CHANGES

Changes with Apache 2.1.0-dev

  [Remove entries to the current 2.0 section below, when backported]

  *) Fix for mod_dav.  Call the 'can_be_activity' callback, if provided,
     when a MKACTIVITY request comes in.
     [Ben Collins-Sussman <sussman@apache.org>]

  *) configure.in: Play nice with libtool-1.5. [Wilfredo Sanchez]

  *) Prevent the server from crashing when entering infinite loops. The
     new LimitInternalRecursion directive configures limits of subsequent
     internal redirects and nested subrequests, after which the request
     will be aborted.  PR 19753 (and probably others).
     [William Rowe, Jeff Trawick, André Malo]

  *) mod_rewrite: Fix LA-U variable look ahead which didn't work correctly
     in directory context. Related to PR 8493.  [André Malo]

  *) Add a delete flag to htpasswd.
     [Thom May]

  *) Ensure that ssl-std.conf is generated at configure time, and switch
     to using the expanded config variables to work the same as
     httpd-std.conf PR 19611
     [Thom May]

  *) Fix a problem with namespace mappings being dropped in mod_dav_fs; 
     if any property values were set which defined namespaces these 
     came out mangled in the PROPFIND response.  PR 11637.
     [Amit Athavale <amit_athavale@persistent.co.in>]

  *) prefork MPM: Use the right permissions for the directory created 
     for gprof support.  [Jim Carlson <jcarlson@jnous.com>]

  *) Fix the inability to log errors like exec failure in
     mod_ext_filter/mod_cgi script children.  This was broken after 
     such children stopped inheriting the error log handle.  
     [Jeff Trawick]

  *) Fix a compile failure with recent OpenSSL and picky compilers
     (e.g., OpenSSL 0.9.7a and xlc_r on AIX).  [Jeff Trawick]

  *) Do not bypass output filters when redirecting subrequests internally.
     PR 17629.  [André Malo]

  *) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
     the INCLUDE path to be defined properly.
     PR 11310. [Geoff Thrope <geoff@geoffthorpe.net>]

  *) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
     
  *) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
     autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc). 
     [Geoff Thorpe <geoff@geoffthorpe.net>]

  *) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
     caching. PR 17864.
     [Andreas Leimbacher <andreasl67@yahoo.de>, Madhusudan Mathihalli]

  *) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
     [Ian Holsman, André Malo]

  *) mod_negotiation: quality values are now parsed independent from
     the current locale. level values are now really parsed as integers.
     PR 17564.  [André Malo]

  *) Added the WindowsSocketsWorkaround directive for Windows NT/2000/XP
     to work around problems with certain VPN and Firewall products that 
     have buggy AcceptEx implementations.
     [Allan Edwards w/ suggestions from Bill Stoddard & Bill Rowe]

  *) Extend mod_negotiation to evaluate the environment variables
     no-gzip and gzip-only-text/html the same way as mod_deflate does.
     [André Malo]

  *) mod_rewrite: Fix some problems reporting errors with mapping
     programs (RewriteMap prg:/something).  [Jeff Trawick]

  *) Fix mod_rewrite's handling of absolute URIs. The escaping routines
     now work scheme dependent and the query string will only be
     appended if supported by the particular scheme.  [André Malo]

  *) Return 413 if chunk-ext-header is too long rather than reading from
     the truncated line.  PR 15857.  [Justin Erenkrantz]

  *) If mod_mime_magic does not know the content-type, do not attempt to
     guess.  PR 16908.  [Andrew Gapon <agapon@telcordia.com>]

  *) Allow restart of httpd to occur even with syntax errors in the config
     file.  PR 16813.  [Justin Erenkrantz]

  *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure.  PR 15679.
     [Justin Erenkrantz]

  *) Remove files on 'make distclean' that should be.  PR 15592.
     [Justin Erenkrantz]

  *) Allow apachectl to perform status with links and elinks as well.
     [Justin Erenkrantz]

  *) Extend the SetEnvIf directive to capture subexpressions of the
     matched value.  [André Malo]

  *) mod_log_config change optional hook to return previous handler
     [Ian Holsman]

  *) Forward port of mod_actions' ability to handle arbitrary methods
     with the Script directive.  [André Malo]

  *) Let suexec send a message to stderr, if it failed or its policy
     was violated. This message appears in the error log and allows
     for easier debugging. PR 5381, 7638, 8255, 10773.  [André Malo]

  *) Modify buildconf to copy all required files into httpd's tree.
     [Thom May <thom@planetarytramp.net>]

  *) Allow mod_dav to do weak entity comparison functions.
     [Justin Erenkrantz]

  *) mod_negotiation: Introduce "prefer-language" environment variable,
     which allows to influence the negotiation process on request basis
     to prefer a certain language.  [André Malo]

  *) Move RFC 1413 ident requests from core to new module mod_ident.
     [André Malo]

  *) Add mod_authz_owner - a forward port of "Require file-owner"
     and "Require file-group", which was already present in version
     1.3.21.  [André Malo]

  *) Add mod_dav_lock - a generic subset of the DAV locking implementation.
     [Justin Erenkrantz]

  *) Replace some of the mutex locking in the worker MPM with
     atomic operations for higher concurrency.  [Brian Pane]

  *) Allow 'make depend' to work with non-GCC compilers.
     [Justin Erenkrantz]

  *) If an httpd.conf has commented out AddModule directives, 
     apxs -i -a will add an un-commented AddModule directive for 
     the new module, which breaks the config.
     PR: 11212 [Joe Orton]

  *) Fix mod_proxy handling of filtered input bodies.  [Justin Erenkrantz]

  *) Move the check of the Expect request header field after the hook
     for ap_post_read_request, since that is the only opportunity for
     modules to handle Expect extensions.  [Justin Erenkrantz]

  *) Rewrite of aaa modules to an authn/authz model.
     [Dirk-Willem van Gulik, Justin Erenkrantz]


  [Apache 2.1.0-dev includes those bug fixes and changes with the
   Apache 2.0.xx tree as documented, and except as noted, below.]

Changes with Apache 2.0.46

  *) Make mod_expires' ExpiresByType work properly, including for
     dynamically-generated documents.  [Ken Coar]

  *) Add another check for already compressed content in mod_deflate.
     PR 19913. [Tsuyoshi SASAMOTO <nazonazo@super.win.ne.jp>]

  *) Fixes for VPATH builds; copying special.mk and any future .mk files 
     from the source tree as well as the build tree (now creates a usable
     configuration for apxs), and eliminated redundant -I'nclude paths.
     [William Rowe]

  *) Code fixes, constness corrections and ssl_toolkit_compat.h updates
     for SSLC and OpenSSL toolkit compatibility.  Still work remains to
     be done to cripple features based on the limitations of RSA's binary 
     distribution of their SSL-C toolkit.
     [William Rowe, Madhusudan Mathihalli, Jeff Trawick]

  *) Linux 2.4+: If Apache is started as root and you code 
     CoreDumpDirectory, coredumps are enabled via the prctl() syscall.
     [Greg Ames]

  *) ap_get_mime_headers_core: allocate space for the trailing null
     when folding is in effect.
     PR 18170 [Peter Mayne <PeterMayne@SPAM_SUX.ap.spherion.com>]

  *) Fix --enable-mods-shared=most and other variants.  [Aaron Bannert]

  *) mod_log_config: Add the ability to log the id of the thread 
     processing the request via new %P formats.  [Jeff Trawick]

  *) Use appropriate language codes for Czech (cs) and Traditional Chinese
     (zh-tw) in default config files. PR 9427.  [André Malo]

  *) mod_auth_ldap: Use generic whitespace character class when parsing
     "require" directives, instead of literal spaces only. PR 17135.
     [André Malo]

  *) Hook mod_rewrite's type checker before mod_mime's one. That way the
     RewriteRule [T=...] Flag should work as expected now. PR 19626.
     [André Malo]