From 8a35e738dc18c52b1fb55122e0bbbd88ea67a1ff Mon Sep 17 00:00:00 2001 From: Ian Silvester Date: Fri, 11 Jan 2013 15:01:16 +0000 Subject: [PATCH] Initial commit of 3.0.20 changes --- ChangeLog | 364 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 363 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index d92f4076..d7cefdc6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,369 @@ -------------------------------------------------------------------- ChangeLog for Privoxy -------------------------------------------------------------------- -*** Version 3.0.19 Stable *** +*** Version 3.0.20 Beta *** + +- Bug fixes: + - Fix --disable-ipv6-support compile option for the Windows platform + - Attempt to work around (or at least reduce the) video playback issues with + various Apple clients as reported in #3426305. In client_range(), let + headers pass if the range starts at the beginning. + - In pcrs_get_delimiter(), do not use delimiters ouside the ASCII range. + Fixes a clang complaint. + - In socks5_connect(), do not try to print a negative number of socks + response bytes if the read() for the socks5 negotiation failed + completely. It's an API violation and can trigger an assert() in debug + builds with "debug 2" enabled. Except for the assert(), log_error() + already handled negative %N values gracefully so this commit only makes a + difference for debug builds. + - Fix a Windows-specific log viewer thread safety issue, as reported by Tim + H. in #3525694. + - Do not confuse a client hanging up with a connection time out. If a client + closes its side of the connection without sending a request line, do not + send the CLIENT_CONNECTION_TIMEOUT_RESPONSE, but report the condition + properly. + - Fix latency calculation for shared connections; broken since a regression + in 2009. The calculated latency for most connections would be 0 due to + remember_connection() always putting the timestamps in the first slot. + - Let fatal_error() write to the logfile right away, before showing the + Windows-specific error message which blocks until the user acknowledges it, + thus complicating automatic error detection. Reported by Adriaan in + #3593603. + - Fix an error message in get_last_url() nobody is supposed to see. Reported + by Matthew Fischer in #3507301. + - Fix a typo in the no-zlib-support complaint. Patch submitted by Matthew + Fischer in #3507304. + - Update an error message that still tried to print directive_hash as long + - Let server_set_cookie() stay silent when the cookie isn't modified. It + previously would claim to have created a session cookie after letting a + session cookie pass unmodified. + - Make any_loaded_file_changed() more reliable. Using the timestamps from. If + an action or filter file is reloaded the timestamps aren't updated so + any_loaded_file_changed() continued to report file changes. + +- General improvements: + - New debug log level 65536 which logs all actions that were applied to each + request that Privoxy acts upon. + - New directive client-header-order can be used to forward client headers in + a different order than that in which they arrived. + - New directive tolerate-pipelining can be used to enable client-side + pipelining. If enabled (3.0.20 beta enables it by default), Privoxy will + keep pipelined client requests around to deal with them once the current + request has been served. At the moment this is only done if the current + request is known to have no body. + - New --config-test option lets Privoxy exit after checking whether or not + the configuration seems valid. The limitations noted in TODO #22 and #23 + still apply. Logging the problem to the logfile if one is configured and + --no-daemon isn't used could be considered non-intuitive and might also + clobber messages emitted by an already running instance. Based on a patch + by Ramkumar Chinchani. + - Add limit-cookie-lifetime{} action. It can be used to let cookies expire + before the end of the session. limit-cookie-lifetime{0} creates session + cookies and can thus replace the session-cookies-only action in the future. + Idea originally suggested by Rick Sykes in #1049575. + - Increase the maximum number of actions files from 10 to 30. This is set by + the compiler directive MAX_AF_FILES so could always be modified by + recompilation, but the default value was too low since an unused file slot + is pretty inexpensive. + - Significantly improved reuse of open connections. + - Add support for chunk-encoded client request bodies. Previously + chunk-encoded request bodies weren't guaranteed to be forwarded correctly, + so this can also be considered a bug fix although chunk-encoded request + bodies aren't commonly used in the real world. + - Add support for Tor's optimistic-data SOCKS extension, which can reduce the + latency for requests on newly created connections. Currently only the + headers are sent optimistically and only if the client request has already + been read completely which rules out requests with large bodies. + - After preventing the client from pipelining, don't signal keep-alive + intentions. When looking at the response headers alone, it previously + wasn't obvious from the client's perspective that no additional responses + should be expected. This might improve compatibility with Opera (#3464439). + - Use new drain_and_close_socket() when closing client sockets in serve(). + Hopefully this fixes the page truncation issue reported with Opera in + #3464439. Apparently on some platforms immediately closing a client socket + with both unread and written-but-not-yet-transmitted data may result in the + connection being torn down prematurely, in which case the client ends up + with an incomplete response. To prevent this, drain_and_close_socket() + shuts down our side of the connection (on platforms with shutdown()), + drains the unread data on the socket and finally calls close_socket(). + - Reject URLs with invalid port. Previously they were parsed incorrectly and + characters between the port number and the first slash were silently + dropped as shown by curl test 187. + - Stop considering client sockets tainted after receving a request with body. + It hasn't been necessary for a while now and unnecessarily causes test + failures when using curl's test suite. + - Allow HTTP/1.0 clients to signal interest in keep-alive through the + Proxy-Connection header. While such client are rare in the real world, it + doesn't hurt and couple of curl tests rely on it. + - Only remove duplicated headers when filters are enabled. If they are not it + doesn't cause ill effects and the user might not want it. While at it, + downgrade the removal message to LOG_LEVEL_HEADER to clarify that it's not + an error in Privoxy and is unlikely to cause any problems in general. + Anonymously reported in #3599335. + - Accept a default-server-timeout of 0. It's the default after all. + - Accept a socket-timeout value of 0 seconds. Impatience isn't necessarily a + syntax problem. + - Set the socket option SO_LINGER for the client socket in + accept_connection(). This should further reduce the chances of the client + getting an incomplete response, even though Privoxy wrote it in its + entirety to the socket. + - Let serve() wait for keep-alive-timeout seconds for new requests. The + server connection timeout is no longer relevant. + - Improve connection handling when connection sharing is enabled. + - Do not keep the client connection open if it has to be closed to mark the + end of the response. + - Shorten ssplit()'s prototype by removing the last two arguments. We always + want to skip empty fields and ignore leading delimiters, so having + parameters for this only complicates the API. + - Use an enum for the type of the action value. + - Rename action_name's member takes_value to value_type as it isn't used as + boolean. + - Turn family mismatches in match_sockaddr() into fatal errors + - Let enlist_unique_header() verify that the caller didn't pass a header + containing either \r or \n. + - Change the hashes used in load_config() to unsigned int. + That's what hash_string() actually returns and using a potentiallly larger + type is at best useless. + - Use privoxy_tolower() instead of vanilla tolower() with manual casting of + the argument. + - Move several variable declarations to the beginning of their code block. + It's how we usually do it and is apparently also required when compiling + with gcc 2.95. Initial patch submitted by Simon South in #3564815. + - Optionally let parse_header_time() sanity check strptime() results before + trusting them. Broken strptime() implementations have caused problems in + the past and the most recent offender seems to be FreeBSD's libc: + http://www.freebsd.org/cgi/query-pr.cgi?pr=173421 + +- Action file improvements: + - Remove the comment that indicated that updated versions of this file are + released on their own. + - Allow closing curly braces as part of action values as long as they are + escaped. + - Block 'optimize.indieclick.com/' and 'optimized-by.rubiconproject.com/' + - Unblock 'adjamblog.wordpress.com/' and 'adjamblog.files.wordpress.com/'. + Reported by Ryan Farmer in #3496116. + - Unblock '/.*Bugtracker'. Reported by pwhk in #3522341. + - Add test URLs for '.freebsd.org' and '.watson.org'. + - Unblock '.urbandictionary.com/popular'. + - Block '.adnxs.com/'. + - Block 'farm.plista.com/widgetdata.php'. + - Block 'rotation.linuxnewmedia.com/'. + - Block 'reklamy.sfd.pl/'. Reported by kacperdominik in #3399948. + - Block 'g.adspeed.net/'. + - Unblock 'websupport.wdc.com/'. Reported by Adam Piggot in #3577851. + - Block '/openx/www/delivery/'. + - Disable fast-redirects for '.googleapis.com/'. + - Block 'imp.double.net/'. Reported by David Bo in #3070411. + - Block 'gm-link.com/' whis is used for email tracking. Reported by David Bo + in #1812733. + - Verify that requests to "bwp." are blocked. URL taken from #1736879 + submitted by Francois Marier. + - Block '/.*bannerid='. Reported by Adam Piggott in #2975779. + - Block 'cltomedia.info/delivery/' and '.adexprt.com/'. Anonymously reported + in #2965254. + - Block 'de17a.com/'. Reported by David Bo in #3061472. + - Block 'oskar.tradera.com/'. Reported by David Bo in #3060596. + - Block '/scripts/webtrends\.js'. Reported by johnd16 in #3002729. + - Block requests for 'pool.*.adhese.com/'. Reported by johnd16 in #3002716. + - Update path pattern for Coremetrics and add tests. Pattern and URLs + submitted by Adam Piggott #3168443. + - Enable +fast-redirects{check-decoded-url} for 'tr.anp.se/'. Reported by + David Bo in #3268832. + - Unblock '.conrad.se/newsletter/banners/'. Reported by David Bo in #3413824. + - Block '.tynt.com/'. Reported by Dan Stahlke in #3421767. + - Unblock '.bbci.co.uk/radio/'. Reported by Adam Piggott in #3569603. + - Block requests to 'service.maxymiser.net/'. Reported by johnd16 in #3118401 + (with a previous URL). + - Disable fast-redirects for Google's "let's pretend your computer is + infected" page. + - Unblock '/.*download' to resolve actionsfile feedback #3498129 submitted by + Steven Kolins (soundcloud.com not working). + - Unblock '.wlxrs.com/' to resolve actionsfile feedback #3413827 (hotmail.com + not working) submitted by David Bo. + - Add two unblock patterns for popup radio and TV players. Submitted by Adam + Piggott in #3596089. + +- Filter file improvements & bug fixes: + - Add a referer tagger + - Reduce the likelihood that the google filter messes up HTML-generating + JavaScript. Reported by Zeno Kugy in #3520260. + +- Documentation improvements: + - Revised all OS X sections due to new packaging module (OSXPackageBuilder). + - Update the list of supported operating systems to clarify that all Windows + versions after 95 are expected to work and note that the platform-specific + code for AmigaOS and QNX currently isn't maintained. + - Update 'Signals' section, the only explicitly handled signals are SIGINT, + SIGTERM and SIGHUP. + - Add Haiku to the list of operating systems on which Privoxy is known to + run. + - Add DragonFly to the list of BSDs on which Privoxy is known to run. + - Removed references to redhat-specific documentation set since it no longer + exists. + - Removed references to building PDFs since we no longer do so. + - Multiple listen-address directives are supported since 3.0.18, correct the + documentation to say so. + - Remove bogus section about long and short being preferable to int. + - Corrected some Internet JunkBuster references to Privoxy. + - Removed references to www.junkbusters.com since it is no longer + maintained. Reported by Angelina Matson. + - Various grammar and spelling corrections + - Add a client-header-tagger{} example for disabling filtering for range + requests. + - Correct a URL the "Privoxy with Tor" FAQ + - Spell 'refresh-tags' correctly. Reported by Don in #3571927. + - Sort manpage options alphabetically + - Remove an incorrect sentence in the toggle section. The toggle state + doesn't affect whether or not the Windows version uses the tray icon and + having to toggle Privoxy off to not show the icon makes no sense anyway. + Reported by Zeno Kugy in #3596395. + - Add the DNT header to the client-header-order example. + - Add new contributors since 3.0.19. + +- Log message improvements: + - When stopping to watch a client socket due to pipelining, additionally log + the socket number. + - log the client socket and its condition before closing it. This makes it + more obvious that the socket actually gets closed and should help when + diagnosing problems like #3464439. + - In case of SOCKS5 failures, do not explicitly log the server's response. + It hasn't helped so far and the response can already be logged by enabling + "debug 32768" anyway. This reverts v1.81 and the follow-up bug fix v1.84. + - Relocate the connection-accepted message from listen_loop() to serve(). + This way it's printed by the thread that is actually serving the + connection which is nice when grepping for thread ids in log files. While + at it, use an upper-case first character which is more consistent with the + other log messages. + +- Code cleanups: + - Remove compatibility layer for versions prior to 3.0 since it has been + obsolete for more than 10 years now. + - Remove the ijb_isupper() and ijb_tolower() macros from parsers.c since + they aren't used in this file. + - Removed the 'Functions declared include:' comment sections since they tend + to be incomplete, incorrect and out of date and the benefit seems + questionable. + - Various comment grammar and comprehensibility improvements. + - Remove a pointless fflush() call in chat(). Flushing all streams pretty + much all the time for no obvious reason is ridiculous. + - Relocate ijb_isupper()'s definition to project.h and get the ijb_tolower() + definition from there, too. + - Relocate ijb_isdigit()'s definition to project.h. + - Rename ijb_foo macros to privoxy_foo. + - Add malloc_or_die() which will allow to simplify code paths where malloc() + failures don't need to be handled gracefully. + - Add strdup_or_die() which will allow to simplify code paths where strdup() + failures don't need to be handled gracefully. + - Replace strdup() calls with strdup_or_die() calls where it's safe and + simplifies the code. + - Fix white-space around parentheses. + - Add missing white-space behind if's and the following parentheses. + - Unwrap a memcpy() call in resolve_hostname_to_ip(). + - Declare pcrs_get_delimiter()'s delimiters[] static const. + - Various optimisations to remove dead code and merge inefficient code + structures for improved clarity, performance or code compactness. + - Various data type corrections. + - Change visibility of several code segments when compiling without + FEATURE_CONNECTION_KEEP_ALIVE enabled for clarity. + - Fix an assertion in pcrs_compile_replacement(), nul bytes are actually + fine. + +- Privoxy-Regression-Test: + - Various grammar and spelling corrections in documentation and code. + - Additional tests for range requests with filtering enabled. + - Tests with mostly invalid range request. + - Log to STDOUT instead of STDERR. + - Add a couple of hide-if-modified-since{} tests with different date formats. + - Cleaned up the format of the regression-tests.action file to match the + format of default.action. + - Remove the "Copyright" line from print_version(). When using --help, every + line of screen space matters and thus shouldn't be wasted on things the + user doesn't care about. + - Fix comment typos + - Add an 'Overwrite condition' directive to skip any matching tests before + it. As it has a global scope, using it is more convenient than clowning + around with the Ignore directive. + - Include the Privoxy version in the output. +- Privoxy-Log-Parser: + - Improve the --statistics performance by skipping sanity checks for input + that shouldn't affect the results anyway. In my non-scientific benchmarks + this reduces the runtime by about 45%. Also add a --strict-checks option + that enables some of the checks again, just in case anybody cares. + - Accept and highlight: Stopping to watch the client socket. There's already + another request waiting. + - Cleanup variable initialization in print_non_clf_message(). + - Properly highlight the new log messages from get_request_line(). + - Let get_percentage() show 0 of x as 0% even if x is 0 as well. + - Accept and ignore: Enlisting (sorted|left-over) header ... + - Accept the shiny new LOG_LEVEL_ACTIONS. + - Accept and highlight: Closing client socket 5. Keep-alive: 0, Socket + alive: 1. Data available: 0. + - Stop suppressing messages about accepted client connections and highlight + them properly. + - Accept and highlight: Accepted connection from 10.0.0.1 on socket 5. + - Accept and highlight: Continuing buffering server headers from socket 5. + Bytes most recently read: 498. + - Accept and highlight: Client request 4 arrived in time on socket 7. + - Accept and highlight: Closing client socket 8. Keep-alive: 1. Socket + alive: 0. Data available: 0. Configuration file change detected: 0. + Requests received: 11. + - Accept and highlight: Drained 180 bytes before closing socket 6. + - Accept and highlight the extended log message for client sockets. + - Accept and highlight: Tainting client socket 7 due to unread data. + - Accept and highlight: Optimistically sending 318 bytes of client + headers intended for www.privoxy.org. + - Accept and highlight: Client request 8 has been pipelined on socket 7 and + the socket is still alive. + - Accept: There better be a request body. + - Accept and highlight: Shifting 360 pipelined bytes by 360 bytes. + - Accept and highlight: Multiple Content-Type headers detected. Removing and + ignoring: Content-Type: text/html. + +- uagen: + - Bump generated Firefox version to 16. + +- CGI interface improvements & bug fixes: + - Remove an unreasonable parameter limit in parse_cgi_parameters(). The new + parameter limit depends on the memory available and is currently unlikely + to be reachable, due to other limits in both Privoxy and common clients. + Reported by Andrew on ijbswa-users@. + - Catch ssplit() failures in parse_cgi_parameters(). + - Deal with unsupported methods sent to the CGI pages by discarding any + data following the headers. + +- GNUmakefile improvements: + - The dok-tidy target no longer taints documents with a tidy-mark + - Change RA_MODE from 0664 to 0644. Suggested by Markus Dittrich in + #3505445. + - Remove tidy's clean flag as it changes the scope of attributes. + Link-specific colors end up being applied to all text. Reported by Adam + Piggott in #3569551. + - Leave it up to the user whether or not smart tags are inserted. + - Let w3m itself do the line wrapping for the config file. It works better + than fmt as it can honour pre tags causing less unintentional line breaks. + - Ditch a pointless '-r' passed to rm to delete files. + - Prevent completely empty lines in configure and try to unfold + unintentional line breaks. + - Let the config-file target optimistically update the original. Most of the + issues are fixed now and it makes diffing with git easier. + - Change WDUMP to generate ASCII. Add WDUMP_UTF8 to allow UTF-8 in the + AUTHORS file so the names are right. + - Stop pretending that lynx and links are supported for the documentation. + +- configure improvements: + - On Haiku, do not pass -lpthread to the compiler. Haiku's pthreads + implementation is contained in its system library, libroot, so no + additional library needs to be searched. Patch submitted by Simon South in + #3564815. + - Additional Haiku-specific improvements. Disable checks intended for + multi-user systems as Haiku is presently single-user. Group Haiku-specific + settings in their own section, following the pattern for Solaris, OS/2 and + AmigaOS. Add additional library-related settings to remove the need for + providing configure with custom LDFLAGS. Submitted by Simon South in + #3574538. + - Several improvements for clarity, diffability and logic. + + *** Version 3.0.19 Stable *** - Bug fixes: - Prevent a segmentation fault when de-chunking buffered content. -- 2.39.2