Skip to content
CHANGES 423 KiB
Newer Older
4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021 4022 4023 4024 4025 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048 4049 4050 4051 4052 4053 4054 4055 4056 4057 4058 4059 4060 4061 4062 4063 4064 4065 4066 4067 4068 4069 4070 4071 4072 4073 4074 4075 4076 4077 4078 4079 4080 4081 4082 4083 4084 4085 4086 4087 4088 4089 4090 4091 4092 4093 4094 4095 4096 4097 4098 4099 4100 4101 4102 4103 4104 4105 4106 4107 4108 4109 4110 4111 4112 4113 4114 4115 4116 4117 4118 4119 4120 4121 4122 4123 4124 4125 4126 4127 4128 4129 4130 4131 4132 4133 4134 4135 4136 4137 4138 4139 4140 4141 4142 4143 4144 4145 4146 4147 4148 4149 4150 4151 4152 4153 4154 4155 4156 4157 4158 4159 4160 4161 4162 4163 4164 4165 4166 4167 4168 4169 4170 4171 4172 4173 4174 4175 4176 4177 4178 4179 4180 4181 4182 4183 4184 4185 4186 4187 4188 4189 4190 4191 4192 4193 4194 4195 4196 4197 4198 4199 4200 4201 4202 4203 4204 4205 4206 4207 4208 4209 4210 4211 4212 4213 4214 4215 4216 4217 4218 4219 4220 4221 4222 4223 4224 4225 4226 4227 4228 4229 4230 4231 4232 4233 4234 4235 4236 4237 4238 4239 4240 4241 4242 4243 4244 4245 4246 4247 4248 4249 4250 4251 4252 4253 4254 4255 4256 4257 4258 4259 4260 4261 4262 4263 4264 4265 4266 4267 4268 4269 4270 4271 4272 4273 4274 4275 4276 4277 4278 4279 4280 4281 4282 4283 4284 4285 4286 4287 4288 4289 4290 4291 4292 4293 4294 4295 4296 4297 4298 4299 4300 4301 4302 4303 4304 4305 4306 4307 4308 4309 4310 4311 4312 4313 4314 4315 4316 4317 4318 4319 4320 4321 4322 4323 4324 4325 4326 4327 4328 4329 4330 4331 4332 4333 4334 4335 4336 4337 4338 4339 4340 4341 4342 4343 4344 4345 4346 4347 4348 4349 4350 4351 4352 4353 4354 4355 4356 4357 4358 4359 4360 4361 4362 4363 4364 4365 4366 4367 4368 4369 4370 4371 4372 4373 4374 4375 4376 4377 4378 4379 4380 4381 4382 4383 4384 4385 4386 4387 4388 4389 4390 4391 4392 4393 4394 4395 4396 4397 4398 4399 4400 4401 4402 4403 4404 4405 4406 4407 4408 4409 4410 4411 4412 4413 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424 4425 4426 4427 4428 4429 4430 4431 4432 4433 4434 4435 4436 4437 4438 4439 4440 4441 4442 4443 4444 4445 4446 4447 4448 4449 4450 4451 4452 4453 4454 4455 4456 4457 4458 4459 4460 4461 4462 4463 4464 4465 4466 4467 4468 4469 4470 4471 4472 4473 4474 4475 4476 4477 4478 4479 4480 4481 4482 4483 4484 4485 4486 4487 4488 4489 4490 4491 4492 4493 4494 4495 4496 4497 4498 4499 4500 4501 4502 4503 4504 4505 4506 4507 4508 4509 4510 4511 4512 4513 4514 4515 4516 4517 4518 4519 4520 4521 4522 4523 4524 4525 4526 4527 4528 4529 4530 4531 4532 4533 4534 4535 4536 4537 4538 4539 4540 4541 4542 4543 4544 4545 4546 4547 4548 4549 4550 4551 4552 4553 4554 4555 4556 4557 4558 4559 4560 4561 4562 4563 4564 4565 4566 4567 4568 4569 4570 4571 4572 4573 4574 4575 4576 4577 4578 4579 4580 4581 4582 4583 4584 4585 4586 4587 4588 4589 4590 4591 4592 4593 4594 4595 4596 4597 4598 4599 4600 4601 4602 4603 4604 4605 4606 4607 4608 4609 4610 4611 4612 4613 4614 4615 4616 4617 4618 4619 4620 4621 4622 4623 4624 4625 4626 4627 4628 4629 4630 4631 4632 4633 4634 4635 4636 4637 4638 4639 4640 4641 4642 4643 4644 4645 4646 4647 4648 4649 4650 4651 4652 4653 4654 4655 4656 4657 4658 4659 4660 4661 4662 4663 4664 4665 4666 4667 4668 4669 4670 4671 4672 4673 4674 4675 4676 4677 4678 4679 4680 4681 4682 4683 4684 4685 4686 4687 4688 4689 4690 4691 4692 4693 4694 4695 4696 4697 4698 4699 4700 4701 4702 4703 4704 4705 4706 4707 4708 4709 4710 4711 4712 4713 4714 4715 4716 4717 4718 4719 4720 4721 4722 4723 4724 4725 4726 4727 4728 4729 4730 4731 4732 4733 4734 4735 4736 4737 4738 4739 4740 4741 4742 4743 4744 4745 4746 4747 4748 4749 4750 4751 4752 4753 4754 4755 4756 4757 4758 4759 4760 4761 4762 4763 4764 4765 4766 4767 4768 4769 4770 4771 4772 4773 4774 4775 4776 4777 4778 4779 4780 4781 4782 4783 4784 4785 4786 4787 4788 4789 4790 4791 4792 4793 4794 4795 4796 4797 4798 4799 4800 4801 4802 4803 4804 4805 4806 4807 4808 4809 4810 4811 4812 4813 4814 4815 4816 4817 4818 4819 4820 4821 4822 4823 4824 4825 4826 4827 4828 4829 4830 4831 4832 4833 4834 4835 4836 4837 4838 4839 4840 4841 4842 4843 4844 4845 4846 4847 4848 4849 4850 4851 4852 4853 4854 4855 4856 4857 4858 4859 4860 4861 4862 4863 4864 4865 4866 4867 4868 4869 4870 4871 4872 4873 4874 4875 4876 4877 4878 4879 4880 4881 4882 4883 4884 4885 4886 4887 4888 4889 4890 4891 4892 4893 4894 4895 4896 4897 4898 4899 4900 4901 4902 4903 4904 4905 4906 4907 4908 4909 4910 4911 4912 4913 4914 4915 4916 4917 4918 4919 4920 4921 4922 4923 4924 4925 4926 4927 4928 4929 4930 4931 4932 4933 4934 4935 4936 4937 4938 4939 4940 4941 4942 4943 4944 4945 4946 4947 4948 4949 4950 4951 4952 4953 4954 4955 4956 4957 4958 4959 4960 4961 4962 4963 4964 4965 4966 4967 4968 4969 4970 4971 4972 4973 4974 4975 4976 4977 4978 4979 4980 4981 4982 4983 4984 4985 4986 4987 4988 4989 4990 4991 4992 4993 4994 4995 4996 4997 4998 4999 5000
  *) Fix bug in ap_remove_module(), which caused problems for dso's 
     who were the top_module.  [Doug MacEachern]

  *) Add support for Berkeley-DB/2.x (in addition to Berkeley-DB/1.x) to
     mod_auth_db to both be friendly to users who wants to use this version
     and to avoid problems under platforms where only version 2.x is present.
     [Dan Jacobowitz <drow@false.org>, Ralf S. Engelschall]

  *) When using ap_log_rerror(), make the error message available to the
     *ERROR_NOTES envariables by default.  [Ken Coar]

  *) BS2000 platform only: get rid of the nasty BS2000AuthFile.
     You now must define a BS2000Account name for the server User.
     This has fewer security implications than the old approach.
     [Martin Kraemer]

  *) Fix SHARED_CORE feature for HPUX platform: We now use extension `.sl'
     instead of `.so' and `SHLIB_PATH' instead of `LD_LIBRARY_PATH' on this
     platform to make the braindead HPUX linker happy. Notice, for the module
     DSOs we don't have to use this, because these are loaded manually (and
     not via HPUX' dld). [Ralf S. Engelschall] PR#2905, PR#2968

  *) Remove 64 thread limit on Win32.
     [Bill Stoddard <stoddard@raleigh.ibm.com>]

  *) Remove redundant substitutions in top-level Makefile.tmpl.
     [Ralf S. Engelschall]

  *) Fix APACI's `Group' configuration adjustment - especially for Linux
     platforms where `nogroup' exists in /etc/group. [Ralf S. Engelschall]
 
  *) Make PrintPath work generically instead of having one version
     strictly for OS/2. [Jim Jagielski, Brian Havard]

  *) Fix the recently introduced C header file checking: We now use the C
     pre-processor pass only (and no longer the complete compiler pass) to
     determine whether a C header file exists or not. Because only this way
     we're safe against inter-header dependencies (which caused horrible
     portability problems). The only drawback is that we now have a CPP
     configuration variable which has to be determined first (we do a similar
     approach as GNU Autoconf does here). When all fails the user still has
     the possibility to override it manually via APACI or src/Configuration.
     As a fallback for the header check itself we can directly check the
     existance of the file under /usr/include, too.
     [Ralf S. Engelschall] PR#2777

  *) PORT: Added RHAPSODY (Mac OS X Server) support. MAP_TMPFILE defined
     as an alternate mechanism for mmap'd shared memory for RHAPSODY.
     ap_private_extern defined to hide symbols that conflict with loaded
     dynamic libraries on the NEXT and RHAPSODY platforms.
     [Wilfredo Sanchez <wsanchez@apple.com>]

  *) Delete PID file on clean shutdowns.
     [Charles Randall <crandall@matchlogic.com>] PR#2947

  *) Fix mod_auth_*.html documents: NSCA -> NCSA
     [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#2991

  *) Fix INSTALL document: www.gnu.ai.mit.edu -> www.gnu.org
     [Karl Berry <karl@gnu.org>] PR#2994

  *) Fix dbmmanage.1 manual page.
     [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#2992
     
  *) Fix possible buffer overflow situation in suexec.c.
     [Jeff Stewart <jws@purdue.edu>] PR#2790

  *) Add some more LIBS for the SCO5 platform which are needed for the already
     used -lprot. It's actually a bug in SCO5, of course.
     [Ronald Record <rr@sco.com>] PR#2533

  *) Fix documentation of ProxyPass/ProxyPassReverse according to the
     trailing slash problem. [Jon Drukman <jsd@gamespot.com>] PR#2933
  
  *) Remove `-msym' option from LDFLAGS_SHLIB for the Digital UNIX (OSF/1)
     platform, because it's only supported under version 4.0 and higher. But
     because our GuessOS is still unaware of Digital UNIX versions and the
     -msym is just to optimize the DSO statup time a little bit it's safe and
     best when we leave it out now.  [Ralf S. Engelschall] PR#2969

  *) Fix the ap_log_error_old(), ap_log_unixerr() and ap_log_printf()
     functions: First all three functions no longer fail on strings containing
     "%" chars and second ap_log_printf() no longer does a double-formatting
     (instead it directly passes through the message to be formatted to the
     real internal formatting function). [Ralf S. Engelschall] PR#2941

  *) Allow "Include" directives anywhere in the server config
     files (but not .htaccess files).  [Ken Coar] PR#2727

  *) The proxy was refusing to serve CONNECT requests except to
     port 443 (https://) and 563 (snews://). The new AllowCONNECT
     directive allows the configuration of the ports to which a
     CONNECT is allowed.  [Sameer Parekh, Martin Kraemer]

  *) mod_expires will now act on content that is not sent from a file
     on disk.  Previously it would never add an Expires: header to
     any response that did not come from a file on disk; the only
     case where it still doesn't (and can't) add one for that type of 
     content is if you are using a modification date based setting.  
     [Marc Slemko, Paul Phillips <paulp@go2net.com>]

  *) Problems encountered during .htaccess parsing or CGI execution
     that lead to a "500 Server Error" condition now provide explanatory
     text (in the *ERROR_NOTES envariable) to ErrorDocument 500 scripts.
     [Ken Coar] PR#1291

  *) Add NameWidth keyword to IndexOptions directive so that the
     width of the filename column is customisable.  [Ken Coar, Dean Gaudet]
     PR#1949, 2324.

  *) Recognize lowercase _and_ uppercase `uname' results under
     SCO OpenServer. [David Coelho <drc@ppt.com>]

  *) As duplicate "HTTP/1.0 200 OK" lines within the header seem to be
     a common problem of (mis-administrated?) IIS servers, make the apache
     proxy immune to these errors (and ignore the duplicates, but log
     the fact to error_log). [Martin Kraemer], after the proposal in PR#2914 
     
  *) The <IfModule and <IfDefine block starting directives now only
     allow exactly one argument. Previously, the optional negation
     character '!' could be separated by whitespace without a syntax
     error being reported, albeit defeating the IfModule functionality
     (enclosed directives would ALWAYS be executed). By using the
     stricter syntax, these hard-to-track errors can be avoided.
     [Martin Kraemer]

  *) Simplify handling of IndexOptions in mod_autoindex -- and BTW
     cause the standalone FancyIndexing directive to logically OR
     into any existing IndexOptions settings rather than wiping
     them out.  [Ken Coar]

  *) Changes in ftp proxy: make URL parsing simpler by using the
     parsed_uri stuff.
     + Add display of the "current directory" in cases where it's
     different from the supplied path (e.g., ftp://user@host/ lives
     in /home/user, not in /, therefore clicking on "../" in the
     starting directory might send us to /home/).
     + When ftp login fails, (esp. when a user name was part of the
     URL already), we now return [401 Unauthorized ] to allow the
     browser to pop up an authorization dialog. This makes passwords
     slightly less visible (they don't appear in the regular log files)
     and implements a functionality that other www proxy servers
     already offered.
     [Martin Kraemer]

  *) Triggered by the recent "Via:" header changes, the proxy module would
     dump core for replies with invalid headers (e.g., duplicate
     "HTTP/1.0 200 OK" lines). These errors are now logged and the
     core dump is avoided. Also, broken replies are not cached.
     [Martin Kraemer] PR#2914

  *) new `GprofDir' directive when compiled with -DGPROF, where gprof can
     plop gmon.out profile data for each child [Doug MacEachern]
   
  *) Use the construct ``"$@"'' instead of ``$*'' in the generated
     config.status script to be immune against arguments with whitespaces.
     [Yves Arrouye <yves@apple.com>] PR#2866

  *) Replace the inlined information grabbing stuff for the configuration
     adjustment feature (no --without-confadjust) with calls to a new helper
     script `buildinfo.sh' which is both more flexible and already proofed to
     be more robust against platform differences. This mainly fixes the
     recently occured ``sed: command garbled: ...'' problems.
     [Ralf S. Engelschall] PR#2776, PR#2848

  *) Make ab.c again pass ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align
     -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''
     without complains after we recently added the POST feature.
     [Ralf S. Engelschall]

  *) Renamed is_HTTP_xxx() macros to ap_is_HTTP_xxx() name. They are used inside
     modules as API functions and we forgot them at the big symbol renaming.
     [Ralf S. Engelschall]

  *) Remove bad reference to non-existing SERVER_VERSION in mod_rewrite.html
     [Youichirou Koga <y-koga@jp.FreeBSD.ORG>] PR#2895

  *) Dynamically size the filename column of mod_autoindex output.
     [Dean Gaudet]

  *) Add the ability to do POST requests to the ab benchmarking tool.
     [Kurt Sussman <kls@best.com>] PR#2871

  *) Bump up MAX_ENV_FLAGS in mod_rewrite.h from the too conservatice limit of
     5 to 10 because there are some users out there who always have 5 to 8
     variables in one RewriteRule and had to patch mod_rewrite.h for every
     release. So 15 should be now more than enough, even for them. (I never
     needed more than 4 in my RewriteRules ;-)
     [Ralf S. Engelschall]

  *) Make the proxy generate and understand Via: headers
     [Martin Kraemer]

  *) Change the proxy to use tables instead of array_headers for
     the header lines. [Martin Kraemer]

  *) Make sure the config.status file is not overridden when just
     ``configure --help'' is used. [Ralf S. Engelschall] PR#2844

  *) Split MODULE_MAGIC_NUMBER into _MAJOR/_MINOR numbers. This should
     provide a way to trace API changes that add functionality but do
     not create a compatibility issue for precompiled modules, etc.
     See include/ap_mmn.h for more details.  [Randy Terbush]

  *) Fix suexec installation under `make install root=xxx' situation.
     [Ralf S. Engelschall]

  *) Extend the output of the -V switch to include the paths of all
     compiled-in configuration files, if they were overridden at
     compile time, for least astonishment of the user.
     [Martin Kraemer]

  *) When READing a request in ExtendedStatus mode, the "old"
     vhost, request and client information is not displayed.
     [Jim Jagielski]

  *) STATUS is no longer available. Full status information now
     run-time configurable using the ExtendedStatus directive.
     [Jim Jagielski]

  *) SECURITY: Eliminate O(n^2) space DoS attacks (and other O(n^2)
     cpu time attacks) in header parsing.  Add ap_overlap_tables(),
     a function which can be used to perform bulk update operations
     on tables in a more efficient manner.  [Dean Gaudet]

  *) SECURITY: Added compile-time and configurable limits for
     various aspects of reading a client request to avoid some simple
     denial of service attacks, including limits on maximum request-line
     size (LimitRequestLine), number of header fields (LimitRequestFields),
     and size of any one header field (LimitRequestFieldsize).  Also added
     a configurable directive LimitRequestBody for limiting the size of the
     request message body.  [Roy Fielding]

  *) Make status module aware of DNS and logging states, even if
     STATUS not defined.  [Jim Jagielski]

  *) Fix a problem with the new OS/2 mutexes.  [Brian Havard]

  *) Enhance mod_speling so that CheckSpelling can be used in
     <Directory> containers and .htaccess files.  [Ken Coar]

  *) API: new ap_custom_response() function for hooking into the
     ErrorDocument mechanism at runtime [Doug MacEachern]

  *) API: new ap_uuencode() function [Doug MacEachern]

  *) API: scan_script_header_err_core() now "public" and renamed
     ap_scan_script_header_err_core() [Doug MacEachern]

  *) The 'status' module will now show the process pid's and their
     state even without full STATUS accounting. [Jim Jagielski]

  *) Restore the client IP address to the error log messages, this
     was lost during the transition from 1.2 to 1.3.  Add a new
     function ap_log_rerror() which takes a request_rec * and
     formats it appropriately.  [Dean Gaudet] PR#2661

  *) Cure ap_cfg_getline() of its nasty habit of compressing internal
     whitespace in input lines -- including within quoted strings.
     [Ken Coar]
     but leading and trailing whitespace should continue to be
     stripped [Martin Kraemer]

  *) Cleanup of the PrintPath/PrintPathOS2 helper functions. Avoid
     the ugly use of an env. variable and use command-line args for
     alternate $PATH. Make more like advanced 'type's as well.
     [Jim Jagielski]

  *) The IRIXN32 Rule was being ignored. Configure now correctly adds
     -n32 only if IRIXN32 says to. [Jim Jagielski, Alain St-Denis
     <alain.st-denis@ec.gc.ca>] PR#2736

  *) Clean up a warning in mod_proxy. [Ralf S. Engelschall]

  *) Renamed __EMX__ (internal define of the gcc port under OS/2) to OS2
     following the same idea as "MSVC vs WIN32". Additionally the src/os/emx/
     directory was renamed to src/os/os2/ for consistency.
     [Brian Havard, Ralf S. Engelschall]

  *) Add new Rule SHARED_CHAIN which can be used to enable linking of DSO
     files (here modules) against other DSO files (here shared libraries).
     This is done by determining a subset of LIBS which can be safely used for
     linking the DSOs, i.e. PIC libs and shared libs.  Currently the rule is
     disabled for all platforms to avoid problems with this (experimental)
     rule. But we provide it now for those people how ran into problems and
     want to came out by forcing linking against DSOs.
     [Ralf S. Engelschall] PR#2587

  *) Fix suEXEC start message: Has to be of `notice' level to really get
     printed together with the standard startup message because the `notice'
     level is handled special inside ap_log_error() for startup messages.
     [Ralf S. Engelschall] PR#2761 PR#2761 PR#2765

  *) Add correct `model' MIME types from RFC2077 to mime.types file.
     [Ralf S. Engelschall] PR#2732

  *) Fixed examples in mod_rewrite.html document. 
     [Youichirou Koga <y-koga@jp.FreeBSD.org>, Ralf S. Engelschall] PR#2756

  *) Allow ap_read_request errors to propagate through the normal request
     handling loop so that the connection can be properly closed with
     lingering_close, thus avoiding a potential TCP reset that would
     cause the client to miss the HTTP error response.  [Roy Fielding]

  *) One more portability fix for APACI shadow tree support: Swap order of awk
     and sed in top-level configure script to avoid sed fails on some
     platforms (for instance SunOS 4.1.3 and NCR SysV) because of the
     non-newline-termined output of Awk. [Ralf S. Engelschall] PR#2729

  *) PORT: NEC EWS4800 support.
     [MATSUURA Takanori <t-matsuu@protein.osaka-u.ac.jp>]

  *) Fix a segfault in the proxy on OS/2.  [Brian Havard]

  *) Fix Win32 part of ap_spawn_child() by providing a reasonable child_info
     structure instead of just NULL. This fixes at least the RewriteMap
     programs under Win32. [Marco De Michele <mdemichele@tin.it>] PR#2483

  *) Add workaround to top-level `configure' script for brain dead 
     `echo' commands which interpet escape sequences per default.
     [Ralf S. Engelschall] PR#2654

  *) Make sure that the path to the Perl interpreter is correctly
     adjusted under `make install' also for the printenv CGI script.
     [Ralf S. Engelschall] PR#2595
 
  *) Update the mod_rewrite.html document to correctly reflect the situation
     of the `proxy' (`[P]') feature. [Ralf S. Engelschall] PR#2679

  *) Fix `install-includes' sub-target of `install' target in top-level
     Makefile.tmpl: The umask+cp approach didn't work as expected (especially
     for users which extracted the distribution under 'umask 077'), so replace
     it by an explicit cp+chmod approach.
     [Richard Lloyd, Curt Sampson, Ralf S. Engelschall] PR#2656 PR#2626
 
  *) Fix `distclean' and `clean' targets in src/Makefile.tmpl to have same
     behavior and to cleanup correctly even under enabled SHARED_CORE rule.
     [Ralf S. Engelschall]

  *) Use a more straight forward and thus less problematic Sed command in
     src/helper/mkdir.sh script.  [Ralf S. Engelschall]

  *) Make sure the `configure' scripts doesn't fail when trying to guess the
     domainname of the machine and there are multiple `domainname' and
     `search' entries in /etc/resolv.conf.
     [Ralf S. Engelschall] PR#2710

  *) Add note about the SHARED_CORE requirement on some platforms also to the
     INSTALL file because a lot of users don't read htdocs/manual/dso.html
     first. [Ralf S. Engelschall] PR#2701

  *) Fix document "hyperlink" for dso.html in src/Configuration.tmpl
     [Knut A.Syed <Knut.Syed@nhh.no>] PR#2674

  *) Modify mod_rewrite to update the Vary response field if the URL rewriting
     engine does any manipulations or decisions based upon request fields. 
     [Ken Coar] PR#1644

  *) Document the special APACI behavior for installation paths where
     ``/apache'' is appended to paths under some (well defined, of course)
     situations to prevent pollution of system locations with Apache files.
     [Ralf S. Engelschall] PR#2660

  *) Fixed problem with buffered response message not being sent for
     the read_request error conditions of URI-too-long (414) and
     malformed header fields (400).  [Roy Fielding] PR#2646

  *) Add support for the Max-Forwards: header line required by RFC2068 for
     the TRACE method. This allows apache to TRACE along a chain of proxies
     up to a predetermined depth. [Martin Kraemer]

  *) Fix SHARED_CORE rule: The CFLAGS_SHLIB variable is no longer doubled
     (compilers complained) and the .so.V.R.P filename extension was adjusted
     to correctly reflect the 1.3.2 version.
     [Ralf S. Engelschall] PR#2644

  *) SECURITY: Plug "..." and other canonicalization holes under OS/2.
     [Brian Havard]
  
  *) PORT: implement serialized accepts for OS/2.  [Brian Havard]

  *) mod_include had problems with the fsize and flastmod directives
     under WIN32.  Fix also avoids the minor security hole of using
     ".." paths for fsize and flastmod.
     [Manoj Kasichainula <manojk@raleigh.ibm.com>] PR#2355

  *) Fixed some Makefile dependency problems.  [Dean Gaudet]

Changes with Apache 1.3.1

  *) Disable the incorrect entry for application/msword in the 
     mod_mime_magic "magic" file because it also matches other Office
     documents.  [Ralf S. Engelschall] PR#2608

  *) Fix broken RANLIB handling in src/Configure (the entry from
     src/Configuration.tmpl was ignored) and additionally force RANLIB to
     /bin/true under HP/UX where ranlib exists but is deprecated.
     [Ralf S. Engelschall] PR#2627
     
  *) 'apachectl status' failed on some systems.
     [Steve VanDevender <stevev@darkwing.uoregon.edu>, Lars Eilebrecht] PR#2613

  *) Add new flags for ap_unparse_uri_components() to make it generate
     the scheme://sitepart string only, or to omit the query string.
     [Martin Kraemer]

  *) WIN32: Canonicalize ServerRoot before checking to see if it
     is a valid directory.  The failure to do this caused certain
     ServerRoot settings (eg. "ServerRoot /apache") to be improperly
     rejected.  [Marc Slemko]

  *) Global renaming of C header files to both get rid of conflicts with third
     party packages and to again reach consistency:
       1. conf.h      -> ap_config.h
       2. conf_auto.h -> ap_config_auto.h \ these are now merged
       3. ap_config.h -> ap_config_auto.h / in the config process
       4. compat.h    -> ap_compat.h
       5. apctype.h   -> ap_ctype.h
     Backward compatibility files for conf.h and compat.h were created.

  *) mod_mmap_static will no longer take action on requests unless at 
     least one "mmapfile" directive is present in the configuration. 
     This experimental module has to do some black magic to operate 
     inside the current API and thus creates side-effects for other 
     modules under some circumstances.
     [Ralf S. Engelschall]
 
  *) Add conservative ticks around more egrep arguments in top-level configure
     to avoid problems under brain-dead platforms like Digital UNIX (OSF1).
     [Ralf S. Engelschall] PR#2596

  *) mod_rewrite created RewriteLock files under the UID of the parent
     process, thus the child processes had no write access to the files.
     Now a chown() is done on the file to the uid of the children,
     if applicable.  [Lars Eilebrecht, Ralf S. Engelschall] PR#2341

  *) Autogenerate some HAVE_XXXXX_H defines in conf_auto.h (determined via
     TestCompile) instead of defining them manually in conf.h based on less
     accurate platform definitions.  This way we no longer have to fiddle with
     OS-type and/or OS-version identifiers to discover whether a system header
     file exists or not.  Instead we now directly check for the existence of
     those esoteric ones. 
     [Ralf S. Engelschall] PR#2093, PR#2361, PR#2377, PR#2434,
                           PR#2524, PR#2525, PR#2533, PR#2569

  *) mod_setenvif (BrowserMatch* and friends) will now match a missing
     field with "^$".  [Ken Coar]

  *) Set the RTLD_GLOBAL dlopen mode parameter to allow dynamically loaded
     modules to load their own modules dynamically.  This improves mod_perl
     and mod_php3 when these modules are loaded dynamically into Apache.
     [Rasmus Lerdorf]

  *) Cache a proxied request in the event that the client cancels the
     transfer, provided that the configured percentage of the file has
     already been transfered. It works for HTTP transfers only.  The 
     new configuration directive is called CacheForceCompletion. 
     [Glen Parker <glenebob@nwlink.com>] PR#2277

  *) Add the "<!DOCTYPE HTML" magic cookie used by modern documents (and
     required by HTML 3.2 and later) to mod_mime_magic's conf/magic.
     [Anna Shergold <anna@inext.co.uk>]

  *) Fix yet another signal-based race condition involving nested timers.
     Signals suck.  [Dean Gaudet]

  *) suexec's error messages have been clarified a little bit.  [Ken Coar]

  *) Clean up some, but perhaps not all, 8-bit character set problems
     with config file parsing, and URL parsing.  We now define
     ap_isdigit(), ap_isupper(), ... which cast to an (unsigned char).
     This should work on most modern unixes.
     [Dean Gaudet] PR#800, 2282, 2553  (and others)

  *) The "handler not found" error was issued in cases where the handler
     really did exist, but was just declining to serve the request.
     [John Van Essen <jve@gamers.org>] PR#2529

  *) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x).
     [Ronald Record <rr@sco.com>] PR#2533

  *) The APACI libexecdir was not extended with an "apache/" subdir
     if the installation prefix didn't already contain "apache", but
     it should be because the DSO files are Apache-specific.  Now
     libexecdir is treated the same way sysconfdir, datadir, localstatedir
     and includedir are already treated.
     [Charles Levert <charles@comm.polymtl.ca>] PR#2551

  *) The <Limit> parsing routine was incorrectly treating methods as
     case-insensitive.  [Ken Coar]

  *) The ap_bprintf() code neglected to test if there was an error on
     the connection.  ap_bflush() misdiagnosed a failure as a success.
     [Dean Gaudet]

  *) add support for #perl arg interpolation in mod_include
     [Doug MacEachern]

  *) API: Name changes of table_elts to ap_table_elts, is_table_empty
     to ap_is_table_empty and bgetflag to ap_bgetflag. [Ben Laurie]

  *) PORT: Add UnixWare 7 support
     [Vadim Kostoglodoff <vadim@olly.ru>] PR#2463

  *) Fix the Guess-DSO-flags-from-Perl stuff in src/Configure: "perl" was
     used instead of "$PERL" which contains the correctly determined Perl
     interpreter (important for instance on systems where "perl" and "perl5"
     exists, like BSDI or FreeBSD, etc).
     [Ralf S. Engelschall] PR#2505

  *) Move the initial suEXEC-related startup message from plain
     fprintf()/stderr to a delayed ap_log_error()-based one to avoid problems
     when Apache is started from inetd (instead of standalone). Under this
     situation startup messages on stderr lead to problems (the line is sent
     to the client in front of the requested document).
     [Ralf S. Engelschall] PR#871, PR#1318

  *) Add a flag so ap_fnmatch() can be used for case-blind pattern matching.
     [Ken Coar, Dean Gaudet]

  *) WIN32: Don't collapse multiple slashes in PATH_INFO.
     [Ben Laurie, Bill Stoddard <wgstodda@us.ibm.com>] PR#2274

  *) WIN32 SECURITY: Eliminate trailing "."s in path components. These are
     ignored by the Windows filesystem, and so can be used to bypass security.
     [Ben Laurie, Alexei Kosut].

  *) We now attempt to dump core when we get SIGILL. [Jim Jagielski]

  *) PORT: remove broken test for MAP_FILE in http_main.c.
     [Wilfredo Sanchez <wsanchez@apple.com>]

  *) PORT: Change support/apachectl to use "kill -0 $pid" to test if the
     httpd is running.  This should be more portable than figuring out
     which of three dozen different versions of "ps" are installed.
     [a cast of dozens]

  *) WIN32: If we can't figure out how to execute a file in a script
     directory, bail out of the request with an error message.  [W G Stoddard]

  *) WIN32 SECURITY: Eliminate directories consisting of three or more dots;
     these are treated by Win32 as if they are ".." but are not detected by
     other machinery within Apache. This is something of a kludge but
     eliminates a security hole. [Manoj Kasichainula, Ben Laurie]

  *) Move ap_escape_quotes() from src/ap to src/main/util.c; it uses
     pools and thus pollutes libap (until the pool stuff is moved there).
     [Ken Coar]

  *) IndexIgnore should be case-blind on Win32 (and any other case-aware
     but case-insensitive platforms).  New #define for this added to conf.h
     (CASE_BLIND_FILESYSTEM).  [Ken Coar] PR#2455

  *) Enable DSO support for OpenBSD in general, not only for 2.x, because it
     also works for OpenBSD 1.x. [Ralf S. Engelschall]

  *) PORT: Fix compilation problem on ARM Linux.
     [Sam Kington <sam@illuminated.co.uk>] PR#2443

  *) Let APACI's configure script determine some configuration parameters
     (Group, Port, ServerAdmin, ServerName) via some intelligent tests to
     remove some of the classical hurdles for new users when setting up
     Apache. This is done per default because it is useful for the average
     user. Package authors can use the --without-confadjust option to disable
     these configuration adjustments.
     [Ralf S. Engelschall]

  *) Added an EXTRA_DEPS configuration parameter which can be used
     to add an extra Makefile dependency for the httpd target, for instance
     to external third-party libraries, etc.
     [Ralf S. Engelschall]

  *) Add <IfDefine>..</IfDefine> sections to the core module (with same spirit
     as <IfModule>..</IfModule> sections) which can be used to skip or process
     contained commands dependend of ``-D PARAMETER'' options on the command
     line. This can be used to achieve logical conditions like <IfDefine
     ReverseProxy> instead of physically ones (e.g. <IfModule mod_proxy.c>)
     and thus especially can be used for conditionally loading DSO-based
     modules via LoadModule, etc. [Ralf S. Engelschall]

  *) PORT: clean up a warning in mod_status for OS/2.  [Brian Havard]

  *) Make table elements const. This may prevent obscure errors. [Ben Laurie]

  *) Fix parsing of FTP `SIZE' responses in proxy module: The newline was not
     truncated which forced following HTTP headers to be data in the HTTP
     reponse. [Ralf S. Engelschall, Charles Fu <ccwf@bacchus.com>] 
     PR#2412, 2367

  *) Portability fix for APACI shadow tree support: Swap order of awk and sed
     in top-level configure script to avoid sed fails on some platforms (for
     instance SunOS 4.1.3 and NCR SysV) because of the non-newline-termined
     output of Awk. [Bill Houle <bhoule@sandiegoca.ncr.com>] PR#2435

  *) Improve performance of directory listings (mod_autoindex) by comparing
     integer keys (last-modified and size) as integers rather than converting
     them to strings first.  Also use a set of explicit byte tests rather
     than strcmp() to check for parent directory-ness of an entry.  Oh, and
     make sure the parent directory (if displayed) is *always* listed first
     regardless of the sort key.  Overall performance winnage should be good
     in CPU time, instruction cache, and memory usage, particularly for large
     directories.  [Ken Coar]

  *) Add a tiny but useful goody to APACI's configure script: The generation
     of a config.status script (as GNU Autoconf does) which remembers the used
     configure command and hence can be used to restore the configuration by
     just re-running this script or for remembering the configuration between
     releases.
     [Ralf S. Engelschall]

  *) Add httpd -t (test) option for running configuration syntax tests only.
     If something is broken it complains and exits with a return code
     non-equal to 0. This can be used manually by the user to check the Apache
     configuration after editing and is also automatically used by apachectl
     on (graceful) restart command to make sure Apache doesn't die on restarts
     because of a configuration which is now broken since the last (re)start.
     This way `apachectl restart' can be used inside cronjobs without having
     to expect Apache to be falling down. Additionally the httpd -t can be run
     via `apachectl configtest'.
     [Ralf S. Engelschall] PR#2393
  
  *) Minor display fix for "install" target of top-level Makefile:
     the displayed installation command was incorrect although the
     executed command was correct. Now they are in sync.
     [Ralf S. Engelschall] PR#2402

  *) Correct initialization of variable `allowed_globals' in http_main.c
     [Justin Bradford <justin@ukans.edu>] PR#2400

  *) Apache would incorrectly downcase the entire Content-Type passed from
     CGIs.  This affected server-push scripts and such which use
     multipart/x-mixed-replace;boundary=ThisRandomString.
     [Dean Gaudet] PR#2394

  *) PORT: QNX update to properly guess 32-bit systems.
     [Sean Boudreau <seanb@qnx.com>] PR#2390

  *) Make sure the DSO emulation code for HPUX finds the proprietary shl_xxx()
     functions which are in libdld under HPUX 9/10.
     [Ralf S. Engelschall] PR#2378

  *) Make sure the "install" target of the top-level Makefile doesn't break
     because of a return code of 1 from an "if" (for instance under braindead
     Ultrix the result code of an "if" construct is 1 if the "then" clause
     didn't match). [Ralf S. Engelschall]

  *) Add an additional "dummy" target to the "$(LIB)" target in generated
     modules/xxx/Makefile's to avoid problems with SVR4 Make under "full-DSO"
     situation (no libxxx.a built, only mod_xxx.so's) where LIB and OBJS are
     empty. [Ralf S. Engelschall, Dean Gaudet, Martin Kraemer]

  *) Replace two bad sprintf() calls with ap_snprintf() variants in
     mod_rewrite. [Ralf S. Engelschall]

  *) Fix missing usage description for MetaFiles directive.
     [David MacKenzie <djm@va.pubnix.com>] PR#2384

  *) mod_log_config wouldn't let vhosts use log formats defined in the
     main server.  [Christof Damian <damian@mediaconsult.com>] PR#2090

  *) mod_usertrack was corrupting the client hostname.  As part of the
     fix, the cookie values were slightly extended to include the
     fully qualified hostname of the client.
     [Dean Gaudet] PR#2190, 2229, 2366

  *) Fix a typo in pool debugging code.  [Alvaro Martinez Echevarria]

  *) mod_unique_id did not work on alpha linux (in general on any
     architecture that has 64-bit time_t).
     [Alvaro Martinez Echevarria]

  *) PORT: Make SCO 5 (and probably 3) compile again. [Ben Laurie]

  *) PORT: NCR MPRAS systems have the same bug with SIGHUP restart that
     Solaris systems experience.  So define WORKAROUND_SOLARIS_BUG.
     [Klaus Weber <kweber@chephren.germany.ncr.com>] PR#1973

  *) Change "Options None" to "Options FollowSymLinks" in the 
     <Directory /> section of the default access.conf-dist
     (and -win even though it doesn't matter there).  This has better
     performance, and more intuitive semantics.  [Dean Gaudet]

  *) PORT: Updated support for UTS 2.1.2.
     [Dave Dykstra <dwd@bell-labs.com>] PR#2320

  *) Fix symbol export list (src/support/httpd.exp) after recent
     API changes in the child spawning area.
     [Jens-Uwe Mager <jum@helios.de>]

  *) Workaround for configure script and old `test' commands which do not
     support the -x flag (for instance under platforms like Ultrix). This is
     solved by another helper script findprg.sh which searches for Perl and
     Awk like PrintPath but _via different names_.
     [Ralf S. Engelschall]

  *) Remove the system() call from htpasswd.c, which eliminates a system
     dependancy.  ["M.D.Parker" <mdpc@netcom.com>] PR#2332

  *) PORT: Fix compilation failures on NEXTSTEP.
     [Rex Dieter <rdieter@math.unl.edu>] PR#2293, 2316

  *) PORT: F_NDELAY is a typo, should have been FNDELAY.  There's also
     O_NDELAY on various systems.  [Dave Dykstra <dwd@bell-labs.com>] PR#2313

  *) PORT: helpers/GuessOS updates for various versions for NCR SVR4.
     [juerg schreiner <j.schreiner@zh.ch>,
     Bill Houle <Bill.Houle@SanDiegoCA.NCR.COM>] PR#2310

  *) Fix recently introduced Win32 child spawning code in mod_rewrite.c which
     was broken because of invalid ap_pstrcat() -> strcat() transformation.
     [Ralf S. Engelschall]

  *) Proxy Cache Fixes: account for directory sizes, fork off garbage collection
     to continue in background, use predefined types (off_t, size_t, time_t),
     log the current cache usage percentage at LogLevel debug
     [Martin Kraemer, based on discussion between Dean Gaudet & Dirk vanGulik]

Changes with Apache 1.3.0

  *) Using a type map file as a custom error document was not possible.
     [Lars Eilebrecht] PR#1031

  *) Avoid problems with braindead Awks by additionally searching for gawk 
     and nawk in APACI's configure script.
     [Dave Dykstra <dwd@bell-labs.com>, Ralf S. Engelschall] PR#2319

  *) Rename md5.h to ap_md5.h to avoid conflicts with native MD5 on
     some systems. [Randy Terbush]

  *) Change usage of perror()+fprintf(stderr,...) in mod_rewrite to
     more proper ap_log_error() variants.
     [Ralf S. Engelschall]

  *) Make sure the argument for the --add-module option to APACI's configure
     script is of type [path/to/]mod_xxx.c because all calculations inside
     configure and src/Configure depend on this.
     [Ralf S. Engelschall] PR#2307

  *) Changes usage of perror/fprintf to stderr to more proper ap_log_error
     in mod_mime, mod_log_referer, mod_log_agent, and mod_log_config.
     [Brian Behlendorf]

  *) Various OS/2 cleanups ["Brian Havard" <brianh@kheldar.apana.org.au>]

  *) PORT: QNX needed a #include <sys/mman.h>; and now it uses flock
     serialized accept to handle multiple sockets.
     [Rob Saccoccio <robs@InfiniteTechnology.com>] PR#2295, 2296
 
  *) Have NT properly set the directory for CGI scripts 
     (& other spawned children)
     [W G Stoddard <wgstodda@us.ibm.com>]

  *) Propagate environment to CGI scripts correctly in Win32.
     [W G Stoddard <wgstodda@us.ibm.com>] PR#2294

  *) Some symbol renaming:
     ap_spawn_child_err became ap_spawn_child
     ap_spawn_child_err_buff became ap_bspawn_child
     spawn_child was obsoleted and moved to compat.h
     [Brian Behlendorf]

  *) Upgrade the child spawning code in mod_rewrite for the RewriteMap
     programs: ap_spawn_child_err() is used and the Win32 case now uses
     CreateProcess() instead of a low-level execl() (which caused problems in
     the past under Win32).
     [Ralf S. Engelschall]

  *) A few cosmetics and trivial enhancements to APXS to make the
     generated Makefile more user friendly. [Ralf S. Engelschall]

  *) Proxy Fix: The proxy special failure routine ap_proxyerror()
     was updated to use the normal apache error processing, thereby allowing
     proxy errors to be treated by ErrorDocument's as well. For this
     purpose, a new module-to-core communication variable "error-notes"
     was introduced; the proxy (and possibly other modules) communicates
     its error text using this variable. Its content is copied to a new
     cgi-env-var REDIRECT_ERROR_NOTES for use by ErrorDocuments.
     The old proxy special error routine ap_proxy_log_uerror()
     was replaced by regular ap_log_error() calls, many messages were made
     more informative. 
     [Martin Kraemer] PR#494, 1259

  *) SECURITY: A possible buffer overflow in the ftp proxy was fixed.
     [Martin Kraemer]

  *) Transform the configure message "You need root privileges for suEXEC"
     from a fatal error into a (more friendly) warning because the building
     ("make") of Apache we can allow, of course. Root privileges are needed
     only for the installation step ("make install"). So make sure the
     user is aware of this fact but let him proceed as long as he can.
     [Ralf S. Engelschall] PR#2288
  
  *) Renamed three more functions to common ap_ prefix which we missed at the
     Big Symbol Renaming because they're #defines and not real C functions:
     is_default_port(), default_port(), http_method().
     [Ralf S. Engelschall]

  *) A zero-length name after a $ in an SSI document should cause
     just the $ to be in the expansion.  This was broken during the
     security fixes in 1.2.5.  [Dean Gaudet] PR#1921, 2249

  *) Call ap_destroy_sub_req() in ap_add_cgi_vars() to reclaim some
     memory.  [Rob Saccoccio <robs@InfiniteTechnology.com>] PR#2252

  *) Fix src/support/httpd.exp (DSO export file which is currently only
     used under AIX) because of recent changes to function names.
     [Ralf S. Engelschall]

Changes with Apache 1.3b7

  *) Make sure a MIME-type can be forced via a RewriteRule even when no
     substitution takes place, for instance via the following rule:
     ``RewriteRule ^myscript$ - [T=application/x-httpd-cgi]'' This was often
     requested by users in the past to force a single script without a .cgi
     extension and outside any cgi-bin dirs to be executed as a CGI program.
     [Ralf S. Engelschall] PR#2254

  *) A fix for protocol issues surrounding 400, 408, and
     414 responses. [Ed Korthof]

  *) Ignore MaxRequestsPerChild on WIN32. [Brian Behlendorf]

  *) Fix discrepancy in proxy_ftp.c which was causing failures when 
     trying to connect to certain ftpd's, such as anonftpd.  
     [Rick Ohnemus <rick@ecompcon.com>]

  *) Make mod_rewrite use ap_open_piped_log() for RewriteLog directive's
     logfile instead of fiddling around itself with child spawning stuff.
     [Ralf S. Engelschall]

  *) Made RefererIgnore case-insensitive.

  *) Mod_log_agent, mod_log_referer now use ap_open_piped_log for piped logs.
     [Brian Behlendorf]

  *) Replace use of spawn_child with ap_spawn_child_err_buff, to make everything
     "safe" under Win32.  In: mod_include.c, mod_mime_magic.c
     [Brian Behlendorf]

  *) Improve RFC1413 support. [Bob Beck <beck@bofh.ucs.ualberta.ca>]

  *) Fix support script `dbmmanage': It was unable to handle some sort
     of passwords, especially passwords with "0" chars.
     [Ralf S. Engelschall] PR#2242

  *) WIN32: Clicking on "Last Modified" in a fancy index caused a crash. Fixed.
     [Ben Laurie] PR#2238

  *) WIN32: CGIs could cause a hang (because of a deadlock in the standard C
     library), so CGI handling has been changed to use Win32 native handles
     instead of C file descriptors.
     [Ben Laurie and Bill Stoddard <wgstodda@us.ibm.com>] PR#1129, 1607

  *) The proxy cache would store an incorrect content-length in the cached
     file copy after a cache update. That resulted in repeated fetching
     of the original copy instead of using the cached copy.
     [Ernst Kloppenburg <kloppen@isr.uni-stuttgart.de>] PR#2094

  *) The Makefiles assumed that DSO files are build via $(LD). This
     is broken for two reasons: First we never defined at least LD=ld
     somewhere to make sure this works (it was silently assumed that most Make
     provide a built-in LD definition - ARGL!) and second using the generic LD
     variable is not the truth. Instead a special variable named LD_SHLIB is
     reasonable because although "ld" is usually the default, the command for
     building DSO files can be "libtool" or even "cc" on some systems.
     [Ralf S. Engelschall]

  *) Replace the AddVersionPlatform directive with ServerTokens which
     provides for more control over the format of the Server:
     header line. SERVER_SUBVERSION is no longer supported;
     all module should use the ap_add_version_component()
     API function instead. [Jim Jagielski]

  *) Support for the NCR MP/RAS 3.0
     [John Withers <withers@semi.kcsc.mwr.irs.gov>]

  *) The LDFLAGS_SHLIB_EXPORT variable of src/Configuration[.tmpl] was
     not retrieved in src/Configure and thus was not useable.
     [Ralf S. Engelschall]
 
  *) Various Makefile consistency cleanups:
     - make OSDIR also automatically be relative to src/ like INCDIR
     - SUBDIRS is now generated in src/Makefile only and not in
       Makefile.config because it is a local define for this location.
     - remove BROKEN_BPRINTF_FLAGS because is it no longer used inside
       any Makefile but make sure that at least the "-K inline" is kept in
       CFLAGS for SCO 5.
     - update the "depend" targets in Makefile.tmpl files to use $(OSDIR), too.
     - updated the dependencies theirself
     - removed not existing SHLIB variable from "clean" targets
     - replaced SHLIB_OBJS/SHLIBS_OBJ consistently with OBJS_PIC because OBJS
       already exists and OBJS_PIC are also just plain objects and have not
       directly to do with "shared" things. The only difference is that they
       contain PIC. So OBJS_PIC is the more canonical name.
     - Updated the Makefile-dependency lines for OBJS_PIC
     - Removed the Makefile-dependency line in Configure to avoid double
       definitions
     - replaced ugly xx-so.o/xx.so-o hack with a clean and consistent usage
       of xxx.lo as GNU libtool does with its PIC objects
     - reduce local complexity in modules Makefile.tmpl by moving the last
       existing target "depend" to the generation section in Configure, too.
     - removed the historical $(SPACER) which was used in the past together
       with BROKEN_BPRINTF_FLAGS to avoid zig-zags in the build process. This
       is no longer needed.
     - force the build and run of the gen_xxx programs under main/ as the
       first step before building the objects because it looks cleaner
     [Ralf S. Engelschall]

  *) WIN32: Make Win32 work again after the /dev/null DoS fix.
     [Ben Laurie]

  *) WIN32: Check for buffer overflows in ap_os_canonical_filename.
     [Ben Laurie]

  *) WIN32: Don't force ISAPI headers to finish with \n.
     [Jim Patterson <Jim.Patterson@Cognos.COM>, Ben Laurie] PR#2060

  *) When opening "configuration" files (like httpd.conf, htaccess
     and htpasswd), Apache will not allow them to be non-/dev/null
     device files. This closes a DoS hole. At the same time,
     we use ap_pfopen to open these files to handle timeouts.
     [Jim Jagielski, Martin Kraemer]

  *) Apache will now log the reason its httpd children exit if they exit
     due to an unexpected signal.  (It requires a new porting define,
     SYS_SIGLIST, which if defined should point to a list of text
     descriptions of the signals available.  See PORTING.)  [Dean Gaudet]

  *) WIN32: chdir() doesn't make sense in a multithreaded environment 
     like WIN32.  Before, Win32 CGI's could have had sporadic failures 
     if a chdir call from one thread was made between another chdir call 
     and a spawn in another thread.  So, for now don't chdir for CGI scripts 
     in WIN32.  The current CGI "spec" is unclear as to whether it's 
     necessary.  Long-term fix is to either serialize the chdir/spawn combo 
     or use WIN32 native calls to spawn a process.  This temp fix was 
     necessary to remove this as a showstopper for 1.3's release. 
     [Brian Behlendorf]

  *) Cleanup the suEXEC support in APACI and make it more safe:
     1. Add big fat hint in INSTALL about risks and to read the
        htdocs/manual/suexec.html document before using the suexec-related
        configure options.
     2. Make sure the user has at least provided one --suexec-xxxx option
        (specifies suEXEC parameters) in addition to --enable-suexec option.
        If only --enable-suexec is given APACI stops with a hint to INSTALL
        and htdocs/manual/suexec.html documents.
     3. Provide two additional --suexec-xxxx options to make the suEXEC
        configuration complete (especially for package maintainers who else
        had to patch the source tree) by providing ways to configure minimal
        UID/GID and safe PATH, too.
     [Ralf S. Engelschall]

  *) Cleanup of the `configure --shadow' process:
     - make sure the configure script creates its temporary files in the
       shadow tree to avoid conflicts with parallel configure runs
     - removed unnecessary option "-r" from "rm" call for Makefiles
     - make sure the configure scripts creates the shadow-wrapper Makefile
       only when no shadow trees already exists
     - make sure "make distclean" removes the shadow-wrapper Makefile but only
       when no more shadow trees exists
     - overhauled mkshadow.sh script: now its more IFS-safe and approx. twice
       as fast (in the past it needed 70sec, now it runs just 38sec)
     - make sure CVS does not complain about the created files
       Makefille.<gnutriple> and directories src.<gnutriple>
     [Ralf S. Engelschall]

  *) Added the ap_add_version_component() API routine and the
     AddVersionPlatform core directive.  The first allows modules to
     declare themselves in the Server response header field value,
     augmenting the SERVER_SUBVERSION define in the Configuration file
     with run-time settings (more useful in a loadable-module environment).
     AddVersionPlatform inserts a comment such as "(UNIX)" or "(Win32)"
     into the server version string.  [Ken Coar] PR#2056

  *) Minor stability tweaks to avoid core dumps in ap_snprintf.
     [Martin Kraemer]

  *) Emit the "Accept-Range" header for the default handler.
     [Brian Behlendorf] PR#1464

  *) Add a note to httpd.conf-dist that apache will on some systems fail
     to start when the Group # is set to a negative or large positive value.
     [Martin Kraemer]

  *) Make sure the module execution order is correct even when some modules
     are loaded under runtime (`LoadModule') via the DSO mechanism:
     1. The list of loaded modules is now a dynamically allocated one
        and not the original statically list from modules.c
     2. The loaded modules are now correctly setup by LoadModule for
        later use by the AddModule command.
     3. When the DSO mechanism for modules is used APACI's `install'
        target now enables all created `LoadModule' lines per default because
        this is both already expected by the user _and_ needed to avoid
        confusion with the next point and reduces the Makefile.tmpl complexity
     4. When the DSO mechanism for modules is used, APACI's `install'
        target now additionally makes sure the module list is reconstructed
        via a complete `ClearModuleList+AddModule...' entry.
     5. The support tool `apxs' now also makes sure an AddModule command
        is added in addition to the LoadModule command.
     6. The modules.c generation was extended to now contain two