CHANGES revision 65f6e321663b3fd0f93d8b47b4df05f189de6cf1
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner -*- coding: utf-8 -*-
43b4c41fbb07705c9df321221ab9cb9832460407Christian MaederChanges with Apache 2.3.15
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: Enable ldap modules in 'all' and 'most' selections if ldap
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner is compiled into apr-util. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Add ap_check_cmd_context()-check if a command is executed in
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder .htaccess file. [Stefan Fritsch]
d23ecf32e56cce69bc42eb5c96dddf7909c623abjelmd *) mod_deflate: Fix endless loop if first bucket is metadata. PR 51590.
d23ecf32e56cce69bc42eb5c96dddf7909c623abjelmd [Torsten Foertsch <torsten foertsch gmx net>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens ElknerChanges with Apache 2.3.14
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_ajp: Improve trace logging. [Rainer Jung]
7d0ee72ee91ec305408688b969c43f07b9667c80Christian Maeder *) mod_proxy_ajp: Respect "reuse" flag in END_REPONSE packets.
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy: enable absolute URLs to be rewritten with ProxyPassReverse,
d23ecf32e56cce69bc42eb5c96dddf7909c623abjelmd e.g. to reverse proxy "Location: https://other-internal-server/login"
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) prefork, worker, event: Make sure crashes are logged to the error log if
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner httpd has already detached from the console. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) prefork, worker, event: Reduce period during startup/restart where a
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner successive signal may be lost. PR 43696. [Arun Bhalla <arun shme net>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_allowmethods: Correct Merging of "reset" and do not allow an
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner empty parameter list for the AllowMethods directive. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: Update selection of modules for 'all' and 'most'. 'all' will
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner now enable all modules except for example and test modules. Make the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner selection for 'most' more useful (including ssl and proxy). Both 'all'
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner and 'most' will now disable modules if dependencies are missing instead
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa of aborting. If a specific module is requested with --enable-XXX=yes,
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa missing dependencies will still cause configure to exit with an error.
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa [Stefan Fritsch]
ab4256496e72886018b78571057331f373da6883Eugen Kuksa *) mod_ldap: Revert the integration of apr-ldap as ap_ldap which was done
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa in 2.3.13. [Stefan Fritsch]
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa *) core: For '*' or '_default_' vhosts, use a wildcard address of any
a389e88e0acb83d8489bdc5e55bc5522b152bbecEugen Kuksa address family, rather than IPv4 only. [Joe Orton]
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa *) core, mod_rewrite, mod_ssl, mod_nw_ssl: Make the SERVER_NAME variable
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa include [ ] for literal IPv6 addresses, as mandated by RFC 3875.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 26005. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_negotiation: Fix parsing of Content-Length in type maps. PR 42203.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Nagae Hidetake <nagae eagan jp>]
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa *) core: Add more logging to ap_scan_script_header_err* functions. Add
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa ap_scan_script_header_err*_ex functions that take a module index for
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_cgi, mod_cgid, mod_proxy_fcgi, mod_proxy_scgi, mod_isapi: Use the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner new functions in order to make logging configurable per-module.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_dir: Add DirectoryIndexRedirect to send an external redirect to
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner the proper index. [Eric Covener]
c9a7e6af169a2adfb92f42331cd578065ed83a2bChristian Maeder *) mod_deflate: Don't try to compress requests with a zero sized body.
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder PR 51350. [Stefan Fritsch]
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) core: Fix startup on IP6-only systems. PR 50592. [Joe Orton,
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder <root linkage white-void net>]
404166b9366552e9ec5abb87a37c76ec8a815fb7Klaus Luettich *) suexec: Add environment variables CONTEXT_DOCUMENT_ROOT, CONTEXT_PREFIX,
b1f59a4ea7c96f4c03a4d7cfcb9c5e66871cfbbbChristian Maeder REDIRECT_ERROR_NOTES, REDIRECT_SCRIPT_FILENAME, REQUEST_SCHEME to the
ad270004874ce1d0697fb30d7309f180553bb315Christian Maeder whitelist in suexec. PR 51499. [Graham Laverty <graham reg ca>,
404166b9366552e9ec5abb87a37c76ec8a815fb7Klaus Luettich Stefan Fritsch]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_rewrite: Fix regexp RewriteCond with NoCase. [Stefan Fritsch]
ce5b44277ea06257548ff625e928cb1290c6d297cmaeder *) mod_log_debug: New module that allows to log custom messages at various
bab2d88d650448628730ed3b65c9f99c52500e8cChristian Maeder phases in the request processing. [Stefan Fritsch]
ce5b44277ea06257548ff625e928cb1290c6d297cmaeder *) mod_ssl: Add some debug logging when loading server certificates.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder PR 37912. [Nick Burch <nick burch alfresco com>]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) configure: Support reallyall option also for --enable-mods-static.
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder *) mod_socache_dc: add --with-distcache to configure for choosing
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder the distcache installation directory. [Rainer Jung]
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder *) mod_socache_dc: use correct build variable MOD_SOCACHE_DC_LDADD
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder instead of MOD_SOCACHE_LDADD in build macro. [Rainer Jung]
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder *) mod_lua, mod_deflate: respect platform specific runpath linker
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder flag. [Rainer Jung]
825a1e4ca1e768de4b4883c65a6cb1dce6aa0002Christian Maeder *) configure: Only link the httpd binary against PCRE. No other support
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder binary needs PCRE. [Rainer Jung]
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder *) configure: tolerate dependency checking failures for modules if
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder they have been enabled implicitely. [Rainer Jung]
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder *) configure: Allow to specify module specific custom linker flags via
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder the MOD_XXX_LDADD variables. [Rainer Jung]
4b4a0b61b72cf8478a5d4d5002bca9f699401363Christian MaederChanges with Apache 2.3.13
308834907a120fd8771e18292ed2ca9cd767c12dChristian Maeder *) ab: Support specifying the local address to use. PR 48930.
bab2d88d650448628730ed3b65c9f99c52500e8cChristian Maeder [Peter Schuller <scode spotify com>]
8cacad2a09782249243b80985f28e9387019fe40Christian Maeder *) core: Add support to ErrorLogFormat for logging the system unique
6a2dad705deefd1b7a7e09b84fd2d75f2213be47Christian Maeder thread id under Linux. [Stefan Fritsch]
363939beade943a02b31004cea09dec34fa8a6d9Christian Maeder *) event: New AsyncRequestWorkerFactor directive to influence how many
014dc30f64ec25e4790cca987d4d1e6635430510Christian Maeder connections will be accepted per process. [Stefan Fritsch]
6aea82c63ba1d2efc0329bc784a14e521469ec20Christian Maeder *) prefork, worker, event: Rename MaxClients to MaxRequestWorkers which
4ba08bfca0cc8d9da65397b8dfd2654fdb4c0e62Christian Maeder describes more accurately what it does. [Stefan Fritsch]
431d34c7007a787331c4e5ec997badb0f8190fc7Christian Maeder *) rotatelogs: Add -p argument to specify custom program to invoke
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder after a log rotation. PR 51285. [Sven Ulland <sveniu ifi.uio.no>,
f1541d4a151dbd08002dbd14e7eb1d5dde253689Christian Maeder *) mod_ssl: Don't do OCSP checks for valid self-issued certs. [Kaspar Brand]
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder *) mod_ssl: Avoid unnecessary renegotiations with SSLVerifyDepth 0.
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder PR 48215. [Kaspar Brand]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_status: Display information about asynchronous connections in the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner server-status. PR 44377. [Stefan Fritsch]
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) mpm_event: If the number of connections of a process is very high, or if
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder all workers are busy, don't accept new connections in that process.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Stefan Fritsch]
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) mpm_event: Process lingering close asynchronously instead of tying up
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder worker threads. [Jeff Trawick, Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mpm_event: If MaxMemFree is set, limit the number of pools that is kept
ca074a78b8dcccbb8c419586787882f98d0c6163Christian Maeder around. [Stefan Fritsch]
dc679edd4ca027663212afdf00926ae2ce19b555Christian Maeder *) mpm_event: Fix graceful restart aborting connections. PR 43359.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Takashi Sato <takashi lans-tv com>]
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) mod_ssl: Disable AECDH ciphers in example config. PR 51363.
fdb2d618144159395f7bf8ce3327b3c112a17dd3Till Mossakowski [Rob Stradling <rob comodo com>]
c72c1e75a969ff4c336e77481c2a8e42603f13eeChristian Maeder *) core: Introduce new function ap_get_conn_socket() to access the socket of
4017ebc0f692820736d796af3110c3b3018c108aChristian Maeder a connection. [Stefan Fritsch]
ca074a78b8dcccbb8c419586787882f98d0c6163Christian Maeder *) mod_data: Introduce a filter to support RFC2397 data URLs. [Graham
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) mod_userdir/mod_alias/mod_vhost_alias: Correctly set DOCUMENT_ROOT,
f2f9df2e17e70674f0bf426ed1763c973ee4cde0Christian Maeder CONTEXT_DOCUMENT_ROOT, CONTEXT_PREFIX. PR 26052. PR 46198.
d946c1bfdd7d58aa7c023efe864d5999eb44a61bChristian Maeder [Stefan Fritsch]
d946c1bfdd7d58aa7c023efe864d5999eb44a61bChristian Maeder *) core: Allow to override document_root on a per-request basis. Introduce
d946c1bfdd7d58aa7c023efe864d5999eb44a61bChristian Maeder new context_document_root and context_prefix which provide information
d946c1bfdd7d58aa7c023efe864d5999eb44a61bChristian Maeder about non-global URI-to-directory mappings (from e.g. mod_userdir or
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_alias) to scripts. PR 49705. [Stefan Fritsch]
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder *) core: Add <ElseIf> and <Else> to complement <If> sections.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_ext_filter: Remove DebugLevel option in favor of per-module loglevel.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Stefan Fritsch]
ca074a78b8dcccbb8c419586787882f98d0c6163Christian Maeder *) mod_include: Make the "#if expr" element use the new "ap_expr" expression
ca074a78b8dcccbb8c419586787882f98d0c6163Christian Maeder parser. The old parser can still be used by setting the new directive
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder SSILegacyExprParser. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: Add some features to ap_expr for use by mod_include: a restricted
f1541d4a151dbd08002dbd14e7eb1d5dde253689Christian Maeder mode that does not allow to bypass request access restrictions; new
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder variables DOCUMENT_URI (alias for REQUEST_URI), LAST_MODIFIED; -A as an
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner alias for -U; an additional data entry in ap_expr_eval_ctx_t for use by
e6d5dbbc3308f05197868806e0b860f4f53875f1Christian Maeder the consumer; an extensible ap_expr_exec_ctx() API that allows to use that
363939beade943a02b31004cea09dec34fa8a6d9Christian Maeder data entry. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_include: Merge directory configs instead of one SSI* config directive
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder causing all other per-directory SSI* config directives to be reset.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_charset_lite: Remove DebugLevel option in favour of per-module
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder loglevel. [Stefan Fritsch]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) core: Add ap_regexec_len() function that works with non-null-terminated
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder strings. PR 51231. [Yehezkel Horowitz <horowity checkpoint com>]
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder *) mod_authnz_ldap: If the LDAP server returns constraint violation,
93f5b72fdb9ee734caa750b43dd79bbb590dcd73Christian Maeder don't treat this as an error but as "auth denied". [Stefan Fritsch]
328a85c807f2a95c3f147d10b05927eaf862ebebChristian Maeder *) mod_proxy_fcgi|scgi: Add support for "best guess" of PATH_INFO
8fb127028cb7dd361e348a3252e33487f73428bcJonathan von Schroeder for SCGI/FCGI. PR 50880, 50851. [Mark Montague <mark catseye.org>,
06dd4e7c29f33f6122a910719e3bd9062256e397Andy Gimblett Jim Jagielski]
4ba08bfca0cc8d9da65397b8dfd2654fdb4c0e62Christian Maeder *) mod_cache: When content is served stale, and there is no means to
bff4b3f816be4c1e1d8ded76f1d5af786839e1a9Christian Maeder revalidate the content using ETag or Last-Modified, and we have
7bb0a9e92bc7a6f868eaa0b9c3212c0af4f96b7fEugen Kuksa mandated no stale-on-error behaviour, stand down and don't cache.
5b818f10e11fc79def1fdd5c8a080d64a6438d87Christian Maeder Saves a cache write that will never be read.
8b0f493ae42bad8b94918cc0957f1af57096cda4Felix Reckers [Graham Leggett]
819e29dba060687cf391e444e0f6ff88c1908cc3Christian Maeder *) mod_reqtimeout: Fix a timed out connection going into the keep-alive
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder state after a timeout when discarding a request body. PR 51103.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Stefan Fritsch]
c208973c890b8f993297720fd0247bc7481d4304Christian Maeder *) core: Add various file existance test operators to ap_expr.
0d0278c34a374b29c2d6c58b39b8b56e283d48e8Christian Maeder [Stefan Fritsch]
3554301a34639efb6c9961a8571775d0061284c9Christian Maeder *) mod_proxy_express: New mass reverse-proxy switch extension for
8b0f493ae42bad8b94918cc0957f1af57096cda4Felix Reckers mod_proxy. [Jim Jagielski]
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder *) configure: Fix script error when configuring module set "reallyall".
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder [Rainer Jung]
456238178f89e5a3de2988ee6c8af924297d52d9Christian MaederChanges with Apache 2.3.12
383aa66e5142365fe9b1f88b18c1da5b27cc8c04Christian Maeder *) configure, core: Provide easier support for APR's hook probe
383aa66e5142365fe9b1f88b18c1da5b27cc8c04Christian Maeder capability. [Jim Jagielski, Jeff Trawick]
3554301a34639efb6c9961a8571775d0061284c9Christian Maeder *) Silence autoconf 2.68 warnings. [Rainer Jung]
383aa66e5142365fe9b1f88b18c1da5b27cc8c04Christian Maeder *) mod_authnz_ldap: Resolve crash when LDAP is used for authorization only
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder [Scott Hill <shill genscape.com>]
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder *) support: Make sure check_forensic works with mod_unique_id loaded
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder [Joe Schaefer]
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder *) Add child_status hook for tracking creation/termination of MPM child
383aa66e5142365fe9b1f88b18c1da5b27cc8c04Christian Maeder processes. Add end_generation hook for notification when the last
383aa66e5142365fe9b1f88b18c1da5b27cc8c04Christian Maeder MPM child of a generation exits. [Jeff Trawick]
a14767aeac3e78ed100f5b75e210ba563ee10dbaChristian Maeder *) mod_ldap: Make LDAPSharedCacheSize 0 create a non-shared-memory cache per
a14767aeac3e78ed100f5b75e210ba563ee10dbaChristian Maeder process as opposed to disabling caching completely. This allows to use
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder the non-shared-memory cache as a workaround for the shared memory cache
3554301a34639efb6c9961a8571775d0061284c9Christian Maeder not being available during graceful restarts. PR 48958. [Stefan Fritsch]
54ea981a0503c396c2923a1c06421c6235baf27fChristian Maeder *) Add new ap_reserve_module_slots/ap_reserve_module_slots_directive API,
54ea981a0503c396c2923a1c06421c6235baf27fChristian Maeder necessary if a module (like mod_perl) registers additional modules late
54ea981a0503c396c2923a1c06421c6235baf27fChristian Maeder in the startup phase. [Stefan Fritsch]
3554301a34639efb6c9961a8571775d0061284c9Christian Maeder *) core: Prevent segfault if DYNAMIC_MODULE_LIMIT is reached. PR 51072.
697e63e30aa3c309a1ef1f9357745111f8dfc5a9Christian Maeder [Torsten Förtsch <torsten foertsch gmx net>]
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder *) WinNT MPM: Improve robustness under heavy load. [Jeff Trawick]
819e29dba060687cf391e444e0f6ff88c1908cc3Christian Maeder *) MinGW build improvements. PR 49535. [John Vandenberg
819e29dba060687cf391e444e0f6ff88c1908cc3Christian Maeder <jayvdb gmail.com>, Jeff Trawick]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) core: Support module names with colons in loglevel configuration.
254df6f22d01eacf7c57b85729e0445747b630d9Christian Maeder [Torsten Förtsch <torsten foertsch gmx net>]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
254df6f22d01eacf7c57b85729e0445747b630d9Christian Maeder [Stefan Fritsch]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) core: Abort if the MPM is changed across restart. [Jeff Trawick]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder [Peter Pramberger <peter pramberger.at>, Jim Jagielski]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_proxy_fcgi: Add support for 'ProxyErrorOverride on'. PR 50913.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder [Mark Montague <mark catseye.org>, Jim Jagielski]
4fc9de0da898448f1d3597ebbd8c04a066464c21Christian Maeder *) core: Change the APIs of ap_cfg_getline() and ap_cfg_getc() to return an
aded505f9b42cc38975559c2a5d175ae95de436bChristian Maeder error code. Abort with a nice error message if a config line is too long.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder Partial fix for PR 50824. [Stefan Fritsch]
c208973c890b8f993297720fd0247bc7481d4304Christian Maeder *) mod_info: Dump config to stdout during startup if -DDUMP_CONFIG is
c208973c890b8f993297720fd0247bc7481d4304Christian Maeder specified. PR 31956. [Stefan Fritsch]
0d0278c34a374b29c2d6c58b39b8b56e283d48e8Christian Maeder *) Restore visibility of DEFAULT_PIDLOG to core and modules. MPM
0d0278c34a374b29c2d6c58b39b8b56e283d48e8Christian Maeder helper function ap_remove_pid() added. [Jeff Trawick]
0d0278c34a374b29c2d6c58b39b8b56e283d48e8Christian Maeder *) Enable DEFAULT_REL_RUNTIMEDIR on Windows and NetWare. [various]
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder *) Correct C++ incompatibility with http_log.h. [Stefan Fritsch, Jeff
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder *) mod_log_config: Prevent segfault. PR 50861. [Torsten Förtsch
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
5ad5dffe06818a13e1632b1119fbca7881085fc1Dominik Luecke in request URL path info but not decode them. Change behavior of option
8c812cd83569e973f10cf69a342424ceabc07af9Christian Maeder "On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
8c812cd83569e973f10cf69a342424ceabc07af9Christian Maeder PR 46830. [Dan Poirier]
1535e1d8c82db5f7e2402261983c4c2ef39f4f39Mihai Codescu *) mod_ssl: Check SNI hostname against Host header case-insensitively.
31d6d9286988dc31639d105841296759aeb743e0Jonathan von Schroeder PR 49491. [Mayank Agrawal <magrawal.08 gmail.com>]
7a3fe82695aa32657693e05712f84d7f81672f2eJonathan von Schroeder *) mod_ldap: Add LDAPConnectionPoolTTL to give control over lifetime
7a3fe82695aa32657693e05712f84d7f81672f2eJonathan von Schroeder of bound backend LDAP connections. PR47634 [Eric Covener]
7a3fe82695aa32657693e05712f84d7f81672f2eJonathan von Schroeder *) mod_cache: Make CacheEnable and CacheDisable configurable per
05a206508bc898f87fe6ab6e069814df3c29d303Dominik Luecke directory in addition to per server, making them work from within
05a206508bc898f87fe6ab6e069814df3c29d303Dominik Luecke a LocationMatch. [Graham Leggett]
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder *) worker, event, prefork: Correct several issues when built as
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder DSOs; most notably, the scoreboard was reinitialized during graceful
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder restart, such that processes of the previous generation were not
d54cd08a4cfa26256c38d8ed12c343adbfe1a0e3Christian Maeder observable. [Jeff Trawick]
d54cd08a4cfa26256c38d8ed12c343adbfe1a0e3Christian MaederChanges with Apache 2.3.11
b1f59a4ea7c96f4c03a4d7cfcb9c5e66871cfbbbChristian Maeder *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder Win32's cscript interpreter can only use a single quote as comment char.
8c812cd83569e973f10cf69a342424ceabc07af9Christian Maeder [Guenter Knauf]
5afff1a0f62394414c33b06141175b3ab0b117a5Christian Maeder *) mod_proxy: balancer-manager now uses POST instead of GET.
5afff1a0f62394414c33b06141175b3ab0b117a5Christian Maeder [Jim Jagielski]
1b3a2f98d1cd01fc9e0591f69507e20526727559Dominik Luecke *) core: new util function: ap_parse_form_data(). Previously,
f04e8f3ff56405901be968fd4c6e9769239f1a9bKlaus Luettich this capability was tucked away in mod_request. [Jim Jagielski]
f8e1a1eca871a26a535a4ee7d51902ba94b1db1eChristian Maeder *) core: new hook: ap_run_pre_read_request. [Jim Jagielski]
dd6f22b9dcff2695181b86372e4df03d5b96e92dKristina Sojakova *) mod_cache: When a request other than GET or HEAD arrives, we must
005e0f0c6b0cc898003b03801158c208f3071fc5Kristina Sojakova invalidate existing cache entities as per RFC2616 13.10. PR 15868.
abf2487c3aece95c371ea89ac64319370dcb6483Klaus Luettich [Graham Leggett]
23b4e542dca35852f58d1fb3f7d9078c1de5ab06Christian Maeder *) modules: Fix many modules that were not correctly initializing if they
23b4e542dca35852f58d1fb3f7d9078c1de5ab06Christian Maeder were not active during server startup but got enabled later during a
76b9b2974795a6fb31f242fd032de3ff66df6204Christian Maeder graceful restart. [Stefan Fritsch]
8a78868bae2ec6838c87366c35c57e109154c51eChristian Maeder *) core: Create new ap_state_query function that allows modules to determine
878a5ecd6acf973907e25e5be6e4a792ea19a05eEwaryst Schulz if the current configuration run is the initial one at server startup,
878a5ecd6acf973907e25e5be6e4a792ea19a05eEwaryst Schulz and if the server is started for testing/config dumping only.
c2e192ace9ef7cfb0e59563f1b24477b2b65cff3Dominik Dietrich [Stefan Fritsch]
9a4b469ca0a7f44a598e551a973c75195207db58Eugen Kuksa *) mod_proxy: Runtime configuration of many parameters for existing
48aa0645e25883048369afc02aac3f49b14a50daChristian Maeder balancers via the balancer-manager. [Jim Jagielski]
01645eac73dbc789392674930adc5745c935f3a0Christian Maeder *) mod_proxy: Runtime addition of new workers (BalancerMember) for existing
bff4b3f816be4c1e1d8ded76f1d5af786839e1a9Christian Maeder balancers via the balancer-manager. [Jim Jagielski]
3a9fce5398f4621558ca220c66c87cee59adc258Jonathan von Schroeder *) mod_cache: When a bad Expires date is present, we need to behave as if
b5da047a9a875dec3f968b6c0df96af326f90fa9Alexis Tsogias the Expires is in the past, not as if the Expires is missing. PR 16521.
0a03acf9fa28e6ff00f4d7c9c6acbae64cf09c56Ewaryst Schulz [Co-Advisor <coad@measurement-factory.com>]
a604cbad8e2202147b5c6bb9f2e06ae61162d654Felix Gabriel Mance *) mod_cache: We must ignore quoted-string values that appear in a
308834907a120fd8771e18292ed2ca9cd767c12dChristian Maeder Cache-Control header. PR 50199. [Graham Leggett]
7834a982096d93301a4626f444dd9ea5f9fe17eaChristian Maeder *) mod_dav: Revert change to send 501 error if unknown Content-* header is
1f9274bb2aa44ea236327814dce99946be52e348Felix Gabriel Mance received for a PUT request. PR 42978. [Stefan Fritsch]
bab2d88d650448628730ed3b65c9f99c52500e8cChristian Maeder *) mod_cache: Respect s-maxage as described by RFC2616 14.9.3, which must
8fd6a3f938496a502bc62f1923ff7c15f59acf91Christian Maeder take precedence if present. PR 35247. [Graham Leggett]
d62661e54e2662d53b583ae48609f5037701078dcmaeder *) mod_ssl: Fix a possible startup failure if multiple SSL vhosts
9f226cec9f978edaba67aee4c4e04e3d3b994b87Daniel Calegari are configured with the same ServerName and private key file.
7bb0a9e92bc7a6f868eaa0b9c3212c0af4f96b7fEugen Kuksa [Masahiro Matsuya <mmatsuya redhat.com>, Joe Orton]
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder *) mod_socache_dc: Make module compile by fixing some typos.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder PR 50735 [Mark Montague <mark catseye.org>]
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder *) prefork: Update MPM state in children during a graceful stop or
05a206508bc898f87fe6ab6e069814df3c29d303Dominik Luecke restart. PR 41743. [Andrew Punch <andrew.punch 247realmedia.com>]
05a206508bc898f87fe6ab6e069814df3c29d303Dominik Luecke *) mod_mime: Ignore leading dots when looking for mime extensions.
b891e9ad7dd358a7df24b59bf00d51515078497cChristian Maeder PR 50434 [Stefan Fritsch]
5ad5dffe06818a13e1632b1119fbca7881085fc1Dominik Luecke *) core: Add support to set variables with the 'Define' directive. The
7a3fe82695aa32657693e05712f84d7f81672f2eJonathan von Schroeder variables that can then be used in the config using the ${VAR} syntax
7a3fe82695aa32657693e05712f84d7f81672f2eJonathan von Schroeder known from envvar interpolation. [Stefan Fritsch]
1535e1d8c82db5f7e2402261983c4c2ef39f4f39Mihai Codescu *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
1535e1d8c82db5f7e2402261983c4c2ef39f4f39Mihai Codescu ProxyAddHeaders defaults to On. [Vincent Deffontaines]
1535e1d8c82db5f7e2402261983c4c2ef39f4f39Mihai Codescu *) mod_slotmem_shm: Increase memory alignment for slotmem data.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder [Rainer Jung]
6fe9628743562678acf97d6730ebcfee5e9e50c2Christian Maeder *) mod_ssl: Add config options for OCSP: SSLOCSPResponderTimeout,
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder SSLOCSPResponseMaxAge, SSLOCSPResponseTimeSkew.
b891e9ad7dd358a7df24b59bf00d51515078497cChristian Maeder [Kaspar Brand <httpd-dev.2011 velox.ch>]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_ssl: Revamp output buffering to reduce network overhead for
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder output fragmented into many buckets, such as chunked HTTP responses.
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder *) core: Apply <If> sections to all requests, not only to file base requests.
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder Allow to use <If> inside <Directory>, <Location>, and <Files> sections.
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder The merging of <If> sections now happens after the merging of <Location>
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder sections, even if an <If> section is embedded inside a <Directory> or
81f49ee02aaa3bc870401f8883bf52742eb3ea7aJonathan von Schroeder <Files> section. [Stefan Fritsch]
b5a6fff5181dad64c4d31e8e4fbb82d4f79813d8Till Mossakowski *) mod_proxy: Refactor usage of shared data by dropping the scoreboard
b5a6fff5181dad64c4d31e8e4fbb82d4f79813d8Till Mossakowski and using slotmem. Create foundation for dynamic growth/changes of
3b06e23643a9f65390cb8c1caabe83fa7e87a708Till Mossakowski members within a balancer. Remove BalancerNonce in favor of a
3b06e23643a9f65390cb8c1caabe83fa7e87a708Till Mossakowski per-balancer 'nonce' parameter. [Jim Jagielski]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_status: Don't show slots which are disabled by MaxClients as open.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder PR: 47022 [Jordi Prats <jordi prats gmail com>, Stefan Fritsch]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder AP_MPMQ_MAX_THREADS.
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_authz_core: Fix bug in merging logic if user-based and non-user-based
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder authorization directives were mixed. [Stefan Fritsch]
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder *) mod_authn_socache: change directive name from AuthnCacheProvider
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder to AuthnCacheProvideFor. The term "provider" is overloaded in
e96a0bf4040fd789339958c01f145c5057d26db6René Wagner this module, and we should avoid confusion between the provider
f04e8f3ff56405901be968fd4c6e9769239f1a9bKlaus Luettich of a backend (AuthnCacheSOCache) and the authn provider(s) for
f04e8f3ff56405901be968fd4c6e9769239f1a9bKlaus Luettich which this module provides cacheing (AuthnCacheProvideFor).
7868299829c1318b888152243ec2cea4f598b568Christian Maeder *) mod_proxy_http: Allocate the fake backend request from a child pool
e39a1626bee36d6ad13a2c0014a80ef179a65bcbChristian Maeder of the backend connection, instead of misusing the pool of the frontend
f8e1a1eca871a26a535a4ee7d51902ba94b1db1eChristian Maeder request. Fixes a thread safety issue where buckets set aside in the
5199920ca3b698b2149c8cb9d2ce2e98a280ff9dChristian Maeder backend connection leak into other threads, and then disappear when
f8e1a1eca871a26a535a4ee7d51902ba94b1db1eChristian Maeder the frontend request is cleaned up, in turn causing corrupted buckets
ea06324815fff0b73f7524f11af3672c2389f7ecChristian Maeder to make other threads spin. [Graham Leggett]
ea06324815fff0b73f7524f11af3672c2389f7ecChristian Maeder *) mod_ssl: Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables
9f85afecbd79b3df5a0bb17bd28cd0b288dc3213Kristina Sojakova to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and
48aa0645e25883048369afc02aac3f49b14a50daChristian Maeder escape other special characters with backslashes. The old format can
9f85afecbd79b3df5a0bb17bd28cd0b288dc3213Kristina Sojakova still be used with the LegacyDNStringFormat argument to SSLOptions.
79834070d6d3c63a098e570b12fa3405c607dc70Kristina Sojakova *) core, mod_rewrite: Make the REQUEST_SCHEME variable available to
79834070d6d3c63a098e570b12fa3405c607dc70Kristina Sojakova scripts and mod_rewrite. [Stefan Fritsch]
23b4e542dca35852f58d1fb3f7d9078c1de5ab06Christian Maeder *) mod_rewrite: Allow to use arbitrary boolean expressions (ap_expr) in
23b4e542dca35852f58d1fb3f7d9078c1de5ab06Christian Maeder RewriteCond. [Stefan Fritsch]
8a78868bae2ec6838c87366c35c57e109154c51eChristian Maeder *) mod_rewrite: Allow to unset environment variables using E=!VAR.
8a78868bae2ec6838c87366c35c57e109154c51eChristian Maeder PR 49512. [Mark Drayton <mark markdrayton info>, Stefan Fritsch]
624e6701e0deb7ac6c03c0cba0190fbc5033cf93Ewaryst Schulz *) mod_headers: Restore the 2.3.8 and earlier default for the first
c2e192ace9ef7cfb0e59563f1b24477b2b65cff3Dominik Dietrich argument of the Header directive ("onsuccess"). [Eric Covener]
7165a916d2fa1bf87c4741ec63b253413eebbf69Karl Luc *) core: Disallow the mixing of relative and absolute Options PR 33708.
7165a916d2fa1bf87c4741ec63b253413eebbf69Karl Luc [Sönke Tesch <st kino-fahrplan.de>]
01645eac73dbc789392674930adc5745c935f3a0Christian Maeder *) core: When exporting request headers to HTTP_* environment variables,
01645eac73dbc789392674930adc5745c935f3a0Christian Maeder drop variables whose names contain invalid characters. Describe in the
bff4b3f816be4c1e1d8ded76f1d5af786839e1a9Christian Maeder docs how to restore the old behaviour. [Malte S. Stretz <mss apache org>]
bff4b3f816be4c1e1d8ded76f1d5af786839e1a9Christian Maeder *) core: When selecting an IP-based virtual host, favor an exact match for
b5da047a9a875dec3f968b6c0df96af326f90fa9Alexis Tsogias the port over a wildcard (or omitted) port instead of favoring the one
fc09e0a6af734edbd944dd8082bb51985c233b43Alexis Tsogias that came first in the configuration file. [Eric Covener]
0a03acf9fa28e6ff00f4d7c9c6acbae64cf09c56Ewaryst Schulz *) core: Overlapping virtual host address/port combinations now implicitly
0a03acf9fa28e6ff00f4d7c9c6acbae64cf09c56Ewaryst Schulz enable name-based virtual hosting for that address. The NameVirtualHost
0a03acf9fa28e6ff00f4d7c9c6acbae64cf09c56Ewaryst Schulz directive has no effect, and _default_ is interpreted the same as "*".
bab2d88d650448628730ed3b65c9f99c52500e8cChristian Maeder [Eric Covener]
7834a982096d93301a4626f444dd9ea5f9fe17eaChristian Maeder *) core: In the absence of any Options directives, the default is now
ed1b8e97e72b2e3e92edaf2eb22a4b5373d705f1Felix Gabriel Mance "FollowSymlinks" instead of "All". [Igor Galić]
0a03acf9fa28e6ff00f4d7c9c6acbae64cf09c56Ewaryst Schulz *) rotatelogs: Add -e option to write logs through to stdout for optional
4b4a0b61b72cf8478a5d4d5002bca9f699401363Christian Maeder further processing. [Graham Leggett]
4b4a0b61b72cf8478a5d4d5002bca9f699401363Christian Maeder *) mod_ssl: Correctly read full lines in input filter when the line is
d62661e54e2662d53b583ae48609f5037701078dcmaeder incomplete during first read. PR 50481. [Ruediger Pluem]
d62661e54e2662d53b583ae48609f5037701078dcmaeder *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
9f226cec9f978edaba67aee4c4e04e3d3b994b87Daniel Calegari sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
7bb0a9e92bc7a6f868eaa0b9c3212c0af4f96b7fEugen Kuksa fails for an authenticated user. PR 40721. [Stefan Fritsch]
7bb0a9e92bc7a6f868eaa0b9c3212c0af4f96b7fEugen KuksaChanges with Apache 2.3.10
c70ef4c3b3a62764f715510c9fd67dde3acfe454Christian Maeder *) mod_rewrite: Don't implicitly URL-escape the original query string
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder when no substitution has changed it. PR 50447. [Eric Covener]
8b0f493ae42bad8b94918cc0957f1af57096cda4Felix Reckers *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder such as per-directory mod_rewrite substitutions. PR 50349.
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder [Eric Covener]
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder *) mod_rewrite: Add 'RewriteOptions InheritBefore' to put the base
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder rules/conditions before the overridden rules/conditions. PR 39313.
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder [Jérôme Grandjanny <jerome.grandjanny cea.fr>]
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa *) mod_autoindex: add IndexIgnoreReset to reset the list of IndexIgnored
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder filenames in higher precedence configuration sections. PR 24243.
360ce9b5c746ac021944db12eb26e3df2697b8c7Christian Maeder [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cgid: RLimit* directive support for mod_cgid. PR 42135
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Fail startup when the argument to ServerName looks like a glob
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner or a regular expression instead of a hostname (*?[]). PR 39863
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_userdir: Add merging of enable, disable, and filename arguments
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa to UserDir directive, leaving enable/disable of userlists unmerged.
857992065be4ed40a72c6296b6c0aec62ab4c5b9Christian Maeder PR 44076 [Eric Covener]
ddbf07996361d7e88cf23858a8f85595fa493514Jonathan von Schroeder *) httpd: When no -k option is provided on the httpd command line, the server
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner was starting without checking for an existing pidfile. PR 50350
7c99e334446bb97120e30e967baeeddfdd1278deKlaus Luettich [Eric Covener]
f5c9b1e739228c2a2edf055ac419583412569683Christian Maeder *) mod_proxy: Put the worker in error state if the SSL handshake with the
f5c9b1e739228c2a2edf055ac419583412569683Christian Maeder backend fails. PR 50332.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cache_disk: Fix Windows build which was broken after renaming
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner the module. [Gregg L. Smith]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens ElknerChanges with Apache 2.3.9
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) SECURITY: CVE-2010-1623 (cve.mitre.org)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner Fix a denial of service attack against mod_reqtimeout.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_headers: Change default first argument of Header directive
011156728d0d9ae2a044ce2d01e62228720b1aa2cmaeder from "onsuccess" to "always". [Eric Covener]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_include: Add the onerror attribute to the include element,
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner allowing an URL to be specified to include on error. [Graham
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_cache_disk: mod_disk_cache renamed to mod_cache_disk, to be
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner consistent with the naming of other modules. [Graham Leggett]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_setenvif: Add SetEnvIfExpr directive to set env var depending on
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner expression. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_proxy: Fix ProxyPassInterpolateEnv directive. PR 50292.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner binary (Suexec Off), or force startup failure if suEXEC is required
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner but not supported (Suexec On). Change SuexecUserGroup to fail
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner startup instead of just printing a warning if suEXEC is disabled.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Jeff Trawick]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: Add Error directive for aborting startup or htaccess processing
fa21fba9ceb1ddf7b3efd54731a12ed8750191d8Christian Maeder with a specified error message. [Jeff Trawick]
c7ec85d1103173e089aa5048fd7afb2f9b505124Klaus Luettich *) mod_rewrite: Fix the RewriteEngine directive to work within a
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner location. Previously, once RewriteEngine was switched on globally,
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner it was impossible to switch off. [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core, mod_include, mod_ssl: Move the expression parser derived from
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_include back into mod_include. Replace ap_expr with a parser
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner derived from mod_ssl's parser. Make mod_ssl use the new parser. Rework
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner ap_expr's public interface and provide hooks for modules to add variables
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner and functions. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Do the hook sorting earlier so that the hooks are properly sorted
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner for the pre_config hook and during parsing the config. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: In the absence of any AllowOverride directives, the default is now
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner "None" instead of "All". PR49823 [Eric Covener]
b905126bab9454b89041f92b3c50bb9efc85e427Klaus Luettich *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
756f31c6dd0843b4435c0ca66485ec19139eb1a8Eugen Kuksa <Directory> or <Files>. PR47765 [Eric Covener]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) prefork/worker/event MPMS: default value (when no directive is present)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner of MaxConnectionsPerChild/MaxRequestsPerChild is changed to 0 from 10000
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner to match default configuration and manual. PR47782 [Eric Covener]
0a5571c8adeddd27548445546491725beb224dddChristian Maeder *) proxy_connect: Don't give up in the middle of a CONNECT tunnel
0a5571c8adeddd27548445546491725beb224dddChristian Maeder when the child process is starting to exit. PR50220. [Eric Covener]
0a5571c8adeddd27548445546491725beb224dddChristian Maeder *) mod_autoindex: Fix inheritance of mod_autoindex directives into
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner contexts that don't have any mod_autoindex directives. PR47766.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_rewrite: Add END flag for RewriteRule to prevent further rounds
e642ad0e782f9bb9ba310164358220402eec8cd8Christian Maeder of rewrite processing when a per-directory substitution occurs.
3a7788e09dd23b364a46c9488cbd1522369113dbChristian Maeder [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_ssl: Make sure to always log an error if loading of CA certificates
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner fails. PR 40312. [Paul Tiemann <issues apache org ourdetour com>]
ddbf07996361d7e88cf23858a8f85595fa493514Jonathan von Schroeder *) mod_dav: Send 501 error if unknown Content-* header is received for a PUT
aebb0b18fe5e6ba7dd7e4c66a16a905611ef7ba9Christian Maeder request (RFC 2616 9.6). PR 42978. [Stefan Fritsch]
ac0bbbcb2774629bb87986e69cf53d3402c5f575Christian Maeder *) mod_dav: Send 400 error if malformed Content-Range header is received for
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_proxy: Release the backend connection as soon as EOS is detected,
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner so the backend isn't forced to wait for the client to eventually
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner acknowledge the data. [Graham Leggett]
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder *) mod_proxy: Optimise ProxyPass within a Location so that it is stored
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner per-directory, and chosen during the location walk. Make ProxyPass
3dde4051c307b609159a097f08a05108fdd036efJonathan von Schroeder work correctly from within a LocationMatch. [Graham Leggett]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: Fix segfault if per-module LogLevel is on virtual host
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner scope. PR 50117. [Stefan Fritsch]
ac0bbbcb2774629bb87986e69cf53d3402c5f575Christian Maeder *) mod_proxy: Move the ProxyErrorOverride directive to have per
363939beade943a02b31004cea09dec34fa8a6d9Christian Maeder directory scope. [Graham Leggett]
363939beade943a02b31004cea09dec34fa8a6d9Christian Maeder *) mod_allowmethods: New module to deny certain HTTP methods without
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder interfering with authentication/authorization. [Paul Querna,
3e61f574717499939bd8e0ff538ea9e7b72d4e2dKlaus Luettich Igor Galić, Stefan Fritsch]
3e61f574717499939bd8e0ff538ea9e7b72d4e2dKlaus Luettich *) mod_ssl: Log certificate information and improve error message if client
3e61f574717499939bd8e0ff538ea9e7b72d4e2dKlaus Luettich cert verification fails. PR 50093, PR 50094. [Lassi Tuura <lat cern ch>,
3e61f574717499939bd8e0ff538ea9e7b72d4e2dKlaus Luettich Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) htcacheclean: Teach htcacheclean to limit cache size by number of
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner inodes in addition to size of files. Prevents a cache disk from
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner running out of space when many small files are cached.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder *) core: Rename MaxRequestsPerChild to MaxConnectionsPerChild, which
ab4256496e72886018b78571057331f373da6883Eugen Kuksa describes more accurately what the directive does. The old name
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa still works but logs a warning. [Stefan Fritsch]
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder *) mod_cache: Optionally serve stale data when a revalidation returns a
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner 5xx response, controlled by the CacheStaleOnError directive.
a80c28bb8b7a23ccdf7e08d0fe216fc19cc97273Klaus Luettich [Graham Leggett]
91432c9a2d813a8322dea3a3f54924c796897f09Eugen Kuksa *) htcacheclean: Allow the listing of valid URLs within the cache, with
a80c28bb8b7a23ccdf7e08d0fe216fc19cc97273Klaus Luettich the option to list entry metadata such as sizes and times. [Graham
91432c9a2d813a8322dea3a3f54924c796897f09Eugen Kuksa *) mod_cache: correctly parse quoted strings in cache headers.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 50199 [Nick Kew]
b9625461755578f3eed04676d42a63fd2caebd0cChristian Maeder *) mod_cache: Allow control over the base URL of reverse proxied requests
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder using the CacheKeyBaseURL directive, so that the cache key can be
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner calculated from the endpoint URL instead of the server URL. [Graham
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cache: CacheLastModifiedFactor, CacheStoreNoStore, CacheStorePrivate,
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner CacheStoreExpired, CacheIgnoreNoLastMod, CacheDefaultExpire,
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder CacheMinExpire and CacheMaxExpire can be set per directory/location.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_disk_cache: CacheMaxFileSize, CacheMinFileSize, CacheReadSize and
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner CacheReadTime can be set per directory/location. [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Speed up config parsing if using a very large number of config
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner files. PR 50002 [andrew cloudaccess net]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cache: Support the caching of HEAD requests. [Graham Leggett]
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner *) htcacheclean: Allow the option to round up file sizes to a given
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner block size, improving the accuracy of disk usage. [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_ssl: Add authz providers for use with mod_authz_core and its
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner RequireAny/RequireAll containers: 'ssl' (equivalent to SSLRequireSSL),
1365c420ef71be3d52796ebd369dc2defdedc822Christian Maeder 'ssl-verify-client' (for use with 'SSLVerifyClient optional'), and
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner 'ssl-require' (expressions with same syntax as SSLRequire).
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Stefan Fritsch]
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner *) mod_ssl: Make the ssl expression parser thread-safe. It now requires
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder bison instead of yacc. [Stefan Fritsch]
ab4256496e72886018b78571057331f373da6883Eugen Kuksa *) mod_disk_cache: Change on-disk header file format to support the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner link of the device/inode of the data file to the matching header
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner file, and to support the option of not writing a data file when
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner the data file is empty. [Graham Leggett]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core/mod_unique_id: Add generate_log_id hook to allow to use
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner the ID generated by mod_unique_id as error log ID for requests.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Stefan Fritsch]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) mod_cache: Make sure that we never allow a 304 Not Modified response
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner that we asked for to leak to the client should the 304 response be
4c7cb5671b356d873d67829ec8062a5083c1ee0eEugen Kuksa uncacheable. PR45341 [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cache: Add the cache_status hook to register the final cache
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner decision hit/miss/revalidate. Add optional support for an X-Cache
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner and/or an X-Cache-Detail header to add the cache status to the
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner response. PR48241 [Graham Leggett]
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder *) mod_authz_host: Add 'local' provider that matches connections originating
50515239e7e190f4a34ca581dd685d002148fbddChristian Maeder on the local host. PR 19938. [Stefan Fritsch]
0b349288edfa50fdf38fda1a14e1562d03f92574Christian Maeder *) Event MPM: Fix crash accessing pollset on worker thread when child
0b349288edfa50fdf38fda1a14e1562d03f92574Christian Maeder process is exiting. [Jeff Trawick]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) core: For process invocation (cgi, fcgid, piped loggers and so forth)
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder pass the system library path (LD_LIBRARY_PATH or platform-specific
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder variables) along with the system PATH, by default. Both should be
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder overridden together as desired using PassEnv etc; see mod_env.
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder [William Rowe]
8b4c68db8b465107cabef8b9cd5b6bc216e1b156Till Mossakowski *) mod_cache: Introduce CacheStoreExpired, to allow administrators to
8b4c68db8b465107cabef8b9cd5b6bc216e1b156Till Mossakowski capture a stale backend response, perform If-Modified-Since requests
8b4c68db8b465107cabef8b9cd5b6bc216e1b156Till Mossakowski against the backend, and serving from the cache all 304 responses.
bcaf979d9babe6346aa343687aa7d596e2894cccPaolo Torrini This restores pre-2.2.4 cache behavior. [William Rowe]
bcaf979d9babe6346aa343687aa7d596e2894cccPaolo Torrini *) mod_rewrite: Introduce <=, >= string comparison operators, and integer
5ce19352a9cc47d982819cc889a71cd0a61ac171Christian Maeder comparators -lt, -le, -eq, -ge, and -gt. To help bash users and drop
5ce19352a9cc47d982819cc889a71cd0a61ac171Christian Maeder the ambiguity of the symlink test "-ltest", introduce -h or -L as
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner symlink test operators. [William Rowe]
23ab8855c58adfbd03a0730584b917b24c603901Christian Maeder *) mod_cache: Give the cache provider the opportunity to choose to cache
df29370ae8d8b41587957f6bcdcb43a3f1927e47Christian Maeder or not cache based on the buckets present in the brigade, such as the
23ab8855c58adfbd03a0730584b917b24c603901Christian Maeder presence of a FILE bucket.
e50e41135ece589f7202bd4ef8d6b97531c2a56eKlaus Luettich [Graham Leggett]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) mod_authz_core: Allow authz providers to check args while reading the
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder config and allow to cache parsed args. Move 'all' and 'env' authz
431d34c7007a787331c4e5ec997badb0f8190fc7Christian Maeder providers from mod_authz_host to mod_authz_core. Add 'method' authz
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder provider depending on the HTTP method. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_include: Move the request_rec within mod_include to be
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner exposed within include_ctx_t. [Graham Leggett]
9096f6c6aaded6cd8288656ceccd4c7b3bd0747eChristian Maeder *) mod_include: Reinstate support for UTF-8 character sets by allowing a
9096f6c6aaded6cd8288656ceccd4c7b3bd0747eChristian Maeder variable being echoed or set to be decoded and then encoded as separate
e112e83352048f3db8c8f93ae104193e7338c10fChristian Maeder steps. PR47686 [Graham Leggett]
e62d49c0dc2893da75faad896bd135e2e9a7087bKlaus Luettich *) mod_cache: Add a discrete commit_entity() provider function within the
e62d49c0dc2893da75faad896bd135e2e9a7087bKlaus Luettich mod_cache provider interface which is called to indicate to the
e62d49c0dc2893da75faad896bd135e2e9a7087bKlaus Luettich provider that caching is complete, giving the provider the opportunity
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder to commit temporary files permanently to the cache in an atomic
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner fashion. Replace the inconsistent use of error cleanups with a formal
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder set of pool cleanups attached to a subpool, which is destroyed on error.
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder [Graham Leggett]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) mod_cache: Change the signature of the store_body() provider function
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder within the mod_cache provider interface to support an "in" brigade
f8597aabc9db75dcf504e3151faf220a165c90d1Eugen Kuksa and an "out" brigade instead of just a single input brigade. This
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner gives a cache provider the option to consume only part of the brigade
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner passed to it, rather than the whole brigade as was required before.
c72c1e75a969ff4c336e77481c2a8e42603f13eeChristian Maeder This fixes an out of memory and a request timeout condition that would
456238178f89e5a3de2988ee6c8af924297d52d9Christian Maeder occur when the original document was a large file. Introduce
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder CacheReadSize and CacheReadTime directives to mod_disk_cache to control
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner the amount of data to attempt to cache at a time. [Graham Leggett]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) core: Add ErrorLogFormat to allow configuring error log format, including
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder additional information that is logged once per connection or request. Add
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner error log IDs for connections and request to allow correlating error log
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder lines and the corresponding access log entry. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: Disable sendfile by default. [Stefan Fritsch]
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder *) mod_cache: Check the request to determine whether we are allowed
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder to return cached content at all, and respect a "Cache-Control:
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner no-cache" header from a client. Previously, "no-cache" would
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder behave like "max-age=0". [Graham Leggett]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_cache: Use a proper filter context to hold filter data instead
1a6464613c59e35072b90ca296ae402cbe956144Christian Maeder of misusing the per-request configuration. Fixes a segfault on trunk
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder when the normal handler is used. [Graham Leggett]
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder *) mod_cgid: Log a warning if the ScriptSock path is truncated because
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder it is too long. PR 49388. [Stefan Fritsch]
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder *) vhosts: Do not allow _default_ in NameVirtualHost, or mixing *
8b767d09a78927b111f5596fdff9ca7d2c1a439fChristian Maeder and non-* ports on NameVirtualHost, or multiple NameVirtualHost
f78ce817f35574674d54e30ad1861a9b4ced20caChristian Maeder directives for the same address:port, or NameVirtualHost
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner directives with no matching VirtualHosts, or multiple ip-based
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner VirtualHost sections for the same address:port. These were
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner previously accepted with a warning, but the behavior was
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner undefined. [Dan Poirier]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_remoteip: Fix a segfault when using mod_remoteip in conjunction with
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner Allow/Deny. PR 49838. [Andrew Skalski <voltara gmail.com>]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) core: DirectoryMatch can now match on the end of line character ($),
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner and sub-directories of matched directories are no longer implicitly
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner matched. PR49809 [Eric Covener]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) Regexps: introduce new higher-level regexp utility including parsing
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner and executing perl-style regexp ops (e.g s/foo/bar/i) and regexp memory
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) Proxy: support setting source address. PR 29404
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Multiple contributors iterating through bugzilla,
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner Aron Ujvari <xanco nikhok.hu>, Aleksey Midenkov <asm uezku.kemsu.ru>,
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner <dan listening-station.net; trunk version Nick Kew]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) HTTP protocol: return 400 not 503 if we have to abort due to malformed
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner chunked encoding. [Nick Kew]
961087225d1d2b9534152a346d1a3755ed952fcdJens ElknerChanges with Apache 2.3.8
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) suexec: Support large log files. PR 45856. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Abort with sensible error message if no or more than one MPM is
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner loaded. [Stefan Fritsch]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_proxy: Rename erroronstatus to failonstatus.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Daniel Ruggeri <DRuggeri primary.net>]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_dav_fs: Fix broken "creationdate" property.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner Regression in version 2.3.7. [Rainer Jung]
961087225d1d2b9534152a346d1a3755ed952fcdJens ElknerChanges with Apache 2.3.7
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) SECURITY: CVE-2010-1452 (cve.mitre.org)
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner mod_dav, mod_cache, mod_session: Fix Handling of requests without a path
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner segment. PR: 49246 [Mark Drayton, Jeff Trawick]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076.
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner [Stefan Fritsch]
b446bf54c1dc78690aa12e86aadc49cdd8585847Christian Maeder *) mod_rewrite: Log errors if rewrite map files cannot be opened. PR 49639.
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_http: Support the 'ping' property for backend HTTP/1.1 servers
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner via leveraging 100-Continue as the initial "request".
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Jim Jagielski]
60e6795dd310e10194e12bb660575aadf941328bEugen Kuksa *) core/mod_authz_core: Introduce new access_checker_ex hook that enables
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_authz_core to bypass authentication if access should be allowed by
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner IP address/env var/... [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Introduce note_auth_failure hook to allow modules to add support
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner for additional auth types. This makes ap_note_auth_failure() work with
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_auth_digest again. PR 48807. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_authn_socache: new module [Nick Kew]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Fix Windows build when using VC6. [Gregg L. Smith <lists glewis com>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_rewrite: Allow to set environment variables without explicitly
ce39be56aeedc8d333b72b1662548d36097fa22fJens Elkner giving a value. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_rewrite: Remove superfluous EOL from rewrite logging. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_include: recognise "text/html; parameters" as text/html
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 49616 [Andrey Chernov <ache nagual.pp.ru>]
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner *) CGI vars: allow PATH to be set by SetEnv, consistent with LD_LIBRARY_PATH
961087225d1d2b9534152a346d1a3755ed952fcdJens Elkner PR 43906 [Nick Kew]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Core: Extra robustness: don't try authz and segfault if authn
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner fails to set r->user. Log bug and return 500 instead.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 42995 [Nick Kew]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) HTTP protocol filter: fix handling of longer chunk extensions
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Update SSL cipher suite and add example for SSLHonorCipherOrder.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Lars Eilebrecht, Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) move AddOutputFilterByType from core to mod_filter. This should
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner fix nasty side-effects that happen when content_type is set
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner more than once in processing a request, and make it fully
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner compatible with dynamic and proxied contents. [Nick Kew]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_log_config: Implement logging for sub second timestamps and
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner request end time. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens ElknerChanges with Apache 2.3.6
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) SECURITY: CVE-2009-3555 (cve.mitre.org)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner attack when compiled against OpenSSL version 0.9.8m or later. Introduces
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner and offer unsafe legacy renegotiation with clients which do not yet
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner support the new secure renegotiation protocol, RFC 5746.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Joe Orton, and with thanks to the OpenSSL Team]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) SECURITY: CVE-2009-3555 (cve.mitre.org)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner by rejecting any client-initiated renegotiations. Forcibly disable
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner keepalive for the connection if there is any buffered data readable. Any
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner configuration which requires renegotiation for per-directory/location
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) SECURITY: CVE-2010-0408 (cve.mitre.org)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner when request headers indicate a request body is incoming; not a case of
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) SECURITY: CVE-2010-0425 (cve.mitre.org)
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_isapi: Do not unload an isapi .dll module until the request
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner processing is completed, avoiding orphaned callback pointers.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Filter init functions are now run strictly once per request
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner before handler invocation. The init functions are no longer run
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner for connection filters. PR 49328. [Joe Orton]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Adjust the output filter chain correctly in an internal
ce39be56aeedc8d333b72b1662548d36097fa22fJens Elkner redirect from a subrequest, preserving filters from the main
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner request as necessary. PR 17629. [Joe Orton]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_cache: Explicitly allow cache implementations to cache a 206 Partial
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner Response if they so choose to do so. Previously an attempt to cache a 206
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner was arbitrarily allowed if the response contained an Expires or
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner Cache-Control header, and arbitrarily denied if both headers were missing.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Add microsecond timestamp fractions, process id and thread id
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner to the error log. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: The "most" module set gets build by default. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: Building dynamic modules (DSO) by default. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) configure: Fix broken VPATH build when using included APR.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_session_crypto: Fix configure problem when building
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner with APR 2 and for VPATH builds with included APR.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_session_crypto: API compatibility with APR 2 crypto and
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner APR Util 1.x crypto. [Rainer Jung]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) ab: Fix memory leak with -v2 and SSL. PR 49383.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Pavel Kankovsky <peak argo troja mff cuni cz>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Add per-module and per-directory loglevel configuration.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner Add some more trace logging.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_rewrite: Replace RewriteLog/RewriteLogLevel with trace log levels.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_ssl: Replace LogLevelDebugDump with trace log levels.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_ssl/mod_proxy*: Adjust loglevels to be less verbose at levels info
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner mod_dumpio: Replace DumpIOLogLevel with trace log levels.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner title page only) when any mod_ldap directives were used in VirtualHost
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner context. [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_disk_cache: Decline the opportunity to cache if the response is
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner a 206 Partial Content. This stops a reverse proxied partial response
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner from becoming cached, and then being served in subsequent responses.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_deflate: avoid the risk of forwarding data before headers are set.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 49369 [Matthew Steele <mdsteele google.com>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_authnz_ldap: Ensure nested groups are checked when the
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner top-level group doesn't have any direct non-group members
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner of attributes in AuthLDAPGroupAttribute. [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_authnz_ldap: Search or Comparison during authorization phase
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner can use the credentials from the authentication phase
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner (AuthLDAPSearchAsUSer,AuthLDAPCompareAsUser).
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 48340 [Domenico Rotiroti, Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_authnz_ldap: Allow the initial DN search during authentication
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner to use the HTTP username/pass instead of an anonymous or hard-coded
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner LDAP id (AuthLDAPInitialBindAsUser, AuthLDAPInitialBindPattern).
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_authnz_ldap: Publish requested LDAP data with an AUTHORIZE_ prefix
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner when this module is used for authorization. See AuthLDAPAuthorizePrefix.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 45584 [Eric Covener]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) apxs -q: Stop filtering out ':' characters from the reported values.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 45343. [Bill Cole]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) prefork MPM: Work around possible crashes on child exit in APR reslist
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner cleanup code. PR 43857. [Tom Donovan]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) ab: fix number of requests sent by ab when keepalive is enabled. PR 48497.
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner [Bryn Dole <dole blekko.com>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Log an error for failures to read a chunk-size, and return 408 instead of
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner 413 when this is due to a read timeout. This change also fixes some cases
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner of two error documents being sent in the response for the same scenario.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Eric Covener] PR49167
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_balancer: Add new directive BalancerNonce to allow admin
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner to control/set the nonce used in the balancer-manager application.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Jim Jagielski]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_connect: Support port ranges in AllowConnect. PR 23673.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Proxy balancer: support setting error status according to HTTP response
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner code from a backend. PR 48939. [Daniel Ruggeri <DRuggeri primary.net>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) htcacheclean: Introduce the ability to clean specific URLs from the
d1f37f9074c9ccba31385b3cb4eb212ae443b310Jens Elkner cache, if provided as an optional parameter on the command line.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) core: Introduce the IncludeStrict directive, which explicitly fails
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner server startup if no files or directories match a wildcard path.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Graham Leggett]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) htcacheclean: Report additional statistics about entries deleted.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 48944. [Mark Drayton mark markdrayton.info]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) Introduce SSLFIPS directive to support OpenSSL FIPS_mode; permits all
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner builds of mod_ssl to use 'SSLFIPS off' for portability, but the proper
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner build of openssl is required for 'SSLFIPS on'. PR 46270.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner [Dr Stephen Henson <steve openssl.org>, William Rowe]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_http: Log the port of the remote server in various messages.
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner PR 48812. [Igor Galić <i galic brainsware org>]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner connections and other protocol handlers (like mod_ftp). [Stefan Fritsch]
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner *) mod_proxy_ajp: Really regard the operation a success, when the client
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner aborted the connection. In addition adjust the log message if the client
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner aborted the connection. [Ruediger Pluem]
62f5e02856861853dcc9ffb8c0a688835eb729aeJens Elkner *) mod_ssl: Add the 'SSLInsecureRenegotiation' directive, which
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner allows insecure renegotiation with clients which do not yet
a84a8d508a0778b13a4d097a6dd34b95feae78acJens Elkner support the secure renegotiation protocol. [Joe Orton]
[Ruediger Pluem, Mark Montague <markmont umich.edu>]
*) support/rotatelogs: Add -L option to create a link to the current
log file. PR 48761 [<lyndon orthanc.ca>, Dan Poirier]
*) mod_ldap: LDAPTrustedClientCert now accepts CA_DER/CA_BASE64 argument
PR 33112 [Joergen Thomsen <apache jth.net>]
*) support/rotatelogs: Support the simplest log rotation case, log
*) support/htcacheclean: Teach it how to write a pid file (modelled on
[Philippe Dutrueux <lilas evidian.com>, Rainer Jung]
*) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
request. [Christian Folini <christian.folini netnea com>]
[Johannes Müller <joh_m gmx.de>, Stefan Fritsch]
*) SECURITY: CVE-2010-0434 (cve.mitre.org)
[Dodou Wang <wangdong.08 gmail.com>, Ruediger Pluem]
PR 41887 [Jan van den Berg <janvdberg gmail.com>]
PR 48416 [Dmitry Bakshaev <dab18 izhnet.ru>, Nick Kew]
(See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
*) SECURITY: CVE-2009-3095 (cve.mitre.org)
[Stefan Fritsch <sf fritsch.de>, Joe Orton]
*) SECURITY: CVE-2009-3094 (cve.mitre.org)
[Stefan Fritsch <sf fritsch.de>, Joe Orton]
instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
[Dr Stephen Henson <shenson oss-institute.org>]
PR 47178. [Philipp Hagemeister <oss phihag.de>]
Brian France <brian brianfrance.com>]
modules to avoid segmentation fault. PR 47951. [hirose31 gmail.com]
*) mod_logio/core: Report more accurate byte counts in mod_status if
for the default values of 1024 for LdapCacheEntries/LdapOpCacheEntries.
the request is a CONNECT request. [Bill Zajac <billz consultla.com>]
[Peter Grandi <pg_asf asf.for.sabi.co.uk>, Graham Leggett]
Log 408 errors in access log as was done in Apache 1.3.x.
PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>,
Stefan Fritsch <sf fritsch.de>, Dan Poirier]
Brian France <brian brianfrance.com>]
Brian France <brian brianfrance.com>]
[Stefan Fritsch <sf sfritsch.de>]
*) mod_session.c: Prevent a segfault when session is added but not
definition. [Stefan Fritsch sf sfritsch.de]
*) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb yahoo.com>]
PR 46971 [evanc nortel.com]
[Stefan Fritsch <sf sfritsch.de>]
for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
*) SECURITY: CVE-2009-1191 (cve.mitre.org)
by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
PR 42175 [Jim Radford <radford blackbean.org>]
type. PR 45107. [Michael Ströder <michael stroeder.com>,
PR 44020 [HÃ¥kon Stordahl <hakon stordahl.org>]
CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
PR 46942 [Dan Poirier <poirier pobox.com>]
PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
[Marko Kevac <mkevac gmail.com>]
as A/UX, Next, and Tandem. [Jeff Trawick]
directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
of module state across unload/load. [Jeff Trawick]
[Dan Poirier <poirier pobox.com>]
[Geoff Keating <geoffk apple.com>]
with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
a media type has not been configured via mime.types, AddType,
[Ryan Phillips <ryan-apache trolocsis.com>]
[<tlhackque yahoo.com>]
*) prefork: Fix child process hang during graceful restart/stop in
*) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
times out before returning status line/headers.
PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
[Theo Schlossnagle <jesus omniti.com>, Paul Querna]
modules/proxy/balancers [Jim Jagielski]
privileges and Unix user/group IDs [Nick Kew]
logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
*) unixd: turn existing code into a module, and turn the set user/group
Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
*) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
*) New module mod_sed: filter Request/Response bodies through sed
null value. [David Shane Holden <dpejesh apache.org>]
both inside and outside the location/directory sections, as
form request with the type of application/x-www-form-urlencoded.
*) mod_authz_dbd: When redirecting after successful login/logout per
PR 44560 [Anders Kaseorg <anders kaseorg.com>]
mod_cache et.al. to trap the results of the redirect.
*) ApacheMonitor.exe: Introduce --kill argument for use by the
*) mod_ldap, mod_authnz_ldap: Add support for nested groups (i.e. the ability
[David M. Lee <dmlee crossroads.com>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Markus Schiegl <ms schiegl.com>]
*) Remove incorrect comments from scoreboard.h regarding conditional
[Chris Darroch <chrisd pearsoncmg.com>]
in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
[Chris Darroch <chrisd pearsoncmg.com>]
and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
*) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
Apache 2.2.xx tree as documented, and except as noted, below.]
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later: