Newer
Older
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
*) Make the proxy work with filters. This isn't perfect, because we
aren't dealing with the headers properly. [Ryan Bloom]
*) Do not send a content-length iff the C-L is 0 and this is a head
request. [Ryan Bloom]
*) Make cgi-bin work as a regular directory when using mod_vhost_alias
with no VirtualScriptAlias directives. PR#6829 [Tony Finch]
*) Remove BUFF from the PROXY connect handling. [Ryan Bloom]
*) Get the default_handler to stop trying to deal with HEAD requests.
The idea is to let the content-length filter compute the C-L before
we try to send the data. If we can get the C-L correctly, then we
should send it in the HEAD response.
[Ryan Bloom]
*) The Header filter can now determine if a body should be sent based
on r->header_only. The general idea of this is that if we delay
deciding to send the body, then we might be able to compute the
content-length correctly, which will help caching proxies to cache
our data better. Any handler that doesn't want to try to compute
the content-length can just send an EOS bucket without data and
everything will just work.
[Ryan Bloom]
*) Add the referer to the error log if one is available.
[Markus Gyger <mgyger@itr.ch>]
*) Mod_info.c has now been ported to Apache 2.0. As a part of this
change, the root of the configuration tree has been exposed to modules
as ap_conftree.
[Ryan Morgan <rmorgan@covalent.net>]
*) Get the core_output_filter to use the bucket interface directly.
This keeps us from calling the content-length filter multiple times
for a simple static request.
[Ryan Bloom]
*) We are sending the content-type correctly now.
[Ryan Bloom and Will Rowe]
*) APR on FreeBSD: Fix a bug in apr_sendfile() which caused us to report
a bogus bytes-sent value when the only thing being sent was trailers
and writev() returned an error (or EAGAIN). [Jeff Trawick]
*) Get SINGLE_LISTEN_UNSERIALIZED_ACCEPT working again. This uses the
hints file to determine which platforms define
SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
[Ryan Bloom]
*) APR: add apr_get_home_directory() [Jeff Trawick]
*) Initial import of 1.3-current mod_proxy. [Chuck Murcko]
*) Not all platforms have INADDR_NONE defined by default. Apache
used to make this check and define INADDR_NONE if appropriate,
but APR needs the check too, and I suspect other applications will
as well. APR now defines APR_INADDR_NONE, which is always a valid
value on all platforms.
[Branko Èibej <brane@xbc.nu>]
*) Destroy the pthread mutex in lock_intra_cleanup() for PR#6824.
[Shuichi Kitaguchi <ki@hh.iij4u.or.jp>]
*) Relax the syntax checking of Host: headers in order to support
iDNS. PR#6635 [Tony Finch]
*) When reading from file buckets we convert to an MMAP if it makes
sense. This also simplifies the default handler because the
default handler no longer needs to try to create MMAPs.
[Ryan Bloom]
*) BUFF has been removed from the main server. The BUFF code will remain
in the code until it has been purged from the proxy module as well.
[Ryan Bloom]
*) Byteranges have been completely re-written to be a filter. This
has been tested, and I believe it is working correctly, but it could
doesn't work for the Adobe Acrobat plug-in. The output almost matches
the output from 1.3, the only difference being that 1.3 includes
a content-length in the response, and this does not.
[Ryan Bloom]
*) APR read/write functions and bucket read functions now operate
on unsigned integers, instead of signed ones. It doesn't make
any sense to use signed ints, because we return the error codes,
so if we have an error we should report 0 bytes read or written.
[Ryan Bloom]
*) Always compute the content length, whether it is sent or not.
The reason for this, is that it allows us to correctly report
the bytes_sent when logging the request. This also simplifies
content-length filter a bit, and fixes the actual byte-reporing
code in mod_log_config.c
[Ryan Bloom]
*) Remove AP_END_OF_BRIGADE definition. This does not signify what
it says, because it was only used by EOS and FLUSH buckets. Since
neither of those are required at the end of a brigade, this was
really signifying FLUSH_THE_DATA, but that can be determined better
by checking AP_BUCKET_IS_EOS() or AP_BUCKET_IS_FLUSH. EOS and FLUSH
buckets now return a length of 0, which is actually the amount of data
read, so they make more sense.
[Ryan Bloom]
*) Allow the core_output_filter to save some data past the end of a
request. If we get an EOS bucket, we only send the data if it
makes sense to send it. This allows us to pipeline request
responses. As a part of this, we also need to allocate mmap
buckets out of the connection pool, not the request pool. This
allows the mmap to outlive the request.
[Ryan Bloom]
*) Make blocking and non-blocking bucket reads work correctly for
sockets and pipes. These are the only bucket types that should
have non-blocking reads, because the other bucket types should
ALWAYS be able to return something immediately.
[Ryan Bloom]
*) In the Apache/Win32 console window, accept Ctrl+C to stop the
server, but use Ctrl+Break to initiate a graceful restart
instead of duplicating behavior. [John Sterling]
*) Patch mod_autoindex to set the Last-Modified header based on
the directory's mtime, and add the ETag header. [William Rowe]
*) Merge the 1.3 patch to add support for logging query string in
such a way that "%m %U%q %H" is the same as "%r".
[Bill Stoddard]
*) Port three log methods from mod_log_config 1.3 to 2.0:
CLF compliant '-' byte count, method and protocol.
[Bill Stoddard]
*) Add a new LogFormat directive, %c, that will log connection
status at the end of the response as follows:
'X' - connection aborted before the response completed.
'+' - connection may be kept-alive by the server.
'-' - connection will be closed by the server.
[Bill Stoddard]
*) Expand APR for WinNT to fully accept and return utf-8 encoded
Unicode file names and paths for Win32, and tag the Content-Type
from mod_autoindex to reflect that charset if the the feature
macro APR_HAS_UNICODE_FS is true. [William Rowe]
*) Compute the content length (and add appropriate header field) for
the response when no content length is available and we can't use
chunked encoding. [Jeff Trawick]
*) Changed ap_discard_request_body() to use REQUEST_CHUNKED_DECHUNK,
so that content input filters get dechunked data when using
the default handler. Also removed REQUEST_CHUNKED_PASS.
[Sascha Schumann]
*) Add mod_ext_filter as an experimental module. This module allows
the administrator to use external programs as filters. Currently,
only filtering of output is supported. [Jeff Trawick]
*) Most Apache functions work on EBCDIC machines again, as protocol
data is now translated (again). [Jeff Trawick]
*) Introduce ap_xlate_proto_{to|from}_ascii() to clean up some of
the EBCDIC support. They are noops on ASCII machines, so this
type of translation doesn't have to be surrounded by #ifdef
CHARSET_EBCDIC. [Jeff Trawick]
*) Fix mod_include. tag commands work again, and the server will
send the FAQ again. This also allows mod_include to set aside
buckets that include partial buckets.
[Ryan Bloom and David Reid]
*) Add suexec support back. [Manoj Kasichainula]
*) Lingering close now uses the socket directly instead of using
BUFF. This has been tested, but since all we can tell is that it
doesn't fail, this needs to be really hacked on.
[Ryan Bloom]
*) Allow filters to modify headers and have those headers be sent to
the client. The idea is that we have an http_header filter that
actually sends the headers to the network. This removes the need
for the BUFF to send headers.
[Ryan Bloom]
*) Charset translation: mod_charset_lite handles translation of
request bodies. Get rid of the xlate version of ap_md5_digest()
since we don't compute digests of filtered (e.g., translated)
response bodies this way anymore. (Note that we don't do it at
all at the present; somebody needs to write a filter to do so.)
[Jeff Trawick]
*) Input filters and ap_get_brigade() now have a input mode parameter
(blocking, non-blocking, peek) instead of a length parameter.
[hackathon]
*) Update the mime.types file to the registered media types as
of 2000-10-19. PR#6613 [Carsten Klapp <carsten.klapp@home.net>,
Tony Finch]
*) Namespace protect some macros declared in ap_config.h
[Ryan Bloom]
*) Support HTTP header line folding with input filtering.
[Greg Ames]
*) Mod_include works again. This should still be re-written, but at
least now we can serve an SHTML page again.
[Ryan Bloom]
*) Begin to remove BUFF from the core. Currently, we keep a pointer
to both the BUFF and the socket in the conn_rec. Functions that
want to use the BUFF can, functions that want to use the socket,
can. They point to the same place.
[Ryan Bloom]
*) apr_psprintf doesn't understand %lld as a format. Make it %ld.
[Tomas "Ögren" <stric@ing.umu.se>]
*) APR pipes on Unix and Win32 are now cleaned up automatically when the
associated pool goes away. (APR pipes on OS/2 were already had this
logic.) This resolvs a fatal file descriptor leak with CGIs.
[Jeff Trawick]
*) The final line of the config file was not being read if there was
no \n at the end of it. This was caused by apr_fgets returning
APR_EOF even though we had read valid data. This is solved by
making cfg_getline check the buff that was returned from apr_fgets.
If apr_fgets return APR_EOF, but there was data in the buf, then we
return the buf, otherwise we return NULL.
[Ryan Bloom]
*) Piped logs work again in the 2.0 series.
[Ryan Bloom]
*) Restore functionality broken by the mod_rewrite security fix:
rewrite map lookup keys and default values are now expanded
so that the lookup can depend on the requested URI etc.
PR #6671 [Tony Finch]
*) SECURITY: Tighten up the syntax checking of Host: headers to fix a
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
security bug in some mass virtual hosting configurations
that can allow a remote attacker to retrieve some files
on the system that should be inaccessible. [Tony Finch]
*) Add a pool bucket type. This bucket is used for data allocated out
of a pool. If the pool is cleaned before the bucket is destroyed, then
the data is converted to a heap bucket, allowing it to survive the
death of the pool.
[Ryan Bloom]
*) Add a flush bucket. This allows modules to signal that the filters
should all flush whatever data they currently have. There is no way
to actually force them to do this, so if a filter ignores this bucket,
that's life, but at least we can try with this.
[Ryan Bloom]
*) Add an output filter for sub-requests. This filter just strips the
EOS bucket so that we don't confuse the main request's core output
filter by sending multiple EOS buckets. This change also makes sub
requests start to send EOS buckets when they are finished.
[Ryan Bloom]
*) Make ap_bucket_(read|destroy|split|setaside) into macros. Also
makes ap_bucket_destroy a return void, which is okay because it
used to always return APR_SUCCESS, and nobody ever checked its
return value anyway.
[Cliff Woolley <cliffwoolley@yahoo.com>]
*) Remove the index into the bucket-type table from the buckets
structure. This has now been replaced with a pointer to the
bucket_type. Also add some macros to test the bucket-type.
[Ryan Bloom]
*) Renamed all MODULE_EXPORT symbols to AP_MODULE_DECLARE and all symbols
for CORE_EXPORT to AP_CORE_DECLARE (namespace protecting the wrapper)
and retitled API_EXPORT as AP_DECLARE and APR_EXPORT as APR_DECLARE.
All _VAR_ flavors changes to _DATA to be absolutely clear.
[William Rowe]
*) Add support for /, //, //servername and //server/sharename
parsing of <Directory> blocks under Win32 and OS2.
[Tim Costello, William Rowe, Brian Harvard]
*) Remove the function pointers from the ap_bucket type. They have been
replaced with a global table. Modules are allowed to register bucket
types and use then use those buckets.
[Ryan Bloom]
*) mod_cgid: In the handler, shut down the Unix socket (only for write)
once we finish writing the request body to the cgi child process;
otherwise, the client doesn't hit EOF on stdin. Small request bodies
worked without this change (for reasons I don't understand), but large
ones didn't. [Jeff Trawick]
*) Remove file bucket specific information from the ap_bucket type.
This has been moved to a file_bucket specific type that hangs off
the data pointer in the ap_bucket type.
[Ryan Bloom]
*) Input filtering now has a third argument. This is the amount of data
to read from lower filters. This argument can be -1, 0, or a positive
number. -1 means give me all the data you have, I'll deal with it and
let you know if I need more. 0 means give me one line and one line
only. A positive number means I want no more than this much data.
Currently, only 0 and a positive number are implemented. This allows
us to remove the remaining field from the conn_rec structure, which
has also been done.
[Ryan Bloom]
*) Big cleanup of the input filtering. The goal is that http_filter
understands two conditions, headers and body. It knows where it is
based on c->remaining. If c->remaining is 0, then we are in headers,
and http_filter returns a line at a time. If it is not 0, then we are
in body, and http_filter returns raw data, but only up to c->remaining
bytes. It can return less, but never more.
[Greg Ames, Ryan Bloom, Jeff Trawick]
*) mod_cgi: Write all of the request body to the child, not just what
the kernel would accept on the first write. [Jeff Trawick]
*) Back out the change that moved the brigade from the core_output_filters
ctx to the conn_rec. Since all requests over a given connection
go through the same core_output_filter, the ctx pointer has the
correct lifetime.
[Ryan Bloom]
*) Fix another bug in the send_the_file() read/write loop. A partial
send by apr_send would cause unsent data in the read buffer to
get clobbered. Complete making send_the_file handle partial
writes to the network.
[Bill Stoddard]
*) Fix a couple of type fixes to allow compilation on AIX again
[Victor J. Orlikowski <v.j.orlikowski@gte.net>]
*) Fix bug in send_the_file() which causes offset to be ignored
if there are no headers to send.
[Bill Stoddard]
*) Handle APR_ENOTIMPL returned from apr_sendfile in the core
filter. Useful for supporting Windows 9* with a binary
compiled on Windows NT.
[Bill Stoddard]
Changes with Apache 2.0a7
*) Reimplement core_output_filter to buffer/save bucket brigades
across multiple calls to the core_filter. The brigade will be
sent when either MIN_BYTES_TO_SEND or MAX_IOVEC_TO_WRITE
thresholds are hit or the EOS bucket is received.
[Bill Stoddard]
*) Create experimental filter (buffer_filter) that coalesces bytes
into one large buffer before invoking the next filter in the
chain. This filter is particularly useful with the current
implementation of mod_autoindex when it inserted above the
chunk_filter. mod_autoindex generates a lot of brigades that
containing buckets holding just a few bytes each. The
buffer_filter coalesces these buckets into a single large bucket.
[Bill Stoddard]
*) Add apr_sendfile() support into the core_output_filter.
[Bill Stoddard]
*) Add apr_sendv() support into the core_output_filter.
[Bill Stoddard]
*) Fix mod_log_config so that it compiles cleanly with BUFFERED_LOGS
[Mike Abbott <mja@sgi.com>]
*) Remove ap_send_fb. This is no longer used in Apache, and it doesn't
make much sense, because Apache uses buckets instead of BUFFs now.
[Ryan Bloom]
*) send_the_file now falls back to a read/write loop on platforms that
do not have sendfile.
[Ryan Bloom and Brian Havard]
*) Install apachectl correctly, and substitute the proper values so
that it works again. [Ryan Bloom]
*) Better(??) handle platforms that lack sendfile().
[Jim Jagielski]
*) APR now has UUID generation/formatting/parsing support.
[Greg Stein]
*) Begin the http_filter. This is an input filter that understands
the absolute basic amount required to parse an HTTP Request. The
goal is to be able to split headers from request body before passing
the data back to the other filters.
[Ryan Bloom]
*) Bring forward from 1.3.13 the config directory implementation
[Jim Jagielski]
*) install apxs if it is created
[Ryan Bloom]
*) Added APR_IS_STATUS_condition test macros to eliminate canonical error
conversions. [William Rowe]
*) Now that we have ap_add_input_filter(), rename ap_add_filter() to
ap_add_output_filter(). [Jeff Trawick]
*) Multiple build and configuration fixes
Build process:
-add datadir and localstatedir substitutions
-fix layout name
-fix logfilename misspelling
-fix evaluation of installation dir variables and
-replace $foobar by $(foobar) to be usefull in the makefile
Cross compile:
-add rules for cross-compiling in rules.mk. Okay, rule to check for
$CC_FOR_BUILD is still missing
-use CHECK_TOOL instead of CHECK_PROG for ranlib
-add missing "AR=@AR@" to severaly Makefile.in's
-cache result for "struct rlimit"
-compile all helper programs with native and cross compiler
and use the native version to generate header file
["Rüdiger" Kuhlmann <Tadu@gmx.de>]
*) Prepare our autoconf setup for autoconf 2.14a and for cross-
compiling.
["Rüdiger" Kuhlmann <Tadu@gmx.de>]
*) Fix a bug where a client which only sends \n to delimit header
lines (netcat) gets a strange looking HTTP_NOT_IMPLEMENTED
message. Start working on ebcdic co-existance with input
filtering.
[William Rowe, Greg Ames]
*) If mod_so is enabled in the server always create libexec, even
if there are no modules installed in this directory. This is a
requirement for APXS to work correctly.
[Ryan Bloom]
*) Connection oriented output filters are now stored in the
conn_rec instead of the request_rec. This allows us to add the
output filter in the pre-connection phase instead of the
post_read_request phase, which keeps us from trying to write an
error page before we have a filter to write to the network.
[Ryan Bloom, Jeff Trawick, and Greg Ames]
*) Cleaning up an mmap bucket no longer deletes the mmap. An
mmap can be used across multiple buckets (default_handler with
byte ranges, mod_file_cache, mod_mmap_static), so cleanup of
the mmap itself can't be associated with the bucket.
[Jeff Trawick]
*) Add .dll caching directive ISAPICacheFile to mod_isapi.
[William Rowe]
*) Radical surgery to improve mod_isapi support under Win32.
Includes a number of newer ServerSupportFunction calls, support
for ReadClient (in order to retrieve POSTs greater than 48KB),
and general bug fixes to more reliably load ISAPI .dll's and
prevent leaking handle resources. Note: There are still
discrepancies between IIS's and Apache's ServerVariables, and
async calls are still not supported. Additional warnings are
logged to facilitate debugging of unsupported ISAPI calls.
[William Rowe]
*) Add input filtering to Apache. The basic idea for the input
filters is the same as the ideas for output filters. The biggest
difference is that instead of calling ap_pass_brigade, ap_get_brigade
should be called, and the order of execution for the filter itself is
different. When writing an output filter, a brigade is passed in,
and filters operate directly on that brigade, when done, they call
ap_pass_brigade. Input filters are the exact opposite. Because input
is not a push operation, filters first call ap_get_brigade. When this
function returns, the input filter will be left with a valid brigade.
The input filter should then operate on the brigade, and return.
[Ryan Bloom]
*) Fix building on BSD/OS using its native make. The build system
falls back to the BSD .include directive on that host platform.
[Sascha Schumann]
*) Expand dbmmanage to allow -d -m -s -p options for Crypt, MD5,
SHA1 and plaintext password encodings. Make feature tests a
bit more flexible. [William Rowe]
*) Charset translation: mod_charset_lite handles output content
translation in a filter. mod_charset_lite no longer ignores
subrequests. A bunch of cruft related to BUFF's support for
translating request and response bodies was removed.
[Jeff Trawick]
*) Move the addition of the CORE filter to the post_read_request
hook in http_core.c. This removes the need to add the filter in
multiple places and allows for an SSL module to be added much
simpler. [Ryan Bloom]
*) SECURITY: CVE-2000-0913 (cve.mitre.org)
Fix a security problem that affects certain configurations of
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
mod_rewrite. If the result of a RewriteRule is a filename that
contains expansion specifiers, especially regexp backreferences
$0..$9 and %0..%9, then it may be possible for an attacker to
access any file on the web server. [Tony Finch]
*) Fix a bug where errors that are detected during early request parsing
don't produce visible HTTP error messages at the browser, because
the core_filter wasn't present. [Greg Ames]
*) Provide apr_socklen_t as a portability aid.
[Victor J. Orlikowski]
*) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2)
as well as a comment arg to the add, adduser and update cmds.
update allows the user to clear or preserve pw/groups/comment.
Fixed a bug in dbmmanage that prevented the check option from
parsing a password followed by :group... text. Corrected the
seed calcualation for Win32 systems, and added -lsdbm support.
[William Rowe]
*) Configured mod_auth_dbm to compile with sdbmlib under Win32.
[William Rowe]
*) Avoid a segfault when parsing .htaccess files. An
uninitialized tree pointer was passed to ap_build_config().
[Jeff Trawick]
*) Change the way that inet_addr & inet_network are checked for
in APR's configure process to allow BeOS BONE to correctly
find them. With this change BeOS BONE now builds from source
with no problems. [David Reid]
*) Fix a bug in apr_create_process() for Unix. The NULL signifying
the end of the parameters to execve() was stored in the wrong
location, overlaying the storage beyond the newargs[] array and
also passing uninitialized storage to execve(), which would
sometimes fail with EFAULT. [Jeff Trawick]
*) Fix a bug parsing configuration file containers. With a sequence
like this in the config file
<IfModule mod_kilroy.c>
any stuff
</IfModule>
<IfModule mod_lovejoy.c>
(blank line)
any stuff
</IfModule>
the second container would be terminated at the blank line due to
sediment in the buffer from reading the prior </IfModule> and an
error message would be generated for the real </IfModule> for the
second container. Also due to this problem, any two characters
could be used for "</" in the close of a container.
[Jeff Trawick]
*) ap_add_filter prototype changed to remove the ctx pointer. The
pointer still remains in the filter structure, but it can not be
a part of the ap_add_filter prototype. The reason is that when
the core uses AddFilter to add a filter to the stack it doesn't
know how to allocate the ctx pointer, or even how much memory should
be allocated. The filters will have to be responsible for allocating
the ctx memory when they need it.
[Ryan Bloom]
*) Add an AddFilter directive. This directive takes a list of filters
that should be activated for the requested resource.
[Ryan Bloom]
*) apr_snprintf(): Get quad format strings working on OS/390 (and perhaps
some other platforms). [Jeff Trawick]
*) Modify mod_include to be a filter. Currently, it has only been tested
on actual files, but it should work for CGI scripts too.
[Ryan Bloom]
*) apr_putc(), apr_puts() for Unix: handle buffered files and interrupted
writes. apr_flush() for Unix: handle interrupted writes.
[Jeff Trawick]
*) NameVirtualHost can now take "*" as an argument instead of
an IP address. This allows you to create a purely name-based
virtual hosting server that does not have any IP addresses in
the configuration file and which ignores the local address
of any connections. PR #5595, PR #4455 [Tony Finch]
*) Fix some compile warnings in mod_mmap_static.c
[Mike Abbott <mja@sgi.com>]
*) Fix chunking problem with CGI scripts. The general problem was that
the CGI modules were adding an EOS bucket and then the core added an
EOS bucket. The chunking filter finalizes the chunked response when it
encounters an EOS bucket. Because two EOS buckets were sent, we
finalized the response twice. The fix is to make sure we only send one
EOS, by utilizing a flag in the request_rec.
[Ryan Bloom]
*) apr_put_os_file() now sets up the unget byte appropriately on Unix
and Win32. Previously, the first read from an apr_file_t set up via
apr_put_os_file() would return a '\0'. [Jeff Trawick]
*) Mod_cgid now creates a single element bucket brigade, with a pipe
bucket, instead of using BUFF's and ap_r*.
[Ryan Bloom]
*) APRVARS.in no longer overwrites the EXTRA_LIBS variable.
[Mike Abbott <mja@sgi.com>]
*) Remove ap_bopenf from buff code. This required modifying the file_cache
code to use APR file's directly instead of going through BUFFs.
[Ryan Bloom]
*) Fix compile break on some platforms for mod_mime_magic.c
[John K. Sterling <sterling@covalent.net>]
*) Fix merging of AddDefaultCharset directive.
PR #5872 (1.3) [Jun Kuriyama <kuriyama@imgsrc.co.jp>]
*) Minor revamp of the rlimit sections of code. We now test
explicitly for setrlimit and getrlimit. Also, unixd_set_rlimit()
is now "available" even if the platform doesn't support
the rlimit family (it's just a noop though). [Jim Jagielski]
*) Migrate the pre-selection of which MPM to use for specific
platforms to hints.m4, which contains (or should contain)
all platform specific "hints". [Jim Jagielski]
*) Remove IOLs from Apache. With filtering, IOLs are no longer necessary
[Ryan Bloom]
*) Add tables with non-string/binary values to APR.
[Ken Coar]
*) Fix some bad calls to ap_log_rerror() in mod_rewrite.
[Jeff Trawick]
*) Update PCRE to version 3.2. [Ryan Bloom]
*) Change the way buckets' destroy functions are called so that
they can be more directly used when changing the type of a
bucket in place. [Tony Finch]
*) Add generic support for reference-counting the resources used by
buckets, and alter the HEAP and MMAP buckets to use it. Change
the way buckets are initialised to support changing the type of
buckets in place, and use it when setting aside TRANSIENT buckets.
Change the implementation of TRANSIENT buckets so that it can be
mostly shared with IMMORTAL buckets, which are now implemented.
[Tony Finch]
Changes with Apache 2.0a6
*) Add support to Apache and APR for dsos on OS/390. [Greg Ames]
*) Add a chunking filter to Apache. This brings us one step closer
to removing BUFF. [Ryan Bloom]
*) ap_add_filter now adds filters in a LIFO fashion. The first filter
added to the stack is the last filter to be called. [Ryan Bloom]
*) Apache 2.0 has been completely documented using Scandoc. The
docs can be generated by running 'make docs'. [Ryan Bloom]
*) Add filtered I/O to Apache. This is based on bucket brigades,
Currently the buckets still use BUFF under the covers, but that
should change quickly. The only currently written filter is the
core filter which just calls ap_bwrite. [The Apache Group]
*) APR locks on Unix: Let APR_LOCKALL locks work when APR isn't
built with thread support. [Jeff Trawick]
*) Abort configuration if --with-layout was specified and there's
no layout definition file. [Ken Coar]
*) Add support for '--with-port=n' option to configure. [Ken Coar]
*) Add support for extension methods for the Allow response header
field, and an API routine for accessing r->allowed and the
list of extension methods in a unified manner. [Ken Coar]
*) mod_cern_meta: fix broken file reading loop in scan_meta_file().
[Rob Simonson <simo@us.ibm.com>]
*) Get xlate builds working again. The apr renaming in 2.0a5 broke
APACHE_XLATE builds. [Jeff Trawick]
*) A configuration file parsing problem was fixed. When the
configuration file started with an IfModule/IfDefine container,
only the last statement in the container would be retained.
[Jeff Trawick]
Changes with Apache 2.0a5
*) Perchild is serving pages after passing them to different child
processes. There are still a lot of bugs, but this does work. I
have made requests against the same installation of Apache, and had
different servers use different user IDs to serve the responses.
This change moves to using socketpair instead of an AF_UNIX socket.
[Ryan Bloom]
*) Perchild MPM still doesn't work perfectly, but it is serving pages.
It can't seem to pass between child processes yet, but I think we
are closer now than before. This moves us back to using Unix
Domain Sockets. [Ryan Bloom]
*) libapr functions and types renamed with apr_ prefix.
#include "apr_compat.h" for 1.3.x backwards compat
[Perl]
*) Fix problems with APR sockaddr handling on Win32. It didn't always
return the right information on the local socket address.
[Gregory Nicholls <gnicholls@level8.com>]
*) ap_recv() on Win32: Set bytes-read to 0 on error.
[Gregory Nicholls <gnicholls@level8.com>]
*) Add an option to not detach from the controlling terminal without
going into single process mode. This allows for much easier
debugging of the process startup code. [Ryan Bloom]
*) ab: don't use perror() to report the failure of an APR function.
[Jeff Trawick]
*) Make dexter, mpmt_pthread, and perchild MPMs not destroy the
scoreboard on graceful restarts.
[Ryan Bloom]
*) Fix segfault/SIGSEGV when running gzip from mod_mime_magic.c.
An invalid ap_proc_t was passed to ap_create_process().
[Jeff Trawick]
*) Allow modules to register filters. Those filters are still
never called, but this is a step in the right direction.
[Ryan Bloom and Greg Stein]
*) Register the mod_cgid daemon process for cleanup so that it is
killed at termination if it does not die when the parent gets
SIGTERM. This change is to fix occasional problems where the
process stays around. Bugs in similar logic in mod_rewrite and
mod_include were also fixed. [Jeff Trawick]
*) Fix a bug in the time handling. Basically, we were imploding a time
in ap_parseHTTPdate, but it had bogus data in the exploded time format.
Namely, tm_usec and tm_gmtoff were not filled out. ap_implode_time
uses those two fields to adjust the time value. Because of the HTTP
spec, both of those values can be zero'ed out safely. This fixes
the bug correctly. [Ryan Bloom]
*) Fix a couple of place in the Windows code where the wrong error
code was being returned. [Gregory Nicholls <gnicholls@level8.com>]
*) Fix POOL_DEBUG (at least for prefork mpm). [Dean Gaudet]
*) Added the APR_EOL_STR macro for platform dependent differences in
logfiles and other raw text (such as all APR files). Fixes logfiles
not terminated with cr/lf sequences in Win32. [William Rowe]
*) Move all strings functions in APR to src/lib/apr/strings and create
apr_strings.h for the prototypes. [Ryan Bloom]
*) APR lock fixes: when using SysV sems, flock(), or fcntl(), be sure
to repeat the syscall until we stop getting EINTR. I noticed a
related problem at termination (SIGTERM) on FreeBSD when using
fcntl(). Apache 1.3 had these new loops too. Also, make the flock()
implementation work properly with child init. Previously, ap_lock()
was essentially a no-op because all children were using different
locks and thus nobody ever blocked. [Jeff Trawick]
*) The htdocs/ tree has been moved out of the CVS source tree into
a separate area for easier development. This has NO EFFECT on
end-users or Apache installations. [Ken Coar]
*) Integrate the mod_dav module for WebDAV protocol handling. This
adds the dav and dav_fs modules, the SDBM library, and additional
XML handling utilities. [Greg Stein]
*) Clean out obsolete names (from httpd.h) for the HTTP Status Codes
[Greg Stein]
*) Update the lib/expat-lite/ library (bring forward changes from
the Apache 1.3 repository). [Greg Stein]
*) If sizeof(long long) == sizeof(long), then prefer long in APR
configure.in. [Dave Hill <ddhill@zk3.dec.com>]
*) Add ap_sendfile for Tru64 Unix. Also, add an error message for
machines where sendfile is detected, but nobody has written ap_sendfile.
[Dave Hill <ddhill@zk3.dec.com>]
*) Compile fixes in mod_mmap_static. [Victor J. Orlikowski]
*) ab would start up more connections than needed, then quit when the
desired number were finished. Also fixed a logic error involving
ab keepalives. [Victor J. Orlikowski]
*) WinNT: Implement non-blocking pipes with timeouts to communicate
with CGIs. Apache 2.0a4 had non-blocking pipes but without
timeouts (i.e, if a timeout was specified, the pipe reverted to
a full blocking pipe). Now the behaviour is more in line with
Unix non-blocking pipes.
[Bill Stoddard]
*) WinNT: Implement accept socket reuse. Using mod_file_cache to
cache open file handles along with accept socket reuse enables
Apache 2.0 to serve non-keepalive requests for static files at
3x the rate of Apache 1.3.(e.g, Apache 1.3 will serve 400 rps
and Apache 2.0 will serve almost 1200 rps on my system).
[Bill Stoddard]
*) Merge mod_mmap_static function into mod_file_cache. mod_file_cache
supports two config directives, mmapfile (same behavious as
mod_mmap_static) and cachefile. Use the cachefile directive
to cache open file handles. This directive only works on systems
that have implemented the ap_sendfile API. cachefile works today
on Windows NT, but has not been tested on any flavors of Unix.
[Bill Stoddard]
*) Cleanup the configuration. With the last few changes the
configuration process automatically:
inherits information about how to build from APR. Allowing
APR to inform Apache that it should or should not use -ldl
Detects which mod_cgi should be used mod_cgi or mod_cgid,
based on the threading model
Apache calls APR's configure process before finishing it's
configuration processing, allowing for more information flow
between the two.
[Ryan Bloom]
*) Change Unix and Win32 ap_setsockopt() so that APR_SO_NONBLOCK
with non-zero argument makes the socket non-blocking. BeOS and
OS/2 already worked this way. [Jeff Trawick]
*) ap_close() now calls ap_flush() for buffered files, so write
operations work a whole lot better on buffered files.
[Jeff Trawick]
*) Fix error messages issued from MPMs which explain where to change
compiled-in limits (e.g., ThreadsPerChild, MaxClients, StartTreads).
[Greg Ames]
*) ap_create_pipe() now leaves pipes in blocking state. (This helps
reduce the number of syscalls on Unix.) ap_set_pipe_timeout() is
now the way that the blocking state of a pipe is manipulated.
ap_block_pipe() is gone. [Jeff Trawick]
*) Correct the problem where the only local host name that the IP stack
can discover are 'undotted' private names. If no fully qualified
domain name can be identified, the default ServerName will be set to
the machine's IP address string. A warning is always provided if the
ServerName not specified, but assumed. Solves PR6215 [William Rowe]
*) Repair problems with config file processing which caused segfault
at init when virtual hosts were defined and which caused ServerName to
be ignored when there was no valid DNS setup. [Jeff Trawick]
*) Removed pointless ap_is_aborted macro function. [Roy Fielding]
*) Add ap_sendfile implementation for AIX
[Victor J. Orlikowski]
*) Repair C++ compatibility in ap_config.h, apr_file_io.h,
apr_network_io.h, and apr_thread_proc.h.
[Tyler J. Brooks <tylerjbrooks@home.com>, Jeff Trawick]
*) Bring the allocation and pool debugging code back into a working
state. This will need to be tested as so far it's only been used on
BeOS. [David Reid]
*) Change configuration command setup to be properly typesafe when in
maintainer mode. Note that this requires a compiler that can initialise
unions. [Ben Laurie]
*) Turn on buffering for config file reads. Part of this was to
repair buffered I/O support in Unix and implement buffered
ap_fgets() for all platforms. [Brian Havard, Jeff Trawick]
*) Win32: Fix problem where UTC offset was not being set correctly
in the access log. Problem reported on news group by Jerry Baker.
[Bill Stoddard]
*) Fix segfault when reporting this type of syntax error:
"</container> without matching <container> section", where
container is VirtualHost or Directory or whatever.
[Jeff Trawick]
*) SECURITY: CAN-2000-1204 (cve.mitre.org)
Prevent the source code for CGIs from being revealed when
using mod_vhost_alias and the CGI directory is under the document root
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
and a user makes a request like http://www.example.com//cgi-bin/cgi
as reported in <news:960999105.344321@ernani.logica.co.uk>
[Tony Finch]
*) Add support for the new Beos NetwOrking Environment (BONE)
[David Reid]
*) xlate: ap_xlate_conv_buffer() now tells the caller when the
final input char is incomplete; ap_bwrite_xlate() now handles
incomplete final input chars. [Jeff Trawick]
*) Yet another update to saferead/halfduplex stuff -- need to ensure
that a bhalfduplex call occurs before logging or else DNS and
such can delay the last packet of the response. [Dean Gaudet]
*) Some syscall reduction in APR on unix -- don't seek when setting
up an mmap; and don't fcntl() more than once per socket.
[Dean Gaudet]
*) When mod_cgid is started as root, the cgi daemon now switches
to the configured User/Group (like other httpd processes)
instead of continuing as root. [Jeff Trawick]
*) The prefork MPM now uses an APR lock for the accept() mutex.
It has not been getting a lock at all recently. httpd -V now
displays APR's selection of the lock mechanism instead of the
symbols previously respected by prefork. [Jeff Trawick]
*) Change the mmap() feature test to check only for existence.
The previous check required features not used by Apache.
[Greg Ames]
*) Fix a couple of bugs in mod_cgid: The cgi arguments were
sometimes mangled. The len parm to accept() was not
initialized, leading sometimes to an endless loop of failed
accept() calls on OS/390 and anywhere else that failed the call
if the len was negative. Use <sys/un.h> for struct sockaddr_un
instead of declaring it ourselves to fix a compilation problem
on Solaris. [Jeff Trawick]
*) Add Resource limiting code back into Apache 2.0. [Ryan Bloom]
*) Fix zombie process problem with mod_cgi. [Jeff Trawick]
*) Port mod_mmap_static to 2.0. Make it go faster. [Greg Ames]
*) Fix storage overlay when loading dsos. Symptom: Apache dies at
initialization if ALLOC_DEBUG is defined; no known symptom
otherwise. [Jeff Trawick]
*) Fix typo in configure script when checking for mod_so. bash
doesn't seem to have a problem but /bin/sh on Solaris does.
Symptom: "./configure: test: unknown operator =="
[Jeff Trawick]
*) Rebind the Win32 NT and 9x services control into the MPM.
All console, WinNT SCM and Win9x pseudo-service control code is
now wrapped within the WinNT MPM.
[William Rowe]
*) Make a copy of getenv("PATH") before storing for later use. Some
getenv() implementations use the same storage for successive calls.
CGIs on OS/390 had a bad PATH due to this. [Jeff Trawick]
*) Server Tokens work in 2.0 again. This also propogates the change
to allow just the product name in the server string using
PRODUCT_ONLY.
[Ryan Bloom]
Changes with Apache 2.0a4
*) EBCDIC: Rearrange calls to ap_checkconv() so that most handlers
won't need to call it. [Greg Ames, Jeff Trawick]
*) Move pre_config hook call to between configuration read and config
tree walk. This allows all modules to implement pre_config hooks
and know that they will be called at an appropriate time.
[Ryan Bloom]
*) mod_cgi, mod_cgid: Make ScriptLog directive work again.
[Jeff Trawick]
*) Add pre-config hooks back to all modules.
[Ryan Bloom]
*) Fix a SIGSEGV in ap_md5digest(), which is used when you have
ContentDigest enabled and we can't/don't mmap the file.
[Jeff Trawick]
*) We now report the correct line number for syntax errors in config
files. [Ryan Bloom, Greg Stein, Jeff Trawick]
*) Brought mod_auth_digest up to synch with 1.3, fixed ap_time_t-
related bugs, and changed shmem/locking to use apr API. Shared-mem
is currently disabled, however, because of problems with graceful
restarts. [Ronald Tschalär]
*) Fix corruption of IFS variable in --with-module= handling.
Depending on the user's shell or customization thereof, there
would be errors generating ap_config_auto.h later in the configure
procedure. [Jeff Trawick]
*) mod_cgi: Restore logging of stderr from child process when ScriptLog
isn't used (as in 1.3), except that on Unix it is now logged via
ap_log_rerror() instead of by the child having STDERR_FILENO refer
to the error log. [Greg Ames, Jeff Trawick]