diff --git a/trunk/.gdbinit b/trunk/.gdbinit
new file mode 100644
index 0000000000000000000000000000000000000000..672b392c86ff51f749f713551f1cd3f92a362a94
--- /dev/null
+++ b/trunk/.gdbinit
@@ -0,0 +1,277 @@
+# gdb macros which may be useful for folks using gdb to debug
+# apache. Delete it if it bothers you.
+
+define dump_table
+ set $t = (apr_table_entry_t *)((apr_array_header_t *)$arg0)->elts
+ set $n = ((apr_array_header_t *)$arg0)->nelts
+ set $i = 0
+ while $i < $n
+ if $t[$i].val == (void *)0L
+ printf "[%u] '%s'=>NULL\n", $i, $t[$i].key
+ else
+ printf "[%u] '%s'='%s'\n", $i, $t[$i].key, $t[$i].val
+ end
+ set $i = $i + 1
+ end
+end
+document dump_table
+ Print the key/value pairs in a table.
+end
+
+
+define rh
+ run -f /home/dgaudet/ap2/conf/mpm.conf
+end
+
+define ro
+ run -DONE_PROCESS
+end
+
+define dump_string_array
+ set $a = (char **)((apr_array_header_t *)$arg0)->elts
+ set $n = (int)((apr_array_header_t *)$arg0)->nelts
+ set $i = 0
+ while $i < $n
+ printf "[%u] '%s'\n", $i, $a[$i]
+ set $i = $i + 1
+ end
+end
+document dump_string_array
+ Print all of the elements in an array of strings.
+end
+
+define printmemn
+ set $i = 0
+ while $i < $arg1
+ if $arg0[$i] < 0x20 || $arg0[$i] > 0x7e
+ printf "~"
+ else
+ printf "%c", $arg0[$i]
+ end
+ set $i = $i + 1
+ end
+end
+
+define print_bkt_datacol
+ # arg0 == column name
+ # arg1 == format
+ # arg2 == value
+ # arg3 == suppress header?
+ set $suppressheader = $arg3
+
+ if !$suppressheader
+ printf " "
+ printf $arg0
+ printf "="
+ else
+ printf " | "
+ end
+ printf $arg1, $arg2
+end
+
+define dump_bucket_ex
+ # arg0 == bucket
+ # arg1 == suppress header?
+ set $bucket = (struct apr_bucket *)$arg0
+ set $sh = $arg1
+ set $refcount = -1
+
+ print_bkt_datacol "bucket" "%-9s" $bucket->type->name $sh
+ printf "(0x%08lx)", (unsigned long)$bucket
+ print_bkt_datacol "length" "%-6ld" (long)($bucket->length) $sh
+ print_bkt_datacol "data" "0x%08lx" $bucket->data $sh
+
+ if !$sh
+ printf "\n "
+ end
+
+ if (($bucket->type == &apr_bucket_type_eos) || \
+ ($bucket->type == &apr_bucket_type_flush))
+
+ # metadata buckets, no content
+ print_bkt_datacol "contents" "%c" ' ' $sh
+ printf " "
+ print_bkt_datacol "rc" "n/%c" 'a' $sh
+
+ else
+ if ($bucket->type == &ap_bucket_type_error)
+
+ # metadata bucket, no content but it does have an error code in it
+ print_bkt_datacol "contents" "%c" ' ' $sh
+ set $status = ((ap_bucket_error *)$bucket->data)->status
+ printf " (status=%3d) ", $status
+ print_bkt_datacol "rc" "n/%c" 'a' $sh
+
+ else
+ if (($bucket->type == &apr_bucket_type_file) || \
+ ($bucket->type == &apr_bucket_type_pipe) || \
+ ($bucket->type == &apr_bucket_type_socket))
+
+ # buckets that contain data not in memory (ie not printable)
+
+ print_bkt_datacol "contents" "[**unprintable**%c" ']' $sh
+ printf " "
+ if $bucket->type == &apr_bucket_type_file
+ set $refcount = ((apr_bucket_refcount *)$bucket->data)->refcount
+ print_bkt_datacol "rc" "%d" $refcount $sh
+ end
+
+ else
+ if (($bucket->type == &apr_bucket_type_heap) || \
+ ($bucket->type == &apr_bucket_type_pool) || \
+ ($bucket->type == &apr_bucket_type_mmap) || \
+ ($bucket->type == &apr_bucket_type_transient) || \
+ ($bucket->type == &apr_bucket_type_immortal))
+
+ # in-memory buckets
+
+ if $bucket->type == &apr_bucket_type_heap
+ set $refcount = ((apr_bucket_refcount *)$bucket->data)->refcount
+ set $p = (apr_bucket_heap *)$bucket->data
+ set $data = $p->base+$bucket->start
+
+ else
+ if $bucket->type == &apr_bucket_type_pool
+ set $refcount = ((apr_bucket_refcount *)$bucket->data)->refcount
+ set $p = (apr_bucket_pool *)$bucket->data
+ if !$p->pool
+ set $p = (apr_bucket_heap *)$bucket->data
+ end
+ set $data = $p->base+$bucket->start
+
+ else
+ if $bucket->type == &apr_bucket_type_mmap
+ # is this safe if not APR_HAS_MMAP?
+ set $refcount = ((apr_bucket_refcount *)$bucket->data)->refcount
+ set $p = (apr_bucket_mmap *)$bucket->data
+ set $data = ((char *)$p->mmap->mm)+$bucket->start
+
+ else
+ if (($bucket->type == &apr_bucket_type_transient) || \
+ ($bucket->type == &apr_bucket_type_immortal))
+ set $data = ((char *)$bucket->data)+$bucket->start
+
+ end
+ end
+ end
+ end
+
+ if $sh
+ printf " | ["
+ else
+ printf " contents=["
+ end
+ set $datalen = $bucket->length
+ if $datalen > 17
+ printmem $data 17
+ printf "..."
+ set $datalen = 20
+ else
+ printmemn $data $datalen
+ end
+ printf "]"
+ while $datalen < 20
+ printf " "
+ set $datalen = $datalen + 1
+ end
+
+ if $refcount != -1
+ print_bkt_datacol "rc" "%d" $refcount $sh
+ else
+ print_bkt_datacol "rc" "n/%c" 'a' $sh
+ end
+
+ else
+ # 3rd-party bucket type
+ print_bkt_datacol "contents" "[**unknown**%c" ']' $sh
+ printf " "
+ print_bkt_datacol "rc" "n/%c" 'a' $sh
+ end
+ end
+ end
+ end
+
+ printf "\n"
+
+end
+
+define dump_bucket
+ dump_bucket_ex $arg0 0
+end
+document dump_bucket
+ Print bucket info
+end
+
+define dump_brigade
+ set $bb = (apr_bucket_brigade *)$arg0
+ set $bucket = $bb->list.next
+ set $sentinel = ((char *)((&($bb->list)) \
+ - ((size_t) &((struct apr_bucket *)0)->link)))
+ printf "dump of brigade 0x%lx\n", (unsigned long)$bb
+
+ printf " | type (address) | length | "
+ printf "data addr | contents | rc\n"
+ printf "----------------------------------------"
+ printf "----------------------------------------\n"
+
+ if $bucket == $sentinel
+ printf "brigade is empty\n"
+ end
+
+ set $j = 0
+ while $bucket != $sentinel
+ printf "%2d", $j
+ dump_bucket_ex $bucket 1
+ set $j = $j + 1
+ set $bucket = $bucket->link.next
+ end
+ printf "end of brigade\n"
+end
+document dump_brigade
+ Print bucket brigade info
+end
+
+define dump_filters
+ set $f = $arg0
+ while $f
+ printf "%s(0x%lx): ctx=0x%lx, r=0x%lx, c=0x%lx\n", \
+ $f->frec->name, (unsigned long)$f, (unsigned long)$f->ctx, \
+ $f->r, $f->c
+ set $f = $f->next
+ end
+end
+document dump_filters
+ Print filter chain info
+end
+
+define dump_process_rec
+ set $p = $arg0
+ printf "process_rec=0x%lx:\n", (unsigned long)$p
+ printf " pool=0x%lx, pconf=0x%lx\n", \
+ (unsigned long)$p->pool, (unsigned long)$p->pconf
+end
+document dump_process_rec
+ Print process_rec info
+end
+
+define dump_server_rec
+ set $s = $arg0
+ printf "name=%s:%d\n", \
+ $s->server_hostname, $s->port
+ dump_process_rec($s->process)
+end
+document dump_server_rec
+ Print server_rec info
+end
+
+define dump_servers
+ set $s = $arg0
+ while $s
+ dump_server_rec($s)
+ printf "\n"
+ set $s = $s->next
+ end
+end
+document dump_servers
+ Print server_rec list info
+end
diff --git a/trunk/ABOUT_APACHE b/trunk/ABOUT_APACHE
new file mode 100644
index 0000000000000000000000000000000000000000..f1a193cb3bf51fbfddbf1d6f52edba8cc1d3d71f
--- /dev/null
+++ b/trunk/ABOUT_APACHE
@@ -0,0 +1,277 @@
+
+ The Apache HTTP Server Project
+
+ http://httpd.apache.org/
+
+ February 2002
+
+The Apache Project is a collaborative software development effort aimed
+at creating a robust, commercial-grade, featureful, and freely-available
+source code implementation of an HTTP (Web) server. The project is
+jointly managed by a group of volunteers located around the world, using
+the Internet and the Web to communicate, plan, and develop the server and
+its related documentation. These volunteers are known as the Apache Group.
+In addition, hundreds of users have contributed ideas, code, and
+documentation to the project. This file is intended to briefly describe
+the history of the Apache Group, recognize the many contributors, and
+explain how you can join the fun too.
+
+In February of 1995, the most popular server software on the Web was the
+public domain HTTP daemon developed by Rob McCool at the National Center
+for Supercomputing Applications, University of Illinois, Urbana-Champaign.
+However, development of that httpd had stalled after Rob left NCSA in
+mid-1994, and many webmasters had developed their own extensions and bug
+fixes that were in need of a common distribution. A small group of these
+webmasters, contacted via private e-mail, gathered together for the purpose
+of coordinating their changes (in the form of "patches"). Brian Behlendorf
+and Cliff Skolnick put together a mailing list, shared information space,
+and logins for the core developers on a machine in the California Bay Area,
+with bandwidth and diskspace donated by HotWired and Organic Online.
+By the end of February, eight core contributors formed the foundation
+of the original Apache Group:
+
+ Brian Behlendorf Roy T. Fielding Rob Hartill
+ David Robinson Cliff Skolnick Randy Terbush
+ Robert S. Thau Andrew Wilson
+
+with additional contributions from
+
+ Eric Hagberg Frank Peters Nicolas Pioch
+
+Using NCSA httpd 1.3 as a base, we added all of the published bug fixes
+and worthwhile enhancements we could find, tested the result on our own
+servers, and made the first official public release (0.6.2) of the Apache
+server in April 1995. By coincidence, NCSA restarted their own development
+during the same period, and Brandon Long and Beth Frank of the NCSA Server
+Development Team joined the list in March as honorary members so that the
+two projects could share ideas and fixes.
+
+The early Apache server was a big hit, but we all knew that the codebase
+needed a general overhaul and redesign. During May-June 1995, while
+Rob Hartill and the rest of the group focused on implementing new features
+for 0.7.x (like pre-forked child processes) and supporting the rapidly growing
+Apache user community, Robert Thau designed a new server architecture
+(code-named Shambhala) which included a modular structure and API for better
+extensibility, pool-based memory allocation, and an adaptive pre-forking
+process model. The group switched to this new server base in July and added
+the features from 0.7.x, resulting in Apache 0.8.8 (and its brethren)
+in August.
+
+After extensive beta testing, many ports to obscure platforms, a new set
+of documentation (by David Robinson), and the addition of many features
+in the form of our standard modules, Apache 1.0 was released on
+December 1, 1995.
+
+Less than a year after the group was formed, the Apache server passed
+NCSA's httpd as the #1 server on the Internet.
+
+The survey by Netcraft (http://www.netcraft.com/survey/) shows that Apache
+is today more widely used than all other web servers combined.
+
+ ============================================================================
+
+Current Apache Group in alphabetical order as of 2 April 2002:
+
+ Greg Ames IBM Corporation, Research Triangle Park, NC, USA
+ Aaron Bannert California
+ Brian Behlendorf Collab.Net, California
+ Ken Coar IBM Corporation, Research Triangle Park, NC, USA
+ Mark J. Cox Red Hat, UK
+ Lars Eilebrecht Freelance Consultant, Munich, Germany
+ Ralf S. Engelschall Cable & Wireless Deutschland, Munich, Germany
+ Justin Erenkrantz University of California, Irvine
+ Roy T. Fielding Day Software, California
+ Tony Finch Covalent Technologies, California
+ Dean Gaudet Transmeta Corporation, California
+ Dirk-Willem van Gulik Covalent Technologies, California
+ Brian Havard Australia
+ Ian Holsman CNET, California
+ Ben Hyde Gensym, Massachusetts
+ Jim Jagielski jaguNET Access Services, Maryland
+ Manoj Kasichainula Collab.Net, California
+ Alexei Kosut Stanford University, California
+ Martin Kraemer Munich, Germany
+ Ben Laurie Freelance Consultant, UK
+ Rasmus Lerdorf Yahoo!, California
+ Daniel Lopez Ridruejo Covalent Technologies, California
+ Doug MacEachern Covalent Technologies, California
+ Aram W. Mirzadeh CableVision, New York
+ Chuck Murcko The Topsail Group, Pennsylvania
+ Brian Pane CNET Networks, California
+ Sameer Parekh California
+ David Reid UK
+ William A. Rowe, Jr. Covalent, Illinois
+ Wilfredo Sanchez Apple Computer, California
+ Cliff Skolnick California
+ Marc Slemko Canada
+ Joshua Slive Canada
+ Greg Stein California
+ Bill Stoddard IBM Corporation, Research Triangle Park, NC
+ Sander Striker The Netherlands
+ Paul Sutton Seattle
+ Randy Terbush Covalent Technologies, California
+ Jeff Trawick IBM Corporation, Research Triangle Park, NC
+ Cliff Woolley University of Virginia
+
+Apache Emeritus (old group members now off doing other things)
+
+ Ryan Bloom California
+ Rob Hartill Internet Movie DB, UK
+ David Robinson Cambridge University, UK
+ Robert S. Thau MIT, Massachusetts
+ Andrew Wilson Freelance Consultant, UK
+
+Other major contributors
+
+ Howard Fear (mod_include), Florent Guillaume (language negotiation),
+ Koen Holtman (rewrite of mod_negotiation),
+ Kevin Hughes (creator of all those nifty icons),
+ Brandon Long and Beth Frank (NCSA Server Development Team, post-1.3),
+ Ambarish Malpani (Beginning of the NT port),
+ Rob McCool (original author of the NCSA httpd 1.3),
+ Paul Richards (convinced the group to use remote CVS after 1.0),
+ Garey Smiley (OS/2 port), Henry Spencer (author of the regex library).
+
+Many 3rd-party modules, frequently used and recommended, are also
+freely-available and linked from the related projects page:
+, and their authors frequently
+contribute ideas, patches, and testing.
+
+Hundreds of people have made individual contributions to the Apache
+project. Patch contributors are listed in the CHANGES file.
+Frequent contributors have included Petr Lampa, Tom Tromey, James H.
+Cloos Jr., Ed Korthof, Nathan Neulinger, Jason S. Clary, Jason A. Dour,
+Michael Douglass, Tony Sanders, Brian Tao, Michael Smith, Adam Sussman,
+Nathan Schrenk, Matthew Gray, and John Heidemann.
+
+ ============================================================================
+
+How to become involved in the Apache project
+
+There are several levels of contributing. If you just want to send
+in an occasional suggestion/fix, then you can just use the bug reporting
+form at . You can also subscribe
+to the announcements mailing list (announce-subscribe@httpd.apache.org) which
+we use to broadcast information about new releases, bugfixes, and upcoming
+events. There's a lot of information about the development process (much of
+it in serious need of updating) to be found at .
+
+If you'd like to become an active contributor to the Apache project (the
+group of volunteers who vote on changes to the distributed server), then
+you need to start by subscribing to the dev@httpd.apache.org mailing list.
+One warning though: traffic is high, 1000 to 1500 messages/month.
+To subscribe to the list, send an email to dev-subscribe@httpd.apache.org.
+We recommend reading the list for a while before trying to jump in to
+development.
+
+ NOTE: The developer mailing list (dev@httpd.apache.org) is not
+ a user support forum; it is for people actively working on development
+ of the server code and documentation, and for planning future
+ directions. If you have user/configuration questions, send them
+ to users list or to the USENET
+ newsgroup "comp.infosystems.www.servers.unix".or for windows users,
+ the newsgroup "comp.infosystems.www.servers.ms-windows".
+
+There is a core group of contributors (informally called the "core")
+which was formed from the project founders and is augmented from time
+to time when core members nominate outstanding contributors and the
+rest of the core members agree. The core group focus is more on
+"business" issues and limited-circulation things like security problems
+than on mainstream code development. The term "The Apache Group"
+technically refers to this core of project contributors.
+
+The Apache project is a meritocracy -- the more work you have done, the more
+you are allowed to do. The group founders set the original rules, but
+they can be changed by vote of the active members. There is a group
+of people who have logins on our server (apache.org) and access to the
+CVS repository. Everyone has access to the CVS snapshots. Changes to
+the code are proposed on the mailing list and usually voted on by active
+members -- three +1 (yes votes) and no -1 (no votes, or vetoes) are needed
+to commit a code change during a release cycle; docs are usually committed
+first and then changed as needed, with conflicts resolved by majority vote.
+
+Our primary method of communication is our mailing list. Approximately 40
+messages a day flow over the list, and are typically very conversational in
+tone. We discuss new features to add, bug fixes, user problems, developments
+in the web server community, release dates, etc. The actual code development
+takes place on the developers' local machines, with proposed changes
+communicated using a patch (output of a unified "diff -u oldfile newfile"
+command), and committed to the source repository by one of the core
+developers using remote CVS. Anyone on the mailing list can vote on a
+particular issue, but we only count those made by active members or people
+who are known to be experts on that part of the server. Vetoes must be
+accompanied by a convincing explanation.
+
+New members of the Apache Group are added when a frequent contributor is
+nominated by one member and unanimously approved by the voting members.
+In most cases, this "new" member has been actively contributing to the
+group's work for over six months, so it's usually an easy decision.
+
+The above describes our past and current (as of July 2000) guidelines,
+which will probably change over time as the membership of the group
+changes and our development/coordination tools improve.
+
+ ============================================================================
+
+The Apache Software Foundation (www.apache.org)
+
+The Apache Software Foundation exists to provide organizational, legal,
+and financial support for the Apache open-source software projects.
+Founded in June 1999 by the Apache Group, the Foundation has been
+incorporated as a membership-based, not-for-profit corporation in order
+to ensure that the Apache projects continue to exist beyond the participation
+of individual volunteers, to enable contributions of intellectual property
+and funds on a sound basis, and to provide a vehicle for limiting legal
+exposure while participating in open-source software projects.
+
+You are invited to participate in The Apache Software Foundation. We welcome
+contributions in many forms. Our membership consists of those individuals
+who have demonstrated a commitment to collaborative open-source software
+development through sustained participation and contributions within the
+Foundation's projects. Many people and companies have contributed towards
+the success of the Apache projects.
+
+ ============================================================================
+
+Why Apache Is Free
+
+Apache exists to provide a robust and commercial-grade reference
+implementation of the HTTP protocol. It must remain a platform upon which
+individuals and institutions can build reliable systems, both for
+experimental purposes and for mission-critical purposes. We believe the
+tools of online publishing should be in the hands of everyone, and
+software companies should make their money providing value-added services
+such as specialized modules and support, amongst other things. We realize
+that it is often seen as an economic advantage for one company to "own" a
+market - in the software industry that means to control tightly a
+particular conduit such that all others must pay. This is typically done
+by "owning" the protocols through which companies conduct business, at the
+expense of all those other companies. To the extent that the protocols of
+the World Wide Web remain "unowned" by a single company, the Web will
+remain a level playing field for companies large and small. Thus,
+"ownership" of the protocol must be prevented, and the existence of a
+robust reference implementation of the protocol, available absolutely for
+free to all companies, is a tremendously good thing.
+
+Furthermore, Apache is an organic entity; those who benefit from it
+by using it often contribute back to it by providing feature enhancements,
+bug fixes, and support for others in public newsgroups. The amount of
+effort expended by any particular individual is usually fairly light, but
+the resulting product is made very strong. This kind of community can
+only happen with freeware -- when someone pays for software, they usually
+aren't willing to fix its bugs. One can argue, then, that Apache's
+strength comes from the fact that it's free, and if it were made "not
+free" it would suffer tremendously, even if that money were spent on a
+real development team.
+
+We want to see Apache used very widely -- by large companies, small
+companies, research institutions, schools, individuals, in the intranet
+environment, everywhere -- even though this may mean that companies who
+could afford commercial software, and would pay for it without blinking,
+might get a "free ride" by using Apache. We would even be happy if some
+commercial software companies completely dropped their own HTTP server
+development plans and used Apache as a base, with the proper attributions
+as described in the LICENSE file.
+
+Thanks for using Apache!
+
diff --git a/trunk/Apache.dsw b/trunk/Apache.dsw
new file mode 100644
index 0000000000000000000000000000000000000000..eeb51c49df2ce055c315c101a16f787a702595df
--- /dev/null
+++ b/trunk/Apache.dsw
@@ -0,0 +1,2006 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "httpd"=".\httpd.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "ApacheMonitor"=.\support\win32\ApacheMonitor.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "BuildBin"=.\BuildBin.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name httpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name ApacheMonitor
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv_ccs_modules
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv_ces_modules
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_actions
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_alias
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_asis
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_digest
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authn_anon
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authn_dbm
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authn_default
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authn_file
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authnz_ldap
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authz_dbm
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authz_default
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authz_groupfile
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authz_host
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_authz_user
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_autoindex
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_bucketeer
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_cern_meta
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_cgi
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_charset_lite
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_dav_fs
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_dir
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_disk_cache
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_dumpio
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_env
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_expires
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_ext_filter
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_file_cache
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_headers
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_ident
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_imagemap
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_include
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_info
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_isapi
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_logio
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_log_config
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_log_forensic
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_mem_cache
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_mime
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_mime_magic
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_negotiation
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_rewrite
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_setenvif
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_speling
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_status
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_unique_id
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_userdir
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_usertrack
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_version
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_vhost_alias
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy_connect
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy_ftp
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy_http
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name ab
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name htdbm
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name htdigest
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name htpasswd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name logresolve
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name rotatelogs
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name wintty
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy_ajp
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy_balancer
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "InstallBin"=.\InstallBin.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name BuildBin
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "ab"=.\support\ab.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "abs"=.\support\abs.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "apr"=.\srclib\apr\apr.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "apriconv"=".\srclib\apr-iconv\apriconv.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "aprutil"=".\srclib\apr-util\aprutil.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apriconv
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name gen_uri_delims
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name xml
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "dftables"=.\srclib\pcre\dftables.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "gen_test_char"=.\server\gen_test_char.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "gen_uri_delims"=".\srclib\apr-util\uri\gen_uri_delims.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "htdbm"=.\support\htdbm.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "htdigest"=.\support\htdigest.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "htpasswd"=.\support\htpasswd.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "libapr"=.\srclib\apr\libapr.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "libapriconv"=".\srclib\apr-iconv\libapriconv.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "libapriconv_ccs_modules"=".\srclib\apr-iconv\ccs\libapriconv_ccs_modules.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "libapriconv_ces_modules"=".\srclib\apr-iconv\ces\libapriconv_ces_modules.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "libaprutil"=".\srclib\apr-util\libaprutil.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name gen_uri_delims
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name xml
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "libhttpd"=.\libhttpd.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libapriconv
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name gen_test_char
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name pcre
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "logresolve"=.\support\logresolve.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_actions"=.\modules\mappers\mod_actions.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_alias"=.\modules\mappers\mod_alias.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_asis"=.\modules\generators\mod_asis.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_auth_basic"=.\modules\aaa\mod_auth_basic.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_auth_digest"=.\modules\aaa\mod_auth_digest.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authnz_ldap"=.\modules\aaa\mod_authnz_ldap.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_ldap
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authn_anon"=.\modules\aaa\mod_authn_anon.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authn_dbm"=.\modules\aaa\mod_authn_dbm.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authn_default"=.\modules\aaa\mod_authn_default.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authn_file"=.\modules\aaa\mod_authn_file.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authz_dbm"=.\modules\aaa\mod_authz_dbm.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authz_default"=.\modules\aaa\mod_authz_default.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authz_groupfile"=.\modules\aaa\mod_authz_groupfile.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authz_host"=.\modules\aaa\mod_authz_host.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_authz_user"=.\modules\aaa\mod_authz_user.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_auth_basic
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_autoindex"=.\modules\generators\mod_autoindex.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_bucketeer"=.\modules\debug\mod_bucketeer.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_cache"=.\modules\cache\mod_cache.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_cern_meta"=.\modules\metadata\mod_cern_meta.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_cgi"=.\modules\generators\mod_cgi.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_charset_lite"=.\modules\experimental\mod_charset_lite.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_dav"=.\modules\dav\main\mod_dav.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_dav_fs"=.\modules\dav\fs\mod_dav_fs.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_dav
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_deflate"=.\modules\filters\mod_deflate.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_dir"=.\modules\mappers\mod_dir.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_disk_cache"=.\modules\cache\mod_disk_cache.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_cache
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_dumpio"=.\modules\debug\mod_dumpio.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_echo"=.\modules\echo\mod_echo.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_env"=.\modules\metadata\mod_env.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_expires"=.\modules\metadata\mod_expires.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_ext_filter"=.\modules\filters\mod_ext_filter.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_file_cache"=.\modules\cache\mod_file_cache.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_headers"=.\modules\metadata\mod_headers.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_ident"=.\modules\metadata\mod_ident.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_imagemap"=.\modules\mappers\mod_imagemap.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_include"=.\modules\filters\mod_include.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_info"=.\modules\generators\mod_info.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_isapi"=.\modules\arch\win32\mod_isapi.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_ldap"=.\modules\ldap\mod_ldap.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_log_config"=.\modules\loggers\mod_log_config.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_log_forensic"=.\modules\loggers\mod_log_forensic.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_logio"=.\modules\loggers\mod_logio.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_mem_cache"=.\modules\cache\mod_mem_cache.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_cache
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_mime"=.\modules\http\mod_mime.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_mime_magic"=.\modules\metadata\mod_mime_magic.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_negotiation"=.\modules\mappers\mod_negotiation.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy"=.\modules\proxy\mod_proxy.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy_ajp"=.\modules\proxy\mod_proxy_ajp.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy_balancer"=.\modules\proxy\mod_proxy_balancer.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy_connect"=.\modules\proxy\mod_proxy_connect.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy_ftp"=.\modules\proxy\mod_proxy_ftp.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_proxy_http"=.\modules\proxy\mod_proxy_http.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name mod_proxy
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_rewrite"=.\modules\mappers\mod_rewrite.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_setenvif"=.\modules\metadata\mod_setenvif.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_speling"=.\modules\mappers\mod_speling.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_ssl"=.\modules\ssl\mod_ssl.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_status"=.\modules\generators\mod_status.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_unique_id"=.\modules\metadata\mod_unique_id.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_userdir"=.\modules\mappers\mod_userdir.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_usertrack"=.\modules\metadata\mod_usertrack.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_version"=.\modules\metadata\mod_version.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "mod_vhost_alias"=.\modules\mappers\mod_vhost_alias.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name libapr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libaprutil
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name libhttpd
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "pcre"=.\srclib\pcre\pcre.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name dftables
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "rotatelogs"=.\support\rotatelogs.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "wintty"=.\support\win32\wintty.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+ Begin Project Dependency
+ Project_Dep_Name apr
+ End Project Dependency
+ Begin Project Dependency
+ Project_Dep_Name aprutil
+ End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "xml"=".\srclib\apr-util\xml\expat\lib\xml.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+
diff --git a/trunk/BuildBin.dsp b/trunk/BuildBin.dsp
new file mode 100644
index 0000000000000000000000000000000000000000..9e3c15235ecb05107bea94edfd5e222cd370e77f
--- /dev/null
+++ b/trunk/BuildBin.dsp
@@ -0,0 +1,97 @@
+# Microsoft Developer Studio Project File - Name="BuildBin" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) External Target" 0x0106
+
+CFG=BuildBin - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE
+!MESSAGE NMAKE /f "BuildBin.mak".
+!MESSAGE
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "BuildBin.mak" CFG="BuildBin - Win32 Debug"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "BuildBin - Win32 Release" (based on "Win32 (x86) External Target")
+!MESSAGE "BuildBin - Win32 Debug" (based on "Win32 (x86) External Target")
+!MESSAGE
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+
+!IF "$(CFG)" == "BuildBin - Win32 Release"
+
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir ""
+# PROP BASE Intermediate_Dir ""
+# PROP BASE Cmd_Line "NMAKE /f makefile.win"
+# PROP BASE Rebuild_Opt "/a"
+# PROP BASE Target_File "\Apache21\bin\httpd.exe"
+# PROP BASE Bsc_Name ".\Browse\BuildBin.bsc"
+# PROP BASE Target_Dir ""
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir ""
+# PROP Intermediate_Dir ""
+# PROP Cmd_Line "NMAKE /f makefile.win INSTDIR="\Apache21" LONG=Release _tryssl _tryzlib _dummy"
+# PROP Rebuild_Opt ""
+# PROP Target_File "\Apache21\bin\httpd.exe"
+# PROP Bsc_Name ".\Browse\httpd.bsc"
+# PROP Target_Dir ""
+
+!ELSEIF "$(CFG)" == "BuildBin - Win32 Debug"
+
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir ""
+# PROP BASE Intermediate_Dir ""
+# PROP BASE Cmd_Line "NMAKE /f makefile.win"
+# PROP BASE Rebuild_Opt "/a"
+# PROP BASE Target_File "\Apache21\bin\httpd.exe"
+# PROP BASE Bsc_Name ".\Browse\BuildBin.bsc"
+# PROP BASE Target_Dir ""
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir ""
+# PROP Intermediate_Dir ""
+# PROP Cmd_Line "NMAKE /f makefile.win INSTDIR="\Apache21" LONG=Debug _tryssl _tryzlib _dummy"
+# PROP Rebuild_Opt ""
+# PROP Target_File "\Apache21\bin\httpd.exe"
+# PROP Bsc_Name ".\Browse\httpd.bsc"
+# PROP Target_Dir ""
+
+!ENDIF
+
+# Begin Target
+
+# Name "BuildBin - Win32 Release"
+# Name "BuildBin - Win32 Debug"
+
+!IF "$(CFG)" == "BuildBin - Win32 Release"
+
+!ELSEIF "$(CFG)" == "BuildBin - Win32 Debug"
+
+!ENDIF
+
+# Begin Source File
+
+SOURCE=.\os\win32\BaseAddr.ref
+# End Source File
+# Begin Source File
+
+SOURCE=.\CHANGES
+# End Source File
+# Begin Source File
+
+SOURCE=.\Makefile.win
+# End Source File
+# Begin Source File
+
+SOURCE=.\STATUS
+# End Source File
+# End Target
+# End Project
diff --git a/trunk/CHANGES b/trunk/CHANGES
new file mode 100644
index 0000000000000000000000000000000000000000..e358998d6213fe9023b3c6477224fef345582dc7
--- /dev/null
+++ b/trunk/CHANGES
@@ -0,0 +1,14683 @@
+Changes with Apache 2.1.5
+
+ [Remove entries to the current 2.0 section below, when backported]
+
+ *) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125.
+ [Paul Querna]
+
+ *) mod_cache: Rename 'generate_name' to 'ap_cache_generate_name'.
+ [Paul Querna]
+
+ *) SECURITY: CAN-2005-1268 (cve.mitre.org)
+ mod_ssl: Fix possible crash on printing CRL details when
+ debugging is enabled, if configured to use a CRL from
+ a malicious source. PR 35081. [Marc Stern ]
+
+ *) proxy FTP: Fix confusion about globbing characters which could lead
+ to getting a directory listing when a file was requested. PR 34512.
+ [Sean ]
+
+ *) mod_mime_magic: Handle CRLF-format magic files so that it works with
+ the default installation on Windows. [Jeff Trawick]
+
+ *) core: Allow multiple modules to register interest in a single
+ configuration command. [Paul Querna]
+
+ *) EBCDIC: Handle chunked input from client or, with proxy, origin
+ server. [Jeff Trawick]
+
+ *) authn_provider_alias: Adds the configuration block tag
+
+ Authentication directives contained within this block can be
+ referenced as a new authProvider using the AuthBasicProvider or
+ AuthDigestProvider directive. These directives will be merged in to
+ the per_dir configuration just before the base provider is called.
+ [Brad Nicholes]
+
+ *) ap_getword_conf: Fix backslashes at the end of configuration directives.
+ PR 34834. [Timo Viipuri ]
+
+ *) mod_dbd: New additions: mod_dbd.c, mod_dbd.h, mod_dbd.xml
+ Provide module hooks for apr_dbd; optimise for httpd
+ threaded and non-threaded arch [Nick Kew]
+
+ *) ab: SSL support rewritten, improved, and enabled if SSL is enabled
+ during the build; -f and -Z arguments added to specify SSL protocol
+ options. [Masaoki Kobayashi ]
+
+ *) Support the suppress-error-charset setting, as with Apache 1.3.x.
+ PR 31274. [Jeff Trawick]
+
+ *) Prevent hangs of child processes when writing to piped loggers at
+ the time of graceful restart. PR 26467. [Jeff Trawick]
+
+ *) mod_info: Show the Quick Handler [Paul Querna]
+
+ *) mod_ldap: Add the directive LDAPVerifyServerCert to specify
+ whether to force verification of the server certificate when
+ establishing an SSL connection to the LDAP server.
+ [Brad Nicholes]
+
+ *) mod_proxy: Run mod_rewrite before mod_proxy in the translate_name
+ hook. [Paul Querna]
+
+ *) Add AP_INIT_TAKE_ARGV for configuration commands. (minor MMN bump)
+ [Paul Querna]
+
+ *) worker and event mpms: don't take down the whole server for a transient
+ thread creation failure. PR 34514 [Greg Ames]
+
+ *) ap_get_local_host() rewritten for APR. [Jim Jagielski]
+
+ *) Add the ap_vhost_iterate_given_conn function to expose the information
+ used in Name Based Virtual Hosting. (minor MMN bump)
+ [Paul Querna]
+
+ *) Remove the never working ap_method_list_do and ap_method_list_vdo.
+ [Paul Querna]
+
+ *) Added makefile and doc for building mod_ssl on the NetWare
+ platform. [Guenter Knauf, Brad Nicholes]
+
+ *) mod_deflate: Merge the Vary header, isntead of Setting it. Fixes
+ applications that send the Vary Header themselves, and also apply
+ mod_defalte as an output filter. [Paul Querna]
+
+ *) mod_rewrite: use buffered I/O for RewriteMap txt: files. This
+ can result in a major performance improvement when the files are
+ large.
+ [Greg Ames]
+
+ *) Change the default (when not present in the config file) setting
+ for UseCanonicalName to Off.
+ [Joshua Slive]
+
+ *) mod_userdir: The module no longer does any remapping unless the
+ UserDir directive is present in the config file.
+ [Joshua Slive]
+
+ *) Massively simplify the distributed httpd.conf by removing
+ many features and many directives that are at their default
+ setting. Add a selection of example config excerpts for adding
+ extra features in the conf/extra/ directory. Install the
+ distributed config and the extra config examples in the
+ conf/original/ directory during make install.
+ [Joshua Slive, Justin Erenkrantz]
+
+ *) NetWare: Reposition mod_asis, mod_actions, mod_cgi, mod_imagemap,
+ mod_userdir and mod_autoindex as shared modules rather than
+ built-in modules within the NetWare build.
+ [Brad Nicholes]
+
+ *) Rename mod_imap to mod_imagemap.
+ [Paul Querna]
+
+ *) util_ldap: Eliminate the load ordering of mod_ldap and mod_authnz_ldap
+ by changing the mod_ldap exported functions to optional functions.
+ [Brad Nicholes]
+
+Changes with Apache 2.1.4
+
+ *) Don't let a subrequest inherit headers describing the original request's
+ body. [Greg Ames]
+
+ *) Fix Windows CompContext buff size miscalculation
+ [Allan Edwards]
+
+ *) Add ReceiveBufferSize directive to control the TCP receive buffer.
+ [Eric Covener ]
+
+ *) mod_proxy: Add proxy-sendextracrlf option to send an extra CRLF at the
+ end of the request body to work with really old HTTP servers.
+ [Justin Erenkrantz]
+
+ *) util_ldap: Keep track of the number of attributes retrieved from
+ LDAP so that all the values can be properly cached even if the
+ value is NULL. PR 33901 [Brad Nicholes]
+
+ *) mod_cache: Fix error where incoming Cache-Control would be ignored.
+ [Justin Erenkrantz]
+
+ *) mod_cache: Correctly handle originally conditional requests.
+ [Sander Striker]
+
+ *) mod_disk_cache: Correctly update cached headers on revalidated responses.
+ [Sander Striker, Justin Erenkrantz]
+
+ *) worker MPM/mod_status: Support per-worker tracking of pid and
+ generation in the scoreboard so that mod_status can accurately
+ represent workers in processes which are gracefully terminating.
+ (major MMN bump)
+ [Jeff Trawick]
+
+ *) Correctly export all mod_dav public functions.
+ [Branko Èibej ]
+
+Changes with Apache 2.1.3
+
+ *) mod_ssl: Add ssl_ext_lookup optional function for accessing
+ certificate extensions. [David Reid, Joe Orton]
+
+ *) Add support for use of an external PCRE library; pass the
+ --with-pcre flag to configure. PR 27550. [Joe Orton,
+ Andres Salomon ]
+
+ *) Renamed regex interfaces to be namespace-safe, and moved from
+ pcreposix.h header to ap_regex.h: regex_t->ap_regex_t,
+ regmatch_t->ap_regmatch_t; REG_*->AP_REG_*; functions
+ reg*->ap_reg*. PR 27550. [Andres Salomon ,
+ Joe Orton]
+
+ *) Only recompile buildmark.c when we have to relink httpd.
+ [Justin Erenkrantz]
+
+ *) mod_cache: Fix up handling of revalidated responses.
+ [Justin Erenkrantz]
+
+ *) mod_disk_cache: Properly load cached ETag from on-disk structures.
+ [Justin Erenkrantz]
+
+ *) mod_authnz_ldap: Added an optional second parameter to AuthLDAPURL
+ to allow it to override the connection type set in mod_ldap. This
+ parameter can be set to NONE, SSL or TLS | STARTTLS.
+ [Brad Nicholes]
+
+ *) Fix --with-apr=/usr and/or --with-apr-util=/usr. PR 29740.
+ [Max Bowsher ]
+
+ *) mod_proxy: Fix ProxyRemoteMatch directive. PR 33170.
+ [Rici Lake ]
+
+ *) mod_proxy: Fix incorrect decoding/unescaping for reverse proxies.
+ PR 32459, 15207. [Jim Jagielski]
+
+ *) mod_cache: Add CacheStorePrivate and CacheStoreNoStore directive.
+ [Justin Erenkrantz]
+
+ *) Add --enable-pie flag to configure, to build httpd as a Position
+ Independent Executable where supported (GCC/binutils).
+ [Joe Orton]
+
+ *) proxy_balancer: Add in load-balancing via weighted traffic
+ byte count. [Jim Jagielski]
+
+ *) mod_disk_cache: Cache r->err_headers_out headers. This allows CGI
+ scripts to be properly cached. [Justin Erenkrantz, Sander Striker]
+
+ *) mod_ldap: Updated to use the new apr-util v1.1 apr_ldap_*_option()
+ API for the setting of server and client SSL certificates. Replaced
+ LDAPTrustedCA directive with LDAPTrustedGlobalCert and
+ LDAPTrustedClientCert directives to correctly support global certs
+ (CA certs / Netware client certs) and per connection client certs
+ as supported by Netware, OpenLDAP and Netscape/Mozilla.
+ [Graham Leggett]
+
+ *) mod_cache: Remove unimplemented CacheForceCompletion directive.
+ [Justin Erenkrantz]
+
+ *) support/check_forensic: Fix temp file usage
+ [Javier Fernandez-Sanguino Pen~a ]
+
+ *) mod_ssl: Add SSLCADNRequestFile and SSLCADNRequestPath directives
+ which can be used to configure a specific list of CA names to send
+ in a client certificate request. PR 32848.
+ [Tim Taylor ]
+
+ *) --with-module can now take more than one module to be statically
+ linked: --with-module=:,:,...
+ If the -subdirectory doesn't exist it will be created and
+ populated with a standard Makefile.in. [Erik Abele]
+
+ *) Remove some compiler warnings within the LDAP modules [Graham Leggett]
+
+ *) Add a build script to create a solaris package. [Graham Leggett]
+
+ *) ap_http_scheme() replaced with ap_http_method() - this function
+ returns the scheme (http v.s. https).
+ [William Rowe]
+
+ *) mod_proxy: Fix a request corruption problem and a buffering problem
+ which sometimes prevented proxy-sendchunks from working.
+ [Jeff Trawick]
+
+ *) Fix the RPM spec file so that an RPM build now works. An RPM
+ build now requires system installations of APR and APR-util.
+ [Graham Leggett]
+
+ *) Significantly simplify the load balancer scheduling algorithm
+ for the proxy BalancerMember weighting. loadfactors (lbfactors)
+ are now normalized with respect to each other. [Jim Jagielski]
+
+ *) mod_dumpio: Added to the available module suite; it is an
+ I/O logging/dumping module. Placed in the (new) debug module
+ subdirectory. mod_bucketeer moved to that directory as well.
+ [Jim Jagielski]
+
+ *) core: Add support for APR_TCP_DEFER_ACCEPT to defer accepting
+ of a connection until data is available.
+ [Paul Querna]
+
+Changes with Apache 2.1.2
+
+ *) mod_proxy: Respect errors reported by pre_connection hooks.
+ [Jeff Trawick]
+
+ *) core: Error out on sections that are missing an argument instead of
+ silently consuming the section. PR 25460.
+ [Geoffrey Young, Paul Querna]
+
+ *) mod_cache/mod_mem_cache/mod_disk_cache: Move out of experimental.
+
+ *) Upgraded PCRE to version 5.0. [Brian Pane]
+
+ *) mod_cgid: Catch configuration problem where two web server instances
+ share same ServerRoot but admin forgot to use ScriptSock.
+ [Jeff Trawick]
+
+ *) mod_cgi: Ensure that all stderr is logged for a script which returns
+ a Location header to generate a non-local redirect. PR 20111.
+ [Joe Orton]
+
+ *) Added the Event MPM to more efficiently handle clients during a
+ Keep Alive request.
+ [Paul Querna, Greg Ames]
+
+Changes with Apache 2.1.1
+
+ *) mod_proxy_http: Stream content better - always flush buffered data to
+ the client before blocking waiting for new data. PR 19954.
+ [Joe Orton]
+
+ *) mod_ssl: Add support for command-line option "-t -DDUMP_CERTS" which
+ will dump the filenames of all configured SSL certificates to stdout.
+ [Joe Orton]
+
+ *) mod_disk_cache: Remove a bunch of non-implemented garbage collection
+ and cache size directives that are now available through htcacheclean.
+ [Justin Erenkrantz]
+
+ *) Add htcacheclean to support/ for assistance with mod_disk_cache.
+ [Andreas Steinmetz]
+
+ *) mod_authnz_ldap: Added the directive "Requires ldap-filter" that
+ allows the module to authorize a user based on a complex LDAP
+ search filter. [Brad Nicholes]
+
+ *) mod_usertrack: Run the fixups hook before other modules.
+ PR 29755. [Paul Querna]
+
+ *) Allow mod_authnz_ldap authorization functionality to be used
+ without requiring the user to also be authenticated through
+ mod_authnz_ldap. This allows other authentication modules to
+ take advantage of LDAP authorization only [PR 28253]
+ [Jari Ahonen jah progress.com, Brad Nicholes]
+
+ *) Log the client IP address when an error occurs disabling nagle on a
+ connection, but log at a severity of debug since this error
+ generally means that the connection was dropped before data was
+ sent. Log the client IP address when reporting errors in the core
+ output filter. [Jeff Trawick]
+
+ *) Add ap_log_cerror() for logging messages associated with particular
+ client connections. [Jeff Trawick]
+
+ *) core: Add a warning message if the request line read fails.
+ [Paul Querna]
+
+ *) mod_rewrite: Removed the MaxRedirects option in favor of the
+ core LimitInternalRecursion directive. [André Malo]
+
+ *) mod_info: Added listing of the Request Hooks and added more build
+ information like 'httpd -V' contains. Changed output to XHTML.
+ [Paul Querna]
+
+ *) mod_info: Rewrote config tree walk using a recursive function.
+ Added ?config option. Added printout of config filename and line numbers.
+ [Rici Lake , Paul Querna]
+
+ *) mod_proxy: Fix type error that prevents proxy-sendchunks from working.
+ [Justin Erenkrantz]
+
+ *) mod_proxy: Fix data corruption by properly setting aside buckets.
+ [Justin Erenkrantz]
+
+ *) mod_proxy: If a request has a blank body and has a 0 Content-Length
+ headers, pass that to the proxy. [Justin Erenkrantz]
+
+ *) Recognize QSA flag in mod_rewrite again.
+ [Jan Kratochvil ]
+
+ *) Restructured mod_auth_ldap to fit the new authentication model.
+ The module is now called authnz_ldap and has been moved out of
+ the modules/experimental area and into modules/aaa with the other
+ auth modules. Both the authn_ldap provider and the authz_ldap
+ handler are contained within the authnz_ldap module. The
+ authz_ldap handler introduces 3 new "requires" values for handling
+ authorization. These handlers are ldap-user, ldap-group and
+ ldap-dn. [Brad Nicholes]
+
+ *) Fix some compiler warnings in proxy
+ [Geoffrey Young ]
+
+ *) mod_ssl: Add SSL_CLIENT_V_REMAIN variable, representing the
+ number of days until the client cert expires. [Joe Orton]
+
+ *) Add test_config hook, run only if httpd is invoked using -t.
+ [Joe Orton]
+
+ *) Improve error handling for corrupted pid files. [Jeff Trawick]
+
+ *) mod_proxy.c and proxy_util.c: Enable compiling on 2.0-HEAD
+ (for backwards compatibility):
+ Avoids mod_ssl.h (not included in 2.0-HEAD) and
+ use apr_socket_create_ex for 0.9.x
+ [Mladen Turk]
+
+ *) Added proxy_ajp.c module for proxy support to ajp:// backends.
+ [Jean Frederic Clere]
+
+ *) Fixes the build of proxy on Windows. Since the proxy_module is declared
+ as extern using AP_MODULE_DECLARE_DATA that expands to dllexport, there
+ is a LNK2001 error when building proxy_http. [Mladen Turk]
+
+ *) Remove LDAP toolkit specific code from util_ldap and mod_auth_ldap.
+ [Graham Leggett]
+
+ *) Remove deprecated/removed APR_STATUS_IS_SUCCESS(). [Justin Erenkrantz]
+
+ *) perchild MPM: Fix thread safety problem in the use of longjmp().
+ [Tsuyoshi SASAMOTO ]
+
+ *) Add load balancer support to the scoreboard in preparation for
+ load balancing support in mod_proxy. [Mladen Turk]
+
+ *) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to
+ allow a non-secure connection to be upgraded to secure connections
+ [Brad Nicholes]
+
+ *) core: Add Options= syntax to AllowOverride to specify which options
+ may be overridden in .htaccess files. PR 29310.
+ [Tom Alsberg , Paul Querna]
+
+ *) ab: Handle long URLs with an error instead of an buffer overflow.
+ PR 28204. [Erik Weide , Paul Querna]
+
+ *) mod_so, core: Add new command line options to print all loaded
+ modules. '-t -D DUMP_MODULES' and '-M' will show all static
+ and shared modules as loaded from the configuration file.
+ [Paul Querna]
+
+ *) mod_autoindex: Add ShowForbidden to IndexOptions to list files
+ that are not shown because the subrequest returned 401 or 403.
+ PR 10575. [Paul Querna]
+
+ *) mod_headers: implement "Early" processing option in post_read_request
+ to enable Header and RequestHeader directives to be used to set up
+ testcases for pre-fixups request phases [Nick Kew]
+
+ *) mod_proxy: multiple bugfixes, principally support cookies in
+ ProxyPassReverse, and don't canonicalise URL passed to backend.
+ Documentation correspondingly updated. [Nick Kew ]
+
+ *) mod_deflate: support gzip flags in inflate_out_filter
+ [Nick Kew ]
+
+ *) Drop the ErrorHeader directive which turned out to be a misnomer.
+ Instead there's a new optional flag for the Header directive
+ ('always'), which keeps the former ErrorHeader functionality.
+ [André Malo]
+
+ *) mod_deflate: Don't deflate responses with zero length
+ e.g. proxied 304's [Allan Edwards]
+
+ *) now recognizes the module identifier in addition to the
+ file name. PR 29003. [Edward Rudd , André Malo]
+
+ *) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
+ OpenSSL 0.9.7 flag which uses the server's cipher order rather
+ than the client's. PR 28665.
+ [Jim Schneider ]
+
+ *) mod_ssl: Drop support for the CompatEnvVars argument to
+ SSLOptions, which was never actually implemented in 2.0.
+ [Joe Orton]
+
+ *) Fix bug in mod_deflate that unconditionally sent deflate'd output
+ even when Accept-Encoding is not present. [Justin Erenkrantz]
+
+ *) Pass environment variables through to piped loggers and start
+ them via the shell, resolving regressions since 1.3. PR 28815
+ [Ken Coar, Jeff Trawick]
+
+ *) External rewrite map responses are no longer limited to 2048
+ bytes. [André Malo]
+
+ *) Proxy server was deleting cookies that Apache had already
+ assigned if the origin server had set any cookies. PR 27023.
+ [Jim Jagielski]
+
+ *) Removed old and unmaintained ap_add_named_module API and changed
+ the following APIs to return an error instead of hard exiting:
+ ap_add_module, ap_add_loaded_module, ap_setup_prelinked_modules,
+ and ap_process_resource_config. [André Malo]
+
+ *) mod_headers: Allow %% in header values to represent a literal %.
+ [André Malo]
+
+ *) mod_headers: Allow env clauses also for 'echo' and 'unset' actions.
+ [André Malo]
+
+ *) mod_headers: Allow 'echo' also for ErrorHeaders. [André Malo]
+
+ *) mod_deflate: New option for DEFLATE output file (force-gzip),
+ new output filter 'INFLATE' for uncompressing responses.
+ [Nick Kew , Ian Holsman]
+
+ *) Added new module mod_version, which provides version dependent
+ configuration containers. [André Malo]
+
+ *) mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
+ format is used. PR 27787. [André Malo]
+
+ *) Allow Digest providers to return AUTH_DENIED to propagate a 401
+ status and terminate the provider chain prior to checking the password.
+ [Geoffrey Young]
+
+ *) mod_cgid: Don't allow Scriptsock to be specified inside VirtualHost;
+ Don't place script socket inside default server root instead of
+ actual server root. PR 27886. [Jeff Trawick]
+
+ *) mod_proxy: Fix handling of non-200 success status codes when
+ "ProxyErrorOverride On" is configured. PR 20183.
+ [Marcus Janson , Joe Orton]
+
+ *) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize
+ directive (previously NetWare-only) to override default thread
+ stack size for threads which handle client connections. Required
+ for some third-party modules on platforms with small default
+ thread stack size. [Jeff Trawick]
+
+ *) minor mod_auth_basic and mod_auth_digest sync. mod_auth_basic
+ now populates r->user with the (possibly unauthenticated) user,
+ and mod_auth_digest returns 500 when a provider returns
+ AUTH_GENERAL_ERROR.
+ [Geoffrey Young]
+
+ *) The whole codebase was relicensed and is now available under
+ the Apache License, Version 2.0 (http://www.apache.org/licenses).
+ [Apache Software Foundation]
+
+ *) Delete some make-generated files in the server directory during
+ "make clean" processing. PR 26552. [Jeff Trawick]
+
+ *) Add core version query function (ap_get_server_revision) and
+ accompanying ap_version_t structure (minor MMN bump).
+ [André Malo]
+
+ *) mod_rewrite: EOLs sent by external rewritemaps are now consumed
+ as whole. That way, on systems with more than one EOL character
+ rewritemap programs no longer need to switch stdout to binary
+ mode. PR 25635. [André Malo]
+
+ *) mod_rewrite: Introduce the ability to force a content handler via
+ the [handler=...] flag. [André Malo]
+
+ *) mod_rewrite: Introduce the RewriteCond -x check, which returns
+ true if the pattern is a file with execution permissions.
+ [André Malo]
+
+ *) mod_rewrite: Allow proxying and RewriteRules in directory context
+ for subrequests. PR 14648, 15114. [André Malo]
+
+ *) mod_rewrite: Allow setting of any valid HTTP response code.
+ PR 25917. [André Malo]
+
+ *) mod_rewrite: Cookie creation now works locale independent.
+ [André Malo]
+
+ *) mod_ssl: Add support for distributed session cache using 'distcache'.
+ [Geoff Thorpe ]
+
+ *) mod_dav: Disallow requests with an unescaped hash character in
+ the Request-URI. PR 21779. [Amit Athavale ]
+
+ *) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration
+ attaches a body to the 302 response and a wrong Content-Length header.
+ PR: 22951 [Ermanno Scaglione scaglione ..at.. starnetone.de]
+
+ *) Bring ErrorHeader concept forward from 1.3, so that response
+ header fields can be set for return even on errors or external
+ redirects. [Ken Coar]
+
+ *) Fix and parsing to require a closing '>'
+ in the initial container. PR 25414.
+ [Geoffrey Young ]
+
+ *) Clean up httpd -V output: Instead of displaying the MPM source
+ directory, display the MPM name and some MPM properties.
+ [Geoffrey Young ]
+
+ *) mod_ssl/mod_status: Re-enable support for output of SSL session
+ cache information in server-status page. [Joe Orton]
+
+ *) mod_ssl: Remove the shmht session cache, shmcb should be used
+ instead. [Joe Orton]
+
+ *) mod_logio: Account for some bytes handed to the network layer prior to
+ dropped connections. [Jeff Trawick]
+
+ *) mod_autoindex: new directive IndexStyleSheet
+ [Tyler Riddle , Paul Querna ]
+
+ *) Fix uninitialized gprof directory name in prefork MPM. PR 24450.
+ [Chris Knight ]
+
+ *) Log an error when requests for URIs which fail to map to a valid
+ filesystem name are rejected with 403. [Jeff Trawick]
+
+ *) Switch to APR 1.0 API.
+
+ *) Major overhaul of mod_include's filter parser. The new parser code
+ is expected to be more robust and should catch all of the edge cases
+ that were not handled by the previous one. This includes a binary
+ incompatible change of mod_include's external API. [André Malo]
+
+ *) mod_rewrite: Allow forced mimetypes [T=...] to get expanded.
+ PR 14223. [André Malo]
+
+ *) mod_rewrite: Fix LA-U and LA-F lookups in directory context. Previously
+ the current rewrite state was just used as lookup path, which lead to
+ strange and often useless results. Related to PR 8493. [André Malo]
+
+ *) Change Listen directive to bind to all addresses when a hostname is
+ not specified. [Justin Erenkrantz]
+
+ *) Correct failure with Listen directives on machines with IPv6 enabled.
+ [Colm MacCárthaigh , Justin Erenkrantz]
+
+ *) Fix a link failure in mod_ssl when the OpenSSL libraries contain
+ the ENGINE functions but the engine header files are missing.
+ [Cliff Woolley]
+
+ *) mod_rewrite: RewriteRules in server context using the force
+ type feature [T=...] no longer disable MultiViews. [André Malo]
+
+ *) mod_rewrite: Allow piped rewrite logs to be relative to ServerRoot.
+ [André Malo]
+
+ *) mod_authz_groupfile: Strip trailing spaces of group names. This
+ hopefully saves some hours of searching for typos. PR 12863.
+ [André Malo]
+
+ *) mod_actions: Propagate the handler name to the action script via
+ the REDIRECT_HANDLER environment variable. [André Malo]
+
+ *) mod_actions: Introduce the "virtual" modifier to the Action directive,
+ which allows the use of handlers for virtual locations. PR 8431.
+ [André Malo]
+
+ *) mod_speling: Recognize AcceptPathInfo setting for the particular
+ location. Default is to reject path information. PR 21059.
+ [André Malo]
+
+ *) mod_ext_filter: Add the ability to filter request bodies.
+ [Philipp Reisner ]
+
+ *) Fix some broken log messages in WinNT MPM.
+ [Juan Rivera ]
+
+ *) prefork MPM: Use the right permissions for the directory created
+ for gprof support. [Jim Carlson ]
+
+ *) Fix a compile failure with recent OpenSSL and picky compilers
+ (e.g., OpenSSL 0.9.7a and xlc_r on AIX). [Jeff Trawick]
+
+ *) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
+ the INCLUDE path to be defined properly.
+ PR 11310. [Geoff Thorpe ]
+
+ *) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
+
+ *) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
+ autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
+ [Geoff Thorpe ]
+
+ *) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
+ [Ian Holsman, André Malo]
+
+ *) mod_negotiation: quality values are now parsed independent from
+ the current locale. level values are now really parsed as integers.
+ PR 17564. [André Malo]
+
+ *) Extend mod_negotiation to evaluate the environment variables
+ no-gzip and gzip-only-text/html the same way as mod_deflate does.
+ [André Malo]
+
+ *) mod_rewrite: Fix some problems reporting errors with mapping
+ programs (RewriteMap prg:/something). [Jeff Trawick]
+
+ *) Return 413 if chunk-ext-header is too long rather than reading from
+ the truncated line. PR 15857. [Justin Erenkrantz]
+
+ *) Allow restart of httpd to occur even with syntax errors in the config
+ file. PR 16813. [Justin Erenkrantz]
+
+ *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure. PR 15679.
+ [Justin Erenkrantz]
+
+ *) Remove files on 'make distclean' that should be. PR 15592.
+ [Justin Erenkrantz]
+
+ *) Allow apachectl to perform status with links and elinks as well.
+ [Justin Erenkrantz]
+
+ *) mod_log_config change optional hook to return previous handler
+ [Ian Holsman]
+
+ *) Forward port of mod_actions' ability to handle arbitrary methods
+ with the Script directive. [André Malo]
+
+ *) Let suexec send a message to stderr, if it failed or its policy
+ was violated. This message appears in the error log and allows
+ for easier debugging. PR 5381, 7638, 8255, 10773. [André Malo]
+
+ *) Modify buildconf to copy all required files into httpd's tree.
+ [Thom May ]
+
+ *) Allow mod_dav to do weak entity comparison functions.
+ [Justin Erenkrantz]
+
+ *) Move RFC 1413 ident requests from core to new module mod_ident.
+ [André Malo]
+
+ *) Add mod_authz_owner - a forward port of "Require file-owner"
+ and "Require file-group", which was already present in version
+ 1.3.21. [André Malo]
+
+ *) Add mod_dav_lock - a generic subset of the DAV locking implementation.
+ [Justin Erenkrantz]
+
+ *) Replace some of the mutex locking in the worker MPM with
+ atomic operations for higher concurrency. [Brian Pane]
+
+ *) Allow 'make depend' to work with non-GCC compilers.
+ [Justin Erenkrantz]
+
+ *) If an httpd.conf has commented out AddModule directives,
+ apxs -i -a will add an un-commented AddModule directive for
+ the new module, which breaks the config.
+ PR: 11212 [Joe Orton]
+
+ *) Fix mod_proxy handling of filtered input bodies. [Justin Erenkrantz]
+
+ *) Move the check of the Expect request header field after the hook
+ for ap_post_read_request, since that is the only opportunity for
+ modules to handle Expect extensions. [Justin Erenkrantz]
+
+ *) Rewrite of aaa modules to an authn/authz model.
+ [Dirk-Willem van Gulik, Justin Erenkrantz]
+
+
+ [Apache 2.1.0-dev includes those bug fixes and changes with the
+ Apache 2.0.xx tree as documented, and except as noted, below.]
+
+Changes with Apache 2.0.55
+
+ *) proxy HTTP: Rework the handling of request bodies to handle
+ chunked input and input filters which modify content length, and
+ avoid spooling arbitrary-sized request bodies in memory.
+ PR 15859. [Jeff Trawick]
+
+Changes with Apache 2.0.54
+
+ *) mod_cache: Add CacheIgnoreHeaders directive. PR 30399.
+ [Rüiger Plü ]
+
+ *) mod_ldap: Added the directive LDAPConnectionTimeout to configure
+ the ldap socket connection timeout value.
+ [Brad Nicholes]
+
+ *) worker MPM: Fix a problem which could cause httpd processes to
+ remain active after shutdown. [Jeff Trawick]
+
+ *) Unix MPMs: Shut down the server more quickly when child processes are
+ slow to exit. [Joe Orton, Jeff Trawick]
+
+ *) Remove formatting characters from ap_log_error() calls. These
+ were escaped as fallout from CAN-2003-0020.
+ [Eric Covener ]
+
+ *) mod_ssl: If SSLUsername is used, set r->user earlier. PR 31418.
+ [David Reid]
+
+ *) htdigest: Fix permissions of created files. PR 33765. [Joe Orton]
+
+ *) core_input_filter: Move buckets to a persistent brigade instead of
+ creating a new brigade. This stop a memory leak when proxying a
+ Streaming Media Server. PR 33382. [Paul Querna]
+
+ *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid
+ hiccups from additional path information passed in non-utf-8 format.
+ [Richard Donkin ]
+
+ *) mod_proxy: Fix ProxyRemoteMatch directive. PR 33170.
+ [Rici Lake ]
+
+ *) mod_proxy: Respect errors reported by pre_connection hooks.
+ [Jeff Trawick]
+
+ *) --with-module can now take more than one module to be statically
+ linked: --with-module=:,:,...
+ If the -subdirectory doesn't exist it will be created and
+ populated with a standard Makefile.in. [Erik Abele]
+
+ *) Fix the RPM spec file so that an RPM build now works. An RPM
+ build now requires system installations of APR and APR-util.
+ Remove some arbitrary moving around of binaries - the RPM now
+ maps to the ASF build of httpd.
+ [Graham Leggett]
+
+ *) mod_dumpio, an I/O logging/dumping module, added to the
+ modules/expermimental subdirectory. [Jim Jagielski]
+
+ *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
+ library handles special characters. PR 24437. [Jess Holle]
+
+ *) Win32 MPM: Correct typo in debugging output. [William Rowe]
+
+ *) conf: Remove AddDefaultCharset from the default configuration because
+ setting a site-wide default does more harm than good. PR 23421.
+ [Roy Fielding]
+
+ *) Add charset to example CGI scripts. [Roy Fielding]
+
+ *) mod_ssl: fail quickly if SSL connection is aborted rather than
+ making many doomed ap_pass_brigade calls. PR 32699. [Joe Orton]
+
+ *) Remove compiled-in upper limit on LimitRequestFieldSize.
+ [Bill Stoddard]
+
+ *) Start keeping track of time-taken-to-process-request again for
+ mod_status if ExtendedStatus is enabled. [Jim Jagielski]
+
+ *) mod_proxy: Handle client-aborted connections correctly. PR 32443.
+ [Janne Hietamäki, Joe Orton]
+
+ *) Fix handling of files >2Gb on all platforms (or builds) where
+ apr_off_t is larger than apr_size_t. PR 28898. [Joe Orton]
+
+ *) mod_include: Fix bug which could truncate variable expansions
+ of N*64 characters by one byte. PR 32985. [Joe Orton]
+
+ *) Correct handling of certain bucket types in ap_save_brigade, fixing
+ possible segfaults in mod_cgi with #include virtual. PR 31247.
+ [Joe Orton]
+
+ *) Allow for the use of --with-module=foo:bar where the ./modules/foo
+ directory is local only. Assumes, of course, that the required
+ files are in ./modules/foo, but makes it easier to statically
+ build/log "external" modules. [Jim Jagielski]
+
+ *) Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
+ ldap authorization only modules have access to the util_ldap
+ user cache without having to require ldap authentication as well.
+ PR 31898. [Jari Ahonen jah progress.com, Brad Nicholes]
+
+ *) mod_auth_ldap: Added the directive "Requires ldap-attribute" that
+ allows the module to only authorize a user if the attribute value
+ specified matches the value of the user object. PR 31913
+ [Ryan Morgan ]
+
+ *) SECURITY: CAN-2004-0942 (cve.mitre.org)
+ Fix for memory consumption DoS in handling of MIME folded request
+ headers. [Joe Orton]
+
+ *) SECURITY: CAN-2004-0885 (cve.mitre.org)
+ mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
+ bypassed during an SSL renegotiation. PR 31505.
+ [Hartmut Keil , Joe Orton]
+
+ *) mod_ssl: Fail at startup rather than segfault at runtime if a
+ client cert is configured with an encrypted private key.
+ PR 24030. [Joe Orton]
+
+ *) apxs: fix handling of -Wc/-Wl and "-o mod_foo.so". PR 31448
+ [Joe Orton]
+
+ *) mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
+ [Jeff Trawick]
+
+ *) mod_cache: CacheDisable will only disable the URLs it was meant to
+ disable, not all caching. PR 31128.
+ [Edward Rudd , Paul Querna]
+
+ *) mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
+ cache responses. [Justin Erenkrantz]
+
+ *) mod_rewrite: Handle per-location rules when r->filename is unset.
+ Previously this would segfault or simply not match as expected,
+ depending on the platform. [Jeff Trawick]
+
+ *) mod_rewrite: Fix 0 bytes write into random memory position.
+ PR 31036. [André Malo]
+
+ *) mod_disk_cache: Do not store aborted content. PR 21492.
+ [Rüiger Plü ]
+
+ *) mod_disk_cache: Correctly store cached content type. PR 30278.
+ [Rüiger Plü ]
+
+ *) mod_ldap: prevent the possiblity of an infinite loop in the LDAP
+ statistics display. PR 29216. [Graham Leggett]
+
+ *) mod_ldap: fix a bogus error message to tell the user which file
+ is causing a potential problem with the LDAP shared memory cache.
+ PR 31431 [Graham Leggett]
+
+ *) mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz]
+
+ *) Fix the re-linking issue when purging elements from the LDAP cache
+ PR 24801. [Jess Holle ]
+
+ *) mod_disk_cache: Fix races in saving responses. [Justin Erenkrantz]
+
+ *) Fix Expires handling in mod_cache. [Justin Erenkrantz]
+
+ *) Alter mod_expires to run at a different filter priority to allow
+ proper Expires storage by mod_cache. [Justin Erenkrantz]
+
+Changes with Apache 2.0.52
+
+ *) Use HTML 2.0
for error pages. PR 30732 [André Malo]
+
+ *) Fix the global mutex crash when the global mutex is never allocated
+ due to disabled/empty caches. [Jess Holle ]
+
+ *) Fix a segfault in the LDAP cache when it is configured switched
+ off. [Jess Holle ]
+
+ *) SECURITY: CAN-2004-0811 (cve.mitre.org)
+ Fix merging of the Satisfy directive, which was applied to
+ the surrounding context and could allow access despite configured
+ authentication. PR 31315. [Rici Lake ]
+
+ *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
+ is enabled. Previously, such urls would still be rejected.
+ [Jeff Trawick, Bill Stoddard]
+
+ *) mod_mem_cache: Fixed race condition causing segfault because of memory being
+ freed twice, or reused after being freed.
+ [J. Clar, W. Stoddard, G. Ames]
+
+ *) Add -l option to rotatelogs to let it use local time rather than
+ UTC. PR 24417. [Ken Coar, Uli Zappe ]
+
+ *) mod_log_config: Fix a bug which prevented request completion time
+ from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
+ processing. PR 29696. [Alois Treindl ]
+
+Changes with Apache 2.0.51
+
+ *) SECURITY: CAN-2004-0786 (cve.mitre.org)
+ Fix an input validation issue in apr-util which could be
+ triggered by malformed IPv6 literal addresses. [Joe Orton]
+
+ *) SECURITY: CAN-2004-0747 (cve.mitre.org)
+ Fix buffer overflow in expansion of environment variables in
+ configuration file parsing. [André Malo]
+
+ *) SECURITY: CAN-2004-0809 (cve.mitre.org)
+ mod_dav_fs: Fix a segfault in the handling of an indirect lock
+ refresh. PR 31183. [Joe Orton]
+
+ *) mod_include no longer checks for recursion, because that's done
+ in the core. This allows for careful usage of recursive SSI.
+ [André Malo]
+
+ *) Fix memory leak in the cache handling of mod_rewrite. PR 27862.
+ [chunyan sheng , André Malo]
+
+ *) Include directives no longer refuse to process symlinks on
+ directories. Instead there's now a maximum nesting level
+ of included directories (128 as distributed). This is configurable
+ at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch.
+ PR 28492. [André Malo]
+
+ *) Win32: apache -k start|restart|install|config can leave stranded
+ piped logger processes (eg, rotatelogs.exe) due to improper
+ server shutdown on these code paths.
+ [Bill Stoddard]
+
+ *) SECURITY: CAN-2004-0751 (cve.mitre.org)
+ mod_ssl: Fix a segfault in the SSL input filter which could be
+ triggered if using "speculative" mode, for instance by a
+ proxy request to an SSL server. PR 30134. [Joe Orton]
+
+ *) mod_rewrite: Add %{SSL:...} and %{HTTPS} variable lookups.
+ PR 30464. [Joe Orton, Madhusudan Mathihalli]
+
+ *) mod_ssl: Add new 'ssl_is_https' optional function. [Joe Orton]
+
+ *) Prevent CGI script output which includes a Content-Range header
+ from being passed through the byterange filter. [Joe Orton]
+
+ *) Satisfy directives now can be influenced by a surrounding
+ container. PR 14726. [André Malo]
+
+ *) mod_rewrite now officially supports RewriteRules in sections.
+ PR 27985. [André Malo]
+
+ *) mod_disk_cache: Implement binary format for on-disk header files.
+ [Brian Akins , Justin Erenkrantz]
+
+ *) mod_disk_cache: Optimize network performance of disk cache subsystem by
+ allowing zero-copy (sendfile) writes and other miscellaneous fixes.
+ [Justin Erenkrantz]
+
+ *) mod_cache, mod_disk_cache, mod_mem_cache: Refactor cache modules, and
+ switch to the provider API instead of hooks. [Justin Erenkrantz]
+
+ *) mod_autoindex: Don't truncate the directory listing if a stat()
+ call fails (for instance on a >2Gb file). PR 17357.
+ [Joe Orton]
+
+ *) Makefile fix: httpd is linked against LIBS given to the
+ 'make' invocation. PR 7882. [Joe Orton]
+
+ *) WinNT MPM: Fix a broken log message at termination. PR 28063.
+ [Eider Oliveira ]
+
+ *) Prevent Win32 pool corruption at startup [Allan Edwards]
+
+ *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
+ chosen SSL environment variable. PR 20957.
+ [Martin v. Loewis ]
+
+ *) suexec: Pass the SERVER_SIGNATURE envvar through to CGIs.
+ [Zvi Har'El ]
+
+ *) apachectl: Fix a problem finding envvars if sbindir != bindir.
+ PR 30723. [Friedrich Haubensak ]
+
+ *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz]
+
+ *) SECURITY: CAN-2004-0748 (cve.mitre.org)
+ mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton]
+
+ *) mod_ssl: Avoid startup failure after unclean shutdown if using shmcb.
+ PR 18989. [Joe Orton]
+
+ *) mod_userdir: Ensure that the userdir identity is used for
+ suexec userdir access in a virtual host which has suexec configured.
+ PR 18156. [Joshua Slive]
+
+ *) mod_rewrite no longer confuses the RewriteMap caches if
+ different maps defined in different virtual hosts use the
+ same map name. PR 26462. [André Malo]
+
+ *) mod_setenvif: Remove "support" for Remote_User variable which
+ never worked at all. PR 25725. [André Malo]
+
+ *) Backport from 2.1 / Regression from 1.3: mod_headers now knows
+ again the functionality of the ErrorHeader directive. But instead
+ using this misnomer additional flags to the Header directive were
+ introduced ("always" and "onsuccess", defaulting to the latter).
+ PR 28657. [André Malo]
+
+ *) Use the higher performing 'httpready' Accept Filter on all platforms
+ except FreeBSD < 4.1.1. [Paul Querna]
+
+ *) mod_usertrack: Escape the cookie name before pasting into the
+ regexp. [André Malo]
+
+ *) Extend the SetEnvIf directive to capture subexpressions of the
+ matched value. [André Malo]
+
+ *) Recursive Include directives no longer crash. The server stops
+ including configuration files after a certain nesting level (128
+ as distributed). This is configurable at compile time using the
+ -DAP_MAX_INCLUDE_DEPTH switch. PR 28370. [André Malo]
+
+ *) mod_dir: the trailing-slash behaviour is now configurable using the
+ DirectorySlash directive. [André Malo]
+
+ *) Allow proxying of resources that are invoked via DirectoryIndex.
+ PR 14648, 15112, 29961. [André Malo]
+
+ *) util_ldap: Switched the lock types on the shared memory cache
+ from thread reader/writer locks to global mutexes in order to
+ provide cross process cache protection. [Brad Nicholes]
+
+ *) util_ldap: Reworked the cache locking scheme to eliminate duplicate
+ cache entries in the credentials cache due to race conditions.
+ [Brad Nicholes]
+
+ *) util_ldap: Enhanced the util_ldap cache-info display to show more
+ detail about the contents and current state of the cache.
+ [Brad Nicholes]
+
+ *) Enable the option to support anonymous shared memory in mod_ldap.
+ This makes the cache work on Linux again. [Graham Leggett]
+
+ *) Enable special ErrorDocument value 'default' which restores the
+ canned server response for the scope of the directive.
+ [Geoffrey Young, André Malo]
+
+ *) work around MSIE Digest auth bug - if AuthDigestEnableQueryStringHack
+ is set in r->subprocess_env allow mismatched query strings to pass.
+ PR 27758. [Paul Querna, Geoffrey Young]
+
+ *) Accept URLs for the ServerAdmin directive. If the supplied
+ argument is not recognized as an URL, assume it's a mail address.
+ PR 28174. [André Malo, Paul Querna]
+
+ *) initialize server arrays prior to calling ap_setup_prelinked_modules
+ so that static modules can push Defines values when registering
+ hooks just like DSO modules can ["Philippe M. Chiasson" ]
+
+ *) Small fix to allow reverse proxying to an ftp server. Previously
+ an attempt to do this would try and connect to 0.0.0.0, regardless
+ of the server specified. PR 24922
+ [Pascal Terjan ]
+
+ *) Add the NOTICE file to the rpm spec file in compliance with the
+ Apache v2.0 license. [Graham Leggett]
+
+ *) RPM spec file changes: changed default dependancy to link to db4
+ instead of db3. Fixed complaints about unpackaged files.
+ [Graham Leggett]
+
+Changes with Apache 2.0.50
+
+ *) SECURITY: CAN-2004-0493 (cve.mitre.org)
+ Close a denial of service vulnerability identified by Georgi
+ Guninski which could lead to memory exhaustion with certain
+ input data. [Jeff Trawick]
+
+ *) mod_cgi: Handle output on stderr during script execution on Unix
+ platforms; preventing deadlock when stderr output fills pipe buffer.
+ Also fixes case where stderr from nph- scripts could be lost.
+ PR 22030, 18348. [Joe Orton, Jeff Trawick]
+
+ *) mod_alias now emits a warning if it detects overlapping *Alias*
+ directives. [André Malo]
+
+ *) mod_rewrite no longer turns forward proxy requests into reverse proxy
+ requests. PR 28125 [ast domdv.de, André Malo]
+
+ *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
+ exported on Win32 and Netware as well (minor MMN bump). PR 28523.
+ [Edward Rudd , André Malo]
+
+ *) Restore the ability to disable the use of AcceptEx on Win9x systems
+ automatically (broken in 2.0.49). PR 28529. [André Malo]
+
+ *) now applies to all IP addresses for myhost
+ instead of just the first one reported by the resolver. This
+ corrects a regression since 1.3. [Jeff Trawick]
+
+ *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
+ against ServerRoot PR#26602 [Brad Nicholes]
+
+ *) SECURITY: CAN-2004-0488 (cve.mitre.org)
+ mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
+ (trusted) client certificate subject DN which exceeds 6K in length.
+ [Joe Orton]
+
+ *) mod_dav_fs: Fix MKCOL response for missing parent collections, which
+ caused issues for the Eclipse WebDAV extension.
+ PR 29034. [Joe Orton]
+
+ *) mod_deflate: Fix memory consumption (which was proportional to the
+ response size). PR 29318. [Joe Orton]
+
+ *) mod_ssl: Log the errors returned on failure to load or initialize
+ a crypto accelerator engine. [Joe Orton]
+
+ *) Allow RequestHeader directives to be conditional. PR 27951.
+ [Vincent Deffontaines , André Malo]
+
+ *) Allow LimitRequestBody to be reset to unlimited. PR 29106
+ [André Malo]
+
+ *) Fix a bunch of cases where the return code of the regex compiler
+ was not checked properly. This affects: mod_setenvif, mod_usertrack,
+ mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
+
+ *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
+ small cache sizes. PR 27751. [Geoff Thorpe ]
+
+ *) Remove 2Gb log file size restriction on some 32-bit platforms.
+ PR 13511. [Joe Orton]
+
+ *) mod_logio no longer removes the EOS bucket. PR 27928.
+ [Bojan Smojver ]
+
+ *) htpasswd no longer refuses to process files that contain empty
+ lines. [André Malo]
+
+ *) Regression from 1.3: At startup, suexec now will be checked for
+ availability, the setuid bit and user root. The works only if
+ httpd is compiled with the shipped APR version (0.9.5).
+ PR 28287. [André Malo]
+
+ *) Unix MPMs: Stop dropping connections when the file descriptor
+ is at least FD_SETSIZE. [Jeff Trawick]
+
+ *) Fix handling of IPv6 numeric strings in mod_proxy. [Jeff Trawick]
+
+ *) mod_isapi: send_response_header() failed to copy status string's
+ last character. PR 20619. [Jesse Pelton ]
+
+ *) Fix a segfault when requests for shared memory fails and returns
+ NULL. Fix a segfault caused by a lack of bounds checking on the
+ cache. PR 24801. [Graham Leggett]
+
+ *) Throw an error message if an attempt is made to use the LDAPTrustedCA
+ or LDAPTrustedCAType directives in a VirtualHost. PR 26390
+ [Brad Nicholes]
+
+ *) Fix a potential segfault if the bind password in the LDAP cache
+ is NULL. PR 28250. [Jari Ahonen ]
+
+ *) Quotes cannot be used around require group and require dn
+ directives, update the documentation to reflect this. Also add
+ quotes around the dn and group within debug messages, to make it
+ more obvious why authentication is failing if quotes are used in
+ error. PR 19304. [Graham Leggett]
+
+ *) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
+ from escaping filters twice when the backslash character is used.
+ PR 24437. [Jess Holle ]
+
+ *) Overhaul handling of LDAP error conditions, so that the util_ldap_*
+ functions leave the connections in a sane state after errors have
+ occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
+ 27271 [Graham Leggett]
+
+ *) mod_ldap calls ldap_simple_bind_s() to validate the user
+ credentials. If the bind fails, the connection is left
+ in an unbound state. Make sure that the ldap connection
+ record is updated to show that the connection is no longer
+ bound. [Brad Nicholes]
+
+ *) Ensure that lines in the request which are too long are
+ properly terminated before logging.
+ [Tsurutani Naoki ]
+
+ *) Update the bind credentials for the cached LDAP connection to
+ reflect the last bind. This prevents util_ldap from creating
+ unnecessary connections rather than reusing cached connections.
+ [Brad Nicholes]
+
+ *) mod_isapi: GetServerVariable returned improperly terminated header
+ fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
+ [Jesse Pelton ]
+
+ *) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
+ size. PR 20617. [Jesse Pelton ]
+
+ *) mod_dav: Fix a problem that could cause crashes when manipulating
+ locks on some platforms. [Jeff Trawick]
+
+ *) mod_headers no longer crashes if an empty header value should
+ be added. [André Malo]
+
+ *) Fix segfault in mod_expires, which occured under certain
+ circumstances. PR 28047. [André Malo]
+
+ *) htpasswd: use apr_temp_dir_get() and general cleanup
+ [Guenter Knauf , Thom May]
+
+ *) mod_ssl: Fix memory leak in session cache handling. PR 26562
+ [Madhusudan Mathihalli]
+
+ *) mod_ssl: Fix potential segfaults when performing SSL shutdown from
+ a pool cleanup. PR 27945. [Joe Orton]
+
+ *) Add forensic logging module (mod_log_forensic).
+ [Ben Laurie]
+
+ *) logresolve: Allow size of log line buffer to be overridden at
+ build time (MAXLINE). PR 27793. [Jeff Trawick]
+
+ *) Fix the comment delimiter in htdbm so that it correctly parses the
+ username comment. Also add a terminate function to allow NetWare
+ to pause the output before the screen is destroyed.
+ [Guenter Knauf , Brad Nicholes]
+
+ *) Fix crash when Apache was started with no Listen directives.
+ [Michael Corcoran ]
+
+ *) core_output_filter: Fix bug that could result in sending
+ garbage over the network when module handlers construct
+ bucket brigades containing multiple file buckets all referencing
+ the same open file descriptor. [Bojan Smojver]
+
+ *) Fix memory corruption problem with ap_custom_response() function.
+ The core per-dir config would later point to request pool data
+ that would be reused for different purposes on different requests.
+ [Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]
+
+ *) Win32: Tweak worker thread accounting routines to eliminate
+ server hang when number of Listen directives in httpd.conf
+ is greater than or equal to the setting of ThreadsPerChild.
+ [Bill Stoddard]
+
+Changes with Apache 2.0.49
+
+ *) SECURITY: CAN-2004-0174 (cve.mitre.org)
+ Fix starvation issue on listening sockets where a short-lived
+ connection on a rarely-accessed listening socket will cause a
+ child to hold the accept mutex and block out new connections until
+ another connection arrives on that rarely-accessed listening socket.
+ With Apache 2.x there is no performance concern about enabling the
+ logic for platforms which don't need it, so it is enabled everywhere
+ except for Win32. [Jeff Trawick]
+
+ *) mod_cgid: Fix storage corruption caused by use of incorrect pool.
+ [Jeff Trawick]
+
+ *) Win32: find_read_listeners was not correctly handling multiple
+ listeners on the Win32DisableAcceptEx path. [Bill Stoddard]
+
+ *) Fix bug in mod_usertrack when no CookieName is set. PR 24483.
+ [Manni Wood ]
+
+ *) Fix some piped log problems: bogus "piped log program '(null)'
+ failed" messages during restart and problem with the logger
+ respawning again after Apache is stopped. PR 21648, PR 24805.
+ [Jeff Trawick]
+
+ *) Fixed file extensions for real media files and removed rpm extension
+ from mime.types. PR 26079. [Allan Sandfeld ]
+
+ *) Remove compile-time length limit on request strings. Length is
+ now enforced solely with the LimitRequestLine config directive.
+ [Paul J. Reder]
+
+ *) mod_ssl: Send the Close Alert message to the peer before closing
+ the SSL session. PR 27428. [Madhusudan Mathihalli, Joe Orton]
+
+ *) SECURITY: CVE-2004-0113 (cve.mitre.org)
+ mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
+ PR 27106. [Joe Orton]
+
+ *) mod_ssl: Fix bug in passphrase handling which could cause spurious
+ failures in SSL functions later. PR 21160. [Joe Orton]
+
+ *) mod_log_config: Fix corruption of buffered logs with threaded
+ MPMs. PR 25520. [Jeff Trawick]
+
+ *) Fix mod_include's expression parser to recognize strings correctly
+ even if they start with an escaped token. [André Malo]
+
+ *) Add fatal exception hook for use by diagnostic modules. The hook
+ is only available if the --enable-exception-hook configure parm
+ is used and the EnableExceptionHook directive has been set to
+ "on". [Jeff Trawick]
+
+ *) Allow mod_auth_digest to work with sub-requests with different
+ methods than the original request. PR 25040.
+ [Josh Dady ]
+
+ *) fix "Expected > but saw " errors in nested,
+ argumentless containers.
+ ["Philippe M. Chiasson" ]
+
+ *) mod_auth_ldap: Fix some segfaults in the cache logic. PR 18756.
+ [Matthieu Estrade , Brad Nicholes]
+
+ *) mod_cgid: Restart the cgid daemon if it crashes. PR 19849
+ [Glenn Nielsen ]
+
+ *) The whole codebase was relicensed and is now available under
+ the Apache License, Version 2.0 (http://www.apache.org/licenses).
+ [Apache Software Foundation]
+
+ *) Fixed cache-removal order in mod_mem_cache.
+ [Jean-Jacques Clar, Cliff Woolley]
+
+ *) mod_setenvif: Fix the regex optimizer, which under circumstances
+ treated the supplied regex as literal string. PR 24219.
+ [André Malo]
+
+ *) ap_mpm.h: Fix include guard of ap_mpm.h to reference mpm
+ instead of mmn. [André Malo]
+
+ *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
+ could lead to a 400 (Bad Request) response. [André Malo]
+
+ *) Keep focus of ITERATE and ITERATE2 on the current module when
+ the module chooses to return DECLINE_CMD for the directive.
+ PR 22299. [Geoffrey Young ]
+
+ *) Add support for IMT minor-type wildcards (e.g., text/*) to
+ ExpiresByType. PR#7991 [Ken Coar]
+
+ *) Fix segfault in mod_mem_cache cache_insert() due to cache size
+ becoming negative. PR: 21285, 21287
+ [Bill Stoddard, Massimo Torquati, Jean-Jacques Clar]
+
+ *) core.c: If large file support is enabled, allow any file that is
+ greater than AP_MAX_SENDFILE to be split into multiple buckets.
+ This allows Apache to send files that are greater than 2gig.
+ Otherwise we run into 32/64 bit type mismatches in the file size.
+ [Brad Nicholes]
+
+ *) proxy_http fix: mod_proxy hangs when both KeepAlive and
+ ProxyErrorOverride are enabled, and a non-200 response without a
+ body is generated by the backend server. (e.g.: a client makes a
+ request containing the "If-Modified-Since" and "If-None-Match"
+ headers, to which the backend server respond with status 304.)
+ [Graham Wiseman , Richard Reiner]
+
+ *) mod_dav: Reject requests which include an unescaped fragment in the
+ Request-URI. PR 21779. [Amit Athavale ]
+
+ *) Build array of allowed methods with proper dimensions, fixing
+ possible memory corruption. [Jeff Trawick]
+
+ *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
+ PR 15057. [Otmar Lendl ]
+
+ *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
+ [Joe Orton]
+
+ *) mod_usertrack no longer inspects the Cookie2 header for
+ the cookie name. PR 11475. [Chris Darrochi ]
+
+ *) mod_usertrack no longer overwrites other cookies.
+ PR 26002. [Scott Moore ]
+
+ *) worker MPM: fix stack overlay bug that could cause the parent
+ process to crash. [Jeff Trawick]
+
+ *) Win32: Add Win32DisableAcceptEx directive. This Windows
+ NT/2000/CP directive is useful to work around bugs in some
+ third party layered service providers like virus scanners,
+ VPN and firewall products, that do not properly handle
+ WinSock 2 APIs. Use this directive if your server is issuing
+ AcceptEx failed messages.
+ [Allan Edwards, Bill Rowe, Bill Stoddard, Jeff Trawick]
+
+ *) Make REMOTE_PORT variable available in mod_rewrite.
+ PR 25772. [André Malo]
+
+ *) Fix a long delay with CGI requests and keepalive connections on
+ AIX. [Jeff Trawick]
+
+ *) mod_autoindex: Add 'XHTML' option in order to allow switching between
+ HTML 3.2 and XHTML 1.0 output. PR 23747. [André Malo]
+
+ *) Add XHTML Document Type Definitions to httpd.h (minor MMN bump).
+ [André Malo]
+
+ *) mod_ssl: Advertise SSL library version as determined at run-time rather
+ than at compile-time. PR 23956. [Eric Seidel ]
+
+ *) mod_ssl: Fix segfault on a non-SSL request if the 'c' log
+ format code is used. PR 22741. [Gary E. Miller ]
+
+ *) Fix build with parallel make. PR 24643. [Joe Orton]
+
+ *) mod_rewrite: In external rewrite maps lookup keys containing
+ a newline now cause a lookup failure. PR 14453.
+ [Cedric Gavage , André Malo]
+
+ *) Backport major overhaul of mod_include's filter parser from 2.1.
+ The new parser code is expected to be more robust and should
+ catch all of the edge cases that were not handled by the previous one.
+ The 2.1 external API changes were hidden by a wrapper which is
+ expected to keep the API backwards compatible. [André Malo]
+
+ *) Add a hook (insert_error_filter) to allow filters to re-insert
+ themselves during processing of error responses. Enable mod_expires
+ to use the new hook to include Expires headers in valid error
+ responses. This addresses an RFC violation. It fixes PRs 19794,
+ 24884, and 25123. [Paul J. Reder]
+
+ *) Add Polish translation of error messages. PR 25101.
+ [Tomasz Kepczynski ]
+
+ *) Add AP_MPMQ_MPM_STATE function code for ap_mpm_query. (Not yet
+ supported for BeOS or OS/2 MPMs.) [Jeff Trawick, Brad Nicholes,
+ Bill Stoddard]
+
+ *) Add mod_status hook to allow modules to add to the mod_status
+ report. [Joe Orton]
+
+ *) Fix htdbm to generate comment fields in DBM files correctly.
+ [Justin Erenkrantz]
+
+ *) mod_dav: Use bucket brigades when reading PUT data. This avoids
+ problems if the data stream is modified by an input filter. PR 22104.
+ [Tim Robbins , André Malo]
+
+ *) Fix RewriteBase directive to not add double slashes. [André Malo]
+
+ *) Improve 'configure --help' output for some modules. [Astrid Keßler]
+
+ *) Correct UseCanonicalName Off to properly check incoming port number.
+ [Jim Jagielski]
+
+ *) Fix slow graceful restarts with prefork MPM. [Joe Orton]
+
+ *) Fix a problem with namespace mappings being dropped in mod_dav_fs;
+ if any property values were set which defined namespaces these
+ came out mangled in the PROPFIND response. PR 11637.
+ [Amit Athavale ]
+
+ *) mod_dav: Return a WWW-auth header for MOVE/COPY requests where
+ the destination resource gives a 401. PR 15571. [Joe Orton]
+
+ *) SECURITY: CVE-2003-0020 (cve.mitre.org)
+ Escape arbitrary data before writing into the errorlog. Unescaped
+ errorlogs are still possible using the compile time switch
+ "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo]
+
+ *) mod_autoindex / core: Don't fail to show filenames containing
+ special characters like '%'. PR 13598. [André Malo]
+
+ *) mod_status: Report total CPU time accurately when using a threaded
+ MPM. PR 23795. [Jeff Trawick]
+
+ *) Fix memory leak in handling of request bodies during reverse
+ proxy operations. PR 24991. [Larry Toppi ]
+
+ *) Win32 MPM: Implement MaxMemFree to enable setting an upper
+ limit on the amount of storage used by the bucket brigades
+ in each server thread. [Bill Stoddard]
+
+ *) Modified the cache code to be header-location agnostic. Also
+ fixed a number of other cache code bugs related to PR 15852.
+ Includes a patch submitted by Sushma Rai .
+ This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
+ closing the PR since that is what they are using. [Paul J. Reder]
+
+ *) complain via error_log when mod_include's INCLUDES filter is
+ enabled, but the relevant Options flag allowing the filter to run
+ for the specific resource wasn't set, so that the filter won't
+ silently get skipped. next remove itself, so the warning will be
+ logged only once [Stas Bekman, Jeff Trawick, Bill Rowe]
+
+ *) mod_info: HTML escape configuration information so it displays
+ correctly. PR 24232. [Thom May]
+
+ *) Restore the ability to add a description for directories that
+ don't contain an index file. (Broken in 2.0.48) [André Malo]
+
+ *) Fix a problem with the display of empty variables ("SetEnv foo") in
+ mod_include. PR 24734 [Markus Julen ]
+
+ *) mod_log_config: Log the minutes component of the timezone correctly.
+ PR 23642. [Hong-Gunn Chew ]
+
+ *) mod_proxy: Fix cases where an invalid status-line could be sent
+ to the client. PR 23998. [Joe Orton]
+
+ *) mod_ssl: Fix segfaults at startup if other modules which use OpenSSL
+ are also loaded. [Joe Orton]
+
+ *) mod_ssl: Use human-readable OpenSSL error strings in logs; use
+ thread-safe interface for retrieving error strings. [Joe Orton]
+
+ *) mod_expires: Initialize ExpiresDefault to NULL instead of "" to
+ avoid reporting an Internal Server error if it is used without
+ having been set in the httpd.conf file. PR: 23748, 24459
+ [Andre Malo, Liam Quinn ]
+
+ *) mod_autoindex: Don't omit the start tag if the SuppressIcon
+ option is set. PR 21668. [Jesse Tie-Ten-Quee ]
+
+ *) mod_include no longer allows an ETag header on 304 responses.
+ PR 19355. [Geoffrey Young , André Malo]
+
+ *) EBCDIC: Convert header fields to ASCII before sending (broken
+ since 2.0.44). [Martin Kraemer]
+
+ *) Fix the inability to log errors like exec failure in
+ mod_ext_filter/mod_cgi script children. This was broken after
+ such children stopped inheriting the error log handle.
+ [Jeff Trawick]
+
+ *) Fix mod_info to use the real config file name, not the default
+ config file name. [Aryeh Katz ]
+
+ *) Set the scoreboard state to indicate logging prior to running
+ logging hooks so that server-status will show 'L' for hung loggers
+ instead of 'W'. [Jeff Trawick]
+
+Changes with Apache 2.0.48
+
+ *) SECURITY: CAN-2003-0789 (cve.mitre.org)
+ mod_cgid: Resolve some mishandling of the AF_UNIX socket used to
+ communicate with the cgid daemon and the CGI script.
+ [Jeff Trawick]
+
+ *) SECURITY: CAN-2003-0542 (cve.mitre.org)
+ Fix buffer overflows in mod_alias and mod_rewrite which occurred
+ if one configured a regular expression with more than 9 captures.
+ [André Malo]
+
+ *) mod_include: fix segfault which occured if the filename was not
+ set, for example, when processing some error conditions.
+ PR 23836. [Brian Akins , André Malo]
+
+ *) fix the config parser to support .. containers (no
+ arguments in the opening tag) supported by httpd 1.3. Without
+ this change mod_perl 2.0's sections are broken.
+ ["Philippe M. Chiasson" ]
+
+ *) mod_cgid: fix a hash table corruption problem which could
+ result in the wrong script being cleaned up at the end of a
+ request. [Jeff Trawick]
+
+ *) Update httpd-*.conf to be clearer in describing the connection
+ between AddType and AddEncoding for defining the meaning of
+ compressed file extensions. [Roy Fielding]
+
+ *) mod_rewrite: Don't die silently when failing to open RewriteLogs.
+ PR 23416. [André Malo]
+
+ *) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
+ rewritten request using "proxy:". The code was adding multiple "proxy:"
+ fields in the rewritten URI. PR: 13946.
+ [Eider Oliveira ]
+
+ *) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
+ expires as directed in RFC 2616. [Thomas Castelle ]
+
+ *) Ensure that ssl-std.conf is generated at configure time, and switch
+ to using the expanded config variables to work the same as
+ httpd-std.conf PR: 19611
+ [Thom May]
+
+ *) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
+ [Hartmut Keil ]
+
+ *) mod_autoindex: If a directory contains a file listed in the
+ DirectoryIndex directive, the folder icon is no longer replaced
+ by the icon of that file. PR 9587.
+ [David Shane Holden ]
+
+ *) Fixed mod_usertrack to not get false positive matches on the
+ user-tracking cookie's name. PR 16661.
+ [Manni Wood ]
+
+ *) mod_cache: Fix the cache code so that responses can be cached
+ if they have an Expires header but no Etag or Last-Modified
+ headers. PR 23130.
+ []
+
+ *) mod_log_config: Fix %b log format to write really "-" when 0 bytes
+ were sent (e.g. with 304 or 204 response codes). [Astrid Keßler]
+
+ *) Modify ap_get_client_block() to note if it has seen EOS.
+ [Justin Erenkrantz]
+
+ *) Fix a bug, where mod_deflate sometimes unconditionally compressed the
+ content if the Accept-Encoding header contained only other tokens than
+ "gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo]
+
+ *) Avoid an infinite recursion, which occured if the name of an included
+ config file or directory contained a wildcard character. PR 22194.
+ [André Malo]
+
+ *) mod_ssl: Fix a problem setting variables that represent the
+ client certificate chain. PR 21371 [Jeff Trawick]
+
+ *) Unix: Handle permissions settings for flock-based mutexes in
+ unixd_set_global|proc_mutex_perms(). Allow the functions to be
+ called for any type of mutex. PR 20312 [Jeff Trawick]
+
+ *) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
+
+ *) Fix a misleading message from the some of the threaded MPMs when
+ MaxClients has to be lowered due to the setting of ServerLimit.
+ [Jeff Trawick]
+
+ *) Lower the severity of the "listener thread didn't exit" message
+ to debug, as it is of interest only to developers. PR 9011
+ [Jeff Trawick]
+
+ *) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
+ [Cliff Woolley, Jean-Jacques Clar]
+
+ *) Install config.nice into the build/ directory to make
+ minor version upgrades easier. [Joshua Slive]
+
+ *) Fix mod_deflate so that it does not call deflate() without checking
+ first whether it has something to deflate. (Currently this causes
+ deflate to generate a fatal error according to the zlib spec.)
+ PR 22259. [Stas Bekman]
+
+ *) mod_ssl: Fix FakeBasicAuth for subrequest. Log an error when an
+ identity spoof is encountered.
+ [Sander Striker]
+
+ *) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
+ containing the .htaccess file is requested without a trailing slash.
+ PR 20195. [André Malo]
+
+ *) ab: Overlong credentials given via command line no longer clobber
+ the buffer. [André Malo]
+
+ *) mod_deflate: Don't attempt to hold all of the response until we're
+ done. [Justin Erenkrantz]
+
+ *) Assure that we block properly when reading input bodies with SSL.
+ PR 19242. [David Deaves , William Rowe]
+
+ *) Update mime.types to include latest IANA and W3C types. [Roy Fielding]
+
+ *) mod_ext_filter: Set additional environment variables for use by
+ the external filter. PR 20944. [Andrew Ho, Jeff Trawick]
+
+ *) Fix buildconf errors when libtool version changes. [Jeff Trawick]
+
+ *) Remember an authenticated user during internal redirects if the
+ redirection target is not access protected and pass it
+ to scripts using the REDIRECT_REMOTE_USER environment variable.
+ PR 10678, 11602. [André Malo]
+
+ *) mod_include: Fix a trio of bugs that would cause various unusual
+ sequences of parsed bytes to omit portions of the output stream.
+ PR 21095. [Ron Park , André Malo, Cliff Woolley]
+
+ *) Update the header token parsing code to allow LWS between the
+ token word and the ':' seperator. [PR 16520]
+ [Kris Verbeeck , Nicel KM ]
+
+ *) Eliminate creation of a temporary table in ap_get_mime_headers_core()
+ [Joe Schaefer ]
+
+ *) Added FreeBSD directory layout. PR 21100.
+ [Sander Holthaus , André Malo]
+
+ *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
+ response. PR 21085. [Glenn Nielsen , André Malo]
+
+ *) mod_rewrite: Perform child initialization on the rewrite log lock.
+ This fixes a log corruption issue when flock-based serialization
+ is used (e.g., FreeBSD). [Jeff Trawick]
+
+ *) Don't respect the Server header field as set by modules and CGIs.
+ As with 1.3, for proxy requests any such field is from the origin
+ server; otherwise it will have our server info as controlled by
+ the ServerTokens directive. [Jeff Trawick]
+
+Changes with Apache 2.0.47
+
+ *) SECURITY: CAN-2003-0192 (cve.mitre.org)
+ Fixed a bug whereby certain sequences of per-directory
+ renegotiations and the SSLCipherSuite directive being used to
+ upgrade from a weak ciphersuite to a strong one could result in
+ the weak ciphersuite being used in place of the strong one.
+ [Ben Laurie]
+
+ *) SECURITY: CAN-2003-0253 (cve.mitre.org)
+ Fixed a bug in prefork MPM causing temporary denial of service
+ when accept() on a rarely accessed port returns certain errors.
+ Reported by Saheed Akhtar . [Jeff Trawick]
+
+ *) SECURITY: CAN-2003-0254 (cve.mitre.org)
+ Fixed a bug in ftp proxy causing denial of service when target
+ host is IPv6 but proxy server can't create IPv6 socket. Fixed by
+ the reporter. [Yoshioka Tsuneo ]
+
+ *) SECURITY [VU#379828] Prevent the server from crashing when entering
+ infinite loops. The new LimitInternalRecursion directive configures
+ limits of subsequent internal redirects and nested subrequests, after
+ which the request will be aborted. PR 19753 (and probably others).
+ [William Rowe, Jeff Trawick, André Malo]
+
+ *) core_output_filter: don't split the brigade after a FLUSH bucket if
+ it's the last bucket. This prevents creating unneccessary empty
+ brigades which may not be destroyed until the end of a keepalive
+ connection.
+ [Juan Rivera ]
+
+ *) Add support for "streamy" PROPFIND responses.
+ [Ben Collins-Sussman ]
+
+ *) mod_cgid: Eliminate a double-close of a socket. This resolves
+ various operational problems in a threaded MPM, since on the
+ second attempt to close the socket, the same descriptor was
+ often already in use by another thread for another purpose.
+ [Jeff Trawick]
+
+ *) mod_negotiation: Introduce "prefer-language" environment variable,
+ which allows to influence the negotiation process on request basis
+ to prefer a certain language. [André Malo]
+
+ *) Make mod_expires' ExpiresByType work properly, including for
+ dynamically-generated documents. [Ken Coar, Bill Stoddard]
+
+Changes with Apache 2.0.46
+
+ *) SECURITY: CAN-2003-0245 (cve.mitre.org)
+ Fixed a bug causing apr_pvsprintf() to crash by sending an overly
+ long string. This can be triggered remotely through mod_dav,
+ mod_ssl, and other mechanisms.
+ Reported by David Endler . [Joe Orton]
+
+ *) SECURITY: CAN-2003-0189 (cve.mitre.org)
+ Fixed a denial-of-service vulnerability affecting basic
+ authentication on Unix platforms related to thread-safety in
+ apr_password_validate().
+ Reported by John Hughes .
+
+ *) Fix for mod_dav. Call the 'can_be_activity' callback, if provided,
+ when a MKACTIVITY request comes in.
+ [Ben Collins-Sussman ]
+
+ *) Perform run-time query in apxs for apr and apr-util's includes.
+ [Justin Erenkrantz]
+
+ *) run libtool from the apr install directory (in case that is different
+ from the apache install directory) [Jeff Trawick]
+
+ *) configure.in: Play nice with libtool-1.5. [Wilfredo Sanchez]
+
+ *) If mod_mime_magic does not know the content-type, do not attempt to
+ guess. PR 16908. [Andrew Gapon ]
+
+ *) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
+ caching. PR 17864.
+ [Andreas Leimbacher , Madhusudan Mathihalli]
+
+ *) Add a delete flag to htpasswd.
+ [Thom May]
+
+ *) Fix mod_rewrite's handling of absolute URIs. The escaping routines
+ now work scheme dependent and the query string will only be
+ appended if supported by the particular scheme. [André Malo]
+
+ *) Add another check for already compressed content in mod_deflate.
+ PR 19913. [Tsuyoshi SASAMOTO ]
+
+ *) Fixes for VPATH builds; copying special.mk and any future .mk files
+ from the source tree as well as the build tree (now creates a usable
+ configuration for apxs), and eliminated redundant -I'nclude paths.
+ [William Rowe]
+
+ *) Code fixes, constness corrections and ssl_toolkit_compat.h updates
+ for SSLC and OpenSSL toolkit compatibility. Still work remains to
+ be done to cripple features based on the limitations of RSA's binary
+ distribution of their SSL-C toolkit.
+ [William Rowe, Madhusudan Mathihalli, Jeff Trawick]
+
+ *) Linux 2.4+: If Apache is started as root and you code
+ CoreDumpDirectory, coredumps are enabled via the prctl() syscall.
+ [Greg Ames]
+
+ *) ap_get_mime_headers_core: allocate space for the trailing null
+ when folding is in effect.
+ PR 18170 [Peter Mayne ]
+
+ *) Fix --enable-mods-shared=most and other variants. [Aaron Bannert]
+
+ *) mod_log_config: Add the ability to log the id of the thread
+ processing the request via new %P formats. [Jeff Trawick]
+
+ *) Use appropriate language codes for Czech (cs) and Traditional Chinese
+ (zh-tw) in default config files. PR 9427. [André Malo]
+
+ *) mod_auth_ldap: Use generic whitespace character class when parsing
+ "require" directives, instead of literal spaces only. PR 17135.
+ [André Malo]
+
+ *) Hook mod_rewrite's type checker before mod_mime's one. That way the
+ RewriteRule [T=...] Flag should work as expected now. PR 19626.
+ [André Malo]
+
+ *) htpasswd: Check the processed file on validity. If a line is not empty
+ and not a comment, it must contain at least one colon. Otherwise exit
+ with error code 7. [Kris Verbeeck , Thom May]
+
+ *) Fix a problem that caused httpd to be linked with incorrect flags
+ on some platforms when mod_so was enabled by default, breaking
+ DSOs on AIX. PR 19012 [Jeff Trawick]
+
+ *) By default, use the same CC and CPP with which APR was built.
+ The user can override with CC and CPP environment variables.
+ [Jeff Trawick]
+
+ *) Fix ap_construct_url() so that it surrounds IPv6 literal address
+ strings with []. This fixes certain types of redirection.
+ PR 19207. [Jeff Trawick]
+
+ *) forward port of buffer overflow fixes for htdigest. [Thom May]
+
+ *) Added AllowEncodedSlashes directive to permit control of whether
+ the server will accept encoded slashes ('%2f') in the URI path.
+ Default condition is off (the historical behaviour). This permits
+ environments in which the path-info needs to contain encoded
+ slashes. PR 543, 2389, 3581, 3589, 5687, 7066, 7865, 14639. [Ken Coar]
+
+ *) When using Redirect in directory context, append requested query
+ string if there's no one supplied by configuration. PR 10961.
+ [André Malo]
+
+ *) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise
+ the pattern will not always match as desired. PR 12596.
+ [André Malo]
+
+ *) mod_autoindex now emits and accepts modern query string parameter
+ delimiters (;). Thus column headers no longer contain unescaped
+ ampersands. PR 10880 [André Malo]
+
+ *) Enable ap_sock_disable_nagle for Windows. This along with the
+ addition of APR_TCP_NODELAY_INHERITED to apr.hw will cause Nagle
+ to be disabled for Windows. [Allan Edwards]
+
+ *) Correct a mis-correlation between mpm_common.c and mpm_common.h;
+ This patch reverts us to pre-2.0.46 behavior, using the
+ ap_sock_disable_nagle noop macro, because ap_sock_disable_nagle
+ was never compiled on Win32. [Allan Edwards, William Rowe]
+
+ *) Fix a build problem with passing unsupported --enable-layout
+ args to apr and apr-util. This broke binbuild.sh as well as
+ user-specified layout parameters. PR 18649 [Justin Erenkrantz,
+ Jeff Trawick]
+
+ *) If a Date response header was already set in the headers array,
+ this value was ignored in favour of the current time. This meant
+ that Date headers on proxied requests where rewritten when they
+ should not have been. PR: 14376 [Graham Leggett]
+
+ *) Add code to buildconf that produces an httpd.spec file from
+ httpd.spec.in, using build/get-version.sh from APR.
+ [Graham Leggett]
+
+ *) Fixed a segfault when multiple ProxyBlock directives were used.
+ PR: 19023 [Sami Tikka ]
+
+ *) SECURITY: CAN-2003-0134 (cve.mitre.org)
+ OS2: Fix a Denial of Service vulnerability identified and
+ reported by Robert Howard that where device
+ names faulted the running OS2 worker process. The fix is
+ actually in APR 0.9.4. [Brian Havard]
+
+ *) Forward port: Escape special characters (especially control
+ characters) in mod_log_config to make a clear distinction between
+ client-supplied strings (with special characters) and server-side
+ strings. This was already introduced in version 1.3.25.
+ [André Malo]
+
+ *) mod_deflate: Check also err_headers_out for an already set
+ Content-Encoding: gzip header. This prevents gzip compressed content
+ from a CGI script from being compressed once more. PR 17797.
+ [André Malo]
+
+Changes with Apache 2.0.45
+
+ *) Fix possible segfaults under obscure error conditions within the
+ cgid daemon. [Jeff Trawick, William Rowe]
+
+ *) SECURITY: CAN-2003-0132 (cve.mitre.org)
+ Close a Denial of Service vulnerability identified by David
+ Endler on all platforms. An unlimited
+ stream of newlines were acceptable between requests where each
+ would allocate an 80 byte buffer, leading very quickly to
+ memory exahustion. [Brian Pane]
+
+ *) Added an rpm build script.
+ [Graham Leggett, Joe Orton ]
+
+ *) Simpler, faster code path for request header scanning [Brian Pane]
+
+ *) SECURITY: Eliminated leaks of several file descriptors to child
+ processes, such as CGI scripts. This fix depends on the APR library
+ release 0.9.2 or later (0.9.3 was distributed with the httpd
+ source tarball for Apache 2.0.45.) PR 17206
+ [Christian Kratzer , Bjoern A. Zeeb ]
+
+ *) Fix path handling of mod_rewrite, especially on non-unix systems.
+ There was some confusion between local paths and URL paths.
+ PR 12902. [André Malo]
+
+ *) Prevent endless loops of internal redirects in mod_rewrite by
+ aborting after exceeding a limit of internal redirects. The
+ limit defaults to 10 and can be changed using the RewriteOptions
+ directive. PR 17462. [André Malo]
+
+ *) Win32: Avoid busy wait (consuming all the CPU idle cycles) when
+ all worker threads are busy.
+ [Igor Nazarenko ]
+
+ *) Keep the subrequest filter in place when a subrequest is
+ redirected. PR 15423. [Jeff Trawick]
+
+ *) you can now specify the compression level for mod_deflate.
+ [Ian Holsman, Stephen Pierzchala ,
+ Michael Schroepl ]
+
+ *) mod_deflate: Extend the DeflateFilterNote directive to
+ allow accurate logging of the filter's in- and outstream.
+ [André Malo]
+
+ *) Allow SSLMutex to select/use the full range of APR locking
+ mechanisms available to it. Also, fix the bug that SSLMutex uses
+ APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski,
+ Martin Kutschker ]
+
+ *) Restore the ability of htdigest.exe to create files that contain
+ more than one user. PR 12910. [André Malo]
+
+ *) Improve binary compatibility of the core between debug (aka
+ maintainer-mode) and a non-debug compile.
+ [Sander Striker]
+
+ *) mod_usertrack: don't set the cookie in subrequests. This works
+ around the problem that cookies were set twice during fast internal
+ redirects. PR 13211. [André Malo]
+
+ *) mod_autoindex no longer forgets output format and enabled version
+ sort in linked column headers. [André Malo]
+
+ *) Use .sv instead of .se as extension for Swedish documents in the
+ default configuration. PR 12877. [André Malo]
+
+ *) Updated mod_ldap and mod_auth_ldap to support the Novell LDAP SDK SSL
+ and standardized the LDAP SSL support across the various LDAP SDKs.
+ Isolated the SSL functionality to mod_ldap rather than speading it
+ across mod_auth_ldap and mod_ldap. Also added LDAPTrustedCA
+ and LDAPTrustedCAType directives to mod_ldap to allow for a more
+ common method of specifying the SSL certificate.
+ [Dave Ward, Brad Nicholes]
+
+ *) Fixed mod_ssl's SSLCertificateChain initialization to no longer
+ skip the first cert of the chain by default. This misbehavior
+ was introduced in 2.0.34. PR 14560 [Madhusudan Mathihalli]
+
+ *) mod_cgi, mod_cgid, mod_ext_filter: Log errors when scripts cannot
+ be started on Unix because of such problems as bad permissions,
+ bad shebang line, etc. [Jeff Trawick]
+
+ *) Fix 64-bit problem in mod_ssl input logic.
+ [Madhusudan Mathihalli ]
+
+ *) Fix potential memory leaks in mod_deflate on malformed data. PR 16046.
+ [Justin Erenkrantz]
+
+ *) Rewrite ap_xml_parse_input to use bucket brigades. PR 16134.
+ [Justin Erenkrantz]
+
+ *) Fix segfault which occurred when a section in an included
+ configuration file was not closed. PR 17093. [André Malo]
+
+ *) Enhance the behavior of mod_isapi's WriteClient() callback to
+ provide better emulation for isapi modules that presume that the
+ first WriteClient() call may send status and headers. An example
+ of WriteClient() abuse is the foxisapi module, which relies on
+ that assumpion and now works. [William Rowe, Milan Kosina]
+
+ *) Check the return value of ap_run_pre_connection(). So if the
+ pre_connection phase fails (without setting c->aborted)
+ ap_run_process_connection is not executed. [Stas Bekman]
+
+ *) Fixed a problem with mod_ldap which caused it to fault when caching
+ was disabled. Needed to make sure that the code did not
+ attempt to use the cache if it didn't exist. Also fixed some memory
+ leaks which were due to not releasing LDAP resources on error
+ conditions. [Brad Nicholes]
+
+ *) Hook mod_proxy's fixup before mod_rewrite's fixup, so that by
+ mod_rewrite proxied URLs will not be escaped accidentally by
+ mod_proxy's fixup. PR 16368 [André Malo]
+
+ *) While processing filters on internal redirects, remember seen EOS
+ buckets also in the request structure of the redirect issuer(s). This
+ prevents filters (such as mod_deflate) from adding garbage to the
+ response. PR 14451. [André Malo]
+
+ *) suexec: Be more pedantic when cleaning environment. Clean it
+ immediately after startup. PR 2790, 10449.
+ [Jeff Stewart , André Malo]
+
+ *) Fix apxs to insert LoadModule directives only outside of sections.
+ PR 8712, 9012. [André Malo]
+
+ *) Fix suexec compile error under SUNOS4, where strerror() doesn't
+ exist. PR 5913, 9977.
+ [Jonathan W Miner ]
+
+ *) Fix If header parsing when a non-mod_dav lock token is passed to it.
+ PR 16452. [Justin Erenkrantz]
+
+ *) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's
+ not specified. Now it assumes "/" as already documented. PR 16937.
+ [André Malo]
+
+ *) Try to log an error if a piped log program fails. Try to
+ restart a piped log program in more failure situations. Fix an
+ existing problem with error handling in piped_log_spawn(). Use
+ new APR apr_proc_create() features to prevent Apache from starting
+ on Unix* in most cases where a piped log program can be started,
+ and add log messages for the other situations. *Other platforms
+ already failed Apache initialization if a piped log program
+ couldn't be started. PR 15761 [Jeff Trawick]
+
+ *) Fix mod_cern_meta to not create empty metafiles when the
+ metafile searched for does not exist. PR 12353
+ [Owen Rees ]
+
+ *) Introduce debugging symbols for Win32 release builds, both .pdb
+ and .dbg files (older debuggers and Dr. Watson-type utilities
+ on WinNT or Win9x don't support the newer .pdb flavor.)
+ [Allen Edwards, William Rowe]
+
+ *) Fix bug where 'Satisfy Any' without an AuthType lost all MIME
+ information (and more). Related to PR 9076. [André Malo]
+
+ *) mod_file_cache: fix segfault serving mmaped cached files.
+ [Bill Stoddard]
+
+ *) mod_file_cache: fixed a segfault when multiple MMapFile directives
+ were used. PR 16313. [Cliff Woolley]
+
+ *) Fix a nasty segfault in mmap_bucket_setaside() caused by passing
+ an incompatible pointer type to mmap_bucket_destroy(void*).
+ [Gerard Eviston ]
+
+ *) Enable the -n name parameter on NetWare to allow the
+ administrator to rename the Apache console screen
+ [Brad Nicholes]
+
+ *) Fixed piped access logs on Win32 by disabling OTHER_CHILD
+ support by default in APR. More development is required
+ to deploy OTHER_CHILD on Win32. [William Rowe]
+
+ *) Use saner default config values for suexec. PR 15713.
+ [Thom May ]
+
+ *) mod_rewrite: Allow "RewriteEngine Off" even if no "Options FollowSymlinks"
+ (or SymlinksIfOwnermatch) is set. PR 12395. [André Malo]
+
+ *) apxs: Include any special APR ld flags when linking the DSO.
+ This resolves problems on AIX when building a DSO with apxs+gcc.
+ [Jeff Trawick]
+
+ *) Added character set support to mod_auth_LDAP to allow it to
+ convert extended characters used in the user ID to UTF-8
+ before authenticating against the LDAP directory. The new
+ directive AuthLDAPCharsetConfig is used to specify the config
+ file that contains the character set conversion table.
+ [Brad Nicholes]
+
+ *) Don't remove the Content-Length from responses in mod_proxy
+ PR: 8677 [Brian Pane]
+
+ *) Ensure LDAP version is set to v3 on every bind. PR 14235.
+ [Sergey A. Lipnevich ]
+
+ *) Fix mod_ldap to open an existing shared memory file should one
+ already exist. PR 12757. [Scooter Morris ,
+ Graham Leggett]
+
+ *) Fix the ulimit command used by apachectl on Tru64. PR 13609.
+ [Joseph Senulis , Jeff Trawick]
+
+ *) Change the ulimit command used by apachectl on AIX so that it
+ works in all locales. [Jeff Trawick]
+
+ *) mod_ext_filter: Fix a problem building argument lists which
+ occasionally caused exec to fail. PR 15491. [Jeff Trawick]
+
+Changes with Apache 2.0.44
+
+ *) mod_autoindex: Bring forward the IndexOptions IgnoreCase option
+ from Apache 1.3. PR 14276
+ [David Shane Holden , William Rowe]
+
+ *) mod_mime: Workaround to prevent a segfault if r->filename=NULL
+ [Brian Pane]
+
+ *) Reorder the definitions for mod_ldap and mod_auth_ldap within
+ config.m4 to make sure the parent mod_ldap is defined first.
+ This ensures that mod_ldap comes before mod_auth_ldap in the
+ httpd.conf file, which is necessary for mod_auth_ldap to load.
+ PR 14256 [Graham Leggett]
+
+ *) Fix the building of cgi command lines when the query string
+ contains '='. PR 13914 [Ville Skyttä ,
+ Jeff Trawick]
+
+ *) Rename CacheMaxStreamingBuffer to MCacheMaxStreamingBuffer. Move
+ implementation of MCacheMaxStreamingBuffer from mod_cache to
+ mod_mem_cache. MCacheMaxStreamingBuffer now defaults to the
+ lesser of 100,000 bytes or MCacheMaxCacheObjectSize. This should
+ eliminate the need for explicitly coding MCacheMaxStreamingBuffer
+ in most configurations. [Bill Stoddard]
+
+ *) mod_cache: Fix PR 15113, a core dump in cache_in_filter when
+ a redirect occurs. The code was passing a format string and
+ integer to apr_pstrcat. Changed to apr_psprintf.
+ [Paul J. Reder]
+
+ *) Replace APU_HAS_LDAPSSL_CLIENT_INIT with APU_HAS_LDAP_NETSCAPE_SSL
+ as set by apr-util in util_ldap.c. This should allow mod_ldap
+ to work with the Netscape/Mozilla LDAP library. [Øyvin Sømme
+ , Graham Leggett]
+
+ *) Fix critical bug in new --enable-v4-mapped configure option
+ implementation which broke IPv4 listening sockets on some
+ systems. [hiroyuki hanai ]
+
+ *) mod_setenvif: Fix BrowserMatchNoCase support for non-regex
+ patterns [André Malo ]
+
+ *) Add version string to provider API. [Justin Erenkrantz]
+
+ *) build: './configure && make' now works without an in-tree
+ apr and apr-util. [Wilfredo Sanchez]
+
+ *) mod_negotiation: Set the appropriate mime response headers
+ (Content-Type, charset, Content-Language and Content-Encoding)
+ for negotated type-map "Body:" responses (such as the error
+ pages.) [André Malo ]
+
+ *) mod_log_config: Allow '%%' escaping in CustomLog format
+ strings to insert a literal, single '%'.
+ [André Malo ]
+
+ *) mod_autoindex: AddDescription directives for directories
+ now work as in Apache 1.3, where no trailing '/' is
+ specified on the directory name. Previously, the trailing
+ '/' *had* to be specified, which was incompatible with
+ Apache 1.3. PR 7990 [Jeff Trawick]
+
+ *) Fix for PR 14556. The expiry calculations in mod_cache were
+ trying to perform "now + ((date - lastmod) * factor)" where
+ date == lastmod resulting in "now + 0". The code now follows
+ the else path (using the default expiration) if date is
+ equal to lastmod. [Sergey , Paul J. Reder]
+
+ *) Use AP_DECLARE in the debug versions of ap_strXXX in case the
+ default calling convention is not the same as the one used by
+ AP_DECLARE. [Juan Rivera ]
+
+ *) mod_cache: Don't cache response header fields designated
+ as hop-by-hop headers in HTTP/1.1 (RFC 2616 Section 13.5.1).
+ [Estrade Matthieu , Brian Pane]
+
+ *) mod_cgid: Handle environment variables containing newlines.
+ PR 14550 [Piotr Czejkowski , Jeff
+ Trawick]
+
+ *) Move mod_ext_filter out of experimental and into filters.
+ [Jeff Trawick]
+
+ *) Fixed a memory leak in mod_deflate with dynamic content.
+ PR 14321 [Ken Franken ]
+
+ *) Add --[enable|disable]-v4-mapped configure option to control
+ whether or not Apache expects to handle IPv4 connections
+ on IPv6 listening sockets. Either setting will work on
+ systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
+ must be used on systems that always allow IPv4 connections on
+ IPv6 listening sockets. PR 14037 (Bugzilla), PR 7492 (Gnats)
+ [Jeff Trawick]
+
+ *) This fixes a problem where the underlying cache code
+ indicated that there was one more element on the cache
+ than there actually was. This happened since element 0
+ exists but is not used. This code allocates the correct
+ number of useable elements and reports the number of
+ actually used elements. The previous code only allowed
+ MCacheMaxObjectCount-1 objects to be stored in the
+ cache. [Paul J. Reder]
+
+ *) mod_setenvif: Add SERVER_ADDR special keyword to allow
+ envariable setting according to the server IP address
+ which received the request. [Ken Coar]
+
+ *) mod_cgid: Terminate CGI scripts when the client connection
+ drops. PR 8388 [Jeff Trawick]
+
+ *) Rearrange OpenSSL engine initialization to support RAND
+ redirection on crypto accelerator.
+ [Frederic DONNAT ]
+
+ *) Always emit Vary header if mod_deflate is involved in the
+ request. [Andre Malo ]
+
+ *) mod_isapi: Stop unsetting the 'empty' query string result with
+ a NULL argument in ecb->lpszQueryString, eliminating segfaults
+ for some ISAPI modules. PR 14399
+ [Detlev Vendt ]
+
+ *) mod_isapi: Fix an issue where the HSE_REQ_DONE_WITH_SESSION
+ notification is received before the HttpExtensionProc() returns
+ HSE_STATUS_PENDING. This only affected isapi .dll's configured
+ with the ISAPIFakeAsync on directive. PR 11918
+ [John DeSetto , William Rowe]
+
+ *) mod_isapi: Fix the issue where all results from mod_isapi would
+ run through the core die handler resulting in invalid responses
+ or access log entries. PR 10216 [William Rowe]
+
+ *) Improves the user friendliness of the CacheRoot processing
+ over my last pass. This version avoids the pool allocations
+ but doesn't avoid all of the runtime checks. It no longer
+ terminates during post-config processing. An error is logged
+ once per worker, indicating that the CacheRoot needs to be set.
+ [Paul J. Reder]
+
+ *) Fix a bug where we keep files open until the end of a
+ keepalive connection, which can result in:
+ (24)Too many open files: file permissions deny server access
+ especially on threaded servers. [Greg Ames, Jeff Trawick]
+
+ *) Fix a bug in which mod_proxy sent an invalid Content-Length
+ when a proxied URL was invoked as a server-side include within
+ a page generated in response to a form POST. [Brian Pane]
+
+ *) Added code to process min and max file size directives and to
+ init the expirychk flag in mod_disk_cache. Added a clarifying
+ comment to cache_util. [Paul J. Reder]
+
+ *) The value emitted by ServerSignature now mimics the Server HTTP
+ header as controlled by ServerTokens. [Francis Daly ]
+
+ *) Gracefully handly retry situations in the SSL input filter,
+ by following the SSL libraries' retry semantics.
+ [William Rowe]
+
+ *) Terminate CGI scripts when the client connection drops. This
+ fix only applies to some normal paths in mod_cgi. mod_cgid
+ is still busted. PR 8388 [Jeff Trawick]
+
+ *) Fix a bug where 416 "Range not satisfiable" was being
+ returned for content that should have been redirected.
+ [Greg Ames]
+
+ *) Fix memory leak in mod_ssl from internal SSL library allocations
+ within SSL_get_peer_certificate and X509_get_pubkey.
+ [Zvi Har'El
+ Madhusudan Mathihalli ].
+
+ *) mod_ssl uses free() inappropriately in several places, to free
+ memory which has been previously allocated inside OpenSSL.
+ Such memory should be freed with OPENSSL_free(), not with free().
+ [Nadav Har'El ,
+ Madhusudan Mathihalli ].
+
+ *) Emit a message to the error log when we return 404 because
+ the URI contained '%2f'. (This was previously nastily silent
+ and difficult to debug.) [Ken Coar]
+
+ *) Fix streaming output from an nph- CGI script. CGI:IRC now
+ works. PR 8482 [Jeff Trawick]
+
+ *) More accurate logging of bytes sent in mod_logio when
+ the client terminates the connection before the response
+ is completely sent [Bojan Smojver ]
+
+ *) Fix some problems in the perchild MPM.
+ [Jonas Eriksson ]
+
+ *) Change the CacheRoot processing to check for a required
+ value at config time. This saves a lot of wasted processing
+ if the mod_disk_cache module is loaded but no CacheRoot
+ was provided. This fix also adds code to log an error
+ and avoid useless pallocs and procesing when the computed
+ cache file name cannot be opened. This also updates the
+ docs accordingly. [Paul J. Reder]
+
+ *) Introduce the EnableSendfile directive, allowing users of NFS
+ shares to disable sendfile mechanics when they either fail
+ outright or provide intermitantly corrupted data. PR
+ [William Rowe]
+
+ *) Resolve the error "An operation was attempted on something
+ that is not a socket. : winnt_accept: AcceptEx failed.
+ Attempting to recover." for users of various firewall and
+ anti-virus software on Windows. PR 8325 [William Rowe]
+
+ *) Add the ProxyBadHeader directive, which gives the admin some
+ control on how mod_proxy should handle bogus HTTP headers from
+ proxied servers. This allows 2.0 to "emulate" 1.3's behavior if
+ desired. [Jim Jagielski]
+
+ *) Change the LDAP modules to export their symbols correctly
+ during a Windows build. Add dsp files for Windows. Update
+ README.ldap file for Windows build instructions.
+ [Andre Schild ]
+
+ *) Performance improvements for the code that generates HTTP
+ response headers [Brian Pane]
+
+ *) Add -S as a synonym for -t -DDUMP_VHOSTS.
+ [Thom May ]
+
+ *) Fix a bug with dbm rewrite maps which caused the wrong value to
+ be used when the key was not found in the dbm. PR 13204
+ [Jeff Trawick]
+
+ *) Fix a problem with streaming script output and mod_cgid.
+ [Jeff Trawick]
+
+ *) Add ap_register_provider/ap_lookup_provider API.
+ [John K. Sterling , Justin Erenkrantz]
+
+Changes with Apache 2.0.43
+
+ *) SECURITY: CVE-2002-0840 (cve.mitre.org)
+ HTML-escape the address produced by ap_server_signature() against
+ this cross-site scripting vulnerability exposed by the directive
+ 'UseCanonicalName Off'. Also HTML-escape the SERVER_NAME
+ environment variable for CGI and SSI requests. It's safe to
+ escape as only the '<', '>', and '&' characters are affected,
+ which won't appear in a valid hostname. Reported by Matthew
+ Murphy . [Brian Pane]
+
+ *) Fix a core dump in mod_cache when it attemtped to store uncopyable
+ buckets. This happened, for instance, when a file to be cached
+ contained SSI tags to execute a CGI script (passed as a pipe
+ bucket). [Paul J. Reder]
+
+ *) Ensure that output already available is flushed to the network
+ when the content-length filter realizes that no new output will
+ be available for a while. This helps some streaming CGIs as
+ well as some other dynamically-generated content. [Jeff Trawick]
+
+ *) Fix a mutex problem in mod_ssl session cache support which
+ could lead to an infinite loop. PR 12705
+ [Amund Elstad , Jeff Trawick]
+
+ *) SECURITY: CVE-2002-1156 (cve.mitre.org)
+ Fix the exposure of CGI source when a POST request is sent to
+ a location where both DAV and CGI are enabled. [Ryan Bloom]
+
+ *) Allow the UserDir directive to accept a list of directories.
+ This matches what Apache 1.3 does. Also add documentation for
+ this feature. [Jay Ball ]
+
+ *) New Module: mod_logio. adds the ability to log bytes sent and
+ received. [Bojan Smojver ]
+
+ *) SuExec needs to use the same default directory as the rest of
+ server, namely /usr/local/apache2.
+ [SangBeom han ]
+
+ *) Get mod_auth_ldap to retry connections on LDAP_SERVER_DOWN.
+ [Thomas Bennett , Graham Leggett]
+
+ *) Make sure the contents of the WWW-Authenticate header is
+ passed on a 4xx error by proxy. Previously all headers
+ were dropped, resulting in the browser being unable to
+ authenticate. [Dr Richard Reiner ,
+ Richard Danielli , Graham Wiseman
+ , David Henderson
+ ]
+
+ *) Make mod_cache's CacheMaxStreamingBuffer directive work
+ properly for virtual hosts that override server-wide mod_cache
+ setttings. [Matthieu Estrade ]
+
+ *) Add -p option to apxs to allow programs to be compiled with apxs.
+ [Justin Erenkrantz]
+
+Changes with Apache 2.0.42
+
+ *) SECURITY: CAN-2002-1593 (cve.mitre.org) [CERT VU#406121]
+ mod_dav: Check for versioning hooks before using them.
+ [Greg Stein]
+
+Changes with Apache 2.0.41
+
+ *) The protocol version (eg: HTTP/1.1) in the request line parsing
+ is now case insensitive. [Jim Jagielski]
+
+ *) Allow AddOutputFilterByType to add multiple filters per directive.
+ [Justin Erenkrantz]
+
+ *) Remove warnings with Sun's Forte compiler. [Justin Erenkrantz]
+
+ *) Fixed mod_disk_cache's generation of 304s
+ [Kris Verbeeck ]
+
+ *) Add support for using fnmatch patterns in the final path
+ segment of an Include statement (eg.. include /foo/bar/*.conf).
+ and remove the noise on stderr during config dir processing.
+ [Joe Orton ]
+
+ *) mod_cache: cache_storage.c. Add the hostname and any request
+ args to the key generated for caching. This provides a unique
+ key for each virtual host and for each request with unique
+ args. [Paul J. Reder, args code provided by Kris Verbeeck]
+
+ *) mod_cache: Do not cache responses to GET requests with query
+ URLs if the origin server does not explicitly provide an
+ Expires header on the response (RFC 2616 Section 13.9)
+ [Kris Verbeeck ]
+
+ *) Fix memory leak in core_output_filter. [Justin Erenkrantz]
+
+ *) Update OpenSSL detection to work on Darwin.
+ [Sander Temme ]
+
+ *) Update the xslt and css to give the documentation a more
+ modern style.
+ [André Malo , Gernot Winkler ]
+
+ *) Fix some bucket memory leaks in the chunking code
+ [Joe Schaefer ]
+
+ *) Add ModMimeUsePathInfo directive. [Justin Erenkrantz]
+
+ *) mod_cache: added support for caching streamed responses (proxy,
+ CGI, etc) with optional CacheMaxStreamingBuffer setting [Brian Pane]
+
+ *) Add image/x-icon to httpd.conf PR 10993.
+ [Ian Holsman, Peter Bieringer ]
+
+ *) Fix FileETags none operation. PR 12207.
+ [Justin Erenkrantz, Andrew Ho ]
+
+ *) Restored the experimental leader/followers MPM to working
+ condition and converted its thread synchronization from
+ mutexes to atomic CAS. [Brian Pane]
+
+ *) Fix Logic on non-html file removal in mod_deflate
+ [Kris Verbeeck ]
+
+ *) Fix "ab -g"'s truncated year: the last digit was cut off.
+ [Leon Brocard ]
+
+ *) mod_rewrite can now sets cookies in err_headers, uses the correct
+ expiry date, and can now set the path as well
+ PR 12132,12181,12172.
+ [Ian Holsman / Rob Cromwell ]
+
+ *) The content-length filter no longer tries to buffer up
+ the entire output of a long-running request before sending
+ anything to the client. [Brian Pane]
+
+ *) Win32: Lower the default stack size from 1MB to 256K. This will
+ allow around 8000 threads to be started per child process.
+ 'EDITBIN /STACK:size apache.exe' can be used to change this
+ value directly in the apache.exe executable.
+ [Bill Stoddard]
+
+ *) Win32: Implement ThreadLimit directive in the Windows MPM.
+ [Bill Stoddard]
+
+ *) Remove CacheOn config directive since it is set but never checked.
+ No sense wasting cycles on unused code. Besides, the only truly
+ bug free code is deleted code. :) [Paul J. Reder]
+
+ *) BufferLogs are now run-time enabled, and the log_config now has 2 new
+ callbacks to allow a 3rd party module to actually do the writing of the
+ log file [Ian Holsman]
+
+ *) Correct ISAPIReadAheadBuffer to default to 49152, per mod_isapi docs.
+ [André Malo, Astrid Keßler ]
+
+ *) Fix Segfault in mod_cache. [Kris Verbeeck ]
+
+ *) Fix a null pointer dereference in the merge_env_dir_configs
+ function of the mod_env module. PR 11791
+ [Paul J. Reder]
+
+ *) New option to ServerTokens 'maj[or]'. Only show the major version
+ Also Surfaced this directive in the standard config (default FULL)
+ [Ian Holsman]
+
+ *) Change mod_rewrite to use apr-util's dbm support for dbm rewrite
+ maps. The dbm type (e.g., ndbm, gdbm) can be specified on the
+ RewriteMap directive. PR 10644 [Jeff Trawick]
+
+ *) Fixed mod_rewrite's RewriteMap prg: support so that request/response
+ pairs will no longer get out of sync with each other. PR 9534
+ [Cliff Woolley]
+
+ *) Fixes required to get quoted and escaped command args working in
+ mod_ext_filter. PR 11793 [Paul J. Reder]
+
+ *) mod-proxy: handle proxied responses with no status lines
+ [JD Silvester , Brett Huttley ]
+
+ *) Fix bug where environment or command line arguments containing
+ non-ASCII-7 characters would cause the Win32 child process creation
+ to fail. PR 11854 [William Rowe]
+
+ *) Bug #11213.. make module loading error messages more informative
+ [Ian Darwin ]
+
+ *) thread safety & proxy-ftp [Alexey Panchenko , Ian Holsman]
+
+ *) mod_disk_cache works much better. This module should still
+ be considered experimental. [Eric Prud'hommeaux]
+
+ *) Performance improvement for keepalive requests: when setting
+ aside a small file for potential concatenation with the next
+ response on the connection, set aside the file descriptor rather
+ than copying the file into the heap. [Brian Pane]
+
+ *) Modified version check on openssl so that it finds the executable
+ first and then performs a check of the version, only warning the
+ user if they chose, or we selected, an old version of OpenSSL.
+ This change also allows the code to work for non-openssl libraries
+ selected via the --with-ssl=dir option, which can override the
+ automated library check in any case. [Roy Fielding]
+
+Changes with Apache 2.0.40
+
+ *) SECURITY: CAN-2002-0661 (cve.mitre.org)
+ Close a very significant security hole that
+ applies only to the Win32, OS2 and Netware platforms. Unix was not
+ affected, Cygwin may be affected. Certain URIs will bypass security
+ and allow users to invoke or access any file depending on the system
+ configuration. Without upgrading, a single .conf change will close
+ the vulnerability. Add the following directive in the global server
+ httpd.conf context before any other Alias or Redirect directives;
+ RedirectMatch 400 "\\\.\."
+ Reported by Auriemma Luigi .
+ [Brad Nicholes]
+
+ *) SECURITY: CAN-2002-0654 (cve.mitre.org)
+ Close a path-revealing exposure in multiview type
+ map negotiation (such as the default error documents) where the
+ module would report the full path of the typemapped .var file when
+ multiple documents or no documents could be served based on the mime
+ negotiation. Reported by Auriemma Luigi .
+ [William Rowe]
+
+ *) SECURITY: CAN-2002-0654 (cve.mitre.org)
+ Close a path-revealing exposure in cgi/cgid when we
+ fail to invoke a script. The modules would report "couldn't create
+ child process /path-to-script/script.pl" revealing the full path
+ of the script. Reported by Jim Race .
+ [Bill Stoddard]
+
+ *) Set aside the apr-iconv and apr_xlate() features for the Win32
+ build of 2.0.40 so development can be completed. A patch, from
+
+ will be available for those that wish to work with apr-iconv.
+ [William Rowe]
+
+ *) Fix proxy so that it is possible to access ftp: URLs via a proxy
+ chain. [Peter Van Biesen ]
+
+ *) mod-deflate now checks to make sure that 'gzip-only-text/html' is
+ set to 1, so we can exclude things from the general case with
+ browsermatch. [Ian Holsman, Andre Schild ]
+
+ *) Accept multiple leading /'s for requests within the DocumentRoot.
+ PR 10946 [William Rowe, David Shane Holden ]
+
+ *) Solved the reports of .pdf byterange failures on Win32 alone.
+ APR's sendfile for the win32 platform collapses header and trailer
+ buffers into a single buffer. However, we destroyed the pointers
+ to the header buffer if a trailer buffer was present. PR 10781
+ [William Rowe]
+
+ *) mod_ext_filter: Add the ability to enable or disable a filter via
+ an environment variable. Add the ability to register a filter of
+ type other than AP_FTYPE_RESOURCE. [Jeff Trawick]
+
+ *) Restore the ability to specify host names on Listen directives.
+ PR 11030. [Jeff Trawick, David Shane Holden ]
+
+ *) When deciding on the default address family for listening sockets,
+ make sure we can actually bind to an AF_INET6 socket before
+ deciding that we should default to AF_INET6. This fixes a startup
+ problem on certain levels of OpenUNIX. PR 10235. [Jeff Trawick]
+
+ *) Replace usage of atol() to parse strings when we might want a
+ larger-than-long value with apr_atoll(), which returns long long.
+ This allows HTTPD to deal with larger files correctly.
+ [Shantonu Sen ]
+
+ *) mod_ext_filter: Ignore any content-type parameters when checking if
+ the response should be filtered. Previously, "intype=text/html"
+ wouldn't match something like "text/html;charset=8859_1".
+ [Jeff Trawick]
+
+ *) mod_ext_filter: Set up environment variables for external programs.
+ [Craig Sebenik ]
+
+ *) Modified the HTTP_IN filter to immediately append the EOS (end of
+ stream) bucket for C-L POST bodies, saving a roundtrip and allowing
+ the caller to determine that no content remains without prefetching
+ additional POST body. [William Rowe]
+
+ *) Get proxy ftp to work over IPv6. [Shoichi Sakane ]
+
+ *) Look for OpenSSL libraries in /usr/lib64. [Peter Poeml ]
+
+ *) Update SuSE layout. [Peter Poeml ]
+
+ *) Changes to the internationalized error documents:
+ Comment them out in the default config file to make the default
+ install as simple as possible; Correct the english 500 error to
+ be more understandable; Add a Swedish translation.
+ [Thomas Sjogren ,
+ Erik Abele , Rich Bowen, Joshua Slive]
+
+ *) Increase the limit on file descriptors per process in apachectl.
+ [Brian Pane]
+
+ *) Fix a dependency error when building ApacheMonitor, so that Win32
+ and MSVC now trust that the project is current (when it is).
+ [James Cox ]
+
+ *) mod_ext_filter: don't segfault if content-type is not set. PR 10617.
+ [Arthur P. Smith , Jeff Trawick]
+
+ *) APR-Util Renames pending have been completed [Thom May]
+
+ *) Performance improvements for the code that reads request
+ headers (ap_rgetline_core() and related functions) [Brian Pane]
+
+ *) Add a new directive: MaxMemFree. MaxMemFree makes it possible
+ to configure the maximum amount of memory the allocators will
+ hold on to for reuse. Anything over the MaxMemFree threshold
+ will be free()d. This directive is useful when uncommon large
+ peaks occur in memory usage. It should _not_ be used to mask
+ defective modules' memory use. [Sander Striker]
+
+ *) Fixed the Content-Length filter so that HTTP/1.0 requests to CGI
+ scripts would not result in a truncated response.
+ [Ryan Bloom, Justin Erenkrantz, Cliff Woolley]
+
+ *) Add a filter_init parameter to the filter registration functions
+ so that a filter can execute arbitrary code before the handlers
+ are invoked. This resolves a problem where mod_include requests
+ would incorrectly return a 304. [Justin Erenkrantz]
+
+ *) Fix a long-standing bug in 2.0, CGI scripts were being called
+ with relative paths instead of absolute paths. Apache 1.3 used
+ absolute paths for everything except for SuExec, this brings back
+ that standard. [Ryan Bloom]
+
+ *) Fix infinite loop due to two HTTP_IN filters being present for
+ internally redirected requests. PR 10146. [Justin Erenkrantz]
+
+ *) Switch conn_rec->keepalive to an enumeration rather than a bitfield.
+ [Justin Erenkrantz]
+
+ *) Fix mod_ext_filter to look in the main server for filter definitions
+ when running in a vhost if the filter definition is not found in
+ the vhost. PR 10147 [Jeff Trawick]
+
+ *) Support WinNT CGI invocation through ScriptInterpreterSource
+ 'registry' for script interpreter paths and names with non-ascii
+ characters in the executable filepath. [William Rowe]
+
+ *) Support the -w flag on to keep the Win32 console open on error.
+ [William Rowe]
+
+ *) Normalize the hostname value in the request_rec to all-lowercase
+ [Perry Harrington ]
+
+ *) Fix WinNT cgi 500 errors when QUERY_ARGS or other strings include
+ extended characters (non US-ASCII) in non-utf8 format. This brings
+ Win32 back into CGI/1.1 compliance, and leaves charset decoding up
+ to the cgi application itself. [William Rowe]
+
+ *) Major overhaul of mod_dav, mod_dav_fs and the experimental/cache
+ modules to bring them up to the current apr/apr-util APIs.
+ [William Rowe]
+
+ *) Fix segfault in mod_mem_cache most frequently observed when
+ serving the same file to multiple clients on an MP machine.
+ [Bill Stoddard]
+
+ *) mod_rewrite can now set cookies (RewriteRule (.*) - [CO=name:$1:.domain])
+ [Brian Degenhardt , Ian Holsman]
+
+ *) Fix perchild to work with apachectl by adding -k support to perchild.
+ PR 10074 [Jeff Trawick]
+
+ *) Fix a silly htpasswd.c logic error that incorrectly reported that
+ both -c and -n had been used. PR 9989 [Cliff Woolley]
+
+ *) Fixed a mod_include error case in which no HTTP response was sent
+ to the client if an shtml document contained an unterminated SSI
+ directive [Brian Pane]
+
+ *) Improve ap_get_client_block implementation by using APR-util brigade
+ helper functions and relying on current filter assumptions.
+ [Justin Erenkrantz]
+
+Changes with Apache 2.0.39
+
+ *) Fixed a build problem in htpasswd.c on Win32.
+ [Guenter Knauf , Cliff Woolley]
+
+Changes with Apache 2.0.38
+
+ *) Rewrite htpasswd to use APR. The removes the annoying warning about
+ tmpnam being unsafe. [Ryan Bloom]
+
+ *) We must set the MIME-type for .shtml files to text/html if we want them
+ to be parsed for SSI tags. Add the config for that to the default
+ config file so that it is easier to enable .shtml parsing.
+ [Dave Dyer ]
+
+ *) Fixed a problem with 'make install' on ReliantUnix.
+ [Jean-frederic Clere ]
+
+ *) Make the default_handler catch all requests that aren't served by
+ another handler. This also gets us to return a 404 if a directory
+ is requested, there is no DirectoryIndex, and mod_autoindex isn't
+ loaded. [Justin Erenkrantz]
+
+ *) Fixed the handling of nested if-statements in shtml files.
+ PR 9866 [Brian Pane]
+
+ *) Allow 'make install DESTDIR=/path'. This allows packagers to install
+ into a directory different from the one that was configured. This
+ also mirrors the root= feature from 1.3. We cannot use prefix=,
+ because both APR and APR-util resolve their installation paths at
+ configuration time. This means that there is no variable prefix
+ to replace. [Andreas Hasenack ]
+
+ *) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
+ These levels of AIX don't have a thundering herd problem with
+ accept(). [Jeff Trawick]
+
+ *) prefork MPM: Ignore mutex errors during graceful restart. For
+ certain types of mutexes (particularly SysV semaphores), we
+ should expect to occasionally fail to obtain or release the
+ mutex during restart processing. [Jeff Trawick]
+
+ *) Fix install-bindist.sh so that it finds any perl instead of just
+ early perl 5.x versions. This is consistent with a build/install
+ from source, and it allows the perl scripts installed by a bindist
+ to work on systems with perl 5.6. [Jeff Trawick]
+
+ *) Fix apxs so that the makefile created by "apxs -g" works on AIX and
+ Tru64 (and probably some other platforms). [Jeff Trawick]
+
+ *) Allow CGI scripts to return their Content-Length. This also fixes a
+ hang on HEAD requests seen on certain platforms (such as FreeBSD).
+ [Justin Erenkrantz]
+
+ *) Added log rotation based on file size to the RotateLog support
+ utility. [Brad Nicholes]
+
+ *) Fix some casting in mod_rewrite which broke random maps.
+ PR 9770 [Allan Edwards, Greg Ames, Jeff Trawick]
+
+Changes with Apache 2.0.37
+
+ *) allow POST method over SSL when per-directory client cert
+ authentication is used with 'SSLOptions +OptRenegotiate' enabled
+ and a client cert was found in the ssl session cache.
+
+ *) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
+ session cache when there is no cert chain in the cache. prior to
+ the fix this situation would result in a FORBIDDEN response and
+ error message "Cannot find peer certificate chain"
+ [Doug MacEachern]
+
+ *) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
+ one was already sent. PR 9644 [Jeff Trawick]
+
+ *) Fix the display of the default name for the mime types config
+ file. PR 9729 [Matthew Brecknell ]
+
+ *) Fix the working directory *for WinNT/2K/XP services only* to
+ change to the Apache directory (one level above the location
+ of Apache.exe, in the case that Apache.exe resides in bin/.)
+ Solves the case of ServerRoot /foo paths where /foo was not
+ on the same drive as /winnt/system32. [William Rowe]
+
+ *) Make 2.0's "AcceptMutex" startup message now "completely"
+ match how 1.3 does it. [Jim Jagielski]
+
+ *) Implement a fixed size memory cache using a priority queue
+ [Ian Holsman]
+
+ *) Fix apxs to allow "apxs -q installbuilddir" and to allow
+ querying certain other variables from config_vars.mk. PR 9316
+ [Jeff Trawick]
+
+ *) Added the "detached" attribute to the cgi_exec_info_t internals
+ so that Win32 and Netware won't create a new window or console
+ for each CGI invoked. PR 8387
+ [Brad Nicholes, William Rowe]
+
+ *) Consolidated the command line parameters and attributes that are
+ manipulated by the optional function ap_cgi_build_command() in
+ mod_cgi into a single structure.
+ [Brad Nicholes]
+
+ *) Get rid of uninitialized value errors with "apxs -q" on certain
+ variables. [Stas Bekman ]
+
+ *) Fix apxs to allow it to work when the build directory is somewhere
+ besides server-root/build. PR 8453
+ [Jeff Trawick and a host of others]
+
+ *) Allow ap_discard_request_body to be called multiple times in the
+ same request. Essentially, ap_http_filter keeps track of whether
+ it has sent an EOS bucket up the stack, if so, it will only ever
+ send an EOS bucket for this request.
+ [Ryan Bloom, Justin Erenkrantz, Greg Stein]
+
+ *) Remove all special mod_ssl URIs. This also fixes the bug where
+ redirecting (.*) will allow an SSL protected page to be viewed
+ without SSL. [Ryan Bloom]
+
+ *) Fix the binary build install script so that the build logic
+ created by "apxs -g" will work when the user has a binary
+ build. [Jeff Trawick]
+
+ *) Allow instdso.sh to work with full paths to the shared module.
+ [Justin Erenkrantz]
+
+ *) NetWare: Enabled CGI functionality and added mod_cgi as a built
+ in module for NetWare [Brad Nicholes]
+
+ *) Changed cgi and piped log behavior to accept 65536 characters
+ on Win32 (matching Linux) before deadlocking between outputing
+ client stdin, slurping the output from stdout and then the stderr
+ stream. PR 8179 [William Rowe]
+
+ *) Fixed Win32 wintty.exe support to assure the window title is valid.
+ Elimiates possible gpfault or garbage title without the -t option.
+ [William Rowe]
+
+ *) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
+ brigades and input filters. [Justin Erenkrantz]
+
+ *) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
+ body. [Justin Erenkrantz]
+
+ *) NetWare: Piping log entries through RotateLogs using the
+ CustomLogs directive is finally supported now that we have
+ the pipes and spawning functionality working.
+ [Brad Nicholes]
+
+ *) SECURITY: CVE-2002-0392 (cve.mitre.org) [CERT VU#944335]
+ Detect overflow when reading the hex bytes forming a chunk line.
+ [Aaron Bannert]
+
+ *) Allow RewriteMap prg:'s to take command-line arguments. PR 8464.
+ [James Tait ]
+
+ *) Correctly return 413 when an invalid chunk size is given on
+ input. Also modify ap_discard_request_body to not do anything
+ on sub-requests or when the connection will be dropped.
+ [Justin Erenkrantz]
+
+ *) Fix the TIME_* SSL var lookups to be threadsafe. PR 9469.
+ [Cliff Woolley]
+
+ *) Ensure that apr_brigade_write() flushes in all of the cases that
+ it should to avoid conditions in some modules that could cause
+ large amounts of data to be buffered. [Cliff Woolley]
+
+ *) Fix problem where mod_cache/mod_disk_cache was incorrectly
+ stripping the content_type from cached responses.
+ [Bill Stoddard]
+
+ *) apachectl passes through any httpd options. Note: apachectl
+ should be used in preference to httpd since it ensures that any
+ appropriate environment variables have been set up.
+ [Jeff Trawick]
+
+ *) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
+ PR 7810 [Colm MacCarthaigh ]
+
+ *) Fix suexec execution of CGI scripts from mod_include.
+ PR 7791, 8291 [Colm MacCarthaigh ]
+
+ *) Fix segfaults at startup on some platforms when mod_auth_digest,
+ mod_suexec, or mod_ssl were used as DSO's due to the way they
+ were tracking the current init phase since DSO's get completely
+ unloaded and reloaded between phases. PR 9413.
+ [Tsuyoshi Sasamoto , Brad Nicholes]
+
+ *) Fix mod_include's handling of regular expressions in
+ " and directives [Brian Pane]
+
+ *) Fix some mod_include segfaults [Cliff Woolley, Brian Pane, Brad Nicholes]
+
+ *) Update the "RedHat" Layout to match Red Hat Linux version 7. PR BZ-7422
+ [Joe Orton]
+
+ *) add compat layer to support RSA SSLC 1.x and 2.x in mod_ssl
+ [Jon Travis, John Barbee, William Rowe, Ryan Bloom, Doug MacEachern]
+
+ *) Add a new parameter to the quick_handler hook to instruct
+ quick handlers to optionally do a lookup rather than actually
+ serve content. This is the first of several changes required fix
+ several problems with how quick handlers work with subrequests.
+ [Bill Stoddard]
+
+ *) worker MPM: Get MaxRequestsPerChild to work again. [Jeff Trawick]
+
+ *) [APR-related] The ordering of the default accept mutex method has
+ been changed to better match what's done in Apache 1.3. The ordering
+ is now (highest to lowest): pthread -> sysvsem -> fcntl -> flock.
+ [Jim Jagielski]
+
+ *) Ensure that the build/ directory is created when using VPATH.
+ [Justin Erenkrantz]
+
+ *) Add some popular types to the mime magic file. PR 7730.
+ [Linus Walleij , Justin Erenkrantz]
+
+ *) Remove the single-byte socket reads for CGI headers [Brian Pane]
+
+ *) When a proxied site was being served, Apache was replacing
+ the original site Server header with it's own, which is not
+ allowed by RFC2616. Fixed. [Graham Leggett]
+
+ *) Fix a mod_cgid problem that left daemon processes stranded
+ in some server restart scenarios. [Jeff Trawick]
+
+ *) Added exp_foo and rel_foo variables to config_vars.mk for
+ all Apache and Autoconf path variables (like --sysconfdir,
+ --sbindir, etc). exp_foo is the "expanded" version, which means
+ that all internal variable references have been interpolated.
+ rel_foo is the same as $exp_foo, only relative to $prefix if they
+ share a common path. [Aaron Bannert]
+
+ *) Fix some restart/terminate problems in the worker MPM. Don't
+ drop connections during graceful restart. [Jeff Trawick]
+
+ *) Change the header merging behaviour in proxy, as some headers
+ (like Set-Cookie) cannot be unmerged due to stray commas in
+ dates. [Graham Leggett]
+
+ *) Be more vocal about what AcceptMutex values we allow, to make
+ us closer to how 1.3 does it. [Jim Jagielski]
+
+ *) Get nph- CGI scripts working again. PRs 8902, 8907, 9983
+ [Jeff Trawick]
+
+ *) Upgraded PCRE library to latest version 3.9 [Brian Pane]
+
+ *) Add accessor function to set r->content_type. From now on,
+ ap_rset_content_type() should be used to set r->content_type.
+ This change is required to properly implement the
+ AddOutputFilterByType configuration directive.
+ [Bill Stoddard, Sander Striker, Ryan Bloom]
+
+ *) Add new M_FOO symbols for the WebDAV/DeltaV methods specified by
+ RFC 3253. Improved the method name/number mapping functions.
+ [Greg Stein]
+
+ *) remove sock_enable_linger from connection.c [Ian Holsman]
+
+ *) Fix for virtual host processing where the requested hostname
+ has a '.' at the end (PR 9187) [Ryan Cruse ]
+
+ *) mod_dav's APIs for REPORT response handling was changed so that
+ providers can generate the content directly into the output filter
+ stack, rather than buffering the response into memory. [Greg Stein]
+
+ *) Fix a hang condition with graceful restart and prefork MPM
+ in the situation where MaxClients is very high but
+ much fewer servers are actually started at the time of the
+ restart. [Jeff Trawick]
+
+ *) Small performance fixes for mod_include [Brian Pane]
+
+ *) Performance improvement for the error logger [Brian Pane]
+
+ *) Change configure so that Solaris 8 and above have
+ SINGLE_LISTEN_UNSERIALIZED_ACCEPT defined by default.
+ according to sun people solaris 8+ doesn't have a thundering
+ herd problem [Ian Holsman]
+
+ *) Allow URIs specifying CGI scripts to include '/' at the end
+ (e.g., /cgi-bin/printenv/) on AIX and Solaris (and other OSs
+ which ignore '/' at the end of the names of non-directories).
+ PR 10138 [Jeff Trawick]
+
+ *) implement SSLSessionCache shmht and shmcb based on apr_rmm and
+ apr_shm. [Madhusudan Mathihalli ]
+
+ *) Fix apxs -g handling. Move config_vars.mk from the top build
+ directory to the build directory. PR 10163 [Jeff Trawick]
+
+ *) Fix some mod_include problems which broke evaluation of some
+ expressions. PR 10108 [Jeff Trawick]
+
+ *) Fix the calculation of request time in mod_status. [Stas Bekman]
+
+ *) Fix the calculation of thread_num in the worker score structure.
+ [Stas Bekman]
+
+ *) Use apr_atomic operations in managing the mod_mem_cache
+ cache_objects for SMP scalability. (see USE_ATOMICS
+ preprocessor directive in mod_file_cache)
+ [Bill Stoddard]
+
+ *) Add filehandle caching to mod_mem_cache. (see CACHE_FD
+ preprocessor directive in mod_file_cache)
+ [Bill Stoddard]
+
+ *) Implement prototype mod_disk_cache for use with mod_cache.
+ [Bill Stoddard]
+
+ *) Add a missing manualdir entry in the Debian config.layout.
+ [Thom May