Newer
Older
(structured entity tags ensure that caches which can deal with Vary
will (eventually) be updated if the set of variants on the server
is changed)
- this involved adding a vlist_validator element to request_rec
- this involved adding the ap_make_etag() function to the global API
- modified guessing of charsets used by Apache negotiation algorithm
to guess 'no charset' if the variant is not a text/* type
- added code to sort multiviews variants into a canonical order so that
negotiation results are consistent across backup/restores and mirrors
- removed possibility of a type map file resolving to another type map
file as its best variant
[Koen Holtman, Roy Fielding, Lars Eilebrecht] PR#3451, 3299, 1987
*) RFC2396 allows the syntax http://host:/path (with no port number)
but the proxy disallowed it (ap_proxy_canon_netloc()).
*) When modules update/modify the file name in the configfile_t structure,
syntax errors will report the updated name, not the original one.
*) Correct some filename case assumptions from WIN32 to
CASE_BLIND_FILESYSTEM. [Brian Havard <brianh kheldar.apana.org.au>]
*) For %v log ServerName regardless of the UseCanonicalName
setting (similarly for %p). [Dean Gaudet]
*) Configure was initializing the variables $OSDIR, $INCDIR and $SHELL
rather late (too late for some invocations of TestCompile).
This improves the make environment available to TestCompile and
the *.module scripts. [Martin Kraemer]
*) The hashbang emulation code in ap_execve.c would interpret
#!/hashbang/scripts correctly, but failed to fall back to a
standard shell for scripts which did NOT start with #!
Now SHELL_PATH is started in these cases. [Martin Kraemer]
*) PORT: Added the Cyberguard V2 port [Richard Stagg <stagg lentil.org>]
PR#3336
*) Update APXS manual page: some -q option arguments were missing
and another was incorrect. [Mark Anderson <mda discerning.com>] PR#3553
*) Cleanup the command line options: `-?' was documented to show
the usage list but does it with an error because `?' is not a valid
command. OTOH a lot of users expect `-h' to print such a usage list and
instead are annoyed for ages by our huge unreadable list of directives.
So we now changed the command line options this way:
1. `-L' => `-R'
Intent: we need `-L' to be free, and `-R' for the DSO run-time path is
very similar to the popular linker option.
2. `-h' => `-L'
Intent: while -l gives the small list of modules, -L now gives the
large list of directives implemented by these modules. This is also
consistent with -v (short version info) and -V (large version info).
3. `-?' => `-h'
Intent: it's now the expected option ;-)
The manual page was adjusted accordingly.
[Ralf S. Engelschall] PR#2714
*) Fixed problem of fclose() on an unopened file in suexec if LOG_EXEC
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
8105
8106
8107
*) Removed recently introduced bugs and disfigurements in APACI:
o fixed argument line processing: using $args was broken: It was not
initialized and using args="$args $apc_option" and even args="$args
\"$apc_option\"" fails in the second processing round for any arguments
containing whitespaces. The only correct way is to use the construct
"$@" (but not possible here) or iterate _both_ times over the implicit
argument line (no argument to for-loop) which is what we now use.
o make --with-layout=Apache the default without creating
redundancy (copying the --with-layout block in the argument parsing
loop). We achieve this by using the "$@" construct together with the
`set' command to prepend --with-layout=Apache to the command line in
case --with-layout is not used.
o fixed auto-suffix handling now that config.layout exists.
Paths which are auto-suffixed are marked with a trailing plus sign in
config.layout and every path now can be marked this way (not only the
four paths for which we do it currently). Additionally the suffix is
no longer a static one. Instead it's now `/<target>' where <target> is
the argument of the --target option or per default `httpd'.
o allow also tabs (and only spaces) where we match whitespaces
o various fixes and cleanups related to used shell coding style
o made Jim happy by replacing `Written by' with `Initially written by' ;-)
o trimmed output of --help to fit into 80 columns
[Ralf S. Engelschall]
*) Added two new core API functions, ap_single_module_configure() and
ap_single_module_init(), which are now used by mod_so to configure a module
after loading. [Ralf S. Engelschall]
*) PORT: Add defines for USE_FLOCK_SERIALIZED_ACCEPT and
SINGLE_LISTEN_UNSERIALIZED_ACCEPT to NetBSD/OpenBSD section
of ap_config.h to allow serialized accept for multiport listens.
[Roy Fielding, Curt Sampson] PR#3120
*) PORT: Fixed a misplaced #endif for NetBSD/OpenBSD section
of ap_config.h that would skip several defines if DEFAULT_GROUP
was overridden. [Roy Fielding]
*) PORT: The I86 version of DGUX has support for strncasecmp and
strcasecmp, so allow it in ap_config.h. [Amiel Lee Yee] PR#3247
*) Fix ordering of definitions in ap_config.h so that ap_inline is
defined before it might be used. [Victor Khimenko]
*) PORT: Add Dynamic Shared Object (DSO) support for BSDI (v4.0).
*) Make generation of src/Configuration.apaci more robust: It failed to
differenciate between modules when one module name was a postfix of
another (e.g. cgi vs. fastcgi). We now check for mod_XXX, libXXX and even
just XXX (think about totally non-standard names like "apache_ssl", too).
[Ralf S. Engelschall] PR#3380
*) In src/Configure remove the SERVER_SUBVERSION support (already deprecated
since 1.3b7) and make whitespace handling more robust (it failed horrible
when whitespaces were present in the arguments of -D options).
[Ralf S. Engelschall] PR#3240
*) Add APACI --shadow=DIR variant (in addition to --shadow). This now first
creates an external package shadow tree in DIR before the local build
shadow tree is generated under DIR. This way one can have the extracted
Apache distribution tree read-only on NFS or CDROM and still build Apache
from these sources. An automatically triggered VPATH-like mechanism is
provided through the TOP variable, too.
*) Fix negotiation so that a Vary response header is correctly
generated when, for a particular dimension, variants only vary
in having or not having a value for that dimension. [Paul Sutton]
*) Fix negotiation so that we prefer an encoded variant over an
unencoded variant if the user-agent explicitly says it can
accept that encoding. Previously we always preferred the unencoded
variant.
8138
8139
8140
8141
8142
8143
8144
8145
8146
8147
8148
8149
8150
8151
8152
8153
8154
8155
8156
8157
8158
8159
8160
8161
8162
8163
8164
8165
8166
8167
8168
8169
8170
8171
8172
8173
*) Fix APXS tool: query variables LIBS_SHLIB and TARGET were not recognized
and the usage page was inconsistent with the functionality and manpage.
[Ralf S. Engelschall]
*) Allow special options -Wc,xxx and -Wl,xxx on APXS compile/link command.
They can occur multiple times and their arguments (`xxx') are passed AS
IS to the compiler/linker command. [Ralf S. Engelschall]
*) Fixed possible (but harmless in practice) bug in the DBM lookup
procedure of mod_rewrite: very long keys were truncated.
[Ralf S. Engelschall]
*) Added a generic --with-layout=[FILE:]ID option. ID here is a layout
identifier, currently "Apache" and "GNU" are pre-defined in the file
config.layout. Custom layouts are possible by using FILE:ID as the
argument where the layout ID is taken from FILE.
The config.layout file consists of <Layout ID>..</Layout> sections
where inside those sections "path_variable: path_value" pairs can be
specified. These lines are converted to path_variable='path_value'.
*) Add a DefaultLanguage directive so that files missing a language
extension (e.g., .fr, .de) can be labelled as being some other
default language. DefaultLanguage can appear in <Directory> and
<Files> containers as well as .htaccess files. [Paul Sutton]
PR#1180
*) Fix TARGET configuration when configuring and installing using
APACI configure. TARGET now defines the basename of the configuration
file, startup script, manual page, etc. log_error_core() now reports
the server binary name given by argv[0]. TARGET can now also be defined
with --target=TARGET parameter passed to APACI configure.
[Ralf Engelschall, Randy Terbush]
*) mod_include.c:handle_perl() now properly tests for OPT_INCNOEXEC
*) ap_md5_binary() was using sprintf() rather than a table lookup
to convert binary bytes to hex digits.
*) Fix SEGV in TCN negotiation if no variants are acceptable.
*) API: ap_exists_config_define() function is now "public" [Doug MacEachern]
*) Fix documentation of `Action' directive: It can activate a CGI script
when either a handler or a MIME content type is triggered by the request.
*) Document the `add' command of `dbmmanage' in `dbmmanage.1' manpage.
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
8213
8214
8215
8216
8217
8218
8219
8220
8221
8222
8223
8224
8225
*) Ignore a "ErrorDocument 401" directive with a full URL and write a
notice to the error log. It is not possible to send a 401 response
and a redirect at the same time. [Lars Eilebrecht]
*) Fallback to native compilers for IRIX-32 platform. It seems that
a gcc 2.8.1 compiled apache is logging client addresses with all
bits set (255.255.255.255). This is the second such problem caused
by gcc 2.8.1 compiler. The first being broken semaphore locking.
[Randy Terbush]
*) Updated mime.types to reflect current Internet media types
and include a URL to the registry.
[Manoj Kasichainula, Roy Fielding] PR#2380, 2286, 2246
*) SECURITY: Do a more complete check in mod_include to avoid
an infinite loop of recursive SSI includes. [Marc Slemko] PR#3323
*) Add APACI --suexec-docroot and --suexec-logfile options which can be
used to set the document root directory (DOC_ROOT) and the suexec
logfile (LOG_EXEC), respectively. Additionally the --layout option
was changed to show more information about the suEXEC setup.
[Lars Eilebrecht] PR#3316, 3357, 3361
*) Added the last two WebDAV status codes of 424 (Failed Dependency)
and 507 (Insufficient Storage) for use by third-party modules.
[Roy Fielding]
*) Enabled all of the WebDAV method names for use by third-party
modules, Limit, and Script directives. That includes PATCH,
PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK.
Improved mod_actions.c so that it can use any of the methods
defined in httpd.h. Added ap_method_number_of(method) for
getting the internal method number. [Roy Fielding]
*) PORT: Add a port to the TPF OS. [Joe Moenich <moenich us.ibm.com> and
others at IBM]
*) Fix problems with handling of UNC names (e.g., \\host\path)
*) Rework os_canonical_*() on Win32 so it's simpler, more
PR#2555, 2915, 3064, 3232
*) Work around incomplete implementation of strftime on Win32.
*) Move a typedef to fix compile problems on Linux with 1.x kernels.
[Manoj Kasichainula] PR#3177
*) PORT: Add a port to the Concurrent PowerMAX OS. [Tom Horsley
8244
8245
8246
8247
8248
8249
8250
8251
8252
8253
8254
8255
8256
8257
8258
8259
8260
8261
8262
8263
8264
8265
8266
8267
8268
8269
8270
8271
8272
8273
*) WIN32: Log more explicit error messages if spawning an interpreted
script failed, including the command line used to attempt to execute
the interpreter and the Win32 error code returned. [Marc Slemko]
*) Disable sending of error-notes on a 500 (Internal Server Error) response
since it often includes file path info. Enable sending of error-notes
on a 501 (Method Not Implemented). [Roy Fielding] PR#3173
*) http_config.c would respond with 501 (Method Not Implemented) if a
content type handler was specified but could not be found, which
should have been a 500 response. Likewise, mod_proxy.c would responsd
with a 501 if the URI scheme is unrecognized instead of the correct
response of 403 (Forbidden). [Roy Fielding]
*) SECURITY: Eliminate DoS attack when a bad URI path contains what
looks like a printf format escape. [Marc Slemko, Studenten Net Twente]
*) Fix in mod_autoindex: for files where the last modified time stamp was
unavailable, an empty string was printed which was 2 bytes short.
The size and description columns were therefore not aligned correctly.
[Martin Kraemer] (no PR#)
*) Update BS2000 OS code to work with recent versions. Starting with
release A17, the child fork() must be replaced by a _rfork().
(BS2000 only) [Martin Kraemer]
*) Add the actual server_rec structure of the specific Vhost to the
scoreboard file and avoid a string copy (as well as allow some
further future enhancements). [Harrie Hazewinkel
*) Add APACI --permute-module=foo:bar option which can be used to
on-the-fly/batch permute the order of two modules (mod_foo and mod_bar)
in the Configuration[.apaci] file. Two special and important variants are
supported for the option argument: first BEGIN:foo which permutes module
mod_foo with the begin of the module list, i.e. it `moves' the module to
the begin of the list (gives it lowest priority). And second foo:END
which permutes mod_foo with the end of the module list, i.e. it `moves'
the module to the end of the list (gives it highest priority).
[Ralf S. Engelschall]
*) Fix problem with 'apache -k shutdown' and startup event
PR#3255
*) The config parser wasn't correctly noticing a missing '>'
on container start lines (e.g., it wouldn't spot
"<Directory /" as a syntax error). [Ryan Bloom <rbbloom us.ibm.com>]
PR#3279
*) Add a 'RemoveHandler' directive which will selectively remove
all handler associations for the specified file extensions.
*) Properly handle & allow "nul" and ".*/null" in AccessConfig and
ResourceConfig directives on Win32. Also add a note to the effect
of 'useless User directive ignored on Win32' to the errorlog if
a User directive is encountered on Win32.
*) Fix multiple whitespace handling in imagemaps for mod_imap which was
broken since Apache 1.3.1 where we took out compressing of multiple
spaces in ap_cfg_getline().
*) Fix Berkeley-DB/2.x support in mod_auth_db: The data structures were not
initialized correctly and the db_open() call used an invalid mode
*) PORT: DSO support for UnixWare 7
*) Merge the contents of the {srm,access}.conf-dist* files into the
httpd.conf-dist* files. The srm and access files now contain
only comments, and httpd.conf has all the combined contents in
a rational order. [Ken Coar]
*) PORT: DSO/ELF support for FreeBSD 3.0.
*) Add a "default-handler" handler that calls the default_hander()
function which is normally called for static content. This allows
you to override a specific handler. [Marc Slemko]
*) Further simplify checking for absolute paths by replacing an
hard-coded syntax check with a call to a routine we already created to
*) Log an error if we encounter a malformed "require" directive
in mod_auth if we know that we know that no other module can
deal with it. [Marc Slemko]
*) Remove ap_private_extern method of hiding conflicting symbols
on the NEXT platform because it is not correct for all versions,
and the versions for which it is correct are unknown.
8341
8342
8343
8344
8345
8346
8347
8348
8349
8350
8351
8352
8353
8354
8355
8356
8357
8358
8359
8360
8361
8362
8363
8364
8365
8366
8367
8368
8369
8370
8371
8372
8373
8374
8375
8376
8377
8378
8379
8380
*) Fix inheritance of IndexOptions NameWidth and remove unintended
restriction on +NameWidth, +IconHeight, and +IconWidth. [Ken Coar]
*) Fix per-directory config merging for cases in which a 500 error
is encountered in an .htaccess file somewhere down the tree.
[Ken Coar] PR#2409
*) Minor performance improvement to ap_escape_html(). [Roy Fielding]
*) Fixed a segmentation violation in mod_proxy when a response is
non-cachable. [Roy Fielding, traced by Doug Bloebaum]. PR#2950, 3056
Changes with Apache 1.3.3
*) Added a complete implementation of the Expect header field as
specified in rev-05 of HTTP/1.1. Disabled the 100 Continue
response when we already know the final status, which is mighty
useful for PUT responses that result in 302 or 401. [Roy Fielding]
*) Remove extra trailing whitespace from the getline results as part
of the protocol processing, which is extra nice because it works
between continuation lines, is almost no cost in the normal case
of no extra whitespace, and saves memory. [Roy Fielding]
*) Added new HTTP status codes and default response bodies from the
revised HTTP/1.1 (307, 416, 417), WebDAV (102, 207, 422, 423), and
HTTP Extension Framework (510) specifications. Did not add the
WebDAV 424 and 425 codes because they are bogus. We don't use any
of these codes yet, but they are now available to 3rd-party modules.
[Roy Fielding]
*) Fix a possible race condition between timed-out requests and the
ap_bhalfduplex select that might result in an infinite loop on
platforms that do not validate the descriptor. [Roy Fielding]
*) WIN32: Add "-k shutdown" and "-k restart" options to signal a
running Apache server [Paul Sutton]
*) Fix mod_autoindex bug where directories got a size of "0k" instead
of "-". [Martin Plechsmid <plechsmi karlin.mff.cuni.cz>, Marc Slemko]
PR#3130
*) PORT: DRS 6000 machine. [Paul Debleecker <pdebleecker jetair.be>]
*) Add the server signature text (from the core ServerSignature directive)
to the list of envariables available to scripts, SSI, and the like.
[Ken Coar]
*) PORT: Fix sys/resource.h handling for SCO 3.x platform.
*) Fallback from sysconf-based to plain HZ-based `ticks per second'
calculation in mod_status for all systems which don't have POSIX
sysconf() (like UTS 2.1) and not only for the NEXT platform.
*) Fix `require ...' directive parsing in mod_auth, mod_auth_dbm and
mod_auth_db by using ap_getword_white() (which uses ap_isspace())
instead of ap_getword(..., ' ') (which parses only according to spaces
Ralf S. Engelschall] PR#3105
*) Fix the SERVER_NAME variable under sub-request situations (where
`UseCanonicalName off' is used) like CGI's called from SSI pages or
RewriteCond variables by adopting r->hostname to sub-requests.
*) Fix stderr redirection under syslog-based error logging situation.
*) Document `ErrorLog syslog:facility' variant of error logging.
*) Fix http://localhost/ hints in top-level INSTALL document.
*) Quote paths in default configuration files. [Wilfredo Sanchez]
*) PORT: Remove extra HAVE_SYS_RESOURCE_H define for RHAPSODY since
it is now taken care of properly by the header file tests.
*) Fix problem with scripts and filehandle inheritance on Win32.
*) Win32 name canonicalisation could end up using the server's
working directory to fill in some blanks. [Ken Parzygnat
*) Correct invalid assumption by ap_sub_req_lookup_file() that all
absolute paths begin with "/" -- because they don't on Win32.
*) Add [REDIRECT_]VARIANTS environment variable to mod_speling
so that ErrorDocument 300 processors can reformat the list
if desired. [Ken Coar] PR#2859
*) Add +/- incremental prefixes to IndexOptions keywords, and
enable merging of multiple IndexOptions directives. [Ken Coar]
*) PORT: Allow GuessOS to recognize Unixware 7.0.1 [Steve Cameron
*) Reconstructed the loop through multiple htaccess file names so
that missing files are not confused with unreadable files.
[Roy Fielding]
*) The ap_pfopen and ap_pfdopen routines were failing to protect the
errno on an error, which leads to one error being mistaken for
another when reading non-existent .htaccess files.
[Jim Jagielski]
*) OS/2: The new header tests get things right, need to update
ap_config.h. [Brian Havard]
*) The Perl %ENV hash will now be setup by default when using the
mod_include `perl' command [Doug MacEachern]
*) PORT: Add Pyramid DC/OSx support to configuration mechanism.
*) PORT: Fix sys/resource.h handling for Amdahl's UTS 2.1
*) Correct comment in mod_log_config.c about its internals.
*) Avoid possible line overflow in Configure: Use an awkfile to
handle the creation of modules.c [Jim Jagielski]
Changes with Apache 1.3.2
*) Fix bug in ap_remove_module(), which caused problems for dso's
who were the top_module. [Doug MacEachern]
*) Add support for Berkeley-DB/2.x (in addition to Berkeley-DB/1.x) to
mod_auth_db to both be friendly to users who wants to use this version
and to avoid problems under platforms where only version 2.x is present.
*) When using ap_log_rerror(), make the error message available to the
*ERROR_NOTES envariables by default. [Ken Coar]
*) BS2000 platform only: get rid of the nasty BS2000AuthFile.
You now must define a BS2000Account name for the server User.
This has fewer security implications than the old approach.
[Martin Kraemer]
*) Fix SHARED_CORE feature for HPUX platform: We now use extension `.sl'
instead of `.so' and `SHLIB_PATH' instead of `LD_LIBRARY_PATH' on this
platform to make the braindead HPUX linker happy. Notice, for the module
DSOs we don't have to use this, because these are loaded manually (and
not via HPUX' dld). [Ralf S. Engelschall] PR#2905, PR#2968
*) Remove 64 thread limit on Win32.
8498
8499
8500
8501
8502
8503
8504
8505
8506
8507
8508
8509
8510
8511
8512
8513
8514
8515
8516
8517
8518
8519
8520
8521
8522
8523
*) Remove redundant substitutions in top-level Makefile.tmpl.
[Ralf S. Engelschall]
*) Fix APACI's `Group' configuration adjustment - especially for Linux
platforms where `nogroup' exists in /etc/group. [Ralf S. Engelschall]
*) Make PrintPath work generically instead of having one version
strictly for OS/2. [Jim Jagielski, Brian Havard]
*) Fix the recently introduced C header file checking: We now use the C
pre-processor pass only (and no longer the complete compiler pass) to
determine whether a C header file exists or not. Because only this way
we're safe against inter-header dependencies (which caused horrible
portability problems). The only drawback is that we now have a CPP
configuration variable which has to be determined first (we do a similar
approach as GNU Autoconf does here). When all fails the user still has
the possibility to override it manually via APACI or src/Configuration.
As a fallback for the header check itself we can directly check the
existance of the file under /usr/include, too.
[Ralf S. Engelschall] PR#2777
*) PORT: Added RHAPSODY (Mac OS X Server) support. MAP_TMPFILE defined
as an alternate mechanism for mmap'd shared memory for RHAPSODY.
ap_private_extern defined to hide symbols that conflict with loaded
dynamic libraries on the NEXT and RHAPSODY platforms.
*) Delete PID file on clean shutdowns.
*) Fix mod_auth_*.html documents: NSCA -> NCSA
*) Fix INSTALL document: www.gnu.ai.mit.edu -> www.gnu.org
*) Fix dbmmanage.1 manual page.
*) Fix possible buffer overflow situation in suexec.c.
*) Add some more LIBS for the SCO5 platform which are needed for the already
used -lprot. It's actually a bug in SCO5, of course.
*) Fix documentation of ProxyPass/ProxyPassReverse according to the
8547
8548
8549
8550
8551
8552
8553
8554
8555
8556
8557
8558
8559
8560
8561
8562
8563
8564
8565
8566
8567
8568
8569
8570
8571
8572
*) Remove `-msym' option from LDFLAGS_SHLIB for the Digital UNIX (OSF/1)
platform, because it's only supported under version 4.0 and higher. But
because our GuessOS is still unaware of Digital UNIX versions and the
-msym is just to optimize the DSO statup time a little bit it's safe and
best when we leave it out now. [Ralf S. Engelschall] PR#2969
*) Fix the ap_log_error_old(), ap_log_unixerr() and ap_log_printf()
functions: First all three functions no longer fail on strings containing
"%" chars and second ap_log_printf() no longer does a double-formatting
(instead it directly passes through the message to be formatted to the
real internal formatting function). [Ralf S. Engelschall] PR#2941
*) Allow "Include" directives anywhere in the server config
files (but not .htaccess files). [Ken Coar] PR#2727
*) The proxy was refusing to serve CONNECT requests except to
port 443 (https://) and 563 (snews://). The new AllowCONNECT
directive allows the configuration of the ports to which a
CONNECT is allowed. [Sameer Parekh, Martin Kraemer]
*) mod_expires will now act on content that is not sent from a file
on disk. Previously it would never add an Expires: header to
any response that did not come from a file on disk; the only
case where it still doesn't (and can't) add one for that type of
content is if you are using a modification date based setting.
*) Problems encountered during .htaccess parsing or CGI execution
that lead to a "500 Server Error" condition now provide explanatory
text (in the *ERROR_NOTES envariable) to ErrorDocument 500 scripts.
[Ken Coar] PR#1291
*) Add NameWidth keyword to IndexOptions directive so that the
width of the filename column is customisable. [Ken Coar, Dean Gaudet]
PR#1949, 2324.
*) Recognize lowercase _and_ uppercase `uname' results under
8586
8587
8588
8589
8590
8591
8592
8593
8594
8595
8596
8597
8598
8599
8600
8601
8602
8603
8604
8605
8606
8607
8608
8609
8610
8611
8612
8613
8614
8615
8616
8617
8618
8619
8620
8621
8622
8623
8624
8625
8626
8627
8628
8629
*) As duplicate "HTTP/1.0 200 OK" lines within the header seem to be
a common problem of (mis-administrated?) IIS servers, make the apache
proxy immune to these errors (and ignore the duplicates, but log
the fact to error_log). [Martin Kraemer], after the proposal in PR#2914
*) The <IfModule and <IfDefine block starting directives now only
allow exactly one argument. Previously, the optional negation
character '!' could be separated by whitespace without a syntax
error being reported, albeit defeating the IfModule functionality
(enclosed directives would ALWAYS be executed). By using the
stricter syntax, these hard-to-track errors can be avoided.
[Martin Kraemer]
*) Simplify handling of IndexOptions in mod_autoindex -- and BTW
cause the standalone FancyIndexing directive to logically OR
into any existing IndexOptions settings rather than wiping
them out. [Ken Coar]
*) Changes in ftp proxy: make URL parsing simpler by using the
parsed_uri stuff.
+ Add display of the "current directory" in cases where it's
different from the supplied path (e.g., ftp://user@host/ lives
in /home/user, not in /, therefore clicking on "../" in the
starting directory might send us to /home/).
+ When ftp login fails, (esp. when a user name was part of the
URL already), we now return [401 Unauthorized ] to allow the
browser to pop up an authorization dialog. This makes passwords
slightly less visible (they don't appear in the regular log files)
and implements a functionality that other www proxy servers
already offered.
[Martin Kraemer]
*) Triggered by the recent "Via:" header changes, the proxy module would
dump core for replies with invalid headers (e.g., duplicate
"HTTP/1.0 200 OK" lines). These errors are now logged and the
core dump is avoided. Also, broken replies are not cached.
[Martin Kraemer] PR#2914
*) new `GprofDir' directive when compiled with -DGPROF, where gprof can
plop gmon.out profile data for each child [Doug MacEachern]
*) Use the construct ``"$@"'' instead of ``$*'' in the generated
config.status script to be immune against arguments with whitespaces.
*) Replace the inlined information grabbing stuff for the configuration
adjustment feature (no --without-confadjust) with calls to a new helper
script `buildinfo.sh' which is both more flexible and already proofed to
be more robust against platform differences. This mainly fixes the
recently occured ``sed: command garbled: ...'' problems.
[Ralf S. Engelschall] PR#2776, PR#2848
*) Make ab.c again pass ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''
without complains after we recently added the POST feature.
[Ralf S. Engelschall]
*) Renamed is_HTTP_xxx() macros to ap_is_HTTP_xxx() name. They are used inside
modules as API functions and we forgot them at the big symbol renaming.
[Ralf S. Engelschall]
*) Remove bad reference to non-existing SERVER_VERSION in mod_rewrite.html
*) Dynamically size the filename column of mod_autoindex output.
[Dean Gaudet]
*) Add the ability to do POST requests to the ab benchmarking tool.
8656
8657
8658
8659
8660
8661
8662
8663
8664
8665
8666
8667
8668
8669
8670
8671
8672
8673
8674
8675
8676
8677
8678
8679
8680
8681
8682
8683
8684
8685
8686
8687
8688
8689
8690
8691
8692
8693
*) Bump up MAX_ENV_FLAGS in mod_rewrite.h from the too conservatice limit of
5 to 10 because there are some users out there who always have 5 to 8
variables in one RewriteRule and had to patch mod_rewrite.h for every
release. So 15 should be now more than enough, even for them. (I never
needed more than 4 in my RewriteRules ;-)
[Ralf S. Engelschall]
*) Make the proxy generate and understand Via: headers
[Martin Kraemer]
*) Change the proxy to use tables instead of array_headers for
the header lines. [Martin Kraemer]
*) Make sure the config.status file is not overridden when just
``configure --help'' is used. [Ralf S. Engelschall] PR#2844
*) Split MODULE_MAGIC_NUMBER into _MAJOR/_MINOR numbers. This should
provide a way to trace API changes that add functionality but do
not create a compatibility issue for precompiled modules, etc.
See include/ap_mmn.h for more details. [Randy Terbush]
*) Fix suexec installation under `make install root=xxx' situation.
[Ralf S. Engelschall]
*) Extend the output of the -V switch to include the paths of all
compiled-in configuration files, if they were overridden at
compile time, for least astonishment of the user.
[Martin Kraemer]
*) When READing a request in ExtendedStatus mode, the "old"
vhost, request and client information is not displayed.
[Jim Jagielski]
*) STATUS is no longer available. Full status information now
run-time configurable using the ExtendedStatus directive.
[Jim Jagielski]
*) SECURITY [CAN-1999-1199] (cve.mitre.org):
Eliminate O(n^2) space DoS attacks (and other O(n^2)
cpu time attacks) in header parsing. Add ap_overlap_tables(),
a function which can be used to perform bulk update operations
on tables in a more efficient manner.
8700
8701
8702
8703
8704
8705
8706
8707
8708
8709
8710
8711
8712
8713
8714
8715
8716
8717
8718
8719
8720
8721
8722
8723
8724
8725
8726
8727
8728
8729
8730
8731
8732
8733
8734
8735
8736
8737
8738
8739
8740
8741
8742
8743
8744
8745
*) SECURITY: Added compile-time and configurable limits for
various aspects of reading a client request to avoid some simple
denial of service attacks, including limits on maximum request-line
size (LimitRequestLine), number of header fields (LimitRequestFields),
and size of any one header field (LimitRequestFieldsize). Also added
a configurable directive LimitRequestBody for limiting the size of the
request message body. [Roy Fielding]
*) Make status module aware of DNS and logging states, even if
STATUS not defined. [Jim Jagielski]
*) Fix a problem with the new OS/2 mutexes. [Brian Havard]
*) Enhance mod_speling so that CheckSpelling can be used in
<Directory> containers and .htaccess files. [Ken Coar]
*) API: new ap_custom_response() function for hooking into the
ErrorDocument mechanism at runtime [Doug MacEachern]
*) API: new ap_uuencode() function [Doug MacEachern]
*) API: scan_script_header_err_core() now "public" and renamed
ap_scan_script_header_err_core() [Doug MacEachern]
*) The 'status' module will now show the process pid's and their
state even without full STATUS accounting. [Jim Jagielski]
*) Restore the client IP address to the error log messages, this
was lost during the transition from 1.2 to 1.3. Add a new
function ap_log_rerror() which takes a request_rec * and
formats it appropriately. [Dean Gaudet] PR#2661
*) Cure ap_cfg_getline() of its nasty habit of compressing internal
whitespace in input lines -- including within quoted strings.
[Ken Coar]
but leading and trailing whitespace should continue to be
stripped [Martin Kraemer]
*) Cleanup of the PrintPath/PrintPathOS2 helper functions. Avoid
the ugly use of an env. variable and use command-line args for
alternate $PATH. Make more like advanced 'type's as well.
[Jim Jagielski]
*) The IRIXN32 Rule was being ignored. Configure now correctly adds
-n32 only if IRIXN32 says to. [Jim Jagielski, Alain St-Denis
8747
8748
8749
8750
8751
8752
8753
8754
8755
8756
8757
8758
8759
8760
8761
8762
8763
8764
8765
8766
8767
8768
8769
8770
8771
8772
*) Clean up a warning in mod_proxy. [Ralf S. Engelschall]
*) Renamed __EMX__ (internal define of the gcc port under OS/2) to OS2
following the same idea as "MSVC vs WIN32". Additionally the src/os/emx/
directory was renamed to src/os/os2/ for consistency.
[Brian Havard, Ralf S. Engelschall]
*) Add new Rule SHARED_CHAIN which can be used to enable linking of DSO
files (here modules) against other DSO files (here shared libraries).
This is done by determining a subset of LIBS which can be safely used for
linking the DSOs, i.e. PIC libs and shared libs. Currently the rule is
disabled for all platforms to avoid problems with this (experimental)
rule. But we provide it now for those people how ran into problems and
want to came out by forcing linking against DSOs.
[Ralf S. Engelschall] PR#2587
*) Fix suEXEC start message: Has to be of `notice' level to really get
printed together with the standard startup message because the `notice'
level is handled special inside ap_log_error() for startup messages.
[Ralf S. Engelschall] PR#2761 PR#2761 PR#2765
*) Add correct `model' MIME types from RFC2077 to mime.types file.
[Ralf S. Engelschall] PR#2732
*) Fixed examples in mod_rewrite.html document.
[Youichirou Koga <y-koga jp.FreeBSD.org>, Ralf S. Engelschall] PR#2756
*) Allow ap_read_request errors to propagate through the normal request
handling loop so that the connection can be properly closed with
lingering_close, thus avoiding a potential TCP reset that would
cause the client to miss the HTTP error response. [Roy Fielding]
*) One more portability fix for APACI shadow tree support: Swap order of awk
and sed in top-level configure script to avoid sed fails on some
platforms (for instance SunOS 4.1.3 and NCR SysV) because of the
non-newline-termined output of Awk. [Ralf S. Engelschall] PR#2729
*) PORT: NEC EWS4800 support.
*) Fix a segfault in the proxy on OS/2. [Brian Havard]
*) Fix Win32 part of ap_spawn_child() by providing a reasonable child_info
structure instead of just NULL. This fixes at least the RewriteMap
programs under Win32. [Marco De Michele <mdemichele tin.it>] PR#2483
8793
8794
8795
8796
8797
8798
8799
8800
8801
8802
8803
8804
8805
8806
8807
8808
8809
8810
8811
8812
8813
8814
8815
8816
8817
8818
8819
8820
8821
8822
8823
8824
8825
8826
8827
*) Add workaround to top-level `configure' script for brain dead
`echo' commands which interpet escape sequences per default.
[Ralf S. Engelschall] PR#2654
*) Make sure that the path to the Perl interpreter is correctly
adjusted under `make install' also for the printenv CGI script.
[Ralf S. Engelschall] PR#2595
*) Update the mod_rewrite.html document to correctly reflect the situation
of the `proxy' (`[P]') feature. [Ralf S. Engelschall] PR#2679
*) Fix `install-includes' sub-target of `install' target in top-level
Makefile.tmpl: The umask+cp approach didn't work as expected (especially
for users which extracted the distribution under 'umask 077'), so replace
it by an explicit cp+chmod approach.
[Richard Lloyd, Curt Sampson, Ralf S. Engelschall] PR#2656 PR#2626
*) Fix `distclean' and `clean' targets in src/Makefile.tmpl to have same
behavior and to cleanup correctly even under enabled SHARED_CORE rule.
[Ralf S. Engelschall]
*) Use a more straight forward and thus less problematic Sed command in
src/helper/mkdir.sh script. [Ralf S. Engelschall]
*) Make sure the `configure' scripts doesn't fail when trying to guess the
domainname of the machine and there are multiple `domainname' and
`search' entries in /etc/resolv.conf.
[Ralf S. Engelschall] PR#2710
*) Add note about the SHARED_CORE requirement on some platforms also to the
INSTALL file because a lot of users don't read htdocs/manual/dso.html
first. [Ralf S. Engelschall] PR#2701
*) Fix document "hyperlink" for dso.html in src/Configuration.tmpl
8829
8830
8831
8832
8833
8834
8835
8836
8837
8838
8839
8840
8841
8842
8843
8844
8845
8846
8847
8848
8849
8850
8851
8852
8853
8854
8855
8856
8857
8858
8859
*) Modify mod_rewrite to update the Vary response field if the URL rewriting
engine does any manipulations or decisions based upon request fields.
[Ken Coar] PR#1644
*) Document the special APACI behavior for installation paths where
``/apache'' is appended to paths under some (well defined, of course)
situations to prevent pollution of system locations with Apache files.
[Ralf S. Engelschall] PR#2660
*) Fixed problem with buffered response message not being sent for
the read_request error conditions of URI-too-long (414) and
malformed header fields (400). [Roy Fielding] PR#2646
*) Add support for the Max-Forwards: header line required by RFC2068 for
the TRACE method. This allows apache to TRACE along a chain of proxies
up to a predetermined depth. [Martin Kraemer]
*) Fix SHARED_CORE rule: The CFLAGS_SHLIB variable is no longer doubled
(compilers complained) and the .so.V.R.P filename extension was adjusted
to correctly reflect the 1.3.2 version.
[Ralf S. Engelschall] PR#2644
*) SECURITY: Plug "..." and other canonicalization holes under OS/2.
[Brian Havard]
*) PORT: implement serialized accepts for OS/2. [Brian Havard]
*) mod_include had problems with the fsize and flastmod directives
under WIN32. Fix also avoids the minor security hole of using
".." paths for fsize and flastmod.
*) Fixed some Makefile dependency problems. [Dean Gaudet]
Changes with Apache 1.3.1
*) Disable the incorrect entry for application/msword in the
mod_mime_magic "magic" file because it also matches other Office
documents. [Ralf S. Engelschall] PR#2608
*) Fix broken RANLIB handling in src/Configure (the entry from
src/Configuration.tmpl was ignored) and additionally force RANLIB to
/bin/true under HP/UX where ranlib exists but is deprecated.
[Ralf S. Engelschall] PR#2627
*) 'apachectl status' failed on some systems.
[Steve VanDevender <stevev darkwing.uoregon.edu>, Lars Eilebrecht] PR#2613
8877
8878
8879
8880
8881
8882
8883
8884
8885
8886
8887
8888
8889
8890
8891
8892
8893
8894
8895
8896
8897
8898
8899
8900
8901
8902
8903
8904
8905
8906
8907
8908
8909
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
*) Add new flags for ap_unparse_uri_components() to make it generate
the scheme://sitepart string only, or to omit the query string.
[Martin Kraemer]
*) WIN32: Canonicalize ServerRoot before checking to see if it
is a valid directory. The failure to do this caused certain
ServerRoot settings (eg. "ServerRoot /apache") to be improperly
rejected. [Marc Slemko]
*) Global renaming of C header files to both get rid of conflicts with third
party packages and to again reach consistency:
1. conf.h -> ap_config.h
2. conf_auto.h -> ap_config_auto.h \ these are now merged
3. ap_config.h -> ap_config_auto.h / in the config process
4. compat.h -> ap_compat.h
5. apctype.h -> ap_ctype.h
Backward compatibility files for conf.h and compat.h were created.
*) mod_mmap_static will no longer take action on requests unless at
least one "mmapfile" directive is present in the configuration.
This experimental module has to do some black magic to operate
inside the current API and thus creates side-effects for other
modules under some circumstances.
[Ralf S. Engelschall]
*) Add conservative ticks around more egrep arguments in top-level configure
to avoid problems under brain-dead platforms like Digital UNIX (OSF1).
[Ralf S. Engelschall] PR#2596
*) mod_rewrite created RewriteLock files under the UID of the parent
process, thus the child processes had no write access to the files.
Now a chown() is done on the file to the uid of the children,
if applicable. [Lars Eilebrecht, Ralf S. Engelschall] PR#2341
*) Autogenerate some HAVE_XXXXX_H defines in conf_auto.h (determined via
TestCompile) instead of defining them manually in conf.h based on less
accurate platform definitions. This way we no longer have to fiddle with
OS-type and/or OS-version identifiers to discover whether a system header
file exists or not. Instead we now directly check for the existence of
those esoteric ones.
[Ralf S. Engelschall] PR#2093, PR#2361, PR#2377, PR#2434,
PR#2524, PR#2525, PR#2533, PR#2569
*) mod_setenvif (BrowserMatch* and friends) will now match a missing
field with "^$". [Ken Coar]
*) Set the RTLD_GLOBAL dlopen mode parameter to allow dynamically loaded
modules to load their own modules dynamically. This improves mod_perl
and mod_php3 when these modules are loaded dynamically into Apache.
[Rasmus Lerdorf]
*) Cache a proxied request in the event that the client cancels the
transfer, provided that the configured percentage of the file has
already been transfered. It works for HTTP transfers only. The
new configuration directive is called CacheForceCompletion.
*) Add the "<!DOCTYPE HTML" magic cookie used by modern documents (and
required by HTML 3.2 and later) to mod_mime_magic's conf/magic.
*) Fix yet another signal-based race condition involving nested timers.
Signals suck. [Dean Gaudet]
*) suexec's error messages have been clarified a little bit. [Ken Coar]
*) Clean up some, but perhaps not all, 8-bit character set problems
with config file parsing, and URL parsing. We now define
ap_isdigit(), ap_isupper(), ... which cast to an (unsigned char).
This should work on most modern unixes.
[Dean Gaudet] PR#800, 2282, 2553 (and others)
*) The "handler not found" error was issued in cases where the handler
really did exist, but was just declining to serve the request.
*) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x).
*) The APACI libexecdir was not extended with an "apache/" subdir
if the installation prefix didn't already contain "apache", but
it should be because the DSO files are Apache-specific. Now
libexecdir is treated the same way sysconfdir, datadir, localstatedir
and includedir are already treated.
*) The <Limit> parsing routine was incorrectly treating methods as
case-insensitive. [Ken Coar]
*) The ap_bprintf() code neglected to test if there was an error on
the connection. ap_bflush() misdiagnosed a failure as a success.
[Dean Gaudet]
*) add support for #perl arg interpolation in mod_include
[Doug MacEachern]
*) API: Name changes of table_elts to ap_table_elts, is_table_empty
to ap_is_table_empty and bgetflag to ap_bgetflag. [Ben Laurie]
*) PORT: Add UnixWare 7 support
*) Fix the Guess-DSO-flags-from-Perl stuff in src/Configure: "perl" was
used instead of "$PERL" which contains the correctly determined Perl
interpreter (important for instance on systems where "perl" and "perl5"
exists, like BSDI or FreeBSD, etc).
[Ralf S. Engelschall] PR#2505
*) Move the initial suEXEC-related startup message from plain
fprintf()/stderr to a delayed ap_log_error()-based one to avoid problems
when Apache is started from inetd (instead of standalone). Under this
situation startup messages on stderr lead to problems (the line is sent
to the client in front of the requested document).
[Ralf S. Engelschall] PR#871, PR#1318
*) Add a flag so ap_fnmatch() can be used for case-blind pattern matching.
[Ken Coar, Dean Gaudet]
*) WIN32: Don't collapse multiple slashes in PATH_INFO.
*) WIN32 SECURITY: Eliminate trailing "."s in path components. These are
ignored by the Windows filesystem, and so can be used to bypass security.