3 *) [*nix] Don't use suexec when there is no user/group in effect.
4 This change is consistent with Apache2 handling. Identified
5 by ["Florian Effenberger" <floeff arcor.de>].
7 *) Add a -min-server-life option to the FastCgiConfig and
8 FastCgiServer directives to provide better control of the
9 restart backoff feature. ["Benjamin Osheroff" <ben gimbo.net>]
13 *) [WIN] Fix handle leaks in the process manager.
14 ["Sascha Schumann" <sascha schumann.cx>]
16 *) [WIN] Use a permanent pool for allocating the SystemRoot
17 environment variable. [Sakamoto <ringring zb4.so-net.ne.jp>]
19 *) [WIN] Fix starting of scripts under AP2.
21 *) Do the connect() to the application *after* collecting a chunk
22 of client data. This reinstates the pre-2.4.0 behaviour.
23 ["James Jurach" <muaddib erf.net>]
25 *) Remove an assert that was triggering on WIN when spawn() failed.
27 *) Provide the NO_SUEXEC_FOR_AP_USER_N_GROUP macro for building
28 mod_fastcgi with the AP13 suexec behaviour (don't use suexec
29 if httpd's user and group match that needed for the application).
31 *) Prevent the use of all but the "auth" directives from being used
32 anywhere but in global scope. Prevent more than one instance
33 of the FastCgiWrapper directive.
35 *) Return NOT_FOUND (404) or FORBIDDEN (403) instead of
36 INTERNAL_SERVER_ERROR (500) when there are configuration issues
37 or the script does't exist. Suggested by ["Jeff Lawson" <bovine ud.com>].
41 *) [*nix Security] - When FastCgiWrapper (FastCgiSuexec) was in use
42 and a vhost configured to use the same uid/gid as the main
43 server, mod_fastcgi would not bother using the wrapper (suexec)
44 because its effective uid/gid was already appropriate. This is
45 consistent with Apache's v1.3 mod_cgi behaviour. There are two
46 problems with this approach: 1) when FastCgWrapper is in use
47 mod_fastcgi's process manager keeps its root privileges (as its
48 real uid/gid) so it can terminate the applications its starts -
49 this privilege was being passed to applications when the use of
50 the wrapper was bypassed 2) wrappers are often employed to
51 perform functionality beyond setting the uid/gid - by not calling
52 the wrapper under certain circumstances, application invocation
53 environments were inconsistent. With this change, the wrapper is
54 always used (when enabled) under both Apache 1.3 and 2.
55 Reported by ["Michael Richards" <michael fastmail.ca>].
57 *) [*nix/AP2] Use the vhost uid/gid instead of the server uid/gid
58 for dynamic application invocation when the FastCgiWrapper is in use.
59 Reported by ["Michael Richards" <michael fastmail.ca>]
61 *) [*nix] Fix handling of FastCgiWrapper when passed a real path,
62 i.e. other than "on" or "off". ["Michael Richards" <michael fastmail.ca>]
64 *) Eliminate the logging of "incomplete headers (0 bytes) received from
65 server" when a client aborts.
67 *) [WIN32] Fix a delay in handling large POSTs to named pipe based
68 servers. ["Philip Gladstone" <philip okena.com>]
70 *) [*nix/AP2] Prevent the module from being initalized twice at startup
71 (resulting in confusing error messages to the log).
73 *) Eliminate the need for SetHandler or AddHandler with static or
74 external applications.
76 *) Limit PM requests to start a dynamic application
77 to 5sec to prevent endless spinning (this is a drop-dead
78 limit that should only occur if the socket/named_pipe directory
79 is removed out from under a running server).
81 *) [*nix] Change the default socket directory from /tmp/fcgi to:
83 Apache2 - RUNTIMEDIR/fastcgi
85 *) Add -user & -group args to FastCgiServer and FastCgiExternalServer
86 for use with wrappers (in lieu of finding the user/group associated
87 with a virtual host - under Apache2 this isn't accomodated).
89 *) [WIN32] Under Apache2, require v2.0.41 or later in order to pickup my
90 apr_proc_create() changes.
92 *) Log when invoking and restoring the restart backoff policy.
94 *) [WIN32] Prevent intermittent ReadFile() failures (properly initialize the
95 OVERLAPPED structure).
97 *) Eliminate need for dummy files for external servers under Apache2
99 *) Fix auth compatibility mode handling for access checker and authorizer
101 *) Fix HEAD request handling. Based on a patch by
102 ["Chris Lightfoot" <chris ex-parrot.com>].
104 *) [*nix] When autoupdate is enabled touch the socket when restarting
105 the processes to prevent further requests.
106 ["Eckebrecht von Pappenheim" <evp heise.de>]
108 *) Apache 2.0 support.
110 *) [WIN32] Don't read from a potentially closed named pipe.
111 ["Philip Gladstone" <philip okena.com>]
113 *) Require the Apache version 1.3.6 or later to eliminate some signal
116 *) [WIN32] Use asyncronous io with named pipes instead of polled
117 nonblocking io. This should eliminate the last of the npipe issues.
119 *) Handle an application returning a complete and valid response without
120 having consumed all of the data sent to it.
122 *) Consume remaining client data (RESPONDERs only) if any.
124 *) Add support for backing off attempts to start applications that continuously
125 fail to start. Three new macros defined in mod_fastcgi.h control this
126 behaviour: MAX_FAILED_STARTS, RUNTIME_SUCCESS_INTERVAL, FAILED_STARTS_DELAY
128 *) [WIN32] Add (back) support for use of TerminateProcess() to accomodate
129 applications that do not (properly) support the shutdown event (this
130 feature was introduced in fcgi2 2.2.2 and improved in 2.2.4). The
131 new macro WIN32_SHUTDOWN_GRACEFUL_WAIT in mod_fastcgi.h conrols the
132 interval between signaling a proper shutdown and wacking the process(s)
133 with a TerminateProcess().
135 *) [WIN32] Don't set the OVERLAPPED_IO flag on NamedPipe listen HANDLEs -
136 setting it was just plain broken.
138 *) [WIN32] Fix the accept mutex - all applications were sharing one!?
140 *) Fix 'FastCgiConfig -autoUpdate'.
142 *) Fix 'FastCgiConfig -flush'.
144 *) Prevent silly maxProcesses and processSlack combinations.
145 ["Dmitry Dorofeev" <dima yasp.com>]
147 *) Properly handle the killing of idle processes when one takes a long time
148 to exit once signaled down (or the config is funky).
149 ["Dmitry Dorofeev" <dima yasp.com>]
151 *) Always kill the youngest instance of an application. Suggested by
152 ["Dmitry Dorofeev" <dima yasp.com>]
156 *) Delay the logging of write errors to the pm to account for shutdown/restart.
158 *) (Win32) An assortment of fixes.
160 *) Fix some broken casts that were likely the cause of an assert.
162 *) Win32. Eliminate forward slashes from the named pipe path name.
163 ["Gerald Richter" <richter ecos.de>]
165 *) SIGUSR2 is no longer blocked in the process manager and the fastcgi
166 applications it spawns. [<ryans amazon.com>]
168 *) Added support for the -flush argument to FastCgiConfig.
169 ["Eric Sit" <esit alum.mit.edu>]
171 *) Change the "which call to module_init() is this" check to a more
172 reliable approach. ["Doru Petrescu" <pdoru kappa.ro>]
174 *) Close the old pipe file descriptor in apache main on USR1/HUP
175 (elimnates a small leak).
176 ["James E. Jurach Jr." <jjurach fundsxpress.com>]
178 *) Fix a bug in fcgi_config_set_authoritative_slot().
179 ["Tetsuya Furukawa" <tetsuya secom-sis.co.jp>]
181 *) Eliminate the use of locks to assist in the clean shutdown of
182 applications. Instead, it is assumed that applications handle
183 termination signals properly (this is now embedded in the C
186 *) Fix Win32 process termination. Proper operation requires the use of
187 an updated application lib (termination is now signalled with an
188 Event and handled by specialized thread).
190 *) Docs cleanup. ["Andrew Benham" <adsb bigfoot.com>]
192 *) Added code so if the last instance of a dynamic application died without
193 provocation, then don't restart it if singleThreshold > 0 (i.e. if the
194 configuration allows the last instance to be killed, then allow it to die).
195 ["Andrew Benham" <adsb bigfoot.com>]
197 *) Fix the loadFactor calculation used to determine when dyanmic
198 applications could be killed off due to low demand. [<adsb bigfoot.com>]
200 *) Fix a deadlock condition that could occur with Win32 named
203 *) Fix a potential deadlock condition when FastCGI application
204 sent responses while still reading the client request (POST data).
208 *) Allow absolute pathnames in the -socket argument. Suggested by
209 ["Christian Jaeger" <christian.jaeger sl.ethz.ch>].
211 *) Don't invoke suexec when the user/group for the fastcgi application
212 is the same as the apache main server. This is consistent with
213 apache's suexec handling. Suggested by ["Nikolaus Rath"
214 <Nikolaus rath.org>].
216 *) Reset the apache drop dead timer upon successful read or writes
217 to/from the client. This eliminates timeouts that were occuring
218 during the large file transfers to/from slow clients.
220 *) Support generic wrappers such as cgiwrap by eliminating dependencies
221 on Apache's SUEXEC, renaming the FastCgiSuexec directive
222 FastCgiWrapper and eliminating any checks regarding the target
223 application (this is the repsonibility of the wrapper).
225 *) Fix a nasty bug that occurred when a client aborted a POST request
226 before the connection to a dynamic FastCGI application was opened.
227 The application's lock file descriptor wasn't setup but was being
228 closed which resulted in FD0 being closed. Normally this is open to
229 /dev/null and should pose no problems except that because the FD
230 was available it was being returned by Apache's accept(). This
231 caused it to be registered for pool cleanup. mod_cgi though moves
232 the CGI stdin pipe to FD0 and thus it was getting waxed during pool
233 cleanup. Problem identified by [<checksum 163.net>].
235 Changes with mod_fastcgi 2.2.8
237 *) Eliminate the concept of disabled applications. If a failure
238 occurs trying to setup an application (e.g. bind() error) its
239 tried repeatedly every init-start-delay seconds.
241 *) Tweak to Makefile.tmpl to support DSOs.
242 ["Dave Hill" <ddhill zk3.dec.com>]
244 Changes with mod_fastcgi 2.2.6
246 *) Shutdown the PM when Apache appears to have disappeared.
248 *) seteuid() tweak for HP-UX 11.
249 ["Milton L. Hankins" <mlh swl.msd.ray.com>]
251 *) (Win32) More dynamic fixes.
253 *) (Win32) Eliminate the per application named pipe mutex. Its now
254 per process to keep the lib happy (the use _FCGI_MUTEX_ should
255 removed from the lib). This allows pipe-based applications to
256 now handle multiple simoultanous requests (one per process).
258 *) Increase the number of open FDs we look to close when spawning apps.
260 *) Prevent an assert from popping unnecessarily.
262 *) (Win32) Add support for interpretter scripts.
264 *) (Win32) Fix named pipe handling (problems with large responses).
266 *) (Win32) Remove the "can exec" check.
268 Changes with mod_fastcgi 2.2.4
270 *) Beta WinNT support. ["David Allen" <djallen raleigh.ibm.com>] and
271 [Rob Saccoccio <robs chelsea.net>]
273 *) Remove request type restriction (GET and POST only) in order to support
274 Web DAV requests. ["Scott Robertson" <sroberts codeit.com>]
276 *) Allow requests for URLs such as /server/some/other/qualifier to match a
277 FastCGI server defined as /server. This was done primarily for Java
278 Servlets, but is generically useful.
280 *) Change the comm between the PM and the request handlers from a regular
281 file to a pipe and an assortment of other dynamic fixes.
283 *) Log dynamic process termination scheduling and the resulting
284 process exit notification.
286 *) Change the default singleThreshhold from 10 to 0 to prevent the last dynamic
287 application process from being killed off due to low demand.
289 *) Clean up FastCGI application pathnames (e.g. remove duplicate slashes).
291 *) Fix bugs that prevented dynamic processes from being shutdown when
292 the load subsided. ["Lars Heete" <heete do.isst.fhg.de>]
294 *) Prevent dynamic processes from being scheduled to be started before
295 the init-start-delay or restart-delay period expires. This prevents
296 the queuing of process start requests while an application which has
297 a long initialization period starts up.
299 *) When suexec is enabled, allow the process manager to become root again in
300 order to signal applications it spawned.
302 *) Change the "server started" log message level from INFO to WARN.
304 *) Fix dynamic server "Connection Refused" handling.
306 *) Fix demand-based dynamic process spawing (uses a more portable approach).
308 *) Add -idle-timeout arg to FastCgiServer, FastCgiExternalServer, and
309 FastCgiConfig. mod_fastcgi will now abort a connection if inactive for
310 longer than this period. It applies to the initiation of connections as
311 well (and thus is similar to appConnTimeout). Default is 30 seconds.
313 *) appConnTimeout is 0 by default now resulting in blocking connect()s. This
314 is more platform portable/predicable.
316 *) Leave STDOUT and STDERR open to the main server error_log. This should
317 eliminate a pile of protocol errors and having to track down 3rd party
318 libs writing to stderr inadvertantly. This doesn't mean these shouldn't
319 be fixed in the application to use the FastCGI I/O, it just allows these
320 applications to run when previously they'd crash and burn.
322 *) Add the pass-header arg to server directives.
324 *) Allow supplementary groups to be passed to spawned FastCGI applications (as
325 is done for CGI) - at least until PR2580 is resolved.
327 *) Initialize the default (empty) environment in a more socially acceptable
330 *) Miscellaneous doc improvements based on notes I've collected up over the
333 *) Fix a bug in the stderr handling introduced in 2.2.2. There were conditions
334 that resulted in not or improperly terminated strings.
336 *) Fix the call to setsockopt() to disable Nagle. Based on a bug report by
337 ["Johannes Plassmann" <johannes.plassmann pdb.siemens.de>].
339 Changes with mod_fastcgi 2.2.2
341 *) Added support for blocking connect()s by setting appConnTimeout to 0.
342 Non-blocking connect()s (the default) can be troublesome on some platforms.
343 Its expected that blocking connect()s will become the default (and
344 non-blocking connect()s will become optional) in the next release.
346 *) Dump a compile time error if the version of Apache is too old.
348 *) Wrap the SIGPIPE handler manipulation code such that it is only applicable
349 to Apache releases prior to 1.3.6.
351 *) Minor tweaks for RUSSIAN_APACHE. ["Sergey Gershtein" <sg mplik.ru>]
355 Always restart a failed dynamic application if it is the last instance.
356 This means there once started there will always be at least one process
357 instance of a dynamic application.
359 Send PLEASE_START to the PM when a connect() results in an ECONNREFUSED.
360 ECONNREFUSED means the listen queue is full (or there isn't one). Asking
361 the PM to start (another) application instance may help empty it faster.
363 Change two sleep() calls to select() based snoozes because alarm() is in
364 effect and sleep() and alarm() don't always play nice together.
366 Fixed a couple of error messages.
368 *) Fix -listen-queue-depth arg on FastCgiConfig (dynamic). Previously it
369 was ignored and the default was always used.
371 *) Allow the -initial-env argument to be used to pass variables from the
372 Apache process environment to the FastCGI server (by specifying a
373 variable name without the "=" or a value). Suggested by
374 ["Martin Lichtin" <lichtin oanda.com>]
376 *) Cleanup some debug macros.
378 *) Improved script stderr handling. Based on suggestions by
379 ["David Birnbaum" <davidb chelsea.net>]
381 *) Added IRIX and FreeBSD to the list of supported platforms and other minor
382 updates to the INSTALL doc.
384 *) Changed the default listen-queue-depth (FCGI_DEFAULT_LISTEN_Q) from
385 5 to 100. Its still configurable with the -listen-queue-depth option.
386 This should help eliminate the FAQ - Why do I see "Connection Refused"
389 *) Fix a bug in FastCgiExternalServer that broke support for external servers
390 on other hosts. ["Dave Neuer" <dneuer futuristics.net>]
392 Changes with mod_fastcgi 2.2.1
394 *) Updates to the INSTALL doc to describe building as a DSO.
396 *) If the FastCgiIpcDir directive was in use and "httpd -t" was issued while
397 Apache was running ("apachectl restart" does this), the contents of the
398 dynamic directory (dynamic sockets and the mbox) would be blown away
401 *) Add an extern declaration for ap_sys_siglist (its exposed but not in any
402 Apache header file) to prevent a compile error on systems without
405 *) During auth requests, the subprocess_env table was left holding variables
406 sent to the auth FastCGI server (including REMOTE_PASSWD!) which means they
407 were passed to other processing phases (such as CGI/FastCGI). The
408 subprocess_env is now restored to its pre-auth condition.
410 *) Added a FastCGI Authorizer Role compatibility mode which implements the
411 specification to the tee. Use -compat arg with any of the Auth server
412 directives. This is intended for new and existing FastCGI authorizer
413 applications that require compatibility with other server implementations.
415 *) Fix logging from the process manager. Previously, all calls to the
416 logging routines used NULL for the server_rec. This works fine in a dev
417 environment, but results in most of these messages being tossed by
418 log_error_core() because DEFAULT_LOGLEVEL is too low. Odd logic.
420 *) Always setup fr->header so that in the event the FastCGI server
421 doesn't get a valid FastCGI protocol header over the wire, we
422 can still print our error message to the log from do_work().
424 *) Fix a compile error in open_connection_to_fs() on systems with TCP_NODELAY
425 defined. ["Don Locrasto" <locrasto iceminer.com>]
427 Changes with mod_fastcgi 2.2.0
429 *) Serious rewrite of mod_fastcgi.html. An example conf will have
430 to wait until another time - I'm burned out on docs updates.
432 *) Add to the mod_fastcgi to the server version string.
434 *) SCO doesn't like the const in the arg to inet_addr() and
437 *) Use Apache's NET_SIZE_T to get the correct arg type for getsockopt().
439 *) Deleted redundant header files from fcgi.h.
441 *) Full path names are no longer required for directives which take
442 file names as arguments. Like other Apache directives you can
443 specify paths from server_root (don't start with a "/").
445 *) The fcgiKillMgr is gone. This intermediate process sat between
446 the Apache parent and the FastCGI Process Manager under Apache
447 1.2. The process manager tries to name itself fcgi_pm (it used
450 *) Authentication, Authorization, and Access phases are now
451 supported. I've bent the FastCgi spec a bit: as many of the standard
452 environment variables (that were easy) are sent (the spec says don't
453 send some by name), all headers (except Status) sent by the auth
454 FastCgi server are passed to subprocesses (CGI/FastCGI invocations)
455 as environment variables rather than just those prefixed by
456 "Variable-". Custom responses for auth failures aren't supported
457 (yet.. we'll see what the demand for this is like). In addition to
458 the FastCGI protocol defined environment variable "FCGI_ROLE" being
459 set to "AUTHORIZER" an environment variable "FCGI_APACHE_ROLE" is
460 set indicating which of the three phases is being processed. See
461 the docs for info on the new per-directory directives:
463 FastCgiAuthenticator, FastCgiAuthenticatorAuthoritative,
464 FastCgiAuthorizer, FastCgiAuthorizerAuthoritative,
465 FastCgiAccessChecker, FastCgiAccessCheckerAuthoritative
467 *) The code has been broken into logical chunks making figuring it
468 out much easier. All of the #defines a user may want to change are
469 now in mod_fastcgi.h.
471 *) All the logging has been converted to the "supported" Apache
472 logging routines, ap_log_error() and ap_log_rerror(). Log entries
473 for request specific errors should now be directed to the correct
474 server errorlog (if your running more than one). Some attempt has
475 been made at setting appropriate log levels (comments of course are
476 welcome) and printing errno info when its of value. All of log
477 messages now have "FastCGI" in them (nice for grep).
479 *) All of the calls to Apache routines have been updated to the ap_
480 convention, eliminating the need for the compat header.
482 *) By default we no longer flush every piece of data we get from the
483 FastCGI server to the client. This allows the FastCGI server to
484 release without having to wait for the client flush to complete.
485 The old behaviour can revived with the -flush argument to AppClass.
487 *) I renamed some of the directives for consistency (the old names
490 AppClass -> FastCgiServer,
491 FCGIConfig -> FastCgiConfig,
492 ExternalAppClass -> FastCgiExternalServer
494 *) Directive arguments are no longer case sensitive.
496 *) The module now uses hard_timeout() rather than soft_timeout. This
497 means that the module will longjump out of the request if the
498 drop-dead timeout expires (set with Apache's Timeout directive, the
499 default is 5min) or if the client closes the connection (SIGPIPE).
500 This is more typical for a Apache modules and I'm not convinced we
501 properly handle all of the error cases well enough to use
502 soft_timeout (I can think of one place we don't anyway). This means
503 your FastCGI application can see SIGPIPE.
505 *) SIGPIPE is now ignored by default in FastCGI servers spawned by
506 Apache. Without this the default behaviour is exit().
508 *) It should (I think) run now under DSO now.
510 *) The bug which prevented sending of binary data in 2.1b1 is fixed.
512 *) The broken -initial-env bug ins 2.1b1 is fixed.
514 *) Maybe some other stuff.
518 *** Well there's a big gap here. Maybe I'll go back and extract the CVS
519 commit notes and stick 'em in here.. when I get some free time. ;)
524 *** Originally from docs/README..
526 Apache[X1.03.01]/mod_fastcgi[02.00.05] 19970909 unsupported
527 From: "Stanley Gambarin" <stanleyg cs.bu.edu>
529 *) Yet more changes to the source distribution. Separated out
530 the Tcl dynamic string and buffer libraries into separate files.
531 Did the same for the OS library, however, it is not really an
532 abstraction... more like a bunch of wrappers. Added to DEVNOTES
533 a note about the problem of Apache not allowing including header
536 Apache[X1.03.01]/mod_fastcgi[02.00.04] 19970908 unsupported
537 From: "Stanley Gambarin" <stanleyg cs.bu.edu>
539 *) More changes to the installation scripts. Theoretically we
540 should be able to to use the same Makefile/installation script
541 for both Apache 1.2.x and 1.3.x. Need some sort of the abstraction
542 layer to use the same source code for both 1.2.x and 1.3.x sources.
544 Apache[X1.03.01]/mod_fastcgi[02.00.03] 19970905 unsupported
545 From: "Stanley Gambarin" <stanleyg cs.bu.edu>
547 *) Created Makefile to compile the module into the archive library,
548 just like the proxy module. Also initial draft of the installation
549 script, which should work for both 1.2 and 1.3 sources of Apache.
551 Apache[01.02.04]/mod_fastcgi[02.00.02] 19970903 unsupported
552 From: "Stanley Gambarin" <stanleyg cs.bu.edu>
554 *) More source reorg. Separated out some header files. Need much
555 more work on this. Updated the TODO file. Added fcgivers.h and
556 CHANGES file to track the history.
558 Apache[01.02.04]/mod_fastcgi[02.00.01] 19970902 unsupported
559 From: "Stanley Gambarin" <stanleyg cs.bu.edu>
561 *) Source reorganization. This is done to provide a basis for later
562 functionality implementation. See TODO file for more information
563 of what possible future enhancements are possible/desired.
565 Apache[01.02.04]/mod_fastcgi[02.00.00] 19970902 unsupported
566 From: "David MacKenzie" <djm va.pubnix.com>
568 *) Create the "dynamic" dir and "mbox" as the user specified in the
569 User and Group directives instead of as root. They are created with
570 restrictive permissions, and then the module checks to see whether the
571 user specified in the User and Group directives has read, write, and
572 execute permissions on them. Those permissions had been explicitly
573 denied by creating them as "root".
575 *) Some documentation was garbled or incomplete.
577 *) When a FastCGI application can't be execl'd, the code used a
578 value of errno that may have been stomped on by intervening system
579 calls. That happened on BSD/OS 2.1, where the error_log was
580 reporting errno=25 (NOTTY) instead of the correct errno=13 (EACCES).
581 An intervening stdio call was setting errno as a side-effect, which
582 it has the right to do.
584 *) Erroneous fprintf arguments, a missing return value, an unused
585 function, missing declarations, and other problems detected by gcc
588 *) Duplicated code to create the lock file name merged into a single
589 function, closing several memory leaks.
591 *) FCGIConfig -minProcesses didn't allow a value of 0, so the last
592 FCGI app in a given dynamic class would live forever, even if it
593 hadn't been requested for weeks.
595 *) The test for whether to keep looking for dynamic app victims to
596 kill was backwards, so no dynamic apps were ever selected as
599 *) The killInterval and updateInterval were being ignored; the
600 sigsuspend() forced recalculations only when a child died,
601 instead of at the intervals specified.
603 *) When a dynamic app couldn't be started, the program SEGV'd when
604 trying to free the ipcAddrPtr twice.
606 *) Remove the dead lock file and socket when cleaning up after a
607 server whose last child has been killed, so the FastCGIHandler
608 isn't fooled into thinking there is still a process serving
611 *) Make file locking robust in the presence of signals.
613 *) Rename some badly named variables.
615 *) Fix typos in many comments.
617 *) Fix some memory and file descriptor leaks.
619 *) Make the blocking kill of a server closer to working.
621 *) More fixes to calculations in dynamic application management.
624 *** Originally from docs/README.OMI..
626 What's New: Version 2.0b1, 16 Apr 1997
628 *) Implemented a mechanism by which FastCGI applications are started by
629 the web server on the first request and continue running. Also, a
630 heuristics have been implemented to allow for dynamic killing of the
631 running FastCGI apps. The configuration options are supplied via
632 the new FCGIConfig directive, that is described in the
635 *) When performing internal redirect, since the original request's body
636 has already been read, do not allow the redirected request to think
637 that is has one [body].
639 *) More conditional compilation for OS/2.
641 *) Fixed occassional "Assertion failed: len > 0, file mod_fastcgi.c"
643 *) Fixed "failed assertion `count >= 0 && count <= bufPtr->length'"
645 *) Added bflush() call after bwrite() in DrainReqOutBuf function to
646 force some output to be written in the period of inactivity. This
647 circumvents the Apache's buffering during the server-push.
649 *) Added a header-parser function placeholder for compatibility with an
652 *) Additional checks have been placed with regard to permissions of the
653 FastCGI processes. These include the existence of the file,
654 ExecCGI and IncludesNOEXEC checks, disallowing of nph- scripts, etc.
656 *) Implemented a restart cleanup, so that no parentlesses FastCGI
657 applications are left after Apache is restarted and/or terminated.
658 This was accomplished via two independent mechanisms, where the
659 first one prevents a start of the process manager on the first
660 reading of the configuration files. The second mechanism deals away
661 from Apache's implementation of fork() (via spawn_child()) and
662 implements its own forking, thus removing any dependencies on the
663 Apache to cleanup processes during termination phase.
665 *) Removed the definition of the Sigfunc, as Apache 2.0b10 defines it
666 itself in the file conf.h
668 What's New: Version 1.4.3, 15 Jan 1997
670 *) Fixed compilation warnings for various platforms, as well as
671 conditional compilation for OS/2.
673 What's New: Version 1.4.2, 12 Dec 1996
675 *) mod_fastcgi.c is ported to Apache 1.2b. Any further development
676 will proceed under this version of Apache web server.
678 *) As the result of porting, the "include virtual" construct of SSI
679 will now work correctly using either <Location> or <Directory>
682 What's New: Version 1.4.1, 4 Dec 1996
684 *) Checks have been removed from the ScanCGIHeaders that provided
685 for the presence of both Status and Location headers as being
686 an error. Contradictory to CGI/1.1 Internet Draft, both of
687 these headers are used by the current CGI applications.
689 What's New: Version 1.4, 22 Nov 1996
691 *) Added the -port option to AppClass, allowing TCP/IP communication.
692 Added the -socket option to AppClass, allowing Unix domain
693 communication via a configurable pathname.
695 *) Added the ExternalAppClass directive, allowing TCP/IP
696 communication with remote FastCGI applications.
698 *) The handler had its own code for generating HTTP response headers;
699 now it uses Apache's. This reduces the size of the module.
700 More importantly, it fixes the bug in which "include virtual"
701 sees the HTTP response headers.
703 *) The response header parser performed very little checking.
704 Now the parser enforces the guidelines in the CGI/1.1
705 Internet-Draft: Status and Location are mutually exclusive,
706 Location can only be a response to GET or HEAD,
707 CGI response headers can't be repeated, etc. (The CGI response
708 headers are the ones the handler interprets: Status, Location,
711 *) The response header parser used to miss CGI headers
712 with no whitespace after the colon, e.g. "Status:200 OK".
714 *) The response header parser sometimes interpreted the first line
715 of content as an RFC822 continuation line.
717 *) The handler implemented a nonstandard version of Location
718 which never used internal redirects. The handler
719 now attempts to implement Location as specified in the
720 CGI/1.1 Internet-Draft. The module documentation explains
723 *) Error log entries from the response header parser were
724 pretty uninformative; they are better now. If a header is
725 malformed, the log entry includes it. If the headers are
726 unterminated rather than malformed, the log entry says that,
727 and says how many bytes were received from the app.
729 *) When the application manager forked a new process, and that
730 process ran into trouble before executing the first instruction
731 of application code, the process used to exit with status =
732 errno. This made certain configuration problems (e.g. incorrect
733 file permissions when server parent is root) quite difficult
734 to pin down. Now the failing child process opens up the error log
735 and writes an informative entry before exiting.
737 *) The module now correctly handles a slash at the end of the
738 DocumentRoot directive. This was a one-line fix.
740 What's New: Version 1.3.3, 17 Oct 1996
742 *) The module now registers its request handler under the name
743 fastcgi-script in addition to the name application/x-httpd-fcgi.
744 This was a one-line addition to the module, but had quite
745 a large impact on the documentation and sample configuration.
747 What's New: Version 1.3.2, 27 Sept 1996
749 *) On some systems (SunOS, Linux?), fopen for append has a bug
750 that strikes when two processes append to the same file.
751 This bug causes the process manager to corrupt the error log.
752 Work around the bug by calling open, then fdopen. A patch
753 to Apache 1.1.1 is also required, as described in mod_fastcgi.html.
754 (Reported by Bob Ramstad.)
756 What's New: Version 1.3.1, 17 Sept 1996
758 *) On Linux and SunOS, the Apache default user_id (-1) is not a
759 legal value of uid_t, so cast it. (Reported by Bob Ramstad,
760 Scott Langley, others.)
762 *) On some systems (Linux, some Solaris?, Irix?), connect requires
763 write access to a Unix Domain socket, so provide it. (Reported
764 by Scott Langley, <freeform wired.com>, others.)
766 *) If you hit a .fcg file, but there's no AppClass defined, the
767 error should be NOT_FOUND instead of SERVER_ERROR. (Reported
770 What's New: Version 1.3, 4 Sept 1996
772 *) Module sometimes busy-waited in FastCgiDoWork. Fixed.
774 *) Module violated the Apache buff abstraction.
775 Fixed. Might now work with SSL (not tested).
776 As part of the fix, eliminated support for
777 Apache 1.0x versions.
779 *) Module failed to chmod the Unix domain listening sockets
780 it created, so protections were set according to the current
783 *) Module forked too many process manager processes: One
784 per AppClass. When the Apache parent ran as root, these
785 process manager processes ran as root. New process
786 manager is a single process (only started if AppClass is
787 used) and runs with same privileges as other children.
788 The new process manager doesn't do any polling, so
789 there's less system overhead than before.
791 *) AppClass insisted on getting at least two arguments. Fixed.
793 *) Module used setjmp/longjmp, causing compiler warnings
794 on some platforms (e.g. Linux.) The module no longer
797 *) Module created listening sockets in /tmp, where they were
798 sometimes wiped out by cleanup scripts. Added FastCgiIpcDir
799 directive to give control over the location of listening
802 *) Module wrote error log entries without a timestamp. Fixed.
804 *) AppClass directive wrote error messages to stderr in addition
805 to returning a char * message to the Apache core. Fixed.
807 What's New: Version 1.2, 3 June 1996
809 *) Ported from Apache-1.0-based code to Apache-1.1b2 internals by
810 ["Ralf S. Engelschall" <rse en.muc.de>]
811 Add version string: APACHEVERSION macro to mod_fastcgi.c
813 *) chown FastCGI socket to user_id and setuid to user_id for app
816 *) Modify GetFromStream() by having it call an OS dependent
817 function GetStreamSize(FILE *) which uses FILE internal data member.
818 Linux users might need to modify GetStreamSize().
820 What's New: Version 1.1, 10 May 1996
822 *) If you specify a non-existent executable in the AppClass directive,
823 or if the file exists and it does not have execute permission you
824 get a constant stream of error messages telling you that "program
825 terminated due to a signal".
827 *) The mod_fastcgi module should use the standard Apache error logging
828 facility instead of writing to stderr.
830 Version 1.0, 30 April 1996