Skip to content
CHANGES 413 KiB
Newer Older
Changes with Apache 2.0.16-dev

  *) Move ap_set_last_modified to the core.  This is a potentially 
     controversial change, because this is kind of HTTP specific.  However
     many protocols should be able to take advantage of this kind of
     information.  I expect that headers will need one more layer of
     indirection for multi-protocol work, but this is a small step in
     the right direction.  [Ryan Bloom]

  *) Enable mod_status by default.  This matches what Apache 1.3 does.
     [Ed Korthof]

  *) Add a ScriptSock directive to the default config file.  This is
     only enabled when mod_cgid is used.  
     [Taketo Kabe <kabe@sra-tohoku.co.jp>]

Ryan Bloom's avatar
Ryan Bloom committed
Changes with Apache 2.0.15

  *) Untangled the buildconf script and eliminated the need for build's
     aclocal.m4, generated_lists, build.mk, build2.mk, and a host of other
     libtool muck that is now under srclib/apr/build.  [Roy Fielding]

  *) Win32: Don't accept more connections than we have worker threads
     to handle.
     [Bill Stoddard]

  *) Fix bug in the Unix threaded.c MPM that allowed child processes
     to fork() new child processes. 
     [Bill Stoddard]
  *) Fix a major security problem with double-reverse lookup checking.  
     Previously, a client connecting over IPv4 would not be matched 
     properly when the server had an IPv6 listening socket.  PR #7407
     [Taketo Kabe <kiabe@sra-tohoku.co.jp>]

  *) Change the way the beos MPM handles polling to allow it to stop and
     restart.  Problem was the sockets being polled were being reset by
     the select call, so once it had accepted a connection it was no
     longer listening on the UDP socket we use for shutdown instructions.
     APR needs to be altered, patch on it's way. [David Reid]

  *) Empty out the brigade shared by ap_getline()/ap_get_client_block()
     on error exit from ap_getline().  Some other code got upset because
     the wrong data was in the brigade.  [Greg Ames, Jeff Trawick]

  *) Handle ap_discard_request_body() being called more than once.
     [Greg Ames, Jeff Trawick]

  *) Get rid of an inadvertent close of file descriptor 2 in
     mod_mime_magic.  [Greg Ames, Jeff Trawick]

  *) Add a hook, create_request.  This hook allows modules to modify
     a request while it is being created.  This hook is called for all
     request_rec's, main request, sub request, and internal redirect.
     When this hook is called, the the r->main, r->prev, r->next
     pointers have been set, so modules can determine what kind of
     request this is.  [Ryan Bloom]

  *) Cleanup the build process a bit more.  The Apache configure
     script no longer creates its own helper scripts, it just
     uses APR's.  
     [jean-frederic clere <jfrederic.clere@fujitsu-siemens.com>]

  *) Stop the forced downgrade of the connection to HTTP/1.0 for
     proxy requests.  [Graham Leggett]

  *) Avoid using sscanf to determine the HTTP protocol number in
     the common case because sscanf is a performance hog. From
     Mike Abbot's Accelerating Apache patch number 6.
     [Mike Abbot <mja@trudge.engr.sgi.com>, Bill Stoddard]
Ken Coar's avatar
 
Ken Coar committed

  *) Fix a security exposure in mod_access.  Previously when IPv6 
     listening sockets were used, allow/deny-from-IPv4-address rules 
     were not evaluated properly (PR #7407).  Also, add the ability to 
     specify IPv6 address strings with optional prefix length on Allow 
     and Deny.  [Jeff Trawick]

Ken Coar's avatar
 
Ken Coar committed
  *) Enhance rotatelogs so that a UTC offset can be specified, and
     the logfile name can be formatted using strftime(3).  (Brought
     forward from 1.3.)  [Ken Coar]

  *) Reimplement the Windows MPM (mpm_winnt.c) to eliminate calling 
     DuplicateHandle on an IOCompletionPort (a practice which
     MS "discourages"). The new model does not rely on associating
     the completion port with the listening sockets, thus the
     completion port can be completely managed within the child 
     process.  A dedicated thread accepts connections off the network,
     then calls PostQueuedCompletionStatus() to wake up worker
     threads blocked on the completion port.
     [Bill Stoddard]
Ken Coar's avatar
 
Ken Coar committed
  *) Bring forward the --suexec-umask option which allows the
     builder to preset the umask for suexec processes.  [Ken Coar]

Ken Coar's avatar
 
Ken Coar committed
  *) Add a -V flag to suexec, which causes it to display the
     compile-time settings with which it was built.  (Only
     usable by root or the AP_HTTPD_USER username.)  [Ken Coar]

  *) Mod_include should always unset the content-length if the file is
     going to be passed through send_parsed_content.  There is no to
     determine if the content will change before actually scanning the
     entire content.  It is far safer to just remove the C-L as long
     as we are scanning it.  [Ryan Bloom]

  *) Make sure Apache sends WWW-Authenticate during a reverse proxy
     request and not Proxy-Authenticate.
     [Graham Leggett <minfrin@sharp.fm>]

  *) Fix content-length computation.  We ONLY compute a content-length if
     We are not in a 1.1 request and we cannot chunk, and this is a keepalive
     or we already have all the data.  [Ryan Bloom]

  *) Report unbounded containers in the config file.  Previously, a typo
     in the </container> directive could result in the rest of the config
     file being silently ignored, with undesired defaults used.
     [Jeff Trawick]

  *) Make the old_write filter use the ap_f* functions for the buffering.
     [Ryan Bloom]

  *) Move more code from the http module into the core server.  This
     is core code, basically the default handler, the default input
     and output filters, and all of the core configuration directives.
     All of this code is required in order for the server to work, with or
     without HTTP.  The server is closer to working without the HTTP
     module, although there is still more to do.  [Ryan Bloom]

  *) Fix a number of SGI compile warnings throughout the server.  Fix some
     bad parameters to apr_bucket_read().  Fix a bad statement in 
     ap_method_in_list().  For the mod_rewrite cache use apr_time_t 
     consistently; we were mixing apr_time_t and time_t in invalid ways 
     before.  In load_file(), call apr_dso_error() instead of 
     apr_strerror() so that we get a more specific string on some platforms.
     PR #6980  [Jeff Trawick]

  *) Allow modules to query the MPM about it's execution profile.  This
     query API can and should be extended in the future, but for now,
     max_daemons, and threading or forking is a very good start.
     [Jon Travis <jtravis@covalent.net>]

  *) Modify mod_include to send blocks of data no larger than 9k.
     Without this, mod_include will wait until the whole file is parsed,
     or the first tag is found to send any data to the client.
     [Paul J. Reder <rederpj@raleigh.ibm.com>]

  *) Fix mod_info, so that <Directory> and <Location> directives are
     not displayed twice when displaying the current configuration.
     [Ryan Morgan <rmorgan@covalent.net>]

  *) Add config directives to override DEFAULT_ERROR_MSG and
     DEFAULT_TIME_FORMAT.  This was sent in as PR 6193.
     [Dan Rench <drench@xnet.com>]

William A. Rowe Jr's avatar
 
William A. Rowe Jr committed
  *) Get mod_info building and loading on Win32.  [William Rowe]

  *) Begin to move protocol independant functions out of mod_http.  The goal
     is to have only functions that are HTTP specific in the http directory.
     [Ryan Bloom]

Changes with Apache 2.0.13

  *) Don't assume that there will always be multiple calls to the byterange 
     filter.  It is possible that we will need to do byteranges with only
     one call to the filter.  [Ryan Morgan <rmorgan@covalent.net>]
  *) Move the error_bucket definition from the http module to the
     core server.  Every protocol will need this ability, not just
     HTTP.  [Ryan Bloom]

  *) Modify mod_file_cache to save pre-formatted strings for 
     content-length and last-modified headers for performance. 
     [Mike Abbot <mja@trudge.engr.sgi.com>]

  *) Namespace protect IOBUFSIZ since it is exposed in the API.
     [Jon Travis <jtravis@covalent.net>]

  *) Use "Basic" authentication instead of "basic" in ab, as the spec
     says we should.  [Andre Breiler <andre.breiler@rd.bbc.co.uk>]

  *) Fix a seg fault in mod_userdir.c.  We used to use the pw structure
     without ever filling it out.  This fixes PR 7271.
     [Taketo Kabe <kabe@sra-tohoku.co.jp> and 
      Cliff Woolley <cliffwoolley@yahoo.com>]

  *) Add a couple of GCC attribute tags to printf style functions.
     [Jon Travis <jtravis@covalent.net>]

  *) Add the correct language tag for interoperation with the Taiwanese
     versions of MSIE and Netscape. [Clive Lin <clive@CirX.ORG>] PR#7142

  *) Migrate the perchild MPM to use the new apr signal child, and 
     APR thread functions.  [Ryan Bloom]

  *) Close one copy of the CGI's stdout before creating the new process.
     The CGI will still have stdout, because we have already dup'ed it.
     This keeps Apache from waiting forever to send the results of a CGI
Loading full blame...