1 2Changes with Unit 1.31.1 19 Oct 2023 3 4 *) Feature: allow to set the HTTP response status in Wasm module. 5 6 *) Feature: allow uploads larger than 4GiB in Wasm module. 7 8 *) Bugfix: application process could crash while rewriting URLs with 9 query strings. 10 11 *) Bugfix: requests larger than about 64MiB could cause error in Wasm 12 module. 13 14 *) Bugfix: when using many headers in Java module some of them could be 15 corrupted due to memory realocation issue. 16 17 *) Bugfix: ServerRequest.destroy() implemented in Node.js module to make 18 it compatible with some frameworks that might use it. 19 20 *) Bugfix: chunk argument of ServerResponse.write() can now be a 21 Uint8Array to improve compatibility with Node.js 15.0.0 and above. 22 23 *) Bugfix: Node.JS unit-http NPM module now has appropriate default 24 paths for macOS/arm64 systems. 25 26 *) Bugfix: build on musl libc with clang. 27 28 29Changes with Unit 1.31.0 31 Aug 2023 30 31 *) Change: if building with njs, version 0.8.0 or later is now required. 32 33 *) Feature: technology preview of WebAssembly application module. 34 35 *) Feature: "response_headers" option to manage headers in the action 36 and fallback. 37 38 *) Feature: HTTP response header variables. 39 40 *) Feature: ASGI lifespan state support. Thanks to synodriver. 41 42 *) Bugfix: ensure that $uri variable is not cached. 43 44 *) Bugfix: deprecated options were unavailable. 45 46 *) Bugfix: ASGI applications inaccessible over IPv6. 47 48 49Changes with Unit 1.30.0 10 May 2023 50 51 *) Change: remove Unix domain listen sockets upon reconfiguration. 52 53 *) Feature: basic URI rewrite support. 54 55 *) Feature: NJS loadable modules support. 56 57 *) Feature: per-application logging. 58 59 *) Feature: conditional logging of route selection. 60 61 *) Feature: support the keys API on the request objects in NJS. 62 63 *) Feature: default values for 'make install' pathnames such as prefix; 64 this allows to './configure && make && sudo make install'. 65 66 *) Feature: "server_version" setting to omit the version token from 67 "Server" header field. 68 69 *) Bugfix: request header field values could be corrupted in some cases; 70 the bug had appeared in 1.29.0. 71 72 *) Bugfix: PHP error handling (added missing 403 and 404 errors). 73 74 *) Bugfix: Perl applications crash on second responder call. 75 76 77Changes with Unit 1.29.1 28 Feb 2023 78 79 *) Bugfix: stop creating world-writeable directories. 80 81 *) Bugfix: memory leak related to NJS. 82 83 *) Bugfix: path parsing in PHP applications. 84 85 *) Bugfix: enabled UTF-8 for Python config by default to avoid 86 applications failing in some cases. 87 88 *) Bugfix: using asyncio.get_running_loop() instead of 89 asyncio.get_event_loop() when it's available to prevent errors in 90 some Python ASGI applications. 91 92 *) Bugfix: applications that make use of various low level APIs such as 93 pthreads could fail to work correctly. 94 95 *) Bugfix: websocket endianness detection for obscure operating systems. 96 97 98Changes with Unit 1.29.0 15 Dec 2022 99 100 *) Change: removed $uri auto-append for "share" when loading 101 configuration. 102 103 *) Change: prefer system crypto policy instead of hardcoding a default. 104 105 *) Feature: njs support with the basic syntax of JS template literals. 106 107 *) Feature: support per-application cgroups on Linux. 108 109 *) Feature: the $request_time variable contains the request processing 110 time. 111 112 *) Feature: "prefix" option in Python applications to set WSGI 113 "SCRIPT_NAME" and ASGI root-path variables. 114 115 *) Feature: compatibility with Python 3.11. 116 117 *) Feature: compatibility with OpenSSL 3. 118 119 *) Feature: compatibility with PHP 8.2. 120 121 *) Feature: compatibility with Node.js 19.0. 122 123 *) Feature: Ruby Rack v3 support. 124 125 *) Bugfix: fix error in connection statistics when using proxy. 126 127 *) Bugfix: fix HTTP cookie parsing when the value contains an equals 128 sign. 129 130 *) Bugfix: PHP directory URLs without a trailing '/' would give a 503 131 error (fixed with a 301 re-direct). 132 133 *) Bugfix: missing error checks in the C API. 134 135 *) Bugfix: report the regex status in configure summary. 136 137 138Changes with Unit 1.28.0 13 Sep 2022 139 140 *) Change: increased the applications' startup timeout. 141 142 *) Change: disallowed abstract Unix domain socket syntax in non-Linux 143 systems. 144 145 *) Feature: basic statistics API. 146 147 *) Feature: customizable access log format. 148 149 *) Feature: more HTTP variables support. 150 151 *) Feature: forwarded header to replace client address and protocol. 152 153 *) Feature: ability to get dynamic variables. 154 155 *) Feature: support for abstract Unix sockets. 156 157 *) Feature: support for Unix sockets in address matching. 158 159 *) Feature: the $dollar variable translates to a literal "$" during 160 variable substitution. 161 162 *) Bugfix: router process could crash if index file didn't contain an 163 extension. 164 165 *) Bugfix: force SCRIPT_NAME in Ruby to always be an empty string. 166 167 *) Bugfix: when isolated PID numbers reach the prototype process host 168 PID, the prototype crashed. 169 170 *) Bugfix: the Ruby application process could crash on SIGTERM. 171 172 *) Bugfix: the Ruby application process could crash on SIGINT. 173 174 *) Bugfix: mutex leak in the C API. 175 176 177Changes with Unit 1.27.0 02 Jun 2022 178 179 *) Feature: ability to specify a custom index file name when serving 180 static files. 181 182 *) Feature: variables support in the "location" option of the "return" 183 action. 184 185 *) Feature: support empty strings in the "location" option of the 186 "return" action. 187 188 *) Feature: added a new variable, $request_uri, that includes both the 189 path and the query parts as per RFC 3986, sections 3-4. 190 191 *) Feature: Ruby Rack environment parameter "SCRIPT_NAME" support. 192 193 *) Feature: compatibility with GCC 12. 194 195 *) Bugfix: Ruby Sinatra applications don't work without custom logging. 196 197 *) Bugfix: the controller process could crash when a chain of more than 198 four certificates was uploaded. 199 200 *) Bugfix: some Perl applications failed to process the request body, 201 notably with Plack. 202 203 *) Bugfix: some Spring Boot applications failed to start, notably with 204 Grails. 205 206 *) Bugfix: incorrect Python protocol auto detection (ASGI or WSGI) for 207 native callable object, notably with Falcon. 208 209 *) Bugfix: ECMAScript modules did not work with the recent Node.js 210 versions. 211 212 213Changes with Unit 1.26.1 02 Dec 2021 214 215 *) Bugfix: occasionally, the Unit daemon was unable to fully terminate; 216 the bug had appeared in 1.26.0. 217 218 *) Bugfix: a prototype process could crash on an application process 219 exit; the bug had appeared in 1.26.0. 220 221 *) Bugfix: the router process crashed on reconfiguration if "access_log" 222 was configured without listeners. 223 224 *) Bugfix: a segmentation fault occurred in the PHP module if chdir() or 225 fastcgi_finish_request() was called in the OPcache preloading script. 226 227 *) Bugfix: fatal errors on DragonFly BSD; the bug had appeared in 228 1.26.0. 229 230 231Changes with Unit 1.26.0 18 Nov 2021 232 233 *) Change: the "share" option now specifies the entire path to the files 234 it serves, rather than a document root directory to be prepended to 235 the request URI. 236 237 *) Feature: automatic adjustment of existing configurations to the new 238 "share" behavior when updating from previous versions. 239 240 *) Feature: variables support in the "share" option. 241 242 *) Feature: multiple paths in the "share" option. 243 244 *) Feature: variables support in the "chroot" option. 245 246 *) Feature: PHP opcache is shared between application processes. 247 248 *) Feature: request routing by the query string. 249 250 *) Bugfix: the router and app processes could crash when the requests 251 limit was reached by asynchronous or multithreaded apps. 252 253 *) Bugfix: established WebSocket connections could stop reading frames 254 from the client after the corresponding listener had been 255 reconfigured. 256 257 *) Bugfix: fixed building with glibc 2.34, notably Fedora 35. 258 259 260Changes with Unit 1.25.0 19 Aug 2021 261 262 *) Feature: client IP address replacement from a specified HTTP header 263 field. 264 265 *) Feature: TLS sessions cache. 266 267 *) Feature: TLS session tickets. 268 269 *) Feature: application restart control. 270 271 *) Feature: process and thread lifecycle hooks in Ruby. 272 273 *) Bugfix: the router process could crash on TLS connection open when 274 multiple listeners with TLS certificates were configured; the bug had 275 appeared in 1.23.0. 276 277 *) Bugfix: TLS connections were rejected for configurations with 278 multiple certificate bundles in a listener if the client did not use 279 SNI. 280 281 *) Bugfix: the router process could crash with frequent multithreaded 282 application reconfiguration. 283 284 *) Bugfix: compatibility issues with some Python ASGI apps, notably 285 based on the Starlette framework. 286 287 *) Bugfix: a descriptor and memory leak occurred in the router process 288 when an app process stopped or crashed. 289 290 *) Bugfix: the controller or router process could crash if the 291 configuration contained a full-form IPv6 in a listener address. 292 293 *) Bugfix: the router process crashed when a request was passed to an 294 empty "routes" or "upstreams" using a variable "pass" option. 295 296 *) Bugfix: the router process crashed while matching a request to an 297 empty array of source or destination address patterns. 298 299 300Changes with Unit 1.24.0 27 May 2021 301 302 *) Change: PHP added to the default MIME type list. 303 304 *) Feature: arbitrary configuration of TLS connections via OpenSSL 305 commands. 306 307 *) Feature: the ability to limit static file serving by MIME types. 308 309 *) Feature: support for chrooting, rejecting symlinks, and rejecting 310 mount point traversal on a per-request basis when serving static 311 files. 312 313 *) Feature: a loader for automatically overriding the "http" and 314 "websocket" modules in Node.js. 315 316 *) Feature: multiple "targets" in Python applications. 317 318 *) Feature: compatibility with Ruby 3.0. 319 320 *) Bugfix: the router process could crash while closing a TLS 321 connection. 322 323 *) Bugfix: a segmentation fault might have occurred in the PHP module if 324 fastcgi_finish_request() was used with the "auto_globals_jit" option 325 enabled. 326 327 328Changes with Unit 1.23.0 25 Mar 2021 329 330 *) Feature: support for multiple certificate bundles on a listener via 331 the Server Name Indication (SNI) TLS extension. 332 333 *) Feature: "--mandir" ./configure option to specify the directory for 334 man page installation. 335 336 *) Bugfix: the router process could crash on premature TLS connection 337 close; the bug had appeared in 1.17.0. 338 339 *) Bugfix: a connection leak occurred on premature TLS connection close; 340 the bug had appeared in 1.6. 341 342 *) Bugfix: a descriptor and memory leak occurred in the router process 343 when processing small WebSocket frames from a client; the bug had 344 appeared in 1.19.0. 345 346 *) Bugfix: a descriptor leak occurred in the router process when 347 removing or reconfiguring an application; the bug had appeared in 348 1.19.0. 349 350 *) Bugfix: persistent storage of certificates might've not worked with 351 some filesystems in Linux, and all uploaded certificate bundles were 352 forgotten after restart. 353 354 *) Bugfix: the controller process could crash while requesting 355 information about a certificate with a non-DNS SAN entry. 356 357 *) Bugfix: the controller process could crash on manipulations with a 358 certificate containing a SAN and no standard name attributes in 359 subject or issuer. 360 361 *) Bugfix: the Ruby module didn't respect the user locale for defaults 362 in the Encoding class. 363 364 *) Bugfix: the PHP 5 module failed to build with thread safety enabled; 365 the bug had appeared in 1.22.0. 366 367 368Changes with Unit 1.22.0 04 Feb 2021 369 370 *) Feature: the ServerRequest and ServerResponse objects of Node.js 371 module are now compliant with Stream API. 372 373 *) Feature: support for specifying multiple directories in the "path" 374 option of Python apps. 375 376 *) Bugfix: a memory leak occurred in the router process when serving 377 files larger than 128K; the bug had appeared in 1.13.0. 378 379 *) Bugfix: apps could stop processing new requests under high load; the 380 bug had appeared in 1.19.0. 381 382 *) Bugfix: app processes could terminate unexpectedly under high load; 383 the bug had appeared in 1.19.0. 384 385 *) Bugfix: invalid HTTP responses were generated for some unusual status 386 codes. 387 388 *) Bugfix: the PHP_AUTH_USER, PHP_AUTH_PW, and PHP_AUTH_DIGEST server 389 variables were missing in the PHP module. 390 391 *) Bugfix: the router process could crash with multithreaded apps under 392 high load. 393 394 *) Bugfix: Ruby apps with multithreading configured could crash on start 395 under load. 396 397 *) Bugfix: mount points weren't unmounted when the "mount" namespace 398 isolation was used; the bug had appeared in 1.21.0. 399 400 *) Bugfix: the router process could crash while removing or 401 reconfiguring an app that used WebSocket. 402 403 *) Bugfix: a memory leak occurring in the router process when removing 404 or reconfiguring an application; the bug had appeared in 1.19.0. 405 406 407Changes with Unit 1.21.0 19 Nov 2020 408 409 *) Change: procfs is mounted by default for all languages when "rootfs" 410 isolation is used. 411 412 *) Change: any characters valid according to RFC 7230 are now allowed in 413 HTTP header field names. 414 415 *) Change: HTTP header fields with underscores ("_") are now discarded 416 from requests by default. 417 418 *) Feature: optional multithreaded request processing for Java, Python, 419 Perl, and Ruby apps. 420 421 *) Feature: regular expressions in route matching patterns. 422 423 *) Feature: compatibility with Python 3.9. 424 425 *) Feature: the Python module now supports ASGI 2.0 legacy applications. 426 427 *) Feature: the "protocol" option in Python applications aids choice 428 between ASGI and WSGI. 429 430 *) Feature: the fastcgi_finish_request() PHP function that finalizes 431 request processing and continues code execution without holding onto 432 the client connection. 433 434 *) Feature: the "discard_unsafe_fields" HTTP option that enables 435 discarding request header fields with irregular (but still valid) 436 characters in the field name. 437 438 *) Feature: the "procfs" and "tmpfs" automount isolation options to 439 disable automatic mounting of eponymous filesystems. 440 441 *) Bugfix: the router process could crash when running Go applications 442 under high load; the bug had appeared in 1.19.0. 443 444 *) Bugfix: some language dependencies could remain mounted after using 445 "rootfs" isolation. 446 447 *) Bugfix: various compatibility issues in Java applications. 448 449 *) Bugfix: the Java module built with the musl C library couldn't run 450 applications that use "rootfs" isolation. 451 452 453Changes with Unit 1.20.0 08 Oct 2020 454 455 *) Change: the PHP module is now initialized before chrooting; this 456 enables loading all extensions from the host system. 457 458 *) Change: AVIF and APNG image formats added to the default MIME type 459 list. 460 461 *) Change: functional tests migrated to the pytest framework. 462 463 *) Feature: the Python module now fully supports applications that use 464 the ASGI 3.0 server interface. 465 466 *) Feature: the Python module now has a built-in WebSocket server 467 implementation for applications, compatible with the HTTP & WebSocket 468 ASGI Message Format 2.1 specification. 469 470 *) Feature: automatic mounting of an isolated "/tmp" file system into 471 chrooted application environments. 472 473 *) Feature: the $host variable contains a normalized "Host" request 474 value. 475 476 *) Feature: the "callable" option sets Python application callable 477 names. 478 479 *) Feature: compatibility with PHP 8 RC 1. Thanks to Remi Collet. 480 481 *) Feature: the "automount" option in the "isolation" object allows to 482 turn off the automatic mounting of language module dependencies. 483 484 *) Bugfix: "pass"-ing requests to upstreams from a route was broken; the 485 bug had appeared in 1.19.0. Thanks to 洪志道 (Hong Zhi Dao) for 486 discovering and fixing it. 487 488 *) Bugfix: the router process could crash during reconfiguration. 489 490 *) Bugfix: a memory leak occurring in the router process; the bug had 491 appeared in 1.18.0. 492 493 *) Bugfix: the "!" (non-empty) pattern was matched incorrectly; the bug 494 had appeared in 1.19.0. 495 496 *) Bugfix: fixed building on platforms without sendfile() support, 497 notably NetBSD; the bug had appeared in 1.16.0. 498 499 500Changes with Unit 1.19.0 13 Aug 2020 501 502 *) Feature: reworked IPC between the router process and the applications 503 to lower latencies, increase performance, and improve scalability. 504 505 *) Feature: support for an arbitrary number of wildcards in route 506 matching patterns. 507 508 *) Feature: chunked transfer encoding in proxy responses. 509 510 *) Feature: basic variables support in the "pass" option. 511 512 *) Feature: compatibility with PHP 8 Beta 1. Thanks to Remi Collet. 513 514 *) Bugfix: the router process could crash while passing requests to an 515 application under high load. 516 517 *) Bugfix: a number of language modules failed to build on some systems; 518 the bug had appeared in 1.18.0. 519 520 *) Bugfix: time in error log messages from PHP applications could lag. 521 522 *) Bugfix: reconfiguration requests could hang if an application had 523 failed to start; the bug had appeared in 1.18.0. 524 525 *) Bugfix: memory leak during reconfiguration. 526 527 *) Bugfix: the daemon didn't start without language modules; the bug had 528 appeared in 1.18.0. 529 530 *) Bugfix: the router process could crash at exit. 531 532 *) Bugfix: Node.js applications could crash at exit. 533 534 *) Bugfix: the Ruby module could be linked against a wrong library 535 version. 536 537 538Changes with Unit 1.18.0 28 May 2020 539 540 *) Feature: the "rootfs" isolation option for changing root filesystem 541 for an application. 542 543 *) Feature: multiple "targets" in PHP applications. 544 545 *) Feature: support for percent-encoding in the "uri" and "arguments" 546 matching options and in the "pass" option. 547 548 549Changes with Unit 1.17.0 16 Apr 2020 550 551 *) Feature: a "return" action with optional "location" for immediate 552 responses and external redirection. 553 554 *) Feature: fractional weights support for upstream servers. 555 556 *) Bugfix: accidental 502 "Bad Gateway" errors might have occurred in 557 applications under high load. 558 559 *) Bugfix: memory leak in the router; the bug had appeared in 1.13.0. 560 561 *) Bugfix: segmentation fault might have occurred in the router process 562 when reaching open connections limit. 563 564 *) Bugfix: "close() failed (9: Bad file descriptor)" alerts might have 565 appeared in the log while processing large request bodies; the bug 566 had appeared in 1.16.0. 567 568 *) Bugfix: existing application processes didn't reopen the log file. 569 570 *) Bugfix: incompatibility with some Node.js applications. 571 572 *) Bugfix: broken build on DragonFly BSD; the bug had appeared in 573 1.16.0. 574 575 576Changes with Unit 1.16.0 12 Mar 2020 577 578 *) Feature: basic load-balancing support with round-robin. 579 580 *) Feature: a "fallback" option that performs an alternative action if a 581 request can't be served from the "share" directory. 582 583 *) Feature: reduced memory consumption by dumping large request bodies 584 to disk. 585 586 *) Feature: stripping UTF-8 BOM and JavaScript-style comments from 587 uploaded JSON. 588 589 *) Bugfix: negative address matching in router might work improperly in 590 combination with non-negative patterns. 591 592 *) Bugfix: Java Spring applications failed to run; the bug had appeared 593 in 1.10.0. 594 595 *) Bugfix: PHP 7.4 was broken if it was built with thread safety 596 enabled. 597 598 *) Bugfix: compatibility issues with some Python applications. 599 600 601Changes with Unit 1.15.0 06 Feb 2020 602 603 *) Change: extensions of dynamically requested PHP scripts were 604 restricted to ".php". 605 606 *) Feature: compatibility with Ruby 2.7. 607 608 *) Bugfix: segmentation fault might have occurred in the router process 609 with multiple application processes under load; the bug had appeared 610 in 1.14.0. 611 612 *) Bugfix: receiving request body over TLS connection might have 613 stalled. 614 615 616Changes with Unit 1.14.0 26 Dec 2019 617 618 *) Change: the Go package import name changed to "unit.nginx.org/go". 619 620 *) Change: Go package now links to libunit instead of including library 621 sources. 622 623 *) Feature: ability to change user and group for isolated applications 624 when Unit daemon runs as an unprivileged user. 625 626 *) Feature: request routing by source and destination addresses and 627 ports. 628 629 *) Bugfix: memory bloat on large responses. 630 631 632Changes with Unit 1.13.0 14 Nov 2019 633 634 *) Feature: basic support for HTTP reverse proxying. 635 636 *) Feature: compatibility with Python 3.8. 637 638 *) Bugfix: memory leak in Python application processes when the close 639 handler was used. 640 641 *) Bugfix: threads in Python applications might not work correctly. 642 643 *) Bugfix: Ruby on Rails applications might not work on Ruby 2.6. 644 645 *) Bugfix: backtraces for uncaught exceptions in Python 3 might be 646 logged with significant delays. 647 648 *) Bugfix: explicit setting a namespaces isolation option to false might 649 have enabled it. 650 651 652Changes with Unit 1.12.0 03 Oct 2019 653 654 *) Feature: compatibility with PHP 7.4. 655 656 *) Bugfix: descriptors leak on process creation; the bug had appeared in 657 1.11.0. 658 659 *) Bugfix: TLS connection might be closed prematurely while sending 660 response. 661 662 *) Bugfix: segmentation fault might have occurred if an irregular file 663 was requested. 664 665 666Changes with Unit 1.11.0 19 Sep 2019 667 668 *) Feature: basic support for serving static files. 669 670 *) Feature: isolation of application processes with Linux namespaces. 671 672 *) Feature: built-in WebSocket server implementation for Java Servlet 673 Containers. 674 675 *) Feature: direct addressing of API configuration options containing 676 slashes "/" using URI encoding (%2F). 677 678 *) Bugfix: segmentation fault might have occurred in Go applications 679 under high load. 680 681 *) Bugfix: WebSocket support was broken if Unit was built with some 682 linkers other than GNU ld (e.g. gold or LLD). 683 684 685Changes with Unit 1.10.0 22 Aug 2019 686 687 *) Change: matching of cookies in routes made case sensitive. 688 689 *) Change: decreased log level of common errors when clients close 690 connections. 691 692 *) Change: removed the Perl module's "--include=" ./configure option. 693 694 *) Feature: built-in WebSocket server implementation for Node.js module. 695 696 *) Feature: splitting PATH_INFO from request URI in PHP module. 697 698 *) Feature: request routing by scheme (HTTP or HTTPS). 699 700 *) Feature: support for multipart requests body in Java module. 701 702 *) Feature: improved API compatibility with Node.js 11.10 or later. 703 704 *) Bugfix: reconfiguration failed if "listeners" or "applications" 705 objects were missing. 706 707 *) Bugfix: applying a large configuration might have failed. 708 709 710Changes with Unit 1.9.0 30 May 2019 711 712 *) Feature: request routing by arguments, headers, and cookies. 713 714 *) Feature: route matching patterns allow a wildcard in the middle. 715 716 *) Feature: POST operation for appending elements to arrays in 717 configuration. 718 719 *) Feature: support for changing credentials using CAP_SETUID and 720 CAP_SETGID capabilities on Linux without running main process as 721 privileged user. 722 723 *) Bugfix: memory leak in the router process might have happened when a 724 client prematurely closed the connection. 725 726 *) Bugfix: applying a large configuration might have failed. 727 728 *) Bugfix: PUT and DELETE operations on array elements in configuration 729 did not work. 730 731 *) Bugfix: request schema in applications did not reflect TLS 732 connections. 733 734 *) Bugfix: restored compatibility with Node.js applications that use 735 ServerResponse._implicitHeader() function; the bug had appeared in 736 1.7. 737 738 *) Bugfix: various compatibility issues with Node.js applications. 739 740 741Changes with Unit 1.8.0 01 Mar 2019 742 743 *) Change: now three numbers are always used for versioning: major, 744 minor, and patch versions. 745 746 *) Change: now QUERY_STRING is always defined even if the request does 747 not include the query component. 748 749 *) Feature: basic internal request routing by Host, URI, and method. 750 751 *) Feature: experimental support for Java Servlet Containers. 752 753 *) Bugfix: segmentation fault might have occurred in the router process. 754 755 *) Bugfix: various potential memory leaks. 756 757 *) Bugfix: TLS connections might have stalled. 758 759 *) Bugfix: some Perl applications might have failed to send the response 760 body. 761 762 *) Bugfix: some compilers with specific flags might have produced 763 non-functioning builds; the bug had appeared in 1.5. 764 765 *) Bugfix: Node.js package had wrong version number when installed from 766 sources. 767 768 769Changes with Unit 1.7.1 07 Feb 2019 770 771 *) Security: a heap memory buffer overflow might have been caused in the 772 router process by a specially crafted request, potentially resulting 773 in a segmentation fault or other unspecified behavior 774 (CVE-2019-7401). 775 776 *) Bugfix: install of Go module failed without prior building of Unit 777 daemon; the bug had appeared in 1.7. 778 779 780Changes with Unit 1.7 20 Dec 2018 781 782 *) Change: now rpath is set in Ruby module only if the library was not 783 found in default search paths; this allows to meet packaging 784 restrictions on some systems. 785 786 *) Bugfix: "disable_functions" and "disable_classes" PHP options set via 787 Control API did not work. 788 789 *) Bugfix: Promises on request data in Node.js were not triggered. 790 791 *) Bugfix: various compatibility issues with Node.js applications. 792 793 *) Bugfix: a segmentation fault occurred in Node.js module if 794 application tried to read request body after request.end() was 795 called. 796 797 *) Bugfix: a segmentation fault occurred in Node.js module if 798 application attempted to send header twice. 799 800 *) Bugfix: names of response header fields in Node.js module were 801 erroneously treated as case-sensitive. 802 803 *) Bugfix: uncatched exceptions in Node.js were not logged. 804 805 *) Bugfix: global install of Node.js module from sources was broken on 806 some systems; the bug had appeared in 1.6. 807 808 *) Bugfix: traceback for exceptions during initialization of Python 809 applications might not be logged. 810 811 *) Bugfix: PHP module build failed if PHP interpreter was built with 812 thread safety enabled. 813 814 815Changes with Unit 1.6 15 Nov 2018 816 817 *) Change: "make install" now installs Node.js module as well if it was 818 configured. 819 820 *) Feature: "--local" ./configure option to install Node.js module 821 locally. 822 823 *) Bugfix: Node.js module might have crashed due to broken reference 824 counting. 825 826 *) Bugfix: asynchronous operations in Node.js might not have worked. 827 828 *) Bugfix: various compatibility issues with Node.js applications. 829 830 *) Bugfix: "freed pointer is out of pool" alerts might have appeared in 831 log. 832 833 *) Bugfix: module discovery did not work on 64-bit big-endian systems 834 like IBM/S390x. 835 836 837Changes with Unit 1.5 25 Oct 2018 838 839 *) Change: the "type" of application object for Go was changed to 840 "external". 841 842 *) Feature: initial version of Node.js package with basic HTTP 843 request-response support. 844 845 *) Feature: compatibility with LibreSSL. 846 847 *) Feature: --libdir and --incdir ./configure options to install libunit 848 headers and static library. 849 850 *) Bugfix: connection might be closed prematurely while sending 851 response; the bug had appeared in 1.3. 852 853 *) Bugfix: application processes might have stopped handling requests, 854 producing "last message send failed: Resource temporarily 855 unavailable" alerts in log; the bug had appeared in 1.4. 856 857 *) Bugfix: Go applications did not work when Unit was built with musl C 858 library. 859 860 861Changes with Unit 1.4 20 Sep 2018 862 863 *) Change: the control API maps the configuration object only at 864 "/config/". 865 866 *) Feature: TLS support for client connections. 867 868 *) Feature: TLS certificates storage control API. 869 870 *) Feature: Unit library (libunit) to streamline language module 871 integration. 872 873 *) Feature: "408 Request Timeout" responses while closing HTTP 874 keep-alive connections. 875 876 *) Feature: improvements in OpenBSD support. Thanks to David Carlier. 877 878 *) Bugfix: a segmentation fault might have occurred after 879 reconfiguration. 880 881 *) Bugfix: building on systems with non-default locale might be broken. 882 883 *) Bugfix: "header_read_timeout" might not work properly. 884 885 *) Bugfix: header fields values with non-ASCII bytes might be handled 886 incorrectly in Python 3 module. 887 888 889Changes with Unit 1.3 13 Jul 2018 890 891 *) Change: UTF-8 characters are now allowed in request header field 892 values. 893 894 *) Feature: configuration of the request body size limit. 895 896 *) Feature: configuration of various HTTP connection timeouts. 897 898 *) Feature: Ruby module now automatically uses Bundler where possible. 899 900 *) Feature: http.Flusher interface in Go module. 901 902 *) Bugfix: various issues in HTTP connection errors handling. 903 904 *) Bugfix: requests with body data might be handled incorrectly in PHP 905 module. 906 907 *) Bugfix: individual PHP configuration options specified via control 908 API were reset to previous values after the first request in 909 application process. 910 911 912Changes with Unit 1.2 07 Jun 2018 913 914 *) Feature: configuration of environment variables for application 915 processes. 916 917 *) Feature: customization of php.ini path. 918 919 *) Feature: setting of individual PHP configuration options. 920 921 *) Feature: configuration of execution arguments for Go applications. 922 923 *) Bugfix: keep-alive connections might hang after reconfiguration. 924 925 926Changes with Unit 1.1 26 Apr 2018 927 928 *) Bugfix: Python applications that use the write() callable did not 929 work. 930 931 *) Bugfix: virtual environments created with Python 3.3 or above might 932 not have worked. 933 934 *) Bugfix: the request.Read() function in Go applications did not 935 produce EOF when the whole body was read. 936 937 *) Bugfix: a segmentation fault might have occurred while access log 938 reopening. 939 940 *) Bugfix: in parsing of IPv6 control socket addresses. 941 942 *) Bugfix: loading of application modules was broken on OpenBSD. 943 944 *) Bugfix: a segmentation fault might have occurred when there were two 945 modules with the same type and version; the bug had appeared in 1.0. 946 947 *) Bugfix: alerts "freed pointer points to non-freeble page" might have 948 appeared in log on 32-bit platforms. 949 950 951Changes with Unit 1.0 12 Apr 2018 952 953 *) Change: configuration object moved into "/config/" path. 954 955 *) Feature: basic access logging. 956 957 *) Bugfix: 503 error occurred if Go application did not write response 958 header or body. 959 960 *) Bugfix: Ruby applications that use encoding conversions might not 961 have worked. 962 963 *) Bugfix: various stability issues. 964 965 966Changes with Unit 0.7 22 Mar 2018 967 968 *) Feature: Ruby application module. 969 970 *) Bugfix: in discovering modules. 971 972 *) Bugfix: various race conditions on reconfiguration and during 973 shutting down. 974 975 *) Bugfix: tabs and trailing spaces were not allowed in header fields 976 values. 977 978 *) Bugfix: a segmentation fault occurred in Python module if 979 start_response() was called outside of WSGI callable. 980 981 *) Bugfix: a segmentation fault might have occurred in PHP module if 982 there was an error while initialization. 983 984 985Changes with Unit 0.6 09 Feb 2018 986 987 *) Bugfix: the main process died when the "type" application option 988 contained version; the bug had appeared in 0.5. 989 990 991Changes with Unit 0.5 08 Feb 2018 992 993 *) Change: the "workers" application option was removed, the "processes" 994 application option should be used instead. 995 996 *) Feature: the "processes" application option with prefork and dynamic 997 process management support. 998 999 *) Feature: Perl application module. 1000 1001 *) Bugfix: in reading client request body; the bug had appeared in 0.3. 1002 1003 *) Bugfix: some Python applications might not have worked due to missing 1004 "wsgi.errors" environ variable. 1005 1006 *) Bugfix: HTTP chunked responses might be encoded incorrectly on 32-bit 1007 platforms. 1008 1009 *) Bugfix: infinite looping in HTTP parser. 1010 1011 *) Bugfix: segmentation fault in router. 1012 1013 1014Changes with Unit 0.4 15 Jan 2018 1015 1016 *) Feature: compatibility with DragonFly BSD. 1017 1018 *) Feature: "configure php --lib-static" option. 1019 1020 *) Bugfix: HTTP request body was not passed to application; the bug had 1021 appeared in 0.3. 1022 1023 *) Bugfix: HTTP large header buffers allocation and deallocation fixed; 1024 the bug had appeared in 0.3. 1025 1026 *) Bugfix: some PHP applications might not have worked with relative 1027 "root" path. 1028 1029 1030Changes with Unit 0.3 28 Dec 2017 1031 1032 *) Change: the Go package name changed to "nginx/unit". 1033 1034 *) Change: in the "limits.timeout" application option: application start 1035 time and time in queue now are not accounted. 1036 1037 *) Feature: the "limits.requests" application option. 1038 1039 *) Feature: application request processing latency optimization. 1040 1041 *) Feature: HTTP keep-alive connections support. 1042 1043 *) Feature: the "home" Python virtual environment configuration option. 1044 1045 *) Feature: Python atexit hook support. 1046 1047 *) Feature: various Go package improvements. 1048 1049 *) Bugfix: various crashes fixed. 1050 1051 1052Changes with Unit 0.2 19 Oct 2017 1053 1054 *) Feature: configuration persistence. 1055 1056 *) Feature: improved handling of configuration errors. 1057 1058 *) Feature: application "timeout" property. 1059 1060 *) Bugfix: POST request for PHP were handled incorrectly. 1061 1062 *) Bugfix: the router exited abnormally if all listeners had been 1063 deleted. 1064 1065 *) Bugfix: the router crashed under load. 1066 1067 *) Bugfix: memory leak in the router. 1068 1069 1070Changes with Unit 0.1 06 Sep 2017 1071 1072 *) First public release. 1073 1074