Skip to content
CHANGES 543 KiB
Newer Older
     API change in 2.0.34.  [Cliff Woolley]

  *) Don't allow initialization to succeed if we can't get a socket
     corresponding to one of the Listen statements.  [Jeff Trawick]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
Changes with Apache 2.0.34
Ryan Bloom's avatar
Ryan Bloom committed
  *) Allow all Perchild directives to accept either numerical UID/GID
     or logical user/group names.  [Scott Lamb <slamb@slamb.org>]

  *) Make Perchild compile cleanly and serve pages again. [Ryan Bloom]

  *) implement ssl proxy to support ProxyPass / https:// and the
     SSLProxy* directives [Doug MacEachern]

  *) Update mod_cgid to not do single-byte socket reads for CGI headers
     [Brian Pane]

  *) Made AB's use of the Host: header rfc2616 compliant
     by Taisuke Yamada <tai@iij.ad.jp> [Dirk-Willem van Gulik].

  *) The old, legacy (and unused) code in which the scoreboard was totally
     and completely contained in a file (SCOREBOARD_FILE) has been
     removed. This does not affect scoreboards which are *mapped* to
     files using named-shared-memory. [Jim Jagielski]

Cliff Woolley's avatar
Cliff Woolley committed
  *) Change bucket brigades API to allow a "bucket allocator" to be
     passed in at certain points.  This allows us to implement freelists
     so that we can stop using malloc/free so frequently.
     [Cliff Woolley, Brian Pane]

  *) Add support for macro expansion within the variable names in
     <!--#echo--> and <!--#set--> directives [Brian Pane]

  *) Fix some mod_include segfaults [Cliff Woolley, Brian Pane, Brad Nicholes]

Mark J. Cox's avatar
Mark J. Cox committed
  *) Update the "RedHat" Layout to match Red Hat Linux version 7. PR BZ-7422
     [Joe Orton] 

  *) add compat layer to support RSA SSLC 1.x and 2.x in mod_ssl
     [Jon Travis, John Barbee, William Rowe, Ryan Bloom, Doug MacEachern]

  *) Add a new parameter to the quick_handler hook to instruct
     quick handlers to optionally do a lookup rather than actually 
     serve content. This is the first of several changes required fix
     several problems with how quick handlers work with subrequests.
     [Bill Stoddard]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

Jeff Trawick's avatar
Jeff Trawick committed
  *) worker MPM: Get MaxRequestsPerChild to work again.  [Jeff Trawick]

  *) [APR-related] The ordering of the default accept mutex method has
     been changed to better match what's done in Apache 1.3. The ordering 
     is now (highest to lowest): pthread -> sysvsem -> fcntl -> flock.
     [Jim Jagielski]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Ensure that the build/ directory is created when using VPATH.
     [Justin Erenkrantz]

  *) Add some popular types to the mime magic file.  PR 7730.
     [Linus Walleij <triad@df.lth.se>, Justin Erenkrantz]

  *) Remove the single-byte socket reads for CGI headers [Brian Pane]

  *) When a proxied site was being served, Apache was replacing
     the original site Server header with it's own, which is not
     allowed by RFC2616. Fixed. [Graham Leggett]

  *) Fix a mod_cgid problem that left daemon processes stranded
     in some server restart scenarios.  [Jeff Trawick]

  *) Added exp_foo and rel_foo variables to config_vars.mk for
     all Apache and Autoconf path variables (like --sysconfdir,
     --sbindir, etc). exp_foo is the "expanded" version, which means
     that all internal variable references have been interpolated.
     rel_foo is the same as $exp_foo, only relative to $prefix if they
     share a common path.  [Aaron Bannert]

  *) Fix some restart/terminate problems in the worker MPM.  Don't
     drop connections during graceful restart.  [Jeff Trawick]

  *) Change the header merging behaviour in proxy, as some headers
     (like Set-Cookie) cannot be unmerged due to stray commas in
     dates. [Graham Leggett]

  *) Be more vocal about what AcceptMutex values we allow, to make
     us closer to how 1.3 does it. [Jim Jagielski]

  *) Get nph- CGI scripts working again.  PRs 8902, 8907, 9983
     [Jeff Trawick]

  *) Upgraded PCRE library to latest version 3.9 [Brian Pane]

  *) Add accessor function to set r->content_type. From now on,
     ap_rset_content_type() should be used to set r->content_type.
     This change is required to properly implement the 
     AddOutputFilterByType configuration directive.
     [Bill Stoddard, Sander Striker, Ryan Bloom]
  *) Add new M_FOO symbols for the WebDAV/DeltaV methods specified by
     RFC 3253. Improved the method name/number mapping functions.
     [Greg Stein]

Ian Holsman's avatar
Ian Holsman committed
  *) remove sock_enable_linger from connection.c [Ian Holsman]

  *) Fix for virtual host processing where the requested hostname
     has a '.' at the end (PR 9187) [Ryan Cruse <ryan@estara.com>]

  *) mod_dav's APIs for REPORT response handling was changed so that
     providers can generate the content directly into the output filter
     stack, rather than buffering the response into memory. [Greg Stein]

  *) Fix a hang condition with graceful restart and prefork MPM
     in the situation where MaxClients is very high but
     much fewer servers are actually started at the time of the
     restart.  [Jeff Trawick]

  *) Small performance fixes for mod_include [Brian Pane]

  *) Performance improvement for the error logger [Brian Pane]

  *) Change configure so that Solaris 8 and above have 
     SINGLE_LISTEN_UNSERIALIZED_ACCEPT defined by default.
     according to sun people solaris 8+ doesn't have a thundering
     herd problem [Ian Holsman]

  *) Allow URIs specifying CGI scripts to include '/' at the end
     (e.g., /cgi-bin/printenv/) on AIX and Solaris (and other OSs
     which ignore '/' at the end of the names of non-directories).
     PR 10138  [Jeff Trawick]

Doug MacEachern's avatar
Doug MacEachern committed
  *) implement SSLSessionCache shmht and shmcb based on apr_rmm and
     apr_shm.  [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]

Jeff Trawick's avatar
Jeff Trawick committed
  *) Fix apxs -g handling.  Move config_vars.mk from the top build
     directory to the build directory.  PR 10163  [Jeff Trawick]

  *) Fix some mod_include problems which broke evaluation of some
     expressions.  PR 10108  [Jeff Trawick]

  *) Fix the calculation of request time in mod_status.  [Stas Bekman]

  *) Fix the calculation of thread_num in the worker score structure.
     [Stas Bekman]

  *) Use apr_atomic operations in managing the mod_mem_cache
     cache_objects for SMP scalability. (see USE_ATOMICS
     preprocessor directive in mod_file_cache)
     [Bill Stoddard]

  *) Add filehandle caching to mod_mem_cache. (see CACHE_FD
     preprocessor directive in mod_file_cache)
     [Bill Stoddard]

  *) Implement prototype mod_disk_cache for use with mod_cache.
     [Bill Stoddard]
Ryan Bloom's avatar
Ryan Bloom committed

  *) Add a missing manualdir entry in the Debian config.layout.
     [Thom May <thom@planetarytramp.net>]

  *) Stop installing libtool for APR and tell APR where it should place
     its copy of libtool (via our installbuildpath layout variable).
     [Justin Erenkrantz]

  *) New directive ProxyIOBufferSize. Sets the size of the buffer used
     when reading from a remote HTTP server in proxy. [Graham Leggett]

  *) Modify receive/send loop in proxy_http and proxy_ftp so that
     should it be necessary, the remote server socket is closed before
     transmitting the last buffer (set by ProxyIOBufferSize) to the
     client. This prevents the backend server from being forced to hang
     around while the last few bytes are transmitted to a slow client.
     Fix the case where no error checking was performed on the final
     brigade in the loop. [Graham Leggett]

  *) Scrap CacheMaxExpireMin and CacheDefaultExpireMin. Change
     CacheMaxExpire and CacheDefaultExpire to use seconds rather than
     hours. [Graham Leggett, Bill Stoddard]

Ian Holsman's avatar
 
Ian Holsman committed
  *) New Directive SSIUndefinedEcho. to change the '(none)' echoed
     for a undefined variable. [Ian Holsman]

  *) Proxy HTTP and CONNECT: Keep trying other addresses from the DNS
     when we can't get a socket in the specified address family.  We may
     have gotten back an IPv6 address first and yet our system is not
     configured to allow IPv6 sockets.  [Jeff Trawick]

  *) Be more careful about recursively removing CVS directories. Make
     sure that we aren't cd'ing to their home directory first. PR: 9993
     [Aaron Bannert, James LewisMoss <dres@lewismoss.net>]
  *) Add a missing errordir entry in the Debian config.layout. PR: 10067
     [Dirk-Jan Faber <dirk-jan@selwerd.nl>, Aaron Bannert,
      Thom May <thom@planetarytramp.net>]

Justin Erenkrantz's avatar
Justin Erenkrantz committed
  *) Rename the filter ordering priorities.  The recent filtering fixes
     have showcased problems with their usage.  Therefore, we need to
     rename them to increase the clarity.  (CONTENT->RESOURCE,
     HTTP_HEADER->CONTENT_SET/PROTOCOL)  [Justin Erenkrantz]

Ryan Bloom's avatar
Ryan Bloom committed
Changes with Apache 2.0.33
  *) Fix a problem in the new --enable-layout functionality where
     it wouldn't allow overrides from variables like --prefix,
     --bindir, etc.  [Thom May <thom@planetarytramp.net>]

  *) Fix a bug in the core input filter for AP_MODE_EXHAUSTIVE. It
     no longer hangs around waiting for the socket to close before
     returning exhaustive data.  [Aaron Bannert]

  *) rename apr_exploded_time_t to apr_time_exp_t (as per renames pending)
     [Thom May <thom@planetarytramp.net>]

Doug MacEachern's avatar
Doug MacEachern committed
  *) Change mod_ssl to always do a full startup/teardown on restarts.
     this allows mod_ssl to be added to a server that is already
     running and makes it possible to add/change certs/keys after the
     server has been started.  [Doug MacEachern]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl.
     This pipe must be a bidirectional 'console' style relay, which
Doug MacEachern's avatar
Doug MacEachern committed
     mod_ssl prints all prompts to the pipe's stdin, and reads the
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     passphrases from the pipe's stdout.  [William Rowe]

  *) Fix bug where --sysconfdir and --localstatedir were being
     ignored.  [Thom May <thom@planetarytramp.net>, Aaron Bannert]
     PR 9888

  *) Fix --enable-layout to work again. Caution: When specifying
     --enable-layout, common arguments like --prefix, --exec-prefix,
     etc. will be ignored and the settings from the layout will be
     used instead.  [Thom May <thom@planetarytramp.net>, Aaron Bannert]
     PR 9124, 9873, 9885

  *) New Directive for mod_proxy: ProxyRemoteMatch. This provides
     regex pattern matching for the determination of which requests
     to use the remote proxy for. [Jim Jagielski]

  *) Fix CustomLog bytes-sent with HTTP 0.9.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Prevent Apache from ignoring SIGHUP due to some lingering 1.3
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     cruft in piped logs and rewritemap child processes.
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
     [William Rowe]

  *) All instances of apr_lock_t have been removed and converted
     to one of the following new lock APIs: apr_thread_mutex.h,
     apr_proc_mutex.h, or apr_global_mutex.h. No new code should
     use the apr_lock.h API, as the old API will soon be deprecated.
     [Aaron Bannert]

  *) Merged in changes to mod_ssl up through 2.8.7-1.3.23.
     [Ralf S. Engelschall, Cliff Woolley]

Ian Holsman's avatar
Ian Holsman committed
  *) mod-include: make it handle flush'es and fix the 'false-alarm'
     [Justin Erenkrantz, Brian Pane, Ian Holsman]
  *) ap_get_*_filter_handle() functions to allow 3rd party modules
     to lookup filter handles so they can bypass the filter name
     lookup when adding filters to a request (via ap_add_*_filter_handle())
     [Ryan Morgan <rmorgan@covalent.net>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Fix for multiple file buckets on Win32, where the first file
     bucket would cause the immediate closure of the socket on any
     non-keepalive requests.  [Ryan Morgan <rmorgan@covalent.net>]

  *) Correct Win32 failure of mmap of a segment beyond start of the
     file; fixes large SSL and similar transfers.  [William Rowe]
     PR 9898

  *) Implement apr_proc_detach changes and allow -DNO_DETACH in the
     multi-process mode to not "daemonize" while detaching from the
     controlling terminal. This is necessary for Apache to work with
     process-management tools like AIX's "System Resource Controller"
     as well as Dan Bernstein's "daemontools".
     [Jos Backus <josb@cncdsl.com>, Aaron Bannert]

  *) Convert mod_auth_digest to use the new apr_global_mutex_t
     type.  [Aaron Bannert]

  *) fix bug in mod-include where it wouldn't send a unmatched
     part if it was at the end of a bucket [Ian Holsman]

  *) worker MPM: Improve logging of errors with the interface between
     the listener thread and worker threads.  [Jeff Trawick]

  *) Some browsers ignore cookies that have been merged into a
     single Set-Cookie header. Set-Cookie and Set-Cookie2 headers
     are now unmerged in the http proxy before being sent to the
     client. [Graham Leggett]

  *) Fix a problem with proxy where each entry of a duplicated
     header such as Set-Cookie would overwrite and obliterate the
     previous value of the header, resulting in multiple header
     values (like cookies) going missing.
     [Graham Leggett, Joshua Slive]

  *) Add the server-limit and thread-limit values to the scoreboard
     for the sake of third-party applications.
     [Adam Sussman <myddryn@vishnu.vidya.com>]

Ian Holsman's avatar
Ian Holsman committed
  *) Fix segfault when proxy recieves an invalid HTTP response [Ian Holsman]

  *) OS/390: Get make install to properly copy DSO modules.
     [Jeff Trawick]

  *) Win32: Fix bug in mod_status with displaying "Restart Time"
     and "Server uptime".
  *) Fix IPv6 name-based virtual hosts.  [Jeff Trawick]

  *) Introduce AddOutputFilterByType directive.  [Justin Erenkrantz]

  *) Fix DEBUG_CGI support in mod_cgi.  PR 9670, 9671.
     [David MacKenzie <djm@pix.net>]

  *) Fix incorrect check for script_in in mod_cgi.  PR 9669.
     [David MacKenzie <djm@pix.net>]

  *) Fix segfault and display error when SSLMutex file can not be
     created.  [Adam Sussman <myddryn@vishnu.vidya.com>]

  *) Add reference counting to mod_mem_cache cache objects to
     better manage removing objects from the cache.
     [Bill Stoddard]
  *) Change the verbage on the ScoreBoardFile in our default configs.
     Also change the default to be commented out (unspecified) so we
     get anonymous shared memory by default.  [Aaron Bannert]

  *) Implement new ScoreBoardFile directive logic. This affects how
     we create the scoreboard's shared memory segment. If the directive
     is present, a name-based segment is created. If the directive is
     not present, first an anonymous segment is created, and if that
     fails, a name-based segment is created from a file of the name
     DEFAULT_SCOREBOARD. This gives third-party applications the
     ability to access our scoreboard.  [Aaron Bannert]
  *) Allow mod_deflate to work with non-GET requests and properly send
     Content-Lengths.  [Sander Striker <striker@apache.org>]

  *) Fix ap_directory_merge() to correctly merge configs when there is
     no <Directory /> block.  [Justin Erenkrantz, William Rowe]

  *) Remove spurious debug messsages that are normal under HTTP
     keep-alive logic.  [Jeff Trawick, Justin Erenkrantz]

Justin Erenkrantz's avatar
Justin Erenkrantz committed
  *) Fix a bug in mod_cgid that would prevent proper shutdown death
     of the cgid process.  [Aaron Bannert]

  *) Add signal handling back in to the worker MPM for the one_process
     (-X, -DDEBUG, -DONE_PROCESS) case.  [Aaron Bannert]

  *) Performance: Reuse per-connection transaction pools in the
     worker MPM, rather than destroying and recreating them.  [Brian Pane]

  *) Remove all signals from the worker MPM's child process.  Instead,
     the parent uses the Pipe of Death for all communication with the
     child processes.  [Ryan Bloom]

Justin Erenkrantz's avatar
Justin Erenkrantz committed
Changes with Apache 2.0.32
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) mod_negotiation: ForceLanguagePriority now uses 'Prefer' as the
     default if the directive is not specified.  This mirrors older
     behavior without changes to the httpd.conf.  [William Rowe]

  *) Win32: solve the win32 service problems in 2.0.31-alpha, by fixing
     the service, mpm and logging code, and bugs in apr_file_open_stderr 
     and apr_file_dup2 functions.  Win2K/XP services have no handles 
     associated for stdin/out/err, which caused unpredictable behavior
     in the prior release.  [William Rowe, Bill Stoddard]

  *) Win32: simplify the Application Event Log messages, since there isn't
     likely to be 'more information in the error log' before an error log
     has been opened.  [William Rowe]

  *) Win32: substantial cleanup to the mpm_winnt code for legibility and
     to follow the program flow of other MPMs.  [Ryan Bloom, William Rowe]

  *) Win32: apache -k shutdown now behaves like apache -k stop.
     [Bill Stoddard]

  *) Fix prefork to not kill the parent if a child hits a resource shortage
     on accept().  [Greg Ames]
Ian Holsman's avatar
Ian Holsman committed

  *) Fix seg faults that occur when what should be the httpd request line
     starts with \r\n followed by garbage.  [Greg Ames]

  *) Allow statically linked support binaries with the new
     --enable-static-support flag, and enable this behavior in
     the binbuild script. Also add a new --enable-static-htdbm
     flag.  [Aaron Bannert]

  *) Allow mod_autoindex to serve symlinks if permitted and attempt to
     do only one stat() call when generating the directory listings.
     [Justin Erenkrantz]

  *) Fix resolve_symlink to save the original symlink name if known.
     [Justin Erenkrantz]

  *) Be a bit more sane with regard to CanonicalNames.  If the user has
     specified they want to use the CanonicalName, but they have not
     configured a port with the ServerName, then use the same port that 
     the original request used. [Ryan Bloom and Ken Coar]

  *) In core_input_filter, check for an empty brigade after 
     APR_BRIGADE_NORMALIZE().  Otherwise, we can get segfaults if a
     client says it will post some data but we get FIN before any
     data arrives.  [Jeff Trawick]

  *) Not being able to bind to the socket is a fatal error.  We should
     print an error to the console, and return a non-zero status code.
     With these changes, all of the Unix MPMs do that correctly.
     [Ryan Bloom]

  *) suexec: Allow HTTPS and SSL_* environment variables to be passed
     through to CGI scripts. PR 9163
     [Brian Reid <breid@customlogic.com>, 
      Zvi Har'El <rl@math.technion.ac.il>]

  *) binbuild.sh: Make sure that we use the expat from our source
     tree so that there aren't any surprises on the target machine.
     [Jeff Trawick]

  *) mod_cgid: Add retry logic for when the daemon can't fork fast
     enough to keep up with new requests.  Start using 
     HTTP_SERVER_UNAVAILABLE instead of HTTP_INTERNAL_SERVER_ERROR
     when we can't talk to the daemon.  [Jeff Trawick]

  *) apxs: LTFLAGS envvar can override default libtool options.  Try
     "LTFLAGS=' ' apxs -c mod_foo.c" to see what libtool does under
     the covers.  [Jeff Trawick]

Ian Holsman's avatar
Ian Holsman committed
  *) The Location: response header field, used for external
     redirect, *must* be an absoluteURI.  The Redirect directive
     tested for that, but RedirectMatch didn't -- it would allow
     almost anything through.  Now it will try to turn an abs_path
     into an absoluteURI, but it will correctly varf like Redirect
     if the final redirection target isn't an absoluteURI.  [Ken Coar]

Changes with Apache 2.0.31
Ian Holsman's avatar
Ian Holsman committed

  *) Create the scoreboard (in the parent) in a global pool context,
     so it survives graceful restarts. This fixes a SEGV during
     graceful restarts.  [Aaron Bannert]

  *) Add a timeout option to the proxy code 'ProxyTimeout' 
     [Ian Holsman]
  *) FTP directory listings are now always retrieved in ASCII mode.
     The FTP proxy properly escapes URI's and HTML in the generated
     listing, and escapes the path components when talking to the FTP
     server. It is now possible to browse the root directory by using
     a url like:   ftp://user@host/%2f/ (ported from apache_1.3.24)
     Also, the last path component may contain wildcard characters
     '*' and '?', and if they do, a directory listing is created instead
     of a file retrieval. Example: ftp://user@host/httpd/server/*.c
     [Martin Kraemer]

  *) Added single-listener unserialized accept support to the
     worker MPM [Brian Pane]

  *) New Directive for mod_proxy: 'ProxyPreserveHost'. This passes
     the incoming host header through to the proxied server
     [Geoff <g.russell@ieee.org>]

Ian Holsman's avatar
Ian Holsman committed
  *) New Directive Option for ProxyPass. It now can block a location
     from being proxied [Jukka Pihl <jukka.pihl@entirem.com>]
  *) Don't let the default handler try to serve a raw directory.  At
     best you get gibberish.  Much worse things can happen depending
     on the OS.  [Jeff Trawick]
     
  *) Change the pre_config hook to return a value. Modules can now emit
     an error message and then cause the server to quit gracefully during
     startup. This required a bump to the MMN.  [Aaron Bannert]

  *) Fix some unix socket descriptor leaks in the handler side of
     mod_cgid (the part that runs in the server process).  Whack a
     silly "close(-1)" in the handler too.  [Jeff Trawick]

  *) Change the pre_mpm hook to return a value, so that scoreboard
     init errors percolate up to code that knows how to exit 
     cleanly.  This required a bump to the MMN.  [Jeff Trawick]
  *) Add the socket back to the conn_rec and remove the create_connection
     hook. The create_connection hook had a design flaw that did not 
     allow creating connections based on vhost info. [Bill Stoddard]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Fixed PATH_INFO and QUERY_STRING from mod_negotiation results.
     Resolves the common case of using negotation to resolve the request
     /script/foo for /script.cgi/foo.  [William Rowe]

  *) Added new functions ap_add_(input|output)_filter_handle to
     allow modules to bypass the usual filter name lookup when
     adding hard-coded filters to a request [Brian Pane]

  *) caching should now work on subrequests (still very experimental)
Ian Holsman's avatar
Ian Holsman committed
     [Ian Holsman]
  
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) The Win32 mpm_winnt now has a shared scoreboard.  [William Rowe]

  *) Change ap_get_brigade prototype to use apr_off_t instead of apr_off_t*.
     [Justin Erenkrantz]

  *) Refactor ap_rgetline so that it does not use an internal brigade.
     Change ap_rgetline's prototype to return errors.  [Justin Erenkrantz]

  *) Remove mod_auth_db.  [Justin Erenkrantz]

  *) Do not install unnecessary pcre headers like config.h and internal.h.
     [Joe Orton <joe@manyfish.co.uk>]

  *) Change in quick_hanlder behavior for subrequests. it now passes DONE
     (as it does for a normal request). quick_handled sub-requests now work
     in mod-include [Ian Holsman]

  *) Change SUBREQ_CORE so that it is a 'HTTP_HEADER' filter instead of
     'CONTENT' one, as it needs to run AFTER all content headers
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Rename BeOS MPM directive RequestsPerThread to MaxRequestsPerThread.
     [Lars Eilebrecht]

  *) Split out blocking from the mode in the input filters.
     [Justin Erenkrantz]

  *) Fix a segfault in mod_include.  [Justin Erenkrantz, Jeff Trawick]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Cause Win32 to capture all child-worker process errors in
     Apache to the main server error log, until the child can
     open its own error logs.  [William Rowe]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) HPUX 11.*: Do not kill the child process when accept() 
     returns ENOBUFS on HPUX 11.*. (ported from a 1.3 patch
     by [madhusudan_mathihalli@hp.com])
     [Bill Stoddard]

  *) Fix a problem in the parsing of the <Proxy foo> directive.
     [Jeff Trawick]

  *) rewrite of mod_ssl input filter for better performance and less
     memory usage [Doug MacEachern]

  *) allow quick_handler to be run on subrequests. [Ian Holsman]
  *) mod_dav now asks its provider to place content directly into the
     filter stack when handling a GET request. The mod_dav/provider
     API has changed, so providers need to be updated. [Greg Stein]

  *) Clear the output socket descriptor in unixd_accept() to make sure
     we don't supply a bogus socket to the caller if the accept fails.
     This caused problems with the worker MPM, which tried to process
     the returned socket if it was non-NULL.  [Brian Pane]

  *) Move a check for an empty brigade to the start of core input filter
     to avoid segfaults.  [Justin Erenkrantz, Jeff Trawick]

Ken Coar's avatar
 
Ken Coar committed
  *) Add FileETag directive to allow configurable control of what
     data are used to form ETag values for file-based URIs.  MMN
     bumped to 20020111 because of fields added to the end of
     the core_dir_config structure.  [Ken Coar]

  *) Fix a segfault in mod_rewrite's logging code caused by passing the
     wrong config to ap_get_remote_host().  [Jeff Trawick]

  *) Allow mod_cgid to work from a binary distribution install by
     using 755 for the permissions on the log directory instead of
     750.  [Jeff Trawick]

  *) Fixed a segfault that happened during graceful shutdown (or when
     the httpd ran out of file descriptors) with the worker MPM [Brian Pane]

  *) Split all Win32 modules [excluding the core components mod_core, 
     mod_so, mod_win32 and the winnt mpm] into individual loadable
     modules, so the administrator may individually disable the former
     compiled-in modules by simply commenting out their LoadModule
     directives.  [William Rowe]

  *) Saved Win32 module authors and porters many future headaches, by
     duplicating the appropriate .h files such as os.h into the include
     directory, including in the build tree.  [William Rowe]

  *) mod_ssl adjustments to help with using toolkits other than OpenSSL:
      Use SSL functions/macros instead of directly dereferencing SSL
      structures wherever possible.
      Add type-casts for the cases where functions return a generic pointer.
      Add $SSL/include to configure search path.
     [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Moved several pointers out of the shared Scoreboard so it is
     more portable, and will present the vhost name across server
     generation restarts.  [William Rowe]

  *) Fix SSLPassPhraseDialog exec: and SSLRandomSeed exec:
     [Doug MacEachern]
Aaron Bannert's avatar
Aaron Bannert committed
Changes with Apache 2.0.30
David Reid's avatar
David Reid committed
  *) Fix the main bug for FreeBSD and threaded MPM's. There are
     still issues (see STATUS) but at least the server will now
     run without crashing the machine.
     [David Reid, Aaron Bannert, Justin Erenkrantz]

  *) Fix a typo in mod_deflate's m4 config section.
     [albert chin (china@thewrittenword.com)]

  *) Fix a couple of mod_proxy problems forwarding HTTP connections
     and handling CONNECT:
     (1) PR #9190  Proxy failed to connect to IPv6 hosts.
     (2) Proxy failed to connect when the first IP address returned by 
         the resolver was unreachable but a secondary IP address was.  
     [Jeff Trawick]

  *) Fix the module identifer as shown in the docs for various core
     modules (e.g., the identifer for mod_log_config was previously
     listed as config_log_module).  PR #9338
     [James Watson <ap2bug@sowega.org>]

  *) Fix LimitRequestBody directive by placing it in the HTTP
     filter.  [Justin Erenkrantz]

  *) Fix mod_proxy seg fault when the proxied server returns 
     an HTTP/0.9 response or a bogus status line.
     [Adam Sussman]

  *) Prevent mod_proxy from truncating one character off the
     end of the status line returned from the proxied server.
     [Adam Sussman, Bill Stoddard]

  *) Eliminate loop in ap_proxy_string_read().
     [Adam Sussman, Bill Stoddard]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Provide $0..$9 results from mod_include regex parsing.
     [William Rowe]

  *) Allow mod-include to look for alternate start & end tags [Ian Holsman]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduced the ForceLanguagePriority directive, to prevent
     returning MULTIPLE_CHOICES or NONE_ACCEPTABLE in some cases,
     when using Multiviews.  [William Rowe]

  *) Fix a problem which prevented mod_cgid and suexec from working
     together reliably [Greg Ames]

Aaron Bannert's avatar
Aaron Bannert committed
  *) Remove the call to exit() from within mod_auth_digest's post_config
     phase.  [Aaron Bannert]

  *) Fix a problem in mod_auth_digest that could potentially cause
     problems with initialized static data on a system that uses DSOs.
     [Aaron Bannert]

Aaron Bannert's avatar
Aaron Bannert committed
  *) Fix a segfault in the worker MPM that could happen during
     child process exits.  [Brian Pane, Aaron Bannert]

  *) Allow mod_auth_dbm to handle multiple DBM types [Ian Holsman]

  *) Fix matching of vhosts by ip address so we find IPv4
     vhost address when target address is v4-mapped form of
     that address.  [Jeff Trawick]

  *) More performance tweaks to the BNDM string-search algorithm
     used to find "<!--#" tokens in mod_include [Brian Pane]

  *) Miscellaneous small performance fixes: optimized away various
     string copy operations and removed large temp buffers from
     the stack [Brian Pane]

  *) Fixed startup segfault that occurred when a VirtualHost
     directive had a port but no address [Brian Pane]

  *) Allow htdbm to work with multiple DBM types [Ian Holsman]
  *) Win32: Made change to apr_sendfile() to return APR_ENOTIMPL
     if oslevel < WINNT.  This should fix several problems reported
     Against 2.0.28 on Windows 98 [Bill Stoddard]
  *) Win32: Fix bug that could cause CGI scripts with QUERY_STRINGS
     to fail. [Bill Stoddard]

  *) Change core code to allow an MPM to set hard thread/server
     limits at startup.  prefork, worker, and perchild MPMs now have 
     directives to set these limits.  [Jeff Trawick]
  *) Win32: The async AcceptEx() event should be autoreset upon
     successful completion of a wait (WaitForSingleObject). This
     eliminates a number of spurious
     setsockopt(SO_UPDATE_ACCEPT_CONTEXT) failed." messages.
     [Bill Stoddard]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Move any load library path environment variables out of 
     apachectl and into a separate environment variable file which
     can be more easily tailored by the admin.  The environment
     variable file as built by Apache may have additional system-
     specific settings.  For example, on OS/390 we tailor the heap
     settings to allow lots of threads.  [Jeff Trawick]
    
  *) Use the new APR pool code to reduce pool-related lock
     contention in the worker MPM.  [Sander Striker]

  *) The POD no longer assumes the child is listening on 127.0.0.1
     and now pulls the first hostname in the list of listeners to
     perform the dummy connect on. This fixes a bug when the user
     had configured the Listen directive for an IP other than
     127.0.0.1. This would result in undead children and error
     messages such as "Connection refused: connect to listener".
     [Aaron Bannert]

  *) The worker MPM now respects the LockFile setting, needed to
     avoid locking problems with NFS.  [Jeff Trawick]

  *) Fix segfault when worker MPM receives SIGHUP.
     [Ian Holsman, Aaron Bannert, Justin Erenkrantz]

  *) Fix bug that could potentially prevent the perchild MPM from
     working with more than one vhost/uid.  [Aaron Bannert]

  *) Change make install and apxs -i processing of DSO modules to 
     perform special handling on platforms where libtool doesn't install 
     mod_foo.so.  This fixes some wonkiness on HP-UX, Tru64, and AIX 
     which prevented standard LoadModule statements from working.
  *) Whenever mod_so is enabled (not just when there are DSOs for
     our modules), do whatever special magic is required for compiling/
     loading third-party modules.  This allows third-party DSOs to
     be used on an AIX build when there were no built-in modules
     built as DSOs.  (This should help on OS/390 and BeOS as well.)
     [Jeff Trawick]

  *) Allow apxs to be used to build DSOs on AIX without requiring the
     user to hard-code the list of import files.  (This should help
     on OS/390 and BeOS as well.)  [Jeff Trawick]
     
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Resolved segfault in mod_isapi when configuring with ISAPICacheFile.
     PR 8563, 8919  [William Rowe]
  
  *) Get binary builds working when libapr and libaprutil are built
     shared [Greg Ames]
Ian Holsman's avatar
Ian Holsman committed

  *) Get shared builds of libapr and libaprutil, as well as Apache DSOs,
     working on AIX.  [Aaron Bannert, Dick Dunbar <RLDunbar@pacbell.net>,
     Gary Hook <ghook@us.ibm.com>, Victor Orlikowski, Jeff Trawick]

  *) Fix the handling of SSI directives in which the ">" of the
     terminating "-->" is the last byte in a file [Brian Pane]

  *) Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"
     message that we had back in apache-1.3 and still have scattered
     throughout our docs.  [Aaron Bannert]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Prevent the Win32 port from continuing after encountering an
     error in the command line args to apache.  [William Rowe]

  *) On a error in the proxy, make it write a line to the error log
     [Ian Holsman]

  *) Various mod_ssl performance improvements [Doug MacEachern]

Ian Holsman's avatar
Ian Holsman committed
Changes with Apache 2.0.29
  *) Add buffering in core_output_filter to ensure that long
     lists of small buckets don't cause small packet writes.
     [Brian Pane, Ryan Bloom]

  *) Fix the installation target to make sure that the manual is 
     installed in the correct location.
     [Yoshifumi Hiramatsu <hiramatu@boreas.dti.ne.jp> and
      Gomez Henri <hgomez@slib.fr>]

  *) Fix the cmd command for mod_include.  When we are processing
     a cmd command, we do not want to use the r->filename to set
     the command name.  The command comes from the SSI tag.  To do this,
     I added a variable to the function that builds the command line
     in mod_cgi.  This allows the include_cmd function to specify
     the command line itself. [Ryan Bloom]

  *) Change open_logs hook to return a value, allowing you
     to flag a error while opening logs
     [Ian Holsman, Doug MacEachern]

  *) Change post_config hook to return a value, allowing you
     to flag a error post config
     [Ian Holsman, Jeff Trawick]

  *) Allow SUEXEC_BIN (the path to the suexec binary that is
     hard-coded into the server) to be specified to the configure
     script by the --with-suexec-bin parameter.  [Aaron Bannert]

  *) Fix segv in worker MPM following accept on pipe-of-death
     [Brian Pane]

  *) Add mod_deflate to experimental.  
     [Ian Holsman, Justin Erenkrantz]

  *) Bail out at configure time if an invalid MPM was specified.
     [jean-frederic clere <jfrederic.clere@fujitsu-siemens.com>]

  *) Prevent segv in ap_note_basic_auth_failure() when no AuthName is
     configured [John Sterling <sterling@covalent.net>]
  *) Fix apxs to use sbindir.  [Henri Gomez <hgomez@slib.fr>]

  *) Fix a problem with IPv6 vhosts.  PR #8118  [Jeff Trawick]

  *) Optimization for the BNDM string-search function in
     mod_include.  [Brian Pane]

  *) Fixed the behavior of the XBitHack directive.
     [Taketo Kabe <kabe@sra-tohoku.co.jp>, Cliff Woolley] PR#8804

  *) The threaded MPM for Unix has been removed.  Use the worker
     MPM instead.  [various]

  *) APR-ize the resolver logic in mod_unique_id.  This fixes a bug
     in logging the error from a failed DNS lookup.  [Jeff Trawick]

  *) Added the missing macros AP_INIT_TAKE13 and AP_INIT_TAKE123.
     [Cliff Woolley]

  *) Get mod_cgid killed when a MPM exits due to a fatal error.
     [Jeff Trawick]

  *) Fix a file descriptor leak in mod_include.  When we include a
     file, we use a sub-request, but we didn't destroy the sub-request
     immediately, instead we waited until the original request was
     done.  This patch closes the sub-request as soon as the data is
     done being generated.  [Brian Pane <bpane@pacbell.net>]

  *) Allow modules that add sockets to the ap_listeners list to
     define the function that should be used to accept on that
     socket.  Each MPM can define their own function to use for
     the accept function with the MPM_ACCEPT_FUNC macro.  This
     also abstracts out all of the Unix accept error handling
     logic, which has become out of synch across Unix MPMs.
     [Ryan Bloom]

  *) Fix a bug which would cause the response headers to be omitted
     when sending a negotiated ErrorDocument because the required
     filters were attached to the wrong request_rec.
     [John Sterling <sterling@covalent.net>]

  *) Remove commas from the end of the macros that define
     directives that are used by MPMs.  Prior to this patch,
     you would use these macros without commas, which was unlike
     the macros for any other directives.  Now, the caller provides
     the comma rather than the macro providing it.  This makes
     the macros look more like the rest of the directives.
     [Ryan Bloom and Cliff Woolley]
  *) Add 'redirect-carefully' environment option to disable sending
     redirects under special circumstances.  This is helpful for 
     Microsoft's WebFolders when accessing a directory resource via
     DAV methods.  [Justin Erenkrantz]

  *) Begin to abstract out the underlying transport layer.
     The first step is to remove the socket from the conn_rec,
     the server now lives in a context that is passed to the
     core's input and output filters. This forces us to be very
     careful when adding calls that use the socket directly,
     because the socket isn't available in most locations.
     [Ryan Bloom]

  *) Really reset the MaxClients value in worker and threaded
     when the configured value is not a multiple of the number 
     of threads per child.  We said we did previously but we 
     forgot to. [Jeff Trawick]
  *) Add Debian layout.  [Daniel Stone <daniel@sfarc.net>]

  *) If shared modules are requested and mod_so is not available,
     produce a fatal config-time error.  [Justin Erenkrantz]

  *) Improve http2env's performance by cutting the work it has to
     do.  [Brian Pane <bpane@pacbell.net>]

  *) use new 'apr_hash_merge' function in mod_mime (performance fix)
     [Brian Pane <bpane@pacbell.net>]

  *) Fix infinite loop in mod_cgid.c.  
     [Dale Ghent <daleg@elemental.org>, Brian Pane <bpane@pacbell.net>]

  *) When no port is given in a "ServerName host" directive, the
     server_rec->port is now set to zero, not 80. That allows for
     run-time deduction of the correct server port (depending on
     SSL/plain, and depending also on the current setting of
     UseCanonicalName). This change makes redirections
     work, even with https:// connections. As in Apache-1.3, the
     connection's actual port number is never used, only the ServerName
     setting or the client's Host: setting. Documentation updated
     to reflect the change. [Martin Kraemer]
  *) Add a '%{note-name}e' argument to mod-headers, which works in
     the same way as mod_log_confg.  [Ian Holsman]

  *) Fix the spelling of the AP_MPMQ_MIN_SPARE_DAEMONS and
     AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
     MPMs.  [Cliff Woolley]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce htdbm, a user management utility for db/dbm authorization
     databases.  [Mladen Turk <mturk@mappingsoft.com>]

  *) Optimize usage of strlen and strcat in ap_directory_walk.
     [Brian Pane <bpane@pacbell.net>]

  *) Introduce an Apache mod_ssl initial configuration template 
     (ssl.conf, generated from ssl-std.conf).  [Ralf S. Engelschall]

Aaron Bannert's avatar
Aaron Bannert committed
  *) Fixed a memory leak in the getline parsing code that could
     be triggered by arbitrarily large header lines. Requests
     from the core input filter for single lines are now limited
     to HUGE_STRING_LEN (8192 bytes).  [Aaron Bannert]

  *) Fix a truncation bug in how we print the port on the Via: header. 
     The routine that prints the Via: header now takes a length for
     the port string.  [Zvi Har'El <rl@math.technion.ac.il>]

  *) Some syntax errors in mod_mime_magic's magic file can result
     in a 500 error, which previously was unlogged.  Now we log the
     error.  [Jeff Trawick]

  *) Add the support/checkgid helper app, which checks the run-time
     validity of group identifiers usable in the Group directive.
     [Ken Coar]

  *) Various --enable-so options have been fixed: --enable-so is
     treated as "static"; explicit --enable-so=shared issues an error;
     and explicit --enable-so fails with error on systems without
     APR_HAS_DSO.  [Aaron Bannert]

  *) Fix a segfault in the core input filter when the client socket
     gets disconnected unexpectedly.  [Cliff Woolley]

  *) Fix the reporting for child processes that die.  This removes
     all of the non-portable W* macros from Apache. 
     [Jeff Trawick and Ryan Bloom]

  *) Win32: Track and display "Parent Server Generation:" in
     mod_status output. The generation will be bumped at
     server graceful restart, when the child process exits
     by hitting MaxRequestsPerChild or if the child 
     process exits abnormally. [Bill Stoddard]

  *) Win32: Fix problem where MaxRequestsPerChild directive was
     not being picked up in favor of the default. Enable
     the parent to start up a new child process immediately upon
     the old child starting shutdown.
     [Bill Stoddard]
  *) Fix some bungling of the remote port in rfc1413.c so that 
     IdentityCheck retrieves the proper user id instead of failing
     and thus always returning "nobody."  
     [Dick Streefland <Dick.Streefland@xs4all.nl>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduced thread saftey for mod_rewrite's internal cache.
     [Brian Pane <bpane@pacbell.net>]

  *) Simplified mod_env's directives to behave as most directives are
     expected, in that UnsetEnv will not unset a SetEnv and PassEnv 
     directive following that UnsetEnv within the same container.
     Also provides a runtime startup warning if a PassEnv configured 
     environment value is undefined.  [William Rowe]

  *) The worker MPM is now completely ported to APR's new lock API. It
     uses native APR types for thread mutexes, cross-process mutexes,
     and condition variables.  [Aaron Bannert]

  *) Sync up documentation to remove all references to the now deprecated
     Port directive.  [Justin Erenkrantz]

  *) Moved all ldap modules from the core to httpd-ldap sub-project
     [Ryan Bloom]

  *) Exit when we can't listen on any of the configured ports.  This
     is the same behavior as 1.3, and it avoids having the MPMs to
     deal with bogus ap_listen_rec structures.  [Jeff Trawick]

  *) Cleanup the proxy code that creates a request to the origin
     server.  This change adds an optional hook, which allows modules
     to gain control while the request is created if the proxy module
     is loaded.  The purpose of this hook is to allow modules to add
     input and/or output filters to the request to the origin.  While
     I was at it, I made the core use this hook, so that proxy request
     creation uses some of the code from the core.  This can still be
     greatly improved, but this is a good start.  [Ryan Bloom]

Changes with Apache 2.0.26
Ryan Bloom's avatar
Ryan Bloom committed

  *) Port the MaxClients changes from the worker MPM to the threaded
     MPM.  [Ryan Bloom]

  *) Fix mod_proxy so that it handles chunked transfer-encoding and works
     with the new input filtering system.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Introduce the MultiviewsMatch directive, to allow the operator
     to be flexible in recognizing Handlers and Filters filename
     extensions as part of the Multiviews matching logic, strict with
     MultiviewsMatch NegotiatedOnly to accept only filename extentions 
     that designate negotiated parameters, (content type, charset, etc.)