mirrors/skudonet-pound
2
0
Fork 0
mirror of https://github.com/SKUDONET/pound.git synced 2025-10-27 07:29:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
master
skudonet-pound/CHANGELOG
Emilio 08c23cdf70 [Initialization] Pound 2.8a initialization 
Signed-off-by: Emilio <emilio.campos@zevenet.com>

	new file:   CHANGELOG
	new file:   FAQ
	new file:   GPL.txt
	new file:   Makefile.in
	new file:   README
	new file:   apuntes.txt
	new file:   config.c
	new file:   config.guess
	new file:   config.h.in
	new file:   config.sub
	new file:   configure
	new file:   dh2048.pem
	new file:   http.c
	new file:   install-sh
	new file:   pound.8
	new file:   pound.c
	new file:   pound.h
	new file:   poundctl.8
	new file:   poundctl.c
	new file:   stamp-h1
	new file:   svc.c
	new file:   version.c
	new file:   z2_2_5_1.py
	new file:   z2_2_6_1.py
2017-07-14 13:16:07 +02:00

927 lines
31 KiB
Plaintext
Raw Permalink Blame History

------------------------------------------------------------------------
r81 | roseg | 2015-01-26 17:47:53 +0100 (Mon, 26 Jan 2015) | 30 lines
Release 2.7
Enhancements:
- added support for larger DH keys + compile-time parameter for DH bits (workaround for OpenSSL limitation)
- added support for elliptical curve encryption
- added protocol version in X-SSL-cipher (Tom Fitzhenry)
- added "Disable PROTO" directives (fix for Poodle vulnerability)
- added Cert, Disable and Cipher directives for HTTPS back-ends. The directive HTTPS "cert" no longer supported.
- added filtering of "Expect: 100-continue" headers
- Add support for PATCH HTTP method
- Anonymise configuration option - show last client address byte as 0 (based on an idea by Christian Doering)
- SSLAllowClientRenegotiation (based on a patch from Joe Gooch)
- SSLHonorCipherOrder (based on a patch from Joe Gooch)
- Certificate alternate names support (based on a patch from Jonas Pasche)
- poundctl shows the length of the request queue (based on a request from Leo)
Bug fixes:
- fixed lh_retrieve warning
- fixed potential memory leak on client certificates
- fixed alt names problem (Joe Gooch)
- removed debugging messages
- fixed address comparison for RewriteLocation (IPv4/IPv6 problem - Christopher Bartz)
- re-patched the redirect patch (Frank Schmierler)
- fixed RPC handling (Frank Schmierler)
- sanitize URLs for redirection (prevent CSRF)
- SSL disable empty fragments + SSL disable compression (CRIME attack prevention)
- fixed bug in configuration of DISABLED directive
- changed the log level from WARNING to NOTICE if the thread arg is NULL
- fixed testing of gcc options
------------------------------------------------------------------------
r80 | roseg | 2014-12-29 11:47:54 +0100 (Mon, 29 Dec 2014) | 10 lines
Release 2.7f
Enhancements:
- compile-time parameter for DH bits (workaround for OpenSSL limitation)
Bug fixes:
- allow '-' and '=' again in URLs (redirect)
- fixed lh_retrieve warning
- fixed "Disable" regex typo
------------------------------------------------------------------------
r79 | roseg | 2014-12-08 14:39:00 +0100 (Mon, 08 Dec 2014) | 12 lines
Release 2.7e
Enhancements:
- added support for elliptical curve encryption
- added support for larger DH keys
- added protocol version in X-SSL-cipher (Tom Fitzhenry)
Bug fixes:
- fixed potential memory leak on client certificates
- fixed alt names problem (Joe Gooch)
- removed debugging messages
------------------------------------------------------------------------
r78 | roseg | 2014-10-18 12:36:28 +0200 (Sat, 18 Oct 2014) | 10 lines
Release 2.7d
Enhancements:
- added "Disable PROTO" directives (fix for Poodle vulnerability)
- added Cert, Disable and Cipher directives for HTTPS back-ends. The
directive HTTPS "cert" no longer supported.
Bug fixes:
- fixed address comparison for RewriteLocation (IPv4/IPv6 problem - Christopher Bartz)
------------------------------------------------------------------------
r77 | roseg | 2014-04-21 13:16:07 +0200 (Mon, 21 Apr 2014) | 9 lines
Release 2.7c
Enhancements:
- added filtering of "Expect: 100-continue" headers
Bug fixes:
- re-patched the redirect patch (Frank Schmierler)
- fixed RPC handling (Frank Schmierler)
------------------------------------------------------------------------
r76 | roseg | 2013-09-26 14:33:21 +0200 (Thu, 26 Sep 2013) | 12 lines
Release 2.7b
Enhancements:
- Add support for PATCH HTTP method
Bug fixes:
- sanitize URLs for redirection (prevent CSRF)
- SSL disable empty fragments
- SSL disable compression (CRIME attack prevention)
- fixed bug in configuration of DISABLED directive
- changed the log level from WARNING to NOTICE if the thread arg is NULL
------------------------------------------------------------------------
r75 | roseg | 2012-04-09 15:37:26 +0200 (Mon, 09 Apr 2012) | 12 lines
Release 2.7a
Enhancements:
- Anonymise configuration option - show last client address byte as 0 (based on an idea by Christian Doering)
- SSLAllowClientRenegotiation (based on a patch from Joe Gooch)
- SSLHonorCipherOrder (based on a patch from Joe Gooch)
- Certificate alternate names support (based on a patch from Jonas Pasche)
- poundctl shows the length of the request queue (based on a request from Leo)
Bug fixes:
- fixed testing of gcc options
------------------------------------------------------------------------
r74 | roseg | 2011-12-28 14:57:45 +0100 (Wed, 28 Dec 2011) | 10 lines
Release 2.6
Enhancements:
- allow multiple AddHeader directives
Bug fixes:
- fixed memory leak in config/AddHeader
- removed call to AC_FUNC_MALLOC for AIX compatability
- workaround for AIX getaddrinfo() bug
------------------------------------------------------------------------
r73 | roseg | 2011-06-24 17:59:41 +0200 (Fri, 24 Jun 2011) | 7 lines
Release 2.6f
Enhancements:
Bug fixes:
- fixed memory leak in DH (patch by Edvin Torok via Patrizio Tassone)
------------------------------------------------------------------------
r72 | roseg | 2011-04-25 11:10:45 +0200 (Mon, 25 Apr 2011) | 8 lines
Release 2.6e
Enhancements:
Bug fixes:
- fixed problem in SNI certificate storage
- changed long to long long for support of requests larger than 2GB
------------------------------------------------------------------------
r71 | roseg | 2011-04-11 15:59:05 +0200 (Mon, 11 Apr 2011) | 9 lines
Release 2.6d
Enhancements:
- added parsing for certificate CN
Bug fixes:
- fixed problem in task enqueing
- fixed small problem in Makefile
------------------------------------------------------------------------
r70 | roseg | 2010-12-27 17:54:18 +0100 (Mon, 27 Dec 2010) | 14 lines
Release 2.6c
Enhancements:
- added support for OpenSSL 1.0
- added some more detailed error logging
Bug fixes:
- fix for RewriteLocation
- fix for HTTPS back-ends
- fix for RPC support
- fix for possible request smuggling by using multiple headers
Many thanks to Frank Schmirler and Ruben Kerkhof for the contributed patches
------------------------------------------------------------------------
r69 | roseg | 2010-09-25 16:49:49 +0200 (Sat, 25 Sep 2010) | 7 lines
Release 2.6b
Enhancements:
- pre-defined number of threads for better performance on small hardware
Bug fixes:
------------------------------------------------------------------------
r68 | roseg | 2010-06-23 19:18:39 +0200 (Wed, 23 Jun 2010) | 15 lines
Release 2.6a
Stable release 2.5.1
Enhancements:
- support for SNI via multiple Cert directives (thanks to Joe Gooch)
- translate hexadecimal characters in URL for pattern matching
- added support for a "Disabled" directive in the configuration
Bug fixes:
- keep sessions for disabled back-ends, continue using them until the time-out
- fixed memory leak in session removal
- user IgnoreCase for CheckURL too
- fixed some issues with OpenSolaris build (thanks to Spradling Cloyce)
------------------------------------------------------------------------
r67 | roseg | 2010-02-02 12:49:00 +0100 (Tue, 02 Feb 2010) | 9 lines
Release 2.5
Enhancements:
Bug fixes:
- fixed XML format to avoid problems with brain-dead parsers
- fixed Redirect to accept "/" as a path, so that "Redirect http://x/" is
considered an absolute path, but "Redirect http://x" is not
------------------------------------------------------------------------
r66 | roseg | 2010-01-04 17:20:55 +0100 (Mon, 04 Jan 2010) | 7 lines
Release 2.5e
Enhancements:
- added support for symbolic host names in poundctl
Bug fixes:
------------------------------------------------------------------------
r65 | roseg | 2009-12-07 17:01:21 +0100 (Mon, 07 Dec 2009) | 9 lines
Release 2.5d
Enhancements:
- added support for --disable-pcreposix, --disable--tcmalloc, --disable-hoard in configuration script
Bug fixes:
- fixed problem with long input lines in http.c
- if libpcreposix is present, then pcreposix.h must also be present
------------------------------------------------------------------------
r64 | roseg | 2009-09-21 13:16:57 +0200 (Mon, 21 Sep 2009) | 8 lines
Release 2.5c
Enhancements:
- added support for HTTPS backends
Bug fixes:
- fixed problem with sub-patterns in session parameters
------------------------------------------------------------------------
r63 | roseg | 2009-08-19 17:44:07 +0200 (Wed, 19 Aug 2009) | 10 lines
Release 2.5b
Enhancements:
- support for ConnTO directive
- support for IgnoreCase directive
Bug fixes:
- fixed problem in conf_fgets (\n confuses the regexp)
- changed RSA ephemeral keys regeneration default time (every 30 minutes)
------------------------------------------------------------------------
r62 | roseg | 2009-08-06 17:23:30 +0200 (Thu, 06 Aug 2009) | 9 lines
Release 2.5a
Enhancements:
- support for include directive
Bug fixes:
- fixed generation of ephemeral RSA keys (avoid premature locking)
- added pre-generated DH parameters
------------------------------------------------------------------------
r61 | roseg | 2009-06-29 17:53:55 +0200 (Mon, 29 Jun 2009) | 13 lines
Release 2.4.5
Stable release 2.4.5
Enhancements:
- log back-end killed/disabled/enabled (thanks to Joe Gooch and Jon Garvin)
- kill a BE on connection failure only if it has no HAport defined (thanks to Albert); the request may still fail!
Bug fixes:
- fixed parantheses problems in need_rewrite (thanks to SBR)
- added call to free_headers in http.c (thanks to SBR)
- fixed maximal path length in UNIX domain sockets (thanks to Ricardo Gameiro)
------------------------------------------------------------------------
r60 | roseg | 2009-01-14 17:39:52 +0100 (Wed, 14 Jan 2009) | 18 lines
Release 2.4.4
Stable release 2.4.4
Enhancements:
- added support for UNSUBSCRIBE and NOTIFY in xHTTP 3 and 4
- added support for BPROPFIND in xHTTP 4
- on SSL connections always pass the cipher used to the back-end (thanks to Magnus Sandin)
Bug fixes:
- save and restore errno value in cur_time() (thanks to Albert)
- fixed problem in timer thread (thanks to Albert)
- added shutdown for failed socket connection (thanks to Albert)
- fixed problem with CC containing spaces in Makefile.in (thanks to Elan Ruusamäe)
- increased MAXBUF to default 4096
- increased T_RSA default to 30 minutes
- fixed a problem with Unix sockets back-ends (thanks to Ricardo Gameiro)
------------------------------------------------------------------------
r59 | roseg | 2008-05-31 12:25:41 +0200 (Sat, 31 May 2008) | 11 lines
Release 2.4.3
Stable release 2.4.3
Enhancements:
Bug fixes:
- fixed problem in session access time updating (thanks to Piotr Jakubowski)
- fixed problem in session removal (thanks to Doriam Mori)
- fixed problem in Redirect logging (thanks to Albert)
------------------------------------------------------------------------
r58 | roseg | 2008-04-24 16:31:28 +0200 (Thu, 24 Apr 2008) | 13 lines
Release 2.4.2
Stable release 2.4.2
Enhancements:
Bug fixes:
- fixed problem with session TTL -1 (thanks to Scott Royston for pointing it out)
- fixed problem with back-end killing on failed connect
- fixed a small problem in the poundctl XML output (thanks to johnlr for the fix)
- added hints in call to getaddrinfo() (for Solaris 10 support)
- fixed redirection problem (missing slash in Location/Content-location)
------------------------------------------------------------------------
r57 | roseg | 2008-04-05 11:45:41 +0200 (Sat, 05 Apr 2008) | 12 lines
Release 2.4.1
Stable release 2.4.1
Enhancements:
- added cache control for errors (thanks to Pavel Merdin for the suggestion)
Bug fixes:
- fixed problem with double slash in header rewriting (thanks to Cédric P.)
- remove sched_policy to avoid problems on systems with poor support for it
- fixed memory corruption problem with HAport
------------------------------------------------------------------------
r56 | roseg | 2008-02-11 12:53:51 +0100 (Mon, 11 Feb 2008) | 4 lines
Release 2.4
Stable release 2.4
------------------------------------------------------------------------
r55 | roseg | 2007-12-27 12:54:32 +0100 (Thu, 27 Dec 2007) | 7 lines
Release 2.4f
Enhancements:
Bug fixes:
- fixed back-end enable/disable (priority computing)
------------------------------------------------------------------------
r54 | roseg | 2007-11-29 18:16:36 +0100 (Thu, 29 Nov 2007) | 12 lines
Enhancements:
- added PARM session type. Old PARM is now URL
- allow AddHeader for HTTP listeners as well
- allow -1 for session (all types) TTL. Will hash the key to a fixed value
- Redirect takes an optional code parameter (301, 302/default or 307)
- new config param to allow printing the SSL certificate in a single line
- new config param to control the maximal size of the input line
- added better error messages for SSL loading problems
Bug fixes:
- if the same cookie is defined more than once use LAST definition
------------------------------------------------------------------------
r53 | roseg | 2007-08-15 18:26:58 +0200 (Wed, 15 Aug 2007) | 10 lines
Release 2.4d
Enhancements:
- moved to GPLv3
- now using lh_hash for the session tables
Bug fixes:
- allow case-sensitive matching for URLs
- fixed memory leak in DNS searches
------------------------------------------------------------------------
r52 | roseg | 2007-07-04 15:29:27 +0200 (Wed, 04 Jul 2007) | 10 lines
Release 2.4c
Enhancements:
- added XML output for poundctl
- added more detailed error messages
Bug fixes:
- fixed problems with extra-long lines
- fixed problems with chunked encoding
------------------------------------------------------------------------
r51 | roseg | 2007-05-18 10:35:02 +0200 (Fri, 18 May 2007) | 11 lines
Release 2.4b
Enhancements:
- cleaned resurrection code
- added RR threads scheduling
Bug fixes:
- fixed problem long lines (thanks to Rune Saetre)
- fixed pcreposix autoconf for systems that also require pcre
- fixed problem with IP session handling
------------------------------------------------------------------------
r49 | roseg | 2007-04-30 15:01:17 +0200 (Mon, 30 Apr 2007) | 11 lines
Release 2.4a
Enhancements:
- added display of configuration switches
- added grace period for shutdown (based on an idea from Rune Saetre)
- added support for IPv6 (but host caching was removed)
Bug fixes:
- fixed test for owner/group (BSD portability)
- fixed problem with premature opening of control socket
------------------------------------------------------------------------
r46 | roseg | 2007-04-11 15:00:11 +0200 (Wed, 11 Apr 2007) | 8 lines
Release 2.3
Enhancements:
- added display of configuration switches
- added grace period for shutdown (based on an idea from Rune Saetre)
Bug fixes:
------------------------------------------------------------------------
r45 | roseg | 2007-04-04 18:15:53 +0200 (Wed, 04 Apr 2007) | 8 lines
Release 2.2.8
Enhancements:
- more tweaking of the dynamic rescaling code
- more information in poundctl printout
Bug fixes:
------------------------------------------------------------------------
r44 | roseg | 2007-03-12 18:12:14 +0100 (Mon, 12 Mar 2007) | 8 lines
Release 2.2.7
Enhancements:
- dynamic scaling is now a configuration directive (DynScale)
- added vhost to LogLevel 5
Bug fixes:
------------------------------------------------------------------------
r43 | roseg | 2007-03-02 10:30:01 +0100 (Fri, 02 Mar 2007) | 11 lines
Release 2.2.6
Enhancements:
- added transaction time to LogLevel 5
- added priority display for poundctl
Bug fixes:
- fixed problem when adding session via poundctl
- fixed problem in session dump to poundctl
- fixed problem in kill_be call to t_clean
------------------------------------------------------------------------
r42 | roseg | 2007-02-19 18:19:22 +0100 (Mon, 19 Feb 2007) | 7 lines
Release 2.2.5
Enhancements:
Bug fixes:
- fixed problem with sessions (BACKEND copying)
------------------------------------------------------------------------
r41 | roseg | 2007-02-10 15:26:42 +0100 (Sat, 10 Feb 2007) | 14 lines
Release 2.2.4
Enhancements:
- modular tree library
- consolidated all timed functions into a single thread
- added gethostbyname cache
- added LogLevel 5 - same as 4 but with service name and back-end information (thanks to Joe Gooch for the suggestion)
- added session creation and removal to poundctl
Bug fixes:
- added LOG_NDELAY to openlog()
- accept and immediately close connections to disabled listeners (thanks to Joe Gooch for the suggestion)
- fixed problem with -1 values in poundctl
------------------------------------------------------------------------
r40 | roseg | 2007-01-19 21:29:07 +0100 (Fri, 19 Jan 2007) | 5 lines
Release 2.2.3
Bug fixes:
- fixed problems in bad 2.2 release
------------------------------------------------------------------------
r39 | roseg | 2007-01-15 18:17:48 +0100 (Mon, 15 Jan 2007) | 13 lines
Release 2.2.2
Enhancements:
- changes in the dynamic rescaling
- doubled the session key size (for those people with insanely long cookies)
- added LogFacility - for logging to stdout/stderr
- added optional Service names
Bug fixes:
- fixed bug in multiple HeadRemove matching
- fixed problem with extra large session keys
- fixed problem for OpenBSD accept (blocks all threads)
------------------------------------------------------------------------
r38 | roseg | 2007-01-03 18:25:30 +0100 (Wed, 03 Jan 2007) | 13 lines
Release 2.2.1
Enhancements:
- allow specific Listeners to override the gloabl LogLevel value
- allow a default Client value to be defined at the global level
- allow a default TimeOut value to be defined at the global level
- added compile-time flags for file owner and group
Bug fixes:
- fixed some problems in the installation procedure
- fixed problem in SSL session string
- added protocol check in need_rewrite
------------------------------------------------------------------------
r37 | roseg | 2006-12-16 10:18:38 +0100 (Sat, 16 Dec 2006) | 45 lines
Release 2.2
Enhancements:
- added the host to LogLevel 2 (if available)
- added support for tcmalloc (from the Google perftools package)
Bug fixes:
- fixed problem with the initialisation of host_mut
*****************************
Cumulative changes since 2.1:
*****************************
Enhancements:
- added dynamic rescaling of back-end priorities, compile-time flag to enable/disable it
- added support for emergency back-ends
- the program poundctl(8) is now available, added the Control configuration directive
- SESS_IP now behaves like other session types (no longer sticky)
- added RewriteLocation 2: rewrite location if it points to same address, but ignore port
- Redirect uses the original request path
- added RewriteDestination configuration flag to enable rewriting the Destination header
- removed msdav compile-time configuration flag and MSDAV configuration flag, extended xHTTP to allow for
WebDAV, MS-DAV and MS-RPC
- added CRLlist directive, split CRL from CA
- Error replies are sent as pure HTML
- split error messages into:
- LOG_ERR: errors (mostly fatal)
- LOG_WARNING: errors (non-fatal)
- LOG_NOTICE: problems
- LOG_INFO: extra information
- time to serve the requests is logged in LogLevel 2
- added the (virtual) host to LogLevel 2 (if available)
- added line numbers to config error messages
- added TCP_NODELAY for faster response times
- added support for tcmalloc (from the Google perftools package)
Bug fixes:
- fixed problem in str_be (evident mostly in LogLevel 2)
- added 'const' wherever necessary
- check for errors in mutex handling
- fixed the verb pattern in HTTPS listeners
- content is now ignored only on HEAD requests
- fixed problems with autoconf on some systems
- fixed problem with the initialisation of host_mut
------------------------------------------------------------------------
r36 | roseg | 2006-12-09 09:39:23 +0100 (Sat, 09 Dec 2006) | 6 lines
Release 2.1.8
Bug fixes:
- fixed another small problem with autoconf on some systems
- added support for systems that don't define SOL_TCP
------------------------------------------------------------------------
r35 | roseg | 2006-12-06 18:32:16 +0100 (Wed, 06 Dec 2006) | 10 lines
Release 2.1.7
Enhancements:
- added TCP_NODELAY for faster response times
- added compile-time flag to enable/disable dynamic priorities rescaling
Bug fixes:
- fixed problems with autoconf on some systems
- fixed error in control function (be instead of svc)
------------------------------------------------------------------------
r34 | roseg | 2006-11-04 11:28:53 +0100 (Sat, 04 Nov 2006) | 9 lines
Release 2.1.6
Enhancements:
- Redirect uses the original request path
Bug fixes:
- improved dynamic priorities calculation
- fixed problem with Emergency back-ends
------------------------------------------------------------------------
r33 | roseg | 2006-10-23 09:24:28 +0200 (Mon, 23 Oct 2006) | 12 lines
Release 2.1.5
Enhancements:
- added line numbers to config error messages
- added dynamic rescaling of back-end priorities
- added support for emergency back-ends
- the program poundctl(8) is now available
- added the Control configuration directive
Bug fixes:
- improved owner/group detection for install
------------------------------------------------------------------------
r32 | roseg | 2006-10-14 16:39:29 +0200 (Sat, 14 Oct 2006) | 6 lines
Release 2.1.4
Bug fixes:
- content is now ignored only on HEAD requests
- added CRLlist directive, split CRL from CA
------------------------------------------------------------------------
r31 | roseg | 2006-09-21 18:41:15 +0200 (Thu, 21 Sep 2006) | 6 lines
Release 2.1.3
Bug fixes:
- fixed the verb pattern in HTTPS listeners
- removed the spurious printf in cur_time
------------------------------------------------------------------------
r30 | roseg | 2006-09-18 18:12:16 +0200 (Mon, 18 Sep 2006) | 18 lines
Release 2.1.2
Enhancements:
- Error replies are sent as pure HTML
- split error messages into:
- LOG_ERR: errors (mostly fatal)
- LOG_WARNING: errors (non-fatal)
- LOG_NOTICE: problems
- LOG_INFO: extra information
- removed msdav compile-time configuration flag
- removed MSDAV configuration flag
- extended xHTTP to allow for WebDAV, MS-DAV and MS-RPC
- added RewriteDestination configuration flag to enable rewriting the Destination header
- time to serve the requests is logged in LogLevel 2
Bug fixes:
- fixed (again) the RewriteRedirect 2 mode
------------------------------------------------------------------------
r29 | roseg | 2006-09-11 18:35:22 +0200 (Mon, 11 Sep 2006) | 11 lines
Release 2.1.1
Enhancements:
- SESS_IP now behaves like other session types (no longer sticky)
- added RewriteLocation 2: rewrite location if it points to same address, but ignore port
Bug fixes:
- fixed problem in str_be (evident mostly in LogLevel 2)
- added 'const' wherever necessary
- check for errors in mutex handling
------------------------------------------------------------------------
r27 | roseg | 2006-08-05 11:35:52 +0200 (Sat, 05 Aug 2006) | 24 lines
Release 2.1
Enhancements:
- support for pcre library (if available) for much better performance
- support for hoard library (if available) for much better performance
- rewrite Location and Content-location headers for all responses
- improved detection of when is a rewrite necessary
- renamed Change30x to RewriteLocation. Default: on
Bug fixes:
- fixed small problem in the upd_session() code
- declared init_RSAgen() as void everywhere
- moved to SESS_xxx tokens to avoid Solaris name conflict
- added #ifdef's for LOG_FTP and LOG_AUTHPRIV
- fixed problem in URL checking
- fixed problem in session tracking-code and session updating
- fixed LogLevel 3 to show that the v_host is unknown
- fixed headers checking in match_service
- fixed problem in ClientCert directive handling
- fixed potential memory leak in AUTH decoding
- allow OPTIONS WebDAV request to have content
- replaced inet_ntoa with inet_ntop where available
- removed all static buffers
------------------------------------------------------------------------
r25 | roseg | 2006-02-01 10:00:42 +0100 (Wed, 01 Feb 2006) | 14 lines
Release 2.0
Enhancements:
- new configuration file syntax, offering significant improvements.
- the ability to define listener-specific back-ends. In most cases
this should eliminate the need for multiple Pound instances.
- a new type of back-end: the redirector allows you to respond with
a redirect without involving any back-end server.
- most "secondary" properties (such as error messages, client
time-out, etc.) are now private to listeners.
- HAport has an optional address, different from the main back-end
- added a -V flag for version
- session keeping on a specific Header
------------------------------------------------------------------------
r21 | roseg | 2006-02-01 14:27:19 +0100 (Wed, 01 Feb 2006) | 15 lines
Release 1.10
Enhancements:
added NoDaemon configuration directive (replaces compile-time switch)
added LogFacility configuration directive (replaces compile-time switch)
added user name logging
Bug fixes:
fixed problem with the poll() code
fixed problem with empty list in gethostbyname()
added call to setsid() if daemon
conflicting headers are removed (Content-length - Transfer-encoding)
Last release in the 1.x series.
------------------------------------------------------------------------
r19 | roseg | 2005-06-01 15:27:19 +0200 (Wed, 01 Jun 2005) | 18 lines
Release 1.9
Enhancements:
- Added the VerifyList configuration flag (CA root certs + CRL)
- CRL checking code
- RewriteRedirect 2 - ignores port value for host matching
- Added -c flag (check-only mode)
- Added -v flag (verbose mode)
- Added -p flag for pid file name
Bug fixes:
- fixed a potential buffer overflow problem (in checking the Host header)
- added call to SSL_library_init
- added a check for MSIE before forcing SSL shutdown
- X-SSL-Cipher header is added only if HTTPSHeaders is non-zero
- added code for shorter linger on badly closed connections (IE work-around)
- fixed the locking for session checking (mutex_lock/unlock)
------------------------------------------------------------------------
r17 | roseg | 2004-11-04 14:27:19 +0100 (Thu, 04 Nov 2004) | 23 lines
Release 1.8
Changes:
- added support for non-blocking connect(2)
- added support for 414 - Request URI too long
- added RedirectRewrite directive - to prevent redirect changes
- added support for NoHTTPS11 value 2 (for MSIE clients only)
- added support for HTTPSHeaders 3 (no verify)
Problems fixed:
- fixed bug if multiple listening ports/addresses
- fixed memory leak in SSL
- flush stdout (if used) after each log message
- assumes only 304, 305 and 306 codes to have no content
- fixed problem with delays in 302 without content
- fixed problem with time-outs in HTTPS
Enhancements:
- improved threads detection code in autoconf
- added supervisor process disable configuration flag
- tweak for the Location rewriting code (only look at current GROUP)
- improved print-out for client certificate information
------------------------------------------------------------------------
r15 | roseg | 2004-03-24 14:27:19 +0100 (Wed, 24 Mar 2004) | 12 lines
Release 1.7
Fixed bug in X-SSL-CIPHER description
Changed README to stx format for consistency
Addedd X-SSL-certificate with full client certificate
Improved the response times on HTTP/0.9 (content without Content-length)
Improved response granularity on above - using unbuffered BIO now
Fixed problem with IE/SSL (SSL_set_shutdown)
Avoid error messages on premature EOF from client
Fixed HeadRemove code so all headers are checked without exception
Improved autoconf detection
------------------------------------------------------------------------
r13 | roseg | 2003-11-30 14:27:19 +0100 (Sun, 30 Nov 2003) | 15 lines
Release 1.6
Callback for RSA ephemeral keys:
- generated in a separate thread
- used if required (IE 5.0?)
New X-SSL-cipher header encryption level/method
Added CheckURL parameter in config file
- perform syntax check only if value 1 (default 0)
Allow for empty query/param strings in URL syntax
Additional SSL engine loading code
Added parameter for CA certificates
- CA list is sent to client
Verify client certificates up to given depth
Fixed vulnerability in syslog handling
------------------------------------------------------------------------
r11 | roseg | 2003-10-14 15:27:19 +0200 (Tue, 14 Oct 2003) | 19 lines
Release 1.5
Session by Basic Authentication:
Session BASIC parameter added
Syntax checking of request.
User-defined request character set(s):
Parameters CSsegment, CSparameter, CSqid, CSqval
Request size limit:
Parameter MaxRequest
Single log function rather than #ifdefs.
Added LogLevel 4 (same as 3 but without the virtual host info).
Added HeadRemove directive (allows to delete a header from requests).
Location rewriting on redirect:
if the request contains a Header directive
and the response is codes 301, 302, 303, 307
and the Location in the response is to a known host
then the Location header in the response will be rewritten to point
to the Pound protocol/port itself
------------------------------------------------------------------------
r9 | roseg | 2003-04-24 15:27:19 +0200 (Thu, 24 Apr 2003) | 12 lines
Release 1.4
Added 'Server' configuration directive
Fixed problem with HTTPSHeaders 0 "..." - the desired header is written even if HTTPSHeaders is 0
Added the ability of loading a certificate chain.
Added compatability with OpenSSL 0.9.7
Added user-definable error pages.
Added compile-time flags to run in foreground and to log to stderr.
Opens separate pid files per-process.
Improved autoconf.
Some SSL speed optimisations.
------------------------------------------------------------------------
r7 | roseg | 2003-02-19 14:27:19 +0100 (Wed, 19 Feb 2003) | 10 lines
Release 1.3
Added support for OpenSSL Engine (crypto hardware)
Added support for Subversion WebDAV
Added support for mandatory client certificates
Added X-SSL-serial header for SSL connections
Fixed problem with BIO_pending in is_readable
Fixed problem with multi-threading in OpenSSL
Improved autoconf
------------------------------------------------------------------------
r5 | roseg | 2003-01-20 14:27:19 +0100 (Mon, 20 Jan 2003) | 5 lines
Release 1.2
Better handling of "100 Continue" responses
Fixed problem with allowed character set for requests
------------------------------------------------------------------------
r3 | roseg | 2003-01-09 14:27:19 +0100 (Thu, 09 Jan 2003) | 9 lines
Better auto-conf detection
LogLevel 3 for Apache-like log (Combined Log Format)
Don't ask client for certificate if no SSL headers required
Added handling for 'Connection: closed' header
Added monitor process to restart worker process if crashed
Added possibility to listen on all interfaces
Fixed HeadDeny code
Fixed problem with threads on *BSD
------------------------------------------------------------------------
r1 | roseg | 2002-10-31 14:27:19 +0100 (Thu, 31 Oct 2002) | 1 line
Initial import
------------------------------------------------------------------------
Reference in New Issue View Git Blame Copy Permalink