Changes with Unit 1.17.0 16 Apr 2020 *) Feature: a "return" action with optional "location" for immediate responses and external redirection. *) Feature: fractional weights support for upstream servers. *) Bugfix: accidental 502 "Bad Gateway" errors might have occurred in applications under high load. *) Bugfix: memory leak in the router; the bug had appeared in 1.13.0. *) Bugfix: segmentation fault might have occurred in the router process when reaching open connections limit. *) Bugfix: "close() failed (9: Bad file descriptor)" alerts might have appeared in the log while processing large request bodies; the bug had appeared in 1.16.0. *) Bugfix: existing application processes didn't reopen the log file. *) Bugfix: incompatibility with some Node.js applications. *) Bugfix: broken build on DragonFly BSD; the bug had appeared in 1.16.0. Changes with Unit 1.16.0 12 Mar 2020 *) Feature: basic load-balancing support with round-robin. *) Feature: a "fallback" option that performs an alternative action if a request can't be served from the "share" directory. *) Feature: reduced memory consumption by dumping large request bodies to disk. *) Feature: stripping UTF-8 BOM and JavaScript-style comments from uploaded JSON. *) Bugfix: negative address matching in router might work improperly in combination with non-negative patterns. *) Bugfix: Java Spring applications failed to run; the bug had appeared in 1.10.0. *) Bugfix: PHP 7.4 was broken if it was built with thread safety enabled. *) Bugfix: compatibility issues with some Python applications. Changes with Unit 1.15.0 06 Feb 2020 *) Change: extensions of dynamically requested PHP scripts were restricted to ".php". *) Feature: compatibility with Ruby 2.7. *) Bugfix: segmentation fault might have occurred in the router process with multiple application processes under load; the bug had appeared in 1.14.0. *) Bugfix: receiving request body over TLS connection might have stalled. Changes with Unit 1.14.0 26 Dec 2019 *) Change: the Go package import name changed to "unit.nginx.org/go". *) Change: Go package now links to libunit instead of including library sources. *) Feature: ability to change user and group for isolated applications when Unit daemon runs as an unprivileged user. *) Feature: request routing by source and destination addresses and ports. *) Bugfix: memory bloat on large responses. Changes with Unit 1.13.0 14 Nov 2019 *) Feature: basic support for HTTP reverse proxying. *) Feature: compatibility with Python 3.8. *) Bugfix: memory leak in Python application processes when the close handler was used. *) Bugfix: threads in Python applications might not work correctly. *) Bugfix: Ruby on Rails applications might not work on Ruby 2.6. *) Bugfix: backtraces for uncaught exceptions in Python 3 might be logged with significant delays. *) Bugfix: explicit setting a namespaces isolation option to false might have enabled it. Changes with Unit 1.12.0 03 Oct 2019 *) Feature: compatibility with PHP 7.4. *) Bugfix: descriptors leak on process creation; the bug had appeared in 1.11.0. *) Bugfix: TLS connection might be closed prematurely while sending response. *) Bugfix: segmentation fault might have occurred if an irregular file was requested. Changes with Unit 1.11.0 19 Sep 2019 *) Feature: basic support for serving static files. *) Feature: isolation of application processes with Linux namespaces. *) Feature: built-in WebSocket server implementation for Java Servlet Containers. *) Feature: direct addressing of API configuration options containing slashes "/" using URI encoding (%2F). *) Bugfix: segmentation fault might have occurred in Go applications under high load. *) Bugfix: WebSocket support was broken if Unit was built with some linkers other than GNU ld (e.g. gold or LLD). Changes with Unit 1.10.0 22 Aug 2019 *) Change: matching of cookies in routes made case sensitive. *) Change: decreased log level of common errors when clients close connections. *) Change: removed the Perl module's "--include=" ./configure option. *) Feature: built-in WebSocket server implementation for Node.js module. *) Feature: splitting PATH_INFO from request URI in PHP module. *) Feature: request routing by scheme (HTTP or HTTPS). *) Feature: support for multipart requests body in Java module. *) Feature: improved API compatibility with Node.js 11.10 or later. *) Bugfix: reconfiguration failed if "listeners" or "applications" objects were missing. *) Bugfix: applying a large configuration might have failed. Changes with Unit 1.9.0 30 May 2019 *) Feature: request routing by arguments, headers, and cookies. *) Feature: route matching patterns allow a wildcard in the middle. *) Feature: POST operation for appending elements to arrays in configuration. *) Feature: support for changing credentials using CAP_SETUID and CAP_SETGID capabilities on Linux without running main process as privileged user. *) Bugfix: memory leak in the router process might have happened when a client prematurely closed the connection. *) Bugfix: applying a large configuration might have failed. *) Bugfix: PUT and DELETE operations on array elements in configuration did not work. *) Bugfix: request schema in applications did not reflect TLS connections. *) Bugfix: restored compatibility with Node.js applications that use ServerResponse._implicitHeader() function; the bug had appeared in 1.7. *) Bugfix: various compatibility issues with Node.js applications. Changes with Unit 1.8.0 01 Mar 2019 *) Change: now three numbers are always used for versioning: major, minor, and patch versions. *) Change: now QUERY_STRING is always defined even if the request does not include the query component. *) Feature: basic internal request routing by Host, URI, and method. *) Feature: experimental support for Java Servlet Containers. *) Bugfix: segmentation fault might have occurred in the router process. *) Bugfix: various potential memory leaks. *) Bugfix: TLS connections might have stalled. *) Bugfix: some Perl applications might have failed to send the response body. *) Bugfix: some compilers with specific flags might have produced non-functioning builds; the bug had appeared in 1.5. *) Bugfix: Node.js package had wrong version number when installed from sources. Changes with Unit 1.7.1 07 Feb 2019 *) Security: a heap memory buffer overflow might have been caused in the router process by a specially crafted request, potentially resulting in a segmentation fault or other unspecified behavior (CVE-2019-7401). *) Bugfix: install of Go module failed without prior building of Unit daemon; the bug had appeared in 1.7. Changes with Unit 1.7 20 Dec 2018 *) Change: now rpath is set in Ruby module only if the library was not found in default search paths; this allows to meet packaging restrictions on some systems. *) Bugfix: "disable_functions" and "disable_classes" PHP options set via Control API did not work. *) Bugfix: Promises on request data in Node.js were not triggered. *) Bugfix: various compatibility issues with Node.js applications. *) Bugfix: a segmentation fault occurred in Node.js module if application tried to read request body after request.end() was called. *) Bugfix: a segmentation fault occurred in Node.js module if application attempted to send header twice. *) Bugfix: names of response header fields in Node.js module were erroneously treated as case-sensitive. *) Bugfix: uncatched exceptions in Node.js were not logged. *) Bugfix: global install of Node.js module from sources was broken on some systems; the bug had appeared in 1.6. *) Bugfix: traceback for exceptions during initialization of Python applications might not be logged. *) Bugfix: PHP module build failed if PHP interpreter was built with thread safety enabled. Changes with Unit 1.6 15 Nov 2018 *) Change: "make install" now installs Node.js module as well if it was configured. *) Feature: "--local" ./configure option to install Node.js module locally. *) Bugfix: Node.js module might have crashed due to broken reference counting. *) Bugfix: asynchronous operations in Node.js might not have worked. *) Bugfix: various compatibility issues with Node.js applications. *) Bugfix: "freed pointer is out of pool" alerts might have appeared in log. *) Bugfix: module discovery did not work on 64-bit big-endian systems like IBM/S390x. Changes with Unit 1.5 25 Oct 2018 *) Change: the "type" of application object for Go was changed to "external". *) Feature: initial version of Node.js package with basic HTTP request-response support. *) Feature: compatibility with LibreSSL. *) Feature: --libdir and --incdir ./configure options to install libunit headers and static library. *) Bugfix: connection might be closed prematurely while sending response; the bug had appeared in 1.3. *) Bugfix: application processes might have stopped handling requests, producing "last message send failed: Resource temporarily unavailable" alerts in log; the bug had appeared in 1.4. *) Bugfix: Go applications did not work when Unit was built with musl C library. Changes with Unit 1.4 20 Sep 2018 *) Change: the control API maps the configuration object only at "/config/". *) Feature: TLS support for client connections. *) Feature: TLS certificates storage control API. *) Feature: Unit library (libunit) to streamline language module integration. *) Feature: "408 Request Timeout" responses while closing HTTP keep-alive connections. *) Feature: improvements in OpenBSD support. Thanks to David Carlier. *) Bugfix: a segmentation fault might have occurred after reconfiguration. *) Bugfix: building on systems with non-default locale might be broken. *) Bugfix: "header_read_timeout" might not work properly. *) Bugfix: header fields values with non-ASCII bytes might be handled incorrectly in Python 3 module. Changes with Unit 1.3 13 Jul 2018 *) Change: UTF-8 characters are now allowed in request header field values. *) Feature: configuration of the request body size limit. *) Feature: configuration of various HTTP connection timeouts. *) Feature: Ruby module now automatically uses Bundler where possible. *) Feature: http.Flusher interface in Go module. *) Bugfix: various issues in HTTP connection errors handling. *) Bugfix: requests with body data might be handled incorrectly in PHP module. *) Bugfix: individual PHP configuration options specified via control API were reset to previous values after the first request in application process. Changes with Unit 1.2 07 Jun 2018 *) Feature: configuration of environment variables for application processes. *) Feature: customization of php.ini path. *) Feature: setting of individual PHP configuration options. *) Feature: configuration of execution arguments for Go applications. *) Bugfix: keep-alive connections might hang after reconfiguration. Changes with Unit 1.1 26 Apr 2018 *) Bugfix: Python applications that use the write() callable did not work. *) Bugfix: virtual environments created with Python 3.3 or above might not have worked. *) Bugfix: the request.Read() function in Go applications did not produce EOF when the whole body was read. *) Bugfix: a segmentation fault might have occurred while access log reopening. *) Bugfix: in parsing of IPv6 control socket addresses. *) Bugfix: loading of application modules was broken on OpenBSD. *) Bugfix: a segmentation fault might have occurred when there were two modules with the same type and version; the bug had appeared in 1.0. *) Bugfix: alerts "freed pointer points to non-freeble page" might have appeared in log on 32-bit platforms. Changes with Unit 1.0 12 Apr 2018 *) Change: configuration object moved into "/config/" path. *) Feature: basic access logging. *) Bugfix: 503 error occurred if Go application did not write response header or body. *) Bugfix: Ruby applications that use encoding conversions might not have worked. *) Bugfix: various stability issues. Changes with Unit 0.7 22 Mar 2018 *) Feature: Ruby application module. *) Bugfix: in discovering modules. *) Bugfix: various race conditions on reconfiguration and during shutting down. *) Bugfix: tabs and trailing spaces were not allowed in header fields values. *) Bugfix: a segmentation fault occurred in Python module if start_response() was called outside of WSGI callable. *) Bugfix: a segmentation fault might have occurred in PHP module if there was an error while initialization. Changes with Unit 0.6 09 Feb 2018 *) Bugfix: the main process died when the "type" application option contained version; the bug had appeared in 0.5. Changes with Unit 0.5 08 Feb 2018 *) Change: the "workers" application option was removed, the "processes" application option should be used instead. *) Feature: the "processes" application option with prefork and dynamic process management support. *) Feature: Perl application module. *) Bugfix: in reading client request body; the bug had appeared in 0.3. *) Bugfix: some Python applications might not have worked due to missing "wsgi.errors" environ variable. *) Bugfix: HTTP chunked responses might be encoded incorrectly on 32-bit platforms. *) Bugfix: infinite looping in HTTP parser. *) Bugfix: segmentation fault in router. Changes with Unit 0.4 15 Jan 2018 *) Feature: compatibility with DragonFly BSD. *) Feature: "configure php --lib-static" option. *) Bugfix: HTTP request body was not passed to application; the bug had appeared in 0.3. *) Bugfix: HTTP large header buffers allocation and deallocation fixed; the bug had appeared in 0.3. *) Bugfix: some PHP applications might not have worked with relative "root" path. Changes with Unit 0.3 28 Dec 2017 *) Change: the Go package name changed to "nginx/unit". *) Change: in the "limits.timeout" application option: application start time and time in queue now are not accounted. *) Feature: the "limits.requests" application option. *) Feature: application request processing latency optimization. *) Feature: HTTP keep-alive connections support. *) Feature: the "home" Python virtual environment configuration option. *) Feature: Python atexit hook support. *) Feature: various Go package improvements. *) Bugfix: various crashes fixed. Changes with Unit 0.2 19 Oct 2017 *) Feature: configuration persistence. *) Feature: improved handling of configuration errors. *) Feature: application "timeout" property. *) Bugfix: POST request for PHP were handled incorrectly. *) Bugfix: the router exited abnormally if all listeners had been deleted. *) Bugfix: the router crashed under load. *) Bugfix: memory leak in the router. Changes with Unit 0.1 06 Sep 2017 *) First public release.