Important notes on upgrading existing installations:
Changes in MySQL reconnect handling
The MySQL connector has changed its reconnect behavior. It is crucial that server modules do not keep long-lived
connections when idling since they will be unavailable for reuse. If you run the server with --debug you
will see extra warnings in the debug log if incorrect behavior is encountered.
Java on Mac OS X 10.7
Users of Mac OS X 10.7 Lion should be aware that Apple no longer installs a Java runtime by default. Instead
there is a stub library that will present a dialog box when it detects an invocation of a Java command; the intention
of this dialog box is to let administrators download the Java package when needed. However, this strategy will fail
if the Roxen server is running in background mode (there is no window context to show the dialog box) and Roxen will
then terminate. A simple solution to this is to open a Terminal window and type the command java to force
Mac OS X to present the dialog box in an interactive session.
Administration Interface improvements:
- Fix recursive lock issue in Tasks > Debug > Pike Memory Usage Information wizard.
- Fixed minor overcaching issue in Debug > List Fonts.
- Various fixes in the Debug > Open Files wizard.
- Solved permission issue when unpacking Roxen patches.
- Add collapsible levels and restyle Debug > Resolve Path output.
- Add proper quoting to module names in Debug > Resolve Path.
- Various internal fixes to the crunch box widget.
- Better error catching in DB browser.
- Fix string quoting, whitespace washing and wide text in DB browser.
- DB browser queries can now be disabled with a line containing --.
- Fixed browser redirects in some DB browser actions.
- Make it easier to check/uncheck all databases when dropping site.
- Request tracing of <set>, <append> and <unset> now show variable name.
- Improved support for Internet Explorer 9 and dropped old Internet Explorer 6 kludges.
- Make configuration interface more robust against double submits.
- Fixed a quoting issue with settings fields.
- Better robustness in port handling with hostname glob.
- Prevent repeated shutdown/restart requests.
Database Manager improvements:
- Set connection charset after releasing global cache lock.
- Shorten connection timeout to 1 minute (override with -DDB_CONNECTION_TIMEOUT).
- Keep connections with errors out of the connection pool.
- Disable automatic reconnect for cached connections.
Patch management improvements:
- Roxen patches with header in git format is now supported.
- Roxen Patch now works better across filesystems.
- Host Redirect module now supports %q (URL query) expansion.
- Added Argcache GC module.
- Added Memory Logger module.
- Added Perodic Fetcher module.
- Improve XML byte-order mark support in XML DB Mirror.
- Disable YUI2 resources with known security issues.
- Preserve RXML context when evaluating subrequests.
- Setting HTTP headers in certain ways should work in p-code.
- Implemented global constants for Boolean and NULL values (&roxen.true;, &roxen.false; and &roxen.null;).
- Reject empty src attributes in various graphics tags (e.g. <cimg src=""/>).
- Avoid rounding errors when comparing compatibility level.
- Fixed path encoding issue in p-code on Windows.
- More RXML API types (t_str_or_int, t_num_array, t_str_array, t_map_array).
- Make the &var.data:js; encoding safe inside <script> tags.
- Added MD5, SHA1 and SHA256 variable encodings (e.g. &var.data:utf8.md5.hex;).
- Added &var.data:json; encoding for JSON output.
- The JS library method selectFirstInputField() won't focus a field if the user already focused elsewhere.
- Support Content-Encoding header in <insert#href>.
- Avoid memory garbage from lingering HTTP connections in <insert#href>.
- Add caching in various expression forms (e.g. <set expr="..."/>).
- Add subindexing, var(), index(), min() and max() in variable expressions.
- Added filename attribute to <gxml>.
- <emit#languages> now emits the currently selected language.
- Fix multiple bugs in <format-number>.
- <email> now gives each attachment a unique Content-ID.
- Avoid memory garbage from circular references in <insert#cached-href>.
- Removed possibility to override quiet RXML errors via URL prestate.
- Added <emit#imgs> as companion to <imgs>.
- Fixed broken use of Vary callbacks.
- <debug> needs on attribute to turn on debug mode.
- <emit#values> with CSV advancing now handled postprocessing.
- Better error handling in <charset> and <recode>.
- Added <hash-hmac/> (Hash-based Message Authentication Code).
- Added <json-format> and <json-parse>.
- Fix issue with user overrides in roxen/page scopes together with <use/>.
- Added option to <session> to use shared database.
- P-code with huge number of compiled statements should now work correctly.
- Added secure and httponly attributes to the <set-cookie/> tag.
- Removed old RAM cache implementation.
- Log errors during argcache sync.
- Changed strategy for argcache sync to run in dedicated thread.
- Handle duplicate argcache keys by replacing instead of flagging an error.
- Return 503 response code for requests waiting too long.
- Corrected problem with data corruption in chunked transfer encoding.
- Fixed RAM cache expire to only expire the requested cache.
- Added SNMP probes for protocol cache, Pike memory usage and gc.
- Destroy protocol cache keys when entires expire to reduce garbage.
- Don't attempt to start modules that failed to load.
- Support variables (e.g. $LOGDIR) in e.g. font and module settings.
- Avoid backtrace for closed connection when configuration loads.
- URL registration/unregistration fixes.
- Handle some situations of ANY/specific IPs better.
- Avoid stale argcache database connections.
- Fix backtrace during shutdown.
- ABS now dumps handler queue after thread backtrace.
- Internal server errors now get more prominent appearance in server log.
- Thread dumps now display thread names and thread busy time information.
- Speed up image cache flushing through new database index.
- Threading fixes to image cache metadata syncing.
- Set image/argument cache access time no more than once a day.
- Remove unneeded thread lock in image/argument key creation.
- Less serious warning for harmless log/security pattern decoding issue.
- Added experimental fork optimization (enable with ROXEN_USE_FORKD).
- bin/create_configif should use current compatibility level.
- Set TMPDIR to a non-user-specific directory to avoid uid issues on OS X.
- Added support for bytea encoding.
- Support --valgrind.
- Ensure correct locale before running ifconfig.
- Updated compatibility with Cacti 0.8.7h.
- Use privileged access to filesystem in Roxen Patch.
- Make start script more robust against various errors involving Roxen/MySQL PID files.
- Added robustness to detect already running myisamchk.
- Memory logger can now report more low-level information.
- Incorporated ActionFS API.
- Apply URL quoting to data in WebDAV directory listings.
- Avoid recursion in 404 reply on WebDAV requests from OS X clients.
- Generate SSL shadow certificates for bundled certificates.
- Disable single DES in SSL due to known weakness.
- Fixed a broken Xerces Java archive.
- Array: Fix infinite recursion with non-numeric input in oid_sort_func().
- Calendar: dwim_time() should know how to parse ISO 8601 timestamps.
- Calendar: Updates to timezone data.
- Debug: Added memory_usage() fields on more internal state.
- Filesystem.Tar: Fix for Windows issue with permission bits.
- Filesystem.Tar: Don't abort when directory timestamp can't be set on Windows.
- Gmp: Added functions to access the numerator and the denominator of an mpq.
- Gmp: Fixed bugs in the formatting of mpz as floats.
- Gmp: Fixed strange bug where mpq were initialized as mpz from strings.
- Image.JPEG: Recompiled with libjpeg-turbo to Mac OS X and RHEL to get significant performance improvements.
- Image.JPEG: Fix broken detection of libjpeg lossless transformation support.
- Image.PNG: fix tRNS handling in decoder.
- Image.X: Fixed typo in encode_pseudocolor().
- Java: Restore Java support on OS X 10.6.
- Locale.Charset: GB2312 should typically be treated as EUC-CN.
- Locale.Charset: Fixed NULL-dereferencing in the decoder for EUC-CN and EUC-KR.
- MIME: Join adjacent decoded words with the same character set.
- Parser.RCS: Avoid recursion and reduce memory when extracting revision content.
- Parser.XML.NSTree: diff_namespaces() needs to return its return value.
- Parser.XML.Tree: Bugfixed implementation and documentation.
- Process: Added support for spawning processes via forkd.
- Process: spawn(), popen() and system() et al now use Process.Process.
- Protocols.DNS: Support A6 replies in Protocols.DNS.Server.
- Protocols.DNS: Improved detection of IPv6 support.
- Protocols.DNS: Abort active requests in close().
- Protocols.DNS: Fixed issue where async_client objects became garbage even after close().
- Protocols.DNS: Made safe_bind() less verbose in the common failure case.
- Protocols.DNS: Simple hack to allow literal ipv6 in /etc/hosts.
- Protocols.HTTP: Increased robustness in close() against connection not being open.
- Protocols.HTTP: Set the Content-Length header for zero-length data.
- Protocols.HTTP: Some keep-alive handling fixes for async_request().
- Protocols.HTTP: Support proxying of HTTPS.
- Protocols.HTTP: Support keep-alive for proxied requests.
- Protocols.HTTP: Proxy methods now support falling back to no proxy.
- Protocols.HTTP: Use set_callbacks() to clear the callbacks.
- Protocols.HTTP: Include a more complete list of response codes and descriptions.
- Protocols.HTTP.Query: Clean up closing of the connection.
- Protocols.HTTP.Query: Filter weak SSL ciphers rather than list strong.
- Protocols.HTTP.Query: Fixed broken state when open_socket() has thrown an error.
- Protocols.HTTP.Server: Multiple multipart file submissions will be preserved as suggested by HTML5.
- Protocols.HTTP.Server: Use better response descriptions.
- Protocols.XMLRPC: Added boolean support using Val.true and Val.false.
- Protocols.XMLRPC: Fix parsing of requests that wrap values in CDATA directives.
- Regexp.PCRE: Fixed return value from exec() to always have entries for all submatches.
- Regexp.PCRE: Add support for capture groups in replace().
- SSL: Implement the renegotiation_info extension from RFC 5746.
- SSL: Various fixes for client mode.
- SSL: Added set_callbacks() and query_callbacks() to sslfile as per Stdio.File.
- SSL: Ensure that queued alerts are sent if the connection hasn't been shutdown by the alert callback.
- SSL: Convert ALERT_no_renegotiation to ALERT_handshake_failure for SSL 3.0.
- SSL: Throw an error from create() in client blocking mode on handshake failure.
- Search: Add database indexes.
- Search: Fixed compatibility with old MySQL.
- Search: Support optional watchdog script for external filter binaries.
- Search: Replaced publication date sorting with one that uses a better field.
- Sql: Added wrappers for is_open() and ping().
- Sql.Sql: Added typed_query() for convenience.
- Sql.pgsql: sendterminate() implies close().
- Sql.Mysql: Improved typed mode for DECIMAL and BIT fields.
- Sql.Mysql: Added option to disable automatic reconnect, and force the default to on.
- Sql.Mysql: Removed all remains of the Pike C-level reconnect code.
- Sql.Mysql: set_charset() and create() now set the charset option.
- Sql.Mysql: Update the stored connection charset only if the charset change is successful.
- Sql.Mysql: Improved support for Blastwave.
- Sql.Mysql: Fixed a refcount bug.
- Sql.Mysql: fetch_json_result() now quotes U+2028 and U+2029.
- Standards.JSON: Improved escaping of U+2028 and U+2029 to help buggy parsers.
- Standards.JSON: Handle \u encoded surrogate pairs in decode().
- Standards.JSON: Made string escaping accessible by itself through escape_string().
- Standards.JSON: Check that \u escapes produce valid Unicode chars in validate().
- Standards.JSON: Use surrogate pairs for chars above U+FFFF in ASCII_ONLY output.
- Standards.URI: The authority section may be undefined.
- Stdio: Fixed cp() to work on directory trees on Windows.
- Stdio: Set the mode bits last in cp() in case they remove write bits.
- Stdio: Added documentation for recursive_mv() on some behavior inherited from cp().
- Stdio: Added set_callbacks() and query_callbacks() to handle several callbacks at once.
- Stdio: Avoid warning when System.cp() exists (e.g. on Windows).
- Stdio: Fix file length handling in sendfile().
- Stdio: Improved file descriptor capability handling.
- Stdio: Throw errors in ALL failure modes for write_file() and append_file().
- Stdio.Fd: Fixed several cases where the flag FILE_HAVE_RECV_FD was lost.
- Stdio.Fd_ref now supports subtyped Stdio.Fd objects.
- Stdio.File: Added send_fd() and receive_fd().
- Stdio.File: Deregister events properly when the fd is closed.
- Stdio.File: Fixed bogus errno from query_address() when given a socket with an invalid protocol family.
- Stdio.File: Added robustness in rm() for EINTR.
- Stdio.UDP: Improved support for IPv6.
- Stdio.UDP: query_address() now knows about IPv6-mapped IPv4 addresses.
- System.getgrent: The group member list can be NULL on Mac OS X.
- Tools.X509: Use a unique serial number for each self-signed certificate.
- Tools.X509: Added lower level functions dsa_sign_key() and rsa_sign_key().
- Val: Added a new Val module for various global constant values.
- Web.Crawler: Support for URLs containing Unicode characters.
- Added kludge for function_name().
- Avoid relying on stale pointers in getters/setters.
- Disabled an unsafe optimization.
- Fix profiling of recursive functions by tracking recursion level.
- Fixed overoptimization of time() calls.
- Fixed potential memory clobbering in special cases when dividing the empty array with a float number.
- Fixed resolving of external symbols in deep inherits.
- Fixed typo that could cause fatal when comparing objects with equal().
- Fixed multiset masking typo.
- Fixed fallback order for master compatibility resolver.
- Forward compatibility with 64-bit line numbers from Pike 7.9.
- IPv6: Added support for generating mapped IPv4 addesses on getaddrinfo() failure.
- IPv6: Enable IPv4 mapped adresses explicitly.
- IPv6: Support giving hints about IPv6 to get_inet_addr().
- Patch cmod precompiler to support negative int(low..high) bounds.
- Update current_time returned by time(1) after sleeping.
- Workaround for call_c_initializers() creating broken frames.
- Survive crypt(3C) failing.
No changes to the bundled MySQL server.
Major restructuring and reformatting of PDF documentation.