Newer
Older
[Bill Stoddard]
*) top_module global variable renamed to ap_top_module [Perl]
*) Move ap_set_last_modified to the core. This is a potentially
controversial change, because this is kind of HTTP specific. However
many protocols should be able to take advantage of this kind of
information. I expect that headers will need one more layer of
indirection for multi-protocol work, but this is a small step in
the right direction. [Ryan Bloom]
*) Enable mod_status by default. This matches what Apache 1.3 does.
[Ed Korthof]
*) Add a ScriptSock directive to the default config file. This is
only enabled when mod_cgid is used.
*) Untangled the buildconf script and eliminated the need for build's
aclocal.m4, generated_lists, build.mk, build2.mk, and a host of other
libtool muck that is now under srclib/apr/build. [Roy Fielding]
*) Win32: Don't accept more connections than we have worker threads
to handle.
[Bill Stoddard]
Bill Stoddard
committed
*) Fix bug in the Unix threaded.c MPM that allowed child processes
to fork() new child processes.
[Bill Stoddard]
*) SECURITY: Fix a major security problem with double-reverse lookup
checking. Previously, a client connecting over IPv4 would not be
matched properly when the server had an IPv6 listening socket.
*) Change the way the beos MPM handles polling to allow it to stop and
restart. Problem was the sockets being polled were being reset by
the select call, so once it had accepted a connection it was no
longer listening on the UDP socket we use for shutdown instructions.
APR needs to be altered, patch on it's way. [David Reid]
*) Empty out the brigade shared by ap_getline()/ap_get_client_block()
on error exit from ap_getline(). Some other code got upset because
the wrong data was in the brigade. [Greg Ames, Jeff Trawick]
*) Handle ap_discard_request_body() being called more than once.
[Greg Ames, Jeff Trawick]
*) Get rid of an inadvertent close of file descriptor 2 in
mod_mime_magic. [Greg Ames, Jeff Trawick]
*) Add a hook, create_request. This hook allows modules to modify
a request while it is being created. This hook is called for all
request_rec's, main request, sub request, and internal redirect.
When this hook is called, the r->main, r->prev, r->next
pointers have been set, so modules can determine what kind of
request this is. [Ryan Bloom]
*) Cleanup the build process a bit more. The Apache configure
script no longer creates its own helper scripts, it just
uses APR's.
*) Stop the forced downgrade of the connection to HTTP/1.0 for
proxy requests. [Graham Leggett]
*) Avoid using sscanf to determine the HTTP protocol number in
the common case because sscanf is a performance hog. From
Mike Abbot's Accelerating Apache patch number 6.
*) SECURITY: Fix a security exposure in mod_access. Previously when
IPv6 listening sockets were used, allow/deny-from-IPv4-address rules
were not evaluated properly (PR #7407). Also, add the ability to
specify IPv6 address strings with optional prefix length on Allow
and Deny. [Jeff Trawick]
*) Enhance rotatelogs so that a UTC offset can be specified, and
the logfile name can be formatted using strftime(3). (Brought
forward from 1.3.) [Ken Coar]
*) Reimplement the Windows MPM (mpm_winnt.c) to eliminate calling
DuplicateHandle on an IOCompletionPort (a practice which
MS "discourages"). The new model does not rely on associating
the completion port with the listening sockets, thus the
completion port can be completely managed within the child
process. A dedicated thread accepts connections off the network,
then calls PostQueuedCompletionStatus() to wake up worker
threads blocked on the completion port.
[Bill Stoddard]
*) Bring forward the --suexec-umask option which allows the
builder to preset the umask for suexec processes. [Ken Coar]
*) Add a -V flag to suexec, which causes it to display the
compile-time settings with which it was built. (Only
usable by root or the AP_HTTPD_USER username.) [Ken Coar]
*) Mod_include should always unset the content-length if the file is
going to be passed through send_parsed_content. There is no to
determine if the content will change before actually scanning the
entire content. It is far safer to just remove the C-L as long
as we are scanning it. [Ryan Bloom]
*) Make sure Apache sends WWW-Authenticate during a reverse proxy
request and not Proxy-Authenticate.
Changes with Apache 2.0.14
*) Fix content-length computation. We ONLY compute a content-length if
We are not in a 1.1 request and we cannot chunk, and this is a keepalive
or we already have all the data. [Ryan Bloom]
*) Report unbounded containers in the config file. Previously, a typo
in the </container> directive could result in the rest of the config
file being silently ignored, with undesired defaults used.
[Jeff Trawick]
*) Make the old_write filter use the ap_f* functions for the buffering.
[Ryan Bloom]
*) Move more code from the http module into the core server. This
is core code, basically the default handler, the default input
and output filters, and all of the core configuration directives.
All of this code is required in order for the server to work, with or
without HTTP. The server is closer to working without the HTTP
module, although there is still more to do. [Ryan Bloom]
*) Fix a number of SGI compile warnings throughout the server. Fix some
bad parameters to apr_bucket_read(). Fix a bad statement in
ap_method_in_list(). For the mod_rewrite cache use apr_time_t
consistently; we were mixing apr_time_t and time_t in invalid ways
before. In load_file(), call apr_dso_error() instead of
apr_strerror() so that we get a more specific string on some platforms.
PR #6980 [Jeff Trawick]
*) Allow modules to query the MPM about it's execution profile. This
query API can and should be extended in the future, but for now,
max_daemons, and threading or forking is a very good start.
*) Modify mod_include to send blocks of data no larger than 9k.
Without this, mod_include will wait until the whole file is parsed,
or the first tag is found to send any data to the client.
*) Fix mod_info, so that <Directory> and <Location> directives are
not displayed twice when displaying the current configuration.
*) Add config directives to override DEFAULT_ERROR_MSG and
DEFAULT_TIME_FORMAT. This was sent in as PR 6193.
*) Get mod_info building and loading on Win32. [William Rowe]
*) Begin to move protocol independant functions out of mod_http. The goal
is to have only functions that are HTTP specific in the http directory.
[Ryan Bloom]
Changes with Apache 2.0.13
*) Don't assume that there will always be multiple calls to the byterange
filter. It is possible that we will need to do byteranges with only
*) Move the error_bucket definition from the http module to the
core server. Every protocol will need this ability, not just
HTTP. [Ryan Bloom]
Changes with Apache 2.0.12
*) Modify mod_file_cache to save pre-formatted strings for
content-length and last-modified headers for performance.
*) Namespace protect IOBUFSIZ since it is exposed in the API.
*) Use "Basic" authentication instead of "basic" in ab, as the spec
*) Fix a seg fault in mod_userdir.c. We used to use the pw structure
without ever filling it out. This fixes PR 7271.
[Taketo Kabe <kabe sra-tohoku.co.jp> and
Cliff Woolley <cliffwoolley yahoo.com>]
*) Add a couple of GCC attribute tags to printf style functions.
*) Add the correct language tag for interoperation with the Taiwanese
versions of MSIE and Netscape. [Clive Lin <clive CirX.ORG>] PR#7142
*) Migrate the perchild MPM to use the new apr signal child, and
APR thread functions. [Ryan Bloom]
*) Close one copy of the CGI's stdout before creating the new process.
The CGI will still have stdout, because we have already dup'ed it.
This keeps Apache from waiting forever to send the results of a CGI
process that has forked a long-lived child process.
*) Remove the rest of the pthreads functions from the threaded MPM.
This requires the APR support for a signal thread that was just
added. [Ryan Bloom]
*) Make mod_dir use a fixup for sending a redirect to the browser.
Before this, we were using a handler, which doesn't make much
sense, because the handler wasn't generating any data, it would
either return a redirect error code, or DECLINED. This fits the
*) Make the threaded MPM use APR threads instead of pthreads.
[Ryan Bloom]
*) Get mod_tls to the point where it actually appears to work in all cases.
[Ben Laurie]
*) implement --enable-modules and --enable-mods-shared for "all" and
"most". [Greg Stein]
*) Move the threaded MPM to use APR locks instead of pthread locks.
[Ryan Bloom]
*) Rename mpmt_pthread to threaded. This is more in line with the
fact that mpmt_pthread shouldn't be using pthreads directly, and
it is a smaller name that doesn't tie into anything.
[Ryan Bloom]
*) Rename the module structures so that the exported symbol matches
the file name, and it is easier to automate the installation
process (generating LoadModule directives from the module filenames).
[Martin Kraemer]
*) Remove the coalesce filter. With the ap_f* functions, this filter
is no longer needed. [Ryan Bloom]
Changes with Apache 2.0.11
*) Remove the dexter MPM. Perchild is the same basic idea, but it has the
added feature of allowing a uid/gid per child process. If no
uid/gid is specified, then Perchild behaves exactly like dexter.
[Ryan Bloom]
*) Get perchild building again. [Ryan Bloom]
*) Don't disable threads just because we are using the prefork MPM.
If somebody wants to compile without threads, they must now add
--disable-threads to the configure command line. [Ryan Bloom]
*) Begin to move the calls to update_child_status into common code, so
that each individual MPM does not need to update the scoreboard itself.
[Ryan Bloom]
*) Allow mod_tls to compile under Unix boxes where openssl has been
installed to the system include files.
*) Cleanup the mod_tls configure process. This should remove any need
to hand-edit any files. We require OpenSSL 0.9.6 or later, but
configure doesn't check that yet. [Ryan Bloom]
*) Add a very early prototype of SSL support (in mod_tls.c). It is
vital that you read modules/tls/README before attempting to build
it. [Ben Laurie]
*) Fix a potential seg fault on all platforms. David Reid fixed this
on BEOS, but the problem could happen anywhere, so we don't want
*) Add new LogFormat directive, %D, to log time it takes to serve a
request in microseconds. [Bill Stoddard]
*) Change AddInputFilter and AddOutputFilter to SetInputFilter and
SetOutputFilter. This corresponds nicely with the other Set
directives, which operate on containers while the Add* directives
tend to work directly on extensions. [Ryan Bloom]
*) Cleanup the header handling a bit. This uses the apr_brigade_*
functions for the buffering so that we don't need to compute
the length of the headers before we actually create the header
buffer. [Ryan Bloom]
*) Allow filters to buffer data using the ap_f* functions. These have
become macros that resolve directly to apr_brigade_*.
[Ryan Bloom]
*) Get the Unix MPM's to do a graceful restart again. If we are going
to register a cleanup with ap_cleanup_scoreboard, then we have to
kill the cleanup with the same function, and that function can't be
static. [Ryan Bloom]
*) Install all required header files. Without these, it was not
possible to compile some modules outside of the server.
[Ryan Bloom]
*) Fix the AliasMatch directive in Apache 2.0. When we brought a patch
forward from 1.3 to 2.0, we missed a single line, which broke regex
aliases. [Ryan Bloom]
*) We have a poor abstraction in the protocol. This is a temporary
hack to fix the bug, but it will need to be fixed for real. If
we find an error while sending out a custom error response, we back
up to the first non-OK request and send the data. Then, when we send
the EOS from finalize_request_protocol, we go to the last request,
to ensure that we aren't sending an EOS to a request that has already
received one. Because the data is sent on a different request than
the EOS, the error text never gets sent down the filter stack. This
fixes the problem by finding the last request, and sending the data
with that request. [Ryan Bloom]
*) Make the server status page show the correct restart time, and
thus the proper uptime. [Ryan Bloom]
*) Move the CGI creation logic from mod_include to mod_cgi(d). This
should reduce the amount of duplicate code that is required to
create CGI processes.
*) ap_new_connection() closes the socket and returns NULL if a socket
call fails. Usually this is due to a connection which has been
reset. [Jeff Trawick]
*) Move the Apache version information out of httpd.h and into release.h.
This is in preparation for the first tag with the new tag and release
system. [Ryan Bloom]
*) Begin restructuring scoreboard code to enable adding back in
the ability to use IPC other than shared memory.
Get mod_status working on Windows again. [Bill Stoddard]
*) Make mod_status work with 2.0. This will work for prefork,
mpmt_pthread, and dexter. [Ryan Bloom]
*) Really fix mod_rewrite map lookups this time. [Tony Finch]
*) Get the correct IP address if ServerName isn't set and we can't
find a fully-qualified domain name at startup.
*) Make mod_cgid work with SuExec. [Ryan Bloom]
*) Adopt apr user/group name features for mod_rewrite. Eliminates some
'extra' stat's for user/group since they should never occur, and now
resolves the SCRIPT_USER and SCRIPT_GROUP, including on WinNT NTFS
volumes. [William Rowe]
*) Adopt apr features to simplify mod_includes. This changes the
behavior of the USER_NAME variable, unknown uid's are now reported
as USER_NAME="<unknown>" rather than the old user#000 result.
WinNT now resolves USER_NAME on NTFS volumes. [William Rowe]
*) Adopt apr features for simplifing mod_userdir, and accept the new
Win32/OS2 exceptions without hiccuping. [William Rowe]
*) Replace configure --with-optim option by using and saving the
environment variable OPTIM instead. This is needed because configure
options do not support multiple flags separated by spaces.
[Roy Fielding]
*) Fix some byterange handling. If we get a byte range that looks like
"-999999" where that is past the end of the file, we should return
a PARTIAL CONTENT status code, and return the whole file as one big
byterange. This matches the 1.3 handling now. [Ryan Bloom]
*) Make the error bucket a real meta-data bucket. This means that the
bucket length is 0, and a read returns NULL data. If one of these
buckets is passed down after the headers are sent, this data will
just be ignored. [Greg Stein]
*) The prefork MPM wasn't killing child processes correctly if a restart
signal was received while the process was serving a request. The child
process would become the equivalent of a second parent process. If
we break out of the accept loop, then we need to do die after cleaning
up after ourselves. [Ryan Bloom]
*) Change the Prefork MPM to use SIGWINCH instead of SIGUSR1 for graceful
restarts. [Ryan Bloom]
*) Modify the apr_stat/lstat/getfileinfo calls within apache to use
the most optimal APR_FINFO_wanted bits. This spares Win32 from
performing very expensive owner, group and permission lookups
and allows the server to function until these apr_finfo_t fields
are implemented under Win32. [William Rowe]
*) Support for typedsafe optional functions - that is functions exported by
optional modules, which, therefore, may or may not be present, depending
on configuration. See the experimental modules mod_optional_fn_{ex,im}port
for sample code. [Ben Laurie]
*) filters can now report an HTTP error to the server. This is done
by sending a brigade where the first bucket is an error_bucket.
This bucket is a simple bucket that stores an HTTP error and
a string. Currently the string is not used, but it may be needed
to output an error log. The http_header_filter will find this
bucket, and output the error text, and then return
AP_FILTER_ERROR, which informs the server that the error web page
has already been sent. [Ryan Bloom]
*) If we get an error, then we should remove all filters except for
those critical to serving a web page. This fixes a bug, where
error pages were going through the byterange filter, even though
that made no sense. [Ryan Bloom]
*) Relax the syntax checking of Host: headers in order to support
iDNS. PR#6635 [Tony Finch]
*) Cleanup the byterange filter to use the apr_brigade_partition
and apr_bucket_copy functions. This removes a lot of very messy
code, and hopefully makes this filter more stable.
[Ryan Bloom]
*) Remove AddModule and ClearModuleList directives. Both of these
directives were used to ensure that modules could be enabled
in the correct order. That requirement is now gone, because
we use hooks to ensure that modules are in the correct order.
[Ryan Bloom]
*) When SuExec is specified, we need to add it to the list of
targets to be built. If we don't, then any changes to the
configuration won't affect SuExec, unless 'make suexec' is
specifically run. [Ryan Bloom]
*) Cleaned out open_file from mod_file_cache, as apr now accepts
the APR_XTHREAD argument to open a file for consumption by
parallel threads on win32. [William Rowe]
*) Correct a bug in determining when we follow symlinks. The code
expected a stat -1 result, not an apr_status_t positive error.
Also check if the APR_FINFO_USER fields are valid before we
follow the link. [William Rowe]
*) Move initgroupgs, ap_uname2id and ap_gname2id from util.c to
mpm_common.c. These functions are only valid on some platforms,
so they should not be in the main-line code. [Ryan Bloom]
*) Remove ap_chdir_file(). This function is not thread-safe,
and nobody is currently using it. [Ryan Bloom]
*) Do not try to run make depend if there are no .c files in the
current directory, doing so makes `make depend` fail.
[Ryan Bloom]
*) Update highperformance.conf to work with either prefork or
pthreads mpms. [Greg Ames]
*) Stop checking to see if this is a pipelined request if we know
for a fact that it isn't. Basically, if r->connection->keepalive == 0.
This keeps us from making an extra read call when serving a 1.0
request. [Ryan Bloom and Greg Stein]
*) Fix the handling of variable expansion look-ahead in mod_rewrite,
i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of
more complicated nested RewriteMap lookups. PR#7087 [Tony Finch]
*) Fix the RFC number mentioned when complaining about a missing
*) Fix an endless loop in ab which occurred when ab was posting
and the server dropped the connection unexpectedly.
[Jeff Trawick]
*) Fix a segfault while handling request bodies in ap_http_filter().
This problem has been seen with mod_dav usage as well as with
requests where the body was just being discarded. [Jeff Trawick]
*) Some adjustment on the handling and automatic setting (via
hints.m4) of various compilation flags (eg: CFLAGS). Also,
add the capability to specify flags (NOTEST_CFLAGS and
NOTEST_LDFLAGS) which are used to compile Apache, but
not used during the configuration process. Useful for
flags like "-Werror". [Jim Jagielski]
*) Stop using environment variables to force debug mode or
no detach. We now use the -D command line argument to
specify the correct mode. -DONE_PROCESS and -DNO_DETACH.
*) Change handlers to use hooks. [Ben Laurie]
*) Stop returning copies of filenames from both apr_file_t and
apr_dir_t. We pstrdup the filenames that we store in the
actual structures, so we don't need to pstrdup the strings again.
[Ryan Bloom]
*) mod_cgi: Fix some problems where the wrong error value was being
traced. [Jeff Trawick]
*) EBCDIC: Fix some missing ASCII conversion on some protocol data.
[Jeff Trawick]
*) Add generic hooks. [Ben Laurie]
*) Use a real pool to dup the error log descriptor. [Ryan Bloom]
*) Fix a segfault caused by mod_ext_filter when the external filter
program does not exist. [Jeff Trawick]
*) Fix an output truncation error when on an HTTP >= 1.0 request an
object of size between DEFAULT_BUCKET_SIZE and AP_MIN_BYTES_TO_WRITE
was served through mod_charset_lite (or anything else that would
create a transient bucket in this size range). ap_bucket_make_heap()
silently failed (fixed), transient_setaside() discovered it, but
ap_save_brigade() ignored it (fixed). [Jeff Trawick]
*) Ignore \r\n or \n when using PEEK mode for input filters. The problem
is that some browsers send extra lines at the end of POST requests, and
we don't want to delay sending data back to the user just because the
browser isn't well behaved. [Ryan Bloom]
*) Get SuEXEC working again. We can't send absolute paths to suExec
because it refuses to execute those programs. SuEXEC also wasn't
always recognizing configuration changes made using the autoconf
setup. [Ryan Bloom]
*) Allow the buildconf process to find the config.m4 files in the correct
order. Basically, we can now name config.m4 files as config\d\d.m4,
and we will sort them correctly when inserting them into the build
process. [Ryan Bloom]
*) Get mod_cgid to use apr calls for creating the actual CGI process.
This also allows mod_cgid to use ap_os_create_priviledged_process,
thus allowing for SuExec execution from mod_cgid. Currently, we do
not support everything that standard SuExec supports, but at least
it works minimally now. [Ryan Bloom]
*) Allow SuExec to be configured from the ./configure command line.
[Ryan Bloom]
*) Update some of the docs in README and INSTALL to reflect some of
the changes in Apache 2.0 [Cliff Woolley <cliffwoolley yahoo.com>]
*) If we get EAGAIN returned from the call to apr_sendfile, then we
need to call sendfile again. This gets us serving large files
such as apache_2.0a9.tar.gz on FreeBSD again. [Ryan Bloom]
*) Get the support programs building cleanly again.
*) The Apache/Win32 Apache.exe and dll's now live in bin. The
current directory logic now backs up over bin/ to determine the
server root from the Apache.exe path.
*) Apache/Win32 now follows the standard conventions of mod_foo.so
loadable modules, dynamic libs are all named libfoo.dll, and the
makefile.win populates the include, lib and libexec directories.
*) Apache is now IPv6-capable. On systems where APR supports IPv6,
Apache gets IPv6 listening sockets by default. Additionally, the
Listen, NameVirtualHost, and <VirtualHost> directives support IPv6
numeric address strings (e.g., "Listen [fe80::1]:8080").
[Jeff Trawick]
*) Modify the install directory layout. Modules are now installed in
modules/. Shared libraries should be installed in libraries/, but
we don't have any of those on Unix yet. All install directories
are modifyable at configure time. [Ryan Bloom]
*) Install all header files in the same directory on Unix. [Ryan Bloom]
*) Get the functions in server/linked into the server, regardless of
which modules linked into the server. This uses the same hack
for Apache that we use for APR and apr-util to ensure all of the
necessary functions are linked. As a part of thise, the CHARSET_EBCDIC
was renamed to AP_CHARSET_EBCDIC for namespace protection, and to make
the scripts a bit easier.
[Ryan Bloom]
*) Rework the RFC1413 handling to make it thread-safe, use a timeout
on the query, and remove IPv4 dependencies. [Jeff Trawick]
*) Get all of the auth modules to the point that they will install and
be loadable into the server. Our new build/install mechanism expects
that all modules will have a common name format. The auth modules
didn't use that format, so we didn't install them properly.
[Ryan Bloom]
*) API routines ap_pgethostbyname() and ap_pduphostent() are no longer
available. Use apr_getaddrinfo() instead. [Jeff Trawick]
*) Get "NameVirtualHost *" working in 2.0. [Ryan Bloom]
*) Return HTTP_RANGE_NOT_SATISFIABLE if the every range requested starts
after the end of the response. [Ryan Bloom]
*) Get byterange requests working with responses that do not have a
content-length. Because of the way byterange requests work, we have to
have all of the data before we can actually do the byterange, so we
can compute the content-length in the byterange filter.
[Ryan Bloom]
*) Get exe CGI's working again on Windows.
[Allan Edwards]
*) Get mod_cgid and mod_rewrite to work as DSOs by changing the way
they keep track of whether or not their post config hook has been
called before. Instead of a static variable (which is replaced when
the DSO is loaded a second time), use userdata in the process pool.
[Jeff Trawick]
Changes with Apache 2.0a9
*) Win32 now requires perl to complete the final install step for users
to build + install on Win32. Makefile.win now rewrites @@ServerRoot@
and installs the conf, htdocs and htdocs/manual directories.
[William Rowe]
*) Make mod_include use a hash table to associate directive tags with
functions. This allows modules to implement their own SSI tags easily.
The idea is simple enough, a module can insert it's own tag and function
combination into a hash table provided by mod_include. While mod_include
parses an SSI file, when it encounters a tag in the file, it does a
hash lookup to find the function that implements that tag, and passes
all of the relevant data to the function. That function is then
responsible for processing the tag and handing the remaining data back
to mod_include for further processing.
*) Get rid of ap_new_apr_connection(). ap_new_connection() now has
fewer parameters: the local and remote socket addresses were removed
from the parameter list because all required information is available
via the APR socket. [Jeff Trawick]
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
6644
6645
6646
6647
6648
6649
6650
6651
6652
*) Distribution directory structure reorganized to reflect a
normal source distribution with external install targets.
[Roy Fielding]
*) The MPMs that need multiple segments of shared memory now create
two apr_shmem_t variables, one for each shared memory allocation.
the problem is that we can't determine how much memory will be required
for shared memory allocations once we try to allocate more than one
variable. The MM code automatically aligns the shared memory allocations,
so we end up needing to pad the amount of shared memory we want based
on how many variables will be allocated out of the shared memory segment.
It is just easier to create a second apr_shmem_t variable, and two
shmem memory blocks.
[Ryan Bloom]
*) Cleanup the export list a bit. This creates a single unified list of
functions exported by APR. The export list is generated at configure
time, and that list is then used to generate the exports.c file.
Because of the way the export list is generated, we only export those
functions that are valid on the platform we are building on.
[Ryan Bloom]
*) Enable logging the cookie with mod_log_config
*) Fix a segfault in mod_info when it reaches the end of the configuration.
[Jeff Trawick]
*) Added lib/aputil/ as a placeholder for utility functions which are not
specific to the Apache HTTP Server (but do not make sense with APR).
The first utility is "apu_dbm": a set of functions to work with DBM
files. This first version can be compiled for SDBM or GDBM databases.
[Greg Stein]
*) Complete re-write of mod_include. This makes mod_include a filter that
uses buckets directly. This has now served the FAQ correctly.
6667
6668
6669
6670
6671
6672
6673
6674
6675
6676
6677
6678
6679
6680
6681
6682
6683
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
6702
6703
6704
6705
6706
6707
6708
6709
6710
6711
*) Allow modules to specify the first filter in a sub_request when
making the sub_request. This keeps modules from having to change the
output_filter immediately after creating the sub-request, and therefore
skip the sub_req_output_filter. [Ryan Bloom]
*) Update ab to accept URLs with IPv6 literal address strings (in the
format described in RFC 2732), and to build Host header fields in
the same format. This allows IPv6 literal address strings to be
used with ab. This support has been tested against Apache 1.3 with
the KAME patch, but Apache 2.0 does not yet work with this format
of the Host header field. [Jeff Trawick]
*) Accomodate an out-of-space condition in the piped logs and the
rotatelogs.c code, and no longer churn log processes for this
condition. [Victor J. Orlikowski]
*) Add support for partial writes with apr_sendfile() to core_output_filter.
[Greg Ames]
Changes with Apache 2.0a8
*) Add a directive to mod_mime so that filters can be associated with
a given mime-type.
[Ryan Bloom]
*) Get multi-views working again. We were setting the path_info
field incorrectly if we couldn't find the specified file.
[Ryan Bloom]
*) Fix 304 processing. The core should never try to send the headers
down the filter stack. Always, just setup the table in the request
record, and let the header filter convert it to data that is ready
for the network.
[Ryan Bloom]
*) More fixes for the proxy. There are still bugs in the proxy code,
but this has now proxied www.yahoo.com and www.ntrnet.net (my ISP)
successfully.
[Ryan Bloom]
*) Fix params for apr_getaddrinfo() call in connect proxy handler.
[Chuck Murcko]
*) APR: Add new apr_getopt_long function to handle long options.
6713
6714
6715
6716
6717
6718
6719
6720
6721
6722
6723
6724
6725
6726
6727
6728
6729
6730
6731
6732
6733
6734
6735
6736
6737
6738
6739
6740
6741
6742
6743
6744
6745
6746
6747
6748
6749
6750
6751
*) APR: Change apr_connect() to take apr_sockaddr_t instead of hostname.
Add generic apr_create_socket(). Add apr_getaddrinfo() for doing
hostname resolution/address string parsing and building
apr_sockaddr_t. Add apr_get_sockaddr() for getting the address
of one of the apr_sockaddr_t structures for a socket. Change
apr_bind() to take apr_sockaddr_t. [David Reid and Jeff Trawick]
*) Remove the BUFF from the HTTP proxy. This is still a bit ugly, but
I have proxied pages with it, cleanup will commence soon.
[Ryan Bloom]
*) Make the proxy work with filters. This isn't perfect, because we
aren't dealing with the headers properly. [Ryan Bloom]
*) Do not send a content-length iff the C-L is 0 and this is a head
request. [Ryan Bloom]
*) Make cgi-bin work as a regular directory when using mod_vhost_alias
with no VirtualScriptAlias directives. PR#6829 [Tony Finch]
*) Remove BUFF from the PROXY connect handling. [Ryan Bloom]
*) Get the default_handler to stop trying to deal with HEAD requests.
The idea is to let the content-length filter compute the C-L before
we try to send the data. If we can get the C-L correctly, then we
should send it in the HEAD response.
[Ryan Bloom]
*) The Header filter can now determine if a body should be sent based
on r->header_only. The general idea of this is that if we delay
deciding to send the body, then we might be able to compute the
content-length correctly, which will help caching proxies to cache
our data better. Any handler that doesn't want to try to compute
the content-length can just send an EOS bucket without data and
everything will just work.
[Ryan Bloom]
*) Add the referer to the error log if one is available.
*) Mod_info.c has now been ported to Apache 2.0. As a part of this
change, the root of the configuration tree has been exposed to modules
as ap_conftree.
6758
6759
6760
6761
6762
6763
6764
6765
6766
6767
6768
6769
6770
6771
6772
6773
6774
6775
6776
6777
6778
6779
6780
6781
6782
6783
6784
*) Get the core_output_filter to use the bucket interface directly.
This keeps us from calling the content-length filter multiple times
for a simple static request.
[Ryan Bloom]
*) We are sending the content-type correctly now.
[Ryan Bloom and Will Rowe]
*) APR on FreeBSD: Fix a bug in apr_sendfile() which caused us to report
a bogus bytes-sent value when the only thing being sent was trailers
and writev() returned an error (or EAGAIN). [Jeff Trawick]
*) Get SINGLE_LISTEN_UNSERIALIZED_ACCEPT working again. This uses the
hints file to determine which platforms define
SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
[Ryan Bloom]
*) APR: add apr_get_home_directory() [Jeff Trawick]
*) Initial import of 1.3-current mod_proxy. [Chuck Murcko]
*) Not all platforms have INADDR_NONE defined by default. Apache
used to make this check and define INADDR_NONE if appropriate,
but APR needs the check too, and I suspect other applications will
as well. APR now defines APR_INADDR_NONE, which is always a valid
value on all platforms.
[Branko Čibej <brane xbc.nu>]
*) Destroy the pthread mutex in lock_intra_cleanup() for PR#6824.
6789
6790
6791
6792
6793
6794
6795
6796
6797
6798
6799
6800
6801
6802
6803
6804
6805
6806
6807
6808
6809
6810
6811
6812
6813
6814
6815
6816
6817
6818
6819
6820
6821
6822
6823
6824
6825
6826
6827
6828
6829
6830
6831
6832
6833
6834
6835
6836
6837
6838
6839
6840
6841
6842
6843
6844
6845
6846
6847
6848
6849
6850
6851
6852
6853
6854
6855
6856
6857
6858
6859
6860
6861
6862
6863
6864
6865
6866
6867
6868
*) Relax the syntax checking of Host: headers in order to support
iDNS. PR#6635 [Tony Finch]
*) When reading from file buckets we convert to an MMAP if it makes
sense. This also simplifies the default handler because the
default handler no longer needs to try to create MMAPs.
[Ryan Bloom]
*) BUFF has been removed from the main server. The BUFF code will remain
in the code until it has been purged from the proxy module as well.
[Ryan Bloom]
*) Byteranges have been completely re-written to be a filter. This
has been tested, and I believe it is working correctly, but it could
doesn't work for the Adobe Acrobat plug-in. The output almost matches
the output from 1.3, the only difference being that 1.3 includes
a content-length in the response, and this does not.
[Ryan Bloom]
*) APR read/write functions and bucket read functions now operate
on unsigned integers, instead of signed ones. It doesn't make
any sense to use signed ints, because we return the error codes,
so if we have an error we should report 0 bytes read or written.
[Ryan Bloom]
*) Always compute the content length, whether it is sent or not.
The reason for this, is that it allows us to correctly report
the bytes_sent when logging the request. This also simplifies
content-length filter a bit, and fixes the actual byte-reporing
code in mod_log_config.c
[Ryan Bloom]
*) Remove AP_END_OF_BRIGADE definition. This does not signify what
it says, because it was only used by EOS and FLUSH buckets. Since
neither of those are required at the end of a brigade, this was
really signifying FLUSH_THE_DATA, but that can be determined better
by checking AP_BUCKET_IS_EOS() or AP_BUCKET_IS_FLUSH. EOS and FLUSH
buckets now return a length of 0, which is actually the amount of data
read, so they make more sense.
[Ryan Bloom]
*) Allow the core_output_filter to save some data past the end of a
request. If we get an EOS bucket, we only send the data if it
makes sense to send it. This allows us to pipeline request
responses. As a part of this, we also need to allocate mmap
buckets out of the connection pool, not the request pool. This
allows the mmap to outlive the request.
[Ryan Bloom]
*) Make blocking and non-blocking bucket reads work correctly for
sockets and pipes. These are the only bucket types that should
have non-blocking reads, because the other bucket types should
ALWAYS be able to return something immediately.
[Ryan Bloom]
*) In the Apache/Win32 console window, accept Ctrl+C to stop the
server, but use Ctrl+Break to initiate a graceful restart
instead of duplicating behavior. [John Sterling]
*) Patch mod_autoindex to set the Last-Modified header based on
the directory's mtime, and add the ETag header. [William Rowe]
*) Merge the 1.3 patch to add support for logging query string in
such a way that "%m %U%q %H" is the same as "%r".
[Bill Stoddard]
*) Port three log methods from mod_log_config 1.3 to 2.0:
CLF compliant '-' byte count, method and protocol.
[Bill Stoddard]
*) Add a new LogFormat directive, %c, that will log connection
status at the end of the response as follows:
'X' - connection aborted before the response completed.
'+' - connection may be kept-alive by the server.
'-' - connection will be closed by the server.
[Bill Stoddard]
*) Expand APR for WinNT to fully accept and return utf-8 encoded
Unicode file names and paths for Win32, and tag the Content-Type
from mod_autoindex to reflect that charset if the feature
6870
6871
6872
6873
6874
6875
6876
6877
6878
6879
6880
6881
6882
6883
6884
6885
6886
6887
6888
6889
6890
6891
6892
6893
6894
6895
6896
6897
6898
6899
6900
6901
6902
6903
6904
6905
6906
6907
6908
6909
6910
6911
6912
6913
6914
6915
6916
6917
6918
6919
6920
6921
6922
macro APR_HAS_UNICODE_FS is true. [William Rowe]
*) Compute the content length (and add appropriate header field) for
the response when no content length is available and we can't use
chunked encoding. [Jeff Trawick]
*) Changed ap_discard_request_body() to use REQUEST_CHUNKED_DECHUNK,
so that content input filters get dechunked data when using
the default handler. Also removed REQUEST_CHUNKED_PASS.
[Sascha Schumann]
*) Add mod_ext_filter as an experimental module. This module allows
the administrator to use external programs as filters. Currently,
only filtering of output is supported. [Jeff Trawick]
*) Most Apache functions work on EBCDIC machines again, as protocol
data is now translated (again). [Jeff Trawick]
*) Introduce ap_xlate_proto_{to|from}_ascii() to clean up some of
the EBCDIC support. They are noops on ASCII machines, so this
type of translation doesn't have to be surrounded by #ifdef
CHARSET_EBCDIC. [Jeff Trawick]
*) Fix mod_include. tag commands work again, and the server will
send the FAQ again. This also allows mod_include to set aside
buckets that include partial buckets.
[Ryan Bloom and David Reid]
*) Add suexec support back. [Manoj Kasichainula]
*) Lingering close now uses the socket directly instead of using
BUFF. This has been tested, but since all we can tell is that it
doesn't fail, this needs to be really hacked on.
[Ryan Bloom]
*) Allow filters to modify headers and have those headers be sent to
the client. The idea is that we have an http_header filter that
actually sends the headers to the network. This removes the need
for the BUFF to send headers.
[Ryan Bloom]
*) Charset translation: mod_charset_lite handles translation of
request bodies. Get rid of the xlate version of ap_md5_digest()
since we don't compute digests of filtered (e.g., translated)
response bodies this way anymore. (Note that we don't do it at
all at the present; somebody needs to write a filter to do so.)
[Jeff Trawick]
*) Input filters and ap_get_brigade() now have a input mode parameter
(blocking, non-blocking, peek) instead of a length parameter.
[hackathon]
*) Update the mime.types file to the registered media types as
Tony Finch]
*) Namespace protect some macros declared in ap_config.h
[Ryan Bloom]
*) Support HTTP header line folding with input filtering.
[Greg Ames]
*) Mod_include works again. This should still be re-written, but at
least now we can serve an SHTML page again.
[Ryan Bloom]
*) Begin to remove BUFF from the core. Currently, we keep a pointer
to both the BUFF and the socket in the conn_rec. Functions that
want to use the BUFF can, functions that want to use the socket,
can. They point to the same place.
[Ryan Bloom]
*) apr_psprintf doesn't understand %lld as a format. Make it %ld.
[Tomas Ögren <stric ing.umu.se>]
6944
6945
6946
6947
6948
6949
6950
6951
6952
6953
6954
6955
6956
6957
6958
6959
6960
6961
6962
6963
6964
6965
*) APR pipes on Unix and Win32 are now cleaned up automatically when the
associated pool goes away. (APR pipes on OS/2 were already had this
logic.) This resolvs a fatal file descriptor leak with CGIs.
[Jeff Trawick]
*) The final line of the config file was not being read if there was
no \n at the end of it. This was caused by apr_fgets returning
APR_EOF even though we had read valid data. This is solved by
making cfg_getline check the buff that was returned from apr_fgets.
If apr_fgets return APR_EOF, but there was data in the buf, then we
return the buf, otherwise we return NULL.
[Ryan Bloom]
*) Piped logs work again in the 2.0 series.
[Ryan Bloom]
*) Restore functionality broken by the mod_rewrite security fix:
rewrite map lookup keys and default values are now expanded
so that the lookup can depend on the requested URI etc.
PR #6671 [Tony Finch]
*) SECURITY: Tighten up the syntax checking of Host: headers to fix a
6967
6968
6969
6970
6971
6972
6973
6974
6975
6976
6977
6978
6979
6980
6981
6982
6983
6984
6985
6986
6987
6988
6989
6990
6991
6992
security bug in some mass virtual hosting configurations
that can allow a remote attacker to retrieve some files
on the system that should be inaccessible. [Tony Finch]
*) Add a pool bucket type. This bucket is used for data allocated out
of a pool. If the pool is cleaned before the bucket is destroyed, then
the data is converted to a heap bucket, allowing it to survive the
death of the pool.
[Ryan Bloom]
*) Add a flush bucket. This allows modules to signal that the filters
should all flush whatever data they currently have. There is no way
to actually force them to do this, so if a filter ignores this bucket,
that's life, but at least we can try with this.
[Ryan Bloom]
*) Add an output filter for sub-requests. This filter just strips the
EOS bucket so that we don't confuse the main request's core output
filter by sending multiple EOS buckets. This change also makes sub
requests start to send EOS buckets when they are finished.
[Ryan Bloom]
*) Make ap_bucket_(read|destroy|split|setaside) into macros. Also
makes ap_bucket_destroy a return void, which is okay because it
used to always return APR_SUCCESS, and nobody ever checked its
return value anyway.
*) Remove the index into the bucket-type table from the buckets
structure. This has now been replaced with a pointer to the
bucket_type. Also add some macros to test the bucket-type.
[Ryan Bloom]
*) Renamed all MODULE_EXPORT symbols to AP_MODULE_DECLARE and all symbols