Newer
Older
8001
8002
8003
8004
8005
8006
8007
8008
8009
8010
8011
8012
8013
8014
8015
8016
8017
8018
8019
8020
8021
8022
8023
8024
8025
8026
8027
8028
8029
8030
8031
8032
8033
8034
8035
8036
8037
8038
8039
8040
8041
8042
8043
8044
8045
8046
8047
8048
8049
8050
8051
8052
8053
8054
8055
8056
8057
8058
8059
8060
8061
8062
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
8105
8106
8107
8108
8109
8110
8111
8112
8113
8114
8115
8116
8117
8118
8119
8120
8121
8122
8123
8124
8125
8126
8127
8128
8129
8130
8131
8132
8133
8134
8135
8136
8137
8138
8139
8140
8141
8142
8143
8144
8145
8146
8147
8148
8149
8150
8151
8152
8153
8154
8155
8156
8157
8158
8159
8160
8161
8162
8163
8164
8165
8166
8167
8168
8169
8170
8171
8172
8173
8174
8175
8176
8177
8178
8179
8180
8181
8182
8183
8184
8185
8186
8187
8188
8189
8190
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
8213
8214
8215
8216
8217
8218
8219
8220
8221
8222
8223
8224
8225
8226
8227
8228
8229
8230
8231
8232
8233
8234
8235
8236
8237
8238
8239
8240
8241
8242
8243
8244
8245
8246
8247
8248
8249
8250
8251
8252
8253
8254
8255
8256
8257
8258
8259
8260
8261
8262
8263
8264
8265
8266
8267
8268
8269
8270
8271
8272
8273
8274
8275
8276
8277
8278
8279
8280
8281
8282
8283
8284
8285
8286
8287
8288
8289
8290
8291
8292
8293
8294
8295
8296
8297
8298
8299
8300
8301
8302
8303
8304
8305
8306
8307
8308
8309
8310
8311
8312
8313
8314
8315
8316
8317
8318
8319
8320
8321
8322
8323
8324
8325
8326
8327
8328
8329
8330
8331
8332
8333
8334
8335
8336
8337
8338
8339
8340
8341
8342
8343
8344
8345
8346
8347
8348
8349
8350
8351
8352
8353
8354
8355
8356
8357
8358
8359
8360
8361
8362
8363
8364
8365
8366
8367
8368
8369
8370
8371
8372
8373
8374
8375
8376
8377
8378
8379
8380
8381
8382
8383
8384
8385
8386
8387
8388
8389
8390
8391
8392
8393
8394
8395
8396
8397
8398
8399
8400
8401
8402
8403
8404
8405
8406
8407
8408
8409
8410
8411
8412
8413
8414
8415
8416
8417
8418
8419
8420
8421
8422
8423
8424
8425
8426
8427
8428
8429
8430
8431
8432
8433
8434
8435
8436
8437
8438
8439
8440
8441
8442
8443
8444
8445
8446
8447
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8459
8460
8461
8462
8463
8464
8465
8466
8467
8468
8469
8470
8471
8472
8473
8474
8475
8476
8477
8478
8479
8480
8481
8482
8483
8484
8485
8486
8487
8488
8489
8490
8491
8492
8493
8494
8495
8496
8497
8498
8499
8500
8501
8502
8503
8504
8505
8506
8507
8508
8509
8510
8511
8512
8513
8514
8515
8516
8517
8518
8519
8520
8521
8522
8523
8524
8525
8526
8527
8528
8529
8530
8531
8532
8533
8534
8535
8536
8537
8538
8539
8540
8541
8542
8543
8544
8545
8546
8547
8548
8549
8550
8551
8552
8553
8554
8555
8556
8557
8558
8559
8560
8561
8562
8563
8564
8565
8566
8567
8568
8569
8570
8571
8572
8573
8574
8575
8576
8577
8578
8579
8580
8581
8582
8583
8584
8585
8586
8587
8588
8589
8590
8591
8592
8593
8594
8595
8596
8597
8598
8599
8600
8601
8602
8603
8604
8605
8606
8607
8608
8609
8610
8611
8612
8613
8614
8615
8616
8617
8618
8619
8620
8621
8622
8623
8624
8625
8626
8627
8628
8629
8630
8631
8632
8633
8634
8635
8636
8637
8638
8639
8640
8641
8642
8643
8644
8645
8646
8647
8648
8649
8650
8651
8652
8653
8654
8655
8656
8657
8658
8659
8660
8661
8662
8663
8664
8665
8666
8667
8668
8669
8670
8671
8672
8673
8674
8675
8676
8677
8678
8679
8680
8681
8682
8683
8684
8685
8686
8687
8688
8689
8690
8691
8692
8693
8694
8695
8696
8697
8698
8699
8700
8701
8702
8703
8704
8705
8706
8707
8708
8709
8710
8711
8712
8713
8714
8715
8716
8717
8718
8719
8720
8721
8722
8723
8724
8725
8726
8727
8728
8729
8730
8731
8732
8733
8734
8735
8736
8737
8738
8739
8740
8741
8742
8743
8744
8745
8746
8747
8748
8749
8750
8751
8752
8753
8754
8755
8756
8757
8758
8759
8760
8761
8762
8763
8764
8765
8766
8767
8768
8769
8770
8771
8772
8773
8774
8775
8776
8777
8778
8779
8780
8781
8782
8783
8784
8785
8786
8787
8788
8789
8790
8791
8792
8793
8794
8795
8796
8797
8798
8799
8800
8801
8802
8803
8804
8805
8806
8807
8808
8809
8810
8811
8812
8813
8814
8815
8816
8817
8818
8819
8820
8821
8822
8823
8824
8825
8826
8827
8828
8829
8830
8831
8832
8833
8834
8835
8836
8837
8838
8839
8840
8841
8842
8843
8844
8845
8846
8847
8848
8849
8850
8851
8852
8853
8854
8855
8856
8857
8858
8859
8860
8861
8862
8863
8864
8865
8866
8867
8868
8869
8870
8871
8872
8873
8874
8875
8876
8877
8878
8879
8880
8881
8882
8883
8884
8885
8886
8887
8888
8889
8890
8891
8892
8893
8894
8895
8896
8897
8898
8899
8900
8901
8902
8903
8904
8905
8906
8907
8908
8909
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
8933
8934
8935
8936
8937
8938
8939
8940
8941
8942
8943
8944
8945
8946
8947
8948
8949
8950
8951
8952
8953
8954
8955
8956
8957
8958
8959
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
8981
8982
8983
8984
8985
8986
8987
8988
8989
8990
8991
8992
8993
8994
8995
8996
8997
8998
8999
9000
by pstrcat() or other similar means. New routines table_addn,
table_mergen, and table_setn have been added to the API, these
routines do not pstrdup() their arguments. The core code and
standard modules were changed to take advantage of these routines.
The resulting server is up to 20% faster in some situations.
Note that it is easy to get code subtly wrong if you pass a key/value
which is in a pool other than the pool of the table. The only
safe thing to do is to pass key/values which are in the pool of
the table, or in one of the ancestors of the pool of the table.
i.e. if the table is part of a subrequest, a value from the main
request's pool is OK since the subrequest pool is a sub_pool of the
main request's pool (and therefore has a lifespan at most as long as
the main pool). There is debugging code which can detect improper
usage, enabled by defining POOL_DEBUG. See alloc.c for more details.
[Dmitry Khrustalev <dima@bog.msu.su>, Dean Gaudet]
*) More mod_mime_magic cleanup: fewer syscalls; should handle "files"
which don't exist on disk more gracefully; handles vhosts properly.
Update documentation to reflect the code -- if there's no
MimeMagicFile directive then the module is not enabled.
[Dean Gaudet]
*) PORT: Some older *nix dialects cannot automatically start scripts
which begin with a #! interpreter line (the shell starts the scripts
appropriately on these platforms). Apache now supports starting of
"hashbang-scripts" when the NEED_HASHBANG_EMUL define is set.
[Martin Kraemer, with code from peter@zeus.dialix.oz.au (Peter Wemm)
taken from tcsh]
*) API: "typedef array_header table" removed from alloc.h, folks should
have been writing to use table as if it were an opaque type, but even
some standard modules got this wrong. By changing the definition
to "typedef struct table table" module authors will receive compile
time warnings that they're doing the wrong thing. This change
facilitates future changes with more sophisticated table
structures. Specifically, module authors should be using table_elts()
to get access to an array_header * for the table. [Dean Gaudet]
*) API: Renamed new_connection() to avoid namespace collision with LDAP
library routines. [Ken Coar, Rasmus Lerdorf]
*) WIN32: mod_speling is now available on the Win32 platform.
[Marc Slemko]
*) For clarity the following compile time definition was changed:
SAFE_UNSERIALIZED_ACCEPT -> SINGLE_LISTEN_UNSERIALIZED_ACCEPT
Also, for example, HAVE_MMAP would mean to use mmap() scoreboards
and not be a general notice that the OS has mmap(). Now the
HAVE_MMAP/SHMGET #defines strictly are informational that the
OS has that method of shared memory; the type to use for
the scoreboard is a seperate #define (USE_MMAP_SCOREBOARD
and USE_SHMGET_SCOREBOARD). This allows outside modules to
determine if shared memory is available and allows Apache
to determine the best method to use for the scoreboard.
[Jim Jagielski]
*) PORT: UnixWare 2.1.2 SMP appears to require USE_FCNTL_SERIALIZED_ACCEPT,
as do various earlier versions. It should be safe on all versions.
Unixware 1.x appears to have the same SIGHUP bug as solaris does with
the slack code. A few other cleanups for Unixware.
[Tom Hughes <thh@cyberscience.com>] PR#1082, PR#1282, PR#1499, PR#1553
*) PORT: A/UX can handle single-listen accepts without mutex
locking, so we add SINGLE_LISTEN_UNSERIALIZED_ACCEPT. [Jim Jagielski]
*) When die() happens we need to eat any request body if one exists.
Otherwise we can't continue with a keepalive session. This shows up
as a POST problem with MSIE 4.0, typically against pages which are
authenticated. [Roy Fielding] PR#1399
*) If you define SECURITY_HOLE_PASS_AUTHORIZATION then the Authorization
header will be passed to CGIs. This is generally a security hole, so
it's not a default. [Marc Slemko] PR#549
*) Fix Y2K problem with date printing in suexec log.
[Paul Eggert <eggert@twinsun.com>] PR#1343
*) WIN32 deserves a pid file. [Ben Hyde]
*) suexec errors now include the errno/description. [Marc Slemko] PR#1543
*) PORT: OSF/1 now uses USE_FLOCK_SERIALIZED_ACCEPT to solve PR#467.
The choice of flock vs. fcntl was made based on timings which showed that
even on non-NFS, non-exported filesystems fcntl() was an order of
magnitude slower. It also uses SINGLE_LISTEN_UNSERIALIZED_ACCEPT so
that single socket users will see no difference. [Dean Gaudet] PR#467
*) "File does not exist" error message was erroneously including the
errno. [Marc Slemko]
*) Improve the warning message generated when a client drops the
connection (hits stop button, etc.) during a send. [Roy Fielding]
*) Defining GPROF will disable profiling in the parent and enable it
in the children. If you're profiling under Linux this is pretty much
necessary because SIGPROF is lost across a fork(). [Dean Gaudet]
*) htdigest and htpasswd needed slight tweaks to work on OS/2 and WIN32.
[Brian Havard]
*) The NeXT cc (which is gcc hacked up) doesn't appear to support some
gcc functionality. Work around it.
[Keith Severson <keith@sssd.navy.mil>] PR#1613
*) Some linkers complain when .o files contain no functions.
[Keith Severson <keith@sssd.navy.mil>] PR#1614
*) Some const declarations in mod_imap.c that were added for debugging
purposes caused some compilers heartburn without adding any
significant value, so they've been removed. [Ken Coar]
*) The src/main/*.h header files have had #ifndef wrappers added to
insulate them against duplicate calls if they get included through
multiple paths (e.g., in .c files as well as other .h files).
[Ken Coar]
*) The libap routines now have a header file for their prototypes,
src/ap/ap.h, to ease their use in non-httpd applications. [Ken Coar]
*) mod_autoindex with a plaintext header file would emit the <PRE>
start-tag before the HTML preamble, rather than after the preamble
but before the header file contents. [John Van Essen <jve@gamers.org>]
PR#1667
*) SECURITY: Fix a possible buffer overflow in logresolve. This is
only an issue on systems without a MAXDNAME define or where
the resolver returns domain names longer than MAXDNAME. [Marc Slemko]
*) SECURITY: Eliminate possible buffer overflow in cfg_getline, which
is used to read various types of files such as htaccess and
htpasswd files. [Marc Slemko]
*) SECURITY: Ensure that the buffer returned by ht_time is always
properly null terminated. [Marc Slemko]
*) The "Connection" header could be sent back with multiple "close"
tokens. Not an error, but a waste.
[Ronald.Tschalaer@psi.ch] PR#1683
*) mod_rewrite's RewriteLog should behave like mod_log_config, it
shouldn't force hostname lookups. [Dean Gaudet] PR#1684
*) "basic" auth needs a case-insensitive comparison.
[Ronald.Tschalaer@psi.ch] PR#1666
*) For maximum portability, the environment passed to CGIs should
only contain variables whose names match the regex
/[a-zA-Z][a-zA-Z0-9_]*/. This is now enforced by stamping
underscores over any character outside the regex. This
affects HTTP_* variables, in a way that should be backward
compatible for all the standard headers; and affects variables
set with SetEnv/BrowserMatch and similar directives.
[Dean Gaudet]
*) mod_speling returned incorrect HREF's when an ambigous match
was found. Noticed by <robinton@amtrash.comlink.de> (Soeren Ziehe)
[robinton@amtrash.comlink.de (Soeren Ziehe), Martin Kraemer]
*) PORT: Apache now compiles & runs on an EBCDIC mainframe
(the Siemens BS2000/OSD family) in the POSIX subsystem
[Martin Kraemer]
*) PORT: Fix problem killing children when terminating. Allow ^C
to shut down the server. [Brian Havard]
*) pstrdup() is implicit in calls to table_* functions, so there's
no need to do it before calling. Clean up a few cases.
[Marc Slemko, Dean Gaudet]
*) new -C and -c command line arguments
usage:
-C "directive" : process directive before reading config files
-c "directive" : process directive after reading config files
example:
httpd -C "PerlModule Apache::httpd_conf"
[Doug MacEachern, Martin Kraemer]
*) WIN32: Fix the execution of CGIs that are scripts and called
with path info that does not have an '=' in.
(eg. http://server/cgi-bin/printenv?foobar)
[Marc Slemko] PR#1591
*) WIN32: Fix a call to os_canonical_filename so it doesn't try to
mess with fake filenames. This fixes proxy caching on
win32. PR#1265
*) SECURITY: General mod_include cleanup, including fixing several
possible buffer overflows and a possible infinite loop.
[Dean Gaudet, Marc Slemko]
*) SECURITY: Numerous changes to mod_imap in a general cleanup
including fixing a possible buffer overflow. [Dean Gaudet]
*) WIN32: overhaul of multithreading code. Shutdowns are now graceful
(connections are not dropped). Code can handle graceful restarts
(but there is as yet no way to signal this to Apache). Various
other cleanups. [Paul Sutton]
*) The aplog_error changes specific to 1.3 introduced a buffer
overrun in the (now legacy) log_printf function. Fixed.
[Dean Gaudet]
*) mod_digest didn't properly deal with proxy authentication. It
also lacked a case-insensitive comparision of the "Digest"
token. [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>] PR#1599
*) A few cleanups in mod_status for efficiency. [Dean Gaudet]
*) A few cleanups in mod_info to make it thread-safe, and remove an
off-by-5 bug that could hammer \0 on the stack. [Dean Gaudet]
*) no2slash() was O(n^2) in the length of the input. Make it O(n).
[Dean Gaudet]
*) API: migration from strncpy() to our "enhanced" version called
ap_cpystrn() for performance and functionality reasons.
Located in libap.a. [Jim Jagielski]
*) table_set() and table_unset() did not deal correctly with
multiple occurrences of the same key.
[Stephen Scheck <sscheck@infonex.net>, Ben Laurie] PR#1604
*) The AuthName must now be enclosed in quotes if it is to contain
spaces. [Ken Coar] PR#1195
*) API: new function: ap_escape_quotes(). [Ken Coar] PR#1195
*) WIN32: Work around optimiser bug that killed ISAPI in release
versions. [Ben Laurie] PR#1533
*) PORT: Update the MPE port [Mark Bixby, Jim Jagielski]
*) Interim (slow) fix for p->sub_pool critical sections in
alloc.c (affects win32 only). [Ben Hyde]
*) non-WIN32 was missing destroy_mutex definition. [Ben Hyde]
*) send_fd_length() did not calculate total_bytes_sent properly.
[Ben Reser <breser@regnow.com>] PR#1366
*) The bputc() macro was not properly integrated with the chunking
code; in many cases modules using bputc() could cause completely
bogus chunked output. (Typically this will show up as problems
with Internet Explorer 4.0 reading a page, but other browsers
having no problem.) [Dean Gaudet]
*) Create LARGE_WRITE_THRESHOLD define which determines how many
bytes have to be supplied to bwrite() before it will consider
doing a writev() to assemble multiple buffers in one system
call. This is critical for modules such as mod_include,
mod_autoindex, mod_php3 which all use bputc()/bputs() of smaller
strings in some cases. The result would be extra effort
setting up writev(), and in many cases extra effort building
chunks. The default is 31, it can be overriden at compile
time. [Dean Gaudet]
*) Move the gid switching code into the child so that log files
and pid files are opened with the root gid.
[Gregory A Lundberg <lundberg@vr.net>]
*) WIN32: Check for binaries by looking for the executable header
instead of counting control characters.
[Jim Patterson <Jim.Patterson@Cognos.COM>] PR#1340
*) ap_snprintf() moved from main/util_snprintf.c to ap/ap_snprintf.c
so the functionality is available to applications other than the
server itself (like the src/support tools). [Ken Coar]
*) ap_slack() moved out of main/util.c into ap/ap_slack.c as part of
the libap consolidation work. [Ken Coar]
*) ap_snprintf() with a len of 0 behaved like sprintf(). This is not
useful, and isn't what the standards require. Now it returns 0
and writes nothing. [Dean Gaudet]
*) When an error occurs in fcntl() locking suggest the user look up
the docs for LockFile. [Dean Gaudet]
*) Eliminate some dead code from writev_it_all().
[Igor Tatarinov <tatarino@prairie.NoDak.edu>]
*) mod_autoindex had an fread() without checking the result code.
It also wouldn't handle "AddIconByType (TXT,/icons/text.gif text/*"
(note the missing closing paren) properly. [Dean Gaudet]
*) It appears the "257th byte" bug (see
htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
at the 256th byte as well. Fixed. [Dean Gaudet]
*) PORT: Fix mod_mime_magic under OS/2, no support for block devices.
[Brian Havard]
*) Fix memory corruption caused by allocating auth usernames in the
wrong pool. [Dean Gaudet] PR#1500
*) Fix an off-by-1, and an unterminated string error in
mod_mime_magic. [Dean Gaudet]
*) Fix a potential SEGV problem in mod_negotiation when dealing
with type-maps. [Dean Gaudet]
*) Better glibc support under Linux. [Dean Gaudet] PR#1542
*) "RedirectMatch gone /" would cause a SIGSEGV. [Dean Gaudet] PR#1319
*) WIN32: avoid overflows during file canonicalisations.
[malcolm@mgdev.demon.co.uk] PR#1378
*) WIN32: set_file_slot() didn't detect absolute paths. [Ben Laurie]
PR#1511, 1508
*) WIN32: mod_status display header didn't match fields. [Ben Laurie]
*) The pthread_mutex_* functions return an error code, and don't
set errno. [Igor Tatarinov <tatarino@prairie.NoDak.edu>]
*) WIN32: Allow spaces to prefix the interpreter in #! lines.
[Ben Laurie] PR#1101
*) WIN32: Cure file leak in CGIs. [Peter Tillemans <pti@net4all.be>] PR#1523
*) proxy_ftp: the directory listings generated by the proxy ftp module
now have a title in which the path components are clickable and allow
quick navigation to the clicked-on directory on the currently listed
ftp server. This also fixes a bug where the ".." directory links would
sometimes refer to the wrong directory. [Martin Kraemer]
*) WIN32: Allocate the correct amount of memory for the scoreboard.
[Ben Hyde] PR#1387
*) WIN32: Only lowercase the part of the path that is real. [Ben Laurie]
PR#1505
*) Fix problems with timeouts in inetd mode and -X mode. [Dean Gaudet]
*) Fix the spurious "(0)unknown error: mmap_handler: mmap failed"
error messages. [Ben Hyde]
Changes with Apache 1.3b3
*) WIN32: Work around brain-damaged spawn calls that can't deal
with spaces and slashes. [Ben Laurie]
*) WIN32: Fix the code so CGIs can use socket calls on Windows.
The problem was that certain undocumented environment variables
needed for sockets to work under Win32 were not being passed.
[Frank Faubert <frank@sane.com>]
*) Add a "-V" command line flag to the httpd binary. This
flag shows some of the defines that Apache was compiled with.
It is useful for debugging purposes. [Martin Kraemer]
*) Start separating the ap_*() routines into their own library, so they
can be used by items in src/support among other things.
[Ken Coar] PR#512, 905, 1252, 1308
*) Give a more informative error when no AuthType is set.
[Lars Eilebrecht]
*) Remove strtoul() use from mod_proxy because it isn't available
on all platforms. [Marc Slemko] PR#1214
*) WIN32: Some Win32 systems terminated all responses after 16 kB.
This turns out to be a bug in Winsock - select() doesn't always
return the correct status. [Ben Laurie]
*) Directives owned by http_core can now use the new check_cmd_context()
routine to ensure that they're not being used within a container
(e.g., <Directory>) where they're invalid. [Martin Kraemer]
*) PORT: Recent changes made it necessary to add explicit prototype
for fgetc() and fgets() on SunOS 4.x. [Martin Kraemer, Ben Hyde]
*) It was necessary to distinguish between resources which are
allocated in the parent, for cleanup in the parent, and resources
which are allocated in each child, for cleanup in each child.
A new pool was created which is passed to the module child_init
and child_exit functions; modules are free to register per-child
cleanups there. This fixes a bug with reliable piped logs.
[Dean Gaudet]
*) mod_autoindex wasn't displaying the ReadmeName file at the bottom
unless it was also doing FancyIndexes, but it displayed the
HeaderName file at the top under all circumstances. It now shows
the ReadmeName file for simple indices, too, as it should.
[Ken Coar] PR#1373
*) http_core was mmap()ing even in cases where it wasn't going to
read the file. [Ben Hyde <bhyde@gensym.com>]
*) Complete rewrite ;-) of mod_rewrite's URL rewriting engine:
Now the rewriting engine (the heart of mod_rewrite) is organized more
straight-forward, first time well documented and reduced to the really
essential parts. All redundant cases were stripped off and processing now
is the same for both per-server and per-directory context with only a
minimum difference (the prefix stripping in per-dir context). As a
side-effect some subtle restrictions and two recently discovered problems
are gone: Wrong escaping of QUERY_STRING on redirects in per-directory
context and restrictions on the substitution URL on redirects.
Additionally some minor source cleanups were done.
[Ralf S. Engelschall]
*) Lars Eilebrecht wrote a whole new set of Apache Vhost Internals
documentation, examples, explanations and caveats. They live in a new
subdirectory htdocs/manual/vhost/. [Lars Eilebrecht <sfx@unix-ag.org>]
*) If ap_slack fails to allocate above the low slack line it's a good
indication that further problems will occur; it's a better indication
than many external libraries give us when we actually run out of
descriptors. So report it to the user once per restart.
[Dean Gaudet] PR#1181
*) Change mod_include and mod_autoindex to use Y2K-safe date formats
by default. [Ken Coar]
*) Add a "SuppressColumnSorting" option to the IndexOptions list,
which will keep the column heading from being links for sorting
the display. [Ken Coar, suggested by Brian Tiemann <btman@pacific.net>]
PR #1261
*) PORT: Update the LynxOS port. [Marius Groeger <mag@sysgo.de>]
*) Fix logic error when issuing a mmap() failed message
with a non-zero MMAP_THRESHOLD.
[David Chambers <davidc@flosun.salk.edu>] PR#1294
*) Preserve handler value on ProxyPass'ed requests by not
calling find_types on a proxy'd request; fixes problems
where some ProxyPass'ed URLs weren't actually passed
to the proxy.
[Lars Eilebrecht] PR#870
*) Fix a byte ordering problem in mod_access which prevented
the old-style syntax (i.e. "a.b.c." to match a class C)
from working properly. [Dean Gaudet] PR#1248, 1328, 1384
*) Fix problem with USE_FLOCK_SERIALIZED_ACCEPT not working
properly. Each child needs to open the lockfile instead
of using the passed file-descriptor from the parent.
[Jim Jagielski] PR#1056
*) Fix the error logging in mod_cgi; the recent error log changes
introduced a bug that prevented it from working correctly.
[M.D.Parker] PR#1352
*) Default to USE_FCNTL_SERIALIZED_ACCEPT on HPUX to properly
handle multiple Listen directives. [Marc Slemko] PR#872
*) Inherit a bugfix to fnmatch.c from FreeBSD sources.
["[KOI8-R] áÎÄÒÅÊ þÅÒÎÏ×" <ache@nagual.pp.ru>] PR#1311
*) When a configuration parse complained about a bad directive,
the logger would use whatever (unrelated) value was in errno.
errno is now forced to EINVAL first in this case. [Ken Coar]
*) A sed command in the Configure script pushed the edge of POSIXness,
breaking on some systems. [Bhaba R.Misra <system@vt.edu>] PR#1368
*) Solaris >= 2.5 was totally broken due to a mess up using pthread
mutexes. [Roy Fielding, Dean Gaudet]
*) OS/2 Port updated; it should be possible to build OS/2 from the same
sources as Unix now. [Brian Havard <brianh@kheldar.apana.org.au>]
*) Fix a year formatting bug in mod_usertrack.
[Paul Eggert <eggert@twinsun.com>] PR#1342
*) A mild SIGTERM/SIGALRM race condition was eliminated.
[Dean Gaudet] PR#1211
*) Warn user that default path has changed if /usr/local/etc/httpd
is found on the system. [Lars Eilebrecht]
*) Various mod_mime_magic bug fixes and cleanups: Uncompression
should work, it should work on WIN32, and a few resource
leaks and abort conditions are fixed.
[Dean Gaudet] PR#1205
*) PORT: On AIX 1.x files can't be named '@', fix the proxy cache
to use '%' instead of '@' in its encodings.
[David Schuler <schuld@btv.ibm.com>] PR#1317
*) Improve the warning message generated when the "server is busy".
[Dean Gaudet] PR#1293
*) PORT: All ports which don't otherwise define DEF_WANTHSREGEX will
get Spencer regex by default. This is to avoid having to
discover bugs in operating system libraries. [Dean Gaudet]
*) PORT: "Fix" PR#467 by generating warnings on systems which we have
not been able to get working USE_*_SERIALIZED_ACCEPT settings for.
Document this a bit more in src/PORTING. [Dean Gaudet] PR#467
*) Ensure that one copy of config warnings makes it to the
error_log. [Dean Gaudet]
*) Invent new structure and associated methods to handle config file
reading. Add "custom" hook to use config file cfg_getline() on
something which is not a FILE* [Martin Kraemer]
*) Make single-exe Windows install. [Ben Laurie and Eric Esselink]
*) WIN32: Make CGI work under Win95. [Ben Laurie and Paul Sutton]
*) WIN32: Make index.html and friends work under Win95. [Ben Laurie]
*) PORT: Solaris 2.4 needs Spencer regex, the system regex is broken.
[John Line <jml4@cam.ac.uk>] PR#1321
*) Default pathname has been changed everywhere to /usr/local/apache
[Sameer <sameer@c2.net>]
*) PORT: AIX now uses USE_FCNTL_SERIALIZED_ACCEPT.
[David Bronder <David-Bronder@uiowa.edu>] PR#849
*) PORT: i386 AIX does not have memmove.
[David Schuler <schuld@btv.ibm.com>] PR#1267
*) PORT: HPUX now defaults to using Spencer regex.
[Philippe Vanhaesendonck <pvanhaes@be.oracle.com>,
Omar Del Rio <al112263@academ01.lag.itesm.mx>] PR#482, 1246
*) PORT: Some versions of NetBSD don't automatically define
__NetBSD__. Workaround by defining NETBSD.
[Chris Craft <ccraft@cncc.cc.co.us>] PR#977
*) PORT: UnixWare 2.x requires -lgen for syslog.
[Hans Snijder <hs@meganet.nl>] PR#1249
*) PORT: ULTRIX appears to not have syslog.
[Lars Eilebrecht <Lars.Eilebrecht@unix-ag.org>]
*) PORT: Basic Gemini port (treat it like unixware212).
["Pavel Yakovlev (Paul McHacker)" <hac@tomcat.olly.ru>]
*) PORT: All SVR4 systems now use NET_SIZE_T = size_t, and
use USE_SHMGET_SCOREBOARD.
[Martin Kraemer]
*) Various improvements in detecting config file errors (missing closing
directives for <Directory>, <Files> etc. blocks, prohibiting global
server settings in <VirtualHost> blocks, flagging unhandled multiple
arguments to <Directory>, <Files> etc.)
[Martin Kraemer]
*) Add support to suexec wrapper program for mod_unique_id's UNIQUE_ID
variable to provide this one to suexec'd CGIs, too.
[M.D.Parker <mdpc@netcom.com>] PR#1284
*) New support tool: src/support/split-logfile, a sample Perl script which
splits up a combined access log into separate files based on the
name of the virtual host (listed first in the log records by "%v").
[Ken Coar]
Changes with Apache 1.3b2 (there is no 1.3b1)
*) TestCompile was not passing $LIBS [Dean Gaudet]
*) Makefile.tmpl was not using $CFLAGS in the link phase.
[Martin Kraemer]
*) Add debugging code to alloc.c. Defining ALLOC_DEBUG provides a
rudimentary memory debugger which can be used on live servers with
low impact -- it sets all allocated and freed memory bytes to 0xa5.
Defining ALLOC_USE_MALLOC will cause the alloc code to use malloc()
and free() for each object. This is far more expensive and should
only be used for testing with tools such as Electric Fence and
Purify. See main/alloc.c for more details. [Dean Gaudet]
*) Configure uses a sh trap and didn't set its exitcode properly.
[Dean Gaudet] PR#1159
*) Yet another vhost revamp. Add the NameVirtualHost directive which
explicitly lists the ip:port pairs that are to be used for name-vhosts.
From a given ip:port, regardless what the Host: header is, you can
only reach the vhosts defined on that ip:port. The precedence of
vhosts was reversed to match other precedences in the config --
the earlier vhosts override the later vhosts. All vhost matching was
moved into http_vhost.[ch]. [Dean Gaudet]
*) ap_inline can be used to force inlining. GNUC __attribute__() can
be used for whatever reason is appropriate (i.e. format() warnings
for printf style functions). Both are enabled only with
gcc >= 2.7.x (so that we have fewer support issues with older
versions). [Dean Gaudet]
*) Fix support for Proxy Authentication (we were testing the response
status too early). [Marc Slemko]
*) CoreDumpDirectory directive directs where the core file is
written when a SIGSEGV, SIGBUS, SIGABORT or SIGABRT are
received. [Marc Slemko, Dean Gaudet]
*) PORT: Support for Atari MINT.
[Jan Paul Schmidt <Jan.P.Schmidt@mni.fh-giessen.de>]
*) When booting, apache will now detach itself from stdin, stdout,
and stderr. stderr will not be detached until after the config
files have been read so you will be able to see initial error
messages. After that all errors are logged in the error_log.
This makes it more convenient to start apache via rsh, ssh,
or crontabs. [Dean Gaudet] PR#523
*) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake.
Also removed the auto-generated link to www.apache.org that was the
source of so many misdirected bug reports. [Roy Fielding, Marc Slemko]
*) send_fb would not detect aborted connections in some situations.
[Dean Gaudet]
*) mod_include would use uninitialized data when parsing certain
expressions involving && and ||. [Brian Slesinsky] PR#1139
*) mod_imap should only handle GET methods. [Jay Bloodworth]
*) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
*) mod_autoindex improperly counted &escapes; as more than one
character in the description. It also improperly truncated
descriptions that were exactly the maximum length.
[Martin Kraemer]
*) RedirectMatch was not properly escaping the result (PR#1155). Also
"RedirectMatch /advertiser/(.*) $1" is now permitted.
[Dean Gaudet]
*) mod_include now uses symbolic names to check for request success
and return HTTP errors, and correctly handles all types of
redirections (previously it only did temporary redirect correctly).
[Ken Coar, Roy Fielding]
*) mod_userdir was modifying r->finfo in cases where it wasn't setting
r->filename. Since those two are meant to be in sync with each other
this is a bug. ["Paul B. Henson" <henson@intranet.csupomona.edu>]
*) PORT: Support Unisys SVR4, whose uname returns mostly useless data.
["Kaufman, Steven E" <Steven.Kaufman@unisys.com>]
*) Inetd mode (which is buggy) uses timeouts without having setup the
jmpbuffer. [Dean Gaudet] PR#1064
*) Work around problem under Linux where a child will start looping
reporting a select error over and over.
[Rick Franchuk <rickf@transpect.net>] PR#1107, 987, 588
*) Fixed error in proxy_util.c when looping through multiple host IP
addresses. [Lars Eilebrecht] PR#974
*) If BUFFERED_LOGS is defined then mod_log_config will do atomic
buffered writes -- that is, it will buffer up to PIPE_BUF (i.e. 4k)
bytes before writing, but it will never split a log entry across a
buffer boundary. [Dean Gaudet]
*) API: the short_score record has been split into two pieces, one which
the parent writes on, and one which the child writes on. As part of
this change the get_scoreboard_info() function was removed, and
scoreboard_image was exported. This change fixes a race condition
in file based scoreboard systems, and speeds up changes involving the
scoreboard in earlier 1.3 development. [Dean Gaudet]
*) API: New register_other_child() API (see http_main.h) which allows
modules to register children with the parent for maintenance. It
is disabled by defining NO_OTHER_CHILD. [Dean Gaudet]
*) API: New piped_log API (see http_log.h) which implements piped logs,
and will use register_other_child to implement reliable piped logs
when it is available. The reliable piped logs part can be disabled
by defining NO_RELIABLE_PIPED_LOGS. At the moment reliable piped
logs is only available on Unix. [Dean Gaudet]
*) API: set_last_modified() broken into set_last_modified(), set_etag(), and
meets_conditions(). This allows conditional HTTP selection to be
handled separately from the storing of the header fields, and provides
the ability for CGIs to set their own ETags for conditional checking.
[Ken Coar, Roy Fielding] PR#895
*) Changes to mod_log_config to allow naming of format strings.
Format nicknames are defined with "LogFormat fmt nickname", and can
be used with "LogFormat nickname" and "CustomLog logtarget nickname".
[Ken Coar]
*) New module, "mod_speling", which can help find files even when
the URL is slightly misspelled. [Martin Kraemer, Alexei Kosut]
*) API: New function child_terminate() triggers the child process to
exit, while allowing the child finish what it needs to for the
current request first.
[Doug MacEachern, Alexei Kosut]
*) Windows now defaults to using full status reports with mod_status.
[Alexei Kosut] PR #1094
*) *Really* disable all mod_rewrite operations if the engine is off.
Some things (like RewriteMaps) were checked/performed even if they
weren't supposed to be. [Ken Coar] PR #991
*) Implement a new timer scheme which eliminates the need to call alarm() all
the time. Instead a counter in the scoreboard for each child is used to
show when the child has made forward progress. The parent samples this
counter every scoreboard maintenance cycle, and issues SIGALRM if no
progress has been made in the timeout period. This reduces the static
request best-case syscall count to 22 from 29. This scheme is only
used by systems with memory-based scoreboards. [Dean Gaudet]
*) The proxy now properly handles CONNECT requests which are sent
to proxy servers when using ProxyRemote. [Marc Slemko] PR#1024
*) A script called apachectl has been added to the support
directory. This script allows you to do things such as
"apachectl start" and "apachectl restart" from the command
line. [Marc Slemko]
*) Modules and core routines are now put into libraries, which
simplifies the link line tremendously (among other advantages).
[Paul Sutton]
*) Some of the MD5 names defined in Apache have been renamed to have
an `ap_' prefix to avoid conflicts with routines supplied by
external libraries. [Ken Coar]
*) Removal of mod_auth_msql.c from the distribution. There are many
other options for databases today. Rather than offer one option,
offer none at this time. mod_auth_msql and other SQL database
authentication modules can be found at the Apache Module Registry.
http://modules.apache.org/ It would be nice to offer a generic
mod_auth_sql option in the near future.
*) PORT: BeOS support added [Alexei Kosut]
*) Configure no longer accepts the -make option, since it creates
Makefile on the fly based on Makefile.tmpl and Configuration.
*) Apache now gracefully shuts down when it receives a SIGTERM, instead
of forcibly killing off all its processes and exiting without
cleaning up. [Alexei Kosut]
*) API: A new field in the request_rec, r->mtime, has been added to
avoid gratuitous parsing of date strings. It is intended to hold
the last-modified date of the resource (if applicable). An
update_mtime() routine has also been added to advance it if
appropriate. [Roy Fielding, Ken Coar]
*) SECURITY: If a htaccess file can not be read due to bad permissions,
deny access to the directory with a HTTP_FORBIDDEN. The previous
behavior was to ignore the htaccess file if it could not be read.
This change may make some setups with unreadable htaccess files
stop working. [Marc Slemko] PR#817
*) Add aplog_error() providing a mechanism to define levels of
verbosity to the server error logging. This addition also provides
the ability to log errors using syslogd. Error logging is configurable
on a per-server basis using the LogLevel directive. Conversion
of log_*() in progress. [Randy Terbush]
*) Further enhance aplog_error() to not log filename, line number, and
errno information when it isn't applicable. [Ken Coar, Dean Gaudet]
*) WIN32: Canonicalise filenames under Win32. Short filenames are
converted to long ones. Backslashes are converted to forward
slashes. Case is converted to lower. Parts of URLs that do not
correspond to files are left completely alone. [Ben Laurie]
*) PORT: 2 new OSs added to the list of ports:
Encore's UMAX V: Arieh Markel <amarkel@encore.com>
Acorn RISCiX: Stephen Borrill <sborrill@xemplar.co.uk>
*) Add the server version (SERVER_VERSION macro) to the "server
configured and running" entry in the error_log. Also build an
object file at link-time that contains the current time
(SERVER_BUILT global const char[]), and include that in the
message. [Ken Coar]
*) Set r->headers_out when sending responses from the proxy.
This fixes things such as the logging of headers sent from
the proxy. [Marc Slemko] PR#659
*) support/httpd_monitor is no longer distributed because the
scoreboard should not be file based if at all possible. Use
mod_status to see current server snapshot.
*) (set_file_slot): New function, allowing auth directives to be
independent of the server root, so the server documents can be
moved to a different directory or machine more easily.
[David J. MacKenzie]
*) If no TransferLog is given explicitly, decline
to log. This supports coexistence with other logging modules,
such as the custom one that UUNET uses. [David J. MacKenzie]
*) Check for titles in server-parsed HTML files.
Ignore leading newlines and returns in titles. The old behavior
of replacing a newline after <title> with a space causes the
title to be misaligned in the listing. [David J. MacKenzie]
*) Change mod_cern_meta to be configurable on a per-directory basis.
[David J. MacKenzie]
*) Add 'Include' directive to allow inclusion of configuration
files within configuration files. [Randy Terbush]
*) Proxy errors on connect() are logged to the error_log (nothing
new); now they include the IP address and port that failed
(*that's* new). [Ken Coar, Marc Slemko] PR#352
*) Various architectures now define USE_MMAP_FILES which causes
the server to use mmap() for static files. There are two
compile-time tunables MMAP_THRESHOLD (minimum number of bytes
required to use mmap(), default is 0), and MMAP_SEGMENT_SIZE (maximum
number of bytes written in one cycle from a single mmap()d object,
default 32768). [Dean Gaudet]
*) API: Added post_read_request API phase which is run right after reading
the request from a client, or right after an internal redirect. It is
useful for modules setting environment variables that depend only on
the headers/contents of the request. It does not run during subrequests
because subrequests inherit pretty much everything from the main
request. [Dean Gaudet]
*) Added mod_unique_id which is used to generate a unique identifier for
each hit, available in the environment variable UNIQUE_ID.
[Dean Gaudet]
*) init_modules is now called after the error logs have been opened. This
allows modules to emit information messages into the error logs.
[Dean Gaudet]
*) Fixed proxy-pass-through feature of mod_rewrite; Added error logging
information for case where proxy module is not available. [Marc Slemko]
*) PORT: Apache has need for mutexes to serialize its children around
accept. In prior versions either fcntl file locking or flock file
locking were used. The method is chosen by the definition of
USE_xxx_SERIALIZED_ACCEPT in conf.h. xxx is FCNTL for fcntl(),
and FLOCK for flock(). New options have been added:
- SYSVSEM to use System V style semaphores
- PTHREAD to use POSIX threads (appears to work on Solaris only)
- USLOCK to use IRIX uslock
Based on timing various techniques, the following changes were made
to the defaults:
- Linux 2.x uses flock instead of fcntl
- Solaris 2.x uses pthreads
- IRIX uses SysV semaphores -- however multiprocessor IRIX boxes
work far faster if you -DUSE_USLOCK_SERIALIZED_ACCEPT
[Dean Gaudet, Pierre-Yves Kerembellec <Pierre-Yves.Kerembellec@vtcom.fr>,
Martijn Koster <m.koster@pobox.com>]
*) PORT: The semantics of accept/select make it very desirable to use
mutexes to serialize accept when multiple Listens are in use. But
in the case where only a single socket is open it is sometimes
redundant to serialize accept(). Not all unixes do a good job with
potentially dozens of children blocked on accept() on the same
socket. It's now possible to define SINGLE_LISTEN_UNSERIALIZED_ACCEPT and
the server will avoid serialization when listening on only one socket,
and use serialization when listening on multiple sockets.
[Dean Gaudet] PR#467
*) Configure changes: TestLib replaced by TestCompile, which has
some additional capability (such as doing a sanity check of
the compiler and flags selected); the version of Solaris is now
available via the #define value of SOLARIS2; IRIX n32bit libs
now supported and selectable by new Configuration Rule: IRIXN32;
We no longer default to -O2 optimization. [Jim Jagielski]
*) Updated Configure: Configuration now uses AddModule to specify
module source or binary file location, relative to src directory.
Modules can be dropped into modules/extra, or in their own
directory, and modules can come with a Makefile or Configure can
create one. Modules can add compiler or library information to
generated Makefiles. [Paul Sutton]
*) Source core re-organisation: distributed modules are now in
modules/standard. All other source code is in main. OS-specific
code is in os/{unix,emx,win32} directories. [Paul Sutton]
*) mod_browser has been removed, since it's replaced by mod_setenvif.
[Ken Coar]
*) Fix another long-standing bug in sub_req_lookup_file where it would
happily skip past access checks on subdirectories looked up with
relative paths. (It's used by mod_dir, mod_negotiation,
and mod_include.) [Dean Gaudet]
*) directory_walk optimization to reduce an O(N*M) loop to O(N+M) where
N is the number of <Directory> sections, and M is the number of
components in the filename of an object.
To achieve this optimization the following config changes were made:
- Wildcards (* and ?, not the regex forms) in <Directory>s,
<Files>s, and <Location>s now treat a slash as a special
character. For example "/home/*/public_html" previously would
match "/home/a/andrew/public_html", now it only matches things
like "/home/bob/public_html". This mimics /bin/sh behaviour.
- It's possible now to use [] wildcarding in <Directory>, <Files>
or <Location>.
- Regex <Directory>s are applied after all non-regex <Directory>s.
[Dean Gaudet]
*) Fix a bug introduced in 1.3a1 directory_walk regarding .htaccess files
and corrupted paths. [Dean Gaudet]
*) Enhanced and cleaned up the URL rewriting engine of mod_rewrite:
First the grouped parts of RewriteRule pattern matches (parenthesis!) can
be accessed now via backreferences $1..$9 in RewriteConds test-against
strings in addition to RewriteRules subst string. Second the grouped
parts of RewriteCond pattern matches (parenthesis!) can be accessed now
via backreferences %1..%9 both in following RewriteCond test-against
strings and RewriteRules subst string. This provides maximum flexibility
through the use of backreferences.
Additionally the rewriting engine was cleaned up by putting common
code to the new expand_backrefs_inbuffer() function.
[Ralf S. Engelschall]
*) When merging the main server's <Directory> and <Location> sections into
a vhost, put the main server's first and the vhost's second. Otherwise
the vhost can't override the main server. [Dean Gaudet] PR#717
*) The <Directory> code would merge and re-merge the same section after
a match was found, possibly causing problems with some modules.
[Dean Gaudet]
*) ip-based vhosts are stored and queried using a hashing function, which
has been shown to improve performance on servers with many ip-vhosts.
Some other changes had to be made to accommodate this:
- the * address for vhosts now behaves like _default_
- the matching process now is:
- match an ip-vhost directly via hash (possibly matches main
server)
- if that fails, just pretend it matched the main server
- if so far only the main server has been matched, perform
name-based lookups (ServerName, ServerAlias, ServerPath)
*only on name-based vhosts*
- if they fail, look for _default_ vhosts
[Dean Gaudet, Dave Hankins <dhankins@sugarat.net>]
*) dbmmanage overhaul:
- merge dbmmanage and dbmmanage.new functionality, remove dbmmanage.new
- tie() to AnyDBM_File which will use one of DB_File, NDBM_File or
GDBM_File (-ldb, -lndbm, -lgdbm) (trying each in that order)
- provide better seed for rand
- prompt for password as per getpass(3) (turn off echo, read from
/dev/tty, etc.)
- use "newstyle" crypt based on $Config{osname} ($^O)
- will not add a user if already in database, use new `update' command
instead
- added `check' command to check a users' password
- added `import' command to convert existing password text-files or
dbm files exported with `view'
- more descriptive usage, general cleanup, 'use strict' clean, etc.
[Doug MacEachern]
*) Added psocket() which is a pool form of socket(), various places within
the proxy weren't properly blocking alarms while registering the cleanup
for its sockets. bclose() now uses pclose() and pclosesocket(). There
was a bug where the client socket was being close()d twice due a still
registered cleanup. [Dean Gaudet]
*) A few cleanups were made to reduce time(), getpid(), and signal() calls.
[Dean Gaudet]
*) PORT: AIX >= 4.2 requires -lm due to libc changes.
[Jason Venner <jason@idiom.com>] PR#667
*) Enable ``=""'' for RewriteCond directives to match against
the empty string. This is the preferred way instead of ``^$''.
[Ralf S. Engelschall]
*) Fixed an infinite loop in mod_imap for references above the server root
[Dean Gaudet] PR#748
*) mod_proxy now has a ReceiveBufferSize directive, similar to
SendBufferSize, so that the TCP window can be set appropriately
for LFNs. [Phillip A. Prindeville]
*) mod_browser has been replaced by the more general mod_setenvif
(courtesy of Paul Sutton). BrowserMatch* directives are still
available, but are now joined by SetEnvIf*, UnSetEnvIf*, and
UnSetEnvIfZero directives. [Ken Coar]
*) "HostnameLookups double" forces double-reverse DNS to succeed in
order for remote_host to be set (for logging, or for the env var
REMOTE_HOST). The old define MAXIMUM_DNS has been deprecated.
[Dean Gaudet]
*) mod_access overhaul:
- Now understands network/netmask syntax (i.e. 10.1.0.0/255.255.0.0)
and cidr syntax (i.e. 10.1.0.0/16). PR#762
- Critical path was sped up by pre-computing a few things at config time.
- The undocumented syntax "allow user-agents" was removed,
the replacement is "allow from env=foobar" combined with mod_browser.
- When used with hostnames it now forces a double-reverse lookup
no matter what the directory settings are. This double-reverse
doesn't affect any of the other routines that use the remote
hostname. In particular it's still passed to CGIs and the log
without the double-reverse check. Related PR#860.
[Dean Gaudet]