Roxen Internet Software AB
www.roxen.com
DownloadRoxen WebServer 5.2

Roxen WebServer 5.2.200-release2 (2012-04-13)  

WebServer-specific changes

Please see important upgrade notes for 5.2.191-release1 which also apply to this release.


Administration Interface improvements:

  • Fixed a missing close tag in DB browser.

RXML improvements:

  • Propagate <header> tag without attributes since it is part of HTML5.

Core improvements:

  • Added additional MIME definitions for audio/mp4 and audio/ogg.



Pike-specific changes

Modules improvements:

  • Protocols.DNS: Added fixes for Windows.
  • Protocols.DNS: Improve detection of lacking IPv6 mapped IPv4.
  • Protocols.HTTP: Improved handling of async DNS.
  • Sql.pgsql: Many fixes and updates to Postgres module.
  • Sql.Sql: Improve handling of options mapping in all Sql drivers.
 

Roxen WebServer 5.2.191-release1 (2012-03-16)  

WebServer-specific changes

Important notes on upgrading existing installations:

  • Changes in MySQL reconnect handling

    The MySQL connector has changed its reconnect behavior. It is crucial that server modules do not keep long-lived connections when idling since they will be unavailable for reuse. If you run the server with --debug you will see extra warnings in the debug log if incorrect behavior is encountered.

  • Java on Mac OS X 10.7

    Users of Mac OS X 10.7 Lion should be aware that Apple no longer installs a Java runtime by default. Instead there is a stub library that will present a dialog box when it detects an invocation of a Java command; the intention of this dialog box is to let administrators download the Java package when needed. However, this strategy will fail if the Roxen server is running in background mode (there is no window context to show the dialog box) and Roxen will then terminate. A simple solution to this is to open a Terminal window and type the command java to force Mac OS X to present the dialog box in an interactive session.

Administration Interface improvements:

  • Fix recursive lock issue in Tasks > Debug > Pike Memory Usage Information wizard.
  • Fixed minor overcaching issue in Debug > List Fonts.
  • Various fixes in the Debug > Open Files wizard.
  • Solved permission issue when unpacking Roxen patches.
  • Add collapsible levels and restyle Debug > Resolve Path output.
  • Add proper quoting to module names in Debug > Resolve Path. [Bug 6034]
  • Various internal fixes to the crunch box widget. [Bug 6007]
  • Better error catching in DB browser.
  • Fix string quoting, whitespace washing and wide text in DB browser.
  • DB browser queries can now be disabled with a line containing --.
  • Fixed browser redirects in some DB browser actions.
  • Make it easier to check/uncheck all databases when dropping site.
  • Request tracing of <set>, <append> and <unset> now show variable name.
  • Improved support for Internet Explorer 9 and dropped old Internet Explorer 6 kludges.
  • Make configuration interface more robust against double submits.
  • Fixed a quoting issue with settings fields. [Bug 6131]
  • Better robustness in port handling with hostname glob. [Bug 6174]
  • Prevent repeated shutdown/restart requests. [Bug 6169]

Database Manager improvements:

  • Set connection charset after releasing global cache lock. [Bug 5961]
  • Shorten connection timeout to 1 minute (override with -DDB_CONNECTION_TIMEOUT). [Bug 5964]
  • Keep connections with errors out of the connection pool. [Bug 5969]
  • Disable automatic reconnect for cached connections. [Bug 5964]

Patch management improvements:

  • Roxen patches with header in git format is now supported. [Bug 6166]
  • Roxen Patch now works better across filesystems. [Bug 5924]

Modules improvements:

  • Host Redirect module now supports %q (URL query) expansion. [Bug 5930]
  • Added Argcache GC module.
  • Added Memory Logger module.
  • Added Perodic Fetcher module.
  • Improve XML byte-order mark support in XML DB Mirror.
  • Disable YUI2 resources with known security issues. [Bug 6210]

RXML improvements:

  • Preserve RXML context when evaluating subrequests. [Bug 5940]
  • Setting HTTP headers in certain ways should work in p-code.
  • Implemented global constants for Boolean and NULL values (&roxen.true;, &roxen.false; and &roxen.null;).
  • Reject empty src attributes in various graphics tags (e.g. <cimg src=""/>). [Bug 5791]
  • Avoid rounding errors when comparing compatibility level. [Bug 3877]
  • Fixed path encoding issue in p-code on Windows.
  • More RXML API types (t_str_or_int, t_num_array, t_str_array, t_map_array).
  • Make the &var.data:js; encoding safe inside <script> tags.
  • Added MD5, SHA1 and SHA256 variable encodings (e.g. &var.data:utf8.md5.hex;).
  • Added &var.data:json; encoding for JSON output. [Bug 6056]
  • The JS library method selectFirstInputField() won't focus a field if the user already focused elsewhere. [Bug 6228]
  • Support Content-Encoding header in <insert#href>. [Bug 6041]
  • Avoid memory garbage from lingering HTTP connections in <insert#href>.
  • Add caching in various expression forms (e.g. <set expr="..."/>).
  • Add subindexing, var(), index(), min() and max() in variable expressions.
  • Added filename attribute to <gxml>.
  • <emit#languages> now emits the currently selected language.
  • Fix multiple bugs in <format-number>. [Bug 4901] [Bug 6055]
  • <email> now gives each attachment a unique Content-ID. [Bug 5136]
  • Avoid memory garbage from circular references in <insert#cached-href>.
  • Removed possibility to override quiet RXML errors via URL prestate.
  • Added <emit#imgs> as companion to <imgs>. [Bug 5427] [Bug 6097]
  • Fixed broken use of Vary callbacks. [Bug 5365]
  • <debug> needs on attribute to turn on debug mode.
  • <emit#values> with CSV advancing now handled postprocessing. [Bug 5926] [Bug 5777]
  • Better error handling in <charset> and <recode>.
  • Added <hash-hmac/> (Hash-based Message Authentication Code).
  • Added <json-format> and <json-parse>.
  • Fix issue with user overrides in roxen/page scopes together with <use/>. [Bug 6130]
  • Added option to <session> to use shared database. [Bug 5915]
  • P-code with huge number of compiled statements should now work correctly. [Bug 6146]
  • Added secure and httponly attributes to the <set-cookie/> tag.

Core improvements:

  • Removed old RAM cache implementation.
  • Log errors during argcache sync.
  • Changed strategy for argcache sync to run in dedicated thread. [Bug 6014]
  • Handle duplicate argcache keys by replacing instead of flagging an error.
  • Return 503 response code for requests waiting too long. [Bug 5886]
  • Corrected problem with data corruption in chunked transfer encoding.
  • Fixed RAM cache expire to only expire the requested cache. [Bug 5861]
  • Added SNMP probes for protocol cache, Pike memory usage and gc.
  • Destroy protocol cache keys when entires expire to reduce garbage.
  • Don't attempt to start modules that failed to load.
  • Support variables (e.g. $LOGDIR) in e.g. font and module settings.
  • Avoid backtrace for closed connection when configuration loads. [Bug 4832]
  • URL registration/unregistration fixes. [Bug 5982] [Bug 6037]
  • Handle some situations of ANY/specific IPs better. [Bug 5982]
  • Avoid stale argcache database connections. [Bug 5964]
  • Fix backtrace during shutdown.
  • ABS now dumps handler queue after thread backtrace.
  • Internal server errors now get more prominent appearance in server log.
  • Thread dumps now display thread names and thread busy time information.
  • Speed up image cache flushing through new database index.
  • Threading fixes to image cache metadata syncing.
  • Set image/argument cache access time no more than once a day.
  • Remove unneeded thread lock in image/argument key creation.
  • Less serious warning for harmless log/security pattern decoding issue.
  • Added experimental fork optimization (enable with ROXEN_USE_FORKD). [Bug 6043]
  • bin/create_configif should use current compatibility level.
  • Set TMPDIR to a non-user-specific directory to avoid uid issues on OS X.
  • Added support for bytea encoding. [Bug 5377]
  • Support --valgrind.
  • Ensure correct locale before running ifconfig. [Bug 5898]
  • Updated compatibility with Cacti 0.8.7h.
  • Use privileged access to filesystem in Roxen Patch. [Bug 6036]
  • Make start script more robust against various errors involving Roxen/MySQL PID files.
  • Added robustness to detect already running myisamchk.
  • Memory logger can now report more low-level information. [Bug 6275]
  • Incorporated ActionFS API.
  • Apply URL quoting to data in WebDAV directory listings.
  • Avoid recursion in 404 reply on WebDAV requests from OS X clients.
  • Generate SSL shadow certificates for bundled certificates. [Bug 268]
  • Disable single DES in SSL due to known weakness.
  • Fixed a broken Xerces Java archive. [Bug 4252]



Pike-specific changes

Modules improvements:

  • Array: Fix infinite recursion with non-numeric input in oid_sort_func().
  • Calendar: dwim_time() should know how to parse ISO 8601 timestamps.
  • Calendar: Updates to timezone data.
  • Debug: Added memory_usage() fields on more internal state. [Bug 6275]
  • Filesystem.Tar: Fix for Windows issue with permission bits.
  • Filesystem.Tar: Don't abort when directory timestamp can't be set on Windows.
  • Gmp: Added functions to access the numerator and the denominator of an mpq.
  • Gmp: Fixed bugs in the formatting of mpz as floats.
  • Gmp: Fixed strange bug where mpq were initialized as mpz from strings.
  • Image.JPEG: Recompiled with libjpeg-turbo to Mac OS X and RHEL to get significant performance improvements.
  • Image.JPEG: Fix broken detection of libjpeg lossless transformation support.
  • Image.PNG: fix tRNS handling in decoder.
  • Image.X: Fixed typo in encode_pseudocolor().
  • Java: Restore Java support on OS X 10.6.
  • Locale.Charset: GB2312 should typically be treated as EUC-CN.
  • Locale.Charset: Fixed NULL-dereferencing in the decoder for EUC-CN and EUC-KR.
  • MIME: Join adjacent decoded words with the same character set.
  • Parser.RCS: Avoid recursion and reduce memory when extracting revision content.
  • Parser.XML.NSTree: diff_namespaces() needs to return its return value.
  • Parser.XML.Tree: Bugfixed implementation and documentation.
  • Process: Added support for spawning processes via forkd. [Bug 6043]
  • Process: spawn(), popen() and system() et al now use Process.Process.
  • Protocols.DNS: Support A6 replies in Protocols.DNS.Server.
  • Protocols.DNS: Improved detection of IPv6 support.
  • Protocols.DNS: Abort active requests in close(). [Bug 6031]
  • Protocols.DNS: Fixed issue where async_client objects became garbage even after close().
  • Protocols.DNS: Made safe_bind() less verbose in the common failure case.
  • Protocols.DNS: Simple hack to allow literal ipv6 in /etc/hosts.
  • Protocols.HTTP: Increased robustness in close() against connection not being open.
  • Protocols.HTTP: Set the Content-Length header for zero-length data. [Bug 5936]
  • Protocols.HTTP: Some keep-alive handling fixes for async_request().
  • Protocols.HTTP: Support proxying of HTTPS.
  • Protocols.HTTP: Support keep-alive for proxied requests.
  • Protocols.HTTP: Proxy methods now support falling back to no proxy.
  • Protocols.HTTP: Use set_callbacks() to clear the callbacks.
  • Protocols.HTTP: Include a more complete list of response codes and descriptions.
  • Protocols.HTTP.Query: Clean up closing of the connection.
  • Protocols.HTTP.Query: Filter weak SSL ciphers rather than list strong.
  • Protocols.HTTP.Query: Fixed broken state when open_socket() has thrown an error.
  • Protocols.HTTP.Server: Multiple multipart file submissions will be preserved as suggested by HTML5.
  • Protocols.HTTP.Server: Use better response descriptions.
  • Protocols.XMLRPC: Added boolean support using Val.true and Val.false.
  • Protocols.XMLRPC: Fix parsing of requests that wrap values in CDATA directives.
  • Regexp.PCRE: Fixed return value from exec() to always have entries for all submatches.
  • Regexp.PCRE: Add support for capture groups in replace().
  • SSL: Implement the renegotiation_info extension from RFC 5746. [Bug 5840]
  • SSL: Various fixes for client mode.
  • SSL: Added set_callbacks() and query_callbacks() to sslfile as per Stdio.File.
  • SSL: Ensure that queued alerts are sent if the connection hasn't been shutdown by the alert callback.
  • SSL: Convert ALERT_no_renegotiation to ALERT_handshake_failure for SSL 3.0.
  • SSL: Throw an error from create() in client blocking mode on handshake failure.
  • Search: Add database indexes. [Bug 5844]
  • Search: Fixed compatibility with old MySQL.
  • Search: Support optional watchdog script for external filter binaries.
  • Search: Replaced publication date sorting with one that uses a better field.
  • Sql: Added wrappers for is_open() and ping().
  • Sql.Sql: Added typed_query() for convenience.
  • Sql.pgsql: sendterminate() implies close().
  • Sql.Mysql: Improved typed mode for DECIMAL and BIT fields.
  • Sql.Mysql: Added option to disable automatic reconnect, and force the default to on.
  • Sql.Mysql: Removed all remains of the Pike C-level reconnect code. [Bug 5964]
  • Sql.Mysql: set_charset() and create() now set the charset option.
  • Sql.Mysql: Update the stored connection charset only if the charset change is successful.
  • Sql.Mysql: Improved support for Blastwave.
  • Sql.Mysql: Fixed a refcount bug.
  • Sql.Mysql: fetch_json_result() now quotes U+2028 and U+2029. [Bug 6103]
  • Standards.JSON: Improved escaping of U+2028 and U+2029 to help buggy parsers.
  • Standards.JSON: Handle \u encoded surrogate pairs in decode().
  • Standards.JSON: Made string escaping accessible by itself through escape_string().
  • Standards.JSON: Check that \u escapes produce valid Unicode chars in validate().
  • Standards.JSON: Use surrogate pairs for chars above U+FFFF in ASCII_ONLY output.
  • Standards.URI: The authority section may be undefined. [Bug 5859]
  • Stdio: Fixed cp() to work on directory trees on Windows.
  • Stdio: Set the mode bits last in cp() in case they remove write bits.
  • Stdio: Added documentation for recursive_mv() on some behavior inherited from cp().
  • Stdio: Added set_callbacks() and query_callbacks() to handle several callbacks at once.
  • Stdio: Avoid warning when System.cp() exists (e.g. on Windows).
  • Stdio: Fix file length handling in sendfile(). [Bug 6118]
  • Stdio: Improved file descriptor capability handling.
  • Stdio: Throw errors in ALL failure modes for write_file() and append_file(). [Bug 6052]
  • Stdio.Fd: Fixed several cases where the flag FILE_HAVE_RECV_FD was lost.
  • Stdio.Fd_ref now supports subtyped Stdio.Fd objects.
  • Stdio.File: Added send_fd() and receive_fd().
  • Stdio.File: Deregister events properly when the fd is closed.
  • Stdio.File: Fixed bogus errno from query_address() when given a socket with an invalid protocol family.
  • Stdio.File: Added robustness in rm() for EINTR.
  • Stdio.UDP: Improved support for IPv6.
  • Stdio.UDP: query_address() now knows about IPv6-mapped IPv4 addresses.
  • System.getgrent: The group member list can be NULL on Mac OS X. [Bug 6187]
  • Tools.X509: Use a unique serial number for each self-signed certificate.
  • Tools.X509: Added lower level functions dsa_sign_key() and rsa_sign_key().
  • Val: Added a new Val module for various global constant values.
  • Web.Crawler: Support for URLs containing Unicode characters. [Bug 5958]

Core improvements:

  • Added kludge for function_name(). [Bug 6156]
  • Avoid relying on stale pointers in getters/setters.
  • Disabled an unsafe optimization.
  • Fix profiling of recursive functions by tracking recursion level. [Bug 5131]
  • Fixed overoptimization of time() calls.
  • Fixed potential memory clobbering in special cases when dividing the empty array with a float number.
  • Fixed resolving of external symbols in deep inherits. [Bug 6063]
  • Fixed typo that could cause fatal when comparing objects with equal().
  • Fixed multiset masking typo.
  • Fixed fallback order for master compatibility resolver.
  • Forward compatibility with 64-bit line numbers from Pike 7.9.
  • IPv6: Added support for generating mapped IPv4 addesses on getaddrinfo() failure.
  • IPv6: Enable IPv4 mapped adresses explicitly.
  • IPv6: Support giving hints about IPv6 to get_inet_addr().
  • Patch cmod precompiler to support negative int(low..high) bounds.
  • Update current_time returned by time(1) after sleeping.
  • Workaround for call_c_initializers() creating broken frames. [Bug 6156]
  • Survive crypt(3C) failing. [Bug 6013]



MySQL-specific changes

No changes to the bundled MySQL server.




Documentation-specific changes

Major restructuring and reformatting of PDF documentation.