Skip to content
CHANGES 88.6 KiB
Newer Older
  *) Authz: Move the 'Require' directive from the core module as well as 
     add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>' 
     and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR' 
     logic into the authorization processing. [Brad Nicholes]
  *) Authz: Add the new module mod_authz_core which acts as the 
     authorization provider vector and contains common authz 
     directives. [Brad Nicholes]

  *) Authz: Renamed mod_authz_dbm authz providers from 'group' and 
     'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]

  *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
     host-based access control provided by mod_authz_host and invoked 
     through the 'Require' directive. [Brad Nicholes]

  *) Authz: Convert all of the authz modules from hook based to 
     provider based. [Brad Nicholes]
  *) mod_cache: Add CacheMinExpire directive to set the minimum time in
     seconds to cache a document.
     [Brian Akins <brian.akins turner.com>, Ruediger Pluem]

Nick Kew's avatar
Nick Kew committed
  *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]

  *) Fix typo in ProxyStatus syntax error message.
     [Christophe Jaillet <christophe.jaillet wanadoo.fr>]

  *) Asynchronous write completion for the Event MPM.  [Brian Pane]

  *) Added an End-Of-Request bucket type.  The logging of a request and
     the freeing of its pool are now done when the EOR bucket is destroyed.
     This has the effect of delaying the logging until right after the last
     of the response is sent; ap_core_output_filter() calls the access logger
     indirectly when it destroys the EOR bucket.  [Brian Pane]

  *) Rewrite of logresolve support utility: IPv6 addresses are now supported
     and the format of statistical output has changed. [Colm MacCarthaigh]

  *) Rewrite of ap_coreoutput_filter to do nonblocking writes  [Brian Pane]

  *) Added new connection states for handler and write completion
     [Brian Pane]

  *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs.  PR 34264.
     [Justin Erenkrantz]

Jeff Trawick's avatar
Jeff Trawick committed
  *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
     allowing string-valued client certificate attributes to be used for
     access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
     [Martin Kraemer, David Reid]

  [Apache 2.3.0-dev includes those bug fixes and changes with the
   Apache 2.2.xx tree as documented, and except as noted, below.]
Changes with Apache 2.2.x and later:
  *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
Changes with Apache 2.0.x and later:
  *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup