Skip to content
CHANGES 653 KiB
Newer Older
  [Remove entries to the current 2.0 and 2.2 section below, when backported]
Nick Kew's avatar
Nick Kew committed
  *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]

  *) Fix typo in ProxyStatus syntax error message.
     [Christophe Jaillet <christophe.jaillet wanadoo.fr>]

  *) Asynchronous write completion for the Event MPM.  [Brian Pane]

  *) Added an End-Of-Request bucket type.  The logging of a request and
     the freeing of its pool are now done when the EOR bucket is destroyed.
     This has the effect of delaying the logging until right after the last
     of the response is sent; ap_core_output_filter() calls the access logger
     indirectly when it destroys the EOR bucket.  [Brian Pane]

  *) Rewrite of logresolve support utility: IPv6 addresses are now supported
     and the format of statistical output has changed. [Colm MacCarthaigh]

  *) Rewrite of ap_coreoutput_filter to do nonblocking writes  [Brian Pane]

  *) Added new connection states for handler and write completion
     [Brian Pane]

  *) Preserve the Content-Length header for a proxied HEAD request.
     PR 18757 [Greg Ames]
Nick Kew's avatar
Nick Kew committed
  *) New module: mod_authn_dbd [Nick Kew]

  *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs.  PR 34264.
     [Justin Erenkrantz]

Jeff Trawick's avatar
Jeff Trawick committed
  *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
     allowing string-valued client certificate attributes to be used for
     access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
     [Martin Kraemer, David Reid]

  *) mod_negotiation: Minor performance tweak by reusing already calculated
     strlen.
     [Ruediger Pluem, Christophe Jaillet <christophe.jaillet wanadoo.fr>]

  *) Remove support for 'On' and 'Off' for AuthBasicProvider and
     AuthDigestProvider.  [Joshua Slive, Justin Erenkrantz]

  *) Add in new UseCanonicalPhysicalPort directive, which controls
     whether or not Apache will ever use the actual physical port
     when constructing the canonical port number. [Jim Jagielski]

  *) mod_dav: Fix a null pointer dereference in an error code path during the
     handling of MKCOL.
     [Ruediger Pluem, Ghassan Misherghi <ghassanm ucdavis.edu>]

  *) Fix DESTDIR=... installation when using bundled copy of APR.
     [Torsten Foertsch <torsten.foertsch gmx.net>]

  *) mod_proxy_balancer: When finding best worker, use case insensitive
     match for scheme and host, but case sensitive for the rest of
     the path. [Jim Jagielski, Ruediger Pluem]

  *) mod_proxy_ajp: Do not spool the entire response from AJP backend before
     sending it up the filter chain. PR37100.  [Ruediger Pluem]

  *) mod_cache: Create new filters CACHE_OUT_SUBREQ / CACHE_SAVE_SUBREQ which
     only differ by the type from CACHE_OUT / CACHE_SAVE to ensure that
     subrequests to non local resources work again. [Ruediger Pluem]

  *) mod_proxy: Do not lowercase the entire worker name of a BalancerMember
     since this breaks case sensitive URI's. PR36906.  [Ruediger Pluem]

  *) core: AddOutputFilterByType is ignored for proxied requests. PR31226.
     [Joe Orton, Ruediger Pluem]

  *) mod_proxy_http: Prevent data corruption of POST request bodies when
     client accesses proxied resources with SSL. PR37145.
     [Ruediger Pluem, William Rowe]

  *) mod_proxy_balancer: BalancerManager and proxies correctly handle
     member workers with paths. PR36816. [Ruediger Pluem, Jim Jagielski]

  *) mod_log_config: %{hextid}P will log the thread id in hex with APR
     versions 1.2.0 or higher.  [Jeff Trawick]

  *) httpd.exe/apachectl -V: display the DYNAMIC_MODULE_LIMIT setting, as
     in 1.3.  [Jeff Trawick]

Nick Kew's avatar
Nick Kew committed
  *) Support dbd connections tied to the conn_rec [Nick Kew]

  *) Move mod_dbd to /modules/database/ [Nick Kew]

  *) Move mod_filter and mod_charset_lite to /modules/filters/ [Nick Kew]

  *) Fix mod_dbd's config [Brian J. France <list firehawksystems.com>]

  *) mod_proxy_ajp: mod_proxy_ajp sends empty SSL attributes for non SSL
     connections. PR36883.
     [William Barker <william.barker wilshire.com>, Ruediger Pluem]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Elimiated the NET_TIME filter, restructuring the timeout logic.
     This provides a working mod_echo on all platforms, and ensures any
     custom protocol module is at least given an initial timeout value
     based on the <VirtualHost > context's Timeout directive.
     [William Rowe]

  *) mod_proxy: Run the request_status hook also if there are no free workers
     or all workers are in error state.
     [Ruediger Pluem, Brian Akins <brian.akins turner.com>]

  *) mod_proxy_balancer: mod_proxy_balancer does not handle sticky sessions
     with tomcat correctly. PR36507. [Ruediger Pluem]

  *) mod_proxy_connect: Fix high CPU loop on systems like UnixWare which
     trigger POLL_ERR or POLL_HUP on a terminated connection.  PR 36951.
     [Jeff Trawick, Ruediger Pluem]

  *) SECURITY: CVE-2005-2970 (cve.mitre.org)
Jeff Trawick's avatar
Jeff Trawick committed
     worker MPM: Fix a memory leak which can occur after an aborted
     connection in some limited circumstances.  [Greg Ames]
Jeff Trawick's avatar
Jeff Trawick committed

  *) Doxygen fixup [Neale Ranns <neale ranns.org>, Ian Holsman]

  *) mod_cache/mod_dir: Correct a subrequest lookup bug which was preventing
     mod_dir from serving indexes correctly with mod_cache enabled. 
     [Colm MacCarthaigh]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
Changes with Apache 2.1.8

Joe Orton's avatar
Joe Orton committed
  *) Fix lingering close implementation to match 1.3.x behaviour.
     PR 35292.  [Joe Orton]

  *) mod_ssl: Support limited buffering of request bodies to allow 
     per-location renegotiation to proceed.  PR 12355.  [Joe Orton]
Joe Orton's avatar
Joe Orton committed
  *) Fix regression since 2.0.x in AllowOverride Options handling. 
     PR 35330.  [kabe <kabe sra-tohoku.co.jp>]

  *) mod_ssl: Fix memory leak in ssl_util_algotypeof().
     PR 25659.  [David Blake <dblake hp com>, Martin Kraemer]
Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) prefork, worker and event MPMs: Support a graceful-stop procedure:
     Server will wait until existing requests are finished or until  
     "GracefulShutdownTimeout" number of seconds before exiting. 
     [Colm MacCarthaigh, Ken Coar, Bill Stoddard]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) prefork, worker and event MPMs: Prevent children from holding open 
     listening ports upon graceful restart or stop. PR 28167. 
     [Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]

  *) SECURITY: CVE-2005-2700 (cve.mitre.org)
Joe Orton's avatar
Joe Orton committed
     mod_ssl: Fix a security issue where "SSLVerifyClient" was not
     enforced in per-location context if "SSLVerifyClient optional"
     was configured in the vhost configuration.  [Joe Orton]

  *) mod_ssl: Catch parse errors from misconfigured or malformed
     CRLs.  PR 36438.  [Joe Orton]

  *) mod_proxy/mod_proxy_balancer: lbmethods now implemented as
     providers. Prevent problems when no Vhost containers were
     configured with proxy balancers. [Jim Jagielski]

  *) New provider function to list all available provider names in a
     specific group and version (ap_list_provider_names). [Jim Jagielski]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) mod_cache: Enhance CacheEnable/CacheDisable to control caching on a
     per-protocol, per-host and per-path basis. Intended for proxy
     configurations. [Colm MacCarthaigh]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) mod_disk_cache: Canonicalise the storage key, for improved hit/miss
     ratio. [Colm MacCarthaigh]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) mod_cgid: Append .PID to the script socket filename and remove the
     script socket on exit. [Colm MacCarthaigh, Jim Jagielski]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) mod_cgid: run the get_suexec_identity hook within the request-handler 
     instead of within cgid. PR 36410. [Colm MacCarthaigh]

Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed
  *) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
     of SIGUSR1 clashing with graceful restart signal. [Colm MacCarthaigh]

Changes with Apache 2.1.7
Colm MacCarthaigh's avatar
 
Colm MacCarthaigh committed

  *) SECURITY: CVE-2005-2491 (cve.mitre.org): 
     Fix integer overflows in PCRE in quantifier parsing which could
     be triggered by a local user through use of a carefully-crafted 
     regex in an .htaccess file.  [Philip Hazel]

  *) mod_proxy/mod_proxy_balancer: Provide a simple, functional
     interface to add additional balancer lb selection methods
     without requiring code changes to mod_proxy/mod_proxy_balancer;
     these can be implemented via sub-modules now. [Jim Jagielski]

  *) mod_cache: Fix incorrectly served 304 responses when expired cache
     entity is valid, but cache is unwritable and headers cannot be
     updated.  [Colm MacCarthaigh <colm stdlib.net>]

  *) mod_cache: Remove entities from the cache when re-validation
Loading full blame...