Skip to content
CHANGES 75.9 KiB
Newer Older
Paul Querna's avatar
Paul Querna committed

Jim Jagielski's avatar
Jim Jagielski committed
Changes with Apache 2.3.11

  *) mod_proxy: balancer-manager now uses POST instead of GET.
     [Jim Jagielski]

  *) core: new util function: ap_parse_form_data(). Previously,
     this capability was tucked away in mod_request. [Jim Jagielski]

  *) core: new hook: ap_run_pre_read_request. [Jim Jagielski]

  *) mod_cache: When a request other than GET or HEAD arrives, we must
     invalidate existing cache entities as per RFC2616 13.10. PR 15868.
     [Graham Leggett]

  *) modules: Fix many modules that were not correctly initializing if they
     were not active during server startup but got enabled later during a
     graceful restart. [Stefan Fritsch]

  *) core: Create new ap_state_query function that allows modules to determine
     if the current configuration run is the initial one at server startup,
     and if the server is started for testing/config dumping only.
     [Stefan Fritsch]

  *) mod_proxy: Runtime configuration of many parameters for existing
     balancers via the balancer-manager. [Jim Jagielski]

  *) mod_proxy: Runtime addition of new workers (BalancerMember) for existing
     balancers via the balancer-manager. [Jim Jagielski]

  *) mod_cache: When a bad Expires date is present, we need to behave as if
     the Expires is in the past, not as if the Expires is missing. PR 16521.
     [Co-Advisor <coad@measurement-factory.com>]

  *) mod_cache: We must ignore quoted-string values that appear in a
     Cache-Control header. PR 50199. [Graham Leggett]

Stefan Fritsch's avatar
Stefan Fritsch committed
  *) mod_dav: Revert change to send 501 error if unknown Content-* header is
    received for a PUT request. PR 42978. [Stefan Fritsch]

  *) mod_cache: Respect s-maxage as described by RFC2616 14.9.3, which must
     take precedence if present. PR 35247. [Graham Leggett]
Graham Leggett's avatar
Graham Leggett committed
  *) mod_ssl: Fix a possible startup failure if multiple SSL vhosts
     are configured with the same ServerName and private key file.
     [Masahiro Matsuya <mmatsuya redhat.com>, Joe Orton]

  *) mod_socache_dc: Make module compile by fixing some typos.
     PR 50735 [Mark Montague <mark catseye.org>]

  *) prefork: Update MPM state in children during a graceful stop or
     restart.  PR 41743.  [Andrew Punch <andrew.punch 247realmedia.com>]

  *) mod_mime: Ignore leading dots when looking for mime extensions.
     PR 50434 [Stefan Fritsch]

  *) core: Add support to set variables with the 'Define' directive. The
     variables that can then be used in the config using the ${VAR} syntax
     known from envvar interpolation. [Stefan Fritsch]

  *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
     ProxyAddHeaders defaults to On. [Vincent Deffontaines]

  *) mod_slotmem_shm: Increase memory alignment for slotmem data.
     [Rainer Jung]

  *) mod_ssl: Add config options for OCSP: SSLOCSPResponderTimeout,
     SSLOCSPResponseMaxAge, SSLOCSPResponseTimeSkew.  
     [Kaspar Brand <httpd-dev.2011 velox.ch>]

  *) mod_ssl: Revamp output buffering to reduce network overhead for
     output fragmented into many buckets, such as chunked HTTP responses.
     [Joe Orton] 

  *) core: Apply <If> sections to all requests, not only to file base requests.
     Allow to use <If> inside <Directory>, <Location>, and <Files> sections.
     The merging of <If> sections now happens after the merging of <Location>
     sections, even if an <If> section is embedded inside a <Directory> or
     <Files> section.  [Stefan Fritsch]

Jim Jagielski's avatar
Jim Jagielski committed
  *) mod_proxy: Refactor usage of shared data by dropping the scoreboard
     and using slotmem. Create foundation for dynamic growth/changes of
     members within a balancer. Remove BalancerNonce in favor of a
     per-balancer 'nonce' parameter. [Jim Jagielski]

  *) mod_status: Don't show slots which are disabled by MaxClients as open.
     PR: 47022 [Jordi Prats <jordi prats gmail com>, Stefan Fritsch]

  *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and
     AP_MPMQ_MAX_THREADS.

  *) mod_authz_core: Fix bug in merging logic if user-based and non-user-based
     authorization directives were mixed. [Stefan Fritsch]

  *) mod_authn_socache: change directive name from AuthnCacheProvider
     to AuthnCacheProvideFor.  The term "provider" is overloaded in
     this module, and we should avoid confusion between the provider
     of a backend (AuthnCacheSOCache) and the authn provider(s) for
     which this module provides cacheing (AuthnCacheProvideFor).
     [Nick Kew]

  *) mod_proxy_http: Allocate the fake backend request from a child pool
     of the backend connection, instead of misusing the pool of the frontend
     request. Fixes a thread safety issue where buckets set aside in the
     backend connection leak into other threads, and then disappear when
     the frontend request is cleaned up, in turn causing corrupted buckets
     to make other threads spin. [Graham Leggett]

  *) mod_ssl: Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables
     to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and 
     escape other special characters with backslashes. The old format can
     still be used with the LegacyDNStringFormat argument to SSLOptions.

  *) core, mod_rewrite: Make the REQUEST_SCHEME variable available to
     scripts and mod_rewrite. [Stefan Fritsch]

  *) mod_rewrite: Allow to use arbitrary boolean expressions (ap_expr) in
     RewriteCond. [Stefan Fritsch]

  *) mod_rewrite: Allow to unset environment variables using E=!VAR.
     PR 49512. [Mark Drayton <mark markdrayton info>, Stefan Fritsch]

Eric Covener's avatar
Eric Covener committed
  *) mod_headers: Restore the 2.3.8 and earlier default for the first 
     argument of the Header directive ("onsuccess").  [Eric Covener]

  *) core: Disallow the mixing of relative and absolute Options PR 33708.
     [Sönke Tesch <st kino-fahrplan.de>]

  *) core: When exporting request headers to HTTP_* environment variables,
     drop variables whose names contain invalid characters. Describe in the
     docs how to restore the old behaviour. [Malte S. Stretz <mss apache org>]

  *) core: When selecting an IP-based virtual host, favor an exact match for
     the port over a wildcard (or omitted) port instead of favoring the one
     that came first in the configuration file. [Eric Covener]

  *) core: Overlapping virtual host address/port combinations  now implicitly 
     enable name-based virtual hosting for that address.  The NameVirtualHost
     directive has no effect, and _default_ is interpreted the same as "*". 
     [Eric Covener]

  *) core: In the absence of any Options directives, the default is now
     "FollowSymlinks" instead of "All".  [Igor Galić]

  *) rotatelogs: Add -e option to write logs through to stdout for optional
     further processing. [Graham Leggett]

  *) mod_ssl: Correctly read full lines in input filter when the line is
     incomplete during first read. PR 50481. [Ruediger Pluem]

  *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
     sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
     fails for an authenticated user. PR 40721. [Stefan Fritsch]
Jim Jagielski's avatar
 
Jim Jagielski committed
Changes with Apache 2.3.10

  *) mod_rewrite: Don't implicitly URL-escape the original query string
     when no substitution has changed it. PR 50447. [Eric Covener]

  *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
     such as per-directory mod_rewrite substitutions.  PR 50349.
     [Eric Covener]

  *) mod_rewrite: Add 'RewriteOptions InheritBefore' to put the base 
     rules/conditions before the overridden rules/conditions.  PR 39313.
     [Jérôme Grandjanny <jerome.grandjanny cea.fr>]

  *) mod_autoindex: add IndexIgnoreReset to reset the list of IndexIgnored
     filenames in higher precedence configuration sections.  PR 24243.
     [Eric Covener]

  *) mod_cgid: RLimit* directive support for mod_cgid.  PR 42135
     [Eric Covener]

  *) core: Fail startup when the argument to ServerName looks like a glob
     or a regular expression instead of a hostname (*?[]).  PR 39863 
     [Rahul Nair <rahul.g.nair gmail.com>]

Eric Covener's avatar
Eric Covener committed
  *) mod_userdir: Add merging of enable, disable, and filename arguments 
     to UserDir directive, leaving enable/disable of userlists unmerged. 
     PR 44076 [Eric Covener]
  *) httpd: When no -k option is provided on the httpd command line, the server
     was starting without checking for an existing pidfile.  PR 50350 
     [Eric Covener] 
 
  *) mod_proxy: Put the worker in error state if the SSL handshake with the
     backend fails. PR 50332.
     [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]

  *) mod_cache_disk: Fix Windows build which was broken after renaming
     the module. [Gregg L. Smith]
Jim Jagielski's avatar
 
Jim Jagielski committed

Jim Jagielski's avatar
Jim Jagielski committed
Changes with Apache 2.3.9

  *) SECURITY: CVE-2010-1623 (cve.mitre.org)
     Fix a denial of service attack against mod_reqtimeout.
     [Stefan Fritsch]

Loading full blame...