CHANGES revision 766b0a4793197ccef3dfa202d1fee1e1f929ffa7
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews -*- coding: utf-8 -*-
205c10066a0acfeac52d1a135671f41d207b8557Automatic UpdaterChanges with Apache 2.3.9
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater *) SECURITY: CVE-2010-1623 (cve.mitre.org)
46da3117812814a29432a8d9a9ccf8acdbfdadceAutomatic Updater Fix a denial of service attack against mod_reqtimeout.
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater [Stefan Fritsch]
2ec4ab21838e218863d052ebfa3e106e04f50820Evan Hunt *) mod_dav: Send 501 error if unknown Content-* header is received for a PUT
ea854b585041ad19f70f7af15e08144ef2c2bd1bMark Andrews request (RFC 2616 9.6). PR 42978. [Stefan Fritsch]
cd0aa2d941d1438fabb5337f1f38c49478edf71dAutomatic Updater *) mod_dav: Send 400 error if malformed Content-Range header is received for
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews *) mod_proxy: Release the backend connection as soon as EOS is detected,
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater so the backend isn't forced to wait for the client to eventually
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington acknowledge the data. [Graham Leggett]
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater *) mod_proxy: Optimise ProxyPass within a Location so that it is stored
56874aef380a64a2c183b7c282c3e7a361d67fa1Automatic Updater per-directory, and chosen during the location walk. Make ProxyPass
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews work correctly from within a LocationMatch. [Graham Leggett]
3cc98b8ecedcbc8465f1cf2740b966b315662430Automatic Updater *) core: Fix segfault if per-module LogLevel is on virtual host
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews scope. PR 50117. [Stefan Fritsch]
96713299d08c0735c18ebe8772dd2cc1ecd4356aAutomatic Updater *) mod_proxy: Move the ProxyErrorOverride directive to have per
831f79c4310a7d38fc3475ccfff531b2b2535641Automatic Updater directory scope. [Graham Leggett]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_allowmethods: New module to deny certain HTTP methods without
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews interfering with authentication/authorization. [Paul Querna,
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater Igor Galić, Stefan Fritsch]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_ssl: Log certificate information and improve error message if client
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater cert verification fails. PR 50093, PR 50094. [Lassi Tuura <lat cern ch>,
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Stefan Fritsch]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) htcacheclean: Teach htcacheclean to limit cache size by number of
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater inodes in addition to size of files. Prevents a cache disk from
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt running out of space when many small files are cached.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater [Graham Leggett]
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt *) core: Rename MaxRequestsPerChild to MaxConnectionsPerChild, which
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater describes more accurately what the directive does. The old name
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater still works but logs a warning. [Stefan Fritsch]
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt *) mod_cache: Optionally serve stale data when a revalidation returns a
2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater 5xx response, controlled by the CacheStaleOnError directive.
2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater [Graham Leggett]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) htcacheclean: Allow the listing of valid URLs within the cache, with
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater the option to list entry metadata such as sizes and times. [Graham
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_cache: Allow control over the base URL of reverse proxied requests
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater using the CacheKeyBaseURL directive, so that the cache key can be
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater calculated from the endpoint URL instead of the server URL. [Graham
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_cache: CacheLastModifiedFactor, CacheStoreNoStore, CacheStorePrivate,
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater CacheStoreExpired, CacheIgnoreNoLastMod, CacheDefaultExpire,
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews CacheMinExpire and CacheMaxExpire can be set per directory/location.
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_disk_cache: CacheMaxFileSize, CacheMinFileSize, CacheReadSize and
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater CacheReadTime can be set per directory/location. [Graham Leggett]
129090f0f6f91753b4a085ab635e28549fd018adAutomatic Updater *) core: Speed up config parsing if using a very large number of config
129090f0f6f91753b4a085ab635e28549fd018adAutomatic Updater files. PR 50002 [andrew cloudaccess net]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) mod_cache: Support the caching of HEAD requests. [Graham Leggett]
db5b7e2cdf150c46e8242d3e2e3ad3f5c7300258Automatic Updater *) htcacheclean: Allow the option to round up file sizes to a given
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater block size, improving the accuracy of disk usage. [Graham Leggett]
1a06700908f5a1d9f4a8d51285a0fd971e2f9117Automatic Updater *) mod_ssl: Add authz providers for use with mod_authz_core and its
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews RequireAny/RequireAll containers: 'ssl' (equivalent to SSLRequireSSL),
db5b7e2cdf150c46e8242d3e2e3ad3f5c7300258Automatic Updater 'ssl-verify-client' (for use with 'SSLVerifyClient optional'), and
693c4232dfdffaff672197d4b9fea944c64cf80aAutomatic Updater 'ssl-require' (expressions with same syntax as SSLRequire).
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Stefan Fritsch]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_ssl: Make the ssl expression parser thread-safe. It now requires
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater bison instead of yacc. [Stefan Fritsch]
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews *) mod_disk_cache: Change on-disk header file format to support the
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater link of the device/inode of the data file to the matching header
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson file, and to support the option of not writing a data file when
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater the data file is empty. [Graham Leggett]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) core/mod_unique_id: Add generate_log_id hook to allow to use
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater the ID generated by mod_unique_id as error log ID for requests.
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater [Stefan Fritsch]
9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater *) mod_cache: Make sure that we never allow a 304 Not Modified response
b1265b5a06df36d490d4bdf54284fb133a1f5a84Automatic Updater that we asked for to leak to the client should the 304 response be
9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater uncacheable. PR45341 [Graham Leggett]
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont *) mod_cache: Add the cache_status hook to register the final cache
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater decision hit/miss/revalidate. Add optional support for an X-Cache
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater and/or an X-Cache-Detail header to add the cache status to the
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont response. PR48241 [Graham Leggett]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) mod_authz_host: Add 'local' provider that matches connections originating
9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater on the local host. PR 19938. [Stefan Fritsch]
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater *) Event MPM: Fix crash accessing pollset on worker thread when child
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater process is exiting. [Jeff Trawick]
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater *) core: For process invocation (cgi, fcgid, piped loggers and so forth)
995eaa289ba9709c64ef89b3776e53c36adc0010Automatic Updater pass the system library path (LD_LIBRARY_PATH or platform-specific
b29e5c56eb74a6de1a84c29879afc90ffc6b1436Automatic Updater variables) along with the system PATH, by default. Both should be
418cc932318b1d67f88a36904d88d8a5a0a2ba09Automatic Updater overridden together as desired using PassEnv etc; see mod_env.
995eaa289ba9709c64ef89b3776e53c36adc0010Automatic Updater [William Rowe]
0977f3f39ef6728516be7976452b9122c8f5607aAutomatic Updater *) mod_cache: Introduce CacheStoreExpired, to allow administrators to
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater capture a stale backend response, perform If-Modified-Since requests
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews against the backend, and serving from the cache all 304 responses.
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater This restores pre-2.2.4 cache behavior. [William Rowe]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_rewrite: Introduce <=, >= string comparison operators, and integer
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater comparators -lt, -le, -eq, -ge, and -gt. To help bash users and drop
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater the ambiguity of the symlink test "-ltest", introduce -h or -L as
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater symlink test operators. [William Rowe]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_cache: Give the cache provider the opportunity to choose to cache
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater or not cache based on the buckets present in the brigade, such as the
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater presence of a FILE bucket.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater [Graham Leggett]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_authz_core: Allow authz providers to check args while reading the
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews config and allow to cache parsed args. Move 'all' and 'env' authz
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson providers from mod_authz_host to mod_authz_core. Add 'method' authz
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater provider depending on the HTTP method. [Stefan Fritsch]
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater *) mod_include: Move the request_rec within mod_include to be
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater exposed within include_ctx_t. [Graham Leggett]
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater *) mod_include: Reinstate support for UTF-8 character sets by allowing a
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater variable being echoed or set to be decoded and then encoded as separate
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson steps. PR47686 [Graham Leggett]
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater *) mod_cache: Add a discrete commit_entity() provider function within the
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater mod_cache provider interface which is called to indicate to the
e8c7dc2a5ce48f11c07a67c9923eeb8f419ff19fEvan Hunt provider that caching is complete, giving the provider the opportunity
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater to commit temporary files permanently to the cache in an atomic
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater fashion. Replace the inconsistent use of error cleanups with a formal
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater set of pool cleanups attached to a subpool, which is destroyed on error.
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater [Graham Leggett]
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater *) mod_cache: Change the signature of the store_body() provider function
3b6e4c84a525b0b3fc9e8affd8bb9fa5c000345fAutomatic Updater within the mod_cache provider interface to support an "in" brigade
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater and an "out" brigade instead of just a single input brigade. This
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater gives a cache provider the option to consume only part of the brigade
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater passed to it, rather than the whole brigade as was required before.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater This fixes an out of memory and a request timeout condition that would
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater occur when the original document was a large file. Introduce
c243d779731a410f8dc2d2feeed20c15f299b6e3Automatic Updater CacheReadSize and CacheReadTime directives to mod_disk_cache to control
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater the amount of data to attempt to cache at a time. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Add ErrorLogFormat to allow configuring error log format, including
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater additional information that is logged once per connection or request. Add
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater error log IDs for connections and request to allow correlating error log
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater lines and the corresponding access log entry. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Disable sendfile by default. [Stefan Fritsch]
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater *) mod_cache: Check the request to determine whether we are allowed
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater to return cached content at all, and respect a "Cache-Control:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater no-cache" header from a client. Previously, "no-cache" would
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater behave like "max-age=0". [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cache: Use a proper filter context to hold filter data instead
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater of misusing the per-request configuration. Fixes a segfault on trunk
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater when the normal handler is used. [Graham Leggett]
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater *) mod_cgid: Log a warning if the ScriptSock path is truncated because
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater it is too long. PR 49388. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) vhosts: Do not allow _default_ in NameVirtualHost, or mixing *
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater and non-* ports on NameVirtualHost, or multiple NameVirtualHost
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater directives for the same address:port, or NameVirtualHost
71bd43eebd9d6e42dbcae62b730f5b6508d5acd8Automatic Updater directives with no matching VirtualHosts, or multiple ip-based
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater VirtualHost sections for the same address:port. These were
7262eb86f2b465822206122921e2f357218f0cfdAutomatic Updater previously accepted with a warning, but the behavior was
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews undefined. [Dan Poirier]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_remoteip: Fix a segfault when using mod_remoteip in conjunction with
bbb069be941f649228760edcc241122933c066d2Automatic Updater Allow/Deny. PR 49838. [Andrew Skalski <voltara gmail.com>]
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater *) core: DirectoryMatch can now match on the end of line character ($),
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews and sub-directories of matched directories are no longer implicitly
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater matched. PR49809 [Eric Covener]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Regexps: introduce new higher-level regexp utility including parsing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater and executing perl-style regexp ops (e.g s/foo/bar/i) and regexp memory
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsChanges with Apache 2.3.8
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) suexec: Support large log files. PR 45856. [Stefan Fritsch]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) core: Abort with sensible error message if no or more than one MPM is
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater loaded. [Stefan Fritsch]
b109432c3a939bff66a463be86c371bd88efe3aaAutomatic Updater *) mod_proxy: Rename erroronstatus to failonstatus.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Daniel Ruggeri <DRuggeri primary.net>]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_dav_fs: Fix broken "creationdate" property.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater Regression in version 2.3.7. [Rainer Jung]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic UpdaterChanges with Apache 2.3.7
96713299d08c0735c18ebe8772dd2cc1ecd4356aAutomatic Updater *) SECURITY: CVE-2010-1452 (cve.mitre.org)
bf9b61c7904437745aeeb0f7d5036b35dad2a8a5Automatic Updater mod_dav, mod_cache, mod_session: Fix Handling of requests without a path
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater segment. PR: 49246 [Mark Drayton, Jeff Trawick]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson [Stefan Fritsch]
361bec4bdec45042897fb479b7071cd05bbd56b9Automatic Updater *) mod_rewrite: Log errors if rewrite map files cannot be opened. PR 49639.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater [Stefan Fritsch]
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater *) mod_proxy_http: Support the 'ping' property for backend HTTP/1.1 servers
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington via leveraging 100-Continue as the initial "request".
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater [Jim Jagielski]
129090f0f6f91753b4a085ab635e28549fd018adAutomatic Updater *) core/mod_authz_core: Introduce new access_checker_ex hook that enables
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater mod_authz_core to bypass authentication if access should be allowed by
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews IP address/env var/... [Stefan Fritsch]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) core: Introduce note_auth_failure hook to allow modules to add support
e2caa7536302de34de6cc04025abcd53dc3a499aAutomatic Updater for additional auth types. This makes ap_note_auth_failure() work with
56e7dc0c24b04210dcbffb180a9e35644fb820daAutomatic Updater mod_auth_digest again. PR 48807. [Stefan Fritsch]
8292deab031e7599cd7622aa7675fbe139ca6095Mark Andrews *) socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) mod_authn_cache: new module [Nick Kew]
699487d8026a2b931bdce8ce3ae6bc1025d639fbMark Andrews *) configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) Fix Windows build when using VC6. [Gregg L. Smith <lists glewis com>]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) mod_rewrite: Allow to set environment variables without explicitly
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater giving a value. [Rainer Jung]
3351ccbd5c1961404044f8273d54dad405f53960Mark Andrews *) mod_rewrite: Remove superfluous EOL from rewrite logging. [Rainer Jung]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) mod_include: recognise "text/html; parameters" as text/html
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater PR 49616 [Andrey Chernov <ache nagual.pp.ru>]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) CGI vars: allow PATH to be set by SetEnv, consistent with LD_LIBRARY_PATH
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater PR 43906 [Nick Kew]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) Core: Extra robustness: don't try authz and segfault if authn
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater fails to set r->user. Log bug and return 500 instead.
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater PR 42995 [Nick Kew]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) HTTP protocol filter: fix handling of longer chunk extensions
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) Update SSL cipher suite and add example for SSLHonorCipherOrder.
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater [Lars Eilebrecht, Rainer Jung]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) move AddOutputFilterByType from core to mod_filter. This should
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater fix nasty side-effects that happen when content_type is set
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater more than once in processing a request, and make it fully
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater compatible with dynamic and proxied contents. [Nick Kew]
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater *) mod_log_config: Implement logging for sub second timestamps and
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater request end time. [Rainer Jung]
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic UpdaterChanges with Apache 2.3.6
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) SECURITY: CVE-2009-3555 (cve.mitre.org)
807ffe7aba4095b2f25c75ac1459f9efcd017eebMark Andrews mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater attack when compiled against OpenSSL version 0.9.8m or later. Introduces
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater and offer unsafe legacy renegotiation with clients which do not yet
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater support the new secure renegotiation protocol, RFC 5746.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Joe Orton, and with thanks to the OpenSSL Team]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) SECURITY: CVE-2009-3555 (cve.mitre.org)
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews by rejecting any client-initiated renegotiations. Forcibly disable
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews keepalive for the connection if there is any buffered data readable. Any
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews configuration which requires renegotiation for per-directory/location
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
06f5acb11f1c32228d93eefd1eb841dbfb1c7f4dAutomatic Updater [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater *) SECURITY: CVE-2010-0408 (cve.mitre.org)
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson when request headers indicate a request body is incoming; not a case of
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>]
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews *) SECURITY: CVE-2010-0425 (cve.mitre.org)
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews mod_isapi: Do not unload an isapi .dll module until the request
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington processing is completed, avoiding orphaned callback pointers.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) core: Filter init functions are now run strictly once per request
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater before handler invocation. The init functions are no longer run
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater for connection filters. PR 49328. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Adjust the output filter chain correctly in an internal
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater redirect from a subrequest, preserving filters from the main
b1265b5a06df36d490d4bdf54284fb133a1f5a84Automatic Updater request as necessary. PR 17629. [Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cache: Explicitly allow cache implementations to cache a 206 Partial
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater Response if they so choose to do so. Previously an attempt to cache a 206
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington was arbitrarily allowed if the response contained an Expires or
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Cache-Control header, and arbitrarily denied if both headers were missing.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Add microsecond timestamp fractions, process id and thread id
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to the error log. [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) configure: The "most" module set gets build by default. [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) configure: Building dynamic modules (DSO) by default. [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) configure: Fix broken VPATH build when using included APR.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_session_crypto: Fix configure problem when building
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington with APR 2 and for VPATH builds with included APR.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_session_crypto: API compatibility with APR 2 crypto and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington APR Util 1.x crypto. [Rainer Jung]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) ab: Fix memory leak with -v2 and SSL. PR 49383.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Pavel Kankovsky <peak argo troja mff cuni cz>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Add per-module and per-directory loglevel configuration.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Add some more trace logging.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_rewrite: Replace RewriteLog/RewriteLogLevel with trace log levels.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_ssl: Replace LogLevelDebugDump with trace log levels.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_ssl/mod_proxy*: Adjust loglevels to be less verbose at levels info
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_dumpio: Replace DumpIOLogLevel with trace log levels.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington title page only) when any mod_ldap directives were used in VirtualHost
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington context. [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_disk_cache: Decline the opportunity to cache if the response is
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington a 206 Partial Content. This stops a reverse proxied partial response
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington from becoming cached, and then being served in subsequent responses.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_deflate: avoid the risk of forwarding data before headers are set.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 49369 [Matthew Steele <mdsteele google.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_authnz_ldap: Ensure nested groups are checked when the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington top-level group doesn't have any direct non-group members
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington of attributes in AuthLDAPGroupAttribute. [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_authnz_ldap: Search or Comparison during authorization phase
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater can use the credentials from the authentication phase
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater (AuthLDAPSearchAsUSer,AuthLDAPCompareAsUser).
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater PR 48340 [Domenico Rotiroti, Eric Covener]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) mod_authnz_ldap: Allow the initial DN search during authentication
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater to use the HTTP username/pass instead of an anonymous or hard-coded
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater LDAP id (AuthLDAPInitialBindAsUser, AuthLDAPInitialBindPattern).
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater [Eric Covener]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) mod_authnz_ldap: Publish requested LDAP data with an AUTHORIZE_ prefix
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater when this module is used for authorization. See AuthLDAPAuthorizePrefix.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater PR 45584 [Eric Covener]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) apxs -q: Stop filtering out ':' characters from the reported values.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater PR 45343. [Bill Cole]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) prefork MPM: Work around possible crashes on child exit in APR reslist
0d3490f93bb980fde704055e74c1b508987a5fe4Mark Andrews cleanup code. PR 43857. [Tom Donovan]
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington *) ab: fix number of requests sent by ab when keepalive is enabled. PR 48497.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington [Bryn Dole <dole blekko.com>]
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews *) Log an error for failures to read a chunk-size, and return 408 instead of
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews 413 when this is due to a read timeout. This change also fixes some cases
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington of two error documents being sent in the response for the same scenario.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews [Eric Covener] PR49167
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews *) mod_proxy_balancer: Add new directive BalancerNonce to allow admin
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater to control/set the nonce used in the balancer-manager application.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Jim Jagielski]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_proxy_connect: Support port ranges in AllowConnect. PR 23673.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Proxy balancer: support setting error status according to HTTP response
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington code from a backend. PR 48939. [Daniel Ruggeri <DRuggeri primary.net>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) htcacheclean: Introduce the ability to clean specific URLs from the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater cache, if provided as an optional parameter on the command line.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Introduce the IncludeStrict directive, which explicitly fails
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater server startup if no files or directories match a wildcard path.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) htcacheclean: Report additional statistics about entries deleted.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 48944. [Mark Drayton mark markdrayton.info]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Introduce SSLFIPS directive to support OpenSSL FIPS_mode; permits all
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater builds of mod_ssl to use 'SSLFIPS off' for portability, but the proper
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater build of openssl is required for 'SSLFIPS on'. PR 46270.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Dr Stephen Henson <steve openssl.org>, William Rowe]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_http: Log the port of the remote server in various messages.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 48812. [Igor Galić <i galic brainsware org>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington connections and other protocol handlers (like mod_ftp). [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_ajp: Really regard the operation a success, when the client
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington aborted the connection. In addition adjust the log message if the client
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington aborted the connection. [Ruediger Pluem]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: Add the 'SSLInsecureRenegotiation' directive, which
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington allows insecure renegotiation with clients which do not yet
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington support the secure renegotiation protocol. [Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: Fix a potential I/O hang if a long list of trusted CAs
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington is configured for client cert auth. PR 46952. [Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Only log a 408 if it is no keepalive timeout. PR 39785
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews [Ruediger Pluem, Mark Montague <markmont umich.edu>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) support/rotatelogs: Add -L option to create a link to the current
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington log file. PR 48761 [<lyndon orthanc.ca>, Dan Poirier]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_ldap: Update LDAPTrustedClientCert to consistently be a per-directory
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington setting only, matching most of the documentation and examples.
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater PR 46541 [Paul Reder, Eric Covener]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ldap: LDAPTrustedClientCert now accepts CA_DER/CA_BASE64 argument
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater types previously allowed only in LDAPTrustedGlobalCert. [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_negotiation: Preserve query string over multiviews negotiation.
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater This buglet was fixed for type maps in 2.2.6, but the same issue
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington affected multiviews and was overlooked.
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews PR 33112 [Joergen Thomsen <apache jth.net>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ldap: Eliminate a potential crash with multiple LDAPTrustedClientCert
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington when some are not password-protected. [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Fix startup segfault when the Mutex directive is used but no loaded
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington modules use httpd mutexes. PR 48787. [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Proxy: get the headers right in a HEAD request with
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ProxyErrorOverride, by checking for an overridden error
b7aab05edae933e169d5f83c653935b17c7f0a8bMark Andrews before not after going into a catch-all code path.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 41646. [Nick Kew, Stuart Children]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) support/rotatelogs: Support the simplest log rotation case, log
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews truncation. Useful when the log is being processed in real time
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews using a command like tail. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) support/htcacheclean: Teach it how to write a pid file (modelled on
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews httpd's writing of a pid file) so that it becomes possible to run
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington more than one instance of htcacheclean on the same machine.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater *) Log command line on startup, so there's a record of command line
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington arguments like -f. PR 48752. [Dan Poirier]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Introduce mod_reflector, a handler capable of reflecting POSTed
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington request bodies back within the response through the output filter
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington stack. Can be used to turn an output filter into a web service.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_http: Make sure that when an ErrorDocument is served
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington from a reverse proxied URL, that the subrequest respects the status
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater of the original request. This brings the behaviour of proxy_handler
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater in line with default_handler. PR 47106. [Graham Leggett]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) Support wildcards in both the directory and file components of
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the path specified by the Include directive. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_proxy, mod_proxy_http: Support remote https proxies
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater by using HTTP CONNECT. PR 19188.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Philippe Dutrueux <lilas evidian.com>, Rainer Jung]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Philip M. Gollucci]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) worker: Don't report server has reached MaxClients until it has.
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater Add message when server gets within MinSpareThreads of MaxClients.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 46996. [Dan Poirier]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_session: Session expiry was being initialised, but not updated
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews on each session save, resulting in timed out sessions when there
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington should not have been. Fixed. [Graham Leggett]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) mod_log_config: Add the R option to log the handler used within the
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews request. [Christian Folini <christian.folini netnea com>]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) mod_include: Allow fine control over the removal of Last-Modified and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ETag headers within the INCLUDES filter, making it possible to cache
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington responses if desired. Fix the default value of the SSIAccessEnable
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington directive. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Add new UnDefine directive to undefine a variable. PR 35350.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Make ap_pregsub(), used by AliasMatch and friends, use the same syntax
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington for regex backreferences as mod_rewrite and mod_include: Remove the use
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington of '&' as an alias for '$0' and allow to escape any character with a
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington backslash. PR 48351. [Stefan Fritsch]
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater *) mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater password to UTF-8. PR 45318.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Johannes Müller <joh_m gmx.de>, Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) ab: Fix calculation of requests per second in HTML output. PR 48594.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_authnz_ldap: Failures to map a username to a DN, or to check a user
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater password now result in an informational level log entry instead of
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater warning level. [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonChanges with Apache 2.3.5
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) SECURITY: CVE-2010-0434 (cve.mitre.org)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Ensure each subrequest has a shallow copy of headers_in so that the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington parent request headers are not corrupted. Eliminates a problematic
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater optimization in the case of no request body. PR 48359
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews [Jake Scott, William Rowe, Ruediger Pluem]
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater *) Turn static function get_server_name_for_url() into public
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater ap_get_server_name_for_url() and use it where appropriate. This
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater fixes mod_rewrite generating invalid URLs for redirects to IPv6
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater literal addresses. [Stefan Fritsch]
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater *) mod_ldap: Introduce new config option LDAPTimeout to set the timeout
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater for LDAP operations like bind and search. [Stefan Fritsch]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_proxy, mod_proxy_ftp: Move ProxyFtpDirCharset from mod_proxy to
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater mod_proxy_ftp. [Takashi Sato]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_proxy, mod_proxy_connect: Move AllowCONNECT from mod_proxy to
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater mod_proxy_connect. [Takashi Sato]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_cache: Do an exact match of the keys defined by
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater CacheIgnoreURLSessionIdentifiers against the querystring instead of
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater a partial match. PR 48401.
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater [Dodou Wang <wangdong.08 gmail.com>, Ruediger Pluem]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_proxy_balancer: Fix crash in balancer-manager. [Rainer Jung]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) Core HTTP: disable keepalive when the Client has sent
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater Expect: 100-continue
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater but we respond directly with a non-100 response.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater Keepalive here led to data from clients continuing being treated as
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater a new request.
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater PR 47087 [Nick Kew]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) Core: reject NULLs in request line or request headers.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 43039 [Nick Kew]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) Core: (re)-introduce -T commandline option to suppress documentroot
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater check at startup.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 41887 [Jan van den Berg <janvdberg gmail.com>]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_autoindex: support XHTML as equivalent to HTML in IndexOptions,
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater ScanHTMLTitles, ReadmeName, HeaderName
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 48416 [Dmitry Bakshaev <dab18 izhnet.ru>, Nick Kew]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) Proxy: Fix ProxyPassReverse with relative URL
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater Derived (slightly erroneously) from PR 38864 [Nick Kew]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_headers: align Header Edit with Header Set when used on Content-Type
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 48422 [Cyril Bonté <cyril.bonte free.fr>, Nick Kew>]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_headers: Enable multi-match-and-replace edit option
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater PR 46594 [Nick Kew]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_filter: enable it to act on non-200 responses.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 48377 [Nick Kew]
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian WellingtonChanges with Apache 2.3.4
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater and WatchdogMutexPath with a single Mutex directive. Add APIs to
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington simplify setup and user customization of APR proc and global mutexes.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) http_core: KeepAlive no longer accepts other than On|Off.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Takashi Sato]
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater *) mod_dav: Remove errno from dav_error interface. Calls to dav_new_error()
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater and dav_new_error_tag() must be adjusted to add an apr_status_t parameter.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_authnz_ldap: Add AuthLDAPBindAuthoritative to allow Authentication to
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater try other providers in the case of an LDAP bind failure.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 46608 [Justin Erenkrantz, Joe Schaefer, Tony Stevenson]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Build: fix --with-module to work as documented
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater PR 43881 [Gez Saunders <gez.saunders virgin.net>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.3.3
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) SECURITY: CVE-2009-3095 (cve.mitre.org)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_proxy_ftp: sanity check authn credentials.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch <sf fritsch.de>, Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) SECURITY: CVE-2009-3094 (cve.mitre.org)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_proxy_ftp: NULL pointer dereference on error paths.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch <sf fritsch.de>, Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater OpenSSL 1.0.0b3. [Vipul Gupta <vipul.gupta sun.com>, Sander Temme]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav: Include uri when logging a PUT error due to connection abort.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 38149. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_dav: Return 409 instead of 500 for a LOCK request if the parent
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater resource does not exist or is not a collection. PR 43465. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_dav_fs: Return 409 instead of 500 for Litmus test case copy_nodestcoll
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater (a COPY request where the parent of the destination resource does not
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater exist). PR 39299. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav_fs: Don't delete the whole file if a PUT with content-range failed.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 42896. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav_fs: Make PUT create files atomically and no longer destroy the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater old file if the transfer aborted. PR 39815. [Paul Querna, Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav_fs: Remove inode keyed locking as this conflicts with atomically
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater creating files. On systems with inode numbers, this is a format change of
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the DavLockDB. The old DavLockDB must be deleted on upgrade.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_log_config: Make ${cookie}C correctly match whole cookie names
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) vhost: A purely-numeric Host: header should not be treated as a port.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 44979 [Nick Kew]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) mod_ldap: Avoid 500 errors with "Unable to set LDAP_OPT_REFHOPLIMIT option to 5"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater when built against openldap by using SDK LDAP_OPT_REFHOPLIMIT defaults unless
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater LDAPReferralHopLimit is explicitly configured.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eric Covener]
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater *) mod_charset_lite: Honor 'CharsetOptions NoImplicitAdd'.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eric Covener]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: Add support for OCSP Stapling. PR 43822.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Dr Stephen Henson <shenson oss-institute.org>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_socache_shmcb: Allow parens in file name if cache size is given.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater Fixes SSLSessionCache directive mis-parsing parens in pathname.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater PR 47945. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_sed: Reduce memory consumption when processing very long lines.
2da2220fe7af2c45724b50b0187523b1fab0cf08Rob Austein PR 48024 [Basant Kumar Kukreja <basant.kukreja sun.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) ab: Fix segfault in case the argument for -n is a very large number.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 47178. [Philipp Hagemeister <oss phihag.de>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Allow ProxyPreserveHost to work in <Proxy> sections. PR 34901.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) configure: Fix THREADED_MPMS so that mod_cgid is enabled again
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater for worker MPM. [Takashi Sato]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_dav: Provide a mechanism to obtain the request_rec and pathname
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater from the dav_resource. [Jari Urpalainen <jari.urpalainen nokia.com>,
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater Brian France <brian brianfrance.com>]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) Build: Use install instead of cp if available on installing
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater modules to avoid segmentation fault. PR 47951. [hirose31 gmail.com]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) mod_cache: correctly consider s-maxage in cacheability
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater decisions. [Dan Poirier]
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater *) mod_logio/core: Report more accurate byte counts in mod_status if
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater mod_logio is loaded. PR 25656. [Stefan Fritsch]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) mod_ldap: If LDAPSharedCacheSize is too small, try harder to purge
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater some cache entries and log a warning. Also increase the default
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington LDAPSharedCacheSize to 500000. This is a more realistic size suitable
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater for the default values of 1024 for LdapCacheEntries/LdapOpCacheEntries.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 46749. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite: Make sure that a hostname:port isn't fully qualified if
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater the request is a CONNECT request. [Bill Zajac <billz consultla.com>]
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater *) mod_cache: Teach CacheEnable and CacheDisable to work from within a
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater Location section, in line with how ProxyPass works. [Graham Leggett]
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater *) mod_reqtimeout: New module to set timeouts and minimum data rates for
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater receiving requests from the client. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Fix potential memory leaks by making sure to not destroy
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington bucket brigades that have been created by earlier filters.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core, mod_deflate, mod_sed: Reduce memory usage by reusing bucket
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington brigades in several places. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cache: Fix uri_meets_conditions() so that CacheEnable will
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington match by scheme, or by a wildcarded hostname. PR 40169
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Peter Grandi <pg_asf asf.for.sabi.co.uk>, Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) suxec: Allow to log an error if exec fails by setting FD_CLOEXEC
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater on the log file instead of closing it. PR 10744. [Nicolas Rachinsky]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_mime: Make RemoveType override the info from TypesConfig.
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater PR 38330. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cache: Introduce the option to run the cache from within the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington normal request handler, and to allow fine grained control over
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington where in the filter chain content is cached. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Treat timeout reading request as 408 error, not 400.
bbf7c3fd96ae5e02cb84743c581862e35327032aAutomatic Updater Log 408 errors in access log as was done in Apache 1.3.x.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Stefan Fritsch <sf fritsch.de>, Dan Poirier]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: Reintroduce SSL_CLIENT_S_DN, SSL_CLIENT_I_DN, SSL_SERVER_S_DN,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater SSL_SERVER_I_DN back to the environment variables to be set by mod_ssl.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Peter Sylvester <peter.sylvester edelweb.fr>]
6d3ca68adcd2e825d7de011d78f14002c8b7e55eAutomatic Updater *) mod_disk_cache: don't cache incomplete responses, per RFC 2616, 13.8.
7a6ad11e0185a73984410f3252f3c49c3a301dbdBrian Wellington PR15866. [Dan Poirier]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) ab: ab segfaults in verbose mode on https sites
7a6ad11e0185a73984410f3252f3c49c3a301dbdBrian Wellington PR46393. [Ryan Niebur]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav: Allow other modules to become providers and add resource types
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to the DAV response. [Jari Urpalainen <jari.urpalainen nokia.com>,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Brian France <brian brianfrance.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_dav: Allow other modules to add things to the DAV or Allow headers
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington of an OPTIONS request. [Jari Urpalainen <jari.urpalainen nokia.com>,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Brian France <brian brianfrance.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Lower memory usage of core output filter.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Stefan Fritsch <sf sfritsch.de>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_mime: Detect invalid use of MultiviewsMatch inside Location and
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater LocationMatch sections. PR47754. [Dan Poirier]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_request: Make sure the KeptBodySize directive rejects values
f65d2e1c04c806a185bf9f3120e80692f5ccd5e6Automatic Updater that aren't valid numbers. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_session_crypto: Sanity check should the potentially encrypted
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater session cookie be too short. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_session.c: Prevent a segfault when session is added but not
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater configured. [Graham Leggett]
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_auth_digest: Fail server start when nonce count checking
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is configured without shared memory, or md5-sess algorithm is
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater configured. [Dan Poirier]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_proxy_connect: The connect method doesn't work if the client is
3e79333aa37d3b88959372431a02af8a3eb7cfd9Automatic Updater connecting to the apache proxy through an ssl socket. Fixed.
e076d0c88be69de7c190ab924d095e69d2e11f7aAndreas Gustafsson PR29744. [Brad Boyer, Mark Cave-Ayland, Julian Gilbey, Fabrice Durand,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater David Gence, Tim Dodge, Per Gunnar Hans, Emmanuel Elango,
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews Kevin Croft, Rudolf Cardinal]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: The error message when SSLCertificateFile is missing should
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater at least give the name or position of the problematic virtual host
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater definition. [Stefan Fritsch sf sfritsch.de]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_auth_digest: Fix null pointer when qop=none. [Dan Poirier]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb yahoo.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_headers: generalise the envclause to support expression
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater evaluation with ap_expr parser [Nick Kew]
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater *) mod_cache: Introduce the thundering herd lock, a mechanism to keep
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the flood of requests at bay that strike a backend webserver as
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater a cached entity goes stale. [Graham Leggett]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_auth_digest: Fix usage of shared memory and re-enable it.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 16057 [Dan Poirier]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) Preserve Port information over internal redirects
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater PR 35999 [Jonas Ringh <jonas.ringh cixit.se>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Proxy: unable to connect to a backend is SERVICE_UNAVAILABLE,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington rather than BAD_GATEWAY or (especially) NOT_FOUND.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 46971 [evanc nortel.com]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Various modules: Do better checking of pollset operations in order to
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater avoid segmentation faults if they fail. PR 46467
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater [Stefan Fritsch <sf sfritsch.de>]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) mod_autoindex: Correctly create an empty cell if the description
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) ab: Fix broken error messages after resolver or connect() failures.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) SECURITY: CVE-2009-1890 (cve.mitre.org)
47ce374fcf4bac7a56bb69f5dae1d30be5b4376dAutomatic Updater Fix a potential Denial-of-Service attack against mod_proxy in a
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater reverse proxy configuration, where a remote attacker can force a
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) SECURITY: CVE-2009-1191 (cve.mitre.org)
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater mod_proxy_ajp: Avoid delivering content from a previous request which
47ce374fcf4bac7a56bb69f5dae1d30be5b4376dAutomatic Updater failed to send a request body. PR 46949 [Ruediger Pluem]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) htdbm: Fix possible buffer overflow if dbm database has very
47ce374fcf4bac7a56bb69f5dae1d30be5b4376dAutomatic Updater long values. PR 30586 [Dan Poirier]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Return APR_EOF if request body is shorter than the length announced
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) mod_suexec: correctly set suexec_enabled when httpd is run by a
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater non-root user and may have insufficient permissions.
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater PR 42175 [Jim Radford <radford blackbean.org>]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater type. PR 45107. [Michael Ströder <michael stroeder.com>,
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater Peter Sylvester <peter.sylvester edelweb.fr>]
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater *) mod_proxy_http: fix case sensitivity checking transfer encoding
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater *) mod_alias: ensure Redirect issues a valid URL.
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater PR 44020 [Håkon Stordahl <hakon stordahl.org>]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) mod_dir: add FallbackResource directive, to enable admin to specify
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater an action to happen when a URL maps to no file, without resorting
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cgid: Do not leak the listening Unix socket file descriptor to the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) mod_rewrite: Remove locking for writing to the rewritelog.
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater PR 46942 [Dan Poirier <poirier pobox.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_alias: check sanity in Redirect arguments.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_http: fix Host: header for literal IPv6 addresses.
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore
53aed64e0f8553762fc0c380ee41cb42f514c7d5Brian Wellington defined session identifiers encoded in the URL when caching.
6de27e27ad6056d7c049feb912df5a6b9a56d1b8Automatic Updater [Ruediger Pluem]
6de27e27ad6056d7c049feb912df5a6b9a56d1b8Automatic Updater *) mod_rewrite: Fix the error string returned by RewriteRule.
6de27e27ad6056d7c049feb912df5a6b9a56d1b8Automatic Updater RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd
53aed64e0f8553762fc0c380ee41cb42f514c7d5Brian Wellington argument of RewriteRule was not started with "[" or not ended with "]".
6de27e27ad6056d7c049feb912df5a6b9a56d1b8Automatic Updater PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Windows: Fix usage message.
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) apachectl: When passing through arguments to httpd in
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews non-SysV mode, use the "$@" syntax to preserve arguments.
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews [Eric Covener]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_dbd: add DBDInitSQL directive to enable SQL statements to
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews be run when a connection is opened. PR 46827
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews [Marko Kevac <mkevac gmail.com>]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_cgid: Improve handling of long AF_UNIX socket names (ScriptSock).
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews PR 47037. [Jeff Trawick]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews protocol. [Mladen Turk]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_proxy_ajp: Forward remote port information by default.
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews [Rainer Jung]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) Allow MPMs to be loaded dynamically, as with most other modules. Use
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews --enable-mpms-shared={list|"all"} to enable. This required changes to
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews the MPM interfaces. Removed: mpm.h, mpm_default.h (as an installed
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews ap_max_daemons_limit, ap_my_generation, etc. ap_mpm_query() can't be
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews called until after the register-hooks phase. [Jeff Trawick]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to enable stricter checking of remote server certificates.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Ruediger Pluem]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) ab: Fix a 100% CPU loop on platforms where a failed non-blocking connect
af3e516f771c8ba376a8cd954a7233badfce8cdcAutomatic Updater returns EINPROGRESS and a subsequent poll() returns only POLLERR.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Observed on HP-UX. [Eric Covener]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Remove broken support for BeOS, TPF, and even older platforms such
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater as A/UX, Next, and Tandem. [Jeff Trawick]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_proxy_ftp: Add ProxyFtpListOnWildcard directive to allow files with
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater globbing characters to be retrieved instead of converted into a
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) Provide ap_retained_data_create()/ap_retained_data_get() for preservation
47ff70af9e842bf0f69d209433995216f560fe4aAutomatic Updater of module state across unload/load. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_substitute: Fix a memory leak. PR 44948
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Dan Poirier <poirier pobox.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.3.2
f55369d776907119cd8699a4119d9c80daa7cae4Mark Andrews *) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
f55369d776907119cd8699a4119d9c80daa7cae4Mark Andrews *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater HTML injections and HTTP response splitting. PR 46837.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Geoff Keating <geoffk apple.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: add support for type-safe STACK constructs in OpenSSL
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater development HEAD. PR 45521. [Kaspar Brand, Sander Temme]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) ab: Fix maintenance of the pollset to resolve EALREADY errors
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater PR 44584. Use APR_POLLSET_NOCOPY for better performance with some
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater pollset implementations. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_disk_cache: The module now turns off sendfile support if
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater 'EnableSendfile off' is defined globally. [Lars Eilebrecht]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_deflate: Adjust content metadata before bailing out on 304
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington responses so that the metadata does not differ from 200 response.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Roy T. Fielding]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_deflate: Fix creation of invalid Etag headers. We now make sure
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington that the Etag value is properly quoted when adding the gzip marker.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Peter Harlow]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Disabled DefaultType directive and removed ap_default_type()
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater from core. We now exclude Content-Type from responses for which
73eb75dc212911e4da58a3ce0a4672d3910193ebBrian Wellington a media type has not been configured via mime.types, AddType,
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater ForceType, or some other mechanism. PR 13986. [Roy T. Fielding]
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater *) mod_rewrite: Add IPV6 variable to RewriteCond
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater [Ryan Phillips <ryan-apache trolocsis.com>]
bbf7c3fd96ae5e02cb84743c581862e35327032aAutomatic Updater *) core: Enhance KeepAliveTimeout to support a value in milliseconds.
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater PR 46275. [Takashi Sato]
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater *) rotatelogs: Allow size units B, K, M, G and combination of
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater time and size based rotation. [Rainer Jung]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Translate the the status line to ASCII on EBCDIC platforms in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater ap_send_interim_response() and for locally generated "100 Continue"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater responses. [Eric Covener]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) prefork: Fix child process hang during graceful restart/stop in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater configurations with multiple listening sockets. PR 42829. [Joe Orton,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater set in the global scope. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ext_filter: We need to detect failure to startup the filter
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington program (a mangled response is not acceptable). Fix to detect
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington failure, and offer configuration option either to abort or
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to remove the filter and continue.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 41120 [Nick Kew]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) mod_session_crypto: Rewrite the session_crypto module against the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington apr_crypto API. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater until the main request is cleaned up. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.3.1
8227257b1c0224a7991e04bb79dc5059d5062dfbAndreas Gustafsson *) ap_slotmem: Add in new slot-based memory access API impl., including
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_include: support generating non-ASCII characters as entities in SSI
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 25202 [Nick Kew]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
8227257b1c0224a7991e04bb79dc5059d5062dfbAndreas Gustafsson PR 25202 [Nick Kew]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite: fix "B" flag breakage by reverting r5589343
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) CGI: return 504 (Gateway timeout) rather than 500 when a script
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater times out before returning status line/headers.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 42190 [Nick Kew]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cgid: fix segfault problem on solaris.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_proxy_scgi: Added. [André Malo]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cache: Introduce 'no-cache' per-request environment variable
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to prevent the saving of an otherwise cacheable response.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eric Covener]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater way that per-directory rewrites append the previous notion of PATH_INFO
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to each substitution before evaluating subsequent rules.
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater PR 38642 [Eric Covener]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cgid: Do not add an empty argument when calling the CGI script.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 46380 [Ruediger Pluem]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) scoreboard: Remove unused sb_type from process_score.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater size of the buffer used for the request-body where necessary
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater during a per-dir renegotiation. PR 39243. [Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_fdpass: New module to pass a client connection over to a separate
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater process that is reading from a unix daemon socket.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: Improve environment variable extraction to be more
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater efficient and to correctly handle DNs with duplicate tags.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 45975. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Remove the obsolete serial attribute from the RPM spec file. Compile
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater against the external pcre. Add missing binaries fcgistarter, and
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_socache* and mod_session*. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.3.0
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Remove X-Pad header which was added as a work around to a bug in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) Add DTrace Statically Defined Tracing (SDT) probes.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy_balancer: Move all load balancing implementations
b4cebdb6ccde66a8f3e397a1b90b0cf788519d69Automatic Updater as individual, self-contained mod_proxy submodules under
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Rename APIs to include ap_ prefix:
b4cebdb6ccde66a8f3e397a1b90b0cf788519d69Automatic Updater find_child_by_pid -> ap_find_child_by_pid
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater suck_in_APR -> ap_suck_in_APR
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater sys_privileges_handlers -> ap_sys_privileges_handlers
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington unixd_accept -> ap_unixd_accept
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington unixd_config -> ap_unixd_config
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington unixd_killpg -> ap_unixd_killpg
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater unixd_set_rlimit -> ap_unixd_set_rlimit
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater *) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater based on heartbeats. [Paul Querna]
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater *) mod_heartmonitor: New module to collect heartbeats, and write out a file
cab3e375b77a980a5d4b7e5e4ee90167439e7934Mark Andrews so that other modules can load balance traffic as needed. [Paul Querna]
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater *) mod_heartbeat: New module to generate multicast heartbeats to know if a
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater server is online. [Paul Querna]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) mod_buffer: Honour the flush bucket and flush the buffer in the
0f66aced2640d964aeb6db41210711ba0640d7f2Evan Hunt input filter. Make sure that metadata buckets are written to
71ba75c604df3604673232828a68bb28c420e698Mark Andrews the buffer, not to the final brigade. [Graham Leggett]
71ba75c604df3604673232828a68bb28c420e698Mark Andrews *) mod_buffer: Optimise the buffering of heap buckets when the heap
71ba75c604df3604673232828a68bb28c420e698Mark Andrews buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett,
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater Ruediger Pluem]
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater *) mod_buffer: Optional support for buffering of the input and output
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater filter stacks. Can collapse many small buckets into fewer larger
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater buckets, and prevents excessively small chunks being sent over
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater the wire. [Graham Leggett]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) mod_privileges: new module to make httpd on Solaris privileges-aware
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater and to enable different virtualhosts to run with different
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater privileges and Unix user/group IDs [Nick Kew]
56334ccb2d4b5a04fc12b70b5852049db5d24088Evan Hunt *) mod_mem_cache: this module has been removed. [William Rowe]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) authn/z: Remove mod_authn_default and mod_authz_default.
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater [Chris Darroch]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) authz: Fix handling of authz configurations, make default authz
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater directives. [Chris Darroch]
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater *) mod_authn_core: Prevent crash when provider alias created to
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater provider which is not yet registered. [Chris Darroch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_authn_core: Add AuthType of None to support disabling
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater authentication. [Chris Darroch]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) core: Allow <Limit> and <LimitExcept> directives to nest, and
3a9593055ead76cbbb417aee2d2e656c2c92cf46Automatic Updater constrain their use to conform with that of other access control
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater and authorization directives. [Chris Darroch]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) unixd: turn existing code into a module, and turn the set user/group
3341c8b653577f2f0cb8b72702ea6197035334ffMark Andrews and chroot into a child_init function. [Nick Kew]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_dir: Support "DirectoryIndex disabled"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
3a9593055ead76cbbb417aee2d2e656c2c92cf46Automatic Updater *) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
3d3088c228153b21af8c278c46294217c545dc45Mark Andrews OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
bb4370935685c2040a785ffb7b7397dfcd2fc838Automatic Updater *) mod_authnz_ldap: don't return NULL-valued environment variables to
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
282e38d96feb488fddbbc0b0409491094786977fMark Andrews *) Don't adjust case in pathname components that are not of interest
bb4370935685c2040a785ffb7b7397dfcd2fc838Automatic Updater to mod_mime. Fixes mod_negotiation's use of such components.
bb4370935685c2040a785ffb7b7397dfcd2fc838Automatic Updater PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Be tolerant in what you accept - accept slightly broken
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater status lines from a backend provided they include a valid status code.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 44995 [Rainer Jung <rainer.jung kippdata.de>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) New module mod_sed: filter Request/Response bodies through sed
8fca573ba41a1669fff64f234275e956551eb6e5Mark Andrews [Basant Kumar Kukreja <basant.kukreja sun.com>]
0ca8fddd5b5e26d8a05f0936fc4b2666a025b9c0Mark Andrews *) mod_auth_form: Make sure that basic authentication is correctly
0ca8fddd5b5e26d8a05f0936fc4b2666a025b9c0Mark Andrews faked directly after login. [Graham Leggett]
8fca573ba41a1669fff64f234275e956551eb6e5Mark Andrews *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
8fca573ba41a1669fff64f234275e956551eb6e5Mark Andrews within the output headers and error output headers, so that the
0ca8fddd5b5e26d8a05f0936fc4b2666a025b9c0Mark Andrews session is maintained across redirects. [Graham Leggett]
8fca573ba41a1669fff64f234275e956551eb6e5Mark Andrews *) mod_auth_form: Make sure the logged in user is populated correctly
c6517a807173827b8f638d31303805ee4c1d8054Automatic Updater after a form login. Fixes a missing REMOTE_USER variable directly
c6517a807173827b8f638d31303805ee4c1d8054Automatic Updater following a login. [Graham Leggett]
8fca573ba41a1669fff64f234275e956551eb6e5Mark Andrews *) mod_session_cookie: Make sure that cookie attributes are correctly
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews included in the blank cookie when cookies are removed. This fixes an
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater inability to log out when using mod_auth_form. [Graham Leggett]
4f5257ba7afbe06e949d1577581de18b22ef6c05Automatic Updater *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews null value. [David Shane Holden <dpejesh apache.org>]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) core, authn/z: Determine registered authn/z providers directly in
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews ap_setup_auth_internal(), which allows optional functions that just
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews wrapped ap_list_provider_names() to be removed from authn/z modules.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews [Chris Darroch]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) authn/z: Convert common provider version strings to macros.
21f8d40dbd9be951555f46b0bfa23571c5a9b913Automatic Updater [Chris Darroch]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) core: When testing for slash-terminated configuration paths in
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews ap_location_walk(), don't look past the start of an empty string
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews such as that created by a <Location ""> directive.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews [Chris Darroch]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) core, mod_proxy: If a kept_body is present, it becomes safe for
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews subrequests to support message bodies. Make sure that safety
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews checks within the core and within the proxy are not triggered
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews when kept_body is present. This makes it possible to embed
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews proxied POST requests within mod_include. [Graham Leggett]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) mod_auth_form: Make sure the input filter stack is properly set
2ec4ab21838e218863d052ebfa3e106e04f50820Evan Hunt up before reading the login form. Make sure the kept body filter
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews is correctly inserted to ensure the body can be read a second
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews time safely should the authn be successful. [Graham Leggett,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Ruediger Pluem]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_request: Insert the KEPT_BODY filter via the insert_filter
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews hook instead of during fixups. Add a safety check to ensure the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews filters cannot be inserted more than once. [Graham Leggett,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Ruediger Pluem]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) ap_cache_cacheable_headers_out() will (now) always
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews merge an error headers _before_ clearing them and _before_
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews merging in the actual entity headers and doing normal
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews hop-by-hop cleansing. [Dirk-Willem van Gulik].
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) cache: retire ap_cache_cacheable_hdrs_out() which was used
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews for both in- and out-put headers; and replace it by a single
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews ap_cache_cacheable_headers() wrapped in a in- and out-put
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews specific ap_cache_cacheable_headers_in()/out(). The latter
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews which will also merge error and ensure content-type. To keep
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews cache modules consistent with ease. This API change bumps
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews up the minor MM by one [Dirk-Willem van Gulik].
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Move the KeptBodySize directive, kept_body filters and the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews ap_parse_request_body function out of the http module and into a
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews new module called mod_request, reducing the size of the core.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_dbd: Handle integer configuration directive parameters with a
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews dedicated function.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Change the directives within the mod_session* modules to be valid
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews both inside and outside the location/directory sections, as
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews suggested by wrowe. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_auth_form: Add a module capable of allowing end users to log
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews in using an HTML form, storing the credentials within mod_session.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Add a function to the http filters that is able to parse an HTML
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews form request with the type of application/x-www-form-urlencoded.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_session_crypto: Initialise SSL in the post config hook.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Ruediger Pluem, Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_session_dbd: Add a session implementation capable of storing
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews session information in a SQL database via the dbd interface. Useful
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews for sites where session privacy is important. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_session_crypto: Add a session encoding implementation capable
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews of encrypting and decrypting sessions wherever they may be stored.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Introduces a level of privacy when sessions are stored on the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews browser. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_session_cookie: Add a session implementation capable of storing
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews session information within cookies on the browser. Useful for high
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews volume sites where server bound sessions are too resource intensive.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_session: Add a generic session interface to unify the different
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews attempts at saving persistent sessions across requests.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) core, authn/z: Avoid calling access control hooks for internal requests
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews with configurations which match those of initial request. Revert to
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews original behaviour (call access control hooks for internal requests
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews with URIs different from initial request) if any access control hooks or
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews providers are not registered as permitting this optimization.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Introduce wrappers for access control hook and provider registration
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews which can accept additional mode and flag data. [Chris Darroch]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Introduced ap_expr API for expression evaluation.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews This is adapted from mod_include, which is the first module
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews to use the new API.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_authz_dbd: When redirecting after successful login/logout per
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews AuthzDBDRedirectQuery, do not report authorization failure, and use
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews first row returned by database query instead of last row.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Chris Darroch]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ldap: Correctly return all requested attribute values
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews when some attributes have a null value.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 44560 [Anders Kaseorg <anders kaseorg.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) core: check symlink ownership if both FollowSymlinks and
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews SymlinksIfOwnerMatch are set [Nick Kew]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) core: fix origin checking in SymlinksIfOwnerMatch
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Activate mod_cache, mod_file_cache and mod_disk_cache as part of the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews 'most' set for '--enable-modules' and '--enable-shared-mods'. Include
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews contain public function declarations which are useful for
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews third party module authors. PR 42431 [Dirk-Willem van Gulik].
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_dir, mod_negotiation: pass the output filter information
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews to newly created sub requests; as these are later on used
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews as true requests with an internal redirect. This allows for
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews mod_cache et.al. to trap the results of the redirect.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Dirk-Willem van Gulik, Ruediger Pluem]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ldap: Add support (taking advantage of the new APR capability)
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews for ldap rebind callback while chasing referrals. This allows direct
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews searches on LDAP servers (in particular MS Active Directory 2003+)
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews using referrals without the use of the global catalog.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PRs 26538, 40268, and 42557 [Paul J. Reder]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) ApacheMonitor.exe: Introduce --kill argument for use by the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews installer. This will permit the installation tool to remove
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews all running instances before attempting to remove the .exe.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [William Rowe]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ssl: Add support for OCSP validation of client certificates.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_serf: New module for Reverse Proxying. [Paul Querna]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) core: Add the option to keep aside a request body up to a certain
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews size that would otherwise be discarded, to be consumed by filters
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews such as mod_include. When enabled for a directory, POST requests
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews to shtml files can be passed through to embedded scripts as POST
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews requests, rather being downgraded to GET requests. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) scoreboard: Correctly declare ap_time_process_request.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews provide the unusual legacy lookup. [William Rowe]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mpm winnt: fix null pointer dereference
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 42572 [Davi Arnaut]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews parameters to the environment. Improve portability to
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews EBCDIC machines by using apr_toupper(). [Martin Kraemer]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ldap, mod_authnz_ldap: Add support for nested groups (i.e. the ability
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews to authorize an authenticated user via a "require ldap-group X" directive
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater where the user is not in group X, but is in a subgroup contained in X.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 42891 [Paul J. Reder]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) apxs: Enhance -q flag to print all known variables and their values
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews when invoked without variable name(s).
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [William Rowe, Sander Temme]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) apxs: Eliminate run-time check for mod_so. PR 40653.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [David M. Lee <dmlee crossroads.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) beos MPM: Create pmain pool and run modules' child_init hooks when
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Chris Darroch]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews cleanups registered in modules' child_init hooks are performed.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Chris Darroch]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix issue which could cause error messages to be written to access logs
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) The LockFile directive, which specifies the location of
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews the accept() mutex lockfile, is deprecated. Instead, the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews AcceptMutex directive now takes an optional lockfile
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews location parameter, ala SSLMutex. [Jim Jagielski]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_authn_dbd: Export any additional columns queried in the SQL select
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews into the environment with the name AUTHENTICATE_<COLUMN>. This brings
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_dbd: Key the storage of prepared statements on the hex string
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews value of server_rec, rather than the server name, as the server name
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews may change (eg when the server name is set) at any time, causing
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews the first bucket from the brigade, finds it not to be a FILE
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews bucket and barfs. The fix is to pass a bucket rather than a brigade.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Niklas Edmundsson <nikke acc.umu.se>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) ap_get_server_version() has been removed. Third-party modules must
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater now use ap_get_server_banner() or ap_get_server_description().
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews [Jeff Trawick]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) All MPMs: Introduce a check_config phase between pre_config and
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews open_logs, to allow modules to review interdependent configuration
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews directive values and adjust them while messages can still be logged
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews to the console. Handle relevant MPM directives during this phase
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews and format messages for both the console and the error log, as
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews appropriate. [Chris Darroch]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews to circumvent the symbolic link checks imposed by FollowSymLinks and
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews The default is none as this is far greater debugging resolution than
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews the typical administrator is prepared to untangle. [William Rowe]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) mod_disk_cache: If possible, check if the size of an object to cache is
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews within the configured boundaries before actually saving data.
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews [Niklas Edmundsson <nikke acc.umu.se>]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) Worker and event MPMs: Remove improper scoreboard updates which were
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews performed in the event of a fork() failure. [Chris Darroch]
9f0225ba7e69a36e546ef40107d86c1ba04f10dbAutomatic Updater *) Add support for fcgi:// proxies to mod_rewrite.
78cb74fab4665da2e2641ba909c6f59f74cc4193Automatic Updater [Markus Schiegl <ms schiegl.com>]
121bd24f4b8b2fc87cc945757b0c87e7e7656489Automatic Updater *) Remove incorrect comments from scoreboard.h regarding conditional
bb93c8542756719b53096b9939e4041d0966026fAutomatic Updater loading of worker_score structure with mod_status, and remove unused
bb93c8542756719b53096b9939e4041d0966026fAutomatic Updater definitions relating to old life_status field.
bb93c8542756719b53096b9939e4041d0966026fAutomatic Updater [Chris Darroch <chrisd pearsoncmg.com>]
822e877c4cd2a254fddd70d6cdf24fa374c98312Automatic Updater *) Remove allocation of memory for unused array of lb_score pointers
822e877c4cd2a254fddd70d6cdf24fa374c98312Automatic Updater in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
bb93c8542756719b53096b9939e4041d0966026fAutomatic Updater *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
78cb74fab4665da2e2641ba909c6f59f74cc4193Automatic Updater [Garrett Rooney, Jim Jagielski, Paul Querna]
121bd24f4b8b2fc87cc945757b0c87e7e7656489Automatic Updater *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
121bd24f4b8b2fc87cc945757b0c87e7e7656489Automatic Updater [Chris Darroch <chrisd pearsoncmg.com>]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) mod_charset_lite: Remove Content-Length when output filter can
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater invalidate it. Warn when input filter can invalidate it.
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater [Jeff Trawick]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Authz: Add the new module mod_authn_core that will provide common
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater authn directives such as 'AuthType', 'AuthName'. Move the directives
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater into mod_authn_core. [Brad Nicholes]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater into the new module mod_access_compat which can be loaded to provide
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater support for these directives.
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater [Brad Nicholes]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Authz: Move the 'Require' directive from the core module as well as
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews logic into the authorization processing. [Brad Nicholes]
309b912841e8b97bf0b0df0d96c3eaf16990c080Automatic Updater *) Authz: Add the new module mod_authz_core which acts as the
56874aef380a64a2c183b7c282c3e7a361d67fa1Automatic Updater authorization provider vector and contains common authz
56874aef380a64a2c183b7c282c3e7a361d67fa1Automatic Updater directives. [Brad Nicholes]
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark Andrews 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark Andrews *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
309b912841e8b97bf0b0df0d96c3eaf16990c080Automatic Updater host-based access control provided by mod_authz_host and invoked
94df856897945fe58f130ba78765c57308bc5400Automatic Updater through the 'Require' directive. [Brad Nicholes]
5c679dbb66df92766f6a7e7bb93c18d61275d1feMark Andrews *) Authz: Convert all of the authz modules from hook based to
5c679dbb66df92766f6a7e7bb93c18d61275d1feMark Andrews provider based. [Brad Nicholes]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cache: Add CacheMinExpire directive to set the minimum time in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater seconds to cache a document.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5Mark Andrews *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
da93950363b307b718d156514b95b9df93a63776Mark Andrews *) Fix typo in ProxyStatus syntax error message.
da93950363b307b718d156514b95b9df93a63776Mark Andrews [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Asynchronous write completion for the Event MPM. [Brian Pane]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) Added an End-Of-Request bucket type. The logging of a request and
f6056ad06781c95198505ae3a361e6dd98df4b91Automatic Updater the freeing of its pool are now done when the EOR bucket is destroyed.
f6056ad06781c95198505ae3a361e6dd98df4b91Automatic Updater This has the effect of delaying the logging until right after the last
f6056ad06781c95198505ae3a361e6dd98df4b91Automatic Updater of the response is sent; ap_core_output_filter() calls the access logger
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater indirectly when it destroys the EOR bucket. [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Rewrite of logresolve support utility: IPv6 addresses are now supported
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater and the format of statistical output has changed. [Colm MacCarthaigh]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
f8e61212a1b83e60f521577cc522e8bc1509c8cfAutomatic Updater *) Added new connection states for handler and write completion
0b580e05aec89f501a9c20cc00ceb42d043d3928Automatic Updater *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
78d7186253dfed549ec0ce2d7c2b08a7978ede9cAutomatic Updater [Justin Erenkrantz]
0b580e05aec89f501a9c20cc00ceb42d043d3928Automatic Updater *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
0b580e05aec89f501a9c20cc00ceb42d043d3928Automatic Updater allowing string-valued client certificate attributes to be used for
78d7186253dfed549ec0ce2d7c2b08a7978ede9cAutomatic Updater access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
f8e61212a1b83e60f521577cc522e8bc1509c8cfAutomatic Updater [Martin Kraemer, David Reid]
0b580e05aec89f501a9c20cc00ceb42d043d3928Automatic Updater [Apache 2.3.0-dev includes those bug fixes and changes with the
0b580e05aec89f501a9c20cc00ceb42d043d3928Automatic Updater Apache 2.2.xx tree as documented, and except as noted, below.]
78d7186253dfed549ec0ce2d7c2b08a7978ede9cAutomatic UpdaterChanges with Apache 2.2.x and later:
78d7186253dfed549ec0ce2d7c2b08a7978ede9cAutomatic Updater *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
78d7186253dfed549ec0ce2d7c2b08a7978ede9cAutomatic UpdaterChanges with Apache 2.0.x and later:
f8e61212a1b83e60f521577cc522e8bc1509c8cfAutomatic Updater *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
f8e61212a1b83e60f521577cc522e8bc1509c8cfAutomatic UpdaterChanges with Apache 1.3.x and later: