Skip to content
CHANGES 569 KiB
Newer Older
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
Changes with Apache 2.1.0-dev

  [Remove entries to the current 2.0 section below, when backported]
  *) prefork MPM: Use the right permissions for the directory created 
     for gprof support.  [Jim Carlson <jcarlson@jnous.com>]

  *) By default, use the same CC and CPP with which APR was built.
     The user can override with CC and CPP environment variables.
     [Jeff Trawick]

  *) Fix ap_construct_url() so that it surrounds IPv6 literal address
     strings with [].  This fixes certain types of redirection.
     PR 19207.  [Jeff Trawick]

  *) mod_log_config: Add the ability to log the id of the thread 
     processing the request via new %P formats.  [Jeff Trawick]
  *) Fix a problem that caused httpd to linked with incorrect flags
     on some platforms when mod_so was enabled by default, breaking 
     DSOs on AIX.  PR 19012  [Jeff Trawick]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) ssl_toolkit_compat.h and code fixes to build clean on SSLC.
     [William Rowe, Madhusudan Mathihalli]

  *) Fix the inability to log errors like exec failure in
     mod_ext_filter/mod_cgi script children.  This was broken after 
     such children stopped inheriting the error log handle.  
     [Jeff Trawick]
  *) Fix a compile failure with recent OpenSSL and picky compilers
     (e.g., OpenSSL 0.9.7a and xlc_r on AIX).  [Jeff Trawick]

  *) ap_get_mime_headers_core: allocate space for the trailing null
     when folding is in effect.
     PR 18170 [Peter Mayne <PeterMayne@SPAM_SUX.ap.spherion.com>]

  *) Do not bypass output filters when redirecting subrequests internally.
     PR 17629.  [André Malo]

  *) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
     the INCLUDE path to be defined properly.
     PR 11310. [Geoff Thrope <geoff@geoffthorpe.net>]

  *) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
     
  *) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
     autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc). 
     [Geoff Thorpe <geoff@geoffthorpe.net>]

  *) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
     caching. PR 17864.
     [Andreas Leimbacher <andreasl67@yahoo.de>, Madhusudan Mathihalli]

  *) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
  *) mod_negotiation: quality values are now parsed independent from
     the current locale. level values are now really parsed as integers.
     PR 17564.  [André Malo]

  *) Linux 2.4+: enable coredumps when Apache is started as root
     if CoreDumpDir is configured [Greg Ames]

  *) Added the WindowsSocketsWorkaround directive for Windows NT/2000/XP
     to work around problems with certain VPN and Firewall products that 
     have buggy AcceptEx implementations.
     [Allan Edwards w/ suggestions from Bill Stoddard & Bill Rowe]

  *) Extend mod_negotiation to evaluate the environment variables
     no-gzip and gzip-only-text/html the same way as mod_deflate does.
     [André Malo]

  *) mod_rewrite: Fix some problems reporting errors with mapping
     programs (RewriteMap prg:/something).  [Jeff Trawick]

  *) Fix mod_rewrite's handling of absolute URIs. The escaping routines
     now work scheme dependent and the query string will only be
     appended if supported by the particular scheme.  [André Malo]

  *) Return 413 if chunk-ext-header is too long rather than reading from
     the truncated line.  PR 15857.  [Justin Erenkrantz]

  *) If mod_mime_magic does not know the content-type, do not attempt to
     guess.  PR 16908.  [Andrew Gapon <agapon@telcordia.com>]

  *) Allow restart of httpd to occur even with syntax errors in the config
     file.  PR 16813.  [Justin Erenkrantz]

  *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure.  PR 15679.
     [Justin Erenkrantz]

  *) Remove files on 'make distclean' that should be.  PR 15592.
     [Justin Erenkrantz]

  *) Allow apachectl to perform status with links and elinks as well.
     [Justin Erenkrantz]

  *) Extend the SetEnvIf directive to capture subexpressions of the
     matched value.  [André Malo]

  *) mod_log_config change optional hook to return previous handler
     [Ian Holsman]

  *) Forward port of mod_actions' ability to handle arbitrary methods
     with the Script directive.  [André Malo]

  *) Let suexec send a message to stderr, if it failed or its policy
     was violated. This message appears in the error log and allows
Andre Malo's avatar
Andre Malo committed
     for easier debugging. PR 5381, 7638, 8255, 10773.  [André Malo]
  *) Modify buildconf to copy all required files into httpd's tree.
     [Thom May <thom@planetarytramp.net>]

  *) Allow mod_dav to do weak entity comparison functions.
     [Justin Erenkrantz]

  *) mod_negotiation: Introduce "prefer-language" environment variable,
     which allows to influence the negotiation process on request basis
     to prefer a certain language.  [André Malo]

Ken Coar's avatar
Ken Coar committed
  *) Added AllowEncodedSlashes directive which permits request URIs
     to encode '/' as '%2f' and pass it to scripts in path-info without
     triggering the 'no encoded slashes anywhere' legacy rule.
     PR 543, 2389, 3581, 3589, 5687, 7066, 7865, 14639.  [Ken Coar]

Andre Malo's avatar
Andre Malo committed
  *) Move RFC 1413 ident requests from core to new module mod_ident.
     [André Malo]

Andre Malo's avatar
Andre Malo committed
  *) Add mod_authz_owner - a forward port of "Require file-owner"
     and "Require file-group", which was already present in version
     1.3.21.  [André Malo]

  *) Add mod_dav_lock - a generic subset of the DAV locking implementation.
     [Justin Erenkrantz]

  *) Replace some of the mutex locking in the worker MPM with
     atomic operations for higher concurrency.  [Brian Pane]

  *) Allow 'make depend' to work with non-GCC compilers.
     [Justin Erenkrantz]

  *) If an httpd.conf has commented out AddModule directives, 
     apxs -i -a will add an un-commented AddModule directive for 
     the new module, which breaks the config.
     PR: 11212 [Joe Orton]
William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  *) Fix mod_proxy handling of filtered input bodies.  [Justin Erenkrantz]

  *) Move the check of the Expect request header field after the hook
     for ap_post_read_request, since that is the only opportunity for
     modules to handle Expect extensions.  [Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Rewrite of aaa modules to an authn/authz model.
     [Dirk-Willem van Gulik, Justin Erenkrantz]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed

  [Apache 2.1.0-dev includes those bug fixes and changes with the
   Apache 2.0.xx tree as documented, and except as noted, below.]

Changes with Apache 2.0.46

Andre Malo's avatar
Andre Malo committed
  *) When using Redirect in directory context, append requested query
     string if there's no one supplied by configuration. PR 10961.
     [André Malo]

Andre Malo's avatar
Andre Malo committed
  *) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise
     the pattern will not always match as desired. PR 12596.
     [André Malo]

  *) mod_autoindex now emits and accepts modern query string parameter
     delimiters (;). Thus column headers no longer contain unescaped
     ampersands. PR 10880  [André Malo]

  *) Enable ap_sock_disable_nagle for Windows. This along with the  
     addition of  APR_TCP_NODELAY_INHERITED to apr.hw will cause Nagle 
     to be disabled for Windows. [Allan Edwards]

  *) Fix a build problem with passing unsupported --enable-layout
     args to apr and apr-util.  This broke binbuild.sh as well as
     user-specified layout parameters.  PR 18649 [Justin Erenkrantz,
     Jeff Trawick]

  *) If a Date response header was already set in the headers array,
     this value was ignored in favour of the current time. This meant
     that Date headers on proxied requests where rewritten when they
     should not have been. PR: 14376 [Graham Leggett]

Graham Leggett's avatar
Graham Leggett committed
  *) Add code to buildconf that produces an httpd.spec file from
     httpd.spec.in, using build/get-version.sh from APR.
     [Graham Leggett]

  *) Fixed a segfault when multiple ProxyBlock directives were used.
     PR: 19023 [Sami Tikka <sami.tikka@f-secure.com>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) SECURITY [CAN-2003-0134] OS2: Fix a Denial of Service vulnerability 
     identified and reported by Robert Howard <rihoward@rawbw.com> that 
     where device names faulted the running OS2 worker process.
     The fix is actually in APR 0.9.4.  [Brian Havard]

Loading full blame...