CHANGES revision 2a7beea91d46beb41f043a84eaad060047ee04aa
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt -*- coding: utf-8 -*-
351b62535d4c4f89883bfdba025999dd32490266Evan HuntChanges with Apache 2.5.0
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Add LogLevelOverride directive that allows to override the
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt loglevel for clients from certain IPs. This also works for things
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt like the SSL handshake where <If> LogLevel ... </If> is evaluated
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt too late. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Add new directive Warning to issue warnings from a configuration
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt file. Both Warning and Error now generate a timestamped log message.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Fabien Coelho]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_status: Print out list of times since a Vhost was last used.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Jim Jagielski]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Don't fail at startup with AH00554 when Include points to
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater a directory without any wildcard character. PR 54223 [Eric Covener]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Fail startup if the argument to ServerTokens is unrecognized.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 54222 [Jackie Zhang <jackie.qq.zhang gmail.com>]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater *) mod_log_forensic: Don't log a spurious "-" if a request has been rejected
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt before mod_log_forensic could attach its id to it. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt variables. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_rewrite: Stop mergeing RewriteBase down to subdirectories
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt unless new option 'RewriteOptions MergeBase' is configured.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 53963. [Eric Covener]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_session_dbd: fix a segmentation fault in the function dbd_remove.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 53452. [<rebanerebane gmail com>, Reimo Rebane]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater *) core: New directive RegisterHttpMethod for registering non-standard
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt HTTP methods. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_xml2enc: Fix problems with charset conversion altering the
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt Content-Length. [Micha Lenk <micha lenk info>]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: New directive HttpProtocol which allows to disable HTTP/0.9
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt support. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_allowhandlers: New module to forbid specific handlers for specific
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt directories. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Be more correct about rejecting directives that cannot work in <If>
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt sections. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Fix directives like LogLevel that need to know if they are invoked
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt at virtual host context or in Directory/Files/Location/If sections to
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt work properly in If sections that are not in a Directory/Files/Location.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_cache_disk: Resolve errors while revalidating disk-cached files on
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt Windows ("...rename tempfile to datafile failed..."). PR 38827
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Eric Covener]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_proxy: Add ability to configure the sticky session separator.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 53893. [<inu inusasha de>, Jim Jagielski]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater *) mod_proxy_ftp: Fix segfaults on IPv4 requests to hosts with DNS AAAA records.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 40841. [Andrew Rucker Jones <arjones simultan dyndns org>,
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt <ast domdv de>, Jim Jagielski]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) ap_expr: Add req_novary function that allows HTTP header lookups
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt without adding the name to the Vary header. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_ssl: Change default for SSLCompression to off, as compression
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt causes security issues in most setups. (The so called "CRIME" attack).
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) syslog logging: Remove stray ", referer" at the end of some messages.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) configure: Fix processing of --disable-FEATURE for various features.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) "Iterate" directives: Report an error if no arguments are provided.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) htpasswd, htdbm: Optionally read passwords from stdin, as more
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt secure alternative to -b. PR 40243. [Adomas Paltanavicius <adomas
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt paltanavicius gmail com>, Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) htpasswd, htdbm: Add support for bcrypt algorithm (requires
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt apr-util 1.5 or higher). PR 49288. [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) htpasswd, htdbm: Put full 48bit of entropy into salt, improve
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt error handling. Add some of htpasswd's improvements to htdbm,
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt e.g. warn if password is truncated by crypt(). [Stefan Fritsch]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt to more accurately report the negotiated protocol. PR 53916.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Nicolás Pernas Maradei <nico emutex com>, Kaspar Brand]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_systemd: New module, for integration with systemd on Linux.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt [Jan Kaluza <jkaluza redhat.com>]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: ErrorDocument now works for requests without a Host header.
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt PR 48357. [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) --with-module: Fix failure to integrate them into some existing
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt module directories. PR 40097. [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_headers: New params: %l for load averages, %i for an
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt idle percentage rating of httpd, and %b for a busy percentage
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt rating. [Jim Jagielski]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater *) core: New functions to obtain load parameters: ap_get_sload()
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt and ap_get_loadavg(). [Jim Jagielski]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_cache_socache: New cache implementation backed by mod_socache
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt that replaces mod_mem_cache removed from httpd v2.2. [Graham
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt Leggett]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) mod_auth_form: Support the expr parser in the
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater AuthFormLoginRequiredLocation, AuthFormLoginSuccessLocation and
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt AuthFormLogoutLocation directives. [Graham Leggett]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt *) core: Add dirwalk_stat and pre_htaccess hooks, allowing mpm-itk
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt to be used without patches to httpd core. [Jeff Trawick]
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt
*) mod_proxy: Allow for persistence of local changes (via the
balancer-manager) between graceful and normal restarts.
[Jim Jagielski]
*) mod_slotmem: New provider function, fgrab(), which forces an
allocation of a slot. [Jim Jagielski]
*) mod_proxy_balancer: The nonce is only derived from the UUID iff
not set via the 'nonce' balancer param. [Jim Jagielski]
*) mod_lua: Add LuaInputFilter/LuaOutputFilter for creating content
filters in Lua [Daniel Gruno]
*) core: Apply length limit when logging Status header values.
[Jeff Trawick, Chris Darroch]
*) mod_ssl: Match wildcard SSL certificate names in proxy mode.
PR 53006. [Joe Orton]
*) WinNT MPM: Store pid and generation for each thread in scoreboard
to allow tracking of threads from exiting children via mod_status
or other such mechanisms. [Jeff Trawick]
*) mod_ssl: Catch missing or mismatched client cert/key pairs with
SSLProxyMachineCertificateFile/Path directives. PR 52212.
[Keith Burdis <keith burdis.org>, Joe Orton]
*) mod_lua: Allow scripts handled by the lua-script handler to return
a status code to the client (such as a 302 or a 500) [Daniel Gruno]
*) mod_proxy_ajp: Fix crash in packet dump code when logging
with LogLevel trace7 or trace8. PR 53730. [Rainer Jung]
*) mod_cache: Wrong content type and character set when
mod_cache serves stale content because of a proxy error.
PR 53539. [Rainer Jung, Ruediger Pluem]
*) mod_lua: Decline handling 'lua-script' if the file doesn't exist,
rather than throwing an internal server error. [Daniel Gruno]
*) mod_lua: Add functions r:flush and r:sendfile as well as additional
request information to the request_rec structure. [Daniel Gruno]
*) mod_lua: Add a server scope for Lua states, which creates a pool of
states with managable minimum and maximum size. [Daniel Gruno]
*) core: Add post_perdir_config hook.
[Steinar Gunderson <sgunderson bigfoot.com>]
*) mod_lua: Add new directive, LuaMapHandler, for dynamically mapping
URIs to Lua scripts and functions using regular expressions.
[Daniel Gruno]
*) mod_lua: Add new directive LuaCodeCache for controlling in-memory
caching of lua scripts. [Daniel Gruno]
*) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
- APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
- core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
mutexes (Mutex)
- mod_cache: thundering herd lock directory
- mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
- mod_ldap: shared memory cache
- mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
[Jeff Trawick]
*) mod_ssl: Add RFC 5878 support. [Ben Laurie]
*) mod_ssl: Add support for TLS-SRP (Secure Remote Password key exchange
for TLS, RFC 5054). PR 51075. [Quinn Slack <sqs cs stanford edu>,
Christophe Renou, Peter Sylvester]
*) core: Make ap_regcomp() return AP_REG_ESPACE if out of memory. Make
ap_pregcomp() abort if out of memory. This raises the minimum PCRE
requirement to version 6.0. PR 53284. [Stefan Fritsch]
*) suexec: Add --enable-suexec-capabilites support on Linux, to use
setuid/setgid capability bits rather than a setuid root binary.
[Joe Orton]
*) suexec: Add support for logging to syslog as an alternative to logging
to a file; configure --without-suexec-logfile --with-suexec-syslog.
[Joe Orton]
*) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
[Matthew Steele <mdsteele google.com>]
*) various modules, rotatelogs: Replace use of apr_file_write() with
apr_file_write_full() to prevent incomplete writes. PR 53131.
[Nicolas Viennot <apache viennot biz>, Stefan Fritsch]
*) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
be compiled by the build compiler instead of the host compiler.
Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
PR 51257. [Guenter Knauf]
*) core: In maintainer mode, replace apr_palloc with a version that
initializes the allocated memory with non-zero values, except if
AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
*) mod_policy: Add a new testing module to help server administrators
enforce a configurable level of protocol compliance on their
servers and application servers behind theirs. [Graham Leggett]
*) mod_firehose: Add a new debugging module able to record traffic
passing through the server in such a way that connections and/or
requests be reconstructed and replayed. [Graham Leggett]
*) mod_noloris
*) APREQ
*) Simple MPM
*) mod_serf
[Apache 2.5.0-dev includes those bug fixes and changes with the
Apache 2.4.xx tree as documented below, except as noted.]
Changes with Apache 2.4.x and later:
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
Changes with Apache 2.2.x and later:
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
Changes with Apache 2.0.x and later:
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup