- WARN: Makefile:9: PKGNAME should not be used in DIST_SUBDIR, as it
sometimes includes the PKGREVISION. Please use PKGNAME_NOREV instead.
Noted by Geert Hendrickx on tech-pkg.
changed all through it). While there, make the package correctly fetch the
NetBSD logo.
Bump PKGREVISION, and after that I'll delete the copy ftp.netbsd.org
currently has. The tarball change doesn't happen often enough for this
package to justify the use of DIST_SUBDIR (and that avoids the hairy
problem of sharing the sitedrivenby.gif file).
PR#30641 by Jared Momose.
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
Changes:
New in version 2.25b:
* Move fdwatch initialization before the chroot, so that
/dev/poll can work.
* Multiple fdwatch cleanups and fixes (Adam Zell).
New in version 2.25:
* Prohibit "Host: ." and "Host: .." (David Leadbeater).
* Don't free memory prematurely on SIGUSR1 (A.D.F.).
* Use the specified charset in directory listings and errors
(Jonas Ohlsson).
* Lowered THROTTLE_TIME from 60 seconds to 2 seconds, plus more
aggressive computation of sending rate, to improve throttle
reaction time (E Frank Ball).
* Added code to redistribute the throttled bandwidth fairly among
the currently sending connections.
* Some more throttling changes that smooth things out a lot.
* Added an experimental limitation on the number of simultaneous CGIs.
* Chown the log file when starting as root, so that it can later be
re-opened when running as nobody (or whatever user you configure).
Also tweak the logfile pathname so that it still works inside a
chroot tree.
* Make sure URL paths begin with a slash.
* Generate multiple MIME encodings in the correct order, and with the
correct separator.
* Ignore EINTR on read() and write().
* Fix error in httpd_read_fully() and httpd_write_fully() that could
cause incorrect data to be read or written (Daniel Jensen).
* Don't attempt to double-free a file descriptor if a connection times
out while it is paused for throttling.
* Save and restore errno in signal handlers.
* The non-local referer check is no longer fooled by URLs with query
strings.
* Simplified handling of HAVE_INT64T (Trisk). If this causes problems,
e.g. if there are still systems which don't have "long long", we can
back out the change.
* Keep a list of free connection structs, instead of doing linear search
to find a free one (Adam Zell).
* Added config.h option FLUSH_LOG_EVERY_TIME - if it's turned off, the
log does not get fflushed after each request (Adam Zell).
* Multiple robustness improvements to the fdwatch module (Adam Zell).
* Added /dev/poll support to fdwatch (Adam Zell).
* Automatically add no-cache control header on error responses.
New in version 2.24:
* Added a bunch of MIME types.
* Fix minor problem with returning unknown protocol on some errors.
* Changed the config-file option for diabling symlink checking from "nosymlink" to "nosymlinkcheck" to make its function clearer.
* Allow blank lines in the config file.
* Handle more than one SIGHUP and SIGUSR2 (Cameron Gregory).
* Slight change to handle_newconnect() to better deal with unexpected errors from accept(), such as running out of file descriptors (Alex Keahan).
* Added optional minimum rate to throttles.
* Stats syslog messages downgraded from LOG_NOTICE to LOG_INFO.
* Use unsigned short consistently for port number.
* Prohibit slashes in the Host: header (Marcus Breiing).
* Added a -dd data_dir flag and corresponding config-file option.
* Got rid of the old timer-based zombie process reaper, replacing it with a SIGCHLD handler.
* Changed the idle connection checking from using a separate timer for each connection to using a single timer that checks all active connections.
* Correction to missing-slash directory redirect with query string.
* Added a watchdog alarm handler that forces a core dump if thttpd stops running its timers for too long.
* Don't send Content-Length header on 304 Not Modified responses.
* Allow user-agent log entries to be up to 200 characters long, instead only of 80.
* Fixed buffer overflow bug in defang().
* Re-arranged the order of calling de_dotdot() so that it doesn't get applied to query strings.
* Some fixes for the syslogtocern script (paul fox).
* Changed configure script to use "gcc -dumpversion" instead of "gcc --version" (Ed Goforth).
* Changed most uses of \r and \n to \015 and \012 (Jens Bauer).
* In ssi.c, lack of PATH_INFO is now non-fatal (David Phillips).
* Some improvements to fdwatch (David Burgess).
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
Changes since 2.21b:
* Added some Microsoft MIME types (Kevin Day).
* Switch htpasswd from using tmpnam to mkstemp.
* Rewrote figure_mime() to do binary search.
* Removed the x- from gzip and compress in mime_encodings.txt.
* Added rudimentary option to set cache-control headers.
* Simplified the IPv6 ifdefs.
* Allow filenames with ? in them (Cameron Gregory).
* Some improvements to the mmap cache - added a "panic mode" if you run out
of address space, added DESIRED_MAX_MAPPED_BYTES config.h option.
* Lowered OCCASIONAL_TIME from five minutes to two minutes.
* Fix CGI variable AUTH_TYPE (Alexandre CHERIF).
* Split clear_connection() into two routines, one which sends a possible
buffered response and the other which ignores such (David Burgess).
* Remove /./ in de_dotdot() (Dana Dahlstrom).
* Shortened LINGER_TIME from two seconds to half a second.
* Changed some write() calls to httpd_write_fully(), as suggested by
Neale Pickett.
* Changed the non-mmap() read() call in mmc.c to httpd_read_fully(), as
suggested by Cameron Gregory.
* Added an madvise(MADV_SEQUENTIAL) call in mmc.c.
* Added .xhtml and .xht to mime_types.txt (suggested by Dave Hodder).
* Added index.xhtml and index.xht to INDEX_NAMES (suggested by Dave Hodder).
* Got rid of the custom-jiggered syslog.c, now we just use the standard
system version. Also added a paragraph in the man page about the syslogd
flags needed to make syslogging work from inside a chroot tree.
* Added some OpenOffice MIME types (Dave Hodder).
* Lowered the default DESIRED_MAX_MAPPED_FILES from 2000 to 1000.
* Set up accept filters after listen() (Kris Spinka).
* Preserve query string when doing a missing-slash directory redirect.
* Special-case logging to '-' as stdout (Matt Armstrong).
* Added -s to usage line (Pavel Janík).
* Fix for security hole that exposed contents of .htpasswd in some cases
(noticed by zeno@cgisecurity.com).
* Allow (and ignore) extra fields in .htpasswd files.
* Added some calls to shutdown() in strategic places.
* Added a timer-kill of the CGI interpose input and output process.
These processes also now close the listen fd(s).
* Fixed rare file descriptor leak, when we get an unknown sockaddr family
(George Schlossnagle).
* Put virtual hostname in non-local referer syslog (Craig Leres).
* Added a P3P server privacy header setting (Henrik Schack Jensen).
And lots of other bug fixes.
This value may be customized in various ways:
PKG_SYSCONFBASE is the main config directory under which all package
configuration files are to be found.
PKG_SYSCONFSUBDIR is the subdirectory of PKG_SYSCONFBASE under which the
configuration files for a particular package may be found.
PKG_SYSCONFDIR.${PKGBASE} overrides the value of ${PKG_SYSCONFDIR} for a
particular package.
Users will typically want to set PKG_SYSCONFBASE to /etc, or accept the
default location of ${PREFIX}/etc.
This obsoletes the use of CONFDIR, which was active for only 6 days, so no
need to have a workaround to still accept old CONFDIR settings.
bsd.pkg.install.mk:
* Remove old DEINSTALL/INSTALL scripts.
* Move some text printed at POST-INSTALL time into the MESSAGE file.
* Adjust rc.d scripts to respect rc.conf settings, so that the
script may be directly copied into /etc/rc.d.
Changes: Lots of bugfixes (lingering-close problem, USR1 handling,
off-by-1 in base64 decoding and others), throttling syslog, tuned
throttling, improvements on mmap cache, etc. See
http://www.acme.com/software/thttpd/#releasenotes
---
New in version 2.20b:
* Corrected version of Marcel Telka's ssi fix. My bad.
New in version 2.20:
* Performance improvements to the timer package via hashing, and
double-linking / sorting the lists. Partially based on a suggestion by
Michal Ostrowski.
* Performance improvement to the mmap cache package, from Evan Jones.
* Minor Linux fix for open files limit, from Jordan Ritter.
* Fix for null ClientData, which picky compilers didn't like.
* Unknown sockaddr type becomes a non-fatal error, preventing a DOS attack.
* Close extraneous file descriptors on CGI calls - from Russell Dill.
* Security fixes for the external ssi program, from ghandi@dopesquad.net and
Wolfgang Rupprecht.
* Fix to make the ssi program elide the HTML comment sequence, from Marcel
Telka.
* Red Hat packaging updates from Bennett Todd.
* Throttling fix from Tom Pavel.
New in version 2.19:
* Added hack to prevent MSIE 5 from censoring error messages.
* Minor fix to handling of shouldn't-happen error in ls().
* IPv6/Linux fix from Tero Pelander.
* Documented the -D flag.
New in version 2.18:
* Fixed URL-encoding of high-bit characters - used in directory
listings.
* Made a few more characters come through verbatim instead of %-encoded.
* Couple of minor code cleanups.
* Added some MIME types to support WAP/WML.
* IPv6 fix.
* Made MIME text character-set an option, with iso-8859-1 the default.
New in version 2.17:
* A change in the way wildcard matching works - now a single * only
matches strings that don't include a slash. To match entire pathnames
including slashes you have to use **.
* On systems with IPv6, automatically bind to both v4 and v6 sockets.
* Slight change to non-local referer checking to handle older browsers.
* Tweaks to some of the error-403 syslog messages.
* Portability tweak for OSF/1.
* Portability tweak for IPv6 systems.
* Fix for ssi.c from Marcel Telka.
* Added charset=iso-8859-1 to text MIME types.
* Added wildcards to redirect.
* Changed symlinks/nosymlinks config options to symlink/nosymlink, to
conform to the man page (old style still accepted).
upgrade 2.15 -> 2.16. changes from webpage:
- More explicit error pages for 403 Forbidden.
- New section in the manual page explaining how thttpd is picky about
file permissions.
- Couple of CGI tweaks from David Chaiken.
Main reason: IPv6. Changes:
New in version 2.15:
* Use standard isxdigit macro instead of is_hexit routine.
* Portability fix for Debian, which lacks gai_strerror().
* Fix for .htpasswd authorization, broken by 2.14's custom error pages
change.
New in version 2.14:
* Fix to non-local referer code - it was trying to dereference a null
pointer under some circumstances.
* Fix to If-Modified-Since - some leap year problems.
* Rewrote match() - it was using a whole lot of CPU time for patterns
with lots of |'s, such as those used by the new non-local-referer
filtering.
* Fix to host lookup code for -h flag.
* Fix custom error pages to work with 401 Unauthorized.
* Removed unused variable.
New in version 2.13:
* Portability fix for fdwatch on systems with poll() but not select().
* Renamed nph-redirect to redirect, now that thttpd does header parsing.
* Always chdir to / after a chroot.
* Some minor de-linting changes.
* Revived code that closes stdin/stdout/stderr, after adding a fix in the
CGI code to prevent descriptors from getting screwed up.
* Bugfix for CGI header parsing - if the CGI was sending binary data
(e.g. images), the result could get truncated or corrupted.
* Disallow ".." listing of virtual host directory.
* Revised snprintf portability fix.
* Rearranged the hc initialization so it's all in one place.
* New IPv6 code from KIKUCHI Takahiro.
* New non-local referer filtering code from Craig Leres.
* New custom error pages code from Catalin Ionescu.
New in version 2.12:
* Better heuristic for deciding between select() and poll().
* Added Red Hat RPM spec file.
New in version 2.11:
* Use poll() instead of select() when favorable.
* Do lazy allocation of part of the connection data structure, to save on
memory now that we can have thousands of simultaneous connections.
* Some speed optimizations.
* Add HTTP_HOST to CGI environment.
* Bugfix for rare uninitialized variable.
New in version 2.10:
* Bugfix for CGI header parsing.
* Call setlogin() if it's available.
Michael Santos in PR pkg/8801. Chances since version 2.04:
- New el-cheapo virtual hosting feature.
- Assorted bug fixes - non-anchored wildcard matching, truncated CGI
output, throttling, authorization cache, daemonization, date-header
parsing.
- Option to write pid to a file, re-open log file on SIGHUP.
- Now looks for index files from a list, instead of only index.html.
- Simple config file.
