thereby also improving eviction decisions.
Fix memory leak in WebDAV module.
Improved accounting of protocol-level cache callbacks. [Bug 6520]
Speed up FTP directory listings when certain authentication modules are loaded. [Bug 6410]
Solve SNMP port binding error on OS X 10.8 and newer. [Bug 6613]
Optimize image cache storing by removing redundant SQL inserts via extra read first.
Improved image cache support for large images.
Don't linger on HTTP connections after timeout.
Pike-specific changes
Modules improvements:
ADT.Struct: Working int32/SWord.
Calendar.Timezone: Make compile() reentrant.
Freetype: Support name mapping that is backwards compatible with older Freetype.
Graphics.Graph: Fixed some infinite loops.
Image.Image: Fix crash in skewy().
Image.GIF: Fix robustness against decoding broken files and infinite loops.
Image.PNG: Fixed crash problem in decoding certain PNG files.
MySQL: Switched to MariaDB client library.
MySQL: Fixed overflow in fetch_fields().
Sql.rsql: Various improvements and fixes.
Stdio: Reduce number of system calls in mkdirhier().
Stdio.File: Implement support for changing linger time on sockets via linger().
SNMP: Fix error in GetRequest variable bindings.
SSL.sslfile: Implement support for changing linger time on sockets via linger().
SSL.sslfile: Improve robustness in destroy to avoid error message.
Unicode: Fix hash table issue in normalize() for 32-bit strings.
Core improvements:
Enable full address space (3 GB) on Windows.
Fix internal compiler problem with running out of stack.
Low-level fixes to setting up socket pair.
Fix internal error class to avoid an issue while printing backtraces.
Added callbacks during garbage collection.
Various fixes to wide-string handling in compiler.
Improve thread safety in backend call-out handling.
Switch to binary mode when opening text files.
Various fixes to integer math overflow detection.
Increase thread stack to 1 MB to help 64-bit architectures.

New in Roxen WebServer X 5.2.191 (Mar 20, 2012)

WebServer-specific changes:
Administration Interface improvements:
Fix recursive lock issue in Tasks > Debug > Pike Memory Usage Information wizard.
Fixed minor overcaching issue in Debug > List Fonts.
Various fixes in the Debug > Open Files wizard.
Solved permission issue when unpacking Roxen patches.
Add collapsible levels and restyle Debug > Resolve Path output.
Add proper quoting to module names in Debug > Resolve Path. [Bug 6034]
Various internal fixes to the crunch box widget. [Bug 6007]
Better error catching in DB browser.
Fix string quoting, whitespace washing and wide text in DB browser.
DB browser queries can now be disabled with a line containing --.
Fixed browser redirects in some DB browser actions.
Make it easier to check/uncheck all databases when dropping site.
Request tracing of , and now show variable name.
Improved support for Internet Explorer 9 and dropped old Internet Explorer 6 kludges.
Make configuration interface more robust against double submits.
Fixed a quoting issue with settings fields. [Bug 6131]
Better robustness in port handling with hostname glob. [Bug 6174]
Prevent repeated shutdown/restart requests. [Bug 6169]
Database Manager improvements:
Set connection charset after releasing global cache lock. [Bug 5961]
Shorten connection timeout to 1 minute (override with -DDB_CONNECTION_TIMEOUT). [Bug 5964]
Keep connections with errors out of the connection pool. [Bug 5969]
Disable automatic reconnect for cached connections. [Bug 5964]
Patch management improvements:
Roxen patches with header in git format is now supported. [Bug 6166]
Roxen Patch now works better across filesystems. [Bug 5924]
Modules improvements:
Host Redirect module now supports %q (URL query) expansion. [Bug 5930]
Added Argcache GC module.
Added Memory Logger module.
Added Perodic Fetcher module.
Improve XML byte-order mark support in XML DB Mirror.
Disable YUI2 resources with known security issues. [Bug 6210]
RXML improvements:
Preserve RXML context when evaluating subrequests. [Bug 5940]
Setting HTTP headers in certain ways should work in p-code.
Implemented global constants for Boolean and NULL values (&roxen.true;, &roxen.false; and &roxen.null;).
Reject empty src attributes in various graphics tags (e.g. ). [Bug 5791]
Avoid rounding errors when comparing compatibility level. [Bug 3877]
Fixed path encoding issue in p-code on Windows.
More RXML API types (t_str_or_int, t_num_array, t_str_array, t_map_array).
Make the &var.data:js; encoding safe inside tags.
Added MD5, SHA1 and SHA256 variable encodings (e.g. &var.data:utf8.md5.hex;).
Added &var.data:json; encoding for JSON output. [Bug 6056]
The JS library method selectFirstInputField() won't focus a field if the user already focused elsewhere. [Bug 6228]
Support Content-Encoding header in . [Bug 6041]
Avoid memory garbage from lingering HTTP connections in .
Add caching in various expression forms (e.g. ).
Add subindexing, var(), index(), min() and max() in variable expressions.
Added filename attribute to .
now emits the currently selected language.
Fix multiple bugs in . [Bug 4901] [Bug 6055]
now gives each attachment a unique Content-ID. [Bug 5136]
Avoid memory garbage from circular references in .
Removed possibility to override quiet RXML errors via URL prestate.
Added as companion to . [Bug 5427] [Bug 6097]
Fixed broken use of Vary callbacks. [Bug 5365]
needs on attribute to turn on debug mode.
with CSV advancing now handled postprocessing. [Bug 5926] [Bug 5777]
Better error handling in and .
Added (Hash-based Message Authentication Code).
Added and .
Fix issue with user overrides in roxen/page scopes together with . [Bug 6130]
Added option to to use shared database. [Bug 5915]
P-code with huge number of compiled statements should now work correctly. [Bug 6146]
Added secure and httponly attributes to the tag.
Core improvements:
Removed old RAM cache implementation.
Log errors during argcache sync.
Changed strategy for argcache sync to run in dedicated thread. [Bug 6014]
Handle duplicate argcache keys by replacing instead of flagging an error.
Return 503 response code for requests waiting too long. [Bug 5886]
Corrected problem with data corruption in chunked transfer encoding.
Fixed RAM cache expire to only expire the requested cache. [Bug 5861]
Added SNMP probes for protocol cache, Pike memory usage and gc.
Destroy protocol cache keys when entires expire to reduce garbage.
Don't attempt to start modules that failed to load.
Support variables (e.g. $LOGDIR) in e.g. font and module settings.
Avoid backtrace for closed connection when configuration loads. [Bug 4832]
URL registration/unregistration fixes. [Bug 5982] [Bug 6037]
Handle some situations of ANY/specific IPs better. [Bug 5982]
Avoid stale argcache database connections. [Bug 5964]
Fix backtrace during shutdown.
ABS now dumps handler queue after thread backtrace.
Internal server errors now get more prominent appearance in server log.
Thread dumps now display thread names and thread busy time information.
Speed up image cache flushing through new database index.
Threading fixes to image cache metadata syncing.
Set image/argument cache access time no more than once a day.
Remove unneeded thread lock in image/argument key creation.
Less serious warning for harmless log/security pattern decoding issue.
Added experimental fork optimization (enable with ROXEN_USE_FORKD). [Bug 6043]
bin/create_configif should use current compatibility level.
Set TMPDIR to a non-user-specific directory to avoid uid issues on OS X.
Added support for bytea encoding. [Bug 5377]
Support --valgrind.
Ensure correct locale before running ifconfig. [Bug 5898]
Updated compatibility with Cacti 0.8.7h.
Use privileged access to filesystem in Roxen Patch. [Bug 6036]
Make start script more robust against various errors involving Roxen/MySQL PID files.
Added robustness to detect already running myisamchk.
Memory logger can now report more low-level information. [Bug 6275]
Incorporated ActionFS API.
Apply URL quoting to data in WebDAV directory listings.
Avoid recursion in 404 reply on WebDAV requests from OS X clients.
Generate SSL shadow certificates for bundled certificates. [Bug 268]
Disable single DES in SSL due to known weakness.
Fixed a broken Xerces Java archive. [Bug 4252]
Pike-specific changes:
Modules improvements:
Array: Fix infinite recursion with non-numeric input in oid_sort_func().
Calendar: dwim_time() should know how to parse ISO 8601 timestamps.
Calendar: Updates to timezone data.
Debug: Added memory_usage() fields on more internal state. [Bug 6275]
Filesystem.Tar: Fix for Windows issue with permission bits.
Filesystem.Tar: Don't abort when directory timestamp can't be set on Windows.
Gmp: Added functions to access the numerator and the denominator of an mpq.
Gmp: Fixed bugs in the formatting of mpz as floats.
Gmp: Fixed strange bug where mpq were initialized as mpz from strings.
Image.JPEG: Recompiled with libjpeg-turbo to Mac OS X and RHEL to get significant performance improvements.
Image.JPEG: Fix broken detection of libjpeg lossless transformation support.
Image.PNG: fix tRNS handling in decoder.
Image.X: Fixed typo in encode_pseudocolor().
Java: Restore Java support on OS X 10.6.
Locale.Charset: GB2312 should typically be treated as EUC-CN.
Locale.Charset: Fixed NULL-dereferencing in the decoder for EUC-CN and EUC-KR.
MIME: Join adjacent decoded words with the same character set.
Parser.RCS: Avoid recursion and reduce memory when extracting revision content.
Parser.XML.NSTree: diff_namespaces() needs to return its return value.
Parser.XML.Tree: Bugfixed implementation and documentation.
Process: Added support for spawning processes via forkd. [Bug 6043]
Process: spawn(), popen() and system() et al now use Process.Process.
Protocols.DNS: Support A6 replies in Protocols.DNS.Server.
Protocols.DNS: Improved detection of IPv6 support.
Protocols.DNS: Abort active requests in close(). [Bug 6031]
Protocols.DNS: Fixed issue where async_client objects became garbage even after close().
Protocols.DNS: Made safe_bind() less verbose in the common failure case.
Protocols.DNS: Simple hack to allow literal ipv6 in /etc/hosts.
Protocols.HTTP: Increased robustness in close() against connection not being open.
Protocols.HTTP: Set the Content-Length header for zero-length data. [Bug 5936]
Protocols.HTTP: Some keep-alive handling fixes for async_request().
Protocols.HTTP: Support proxying of HTTPS.
Protocols.HTTP: Support keep-alive for proxied requests.
Protocols.HTTP: Proxy methods now support falling back to no proxy.
Protocols.HTTP: Use set_callbacks() to clear the callbacks.
Protocols.HTTP: Include a more complete list of response codes and descriptions.
Protocols.HTTP.Query: Clean up closing of the connection.
Protocols.HTTP.Query: Filter weak SSL ciphers rather than list strong.
Protocols.HTTP.Query: Fixed broken state when open_socket() has thrown an error.
Protocols.HTTP.Server: Multiple multipart file submissions will be preserved as suggested by HTML5.
Protocols.HTTP.Server: Use better response descriptions.
Protocols.XMLRPC: Added boolean support using Val.true and Val.false.
Protocols.XMLRPC: Fix parsing of requests that wrap values in CDATA directives.
Regexp.PCRE: Fixed return value from exec() to always have entries for all submatches.
Regexp.PCRE: Add support for capture groups in replace().
SSL: Implement the renegotiation_info extension from RFC 5746. [Bug 5840]
SSL: Various fixes for client mode.
SSL: Added set_callbacks() and query_callbacks() to sslfile as per Stdio.File.
SSL: Ensure that queued alerts are sent if the connection hasn't been shutdown by the alert callback.
SSL: Convert ALERT_no_renegotiation to ALERT_handshake_failure for SSL 3.0.
SSL: Throw an error from create() in client blocking mode on handshake failure.
Search: Add database indexes. [Bug 5844]
Search: Fixed compatibility with old MySQL.
Search: Support optional watchdog script for external filter binaries.
Search: Replaced publication date sorting with one that uses a better field.
Sql: Added wrappers for is_open() and ping().
Sql.Sql: Added typed_query() for convenience.
Sql.pgsql: sendterminate() implies close().
Sql.Mysql: Improved typed mode for DECIMAL and BIT fields.
Sql.Mysql: Added option to disable automatic reconnect, and force the default to on.
Sql.Mysql: Removed all remains of the Pike C-level reconnect code. [Bug 5964]
Sql.Mysql: set_charset() and create() now set the charset option.
Sql.Mysql: Update the stored connection charset only if the charset change is successful.
Sql.Mysql: Improved support for Blastwave.
Sql.Mysql: Fixed a refcount bug.
Sql.Mysql: fetch_json_result() now quotes U+2028 and U+2029. [Bug 6103]
Standards.JSON: Improved escaping of U+2028 and U+2029 to help buggy parsers.
Standards.JSON: Handle \u encoded surrogate pairs in decode().
Standards.JSON: Made string escaping accessible by itself through escape_string().
Standards.JSON: Check that \u escapes produce valid Unicode chars in validate().
Standards.JSON: Use surrogate pairs for chars above U+FFFF in ASCII_ONLY output.
Standards.URI: The authority section may be undefined. [Bug 5859]
Stdio: Fixed cp() to work on directory trees on Windows.
Stdio: Set the mode bits last in cp() in case they remove write bits.
Stdio: Added documentation for recursive_mv() on some behavior inherited from cp().
Stdio: Added set_callbacks() and query_callbacks() to handle several callbacks at once.
Stdio: Avoid warning when System.cp() exists (e.g. on Windows).
Stdio: Fix file length handling in sendfile(). [Bug 6118]
Stdio: Improved file descriptor capability handling.
Stdio: Throw errors in ALL failure modes for write_file() and append_file(). [Bug 6052]
Stdio.Fd: Fixed several cases where the flag FILE_HAVE_RECV_FD was lost.
Stdio.Fd_ref now supports subtyped Stdio.Fd objects.
Stdio.File: Added send_fd() and receive_fd().
Stdio.File: Deregister events properly when the fd is closed.
Stdio.File: Fixed bogus errno from query_address() when given a socket with an invalid protocol family.
Stdio.File: Added robustness in rm() for EINTR.
Stdio.UDP: Improved support for IPv6.
Stdio.UDP: query_address() now knows about IPv6-mapped IPv4 addresses.
System.getgrent: The group member list can be NULL on Mac OS X. [Bug 6187]
Tools.X509: Use a unique serial number for each self-signed certificate.
Tools.X509: Added lower level functions dsa_sign_key() and rsa_sign_key().
Val: Added a new Val module for various global constant values.
Web.Crawler: Support for URLs containing Unicode characters. [Bug 5958]
Core improvements:
Added kludge for function_name(). [Bug 6156]
Avoid relying on stale pointers in getters/setters.
Disabled an unsafe optimization.
Fix profiling of recursive functions by tracking recursion level. [Bug 5131]
Fixed overoptimization of time() calls.
Fixed potential memory clobbering in special cases when dividing the empty array with a float number.
Fixed resolving of external symbols in deep inherits. [Bug 6063]
Fixed typo that could cause fatal when comparing objects with equal().
Fixed multiset masking typo.
Fixed fallback order for master compatibility resolver.
Forward compatibility with 64-bit line numbers from Pike 7.9.
IPv6: Added support for generating mapped IPv4 addesses on getaddrinfo() failure.
IPv6: Enable IPv4 mapped adresses explicitly.
IPv6: Support giving hints about IPv6 to get_inet_addr().
Patch cmod precompiler to support negative int(low..high) bounds.
Update current_time returned by time(1) after sleeping.
Workaround for call_c_initializers() creating broken frames. [Bug 6156]
Survive crypt(3C) failing. [Bug 6013]
Documentation-specific changes:
Major restructuring and reformatting of PDF documentation.