Skip to content
CHANGES 556 KiB
Newer Older
  *) The POD no longer assumes the child is listening on 127.0.0.1
     and now pulls the first hostname in the list of listeners to
     perform the dummy connect on. This fixes a bug when the user
     had configured the Listen directive for an IP other than
     127.0.0.1. This would result in undead children and error
     messages such as "Connection refused: connect to listener".
     [Aaron Bannert]

  *) The worker MPM now respects the LockFile setting, needed to
     avoid locking problems with NFS.  [Jeff Trawick]

  *) Fix segfault when worker MPM receives SIGHUP.
     [Ian Holsman, Aaron Bannert, Justin Erenkrantz]

  *) Fix bug that could potentially prevent the perchild MPM from
     working with more than one vhost/uid.  [Aaron Bannert]

  *) Change make install and apxs -i processing of DSO modules to 
     perform special handling on platforms where libtool doesn't install 
     mod_foo.so.  This fixes some wonkiness on HP-UX, Tru64, and AIX 
     which prevented standard LoadModule statements from working.
  *) Whenever mod_so is enabled (not just when there are DSOs for
     our modules), do whatever special magic is required for compiling/
     loading third-party modules.  This allows third-party DSOs to
     be used on an AIX build when there were no built-in modules
     built as DSOs.  (This should help on OS/390 and BeOS as well.)
     [Jeff Trawick]

  *) Allow apxs to be used to build DSOs on AIX without requiring the
     user to hard-code the list of import files.  (This should help
     on OS/390 and BeOS as well.)  [Jeff Trawick]
     
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Resolved segfault in mod_isapi when configuring with ISAPICacheFile.
     PR 8563, 8919  [William Rowe]
  
  *) Get binary builds working when libapr and libaprutil are built
     shared [Greg Ames]
Ian Holsman's avatar
Ian Holsman committed

  *) Get shared builds of libapr and libaprutil, as well as Apache DSOs,
     working on AIX.  [Aaron Bannert, Dick Dunbar <RLDunbar@pacbell.net>,
     Gary Hook <ghook@us.ibm.com>, Victor Orlikowski, Jeff Trawick]

  *) Fix the handling of SSI directives in which the ">" of the
     terminating "-->" is the last byte in a file [Brian Pane]

  *) Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"
     message that we had back in apache-1.3 and still have scattered
     throughout our docs.  [Aaron Bannert]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Prevent the Win32 port from continuing after encountering an
     error in the command line args to apache.  [William Rowe]

  *) On a error in the proxy, make it write a line to the error log
     [Ian Holsman]

  *) Various mod_ssl performance improvements [Doug MacEachern]

Ian Holsman's avatar
Ian Holsman committed
Changes with Apache 2.0.29
  *) Add buffering in core_output_filter to ensure that long
     lists of small buckets don't cause small packet writes.
     [Brian Pane, Ryan Bloom]

  *) Fix the installation target to make sure that the manual is 
     installed in the correct location.
     [Yoshifumi Hiramatsu <hiramatu@boreas.dti.ne.jp> and
      Gomez Henri <hgomez@slib.fr>]

  *) Fix the cmd command for mod_include.  When we are processing
     a cmd command, we do not want to use the r->filename to set
     the command name.  The command comes from the SSI tag.  To do this,
     I added a variable to the function that builds the command line
     in mod_cgi.  This allows the include_cmd function to specify
     the command line itself. [Ryan Bloom]

  *) Change open_logs hook to return a value, allowing you
     to flag a error while opening logs
     [Ian Holsman, Doug MacEachern]

  *) Change post_config hook to return a value, allowing you
     to flag a error post config
     [Ian Holsman, Jeff Trawick]

  *) Allow SUEXEC_BIN (the path to the suexec binary that is
     hard-coded into the server) to be specified to the configure
     script by the --with-suexec-bin parameter.  [Aaron Bannert]

  *) Fix segv in worker MPM following accept on pipe-of-death
     [Brian Pane]

  *) Add mod_deflate to experimental.  
     [Ian Holsman, Justin Erenkrantz]

  *) Bail out at configure time if an invalid MPM was specified.
     [jean-frederic clere <jfrederic.clere@fujitsu-siemens.com>]

  *) Prevent segv in ap_note_basic_auth_failure() when no AuthName is
     configured [John Sterling <sterling@covalent.net>]
  *) Fix apxs to use sbindir.  [Henri Gomez <hgomez@slib.fr>]

  *) Fix a problem with IPv6 vhosts.  PR #8118  [Jeff Trawick]

  *) Optimization for the BNDM string-search function in
     mod_include.  [Brian Pane]

  *) Fixed the behavior of the XBitHack directive.
     [Taketo Kabe <kabe@sra-tohoku.co.jp>, Cliff Woolley] PR#8804

  *) The threaded MPM for Unix has been removed.  Use the worker
     MPM instead.  [various]

  *) APR-ize the resolver logic in mod_unique_id.  This fixes a bug
     in logging the error from a failed DNS lookup.  [Jeff Trawick]

  *) Added the missing macros AP_INIT_TAKE13 and AP_INIT_TAKE123.
     [Cliff Woolley]

  *) Get mod_cgid killed when a MPM exits due to a fatal error.
     [Jeff Trawick]

  *) Fix a file descriptor leak in mod_include.  When we include a
     file, we use a sub-request, but we didn't destroy the sub-request
     immediately, instead we waited until the original request was
     done.  This patch closes the sub-request as soon as the data is
     done being generated.  [Brian Pane <bpane@pacbell.net>]

  *) Allow modules that add sockets to the ap_listeners list to
     define the function that should be used to accept on that
     socket.  Each MPM can define their own function to use for
     the accept function with the MPM_ACCEPT_FUNC macro.  This
     also abstracts out all of the Unix accept error handling
     logic, which has become out of synch across Unix MPMs.
     [Ryan Bloom]

  *) Fix a bug which would cause the response headers to be omitted
     when sending a negotiated ErrorDocument because the required
     filters were attached to the wrong request_rec.
     [John Sterling <sterling@covalent.net>]

  *) Remove commas from the end of the macros that define
     directives that are used by MPMs.  Prior to this patch,
     you would use these macros without commas, which was unlike
     the macros for any other directives.  Now, the caller provides
     the comma rather than the macro providing it.  This makes
     the macros look more like the rest of the directives.
     [Ryan Bloom and Cliff Woolley]
  *) Add 'redirect-carefully' environment option to disable sending
     redirects under special circumstances.  This is helpful for 
     Microsoft's WebFolders when accessing a directory resource via
     DAV methods.  [Justin Erenkrantz]

  *) Begin to abstract out the underlying transport layer.
     The first step is to remove the socket from the conn_rec,
     the server now lives in a context that is passed to the
     core's input and output filters. This forces us to be very
     careful when adding calls that use the socket directly,
     because the socket isn't available in most locations.
     [Ryan Bloom]

  *) Really reset the MaxClients value in worker and threaded
     when the configured value is not a multiple of the number 
     of threads per child.  We said we did previously but we 
     forgot to. [Jeff Trawick]
  *) Add Debian layout.  [Daniel Stone <daniel@sfarc.net>]

  *) If shared modules are requested and mod_so is not available,
     produce a fatal config-time error.  [Justin Erenkrantz]

  *) Improve http2env's performance by cutting the work it has to
     do.  [Brian Pane <bpane@pacbell.net>]

  *) use new 'apr_hash_merge' function in mod_mime (performance fix)
     [Brian Pane <bpane@pacbell.net>]

  *) Fix infinite loop in mod_cgid.c.  
     [Dale Ghent <daleg@elemental.org>, Brian Pane <bpane@pacbell.net>]

  *) When no port is given in a "ServerName host" directive, the
     server_rec->port is now set to zero, not 80. That allows for
     run-time deduction of the correct server port (depending on
     SSL/plain, and depending also on the current setting of
     UseCanonicalName). This change makes redirections
     work, even with https:// connections. As in Apache-1.3, the
     connection's actual port number is never used, only the ServerName
     setting or the client's Host: setting. Documentation updated
     to reflect the change. [Martin Kraemer]
  *) Add a '%{note-name}e' argument to mod-headers, which works in
     the same way as mod_log_confg.  [Ian Holsman]

  *) Fix the spelling of the AP_MPMQ_MIN_SPARE_DAEMONS and
     AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
     MPMs.  [Cliff Woolley]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce htdbm, a user management utility for db/dbm authorization
     databases.  [Mladen Turk <mturk@mappingsoft.com>]

  *) Optimize usage of strlen and strcat in ap_directory_walk.
     [Brian Pane <bpane@pacbell.net>]

  *) Introduce an Apache mod_ssl initial configuration template 
     (ssl.conf, generated from ssl-std.conf).  [Ralf S. Engelschall]

Aaron Bannert's avatar
Aaron Bannert committed
  *) Fixed a memory leak in the getline parsing code that could
     be triggered by arbitrarily large header lines. Requests
     from the core input filter for single lines are now limited
     to HUGE_STRING_LEN (8192 bytes).  [Aaron Bannert]

  *) Fix a truncation bug in how we print the port on the Via: header. 
     The routine that prints the Via: header now takes a length for
     the port string.  [Zvi Har'El <rl@math.technion.ac.il>]

  *) Some syntax errors in mod_mime_magic's magic file can result
     in a 500 error, which previously was unlogged.  Now we log the
     error.  [Jeff Trawick]

  *) Add the support/checkgid helper app, which checks the run-time
     validity of group identifiers usable in the Group directive.
     [Ken Coar]

  *) Various --enable-so options have been fixed: --enable-so is
     treated as "static"; explicit --enable-so=shared issues an error;
     and explicit --enable-so fails with error on systems without
     APR_HAS_DSO.  [Aaron Bannert]

  *) Fix a segfault in the core input filter when the client socket
     gets disconnected unexpectedly.  [Cliff Woolley]

  *) Fix the reporting for child processes that die.  This removes
     all of the non-portable W* macros from Apache. 
     [Jeff Trawick and Ryan Bloom]

  *) Win32: Track and display "Parent Server Generation:" in
     mod_status output. The generation will be bumped at
     server graceful restart, when the child process exits
     by hitting MaxRequestsPerChild or if the child 
     process exits abnormally. [Bill Stoddard]

  *) Win32: Fix problem where MaxRequestsPerChild directive was
     not being picked up in favor of the default. Enable
     the parent to start up a new child process immediately upon
     the old child starting shutdown.
     [Bill Stoddard]
  *) Fix some bungling of the remote port in rfc1413.c so that 
     IdentityCheck retrieves the proper user id instead of failing
     and thus always returning "nobody."  
     [Dick Streefland <Dick.Streefland@xs4all.nl>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduced thread saftey for mod_rewrite's internal cache.
     [Brian Pane <bpane@pacbell.net>]

  *) Simplified mod_env's directives to behave as most directives are
     expected, in that UnsetEnv will not unset a SetEnv and PassEnv 
     directive following that UnsetEnv within the same container.
     Also provides a runtime startup warning if a PassEnv configured 
     environment value is undefined.  [William Rowe]

  *) The worker MPM is now completely ported to APR's new lock API. It
     uses native APR types for thread mutexes, cross-process mutexes,
     and condition variables.  [Aaron Bannert]

  *) Sync up documentation to remove all references to the now deprecated
     Port directive.  [Justin Erenkrantz]

  *) Moved all ldap modules from the core to httpd-ldap sub-project
     [Ryan Bloom]

  *) Exit when we can't listen on any of the configured ports.  This
     is the same behavior as 1.3, and it avoids having the MPMs to
     deal with bogus ap_listen_rec structures.  [Jeff Trawick]

  *) Cleanup the proxy code that creates a request to the origin
     server.  This change adds an optional hook, which allows modules
     to gain control while the request is created if the proxy module
     is loaded.  The purpose of this hook is to allow modules to add
     input and/or output filters to the request to the origin.  While
     I was at it, I made the core use this hook, so that proxy request
     creation uses some of the code from the core.  This can still be
     greatly improved, but this is a good start.  [Ryan Bloom]

Changes with Apache 2.0.26
Ryan Bloom's avatar
Ryan Bloom committed

  *) Port the MaxClients changes from the worker MPM to the threaded
     MPM.  [Ryan Bloom]

  *) Fix mod_proxy so that it handles chunked transfer-encoding and works
     with the new input filtering system.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce the MultiviewsMatch directive, to allow the operator
     to be flexible in recognizing Handlers and Filters filename
     extensions as part of the Multiviews matching logic, strict with
     MultiviewsMatch NegotiatedOnly to accept only filename extentions 
     that designate negotiated parameters, (content type, charset, etc.)
     or MultiviewsAll for the 1.3 behavior of matching any files, even
     if they have unregistered extensions.  [William Rowe]

  *) Fixed the configure script to add a LoadModule directive to
     the default httpd.conf for any module that was compiled
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     as a DSO.  [Aaron Bannert <aaron@clove.org>]
  *) rewrite mod_ssl input filtering to work with the new input filtering
     system.  [Justin Erenkrantz]

  *) prefork: Don't segfault when we are able to listen on some but
     not all of the configured ports.  [Jeff Trawick]

Justin Erenkrantz's avatar
Justin Erenkrantz committed
  *) Build mod_so even if no core modules are built shared.
     [Aaron Bannert <aaron@clove.org>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce ap_directory_walk rewrite (with further optimizations
     required) to adapt to the ap_process_request_internal() changes.
     Optimized so subrequests and redirects now reuse previous section 
     merges, until we mismatch with the original directory_walk, and
     precomputed r->finfo results will cause directory_walk to skip
     the most expensive phases of the function.  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Allow ApacheMonitor to connect to and control Apache on other 
     WinNT/2K machines.   [Mladen Turk <mturk@mappingsoft.com>]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Remove the Port directive.  In it's place, the Listen directive
     is now a required directive, which tells Apache what port to
     listen on.  The ServerName directive has also been extended
     to accept an optional port.  If the port is specified to the
     ServerName, the server will report that port whenever it
     reports the port that it is listening on.  This change was
     made to ease configuration errors that stem from having a Port
     directive, and a Listen directive.  In that situation, the server
     would only listen to the port specified by the Listen command,
     which caused a lot of confusion to users.  [Ryan Bloom]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Added mod_mime_magic, mod_unique_id and mod_vhost_alias to the Win32
     build, as loadable modules.  [William Rowe]

  *) Fix --enable-mods-shared processing.  If most is specified,
     then all modules that can be compiled as shared modules are.
     [Aaron Bannert <aaron@clove.org>]

Lars Eilebrecht's avatar
Lars Eilebrecht committed
  *) Update the mime.types file to map video/vnd.mpegurl to mxu
     and add commonly used audio/x-mpegurl for m3u extensions.        
     [Heiko Recktenwald <uzs106@uni-bonn.de>, Lars Eilebrecht]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Eliminate the depreciated r->content_language, in favor of the array
     r->content_languages introduced many years ago.  Module authors must
     substantially overhaul their modules, so this needs to be upgraded
     if the module still relied on backwards-brokeness.  [William Rowe]

  *) Allow configure help strings to work with autoconf 2.50+ and 2.13.
     [Justin Erenkrantz]

Justin Erenkrantz's avatar
Justin Erenkrantz committed
  *) Rewrite the input filtering mechanisms to consolidate and reorganize
     code.  In short, core_input_filter does something now and
     ap_http_filter is now only concerned with HTTP.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Update the Win32 build to re-absorb mod_proxy and family.
     [William Rowe]

  *) Resolved the build failure on Win32 using MSVC 5.0 (without the
     current SDK.)  [William Rowe]

Graham Leggett's avatar
Graham Leggett committed
  *) Some style changes to the code that does ProxyErrorOverride. Fixed
     config merge behaviour. [Graham Leggett]

  *) Allow support programs to be compiled against a static version
     of libapr.  This allows the smaller support programs to be 
     relocated.  [Aaron Bannert <aaron@clove.org>]

  *) Update the mime.types file to the registered media types as
     of 2001-09-25, and add mapping for xsl extension [Mark Cox]

  *) Fix MaxClients in the Worker MPM, so that it specifies the maximum
     number of clients that can connect at the same time, instead of
     specifying the maximum number of child processes.
     [Aaron Bannert <aaron@clove.org>]

  *) Switch proc_pthread AcceptMutex configuration directive to pthread to 
     be consistent with 1.3.  [Justin Erenkrantz]

  *) Cache apr_explode_localtime() value for 15 seconds.
     [Brian Pane <bpane@pacbell.net>]

  *) Fix mod_include to not return ETag or Last-Modified headers.
     [Ian Holsman <ianh@cnet.com>]

  *) Fix worker MPM's scoreboard logic.  [Aaron Bannert <aaron@clove.org>]

  *) Eliminate the wasteful run-time conversion of method names from strings 
     to numbers in places where the methods are known at compile time.  
     [Brian Pane <bpane@pacbell.net>]

  *) Turn the worker MPM's queue into a LIFO.  This may
     improve cache-hit performance under some conditions.
     [Aaron Bannert <aaron@clove.org>]

  *) Switch back to SIGUSR1 for graceful restarts on all platforms that
     support it.  [Justin Erenkrantz]

  *) Cleanup the worker MPM.  We no longer re-use transaction
     pools.  This incurs less overhead than shuffling the pools
     around so that they can be re-used.  Remove one of the
     queue's condition variables.  We just redefined the API to
     state that you can't try to add more stuff than you allocated
     segments for.  [Aaron Bannert <aaron@clove.org>]

  *) Fix SSL VPATH builds [Cody Sherr <csherr@covalent.net>]

Greg Stein's avatar
Greg Stein committed
  *) Fixed persistent connections when a request contains a body.
     [Greg Stein]

  *) mod_dav uses a new API to speak to the backend provider for dead
     property management. [Greg Stein]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Remove the Win32 script-processing exception from mod_cgi, and
     roll build_command_line/build_argv_list into a unified, overrideable
     ap_cgi_build_command optional function.  [William Rowe]

  *) Rewrite find_start_sequence to use a better search algorithm
     to find the start tag.  [Justin Erenkrantz]

  *) Fix a seg fault in mod_include.  When we are generating an
     internal redirect, we must set r->uri to "", not a bogus
     string, and not NULL.  [Ryan Bloom]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Optimized location_walk, so subrequests, redirects and second passes
     now reuse previous section merges on a <Location > by <Location >
     basis, until we mismatch with the original location_walk. 
     [William Rowe]

  *) Back out the 1.45 change to util_script.c.  This change made
     us set the environment variable REQUEST_URI to the redirected
     URI, instead of the originally requested URI.
     [Taketo Kabe <kabe@sra-tohoku.co.jp>]

  *) Make mod_include do lazy evaluation of potentially expensive to
     compute variables.  [Brian Pane <bpane@pacbell.net>]

  *) Fix logging of bytes sent for HEAD requests.  %b and %B should
     log either - or 0, before this patch, they were both logging
     the file size.  [Taketo Kabe <kabe@sra-tohoku.co.jp>]

  *) Make mod_include check for BYTE_CHECK_THRESHOLD per bucket rather 
     than per character.  [Brian Pane <bpane@pacbell.net>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Normalize the primary request, redirects and sub-requests to
     run the same ap_process_request_internal for consistency in
     robustness, behavior and security.  [William Rowe]

  *) Fix a segfault with mod_include when r->path_info is not set
     (which is the case with mod_proxy).  [Ian Holsman <ianh@cnet.com>]

  *) Add -X functionality back.  This indicates to all MPMs and any other
     part of Apache that it should run in "debug" mode.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Some initial support for the cygwin platform [prefork only].
     This is not to be confused with support for the WinNT/Win32
     platform, which is the recommended configuration for native
     Win32 users.  The cygwin platform support is recommended for
     cygwin platform users. [Stipe Tolj <tolj@wapme-systems.de>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Changed syntax of Set{Input|Output}Filter.  The list of filters
     must be semicolon delimited (if more than one filter is given.)
     The Set{Input|Output}Filter directive now overrides a parent
     container's directive (e.g. SetInputFilter in <Directory /web/foo>
     will override any SetInputFilter directive in <Directory /web>.)
     This new syntax is more consistent with Add{Input|Output}Filter
     directives defined in mod_mime.  Also cures a bug in prior releases
     where the Set{Input|Output}Filter directive would corrupt the 
     global configuration if the multiple directives were nested.
     [William Rowe]

  *) Cured what's ailed mime for quite some time.  If an AddSomething
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     was given in the configuration (Language, Charset, Handler or
     Encoding) Apache would set the content type as given by AddType, 
     but refused to check the mime.types file if AddType wasn't given 
     for that specific extension.  Setting the AddHandler for .html 
     without setting the AddType text/html html would cause Apache to 
     use the default content type.  [William Rowe]

  *) Added some bulletproofing to memory allocation in the LDAP cache
     code. [Graham Leggett]

  *) Move the installed /manual directory out of the /htdocs/ tree, so
     that it can be kept more independently from the remaining document
     root. The "Alias /manual ..." already allowed for easy projection
     into existing private document trees. [Martin Kraemer]

  *) Add specified user attributes to the environment when using
     mod_auth_ldap. This allows you to use mod_include to embed specified
     user attributes in a page like so:
     Hello <!--#echo var="AUTHENTICATE_CN"-->, how are you?
     [Graham Leggett]

  *) Fix a performance problem with the worker MPM.  We now create
     transaction pools once, and re-use them for each connection.
     [Aaron Bannert <aaron@clove.org>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Modfied mod_mime to prevent mod_negotation from serving a multiview
     of a 'handler' or 'filter', so that any filename extension that does 
     not contribute to the negotiated metadata can't be served without
     an explicit request.  E.g., if the .Z extension is associated with
     an unzip filter, the user request somefile.Z.html, mod_negotiation
     won't serve it.  It can serve somefile.Z.html when somefile.Z is
     requested, since the .Z extension is explictly requested, if the
     .html extension is associated with ContentType text/html.
     [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce the AddInputFilter filter[;filter...] ext [ext...]
     and corresponding AddOutputFilter syntax, to insert one or more 
     filters by mod_mime filename extension processing.
     [William Rowe]

  *) Fix a growing connection pool in core_output_filter() for 
     keepalive requests.  [Jeff Trawick]

Paul J. Reder's avatar
 
Paul J. Reder committed
  *) Moved split_and_pass_pretag_buckets back to being a
     macro at Ryans's request. Removed the return from it
     by setting and returning a return code instead. Updated
     the code to check the return code from the macro and
Paul J. Reder's avatar
 
Paul J. Reder committed
     do the right thing. [Paul J. Reder]
  *) Fix a segfault when a numeric value was received for Host:.
     [Jeff Trawick]

  *) Add a function ap_remove_input_filter.  This is to match
     up with ap_remove_output_filter.  [Ryan Bloom]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Clean up location_walk, so that this step performs a minimum
     amount of redundant effort (it must be run twice, but it will no
     longer reparse all <Location > blocks when the request uri
     hadn't changed.)  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Eliminate proxy: (and all other 'special') processing from the
     ap_directory_walk() phase.  Modules that want to use special
     walk logic should refer to the mod_proxy map_to_location example,
     with it's proxy_walk and proxysection implementation.  This makes
     either directory_walk flavor much more legible, since that phase
     only runs against real <Directory > blocks.
     [William Rowe]
  *) SECURITY: Fix a security problem in mod_include which would allow
     an SSI document to be passed to the client unparsed.
     [Cliff Woolley, Brian Pane]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce the map_to_storage hook, which allows modules to bypass
     the directory_walk and file_walk for non-file requests.  TRACE
     shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
     directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.
     [William Rowe]

  *) Add the ability for mod_include to add the INCLUDES filter
     if the file is configured for the server-parsed handler.
     This makes the configuration for .shtml files much easier
     to understand, and allows mod_include to honor Apache 1.3
     config files.   Based on Doug MacEachern's patch to PHP
     to do the same thing.  [Ryan Bloom]

  *) force OpenSSL to ignore process local-caching and to always
     get/set/delete sessions using mod_ssl's callbacks
     [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>,
      Geoff Thorpe <geoff@geoffthorpe.net>]

  *) Make the worker MPM shutdown and restart cleanly.  This also
     cleans up some race conditions, and gets the worker using
     pools more cleanly.  [Aaron Bannert <aaron@clove.org>]

  *) Implement CRYPTO_set_locking_callback() in terms of apr_lock
     for mod_ssl
     [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]

Paul J. Reder's avatar
 
Paul J. Reder committed
  *) Fix for mod_include. Ryan's patch to check error
     codes put a return in the wrong place. Also, the
     include handler return code wasn't being checked.
     I don't like macros with returns, so I converted
     SPLIT_AND_PASS_PRETAG_BUCKETS into a function.
     [Paul J. Reder <rederpj@raleigh.ibm.com>]

  *) fix segv in mod_mime if no AddTypes are configured
     [John Sterling <sterling@covalent.net>]

  *) Enable ssl client authentication at SSL_accept time
     [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]
  *) Fix a segfault in mod_include when the original request has no
     associated filename (e.g., we're filtering the error document for
     a bad URI).  [Jeff Trawick]

  *) Fix a storage leak (a strdup() call) in mod_mime_magic.  [Jeff Trawick]

Paul J. Reder's avatar
 
Paul J. Reder committed
  *) The prefork and OS/2 MPMs are overwriting the pid file when a second copy
     of httpd is started and shuts down due to socket conflict. Moving the
     call to ap_log_pid solves the problem.

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Changed the late-1.3 log_config substitution %c to %X, to log the
     status of the closed connection, as it conflicts with the far more
     common, historical ssl logging directive %...{var}c.  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Added the common error/ tree to the build/install targets 
     (similar to the common icons/ tree) for the multi-language error 
     messages that Lars committed earlier.  [William Rowe]

Brian Havard's avatar
Brian Havard committed
  *) Added a multi process, multi threaded OS/2 MPM mpmt_os2.  [Brian Havard]

  *) Added a default commented-out mod_ldap and mod_auth_ldap
     configuration to httpd-std.conf and httpd-win.conf
     [Graham Leggett]

  *) Added documentation for mod_ldap and mod_auth_ldap.
     [Graham Leggett]

  *) Enabled negative caching on attribute comparisons in the LDAP cache.
     Fixed a problem where the default cache TTL was set in milliseconds
     not microseconds causing the cache to time out almost immediately.
     [Graham Leggett]

  *) Fixed all the #if APR_HAS_SHARED_MEMORY checks within the LDAP
     module code to follow APR. [Graham Leggett]

  *) Fixed LDAP cleanup on graceful restarts. LDAP connections are now
     cleaned up when the connection pool pool is cleaned up.
     [Graham Leggett]

Paul J. Reder's avatar
 
Paul J. Reder committed
  *) Fix a minor issue with Jeff Trawick's mod_include
     patch. Without this patch, the code will just allocate
     more bytes in get_combined_directive than are needed.
Paul J. Reder's avatar
 
Paul J. Reder committed

Graham Leggett's avatar
Graham Leggett committed
  *) Added the LDAP authentication module mod_auth_ldap.
     [Dave Carrigan <dave@rudedog.org>, Graham Leggett]

  *) Added the LDAP cache and connection pooling module mod_ldap.
     [Dave Carrigan <dave@rudedog.org>, Graham Leggett]

  *) Fix --enable-modules=all breakage with mod_auth_db and mod_auth_digest
     by allowing a module to disable itself if its prerequisites are not
     met.  [Justin Erenkrantz]

Ryan Bloom's avatar
Ryan Bloom committed
Changes with Apache 2.0.24
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Fix a couple of issues in mod_include when the tag appeared at
     offsets near 8192 in the file being parsed.  [Jeff Trawick]

  *) Fix an assertion failure in mod_ssl when the keepalive timeout is  
     reached.  [Jeff Trawick]

  *) Numerous improvements to the Win32 build system.  Introduced command line
     builds without requiring .mak files for MSVC 6.0 and later versions.
     Improved .dsp file compatibility for both Visual Studio 5.0 and 6.0 users.
     [William Rowe]

  *) Assorted corrections and improvements to the winnt_mpm startup code.  Better
     reporting of uninstalled services and other error conditions, and changed the 
     default service name to Apache2.  [William Rowe]

  *) Numerous improvements to the Win32 ApacheMonitor utility, including winnt_mpm 
     compatibility with existing Apache 1.3 Win32 Apache management utilites.  
     [Mladen Turk <mturk@mappingsoft.com>, William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Fixed the segfaults in mod_mime introduced by hash tables in 2.0.20.
     [William Rowe, Greg Ames]

  *) Rounded out the mod_mime Add/Remove pairs by adding RemoveLanguage
     and RemoveCharset directives.  [William Rowe]

  *) The Unix MPMs other than perchild now allow child server 
     processes to use the accept mutex when starting as root and 
     using SysV sems for the accept mutex.  Previously, this 
     combination would lead to fatal errors in the child server 
     processes.  perchild can't use SysV sems because of security
     issues.  [Jeff Trawick, Greg Ames]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Added Win32 revision stamp resources to all http binaries
     (including modules/ and support/ tools.)  PR7322  [William Rowe]

  *) Fix ap_rvprintf to support more than 4K of data at one time.
     [Cody Sherr <csherr@covalent.net>]

Ken Coar's avatar
 
Ken Coar committed
  *) We have always used the obsolete/deprecated Netscape syntax
     for our tracking cookies; now the CookieStyle directive
     allows the Webmaster to choose the Netscape, RFC2109, or
     RFC2965 format.  The new CookieDomain directive allows the
Ken Coar's avatar
Ken Coar committed
     setting of the cookie's Domain= attribute, too.  PR #s 5006,
     5023, 5920, 6140 [Ken Coar]
Ken Coar's avatar
 
Ken Coar committed

  *) Tweak server/Makefile so that the rules for generating exports.c
     are compatible with make utilities which don't expand wildcards
     in a dependency list (e.g., OS/390 make, certain levels of GNU
     make).  [Jeff Trawick]

  *) Install the SSL headers.  [John Sterling <sterling@covalent.net>]

  *) Begin to sanitize the MPM configuration directives.  Now, all
     MPMs use the same functions for all common MPM directives.  This
     should make it easier to catch all bugs in these directives once.
     [Cody Sherr <csherr@covalent.net>]

Cliff Woolley's avatar
Cliff Woolley committed
  *) Close a major resource leak.  Every time we had issued a
     graceful restart, we leaked a socket descriptor.
     [Ryan Bloom]

  *) Fix a problem with the new method code.  We need to cast
     the 1 to an apr_int64_t or it will be treated as a 32-bit
     integer, and it will wrap after being shifted 32 times.
     [Cody Sherr <csherr@covalent.net> and Ryan Morgan <rmorgan@covalent.net>]

  *) Fix a bug in mod_expires.  Previous to this patch, if you
     told mod_expires to add 604800 seconds to the last-modified
     time, it actually added 604800 usec's to the last-modified time,
     so that when looking at the response it looked like nothing
     had been done.  The root of the problem was that we always compute
     time in usec's, but we ask users to input sec's.  This means we
     need to convert to usec's before using those values.
     [Ryan Bloom]

  *) The worker MPM now handles shutdown and restart requests.  It
Cliff Woolley's avatar
Cliff Woolley committed
     definitely isn't perfect, but we do stop the servers correctly.
     The biggest problem right now is that SIGHUP causes the server to
     just die.  [Ryan Bloom]

Cliff Woolley's avatar
Cliff Woolley committed
Changes with Apache 2.0.23
  *) Use the prefork MPM by default on Unix.  [various]

  *) Added a systray icon monitor application for Win32.
     [Mladen Turk <mturk@mappingsoft.com>]

  *) mod_rewrite: Fix the line ending on some non-Unix systems for 
     messages written to the rewrite log.  
     [Richard Labennett <rlabenn@us.ibm.com>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) All mod_autoindex query parsing is now quietly quashed with the 
     IndexOption IgnoreClient.  The IndexOption SuppressColumnSorting 
     still drops the column sort <a href>'s for the column headers, but 
     IgnoreClient is required to ignore these Query options entirely.  
     [William Rowe]

  *) Introduced new mod_autoindex query argument parsing for F=[0|1|2]
     to allow the client to select plain, FancyIndexing or HTMLTable
     formatting, V=[0|1] to inhibit or enable version sorting, and 
     P=pattern to return only specific files.  The old Query Arguments
     were reorganized as C=f for sorting column 'f' (same N, D, S, or M
     as before), and O=A|D for ordering ascending or descending.  
     [William Rowe]

  *) Fixed an error in mod_include's directive parsing routines which
     caused #if, #elif, and #else expressions containing backslashes
     to be improperly evaluated.  [Cliff Woolley]

  *) Introduced new mod_autoindex IndexOptions flags: SuppressIcon to 
     drop the icon column, SuppressRules to drop the <hr> elements, 
     and HTMLTable to create rudimentary HTML table listings (implies 
     FancyIndexing).  [William Rowe]

  *) Re-introduced the mod_autoindex IndexOptions flag TrackModified
     from Apache 1.3.15.  This is needed for two reasons, first, given
     multiple machines within a server farm, ETags and Last-Modified 
     stamps won't correspond from machine to machine, and second, many 
     Unixes don't capture changes to the date or time stamp of existing 
     files, since these don't modify the dirent itself.  [William Rowe]

  *) Re-introduced the mod_autoindex IndexOptions flag FoldersFirst 
     and DirectoryWidth options from Apache 1.3.10. 
     [William Rowe, Ken Coar]

  *) Eliminated FancyIndexing directive, deprecated early in Apache
     1.3 by the IndexOptions FancyIndexing syntax.  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) mod_autoindex now excludes any file names that would result in
     an error, other than a success or redirect.  Also optimized
     the parent directory, always included except in the URI '/'.
     [William Rowe]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Refactored mod_negotiation and mod_mime to help mod_dir accept
     negotiated index pages, and prevent the server from defaulting
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     to an autoindex of the directory.  mod_negotiation will now die
     with a 500 Internal Error if it could match some filenames 
     (e.g. for mod_dir) but none can be served.  mod_negotation now
     refuses to serve any file with an extention that mod_mime doesn't
     recognize, and wasn't part of the request.  [William Rowe]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Eliminate mod_cgi's handling of .exe files without the .exe file
     extension.  This is already handled by multiviews, if the admin
     wishes to AddHandler .exe or define a content type handler and 
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     associate .exe files with that content type.  Multiviews must be
     enabled to allow these to be served.  [William Rowe]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Speed up the server's response to a spike in incoming workload
     or restarts by assigning empty scoreboard slots to new processes
     when they are available.  [Greg Ames]

  *) Add a handler to mod_includes.c.  This handler is designed to
     implement the XbitHack directive.  This can't be done with a
     fixup, because we need to check the content-type, which is
     only available in the handler phase.  [Ryan Bloom]

  *) Make the includes filter check return codes from filters lower in
     the filter chain.  If a lower level filter returns an error, then
     the request needs to stop immediately.  This allows mod_include to
     stop parsing data once a lower filter recognizes an error.
     [Ryan Bloom]

  *) Add the ability to extend the methods that Apache understands
     and have those methods <limit>able in the httpd.conf. It uses 
     the same bit mask/shifted offset as the original HTTP methods 
     such as M_GET or M_POST, but expands the total bits from an int to 
     an ap_int64_t to handle more bits for new request methods than 
     an int provides.  [Cody Sherr <csherr@covalent.net>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Fix broken mod_mime behavior in merging its arguments.  Possible
     cause of unexplicable crashes introduced in 2.0.20.  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Solve many mod_ssl porting issues (too many to detail) with 
     help from the whole team, but most notably [Ralf S. Engelschall, 
     Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>, 
     Doug MacEachern, William Rowe, Cliff Woolley]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) More stall fixes for the threaded & worker mpm's.
     Make mod_status output more accurate.  Don't
     count workers in processes which aren't actively
     serving requests. [Greg Ames]
     
  *) Win32: Get SSI exec cgi tag working. [Bill Stoddard]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Add a single listener/multiple worker MPM.  This MPM is
     definately not fully correct, but it allows us to solve many
     of the problems that exist in the threaded MPM.  This is a 
     modified version of the threaded MPM.  [Ryan Bloom]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Improve content generation throughout Apache, providing closer
     compliance with HTML 3.2, HTML 4.01 Transitional and XHTML 1.0
     Transitional specifications.  [William Rowe]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
Changes with Apache 2.0.22
  
  *) Fix a problem where the threaded MPM stalls after restarts or
     segfaults.  Also prevent multiple active processes from using
     the same scoreboard slot.  [Greg Ames]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Apache/Win32 now fills in the service description with Apache's
     server version string, including loaded and advertised modules.
     [William Rowe]

  *) Improved support for the Win32 build, to recover gracefully from
     missing apr or apr-util directories or the awk interpreter, 
     create the proper cgi-bin examples, including a test-cgi.bat, and 
     fix the perl shebang line for printenv.pl, when installing from 
     the build environment.  [William Rowe]

  *) Fix a segfault in threaded.c caused by passing uninitialized
     apr_thread_t * to apr_thread_join().  [Jeff Trawick]

  *) Use new APR number conversion functions to reduce CPU consumption 
     when setting the content length, and in mod_log_config.
     [Brian Pane]
     
  *) Fix problem reported by Taketo Kabe <kabe@sra-tohoku.co.jp>
     where HEAD response headers were being repeated twice for
     files greater than 32K bytes (4*AP_MIN_BYTES_TO_WRITE). This
     problem in the http_header filter was exposed by the recent rewrite
     of the content_length filter. [Taketo Kabe, Bill Stoddard]

  *) Fix seg faults in mod_status with ExtendedStatus enabled, after
     restarts.  A garbage pointer to a vhost's server_rec from the
     previous generation was being left around under certain
Ryan Bloom's avatar
Ryan Bloom committed

  *) Fix a cosmetic problem with mod_include.  Non-existant SSI vars
     used to appear as '(none', without the closing paren.
     [Günter Knauf <eflash@gmx.net>]

  *) Improve the exports generating awk script.  In the past, we had
     work around problems in the awk script by avoiding some #if and
     #ifdefs.  This has bitten us many times in generating the exports.c
     file.  This improvement allows corrects the header file parsing.
     [Sander Striker <striker@apache.org>]

Changes with Apache 2.0.21
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Resolve the Win32 htpasswd bug, where a file that existed would be
     overwritten, regardless of the -c flag.
     [William Rowe, Mladen Turk <mladen.turk@mail.inet.hr>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce connection sub-pools into ab.  Truncating the lifetime
     of these allocations means that ab no longer perpetually grows
     its working set, running out of memory on large request attempts.
     [William Rowe]

  *) Make scoreboard creation a hook.  This allows management
     modules to have access to the scoreboard at the time that it is
     created, and at every restart request.  
     [Cody Sherr <csherr@covalent.net>]

Paul J. Reder's avatar
 
Paul J. Reder committed
  *) Changed AP_MPMQ_MAX_DAEMONS to refer to MaxClients and
     added an AP_MPMQ_MAX_DAEMON_USED to refer to the highest
     daemon index actually used in the scoreboard. I also
     updated the pertinent calls. [Paul J. Reder]

  *) Win32: Prevent listening sockets from being inherited by
     the Apache child process, CGI scripts, rotatelog process
     etc.  If the Apache child process segfaults, any processes 
     that the child started are not reaped. Prior to this fix,
     these processes inherited the listening sockets which sometimes
     prevented the restarted Apache child process from accepting
     connections (ie, the server would hang). 
     [Bill Stoddard]

  *) Provide vhost and request strings when ExtendedStatus is on.
     [Greg Ames]

  *) Fix some issues with the pod and prefork: check the pod *after*
     processing a connection so that a server processing a time-
     consuming request bails out as soon as practical; when the
     parent process wakes up a server process via connect(), use an
     APR timeout on the connect() so that we don't hang for a long
     time if there aren't server processes around to do accept().
     [Jeff Trawick, Greg Ames]

  *) Performance improvement to mod_mime.c. find_ct() in mod_mime, 
     spends a lot of time in apr_table_get calls.  Using the default 
     httpd.conf, the tables for languages and charsets are somewhat
     large, so the time spent scanning them on each request is
     significant. Replacing the tables with hash tables provides
     a nice speedup. [Brian Pane <bpane@pacbell.net>]
  *) Add two functions to allow modules to access random parts of the
     scoreboard.  This allows modules compiled for one MPM to access the
     scoreboard, even if it the server was compiled for another MPM.
     [Harrie Hazewinkel <harrie@covalent.net>]

Changes with Apache 2.0.20
  *) Fix problem in content-length filter where the filter would
     buffer all the output from a CGI before sending any bytes
     down the filter stack to the network. This problem would cause
     significant memory consumption if the CGIs generated
     lots of bytes. [Bill Stoddard]
  
  *) Get non-blocking CGI pipe reads working with the bucket brigades.
     [Bill Stoddard]
Bill Stoddard's avatar
Bill Stoddard committed
  *) Fix seg fault on Windows when serving files cached with mod_file_cache.
Cliff Woolley's avatar
 
Cliff Woolley committed
     [Bill Stoddard]

  *) Fix a bug in the threaded MPM that would cause it to kill off all
     workers immediately after starting if the number of workers started
     was above a certain threshold.  [Ryan Bloom, Bill Stoddard]
Cliff Woolley's avatar
 
Cliff Woolley committed

Changes with Apache 2.0.19
  *) Fix problem with threaded MPM.  The problem was that if each child
     process was busy serving a single long-lived request and the server
     was sent a graceful restart signal, the server would stop serving
     requests.  This would happen because each child process would wait to
     die until the last thread was done, and the parent wouldn't spawn any
     new children until a process died.  Now, the parent looks at the fact
     that the children are dying gracefully, and starts new children.
     Those new children only start enough threads to compliment the number
     of threads in the other child process that shares the same spot in
     the scoreboard.  In this way, we make sure to never go over
     MaxClients.  [Ryan Bloom]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) modified mod_negotiation and mod_autoindex to speed up by almost a
     factor of two on apr_dir_read()-enhanced platforms, such as Win32
     and OS2, by calling ap_sub_request_lookup_dirent() with the results
     already provided by apr_dir_read().  [William Rowe]

  *) mod_file_cache is now more robust to filtering and serves requests
     slightly more efficiently.  [Cliff Woolley]

  *) Fix problem handling FLUSH bucket in the chunked encoding filter.
     Module was calling ap_rwrite() followed by ap_rflush() but the 
     served content was not being displayed in the browser. Inspection
     of the output stream revealed that the first data chunk was
     missing the trailing CRLF required by the RFC.  [Bill Stoddard]
  *) apxs no longer generates ap_send_http_header() in the example handler

Jeff Trawick's avatar
Jeff Trawick committed
  *) Fix an ab problem which could cause a divide-by-zero exception
     with certain invocations (e.g., ab -k -c 6 -n 100 localhost/).
     [Ian Holsman <ianh@cnet.com>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Solve case-insensitive platforms' confusion about negotiated
     filenames, allowing files of differnt case to match in choosing
     the document to serve.  [William Rowe]

  *) Fix brokenness when ThreadsPerChild is higher than the built-in
     limit.  We left ap_threads_per_child at the higher value which
     led to segfaults when doing certain scoreboard operations.
     [Jeff Trawick]