This patch fixes the CGI example program Bas64.exe, which may cause a GPF when overlength username/password are entered. Furthermore the CGI server interface has enhanced in the same way as the ISAPI interface, i.e. Win32 system error dialogs are suppressed.
PHP 5.2.7 has been released. Some information, how to use it as embedded PHP scripting engine with Pi3Web 2.0.3 follows:
- Pi3Web 2.0.3 PL3 is installed (PL2 is minimum requirement)
- server setup has been performed with up to date Pi3Web binaries (otherwise execute EnhPi3.exe /SETUP ../Conf/Confi.pi3 in folder Pi3Web\bin, old configuration will be lost)
- Pi3Web server has been shutdown
- backup of the folder Pi3Web has been made... read more
The patch PL3 for Pi3Web 2.0.3 fixes the popup of a
Windows error dialog, when the server has been installed in desktop mode and an URI like /isapi/users.txt is requested. HTTP status is set to 404 after an URI has been requested, which is not mapped to a valid Win32 DLL image but to another file.
For Win32 there's a PHP5 handler module for Pi3Web available now. It has been tested with PHP 5.0.2 and Pi3Web 2.0.3. It should also work with older versions of Pi3Web. See the README file inside of the downloadable archive for more details and installation instructions.
Pi3Web 2.0.3 has been released. Win32 binary and source distributions are available, binaries for Linux and Solaris will follow soon. See the release notes/change log for the changes in this minor release.
A patch has been made available in order to upgrade the library openssl-0.9.7a used by Pi3Web 2.0.2 to openssl-0.9.7c for the Win32 platform:
This patch fixes a problem with SSLv3 and TLSv1 'client HELLO', which prevents connections initiated by many clients (browsers), using SSLv3 or TLSv1 (only SSLv2 works).
Furthermore a lot of bugfixes related to multi-threading have been performed in this release of
the openssl library, which seem to fix also the
existing SSL problems with Netscape 6.x, 7.x (browser hangs in sub-connections).
The same problems exist in the Linux/Solaris builds of
the library. Linux/Solaris users are encouraged to
build the openss-0.9.7c after downloading it from here:
http://www.openssl.org/source/openssl-0.9.7c.tar.gz... read more
Pi3Web 2.0.2 has been released based on the RC2. Win32 binary, source distributions are available, binaries for Linux and Solaris are available. The most important enhancements are operation of multiple I/O interfaces in parallel (e.g. SSL and non SSL) and support of SSL server key and certificate generation using the administration GUI as well as several bugfixes. Refer to the release notes for more details.
The Pi3CA has been published as part of the Pi3Web website: http://pi3web.sourceforge.net/pi3ca/.
This Certification Authority (CA) delivers both user certificates for web browsers and server certificates for SSL web servers solely for testing and demonstration purposes to support the SSL functionality of the Pi3Web server. You can also revoke a certificate issued by this CA.
You can download the CA root certificate (MD5 Fingerprint C5:8B:7E:D4:5B:CA:C5:44:2B:48:34:E4:3C:30:6A:0F)
and the current Certificate Revocation List (CRL).
You are asked to read the policy of the CA before using it.
Pi3Web 2.0.2 beta 2 has been released. Win32 binary distribution is available. The changes related to Beta 1 are:
Upgraded embedded PHP4 to PHP 4.3.2, improved the filtering for invalid characters in request URIs and fixed some more minor issues.
Pi3Web 2.0.2 beta 1 has been released. Win32 binary distribution is available, source distribution and binaries for Linux and Solaris will follow. Due to some architectural changes in the multithreading kernel (thread reusage, multithreaded accept handling) a beta phase has been included. Refer to the release notes for more details about features and changes.
Pi3Web 2.0.1 has been released based on the RC2. Win32 binary and source distributions are available, binaries for Linux and Solaris will follow. The most enhancements are related to the administration GUI. Refer to the release notes for more details.
To summarize all security related informations about Pi3Web at the internet, for Pi3Web and general web server security related discussions and solutions there's a new discussion forum available -
Pi3Web is a multithreaded, highly configurable HTTP 1.0/1.1 Web server written in C++ available on Windows and Posix platforms. Pi3Web 2.0 supports among other things CGI, FCGI, Win-CGI, SSI, directory indexing, embedded perl, PHP4, Servlets and SSL.
A stable and efficient 'early access' release of Pi3Xslt, an integration of a libxml2- and libxslt-based (http://xmlsoft.org/) XSLT stylesheet processor for Pi3Web 2.0 has been released for evaluation.
Don't hestitate to send feature request, enhancements or bug reports to firstname.lastname@example.org.
Pi3Web 2.0.0 has been released based on the RC3. Win32 binaries including Pi3Perl and Pi3Servlets are available, binaries for Linux and Solaris will follow. Refer to the release notes for more details.
Based on the Pi3 platform architecture, Pi3Client performs multiprocess and multihreaded HTTP/1.0 and 1.1 load and stress tests. Test cases could be created statically in a configuration file or in separate text files. Binaries are available for Win32 and x86Linux.
For the Pi3 platform refer to http://pi3web.sourceforge.net/.
There's a Pi3Perl and Perl Server Pages (PSP) add on package for Pi3Web v2.0 obtainable from now. This is still alpha stadium and ActivePerl 5.6.1 is additional required. Pi3Perl is embedded, pre-parsed perl and PSP is a perl embedding tag language similar to JSP.
For the language specification refer to http://pi3web.sourceforge.net/pi3perl/psp_v0.5.pdf
Pi3Web 2.0.0 beta2 is now also available on SPARC SunOS 5.8 (Solaris 8) including PHP4, SSL and Servlet engine.
Pi3Web 2.0.0 beta2 is available as Win32 install package. Linux and Source packages will follow during the next few days. The package includes
the b1 and the last changes. Servlet engine is
available as regular Plugin now.
Pi3Servlet 2.0.0 beta2 is available as Win32 install package. This Servlet API 2.1 compliant Servlet Engine is a regular Plugin for Pi3Web 2.0.
A Linux package will follow during the next few days.
Pi3Web 2.0 can run servlets, JSP support is under development. A download package for Pi3Web 2.0 is available here at sourceforge or from the Pi3 homepage as a pre-release.
With some simple additional effort you can run Microsoft ASP 1.0 or Allaires ColdFusion 4.5 on Pi3Web 1.03 and 2.00b. An archive, which contains the binaries and all necessary informations is available for download at sourceforge and at the Pi3Web homepage.