Logo address

Difference between version 2.0 and 1.2a

目次

2003/01/11

This release addresses to the problems that server administrator may experience in mixed port environment. The change is so much that the version number is jumped from 1.2a to 2.0.

Bug fix

Upper file size limit in POST method.

Pegasus had a bug when it received large data (>32K) in POST method. This problem is fixed in this release. Now default upper limit is 10MB. The value can be changed in /sys/lib/httpd.conf

HEAD Method to virtual document

Here has been a bug when CGI program received HEAD method. Now fixed in Pegasus 2.0a

Proxy Cache for virtual document

Pegasus 2.0a prohibits any cache for virtual document.

Additional feature.

Persistent connection in CGI

Now persistent connection is supported also in CGI. And new facility is offered so that the CGI program can send the response status easily to the client.

Protection against DoS attack.

Some mechanisms are introduced to protect the server against DoS attack. Now we can reject connections that is over given limit by a single client.

Protection against redirection loop.

Burst access from a client will be generated in mis-configured redirection loop. Therefore some mechanisms are introduced to protect against redirection loop. Now we can control burst accesses.

/sys/log/blacklist

Now clients that tried DoS attack or caused redirection loop are thrown away into blacklist. Access by the clients thrown into blacklist will be rejected.

/sys/lib/httpd.conf

Configuration file /sys/lib/httpd.conf is introduced.

Changes in previous specifications.

In the explanation below, $home denotes a home directory that is owned by the person who administrates the web document, and $web denotes his/her web root. Then the document will be located beneath the document root $web/doc .
Each value of $web of host is determined by /sys/lib/httpd.rewrite. A user have his/her web root without description in that file; the value is $home/web.

Configuration that is specific to real host is supported.

Configuration that is specific to real host have not been supported because I supposed the system administrator will also be an administrator of real host document.
Now real host can be configured exactly same manner as virtual hosts and users.
Fig.1 The handling of real host of earlier version.
Real host have no way for specific configuration.

Fig.2 The handling of real host of this release.
Real host can configure exactly same manner as virtual hosts and users.

$web/etc/namespace_80

namespace.cgi is changed to namespace_80. This means name space can be configured per port; in addition the result is effective not only for CGI but also for file searching. (Fig.3 and Fig.4)
Fig.3 namespace.cgi Fig.4 namespace_80

Executable of CGI

In earlier version, CGI files for virtual hosts and users in directories
	$web/bin/386
	$web/bin/rc
have been bound to /bin in $web/etc/namespace.cgi. Now Pegasus automatically bind them to /bin.

URI redirection file

I applied the mind to the specification of URI redirection file /sys/lib/httpd.rewrite and $web/etc/rewrite. It is not a good solution to have redirection files for each port, because that makes hard for server administrator to have global view of redirection. Therefore I pursued the possibility to do that by using single file keeping the previous format.
The result is: no change to the format of redirection file. A small change to the meaning. The change is: I have accepted the expression of trivial redirection loop giving the new meaning. By this change, expressions of rewriting rule for multiple port became natural and easy to understand.

Execution handler

In Pegasus 1.0, $target was added if it was absent in lines of $web/etc/handler; the example is the last line of the followings:
	# path    mimetype    ramfs    execpath arg ...
	*.http         -         0       $target
	*.html      text/html    1       $target
	*.dx_html   text/html    0       /bin/dx
Now this facility is abolished. If you need $target, please write explicitly. Therefore we must write as below:
	# path    mimetype    unused    execpath arg ...
	*.http         -         0       $target
	*.html      text/html    1       $target
	*.dx_html   text/html    0       /bin/dx $target
And, in this release, the file that is given by $target need not be exist; ramfs is always created and therefore 1/0 values of ramfs field lost the meaning.

Environment valuable of REQUEST_URI in CGI

I have changed the specification of environment valuable REQUEST_URI in CGI. Pegasus will add index.html if the requested path end with "/"(this means the request is directory path). In earlier version CGI programs could not know whether the original request ends with "/" or not. I fixed so that the value of REQUEST_URI is uncooked request and the value of REQUEST_PATH is cooked value by the server.

Things that are wiped out

~user of virtual host

Now Pegasus rejects requests of style ~user to virtual hosts. That is, the request below
	http://virtual.co.jp/~alice
has been accepted even if virtual.co.jp is a virtual host in earlier release. Now such a request will be rejected.

Option -d of httpd

Option -d of httpd is wiped out. We have now /sys/lib/httpd.conf and we can define the server name in this file.

Option -r of httpd

Option -r of httpd is wiped out. We have now /sys/lib/httpd.conf and we can define the replacement of /usr/web/ in this file.

Option -f of httpd

Option -f of httpd is wiped out. This was needless option.

CGI applications

formparse

Now formparse can receive a file. Current restriction is: a single file in one POST.

webm

webm is a new server application that is added in this release. You can send files, remove files or edit files in server using webm.