Newer
Older
[Remove entries to the current 2.0 section below, when backported]
Madhusudan Mathihalli
committed
*) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
the INCLUDE path to be defined properly.
PR 11310. [Geoff Thrope <geoff@geoffthorpe.net>]
Madhusudan Mathihalli
committed
*) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
Madhusudan Mathihalli
committed
*) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
[Geoff Thorpe <geoff@geoffthorpe.net>]
*) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
caching. PR 17864.
[Andreas Leimbacher <andreasl67@yahoo.de>, Madhusudan Mathihalli]
*) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
[Ian Holsman, André Malo]
*) mod_negotiation: quality values are now parsed independent from
the current locale. level values are now really parsed as integers.
PR 17564. [André Malo]
*) mod_deflate: Check also err_headers_out for an already set
Content-Encoding: gzip header. This prevents gzip compressed content
from a CGI script from being compressed once more. PR 17797.
[André Malo]
*) Forward port: Escape special characters (especially control
characters) in mod_log_config to make a clear distinction between
client-supplied strings (with special characters) and server-side
strings. This was already introduced in version 1.3.25.
[André Malo]
*) Linux 2.4+: enable coredumps when Apache is started as root
if CoreDumpDir is configured [Greg Ames]
*) Added the WindowsSocketsWorkaround directive for Windows NT/2000/XP
to work around problems with certain VPN and Firewall products that
have buggy AcceptEx implementations.
[Allan Edwards w/ suggestions from Bill Stoddard & Bill Rowe]
*) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise
the pattern will not always match as desired. PR 12596.
[André Malo]
*) mod_autoindex now emits and accepts modern query string parameter
delimiters (;). Thus column headers no longer contain unescaped
ampersands. PR 10880 [André Malo]
*) Extend mod_negotiation to evaluate the environment variables
no-gzip and gzip-only-text/html the same way as mod_deflate does.
[André Malo]
*) mod_rewrite: Fix some problems reporting errors with mapping
programs (RewriteMap prg:/something). [Jeff Trawick]
*) When using Redirect in directory context, append requested query
string if there's no one supplied by configuration. PR 10961.
[André Malo]
*) Fix mod_rewrite's handling of absolute URIs. The escaping routines
now work scheme dependent and the query string will only be
appended if supported by the particular scheme. [André Malo]
*) Fix path handling of mod_rewrite, especially on non-unix systems.
There was some confusion between local paths and URL paths.
PR 12902. [André Malo]
Justin Erenkrantz
committed
*) Return 413 if chunk-ext-header is too long rather than reading from
the truncated line. PR 15857. [Justin Erenkrantz]
Justin Erenkrantz
committed
*) If mod_mime_magic does not know the content-type, do not attempt to
guess. PR 16908. [Andrew Gapon <agapon@telcordia.com>]
*) Allow restart of httpd to occur even with syntax errors in the config
file. PR 16813. [Justin Erenkrantz]
*) Use APR_LAYOUT instead of APACHE_LAYOUT in configure. PR 15679.
[Justin Erenkrantz]
*) Remove files on 'make distclean' that should be. PR 15592.
[Justin Erenkrantz]
Justin Erenkrantz
committed
*) Allow apachectl to perform status with links and elinks as well.
[Justin Erenkrantz]
*) Extend the SetEnvIf directive to capture subexpressions of the
matched value. [André Malo]
*) mod_log_config change optional hook to return previous handler
[Ian Holsman]
*) Forward port of mod_actions' ability to handle arbitrary methods
with the Script directive. [André Malo]
*) Let suexec send a message to stderr, if it failed or its policy
was violated. This message appears in the error log and allows
for easier debugging. PR 5381, 7638, 8255, 10773. [André Malo]
Justin Erenkrantz
committed
*) Modify buildconf to copy all required files into httpd's tree.
[Thom May <thom@planetarytramp.net>]
Justin Erenkrantz
committed
*) Allow mod_dav to do weak entity comparison functions.
[Justin Erenkrantz]
*) mod_negotiation: Introduce "prefer-language" environment variable,
which allows to influence the negotiation process on request basis
to prefer a certain language. [André Malo]
*) Added AllowEncodedSlashes directive which permits request URIs
to encode '/' as '%2f' and pass it to scripts in path-info without
triggering the 'no encoded slashes anywhere' legacy rule.
PR 543, 2389, 3581, 3589, 5687, 7066, 7865, 14639. [Ken Coar]
*) Move RFC 1413 ident requests from core to new module mod_ident.
[André Malo]
*) Add mod_authz_owner - a forward port of "Require file-owner"
and "Require file-group", which was already present in version
1.3.21. [André Malo]
Justin Erenkrantz
committed
*) Add mod_dav_lock - a generic subset of the DAV locking implementation.
[Justin Erenkrantz]
*) Replace some of the mutex locking in the worker MPM with
atomic operations for higher concurrency. [Brian Pane]
*) Allow 'make depend' to work with non-GCC compilers.
[Justin Erenkrantz]
*) Fix a bug where we leak fd's until the end of a keepalive
connection, which may result in:
(24)Too many open files: file permissions deny server access
especially on threaded servers. [Greg Ames]
*) If an httpd.conf has commented out AddModule directives,
apxs -i -a will add an un-commented AddModule directive for
the new module, which breaks the config.
PR: 11212 [Joe Orton]
Justin Erenkrantz
committed
*) Fix mod_proxy handling of filtered input bodies. [Justin Erenkrantz]
*) Move the check of the Expect request header field after the hook
for ap_post_read_request, since that is the only opportunity for
modules to handle Expect extensions. [Justin Erenkrantz]
*) Rewrite of aaa modules to an authn/authz model.
[Dirk-Willem van Gulik, Justin Erenkrantz]
[Apache 2.1.0-dev includes those bug fixes and changes with the
Apache 2.0.xx tree as documented, and except as noted, below.]
Changes with Apache 2.0.45
*) SECURITY: Eliminated leaks of several file descriptors to child
processes, such as CGI scripts. This fix depends on the latest
APR library release 0.9.2, which is distributed with the httpd
source tarball for Apache 2.0.45. PR 17206
[Christian Kratzer <ck@cksoft.de>, Bjoern A. Zeeb <bz@zabbadoz.net>]
*) Prevent endless loops of internal redirects in mod_rewrite by
aborting after exceeding a limit of internal redirects. The
limit defaults to 10 and can be changed using the RewriteOptions
directive. PR 17462. [André Malo]
*) Win32: Avoid busy wait (consuming all the CPU idle cycles) when
all worker threads are busy.
[Igor Nazarenko <igor_nazarenko@hotmail.com>]
*) Keep the subrequest filter in place when a subrequest is
redirected. PR 15423. [Jeff Trawick]
*) you can now specify the compression level for mod_deflate.
[Ian Holsman, Stephen Pierzchala <stephen@pierzchala.com>,
Michael Schroepl <Michael.Schroepl@telekurs.de>]
*) mod_deflate: Extend the DeflateFilterNote directive to
allow accurate logging of the filter's in- and outstream.
[André Malo]
*) Allow SSLMutex to select/use the full range of APR locking
mechanisms available to it. Also, fix the bug that SSLMutex uses
APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski,
martin.t.kutschker@blackbox.net (Martin Kutschker)]
*) Restore the ability of htdigest.exe to create files that contain
more than one user. PR 12910. [André Malo]
*) Improve binary compatibility of the core between debug (aka
maintainer-mode) and a non-debug compile.
[Sander Striker]
*) mod_usertrack: don't set the cookie in subrequests. This works
around the problem that cookies were set twice during fast internal
redirects. PR 13211. [André Malo]
Loading full blame...