CHANGES revision 1e6d9c87eb0a4d11ed013099d8ee602a8a5d3e8f
5d92fff82718cd018f0b61a10b9ad4d2b8064c95rpluem -*- coding: utf-8 -*-
bf52162f2d05c1fb1a107c7ef108de73f739b3edpquernaChanges with Apache 2.3.0
8f066564bfc0fd6ddc6ca4b2f2410615554597d1jim[ When backported to 2.2.x, remove entry from this file ]
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf *) mod_auth_core: Detect during startup when AuthDigestProvider
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf is configured to use an incompatible provider via AuthnProviderAlias.
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf PR 45196 [Eric Covener]
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf null value. [David Shane Holden <dpejesh apache.org>]
47ae8ca3c79d279b2e5424d6b8cf5e4e61ea968fjim *) mod_headers: Prevent Header edit from processing only the first header
47ae8ca3c79d279b2e5424d6b8cf5e4e61ea968fjim of possibly multiple headers with the same name and deleting the
47ae8ca3c79d279b2e5424d6b8cf5e4e61ea968fjim remaining ones. PR 45333. [Ruediger Pluem]
397df70abe0bdd78a84fb6c38c02641bcfeadceasf *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
397df70abe0bdd78a84fb6c38c02641bcfeadceasf [Tom Donovan]
9b5fe1d4ec48643fb819bbce9dc80f93f444fb48sf *) mod_proxy_http: Do not forward requests with 'Expect: 100-continue' to
9b5fe1d4ec48643fb819bbce9dc80f93f444fb48sf known HTTP/1.0 servers. Return 'Expectation failed' (417) instead.
9b5fe1d4ec48643fb819bbce9dc80f93f444fb48sf [Ruediger Pluem]
dd9f60fdfeb73f829fe0b260b7975b4b22be0838sf *) core, authn/z: Determine registered authn/z providers directly in
dd9f60fdfeb73f829fe0b260b7975b4b22be0838sf ap_setup_auth_internal(), which allows optional functions that just
135e1d6a301398168e3b2e5125508828591e1673niq wrapped ap_list_provider_names() to be removed from authn/z modules.
135e1d6a301398168e3b2e5125508828591e1673niq [Chris Darroch]
135e1d6a301398168e3b2e5125508828591e1673niq *) authn/z: Convert common provider version strings to macros.
135e1d6a301398168e3b2e5125508828591e1673niq [Chris Darroch]
135e1d6a301398168e3b2e5125508828591e1673niq *) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
c7de70e936ac1e36c25676fe62e65dbacb947619minfrin *) configure: Don't reject libtool 2.x
c7de70e936ac1e36c25676fe62e65dbacb947619minfrin PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>]
c7de70e936ac1e36c25676fe62e65dbacb947619minfrin *) core: When testing for slash-terminated configuration paths in
c7de70e936ac1e36c25676fe62e65dbacb947619minfrin ap_location_walk(), don't look past the start of an empty string
c7de70e936ac1e36c25676fe62e65dbacb947619minfrin such as that created by a <Location ""> directive.
1b1621900bd89ddc496d721c865a726f635ebd7esf [Chris Darroch]
1b1621900bd89ddc496d721c865a726f635ebd7esf *) core, mod_proxy: If a kept_body is present, it becomes safe for
1b1621900bd89ddc496d721c865a726f635ebd7esf subrequests to support message bodies. Make sure that safety
1b1621900bd89ddc496d721c865a726f635ebd7esf checks within the core and within the proxy are not triggered
4203a35c28d7c60adb7e9ef3be87aad34951c79asf when kept_body is present. This makes it possible to embed
4203a35c28d7c60adb7e9ef3be87aad34951c79asf proxied POST requests within mod_include. [Graham Leggett]
c094add0a23fe1120fd33711ba2e2d084f5629a1sf *) mod_auth_form: Make sure the input filter stack is properly set
c094add0a23fe1120fd33711ba2e2d084f5629a1sf up before reading the login form. Make sure the kept body filter
c094add0a23fe1120fd33711ba2e2d084f5629a1sf is correctly inserted to ensure the body can be read a second
12b26f433fd7d6fc9f76413d7c2cabf4fa5cb300sf time safely should the authn be successful. [Graham Leggett,
12b26f433fd7d6fc9f76413d7c2cabf4fa5cb300sf Ruediger Pluem]
26f56d4a3c12077d605362e97490e34522fa4814covener *) mod_request: Insert the KEPT_BODY filter via the insert_filter
26f56d4a3c12077d605362e97490e34522fa4814covener hook instead of during fixups. Add a safety check to ensure the
26f56d4a3c12077d605362e97490e34522fa4814covener filters cannot be inserted more than once. [Graham Leggett,
2cef7e294acb5d8b8b5dcb21a55438da0b73f63figalic Ruediger Pluem]
2cef7e294acb5d8b8b5dcb21a55438da0b73f63figalic *) core: Do not allow Options ALL if not all options are allowed to be
2d2de64c25c1519122a76150a7daf2c05f53fd9asf overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>]
2d2de64c25c1519122a76150a7daf2c05f53fd9asf *) ap_cache_cacheable_headers_out() will (now) always
2d2de64c25c1519122a76150a7daf2c05f53fd9asf merge an error heaeders _before_ clearing them and _before_
27c5ebb7d411a214f5b6b55a881086ce086d3dd3covener merging in the actual entity headers and doing normal
27c5ebb7d411a214f5b6b55a881086ce086d3dd3covener hop-by-hop cleansing. [Dirk-Willem van Gulik].
27c5ebb7d411a214f5b6b55a881086ce086d3dd3covener *) cache: retire ap_cache_cacheable_hdrs_out() which was used
7697b1b7376a532163c621e050b70c90dcb15d66covener for both in- and out-put headers; and replace it by a single
7697b1b7376a532163c621e050b70c90dcb15d66covener ap_cache_cacheable_headers() wrapped in a in- and out-put
7697b1b7376a532163c621e050b70c90dcb15d66covener specific ap_cache_cacheable_headers_in()/out(). The latter
7697b1b7376a532163c621e050b70c90dcb15d66covener which will also merge error and ensure content-type. To keep
7697b1b7376a532163c621e050b70c90dcb15d66covener cache modules consistent with ease. This API change bumps
9e0536cd66a389bdaa758a825b8bbd8fea665a3eigalic up the minor MM by one [Dirk-Willem van Gulik].
9e0536cd66a389bdaa758a825b8bbd8fea665a3eigalic *) mod_rewrite: Allow Cookie option to set secure and HttpOnly flags.
862bbb262644e8aefae1bf352552b01908ecae0eminfrin PR 44799 [Christian Wenz <christian wenz.org>]
862bbb262644e8aefae1bf352552b01908ecae0eminfrin *) Move the KeptBodySize directive, kept_body filters and the
dd3b88790af9d18429c732ca7bc83ec4ef43d3ffrpluem ap_parse_request_body function out of the http module and into a
dd3b88790af9d18429c732ca7bc83ec4ef43d3ffrpluem new module called mod_request, reducing the size of the core.
dd3b88790af9d18429c732ca7bc83ec4ef43d3ffrpluem [Graham Leggett]
5bbabc874e3fcfbea08c199f7a79ee05b4817a70sf *) mod_dbd: Handle integer configuration directive parameters with a
5bbabc874e3fcfbea08c199f7a79ee05b4817a70sf dedicated function.
aec9747aa70c1dce98e536e8eef5a6a0ab0f1d6cjim *) Change the directives within the mod_session* modules to be valid
aec9747aa70c1dce98e536e8eef5a6a0ab0f1d6cjim both inside and outside the location/directory sections, as
7b7e8ba34e262064914ceedacd5f7d9201b6575ccovener suggested by wrowe. [Graham Leggett]
7b7e8ba34e262064914ceedacd5f7d9201b6575ccovener *) mod_auth_form: Add a module capable of allowing end users to log
220bc4233b21982d7c51842a1774db0ba6172ca4covener in using an HTML form, storing the credentials within mod_session.
220bc4233b21982d7c51842a1774db0ba6172ca4covener [Graham Leggett]
220bc4233b21982d7c51842a1774db0ba6172ca4covener *) Add a function to the http filters that is able to parse an HTML
6f2fbf354b34981f398cf0313aa44702ea2a7066covener form request with the type of application/x-www-form-urlencoded.
6f2fbf354b34981f398cf0313aa44702ea2a7066covener [Graham Leggett]
6f2fbf354b34981f398cf0313aa44702ea2a7066covener *) mod_session_crypto: Initialise SSL in the post config hook.
9e7c7a8fa19c33d1e90f8f7ffab69beacbe72566covener [Ruediger Pluem, Graham Leggett]
9e7c7a8fa19c33d1e90f8f7ffab69beacbe72566covener *) mod_session_dbd: Add a session implementation capable of storing
9e7c7a8fa19c33d1e90f8f7ffab69beacbe72566covener session information in a SQL database via the dbd interface. Useful
a961006b347d6527ccaeab9cf019a4e68d26bfb0covener for sites where session privacy is important. [Graham Leggett]
a961006b347d6527ccaeab9cf019a4e68d26bfb0covener *) mod_session_crypto: Add a session encoding implementation capable
e3f43882b4f7ac7d1aa679be4b319cca04fd22eecovener of encrypting and decrypting sessions wherever they may be stored.
e3f43882b4f7ac7d1aa679be4b319cca04fd22eecovener Introduces a level of privacy when sessions are stored on the
e3f43882b4f7ac7d1aa679be4b319cca04fd22eecovener browser. [Graham Leggett]
8dea7832dea3789fe0b90c434c284bcaad96d40fcovener *) mod_session_cookie: Add a session implementation capable of storing
8dea7832dea3789fe0b90c434c284bcaad96d40fcovener session information within cookies on the browser. Useful for high
999661242470e4dc0258982d5f183efc2d157ae7covener volume sites where server bound sessions are too resource intensive.
0bfcc4d046f6735af2f15981fb53e4c0680b4731covener [Graham Leggett]
b761a57b4e63006c287823270876ab40d3212160covener *) mod_session: Add a generic session interface to unify the different
b761a57b4e63006c287823270876ab40d3212160covener attempts at saving persistent sessions across requests.
b761a57b4e63006c287823270876ab40d3212160covener [Graham Leggett]
5d92fff82718cd018f0b61a10b9ad4d2b8064c95rpluem *) core, authn/z: Avoid calling access control hooks for internal requests
5d92fff82718cd018f0b61a10b9ad4d2b8064c95rpluem with configurations which match those of initial request. Revert to
5d92fff82718cd018f0b61a10b9ad4d2b8064c95rpluem original behaviour (call access control hooks for internal requests
01195d035ccef88e72009e9607157d5eddcb6b7drjung with URIs different from initial request) if any access control hooks or
01195d035ccef88e72009e9607157d5eddcb6b7drjung providers are not registered as permitting this optimization.
aec9747aa70c1dce98e536e8eef5a6a0ab0f1d6cjim Introduce wrappers for access control hook and provider registration
84fbf855118f318dd5e511d8e5b902cecc1177c0jim which can accept additional mode and flag data. [Chris Darroch]
0ed19acadd3d3dd593759173d87d2243e97914e2sf *) Introduced ap_expr API for expression evaluation.
0ed19acadd3d3dd593759173d87d2243e97914e2sf This is adapted from mod_include, which is the first module
0ed19acadd3d3dd593759173d87d2243e97914e2sf to use the new API.
0ed19acadd3d3dd593759173d87d2243e97914e2sf [Nick Kew]
041b426f9b15072b59a32f132e6d04173ab3df68covener *) mod_authz_dbd: When redirecting after successful login/logout per
041b426f9b15072b59a32f132e6d04173ab3df68covener AuthzDBDRedirectQuery, do not report authorization failure, and use
cb838cc4d5fd559efd6c0579a0fcb8f6e5a7af22minfrin first row returned by database query instead of last row.
cb838cc4d5fd559efd6c0579a0fcb8f6e5a7af22minfrin [Chris Darroch]
cb838cc4d5fd559efd6c0579a0fcb8f6e5a7af22minfrin *) mod_ldap: Correctly return all requested attribute values
15ff8c621815e8337abc10638f2b2853ee6fd076minfrin when some attributes have a null value.
15ff8c621815e8337abc10638f2b2853ee6fd076minfrin PR 44560 [Anders Kaseorg <anders kaseorg.com>]
21ccb6cd9272c9066a8f5bb3e7785f46115289desf *) core: check symlink ownership if both FollowSymlinks and
21ccb6cd9272c9066a8f5bb3e7785f46115289desf SymlinksIfOwnerMatch are set [Nick Kew]
b0ac1e83f8582a9b5a72bff798ffb31a419c8adesf *) core: fix origin checking in SymlinksIfOwnerMatch
b0ac1e83f8582a9b5a72bff798ffb31a419c8adesf PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
b682e60dd82772dba52ba77138e494f15c00a551trawick *) Activate mod_cache, mod_file_cache and mod_disc_cache as part of the
b682e60dd82772dba52ba77138e494f15c00a551trawick 'most' set for '--enable-modules' and '--enable-shared-mods'. Include
b682e60dd82772dba52ba77138e494f15c00a551trawick mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
b682e60dd82772dba52ba77138e494f15c00a551trawick *) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these
b682e60dd82772dba52ba77138e494f15c00a551trawick contain public function declarations which are useful for
79c754eb51681c3389cd966753e902c429f78939trawick third party module authors. PR 42431 [Dirk-Willem van Gulik].
79c754eb51681c3389cd966753e902c429f78939trawick *) mod_dir, mod_negotiation: pass the output filter information
8651de219ec5f595af20afdc9da41ce72aaa50d5minfrin to newly created sub requests; as these are later on used
8651de219ec5f595af20afdc9da41ce72aaa50d5minfrin as true requests with an internal redirect. This allows for
8651de219ec5f595af20afdc9da41ce72aaa50d5minfrin mod_cache et.al. to trap the results of the redirect.
8651de219ec5f595af20afdc9da41ce72aaa50d5minfrin [Dirk-Willem van Gulik, Ruediger Pluem]
8fae12696bce44be9ce4c56888690cad8ac7b8f9sf *) mod_ldap: Add support (taking advantage of the new APR capability)
8fae12696bce44be9ce4c56888690cad8ac7b8f9sf for ldap rebind callback while chasing referrals. This allows direct
8fae12696bce44be9ce4c56888690cad8ac7b8f9sf searches on LDAP servers (in particular MS Active Directory 2003+)
8fae12696bce44be9ce4c56888690cad8ac7b8f9sf using referrals without the use of the global catalog.
8fae12696bce44be9ce4c56888690cad8ac7b8f9sf PRs 26538, 40268, and 42557 [Paul J. Reder]
d5612bd28e194390b2c74fcf712d564b0e002684sf *) Support chroot on Unix-family platforms
d5612bd28e194390b2c74fcf712d564b0e002684sf PR 43596 [Dimitar Pashev <mitko banksoft-bg.com>]
4ea161d94782fa56f4b36d496f35ff8577c43065covener *) mod_ssl: Added server name indication support (SNI, RFC 4366).
4ea161d94782fa56f4b36d496f35ff8577c43065covener PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
b588214d6e6fe09abe709e83e894921fbc7e25c8covener can be created with test/make_sni.sh [Dirk-Willem van Gulik].
b588214d6e6fe09abe709e83e894921fbc7e25c8covener *) ApacheMonitor.exe: Introduce --kill argument for use by the
c64fc4e9830bb1ffdc3491aef5ed3be5b90c466bcovener installer. This will permit the installation tool to remove
c64fc4e9830bb1ffdc3491aef5ed3be5b90c466bcovener all running instances before attempting to remove the .exe.
c64fc4e9830bb1ffdc3491aef5ed3be5b90c466bcovener [William Rowe]
ae5efbbf49a7ca6d233209a4d011550989e22556covener *) mod_ssl: Add support for OCSP validation of client certificates.
ae5efbbf49a7ca6d233209a4d011550989e22556covener PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
8c2bb916633b1eb3dccf91c776363bbc3a6145decovener *) mod_serf: New module for Reverse Proxying. [Paul Querna]
8c2bb916633b1eb3dccf91c776363bbc3a6145decovener *) core: Add the option to keep aside a request body up to a certain
8c2bb916633b1eb3dccf91c776363bbc3a6145decovener size that would otherwise be discarded, to be consumed by filters
503bec4c591d28ac6cec7182294cdef2ec6a9829covener such as mod_include. When enabled for a directory, POST requests
503bec4c591d28ac6cec7182294cdef2ec6a9829covener to shtml files can be passed through to embedded scripts as POST
503bec4c591d28ac6cec7182294cdef2ec6a9829covener requests, rather being downgraded to GET requests. [Graham Leggett]
c00149c3cb27e0381362d07ccf2143574b4f600dsf *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
c00149c3cb27e0381362d07ccf2143574b4f600dsf *) scoreboard: Correctly declare ap_time_process_request.
766b0a4793197ccef3dfa202d1fee1e1f929ffa7sf *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
97b692bfc8673c8858f03498f81a993ac0c04c01sf from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
97b692bfc8673c8858f03498f81a993ac0c04c01sf provide the unusual legacy lookup. [William Rowe]
5e6cf205d2b0c848e15c65dab9711805395a5108minfrin *) mpm winnt: fix null pointer dereference
5e6cf205d2b0c848e15c65dab9711805395a5108minfrin PR 42572 [Davi Arnaut]
5e6cf205d2b0c848e15c65dab9711805395a5108minfrin *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
df419be6d7d4b68823efa05722375552af49c2b6minfrin parameters to the environment. Improve portability to
df419be6d7d4b68823efa05722375552af49c2b6minfrin EBCDIC machines by using apr_toupper(). [Martin Kraemer]
df419be6d7d4b68823efa05722375552af49c2b6minfrin *) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
c03e31374e50a227cb554a0f1d4a9056ce80d99asf to authorize an authenticated user via a "require ldap-group X" directive
c03e31374e50a227cb554a0f1d4a9056ce80d99asf where the user is not in group X, but is in a subgroup contained in X.
c03e31374e50a227cb554a0f1d4a9056ce80d99asf PR 42891 [Paul J. Reder]
40b22d3b20454959fe51fdc89907908d77701078minfrin *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
b4a00883f358625923365ca1560c96edec172a52sf *) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
b4a00883f358625923365ca1560c96edec172a52sf for SDKs that define LDAP_NO_LIMIT to something other than -1.
b4a00883f358625923365ca1560c96edec172a52sf [David Jones <oscaremma gmail.com>]
0553e62d75ef12d9a6646bb874be1fbf9e4c1dfbsf *) apxs: Enhance -q flag to print all known variables and their values
0553e62d75ef12d9a6646bb874be1fbf9e4c1dfbsf when invoked without variable name(s).
0553e62d75ef12d9a6646bb874be1fbf9e4c1dfbsf [William Rowe, Sander Temme]
f58bb3da705eb7ec926f4883597fc2eb1336a360minfrin *) apxs: Eliminate run-time check for mod_so. PR 40653.
f58bb3da705eb7ec926f4883597fc2eb1336a360minfrin [David M. Lee <dmlee crossroads.com>]
f58bb3da705eb7ec926f4883597fc2eb1336a360minfrin *) beos MPM: Create pmain pool and run modules' child_init hooks when
f58bb3da705eb7ec926f4883597fc2eb1336a360minfrin entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
be192cefa381d5bae6868034687471754cb43175sf [Chris Darroch]
be192cefa381d5bae6868034687471754cb43175sf *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
be192cefa381d5bae6868034687471754cb43175sf cleanups registered in modules' child_init hooks are performed.
f4a0825e91eec135b5e41c697439e9a13014fa2cminfrin [Chris Darroch]
f4a0825e91eec135b5e41c697439e9a13014fa2cminfrin *) mod_dbd: Stash DBD connections in request_config of initial request
f4a0825e91eec135b5e41c697439e9a13014fa2cminfrin only, or else sub-requests and internal redirections may cause
5876f43a746f688a32b7201bced8591ddf19bd43minfrin entire DBD pool to be stashed in a single HTTP request. [Chris Darroch]
5876f43a746f688a32b7201bced8591ddf19bd43minfrin *) Fix issue which could cause error messages to be written to access logs
5876f43a746f688a32b7201bced8591ddf19bd43minfrin on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
bbba414c5bbf770e505778265bbe7a4a0e4fbdaaniq *) The LockFile directive, which specifies the location of
bbba414c5bbf770e505778265bbe7a4a0e4fbdaaniq the accept() mutex lockfile, is deprecated. Instead, the
4aef34911af88f96c5b6d9b71a550a5a97bbc0b6minfrin AcceptMutex directive now takes an optional lockfile
4aef34911af88f96c5b6d9b71a550a5a97bbc0b6minfrin location parameter, ala SSLMutex. [Jim Jagielski]
4aef34911af88f96c5b6d9b71a550a5a97bbc0b6minfrin *) mod_authn_dbd: Export any additional columns queried in the SQL select
4aef34911af88f96c5b6d9b71a550a5a97bbc0b6minfrin into the environment with the name AUTHENTICATE_<COLUMN>. This brings
4cefc38158672f5de8119886d9754cf0609a9371minfrin mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
4cefc38158672f5de8119886d9754cf0609a9371minfrin *) mod_dbd: Key the storage of prepared statements on the hex string
4cefc38158672f5de8119886d9754cf0609a9371minfrin value of server_rec, rather than the server name, as the server name
4cefc38158672f5de8119886d9754cf0609a9371minfrin may change (eg when the server name is set) at any time, causing
11d3c510dca5b5178ad4739ffc1567ef2155bda9minfrin weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
11d3c510dca5b5178ad4739ffc1567ef2155bda9minfrin *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
d974a1624c0bb4f1c2e8b36fcf8ba1f12284ed8dsf *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
d974a1624c0bb4f1c2e8b36fcf8ba1f12284ed8dsf the first bucket from the brigade, finds it not to be a FILE
1a8c329935111a5059363efe927d631371b78414minfrin bucket and barfs. The fix is to pass a bucket rather than a brigade.
1a8c329935111a5059363efe927d631371b78414minfrin [Niklas Edmundsson <nikke acc.umu.se>]
fac37c9794a18c24d187f4e0f97a9476c4344118minfrin *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
fc58f0ff708564b67cd578c626b6500d1cd63a51sf *) ap_get_server_version() has been removed. Third-party modules must
fc58f0ff708564b67cd578c626b6500d1cd63a51sf now use ap_get_server_banner() or ap_get_server_description().
fc58f0ff708564b67cd578c626b6500d1cd63a51sf [Jeff Trawick]
fc58f0ff708564b67cd578c626b6500d1cd63a51sf *) All MPMs: Introduce a check_config phase between pre_config and
fc58f0ff708564b67cd578c626b6500d1cd63a51sf open_logs, to allow modules to review interdependent configuration
4e5fe1d203ddf3956a77be3c797c01fd4be8b211sf directive values and adjust them while messages can still be logged
4e5fe1d203ddf3956a77be3c797c01fd4be8b211sf to the console. Handle relevant MPM directives during this phase
4e5fe1d203ddf3956a77be3c797c01fd4be8b211sf and format messages for both the console and the error log, as
dcb4802d9ea9fc4ba89671e8f8faa70c9535b202minfrin appropriate. [Chris Darroch]
dcb4802d9ea9fc4ba89671e8f8faa70c9535b202minfrin *) mod_proxy: don't URLencode tilde in path component
dcb4802d9ea9fc4ba89671e8f8faa70c9535b202minfrin [Stijn Hoop <stijn sandcat.nl>]
ce4dc40a4e87991087488f70d96d3447d7557294sf *) mpm_winnt: Fix return values from wait_for_many_objects.
ce4dc40a4e87991087488f70d96d3447d7557294sf The return value is index to the signaled thread in the
0119f1301a880cf39c0aad0fa2a77240af964691sf creted_threads array. We can not use WAIT_TIMEOUT because
ce4dc40a4e87991087488f70d96d3447d7557294sf his value is defined as 258, thus limiting the MaxThreads
9db0b0ee6ffade769db57b37a06b3f4849b5d367minfrin to that value. [Mladen Turk]
9db0b0ee6ffade769db57b37a06b3f4849b5d367minfrin *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
9db0b0ee6ffade769db57b37a06b3f4849b5d367minfrin to circumvent the symbolic link checks imposed by FollowSymLinks and
033d82412cc4af9d939b7e1645425b9e7f4ebf60minfrin SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
033d82412cc4af9d939b7e1645425b9e7f4ebf60minfrin *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
033d82412cc4af9d939b7e1645425b9e7f4ebf60minfrin configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
033d82412cc4af9d939b7e1645425b9e7f4ebf60minfrin The default is none as this is far greater debugging resolution than
1b390add6886fb1c0acdea82be0ef0920f1158casf the typical administrator is prepared to untangle. [William Rowe]
1b390add6886fb1c0acdea82be0ef0920f1158casf *) mod_disk_cache: If possible, check if the size of an object to cache is
5fd471ec540a088d143a223096d35661bf87c15btrawick within the configured boundaries before actually saving data.
5fd471ec540a088d143a223096d35661bf87c15btrawick [Niklas Edmundsson <nikke acc.umu.se>]
f2472b79d241967fa28f8284470b1c5cafee7b12wrowe *) mod_cache: Convert all values to seconds before comparing them when
f2472b79d241967fa28f8284470b1c5cafee7b12wrowe checking whether to send a Warning header for a stale response.
f2472b79d241967fa28f8284470b1c5cafee7b12wrowe PR 39713. [Owen Taylor <otaylor redhat.com>]
f2472b79d241967fa28f8284470b1c5cafee7b12wrowe *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
f2472b79d241967fa28f8284470b1c5cafee7b12wrowe final name. [Davi Arnaut <davi haxent.com.br>]
c9201c790435060b1322d86949183085ca5f6c0cwrowe *) Worker and event MPMs: Remove improper scoreboard updates which were
c9201c790435060b1322d86949183085ca5f6c0cwrowe performed in the event of a fork() failure. [Chris Darroch]
c9201c790435060b1322d86949183085ca5f6c0cwrowe *) Add support for fcgi:// proxies to mod_rewrite.
c9201c790435060b1322d86949183085ca5f6c0cwrowe [Markus Schiegl <ms schiegl.com>]
38bd9dba7627c6b2f331cd0731c272ee6bd876b1wrowe *) Remove incorrect comments from scoreboard.h regarding conditional
38bd9dba7627c6b2f331cd0731c272ee6bd876b1wrowe loading of worker_score structure with mod_status, and remove unused
38bd9dba7627c6b2f331cd0731c272ee6bd876b1wrowe definitions relating to old life_status field.
c1ba97f41a4526d84fb7a1596afe3dd11e065a2cminfrin [Chris Darroch <chrisd pearsoncmg.com>]
c1ba97f41a4526d84fb7a1596afe3dd11e065a2cminfrin *) Remove allocation of memory for unused array of lb_score pointers
c1ba97f41a4526d84fb7a1596afe3dd11e065a2cminfrin in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
97cc46935ec496b83fef9d6feb094d706c895b3bsf *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
4ed33a14c26d78bbe6bd0b9d5091cdb184e348basf [Garrett Rooney, Jim Jagielski, Paul Querna]
4ed33a14c26d78bbe6bd0b9d5091cdb184e348basf *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
97cc46935ec496b83fef9d6feb094d706c895b3bsf [Chris Darroch <chrisd pearsoncmg.com>]
72e3829dbd019a63b1091987fc6e7b1c028b089cminfrin *) mod_charset_lite: Remove Content-Length when output filter can
72e3829dbd019a63b1091987fc6e7b1c028b089cminfrin invalidate it. Warn when input filter can invalidate it.
1081aff66582e2cac722fb3b6f09da4f524b5962minfrin [Jeff Trawick]
1081aff66582e2cac722fb3b6f09da4f524b5962minfrin *) Authz: Add the new module mod_authn_core that will provide common
1081aff66582e2cac722fb3b6f09da4f524b5962minfrin authn directives such as 'AuthType', 'AuthName'. Move the directives
9f0c32ae318f33c93a47d83f4709242c18339bbcminfrin 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
9f0c32ae318f33c93a47d83f4709242c18339bbcminfrin into mod_authn_core. [Brad Nicholes]
9f0c32ae318f33c93a47d83f4709242c18339bbcminfrin *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
9474e446514b06765775eb0c1ec6645e2c5e50f6minfrin into the new module mod_access_compat which can be loaded to provide
9474e446514b06765775eb0c1ec6645e2c5e50f6minfrin support for these directives.
9474e446514b06765775eb0c1ec6645e2c5e50f6minfrin [Brad Nicholes]
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin *) Authz: Move the 'Require' directive from the core module as well as
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin logic into the authorization processing. [Brad Nicholes]
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin *) Authz: Add the new module mod_authz_core which acts as the
9474e446514b06765775eb0c1ec6645e2c5e50f6minfrin authorization provider vector and contains common authz
9474e446514b06765775eb0c1ec6645e2c5e50f6minfrin directives. [Brad Nicholes]
b7557ab9828d2017224a12968f82c3118b6a8c0aminfrin *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
e302f38fd646764ce1a1e1c578d794aef514a9e5sf 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
e302f38fd646764ce1a1e1c578d794aef514a9e5sf *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
b32d756dae79045a9bc90e0d0b85582f6f28eaf3sf host-based access control provided by mod_authz_host and invoked
e302f38fd646764ce1a1e1c578d794aef514a9e5sf through the 'Require' directive. [Brad Nicholes]
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf *) Authz: Convert all of the authz modules from hook based to
3b41ccdaa163f4e900bbf8a7aa6a366df033822dminfrin provider based. [Brad Nicholes]
3b41ccdaa163f4e900bbf8a7aa6a366df033822dminfrin *) mod_cache: Add CacheMinExpire directive to set the minimum time in
3b41ccdaa163f4e900bbf8a7aa6a366df033822dminfrin seconds to cache a document.
3b41ccdaa163f4e900bbf8a7aa6a366df033822dminfrin [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
28587db43bc4bea96a36fbcffdd967e7b422bb97minfrin *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
28587db43bc4bea96a36fbcffdd967e7b422bb97minfrin *) Fix typo in ProxyStatus syntax error message.
5a2dcc476c33985b7681aa72256bcd7266057eddsf *) Asynchronous write completion for the Event MPM. [Brian Pane]
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier *) Added an End-Of-Request bucket type. The logging of a request and
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier the freeing of its pool are now done when the EOR bucket is destroyed.
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier This has the effect of delaying the logging until right after the last
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier of the response is sent; ap_core_output_filter() calls the access logger
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier indirectly when it destroys the EOR bucket. [Brian Pane]
e08076ca56e6cb68b30846b9e9339061058aae6dpoirier *) Rewrite of logresolve support utility: IPv6 addresses are now supported
f3a19422957c2e9eb827c8e38e5982f678591aa5minfrin and the format of statistical output has changed. [Colm MacCarthaigh]
b7a2f855b5e31abc24dab2eef28e9e2f985ae25brpluem *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener *) Added new connection states for handler and write completion
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener [Brian Pane]
ac45a43afbf38aa4a91c1402c6beef6ef8a2696dniq *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
ac45a43afbf38aa4a91c1402c6beef6ef8a2696dniq [Justin Erenkrantz]
ac45a43afbf38aa4a91c1402c6beef6ef8a2696dniq *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
b2b9b7f0644773b50aee41956a841ac884086250niq allowing string-valued client certificate attributes to be used for
b2b9b7f0644773b50aee41956a841ac884086250niq access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
b2b9b7f0644773b50aee41956a841ac884086250niq [Martin Kraemer, David Reid]
b2b9b7f0644773b50aee41956a841ac884086250niq [Apache 2.1.0-dev includes those bug fixes and changes with the
b4f348c8e74ba8166410ddeffac03e4887696788niq Apache 2.2.xx tree as documented, and except as noted, below.]
b4f348c8e74ba8166410ddeffac03e4887696788niqChanges with Apache 2.2.x and later:
4fda5fb4cc40703a76e261bbf21ec1d6b51b7d3fjim *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
fa0dc2a4f675a868378a52946e5b244d6bf41196sfChanges with Apache 2.0.x and later:
0807f6da6091b748ab47c21ba66252fe8da2a966sf *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
b92a868b537899a51efd8c200c396fa51c63839dtrawickChanges with Apache 1.3.x and later: