fhttpd development history

Version	Date	Description	Fix Date
0.4.0	19-Apr-99	Fourth beta
	Logger modules support and fhttpd-log logger that uses it.
	Memory limits for requests and log queues.
	"`503 Backend unavailable`" response for unavailable backend.
0.3.5 bugs	?-Apr-99	FTP didn't work with filenames that contain spaces spaces.	?-Apr-99
0.3.5 bugs	?-Apr-99	Some denial of service attacks were possible -- including "pumping" large amount of data into the server's input queue (works only if backend can't process data faster than it can arrive), keeping connection open after timeout expiration (only if the last response can't be sent to the client) and "incomplete" connection that causes `accept()` to block.	?-Apr-99
0.3.5	26-May-98	Third beta, fifth revision
	Users' directories support. For a long time fhttpd had no support for automatic mapping of user directories. Now it's possible to enable `~username` translation to some directory under user's home directory (default is `public_html`). Also fhttpd can be configured to use user's userid to access those files, run CGIs and modules. Userid 0 is the exception from this rule, module can run as it only if explicitly configured for that, and automatic mapping does not work on usernames with userid 0.
	Modules can be configured to receive usernames/passwords for authentication. Default configuration is to never pass passwords to modules and scripts.
	`SCRIPT_NAME_ORIGINAL` entry is added to modules interface -- it contains the `SCRIPT_NAME` value from the requested URL even if it was rewritten.
	Scripts, running from FTP can have original filename in parameters.
	`GetRule` allows case-insensitive matching for values, and field names matching is changed to case-insensitive.
	In FTP directory creation mode can be specified for wildcard-mask, just like file creation mask.
	File creation mask (`umask`) can be specified.
	Ports can be bound to specific addresses, so it's possible to bind remote modules processes support to particular address (or localhost if remote processes should not be used) to coexist with other servers on the same host with multiple IP addresses.
	Content-Type now can contain spaces.
0.3.4 bugs	?-Apr-98	`OutExec` didn't work on systems where `mmap()` is supported.	?-Apr-98
	?-Mar-98	On files with zero length some browsers don't stop reading when in `Keep-Alive` mode.	26-May-98
	?-Apr-98	FTP timeout was counted even when transfer was in progress, just with longer value.	?-Apr-98
	?-Mar-98	FreeBSD and Solaris versions didn't handle `Last-Modified`/`If-Modified-Since` field properly -- that caused cached files to be "stuck" in a browser even if file on the server was changed.	30-Mar-98
	?-Mar-98	fhttpd-file module produced "hung" processes if configuration file contained errors, even though main process reported errors and continued running.	30-Mar-98
	?-Mar-98	Configuration file lines were not checked for length (were assumed to be always reasonably short because they can be made by sysadmin and therefore can't be a source of anything malicious).	?-Mar-98
	?-Mar-98	Obscure error messages for configuration file problems.	?-Mar-98
0.3.4	27-Mar-98	Third beta, fourth revision (bugfix)
0.3.4	Bugfixes only.
0.3.3 bugs	27-Mar-98	Security bug: Buffer overflow in security-sensitive portion of the code.	27-Mar-98
	?-Mar-98	Modules can crash if started for remote operation, and for some reason can't initialize the connection (wrong parameters or authentication).	27-Mar-98
	17-Mar-98	`POST` upload of more than 4k of data is handled incorrectly.	17-Mar-98
0.3.3	12-Feb-98	Third beta, third revision
	1. Linux libc 6 (glibc 2) support added.
	2. fhttpd-file module exits on idle timeout and supports timeout for transfer.
0.3.2 bugs	?-Jan-98	Timeouts in fhttpd-file module don't work.	?-Jan-98
0.3.2	9-Dec-97	Third beta, second revision
0.3.2	API improvements, bugfix.
0.3.1 bugs	14-Nov-97	Memory leak in modules library (affects modules only, including `fhttpd-file`).	14-Nov-97
0.3.1	14-Oct-97	Third beta, first revision
	1. Ports to other Unix flavors.
	2. Performance improvements.
0.3.0 bugs	?-Oct-97	Lynx can't read directories because it assumes that failed transfer should not create and close data connection. It's actually a bug in WWW library that Lynx uses, and data connection can be created before server detects that the requested path maps to directory and can't be retrieved as a file, but since other FTP servers don't do that, fhttpd should not, too.	?-Oct-97
	?-Oct-97	"`PWD`" FTP command returns empty string when user with home directory "`/`" is logged into FTP and is in the home directory.	14-Oct-97
	?-Oct-97	HTTP 1.0 headers are returned to HTTP 0.9 requests.	13-Oct-97
0.3.0	3-Sep-97	Third beta
	1. 0.2.3 bugs in process control interface and parser fixed.
	2. Configuration options added.
	3. Interface to processes is compiled in the regular build.
	4. Interface to processes can use `AF_UNIX` sockets and pass file descriptors through them.
	5. Processes have command line.
	6. HTTP file I/O and CGI support removed from the main server and reimplemented as a separate process-module that can run locally or across the network. Directory display functionality unchanged, although reimplementation allowed to support `Keep-Alive` in directory listings.
	7. Multiplexed I/O implementation changed and can use `select()` or `poll()`. `select()` now supports arbitrary number of file descriptors (connections), depending on the OS limits, not on `fd_set` size as declared in headers.
	8. fhttpd can be started with non-root userid (obviously this will disallow switching userids when handling requests).
	9. Startup procedure now displays the result of the server initialization and returns meaningful value.
	10. Example document tree changed, config generation script included into the distribution.
0.2.3 bugs	?-Aug-97	Large `Content-Length` sent to an application can crash the server.	?-Aug-97
	?-Aug-97	Processes interface does not work under SunOS.	?-Aug-97
	?-Jul-97	Large number of simultaneous transfers (not idle connections) can crash the server.	?-Jul-97
	15-Mar-97	`config/fhttpd.conf` is wrong (another minor problem in default header, right config is at the homepage).	15-Mar-97
	6-Mar-97	`config/fhttpd.conf` is wrong (right one is at the homepage).	7-Mar-97
0.2.3	28-Feb-97	Second beta, third revision
0.2.3	Requests parsing algorithm changed, improvements in API.
0.2.2	30-Sep-96	Second beta, second revision
0.2.2	User processes support finished, API library added.
0.2.1	27-Aug-96	Second beta, first revision
0.2.1	0.2.0 bugs fixed.
0.2.0 bugs	26-Aug-96	Processes can crash the server by sending wrong message length	26-Aug-96
0.2.0 bugs	26-Aug-96	No anonymous "password" in the log	26-Aug-96
0.2.0	26-Aug-96	Second beta
0.2.0	User processes support.
0.1.8	30-May-96	Eighth revision (pre-0.2.0 security bugfix)
0.1.8	Security bugs fixed.
0.1.8 bugs	30-May-96	Security bug: Group permissions are handled wrong	30-May-96
0.1.7	16-Mar-96	Seventh revision (pre-0.2.0 bugfix)
0.1.7	0.1.6 bugs fixed.
0.1.6 bugs	1-Mar-96	`POST` data may not be sent to CGI script (bug was present only in development versions, not in releases).	1-Mar-96
0.1.6 bugs	10-Feb-96	Server crashes, if `GET` is sent without arguments (bug introduced in version 0.1.6).	10-Feb-96
0.1.6	18-Dec-95	Sixth revision
	1. Escaped characters processing fixed.
	2. Internal imagemap support added.
	3. SpecialExecMask config option added - CGIs can supply the whole response including the status code.
	4. CGIs and other executables are started from their directories instead of "/".
	5. Access can be enabled for the whole list of users in some password file.
	6. Multiplexed file transfers fixed (difference should be invisible with existing browsers).
	7. Configs and default ftp tree corrected again.
0.1.5	27-Nov-95	Fifth revision
	1. Few bugs fixed, including configs and default ftp tree.
	2. Ported to FreeBSD.
0.1.4 bugs	20-Nov-95	`config/fhttpd.conf` is wrong (right one is at the homepage).	27-Nov-95
	18-Nov-95	fhttpd does not compile under FreeBSD.	19-Nov-95
	6-Nov-95	fhttpd does not start, if no stdin/stdout available.	12-Nov-95
	6-Nov-95	Incorrect or no error message for unsupported methods, FTP-like processing of HTTP requests is not disabled.	12-Nov-95
	6-Nov-95	Trailing '/' in directory names is not enforced, so incorrect URLs for directory indexes may cause wrong relative URL resolution.	12-Nov-95
	5-Nov-95	File mode for uploaded files may be either `0` (inbound directory) or `0600` (everywhere else) - no configuration option to change it.	6-Nov-95
	5-Nov-95	`STOR` in ASCII mode causes doubled `<LF>`.	6-Nov-95
0.1.4	2-Nov-95	Fourth revision
	1. Multiple bugs in data receiving routines fixed, performance improved further.
	2. Buffered nonforking transfer support added. Actually, that is a start of the work on cache and request queuing, although now it works only with preloaded files. Still a big performance improvement on frequently requested small files.
	3. The order of MIME type definitions reversed - earlier records in the configuration file override later ones.
	4. `Keep-Alive` implemented.
	5. `SIGHUP` reloads the configuration.
	6. Environment for CGI scripts now contains only relevant variables, bugs in environment handling fixed.
0.1.3 bugs	??-Oct-95	Multiple minor bugs fixed :-), although I have lost track of that fixes :-(	??-Oct-95
0.1.3 bugs	??-Oct-95	Incomplete line may cause server to lock up until the client, sent this line, will either finish the line or disconnect.	??-Oct-95
0.1.3	25-Aug-95	Third revision
	1. Data receiving routines are rewritten to increase performance, some unused routines removed.
	2. Signal handling and socket closing fixed.
	3. `If-Modified-Since` implemented.
0.1.2 bugs	19-Aug-95	`If-Modified-Since` is not implemented.	20-Aug-95
0.1.2 bugs	19-Aug-95	`select()` in main loop (`sockobj.cc`) have to check ready-for reading condition on `accept()` sockets to decrease response time.	19-Aug-95
0.1.2	16-Aug-95	Second revision
	1. IRIX fix.
	2. Different FTP/HTTP trees for different IP addresses of the same host. Now the machine with multiple network interfaces (including "dummies") can handle separate directory trees for every address.
	3. New configuration file options (absolute pathnames).
	4. Some directory handling optimization.
	5. `/etc/fhttpd.pid` file contains PID of running fhttpd.
	6. `index.html` may be used instead of `file_index.html` (requests for `index.html` and `file_index.html` will return the same result, unless both files are present in the directory, although the default directory file is `file_index.html`, and wildcard directory filtering works only with requests for `<wildcards>`file_index.html).
	7. Configuration file may contain long lines, broken into multiple physical lines, using '`\`' at the end of every continued line.
0.1.1 bugs	7-Aug-95	No `.pid` file	16-Aug-95
0.1.1	7-Aug-95	First revision
0.1 bugs	7-Aug-95	Password reloading procedure is not documented.	16-Aug-95
	3-Aug-95	`gcc/g++ 2.7.0` has found some wrong (although harmless - older versions of g++ have compiled it correctly) definitions in the sources.	6-Aug-95
	1-Aug-95	No `<CR>` before `<LF>` in FTP responses.	5-Aug-95
	31-Jul-95	fhttpd must be restarted every time, when password files are changed to re-read them. Inconvenient.	7-Aug-95
	31-Jul-95	fhttpd does not compile on IRIX. Something weird with `signal.h` / `sys/signal.h` on that system. *Fix:* IRIX uses `_LANGUAGE_C_PLUS_PLUS` instead of `__cplusplus`, and `signal()` is defined differently there. `Makefile` and C++ sources are changed to comply with that.	11-Aug-95
	31-Jul-95	Home page has no information about `.header.html`, `.footer.html`, `.index.html` and `file_index.html` control files.	??-Jun-99
	31-Jul-95	Home page has no information about some config parameters.	1-Aug-95
0.1	31-Jul-95	Initial beta release

Home

Info

Documentation

Installation

Configuration

History

Download

Mailing list

Feedback