Hi,
I propose we start planning a serf 1.4 release. Serf trunk has some features that will be used in the upcoming Subversion 1.9, so I'd like to get 1.4 out when the Subversion devs start releasing 1.9 release candidates. (When is that planned?) Also, I want to start working on HTTP 2.0 support on trunk. This is probably going to take me a couple of months and will require some API changes, I'd like to get the 1.4 release out of the way first. The idea is to create a 1.4.x branch soon, let's say next week Sunday, June 30. We can keep backporting changes to that branch for a while, but I'd like to release as soon as the API is stable (see TODO list). AFAIC that can be by the end of next month. This is the list of changes new on trunk compared to the 1.3.x branch. At the end of this mail is a TODO list, topics that need to be handled before the release. Features ------------ * Logging that can be configured at runtime: r2197: Implement a configuration store and config objects, to share information from the context with all buckets, r2220,-2...: Add a logging API so that an application can configure log level/components and output stream at runtime. r2224: Add flag DISABLE_LOGGING to scons to disable logging at compile time. * New get_remaining() in the bucket v2 API: r2008: Add new serf_bucket_get_remaining() function * CRL support for OpenSSL (r2333) Fixes: -------- r2382: Fix problems with NTLM authentication when accessing local server using alias hostname (Windows) r2318: Make implementation of a few bio file handlers really do what openssl expects us to do. r2314: Initialize OpenSSL when using the serf_ssl_load_cert_file outside of a serf context. r2313: Disable the use of deprecated and broken SSL 2.0. r2254: Resolve a bucket (aka "memory") leak when a request bucket is destroyed before it is morphed into an aggregate bucket. r2229: Simplify the ssl bucket code by removing a now unneeded layer of buffering r2301: New error code SERF_ERROR_SSL_SETUP_FAILED r2184: New error code SERF_ERROR_CONNECTION_TIMEDOUT r2136: New error codes SERF_ERROR_LINE_TOO_LONG, SERF_ERROR_STATUS_LINE_TOO_LONG, SERF_ERROR_RESPONSE_HEADER_TOO_LONG r2119: New error code SERF_ERROR_AUTHN_CREDENTIALS_REJECTED r2148: Implement serf_mmap_peek Performance improvements: -------------------------------------- r2380: remove pending requests loop from request_or_data_pending() r2378: Drastically reduce the amount of pollset_add/pollset_remove calls r2377, r2376, r2375: Optimize creation of the request/iovec/barrier buckets. r2357: Improve performance a tiny bit by ensuring often used struct member variables are read from and written to cache. Build improvements: --------------------------- r2374: Allow building with the Visual Studio '14' CTP. r2324: Fix build of 'check' target when using VPATH-style builds (builddir != srcdir). r2274: Make unix build work with APR-2 r2152: Add a version resource to libserf-N.dll on Windows. New test framework --------------------------- * All tests have been migrated to the MockHTTPinC framework. The number of tests has increased from 64 to 86. Time to run the tests went down from 60 seconds to 3.5 seconds (on my Mac). * serf_get changes: add -d/--debug flag, make serf_get accept a client certificate and associated password (r2238). TODO: ===== Blocking the release: --------------------------- * Finalize get_remaining(): Ivan has added this function to the bucket API, but it's only implemented for some buckets. I don't think the new API is in use (don't see it in svn trunk). Does it still serve a purpose? * comment out 2.0 API: the "Connection and protocol API v2" declarations in serf.h aren't implemented yet, we should comment it out to avoid adding it to the public API. * Logging: there are some TODO's concerning logging. Logging of raw messages is not readable, debugging symbols that need to be removed, negative performance impact of config lookup in socket_writev. * set the version to 1.4: I'll do that on the 1.4.x branch. Issues I think we should fix in 1.4: --------------------------------------------- * Fix cancellation of failed requests when an authn callback is set (r2360). See the discussion and proposal to fix this: https://groups.google.com/d/msg/serf-dev/3_HLwF2lVsY/bcR-fatxGB0J * issue 144: svn commit hangs over https+kerberos. It's not clear to me yet what causes this issue, but getting serf in an endless loop is an issue we should fix. Not blocking 1.4, I doubt a solution will require API changes. What about... ------------------ * SSL session sharing? Ivan's work in r1982 to enable reuse of SSL sessions was reverted to make place for a better solution. The performance benefits of this work were really good, any interest to implement the proposed better solution? (see https://groups.google.com/d/msg/serf-dev/W6vNiUlMDDw/t1Pnr0Zq-aQJ) * OCSP stapling support: Justin posted a patch to add OCSP stapling support to serf's OpenSSL layer. We can discuss what benefits it will actually bring, but AFAIC besides some more code to support there's no harm in adding it, and people will use it if it's available (e.g. the place I'm working now requires either CRL or OCSP (stapling) support) See https://groups.google.com/d/msg/serf-dev/rbFtTyE9E_w/l5lWaBIBDE0J . * Python bindings: I've tried to fix the python bindings but I hit the limits of what's possible with ctypes (or at least the limits of my knowledge). We should ensure that the python bindings don't get included in the final release package, they're clearly not in a state to be useful to anyone now. Comments on this plan? Anyone interested in picking up a topic from the TODO list? regards, Lieven
