Dear all,
We are glad to announce the final release of NaviServer 5.0.0, marking the most 
significant update in the project’s history with over 70,000 lines of changes. 
This release delivers robust security enhancements, modernized infrastructure, 
and improved scalability. Key highlights include:

Security by Default: HTTP client requests now validate server certificates 
automatically, with configurable trust exceptions and a bundled CA root store. 
A new pluggable authorization framework (ns_auth) enables scriptable request- 
and user-level access control.

Modernized Core: Unix domain socket support, case-insensitive ns_set, Argon2 
password hashing, and streamlined configuration via environment variables 
(ideal for containers). The reverse proxy is now built into the core, with new 
forward proxy capabilities.

Enhanced Observability and Scalability: Improved logging (dynamic paths, 
rotation, and new "Security" severity), detailed connection diagnostics 
(ns_conn urldict, ns_connchan debug), runtime introspection (ns_http 
keepalives, ns_info buildinfo), persistent client connections, and streaming 
HTTP client processing.

Backward Compatibility & Future-Readiness
While introducing cutting-edge features, NaviServer 5.0.0 maintains strong 
backward compatibility, with deprecated APIs clearly documented and modern 
replacements provided (e.g., ns_urlencode → ns_percentencode). The release 
introduces/extends over 50 Tcl commands and subcommands. The upgrade to MPL 1.2 
and Tcl 9 support ensures long-term sustainability. Over 20 
community-contributed modules (like nsdbpg, nssmtpd) have been updated in 
lockstep.

The following people contributed to this release:   

     Alexander Danilov, Andrew Piskorski, Antonio Pisano, Brendan Graves, Brian 
Fenton, Danilo Raynor, David F, David Osborne, 

     Filip Minic, Georg Lehner, Gustaf Neumann, Hector Romojaro, Joe Oldak, 
Oleg Oleinick, Priyank Jalu, Thomas Renner, Zoran Vasiljevic

Resources:

Download <https://sourceforge.net/projects/naviserver/files/naviserver/5.0.0/> 
| GitHub <https://github.com/naviserver-project/naviserver> | Docs 
<https://naviserver.sourceforge.io/5.0/toc.html>
This release is a major leap forward in security, flexibility, and 
maintainability. See below for the detailed changes: Upgrade today!

The NaviServer Team



Tcl API Changes

ns_cache

New option cachingmode: Accepts full or none to toggle caching behavior.
ns_configsection

New option -filter: Filters variables by unread, defaulted, or defaults.
ns_configure_variables

New command to pull in configuration variables from environment variables (for 
use in configuration files)
ns_conn

General enhancements:

ns_conn host, ns_conn port, ns_conn protocol: Now return appropriate values for 
all request types (not limited to forward proxy requests).
New subcommands:

ns_conn target: Returns the complete request target, including query 
parameters, from the HTTP start line.
ns_conn fragment: Returns the fragment identifier (after #) if present.
ns_conn urldict: Parses the request URL into a Tcl dictionary for structured 
access.
ns_conn host: Supports an optional default value if the host is not determined.
ns_conn details: Returns a dictionary with driver-specific connection metadata.
ns_connchan

Security and diagnostics improvements:

ns_connchan debug: Set or query the debug level.
ns_connchan connect / ns_connchan open: Now accept additional security-related 
options: -cafile, -capath, -cert, -hostname, -insecure, -driver, and 
-unixsocket.
ns_connchan status: Added -server option for multi-server introspection.
ns_connchan write: Now performs buffered writes.
More detailed timeout handling

ns_driver

info, names, stats, and threads support the -server option to allow 
multi-server diagnostics.
ns_http

Connection handling and introspection:

Persistent HTTP connections supported via the keepalive option in httpclient 
configuration.

Introduced support for multiple task threads.

Streaming response support for incremental data handling (useful for large file 
transfers and LLM interaction).

Default timeout configuration for requests.

New callbacks: response_header_callback and response_data_callback.

Renamed -donecallback to -done_callback (old name deprecated).

Added support for informational HTTP status codes (e.g., 100 Continue).

New subcommands:

ns_http keepalives: Displays active persistent connections.
ns_http taskthreads: Provides insight into HTTP client threads.
Major internal refactoring of tclhttp.c for modularity and maintainability.

ns_ictl

getmodules: Now supports the -server option for per-server introspection.
ns_info

Added subcommands:

argv: Returns the original argument vector.
bindir: Returns the binary directory path.
buildinfo: Displays build-time config and version info.
logdir: Path to the log directory.
meminfo: Displays memory statistics (when using tcmalloc).
ns_ip

Added subcommands:

inany: Checks if an IP matches any configured address.
properties: Returns metadata about configured IPs.
public: Determines if an IP is publicly routable.
trusted: Checks if an IP is trusted.
valid: Validates IP syntax.
These enhancements supersede the need for ns_subnetmatch.

ns_issmallint

New command to check if a value is a valid small integer (replaces the old, now 
deprecated issmallint).
ns_logctl

New subcommand grep: Searches log files with pattern matching, stripping color 
codes and handling line continuations.
ns_register* Enhancements

All ns_register_* commands now support the -constraints option, enabling 
context-sensitive behavior.
New command: ns_register_auth allows registration of user- and request-level 
authorization handlers.
ns_server

New subcommands:
authprocs: Lists registered request/user auth procedures.
hosts: Lists registered hostnames for the server.
logdir: Returns the server log directory.
realm: returns or sets the realm of the server
serverdir: Returns the base directory for the virtual server (-effective 
returns the resolved runtime path).
vhostenabled: Returns a boolean indicating virtual hosting status.
ns_server mapped: New option -all returns a dict with handler and pool info.
ns_set

Case-insensitive support:

New -nocase flag for ns_set create and related operations.
Deprecated the i* subcommands (e.g., iget, ifind) in favor of unified interface.
Multi-valued key support:

-all option retrieves all values for a given key in ns_set and ns_config.
New subcommands:

format: Pretty-prints the set contents.
stats: Returns memory usage statistics.
delkey: Now returns a boolean success flag.

Internal improvements:

Refactored ns_set internals using dense storage for lower memory use and better 
cache locality.
Replaced deeply nested switch logic with modular, maintainable code.
ns_thread

Unified thread creation:

Use ns_thread create for all thread types.
Deprecated begin and begindetached to align with ns_cond, ns_mutex, and ns_sema 
usage.
ns_urlspace

Wildcard matching now supports path-segment-level matches (previously limited 
to leaf nodes).

Applied improved matching in nscgi to support directory-wide CGI mapping.

Renamed option -contextfilter to -constraints in ns_urlspace set/unset to match 
the new registration API.

Database Enhancements

ns_db info: Returns a dictionary of metadata for a given DB handle.
ns_dbpooldescription: Renamed from the previous ns_pooldescription for 
consistent naming.
ns_db rowcount: Fixed in this release to return actual row counts.
New Utilities

ns_fseekchars: Efficiently scans a stream for a string (e.g., for 
multipart/form-data parsing).
ns_joinurl: Constructs well-formed URLs from path components.
ns_mkdtemp: Creates a unique temporary directory (POSIX-style mkdtemp()).
ns_parsehtml: Parses HTML fragments into a structured Tcl dict.
ns_parsemessage: Parses MIME-style messages (e.g., emails or HTTP headers).
ns_percentencode / ns_percentdecode: Replace deprecated ns_urlencode and 
ns_urldecode for robust URL-safe encoding/decoding.
Changes in Core Modules

nscgi

New command: ns_register_cgi for dynamic CGI handler registration (supports 
-noinherit, -path, etc.).
Supports unregistration via ns_unregister_op.
New environment variables: SCRIPT_FILENAME, REQUEST_URI.
Refactored to support major web apps (e.g., WordPress, Joomla).
See commit 36027b70215 for implementation details.
nscp

Integrated with new authorization system (e.g., via nsperm users).
New command nscp users: Lists registered users for nscp authentication.
nsperm

Acts as a pluggable authorization provider for request/user scopes.
New config parameter: allowLoopbackEmptyUser—permits unauthenticated loopback 
access when enabled.
Added support for setting default server start pages and nsstats.
nsproxy

New subcommand: ns_proxy workers—provides detailed runtime info on proxy worker 
processes.
Bug Fixes

Stability and Crash Resolutions

Addressed multiple potential crash scenarios:

Robust handling of HTTP CONNECT requests.
Fixed crashes caused by missing or empty argument lists in commands such as 
ns_filestat, ns_sockcallback, and ns_ictl oncleanup.
Prevented crash in ns_log when invoked with an empty message.
Resolved a 24-year-old bug in Ns_AdjTime() that could lead to fatal errors due 
to microsecond overflow in multithreaded environments.
Fixed crash in ns_conn copy when operating on empty content.
Prevented crash in ns_sema release with invalid semaphore counts.
Corrected off-by-one error in ns_adp_bind_args that could access uninitialized 
Tcl_Obj values.
Fixed crash in ns_inet_ntop due to unsafe memory operations with overlapping 
regions (notably on aarch64 with musl).
Resolved crash in Ns_SetIUpdateSz() caused by case mismatch in header keys with 
the legacy C API.
Fixed crash during nscp startup when the users section was not configured.
Prevented crash in debug mode when the Host: header could not be mapped to a 
virtual server and the driver was installed locally.
Avoided crash when launching nsd with -c and -t options and no home parameter 
defined.
Fixed crash during computation of ns_conn location when the network driver was 
not globally installed (global installation now recommended).
Fixed crash due to self-destructive header replacement when ns_conn 
outputheaders are passed via ns_respond ... -headers ...
Functional Correctness and Logic Fixes:

ns_conn status: Fixed issue where updated status codes were silently ignored.
ns_conn doneCallback: Ensured this callback is always invoked in ns_http.
nsv_dict get: Fixed a memory leak in value retrieval.
ns_conn peeraddr: Resolved race condition in pipelined requests that could 
yield incorrect peer addresses.
ns_cache_eval -force: Fixed race condition that could produce obsolete results.
ns_sema create: Corrected handling of initial count values (e.g., 1000).
ns_trim: Fixed spacing logic to trim only leading and trailing whitespace, 
preserving internal spacing.
ns_config -int: Corrected fallback behavior when invalid values are supplied, 
now correctly using documented defaults.
ns_sockcallback: Now gracefully handles missing arguments.
ns_socknread: Fixed inaccurate results for buffered connections.
ns_crypto::aead::encrypt/decrypt: Restored compatibility with OpenSSL 1.1.1.
Fixed incorrect parsing of encoded backslashes in URLs.
Ns_StrTrimRight(): Corrected UTF-8 handling in right-side string trimming.
Fixed ns_conn location when running behind a reverse proxy to always returns a 
value, even in broken configurations.
OpenSSL fixes

Added support for detecting and validating OCSP Must-Staple and AIA presence in 
certificates. Without that, NaviServer might crash, when OCSP is turned on, and 
NULL values are passed for AIA URLs (letsencrypt)
Introduced stable output buffers for send operations to support retries after 
SSL_ERROR_WANT_WRITE, preventing connection failures under high load.
Improved error handling in OpenSSL integration by draining the error stack via 
DrainErrorStack().
HTTP Client Fixes

ns_http:
Reordered initialization in NsInitServer() to ensure submodules can access a 
fully configured server state.
HTML and ADP Parsing Fixes

ADP Parser:
Enhanced support for quoted > characters inside attribute values, aligning with 
modern HTML parsing rules.
return-notice handling:
Suppressed spurious error messages when fallback ADP templates are processed 
outside of a full ADP context.
ns_striphtml: 
Fixed long-standing bug where adjacent HTML entities were incorrectly 
decoded—only the first entity was processed.
Logging and Diagnostics Fixes

Fixed misleading log output when dynamically changing extended headers via 
ns_accesslog extendedheaders ....
Improved error messages when port binding fails due to conflicts with driver 
assignment.
Fixed off-by-one error in the virtual server port configuration logic.
Clarified or corrected multiple logging messages across modules for better 
diagnostics.
nscgi Module Fixes

Fixed file upload failures when uploads were internally spooled by NaviServer — 
previously returned 500 errors.
Corrected processing of CGI script exit codes not 0.
Fixed hostname and port reporting for SERVER_NAME.
Database Fixes

ns_db rowcount: Fixed regression where the row count logic was not invoked, 
rendering the command a no-op.
Build and Compatibility Fixes

Suppressed obsolete --enable-threads warning for Tcl versions where thread 
support is now enabled by default.
Fixed compilation failure with glibc 2.38+ due to PTHREAD_STACK_MIN becoming 
dynamic via sysconf().
General Cleanups

Fixed small memory leak triggered by serverrootproc reset.
Numerous minor typo corrections, comment clarifications, and small logic 
cleanups across modules.
C-Level Infrastructure, C API Enhancements, and Build System

Core Infrastructure Improvements

Socket Layer Enhancements:

Added sendErrno field to the Sock structure to improve diagnostics and tracking 
of write errors.
Modernized Initialization:

Introduced NS_INIT_ONCE() macro for thread-safe one-time initialization, 
replacing legacy double-lock patterns.
Data Structure Utilities:

Added utility functions Ns_DListSaveString() and Ns_DListFreeElements() to 
simplify dynamic list management.
Replaced use of legacy Ns_DString functions with standard Tcl_DString, 
modernizing internal data handling.
Debugging Support:

Added NsHexPrint() for hex-dumping of byte sequences, aiding in low-level 
debugging and analysis.
Introspection Enhancements:

Introduced Ns_TclReturnCodeString() and Ns_ReturnCodeString() to convert 
internal return codes into readable strings, improving log clarity and 
diagnostics.
Code Quality and Performance:

Applied extensive internal refactorings to improve performance, cache locality, 
and maintainability across multiple subsystems.
C API Enhancements

General:

Added typedefs for Ns_AuthorizeRequestProc, 
Ns_AuthorizeUserProc,Ns_UrlSpaceMatchInfo, Ns_DriverConnInfoProc
Added enum for Ns_RequestType, Ns_UrlSpaceOp, Ns_DriverClientInitArg
Added API calls in ns.h: Ns_ConfigFilename, Ns_ConnTarget, 
Ns_UrlSpaceMatchInfo, Ns_ConnServPtr, Ns_DStringAppendSockState, 
Ns_RegisterFilter2, Ns_TaskQueueLength, Ns_TaskQueueName, Ns_TaskQueueRequests, 
Ns_ObjvTablePrint, Ns_InfoLogPath, Ns_LogPath, Ns_ServerLogDir, 
Ns_ServerRootProcEnabled, Ns_ServerLogGetFd, Ns_ServerLogCloseAll, 
Ns_ServerLogRollAll, Ns_GetServer, Ns_ServerName, Ns_SockSetSendErrno, 
Ns_SockGetSendErrno, Ns_SockGetSendRejected, Ns_SockGetSendCount, 
Ns_SockFlagAdd, Ns_SockFlagClear, Ns_SockSendBufsEx, Ns_SockConnectUnix, 
Ns_SockGetClientSockAddr, Ns_SockGetConfiguredSockAddr, 
Ns_SockaddrPublicIpAddress, Ns_SockaddrTrustedReverseProxy, Ns_SockaddrInAny, 
Ns_SockaddrAddToDictIpProperties, Ns_TclReturnCodeString, Ns_ReturnCodeString, 
Ns_TclInterpServPtr, Ns_LogDeprecatedParameter, Ns_RegisterFastUrl2File
Extended Ns_Request, Ns_TclCallback
Refactored Ns_ConnReturnMoved() and Ns_ConnReturnRedirect() to unify 
redirection logic.
Secure Communication and Validation:

Added fine-grained certificate validation APIs
Improved error stack draining for OpenSSL operations.
Extended C API for ns_connchan:

Introduced a minimal C-level API for connchan connections, enabling finer 
control over lower-level network operations.
Build Platform Compatibility:

Updated Windows build system to use NS_IMPORT in place of deprecated NS_EXTERN.
Avoided use of deprecated C functions such as mktemp() to improve portability 
and security.
Build System and Tooling

Configuration and Sample Support:

Replaced hard-coded OS commands (ls, mv, ...) consistently with build variables
Replaced hard-coded OpenSSL binary references with the $(OPENSSL) build 
variable.
Enhanced log path and configuration variable handling to support more dynamic 
setups.
Test Infrastructure:

Extended regression and compatibility test coverage to validate edge cases and 
cross-platform behavior.
Build Metadata Introspection:

Added support for build-time introspection of environment settings, including 
allocator type (e.g., malloc), compiler version, and Tcl build info.
Optional Deprecation-Free Builds:

Introduced build flag NS_NO_DEPRECATED to exclude deprecated functions and 
APIs, mirroring Tcl’s TCL_NO_DEPRECATED mechanism.
CI/CD Modernization:

Upgraded GitHub Actions workflows from version 3 to version 4 for improved 
performance and compatibility.
Sample Configuration Files:

Improved sample configurations (nsd-config and openacs-config) to use 
environment-specific settings via ns_configure_variables
prefer names http and https instead of nsock and nsssl inside sample 
configuration files to ease configuration for new users.
Documentation Updates

Comprehensive Overhaul

Conducted a thorough review and restructuring of all documentation:

Tcl Command Documentation:

Ensured all implemented Tcl commands and their options are fully documented.
Removed documentation for obsolete or unimplemented commands.
Deprecated commands are no longer advertised in manuals or used in examples.
Introduced a dedicated section listing deprecated commands.
Enabled automated generation of a complete command reference.
Test Alignment:

Verified that every implemented Tcl command is covered by regression tests.
Ensured that all documented commands are also implemented and tested.
Syntax and Formatting Consistency

Standardized placeholder syntax across the documentation and syntax error 
messages (see commit ffbd32774dbfor details).
Manual Page Improvements

nscgi: Significantly revised documentation and usage examples for clarity and 
completeness.

admin-config.man: Added a new section on “Customizing File Locations”.

Added and updated sections covering:

Basic templating features.
Error handling mechanisms.
Recently introduced Tcl commands and options.
Visual and Structural Enhancements

Updated diagrams and usage examples related to:

Request processing flow.
Reverse proxy (revproxy) behavior.
Additional Improvements

Numerous corrections to spelling, grammar, formatting, and internal linking 
throughout the documentation.
Deprecation Management Infrastructure

Introduced compiler warnings for usage of deprecated Ns_DString* functions
Added log severity level Deprecated to better surface deprecated usage at 
runtime
Documented all deprecated commands in a dedicated section of the command 
reference
Deprecated the use of manual double-checked locking for one-time initialization 
replaced by the NS_INIT_ONCE() macro for safer and cleaner initialization 
semantics
Deprecations

Tcl-Level Command Deprecations

Deprecated the following Tcl commands:

ns_set print → replaced by ns_set format

ns_checkurl and ns_requestauthorize → replaced by ns_auth request

ns_thread begin → replaced by ns_thread create

ns_thread begindetached → replaced by ns_thread create -detached

ns_event → replaced by ns_cond

ns_pooldescription → replaced by ns_dbpooldescription

keyldel, keylget, keylkeys, keylset (from TclX) → replaced by native dict 
functionality in Tcl

Legacy experimental functions (marked TBD for over 20 years) are now deprecated:

ns_browsermatch, ns_choosecharset, ns_cookiecharset, ns_formfieldcharset, 
ns_formvalueput, ns_paren, ns_tagelement, ns_tagelementset
Deprecated non-namespaced functions:

getformdata, issmallint
ns_parsetime: now officially deprecated (was internally marked "To be removed" 
for ~15 years)

ns_set_precision: deprecated in favor of standard Tcl idioms

Tcl-Level Option Deprecations

Deprecated options:

-buffered in ns_connchan write
-donecallback in ns_http → replaced by -done_callback (naming consistency)
-binary (previously used to indicate Tcl objects with binary data) → replaced 
by -data, aligning with conventions where -binary is a boolean flag
C-Level API Deprecations

Deprecated or removed C functions:

Ns_ObjvFlags() → replaced by Ns_ObjvIndex() for option parsing (removed 
redundancy)
Ns_SockSendBufs2() → replaced by Ns_SockSendBufsEx() which returns an 
additional errorCode
Ns_TclInitInterps() → removed (marked as deprecated since 2005)
Deprecated internal usage of OpenSSL and Tcl functions that have been marked as 
deprecated upstream
All C functions previously marked as deprecated in source comments are now 
officially deprecated
Configuration Parameter Deprecations

Global config parameters:

logroll: → replaced by logrollonsignal (standardized log rotation behavior on 
SIGHUP)
serverlog: → replaced by systemlog to reduce ambiguity between system and 
per-server logs
Section parameter changes:

serverdir in the fastpath section is now deprecated → use serverdir in the main 
per-server section instead (reflecting its broader usage scope)
Changes in extra Modules

letsencrypt

Tcl9 compatibility changes
nsauthpam

Tcl9 compatibility changes
License upgrade
nscoap

Tcl9 compatibility changes
NaviServer 5 compatibility
License upgrade
nsdbbdb

Replaced deprecated Ns_DString operations
Support for LMDB
nsdbi

Removed calls to deprecated functions
Tcl9 compatibility changes
nsdbilite

Removed calls to deprecated functions
nsdbimy

Removed calls to deprecated functions
nsdbipg

Removed calls to deprecated functions
nsdbmysql

Removed calls to deprecated functions
nsdbpg

Tcl9 compatibility changes
NaviServer 5 compatibility
Removed calls to deprecated functions
License upgrade
nsdbsqlite

Fixed execution of DML queries.
Removed calls to deprecated functions
Pulled in new upstream version (3.47.2) of qlite3.c
nsdns

Removed calls to deprecated functions
Code cleanup
nsldap

Added support for LDAP URIs in pool configuration
Removed calls to deprecated functions
Removed unneeded compile macro
Fixed result setting of "connected" subcommand
Refactor nsldap Tcl command into modular subcommands
Tcl9 compatibility changes
Updated documentation
nsloopctl

Tcl9 compatibility changes
Minor code cleanup
nsmemcache

Removed calls to deprecated functions
nsoracle

Added experimental boolean configuration parameter convertEncoding: When this 
Boolean parameter is true, the connection is created with OCIEnvNlsCreate() 
instead of OCIEnvCreate(). OCIEnvNlsCreate was introduced with Oracle9 and is 
an enhanced version of OCIEnvCreate() which is used by default (legacy setting) 
or when ConvertEncoding is not true. This parameter performs on-the-fly 
conversions when connecting to a Latin1 encoded database.
Removed calls to deprecated functions
Modernized configuration (range checks) and use Ns_ReturnCode when appropriate
Tcl9 compatibility changes
nsphp

Removed calls to deprecated functions
nsshell

Updated command list for command completion for NaviServer 5
Updated most JavaScript libraries
nssmtpd

Simplified configuration (provided defaults were possible)
Added support for providing mail server password via userinfo in relayhost
Fixed multi-line response parsing
Tcl9 compatibility changes
NaviServer 5 compatibility
Removed calls to deprecated functions
Updated documentation
License upgrade
nssnmp

Removed calls to deprecated functions
nsstats

More detailed reports:
added list of loaded modules per server
added list of all registered domain names for a driver
added server log dir to per-server information
Refactored web UI (adjusted layout for NaviServer 4.99 and 5)
Added support for dark mode
Added support for nsperm module, when installed
Made parsing of http client log file more robust
License upgrade
nssyslogd

Removed calls to deprecated functions
NaviServer 5 compatibility
nstk

Tcl9 compatibility changes
nsudp

Tcl9 compatibility changes
NaviServer 5 compatibility
License upgrade
nswebpush

Tcl9 compatibility changes
Updated code for newer and more picky web servers
Fixed code for aes128gcm
revproxy

moved code to main repository
websocket

NaviServer 5 compatibility
Avoid deprecated messages for ns_conn write -buffered
Improved documentation
More detailed timeout handling
_______________________________________________
naviserver-devel mailing list
naviserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/naviserver-devel

Reply via email to