NOVELL TECHNICAL INFORMATION DOCUMENT TITLE: WS251C patch file README FOR: WS251C.EXE NOVELL PRODUCTS and VERSIONS: Web Server - Web 2.51 NetWare WEB Server 2.51 ABSTRACT: General release kit for the NetWare Web Server 2.51 (IntranetWare and NetWare 4.11). ----------------------------------------------------------------- DISCLAIMER THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL. NOVELL MAKES EVERY EFFORT WITHIN ITS MEANS TO VERIFY THIS INFORMATION. HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY. NOVELL MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION. ----------------------------------------------------------------- ISSUE: The following issues are fixed in this release kit. (* indicates fixes that are new since the last WS251x general release patch file.) Up to 50 "require group" and "require user" lines are now allowed for each directory entry in the ACCESS.CFG file (or for each ACCESS.WWW file). You can also put more than one entry on each line (separating each with a space) up to a maximum line length of 255 characters. Web Manager will automatically put more than one user or group on a "require user" or "require group" line. Web Manager will now add a user's full context name to the "require user" line, allowing for users from multiple contexts to be specified even if they have the same user names but reside in different contexts. When entering a user name when the browser asks for a username and password to access a restricted document, only the user name has to be entered. The authenticating user does not need to enter the full context when authenticating as long as the user name specified in the access control file has the full context. The number of "allow" lines in a directory entry in the ACCESS.CFG file (or in each ACCESS.WWW file) has been increased to 50. Aliases to users now works properly when "require group" is used to establish access control. A long URL (greater than about 450 characters) will no longer cause the file server to abend. Access and Error log files now roll properly as configured through the Web Manager utility. The Web Server will no longer abend if the same page is accessed many times. Having an extra '_' character in a volume name will no longer cause problems accessing ~user home pages. The Web Server will process more than one thread at a time. The Netscape Navigator browser will no longer return "Document contains no data" errors if the document was last downloaded by an Internet Explorer browser. Text file based user and group authentication has been corrected. The Web Server will now automatically close TCPIP connections that are being left open. The default wait time is 5 seconds, but it can be modified by setting the TCPLinger Time in the HTTPD.CFG file. However, if the TCPLinger Time is set in the HTTPD.CFG file and Web Manager is subsequently run, the Web Manager utility may delete that entry when it re-writes the HTTPD.CFG. The access log file will no longer contain a '?' in a log file entry unless the URL passed to the server specifically contains it. The NDS browser will no longer return a -603 error when browsing an organization role. The NDS browser will no longer return an error when browsing an organization role that contains a slash in the name. Accessing Perl scripts in rapid succession no longer causes a memory leak of its small memory allocations. A Perl script containing an infinite loop will no longer hang the server. Perl support for long file names was added. Additional library directory paths can be specified within Perl. PERLGLOB.NLM now unloads itself automatically when it completes it's processing. Web Manager no longer greys out the names of users in the parent directory after "All valid users" was clicked in a child directory. In Web Manager, the extra separator bar below the Copy menu item has been removed. If when running Web Manager you are authenticated to two trees, and your default tree is NOT the same tree the Web Server is installed in, you will be prompted to change trees. This is to eliminate the wrong NDS information showing up in Web Manager. The Homepage and Photo NDS object attributes can now be added to other NDS objects besides the user objects. When using a NetWare Administration utility that supports long file names (such as NWADMIN95.EXE) you can now specify a long file name for the homepage of an object in the NDS tree. * Volume names containing more than one underscore (_) would not be parsed correctly. This caused various problems such as a user's home directory not being found. * Document contains no data errors when a document is accessed by Internet Explorer, then immediately accessed by Netscape Navigator. * The HTTP.NLM would only use one of the threads it allocates when it starts up, even if simultaneous requests are received. * HTTP.NLM not rolling access and error logs properly. * HTTP.NLM abends due to the server passing an invalid semaphore number to THREADS.NLM. * Abends when accessing the same Web page many times. * File based (as opposed to NDS based) user and group authentication problems. * TCPIP connections climbing and not being released. By default, old connections are not automatically removed and, if an ACK is never returned by the client to the server the connection may remain open indefinately. A new directive has been added. To set the timeout to automatically remove lingering TCPIP connections, add "TCPLingerTime sec" to the HTTPD.CFG file and reload HTTP.NLM (where 'sec' is the number of seconds before the connection is removed). * A slash (/) in an object name causing NDS browsing errors. * The question mark (?) in the access log file causing problems with third-party log file analysis tools. * A user logging in with a username that is a substring of another user's name and with a password which is a substring of the other user's password could access the web page as that other user. * The ACCESS.CFG directive "order allow, deny" would cause HTTP.NLM load time errors because of the space between "allow," and "deny". * PERL5 has been added, allowing multi-threaded Perl requests. Perl 5 also runs as an LCGI application, eliminating any security risks from an intruder connecting to an RCGI port. Self-Extracting File Name: ws251c.exe Files Included Size Date Time ..\ WS251C.TXT (This file) WS251C.IPS 3907 5-29-97 2:58:16 pm ..\PUBLIC\ HDK3CTNT.DLL 180736 8-19-96 3:56:42 pm WEBMGR.EXE 263440 10-17-96 10:35:06 pm WEBMGR.HLP 213302 10-7-96 8:12:14 pm WEBSNP3X.DLL 58073 10-7-96 6:01:18 pm ..\PUBLIC\WIN95\ WEBSNP95.DLL 37376 10-7-96 6:07:46 pm ..\SYSTEM\ CSSYSMSG.NLM 126952 2-26-97 11:50:02 pm HTTP.NLM 377328 3-14-97 9:40:14 pm PERL5.NLM 595304 2-27-97 9:55:24 pm PERLGLOB.NLM 2395 2-27-97 9:50:20 pm ..\SYSTEM\NLS\ ..\SYSTEM\NLS\4\ CSSYSMSG.HLP 3302 5-18-93 10:49:38 pm CSSYSMSG.MSG 12811 1-21-97 10:52:12 pm PERL5.MSG 1656 2-27-97 9:55:18 pm ..\WEB\ ..\WEB\DOCS\ ..\WEB\DOCS\CGI\ ..\WEB\DOCS\CGI\NDSOBJ\ NDSOBJ.NLM 70873 2-12-97 6:59:42 pm Installation Instructions: IMPORTANT: Before installing this patch, verify that you have the latest version of the CLIB libraries for the NetWare OS you are running. It is also strongly recommended you apply the latest version of TCPIP and any other patches from the minimum patch list that apply to your installation. See the minimum patch list on http://support.novell.com to determine what patches to apply. Copy this patch file to a temporary directory on the file server and run it to extract it's contents. At the server's console: load INSTALL.NLM. Select "Product options". Select "Install a product not listed". Press and enter the path to the temporary directory. Follow the prompts presented by the installation program. NOTE: This installation script is a simple 'batch' type script. It copies the files provided in this patch, and that is all. It does make backups of the files it is replacing. However, it doesn't provide an uninstall to remove the patch files (removing the product entry from Install only removes the listing). If you wish to restore the backup of the patched modules, you will need to copy them from the backup directory. ENABLING PERL5 This file contains a PERL5.NLM. This new version of Perl works as an L-CGI application rather than R-CGI. It also provides better support for multiple simultaneous requests. To enable Perl5: 1- Add the following lines to the Web Server's SRM.CFG... LoadableModule /perl5/ sys:/system/perl5.nlm LoadableModule /lcgi/perl5/ sys:/system/perl5.nlm This allows for both '/perl5/' and '/lcgi/perl5/' to be specified in the URL as aliases to the Perl interpreter. For example, both of these lines will do the same... http://servername/perl5/cardsamp.pl http://servername/lcgi/perl5/cardsamp.pl 2- Create a directory SYS:\WEB\DOCS\LCGI. 3- Create a directory SYS:\WEB\DOCS\LCGI\PERL5. 4- Copy the Perl scripts you wish to run under Perl5 to the new SYS:\WEB\DOCS\LCGI\PERL5 directory. 5- (Optional but recommended) Comment out the RemoteScriptAlias line for /perl/ in the SRM.CFG to disable Perl 4. 6- (Optional but recommended) Comment out the 'load perl' line from the SYS:\SYSTEM\UNISTART.NCF file to disable Perl 4 from loading. 7- Unload and reload the server (UNISTOP and UNISTART from the system console). NOTE: The PERL5.NLM loads automatically when a URL containing the corresponding alias from the SRM.CFG is passed to the server. While PERL5.NLM is loaded in memory, typing PERL5 by itself on the system console will display a help screen of valid PERL5 console commands which provide further debug information. ----------------------------------------------------------------- Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information. -----------------------------------------------------------------