1 Changes with mod_fastcgi 2.2.7
3 *) Eliminate the concept of disabled applications. If a failure
4 occurs trying to setup an application (e.g. bind() error) its
5 tried again after init-start-delay expires.
7 *) Tweak to Makefile.tmpl to support DSOs. Dave Hill [ddhill@zk3.dec.com]
9 Changes with mod_fastcgi 2.2.6
11 *) Shutdown the PM when Apache appears to have disappeared.
13 *) seteuid() tweak for HP-UX 11. Milton L. Hankins [mlh@swl.msd.ray.com]
15 *) (Win32) More dynamic fixes.
17 *) (Win32) Eliminate the per application named pipe mutex. Its now
18 per process to keep the lib happy (the use _FCGI_MUTEX_ should
19 removed from the lib). This allows pipe-based applications to
20 now handle multiple simoultanous requests (one per process).
22 *) Increase the number of open FDs we look to close when spawning apps.
24 *) Prevent an assert from popping unnecessarily.
26 *) (Win32) Add support for interpretter scripts.
28 *) (Win32) Fix named pipe handling (problems with large responses).
30 *) (Win32) Remove the "can exec" check.
32 Changes with mod_fastcgi 2.2.4
34 *) Beta WinNT support. David Allen [djallen@raleigh.ibm.com] and
35 Rob Saccoccio [robs@chelsea.net]
37 *) Remove request type restriction (GET and POST only) in order to support
38 Web DAV requests. Scott Robertson [sroberts@codeit.com]
40 *) Allow requests for URLs such as /server/some/other/qualifier to match a
41 FastCGI server defined as /server. This was done primarily for Java
42 Servlets, but is generically useful.
44 *) Change the comm between the PM and the request handlers from a regular
45 file to a pipe and an assortment of other dynamic fixes.
47 *) Log dynamic process termination scheduling and the resulting
48 process exit notification.
50 *) Change the default singleThreshhold from 10 to 0 to prevent the last dynamic
51 application process from being killed off due to low demand.
53 *) Clean up FastCGI application pathnames (e.g. remove duplicate slashes).
55 *) Fix bugs that prevented dynamic processes from being shutdown when
56 the load subsided. Lars Heete [heete@do.isst.fhg.de]
58 *) Prevent dynamic processes from being scheduled to be started before
59 the init-start-delay or restart-delay period expires. This prevents
60 the queuing of process start requests while an application which has
61 a long initialization period starts up.
63 *) When suexec is enabled, allow the process manager to become root again in
64 order to signal applications it spawned.
66 *) Change the "server started" log message level from INFO to WARN.
68 *) Fix dynamic server "Connection Refused" handling.
70 *) Fix demand-based dynamic process spawing (uses a more portable approach).
72 *) Add -idle-timeout arg to FastCgiServer, FastCgiExternalServer, and
73 FastCgiConfig. mod_fastcgi will now abort a connection if inactive for
74 longer than this period. It applies to the initiation of connections as
75 well (and thus is similar to appConnTimeout). Default is 30 seconds.
77 *) appConnTimeout is 0 by default now resulting in blocking connect()s. This
78 is more platform portable/predicable.
80 *) Leave STDOUT and STDERR open to the main server error_log. This should
81 eliminate a pile of protocol errors and having to track down 3rd party
82 libs writing to stderr inadvertantly. This doesn't mean these shouldn't
83 be fixed in the application to use the FastCGI I/O, it just allows these
84 applications to run when previously they'd crash and burn.
86 *) Add the pass-header arg to server directives.
88 *) Allow supplementary groups to be passed to spawned FastCGI applications (as
89 is done for CGI) - at least until PR2580 is resolved.
91 *) Initialize the default (empty) environment in a more socially acceptable
94 *) Miscellaneous doc improvements based on notes I've collected up over the
97 *) Fix a bug in the stderr handling introduced in 2.2.2. There were conditions
98 that resulted in not or improperly terminated strings.
100 *) Fix the call to setsockopt() to disable Nagle. [based on a bug report by
101 Johannes Plassmann <johannes.plassmann@pdb.siemens.de>]
103 Changes with mod_fastcgi 2.2.2
105 *) Added support for blocking connect()s by setting appConnTimeout to 0.
106 Non-blocking connect()s (the default) can be troublesome on some platforms.
107 Its expected that blocking connect()s will become the default (and
108 non-blocking connect()s will become optional) in the next release.
110 *) Dump a compile time error if the version of Apache is too old.
112 *) Wrap the SIGPIPE handler manipulation code such that it is only applicable
113 to Apache releases prior to 1.3.6.
115 *) Minor tweaks for RUSSIAN_APACHE. [Sergey Gershtein <sg@mplik.ru>]
119 Always restart a failed dynamic application if it is the last instance.
120 This means there once started there will always be at least one process
121 instance of a dynamic application.
123 Send PLEASE_START to the PM when a connect() results in an ECONNREFUSED.
124 ECONNREFUSED means the listen queue is full (or there isn't one). Asking
125 the PM to start (another) application instance may help empty it faster.
127 Change two sleep() calls to select() based snoozes because alarm() is in
128 effect and sleep() and alarm() don't always play nice together.
130 Fixed a couple of error messages.
132 *) Fix -listen-queue-depth arg on FastCgiConfig (dynamic). Previously it
133 was ignored and the default was always used.
135 *) Allow the -initial-env argument to be used to pass variables from the
136 Apache process environment to the FastCGI server (by specifying a
137 variable name without the "=" or a value). [suggested by
138 Martin Lichtin <lichtin@oanda.com>]
140 *) Cleanup some debug macros.
142 *) Improved script stderr handling. [based on suggestions by
143 David Birnbaum <davidb@chelsea.net>]
145 *) Added IRIX and FreeBSD to the list of supported platforms and other minor
146 updates to the INSTALL doc.
148 *) Changed the default listen-queue-depth (FCGI_DEFAULT_LISTEN_Q) from
149 5 to 100. Its still configurable with the -listen-queue-depth option.
150 This should help eliminate the FAQ - Why do I see "Connection Refused"
153 *) Fix a bug in FastCgiExternalServer that broke support for external servers
154 on other hosts. [Dave Neuer <dneuer@futuristics.net>]
156 Changes with mod_fastcgi 2.2.1
158 *) Updates to the INSTALL doc to describe building as a DSO.
160 *) If the FastCgiIpcDir directive was in use and "httpd -t" was issued while
161 Apache was running ("apachectl restart" does this), the contents of the
162 dynamic directory (dynamic sockets and the mbox) would be blown away
165 *) Add an extern declaration for ap_sys_siglist (its exposed but not in any
166 Apache header file) to prevent a compile error on systems without
169 *) During auth requests, the subprocess_env table was left holding variables
170 sent to the auth FastCGI server (including REMOTE_PASSWD!) which means they
171 were passed to other processing phases (such as CGI/FastCGI). The
172 subprocess_env is now restored to its pre-auth condition.
174 *) Added a FastCGI Authorizer Role compatibility mode which implements the
175 specification to the tee. Use -compat arg with any of the Auth server
176 directives. This is intended for new and existing FastCGI authorizer
177 applications that require compatibility with other server implementations.
179 *) Fix logging from the process manager. Previously, all calls to the
180 logging routines used NULL for the server_rec. This works fine in a dev
181 environment, but results in most of these messages being tossed by
182 log_error_core() because DEFAULT_LOGLEVEL is too low. Odd logic.
184 *) Always setup fr->header so that in the event the FastCGI server
185 doesn't get a valid FastCGI protocol header over the wire, we
186 can still print our error message to the log from do_work().
188 *) Fix a compile error in open_connection_to_fs() on systems with TCP_NODELAY
189 defined (Don Locrasto [locrasto@iceminer.com]).
191 Changes with mod_fastcgi 2.2.0
193 *) Serious rewrite of mod_fastcgi.html. An example conf will have
194 to wait until another time - I'm burned out on docs updates.
196 *) Add to the mod_fastcgi to the server version string.
198 *) SCO doesn't like the const in the arg to inet_addr() and
201 *) Use Apache's NET_SIZE_T to get the correct arg type for getsockopt().
203 *) Deleted redundant header files from fcgi.h.
205 *) Full path names are no longer required for directives which take
206 file names as arguments. Like other Apache directives you can
207 specify paths from server_root (don't start with a "/").
209 *) The fcgiKillMgr is gone. This intermediate process sat between
210 the Apache parent and the FastCGI Process Manager under Apache
211 1.2. The process manager tries to name itself fcgi_pm (it used
214 *) Authentication, Authorization, and Access phases are now
215 supported. I've bent the FastCgi spec a bit: as many of the standard
216 environment variables (that were easy) are sent (the spec says don't
217 send some by name), all headers (except Status) sent by the auth
218 FastCgi server are passed to subprocesses (CGI/FastCGI invocations)
219 as environment variables rather than just those prefixed by
220 "Variable-". Custom responses for auth failures aren't supported
221 (yet.. we'll see what the demand for this is like). In addition to
222 the FastCGI protocol defined environment variable "FCGI_ROLE" being
223 set to "AUTHORIZER" an environment variable "FCGI_APACHE_ROLE" is
224 set indicating which of the three phases is being processed. See
225 the docs for info on the new per-directory directives:
227 FastCgiAuthenticator, FastCgiAuthenticatorAuthoritative,
228 FastCgiAuthorizer, FastCgiAuthorizerAuthoritative,
229 FastCgiAccessChecker, FastCgiAccessCheckerAuthoritative
231 *) The code has been broken into logical chunks making figuring it
232 out much easier. All of the #defines a user may want to change are
233 now in mod_fastcgi.h.
235 *) All the logging has been converted to the "supported" Apache
236 logging routines, ap_log_error() and ap_log_rerror(). Log entries
237 for request specific errors should now be directed to the correct
238 server errorlog (if your running more than one). Some attempt has
239 been made at setting appropriate log levels (comments of course are
240 welcome) and printing errno info when its of value. All of log
241 messages now have "FastCGI" in them (nice for grep).
243 *) All of the calls to Apache routines have been updated to the ap_
244 convention, eliminating the need for the compat header.
246 *) By default we no longer flush every piece of data we get from the
247 FastCGI server to the client. This allows the FastCGI server to
248 release without having to wait for the client flush to complete.
249 The old behaviour can revived with the -flush argument to AppClass.
251 *) I renamed some of the directives for consistency (the old names
254 AppClass -> FastCgiServer,
255 FCGIConfig -> FastCgiConfig,
256 ExternalAppClass -> FastCgiExternalServer
258 *) Directive arguments are no longer case sensitive.
260 *) The module now uses hard_timeout() rather than soft_timeout. This
261 means that the module will longjump out of the request if the
262 drop-dead timeout expires (set with Apache's Timeout directive, the
263 default is 5min) or if the client closes the connection (SIGPIPE).
264 This is more typical for a Apache modules and I'm not convinced we
265 properly handle all of the error cases well enough to use
266 soft_timeout (I can think of one place we don't anyway). This means
267 your FastCGI application can see SIGPIPE.
269 *) SIGPIPE is now ignored by default in FastCGI servers spawned by
270 Apache. Without this the default behaviour is exit().
272 *) It should (I think) run now under DSO now.
274 *) The bug which prevented sending of binary data in 2.1b1 is fixed.
276 *) The broken -initial-env bug ins 2.1b1 is fixed.
278 *) Maybe some other stuff.
282 *** Well there's a big gap here. Maybe I'll go back and extract the CVS
283 commit notes and stick 'em in here.. when I get some free time. ;)
288 *** Originally from docs/README..
290 Apache[X1.03.01]/mod_fastcgi[02.00.05] 19970909 unsupported
291 From: Stanley Gambarin <stanleyg@cs.bu.edu>
293 *) Yet more changes to the source distribution. Separated out
294 the Tcl dynamic string and buffer libraries into separate files.
295 Did the same for the OS library, however, it is not really an
296 abstraction... more like a bunch of wrappers. Added to DEVNOTES
297 a note about the problem of Apache not allowing including header
300 Apache[X1.03.01]/mod_fastcgi[02.00.04] 19970908 unsupported
301 From: Stanley Gambarin <stanleyg@cs.bu.edu>
303 *) More changes to the installation scripts. Theoretically we
304 should be able to to use the same Makefile/installation script
305 for both Apache 1.2.x and 1.3.x. Need some sort of the abstraction
306 layer to use the same source code for both 1.2.x and 1.3.x sources.
308 Apache[X1.03.01]/mod_fastcgi[02.00.03] 19970905 unsupported
309 From: Stanley Gambarin <stanleyg@cs.bu.edu>
311 *) Created Makefile to compile the module into the archive library,
312 just like the proxy module. Also initial draft of the installation
313 script, which should work for both 1.2 and 1.3 sources of Apache.
315 Apache[01.02.04]/mod_fastcgi[02.00.02] 19970903 unsupported
316 From: Stanley Gambarin <stanleyg@cs.bu.edu>
318 *) More source reorg. Separated out some header files. Need much
319 more work on this. Updated the TODO file. Added fcgivers.h and
320 CHANGES file to track the history.
322 Apache[01.02.04]/mod_fastcgi[02.00.01] 19970902 unsupported
323 From: Stanley Gambarin <stanleyg@cs.bu.edu>
325 *) Source reorganization. This is done to provide a basis for later
326 functionality implementation. See TODO file for more information
327 of what possible future enhancements are possible/desired.
329 Apache[01.02.04]/mod_fastcgi[02.00.00] 19970902 unsupported
330 From: David MacKenzie <djm@va.pubnix.com>
332 *) Create the "dynamic" dir and "mbox" as the user specified in the
333 User and Group directives instead of as root. They are created with
334 restrictive permissions, and then the module checks to see whether the
335 user specified in the User and Group directives has read, write, and
336 execute permissions on them. Those permissions had been explicitly
337 denied by creating them as "root".
339 *) Some documentation was garbled or incomplete.
341 *) When a FastCGI application can't be execl'd, the code used a
342 value of errno that may have been stomped on by intervening system
343 calls. That happened on BSD/OS 2.1, where the error_log was
344 reporting errno=25 (NOTTY) instead of the correct errno=13 (EACCES).
345 An intervening stdio call was setting errno as a side-effect, which
346 it has the right to do.
348 *) Erroneous fprintf arguments, a missing return value, an unused
349 function, missing declarations, and other problems detected by gcc
352 *) Duplicated code to create the lock file name merged into a single
353 function, closing several memory leaks.
355 *) FCGIConfig -minProcesses didn't allow a value of 0, so the last
356 FCGI app in a given dynamic class would live forever, even if it
357 hadn't been requested for weeks.
359 *) The test for whether to keep looking for dynamic app victims to
360 kill was backwards, so no dynamic apps were ever selected as
363 *) The killInterval and updateInterval were being ignored; the
364 sigsuspend() forced recalculations only when a child died,
365 instead of at the intervals specified.
367 *) When a dynamic app couldn't be started, the program SEGV'd when
368 trying to free the ipcAddrPtr twice.
370 *) Remove the dead lock file and socket when cleaning up after a
371 server whose last child has been killed, so the FastCGIHandler
372 isn't fooled into thinking there is still a process serving
375 *) Make file locking robust in the presence of signals.
377 *) Rename some badly named variables.
379 *) Fix typos in many comments.
381 *) Fix some memory and file descriptor leaks.
383 *) Make the blocking kill of a server closer to working.
385 *) More fixes to calculations in dynamic application management.
388 *** Originally from docs/README.OMI..
390 What's New: Version 2.0b1, 16 Apr 1997
392 *) Implemented a mechanism by which FastCGI applications are started by
393 the web server on the first request and continue running. Also, a
394 heuristics have been implemented to allow for dynamic killing of the
395 running FastCGI apps. The configuration options are supplied via
396 the new FCGIConfig directive, that is described in the
399 *) When performing internal redirect, since the original request's body
400 has already been read, do not allow the redirected request to think
401 that is has one [body].
403 *) More conditional compilation for OS/2.
405 *) Fixed occassional "Assertion failed: len > 0, file mod_fastcgi.c"
407 *) Fixed "failed assertion `count >= 0 && count <= bufPtr->length'"
409 *) Added bflush() call after bwrite() in DrainReqOutBuf function to
410 force some output to be written in the period of inactivity. This
411 circumvents the Apache's buffering during the server-push.
413 *) Added a header-parser function placeholder for compatibility with an
416 *) Additional checks have been placed with regard to permissions of the
417 FastCGI processes. These include the existence of the file,
418 ExecCGI and IncludesNOEXEC checks, disallowing of nph- scripts, etc.
420 *) Implemented a restart cleanup, so that no parentlesses FastCGI
421 applications are left after Apache is restarted and/or terminated.
422 This was accomplished via two independent mechanisms, where the
423 first one prevents a start of the process manager on the first
424 reading of the configuration files. The second mechanism deals away
425 from Apache's implementation of fork() (via spawn_child()) and
426 implements its own forking, thus removing any dependencies on the
427 Apache to cleanup processes during termination phase.
429 *) Removed the definition of the Sigfunc, as Apache 2.0b10 defines it
430 itself in the file conf.h
432 What's New: Version 1.4.3, 15 Jan 1997
434 *) Fixed compilation warnings for various platforms, as well as
435 conditional compilation for OS/2.
437 What's New: Version 1.4.2, 12 Dec 1996
439 *) mod_fastcgi.c is ported to Apache 1.2b. Any further development
440 will proceed under this version of Apache web server.
442 *) As the result of porting, the "include virtual" construct of SSI
443 will now work correctly using either <Location> or <Directory>
446 What's New: Version 1.4.1, 4 Dec 1996
448 *) Checks have been removed from the ScanCGIHeaders that provided
449 for the presence of both Status and Location headers as being
450 an error. Contradictory to CGI/1.1 Internet Draft, both of
451 these headers are used by the current CGI applications.
453 What's New: Version 1.4, 22 Nov 1996
455 *) Added the -port option to AppClass, allowing TCP/IP communication.
456 Added the -socket option to AppClass, allowing Unix domain
457 communication via a configurable pathname.
459 *) Added the ExternalAppClass directive, allowing TCP/IP
460 communication with remote FastCGI applications.
462 *) The handler had its own code for generating HTTP response headers;
463 now it uses Apache's. This reduces the size of the module.
464 More importantly, it fixes the bug in which "include virtual"
465 sees the HTTP response headers.
467 *) The response header parser performed very little checking.
468 Now the parser enforces the guidelines in the CGI/1.1
469 Internet-Draft: Status and Location are mutually exclusive,
470 Location can only be a response to GET or HEAD,
471 CGI response headers can't be repeated, etc. (The CGI response
472 headers are the ones the handler interprets: Status, Location,
475 *) The response header parser used to miss CGI headers
476 with no whitespace after the colon, e.g. "Status:200 OK".
478 *) The response header parser sometimes interpreted the first line
479 of content as an RFC822 continuation line.
481 *) The handler implemented a nonstandard version of Location
482 which never used internal redirects. The handler
483 now attempts to implement Location as specified in the
484 CGI/1.1 Internet-Draft. The module documentation explains
487 *) Error log entries from the response header parser were
488 pretty uninformative; they are better now. If a header is
489 malformed, the log entry includes it. If the headers are
490 unterminated rather than malformed, the log entry says that,
491 and says how many bytes were received from the app.
493 *) When the application manager forked a new process, and that
494 process ran into trouble before executing the first instruction
495 of application code, the process used to exit with status =
496 errno. This made certain configuration problems (e.g. incorrect
497 file permissions when server parent is root) quite difficult
498 to pin down. Now the failing child process opens up the error log
499 and writes an informative entry before exiting.
501 *) The module now correctly handles a slash at the end of the
502 DocumentRoot directive. This was a one-line fix.
504 What's New: Version 1.3.3, 17 Oct 1996
506 *) The module now registers its request handler under the name
507 fastcgi-script in addition to the name application/x-httpd-fcgi.
508 This was a one-line addition to the module, but had quite
509 a large impact on the documentation and sample configuration.
511 What's New: Version 1.3.2, 27 Sept 1996
513 *) On some systems (SunOS, Linux?), fopen for append has a bug
514 that strikes when two processes append to the same file.
515 This bug causes the process manager to corrupt the error log.
516 Work around the bug by calling open, then fdopen. A patch
517 to Apache 1.1.1 is also required, as described in mod_fastcgi.html.
518 (Reported by Bob Ramstad.)
520 What's New: Version 1.3.1, 17 Sept 1996
522 *) On Linux and SunOS, the Apache default user_id (-1) is not a
523 legal value of uid_t, so cast it. (Reported by Bob Ramstad,
524 Scott Langley, others.)
526 *) On some systems (Linux, some Solaris?, Irix?), connect requires
527 write access to a Unix Domain socket, so provide it. (Reported
528 by Scott Langley, freeform@wired.com, others.)
530 *) If you hit a .fcg file, but there's no AppClass defined, the
531 error should be NOT_FOUND instead of SERVER_ERROR. (Reported
534 What's New: Version 1.3, 4 Sept 1996
536 *) Module sometimes busy-waited in FastCgiDoWork. Fixed.
538 *) Module violated the Apache buff abstraction.
539 Fixed. Might now work with SSL (not tested).
540 As part of the fix, eliminated support for
541 Apache 1.0x versions.
543 *) Module failed to chmod the Unix domain listening sockets
544 it created, so protections were set according to the current
547 *) Module forked too many process manager processes: One
548 per AppClass. When the Apache parent ran as root, these
549 process manager processes ran as root. New process
550 manager is a single process (only started if AppClass is
551 used) and runs with same privileges as other children.
552 The new process manager doesn't do any polling, so
553 there's less system overhead than before.
555 *) AppClass insisted on getting at least two arguments. Fixed.
557 *) Module used setjmp/longjmp, causing compiler warnings
558 on some platforms (e.g. Linux.) The module no longer
561 *) Module created listening sockets in /tmp, where they were
562 sometimes wiped out by cleanup scripts. Added FastCgiIpcDir
563 directive to give control over the location of listening
566 *) Module wrote error log entries without a timestamp. Fixed.
568 *) AppClass directive wrote error messages to stderr in addition
569 to returning a char * message to the Apache core. Fixed.
571 What's New: Version 1.2, 3 June 1996
573 *) Ported from Apache-1.0-based code to Apache-1.1b2 internals by
576 Add version string: APACHEVERSION macro to mod_fastcgi.c
578 *) chown FastCGI socket to user_id and setuid to user_id for app
581 *) Modify GetFromStream() by having it call an OS dependent
582 function GetStreamSize(FILE *) which uses FILE internal data member.
583 Linux users might need to modify GetStreamSize().
585 What's New: Version 1.1, 10 May 1996
587 *) If you specify a non-existent executable in the AppClass directive,
588 or if the file exists and it does not have execute permission you
589 get a constant stream of error messages telling you that "program
590 terminated due to a signal".
592 *) The mod_fastcgi module should use the standard Apache error logging
593 facility instead of writing to stderr.
595 Version 1.0, 30 April 1996