Forum OpenACS Development: Announcement: NaviServer 4.99.21 available
I am pleased to announce the availability of NaviServer 4.99.21 [1,2]. The release of NaviServer 4.99.21 is now available on sourceforge [1,2]. This is essentially a bug-fix release and cleans everything up, what was reported after the larger release of 4.99.20.
The code is tested at least with Ubuntu 20.04, macOS 10.14.6, 11.2.3, FreeBSD-12.2, OpenBSD 6.8. Below is a summary of changes since the last release.
All the best
======================================= NaviServer 4.99.21, released 2021-04-09 ======================================= 64 files changed, 939 insertions(+), 536 deletions(-) New Features: ------------- - Logging improvements: Added parameter "logsec" and "logthread" for section "ns/parameter" to make logging of full timestamps and thread info optional. This give more control to a developer to shorten the log entries e.g. on development instances by excluding certain values. - Made "ns_http ... -decompress ... "obsolete in favor of new option "-raw". This fixes as well a crash. Bug Fixes: ---------- - Fixed computation of "location" of a request for cases where the network driver is not installed globally. The value of [ns_conn location] (and the redirect target) is often, but not always determined by the host header field as used for virtual servers. - Fixed handling of sendBodyLength in ns_http - Fixed handling of user-ids in nscp. - Fixed potential segmentation violation in debug output, when (a) the network driver is installed locally, and (b) the content of host header field cannot be located in virtual server map (fallback to validation via driver data). - Fixed potential segmentation violation when nsd is called with '-c' and '-t' and the config file contains no "home" parameter in the config file. The fix simplifies the logic, and performs same configuration of nsconf.home whenever "-c" is used in the command line. - Increase sysadmin-friendliness of OCSP handling in error cases: In case OCSP (Online Certificate Status Protocol) is activated and the connection to the AIA-server is blocked, do not reject all traffic but behave like in a configuration without having OCSP activated, and complain the system log. Background: Sometimes requests to the let's encrypt AIA server seems to be blocked by firewalls. Previously, in such situations, all traffic was blocked. - Relax bailing out on malloc(0), since at least the OpenSSL 3a* versions use this frequently on certain configurations. Calls of malloc(0) are essentially useless and dangerous, but we cannot avoid these. Performance improvements: ------------------------- - Added support for TCP_NODELAY for https sockets via configuration option "nodelay" in the nsssl driver section. For whatever reasons, NaviServer handled so far this option. The option can reduce the time of connection calls via https (clearly measurable in benchmark setups). Documentation improvements: --------------------------- - improved the following man pages doc/src/manual/admin-config.man doc/src/manual/admin-tuning.man doc/src/manual/main-history.man doc/src/naviserver/ns_http.man doc/src/naviserver/ns_http.man doc/src/naviserver/ns_write.man nsdb/doc/mann/ns_db.man Configuration Changes: ---------------------- - New options "logsec" and "logthread" for section "ns/parameter" (see above) Code Changes: ------------- - Extended regression test to cover e.g. the error cases from above. - Code Cleanup . Removed obsolete and deprecated functions ctime_r() and asctime_r() in favor of strftime(). . Removed calls to deprecated Tcl functions - Don't pass (implementation-defined) NULL as last argument of a variadic function. - Usual cleanup, such as reduced implicit type conversions, removed useless casts, removed dead assignments - Improve comments, fixed typos