Skip to content
CHANGES 432 KiB
Newer Older
7001 7002 7003 7004 7005 7006 7007 7008 7009 7010 7011 7012 7013 7014 7015 7016 7017 7018 7019 7020 7021 7022 7023 7024 7025 7026 7027 7028 7029 7030 7031 7032 7033 7034 7035 7036 7037 7038 7039 7040 7041 7042 7043 7044 7045 7046 7047 7048 7049 7050 7051 7052 7053 7054 7055 7056 7057 7058 7059 7060 7061 7062 7063 7064 7065 7066 7067 7068 7069 7070 7071 7072 7073 7074 7075 7076 7077 7078 7079 7080 7081 7082 7083 7084 7085 7086 7087 7088 7089 7090 7091 7092 7093 7094 7095 7096 7097 7098 7099 7100 7101 7102 7103 7104 7105 7106 7107 7108 7109 7110 7111 7112 7113 7114 7115 7116 7117 7118 7119 7120 7121 7122 7123 7124 7125 7126 7127 7128 7129 7130 7131 7132 7133 7134 7135 7136 7137 7138 7139 7140 7141 7142 7143 7144 7145 7146 7147 7148 7149 7150 7151 7152 7153 7154 7155 7156 7157 7158 7159 7160 7161 7162 7163 7164 7165 7166 7167 7168 7169 7170 7171 7172 7173 7174 7175 7176 7177 7178 7179 7180 7181 7182 7183 7184 7185 7186 7187 7188 7189 7190 7191 7192 7193 7194 7195 7196 7197 7198 7199 7200 7201 7202 7203 7204 7205 7206 7207 7208 7209 7210 7211 7212 7213 7214 7215 7216 7217 7218 7219 7220 7221 7222 7223 7224 7225 7226 7227 7228 7229 7230 7231 7232 7233 7234 7235 7236 7237 7238 7239 7240 7241 7242 7243 7244 7245 7246 7247 7248 7249 7250 7251 7252 7253 7254 7255 7256 7257 7258 7259 7260 7261 7262 7263 7264 7265 7266 7267 7268 7269 7270 7271 7272 7273 7274 7275 7276 7277 7278 7279 7280 7281 7282 7283 7284 7285 7286 7287 7288 7289 7290 7291 7292 7293 7294 7295 7296 7297 7298 7299 7300 7301 7302 7303 7304 7305 7306 7307 7308 7309 7310 7311 7312 7313 7314 7315 7316 7317 7318 7319 7320 7321 7322 7323 7324 7325 7326 7327 7328 7329 7330 7331 7332 7333 7334 7335 7336 7337 7338 7339 7340 7341 7342 7343 7344 7345 7346 7347 7348 7349 7350 7351 7352 7353 7354 7355 7356 7357 7358 7359 7360 7361 7362 7363 7364 7365 7366 7367 7368 7369 7370 7371 7372 7373 7374 7375 7376 7377 7378 7379 7380 7381 7382 7383 7384 7385 7386 7387 7388 7389 7390 7391 7392 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 7403 7404 7405 7406 7407 7408 7409 7410 7411 7412 7413 7414 7415 7416 7417 7418 7419 7420 7421 7422 7423 7424 7425 7426 7427 7428 7429 7430 7431 7432 7433 7434 7435 7436 7437 7438 7439 7440 7441 7442 7443 7444 7445 7446 7447 7448 7449 7450 7451 7452 7453 7454 7455 7456 7457 7458 7459 7460 7461 7462 7463 7464 7465 7466 7467 7468 7469 7470 7471 7472 7473 7474 7475 7476 7477 7478 7479 7480 7481 7482 7483 7484 7485 7486 7487 7488 7489 7490 7491 7492 7493 7494 7495 7496 7497 7498 7499 7500 7501 7502 7503 7504 7505 7506 7507 7508 7509 7510 7511 7512 7513 7514 7515 7516 7517 7518 7519 7520 7521 7522 7523 7524 7525 7526 7527 7528 7529 7530 7531 7532 7533 7534 7535 7536 7537 7538 7539 7540 7541 7542 7543 7544 7545 7546 7547 7548 7549 7550 7551 7552 7553 7554 7555 7556 7557 7558 7559 7560 7561 7562 7563 7564 7565 7566 7567 7568 7569 7570 7571 7572 7573 7574 7575 7576 7577 7578 7579 7580 7581 7582 7583 7584 7585 7586 7587 7588 7589 7590 7591 7592 7593 7594 7595 7596 7597 7598 7599 7600 7601 7602 7603 7604 7605 7606 7607 7608 7609 7610 7611 7612 7613 7614 7615 7616 7617 7618 7619 7620 7621 7622 7623 7624 7625 7626 7627 7628 7629 7630 7631 7632 7633 7634 7635 7636 7637 7638 7639 7640 7641 7642 7643 7644 7645 7646 7647 7648 7649 7650 7651 7652 7653 7654 7655 7656 7657 7658 7659 7660 7661 7662 7663 7664 7665 7666 7667 7668 7669 7670 7671 7672 7673 7674 7675 7676 7677 7678 7679 7680 7681 7682 7683 7684 7685 7686 7687 7688 7689 7690 7691 7692 7693 7694 7695 7696 7697 7698 7699 7700 7701 7702 7703 7704 7705 7706 7707 7708 7709 7710 7711 7712 7713 7714 7715 7716 7717 7718 7719 7720 7721 7722 7723 7724 7725 7726 7727 7728 7729 7730 7731 7732 7733 7734 7735 7736 7737 7738 7739 7740 7741 7742 7743 7744 7745 7746 7747 7748 7749 7750 7751 7752 7753 7754 7755 7756 7757 7758 7759 7760 7761 7762 7763 7764 7765 7766 7767 7768 7769 7770 7771 7772 7773 7774 7775 7776 7777 7778 7779 7780 7781 7782 7783 7784 7785 7786 7787 7788 7789 7790 7791 7792 7793 7794 7795 7796 7797 7798 7799 7800 7801 7802 7803 7804 7805 7806 7807 7808 7809 7810 7811 7812 7813 7814 7815 7816 7817 7818 7819 7820 7821 7822 7823 7824 7825 7826 7827 7828 7829 7830 7831 7832 7833 7834 7835 7836 7837 7838 7839 7840 7841 7842 7843 7844 7845 7846 7847 7848 7849 7850 7851 7852 7853 7854 7855 7856 7857 7858 7859 7860 7861 7862 7863 7864 7865 7866 7867 7868 7869 7870 7871 7872 7873 7874 7875 7876 7877 7878 7879 7880 7881 7882 7883 7884 7885 7886 7887 7888 7889 7890 7891 7892 7893 7894 7895 7896 7897 7898 7899 7900 7901 7902 7903 7904 7905 7906 7907 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 7921 7922 7923 7924 7925 7926 7927 7928 7929 7930 7931 7932 7933 7934 7935 7936 7937 7938 7939 7940 7941 7942 7943 7944 7945 7946 7947 7948 7949 7950 7951 7952 7953 7954 7955 7956 7957 7958 7959 7960 7961 7962 7963 7964 7965 7966 7967 7968 7969 7970 7971 7972 7973 7974 7975 7976 7977 7978 7979 7980 7981 7982 7983 7984 7985 7986 7987 7988 7989 7990 7991 7992 7993 7994 7995 7996 7997 7998 7999 8000
  *) init_modules is now called after the error logs have been opened.  This
     allows modules to emit information messages into the error logs.
     [Dean Gaudet]

  *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging
     information for case where proxy module is not available. [Marc Slemko]

  *) PORT: Apache has need for mutexes to serialize its children around
     accept.  In prior versions either fcntl file locking or flock file
     locking were used.  The method is chosen by the definition of
     USE_xxx_SERIALIZED_ACCEPT in conf.h.  xxx is FCNTL for fcntl(),
     and FLOCK for flock().  New options have been added:
        - SYSVSEM to use System V style semaphores
        - PTHREAD to use POSIX threads (appears to work on Solaris only)
        - USLOCK to use IRIX uslock
     Based on timing various techniques, the following changes were made
     to the defaults:
        - Linux 2.x uses flock instead of fcntl
        - Solaris 2.x uses pthreads
        - IRIX uses SysV semaphores -- however multiprocessor IRIX boxes
          work far faster if you -DUSE_USLOCK_SERIALIZED_ACCEPT
     [Dean Gaudet, Pierre-Yves Kerembellec <Pierre-Yves.Kerembellec@vtcom.fr>,
     Martijn Koster <m.koster@pobox.com>]

  *) PORT: The semantics of accept/select make it very desirable to use
     mutexes to serialize accept when multiple Listens are in use.  But
     in the case where only a single socket is open it is sometimes
     redundant to serialize accept().  Not all unixes do a good job with
     potentially dozens of children blocked on accept() on the same
     socket.  It's now possible to define SINGLE_LISTEN_UNSERIALIZED_ACCEPT and
     the server will avoid serialization when listening on only one socket,
     and use serialization when listening on multiple sockets.
     [Dean Gaudet] PR#467

  *) Configure changes: TestLib replaced by TestCompile, which has
     some additional capability (such as doing a sanity check of
     the compiler and flags selected); the version of Solaris is now
     available via the #define value of SOLARIS2; IRIX n32bit libs
     now supported and selectable by new Configuration Rule: IRIXN32;
     We no longer default to -O2 optimization.  [Jim Jagielski]

  *) Updated Configure: Configuration now uses AddModule to specify
     module source or binary file location, relative to src directory.
     Modules can be dropped into modules/extra, or in their own 
     directory, and modules can come with a Makefile or Configure can 
     create one.  Modules can add compiler or library information to 
     generated Makefiles. [Paul Sutton]

  *) Source core re-organisation: distributed modules are now in 
     modules/standard. All other source code is in main. OS-specific
     code is in os/{unix,emx,win32} directories. [Paul Sutton]

  *) mod_browser has been removed, since it's replaced by mod_setenvif.
     [Ken Coar]

  *) Fix another long-standing bug in sub_req_lookup_file where it would
     happily skip past access checks on subdirectories looked up with
     relative paths.  (It's used by mod_dir, mod_negotiation,
     and mod_include.) [Dean Gaudet]

  *) directory_walk optimization to reduce an O(N*M) loop to O(N+M) where
     N is the number of <Directory> sections, and M is the number of
     components in the filename of an object.

     To achieve this optimization the following config changes were made:
        - Wildcards (* and ?, not the regex forms) in <Directory>s,
          <Files>s, and <Location>s now treat a slash as a special
          character.  For example "/home/*/public_html" previously would
          match "/home/a/andrew/public_html", now it only matches things
          like "/home/bob/public_html".  This mimics /bin/sh behaviour.
        - It's possible now to use [] wildcarding in <Directory>, <Files>
          or <Location>.
        - Regex <Directory>s are applied after all non-regex <Directory>s.

    [Dean Gaudet]

  *) Fix a bug introduced in 1.3a1 directory_walk regarding .htaccess files
     and corrupted paths.  [Dean Gaudet]

  *) Enhanced and cleaned up the URL rewriting engine of mod_rewrite:
     First the grouped parts of RewriteRule pattern matches (parenthesis!) can
     be accessed now via backreferences $1..$9 in RewriteConds test-against
     strings in addition to RewriteRules subst string. Second the grouped
     parts of RewriteCond pattern matches (parenthesis!) can be accessed now
     via backreferences %1..%9 both in following RewriteCond test-against
     strings and RewriteRules subst string. This provides maximum flexibility
     through the use of backreferences.
     Additionally the rewriting engine was cleaned up by putting common
     code to the new expand_backrefs_inbuffer() function. 
     [Ralf S. Engelschall]

  *) When merging the main server's <Directory> and <Location> sections into
     a vhost, put the main server's first and the vhost's second.  Otherwise
     the vhost can't override the main server.  [Dean Gaudet] PR#717

  *) The <Directory> code would merge and re-merge the same section after
     a match was found, possibly causing problems with some modules.
     [Dean Gaudet]

  *) ip-based vhosts are stored and queried using a hashing function, which
     has been shown to improve performance on servers with many ip-vhosts.
     Some other changes had to be made to accommodate this:
        - the * address for vhosts now behaves like _default_
        - the matching process now is:
            - match an ip-vhost directly via hash (possibly matches main
              server)
            - if that fails, just pretend it matched the main server
            - if so far only the main server has been matched, perform
              name-based lookups (ServerName, ServerAlias, ServerPath)
              *only on name-based vhosts*
            - if they fail, look for _default_ vhosts
     [Dean Gaudet, Dave Hankins <dhankins@sugarat.net>]

  *) dbmmanage overhaul:
     - merge dbmmanage and dbmmanage.new functionality, remove dbmmanage.new 
     - tie() to AnyDBM_File which will use one of DB_File, NDBM_File or
       GDBM_File (-ldb, -lndbm, -lgdbm) (trying each in that order)
     - provide better seed for rand
     - prompt for password as per getpass(3) (turn off echo, read from
       /dev/tty, etc.)
     - use "newstyle" crypt based on $Config{osname} ($^O)
     - will not add a user if already in database, use new `update' command
       instead
     - added `check' command to check a users' password
     - added `import' command to convert existing password text-files or 
       dbm files exported with `view'
     - more descriptive usage, general cleanup, 'use strict' clean, etc.
     [Doug MacEachern]

  *) Added psocket() which is a pool form of socket(), various places within
     the proxy weren't properly blocking alarms while registering the cleanup
     for its sockets.  bclose() now uses pclose() and pclosesocket().  There
     was a bug where the client socket was being close()d twice due a still
     registered cleanup.  [Dean Gaudet]

  *) A few cleanups were made to reduce time(), getpid(), and signal() calls.
     [Dean Gaudet]

  *) PORT: AIX >= 4.2 requires -lm due to libc changes.
     [Jason Venner <jason@idiom.com>] PR#667

  *) Enable ``=""'' for RewriteCond directives to match against
     the empty string. This is the preferred way instead of ``^$''.
     [Ralf S. Engelschall]

  *) Fixed an infinite loop in mod_imap for references above the server root
     [Dean Gaudet] PR#748

  *) mod_proxy now has a ReceiveBufferSize directive, similar to
     SendBufferSize, so that the TCP window can be set appropriately
     for LFNs. [Phillip A. Prindeville]

  *) mod_browser has been replaced by the more general mod_setenvif
     (courtesy of Paul Sutton).  BrowserMatch* directives are still
     available, but are now joined by SetEnvIf*, UnSetEnvIf*, and
     UnSetEnvIfZero directives.  [Ken Coar]

  *) "HostnameLookups double" forces double-reverse DNS to succeed in
     order for remote_host to be set (for logging, or for the env var
     REMOTE_HOST).  The old define MAXIMUM_DNS has been deprecated.
     [Dean Gaudet]

  *) mod_access overhaul:
     - Now understands network/netmask syntax (i.e.  10.1.0.0/255.255.0.0)
       and cidr syntax (i.e. 10.1.0.0/16).  PR#762
     - Critical path was sped up by pre-computing a few things at config time.
     - The undocumented syntax "allow user-agents" was removed,
       the replacement is "allow from env=foobar" combined with mod_browser.
     - When used with hostnames it now forces a double-reverse lookup
       no matter what the directory settings are.  This double-reverse
       doesn't affect any of the other routines that use the remote
       hostname.  In particular it's still passed to CGIs and the log
       without the double-reverse check.  Related PR#860.
     [Dean Gaudet]

  *) When a large bwrite() occurs (larger than the internal buffer size),
     while there is already something in the buffer, apache will combine
     the large write and the buffer into a single writev().  (This is
     in anticipation of using mmap() for reading files.)
     [Dean Gaudet]

  *) In obscure cases where a partial socket write occurred while chunking,
     Apache would omit the chunk header/footer on the next block.  Cleaned
     up other bugs/inconsistencies in error conditions in buff.c.  Fixed
     a bug where a long pause in DNS lookups could cause the last packet
     of a response to be unduly delayed.  [Roy Fielding, Dean Gaudet]

  *) API: Added child_exit function to module structure.  This is called
     once per "heavy-weight process" just before a server child exit()'s 
     e.g. when max_requests_per_child is reached, etc.
     [Doug MacEachern, Dean Gaudet]

  *) mod_include cleanup showed that handle_else was being used to handle
     endif.  It didn't cause problems, but it was cleaned up too.
     [Howard Fear]

  *) mod_cern_meta would attempt to find meta files for the directory itself
     in some cases, but not in others.  It now avoids it in all cases.
     [Dean Gaudet]

  *) mod_mime_magic would core dump if there was a decompression error.
     [Martin Kraemer <Martin.Kraemer@mch.sni.de>] PR#904

  *) PORT: some variants of DGUX require -lsocket -lnsl
     [Alexander L Jones <alex@systems-options.co.uk>] PR#732

  *) mod_autoindex now allows sorting of FancyIndexed directory listings
     by the various fields (name, size, et cetera), either in ascending
     or descending order.  Just click on the column header.  [Ken Coar]

  *) PORT: Various tweaks to eliminate pointer-int casting warnings on 64-bit
     CPUs like the Alpha.  Apache still stores ints in pointers, but that's
     the relatively safe direction.  [Dean Gaudet] PR#344

  *) PORT: QNX mmap() support for faster/more reliable scoreboard handling.
     [Igor N Kovalenko <infoh@mail.wplus.net>] PR#683

  *) child_main avoids an unneeded call to select() when there is only one
     listening socket.  [Dean Gaudet]

  *) In the event that the server is starved for idle servers it will
     spawn 1, then 2, then 4, ..., then 32 servers each second,
     doubling each second.  It'll also give a warning in the errorlog
     since the most common reason for this is a poor StartServers
     setting.  The define MAX_SPAWN_RATE can be used to raise/lower
     the maximum.  [Dean Gaudet]

  *) Apache now provides an effectively unbuffered connection for
     CGI scripts.  This means that data will be sent to the client
     as soon as the CGI pauses or stops output; previously, Apache would
     buffer the output up to a fixed buffer size before sending, which
     could result in the user viewing an empty page until the CGI finished
     or output a complete buffer.  It is no longer necessary to use an
     "nph-" CGI to get unbuffered output.  Given that most CGIs are written
     in a language that by default does buffering (e.g. perl) this
     shouldn't have a detrimental effect on performance.

     "nph-" CGIs, which formerly provided a direct socket to the client
     without any server post-processing, were not fully compatible with
     HTTP/1.1 or SSL support.  As such they would have had to implement
     the transport details, such as encryption or chunking, in order
     to work properly in certain situations.  Now, the only difference
     between nph and non-nph scripts is "non-parsed headers".
     [Dean Gaudet, Sameer Parekh, Roy Fielding]

  *) If a BUFF is switched from buffered to unbuffered reading the first
     bread() will return whatever remained in the buffer prior to the
     switch. [Dean Gaudet]

Changes with Apache 1.3a1

  *) Added another Configure helper script: TestLib. It determines
     if a specified library exists.  [Jim Jagielski]

  *) PORT: Allow for use of n32bit libraries under IRIX 6.x
     [derived from patch from Jeff Hayes <jhayes@aw.sgi.com>]
     PR#721

  *) PORT: Some architectures use size_t for various lengths in network
     functions such as accept(), and getsockname().  The definition
     NET_SIZE_T is used to control this. [Dean Gaudet]

  *) PORT: Linux: Attempt to detect glibc based systems and include crypt.h
     and -lcrypt.  Test for various db libraries (dbm, ndbm, db) when
     mod_auth_dbm or mod_auth_db are included.  [Dean Gaudet]

  *) PORT: QNX doesn't have initgroups() which support/suexec.c uses.
     [Igor N Kovalenko <infoh@mail.wplus.net>]

  *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to
     begin with.  "nokeepalive" now works for HTTP/1.1 clients.  Added
     "downgrade-1.0" which causes Apache to pretend it received a 1.0.
     [Dean Gaudet] related PR#875

  *) API: Correct child_init() slot declaration from int to void, to
     match the init() declaration.  Update mod_example to use the new
     hook.  [Ken Coar]

  *) added transport handle slot (t_handle) to the BUFF structure
     [Doug MacEachern]

  *) get_client_block() returns wrong length if policy is
     REQUEST_CHUNKED_DECHUNK.
     [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#815

  *) Support the image map format of FrontPage.  For example:
        rect /url.hrm 10 20 30 40
     ["Chris O'Byrne" <obyrne@iol.ie>] PR#807

  *) PORT: -lresolv and -lsocks were in the wrong order for Solaris.
     ["Darren O'Shaughnessy" <darren@aaii.oz.au>] PR#846

  *) AddModuleInfo directive for mod_info which allows you to annotate
     the output of mod_info.  ["Lou D. Langholtz" <ldl@usi.utah.edu>]

  *) Added NoProxy directive to avoid using ProxyRemote for selected
     addresses.  Added ProxyDomain directive to cause unqualified
     names to be qualified by redirection.
     [Martin Kraemer <Martin.Kraemer@mch.sni.de>]

  *) Support Proxy Authentication, and don't pass the Proxy-Authorize
     header to the remote host in the proxy. [Sameer Parekh and
     Wallace]

  *) Upgraded mod_rewrite from 3.0.6+ to latest officially available version
     3.0.9. This upgrade includes: fixed deadlooping on rewriting to same
     URLs, fixed rewritelog(), fixed forced response code handling on
     redirects from within .htaccess files, disabled pipe locking under
     braindead SunOS 4.1.x, allow env variables to be set even on rules with
     no substitution, bugfixed situations where HostnameLookups is off, made
     mod_rewrite more thread-safe for NT port and fixed problem when creating
     an empty query string via "xxx?".
         This update also removes the copyright of Ralf S. Engelschall,
     i.e. now mod_rewrite no longer has a shared copyright. Instead is is
     exclusively copyrighted by the Apache Group now. This happened because
     the author now has gifted mod_rewrite exclusively to the Apache Group and 
     no longer maintains an external version.
     [Ralf S. Engelschall]

  *) API: Added child_init function to module structure.  This is called
     once per "heavy-weight process" before any requests are handled.
     See http_config.h for more details.  [Dean Gaudet]

  *) Anonymous_LogEmail was logging on each subrequest.
     [Dean Gaudet] PR#421, 868

  *) API: Added is_initial_req() which tests if the request being
     processed is the initial request, or a subrequest.
     [Doug MacEachern]

  *) Extended SSI (mod_include) now handles additional relops for
     string comparisons (<, >, <=, and >=).  [Bruno Wolff III] PR#41

  *) Configure fixed to correctly propagate user-selected options and
     settings (such as CC and OPTIM) to Makefiles other than
     src/Makefile (notably support/Makefile).  [Ken Coar] PR#666, #834

  *) IndexOptions SuppressHTMLPreamble now causes the actual HTML of
     directory indices to start with the contents of the HeaderName file
     if there is one.  If there isn't one, the behaviour is unchanged.
     [Ken Coar, Roy Fielding, Andrey A. Chernov]

  *) WIN32: Modules can now be dynamically loaded DLLs using the
     LoadModule/LoadFile directives. Note that module DLLs must be
     compiled with the multithreaded DLL version of the runtime library.
     [Alexei Kosut and Ben Laurie]

  *) Automatic indexing removed from mod_dir and placed into mod_autoindex.
     This allows the admin to completely remove automatic indexing
     from the server, while still supporting the basic functions of
     trailing-slash redirects and DirectoryIndex files.  Note that if
     you're carrying over an old Configuration file and you use directory
     indexing then you'll want to add:

     Module autoindex_module    mod_autoindex.o

     before mod_dir in your Configuration.  [Dean Gaudet]

  *) popendir/pclosedir created to properly protect directory scanning.
     [Dean Gaudet] PR#525

  *) AliasMatch, ScriptAliasMatch and RedirectMatch directives added,
     giving regex support to mod_alias. <DirectoryMatch>, <LocationMatch>
     and <FilesMatch> sections added to succeed <DirectoryMatch ~>, etc...
     [Alexei Kosut]

  *) The AccessFileName directive can now take more than one filename.
     ["Lou D. Langholtz" <ldl@usi.utah.edu>]

  *) The new mod_mime_magic can be used to "magically" determine the type
     of a file if the extension is unknown.  Based on the unix file(1)
     command.  [Ian Kluft <ikluft@cisco.com>]

  *) We now determine and display the time spent processing a
     request if desired.  [Jim Jagielski]

  *) mod_status: PID field of "dead" child slots no longer displays
     main httpd process's PID.  [Jim Jagielski]

  *) Makefile.nt added - to build all the bits from the command line:
        nmake -f Makefile.nt
         Doesn't yet work properly. [Ben Laurie]

  *) Default text of 404 error is now "Not Found" rather than the
     potentially misleading "File Not Found".  [Ken Coar]

  *) CONFIG: "HostnameLookups" now defaults to off because it is far better
     for the net if we require people that actually need this data to
     enable it.  [Linus Torvalds]

  *) directory_walk() is an expensive function, keep a little more state to
     avoid needless string counting.  Add two new functions make_dirstr_parent
     and make_dirstr_prefix which replace all existing uses of make_dirstr.
     The new functions are a little less general than make_dirstr, but
     work more efficiently (less memory, less string counting).
     [Dean Gaudet]

  *) EXTRA_LFLAGS was changed to EXTRA_LDFLAGS (and LFLAGS was changed
     to LDFLAGS) to avoid complications with lex rules in make files.
     [Dean Gaudet] PR#372

  *) run_method optimized to avoid needless scanning over NULLs in the
     module list.  [Dean Gaudet]

  *) Revamp of (unix) scoreboard management code such that it avoids
     unnecessary traversals of the scoreboard on each hit.  This is
     particularly important for high volume sites with a large
     HARD_SERVER_LIMIT.  Some of the previous operations were O(n^2),
     and are now O(n).  See also SCOREBOARD_MAINTENANCE_INTERVAL in
     httpd.h. [Dean Gaudet]

  *) In configurations using multiple Listen statements it was possible for
     busy sockets to starve other sockets of service.  [Dean Gaudet]

  *) Added hook so standalone_main can be replaced at compile time
     (define STANDALONE_MAIN)
     [Doug MacEachern]

  *) Lowest-level read/write functions in buff.c will be replaced with
     the SFIO library calls sfread/sfwrite if B_SFIO is defined at
     compile time.  The default sfio discipline will behave as apache
     would without sfio compiled in.
     [Doug MacEachern]

  *) Enhance UserDir directive (mod_userdir) to accept a list of
     usernames for the 'disable' keyword, and add 'enable user...' to
     selectively *en*able userdirs if they're globally disabled.
     [Ken Coar]

  *) If NETSCAPE_DBM_COMPAT is defined in EXTRA_CFLAGS then Apache
     will work with Netscape dbm files.  (dbmmanage will probably not
     work however.) [Alexander Spohr <aspohr@netmatic.com>] PR#444

  *) Add a ListenBacklog directive to control the backlog parameter
     passed to listen().  Also change the default to 511 from 512.
     [Marc Slemko]

  *) API: A new handler response DONE which informs apache that the
     request has been handled and it can finish off quickly, similar to
     how it handles errors. [Rob Hartill]

  *) Turn off chunked encoding after sending terminating chunk/footer
     so that we can't do it twice by accident. [Roy Fielding]

  *) mod_expire also issues Cache-Control: max-age headers.
     [Rob Hartill]

  *) API: Added kill_only_once option for free_proc_chain so that it won't
     aggressively try to kill off specific children.  For fastcgi.
     [Stanley Gambarin <gambarin@OpenMarket.com>]

  *) mod_auth deals with extra ':' delimited fields.  [Marc Slemko]

  *) Added IconHeight and IconWidth to mod_dir's IndexOptions directive.
     When used together, these cause mod_dir to emit HEIGHT and WIDTH
     attributes in the FancyIndexing IMG tags.  [Ken Coar]

  *) PORT: Sequent and SONY NEWS-OS support added.  [Jim Jagielski]

  *) PORT: Added Windows NT support
     [Ben Laurie and Ambarish Malpani <ambarish@valicert.com>]

Changes with Apache 1.2.6

  *) mod_include when using XBitHack Full would send ETags in addition to
     sending Last-Modifieds.  This is incorrect HTTP/1.1 behaviour.
     [Dean Gaudet] PR#1133

  *) SECURITY: When a client connects to a particular port/addr, and
     gives a Host: header ensure that the virtual host requested can
     actually be reached via that port/addr.  [Ed Korthof <ed@organic.com>]

  *) Support virtual hosts with wildcard port and/or multiple ports
     properly.  [Ed Korthof <ed@organic.com>]

  *) Fixed some case-sensitivity issues according to RFC2068.
     [Dean Gaudet]

  *) Set r->allowed properly in mod_asis.c, mod_dir.c, mod_info.c,
     and mod_include.c.  [Dean Gaudet]

  *) Variable 'cwd' was being used pointlessly before being set.
     [Ken Coar] PR#1738

  *) SIGURG doesn't exist on all platforms.
     [Mark Andrew Heinrich <heinrich@tinderbox.Stanford.EDU>]

  *) When an error occurs during a POST, or other operation with a
     request body, the body has to be read from the net before allowing
     a keepalive session to continue.  [Roy Fielding] PR#1399

  *) When an error occurs in fcntl() locking suggest the user look up
     the docs for LockFile.  [Dean Gaudet]

  *) table_set() and table_unset() did not deal correctly with
     multiple occurrences of the same key. [Stephen Scheck
     <sscheck@infonex.net>, Ben Laurie] PR#1604

  *) send_fd_length() did not calculate total_bytes_sent properly in error
     cases.  [Ben Reser <breser@regnow.com>] PR#1366

  *) r->connection->user was allocated in the wrong pool causing corruption
     in some cases when used with mod_cern_meta.  [Dean Gaudet] PR#1500

  *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake.
     Also removed the auto-generated link to www.apache.org that was the
     source of so many misdirected bug reports.  [Roy Fielding, Marc Slemko]

  *) Multiple "close" tokens may have been set in the "Connection"
     header, not an error, but a waste.
     [Ronald.Tschalaer@psi.ch] PR#1683

  *) "basic" and "digest" auth tokens should be tested case-insensitive.
     [Ronald.Tschalaer@psi.ch] PR#1599, PR#1666

  *) It appears the "257th byte" bug (see
     htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
     at the 256th byte as well.  Fixed.  [Dean Gaudet]

  *) mod_rewrite would not handle %3f properly in some situations.
     [Ralf Engelschall]

  *) Apache could generate improperly chunked HTTP/1.1 responses when
     the bputc() or rputc() functions were used by modules (such as
     mod_include).  [Dean Gaudet]

  *) #ifdef wrap a few #defines in httpd.h to make life easier on
     some ports.  [Ralf Engelschall]

  *) Fix MPE compilation error in mod_usertrack.c.  [Mark Bixby]

  *) Quote CC='$(CC)' to improve recurse make calls.  [Martin Kraemer]

  *) Avoid B_ERROR redeclaration on sysvr4 systems.  [Martin Kraemer]

Changes with Apache 1.2.5

  *) SECURITY: Fix a possible buffer overflow in logresolve.  This is
     only an issue on systems without a MAXDNAME define or where 
     the resolver returns domain names longer than MAXDNAME.  [Marc Slemko]

  *) Fix an improper length in an ap_snprintf call in proxy_date_canon().
     [Marc Slemko]

  *) Fix core dump in the ftp proxy when reading incorrectly formatted
     directory listings.  [Marc Slemko]

  *) SECURITY: Fix possible minor buffer overflow in the proxy cache.
     [Marc Slemko]

  *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which
     is used to read various types of files such as htaccess and 
     htpasswd files.  [Marc Slemko]

  *) SECURITY: Ensure that the buffer returned by ht_time is always
     properly null terminated.  [Marc Slemko]

  *) SECURITY: General mod_include cleanup, including fixing several
     possible buffer overflows and a possible infinite loop.  This cleanup
     was done against 1.3 code and then backported to 1.2, the result
     is a large difference (due to indentation cleanup in 1.3 code).
     Users interested in seeing a smaller set of relevant differences
     should consider comparing against src/modules/standard/mod_include.c
     from the 1.3b3 release.  Non-indentation changes to mod_include
     between 1.2 and 1.3 were minimal.  [Dean Gaudet, Marc Slemko]

  *) SECURITY: Numerous changes to mod_imap in a general cleanup
     including fixing a possible buffer overflow.  This cleanup also
     was done with 1.3 code as a basis, see the the previous note
     about mod_include.  [Dean Gaudet]

  *) SECURITY: If a htaccess file can not be read due to bad 
     permissions, deny access to the directory with a HTTP_FORBIDDEN.  
     The previous behavior was to ignore the htaccess file if it could not
     be read.  This change may make some setups with unreadable
     htaccess files stop working.  PR#817  [Marc Slemko]

  *) SECURITY: no2slash() was O(n^2) in the length of the input.  
     Make it O(n).  This inefficiency could be used to mount a denial 
     of service attack against the Apache server.  Thanks to 
     Michal Zalewski <lcamtuf@boss.staszic.waw.pl> for reporting
     this.  [Dean Gaudet]

  *) mod_include used uninitialized data for some uses of && and ||.
     [Brian Slesinsky <bslesins@wired.com>] PR#1139

  *) mod_imap should decline all non-GET methods.
     [Jay Bloodworth <jay@pathways.sde.state.sc.us>]

  *) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]

  *) mod_userdir was modifying r->finfo in cases where it wasn't setting
     r->filename.  Since those two are meant to be in sync with each other
     this is a bug.  ["Paul B. Henson" <henson@intranet.csupomona.edu>]

  *) mod_include did not properly handle all possible redirects from sub-
     requests.  [Ken Coar]

  *) Inetd mode (which is buggy) uses timeouts without having setup the
     jmpbuffer. [Dean Gaudet] PR#1064

  *) Work around problem under Linux where a child will start looping
     reporting a select error over and over.
     [Rick Franchuk <rickf@transpect.net>] PR#1107

Changes with Apache 1.2.4

  *) The ProxyRemote change in 1.2.3 introduced a bug resulting in the proxy
     always making requests with the full-URI instead of just the URI path.
     [Marc Slemko, Roy Fielding]

  *) Add -lm for AIX versions >= 4.2 to allow Apache to link properly
     on this platform.  [Marc Slemko]

Changes with Apache 1.2.3

  *) The request to a remote proxy was mangled if it was generated as the
     result of a ProxyPass directive. URL schemes other than http:// were not
     supported when ProxyRemote was used. PR#260, PR#656, PR#699, PR#713,
     PR#812 [Lars Eilebrecht]

  *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging
     information for case where proxy module is not available. [Marc Slemko]

  *) Force proxy to always respond as HTTP/1.0, which it was failing to
     do for errors and cached responses.  [Roy Fielding]

  *) PORT: Improved support for ConvexOS 11.  [Jeff Venters]

Changes with Apache 1.2.2 [not released]

  *) Fixed another long-standing bug in sub_req_lookup_file where it would
     happily skip past access checks on subdirectories looked up with relative
     paths.  (It's used by mod_dir, mod_negotiation, and mod_include.)
     [Dean Gaudet]

  *) Add lockfile name to error message printed out when
     USE_FLOCK_SERIALIZED_ACCEPT is defined.
     [Marc Slemko]

  *) Enhanced the chunking and error handling inside the buffer functions.
     [Dean Gaudet, Roy Fielding]

  *) When merging the main server's <Directory> and <Location> sections into
     a vhost, put the main server's first and the vhost's second.  Otherwise
     the vhost can't override the main server.  [Dean Gaudet] PR#717

  *) The <Directory> code would merge and re-merge the same section after
     a match was found, possibly causing problems with some modules.
     [Dean Gaudet]

  *) Fixed an infinite loop in mod_imap for references above the server root.
     [Dean Gaudet] PR#748

  *) mod_include cleanup showed that handle_else was being used to handle
     endif.  It didn't cause problems, but it was cleaned up too.
     [Howard Fear]

  *) Last official synchronization of mod_rewrite with author version (because
     mod_rewrite is now directly developed by the author at the Apache Group):
     o added diff between mod_rewrite 3.0.6+ and 3.0.9
       minus WIN32/NT stuff, but plus copyright removement.
       In detail:
       - workaround for detecting infinite rewriting loops
       - fixed setting of env vars when "-" is used as subst string
       - fixed forced response code on redirects (PR#777)
       - fixed cases where r->args is ""
       - kludge to disable locking on pipes under braindead SunOS
       - fix for rewritelog in cases where remote hostname is unknown
       - fixed totally damaged request_rec walk-back loop
     o remove static from local data and add static to global ones.
     o replaced ugly proxy finding stuff by simple
       find_linked_module("mod_proxy") call.
     o added missing negation char on rewritelog()
     o fixed a few comment typos
     [Ralf S. Engelschall]

  *) Anonymous_LogEmail was logging on each subrequest.
     [Dean Gaudet] PR#421, PR#868

  *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to
     begin with.  "nokeepalive" now works for HTTP/1.1 clients.  Added
     "downgrade-1.0" which causes Apache to pretend it received a 1.0.
     Additionally mod_browser now triggers during translate_name to workaround
     a deficiency in the header_parse phase.
     [Dean Gaudet] PR#875

  *) get_client_block() returns wrong length if policy is 
     REQUEST_CHUNKED_DECHUNK.
     [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#815

  *) Properly treat <files> container like other containers in mod_info.
     [Marc Slemko] PR#848

  *) The proxy didn't treat the "Host:" keyword of the host header as case-
     insensitive.  The proxy would corrupt the first line of a response from
     an HTTP/0.9 server.  [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#813,814

  *) mod_include would log some bogus values occasionally.
     [Skip Montanaro <skip@calendar.com>, Marc Slemko] PR#797

  *) PORT: The slack fd changes in 1.2.1 introduced a problem with SIGHUP
     under Solaris 2.x (up through 2.5.1).  It has been fixed.
     [Dean Gaudet] PR#832

  *) API: In HTTP/1.1, whether or not a request message contains a body
     is independent of the request method and based solely on the presence
     of a Content-Length or Transfer-Encoding.  Therefore, our default
     handlers need to be prepared to read a body even if they don't know
     what to do with it; otherwise, the body would be mistaken for the
     next request on a persistent connection.  discard_request_body()
     has been added to take care of that.  [Roy Fielding] PR#378

  *) API: Symbol APACHE_RELEASE provides a numeric form of the Apache
     release version number, such that it always increases along the
     same lines as our source code branching.  [Roy Fielding]

  *) Minor oversight on multiple variants fixed.  [Paul Sutton] PR#94

Changes with Apache 1.2.1

  *) SECURITY: Don't serve file system objects unless they are plain files,
     symlinks, or directories.  This prevents local users from using pipes
     or named sockets to invoke programs for an extremely crude form of
     CGI.  [Dean Gaudet]

  *) SECURITY: HeaderName and ReadmeName were settable in .htaccess and
     could contain "../" allowing a local user to "publish" any file on
     the system.  No slashes are allowed now.  [Dean Gaudet]

  *) SECURITY: It was possible to violate the symlink Options using mod_dir
     (headers, readmes, titles), mod_negotiation (type maps), or
     mod_cern_meta (meta files).  [Dean Gaudet]

  *) SECURITY: Apache will refuse to run as "User root" unless
     BIG_SECURITY_HOLE is defined at compile time.  [Dean Gaudet]

  *) CONFIG: If a symlink pointed to a directory then it would be disallowed
     if it contained a .htaccess disallowing symlinks.  This is contrary
     to the rule that symlink permissions are tested with the symlink
     options of the parent directory.  [Dean Gaudet] PR#353

  *) CONFIG: The LockFile directive can be used to place the serializing
     lockfile in any location.  It previously defaulted to /usr/tmp/htlock.
     [Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
     Marc Slemko]

  *) Request processing now retains state of whether or not the request
     body has been read, so that internal redirects and subrequests will
     not try to read it twice (and block). [Roy Fielding]

  *) Add a placeholder in modules/Makefile to avoid errors with certain
     makes. [Marc Slemko]

  *) QUERY_STRING was unescaped in mod_include, it shouldn't be.
     [Dean Gaudet] PR#644

  *) mod_include was not properly changing the current directory.
     [Marc Slemko] PR#742

  *) Attempt to work around problems with third party libraries that do not
     handle high numbered descriptors (examples include bind, and
     solaris libc).  On all systems apache attempts to keep all permanent
     descriptors above 15 (called the low slack line).  Solaris users
     can also benefit from adding -DHIGH_SLACK_LINE=256 to EXTRA_CFLAGS
     which keeps all non-FILE * descriptors above 255.  On all systems
     this should make supporting large numbers of vhosts with many open
     log files more feasible.  If this causes trouble please report it,
     you can disable this workaround by adding -DNO_SLACK to EXTRA_CFLAGS.
     [Dean Gaudet] various PRs

  *) Related to the last entry, network sockets are now opened before
     log files are opened.  The only known case where this can cause
     problems is under Solaris with many virtualhosts and many Listen
     directives.  But using -DHIGH_SLACK_LINE=256 described above will
     work around this problem.  [Dean Gaudet]

  *) USE_FLOCK_SERIALIZED_ACCEPT is now default for FreeBSD, A/UX, and
     SunOS 4.

  *) Improved unix error response logging.  [Marc Slemko]

  *) Update mod_rewrite from 3.0.5 to 3.0.6.  New ruleflag
     QSA=query_string_append.  Also fixed a nasty bug in per-dir context:
     when a URL http://... was used in conjunction with a special
     redirect flag, e.g. R=permanent, the permanent status was lost.
     [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>, Ralf S. Engelschall]

  *) If an object has multiple variants that are otherwise equal Apache
     would prefer the last listed variant rather than the first.
     [Paul Sutton] PR#94

  *) "make clean" at the top level now removes *.o.  [Dean Gaudet] PR#752

  *) mod_status dumps core in inetd mode.  [Marc Slemko and Roy Fielding]
     PR#566

  *) pregsub had an off-by-1 in its error checking code. [Alexei Kosut]

  *) PORT: fix rlim_t problems with AIX 4.2. [Marc Slemko] PR#333

  *) PORT: Update UnixWare support for 2.1.2.
     [Lawrence Rosenman <ler@lerctr.org>] PR#511

  *) PORT: NonStop-UX [Joachim Schmitz <schmitz_joachim@tandem.com>] PR#327

  *) PORT: Update ConvexOS support for 11.5.
     [David DeSimone <fox@convex.com>] PR#399

  *) PORT: Support for DEC cc compiler under ULTRIX.
     ["P. Alejandro Lopez-Valencia" <alejolo@ideam.gov.co>] PR#388

  *) PORT: Support for Maxion/OS SVR4.2 Real Time Unix. [no name given] PR#383

  *) PORT: Workaround for AIX 3.x compiler bug in http_bprintf.c.  
     [Marc Slemko] PR#725

  *) PORT: fix problem compiling http_bprintf.c with gcc under SCO
     [Marc Slemko] PR#695

Changes with Apache 1.2

Changes with Apache 1.2b11

  *) Fixed open timestamp fd in proxy_cache.c [Chuck Murcko]

  *) Added undocumented perl SSI mechanism for -DUSE_PERL_SSI and mod_perl.
     [Doug MacEachern, Rob Hartill]

  *) Proxy needs to use hard_timeout instead of soft_timeout when it is
     reading from one buffer and writing to another, at least until it has
     a custom timeout handler.  [Roy Fielding and Petr Lampa]

  *) Fixed problem on IRIX with servers hanging in IdentityCheck,
     apparently due to a mismatch between sigaction and setjmp.
     [Roy Fielding] PR#502

  *) Log correct status code if we timeout before receiving a request (408)
     or if we received a request-line that was too long to process (414).
     [Ed Korthof and Roy Fielding] PR#601

  *) Virtual hosts with the same ServerName, but on different ports, were
     not being selected properly.  [Ed Korthof]

  *) Added code to return the requested IP address from proxy_host2addr()
     if gethostbyaddr() fails due to reverse DNS lookup problems. Original
     change submitted by Jozsef Hollosi <hollosi@sbcm.com>.
     [Chuck Murcko] PR#614

  *) If multiple requests on a single connection are used to retrieve
     data from different virtual hosts, the virtual host list would be
     scanned starting with the most recently used VH instead of the first,
     causing most virtual hosts to be ignored.
     [Paul Sutton and Martin Mares] PR#610

  *) The OS/2 handling of process group was broken by a porting patch for
     MPE, so restored prior code for OS/2.  [Roy Fielding and Garey Smiley]

  *) Inherit virtual server port from main server if none (or "*") is
     given for VirtualHost.  [Dean Gaudet] PR#576

  *) If the lookup for a DirectoryIndex name with content negotiation
     has found matching variants, but none are acceptable, return the
     negotiation result if there are no more DirectoryIndex names to lookup.
     [Petr Lampa and Roy Fielding]

  *) If a soft_timeout occurs after keepalive is set, then the main child
     loop would try to read another request even though the connection
     has been aborted.  [Roy Fielding]

  *) Configure changes: Allow for whitespace at the start of a
     Module declaration. Also, be more understanding about the
     CC=/OPTIM= format in Configuration. Finally, fix compiler
     flags if using HP-UX's cc compiler. [Jim Jagielski]

  *) Subrequests and internal redirects now inherit the_request from the
     original request-line. [Roy Fielding]

  *) Test for error conditions before creating output header fields, since
     we don't want the error message to include those fields.  Likewise,
     reset the content_language(s) and content_encoding of the response
     before generating or redirecting to an error message, since the new
     message will have its own Content-* definitions. [Dean Gaudet]

  *) Restored the semantics of headers_out (headers sent only with 200..299
     and 304 responses) and err_headers_out (headers sent with all responses).
     Avoid the overhead of copying tables if err_headers_out is empty
     (the usual case).  [Roy Fielding]

  *) Fixed a couple places where a check for the default Content-Type was
     not properly checking both the value configured by the DefaultType
     directive and the DEFAULT_TYPE symbol in httpd.h.  Changed the value
     of DEFAULT_TYPE to match the documented default (text/plain).
     [Dean Gaudet] PR#506

  *) Escape the HTML-sensitive characters in the Request-URI that is
     output for each child by mod_status. [Dean Gaudet and Ken Coar] PR#501

  *) Properly initialize the flock structures used by the mutex locking
     around accept() when USE_FCNTL_SERIALIZED_ACCEPT is defined.
     [Marc Slemko]

  *) The method for determining PATH_INFO has been restored to the pre-1.2b
     (and NCSA httpd) definition wherein it was the extra path info beyond
     the CGI script filename.  The environment variable FILEPATH_INFO has
     been removed, and instead we supply the original REQUEST_URI to any
     script that wants to be Apache-specific and needs the real URI path.
     This solves a problem with existing scripts that use extra path info
     in the ScriptAlias directive to pass options to the CGI script.
     [Roy Fielding]

  *) The _default_ change in 1.2b10 will change the behaviour on configs
     that use multiple Listen statements for listening on multiple ports.
     But that change is necessary to make _default_ consistent with other
     forms of <VirtualHost>.  It requires such configs to be modified
     to use <VirtualHost _default_:*>.  The documentation has been
     updated.  [Dean Gaudet] PR#530

  *) If an ErrorDocument CGI script is used to respond to an error
     generated by another CGI script which has already read the message
     body of the request, the server would block trying to read the
     message body again.  [Rob Hartill]

  *) signal() replacement conflicted with a define on QNX (and potentially
     other platforms). Fixed. [Ben Laurie] PR#512

Changes with Apache 1.2b10

  *) Allow HTTPD_ROOT, SERVER_CONFIG_FILE, DEFAULT_PATH, and SHELL_PATH
     to be configured via -D in Configuration.  [Dean Gaudet] PR#449

  *) <VirtualHost _default_:portnum> didn't work properly.  [Dean Gaudet]

  *) Added prototype for mktemp() for SUNOS4 [Marc Slemko]

  *) In mod_proxy.c, check return values for proxy_host2addr() when reading
     config, in case the hostent struct returned is trash.
     [Chuck Murcko] PR #491

  *) Fixed the fix in 1.2b9 for parsing URL query info into args for CGI
     scripts.  [Dean Gaudet, Roy Fielding, Marc Slemko]

Changes with Apache 1.2b9  [never announced]

  *) Reset the MODULE_MAGIC_NUMBER to account for the unsigned port
     changes and in anticipation of 1.2 final release.  [Roy Fielding]

  *) Fix problem with scripts not receiving a SIGPIPE when client drops
     the connection (e.g., when user presses Stop).  Apache will now stop
     trying to send a message body immediately after an error from write.
     [Roy Fielding and Nathan Kurz] PR#335

  *) Rearrange Configuration.tmpl so that mod_rewrite has higher priority
     than mod_alias, and mod_alias has higher priority than mod_proxy;
     rearranged other modules to enhance understanding of their purpose
     and relative order (and maybe even reduce some overhead).
     [Roy Fielding and Sameer Parekh]

  *) Fix graceful restart.  Eliminate many signal-related race
     conditions in both forms of restart, and in SIGTERM.  See
     htdocs/manual/stopping.html for details on stopping and
     restarting the parent.  [Dean Gaudet]

  *) Fix memory leaks in mod_rewrite, mod_browser, mod_include.  Tune
     memory allocator to avoid a behaviour that required extra blocks to
     be allocated.  [Dean Gaudet]

  *) Allow suexec to access files relative to current directory but not
     above.  (Excluding leading / or any .. directory.)  [Ken Coar]
     PR#269, 319, 395

  *) Fix suexec segfault when group doesn't exist. [Gregory Neil Shapiro]
     PR#367, 368, 354, 453

  *) Fix the above fix: if suexec is enabled, avoid destroying r->url
     while obtaining the /~user and save the username in a separate data
     area so that it won't be overwritten by the call to getgrgid(), and
     fix some misuse of the pool string allocation functions.  Also fixes
     a general problem with parsing URL query info into args for CGI scripts.
     [Roy Fielding] PR#339, 367, 354, 453

  *) Fix IRIX warning about bzero undefined. [Marc Slemko]

  *) Fix problem with <Directory proxy:...>. [Martin Kraemer] PR#271

  *) Corrected spelling of "authoritative".  AuthDBAuthoratative became
     AuthDBAuthoritative. [Marc Slemko] PR#420

  *) MaxClients should be at least 1. [Lars Eilebrecht] PR#375

  *) The default handler now logs invalid methods or URIs (i.e. PUT on an
     object that can't be PUT, or FOOBAR for some method FOOBAR that
     apache doesn't know about at all).  Log 404s that occur in mod_include.
     [Paul Sutton, John Van Essen]

  *) If a soft timeout (or lingerout) occurs while trying to flush a
     buffer or write inside buff.c or fread'ing from a CGI's output,
     then the timeout would be ignored. [Roy Fielding] PR#373

  *) Work around a bug in Netscape Navigator versions 2.x, 3.x and 4.0b2's