Subject: CVS commit: pkgsrc/www/ap-fastcgi
To: None <pkgsrc-changes@NetBSD.org>
From: Quentin Garnier <cube@netbsd.org>
List: pkgsrc-changes
Date: 10/28/2004 21:01:50
Module Name:	pkgsrc
Committed By:	cube
Date:		Thu Oct 28 21:01:50 UTC 2004

Modified Files:
	pkgsrc/www/ap-fastcgi: DESCR Makefile PLIST distinfo
Added Files:
	pkgsrc/www/ap-fastcgi: Makefile.common
	pkgsrc/www/ap-fastcgi/patches: patch-aa patch-ab patch-ac patch-ad
	    patch-ae

Log Message:
Update to version 2.4.2.  Split Apache version-dependent parts from the
rest through a Makefile.common entity.  It will help with incoming
ap2-fastcgi addition.

Changes:  lots of!

2.4.2
 *) [WIN] Fix handle leaks in the process manager.
    Sascha Schumann [sascha@schumann.cx]
 *) [WIN] Use a permanent pool for allocating the SystemRoot
    environment variable.  Sakamoto [ringring@zb4.so-net.ne.jp]
 *) [WIN] Fix starting of scripts under AP2.
 *) Do the connect() to the application *after* collecting a chunk
    of client data.  This reinstates the pre-2.4.0 behaviour.
    James Jurach [muaddib@erf.net].
 *) Remove an assert that was triggering on WIN when spawn() failed.
 *) Provide the NO_SUEXEC_FOR_AP_USER_N_GROUP macro for building
    mod_fastcgi with the AP13 suexec behaviour (don't use suexec
    if httpd's user and group match that needed for the application).
 *) Prevent the use of all but the "auth" directives from being used
    anywhere but in global scope.  Prevent more than one instance
    of the FastCgiWrapper directive.
 *) Return NOT_FOUND (404) or FORBIDDEN (403) instead of
    INTERNAL_SERVER_ERROR (500) when there are configuration issues
    or the script does't exist.  Suggested by Jeff Lawson [bovine@ud.com].

2.4.0
 *) [*nix Security] - When FastCgiWrapper (FastCgiSuexec) was in use
    and a vhost configured to use the same uid/gid as the main
    server, mod_fastcgi would not bother using the wrapper (suexec)
    because its effective uid/gid was already appropriate.  This is
    consistent with Apache's v1.3 mod_cgi behaviour.  There are two
    problems with this approach:  1) when FastCgWrapper is in use
    mod_fastcgi's process manager keeps its root privileges (as its
    real uid/gid) so it can terminate the applications its starts -
    this privilege was being passed to applications when the use of
    the wrapper was bypassed  2) wrappers are often employed to
    perform functionality beyond setting the uid/gid - by not calling
    the wrapper under certain circumstances, application invocation
    environments were inconsistent.  With this change, the wrapper is
    always used (when enabled) under both Apache 1.3 and 2.
    Reported by Michael Richards [michael@fastmail.ca].
 *) [*nix/AP2] Use the vhost uid/gid instead of the server uid/gid
    for dynamic application invocation when the FastCgiWrapper is in use.
    Reported by Michael Richards [michael@fastmail.ca]
 *) [*nix] Fix handling of FastCgiWrapper when passed a real path,
    i.e. other than "on" or "off".  Michael Richards [michael@fastmail.ca]
 *) Eliminate the logging of "incomplete headers (0 bytes) received from
    server" when a client aborts.
 *) [WIN32] Fix a delay in handling large POSTs to named pipe based
    servers. Philip Gladstone [philip@okena.com]
 *) [*nix/AP2] Prevent the module from being initalized twice at startup
    (resulting in confusing error messages to the log).
 *) Eliminate the need for SetHandler or AddHandler with static or
    external applications.
 *) Limit PM requests to start a dynamic application
    to 5sec to prevent endless spinning (this is a drop-dead
    limit that should only occur if the socket/named_pipe directory
    is removed out from under a running server).
 *) [*nix] Change the default socket directory from /tmp/fcgi to:
    Apache  - logs/fastcgi
    Apache2 - RUNTIMEDIR/fastcgi
 *) Add -user & -group args to FastCgiServer and FastCgiExternalServer
    for use with wrappers (in lieu of finding the user/group associated
    with a virtual host - under Apache2 this isn't accomodated).
 *) [WIN32] Under Apache2, require v2.0.41 or later in order to pickup my
    apr_proc_create() changes.
 *) Log when invoking and restoring the restart backoff policy.
 *) [WIN32] Prevent intermittent ReadFile() failures (properly initialize the
    OVERLAPPED structure).
 *) Eliminate need for dummy files for external servers under Apache2
 *) Fix auth compatibility mode handling for access checker and authorizer
 *) Fix HEAD request handling.  Based on a patch by
    Chris Lightfoot [chris@ex-parrot.com]
 *) [*nix] When autoupdate is enabled touch the socket when restarting
    the processes to prevent further requests.
    Eckebrecht von Pappenheim [evp@heise.de]
 *) Apache 2.0 support.
 *) [WIN32] Don't read from a potentially closed named pipe.
    Philip Gladstone [philip@okena.com]
 *) Require the Apache version 1.3.6 or later to eliminate some signal
    handling funk.
 *) [WIN32] Use asyncronous io with named pipes instead of polled
    nonblocking io.  This should eliminate the last of the npipe issues.
 *) Handle an application returning a complete and valid response without
    having consumed all of the data sent to it.
 *) Consume remaining client data (RESPONDERs only) if any.
 *) Add support for backing off attempts to start applications that continuously
    fail to start.  Three new macros defined in mod_fastcgi.h control this
    behaviour: MAX_FAILED_STARTS, RUNTIME_SUCCESS_INTERVAL, FAILED_STARTS_DELAY
 *) [WIN32] Add (back) support for use of TerminateProcess() to accomodate
    applications that do not (properly) support the shutdown event (this
    feature was introduced in fcgi2 2.2.2 and improved in 2.2.4).  The
    new macro WIN32_SHUTDOWN_GRACEFUL_WAIT in mod_fastcgi.h conrols the
    interval between signaling a proper shutdown and wacking the process(s)
    with a TerminateProcess().
 *) [WIN32] Don't set the OVERLAPPED_IO flag on NamedPipe listen HANDLEs -
    setting it was just plain broken.
 *) [WIN32] Fix the accept mutex - all applications were sharing one!?
 *) Fix 'FastCgiConfig -autoUpdate'.
 *) Fix 'FastCgiConfig -flush'.
 *) Prevent silly maxProcesses and processSlack combinations.
    Dmitry Dorofeev [dima@yasp.com]
 *) Properly handle the killing of idle processes when one takes a long time
    to exit once signaled down (or the config is funky).
    Dmitry Dorofeev [dima@yasp.com]

2.2.12
 *) Delay the logging of write errors to the pm to account for shutdown/restart.
 *) (Win32) An assortment of fixes.
 *) Fix some broken casts that were likely the cause of an assert.
 *) Win32. Eliminate forward slashes from the named pipe path name.
    Gerald Richter [richter@ecos.de]
 *) SIGUSR2 is no longer blocked in the process manager and the fastcgi
    applications it spawns. [ryans@amazon.com]
 *) Added support for the -flush argument to FastCgiConfig.
    Eric Sit [esit@alum.mit.edu]
 *) Change the "which call to module_init() is this" check to a more
    reliable approach.  Doru Petrescu [pdoru@kappa.ro]
 *) Close the old pipe file descriptor in apache main on USR1/HUP
    (elimnates a small leak).  James E. Jurach Jr. jjurach@fundsxpress.com
 *) Fix a bug in fcgi_config_set_authoritative_slot(). Tetsuya Furukawa
    [tetsuya@secom-sis.co.jp]
 *) Eliminate the use of locks to assist in the clean shutdown of
    applications.  Instead, it is assumed that applications handle
    termination signals properly (this is now embedded in the C
    application lib).
 *) Fix Win32 process termination.  Proper operation requires the use of
    an updated application lib (termination is now signalled with an
        Event and handled by specialized thread).
 *) Docs cleanup.  Andrew Benham [adsb@bigfoot.com]
 *) Added code so if the last instance of a dynamic application died without
    provocation, then don't restart it if singleThreshold > 0 (i.e. if the
    configuration allows the last instance to be killed, then allow it to die).
    Andrew Benham [adsb@bigfoot.com]
 *) Fix the loadFactor calculation used to determine when dyanmic
    applications could be killed off due to low demand [adsb@bigfoot.com].
 *) Fix a deadlock condition that could occur with Win32 named
    pipes (dynamic).
 *) Fix a potential deadlock condition when FastCGI application
    sent responses while still reading the client request (POST data).


To generate a diff of this commit:
cvs rdiff -r1.1 -r1.2 pkgsrc/www/ap-fastcgi/DESCR pkgsrc/www/ap-fastcgi/PLIST
cvs rdiff -r1.26 -r1.27 pkgsrc/www/ap-fastcgi/Makefile
cvs rdiff -r0 -r1.1 pkgsrc/www/ap-fastcgi/Makefile.common
cvs rdiff -r1.2 -r1.3 pkgsrc/www/ap-fastcgi/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/www/ap-fastcgi/patches/patch-aa \
    pkgsrc/www/ap-fastcgi/patches/patch-ab \
    pkgsrc/www/ap-fastcgi/patches/patch-ac \
    pkgsrc/www/ap-fastcgi/patches/patch-ad \
    pkgsrc/www/ap-fastcgi/patches/patch-ae

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.