Changes with Apache 2.1.0-dev
[Remove entries to the current 2.0 section below, when backported]
*) mod_setenvif: Fix the regex optimizer, which under circumstances
treated the supplied regex as literal string. PR 24219.
[André Malo]
*) mod_autoindex: Don't omit the
start tag if the SuppressIcon
option is set. PR 21668. [Jesse Tie-Ten-Quee ]
*) mod_autoindex / core: Don't fail to show filenames containing
special characters like '%'. PR 13598. [André Malo]
*) mod_info: HTML escape configuration information so it displays
correctly. PR 24232. [Thom May]
*) mod_status: Report total CPU time accurately when using a threaded
MPM. PR 23795. [Jeff Trawick]
*) mod_ssl: Fix segfault on a non-SSL request if the the 'c' log
format code is used. PR 22741. [Gary E. Miller ]
*) Log an error when requests for URIs which fail to map to a valid
filesystem name are rejected with 403. [Jeff Trawick]
*) Fix a couple of AIX xlc_r compiler issues in the code I just
committed. [Paul J. Reder]
*) Modified the cache code to be header-location agnostic. Also
fixed a number of other cache code bugs related to PR 15852.
Includes a patch submitted by Sushma Rai .
This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
closing the PR since that is what they are using. [Paul J. Reder]
*) Switch to APR 1.0 API.
*) Fix mod_include's expression parser to recognize strings correctly
even if they start with an escaped token. [André Malo]
*) Major overhaul of mod_include's filter parser. The new parser code
is expected to be more robust and should catch all of the edge cases
that were not handled by the previous one. This includes a binary
incompatible change of mod_include's external API. [André Malo]
*) mod_rewrite: Allow forced mimetypes [T=...] to get expanded.
PR 14223. [André Malo]
*) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
could lead to a 400 (Bad Request) response. [André Malo]
*) mod_rewrite: Fix LA-U and LA-F lookups in directory context. Previously
the current rewrite state was just used as lookup path, which lead to
strange and often useless results. Related to PR 8493. [André Malo]
*) Change Listen directive to bind to all addresses when a hostname is
not specified. [Justin Erenkrantz]
*) Correct failure with Listen directives on machines with IPv6 enabled.
[Colm MacCárthaigh , Justin Erenkrantz]
*) Fix a link failure in mod_ssl when the OpenSSL libraries contain
the ENGINE functions but the engine header files are missing.
[Cliff Woolley]
*) mod_dav: Use bucket brigades when reading PUT data. This avoids
problems if the data stream is modified by an input filter. PR 22104.
[Tim Robbins , André Malo]
*) mod_rewrite: RewriteRules in server context using the force
type feature [T=...] no longer disable MultiViews. [André Malo]
*) mod_rewrite: In external rewrite maps lookup keys containing
a newline now cause a lookup failure. PR 14453.
[Cedric Gavage , André Malo]
*) mod_rewrite: Allow piped rewrite logs to be relative to ServerRoot.
[André Malo]
*) mod_authz_groupfile: Strip trailing spaces of group names. This
hopefully saves some hours of searching for typos. PR 12863.
[André Malo]
*) mod_actions: Propagate the handler name to the action script via
the REDIRECT_HANDLER environment variable. [André Malo]
*) mod_actions: Introduce the "virtual" modifier to the Action directive,
which allows the use of handlers for virtual locations. PR 8431.
[André Malo]
*) mod_speling: Recognize AcceptPathInfo setting for the particular
location. Default is to reject path information. PR 21059.
[André Malo]
*) mod_ext_filter: Add the ability to filter request bodies.
[Philipp Reisner ]
*) mod_cgid: Restart the cgid daemon if it crashes. PR 19849
[Glenn Nielsen ]
*) Fix some broken log messages in WinNT MPM.
[Juan Rivera ]
*) Add support for IMT minor-type wildcards (e.g., text/*) to
ExpiresByType. PR#7991 [Ken Coar]
*) Fix a problem with namespace mappings being dropped in mod_dav_fs;
if any property values were set which defined namespaces these
came out mangled in the PROPFIND response. PR 11637.
[Amit Athavale ]
*) prefork MPM: Use the right permissions for the directory created
for gprof support. [Jim Carlson ]
*) Fix the inability to log errors like exec failure in
mod_ext_filter/mod_cgi script children. This was broken after
such children stopped inheriting the error log handle.
[Jeff Trawick]
*) Fix a compile failure with recent OpenSSL and picky compilers
(e.g., OpenSSL 0.9.7a and xlc_r on AIX). [Jeff Trawick]
*) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
the INCLUDE path to be defined properly.
PR 11310. [Geoff Thorpe ]
*) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
*) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
[Geoff Thorpe ]
*) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
[Ian Holsman, André Malo]
*) mod_negotiation: quality values are now parsed independent from
the current locale. level values are now really parsed as integers.
PR 17564. [André Malo]
*) Added the WindowsSocketsWorkaround directive for Windows NT/2000/XP
to work around problems with certain VPN and Firewall products that
have buggy AcceptEx implementations.
[Allan Edwards w/ suggestions from Bill Stoddard & Bill Rowe]
*) Extend mod_negotiation to evaluate the environment variables
no-gzip and gzip-only-text/html the same way as mod_deflate does.
[André Malo]
*) mod_rewrite: Fix some problems reporting errors with mapping
programs (RewriteMap prg:/something). [Jeff Trawick]
*) Return 413 if chunk-ext-header is too long rather than reading from
the truncated line. PR 15857. [Justin Erenkrantz]
*) Allow restart of httpd to occur even with syntax errors in the config
file. PR 16813. [Justin Erenkrantz]
*) Use APR_LAYOUT instead of APACHE_LAYOUT in configure. PR 15679.
[Justin Erenkrantz]
*) Remove files on 'make distclean' that should be. PR 15592.
[Justin Erenkrantz]
*) Allow apachectl to perform status with links and elinks as well.
[Justin Erenkrantz]
*) Extend the SetEnvIf directive to capture subexpressions of the
matched value. [André Malo]
*) mod_log_config change optional hook to return previous handler
[Ian Holsman]
*) Forward port of mod_actions' ability to handle arbitrary methods
with the Script directive. [André Malo]
*) Let suexec send a message to stderr, if it failed or its policy
was violated. This message appears in the error log and allows
for easier debugging. PR 5381, 7638, 8255, 10773. [André Malo]
*) Modify buildconf to copy all required files into httpd's tree.
[Thom May ]
*) Allow mod_dav to do weak entity comparison functions.
[Justin Erenkrantz]
*) Move RFC 1413 ident requests from core to new module mod_ident.
[André Malo]
*) Add mod_authz_owner - a forward port of "Require file-owner"
and "Require file-group", which was already present in version
1.3.21. [André Malo]
*) Add mod_dav_lock - a generic subset of the DAV locking implementation.
[Justin Erenkrantz]
*) Replace some of the mutex locking in the worker MPM with
atomic operations for higher concurrency. [Brian Pane]
*) Allow 'make depend' to work with non-GCC compilers.
[Justin Erenkrantz]
*) If an httpd.conf has commented out AddModule directives,
apxs -i -a will add an un-commented AddModule directive for
the new module, which breaks the config.
PR: 11212 [Joe Orton]
*) Fix mod_proxy handling of filtered input bodies. [Justin Erenkrantz]
*) Move the check of the Expect request header field after the hook
for ap_post_read_request, since that is the only opportunity for
modules to handle Expect extensions. [Justin Erenkrantz]
*) Rewrite of aaa modules to an authn/authz model.
[Dirk-Willem van Gulik, Justin Erenkrantz]
[Apache 2.1.0-dev includes those bug fixes and changes with the
Apache 2.0.xx tree as documented, and except as noted, below.]
Changes with Apache 2.0.49
*) Fix mod_info to use the real config file name, not the default
config file name. [Aryeh Katz ]
*) Set the scoreboard state to indicate logging prior to running
logging hooks so that server-status will show 'L' for hung loggers
instead of 'W'. [Jeff Trawick]
Changes with Apache 2.0.48
*) SECURITY [CAN-2003-0789]: mod_cgid: Resolve some mishandling of
the AF_UNIX socket used to communicate with the cgid daemon and
the CGI script. [Jeff Trawick]
*) SECURITY: CAN-2003-0542 (cve.mitre.org)
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
[André Malo]
*) mod_include: fix segfault which occured if the filename was not
set, for example, when processing some error conditions.
PR 23836. [Brian Akins , André Malo]
*) fix the config parser to support .. containers (no
arguments in the opening tag) supported by httpd 1.3. Without
this change mod_perl 2.0's sections are broken.
["Philippe M. Chiasson" ]
*) mod_cgid: fix a hash table corruption problem which could
result in the wrong script being cleaned up at the end of a
request. [Jeff Trawick]
*) Update httpd-*.conf to be clearer in describing the connection
between AddType and AddEncoding for defining the meaning of
compressed file extensions. [Roy Fielding]
*) mod_rewrite: Don't die silently when failing to open RewriteLogs.
PR 23416. [André Malo]
*) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
rewritten request using "proxy:". The code was adding multiple "proxy:"
fields in the rewritten URI. PR: 13946.
[Eider Oliveira ]
*) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
expires as directed in RFC 2616. [Thomas Castelle tcastelle@generali.fr]
*) Ensure that ssl-std.conf is generated at configure time, and switch
to using the expanded config variables to work the same as
httpd-std.conf PR: 19611
[Thom May]
*) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
[Hartmut Keil ]
*) mod_autoindex: If a directory contains a file listed in the
DirectoryIndex directive, the folder icon is no longer replaced
by the icon of that file. PR 9587.
[David Shane Holden ]
*) Fixed mod_usertrack to not get false positive matches on the
user-tracking cookie's name. PR 16661.
[Manni Wood ]
*) mod_cache: Fix the cache code so that responses can be cached
if they have an Expires header but no Etag or Last-Modified
headers. PR 23130.
[bjorn@exoweb.net]
*) mod_log_config: Fix %b log format to write really "-" when 0 bytes
were sent (e.g. with 304 or 204 response codes). [Astrid Keßler]
*) Modify ap_get_client_block() to note if it has seen EOS.
[Justin Erenkrantz]
*) Fix a bug, where mod_deflate sometimes unconditionally compressed the
content if the Accept-Encoding header contained only other tokens than
"gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo]
*) Avoid an infinite recursion, which occured if the name of an included
config file or directory contained a wildcard character. PR 22194.
[André Malo]
*) mod_ssl: Fix a problem setting variables that represent the
client certificate chain. PR 21371 [Jeff Trawick]
*) Unix: Handle permissions settings for flock-based mutexes in
unixd_set_global|proc_mutex_perms(). Allow the functions to be
called for any type of mutex. PR 20312 [Jeff Trawick]
*) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
*) Fix a misleading message from the some of the threaded MPMs when
MaxClients has to be lowered due to the setting of ServerLimit.
[Jeff Trawick]
*) Lower the severity of the "listener thread didn't exit" message
to debug, as it is of interest only to developers. PR 9011
[Jeff Trawick]
*) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
[Cliff Woolley, Jean-Jacques Clar]
*) Install config.nice into the build/ directory to make
minor version upgrades easier. [Joshua Slive]
*) Fix mod_deflate so that it does not call deflate() without checking
first whether it has something to deflate. (Currently this causes
deflate to generate a fatal error according to the zlib spec.)
PR 22259. [Stas Bekman]
*) mod_ssl: Fix FakeBasicAuth for subrequest. Log an error when an
identity spoof is encountered.
[Sander Striker]
*) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
containing the .htaccess file is requested without a trailing slash.
PR 20195. [André Malo]
*) ab: Overlong credentials given via command line no longer clobber
the buffer. [André Malo]
*) mod_deflate: Don't attempt to hold all of the response until we're
done. [Justin Erenkrantz]
*) Assure that we block properly when reading input bodies with SSL.
PR 19242. [David Deaves , William Rowe]
*) Update mime.types to include latest IANA and W3C types. [Roy Fielding]
*) mod_ext_filter: Set additional environment variables for use by
the external filter. PR 20944. [Andrew Ho, Jeff Trawick]
*) Fix buildconf errors when libtool version changes. [Jeff Trawick]
*) Remember an authenticated user during internal redirects if the
redirection target is not access protected and pass it
to scripts using the REDIRECT_REMOTE_USER environment variable.
PR 10678, 11602. [André Malo]
*) mod_include: Fix a trio of bugs that would cause various unusual
sequences of parsed bytes to omit portions of the output stream.
PR 21095. [Ron Park , André Malo, Cliff Woolley]
*) Update the header token parsing code to allow LWS between the
token word and the ':' seperator. [PR 16520]
[Kris Verbeeck , Nicel KM ]
*) Eliminate creation of a temporary table in ap_get_mime_headers_core()
[Joe Schaefer ]
*) Added FreeBSD directory layout. PR 21100.
[Sander Holthaus , André Malo]
*) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
response. PR 21085. [Glenn Nielsen , André Malo]
*) mod_rewrite: Perform child initialization on the rewrite log lock.
This fixes a log corruption issue when flock-based serialization
is used (e.g., FreeBSD). [Jeff Trawick]
*) Don't respect the Server header field as set by modules and CGIs.
As with 1.3, for proxy requests any such field is from the origin
server; otherwise it will have our server info as controlled by
the ServerTokens directive. [Jeff Trawick]
Changes with Apache 2.0.47
*) SECURITY [CAN-2003-0192]: Fixed a bug whereby certain sequences
of per-directory renegotiations and the SSLCipherSuite directive
being used to upgrade from a weak ciphersuite to a strong one
could result in the weak ciphersuite being used in place of the
strong one. [Ben Laurie]
*) SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
temporary denial of service when accept() on a rarely accessed port
returns certain errors. Reported by Saheed Akhtar
. [Jeff Trawick]
*) SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
of service when target host is IPv6 but proxy server can't create
IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo
]
*) SECURITY [VU#379828] Prevent the server from crashing when entering
infinite loops. The new LimitInternalRecursion directive configures
limits of subsequent internal redirects and nested subrequests, after
which the request will be aborted. PR 19753 (and probably others).
[William Rowe, Jeff Trawick, André Malo]
*) core_output_filter: don't split the brigade after a FLUSH bucket if
it's the last bucket. This prevents creating unneccessary empty
brigades which may not be destroyed until the end of a keepalive
connection.
[Juan Rivera ]
*) Add support for "streamy" PROPFIND responses.
[Ben Collins-Sussman ]
*) mod_cgid: Eliminate a double-close of a socket. This resolves
various operational problems in a threaded MPM, since on the
second attempt to close the socket, the same descriptor was
often already in use by another thread for another purpose.
[Jeff Trawick]
*) mod_negotiation: Introduce "prefer-language" environment variable,
which allows to influence the negotiation process on request basis
to prefer a certain language. [André Malo]
*) Make mod_expires' ExpiresByType work properly, including for
dynamically-generated documents. [Ken Coar, Bill Stoddard]
Changes with Apache 2.0.46
*) SECURITY [CAN-2003-0245]: Fixed a bug causing apr_pvsprintf() to crash
by sending an overly long string. This can be triggered remotely
through mod_dav, mod_ssl, and other mechanisms. Reported by David
Endler .
[Joe Orton ]
*) SECURITY [CAN-2003-0189]: Fixed a denial-of-service vulnerability
affecting basic authentication on Unix platforms related to
thread-safety in apr_password_validate(). The problem was reported
by John Hughes .
*) Fix for mod_dav. Call the 'can_be_activity' callback, if provided,
when a MKACTIVITY request comes in.
[Ben Collins-Sussman ]
*) Perform run-time query in apxs for apr and apr-util's includes.
[Justin Erenkrantz]
*) run libtool from the apr install directory (in case that is different
from the apache install directory) [Jeff Trawick]
*) configure.in: Play nice with libtool-1.5. [Wilfredo Sanchez]
*) If mod_mime_magic does not know the content-type, do not attempt to
guess. PR 16908. [Andrew Gapon ]
*) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
caching. PR 17864.
[Andreas Leimbacher , Madhusudan Mathihalli]
*) Add a delete flag to htpasswd.
[Thom May]
*) Fix mod_rewrite's handling of absolute URIs. The escaping routines
now work scheme dependent and the query string will only be
appended if supported by the particular scheme. [André Malo]
*) Add another check for already compressed content in mod_deflate.
PR 19913. [Tsuyoshi SASAMOTO ]
*) Fixes for VPATH builds; copying special.mk and any future .mk files
from the source tree as well as the build tree (now creates a usable
configuration for apxs), and eliminated redundant -I'nclude paths.
[William Rowe]
*) Code fixes, constness corrections and ssl_toolkit_compat.h updates
for SSLC and OpenSSL toolkit compatibility. Still work remains to
be done to cripple features based on the limitations of RSA's binary
distribution of their SSL-C toolkit.
[William Rowe, Madhusudan Mathihalli, Jeff Trawick]
*) Linux 2.4+: If Apache is started as root and you code
CoreDumpDirectory, coredumps are enabled via the prctl() syscall.
[Greg Ames]
*) ap_get_mime_headers_core: allocate space for the trailing null
when folding is in effect.
PR 18170 [Peter Mayne ]
*) Fix --enable-mods-shared=most and other variants. [Aaron Bannert]
*) mod_log_config: Add the ability to log the id of the thread
processing the request via new %P formats. [Jeff Trawick]
*) Use appropriate language codes for Czech (cs) and Traditional Chinese
(zh-tw) in default config files. PR 9427. [André Malo]
*) mod_auth_ldap: Use generic whitespace character class when parsing
"require" directives, instead of literal spaces only. PR 17135.
[André Malo]
*) Hook mod_rewrite's type checker before mod_mime's one. That way the
RewriteRule [T=...] Flag should work as expected now. PR 19626.
[André Malo]
*) htpasswd: Check the processed file on validity. If a line is not empty
and not a comment, it must contain at least one colon. Otherwise exit
with error code 7. [Kris Verbeeck , Thom May]
*) Fix a problem that caused httpd to be linked with incorrect flags
on some platforms when mod_so was enabled by default, breaking
DSOs on AIX. PR 19012 [Jeff Trawick]
*) By default, use the same CC and CPP with which APR was built.
The user can override with CC and CPP environment variables.
[Jeff Trawick]
*) Fix ap_construct_url() so that it surrounds IPv6 literal address
strings with []. This fixes certain types of redirection.
PR 19207. [Jeff Trawick]
*) forward port of buffer overflow fixes for htdigest. [Thom May]
*) Added AllowEncodedSlashes directive to permit control of whether
the server will accept encoded slashes ('%2f') in the URI path.
Default condition is off (the historical behaviour). This permits
environments in which the path-info needs to contain encoded
slashes. PR 543, 2389, 3581, 3589, 5687, 7066, 7865, 14639. [Ken Coar]
*) When using Redirect in directory context, append requested query
string if there's no one supplied by configuration. PR 10961.
[André Malo]
*) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise
the pattern will not always match as desired. PR 12596.
[André Malo]
*) mod_autoindex now emits and accepts modern query string parameter
delimiters (;). Thus column headers no longer contain unescaped
ampersands. PR 10880 [André Malo]
*) Enable ap_sock_disable_nagle for Windows. This along with the
addition of APR_TCP_NODELAY_INHERITED to apr.hw will cause Nagle
to be disabled for Windows. [Allan Edwards]
*) Correct a mis-correlation between mpm_common.c and mpm_common.h;
This patch reverts us to pre-2.0.46 behavior, using the
ap_sock_disable_nagle noop macro, because ap_sock_disable_nagle
was never compiled on Win32. [Allan Edwards, William Rowe]
*) Fix a build problem with passing unsupported --enable-layout
args to apr and apr-util. This broke binbuild.sh as well as
user-specified layout parameters. PR 18649 [Justin Erenkrantz,
Jeff Trawick]
*) If a Date response header was already set in the headers array,
this value was ignored in favour of the current time. This meant
that Date headers on proxied requests where rewritten when they
should not have been. PR: 14376 [Graham Leggett]
*) Add code to buildconf that produces an httpd.spec file from
httpd.spec.in, using build/get-version.sh from APR.
[Graham Leggett]
*) Fixed a segfault when multiple ProxyBlock directives were used.
PR: 19023 [Sami Tikka ]
*) SECURITY [CAN-2003-0134] OS2: Fix a Denial of Service vulnerability
identified and reported by Robert Howard that
where device names faulted the running OS2 worker process.
The fix is actually in APR 0.9.4. [Brian Havard]
*) Forward port: Escape special characters (especially control
characters) in mod_log_config to make a clear distinction between
client-supplied strings (with special characters) and server-side
strings. This was already introduced in version 1.3.25.
[André Malo]
*) mod_deflate: Check also err_headers_out for an already set
Content-Encoding: gzip header. This prevents gzip compressed content
from a CGI script from being compressed once more. PR 17797.
[André Malo]
Changes with Apache 2.0.45
*) Fix possible segfaults under obscure error conditions within the
cgid daemon. [Jeff Trawick, William Rowe]
*) SECURITY [CAN-2003-0132]: Close a Denial of Service vulnerability
identified by David Endler on all platforms.
An unlimited stream of newlines were acceptable between requests
where each would allocate an 80 byte buffer, leading very
quickly to memory exahustion. [Brian Pane]
*) Added an rpm build script.
[Graham Leggett, Joe Orton ]
*) Simpler, faster code path for request header scanning [Brian Pane]
*) SECURITY: Eliminated leaks of several file descriptors to child
processes, such as CGI scripts. This fix depends on the APR library
release 0.9.2 or later (0.9.3 was distributed with the httpd
source tarball for Apache 2.0.45.) PR 17206
[Christian Kratzer , Bjoern A. Zeeb ]
*) Fix path handling of mod_rewrite, especially on non-unix systems.
There was some confusion between local paths and URL paths.
PR 12902. [André Malo]
*) Prevent endless loops of internal redirects in mod_rewrite by
aborting after exceeding a limit of internal redirects. The
limit defaults to 10 and can be changed using the RewriteOptions
directive. PR 17462. [André Malo]
*) Win32: Avoid busy wait (consuming all the CPU idle cycles) when
all worker threads are busy.
[Igor Nazarenko ]
*) Keep the subrequest filter in place when a subrequest is
redirected. PR 15423. [Jeff Trawick]
*) you can now specify the compression level for mod_deflate.
[Ian Holsman, Stephen Pierzchala ,
Michael Schroepl ]
*) mod_deflate: Extend the DeflateFilterNote directive to
allow accurate logging of the filter's in- and outstream.
[André Malo]
*) Allow SSLMutex to select/use the full range of APR locking
mechanisms available to it. Also, fix the bug that SSLMutex uses
APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski,
martin.t.kutschker@blackbox.net (Martin Kutschker)]
*) Restore the ability of htdigest.exe to create files that contain
more than one user. PR 12910. [André Malo]
*) Improve binary compatibility of the core between debug (aka
maintainer-mode) and a non-debug compile.
[Sander Striker]
*) mod_usertrack: don't set the cookie in subrequests. This works
around the problem that cookies were set twice during fast internal
redirects. PR 13211. [André Malo]
*) mod_autoindex no longer forgets output format and enabled version
sort in linked column headers. [André Malo]
*) Use .sv instead of .se as extension for Swedish documents in the
default configuration. PR 12877. [André Malo]
*) Updated mod_ldap and mod_auth_ldap to support the Novell LDAP SDK SSL
and standardized the LDAP SSL support across the various LDAP SDKs.
Isolated the SSL functionality to mod_ldap rather than speading it
across mod_auth_ldap and mod_ldap. Also added LDAPTrustedCA
and LDAPTrustedCAType directives to mod_ldap to allow for a more
common method of specifying the SSL certificate.
[Dave Ward, Brad Nicholes]
*) Fixed mod_ssl's SSLCertificateChain initialization to no longer
skip the first cert of the chain by default. This misbehavior
was introduced in 2.0.34. PR 14560 [Madhusudan Mathihalli]
*) mod_cgi, mod_cgid, mod_ext_filter: Log errors when scripts cannot
be started on Unix because of such problems as bad permissions,
bad shebang line, etc. [Jeff Trawick]
*) Fix 64-bit problem in mod_ssl input logic.
[Madhusudan Mathihalli ]
*) Fix potential memory leaks in mod_deflate on malformed data. PR 16046.
[Justin Erenkrantz]
*) Rewrite ap_xml_parse_input to use bucket brigades. PR 16134.
[Justin Erenkrantz]
*) Fix segfault which occurred when a section in an included
configuration file was not closed. PR 17093. [André Malo]
*) Enhance the behavior of mod_isapi's WriteClient() callback to
provide better emulation for isapi modules that presume that the
first WriteClient() call may send status and headers. An example
of WriteClient() abuse is the foxisapi module, which relies on
that assumpion and now works. [William Rowe, Milan Kosina]
*) Check the return value of ap_run_pre_connection(). So if the
pre_connection phase fails (without setting c->aborted)
ap_run_process_connection is not executed. [Stas Bekman]
*) Fixed a problem with mod_ldap which caused it to fault when caching
was disabled. Needed to make sure that the code did not
attempt to use the cache if it didn't exist. Also fixed some memory
leaks which were due to not releasing LDAP resources on error
conditions. [Brad Nicholes]
*) Hook mod_proxy's fixup before mod_rewrite's fixup, so that by
mod_rewrite proxied URLs will not be escaped accidentally by
mod_proxy's fixup. PR 16368 [André Malo]
*) While processing filters on internal redirects, remember seen EOS
buckets also in the request structure of the redirect issuer(s). This
prevents filters (such as mod_deflate) from adding garbage to the
response. PR 14451. [André Malo]
*) suexec: Be more pedantic when cleaning environment. Clean it
immediately after startup. PR 2790, 10449.
[Jeff Stewart , André Malo]
*) Fix apxs to insert LoadModule directives only outside of sections.
PR 8712, 9012. [André Malo]
*) Fix suexec compile error under SUNOS4, where strerror() doesn't
exist. PR 5913, 9977.
[Jonathan W Miner ]
*) Fix If header parsing when a non-mod_dav lock token is passed to it.
PR 16452. [Justin Erenkrantz]
*) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's
not specified. Now it assumes "/" as already documented. PR 16937.
[André Malo]
*) Try to log an error if a piped log program fails. Try to
restart a piped log program in more failure situations. Fix an
existing problem with error handling in piped_log_spawn(). Use
new APR apr_proc_create() features to prevent Apache from starting
on Unix* in most cases where a piped log program can be started,
and add log messages for the other situations. *Other platforms
already failed Apache initialization if a piped log program
couldn't be started. PR 15761 [Jeff Trawick]
*) Fix mod_cern_meta to not create empty metafiles when the
metafile searched for does not exist. PR 12353
[Owen Rees ]
*) Introduce debugging symbols for Win32 release builds, both .pdb
and .dbg files (older debuggers and Dr. Watson-type utilities
on WinNT or Win9x don't support the newer .pdb flavor.)
[Allen Edwards, William Rowe]
*) Fix bug where 'Satisfy Any' without an AuthType lost all MIME
information (and more). Related to PR 9076. [André Malo]
*) mod_file_cache: fix segfault serving mmaped cached files.
[Bill Stoddard]
*) mod_file_cache: fixed a segfault when multiple MMapFile directives
were used. PR 16313. [Cliff Woolley]
*) Fix a nasty segfault in mmap_bucket_setaside() caused by passing
an incompatible pointer type to mmap_bucket_destroy(void*).
[Gerard Eviston ]
*) Enable the -n name parameter on NetWare to allow the
administrator to rename the Apache console screen
[Brad Nicholes]
*) Fixed piped access logs on Win32 by disabling OTHER_CHILD
support by default in APR. More development is required
to deploy OTHER_CHILD on Win32. [William Rowe]
*) Use saner default config values for suexec. PR 15713.
[Thom May ]
*) mod_rewrite: Allow "RewriteEngine Off" even if no "Options FollowSymlinks"
(or SymlinksIfOwnermatch) is set. PR 12395. [André Malo]
*) apxs: Include any special APR ld flags when linking the DSO.
This resolves problems on AIX when building a DSO with apxs+gcc.
[Jeff Trawick]
*) Added character set support to mod_auth_LDAP to allow it to
convert extended characters used in the user ID to UTF-8
before authenticating against the LDAP directory. The new
directive AuthLDAPCharsetConfig is used to specify the config
file that contains the character set conversion table.
[Brad Nicholes]
*) Don't remove the Content-Length from responses in mod_proxy
PR: 8677 [Brian Pane]
*) Ensure LDAP version is set to v3 on every bind. PR 14235.
[Sergey A. Lipnevich ]
*) Fix mod_ldap to open an existing shared memory file should one
already exist. PR 12757. [Scooter Morris ,
Graham Leggett]
*) Fix the ulimit command used by apachectl on Tru64. PR 13609.
[Joseph Senulis , Jeff Trawick]
*) Change the ulimit command used by apachectl on AIX so that it
works in all locales. [Jeff Trawick]
*) mod_ext_filter: Fix a problem building argument lists which
occasionally caused exec to fail. PR 15491. [Jeff Trawick]
Changes with Apache 2.0.44
*) mod_autoindex: Bring forward the IndexOptions IgnoreCase option
from Apache 1.3. PR 14276
[David Shane Holden , William Rowe]
*) mod_mime: Workaround to prevent a segfault if r->filename=NULL
[Brian Pane]
*) Reorder the definitions for mod_ldap and mod_auth_ldap within
config.m4 to make sure the parent mod_ldap is defined first.
This ensures that mod_ldap comes before mod_auth_ldap in the
httpd.conf file, which is necessary for mod_auth_ldap to load.
PR 14256 [Graham Leggett]
*) Fix the building of cgi command lines when the query string
contains '='. PR 13914 [Ville Skyttä ,
Jeff Trawick]
*) Rename CacheMaxStreamingBuffer to MCacheMaxStreamingBuffer. Move
implementation of MCacheMaxStreamingBuffer from mod_cache to
mod_mem_cache. MCacheMaxStreamingBuffer now defaults to the
lesser of 100,000 bytes or MCacheMaxCacheObjectSize. This should
eliminate the need for explicitly coding MCacheMaxStreamingBuffer
in most configurations. [Bill Stoddard]
*) mod_cache: Fix PR 15113, a core dump in cache_in_filter when
a redirect occurs. The code was passing a format string and
integer to apr_pstrcat. Changed to apr_psprintf.
[Paul J. Reder]
*) Replace APU_HAS_LDAPSSL_CLIENT_INIT with APU_HAS_LDAP_NETSCAPE_SSL
as set by apr-util in util_ldap.c. This should allow mod_ldap
to work with the Netscape/Mozilla LDAP library. [Řyvin Sřmme
, Graham Leggett]
*) Fix critical bug in new --enable-v4-mapped configure option
implementation which broke IPv4 listening sockets on some
systems. [hiroyuki hanai ]
*) mod_setenvif: Fix BrowserMatchNoCase support for non-regex
patterns [André Malo ]
*) Add version string to provider API. [Justin Erenkrantz]
*) build: './configure && make' now works without an in-tree
apr and apr-util. [Wilfredo Sanchez]
*) mod_negotiation: Set the appropriate mime response headers
(Content-Type, charset, Content-Language and Content-Encoding)
for negotated type-map "Body:" responses (such as the error
pages.) [André Malo ]
*) mod_log_config: Allow '%%' escaping in CustomLog format
strings to insert a literal, single '%'.
[André Malo ]
*) mod_autoindex: AddDescription directives for directories
now work as in Apache 1.3, where no trailing '/' is
specified on the directory name. Previously, the trailing
'/' *had* to be specified, which was incompatible with
Apache 1.3. PR 7990 [Jeff Trawick]
*) Fix for PR 14556. The expiry calculations in mod_cache were
trying to perform "now + ((date - lastmod) * factor)" where
date == lastmod resulting in "now + 0". The code now follows
the else path (using the default expiration) if date is
equal to lastmod. [rx@armstrike.com (Sergey), Paul J. Reder]
*) Use AP_DECLARE in the debug versions of ap_strXXX in case the
default calling convention is not the same as the one used by
AP_DECLARE. [Juan Rivera ]
*) mod_cache: Don't cache response header fields designated
as hop-by-hop headers in HTTP/1.1 (RFC 2616 Section 13.5.1).
[Estrade Matthieu , Brian Pane]
*) mod_cgid: Handle environment variables containing newlines.
PR 14550 [Piotr Czejkowski , Jeff
Trawick]
*) Move mod_ext_filter out of experimental and into filters.
[Jeff Trawick]
*) Fixed a memory leak in mod_deflate with dynamic content.
PR 14321 [Ken Franken ]
*) Add --[enable|disable]-v4-mapped configure option to control
whether or not Apache expects to handle IPv4 connections
on IPv6 listening sockets. Either setting will work on
systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
must be used on systems that always allow IPv4 connections on
IPv6 listening sockets. PR 14037 (Bugzilla), PR 7492 (Gnats)
[Jeff Trawick]
*) This fixes a problem where the underlying cache code
indicated that there was one more element on the cache
than there actually was. This happened since element 0
exists but is not used. This code allocates the correct
number of useable elements and reports the number of
actually used elements. The previous code only allowed
MCacheMaxObjectCount-1 objects to be stored in the
cache. [Paul J. Reder]
*) mod_setenvif: Add SERVER_ADDR special keyword to allow
envariable setting according to the server IP address
which received the request. [Ken Coar]
*) mod_cgid: Terminate CGI scripts when the client connection
drops. PR 8388 [Jeff Trawick]
*) Rearrange OpenSSL engine initialization to support RAND
redirection on crypto accelerator.
[Frederic DONNAT ]
*) Always emit Vary header if mod_deflate is involved in the
request. [Andre Malo ]
*) mod_isapi: Stop unsetting the 'empty' query string result with
a NULL argument in ecb->lpszQueryString, eliminating segfaults
for some ISAPI modules. PR 14399
[Detlev Vendt ]
*) mod_isapi: Fix an issue where the HSE_REQ_DONE_WITH_SESSION
notification is received before the HttpExtensionProc() returns
HSE_STATUS_PENDING. This only affected isapi .dll's configured
with the ISAPIFakeAsync on directive. PR 11918
[John DeSetto , William Rowe]
*) mod_isapi: Fix the issue where all results from mod_isapi would
run through the core die handler resulting in invalid responses
or access log entries. PR 10216 [William Rowe]
*) Improves the user friendliness of the CacheRoot processing
over my last pass. This version avoids the pool allocations
but doesn't avoid all of the runtime checks. It no longer
terminates during post-config processing. An error is logged
once per worker, indicating that the CacheRoot needs to be set.
[Paul J. Reder]
*) Fix a bug where we keep files open until the end of a
keepalive connection, which can result in:
(24)Too many open files: file permissions deny server access
especially on threaded servers. [Greg Ames, Jeff Trawick]
*) Fix a bug in which mod_proxy sent an invalid Content-Length
when a proxied URL was invoked as a server-side include within
a page generated in response to a form POST. [Brian Pane]
*) Added code to process min and max file size directives and to
init the expirychk flag in mod_disk_cache. Added a clarifying
comment to cache_util. [Paul J. Reder]
*) The value emitted by ServerSignature now mimics the Server HTTP
header as controlled by ServerTokens. [Francis Daly ]
*) Gracefully handly retry situations in the SSL input filter,
by following the SSL libraries' retry semantics.
[William Rowe]
*) Terminate CGI scripts when the client connection drops. This
fix only applies to some normal paths in mod_cgi. mod_cgid
is still busted. PR 8388 [Jeff Trawick]
*) Fix a bug where 416 "Range not satisfiable" was being
returned for content that should have been redirected.
[Greg Ames]
*) Fix memory leak in mod_ssl from internal SSL library allocations
within SSL_get_peer_certificate and X509_get_pubkey.
[Zvi Har'El
Madhusudan Mathihalli ].
*) mod_ssl uses free() inappropriately in several places, to free
memory which has been previously allocated inside OpenSSL.
Such memory should be freed with OPENSSL_free(), not with free().
[Nadav Har'El ,
Madhusudan Mathihalli ].
*) Emit a message to the error log when we return 404 because
the URI contained '%2f'. (This was previously nastily silent
and difficult to debug.) [Ken Coar]
*) Fix streaming output from an nph- CGI script. CGI:IRC now
works. PR 8482 [Jeff Trawick]
*) More accurate logging of bytes sent in mod_logio when
the client terminates the connection before the response
is completely sent [Bojan Smojver ]
*) Fix some problems in the perchild MPM.
[Jonas Eriksson ]
*) Change the CacheRoot processing to check for a required
value at config time. This saves a lot of wasted processing
if the mod_disk_cache module is loaded but no CacheRoot
was provided. This fix also adds code to log an error
and avoid useless pallocs and procesing when the computed
cache file name cannot be opened. This also updates the
docs accordingly. [Paul J. Reder]
*) Introduce the EnableSendfile directive, allowing users of NFS
shares to disable sendfile mechanics when they either fail
outright or provide intermitantly corrupted data. PR
[William Rowe]
*) Resolve the error "An operation was attempted on something
that is not a socket. : winnt_accept: AcceptEx failed.
Attempting to recover." for users of various firewall and
anti-virus software on Windows. PR 8325 [William Rowe]
*) Add the ProxyBadHeader directive, which gives the admin some
control on how mod_proxy should handle bogus HTTP headers from
proxied servers. This allows 2.0 to "emulate" 1.3's behavior if
desired. [Jim Jagielski]
*) Change the LDAP modules to export their symbols correctly
during a Windows build. Add dsp files for Windows. Update
README.ldap file for Windows build instructions.
[Andre Schild ]
*) Performance improvements for the code that generates HTTP
response headers [Brian Pane]
*) Add -S as a synonym for -t -DDUMP_VHOSTS.
[Thom May ]
*) Fix a bug with dbm rewrite maps which caused the wrong value to
be used when the key was not found in the dbm. PR 13204
[Jeff Trawick]
*) Fix a problem with streaming script output and mod_cgid.
[Jeff Trawick]
*) Add ap_register_provider/ap_lookup_provider API.
[John K. Sterling , Justin Erenkrantz]
Changes with Apache 2.0.43
*) SECURITY [CAN-2002-0840]: HTML-escape the address produced by
ap_server_signature() against this cross-site scripting
vulnerability exposed by the directive 'UseCanonicalName Off'.
Also HTML-escape the SERVER_NAME environment variable for CGI
and SSI requests. It's safe to escape as only the '<', '>',
and '&' characters are affected, which won't appear in a valid
hostname. Reported by Matthew Murphy .
[Brian Pane]
*) Fix a core dump in mod_cache when it attemtped to store uncopyable
buckets. This happened, for instance, when a file to be cached
contained SSI tags to execute a CGI script (passed as a pipe
bucket). [Paul J. Reder]
*) Ensure that output already available is flushed to the network
when the content-length filter realizes that no new output will
be available for a while. This helps some streaming CGIs as
well as some other dynamically-generated content. [Jeff Trawick]
*) Fix a mutex problem in mod_ssl session cache support which
could lead to an infinite loop. PR 12705
[amund.elstad@ergo.no (Amund Elstad), Jeff Trawick]
*) SECURITY [CAN-2002-1156] (cve.mitre.org):
Fix the exposure of CGI source when a POST request is sent to
a location where both DAV and CGI are enabled. [Ryan Bloom]
*) Allow the UserDir directive to accept a list of directories.
This matches what Apache 1.3 does. Also add documentation for
this feature. [Jay Ball ]
*) New Module: mod_logio. adds the ability to log bytes sent and
received. [Bojan Smojver ]
*) SuExec needs to use the same default directory as the rest of
server, namely /usr/local/apache2.
[SangBeom han ]
*) Get mod_auth_ldap to retry connections on LDAP_SERVER_DOWN.
[Thomas Bennett , Graham Leggett]
*) Make sure the contents of the WWW-Authenticate header is
passed on a 4xx error by proxy. Previously all headers
were dropped, resulting in the browser being unable to
authenticate. [Dr Richard Reiner ,
Richard Danielli , Graham Wiseman
, David Henderson
]
*) Make mod_cache's CacheMaxStreamingBuffer directive work
properly for virtual hosts that override server-wide mod_cache
setttings. [Matthieu Estrade ]
*) Add -p option to apxs to allow programs to be compiled with apxs.
[Justin Erenkrantz]
Changes with Apache 2.0.42
*) mod_dav: Check for versioning hooks before using them.
[Greg Stein]
Changes with Apache 2.0.41
*) The protocol version (eg: HTTP/1.1) in the request line parsing
is now case insensitive. [Jim Jagielski]
*) Allow AddOutputFilterByType to add multiple filters per directive.
[Justin Erenkrantz]
*) Remove warnings with Sun's Forte compiler. [Justin Erenkrantz]
*) Fixed mod_disk_cache's generation of 304s
[Kris Verbeeck ]
*) Add support for using fnmatch patterns in the final path
segment of an Include statement (eg.. include /foo/bar/*.conf).
and remove the noise on stderr during config dir processing.
[Joe Orton ]
*) mod_cache: cache_storage.c. Add the hostname and any request
args to the key generated for caching. This provides a unique
key for each virtual host and for each request with unique
args. [Paul J. Reder, args code provided by Kris Verbeeck]
*) mod_cache: Do not cache responses to GET requests with query
URLs if the origin server does not explicitly provide an
Expires header on the response (RFC 2616 Section 13.9)
[Kris Verbeeck krisv@be.ubizen.com]
*) Fix memory leak in core_output_filter. [Justin Erenkrantz]
*) Update OpenSSL detection to work on Darwin.
[Sander Temme ]
*) Update the xslt and css to give the documentation a more
modern style.
[André Malo , Gernot Winkler ]
*) Fix some bucket memory leaks in the chunking code
[Joe Schaefer ]
*) Add ModMimeUsePathInfo directive. [Justin Erenkrantz]
*) mod_cache: added support for caching streamed responses (proxy,
CGI, etc) with optional CacheMaxStreamingBuffer setting [Brian Pane]
*) Add image/x-icon to httpd.conf PR 10993.
[Ian Holsman, Peter Bieringer ]
*) Fix FileETags none operation. PR 12207.
[Justin Erenkrantz, Andrew Ho ]
*) Restored the experimental leader/followers MPM to working
condition and converted its thread synchronization from
mutexes to atomic CAS. [Brian Pane]
*) Fix Logic on non-html file removal in mod_deflate
[Kris Verbeeck ]
*) Fix "ab -g"'s truncated year: the last digit was cut off.
[Leon Brocard ]
*) mod_rewrite can now sets cookies in err_headers, uses the correct
expiry date, and can now set the path as well
PR 12132,12181,12172.
[Ian Holsman / Rob Cromwell ]
*) The content-length filter no longer tries to buffer up
the entire output of a long-running request before sending
anything to the client. [Brian Pane]
*) Win32: Lower the default stack size from 1MB to 256K. This will
allow around 8000 threads to be started per child process.
'EDITBIN /STACK:size apache.exe' can be used to change this
value directly in the apache.exe executable.
[Bill Stoddard]
*) Win32: Implement ThreadLimit directive in the Windows MPM.
[Bill Stoddard]
*) Remove CacheOn config directive since it is set but never checked.
No sense wasting cycles on unused code. Besides, the only truly
bug free code is deleted code. :) [Paul J. Reder]
*) BufferLogs are now run-time enabled, and the log_config now has 2 new
callbacks to allow a 3rd party module to actually do the writing of the
log file [Ian Holsman]
*) Correct ISAPIReadAheadBuffer to default to 49152, per mod_isapi docs.
[André Malo, Astrid Keßler ]
*) Fix Segfault in mod_cache. [Kris Verbeeck ]
*) Fix a null pointer dereference in the merge_env_dir_configs
function of the mod_env module. PR 11791
[Paul J. Reder]
*) New option to ServerTokens 'maj[or]'. Only show the major version
Also Surfaced this directive in the standard config (default FULL)
[Ian Holsman]
*) Change mod_rewrite to use apr-util's dbm support for dbm rewrite
maps. The dbm type (e.g., ndbm, gdbm) can be specified on the
RewriteMap directive. PR 10644 [Jeff Trawick]
*) Fixed mod_rewrite's RewriteMap prg: support so that request/response
pairs will no longer get out of sync with each other. PR 9534
[Cliff Woolley]
*) Fixes required to get quoted and escaped command args working in
mod_ext_filter. PR 11793 [Paul J. Reder]
*) mod-proxy: handle proxied responses with no status lines
[JD Silvester , Brett Huttley ]
*) Fix bug where environment or command line arguments containing
non-ASCII-7 characters would cause the Win32 child process creation
to fail. PR 11854 [William Rowe]
*) Bug #11213.. make module loading error messages more informative
[Ian Darwin ]
*) thread safety & proxy-ftp [Alexey Panchenko alexey@liwest.ru, Ian Holsman]
*) mod_disk_cache works much better. This module should still
be considered experimental. [Eric Prud'hommeaux]
*) Performance improvement for keepalive requests: when setting
aside a small file for potential concatenation with the next
response on the connection, set aside the file descriptor rather
than copying the file into the heap. [Brian Pane]
*) Modified version check on openssl so that it finds the executable
first and then performs a check of the version, only warning the
user if they chose, or we selected, an old version of OpenSSL.
This change also allows the code to work for non-openssl libraries
selected via the --with-ssl=dir option, which can override the
automated library check in any case. [Roy Fielding]
Changes with Apache 2.0.40
*) SECURITY [CAN-2002-0661] (cve.mitre.org):
Close a very significant security hole that
applies only to the Win32, OS2 and Netware platforms. Unix was not
affected, Cygwin may be affected. Certain URIs will bypass security
and allow users to invoke or access any file depending on the system
configuration. Without upgrading, a single .conf change will close
the vulnerability. Add the following directive in the global server
httpd.conf context before any other Alias or Redirect directives;
RedirectMatch 400 "\\\.\."
Reported by Auriemma Luigi .
[Brad Nicholes]
*) SECURITY [CAN-2002-0654] (cve.mitre.org):
Close a path-revealing exposure in multiview type
map negotiation (such as the default error documents) where the
module would report the full path of the typemapped .var file when
multiple documents or no documents could be served based on the mime
negotiation. Reported by Auriemma Luigi .
[William Rowe]
*) SECURITY [CAN-2002-0654] (cve.mitre.org):
Close a path-revealing exposure in cgi/cgid when we
fail to invoke a script. The modules would report "couldn't create
child process /path-to-script/script.pl" revealing the full path
of the script. Reported by Jim Race .
[Bill Stoddard]
*) Set aside the apr-iconv and apr_xlate() features for the Win32
build of 2.0.40 so development can be completed. A patch, from
will be available for those that wish to work with apr-iconv.
[William Rowe]
*) Fix proxy so that it is possible to access ftp: URLs via a proxy
chain. [Peter Van Biesen ]
*) mod-deflate now checks to make sure that 'gzip-only-text/html' is
set to 1, so we can exclude things from the general case with
browsermatch. [Ian Holsman, Andre Schild ]
*) Accept multiple leading /'s for requests within the DocumentRoot.
PR 10946 [William Rowe, David Shane Holden ]
*) Solved the reports of .pdf byterange failures on Win32 alone.
APR's sendfile for the win32 platform collapses header and trailer
buffers into a single buffer. However, we destroyed the pointers
to the header buffer if a trailer buffer was present. PR 10781
[William Rowe]
*) mod_ext_filter: Add the ability to enable or disable a filter via
an environment variable. Add the ability to register a filter of
type other than AP_FTYPE_RESOURCE. [Jeff Trawick]
*) Restore the ability to specify host names on Listen directives.
PR 11030. [Jeff Trawick, David Shane Holden ]
*) When deciding on the default address family for listening sockets,
make sure we can actually bind to an AF_INET6 socket before
deciding that we should default to AF_INET6. This fixes a startup
problem on certain levels of OpenUNIX. PR 10235. [Jeff Trawick]
*) Replace usage of atol() to parse strings when we might want a
larger-than-long value with apr_atoll(), which returns long long.
This allows HTTPD to deal with larger files correctly.
[Shantonu Sen ]
*) mod_ext_filter: Ignore any content-type parameters when checking if
the response should be filtered. Previously, "intype=text/html"
wouldn't match something like "text/html;charset=8859_1".
[Jeff Trawick]
*) mod_ext_filter: Set up environment variables for external programs.
[Craig Sebenik ]
*) Modified the HTTP_IN filter to immediately append the EOS (end of
stream) bucket for C-L POST bodies, saving a roundtrip and allowing
the caller to determine that no content remains without prefetching
additional POST body. [William Rowe]
*) Get proxy ftp to work over IPv6. [Shoichi Sakane ]
*) Look for OpenSSL libraries in /usr/lib64. [Peter Poeml ]
*) Update SuSE layout. [Peter Poeml ]
*) Changes to the internationalized error documents:
Comment them out in the default config file to make the default
install as simple as possible; Correct the english 500 error to
be more understandable; Add a Swedish translation.
[Thomas Sjogren ,
Erik Abele , Rich Bowen, Joshua Slive]
*) Increase the limit on file descriptors per process in apachectl.
[Brian Pane]
*) Fix a dependency error when building ApacheMonitor, so that Win32
and MSVC now trust that the project is current (when it is).
[James Cox ]
*) mod_ext_filter: don't segfault if content-type is not set. PR 10617.
[Arthur P. Smith , Jeff Trawick]
*) APR-Util Renames pending have been completed [Thom May]
*) Performance improvements for the code that reads request
headers (ap_rgetline_core() and related functions) [Brian Pane]
*) Add a new directive: MaxMemFree. MaxMemFree makes it possible
to configure the maximum amount of memory the allocators will
hold on to for reuse. Anything over the MaxMemFree threshold
will be free()d. This directive is useful when uncommon large
peaks occur in memory usage. It should _not_ be used to mask
defective modules' memory use. [Sander Striker]
*) Fixed the Content-Length filter so that HTTP/1.0 requests to CGI
scripts would not result in a truncated response.
[Ryan Bloom, Justin Erenkrantz, Cliff Woolley]
*) Add a filter_init parameter to the filter registration functions
so that a filter can execute arbitrary code before the handlers
are invoked. This resolves a problem where mod_include requests
would incorrectly return a 304. [Justin Erenkrantz]
*) Fix a long-standing bug in 2.0, CGI scripts were being called
with relative paths instead of absolute paths. Apache 1.3 used
absolute paths for everything except for SuExec, this brings back
that standard. [Ryan Bloom]
*) Fix infinite loop due to two HTTP_IN filters being present for
internally redirected requests. PR 10146. [Justin Erenkrantz]
*) Switch conn_rec->keepalive to an enumeration rather than a bitfield.
[Justin Erenkrantz]
*) Fix mod_ext_filter to look in the main server for filter definitions
when running in a vhost if the filter definition is not found in
the vhost. PR 10147 [Jeff Trawick]
*) Support WinNT CGI invocation through ScriptInterpreterSource
'registry' for script interpreter paths and names with non-ascii
characters in the executable filepath. [William Rowe]
*) Support the -w flag on to keep the Win32 console open on error.
[William Rowe]
*) Normalize the hostname value in the request_rec to all-lowercase
[Perry Harrington ]
*) Fix WinNT cgi 500 errors when QUERY_ARGS or other strings include
extended characters (non US-ASCII) in non-utf8 format. This brings
Win32 back into CGI/1.1 compliance, and leaves charset decoding up
to the cgi application itself. [William Rowe]
*) Major overhaul of mod_dav, mod_dav_fs and the experimental/cache
modules to bring them up to the current apr/apr-util APIs.
[William Rowe]
*) Fix segfault in mod_mem_cache most frequently observed when
serving the same file to multiple clients on an MP machine.
[Bill Stoddard]
*) mod_rewrite can now set cookies (RewriteRule (.*) - [CO=name:$1:.domain])
[Brian Degenhardt , Ian Holsman]
*) Fix perchild to work with apachectl by adding -k support to perchild.
PR 10074 [Jeff Trawick]
*) Fix a silly htpasswd.c logic error that incorrectly reported that
both -c and -n had been used. PR 9989 [Cliff Woolley]
*) Fixed a mod_include error case in which no HTTP response was sent
to the client if an shtml document contained an unterminated SSI
directive [Brian Pane]
*) Improve ap_get_client_block implementation by using APR-util brigade
helper functions and relying on current filter assumptions.
[Justin Erenkrantz]
Changes with Apache 2.0.39
*) Fixed a build problem in htpasswd.c on Win32.
[Guenter Knauf , Cliff Woolley]
Changes with Apache 2.0.38
*) Rewrite htpasswd to use APR. The removes the annoying warning about
tmpnam being unsafe. [Ryan Bloom]
*) We must set the MIME-type for .shtml files to text/html if we want them
to be parsed for SSI tags. Add the config for that to the default
config file so that it is easier to enable .shtml parsing.
[Dave Dyer ]
*) Fixed a problem with 'make install' on ReliantUnix.
[Jean-frederic Clere ]
*) Make the default_handler catch all requests that aren't served by
another handler. This also gets us to return a 404 if a directory
is requested, there is no DirectoryIndex, and mod_autoindex isn't
loaded. [Justin Erenkrantz]
*) Fixed the handling of nested if-statements in shtml files.
PR 9866 [Brian Pane]
*) Allow 'make install DESTDIR=/path'. This allows packagers to install
into a directory different from the one that was configured. This
also mirrors the root= feature from 1.3. We cannot use prefix=,
because both APR and APR-util resolve their installation paths at
configuration time. This means that there is no variable prefix
to replace. [Andreas Hasenack ]
*) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
These levels of AIX don't have a thundering herd problem with
accept(). [Jeff Trawick]
*) prefork MPM: Ignore mutex errors during graceful restart. For
certain types of mutexes (particularly SysV semaphores), we
should expect to occasionally fail to obtain or release the
mutex during restart processing. [Jeff Trawick]
*) Fix install-bindist.sh so that it finds any perl instead of just
early perl 5.x versions. This is consistent with a build/install
from source, and it allows the perl scripts installed by a bindist
to work on systems with perl 5.6. [Jeff Trawick]
*) Fix apxs so that the makefile created by "apxs -g" works on AIX and
Tru64 (and probably some other platforms). [Jeff Trawick]
*) Allow CGI scripts to return their Content-Length. This also fixes a
hang on HEAD requests seen on certain platforms (such as FreeBSD).
[Justin Erenkrantz]
*) Added log rotation based on file size to the RotateLog support
utility. [Brad Nicholes]
*) Fix some casting in mod_rewrite which broke random maps.
PR 9770 [Allan Edwards, Greg Ames, Jeff Trawick]
Changes with Apache 2.0.37
*) allow POST method over SSL when per-directory client cert
authentication is used with 'SSLOptions +OptRenegotiate' enabled
and a client cert was found in the ssl session cache.
*) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
session cache when there is no cert chain in the cache. prior to
the fix this situation would result in a FORBIDDEN response and
error message "Cannot find peer certificate chain"
[Doug MacEachern]
*) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
one was already sent. PR 9644 [Jeff Trawick]
*) Fix the display of the default name for the mime types config
file. PR 9729 [Matthew Brecknell ]
*) Fix the working directory *for WinNT/2K/XP services only* to
change to the Apache directory (one level above the location
of Apache.exe, in the case that Apache.exe resides in bin/.)
Solves the case of ServerRoot /foo paths where /foo was not
on the same drive as /winnt/system32. [William Rowe]
*) Make 2.0's "AcceptMutex" startup message now "completely"
match how 1.3 does it. [Jim Jagielski]
*) Implement a fixed size memory cache using a priority queue
[Ian Holsman]
*) Fix apxs to allow "apxs -q installbuilddir" and to allow
querying certain other variables from config_vars.mk. PR 9316
[Jeff Trawick]
*) Added the "detached" attribute to the cgi_exec_info_t internals
so that Win32 and Netware won't create a new window or console
for each CGI invoked. PR 8387
[Brad Nicholes, William Rowe]
*) Consolidated the command line parameters and attributes that are
manipulated by the optional function ap_cgi_build_command() in
mod_cgi into a single structure.
[Brad Nicholes]
*) Get rid of uninitialized value errors with "apxs -q" on certain
variables. [Stas Bekman ]
*) Fix apxs to allow it to work when the build directory is somewhere
besides server-root/build. PR 8453
[Jeff Trawick and a host of others]
*) Allow ap_discard_request_body to be called multiple times in the
same request. Essentially, ap_http_filter keeps track of whether
it has sent an EOS bucket up the stack, if so, it will only ever
send an EOS bucket for this request.
[Ryan Bloom, Justin Erenkrantz, Greg Stein]
*) Remove all special mod_ssl URIs. This also fixes the bug where
redirecting (.*) will allow an SSL protected page to be viewed
without SSL. [Ryan Bloom]
*) Fix the binary build install script so that the build logic
created by "apxs -g" will work when the user has a binary
build. [Jeff Trawick]
*) Allow instdso.sh to work with full paths to the shared module.
[Justin Erenkrantz]
*) NetWare: Enabled CGI functionality and added mod_cgi as a built
in module for NetWare [Brad Nicholes]
*) Changed cgi and piped log behavior to accept 65536 characters
on Win32 (matching Linux) before deadlocking between outputing
client stdin, slurping the output from stdout and then the stderr
stream. PR 8179 [William Rowe]
*) Fixed Win32 wintty.exe support to assure the window title is valid.
Elimiates possible gpfault or garbage title without the -t option.
[William Rowe]
*) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
brigades and input filters. [Justin Erenkrantz]
*) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
body. [Justin Erenkrantz]
*) NetWare: Piping log entries through RotateLogs using the
CustomLogs directive is finally supported now that we have
the pipes and spawning functionality working.
[Brad Nicholes]
*) SECURITY [CVE-2002-0392] (cve.mitre.org) [CERT VU#944335]:
Detect overflow when reading the hex bytes forming a chunk line.
[Aaron Bannert]
*) Allow RewriteMap prg:'s to take command-line arguments. PR 8464.
[James Tait ]
*) Correctly return 413 when an invalid chunk size is given on
input. Also modify ap_discard_request_body to not do anything
on sub-requests or when the connection will be dropped.
[Justin Erenkrantz]
*) Fix the TIME_* SSL var lookups to be threadsafe. PR 9469.
[Cliff Woolley]
*) Ensure that apr_brigade_write() flushes in all of the cases that
it should to avoid conditions in some modules that could cause
large amounts of data to be buffered. [Cliff Woolley]
*) Fix problem where mod_cache/mod_disk_cache was incorrectly
stripping the content_type from cached responses.
[Bill Stoddard]
*) apachectl passes through any httpd options. Note: apachectl
should be used in preference to httpd since it ensures that any
appropriate environment variables have been set up.
[Jeff Trawick]
*) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
PR 7810 [Colm MacCarthaigh ]
*) Fix suexec execution of CGI scripts from mod_include.
PR 7791, 8291 [Colm MacCarthaigh ]
*) Fix segfaults at startup on some platforms when mod_auth_digest,
mod_suexec, or mod_ssl were used as DSO's due to the way they
were tracking the current init phase since DSO's get completely
unloaded and reloaded between phases. PR 9413.
[Tsuyoshi Sasamoto , Brad Nicholes]
*) Fix mod_include's handling of regular expressions in
" and directives [Brian Pane]
*) Fix some mod_include segfaults [Cliff Woolley, Brian Pane, Brad Nicholes]
*) Update the "RedHat" Layout to match Red Hat Linux version 7. PR BZ-7422
[Joe Orton]
*) add compat layer to support RSA SSLC 1.x and 2.x in mod_ssl
[Jon Travis, John Barbee, William Rowe, Ryan Bloom, Doug MacEachern]
*) Add a new parameter to the quick_handler hook to instruct
quick handlers to optionally do a lookup rather than actually
serve content. This is the first of several changes required fix
several problems with how quick handlers work with subrequests.
[Bill Stoddard]
*) worker MPM: Get MaxRequestsPerChild to work again. [Jeff Trawick]
*) [APR-related] The ordering of the default accept mutex method has
been changed to better match what's done in Apache 1.3. The ordering
is now (highest to lowest): pthread -> sysvsem -> fcntl -> flock.
[Jim Jagielski]
*) Ensure that the build/ directory is created when using VPATH.
[Justin Erenkrantz]
*) Add some popular types to the mime magic file. PR 7730.
[Linus Walleij , Justin Erenkrantz]
*) Remove the single-byte socket reads for CGI headers [Brian Pane]
*) When a proxied site was being served, Apache was replacing
the original site Server header with it's own, which is not
allowed by RFC2616. Fixed. [Graham Leggett]
*) Fix a mod_cgid problem that left daemon processes stranded
in some server restart scenarios. [Jeff Trawick]
*) Added exp_foo and rel_foo variables to config_vars.mk for
all Apache and Autoconf path variables (like --sysconfdir,
--sbindir, etc). exp_foo is the "expanded" version, which means
that all internal variable references have been interpolated.
rel_foo is the same as $exp_foo, only relative to $prefix if they
share a common path. [Aaron Bannert]
*) Fix some restart/terminate problems in the worker MPM. Don't
drop connections during graceful restart. [Jeff Trawick]
*) Change the header merging behaviour in proxy, as some headers
(like Set-Cookie) cannot be unmerged due to stray commas in
dates. [Graham Leggett]
*) Be more vocal about what AcceptMutex values we allow, to make
us closer to how 1.3 does it. [Jim Jagielski]
*) Get nph- CGI scripts working again. PRs 8902, 8907, 9983
[Jeff Trawick]
*) Upgraded PCRE library to latest version 3.9 [Brian Pane]
*) Add accessor function to set r->content_type. From now on,
ap_rset_content_type() should be used to set r->content_type.
This change is required to properly implement the
AddOutputFilterByType configuration directive.
[Bill Stoddard, Sander Striker, Ryan Bloom]
*) Add new M_FOO symbols for the WebDAV/DeltaV methods specified by
RFC 3253. Improved the method name/number mapping functions.
[Greg Stein]
*) remove sock_enable_linger from connection.c [Ian Holsman]
*) Fix for virtual host processing where the requested hostname
has a '.' at the end (PR 9187) [Ryan Cruse ]
*) mod_dav's APIs for REPORT response handling was changed so that
providers can generate the content directly into the output filter
stack, rather than buffering the response into memory. [Greg Stein]
*) Fix a hang condition with graceful restart and prefork MPM
in the situation where MaxClients is very high but
much fewer servers are actually started at the time of the
restart. [Jeff Trawick]
*) Small performance fixes for mod_include [Brian Pane]
*) Performance improvement for the error logger [Brian Pane]
*) Change configure so that Solaris 8 and above have
SINGLE_LISTEN_UNSERIALIZED_ACCEPT defined by default.
according to sun people solaris 8+ doesn't have a thundering
herd problem [Ian Holsman]
*) Allow URIs specifying CGI scripts to include '/' at the end
(e.g., /cgi-bin/printenv/) on AIX and Solaris (and other OSs
which ignore '/' at the end of the names of non-directories).
PR 10138 [Jeff Trawick]
*) implement SSLSessionCache shmht and shmcb based on apr_rmm and
apr_shm. [Madhusudan Mathihalli ]
*) Fix apxs -g handling. Move config_vars.mk from the top build
directory to the build directory. PR 10163 [Jeff Trawick]
*) Fix some mod_include problems which broke evaluation of some
expressions. PR 10108 [Jeff Trawick]
*) Fix the calculation of request time in mod_status. [Stas Bekman]
*) Fix the calculation of thread_num in the worker score structure.
[Stas Bekman]
*) Use apr_atomic operations in managing the mod_mem_cache
cache_objects for SMP scalability. (see USE_ATOMICS
preprocessor directive in mod_file_cache)
[Bill Stoddard]
*) Add filehandle caching to mod_mem_cache. (see CACHE_FD
preprocessor directive in mod_file_cache)
[Bill Stoddard]
*) Implement prototype mod_disk_cache for use with mod_cache.
[Bill Stoddard]
*) Add a missing manualdir entry in the Debian config.layout.
[Thom May ]
*) Stop installing libtool for APR and tell APR where it should place
its copy of libtool (via our installbuildpath layout variable).
[Justin Erenkrantz]
*) New directive ProxyIOBufferSize. Sets the size of the buffer used
when reading from a remote HTTP server in proxy. [Graham Leggett]
*) Modify receive/send loop in proxy_http and proxy_ftp so that
should it be necessary, the remote server socket is closed before
transmitting the last buffer (set by ProxyIOBufferSize) to the
client. This prevents the backend server from being forced to hang
around while the last few bytes are transmitted to a slow client.
Fix the case where no error checking was performed on the final
brigade in the loop. [Graham Leggett]
*) Scrap CacheMaxExpireMin and CacheDefaultExpireMin. Change
CacheMaxExpire and CacheDefaultExpire to use seconds rather than
hours. [Graham Leggett, Bill Stoddard]
*) New Directive SSIUndefinedEcho. to change the '(none)' echoed
for a undefined variable. [Ian Holsman]
*) Proxy HTTP and CONNECT: Keep trying other addresses from the DNS
when we can't get a socket in the specified address family. We may
have gotten back an IPv6 address first and yet our system is not
configured to allow IPv6 sockets. [Jeff Trawick]
*) Be more careful about recursively removing CVS directories. Make
sure that we aren't cd'ing to their home directory first. PR: 9993
[Aaron Bannert, James LewisMoss ]
*) Add a missing errordir entry in the Debian config.layout. PR: 10067
[Dirk-Jan Faber , Aaron Bannert,
Thom May ]
*) Rename the filter ordering priorities. The recent filtering fixes
have showcased problems with their usage. Therefore, we need to
rename them to increase the clarity. (CONTENT->RESOURCE,
HTTP_HEADER->CONTENT_SET/PROTOCOL) [Justin Erenkrantz]
Changes with Apache 2.0.33
*) Fix a problem in the new --enable-layout functionality where
it wouldn't allow overrides from variables like --prefix,
--bindir, etc. [Thom May ]
*) Fix a bug in the core input filter for AP_MODE_EXHAUSTIVE. It
no longer hangs around waiting for the socket to close before
returning exhaustive data. [Aaron Bannert]
*) rename apr_exploded_time_t to apr_time_exp_t (as per renames pending)
[Thom May ]
*) Change mod_ssl to always do a full startup/teardown on restarts.
this allows mod_ssl to be added to a server that is already
running and makes it possible to add/change certs/keys after the
server has been started. [Doug MacEachern]
*) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl.
This pipe must be a bidirectional 'console' style relay, which
mod_ssl prints all prompts to the pipe's stdin, and reads the
passphrases from the pipe's stdout. [William Rowe]
*) Fix bug where --sysconfdir and --localstatedir were being
ignored. [Thom May , Aaron Bannert]
PR 9888
*) Fix --enable-layout to work again. Caution: When specifying
--enable-layout, common arguments like --prefix, --exec-prefix,
etc. will be ignored and the settings from the layout will be
used instead. [Thom May , Aaron Bannert]
PR 9124, 9873, 9885
*) New Directive for mod_proxy: ProxyRemoteMatch. This provides
regex pattern matching for the determination of which requests
to use the remote proxy for. [Jim Jagielski]
*) Fix CustomLog bytes-sent with HTTP 0.9. [Justin Erenkrantz]
*) Prevent Apache from ignoring SIGHUP due to some lingering 1.3
cruft in piped logs and rewritemap child processes.
[William Rowe]
*) All instances of apr_lock_t have been removed and converted
to one of the following new lock APIs: apr_thread_mutex.h,
apr_proc_mutex.h, or apr_global_mutex.h. No new code should
use the apr_lock.h API, as the old API will soon be deprecated.
[Aaron Bannert]
*) Merged in changes to mod_ssl up through 2.8.7-1.3.23.
[Ralf S. Engelschall, Cliff Woolley]
*) mod-include: make it handle flush'es and fix the 'false-alarm'
[Justin Erenkrantz, Brian Pane, Ian Holsman]
*) ap_get_*_filter_handle() functions to allow 3rd party modules
to lookup filter handles so they can bypass the filter name
lookup when adding filters to a request (via ap_add_*_filter_handle())
[Ryan Morgan ]
*) Fix for multiple file buckets on Win32, where the first file
bucket would cause the immediate closure of the socket on any
non-keepalive requests. [Ryan Morgan ]
*) Correct Win32 failure of mmap of a segment beyond start of the
file; fixes large SSL and similar transfers. [William Rowe]
PR 9898
*) Implement apr_proc_detach changes and allow -DNO_DETACH in the
multi-process mode to not "daemonize" while detaching from the
controlling terminal. This is necessary for Apache to work with
process-management tools like AIX's "System Resource Controller"
as well as Dan Bernstein's "daemontools".
[Jos Backus , Aaron Bannert]
*) Convert mod_auth_digest to use the new apr_global_mutex_t
type. [Aaron Bannert]
*) fix bug in mod-include where it wouldn't send a unmatched
part if it was at the end of a bucket [Ian Holsman]
*) worker MPM: Improve logging of errors with the interface between
the listener thread and worker threads. [Jeff Trawick]
*) Some browsers ignore cookies that have been merged into a
single Set-Cookie header. Set-Cookie and Set-Cookie2 headers
are now unmerged in the http proxy before being sent to the
client. [Graham Leggett]
*) Fix a problem with proxy where each entry of a duplicated
header such as Set-Cookie would overwrite and obliterate the
previous value of the header, resulting in multiple header
values (like cookies) going missing.
[Graham Leggett, Joshua Slive]
*) Add the server-limit and thread-limit values to the scoreboard
for the sake of third-party applications.
[Adam Sussman ]
*) Fix segfault when proxy recieves an invalid HTTP response [Ian Holsman]
*) OS/390: Get make install to properly copy DSO modules.
[Jeff Trawick]
*) Win32: Fix bug in mod_status with displaying "Restart Time"
and "Server uptime".
[Bill Stoddard]
*) Fix IPv6 name-based virtual hosts. [Jeff Trawick]
*) Introduce AddOutputFilterByType directive. [Justin Erenkrantz]
*) Fix DEBUG_CGI support in mod_cgi. PR 9670, 9671.
[David MacKenzie ]
*) Fix incorrect check for script_in in mod_cgi. PR 9669.
[David MacKenzie ]
*) Fix segfault and display error when SSLMutex file can not be
created. [Adam Sussman ]
*) Add reference counting to mod_mem_cache cache objects to
better manage removing objects from the cache.
[Bill Stoddard]
*) Change the verbage on the ScoreBoardFile in our default configs.
Also change the default to be commented out (unspecified) so we
get anonymous shared memory by default. [Aaron Bannert]
*) Implement new ScoreBoardFile directive logic. This affects how
we create the scoreboard's shared memory segment. If the directive
is present, a name-based segment is created. If the directive is
not present, first an anonymous segment is created, and if that
fails, a name-based segment is created from a file of the name
DEFAULT_SCOREBOARD. This gives third-party applications the
ability to access our scoreboard. [Aaron Bannert]
*) Allow mod_deflate to work with non-GET requests and properly send
Content-Lengths. [Sander Striker ]
*) Fix ap_directory_merge() to correctly merge configs when there is
no block. [Justin Erenkrantz, William Rowe]
*) Remove spurious debug messsages that are normal under HTTP
keep-alive logic. [Jeff Trawick, Justin Erenkrantz]
*) Fix a bug in mod_cgid that would prevent proper shutdown death
of the cgid process. [Aaron Bannert]
*) Add signal handling back in to the worker MPM for the one_process
(-X, -DDEBUG, -DONE_PROCESS) case. [Aaron Bannert]
*) Performance: Reuse per-connection transaction pools in the
worker MPM, rather than destroying and recreating them. [Brian Pane]
*) Remove all signals from the worker MPM's child process. Instead,
the parent uses the Pipe of Death for all communication with the
child processes. [Ryan Bloom]
Changes with Apache 2.0.32
*) mod_negotiation: ForceLanguagePriority now uses 'Prefer' as the
default if the directive is not specified. This mirrors older
behavior without changes to the httpd.conf. [William Rowe]
*) Win32: solve the win32 service problems in 2.0.31-alpha, by fixing
the service, mpm and logging code, and bugs in apr_file_open_stderr
and apr_file_dup2 functions. Win2K/XP services have no handles
associated for stdin/out/err, which caused unpredictable behavior
in the prior release. [William Rowe, Bill Stoddard]
*) Win32: simplify the Application Event Log messages, since there isn't
likely to be 'more information in the error log' before an error log
has been opened. [William Rowe]
*) Win32: substantial cleanup to the mpm_winnt code for legibility and
to follow the program flow of other MPMs. [Ryan Bloom, William Rowe]
*) Win32: apache -k shutdown now behaves like apache -k stop.
[Bill Stoddard]
*) Fix prefork to not kill the parent if a child hits a resource shortage
on accept(). [Greg Ames]
*) Fix seg faults that occur when what should be the httpd request line
starts with \r\n followed by garbage. [Greg Ames]
*) Allow statically linked support binaries with the new
--enable-static-support flag, and enable this behavior in
the binbuild script. Also add a new --enable-static-htdbm
flag. [Aaron Bannert]
*) Allow mod_autoindex to serve symlinks if permitted and attempt to
do only one stat() call when generating the directory listings.
[Justin Erenkrantz]
*) Fix resolve_symlink to save the original symlink name if known.
[Justin Erenkrantz]
*) Be a bit more sane with regard to CanonicalNames. If the user has
specified they want to use the CanonicalName, but they have not
configured a port with the ServerName, then use the same port that
the original request used. [Ryan Bloom and Ken Coar]
*) In core_input_filter, check for an empty brigade after
APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
client says it will post some data but we get FIN before any
data arrives. [Jeff Trawick]
*) Not being able to bind to the socket is a fatal error. We should
print an error to the console, and return a non-zero status code.
With these changes, all of the Unix MPMs do that correctly.
[Ryan Bloom]
*) suexec: Allow HTTPS and SSL_* environment variables to be passed
through to CGI scripts. PR 9163
[Brian Reid ,
Zvi Har'El ]
*) binbuild.sh: Make sure that we use the expat from our source
tree so that there aren't any surprises on the target machine.
[Jeff Trawick]
*) mod_cgid: Add retry logic for when the daemon can't fork fast
enough to keep up with new requests. Start using
HTTP_SERVER_UNAVAILABLE instead of HTTP_INTERNAL_SERVER_ERROR
when we can't talk to the daemon. [Jeff Trawick]
*) apxs: LTFLAGS envvar can override default libtool options. Try
"LTFLAGS=' ' apxs -c mod_foo.c" to see what libtool does under
the covers. [Jeff Trawick]
*) The Location: response header field, used for external
redirect, *must* be an absoluteURI. The Redirect directive
tested for that, but RedirectMatch didn't -- it would allow
almost anything through. Now it will try to turn an abs_path
into an absoluteURI, but it will correctly varf like Redirect
if the final redirection target isn't an absoluteURI. [Ken Coar]
Changes with Apache 2.0.31
*) Create the scoreboard (in the parent) in a global pool context,
so it survives graceful restarts. This fixes a SEGV during
graceful restarts. [Aaron Bannert]
*) Add a timeout option to the proxy code 'ProxyTimeout'
[Ian Holsman]
*) FTP directory listings are now always retrieved in ASCII mode.
The FTP proxy properly escapes URI's and HTML in the generated
listing, and escapes the path components when talking to the FTP
server. It is now possible to browse the root directory by using
a url like: ftp://user@host/%2f/ (ported from apache_1.3.24)
Also, the last path component may contain wildcard characters
'*' and '?', and if they do, a directory listing is created instead
of a file retrieval. Example: ftp://user@host/httpd/server/*.c
[Martin Kraemer]
*) Added single-listener unserialized accept support to the
worker MPM [Brian Pane]
*) New Directive for mod_proxy: 'ProxyPreserveHost'. This passes
the incoming host header through to the proxied server
[Geoff ]
*) New Directive Option for ProxyPass. It now can block a location
from being proxied [Jukka Pihl ]
*) Don't let the default handler try to serve a raw directory. At
best you get gibberish. Much worse things can happen depending
on the OS. [Jeff Trawick]
*) Change the pre_config hook to return a value. Modules can now emit
an error message and then cause the server to quit gracefully during
startup. This required a bump to the MMN. [Aaron Bannert]
*) Fix some unix socket descriptor leaks in the handler side of
mod_cgid (the part that runs in the server process). Whack a
silly "close(-1)" in the handler too. [Jeff Trawick]
*) Change the pre_mpm hook to return a value, so that scoreboard
init errors percolate up to code that knows how to exit
cleanly. This required a bump to the MMN. [Jeff Trawick]
*) Add the socket back to the conn_rec and remove the create_connection
hook. The create_connection hook had a design flaw that did not
allow creating connections based on vhost info. [Bill Stoddard]
*) Fixed PATH_INFO and QUERY_STRING from mod_negotiation results.
Resolves the common case of using negotation to resolve the request
/script/foo for /script.cgi/foo. [William Rowe]
*) Added new functions ap_add_(input|output)_filter_handle to
allow modules to bypass the usual filter name lookup when
adding hard-coded filters to a request [Brian Pane]
*) caching should now work on subrequests (still very experimental)
[Ian Holsman]
*) The Win32 mpm_winnt now has a shared scoreboard. [William Rowe]
*) Change ap_get_brigade prototype to use apr_off_t instead of apr_off_t*.
[Justin Erenkrantz]
*) Refactor ap_rgetline so that it does not use an internal brigade.
Change ap_rgetline's prototype to return errors. [Justin Erenkrantz]
*) Remove mod_auth_db. [Justin Erenkrantz]
*) Do not install unnecessary pcre headers like config.h and internal.h.
[Joe Orton ]
*) Change in quick_hanlder behavior for subrequests. it now passes DONE
(as it does for a normal request). quick_handled sub-requests now work
in mod-include [Ian Holsman]
*) Change SUBREQ_CORE so that it is a 'HTTP_HEADER' filter instead of
'CONTENT' one, as it needs to run AFTER all content headers
*) Rename BeOS MPM directive RequestsPerThread to MaxRequestsPerThread.
[Lars Eilebrecht]
*) Split out blocking from the mode in the input filters.
[Justin Erenkrantz]
*) Fix a segfault in mod_include. [Justin Erenkrantz, Jeff Trawick]
*) Cause Win32 to capture all child-worker process errors in
Apache to the main server error log, until the child can
open its own error logs. [William Rowe]
*) HPUX 11.*: Do not kill the child process when accept()
returns ENOBUFS on HPUX 11.*. (ported from a 1.3 patch
by [madhusudan_mathihalli@hp.com])
[Bill Stoddard]
*) Fix a problem in the parsing of the directive.
[Jeff Trawick]
*) rewrite of mod_ssl input filter for better performance and less
memory usage [Doug MacEachern]
*) allow quick_handler to be run on subrequests. [Ian Holsman]
*) mod_dav now asks its provider to place content directly into the
filter stack when handling a GET request. The mod_dav/provider
API has changed, so providers need to be updated. [Greg Stein]
*) Clear the output socket descriptor in unixd_accept() to make sure
we don't supply a bogus socket to the caller if the accept fails.
This caused problems with the worker MPM, which tried to process
the returned socket if it was non-NULL. [Brian Pane]
*) Move a check for an empty brigade to the start of core input filter
to avoid segfaults. [Justin Erenkrantz, Jeff Trawick]
*) Add FileETag directive to allow configurable control of what
data are used to form ETag values for file-based URIs. MMN
bumped to 20020111 because of fields added to the end of
the core_dir_config structure. [Ken Coar]
*) Fix a segfault in mod_rewrite's logging code caused by passing the
wrong config to ap_get_remote_host(). [Jeff Trawick]
*) Allow mod_cgid to work from a binary distribution install by
using 755 for the permissions on the log directory instead of
750. [Jeff Trawick]
*) Fixed a segfault that happened during graceful shutdown (or when
the httpd ran out of file descriptors) with the worker MPM [Brian Pane]
*) Split all Win32 modules [excluding the core components mod_core,
mod_so, mod_win32 and the winnt mpm] into individual loadable
modules, so the administrator may individually disable the former
compiled-in modules by simply commenting out their LoadModule
directives. [William Rowe]
*) Saved Win32 module authors and porters many future headaches, by
duplicating the appropriate .h files such as os.h into the include
directory, including in the build tree. [William Rowe]
*) mod_ssl adjustments to help with using toolkits other than OpenSSL:
Use SSL functions/macros instead of directly dereferencing SSL
structures wherever possible.
Add type-casts for the cases where functions return a generic pointer.
Add $SSL/include to configure search path.
[Madhusudan Mathihalli ]
*) Moved several pointers out of the shared Scoreboard so it is
more portable, and will present the vhost name across server
generation restarts. [William Rowe]
*) Fix SSLPassPhraseDialog exec: and SSLRandomSeed exec:
[Doug MacEachern]
Changes with Apache 2.0.30
*) Fix the main bug for FreeBSD and threaded MPM's. There are
still issues (see STATUS) but at least the server will now
run without crashing the machine.
[David Reid, Aaron Bannert, Justin Erenkrantz]
*) Fix a typo in mod_deflate's m4 config section.
[albert chin (china@thewrittenword.com)]
*) Fix a couple of mod_proxy problems forwarding HTTP connections
and handling CONNECT:
(1) PR #9190 Proxy failed to connect to IPv6 hosts.
(2) Proxy failed to connect when the first IP address returned by
the resolver was unreachable but a secondary IP address was.
[Jeff Trawick]
*) Fix the module identifer as shown in the docs for various core
modules (e.g., the identifer for mod_log_config was previously
listed as config_log_module). PR #9338
[James Watson ]
*) Fix LimitRequestBody directive by placing it in the HTTP
filter. [Justin Erenkrantz]
*) Fix mod_proxy seg fault when the proxied server returns
an HTTP/0.9 response or a bogus status line.
[Adam Sussman]
*) Prevent mod_proxy from truncating one character off the
end of the status line returned from the proxied server.
[Adam Sussman, Bill Stoddard]
*) Eliminate loop in ap_proxy_string_read().
[Adam Sussman, Bill Stoddard]
*) Provide $0..$9 results from mod_include regex parsing.
[William Rowe]
*) Allow mod-include to look for alternate start & end tags [Ian Holsman]
*) Introduced the ForceLanguagePriority directive, to prevent
returning MULTIPLE_CHOICES or NONE_ACCEPTABLE in some cases,
when using Multiviews. [William Rowe]
*) Fix a problem which prevented mod_cgid and suexec from working
together reliably [Greg Ames]
*) Remove the call to exit() from within mod_auth_digest's post_config
phase. [Aaron Bannert]
*) Fix a problem in mod_auth_digest that could potentially cause
problems with initialized static data on a system that uses DSOs.
[Aaron Bannert]
*) Fix a segfault in the worker MPM that could happen during
child process exits. [Brian Pane, Aaron Bannert]
*) Allow mod_auth_dbm to handle multiple DBM types [Ian Holsman]
*) Fix matching of vhosts by ip address so we find IPv4
vhost address when target address is v4-mapped form of
that address. [Jeff Trawick]
*) More performance tweaks to the BNDM string-search algorithm
used to find "" is the last byte in a file [Brian Pane]
*) Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"
message that we had back in apache-1.3 and still have scattered
throughout our docs. [Aaron Bannert]
*) Prevent the Win32 port from continuing after encountering an
error in the command line args to apache. [William Rowe]
*) On a error in the proxy, make it write a line to the error log
[Ian Holsman]
*) Various mod_ssl performance improvements [Doug MacEachern]
Changes with Apache 2.0.29
*) Add buffering in core_output_filter to ensure that long
lists of small buckets don't cause small packet writes.
[Brian Pane, Ryan Bloom]
*) Fix the installation target to make sure that the manual is
installed in the correct location.
[Yoshifumi Hiramatsu and
Gomez Henri ]
*) Fix the cmd command for mod_include. When we are processing
a cmd command, we do not want to use the r->filename to set
the command name. The command comes from the SSI tag. To do this,
I added a variable to the function that builds the command line
in mod_cgi. This allows the include_cmd function to specify
the command line itself. [Ryan Bloom]
*) Change open_logs hook to return a value, allowing you
to flag a error while opening logs
[Ian Holsman, Doug MacEachern]
*) Change post_config hook to return a value, allowing you
to flag a error post config
[Ian Holsman, Jeff Trawick]
*) Allow SUEXEC_BIN (the path to the suexec binary that is
hard-coded into the server) to be specified to the configure
script by the --with-suexec-bin parameter. [Aaron Bannert]
*) Fix segv in worker MPM following accept on pipe-of-death
[Brian Pane]
*) Add mod_deflate to experimental.
[Ian Holsman, Justin Erenkrantz]
*) Bail out at configure time if an invalid MPM was specified.
[jean-frederic clere ]
*) Prevent segv in ap_note_basic_auth_failure() when no AuthName is
configured [John Sterling ]
*) Fix apxs to use sbindir. [Henri Gomez ]
*) Fix a problem with IPv6 vhosts. PR #8118 [Jeff Trawick]
*) Optimization for the BNDM string-search function in
mod_include. [Brian Pane]
*) Fixed the behavior of the XBitHack directive.
[Taketo Kabe , Cliff Woolley] PR#8804
*) The threaded MPM for Unix has been removed. Use the worker
MPM instead. [various]
*) APR-ize the resolver logic in mod_unique_id. This fixes a bug
in logging the error from a failed DNS lookup. [Jeff Trawick]
*) Added the missing macros AP_INIT_TAKE13 and AP_INIT_TAKE123.
[Cliff Woolley]
*) Get mod_cgid killed when a MPM exits due to a fatal error.
[Jeff Trawick]
*) Fix a file descriptor leak in mod_include. When we include a
file, we use a sub-request, but we didn't destroy the sub-request
immediately, instead we waited until the original request was
done. This patch closes the sub-request as soon as the data is
done being generated. [Brian Pane ]
*) Allow modules that add sockets to the ap_listeners list to
define the function that should be used to accept on that
socket. Each MPM can define their own function to use for
the accept function with the MPM_ACCEPT_FUNC macro. This
also abstracts out all of the Unix accept error handling
logic, which has become out of synch across Unix MPMs.
[Ryan Bloom]
*) Fix a bug which would cause the response headers to be omitted
when sending a negotiated ErrorDocument because the required
filters were attached to the wrong request_rec.
[John Sterling ]
*) Remove commas from the end of the macros that define
directives that are used by MPMs. Prior to this patch,
you would use these macros without commas, which was unlike
the macros for any other directives. Now, the caller provides
the comma rather than the macro providing it. This makes
the macros look more like the rest of the directives.
[Ryan Bloom and Cliff Woolley]
*) Add 'redirect-carefully' environment option to disable sending
redirects under special circumstances. This is helpful for
Microsoft's WebFolders when accessing a directory resource via
DAV methods. [Justin Erenkrantz]
*) Begin to abstract out the underlying transport layer.
The first step is to remove the socket from the conn_rec,
the server now lives in a context that is passed to the
core's input and output filters. This forces us to be very
careful when adding calls that use the socket directly,
because the socket isn't available in most locations.
[Ryan Bloom]
*) Really reset the MaxClients value in worker and threaded
when the configured value is not a multiple of the number
of threads per child. We said we did previously but we
forgot to. [Jeff Trawick]
*) Add Debian layout. [Daniel Stone ]
*) If shared modules are requested and mod_so is not available,
produce a fatal config-time error. [Justin Erenkrantz]
*) Improve http2env's performance by cutting the work it has to
do. [Brian Pane ]
*) use new 'apr_hash_merge' function in mod_mime (performance fix)
[Brian Pane ]
Changes with Apache 2.0.28
*) Fix infinite loop in mod_cgid.c.
[Dale Ghent , Brian Pane ]
*) When no port is given in a "ServerName host" directive, the
server_rec->port is now set to zero, not 80. That allows for
run-time deduction of the correct server port (depending on
SSL/plain, and depending also on the current setting of
UseCanonicalName). This change makes redirections
work, even with https:// connections. As in Apache-1.3, the
connection's actual port number is never used, only the ServerName
setting or the client's Host: setting. Documentation updated
to reflect the change. [Martin Kraemer]
*) Add a '%{note-name}e' argument to mod-headers, which works in
the same way as mod_log_confg. [Ian Holsman]
*) Fix the spelling of the AP_MPMQ_MIN_SPARE_DAEMONS and
AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
MPMs. [Cliff Woolley]
*) Introduce htdbm, a user management utility for db/dbm authorization
databases. [Mladen Turk ]
*) Optimize usage of strlen and strcat in ap_directory_walk.
[Brian Pane ]
Changes with Apache 2.0.27
*) Introduce an Apache mod_ssl initial configuration template
(ssl.conf, generated from ssl-std.conf). [Ralf S. Engelschall]
*) Fixed a memory leak in the getline parsing code that could
be triggered by arbitrarily large header lines. Requests
from the core input filter for single lines are now limited
to HUGE_STRING_LEN (8192 bytes). [Aaron Bannert]
*) Fix a truncation bug in how we print the port on the Via: header.
The routine that prints the Via: header now takes a length for
the port string. [Zvi Har'El ]
*) Some syntax errors in mod_mime_magic's magic file can result
in a 500 error, which previously was unlogged. Now we log the
error. [Jeff Trawick]
*) Add the support/checkgid helper app, which checks the run-time
validity of group identifiers usable in the Group directive.
[Ken Coar]
*) Various --enable-so options have been fixed: --enable-so is
treated as "static"; explicit --enable-so=shared issues an error;
and explicit --enable-so fails with error on systems without
APR_HAS_DSO. [Aaron Bannert]
*) Fix a segfault in the core input filter when the client socket
gets disconnected unexpectedly. [Cliff Woolley]
*) Fix the reporting for child processes that die. This removes
all of the non-portable W* macros from Apache.
[Jeff Trawick and Ryan Bloom]
*) Win32: Track and display "Parent Server Generation:" in
mod_status output. The generation will be bumped at
server graceful restart, when the child process exits
by hitting MaxRequestsPerChild or if the child
process exits abnormally. [Bill Stoddard]
*) Win32: Fix problem where MaxRequestsPerChild directive was
not being picked up in favor of the default. Enable
the parent to start up a new child process immediately upon
the old child starting shutdown.
[Bill Stoddard]
*) Fix some bungling of the remote port in rfc1413.c so that
IdentityCheck retrieves the proper user id instead of failing
and thus always returning "nobody."
[Dick Streefland ]
*) Introduced thread saftey for mod_rewrite's internal cache.
[Brian Pane ]
*) Simplified mod_env's directives to behave as most directives are
expected, in that UnsetEnv will not unset a SetEnv and PassEnv
directive following that UnsetEnv within the same container.
Also provides a runtime startup warning if a PassEnv configured
environment value is undefined. [William Rowe]
*) The worker MPM is now completely ported to APR's new lock API. It
uses native APR types for thread mutexes, cross-process mutexes,
and condition variables. [Aaron Bannert]
*) Sync up documentation to remove all references to the now deprecated
Port directive. [Justin Erenkrantz]
*) Moved all ldap modules from the core to httpd-ldap sub-project
[Ryan Bloom]
*) Exit when we can't listen on any of the configured ports. This
is the same behavior as 1.3, and it avoids having the MPMs to
deal with bogus ap_listen_rec structures. [Jeff Trawick]
*) Cleanup the proxy code that creates a request to the origin
server. This change adds an optional hook, which allows modules
to gain control while the request is created if the proxy module
is loaded. The purpose of this hook is to allow modules to add
input and/or output filters to the request to the origin. While
I was at it, I made the core use this hook, so that proxy request
creation uses some of the code from the core. This can still be
greatly improved, but this is a good start. [Ryan Bloom]
Changes with Apache 2.0.26
*) Port the MaxClients changes from the worker MPM to the threaded
MPM. [Ryan Bloom]
*) Fix mod_proxy so that it handles chunked transfer-encoding and works
with the new input filtering system. [Justin Erenkrantz]
*) Introduce the MultiviewsMatch directive, to allow the operator
to be flexible in recognizing Handlers and Filters filename
extensions as part of the Multiviews matching logic, strict with
MultiviewsMatch NegotiatedOnly to accept only filename extentions
that designate negotiated parameters, (content type, charset, etc.)
or MultiviewsAll for the 1.3 behavior of matching any files, even
if they have unregistered extensions. [William Rowe]
*) Fixed the configure script to add a LoadModule directive to
the default httpd.conf for any module that was compiled
as a DSO. [Aaron Bannert ]
*) rewrite mod_ssl input filtering to work with the new input filtering
system. [Justin Erenkrantz]
*) prefork: Don't segfault when we are able to listen on some but
not all of the configured ports. [Jeff Trawick]
*) Build mod_so even if no core modules are built shared.
[Aaron Bannert ]
*) Introduce ap_directory_walk rewrite (with further optimizations
required) to adapt to the ap_process_request_internal() changes.
Optimized so subrequests and redirects now reuse previous section
merges, until we mismatch with the original directory_walk, and
precomputed r->finfo results will cause directory_walk to skip
the most expensive phases of the function. [William Rowe]
*) Allow ApacheMonitor to connect to and control Apache on other
WinNT/2K machines. [Mladen Turk ]
*) Remove the Port directive. In it's place, the Listen directive
is now a required directive, which tells Apache what port to
listen on. The ServerName directive has also been extended
to accept an optional port. If the port is specified to the
ServerName, the server will report that port whenever it
reports the port that it is listening on. This change was
made to ease configuration errors that stem from having a Port
directive, and a Listen directive. In that situation, the server
would only listen to the port specified by the Listen command,
which caused a lot of confusion to users. [Ryan Bloom]
*) Added mod_mime_magic, mod_unique_id and mod_vhost_alias to the Win32
build, as loadable modules. [William Rowe]
*) Fix --enable-mods-shared processing. If most is specified,
then all modules that can be compiled as shared modules are.
[Aaron Bannert ]
*) Update the mime.types file to map video/vnd.mpegurl to mxu
and add commonly used audio/x-mpegurl for m3u extensions.
[Heiko Recktenwald , Lars Eilebrecht]
*) Eliminate the depreciated r->content_language, in favor of the array
r->content_languages introduced many years ago. Module authors must
substantially overhaul their modules, so this needs to be upgraded
if the module still relied on backwards-brokeness. [William Rowe]
*) Allow configure help strings to work with autoconf 2.50+ and 2.13.
[Justin Erenkrantz]
*) Rewrite the input filtering mechanisms to consolidate and reorganize
code. In short, core_input_filter does something now and
ap_http_filter is now only concerned with HTTP. [Justin Erenkrantz]
*) Update the Win32 build to re-absorb mod_proxy and family.
[William Rowe]
*) Resolved the build failure on Win32 using MSVC 5.0 (without the
current SDK.) [William Rowe]
*) Some style changes to the code that does ProxyErrorOverride. Fixed
config merge behaviour. [Graham Leggett]
*) Allow support programs to be compiled against a static version
of libapr. This allows the smaller support programs to be
relocated. [Aaron Bannert ]
*) Update the mime.types file to the registered media types as
of 2001-09-25, and add mapping for xsl extension [Mark Cox]
*) Fix MaxClients in the Worker MPM, so that it specifies the maximum
number of clients that can connect at the same time, instead of
specifying the maximum number of child processes.
[Aaron Bannert ]
*) Switch proc_pthread AcceptMutex configuration directive to pthread to
be consistent with 1.3. [Justin Erenkrantz]
*) Cache apr_explode_localtime() value for 15 seconds.
[Brian Pane ]
*) Fix mod_include to not return ETag or Last-Modified headers.
[Ian Holsman ]
*) Fix worker MPM's scoreboard logic. [Aaron Bannert ]
*) Eliminate the wasteful run-time conversion of method names from strings
to numbers in places where the methods are known at compile time.
[Brian Pane ]
*) Turn the worker MPM's queue into a LIFO. This may
improve cache-hit performance under some conditions.
[Aaron Bannert ]
*) Switch back to SIGUSR1 for graceful restarts on all platforms that
support it. [Justin Erenkrantz]
*) Cleanup the worker MPM. We no longer re-use transaction
pools. This incurs less overhead than shuffling the pools
around so that they can be re-used. Remove one of the
queue's condition variables. We just redefined the API to
state that you can't try to add more stuff than you allocated
segments for. [Aaron Bannert ]
*) Fix SSL VPATH builds [Cody Sherr ]
*) Fixed persistent connections when a request contains a body.
[Greg Stein]
*) mod_dav uses a new API to speak to the backend provider for dead
property management. [Greg Stein]
*) Remove the Win32 script-processing exception from mod_cgi, and
roll build_command_line/build_argv_list into a unified, overrideable
ap_cgi_build_command optional function. [William Rowe]
*) Rewrite find_start_sequence to use a better search algorithm
to find the start tag. [Justin Erenkrantz]
*) Fix a seg fault in mod_include. When we are generating an
internal redirect, we must set r->uri to "", not a bogus
string, and not NULL. [Ryan Bloom]
*) Optimized location_walk, so subrequests, redirects and second passes
now reuse previous section merges on a by
basis, until we mismatch with the original location_walk.
[William Rowe]
*) Back out the 1.45 change to util_script.c. This change made
us set the environment variable REQUEST_URI to the redirected
URI, instead of the originally requested URI.
[Taketo Kabe ]
*) Make mod_include do lazy evaluation of potentially expensive to
compute variables. [Brian Pane ]
*) Fix logging of bytes sent for HEAD requests. %b and %B should
log either - or 0, before this patch, they were both logging
the file size. [Taketo Kabe ]
*) Make mod_include check for BYTE_CHECK_THRESHOLD per bucket rather
than per character. [Brian Pane ]
*) Normalize the primary request, redirects and sub-requests to
run the same ap_process_request_internal for consistency in
robustness, behavior and security. [William Rowe]
*) Fix a segfault with mod_include when r->path_info is not set
(which is the case with mod_proxy). [Ian Holsman ]
*) Add -X functionality back. This indicates to all MPMs and any other
part of Apache that it should run in "debug" mode. [Justin Erenkrantz]
*) Some initial support for the cygwin platform [prefork only].
This is not to be confused with support for the WinNT/Win32
platform, which is the recommended configuration for native
Win32 users. The cygwin platform support is recommended for
cygwin platform users. [Stipe Tolj ]
*) Changed syntax of Set{Input|Output}Filter. The list of filters
must be semicolon delimited (if more than one filter is given.)
The Set{Input|Output}Filter directive now overrides a parent
container's directive (e.g. SetInputFilter in
will override any SetInputFilter directive in .)
This new syntax is more consistent with Add{Input|Output}Filter
directives defined in mod_mime. Also cures a bug in prior releases
where the Set{Input|Output}Filter directive would corrupt the
global configuration if the multiple directives were nested.
[William Rowe]
*) Cured what's ailed mime for quite some time. If an AddSomething
was given in the configuration (Language, Charset, Handler or
Encoding) Apache would set the content type as given by AddType,
but refused to check the mime.types file if AddType wasn't given
for that specific extension. Setting the AddHandler for .html
without setting the AddType text/html html would cause Apache to
use the default content type. [William Rowe]
*) Added some bulletproofing to memory allocation in the LDAP cache
code. [Graham Leggett]
Changes with Apache 2.0.25
*) Move the installed /manual directory out of the /htdocs/ tree, so
that it can be kept more independently from the remaining document
root. The "Alias /manual ..." already allowed for easy projection
into existing private document trees. [Martin Kraemer]
*) Add specified user attributes to the environment when using
mod_auth_ldap. This allows you to use mod_include to embed specified
user attributes in a page like so:
Hello , how are you?
[Graham Leggett]
*) Fix a performance problem with the worker MPM. We now create
transaction pools once, and re-use them for each connection.
[Aaron Bannert ]
*) Modfied mod_mime to prevent mod_negotation from serving a multiview
of a 'handler' or 'filter', so that any filename extension that does
not contribute to the negotiated metadata can't be served without
an explicit request. E.g., if the .Z extension is associated with
an unzip filter, the user request somefile.Z.html, mod_negotiation
won't serve it. It can serve somefile.Z.html when somefile.Z is
requested, since the .Z extension is explictly requested, if the
.html extension is associated with ContentType text/html.
[William Rowe]
*) Introduce the AddInputFilter filter[;filter...] ext [ext...]
and corresponding AddOutputFilter syntax, to insert one or more
filters by mod_mime filename extension processing.
[William Rowe]
*) Fix a growing connection pool in core_output_filter() for
keepalive requests. [Jeff Trawick]
*) Moved split_and_pass_pretag_buckets back to being a
macro at Ryans's request. Removed the return from it
by setting and returning a return code instead. Updated
the code to check the return code from the macro and
do the right thing. [Paul J. Reder]
*) Fix a segfault when a numeric value was received for Host:.
[Jeff Trawick]
*) Add a function ap_remove_input_filter. This is to match
up with ap_remove_output_filter. [Ryan Bloom]
*) Clean up location_walk, so that this step performs a minimum
amount of redundant effort (it must be run twice, but it will no
longer reparse all blocks when the request uri
hadn't changed.) [William Rowe]
*) Eliminate proxy: (and all other 'special') processing from the
ap_directory_walk() phase. Modules that want to use special
walk logic should refer to the mod_proxy map_to_location example,
with it's proxy_walk and proxysection implementation. This makes
either directory_walk flavor much more legible, since that phase
only runs against real blocks.
[William Rowe]
*) SECURITY: Fix a security problem in mod_include which would allow
an SSI document to be passed to the client unparsed.
[Cliff Woolley, Brian Pane]
*) Introduce the map_to_storage hook, which allows modules to bypass
the directory_walk and file_walk for non-file requests. TRACE
shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.
[William Rowe]
*) Add the ability for mod_include to add the INCLUDES filter
if the file is configured for the server-parsed handler.
This makes the configuration for .shtml files much easier
to understand, and allows mod_include to honor Apache 1.3
config files. Based on Doug MacEachern's patch to PHP
to do the same thing. [Ryan Bloom]
*) force OpenSSL to ignore process local-caching and to always
get/set/delete sessions using mod_ssl's callbacks
[Madhusudan Mathihalli ,
Geoff Thorpe ]
*) Make the worker MPM shutdown and restart cleanly. This also
cleans up some race conditions, and gets the worker using
pools more cleanly. [Aaron Bannert ]
*) Implement CRYPTO_set_locking_callback() in terms of apr_lock
for mod_ssl
[Madhusudan Mathihalli ]
*) Fix for mod_include. Ryan's patch to check error
codes put a return in the wrong place. Also, the
include handler return code wasn't being checked.
I don't like macros with returns, so I converted
SPLIT_AND_PASS_PRETAG_BUCKETS into a function.
[Paul J. Reder ]
*) fix segv in mod_mime if no AddTypes are configured
[John Sterling ]
*) Enable ssl client authentication at SSL_accept time
[Madhusudan Mathihalli ]
*) Fix a segfault in mod_include when the original request has no
associated filename (e.g., we're filtering the error document for
a bad URI). [Jeff Trawick]
*) Fix a storage leak (a strdup() call) in mod_mime_magic. [Jeff Trawick]
*) The prefork and OS/2 MPMs are overwriting the pid file when a second copy
of httpd is started and shuts down due to socket conflict. Moving the
call to ap_log_pid solves the problem.
*) Changed the late-1.3 log_config substitution %c to %X, to log the
status of the closed connection, as it conflicts with the far more
common, historical ssl logging directive %...{var}c. [William Rowe]
*) Added the common error/ tree to the build/install targets
(similar to the common icons/ tree) for the multi-language error
messages that Lars committed earlier. [William Rowe]
*) Added a multi process, multi threaded OS/2 MPM mpmt_os2. [Brian Havard]
*) Added a default commented-out mod_ldap and mod_auth_ldap
configuration to httpd-std.conf and httpd-win.conf
[Graham Leggett]
*) Added documentation for mod_ldap and mod_auth_ldap.
[Graham Leggett]
*) Enabled negative caching on attribute comparisons in the LDAP cache.
Fixed a problem where the default cache TTL was set in milliseconds
not microseconds causing the cache to time out almost immediately.
[Graham Leggett]
*) Fixed all the #if APR_HAS_SHARED_MEMORY checks within the LDAP
module code to follow APR. [Graham Leggett]
*) Fixed LDAP cleanup on graceful restarts. LDAP connections are now
cleaned up when the connection pool pool is cleaned up.
[Graham Leggett]
*) Fix a minor issue with Jeff Trawick's mod_include
patch. Without this patch, the code will just allocate
more bytes in get_combined_directive than are needed.
[Paul Reder]
*) Added the LDAP authentication module mod_auth_ldap.
[Dave Carrigan , Graham Leggett]
*) Added the LDAP cache and connection pooling module mod_ldap.
[Dave Carrigan , Graham Leggett]
*) Fix --enable-modules=all breakage with mod_auth_db and mod_auth_digest
by allowing a module to disable itself if its prerequisites are not
met. [Justin Erenkrantz]
Changes with Apache 2.0.24
*) Fix a couple of issues in mod_include when the tag appeared at
offsets near 8192 in the file being parsed. [Jeff Trawick]
*) Fix an assertion failure in mod_ssl when the keepalive timeout is
reached. [Jeff Trawick]
*) Numerous improvements to the Win32 build system. Introduced command line
builds without requiring .mak files for MSVC 6.0 and later versions.
Improved .dsp file compatibility for both Visual Studio 5.0 and 6.0 users.
[William Rowe]
*) Assorted corrections and improvements to the winnt_mpm startup code. Better
reporting of uninstalled services and other error conditions, and changed the
default service name to Apache2. [William Rowe]
*) Numerous improvements to the Win32 ApacheMonitor utility, including winnt_mpm
compatibility with existing Apache 1.3 Win32 Apache management utilites.
[Mladen Turk , William Rowe]
*) Fixed the segfaults in mod_mime introduced by hash tables in 2.0.20.
[William Rowe, Greg Ames]
*) Rounded out the mod_mime Add/Remove pairs by adding RemoveLanguage
and RemoveCharset directives. [William Rowe]
*) The Unix MPMs other than perchild now allow child server
processes to use the accept mutex when starting as root and
using SysV sems for the accept mutex. Previously, this
combination would lead to fatal errors in the child server
processes. perchild can't use SysV sems because of security
issues. [Jeff Trawick, Greg Ames]
*) Added Win32 revision stamp resources to all http binaries
(including modules/ and support/ tools.) PR7322 [William Rowe]
*) Fix ap_rvprintf to support more than 4K of data at one time.
[Cody Sherr ]
*) We have always used the obsolete/deprecated Netscape syntax
for our tracking cookies; now the CookieStyle directive
allows the Webmaster to choose the Netscape, RFC2109, or
RFC2965 format. The new CookieDomain directive allows the
setting of the cookie's Domain= attribute, too. PR #s 5006,
5023, 5920, 6140 [Ken Coar]
*) Tweak server/Makefile so that the rules for generating exports.c
are compatible with make utilities which don't expand wildcards
in a dependency list (e.g., OS/390 make, certain levels of GNU
make). [Jeff Trawick]
*) Install the SSL headers. [John Sterling ]
*) Begin to sanitize the MPM configuration directives. Now, all
MPMs use the same functions for all common MPM directives. This
should make it easier to catch all bugs in these directives once.
[Cody Sherr ]
*) Close a major resource leak. Every time we had issued a
graceful restart, we leaked a socket descriptor.
[Ryan Bloom]
*) Fix a problem with the new method code. We need to cast
the 1 to an apr_int64_t or it will be treated as a 32-bit
integer, and it will wrap after being shifted 32 times.
[Cody Sherr and Ryan Morgan ]
*) Fix a bug in mod_expires. Previous to this patch, if you
told mod_expires to add 604800 seconds to the last-modified
time, it actually added 604800 usec's to the last-modified time,
so that when looking at the response it looked like nothing
had been done. The root of the problem was that we always compute
time in usec's, but we ask users to input sec's. This means we
need to convert to usec's before using those values.
[Ryan Bloom]
*) The worker MPM now handles shutdown and restart requests. It
definitely isn't perfect, but we do stop the servers correctly.
The biggest problem right now is that SIGHUP causes the server to
just die. [Ryan Bloom]
Changes with Apache 2.0.23
*) Use the prefork MPM by default on Unix. [various]
*) Added a systray icon monitor application for Win32.
[Mladen Turk ]
*) mod_rewrite: Fix the line ending on some non-Unix systems for
messages written to the rewrite log.
[Richard Labennett ]
*) All mod_autoindex query parsing is now quietly quashed with the
IndexOption IgnoreClient. The IndexOption SuppressColumnSorting
still drops the column sort 's for the column headers, but
IgnoreClient is required to ignore these Query options entirely.
[William Rowe]
*) Introduced new mod_autoindex query argument parsing for F=[0|1|2]
to allow the client to select plain, FancyIndexing or HTMLTable
formatting, V=[0|1] to inhibit or enable version sorting, and
P=pattern to return only specific files. The old Query Arguments
were reorganized as C=f for sorting column 'f' (same N, D, S, or M
as before), and O=A|D for ordering ascending or descending.
[William Rowe]
*) Fixed an error in mod_include's directive parsing routines which
caused #if, #elif, and #else expressions containing backslashes
to be improperly evaluated. [Cliff Woolley]
*) Introduced new mod_autoindex IndexOptions flags: SuppressIcon to
drop the icon column, SuppressRules to drop the
elements,
and HTMLTable to create rudimentary HTML table listings (implies
FancyIndexing). [William Rowe]
*) Re-introduced the mod_autoindex IndexOptions flag TrackModified
from Apache 1.3.15. This is needed for two reasons, first, given
multiple machines within a server farm, ETags and Last-Modified
stamps won't correspond from machine to machine, and second, many
Unixes don't capture changes to the date or time stamp of existing
files, since these don't modify the dirent itself. [William Rowe]
*) Re-introduced the mod_autoindex IndexOptions flag FoldersFirst
and DirectoryWidth options from Apache 1.3.10.
[William Rowe, Ken Coar]
*) Eliminated FancyIndexing directive, deprecated early in Apache
1.3 by the IndexOptions FancyIndexing syntax. [William Rowe]
*) mod_autoindex now excludes any file names that would result in
an error, other than a success or redirect. Also optimized
the parent directory, always included except in the URI '/'.
[William Rowe]
*) Refactored mod_negotiation and mod_mime to help mod_dir accept
negotiated index pages, and prevent the server from defaulting
to an autoindex of the directory. mod_negotiation will now die
with a 500 Internal Error if it could match some filenames
(e.g. for mod_dir) but none can be served. mod_negotation now
refuses to serve any file with an extention that mod_mime doesn't
recognize, and wasn't part of the request. [William Rowe]
*) Eliminate mod_cgi's handling of .exe files without the .exe file
extension. This is already handled by multiviews, if the admin
wishes to AddHandler .exe or define a content type handler and
associate .exe files with that content type. Multiviews must be
enabled to allow these to be served. [William Rowe]
*) Speed up the server's response to a spike in incoming workload
or restarts by assigning empty scoreboard slots to new processes
when they are available. [Greg Ames]
*) Add a handler to mod_includes.c. This handler is designed to
implement the XbitHack directive. This can't be done with a
fixup, because we need to check the content-type, which is
only available in the handler phase. [Ryan Bloom]
*) Make the includes filter check return codes from filters lower in
the filter chain. If a lower level filter returns an error, then
the request needs to stop immediately. This allows mod_include to
stop parsing data once a lower filter recognizes an error.
[Ryan Bloom]
*) Add the ability to extend the methods that Apache understands
and have those methods able in the httpd.conf. It uses
the same bit mask/shifted offset as the original HTTP methods
such as M_GET or M_POST, but expands the total bits from an int to
an ap_int64_t to handle more bits for new request methods than
an int provides. [Cody Sherr ]
*) Fix broken mod_mime behavior in merging its arguments. Possible
cause of unexplicable crashes introduced in 2.0.20. [William Rowe]
*) Solve many mod_ssl porting issues (too many to detail) with
help from the whole team, but most notably [Ralf S. Engelschall,
Madhusudan Mathihalli ,
Doug MacEachern, William Rowe, Cliff Woolley]
*) More stall fixes for the threaded & worker mpm's.
Make mod_status output more accurate. Don't
count workers in processes which aren't actively
serving requests. [Greg Ames]
*) Win32: Get SSI exec cgi tag working. [Bill Stoddard]
*) Add a single listener/multiple worker MPM. This MPM is
definately not fully correct, but it allows us to solve many
of the problems that exist in the threaded MPM. This is a
modified version of the threaded MPM. [Ryan Bloom]
*) Improve content generation throughout Apache, providing closer
compliance with HTML 3.2, HTML 4.01 Transitional and XHTML 1.0
Transitional specifications. [William Rowe]
Changes with Apache 2.0.22
*) Fix a problem where the threaded MPM stalls after restarts or
segfaults. Also prevent multiple active processes from using
the same scoreboard slot. [Greg Ames]
*) Apache/Win32 now fills in the service description with Apache's
server version string, including loaded and advertised modules.
[William Rowe]
*) Improved support for the Win32 build, to recover gracefully from
missing apr or apr-util directories or the awk interpreter,
create the proper cgi-bin examples, including a test-cgi.bat, and
fix the perl shebang line for printenv.pl, when installing from
the build environment. [William Rowe]
*) Fix a segfault in threaded.c caused by passing uninitialized
apr_thread_t * to apr_thread_join(). [Jeff Trawick]
*) Use new APR number conversion functions to reduce CPU consumption
when setting the content length, and in mod_log_config.
[Brian Pane]
*) Fix problem reported by Taketo Kabe
where HEAD response headers were being repeated twice for
files greater than 32K bytes (4*AP_MIN_BYTES_TO_WRITE). This
problem in the http_header filter was exposed by the recent rewrite
of the content_length filter. [Taketo Kabe, Bill Stoddard]
*) Fix seg faults in mod_status with ExtendedStatus enabled, after
restarts. A garbage pointer to a vhost's server_rec from the
previous generation was being left around under certain
conditions. [Greg Ames]
*) Fix a cosmetic problem with mod_include. Non-existant SSI vars
used to appear as '(none', without the closing paren.
[Günter Knauf ]
*) Improve the exports generating awk script. In the past, we had
work around problems in the awk script by avoiding some #if and
#ifdefs. This has bitten us many times in generating the exports.c
file. This improvement allows corrects the header file parsing.
[Sander Striker ]
Changes with Apache 2.0.21
*) Resolve the Win32 htpasswd bug, where a file that existed would be
overwritten, regardless of the -c flag.
[William Rowe, Mladen Turk ]
*) Introduce connection sub-pools into ab. Truncating the lifetime
of these allocations means that ab no longer perpetually grows
its working set, running out of memory on large request attempts.
[William Rowe]
*) Make scoreboard creation a hook. This allows management
modules to have access to the scoreboard at the time that it is
created, and at every restart request.
[Cody Sherr ]
*) Changed AP_MPMQ_MAX_DAEMONS to refer to MaxClients and
added an AP_MPMQ_MAX_DAEMON_USED to refer to the highest
daemon index actually used in the scoreboard. I also
updated the pertinent calls. [Paul J. Reder]
*) Win32: Prevent listening sockets from being inherited by
the Apache child process, CGI scripts, rotatelog process
etc. If the Apache child process segfaults, any processes
that the child started are not reaped. Prior to this fix,
these processes inherited the listening sockets which sometimes
prevented the restarted Apache child process from accepting
connections (ie, the server would hang).
[Bill Stoddard]
*) Provide vhost and request strings when ExtendedStatus is on.
[Greg Ames]
*) Fix some issues with the pod and prefork: check the pod *after*
processing a connection so that a server processing a time-
consuming request bails out as soon as practical; when the
parent process wakes up a server process via connect(), use an
APR timeout on the connect() so that we don't hang for a long
time if there aren't server processes around to do accept().
[Jeff Trawick, Greg Ames]
*) Performance improvement to mod_mime.c. find_ct() in mod_mime,
spends a lot of time in apr_table_get calls. Using the default
httpd.conf, the tables for languages and charsets are somewhat
large, so the time spent scanning them on each request is
significant. Replacing the tables with hash tables provides
a nice speedup. [Brian Pane ]
*) Add two functions to allow modules to access random parts of the
scoreboard. This allows modules compiled for one MPM to access the
scoreboard, even if it the server was compiled for another MPM.
[Harrie Hazewinkel ]
Changes with Apache 2.0.20
*) Fix problem in content-length filter where the filter would
buffer all the output from a CGI before sending any bytes
down the filter stack to the network. This problem would cause
significant memory consumption if the CGIs generated
lots of bytes. [Bill Stoddard]
*) Get non-blocking CGI pipe reads working with the bucket brigades.
[Bill Stoddard]
*) Fix seg fault on Windows when serving files cached with mod_file_cache.
[Bill Stoddard]
*) Fix a bug in the threaded MPM that would cause it to kill off all
workers immediately after starting if the number of workers started
was above a certain threshold. [Ryan Bloom, Bill Stoddard]
Changes with Apache 2.0.19
*) Fix problem with threaded MPM. The problem was that if each child
process was busy serving a single long-lived request and the server
was sent a graceful restart signal, the server would stop serving
requests. This would happen because each child process would wait to
die until the last thread was done, and the parent wouldn't spawn any
new children until a process died. Now, the parent looks at the fact
that the children are dying gracefully, and starts new children.
Those new children only start enough threads to compliment the number
of threads in the other child process that shares the same spot in
the scoreboard. In this way, we make sure to never go over
MaxClients. [Ryan Bloom]
*) modified mod_negotiation and mod_autoindex to speed up by almost a
factor of two on apr_dir_read()-enhanced platforms, such as Win32
and OS2, by calling ap_sub_request_lookup_dirent() with the results
already provided by apr_dir_read(). [William Rowe]
*) mod_file_cache is now more robust to filtering and serves requests
slightly more efficiently. [Cliff Woolley]
*) Fix problem handling FLUSH bucket in the chunked encoding filter.
Module was calling ap_rwrite() followed by ap_rflush() but the
served content was not being displayed in the browser. Inspection
of the output stream revealed that the first data chunk was
missing the trailing CRLF required by the RFC. [Bill Stoddard]
*) apxs no longer generates ap_send_http_header() in the example handler
*) Fix an ab problem which could cause a divide-by-zero exception
with certain invocations (e.g., ab -k -c 6 -n 100 localhost/).
[Ian Holsman ]
*) Solve case-insensitive platforms' confusion about negotiated
filenames, allowing files of differnt case to match in choosing
the document to serve. [William Rowe]
*) Fix brokenness when ThreadsPerChild is higher than the built-in
limit. We left ap_threads_per_child at the higher value which
led to segfaults when doing certain scoreboard operations.
[Jeff Trawick]
*) Fix seg faults and/or missing output from mod_include. The
default_handler was using the subrequest pool for files and
MMAPs, even though the associated APR structures typically
live longer than the subrequest. [Greg Ames]
*) Extend mod_setenvif to support specifying regular expressions
on the SetEnvIf (and SetEnvIfNoCase) directive attribute field.
Example: SetEnvIf ^TS* [a-z].* HAVE_TS
will cause HAVE_TS to be set if any of the request headers begins
with "TS" and has a value that begins with any character in the
set [a-z]. [Bill Stoddard]
*) httpd children now re-bind themselves to a random CPU on
multiprocessor systems on AIX via bindprocessor() in 2.0.
[Victor J. Orlikowski]
*) Fix htdigest. It would go into a loop in getline when adding
a second user. [Bill Stoddard]
*) Win32 platforms now fully support mod_userdir options. [Will Rowe]
*) Automatically generate httpd.exp for AIX.
DSOs now work again on AIX in 2.0
[Victor J. Orlikowski]
*) Add a new request hook, error_log. This phase allows modules
to act on the error log string _after_ it has been written
to the error log. The goal for this hook is to allow monitoring
modules to send the error string to the monitoring agent.
[Ryan Bloom]
*) Modify mod_echo to make it use filters for input and output.
[Ryan Morgan ]
*) Extend mod_headers to support conditional driven Header
add, append and set. Use SetEnvIf to set an envar and conditionally
add/append/set headers based on this envar thusly:
SetEnvIf TSMyHeader value HAVE_TSMyHeader
Header add MyHeader "%t %D" env=HAVE_TSMyHeader
If the request contains header "TSMyHeader: value" then header
MyHeader: "t=xxxxxxxxxx D=yyyy" will be sent on the response.
[Bill Stoddard]
*) Extend mod_headers to support using format specifiers on Header
add, append and set header values. Two format specifiers are supported:
%t - reports, in UTC microseconds since the epoch, when the
request was received.
%D - reports the time, in microseconds, between when the request was
received and the response sent.
Examples:
Header add MyHeader "This request served in %D microseconds. %t"
results in a header being added to the response that looks like this:
MyHeader: This request served in D=5438 microseconds. t=991424704447256
[Bill Stoddard]
*) Fix reset_filter(). We need to be careful how we remove filters.
If we set r->output_filters to NULL, we also have to reset the
connection's filters. [John Sterling]
*) Optimise reset_filter() in http_protocol.c. [Greg Stein]
*) Add a check to ap_die() to make sure the filter stack is sane and
contains the correct basic filters when an error occurs. This fixes
a problem where headers are not being sent on error. [John Sterling]
*) New Header directive 'echo' option. "Header echo regex" will
cause any headers received on the request that match regex to be
echoed to (included in) the response headers.
[Bill Stoddard]
*) include/ap_compat.h tested and set APR_COMPAT_H instead of AP_COMPAT_H.
This prevented the inclusion of apr_compat.h. PR #7773
[Oleg Broytmann ]
*) Moved util_uri to the apr-util library. This required a bunch of
apr_name changes for the uri utility functions. [Justin Erenkrantz]
*) Move the addition of default AP_HTTP_HTTP_HEADER filters to the
insert_filter phase so that other filters are not bypassed by default.
[Graham Leggett]
*) Reimplement mod_headers as an output filter. mod_headers can now
add custom headers to inbound requests using the RequestHeader directive
and to responses using the same old Header directive. [Graham Leggett]
Changes with Apache 2.0.18
*) Fix command-line processing so that if a bad argument is specified
Apache will exit. [Jeff Trawick]
*) Change the make targets and rules to be consistent in all of the
Apache-owned source trees. [Roy Fielding]
*) Fix processing of the TRACE method. Previously we passed bogus
parms to form_header_field() and it overlaid some vhost structures,
resulting in a segfault in check_hostalias().
[Greg Ames, Jeff Trawick]
*) Win32: Add support for reliable piped logs. If the logging process
goes down, Apache will automatically restart it. This function has
been part of Apache on Unix/Linux/BSD since the early v1.3 releases.
[Bill Stoddard]
*) Do not start piped log processes during the config file
preflight. This change also circumvents a problem on
Windows where the rotatelog processes created during preflight
was not getting cleaned up properly.
[Bill Stoddard]
*) add "Request Phase Participation" info to mod_info
[Doug MacEachern]
*) Make first phase changes to the scoreboard data structures in
preparation for the rewriting of the scoreboard per my posted
design notes. [Paul J. Reder]
*) Fix httpd's definition of LTFLAGS to be consistent with that of apr
and apr-util, allow it to be overridden by the configure command-line
(default="--silent") and introduce LT_LDFLAGS to replace what we were
formerly abusing as LTFLAGS. [Roy Fielding]
*) Clean up the reporting of incorrect closing container tags.
[Barrie Slaymaker ]
*) Simplify the configure process by moving all libtool stuff to APR
and moving hints.m4 inline. [Roy Fielding]
*) Add the AP_DECLARE()/AP_CORE_DECLARE macros on the return types
of functions used by mod_proxy for export in the DLL
[Ian Holsman ]
*) Prevent a hang when a cgi handled by mod_cgid tries to read a
request body from its stdin but no reqest body is being written to
the cgi. [Jeff Trawick]
*) mod_log_config: %c connection status incorrectly logged
as "-" (non-keepalive) when MaxKeepAliveRequests is set to 0.
[Bill Stoddard]
*) Get mod_cern_meta working under Windows
[Bill Stoddard]
*) Create Files, and thus MMAPs, out of the request pool, not the
connection pool. This solves a small resource leak that had us
not closing files until a connection was closed. In order to do
this, at the end of the core_output_filter, we loop through the
brigade and convert any data we have into a single HEAP bucket
that we know will survive clearing the request_rec.
[Ryan Bloom, Justin Erenkrantz ,
Cliff Woolley]
*) Completely revamp configure so that it preserves the standard make
variables CPPFLAGS, CFLAGS, CXXFLAGS, LDFLAGS and LIBS by moving
the configure additions to EXTRA_* variables. Also, allow the user
to specify NOTEST_* values for all of the above, which eliminates the
need for THREAD_CPPFLAGS, THREAD_CFLAGS, and OPTIM. Fix the setting
of INCLUDES and EXTRA_INCLUDES. Check flags as they are added to
avoid pointless duplications. Fix the order in which flags are given
on the compile and link lines. Remove obsolete macros APR_DOEXTRA,
AC_ADD_LIBRARY, AC_CHECK_DEFINE, APACHE_PASSTHRU, and APACHE_ONCE.
Added APR_SAVE_THE_ENVIRONMENT and APR_RESTORE_THE_ENVIRONMENT macros.
Renamed AC_TYPE_RLIM_T macro to APACHE_TYPE_RLIM_T. [Roy Fielding]
*) Get mod_tls to compile/work better on Windows. PR #7612
[Bernhard Schrenk ]
*) Fix shutdown/restart hangs in the threaded MPM.
[Jeff Trawick, Greg Ames, Ryan Bloom]
*) Removed the keptalive boolean from conn_rec because it is now only
used by a single routine and can be replaced by a local variable.
[Greg Stein, Ryan Bloom, Roy Fielding]
*) Patch prefork to put enough of the signal processing back in so that
signals are all handled properly now. The previous patch fixed the
deadlock race condition, but broke the user directed signal handling.
This fixes it to work the way it did before my previous prefork patch
(primarily, SIGTERM is now working).
*) Change how input filters decide how much data is returned to the
higher filter. We used to use a field in the conn_rec, with this
change, we use an argument to ap_get_brigade to determine how much
data is retrieved. [Ryan Bloom]
*) Fix seg fault at start-up introduced by Ryan's change to enable
modules to specify their own logging tags. mod_log_config
registers an optional function, ap_register_log_handler().
ap_register_log_handler() was being called by http_core before
the directive hash table was created. This patch creates the
directive hash table before ap_register_log_handler() is
registered as an optional function.
[jean-frederic clere ]
*) Add ap_set_int_slot() function
[John K. Sterling ]
*) Under certain circumstances, Apache did not supply the
right response headers when requiring authentication.
[Gertjan van Wingerde ] PR#7114
(This is a port of the change that went into Apache 1.3.19.)
*) Allow modules to specify their own logging tags. This basically
allows a module to tell mod_log_config that when %x is encountered
a specific function should be called. Currently, x can be any single
character. It may be more useful to make this a string at some point.
[Ryan Bloom]
Changes with Apache 2.0.17
*) If a higher-level filter handles the the byterange aspects of a
request, then the byterange filter should not try to redo the
work. The most common case of this happening, is a byterange
request going through the proxy, and the origin server handles
the byterange request. The proxy should ignore it.
[Graham Leggett ]
*) Changed the threaded mpm to have child_main join to each of the
worker threads to make sure the kids are all gone before child_main
exits after a signal (cleanup from perform_idle_server_maintenance).
This is an extension of Ryans recent commit to make the child_main
the signal thread.
*) Add more options to the ap_mpm_query function. This also allows MPMs to
report if their threads are dynamic or static. Finally, this also
implements a new API, ap_show_mpm, which returns the MPM that was
required into the core. [Harrie Hazewinkel ]
*) Do not install the binaries from the support directory twice.
[jun-ichiro hagino