Forum OpenACS Development: Announcement: NaviServer 4.99.21 available

Dear all,

I am pleased to announce the availability of NaviServer 4.99.21 [1,2]. The release of NaviServer 4.99.21 is now available on sourceforge [1,2]. This is essentially a bug-fix release and cleans everything up, what was reported after the larger release of 4.99.20.

The code is tested at least with Ubuntu 20.04, macOS 10.14.6, 11.2.3, FreeBSD-12.2, OpenBSD 6.8. Below is a summary of changes since the last release.

All the best

NaviServer 4.99.21, released 2021-04-09

 64 files changed, 939 insertions(+), 536 deletions(-)

New Features:

 - Logging improvements: Added parameter "logsec" and "logthread" for
   section "ns/parameter" to make logging of full timestamps and
   thread info optional. This give more control to a developer to
   shorten the log entries e.g. on development instances by excluding
   certain values.

 - Made "ns_http ... -decompress ... "obsolete in favor of new option
   "-raw".  This fixes as well a crash.

Bug Fixes:

 - Fixed computation of "location" of a request for cases where the
   network driver is not installed globally. The value of [ns_conn
   location] (and the redirect target) is often, but not always
   determined by the host header field as used for virtual servers.

 - Fixed handling of sendBodyLength in ns_http

 - Fixed handling of user-ids in nscp.

 - Fixed potential segmentation violation in debug output, when (a) the
   network driver is installed locally, and (b) the content of host
   header field cannot be located in virtual server map (fallback to
   validation via driver data).

 - Fixed potential segmentation violation when nsd is called with '-c'
   and '-t' and the config file contains no "home" parameter in the
   config file. The fix simplifies the logic, and performs same
   configuration of nsconf.home whenever "-c" is used in the command

 - Increase sysadmin-friendliness of OCSP handling in error cases: In
   case OCSP (Online Certificate Status Protocol) is activated and the
   connection to the AIA-server is blocked, do not reject all traffic
   but behave like in a configuration without having OCSP activated,
   and complain the system log.  Background: Sometimes requests to the
   let's encrypt AIA server seems to be blocked by
   firewalls. Previously, in such situations, all traffic was

 - Relax bailing out on malloc(0), since at least the OpenSSL 3a*
   versions use this frequently on certain configurations. Calls of
   malloc(0) are essentially useless and dangerous, but we cannot
   avoid these.

Performance improvements:

 - Added support for TCP_NODELAY for https sockets via configuration
   option "nodelay" in the nsssl driver section. For whatever reasons,
   NaviServer handled so far this option. The option can reduce the
   time of connection calls via https (clearly measurable in benchmark

Documentation improvements:

 - improved the following man pages


Configuration Changes:

 - New options "logsec" and "logthread" for section "ns/parameter"
   (see above)

Code Changes:
 - Extended regression test to cover e.g. the error cases from above.

 - Code Cleanup
    . Removed obsolete and deprecated functions ctime_r()
      and asctime_r() in favor of strftime().

    . Removed calls to deprecated Tcl functions

    - Don't pass (implementation-defined) NULL as last argument of a
      variadic function.

    - Usual cleanup, such as reduced implicit type conversions,
      removed useless casts, removed dead assignments

 - Improve comments, fixed typos