CHANGES revision 77504f17963a8dd941a921d9ddfa25ddb0f348d6
5bd562b1d7da51cb5715899d32bb4c79c54459b0wrowe -*- coding: utf-8 -*-
5bd562b1d7da51cb5715899d32bb4c79c54459b0wroweChanges with Apache 2.3.15
39021cf8b495cdb94013ca73531ccb32658fb793rederpj *) mod_ssl: revamp CRL-based revocation checking when validating
39021cf8b495cdb94013ca73531ccb32658fb793rederpj certificates of clients or proxied servers. Completely delegate
39021cf8b495cdb94013ca73531ccb32658fb793rederpj CRL processing to OpenSSL, and add a new [Proxy]CARevocationCheck
39021cf8b495cdb94013ca73531ccb32658fb793rederpj directive for controlling the revocation checking mode. [Kaspar Brand]
39021cf8b495cdb94013ca73531ccb32658fb793rederpj *) Fix a regression in the CVE-2011-3192 byterange fix.
39021cf8b495cdb94013ca73531ccb32658fb793rederpj PR 51748. [low_priority <lowprio20 gmail.com>]
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe *) SECURITY: CVE-2011-3192 (cve.mitre.org)
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe core: Fix handling of byte-range requests to use less memory, to avoid
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe denial of service. If the sum of all ranges in a request is larger than
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe the original file, ignore the ranges and send the complete file.
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe *) core: Add MaxRanges directive to control the number of ranges permitted
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe before returning the entire resource, with a default limit of 200.
fa16f10bc02e46bc5a6c2c2c6371926cd1dbe2edwrowe [Eric Covener]
db8ac7cbb1fa6cdd6abcc4bb797d4deed32dd269jim *) mod_cache: Ensure that CacheDisable can correctly appear within
db8ac7cbb1fa6cdd6abcc4bb797d4deed32dd269jim a LocationMatch. [Graham Leggett]
db8ac7cbb1fa6cdd6abcc4bb797d4deed32dd269jim *) mod_cache: Fix the moving of the CACHE filter, which erroneously
7b979864a91b52ecebca11d0a9a22e09349e59baminfrin stood down if the original filter was not added by configuration.
8d755accbdc5ae15bb0d00169b815d264c7de745minfrin [Graham Leggett]
7b979864a91b52ecebca11d0a9a22e09349e59baminfrin *) mod_ssl: improve certificate error logging. PR 47408. [Kaspar Brand]
7b0a3bcc0e689305df49f7d4da7abc35aa891862brianp *) mod_authz_groupfile: Increase length limit of lines in the group file to
7b0a3bcc0e689305df49f7d4da7abc35aa891862brianp 16MB. PR 43084. [Stefan Fritsch]
1bae4591a85d90325ecdacedf7e54d1bbfe31037aaron *) core: Increase length limit of lines in the configuration file to 16MB.
1bae4591a85d90325ecdacedf7e54d1bbfe31037aaron PR 45888. PR 50824. [Stefan Fritsch]
a6f48cc01ab8f5377e570c61826dcdfc36741936trawick *) core: Add API for resizable buffers. [Stefan Fritsch]
a6f48cc01ab8f5377e570c61826dcdfc36741936trawick *) mod_ldap: Enable LDAPConnectionTimeout for LDAP toolkits that have
a6f48cc01ab8f5377e570c61826dcdfc36741936trawick LDAP_OPT_CONNECT_TIMEOUT instead of LDAP_OPT_NETWORK_TIMEOUT, such
2da345202997f8f5860c801d68f7913c02fc05fctrawick as Tivoli Directory Server 6.3 and later. [Eric Covener]
2da345202997f8f5860c801d68f7913c02fc05fctrawick *) mod_ldap: Change default number of retries from 10 to 3, and add
5bd562b1d7da51cb5715899d32bb4c79c54459b0wrowe an LDAPRetries and LDAPRetryDelay directives. [Eric Covener]
5bd562b1d7da51cb5715899d32bb4c79c54459b0wrowe *) mod_authnz_ldap: Don't retry during authentication, because this just
5bd562b1d7da51cb5715899d32bb4c79c54459b0wrowe multiplies the ample retries already being done by mod_ldap. [Eric Covener]
5bd562b1d7da51cb5715899d32bb4c79c54459b0wrowe *) configure: Allow to explicitly disable modules even with module selection
1c06e98017400874d5ff6ad79f13145ec4589225striker 'reallyall'. [Stefan Fritsch]
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe *) mod_rewrite: Check validity of each internal (int:) RewriteMap even if the
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe RewriteEngine is disabled in server context, avoiding a crash while
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe referencing the invalid int: map at runtime. PR 50994.
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe [Ben Noordhuis <info noordhuis nl>]
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe *) mod_ssl, configure: require OpenSSL 0.9.7 or later. [Kaspar Brand]
99a041314eb3db0b0cca325c9c40d0a6c5fdf04fwrowe *) mod_ssl: remove ssl_toolkit_compat layer. [Kaspar Brand]
6e119e632566d69798ce6cf4e714ed374b72914frederpj *) mod_ssl, configure, ab: drop support for RSA BSAFE SSL-C toolkit.
6e119e632566d69798ce6cf4e714ed374b72914frederpj [Kaspar Brand]
6e119e632566d69798ce6cf4e714ed374b72914frederpj *) mod_usertrack: Run mod_usertrack earlier in the fixups hook to ensure the
6e119e632566d69798ce6cf4e714ed374b72914frederpj cookie is set when modules such as mod_rewrite trigger a redirect. Also
bd120542ebe7e09cdbada5daf4924f4690e5ece3trawick use r->err_headers_out for the cookie, for the same reason. PR29755.
bd120542ebe7e09cdbada5daf4924f4690e5ece3trawick [Sami J. Mäkinen <sjm almamedia fi>, Eric Covener]
bd120542ebe7e09cdbada5daf4924f4690e5ece3trawick *) mod_proxy_http, mod_proxy_connect: Add 'proxy-status' and
bd120542ebe7e09cdbada5daf4924f4690e5ece3trawick 'proxy-source-port' request notes for logging. PR 30195. [Stefan Fritsch]
68d439bc0482b2e41053480f748edc2574c2ea7btrawick *) configure: Enable ldap modules in 'all' and 'most' selections if ldap
68d439bc0482b2e41053480f748edc2574c2ea7btrawick is compiled into apr-util. [Stefan Fritsch]
dddbde8480d265d06c84f2281f01e00f8ef52e94mjc *) core: Add ap_check_cmd_context()-check if a command is executed in
dddbde8480d265d06c84f2281f01e00f8ef52e94mjc .htaccess file. [Stefan Fritsch]
a5ca705e053a6c754c5958aafcd6f0aa60a2e67frbb *) mod_deflate: Fix endless loop if first bucket is metadata. PR 51590.
e06675c51d084791089d79c3ac18aeae8dd465fcrbb [Torsten Foertsch <torsten foertsch gmx net>]
e06675c51d084791089d79c3ac18aeae8dd465fcrbbChanges with Apache 2.3.14
481c1206b6065a8f37ab75ca1fc26c947cb37852ianh *) mod_proxy_ajp: Improve trace logging. [Rainer Jung]
481c1206b6065a8f37ab75ca1fc26c947cb37852ianh *) mod_proxy_ajp: Respect "reuse" flag in END_REPONSE packets.
a964f7434f5c7f512a5fa0d0178260ccb74c84berbb [Rainer Jung]
a964f7434f5c7f512a5fa0d0178260ccb74c84berbb *) mod_proxy: enable absolute URLs to be rewritten with ProxyPassReverse,
a964f7434f5c7f512a5fa0d0178260ccb74c84berbb e.g. to reverse proxy "Location: https://other-internal-server/login"
6a7877447bcb8e6ff848d72f82f184c404ef4c0bminfrin *) prefork, worker, event: Make sure crashes are logged to the error log if
9335cbd541cca1ca6038af329bbd1645310aabccminfrin httpd has already detached from the console. [Stefan Fritsch]
9335cbd541cca1ca6038af329bbd1645310aabccminfrin *) prefork, worker, event: Reduce period during startup/restart where a
9335cbd541cca1ca6038af329bbd1645310aabccminfrin successive signal may be lost. PR 43696. [Arun Bhalla <arun shme net>]
9335cbd541cca1ca6038af329bbd1645310aabccminfrin *) mod_allowmethods: Correct Merging of "reset" and do not allow an
9335cbd541cca1ca6038af329bbd1645310aabccminfrin empty parameter list for the AllowMethods directive. [Rainer Jung]
e156db58351d1c040bc72430f3eb072cb6ae7107brianp *) configure: Update selection of modules for 'all' and 'most'. 'all' will
e156db58351d1c040bc72430f3eb072cb6ae7107brianp now enable all modules except for example and test modules. Make the
e156db58351d1c040bc72430f3eb072cb6ae7107brianp selection for 'most' more useful (including ssl and proxy). Both 'all'
e156db58351d1c040bc72430f3eb072cb6ae7107brianp and 'most' will now disable modules if dependencies are missing instead
1c06e98017400874d5ff6ad79f13145ec4589225striker of aborting. If a specific module is requested with --enable-XXX=yes,
1c06e98017400874d5ff6ad79f13145ec4589225striker missing dependencies will still cause configure to exit with an error.
1c06e98017400874d5ff6ad79f13145ec4589225striker [Stefan Fritsch]
eb1349e4ab58bd2935f7054a1bfc5c86ab5a5fa3striker *) mod_ldap: Revert the integration of apr-ldap as ap_ldap which was done
6a94da925498a20a09fde0a66002607be8d83b1astriker in 2.3.13. [Stefan Fritsch]
75161f3b2029c25bdb3f8ab87b85cb1810c479eajerenkrantz *) core: For '*' or '_default_' vhosts, use a wildcard address of any
7639aa8b39e0d9dbd096f9cc3379bcd3d5e4003bstriker address family, rather than IPv4 only. [Joe Orton]
4c9d27bfdfea41b388dc705f7cc2b49318ab5344jim *) core, mod_rewrite, mod_ssl, mod_nw_ssl: Make the SERVER_NAME variable
4c9d27bfdfea41b388dc705f7cc2b49318ab5344jim include [ ] for literal IPv6 addresses, as mandated by RFC 3875.
4c9d27bfdfea41b388dc705f7cc2b49318ab5344jim PR 26005. [Stefan Fritsch]
e8e8ab3cbc3d90f15eb78e094c381a6e908fd6efjerenkrantz *) mod_negotiation: Fix parsing of Content-Length in type maps. PR 42203.
e8e8ab3cbc3d90f15eb78e094c381a6e908fd6efjerenkrantz [Nagae Hidetake <nagae eagan jp>]
f4c472b8dce3c2e559232dbb5b27ed2466922ea4jerenkrantz *) core: Add more logging to ap_scan_script_header_err* functions. Add
8dc5aa056a586ffa920a6ecd5c31048702371ea6brianp ap_scan_script_header_err*_ex functions that take a module index for
8dc5aa056a586ffa920a6ecd5c31048702371ea6brianp mod_cgi, mod_cgid, mod_proxy_fcgi, mod_proxy_scgi, mod_isapi: Use the
7e31ef4870c7ef94838585004405e8854fefcc51ianh new functions in order to make logging configurable per-module.
7e31ef4870c7ef94838585004405e8854fefcc51ianh [Stefan Fritsch]
7e31ef4870c7ef94838585004405e8854fefcc51ianh *) mod_dir: Add DirectoryIndexRedirect to send an external redirect to
7e31ef4870c7ef94838585004405e8854fefcc51ianh the proper index. [Eric Covener]
bd496a3a7752a55c849e62ed00cacc492d4f6d3erederpj *) mod_deflate: Don't try to compress requests with a zero sized body.
bd496a3a7752a55c849e62ed00cacc492d4f6d3erederpj PR 51350. [Stefan Fritsch]
bd496a3a7752a55c849e62ed00cacc492d4f6d3erederpj *) core: Fix startup on IP6-only systems. PR 50592. [Joe Orton,
a8c401eadf77822e851f19c7740e7ec6dca03daastoddard <root linkage white-void net>]
a8c401eadf77822e851f19c7740e7ec6dca03daastoddard *) suexec: Add environment variables CONTEXT_DOCUMENT_ROOT, CONTEXT_PREFIX,
a8c401eadf77822e851f19c7740e7ec6dca03daastoddard REDIRECT_ERROR_NOTES, REDIRECT_SCRIPT_FILENAME, REQUEST_SCHEME to the
93d7153aa172665f55b04463b831ad556269c3efbrianp whitelist in suexec. PR 51499. [Graham Laverty <graham reg ca>,
791781f2ccc1f1f1bc1b1643861d3da23edfd147jerenkrantz Stefan Fritsch]
2ffa5829cad36f12b0a1fc3481592e85bc210a5bjerenkrantz *) mod_rewrite: Fix regexp RewriteCond with NoCase. [Stefan Fritsch]
2ffa5829cad36f12b0a1fc3481592e85bc210a5bjerenkrantz *) mod_log_debug: New module that allows to log custom messages at various
02e8590d904653a95eca31bdf8e60866642bb592slive phases in the request processing. [Stefan Fritsch]
30a5ee06ae5f7f67a83d6852871f654ae3e14aadslive *) mod_ssl: Add some debug logging when loading server certificates.
02e8590d904653a95eca31bdf8e60866642bb592slive PR 37912. [Nick Burch <nick burch alfresco com>]
a97c4ce2bea3dbf8ddc82c796cf93aa6b46765a4brianp *) configure: Support reallyall option also for --enable-mods-static.
a97c4ce2bea3dbf8ddc82c796cf93aa6b46765a4brianp [Rainer Jung]
b7838ae85a698af19d90ba4ebe03e10bdc149eacjerenkrantz *) mod_socache_dc: add --with-distcache to configure for choosing
435d2db95b905b0d16d35410e18ff77dc39688aabrianp the distcache installation directory. [Rainer Jung]
435d2db95b905b0d16d35410e18ff77dc39688aabrianp *) mod_socache_dc: use correct build variable MOD_SOCACHE_DC_LDADD
1a7728c0205d607d5d87c6b6bf1b8837a9785a99ianh instead of MOD_SOCACHE_LDADD in build macro. [Rainer Jung]
a574815e2c6db68b9d8139db89921ededf033decianh *) mod_lua, mod_deflate: respect platform specific runpath linker
964f539e766a3301b3e2f767baeffddcf9f6092bjerenkrantz flag. [Rainer Jung]
964f539e766a3301b3e2f767baeffddcf9f6092bjerenkrantz *) configure: Only link the httpd binary against PCRE. No other support
5e538c6ced13aa2f7c358e1a44f651d31dd5fab8brianp binary needs PCRE. [Rainer Jung]
5e538c6ced13aa2f7c358e1a44f651d31dd5fab8brianp *) configure: tolerate dependency checking failures for modules if
5e538c6ced13aa2f7c358e1a44f651d31dd5fab8brianp they have been enabled implicitely. [Rainer Jung]
61202a45487668abad788c02e339f626176e645fianh *) configure: Allow to specify module specific custom linker flags via
61202a45487668abad788c02e339f626176e645fianh the MOD_XXX_LDADD variables. [Rainer Jung]
02c49e1f35a4d1a171df2d319e76af0c5163dc4dmartinChanges with Apache 2.3.13
6deb8bcfb8511ac38243a8274fc589842841b398ianh *) ab: Support specifying the local address to use. PR 48930.
6deb8bcfb8511ac38243a8274fc589842841b398ianh [Peter Schuller <scode spotify com>]
49bbbd1939208be54a3eb00b95e61d90d180a606ianh *) core: Add support to ErrorLogFormat for logging the system unique
49bbbd1939208be54a3eb00b95e61d90d180a606ianh thread id under Linux. [Stefan Fritsch]
93d7153aa172665f55b04463b831ad556269c3efbrianp *) event: New AsyncRequestWorkerFactor directive to influence how many
93d7153aa172665f55b04463b831ad556269c3efbrianp connections will be accepted per process. [Stefan Fritsch]
bc6600a6207e5d15b895294e370e4e3320a803d8stoddard *) prefork, worker, event: Rename MaxClients to MaxRequestWorkers which
bc6600a6207e5d15b895294e370e4e3320a803d8stoddard describes more accurately what it does. [Stefan Fritsch]
bc6600a6207e5d15b895294e370e4e3320a803d8stoddard *) rotatelogs: Add -p argument to specify custom program to invoke
bc6600a6207e5d15b895294e370e4e3320a803d8stoddard after a log rotation. PR 51285. [Sven Ulland <sveniu ifi.uio.no>,
4e21f1a207aefa9796dc758bf7274b0f1fea780fstoddard *) mod_ssl: Don't do OCSP checks for valid self-issued certs. [Kaspar Brand]
5c214a63f9722864ac4983995da11353779515dbrederpj *) mod_ssl: Avoid unnecessary renegotiations with SSLVerifyDepth 0.
5c214a63f9722864ac4983995da11353779515dbrederpj PR 48215. [Kaspar Brand]
5c214a63f9722864ac4983995da11353779515dbrederpj *) mod_status: Display information about asynchronous connections in the
9f20717d827f2113a23dfa45539813171cf626eaianh server-status. PR 44377. [Stefan Fritsch]
9f20717d827f2113a23dfa45539813171cf626eaianh *) mpm_event: If the number of connections of a process is very high, or if
9f20717d827f2113a23dfa45539813171cf626eaianh all workers are busy, don't accept new connections in that process.
a0db2f093595083300ad3438314f90921405ccf9wrowe [Stefan Fritsch]
a0db2f093595083300ad3438314f90921405ccf9wrowe *) mpm_event: Process lingering close asynchronously instead of tying up
c66798efb2184ecf904cd8471acd17e65688b1caianh worker threads. [Jeff Trawick, Stefan Fritsch]
fb59f85aab19883025f619727948b8088232cc4brederpj *) mpm_event: If MaxMemFree is set, limit the number of pools that is kept
fb59f85aab19883025f619727948b8088232cc4brederpj around. [Stefan Fritsch]
fb59f85aab19883025f619727948b8088232cc4brederpj *) mpm_event: Fix graceful restart aborting connections. PR 43359.
1a1cf0ee9229ee29e5750b25dd94dbb9b04072cfianh [Takashi Sato <takashi lans-tv com>]
1a1cf0ee9229ee29e5750b25dd94dbb9b04072cfianh *) mod_ssl: Disable AECDH ciphers in example config. PR 51363.
1a1cf0ee9229ee29e5750b25dd94dbb9b04072cfianh [Rob Stradling <rob comodo com>]
0bbb249eafe9ef9508821f0ef58e7440625ecd62trawick *) core: Introduce new function ap_get_conn_socket() to access the socket of
0bbb249eafe9ef9508821f0ef58e7440625ecd62trawick a connection. [Stefan Fritsch]
7a23067e782dd5612d4d4b539906e1733b664df7jwoolley *) mod_data: Introduce a filter to support RFC2397 data URLs. [Graham
7a23067e782dd5612d4d4b539906e1733b664df7jwoolley *) mod_userdir/mod_alias/mod_vhost_alias: Correctly set DOCUMENT_ROOT,
6032a7c97a25c52f4bdd78ce23f2010e52c9e81arederpj CONTEXT_DOCUMENT_ROOT, CONTEXT_PREFIX. PR 26052. PR 46198.
6032a7c97a25c52f4bdd78ce23f2010e52c9e81arederpj [Stefan Fritsch]
ba2e14e474516f1c75a96b4f6d1a9dec332175efianh *) core: Allow to override document_root on a per-request basis. Introduce
ba2e14e474516f1c75a96b4f6d1a9dec332175efianh new context_document_root and context_prefix which provide information
ec69fc6e323eb1f3112966e06e9e37be608d052cianh about non-global URI-to-directory mappings (from e.g. mod_userdir or
f0791c5bdfd36969d292a4092df076aa6d1c34ccwrowe mod_alias) to scripts. PR 49705. [Stefan Fritsch]
f0791c5bdfd36969d292a4092df076aa6d1c34ccwrowe *) core: Add <ElseIf> and <Else> to complement <If> sections.
f0791c5bdfd36969d292a4092df076aa6d1c34ccwrowe [Stefan Fritsch]
749011213737e8d0cd6ca78d5eb532ec6f6b9fdfianh *) mod_ext_filter: Remove DebugLevel option in favor of per-module loglevel.
749011213737e8d0cd6ca78d5eb532ec6f6b9fdfianh [Stefan Fritsch]
ec69fc6e323eb1f3112966e06e9e37be608d052cianh *) mod_include: Make the "#if expr" element use the new "ap_expr" expression
e7bf4d6f15d04e86e20002e65f60d7fbf80e5974stoddard parser. The old parser can still be used by setting the new directive
e7bf4d6f15d04e86e20002e65f60d7fbf80e5974stoddard SSILegacyExprParser. [Stefan Fritsch]
de42d3dfd83a4cc62f0dd6b79ee5cbcfa69fd503brianp *) core: Add some features to ap_expr for use by mod_include: a restricted
de42d3dfd83a4cc62f0dd6b79ee5cbcfa69fd503brianp mode that does not allow to bypass request access restrictions; new
de42d3dfd83a4cc62f0dd6b79ee5cbcfa69fd503brianp variables DOCUMENT_URI (alias for REQUEST_URI), LAST_MODIFIED; -A as an
de42d3dfd83a4cc62f0dd6b79ee5cbcfa69fd503brianp alias for -U; an additional data entry in ap_expr_eval_ctx_t for use by
8ab933f1df663f95c27e2ce5772127d4f3a10e0bstriker the consumer; an extensible ap_expr_exec_ctx() API that allows to use that
a8dda281113c5038945423320d8c9b42e3d1ddb1jwoolley data entry. [Stefan Fritsch]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_include: Merge directory configs instead of one SSI* config directive
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe causing all other per-directory SSI* config directives to be reset.
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe [Stefan Fritsch]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_charset_lite: Remove DebugLevel option in favour of per-module
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe loglevel. [Stefan Fritsch]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) core: Add ap_regexec_len() function that works with non-null-terminated
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe strings. PR 51231. [Yehezkel Horowitz <horowity checkpoint com>]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_authnz_ldap: If the LDAP server returns constraint violation,
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe don't treat this as an error but as "auth denied". [Stefan Fritsch]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_proxy_fcgi|scgi: Add support for "best guess" of PATH_INFO
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe for SCGI/FCGI. PR 50880, 50851. [Mark Montague <mark catseye.org>,
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe Jim Jagielski]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_cache: When content is served stale, and there is no means to
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe revalidate the content using ETag or Last-Modified, and we have
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe mandated no stale-on-error behaviour, stand down and don't cache.
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe Saves a cache write that will never be read.
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe [Graham Leggett]
39dde7f4cd79d701cc14e5beac8ea528bc58d038wrowe *) mod_reqtimeout: Fix a timed out connection going into the keep-alive
268ac122b1fd6fa948b30bdf0d8c0d80e75d68dawrowe state after a timeout when discarding a request body. PR 51103.
268ac122b1fd6fa948b30bdf0d8c0d80e75d68dawrowe [Stefan Fritsch]
268ac122b1fd6fa948b30bdf0d8c0d80e75d68dawrowe *) core: Add various file existance test operators to ap_expr.
268ac122b1fd6fa948b30bdf0d8c0d80e75d68dawrowe [Stefan Fritsch]
6ba861fd6c705eaeb1f9bb97df86ddea6895e263minfrin *) mod_proxy_express: New mass reverse-proxy switch extension for
6ba861fd6c705eaeb1f9bb97df86ddea6895e263minfrin mod_proxy. [Jim Jagielski]
268ac122b1fd6fa948b30bdf0d8c0d80e75d68dawrowe *) configure: Fix script error when configuring module set "reallyall".
b78ed256f4b99e72836d36fd68d4e7a26dbe032cianh [Rainer Jung]
b78ed256f4b99e72836d36fd68d4e7a26dbe032cianhChanges with Apache 2.3.12
e7ec1c54206901c9369e40f471b71836c78e017dwrowe *) configure, core: Provide easier support for APR's hook probe
698670444b30b79e808155739f98c39bec35f72awrowe capability. [Jim Jagielski, Jeff Trawick]
57bea0f0559e31536af3b7b5859d3681ee29a34cwrowe *) Silence autoconf 2.68 warnings. [Rainer Jung]
57bea0f0559e31536af3b7b5859d3681ee29a34cwrowe *) mod_authnz_ldap: Resolve crash when LDAP is used for authorization only
57bea0f0559e31536af3b7b5859d3681ee29a34cwrowe [Scott Hill <shill genscape.com>]
94e2b2d12fa269af16fa63a6270d3336d9f126f2trawick *) support: Make sure check_forensic works with mod_unique_id loaded
94e2b2d12fa269af16fa63a6270d3336d9f126f2trawick [Joe Schaefer]
94e2b2d12fa269af16fa63a6270d3336d9f126f2trawick *) Add child_status hook for tracking creation/termination of MPM child
35313c8d7368125c3e95d3118238d2be9a613000trawick processes. Add end_generation hook for notification when the last
35313c8d7368125c3e95d3118238d2be9a613000trawick MPM child of a generation exits. [Jeff Trawick]
55da18d54a0ba74dc51aecba5b0daf71a2ed10a7trawick *) mod_ldap: Make LDAPSharedCacheSize 0 create a non-shared-memory cache per
55da18d54a0ba74dc51aecba5b0daf71a2ed10a7trawick process as opposed to disabling caching completely. This allows to use
55da18d54a0ba74dc51aecba5b0daf71a2ed10a7trawick the non-shared-memory cache as a workaround for the shared memory cache
55da18d54a0ba74dc51aecba5b0daf71a2ed10a7trawick not being available during graceful restarts. PR 48958. [Stefan Fritsch]
c51f2b89da23e3371959a74808dee1792d96f5c1wsanchez *) Add new ap_reserve_module_slots/ap_reserve_module_slots_directive API,
c51f2b89da23e3371959a74808dee1792d96f5c1wsanchez necessary if a module (like mod_perl) registers additional modules late
c51f2b89da23e3371959a74808dee1792d96f5c1wsanchez in the startup phase. [Stefan Fritsch]
c51f2b89da23e3371959a74808dee1792d96f5c1wsanchez *) core: Prevent segfault if DYNAMIC_MODULE_LIMIT is reached. PR 51072.
79c9b0ac498d97336874edba0daf9f544ad14671trawick [Torsten Förtsch <torsten foertsch gmx net>]
79c9b0ac498d97336874edba0daf9f544ad14671trawick *) WinNT MPM: Improve robustness under heavy load. [Jeff Trawick]
79c9b0ac498d97336874edba0daf9f544ad14671trawick *) MinGW build improvements. PR 49535. [John Vandenberg
5a7d934619b2be92e18be5dd3366f4ac6ddeab43trawick <jayvdb gmail.com>, Jeff Trawick]
5a7d934619b2be92e18be5dd3366f4ac6ddeab43trawick *) core: Support module names with colons in loglevel configuration.
5a70e5b66eb7758d0e64e070211f699fc83fca70wrowe [Torsten Förtsch <torsten foertsch gmx net>]
5a70e5b66eb7758d0e64e070211f699fc83fca70wrowe *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
5a70e5b66eb7758d0e64e070211f699fc83fca70wrowe [Stefan Fritsch]
84eeb0ab12215fc22577a9a0a9589cea2a445712trawick *) core: Abort if the MPM is changed across restart. [Jeff Trawick]
1d3fbd2d9f03c0826977d940a2081401edf522d4jerenkrantz *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.
1d3fbd2d9f03c0826977d940a2081401edf522d4jerenkrantz [Peter Pramberger <peter pramberger.at>, Jim Jagielski]
b5cc0253789825ace46944dc9cde744be08dd77fjerenkrantz *) mod_proxy_fcgi: Add support for 'ProxyErrorOverride on'. PR 50913.
e4bb84f3c11f282d3ba66f64940b1b8e13f85e7aslive [Mark Montague <mark catseye.org>, Jim Jagielski]
e4bb84f3c11f282d3ba66f64940b1b8e13f85e7aslive *) core: Change the APIs of ap_cfg_getline() and ap_cfg_getc() to return an
e4bb84f3c11f282d3ba66f64940b1b8e13f85e7aslive error code. Abort with a nice error message if a config line is too long.
e4bb84f3c11f282d3ba66f64940b1b8e13f85e7aslive Partial fix for PR 50824. [Stefan Fritsch]
e4bb84f3c11f282d3ba66f64940b1b8e13f85e7aslive *) mod_info: Dump config to stdout during startup if -DDUMP_CONFIG is
ba2bab42e97405dc41c0f8fe3416f7f9a79ed7a9brianp specified. PR 31956. [Stefan Fritsch]
ba2bab42e97405dc41c0f8fe3416f7f9a79ed7a9brianp *) Restore visibility of DEFAULT_PIDLOG to core and modules. MPM
756b54396a86db555817bb52149d91b60d00e35fwrowe helper function ap_remove_pid() added. [Jeff Trawick]
756b54396a86db555817bb52149d91b60d00e35fwrowe *) Enable DEFAULT_REL_RUNTIMEDIR on Windows and NetWare. [various]
b4251d1fbef86f96e01c68f8de086e0dbb8bcb74trawick *) Correct C++ incompatibility with http_log.h. [Stefan Fritsch, Jeff
24efed0910118b762a4eb84830875d4714b8d315ianh *) mod_log_config: Prevent segfault. PR 50861. [Torsten Förtsch
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp in request URL path info but not decode them. Change behavior of option
bdbafc44d060509e86f0cc56ff4d19579438f846striker "On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
bdbafc44d060509e86f0cc56ff4d19579438f846striker PR 46830. [Dan Poirier]
fbd0c3dbae333ba4a7225dad2d090419ad894e4ctrawick *) mod_ssl: Check SNI hostname against Host header case-insensitively.
bdbafc44d060509e86f0cc56ff4d19579438f846striker PR 49491. [Mayank Agrawal <magrawal.08 gmail.com>]
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe *) mod_ldap: Add LDAPConnectionPoolTTL to give control over lifetime
6d0ec39a3ef89ce485f23008efa399b7b35bf1fdjwoolley of bound backend LDAP connections. PR47634 [Eric Covener]
6d0ec39a3ef89ce485f23008efa399b7b35bf1fdjwoolley *) mod_cache: Make CacheEnable and CacheDisable configurable per
6d0ec39a3ef89ce485f23008efa399b7b35bf1fdjwoolley directory in addition to per server, making them work from within
0fdf8c342123fde84405b885fb1720ebc652e10djerenkrantz a LocationMatch. [Graham Leggett]
0fdf8c342123fde84405b885fb1720ebc652e10djerenkrantz *) worker, event, prefork: Correct several issues when built as
0fdf8c342123fde84405b885fb1720ebc652e10djerenkrantz DSOs; most notably, the scoreboard was reinitialized during graceful
0fdf8c342123fde84405b885fb1720ebc652e10djerenkrantz restart, such that processes of the previous generation were not
6b87b6eee6a43f40ef6bead9ef3173979b4cd76crbb observable. [Jeff Trawick]
6b87b6eee6a43f40ef6bead9ef3173979b4cd76crbbChanges with Apache 2.3.11
6b87b6eee6a43f40ef6bead9ef3173979b4cd76crbb *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
bfd2cedbf2918fcb95daa9f850ecdf5e24765c22jerenkrantz Win32's cscript interpreter can only use a single quote as comment char.
bfd2cedbf2918fcb95daa9f850ecdf5e24765c22jerenkrantz [Guenter Knauf]
f9a773d26994c3b267589e404cdb5b760f83e888jerenkrantz *) mod_proxy: balancer-manager now uses POST instead of GET.
f9a773d26994c3b267589e404cdb5b760f83e888jerenkrantz [Jim Jagielski]
a250599aab6669d5877edf158032efd2538e5820trawick *) core: new util function: ap_parse_form_data(). Previously,
a250599aab6669d5877edf158032efd2538e5820trawick this capability was tucked away in mod_request. [Jim Jagielski]
a250599aab6669d5877edf158032efd2538e5820trawick *) core: new hook: ap_run_pre_read_request. [Jim Jagielski]
41338e6ead3fa8d60ad3841d069f4b47e71d9177wrowe *) mod_cache: When a request other than GET or HEAD arrives, we must
41338e6ead3fa8d60ad3841d069f4b47e71d9177wrowe invalidate existing cache entities as per RFC2616 13.10. PR 15868.
41338e6ead3fa8d60ad3841d069f4b47e71d9177wrowe [Graham Leggett]
92b0ffb9cbc04b3d9c7ce6becadc0c3d88dea2d9wrowe *) modules: Fix many modules that were not correctly initializing if they
92b0ffb9cbc04b3d9c7ce6becadc0c3d88dea2d9wrowe were not active during server startup but got enabled later during a
961ff00a8f1fe79a8ac8b18617b40a404e28cb35brianp graceful restart. [Stefan Fritsch]
961ff00a8f1fe79a8ac8b18617b40a404e28cb35brianp *) core: Create new ap_state_query function that allows modules to determine
92b0ffb9cbc04b3d9c7ce6becadc0c3d88dea2d9wrowe if the current configuration run is the initial one at server startup,
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe and if the server is started for testing/config dumping only.
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe [Stefan Fritsch]
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe *) mod_proxy: Runtime configuration of many parameters for existing
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe balancers via the balancer-manager. [Jim Jagielski]
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe *) mod_proxy: Runtime addition of new workers (BalancerMember) for existing
6a82dfd37385024d0e94e71edd2f46b609796cfdwrowe balancers via the balancer-manager. [Jim Jagielski]
c43fd8f8f90a7549bffe1e581eedbd087db1163estoddard *) mod_cache: When a bad Expires date is present, we need to behave as if
c43fd8f8f90a7549bffe1e581eedbd087db1163estoddard the Expires is in the past, not as if the Expires is missing. PR 16521.
a8dda281113c5038945423320d8c9b42e3d1ddb1jwoolley [Co-Advisor <coad@measurement-factory.com>]
854cc4d3451547c2359c27870a3c354ad385a49bianh *) mod_cache: We must ignore quoted-string values that appear in a
854cc4d3451547c2359c27870a3c354ad385a49bianh Cache-Control header. PR 50199. [Graham Leggett]
02ec77ed8e15b4b601de98a322e4bd8d7d3e1ec2trawick *) mod_dav: Revert change to send 501 error if unknown Content-* header is
02ec77ed8e15b4b601de98a322e4bd8d7d3e1ec2trawick received for a PUT request. PR 42978. [Stefan Fritsch]
49ada1eac7c4cae429ba193273b7f40f355d9c7ejwoolley *) mod_cache: Respect s-maxage as described by RFC2616 14.9.3, which must
49ada1eac7c4cae429ba193273b7f40f355d9c7ejwoolley take precedence if present. PR 35247. [Graham Leggett]
88425bd3442321915195ac9dfa9a80ffcd968fa4brianp *) mod_ssl: Fix a possible startup failure if multiple SSL vhosts
88425bd3442321915195ac9dfa9a80ffcd968fa4brianp are configured with the same ServerName and private key file.
88425bd3442321915195ac9dfa9a80ffcd968fa4brianp [Masahiro Matsuya <mmatsuya redhat.com>, Joe Orton]
a8dda281113c5038945423320d8c9b42e3d1ddb1jwoolley *) mod_socache_dc: Make module compile by fixing some typos.
a8dda281113c5038945423320d8c9b42e3d1ddb1jwoolley PR 50735 [Mark Montague <mark catseye.org>]
37b8494ffaeb4ee9a9a2f9917d334078c16d4212jwoolley *) prefork: Update MPM state in children during a graceful stop or
37b8494ffaeb4ee9a9a2f9917d334078c16d4212jwoolley restart. PR 41743. [Andrew Punch <andrew.punch 247realmedia.com>]
bf3d1782a29630335a1df535eb395355ab1cd154jwoolley *) mod_mime: Ignore leading dots when looking for mime extensions.
37b8494ffaeb4ee9a9a2f9917d334078c16d4212jwoolley PR 50434 [Stefan Fritsch]
da16bea08c6ff10ceb8d250ff23e8e81a372cef8jwoolley *) core: Add support to set variables with the 'Define' directive. The
99f692732327e0c200fd639105dbf9940bd229f1rbb variables that can then be used in the config using the ${VAR} syntax
99f692732327e0c200fd639105dbf9940bd229f1rbb known from envvar interpolation. [Stefan Fritsch]
80f73246cc14f02d50bfac5306c079464c2dd1c6rbb *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
80f73246cc14f02d50bfac5306c079464c2dd1c6rbb ProxyAddHeaders defaults to On. [Vincent Deffontaines]
80f73246cc14f02d50bfac5306c079464c2dd1c6rbb *) mod_slotmem_shm: Increase memory alignment for slotmem data.
80f73246cc14f02d50bfac5306c079464c2dd1c6rbb [Rainer Jung]
dcdc78fce34f06533df4829abbc726f7fbf207fejwoolley *) mod_ssl: Add config options for OCSP: SSLOCSPResponderTimeout,
dcdc78fce34f06533df4829abbc726f7fbf207fejwoolley SSLOCSPResponseMaxAge, SSLOCSPResponseTimeSkew.
d4a93d608a28bf331625544a2896fa20bef4a2b4rbb [Kaspar Brand <httpd-dev.2011 velox.ch>]
d4a93d608a28bf331625544a2896fa20bef4a2b4rbb *) mod_ssl: Revamp output buffering to reduce network overhead for
d4a93d608a28bf331625544a2896fa20bef4a2b4rbb output fragmented into many buckets, such as chunked HTTP responses.
d4a93d608a28bf331625544a2896fa20bef4a2b4rbb [Joe Orton]
36fcd3d96b9bf9a2d4af424e64584b5dede3e3e6brianp *) core: Apply <If> sections to all requests, not only to file base requests.
36fcd3d96b9bf9a2d4af424e64584b5dede3e3e6brianp Allow to use <If> inside <Directory>, <Location>, and <Files> sections.
4b34d6a5b70303010612df6c87da3ee91ae86078rbb The merging of <If> sections now happens after the merging of <Location>
4b34d6a5b70303010612df6c87da3ee91ae86078rbb sections, even if an <If> section is embedded inside a <Directory> or
4b34d6a5b70303010612df6c87da3ee91ae86078rbb <Files> section. [Stefan Fritsch]
4b34d6a5b70303010612df6c87da3ee91ae86078rbb *) mod_proxy: Refactor usage of shared data by dropping the scoreboard
4b34d6a5b70303010612df6c87da3ee91ae86078rbb and using slotmem. Create foundation for dynamic growth/changes of
4b34d6a5b70303010612df6c87da3ee91ae86078rbb members within a balancer. Remove BalancerNonce in favor of a
44d971eef4337ad80ba3d360c84ffa8188d50325trawick per-balancer 'nonce' parameter. [Jim Jagielski]
84bdb86d57d2a2f828b17e77ac2379fed551c2adtrawick *) mod_status: Don't show slots which are disabled by MaxClients as open.
84bdb86d57d2a2f828b17e77ac2379fed551c2adtrawick PR: 47022 [Jordi Prats <jordi prats gmail com>, Stefan Fritsch]
46603605c2edcc1cc84fa45634e19a395134078atrawick *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and
46603605c2edcc1cc84fa45634e19a395134078atrawick AP_MPMQ_MAX_THREADS.
46603605c2edcc1cc84fa45634e19a395134078atrawick *) mod_authz_core: Fix bug in merging logic if user-based and non-user-based
86826d685f83170ca07d56550db9f0c2922a916btrawick authorization directives were mixed. [Stefan Fritsch]
86826d685f83170ca07d56550db9f0c2922a916btrawick *) mod_authn_socache: change directive name from AuthnCacheProvider
86826d685f83170ca07d56550db9f0c2922a916btrawick to AuthnCacheProvideFor. The term "provider" is overloaded in
86826d685f83170ca07d56550db9f0c2922a916btrawick this module, and we should avoid confusion between the provider
4f412c60e9c2af999619d11b236068a0e0e94944trawick of a backend (AuthnCacheSOCache) and the authn provider(s) for
4f412c60e9c2af999619d11b236068a0e0e94944trawick which this module provides cacheing (AuthnCacheProvideFor).
4f6effa17a5084085c9104b0bb97c2ba1622cfa6jerenkrantz *) mod_proxy_http: Allocate the fake backend request from a child pool
4f6effa17a5084085c9104b0bb97c2ba1622cfa6jerenkrantz of the backend connection, instead of misusing the pool of the frontend
4f6effa17a5084085c9104b0bb97c2ba1622cfa6jerenkrantz request. Fixes a thread safety issue where buckets set aside in the
bfa5c37259833629155d486bb1571d39a57de64dbnicholes backend connection leak into other threads, and then disappear when
bfa5c37259833629155d486bb1571d39a57de64dbnicholes the frontend request is cleaned up, in turn causing corrupted buckets
bfa5c37259833629155d486bb1571d39a57de64dbnicholes to make other threads spin. [Graham Leggett]
a946a7e607c21cf6068e7380d7e81cc2bf027913trawick *) mod_ssl: Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables
da16bea08c6ff10ceb8d250ff23e8e81a372cef8jwoolley to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley escape other special characters with backslashes. The old format can
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley still be used with the LegacyDNStringFormat argument to SSLOptions.
e59e4b703b7e19c4b35030e4baac8a96a8d4b504dougm *) core, mod_rewrite: Make the REQUEST_SCHEME variable available to
e59e4b703b7e19c4b35030e4baac8a96a8d4b504dougm scripts and mod_rewrite. [Stefan Fritsch]
5717c6b0b97a065a84fba32cebeee959a5fe4f15dougm *) mod_rewrite: Allow to use arbitrary boolean expressions (ap_expr) in
5717c6b0b97a065a84fba32cebeee959a5fe4f15dougm RewriteCond. [Stefan Fritsch]
5717c6b0b97a065a84fba32cebeee959a5fe4f15dougm *) mod_rewrite: Allow to unset environment variables using E=!VAR.
5717c6b0b97a065a84fba32cebeee959a5fe4f15dougm PR 49512. [Mark Drayton <mark markdrayton info>, Stefan Fritsch]
835836eaf9e2a23192a262307b08f626e50e2180trawick *) mod_headers: Restore the 2.3.8 and earlier default for the first
835836eaf9e2a23192a262307b08f626e50e2180trawick argument of the Header directive ("onsuccess"). [Eric Covener]
81dddb023f9dd43b350f782972c1f75a88a2d93ftrawick *) core: Disallow the mixing of relative and absolute Options PR 33708.
81dddb023f9dd43b350f782972c1f75a88a2d93ftrawick [Sönke Tesch <st kino-fahrplan.de>]
9b9e0eca165f5f464e357bb2a9b8bbfc9621067cwrowe *) core: When exporting request headers to HTTP_* environment variables,
9b9e0eca165f5f464e357bb2a9b8bbfc9621067cwrowe drop variables whose names contain invalid characters. Describe in the
9b9e0eca165f5f464e357bb2a9b8bbfc9621067cwrowe docs how to restore the old behaviour. [Malte S. Stretz <mss apache org>]
9b9e0eca165f5f464e357bb2a9b8bbfc9621067cwrowe *) core: When selecting an IP-based virtual host, favor an exact match for
9b9e0eca165f5f464e357bb2a9b8bbfc9621067cwrowe the port over a wildcard (or omitted) port instead of favoring the one
b26781e595625911fc8fc8215133ad2285ed75d8jim that came first in the configuration file. [Eric Covener]
b26781e595625911fc8fc8215133ad2285ed75d8jim *) core: Overlapping virtual host address/port combinations now implicitly
5117466ef123b1efbc2feba168f37069ef6f230bianh enable name-based virtual hosting for that address. The NameVirtualHost
5117466ef123b1efbc2feba168f37069ef6f230bianh directive has no effect, and _default_ is interpreted the same as "*".
5117466ef123b1efbc2feba168f37069ef6f230bianh [Eric Covener]
9c39f8fb982df4dbce5304e49385568e6d35bfa8trawick *) core: In the absence of any Options directives, the default is now
9c39f8fb982df4dbce5304e49385568e6d35bfa8trawick "FollowSymlinks" instead of "All". [Igor Galić]
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe *) rotatelogs: Add -e option to write logs through to stdout for optional
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe further processing. [Graham Leggett]
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe *) mod_ssl: Correctly read full lines in input filter when the line is
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe incomplete during first read. PR 50481. [Ruediger Pluem]
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
bdd4aa13a97de79596cd19708f1516e8fa92700ewrowe sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
1d50c90ddb7e3d144ec8a2bd848ca1e7bbf8e534bnicholes fails for an authenticated user. PR 40721. [Stefan Fritsch]
24e361af20a3107dc934b4895911ce6bcce0603ejwoolleyChanges with Apache 2.3.10
24e361af20a3107dc934b4895911ce6bcce0603ejwoolley *) mod_rewrite: Don't implicitly URL-escape the original query string
4657f9b12af4b123b80e15c73fa03c190e47a8bftrawick when no substitution has changed it. PR 50447. [Eric Covener]
4657f9b12af4b123b80e15c73fa03c190e47a8bftrawick *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
4657f9b12af4b123b80e15c73fa03c190e47a8bftrawick such as per-directory mod_rewrite substitutions. PR 50349.
c36bac9a918f59b2dbf5dcd7d67b50c1da04c89drbb [Eric Covener]
c36bac9a918f59b2dbf5dcd7d67b50c1da04c89drbb *) mod_rewrite: Add 'RewriteOptions InheritBefore' to put the base
c36bac9a918f59b2dbf5dcd7d67b50c1da04c89drbb rules/conditions before the overridden rules/conditions. PR 39313.
ad668861e40da485f2eea24dc4c1f9940e470698rbb *) mod_autoindex: add IndexIgnoreReset to reset the list of IndexIgnored
ad668861e40da485f2eea24dc4c1f9940e470698rbb filenames in higher precedence configuration sections. PR 24243.
ad668861e40da485f2eea24dc4c1f9940e470698rbb [Eric Covener]
89211a5d592cdf0170d2b541946661b1a2a279c5trawick *) mod_cgid: RLimit* directive support for mod_cgid. PR 42135
89211a5d592cdf0170d2b541946661b1a2a279c5trawick [Eric Covener]
89211a5d592cdf0170d2b541946661b1a2a279c5trawick *) core: Fail startup when the argument to ServerName looks like a glob
5caa0a5c428439b566a4fcc711747e2053bcfd1ajerenkrantz or a regular expression instead of a hostname (*?[]). PR 39863
34d672a81f3e72f30568462135ddf6d71dcfa8d8bnicholes *) mod_userdir: Add merging of enable, disable, and filename arguments
34d672a81f3e72f30568462135ddf6d71dcfa8d8bnicholes to UserDir directive, leaving enable/disable of userlists unmerged.
34d672a81f3e72f30568462135ddf6d71dcfa8d8bnicholes PR 44076 [Eric Covener]
b1d2d2797866636f792717f96401292481697145wrowe *) httpd: When no -k option is provided on the httpd command line, the server
b1d2d2797866636f792717f96401292481697145wrowe was starting without checking for an existing pidfile. PR 50350
b1d2d2797866636f792717f96401292481697145wrowe [Eric Covener]
b1d2d2797866636f792717f96401292481697145wrowe *) mod_proxy: Put the worker in error state if the SSL handshake with the
b1d2d2797866636f792717f96401292481697145wrowe backend fails. PR 50332.
b1d2d2797866636f792717f96401292481697145wrowe [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
4a98c07ecf4f27a9b18963bbe85260857664d03bjerenkrantz *) mod_cache_disk: Fix Windows build which was broken after renaming
4a98c07ecf4f27a9b18963bbe85260857664d03bjerenkrantz the module. [Gregg L. Smith]
b24d065530fdf97376f390522396be5a4469fcf4jerenkrantzChanges with Apache 2.3.9
b24d065530fdf97376f390522396be5a4469fcf4jerenkrantz *) SECURITY: CVE-2010-1623 (cve.mitre.org)
a981bcb9c3b780184e75ff069d67fe84da6c3d3dbnicholes Fix a denial of service attack against mod_reqtimeout.
a981bcb9c3b780184e75ff069d67fe84da6c3d3dbnicholes [Stefan Fritsch]
a981bcb9c3b780184e75ff069d67fe84da6c3d3dbnicholes *) mod_headers: Change default first argument of Header directive
a981bcb9c3b780184e75ff069d67fe84da6c3d3dbnicholes from "onsuccess" to "always". [Eric Covener]
b5fe023e1cf0aa3d15a3bf2e237891e837980feastoddard *) mod_include: Add the onerror attribute to the include element,
b2cff333bc23b8e74c6aad9ee97973df02cca180aaron allowing an URL to be specified to include on error. [Graham
7eb55be5bcc75f2acf789aeca38d88a9c75d001ejwoolley *) mod_cache_disk: mod_disk_cache renamed to mod_cache_disk, to be
7eb55be5bcc75f2acf789aeca38d88a9c75d001ejwoolley consistent with the naming of other modules. [Graham Leggett]
d31e50dddb975275ef388ab64e380b6d4e5d9710jerenkrantz *) mod_setenvif: Add SetEnvIfExpr directive to set env var depending on
d31e50dddb975275ef388ab64e380b6d4e5d9710jerenkrantz expression. [Stefan Fritsch]
d31e50dddb975275ef388ab64e380b6d4e5d9710jerenkrantz *) mod_proxy: Fix ProxyPassInterpolateEnv directive. PR 50292.
d5eaaee4a1e5faaf21e7111fd61732c6e7dbe8b2jwoolley [Stefan Fritsch]
d5eaaee4a1e5faaf21e7111fd61732c6e7dbe8b2jwoolley *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley binary (Suexec Off), or force startup failure if suEXEC is required
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley but not supported (Suexec On). Change SuexecUserGroup to fail
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley startup instead of just printing a warning if suEXEC is disabled.
c88a70518d7d0b5bccb22a68d446c2d6589790dcjwoolley [Jeff Trawick]
c64c364bf863ad985309ef10d68caaa93e8d09ccstoddard *) core: Add Error directive for aborting startup or htaccess processing
c64c364bf863ad985309ef10d68caaa93e8d09ccstoddard with a specified error message. [Jeff Trawick]
d8d240df2f2b23455be6b01343daedebaa6c4f96trawick *) mod_rewrite: Fix the RewriteEngine directive to work within a
d8d240df2f2b23455be6b01343daedebaa6c4f96trawick location. Previously, once RewriteEngine was switched on globally,
d8d240df2f2b23455be6b01343daedebaa6c4f96trawick it was impossible to switch off. [Graham Leggett]
d8d240df2f2b23455be6b01343daedebaa6c4f96trawick *) core, mod_include, mod_ssl: Move the expression parser derived from
b5b5e8cc4668ab29d8f08f590d829dcfaeda9d33brianp mod_include back into mod_include. Replace ap_expr with a parser
b5b5e8cc4668ab29d8f08f590d829dcfaeda9d33brianp derived from mod_ssl's parser. Make mod_ssl use the new parser. Rework
b5b5e8cc4668ab29d8f08f590d829dcfaeda9d33brianp ap_expr's public interface and provide hooks for modules to add variables
e2653756d0d14a9a620b24bd04a6ab1182178462brianp and functions. [Stefan Fritsch]
e2653756d0d14a9a620b24bd04a6ab1182178462brianp *) core: Do the hook sorting earlier so that the hooks are properly sorted
d980a97cfc68de0ef35432ce03f1c1e468a19877jwoolley for the pre_config hook and during parsing the config. [Stefan Fritsch]
d980a97cfc68de0ef35432ce03f1c1e468a19877jwoolley *) core: In the absence of any AllowOverride directives, the default is now
d980a97cfc68de0ef35432ce03f1c1e468a19877jwoolley "None" instead of "All". PR49823 [Eric Covener]
d980a97cfc68de0ef35432ce03f1c1e468a19877jwoolley *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
aa3510b82ec5d82ddbf4748829ec90f1ce71398ebrianp <Directory> or <Files>. PR47765 [Eric Covener]
aa3510b82ec5d82ddbf4748829ec90f1ce71398ebrianp *) prefork/worker/event MPMS: default value (when no directive is present)
51b1d7f8eaa74807ab14479edde4421e77f5d1d7brianp of MaxConnectionsPerChild/MaxRequestsPerChild is changed to 0 from 10000
51b1d7f8eaa74807ab14479edde4421e77f5d1d7brianp to match default configuration and manual. PR47782 [Eric Covener]
08aff55373b2ae69182a58055a5c1b3a12d927b0slive *) proxy_connect: Don't give up in the middle of a CONNECT tunnel
08aff55373b2ae69182a58055a5c1b3a12d927b0slive when the child process is starting to exit. PR50220. [Eric Covener]
4f50bfb0367b91396c0fe85b80536b760080d39etrawick *) mod_autoindex: Fix inheritance of mod_autoindex directives into
4f50bfb0367b91396c0fe85b80536b760080d39etrawick contexts that don't have any mod_autoindex directives. PR47766.
5a63340978acb9dd7e87724be57d2bde1cf1f629trawick [Eric Covener]
5a63340978acb9dd7e87724be57d2bde1cf1f629trawick *) mod_rewrite: Add END flag for RewriteRule to prevent further rounds
9f7325ecad575cf77ab76b01beaaf339a63490b5trawick of rewrite processing when a per-directory substitution occurs.
8565f742f1ee3d514b2d48a1f2a5af5d7437c3b9trawick [Eric Covener]
8565f742f1ee3d514b2d48a1f2a5af5d7437c3b9trawick *) mod_ssl: Make sure to always log an error if loading of CA certificates
8843b75d1c70af3da9a7306c4aede3b3e9346deajwoolley fails. PR 40312. [Paul Tiemann <issues apache org ourdetour com>]
8843b75d1c70af3da9a7306c4aede3b3e9346deajwoolley *) mod_dav: Send 501 error if unknown Content-* header is received for a PUT
8843b75d1c70af3da9a7306c4aede3b3e9346deajwoolley request (RFC 2616 9.6). PR 42978. [Stefan Fritsch]
dcecfbe7e63603d0fb95e4811e015039e9401990stoddard *) mod_dav: Send 400 error if malformed Content-Range header is received for
dcecfbe7e63603d0fb95e4811e015039e9401990stoddard a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]
0c7592379b55b7736dd70d2d87f53af9a2347614jerenkrantz *) mod_proxy: Release the backend connection as soon as EOS is detected,
4844d314b0b6e55a309621b84c1786446c5fb418ianh so the backend isn't forced to wait for the client to eventually
4844d314b0b6e55a309621b84c1786446c5fb418ianh acknowledge the data. [Graham Leggett]
127c81d6b2c9ba8932273c2e1b13e3ea3d673b07trawick *) mod_proxy: Optimise ProxyPass within a Location so that it is stored
127c81d6b2c9ba8932273c2e1b13e3ea3d673b07trawick per-directory, and chosen during the location walk. Make ProxyPass
127c81d6b2c9ba8932273c2e1b13e3ea3d673b07trawick work correctly from within a LocationMatch. [Graham Leggett]
59d01b9ed1de043745262e49bb44bde7095c4723jwoolley *) core: Fix segfault if per-module LogLevel is on virtual host
59d01b9ed1de043745262e49bb44bde7095c4723jwoolley scope. PR 50117. [Stefan Fritsch]
59d01b9ed1de043745262e49bb44bde7095c4723jwoolley *) mod_proxy: Move the ProxyErrorOverride directive to have per
59d01b9ed1de043745262e49bb44bde7095c4723jwoolley directory scope. [Graham Leggett]
e6e65585927961caf45d4e9e932bb1f4e9e89ca1jerenkrantz *) mod_allowmethods: New module to deny certain HTTP methods without
e6e65585927961caf45d4e9e932bb1f4e9e89ca1jerenkrantz interfering with authentication/authorization. [Paul Querna,
b068b71651c802cc4e0b835495ad0e41c65e1174trawick Igor Galić, Stefan Fritsch]
b068b71651c802cc4e0b835495ad0e41c65e1174trawick *) mod_ssl: Log certificate information and improve error message if client
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe cert verification fails. PR 50093, PR 50094. [Lassi Tuura <lat cern ch>,
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe Stefan Fritsch]
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe *) htcacheclean: Teach htcacheclean to limit cache size by number of
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe inodes in addition to size of files. Prevents a cache disk from
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe running out of space when many small files are cached.
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe [Graham Leggett]
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe *) core: Rename MaxRequestsPerChild to MaxConnectionsPerChild, which
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe describes more accurately what the directive does. The old name
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe still works but logs a warning. [Stefan Fritsch]
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe *) mod_cache: Optionally serve stale data when a revalidation returns a
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe 5xx response, controlled by the CacheStaleOnError directive.
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe [Graham Leggett]
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe *) htcacheclean: Allow the listing of valid URLs within the cache, with
34a1e566d4af2735c87e2d3e6ac5e505855518aawrowe the option to list entry metadata such as sizes and times. [Graham
dd39efc1f7ed97cf526aefa24359f0be2ac5c3f4trawick *) mod_cache: correctly parse quoted strings in cache headers.
dd39efc1f7ed97cf526aefa24359f0be2ac5c3f4trawick PR 50199 [Nick Kew]
f53367106769f90696d9c1f0ffcf9fbb4db883c2jerenkrantz *) mod_cache: Allow control over the base URL of reverse proxied requests
f53367106769f90696d9c1f0ffcf9fbb4db883c2jerenkrantz using the CacheKeyBaseURL directive, so that the cache key can be
f53367106769f90696d9c1f0ffcf9fbb4db883c2jerenkrantz calculated from the endpoint URL instead of the server URL. [Graham
9a940e8e90f9b163737e23bbf72a3f2c67a39220brianp *) mod_cache: CacheLastModifiedFactor, CacheStoreNoStore, CacheStorePrivate,
8496c88debb9962575dac2b1ef9b81984d7bd759brianp CacheStoreExpired, CacheIgnoreNoLastMod, CacheDefaultExpire,
8496c88debb9962575dac2b1ef9b81984d7bd759brianp CacheMinExpire and CacheMaxExpire can be set per directory/location.
8496c88debb9962575dac2b1ef9b81984d7bd759brianp [Graham Leggett]
7c8747b339a5e47ea8301907051a9974d15b23b7brianp *) mod_disk_cache: CacheMaxFileSize, CacheMinFileSize, CacheReadSize and
7c8747b339a5e47ea8301907051a9974d15b23b7brianp CacheReadTime can be set per directory/location. [Graham Leggett]
98f81eac9530d487f05013cda9df99755bb59689trawick *) core: Speed up config parsing if using a very large number of config
0b493ad526b8bbc2ff21ce19510fc32238abb816jwoolley files. PR 50002 [andrew cloudaccess net]
0b493ad526b8bbc2ff21ce19510fc32238abb816jwoolley *) mod_cache: Support the caching of HEAD requests. [Graham Leggett]
1376737cb6afa24d3e12f3a223318fe1bd71bb1fslive *) htcacheclean: Allow the option to round up file sizes to a given
1376737cb6afa24d3e12f3a223318fe1bd71bb1fslive block size, improving the accuracy of disk usage. [Graham Leggett]
1376737cb6afa24d3e12f3a223318fe1bd71bb1fslive *) mod_ssl: Add authz providers for use with mod_authz_core and its
ec1719a5748717f67dcd279bb64bd0da424ae450jerenkrantz RequireAny/RequireAll containers: 'ssl' (equivalent to SSLRequireSSL),
ec1719a5748717f67dcd279bb64bd0da424ae450jerenkrantz 'ssl-verify-client' (for use with 'SSLVerifyClient optional'), and
ec1719a5748717f67dcd279bb64bd0da424ae450jerenkrantz 'ssl-require' (expressions with same syntax as SSLRequire).
dea9ded7417a8328f8fce5d57eca9d7af5500520trawick [Stefan Fritsch]
3f0220bf6e864d982a10348c9cc269bfe798d65eaaron *) mod_ssl: Make the ssl expression parser thread-safe. It now requires
3f0220bf6e864d982a10348c9cc269bfe798d65eaaron bison instead of yacc. [Stefan Fritsch]
3f0220bf6e864d982a10348c9cc269bfe798d65eaaron *) mod_disk_cache: Change on-disk header file format to support the
75d133afee2e3636b07366fd62102b13b67b1b1djerenkrantz link of the device/inode of the data file to the matching header
75d133afee2e3636b07366fd62102b13b67b1b1djerenkrantz file, and to support the option of not writing a data file when
75d133afee2e3636b07366fd62102b13b67b1b1djerenkrantz the data file is empty. [Graham Leggett]
2ae7ad6f58b7e3188ed4bd375a8930808529ba71jwoolley *) core/mod_unique_id: Add generate_log_id hook to allow to use
2ae7ad6f58b7e3188ed4bd375a8930808529ba71jwoolley the ID generated by mod_unique_id as error log ID for requests.
2ae7ad6f58b7e3188ed4bd375a8930808529ba71jwoolley [Stefan Fritsch]
5b30f835d627766b024500189c35bb55e686e890brianp *) mod_cache: Make sure that we never allow a 304 Not Modified response
5b30f835d627766b024500189c35bb55e686e890brianp that we asked for to leak to the client should the 304 response be
d45481dadf7f1f0ffd95b38b1c5b0ea6b2d57888jerenkrantz uncacheable. PR45341 [Graham Leggett]
d45481dadf7f1f0ffd95b38b1c5b0ea6b2d57888jerenkrantz *) mod_cache: Add the cache_status hook to register the final cache
0c7592379b55b7736dd70d2d87f53af9a2347614jerenkrantz decision hit/miss/revalidate. Add optional support for an X-Cache
0c7592379b55b7736dd70d2d87f53af9a2347614jerenkrantz and/or an X-Cache-Detail header to add the cache status to the
0c7592379b55b7736dd70d2d87f53af9a2347614jerenkrantz response. PR48241 [Graham Leggett]
6d62bc22f8f22a43e66e2e4d8860a5a144316b1astoddard *) mod_authz_host: Add 'local' provider that matches connections originating
6d62bc22f8f22a43e66e2e4d8860a5a144316b1astoddard on the local host. PR 19938. [Stefan Fritsch]
71eda8b1c14e4d0adb2f294f22299587cd3d74a9striker *) Event MPM: Fix crash accessing pollset on worker thread when child
71eda8b1c14e4d0adb2f294f22299587cd3d74a9striker process is exiting. [Jeff Trawick]
922c0ad0014590bb10d13674012683eef44c0bbarederpj *) core: For process invocation (cgi, fcgid, piped loggers and so forth)
922c0ad0014590bb10d13674012683eef44c0bbarederpj pass the system library path (LD_LIBRARY_PATH or platform-specific
922c0ad0014590bb10d13674012683eef44c0bbarederpj variables) along with the system PATH, by default. Both should be
aec964227053fab7e59deb26709b94726ce67224rederpj overridden together as desired using PassEnv etc; see mod_env.
aec964227053fab7e59deb26709b94726ce67224rederpj [William Rowe]
aec964227053fab7e59deb26709b94726ce67224rederpj *) mod_cache: Introduce CacheStoreExpired, to allow administrators to
1e27f530f81c6058d1a11944ae1e2da45977fc7bjerenkrantz capture a stale backend response, perform If-Modified-Since requests
1e27f530f81c6058d1a11944ae1e2da45977fc7bjerenkrantz against the backend, and serving from the cache all 304 responses.
1e27f530f81c6058d1a11944ae1e2da45977fc7bjerenkrantz This restores pre-2.2.4 cache behavior. [William Rowe]
469549ac22c6f7b9ecdd9df2565925563e4df84djwoolley *) mod_rewrite: Introduce <=, >= string comparison operators, and integer
469549ac22c6f7b9ecdd9df2565925563e4df84djwoolley comparators -lt, -le, -eq, -ge, and -gt. To help bash users and drop
469549ac22c6f7b9ecdd9df2565925563e4df84djwoolley the ambiguity of the symlink test "-ltest", introduce -h or -L as
469549ac22c6f7b9ecdd9df2565925563e4df84djwoolley symlink test operators. [William Rowe]
7a9f3bef545b0bbc93c2ed758119b0d2e2647c31trawick *) mod_cache: Give the cache provider the opportunity to choose to cache
7a9f3bef545b0bbc93c2ed758119b0d2e2647c31trawick or not cache based on the buckets present in the brigade, such as the
0be05c658c7e6e5a05fd2d4068d8ac0f030d4752jwoolley presence of a FILE bucket.
0be05c658c7e6e5a05fd2d4068d8ac0f030d4752jwoolley [Graham Leggett]
223b367115aefc20f1c32fe2d4e2bfcc4bfe108fjwoolley *) mod_authz_core: Allow authz providers to check args while reading the
223b367115aefc20f1c32fe2d4e2bfcc4bfe108fjwoolley config and allow to cache parsed args. Move 'all' and 'env' authz
223b367115aefc20f1c32fe2d4e2bfcc4bfe108fjwoolley providers from mod_authz_host to mod_authz_core. Add 'method' authz
223b367115aefc20f1c32fe2d4e2bfcc4bfe108fjwoolley provider depending on the HTTP method. [Stefan Fritsch]
639cf068707865a81ad2c610e72d57b043d20dd6wrowe *) mod_include: Move the request_rec within mod_include to be
639cf068707865a81ad2c610e72d57b043d20dd6wrowe exposed within include_ctx_t. [Graham Leggett]
f3f0c2a5f6009d06350341219d1f38a1644708bcbrianp *) mod_include: Reinstate support for UTF-8 character sets by allowing a
f3f0c2a5f6009d06350341219d1f38a1644708bcbrianp variable being echoed or set to be decoded and then encoded as separate
f3f0c2a5f6009d06350341219d1f38a1644708bcbrianp steps. PR47686 [Graham Leggett]
33b095d35c5dac22358ce63c32635ab59ce7cb25aaron *) mod_cache: Add a discrete commit_entity() provider function within the
33b095d35c5dac22358ce63c32635ab59ce7cb25aaron mod_cache provider interface which is called to indicate to the
33b095d35c5dac22358ce63c32635ab59ce7cb25aaron provider that caching is complete, giving the provider the opportunity
33b095d35c5dac22358ce63c32635ab59ce7cb25aaron to commit temporary files permanently to the cache in an atomic
100e6f5dec61d108494565f8f3bfa894afadc33ajerenkrantz fashion. Replace the inconsistent use of error cleanups with a formal
100e6f5dec61d108494565f8f3bfa894afadc33ajerenkrantz set of pool cleanups attached to a subpool, which is destroyed on error.
100e6f5dec61d108494565f8f3bfa894afadc33ajerenkrantz [Graham Leggett]
5d5d5ca04c57c7ab865924f4648e8f80de27adfebrianp *) mod_cache: Change the signature of the store_body() provider function
5d5d5ca04c57c7ab865924f4648e8f80de27adfebrianp within the mod_cache provider interface to support an "in" brigade
4f3ec2ec53c7ca5ca308d85e2e0beb933a2fd0f9aaron and an "out" brigade instead of just a single input brigade. This
4f3ec2ec53c7ca5ca308d85e2e0beb933a2fd0f9aaron gives a cache provider the option to consume only part of the brigade
4f3ec2ec53c7ca5ca308d85e2e0beb933a2fd0f9aaron passed to it, rather than the whole brigade as was required before.
4f3ec2ec53c7ca5ca308d85e2e0beb933a2fd0f9aaron This fixes an out of memory and a request timeout condition that would
4f3ec2ec53c7ca5ca308d85e2e0beb933a2fd0f9aaron occur when the original document was a large file. Introduce
3c0c3ae288166a8736593093c636768702abf263aaron CacheReadSize and CacheReadTime directives to mod_disk_cache to control
3c0c3ae288166a8736593093c636768702abf263aaron the amount of data to attempt to cache at a time. [Graham Leggett]
b8a843847aae3d9a1838fb8f1de84cd66212f48atrawick *) core: Add ErrorLogFormat to allow configuring error log format, including
b8a843847aae3d9a1838fb8f1de84cd66212f48atrawick additional information that is logged once per connection or request. Add
c8411888a54dd5dbfd8a5d337ebf0e911a789063trawick error log IDs for connections and request to allow correlating error log
c8411888a54dd5dbfd8a5d337ebf0e911a789063trawick lines and the corresponding access log entry. [Stefan Fritsch]
28caffb98f18c0b9562ac20870f7ab91f3d9a01fjerenkrantz *) core: Disable sendfile by default. [Stefan Fritsch]
28caffb98f18c0b9562ac20870f7ab91f3d9a01fjerenkrantz *) mod_cache: Check the request to determine whether we are allowed
d757628a07145aa711ba75b4e7c7c01a33133ca1jerenkrantz to return cached content at all, and respect a "Cache-Control:
d757628a07145aa711ba75b4e7c7c01a33133ca1jerenkrantz no-cache" header from a client. Previously, "no-cache" would
d757628a07145aa711ba75b4e7c7c01a33133ca1jerenkrantz behave like "max-age=0". [Graham Leggett]
1585c2979d749ee71edb6a1d57bc9ff6db12a426jerenkrantz *) mod_cache: Use a proper filter context to hold filter data instead
1585c2979d749ee71edb6a1d57bc9ff6db12a426jerenkrantz of misusing the per-request configuration. Fixes a segfault on trunk
6bdb2c094666367615890147775bb18761216c8dminfrin when the normal handler is used. [Graham Leggett]
6bdb2c094666367615890147775bb18761216c8dminfrin *) mod_cgid: Log a warning if the ScriptSock path is truncated because
c069757188a3cd9ab19b05169b005a824b60b6fcaaron it is too long. PR 49388. [Stefan Fritsch]
c069757188a3cd9ab19b05169b005a824b60b6fcaaron *) vhosts: Do not allow _default_ in NameVirtualHost, or mixing *
c069757188a3cd9ab19b05169b005a824b60b6fcaaron and non-* ports on NameVirtualHost, or multiple NameVirtualHost
c069757188a3cd9ab19b05169b005a824b60b6fcaaron directives for the same address:port, or NameVirtualHost
11ce97701b22d795fd1a5ec3769a3367bc220921wrowe directives with no matching VirtualHosts, or multiple ip-based
11ce97701b22d795fd1a5ec3769a3367bc220921wrowe VirtualHost sections for the same address:port. These were
11ce97701b22d795fd1a5ec3769a3367bc220921wrowe previously accepted with a warning, but the behavior was
11ce97701b22d795fd1a5ec3769a3367bc220921wrowe undefined. [Dan Poirier]
6cdd5cd95d8323de5cfb912d8fc0df8c5e3d02cejerenkrantz *) mod_remoteip: Fix a segfault when using mod_remoteip in conjunction with
e45d7d4ca98387c2898f8302bafb31e3b4f5a5d8jwoolley Allow/Deny. PR 49838. [Andrew Skalski <voltara gmail.com>]
239ab9d14d3851c2efc1312b3b42c838073533f4jerenkrantz *) core: DirectoryMatch can now match on the end of line character ($),
239ab9d14d3851c2efc1312b3b42c838073533f4jerenkrantz and sub-directories of matched directories are no longer implicitly
239ab9d14d3851c2efc1312b3b42c838073533f4jerenkrantz matched. PR49809 [Eric Covener]
c5fb76caa5498c60b991fcba8dfbf3c229f0f4d5rbb *) Regexps: introduce new higher-level regexp utility including parsing
c5fb76caa5498c60b991fcba8dfbf3c229f0f4d5rbb and executing perl-style regexp ops (e.g s/foo/bar/i) and regexp memory
c5fb76caa5498c60b991fcba8dfbf3c229f0f4d5rbb [Nick Kew]
c5fb76caa5498c60b991fcba8dfbf3c229f0f4d5rbb *) Proxy: support setting source address. PR 29404
c5fb76caa5498c60b991fcba8dfbf3c229f0f4d5rbb [Multiple contributors iterating through bugzilla,
b9cf7102006ac2ccfebcb78174585986ff127ba9jwoolley Aron Ujvari <xanco nikhok.hu>, Aleksey Midenkov <asm uezku.kemsu.ru>,
b9cf7102006ac2ccfebcb78174585986ff127ba9jwoolley <dan listening-station.net; trunk version Nick Kew]
2b13bc45632d72cdf50ac42149e4fc8bc0d05bf2stoddard *) HTTP protocol: return 400 not 503 if we have to abort due to malformed
2b13bc45632d72cdf50ac42149e4fc8bc0d05bf2stoddard chunked encoding. [Nick Kew]
2b13bc45632d72cdf50ac42149e4fc8bc0d05bf2stoddardChanges with Apache 2.3.8
2b13bc45632d72cdf50ac42149e4fc8bc0d05bf2stoddard *) suexec: Support large log files. PR 45856. [Stefan Fritsch]
52617e76a53b1d90da027a5311790e1ccef8f60ftrawick *) core: Abort with sensible error message if no or more than one MPM is
b584ec31a47334b1253f4a5ad73f023336ab2f28jwoolley loaded. [Stefan Fritsch]
b584ec31a47334b1253f4a5ad73f023336ab2f28jwoolley *) mod_proxy: Rename erroronstatus to failonstatus.
b584ec31a47334b1253f4a5ad73f023336ab2f28jwoolley [Daniel Ruggeri <DRuggeri primary.net>]
7ac88dc1ac207b9a434fd76c0406651d68018d69rederpj *) mod_dav_fs: Fix broken "creationdate" property.
7ac88dc1ac207b9a434fd76c0406651d68018d69rederpj Regression in version 2.3.7. [Rainer Jung]
52617e76a53b1d90da027a5311790e1ccef8f60ftrawickChanges with Apache 2.3.7
d157b208942316e96c34fa8b2222ed4cc2e56783trawick *) SECURITY: CVE-2010-1452 (cve.mitre.org)
d157b208942316e96c34fa8b2222ed4cc2e56783trawick mod_dav, mod_cache, mod_session: Fix Handling of requests without a path
d157b208942316e96c34fa8b2222ed4cc2e56783trawick segment. PR: 49246 [Mark Drayton, Jeff Trawick]
dc903d97a896d4e414efb1cb49f22ce00a49f070trawick *) mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076.
dc903d97a896d4e414efb1cb49f22ce00a49f070trawick [Stefan Fritsch]
dc903d97a896d4e414efb1cb49f22ce00a49f070trawick *) mod_rewrite: Log errors if rewrite map files cannot be opened. PR 49639.
dc903d97a896d4e414efb1cb49f22ce00a49f070trawick [Stefan Fritsch]
dc903d97a896d4e414efb1cb49f22ce00a49f070trawick *) mod_proxy_http: Support the 'ping' property for backend HTTP/1.1 servers
68f803c489cf61918fb4e61745fcd1e0cc980541jerenkrantz via leveraging 100-Continue as the initial "request".
68f803c489cf61918fb4e61745fcd1e0cc980541jerenkrantz [Jim Jagielski]
15405e91bb3fad5a80f7abe828a00b44a3a65bf8jerenkrantz *) core/mod_authz_core: Introduce new access_checker_ex hook that enables
15405e91bb3fad5a80f7abe828a00b44a3a65bf8jerenkrantz mod_authz_core to bypass authentication if access should be allowed by
15405e91bb3fad5a80f7abe828a00b44a3a65bf8jerenkrantz IP address/env var/... [Stefan Fritsch]
f905b21d99b264dbf26acc30b430ebe92838cdcejerenkrantz *) core: Introduce note_auth_failure hook to allow modules to add support
f905b21d99b264dbf26acc30b430ebe92838cdcejerenkrantz for additional auth types. This makes ap_note_auth_failure() work with
0e2340134f2336b98c92d7f157fb65d0a6f477d4stoddard mod_auth_digest again. PR 48807. [Stefan Fritsch]
431d6106eaf796cc8dfa8cb0db2b180dd93ed6dftrawick *) socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
b3edf21d591bfd0e64bbec0dda73c0e41d7ecdb6wrowe *) mod_authn_socache: new module [Nick Kew]
b3edf21d591bfd0e64bbec0dda73c0e41d7ecdb6wrowe *) configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]
b3edf21d591bfd0e64bbec0dda73c0e41d7ecdb6wrowe *) Fix Windows build when using VC6. [Gregg L. Smith <lists glewis com>]
5d238058bc748dfa13ff21890ae4a58481e3be89jerenkrantz *) mod_rewrite: Allow to set environment variables without explicitly
5d238058bc748dfa13ff21890ae4a58481e3be89jerenkrantz giving a value. [Rainer Jung]
9282327b0ffe8981d39835130dfb334af192b508jerenkrantz *) mod_rewrite: Remove superfluous EOL from rewrite logging. [Rainer Jung]
8fcaadcb287f361bb304d53a69d508500840fafcjerenkrantz *) mod_include: recognise "text/html; parameters" as text/html
8fcaadcb287f361bb304d53a69d508500840fafcjerenkrantz PR 49616 [Andrey Chernov <ache nagual.pp.ru>]
8fcaadcb287f361bb304d53a69d508500840fafcjerenkrantz *) CGI vars: allow PATH to be set by SetEnv, consistent with LD_LIBRARY_PATH
8af88bd6958b80c224e964892b8237720b13ab1ajerenkrantz PR 43906 [Nick Kew]
8af88bd6958b80c224e964892b8237720b13ab1ajerenkrantz *) Core: Extra robustness: don't try authz and segfault if authn
8af88bd6958b80c224e964892b8237720b13ab1ajerenkrantz fails to set r->user. Log bug and return 500 instead.
8af88bd6958b80c224e964892b8237720b13ab1ajerenkrantz PR 42995 [Nick Kew]
25b812bcab8b61981e288996b991e0ab4d224b92jerenkrantz *) HTTP protocol filter: fix handling of longer chunk extensions
87f0329e30de94828e08d53a99ea23cda86a9fccjerenkrantz *) Update SSL cipher suite and add example for SSLHonorCipherOrder.
0396e75f271f51be57be778655e32ba8d64d240bwrowe [Lars Eilebrecht, Rainer Jung]
0396e75f271f51be57be778655e32ba8d64d240bwrowe *) move AddOutputFilterByType from core to mod_filter. This should
9438d70ce91fa99ec828a2828f0fd45542cd9c4fwrowe fix nasty side-effects that happen when content_type is set
0396e75f271f51be57be778655e32ba8d64d240bwrowe more than once in processing a request, and make it fully
dc10f7a2f87d4cd7cdd16dc248b165122b4ac62btrawick compatible with dynamic and proxied contents. [Nick Kew]
dc10f7a2f87d4cd7cdd16dc248b165122b4ac62btrawick *) mod_log_config: Implement logging for sub second timestamps and
dc10f7a2f87d4cd7cdd16dc248b165122b4ac62btrawick request end time. [Rainer Jung]
431d6106eaf796cc8dfa8cb0db2b180dd93ed6dftrawickChanges with Apache 2.3.6
390489eb69fe15943ddf67adcc832ca8de125cd9jerenkrantz *) SECURITY: CVE-2009-3555 (cve.mitre.org)
390489eb69fe15943ddf67adcc832ca8de125cd9jerenkrantz mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
390489eb69fe15943ddf67adcc832ca8de125cd9jerenkrantz attack when compiled against OpenSSL version 0.9.8m or later. Introduces
a1e8b54f269a8f2388590174174509546e886e60stoddard the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
a1e8b54f269a8f2388590174174509546e886e60stoddard and offer unsafe legacy renegotiation with clients which do not yet
a1e8b54f269a8f2388590174174509546e886e60stoddard support the new secure renegotiation protocol, RFC 5746.
3eb95d6629bb326ae90e5eec693b7e628951751brbb [Joe Orton, and with thanks to the OpenSSL Team]
109d280c3fcf810e573fc1af5e141ad525c45811bjh *) SECURITY: CVE-2009-3555 (cve.mitre.org)
109d280c3fcf810e573fc1af5e141ad525c45811bjh mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
61d2cd001754548e90364aa3a7e76863616544b0minfrin by rejecting any client-initiated renegotiations. Forcibly disable
61d2cd001754548e90364aa3a7e76863616544b0minfrin keepalive for the connection if there is any buffered data readable. Any
61d2cd001754548e90364aa3a7e76863616544b0minfrin configuration which requires renegotiation for per-directory/location
61d2cd001754548e90364aa3a7e76863616544b0minfrin access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
61d2cd001754548e90364aa3a7e76863616544b0minfrin [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]
9a3bbca61e24c13d8b496116ac759117136c6bf4aaron *) SECURITY: CVE-2010-0408 (cve.mitre.org)
9a3bbca61e24c13d8b496116ac759117136c6bf4aaron mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
9a3bbca61e24c13d8b496116ac759117136c6bf4aaron when request headers indicate a request body is incoming; not a case of
9a3bbca61e24c13d8b496116ac759117136c6bf4aaron HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>]
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm *) SECURITY: CVE-2010-0425 (cve.mitre.org)
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm mod_isapi: Do not unload an isapi .dll module until the request
64c351fd973428b5bb4c28e983fa86875ea4e60fdougm processing is completed, avoiding orphaned callback pointers.
0506359f47150991eaaae37ca07f94117a9aa63dtrawick [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
0506359f47150991eaaae37ca07f94117a9aa63dtrawick *) core: Filter init functions are now run strictly once per request
0506359f47150991eaaae37ca07f94117a9aa63dtrawick before handler invocation. The init functions are no longer run
67f62b7a48ff9eb8d9f31898dceaf9f89280a723dougm for connection filters. PR 49328. [Joe Orton]
9d3fdc3bb8077a46851080e17ef9f16c83720c8ftrawick *) core: Adjust the output filter chain correctly in an internal
9d3fdc3bb8077a46851080e17ef9f16c83720c8ftrawick redirect from a subrequest, preserving filters from the main
9d3fdc3bb8077a46851080e17ef9f16c83720c8ftrawick request as necessary. PR 17629. [Joe Orton]
219472ea2d5f1563509321d8b8a91b116792bf7adougm *) mod_cache: Explicitly allow cache implementations to cache a 206 Partial
219472ea2d5f1563509321d8b8a91b116792bf7adougm Response if they so choose to do so. Previously an attempt to cache a 206
c048b545f06921f53ceb830b30f99aed7b369d95dougm was arbitrarily allowed if the response contained an Expires or
c048b545f06921f53ceb830b30f99aed7b369d95dougm Cache-Control header, and arbitrarily denied if both headers were missing.
c048b545f06921f53ceb830b30f99aed7b369d95dougm [Graham Leggett]
621bd763d2e4d32f19013ac8b76b375b5a01851fdougm *) core: Add microsecond timestamp fractions, process id and thread id
621bd763d2e4d32f19013ac8b76b375b5a01851fdougm to the error log. [Rainer Jung]
0ea12b5dcb3d1d399f9bff6f56fb445d80205f9dstriker *) configure: The "most" module set gets build by default. [Rainer Jung]
e93624301705e3dc68992e3b488a764389eb8b98trawick *) configure: Building dynamic modules (DSO) by default. [Rainer Jung]
cba0728e3535ee87e89cdb3cb54ce91eda18f6ccaaron *) configure: Fix broken VPATH build when using included APR.
cba0728e3535ee87e89cdb3cb54ce91eda18f6ccaaron [Rainer Jung]
a45de374fb215f294eb1369d4406ac79d6596ee1brianp *) mod_session_crypto: Fix configure problem when building
a45de374fb215f294eb1369d4406ac79d6596ee1brianp with APR 2 and for VPATH builds with included APR.
a45de374fb215f294eb1369d4406ac79d6596ee1brianp [Rainer Jung]
7f14bcf6b594703df385ce84ba2ee3cdf3ccbae4trawick *) mod_session_crypto: API compatibility with APR 2 crypto and
7f14bcf6b594703df385ce84ba2ee3cdf3ccbae4trawick APR Util 1.x crypto. [Rainer Jung]
7f14bcf6b594703df385ce84ba2ee3cdf3ccbae4trawick *) ab: Fix memory leak with -v2 and SSL. PR 49383.
0007bb1e01dd762bde7280beb57113309c1715a3trawick [Pavel Kankovsky <peak argo troja mff cuni cz>]
a1be7357e2c08b9dfe52c277063d212d65b15feejim *) core: Add per-module and per-directory loglevel configuration.
a1be7357e2c08b9dfe52c277063d212d65b15feejim Add some more trace logging.
a1be7357e2c08b9dfe52c277063d212d65b15feejim mod_rewrite: Replace RewriteLog/RewriteLogLevel with trace log levels.
a1be7357e2c08b9dfe52c277063d212d65b15feejim mod_ssl: Replace LogLevelDebugDump with trace log levels.
6682df9b639663c50f447e5690dd62cce7b1c086trawick mod_ssl/mod_proxy*: Adjust loglevels to be less verbose at levels info
6682df9b639663c50f447e5690dd62cce7b1c086trawick mod_dumpio: Replace DumpIOLogLevel with trace log levels.
51c0f0fe0a49a180389009442a83f74b1916f96atrawick [Stefan Fritsch]
51c0f0fe0a49a180389009442a83f74b1916f96atrawick *) mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
51c0f0fe0a49a180389009442a83f74b1916f96atrawick title page only) when any mod_ldap directives were used in VirtualHost
51c0f0fe0a49a180389009442a83f74b1916f96atrawick context. [Eric Covener]
7e8bc9ca9d1e752f6ca6debec6be8addae8bd72etrawick *) mod_disk_cache: Decline the opportunity to cache if the response is
7e8bc9ca9d1e752f6ca6debec6be8addae8bd72etrawick a 206 Partial Content. This stops a reverse proxied partial response
ecb511c254d5affe7cc018482d53c19aaf145878jerenkrantz from becoming cached, and then being served in subsequent responses.
ecb511c254d5affe7cc018482d53c19aaf145878jerenkrantz [Graham Leggett]
ecb511c254d5affe7cc018482d53c19aaf145878jerenkrantz *) mod_deflate: avoid the risk of forwarding data before headers are set.
60b83cd8f9427809082340cfd7581091990962f5jwoolley PR 49369 [Matthew Steele <mdsteele google.com>]
60b83cd8f9427809082340cfd7581091990962f5jwoolley *) mod_authnz_ldap: Ensure nested groups are checked when the
e93624301705e3dc68992e3b488a764389eb8b98trawick top-level group doesn't have any direct non-group members
e93624301705e3dc68992e3b488a764389eb8b98trawick of attributes in AuthLDAPGroupAttribute. [Eric Covener]
4da4d1ae427ee8827c2325dd121ac05a83afd579wrowe *) mod_authnz_ldap: Search or Comparison during authorization phase
a2d4f1da4e19836b2d6a673f80f33381a926a8bddougm can use the credentials from the authentication phase
d56d6753a75f5b915120c797aedbfcf13bb14c8brbb (AuthLDAPSearchAsUSer,AuthLDAPCompareAsUser).
d56d6753a75f5b915120c797aedbfcf13bb14c8brbb PR 48340 [Domenico Rotiroti, Eric Covener]
d56d6753a75f5b915120c797aedbfcf13bb14c8brbb *) mod_authnz_ldap: Allow the initial DN search during authentication
d56d6753a75f5b915120c797aedbfcf13bb14c8brbb to use the HTTP username/pass instead of an anonymous or hard-coded
4aaf7088758ca56823e585969320f2405a7cc5fcdougm LDAP id (AuthLDAPInitialBindAsUser, AuthLDAPInitialBindPattern).
4aaf7088758ca56823e585969320f2405a7cc5fcdougm [Eric Covener]
e0596968fe84a2bdaebe0192d8d64d2e9856d4d6brianp *) mod_authnz_ldap: Publish requested LDAP data with an AUTHORIZE_ prefix
e0596968fe84a2bdaebe0192d8d64d2e9856d4d6brianp when this module is used for authorization. See AuthLDAPAuthorizePrefix.
e0596968fe84a2bdaebe0192d8d64d2e9856d4d6brianp PR 45584 [Eric Covener]
f33c2c86b419be97248c5289b71738b5f0c7ab0adirkx *) apxs -q: Stop filtering out ':' characters from the reported values.
f33c2c86b419be97248c5289b71738b5f0c7ab0adirkx PR 45343. [Bill Cole]
c5fdaba2e790a0a351d796b5fe3dcfb585be1ba2jim *) prefork MPM: Work around possible crashes on child exit in APR reslist
c5fdaba2e790a0a351d796b5fe3dcfb585be1ba2jim cleanup code. PR 43857. [Tom Donovan]
c5fdaba2e790a0a351d796b5fe3dcfb585be1ba2jim *) ab: fix number of requests sent by ab when keepalive is enabled. PR 48497.
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley [Bryn Dole <dole blekko.com>]
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley *) Log an error for failures to read a chunk-size, and return 408 instead of
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley 413 when this is due to a read timeout. This change also fixes some cases
2fc50921b88defeb7127985dfe4b4130175e069ejwoolley of two error documents being sent in the response for the same scenario.
47638f4a67ce38e5a83e7a303d6f2d5c9ff47b4ebrianp [Eric Covener] PR49167
47638f4a67ce38e5a83e7a303d6f2d5c9ff47b4ebrianp *) mod_proxy_balancer: Add new directive BalancerNonce to allow admin
82630c4a04be47f39298d3284b2c596244fb509bbrianp to control/set the nonce used in the balancer-manager application.
82630c4a04be47f39298d3284b2c596244fb509bbrianp [Jim Jagielski]
35d682920b0b7073bb9ff8c8794f0f73e3ee1a47slive *) mod_proxy_connect: Support port ranges in AllowConnect. PR 23673.
35d682920b0b7073bb9ff8c8794f0f73e3ee1a47slive [Stefan Fritsch]
a2d4f1da4e19836b2d6a673f80f33381a926a8bddougm *) Proxy balancer: support setting error status according to HTTP response
a2d4f1da4e19836b2d6a673f80f33381a926a8bddougm code from a backend. PR 48939. [Daniel Ruggeri <DRuggeri primary.net>]
30b4a330a5f651eb5198fa93dbb9f3d3594564c9stoddard *) htcacheclean: Introduce the ability to clean specific URLs from the
30b4a330a5f651eb5198fa93dbb9f3d3594564c9stoddard cache, if provided as an optional parameter on the command line.
30b4a330a5f651eb5198fa93dbb9f3d3594564c9stoddard [Graham Leggett]
17895aa4b66b8af02d8788b15cb92e1f6a8ecafcwrowe *) core: Introduce the IncludeStrict directive, which explicitly fails
983988ac7b8faaf037f4df0ab29729cd047a3ffdtrawick server startup if no files or directories match a wildcard path.
983988ac7b8faaf037f4df0ab29729cd047a3ffdtrawick [Graham Leggett]
7a64b871b8b5e5a427b570e90f0e38e88266c783jim *) htcacheclean: Report additional statistics about entries deleted.
7a64b871b8b5e5a427b570e90f0e38e88266c783jim PR 48944. [Mark Drayton mark markdrayton.info]
17895aa4b66b8af02d8788b15cb92e1f6a8ecafcwrowe *) Introduce SSLFIPS directive to support OpenSSL FIPS_mode; permits all
a736bac16e58d5e96945f35ee3c43a2cd2f5d37ejerenkrantz builds of mod_ssl to use 'SSLFIPS off' for portability, but the proper
a736bac16e58d5e96945f35ee3c43a2cd2f5d37ejerenkrantz build of openssl is required for 'SSLFIPS on'. PR 46270.
a736bac16e58d5e96945f35ee3c43a2cd2f5d37ejerenkrantz [Dr Stephen Henson <steve openssl.org>, William Rowe]
797d596a95d4f9900e83ec18295b4ca4951bf763jerenkrantz *) mod_proxy_http: Log the port of the remote server in various messages.
797d596a95d4f9900e83ec18295b4ca4951bf763jerenkrantz PR 48812. [Igor Galić <i galic brainsware org>]
5842e6b336b1cc0252b6cc2944dd81c7d3a19a1bbrianp *) mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend
2532433e80d73506f7bcc18bd0dab686f1c39397minfrin connections and other protocol handlers (like mod_ftp). [Stefan Fritsch]
2532433e80d73506f7bcc18bd0dab686f1c39397minfrin *) mod_proxy_ajp: Really regard the operation a success, when the client
2532433e80d73506f7bcc18bd0dab686f1c39397minfrin aborted the connection. In addition adjust the log message if the client
c148bc6b4eea544af816783400362f741c5f5fc2trawick aborted the connection. [Ruediger Pluem]
c148bc6b4eea544af816783400362f741c5f5fc2trawick *) mod_ssl: Add the 'SSLInsecureRenegotiation' directive, which
9d432e23f6025b78322cbee43e8e89262a108e5eaaron allows insecure renegotiation with clients which do not yet
9d432e23f6025b78322cbee43e8e89262a108e5eaaron support the secure renegotiation protocol. [Joe Orton]
9d432e23f6025b78322cbee43e8e89262a108e5eaaron *) mod_ssl: Fix a potential I/O hang if a long list of trusted CAs
9d432e23f6025b78322cbee43e8e89262a108e5eaaron is configured for client cert auth. PR 46952. [Joe Orton]
9d432e23f6025b78322cbee43e8e89262a108e5eaaron *) core: Only log a 408 if it is no keepalive timeout. PR 39785
6a5bdbbacf4a62adecde52b8f23ebcc4fa2a08b8trawick [Ruediger Pluem, Mark Montague <markmont umich.edu>]
6a5bdbbacf4a62adecde52b8f23ebcc4fa2a08b8trawick *) support/rotatelogs: Add -L option to create a link to the current
10306ac2c175f420e6989568f4c8535a5dbc1349minfrin log file. PR 48761 [<lyndon orthanc.ca>, Dan Poirier]
10306ac2c175f420e6989568f4c8535a5dbc1349minfrin *) mod_ldap: Update LDAPTrustedClientCert to consistently be a per-directory
10306ac2c175f420e6989568f4c8535a5dbc1349minfrin setting only, matching most of the documentation and examples.
b4e4d76bf454e1b603b410110356dbcf12f3bc42jim PR 46541 [Paul Reder, Eric Covener]
b4e4d76bf454e1b603b410110356dbcf12f3bc42jim *) mod_ldap: LDAPTrustedClientCert now accepts CA_DER/CA_BASE64 argument
adb1e17ae7e1cf5cf4f8f2b07d3389cb55f4becetrawick types previously allowed only in LDAPTrustedGlobalCert. [Eric Covener]
adb1e17ae7e1cf5cf4f8f2b07d3389cb55f4becetrawick *) mod_negotiation: Preserve query string over multiviews negotiation.
71f891073f6fa0209870791f64cbbf28d77ffdc1brianp This buglet was fixed for type maps in 2.2.6, but the same issue
71f891073f6fa0209870791f64cbbf28d77ffdc1brianp affected multiviews and was overlooked.
2864362ca8266097928e84f101010bdf814ffa08stoddard PR 33112 [Joergen Thomsen <apache jth.net>]
2864362ca8266097928e84f101010bdf814ffa08stoddard *) mod_ldap: Eliminate a potential crash with multiple LDAPTrustedClientCert
2864362ca8266097928e84f101010bdf814ffa08stoddard when some are not password-protected. [Eric Covener]
f51dbb1f5b66d94b5c190bfcd444aa73bdc2b176trawick *) Fix startup segfault when the Mutex directive is used but no loaded
893c106ae59d8e96d921524b123ae26dea8ad37fgstein modules use httpd mutexes. PR 48787. [Jeff Trawick]
893c106ae59d8e96d921524b123ae26dea8ad37fgstein *) Proxy: get the headers right in a HEAD request with
893c106ae59d8e96d921524b123ae26dea8ad37fgstein ProxyErrorOverride, by checking for an overridden error
3aa6444bcee4e9fc32ec8860d832ff83a15784efianh before not after going into a catch-all code path.
3aa6444bcee4e9fc32ec8860d832ff83a15784efianh PR 41646. [Nick Kew, Stuart Children]
e2bdfd25d9d0461e0a3ab18ceff2113215e3e115brianp *) support/rotatelogs: Support the simplest log rotation case, log
e2bdfd25d9d0461e0a3ab18ceff2113215e3e115brianp truncation. Useful when the log is being processed in real time
b9fe73991e7c592a634242a7e11f924689f58e1fgstein using a command like tail. [Graham Leggett]
b9fe73991e7c592a634242a7e11f924689f58e1fgstein *) support/htcacheclean: Teach it how to write a pid file (modelled on
b9fe73991e7c592a634242a7e11f924689f58e1fgstein httpd's writing of a pid file) so that it becomes possible to run
d9fcdb415d8661cbd9451df8f88e003a1aa04ce9trawick more than one instance of htcacheclean on the same machine.
d9fcdb415d8661cbd9451df8f88e003a1aa04ce9trawick [Graham Leggett]
d9fcdb415d8661cbd9451df8f88e003a1aa04ce9trawick *) Log command line on startup, so there's a record of command line
d9fcdb415d8661cbd9451df8f88e003a1aa04ce9trawick arguments like -f. PR 48752. [Dan Poirier]
81b8d0f83e9d0bc2bf6900fc680737e0cac439a2brianp *) Introduce mod_reflector, a handler capable of reflecting POSTed
b5033962c73a470b6f36a3ac796c542a6ab4ddf6brianp request bodies back within the response through the output filter
b5033962c73a470b6f36a3ac796c542a6ab4ddf6brianp stack. Can be used to turn an output filter into a web service.
d7856f850b9b51165f23ae381a891bda894e1373ianh [Graham Leggett]
d7856f850b9b51165f23ae381a891bda894e1373ianh *) mod_proxy_http: Make sure that when an ErrorDocument is served
d7856f850b9b51165f23ae381a891bda894e1373ianh from a reverse proxied URL, that the subrequest respects the status
d7856f850b9b51165f23ae381a891bda894e1373ianh of the original request. This brings the behaviour of proxy_handler
d75626f0952c6152a99acd013a4f127d46f0f9edtrawick in line with default_handler. PR 47106. [Graham Leggett]
d75626f0952c6152a99acd013a4f127d46f0f9edtrawick *) Support wildcards in both the directory and file components of
d75626f0952c6152a99acd013a4f127d46f0f9edtrawick the path specified by the Include directive. [Graham Leggett]
ab2053f3cdda69cfa5e4ce0800ea7af203cc6d5ddougm *) mod_proxy, mod_proxy_http: Support remote https proxies
ab2053f3cdda69cfa5e4ce0800ea7af203cc6d5ddougm by using HTTP CONNECT. PR 19188.
ab2053f3cdda69cfa5e4ce0800ea7af203cc6d5ddougm [Philippe Dutrueux <lilas evidian.com>, Rainer Jung]
88ecd979f1112454432371f55a1420240fae3743trawick *) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
88ecd979f1112454432371f55a1420240fae3743trawick [Philip M. Gollucci]
548e06e26f5377b2efbb7e0dab20f536e5e24160trawick *) worker: Don't report server has reached MaxClients until it has.
548e06e26f5377b2efbb7e0dab20f536e5e24160trawick Add message when server gets within MinSpareThreads of MaxClients.
c02a689f2274966ed5d1c16207f74b5128c35c86trawick PR 46996. [Dan Poirier]
f51dbb1f5b66d94b5c190bfcd444aa73bdc2b176trawick *) mod_session: Session expiry was being initialised, but not updated
f51dbb1f5b66d94b5c190bfcd444aa73bdc2b176trawick on each session save, resulting in timed out sessions when there
f51dbb1f5b66d94b5c190bfcd444aa73bdc2b176trawick should not have been. Fixed. [Graham Leggett]
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard *) mod_log_config: Add the R option to log the handler used within the
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard request. [Christian Folini <christian.folini netnea com>]
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard *) mod_include: Allow fine control over the removal of Last-Modified and
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard ETag headers within the INCLUDES filter, making it possible to cache
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard responses if desired. Fix the default value of the SSIAccessEnable
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard directive. [Graham Leggett]
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard *) Add new UnDefine directive to undefine a variable. PR 35350.
aa202cda00837ed5381d5f67254e08c565a5c3a8stoddard [Stefan Fritsch]
94f4821a5444a4fe782f772aef5db4d8b839675djerenkrantz *) Make ap_pregsub(), used by AliasMatch and friends, use the same syntax
94f4821a5444a4fe782f772aef5db4d8b839675djerenkrantz for regex backreferences as mod_rewrite and mod_include: Remove the use
94f4821a5444a4fe782f772aef5db4d8b839675djerenkrantz of '&' as an alias for '$0' and allow to escape any character with a
2a49e30bae376c9744b96c8681ab88122ccaa46cjerenkrantz backslash. PR 48351. [Stefan Fritsch]
2a49e30bae376c9744b96c8681ab88122ccaa46cjerenkrantz *) mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the
2a49e30bae376c9744b96c8681ab88122ccaa46cjerenkrantz password to UTF-8. PR 45318.
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin [Johannes Müller <joh_m gmx.de>, Stefan Fritsch]
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin *) ab: Fix calculation of requests per second in HTML output. PR 48594.
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin [Stefan Fritsch]
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin *) mod_authnz_ldap: Failures to map a username to a DN, or to check a user
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin password now result in an informational level log entry instead of
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrin warning level. [Eric Covener]
afef080e47ef499a5cbceb7ad7fadbb3abca0b48minfrinChanges with Apache 2.3.5
c49200a2bdbb8fa1f2e5c3b87cc497ecdeefa8feminfrin *) SECURITY: CVE-2010-0434 (cve.mitre.org)
c49200a2bdbb8fa1f2e5c3b87cc497ecdeefa8feminfrin Ensure each subrequest has a shallow copy of headers_in so that the
c49200a2bdbb8fa1f2e5c3b87cc497ecdeefa8feminfrin parent request headers are not corrupted. Eliminates a problematic
c49200a2bdbb8fa1f2e5c3b87cc497ecdeefa8feminfrin optimization in the case of no request body. PR 48359
103005439776bb7aeccb95ebf4761ebfef3f9c39ianh [Jake Scott, William Rowe, Ruediger Pluem]
103005439776bb7aeccb95ebf4761ebfef3f9c39ianh *) Turn static function get_server_name_for_url() into public
92d311b27a6182c2eed67317990c8c168584ee75trawick ap_get_server_name_for_url() and use it where appropriate. This
92d311b27a6182c2eed67317990c8c168584ee75trawick fixes mod_rewrite generating invalid URLs for redirects to IPv6
92d311b27a6182c2eed67317990c8c168584ee75trawick literal addresses. [Stefan Fritsch]
92d311b27a6182c2eed67317990c8c168584ee75trawick *) mod_ldap: Introduce new config option LDAPTimeout to set the timeout
744ecbcc06a9128fc4730d1334cc180bf7fc521caaron for LDAP operations like bind and search. [Stefan Fritsch]
6f0dd808a674b7c09a625b36f320030f4e339f8faaron *) mod_proxy, mod_proxy_ftp: Move ProxyFtpDirCharset from mod_proxy to
744ecbcc06a9128fc4730d1334cc180bf7fc521caaron mod_proxy_ftp. [Takashi Sato]
59511de77b389ced52253d055fc470ecfedfcd99aaron *) mod_proxy, mod_proxy_connect: Move AllowCONNECT from mod_proxy to
59511de77b389ced52253d055fc470ecfedfcd99aaron mod_proxy_connect. [Takashi Sato]
b5cdec7910a44654cb254b99c5a39d7c180c4bcajerenkrantz *) mod_cache: Do an exact match of the keys defined by
b5cdec7910a44654cb254b99c5a39d7c180c4bcajerenkrantz CacheIgnoreURLSessionIdentifiers against the querystring instead of
b5cdec7910a44654cb254b99c5a39d7c180c4bcajerenkrantz a partial match. PR 48401.
b5cdec7910a44654cb254b99c5a39d7c180c4bcajerenkrantz [Dodou Wang <wangdong.08 gmail.com>, Ruediger Pluem]
393bfaab1beb2410959a4a5e91f58446f01bac09rbb *) mod_proxy_balancer: Fix crash in balancer-manager. [Rainer Jung]
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron *) Core HTTP: disable keepalive when the Client has sent
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron Expect: 100-continue
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron but we respond directly with a non-100 response.
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron Keepalive here led to data from clients continuing being treated as
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron a new request.
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron PR 47087 [Nick Kew]
6c2dc61d4760fa5e356f95c4b1685eec7f1d75dcaaron *) Core: reject NULLs in request line or request headers.
01e8aca9299a0b872414c24c8b7724d6f88ae665ianh PR 43039 [Nick Kew]
01e8aca9299a0b872414c24c8b7724d6f88ae665ianh *) Core: (re)-introduce -T commandline option to suppress documentroot
f783dff0c8b69344a6b67e97f16b91f8b0790799dougm check at startup.
f783dff0c8b69344a6b67e97f16b91f8b0790799dougm PR 41887 [Jan van den Berg <janvdberg gmail.com>]
f783dff0c8b69344a6b67e97f16b91f8b0790799dougm *) mod_autoindex: support XHTML as equivalent to HTML in IndexOptions,
f783dff0c8b69344a6b67e97f16b91f8b0790799dougm ScanHTMLTitles, ReadmeName, HeaderName
6362515725d2b6d66ac3b26531f8c53ac75f8c20wrowe PR 48416 [Dmitry Bakshaev <dab18 izhnet.ru>, Nick Kew]
f783dff0c8b69344a6b67e97f16b91f8b0790799dougm *) Proxy: Fix ProxyPassReverse with relative URL
6362515725d2b6d66ac3b26531f8c53ac75f8c20wrowe Derived (slightly erroneously) from PR 38864 [Nick Kew]
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron *) mod_headers: align Header Edit with Header Set when used on Content-Type
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron PR 48422 [Cyril Bonté <cyril.bonte free.fr>, Nick Kew>]
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron *) mod_headers: Enable multi-match-and-replace edit option
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron PR 46594 [Nick Kew]
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron *) mod_filter: enable it to act on non-200 responses.
98ae9b96926a3dd99b195d7628c7e527e720f6acaaron PR 48377 [Nick Kew]
98ae9b96926a3dd99b195d7628c7e527e720f6acaaronChanges with Apache 2.3.4
9379749d811388a7d0e3410940ddd6743a33d330jim *) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
9379749d811388a7d0e3410940ddd6743a33d330jim and WatchdogMutexPath with a single Mutex directive. Add APIs to
9379749d811388a7d0e3410940ddd6743a33d330jim simplify setup and user customization of APR proc and global mutexes.
f37499bf7da81cd6b697d4667233137957426428jerenkrantz (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
f37499bf7da81cd6b697d4667233137957426428jerenkrantz respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
b8c2b4dfc363e33a8a1c2464802c3fb05cab86bbwrowe *) http_core: KeepAlive no longer accepts other than On|Off.
421dc1d123c9adda60e024f93fb614bfada8b9e5wrowe [Takashi Sato]
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron *) mod_dav: Remove errno from dav_error interface. Calls to dav_new_error()
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron and dav_new_error_tag() must be adjusted to add an apr_status_t parameter.
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron [Jeff Trawick]
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron *) mod_authnz_ldap: Add AuthLDAPBindAuthoritative to allow Authentication to
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron try other providers in the case of an LDAP bind failure.
c10fe96ac7d024918e26af6c8ba5470273b75bb2jwoolley PR 46608 [Justin Erenkrantz, Joe Schaefer, Tony Stevenson]
c10fe96ac7d024918e26af6c8ba5470273b75bb2jwoolley *) Build: fix --with-module to work as documented
cbfbf9598d686b11afc7a9f9d91a8facfdfa7216trawickChanges with Apache 2.3.3
7a8a0744e378f2343c3ee6787fac0f8f959d2141brianp *) SECURITY: CVE-2009-3095 (cve.mitre.org)
7a8a0744e378f2343c3ee6787fac0f8f959d2141brianp mod_proxy_ftp: sanity check authn credentials.
7a8a0744e378f2343c3ee6787fac0f8f959d2141brianp [Stefan Fritsch <sf fritsch.de>, Joe Orton]
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe *) SECURITY: CVE-2009-3094 (cve.mitre.org)
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe mod_proxy_ftp: NULL pointer dereference on error paths.
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe [Stefan Fritsch <sf fritsch.de>, Joe Orton]
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe OpenSSL 1.0.0b3. [Vipul Gupta <vipul.gupta sun.com>, Sander Temme]
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe *) mod_dav: Include uri when logging a PUT error due to connection abort.
f5ce2873c97c12a34d6b03d2771b9250b7bbfe55wrowe PR 38149. [Stefan Fritsch]
73cba74a34576f7ece4bd98fd58c8a932a178e6daaron *) mod_dav: Return 409 instead of 500 for a LOCK request if the parent
73cba74a34576f7ece4bd98fd58c8a932a178e6daaron resource does not exist or is not a collection. PR 43465. [Stefan Fritsch]
73cba74a34576f7ece4bd98fd58c8a932a178e6daaron *) mod_dav_fs: Return 409 instead of 500 for Litmus test case copy_nodestcoll
73cba74a34576f7ece4bd98fd58c8a932a178e6daaron (a COPY request where the parent of the destination resource does not
73cba74a34576f7ece4bd98fd58c8a932a178e6daaron exist). PR 39299. [Stefan Fritsch]
29c30db45f6a469017e16b606611e460cc1a1f2caaron *) mod_dav_fs: Don't delete the whole file if a PUT with content-range failed.
29c30db45f6a469017e16b606611e460cc1a1f2caaron PR 42896. [Stefan Fritsch]
095071bbd0b3ccccd6883edc7cd10f13cac71160ianh *) mod_dav_fs: Make PUT create files atomically and no longer destroy the
095071bbd0b3ccccd6883edc7cd10f13cac71160ianh old file if the transfer aborted. PR 39815. [Paul Querna, Stefan Fritsch]
a322a82f79b790fb7ddcd7df4459d20725450fa7trawick *) mod_dav_fs: Remove inode keyed locking as this conflicts with atomically
a322a82f79b790fb7ddcd7df4459d20725450fa7trawick creating files. On systems with inode numbers, this is a format change of
21644b4d1b09d0531911a8c9a891819a261480f8minfrin the DavLockDB. The old DavLockDB must be deleted on upgrade.
21644b4d1b09d0531911a8c9a891819a261480f8minfrin [Stefan Fritsch]
21644b4d1b09d0531911a8c9a891819a261480f8minfrin *) mod_log_config: Make ${cookie}C correctly match whole cookie names
21644b4d1b09d0531911a8c9a891819a261480f8minfrin instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
21644b4d1b09d0531911a8c9a891819a261480f8minfrin Stefan Fritsch]
21644b4d1b09d0531911a8c9a891819a261480f8minfrin *) vhost: A purely-numeric Host: header should not be treated as a port.
21644b4d1b09d0531911a8c9a891819a261480f8minfrin PR 44979 [Nick Kew]
21644b4d1b09d0531911a8c9a891819a261480f8minfrin *) mod_ldap: Avoid 500 errors with "Unable to set LDAP_OPT_REFHOPLIMIT option to 5"
bf5cf58cc30750e9f9764cc830aff426ced288f9aaron when built against openldap by using SDK LDAP_OPT_REFHOPLIMIT defaults unless
bf5cf58cc30750e9f9764cc830aff426ced288f9aaron LDAPReferralHopLimit is explicitly configured.
bf5cf58cc30750e9f9764cc830aff426ced288f9aaron [Eric Covener]
7cdc36a99b42a3c5e36ac47726ad41c9c7b039ceianh *) mod_charset_lite: Honor 'CharsetOptions NoImplicitAdd'.
7cdc36a99b42a3c5e36ac47726ad41c9c7b039ceianh [Eric Covener]
cbfbf9598d686b11afc7a9f9d91a8facfdfa7216trawick *) mod_ssl: Add support for OCSP Stapling. PR 43822.
cbfbf9598d686b11afc7a9f9d91a8facfdfa7216trawick [Dr Stephen Henson <shenson oss-institute.org>]
fe808620434aa59b796e8b60cd6eec65a32dfc2dstoddard *) mod_socache_shmcb: Allow parens in file name if cache size is given.
e37c657172940f82d9b28a45fc1304140eb0b1d7stoddard Fixes SSLSessionCache directive mis-parsing parens in pathname.
edd6c1f4be1aa23fc99134802941397f7f31b3d5jerenkrantz PR 47945. [Stefan Fritsch]
5f08a022a210f4e511561e89f500621a15e6177dtrawick *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
6db5333c9461942b8af724b101e687af541d4d4cjerenkrantz *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
d4fcf63a5d9171d50c0d04e05a35ec6bf1f85100jerenkrantz *) mod_sed: Reduce memory consumption when processing very long lines.
d4fcf63a5d9171d50c0d04e05a35ec6bf1f85100jerenkrantz PR 48024 [Basant Kumar Kukreja <basant.kukreja sun.com>]
dee6a8bde4d598087dc4b3ebf3d4dd06809d2dd7jerenkrantz *) ab: Fix segfault in case the argument for -n is a very large number.
dee6a8bde4d598087dc4b3ebf3d4dd06809d2dd7jerenkrantz PR 47178. [Philipp Hagemeister <oss phihag.de>]
edd6c1f4be1aa23fc99134802941397f7f31b3d5jerenkrantz *) Allow ProxyPreserveHost to work in <Proxy> sections. PR 34901.
edd6c1f4be1aa23fc99134802941397f7f31b3d5jerenkrantz [Stefan Fritsch]
d7d551e53cdfb3288eb651447d7209599c40d17estoddard *) configure: Fix THREADED_MPMS so that mod_cgid is enabled again
d7d551e53cdfb3288eb651447d7209599c40d17estoddard for worker MPM. [Takashi Sato]
956a1511249b1fec73aaee0fb7d69c8492aa1368aaron *) mod_dav: Provide a mechanism to obtain the request_rec and pathname
956a1511249b1fec73aaee0fb7d69c8492aa1368aaron from the dav_resource. [Jari Urpalainen <jari.urpalainen nokia.com>,
956a1511249b1fec73aaee0fb7d69c8492aa1368aaron Brian France <brian brianfrance.com>]
d0e4ca9bfd8bf44bea574733965851bfee939d95aaron *) Build: Use install instead of cp if available on installing
d0e4ca9bfd8bf44bea574733965851bfee939d95aaron modules to avoid segmentation fault. PR 47951. [hirose31 gmail.com]
d0e4ca9bfd8bf44bea574733965851bfee939d95aaron *) mod_cache: correctly consider s-maxage in cacheability
d0e4ca9bfd8bf44bea574733965851bfee939d95aaron decisions. [Dan Poirier]
956a1511249b1fec73aaee0fb7d69c8492aa1368aaron *) mod_logio/core: Report more accurate byte counts in mod_status if
d0e4ca9bfd8bf44bea574733965851bfee939d95aaron mod_logio is loaded. PR 25656. [Stefan Fritsch]
a4b3fb28f3d2e0983b15b4c6828c6980f2fc9b15jerenkrantz *) mod_ldap: If LDAPSharedCacheSize is too small, try harder to purge
a4b3fb28f3d2e0983b15b4c6828c6980f2fc9b15jerenkrantz some cache entries and log a warning. Also increase the default
548b2980e83f609186a76e98fb245d02e8547bc3jerenkrantz LDAPSharedCacheSize to 500000. This is a more realistic size suitable
548b2980e83f609186a76e98fb245d02e8547bc3jerenkrantz for the default values of 1024 for LdapCacheEntries/LdapOpCacheEntries.
548b2980e83f609186a76e98fb245d02e8547bc3jerenkrantz PR 46749. [Stefan Fritsch]
e54b09d79ca9bc18ea5ae33367fd907473621dcejerenkrantz *) mod_rewrite: Make sure that a hostname:port isn't fully qualified if
e54b09d79ca9bc18ea5ae33367fd907473621dcejerenkrantz the request is a CONNECT request. [Bill Zajac <billz consultla.com>]
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz *) mod_cache: Teach CacheEnable and CacheDisable to work from within a
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz Location section, in line with how ProxyPass works. [Graham Leggett]
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz *) mod_reqtimeout: New module to set timeouts and minimum data rates for
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz receiving requests from the client. [Stefan Fritsch]
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz *) core: Fix potential memory leaks by making sure to not destroy
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz bucket brigades that have been created by earlier filters.
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz [Stefan Fritsch]
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz *) core, mod_deflate, mod_sed: Reduce memory usage by reusing bucket
edcd9e6d9d29f60b25f7b9779dbd33e9dc1cc79ejerenkrantz brigades in several places. [Stefan Fritsch]
0733b4ac1b339822a5b506be8a28fea6e384cbfetrawick *) mod_cache: Fix uri_meets_conditions() so that CacheEnable will
1582553026e5e3a1921a34222eaee923fddee9b9wrowe match by scheme, or by a wildcarded hostname. PR 40169
1582553026e5e3a1921a34222eaee923fddee9b9wrowe [Peter Grandi <pg_asf asf.for.sabi.co.uk>, Graham Leggett]
1582553026e5e3a1921a34222eaee923fddee9b9wrowe *) suxec: Allow to log an error if exec fails by setting FD_CLOEXEC
1582553026e5e3a1921a34222eaee923fddee9b9wrowe on the log file instead of closing it. PR 10744. [Nicolas Rachinsky]
1582553026e5e3a1921a34222eaee923fddee9b9wrowe *) mod_mime: Make RemoveType override the info from TypesConfig.
1582553026e5e3a1921a34222eaee923fddee9b9wrowe PR 38330. [Stefan Fritsch]
1582553026e5e3a1921a34222eaee923fddee9b9wrowe *) mod_cache: Introduce the option to run the cache from within the
1582553026e5e3a1921a34222eaee923fddee9b9wrowe normal request handler, and to allow fine grained control over
1582553026e5e3a1921a34222eaee923fddee9b9wrowe where in the filter chain content is cached. [Graham Leggett]
1582553026e5e3a1921a34222eaee923fddee9b9wrowe *) core: Treat timeout reading request as 408 error, not 400.
1582553026e5e3a1921a34222eaee923fddee9b9wrowe Log 408 errors in access log as was done in Apache 1.3.x.
1582553026e5e3a1921a34222eaee923fddee9b9wrowe PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>,
1582553026e5e3a1921a34222eaee923fddee9b9wrowe Stefan Fritsch <sf fritsch.de>, Dan Poirier]
bd214bbc8d9db9d6d1dcb6b24462e6d1da8e8bbbstoddard *) mod_ssl: Reintroduce SSL_CLIENT_S_DN, SSL_CLIENT_I_DN, SSL_SERVER_S_DN,
bd214bbc8d9db9d6d1dcb6b24462e6d1da8e8bbbstoddard SSL_SERVER_I_DN back to the environment variables to be set by mod_ssl.
1078b2c97bb39352bae929d2ed3f290a420470a7ianh *) mod_disk_cache: don't cache incomplete responses, per RFC 2616, 13.8.
762c82a23cc3ddaac92f941b2f871e94efdf4e6bgregames PR15866. [Dan Poirier]
762c82a23cc3ddaac92f941b2f871e94efdf4e6bgregames *) ab: ab segfaults in verbose mode on https sites
fb50cf6056a42f94cc9e8eeabea1eb8d05e0aefcaaron PR46393. [Ryan Niebur]
fb50cf6056a42f94cc9e8eeabea1eb8d05e0aefcaaron *) mod_dav: Allow other modules to become providers and add resource types
fb50cf6056a42f94cc9e8eeabea1eb8d05e0aefcaaron to the DAV response. [Jari Urpalainen <jari.urpalainen nokia.com>,
fb50cf6056a42f94cc9e8eeabea1eb8d05e0aefcaaron Brian France <brian brianfrance.com>]
d56c38bfb6293bfff7c980858b19e32039106618jerenkrantz *) mod_dav: Allow other modules to add things to the DAV or Allow headers
d56c38bfb6293bfff7c980858b19e32039106618jerenkrantz of an OPTIONS request. [Jari Urpalainen <jari.urpalainen nokia.com>,
d56c38bfb6293bfff7c980858b19e32039106618jerenkrantz Brian France <brian brianfrance.com>]
7c301a1818939f85da8f3629cc3e9b5588610ef0jerenkrantz *) core: Lower memory usage of core output filter.
7c301a1818939f85da8f3629cc3e9b5588610ef0jerenkrantz [Stefan Fritsch <sf sfritsch.de>]
a7fb6d64e059872d5410e873b7f492d62a5cf916rbb *) mod_mime: Detect invalid use of MultiviewsMatch inside Location and
a7fb6d64e059872d5410e873b7f492d62a5cf916rbb LocationMatch sections. PR47754. [Dan Poirier]
a7fb6d64e059872d5410e873b7f492d62a5cf916rbb *) mod_request: Make sure the KeptBodySize directive rejects values
a985ccb3ebd4be0fda23a0ce9ad95fd233089463trawick that aren't valid numbers. [Graham Leggett]
a985ccb3ebd4be0fda23a0ce9ad95fd233089463trawick *) mod_session_crypto: Sanity check should the potentially encrypted
a985ccb3ebd4be0fda23a0ce9ad95fd233089463trawick session cookie be too short. [Graham Leggett]
af262486b3d1c33299307195a715bd1e373f99afrbb *) mod_session.c: Prevent a segfault when session is added but not
af262486b3d1c33299307195a715bd1e373f99afrbb configured. [Graham Leggett]
af262486b3d1c33299307195a715bd1e373f99afrbb *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett]
628ce9384209a460022be952ccdcc8538ad3ca84slive *) mod_auth_digest: Fail server start when nonce count checking
628ce9384209a460022be952ccdcc8538ad3ca84slive is configured without shared memory, or md5-sess algorithm is
628ce9384209a460022be952ccdcc8538ad3ca84slive configured. [Dan Poirier]
628ce9384209a460022be952ccdcc8538ad3ca84slive *) mod_proxy_connect: The connect method doesn't work if the client is
2b9a9a94658c0febcad2f76621b2d5ab856edc6atrawick connecting to the apache proxy through an ssl socket. Fixed.
2b9a9a94658c0febcad2f76621b2d5ab856edc6atrawick PR29744. [Brad Boyer, Mark Cave-Ayland, Julian Gilbey, Fabrice Durand,
2b9a9a94658c0febcad2f76621b2d5ab856edc6atrawick David Gence, Tim Dodge, Per Gunnar Hans, Emmanuel Elango,
2b9a9a94658c0febcad2f76621b2d5ab856edc6atrawick Kevin Croft, Rudolf Cardinal]
f6f453bf03007f391d347dc821e507cdd924d1bftrawick *) mod_ssl: The error message when SSLCertificateFile is missing should
f6f453bf03007f391d347dc821e507cdd924d1bftrawick at least give the name or position of the problematic virtual host
f6f453bf03007f391d347dc821e507cdd924d1bftrawick definition. [Stefan Fritsch sf sfritsch.de]
205f4595abf32ae208958d7f8abea68b335c9f39trawick *) mod_auth_digest: Fix null pointer when qop=none. [Dan Poirier]
205f4595abf32ae208958d7f8abea68b335c9f39trawick *) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb yahoo.com>]
1078b2c97bb39352bae929d2ed3f290a420470a7ianh *) mod_headers: generalise the envclause to support expression
1078b2c97bb39352bae929d2ed3f290a420470a7ianh evaluation with ap_expr parser [Nick Kew]
1078b2c97bb39352bae929d2ed3f290a420470a7ianh *) mod_cache: Introduce the thundering herd lock, a mechanism to keep
1078b2c97bb39352bae929d2ed3f290a420470a7ianh the flood of requests at bay that strike a backend webserver as
1078b2c97bb39352bae929d2ed3f290a420470a7ianh a cached entity goes stale. [Graham Leggett]
b6135e7458bf348c694157b042786562d2b86e18ianh *) mod_auth_digest: Fix usage of shared memory and re-enable it.
a8d5ccbcbde8cb6cf3a9dcf2eb05f393ab76baa9ianh PR 16057 [Dan Poirier]
611e46c801a6bd62e58a7f68abe1d2bbba473a92aaron *) Preserve Port information over internal redirects
4224d5789080ea5586d49420da1e1996f5653bb5ianh *) Proxy: unable to connect to a backend is SERVICE_UNAVAILABLE,
4224d5789080ea5586d49420da1e1996f5653bb5ianh rather than BAD_GATEWAY or (especially) NOT_FOUND.
fd3fa792f04fc9c4e8f5f83dceb0fc34e71f8570ianh PR 46971 [evanc nortel.com]
2d2e3667d789f527a04ce6a0089621470c8143ccmartin *) Various modules: Do better checking of pollset operations in order to
2d2e3667d789f527a04ce6a0089621470c8143ccmartin avoid segmentation faults if they fail. PR 46467
2d2e3667d789f527a04ce6a0089621470c8143ccmartin [Stefan Fritsch <sf sfritsch.de>]
2d2e3667d789f527a04ce6a0089621470c8143ccmartin *) mod_autoindex: Correctly create an empty cell if the description
2d2e3667d789f527a04ce6a0089621470c8143ccmartin for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
2d2e3667d789f527a04ce6a0089621470c8143ccmartin *) ab: Fix broken error messages after resolver or connect() failures.
2d2e3667d789f527a04ce6a0089621470c8143ccmartin [Jeff Trawick]
9b0141308bc27f61d82742c198356975aa6b488abrianp *) SECURITY: CVE-2009-1890 (cve.mitre.org)
9b0141308bc27f61d82742c198356975aa6b488abrianp Fix a potential Denial-of-Service attack against mod_proxy in a
fd3fa792f04fc9c4e8f5f83dceb0fc34e71f8570ianh reverse proxy configuration, where a remote attacker can force a
fd3fa792f04fc9c4e8f5f83dceb0fc34e71f8570ianh proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
fd3fa792f04fc9c4e8f5f83dceb0fc34e71f8570ianh *) SECURITY: CVE-2009-1191 (cve.mitre.org)
22d348febc3c258df246ac93e37945398dbf0348ianh mod_proxy_ajp: Avoid delivering content from a previous request which
22d348febc3c258df246ac93e37945398dbf0348ianh failed to send a request body. PR 46949 [Ruediger Pluem]
62af8654f682ca4913636bae099bec0befab985ctrawick *) htdbm: Fix possible buffer overflow if dbm database has very
62af8654f682ca4913636bae099bec0befab985ctrawick long values. PR 30586 [Dan Poirier]
62af8654f682ca4913636bae099bec0befab985ctrawick *) core: Return APR_EOF if request body is shorter than the length announced
1e557a77c091a1d2f2872872a7c20e9f2ffccbc1aaron by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
1e557a77c091a1d2f2872872a7c20e9f2ffccbc1aaron *) mod_suexec: correctly set suexec_enabled when httpd is run by a
1e557a77c091a1d2f2872872a7c20e9f2ffccbc1aaron non-root user and may have insufficient permissions.
5e98e52df07f59be456af01ebf46d81defef2385trawick PR 42175 [Jim Radford <radford blackbean.org>]
5e98e52df07f59be456af01ebf46d81defef2385trawick *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
5e98e52df07f59be456af01ebf46d81defef2385trawick type. PR 45107. [Michael Ströder <michael stroeder.com>,
1e557a77c091a1d2f2872872a7c20e9f2ffccbc1aaron *) mod_proxy_http: fix case sensitivity checking transfer encoding
7a95e47ff0d0e4306df0901d56131b49dca5691etrawick PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]
b393bdb2e1eabbe4b9b37c5eaeeeca799b2eb324stoddard *) mod_alias: ensure Redirect issues a valid URL.
b393bdb2e1eabbe4b9b37c5eaeeeca799b2eb324stoddard PR 44020 [HÃ¥kon Stordahl <hakon stordahl.org>]
3cd826b00280881e5a2f03d8ec1f8d55802b93dewrowe *) mod_dir: add FallbackResource directive, to enable admin to specify
3cd826b00280881e5a2f03d8ec1f8d55802b93dewrowe an action to happen when a URL maps to no file, without resorting
3cd826b00280881e5a2f03d8ec1f8d55802b93dewrowe to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
435c423bdcfa61ff871a9e289d1140f2bac839b8brianp *) mod_cgid: Do not leak the listening Unix socket file descriptor to the
435c423bdcfa61ff871a9e289d1140f2bac839b8brianp CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
435c423bdcfa61ff871a9e289d1140f2bac839b8brianp *) mod_rewrite: Remove locking for writing to the rewritelog.
bf9e1eb04f8b0af835d15ac1d0ebcd8a154474cfjerenkrantz PR 46942 [Dan Poirier <poirier pobox.com>]
e93cea6246ce30bf9791530a15c56f9e2eecf9cbianh *) mod_alias: check sanity in Redirect arguments.
f65342c1467751310036d4f9d75f554eaaf01cc6wrowe PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
960eba6c6d512880c3ed0516f5d15c6e7bc7581ajerenkrantz *) mod_proxy_http: fix Host: header for literal IPv6 addresses.
960eba6c6d512880c3ed0516f5d15c6e7bc7581ajerenkrantz PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz defined session identifiers encoded in the URL when caching.
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz [Ruediger Pluem]
6f912b4ad14f622aa8d57f887c8c745e13ff6dbfjerenkrantz *) mod_rewrite: Fix the error string returned by RewriteRule.
1abe6003aeb198cc97263503bceed457a6c2cb4aaaron RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd
1abe6003aeb198cc97263503bceed457a6c2cb4aaaron argument of RewriteRule was not started with "[" or not ended with "]".
1abe6003aeb198cc97263503bceed457a6c2cb4aaaron PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
cbd8d35ca8d9780f1081f30ebfe4abda44cab7ebianh *) Windows: Fix usage message.
cbd8d35ca8d9780f1081f30ebfe4abda44cab7ebianh [Rainer Jung]
cbd8d35ca8d9780f1081f30ebfe4abda44cab7ebianh *) apachectl: When passing through arguments to httpd in
cbd8d35ca8d9780f1081f30ebfe4abda44cab7ebianh non-SysV mode, use the "$@" syntax to preserve arguments.
0dc14774d2c21baf6123fcafdb853af5be1d97edwrowe [Eric Covener]
3ad5a1fa75e728431fa7b8e3d8a74bcadcd79d4dlars *) mod_dbd: add DBDInitSQL directive to enable SQL statements to
3ad5a1fa75e728431fa7b8e3d8a74bcadcd79d4dlars be run when a connection is opened. PR 46827
3fde4c273ea649d1320ec9c51e7d096cd9340a94jerenkrantz [Marko Kevac <mkevac gmail.com>]
3fde4c273ea649d1320ec9c51e7d096cd9340a94jerenkrantz *) mod_cgid: Improve handling of long AF_UNIX socket names (ScriptSock).
75eee56d2eaac9c27d32fc46b90bb6b1eac85359trawick PR 47037. [Jeff Trawick]
0dc14774d2c21baf6123fcafdb853af5be1d97edwrowe *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
0dc14774d2c21baf6123fcafdb853af5be1d97edwrowe protocol. [Mladen Turk]
0dc14774d2c21baf6123fcafdb853af5be1d97edwrowe *) mod_proxy_ajp: Forward remote port information by default.
9f62694a8b4e2b88994a14555d144b3836b311cfstoddard [Rainer Jung]
9f62694a8b4e2b88994a14555d144b3836b311cfstoddard *) Allow MPMs to be loaded dynamically, as with most other modules. Use
9f62694a8b4e2b88994a14555d144b3836b311cfstoddard --enable-mpms-shared={list|"all"} to enable. This required changes to
52489511342e4ff3fe399e57f29d38e5c4227bc8trawick the MPM interfaces. Removed: mpm.h, mpm_default.h (as an installed
52489511342e4ff3fe399e57f29d38e5c4227bc8trawick header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
52489511342e4ff3fe399e57f29d38e5c4227bc8trawick ap_max_daemons_limit, ap_my_generation, etc. ap_mpm_query() can't be
52489511342e4ff3fe399e57f29d38e5c4227bc8trawick called until after the register-hooks phase. [Jeff Trawick]
8864d6f5f4744b5d2b638e2a53e2660bcf8b5ab5dougm *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
8864d6f5f4744b5d2b638e2a53e2660bcf8b5ab5dougm to enable stricter checking of remote server certificates.
ea512a4af20e6b6e6931de4929d54d93f03a0139ianh [Ruediger Pluem]
1dfb5e008f35ed13c343b7f6306675e33c399792gstein *) ab: Fix a 100% CPU loop on platforms where a failed non-blocking connect
1dfb5e008f35ed13c343b7f6306675e33c399792gstein returns EINPROGRESS and a subsequent poll() returns only POLLERR.
1dfb5e008f35ed13c343b7f6306675e33c399792gstein Observed on HP-UX. [Eric Covener]
eadb64379834961679105b7fd4178253fbb9f95dtrawick *) Remove broken support for BeOS, TPF, and even older platforms such
eadb64379834961679105b7fd4178253fbb9f95dtrawick as A/UX, Next, and Tandem. [Jeff Trawick]
eadb64379834961679105b7fd4178253fbb9f95dtrawick *) mod_proxy_ftp: Add ProxyFtpListOnWildcard directive to allow files with
eadb64379834961679105b7fd4178253fbb9f95dtrawick globbing characters to be retrieved instead of converted into a
c7e917aa56886c47bfe061c5e9f603a5aaef0d87trawick directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
c7e917aa56886c47bfe061c5e9f603a5aaef0d87trawick *) Provide ap_retained_data_create()/ap_retained_data_get() for preservation
b8daf4c5ea3d5bb2111b1b021de6d3cd891e403bcoar of module state across unload/load. [Jeff Trawick]
b8daf4c5ea3d5bb2111b1b021de6d3cd891e403bcoar *) mod_substitute: Fix a memory leak. PR 44948
b8daf4c5ea3d5bb2111b1b021de6d3cd891e403bcoar [Dan Poirier <poirier pobox.com>]
6b6083e6518007139257ee449c2af3032d2437d0trawickChanges with Apache 2.3.2
6b6083e6518007139257ee449c2af3032d2437d0trawick *) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
88dd056b9863502bba82c2889a0c4cde9fc0ba93trawick *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
88dd056b9863502bba82c2889a0c4cde9fc0ba93trawick HTML injections and HTTP response splitting. PR 46837.
88dd056b9863502bba82c2889a0c4cde9fc0ba93trawick [Geoff Keating <geoffk apple.com>]
7ef3a1797818c6d25efe8c5fadb5eec3b965a6fabrianp *) mod_ssl: add support for type-safe STACK constructs in OpenSSL
7ef3a1797818c6d25efe8c5fadb5eec3b965a6fabrianp development HEAD. PR 45521. [Kaspar Brand, Sander Temme]
1e83c8de3aa48b316b28057d53995272baf1260cwrowe *) ab: Fix maintenance of the pollset to resolve EALREADY errors
1e83c8de3aa48b316b28057d53995272baf1260cwrowe with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
1e83c8de3aa48b316b28057d53995272baf1260cwrowe PR 44584. Use APR_POLLSET_NOCOPY for better performance with some
1e83c8de3aa48b316b28057d53995272baf1260cwrowe pollset implementations. [Jeff Trawick]
1e83c8de3aa48b316b28057d53995272baf1260cwrowe *) mod_disk_cache: The module now turns off sendfile support if
1e83c8de3aa48b316b28057d53995272baf1260cwrowe 'EnableSendfile off' is defined globally. [Lars Eilebrecht]
1e83c8de3aa48b316b28057d53995272baf1260cwrowe *) mod_deflate: Adjust content metadata before bailing out on 304
7f683bb300df767164724ebc664f339ac396b434dougm responses so that the metadata does not differ from 200 response.
7f683bb300df767164724ebc664f339ac396b434dougm [Roy T. Fielding]
7f683bb300df767164724ebc664f339ac396b434dougm *) mod_deflate: Fix creation of invalid Etag headers. We now make sure
7f683bb300df767164724ebc664f339ac396b434dougm that the Etag value is properly quoted when adding the gzip marker.
7f683bb300df767164724ebc664f339ac396b434dougm PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding]
26dfa083a1662d57ba7cc410eec4e0696b9be469wrowe *) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185.
26dfa083a1662d57ba7cc410eec4e0696b9be469wrowe [Peter Harlow]
26dfa083a1662d57ba7cc410eec4e0696b9be469wrowe *) Disabled DefaultType directive and removed ap_default_type()
4760aa1f19600972cf531ad7da73c1ee5a0225cedougm from core. We now exclude Content-Type from responses for which
4760aa1f19600972cf531ad7da73c1ee5a0225cedougm a media type has not been configured via mime.types, AddType,
87a1c79b7b37702a254920ca5214fb282a4fb085dougm ForceType, or some other mechanism. PR 13986. [Roy T. Fielding]
d5d164b22a2004abed640cb52fc275f00ed92f69jerenkrantz *) mod_rewrite: Add IPV6 variable to RewriteCond
e93d563852e1fa7a8c73af3b807916b41942d2f6dreid [Ryan Phillips <ryan-apache trolocsis.com>]
e93d563852e1fa7a8c73af3b807916b41942d2f6dreid *) core: Enhance KeepAliveTimeout to support a value in milliseconds.
e93d563852e1fa7a8c73af3b807916b41942d2f6dreid PR 46275. [Takashi Sato]
525508562a53864b78cf8da91ac13be9c072bba7jerenkrantz *) rotatelogs: Allow size units B, K, M, G and combination of
525508562a53864b78cf8da91ac13be9c072bba7jerenkrantz time and size based rotation. [Rainer Jung]
f1fe10268cdadb775eef841aa4fa7305291d35fdtrawick *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
f1fe10268cdadb775eef841aa4fa7305291d35fdtrawick *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
f1fe10268cdadb775eef841aa4fa7305291d35fdtrawick [<tlhackque yahoo.com>]
f04ad0ba7fe0eea5ea7a92f852cef75747ab2090trawick *) core: Translate the the status line to ASCII on EBCDIC platforms in
f04ad0ba7fe0eea5ea7a92f852cef75747ab2090trawick ap_send_interim_response() and for locally generated "100 Continue"
65a1588701f9e5d0f62261d0da85733a23edc92ftrawick responses. [Eric Covener]
65a1588701f9e5d0f62261d0da85733a23edc92ftrawick *) prefork: Fix child process hang during graceful restart/stop in
65a1588701f9e5d0f62261d0da85733a23edc92ftrawick configurations with multiple listening sockets. PR 42829. [Joe Orton,
65a1588701f9e5d0f62261d0da85733a23edc92ftrawick Jeff Trawick]
d5d164b22a2004abed640cb52fc275f00ed92f69jerenkrantz *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
d5d164b22a2004abed640cb52fc275f00ed92f69jerenkrantz set in the global scope. [Graham Leggett]
360a9d933a8c25f5975e0ddc883607a5d37e408estoddard *) mod_ext_filter: We need to detect failure to startup the filter
360a9d933a8c25f5975e0ddc883607a5d37e408estoddard program (a mangled response is not acceptable). Fix to detect
360a9d933a8c25f5975e0ddc883607a5d37e408estoddard failure, and offer configuration option either to abort or
9b8afc47122e9b0eabb860b6ba2cf9c061c6060fstoddard to remove the filter and continue.
9b8afc47122e9b0eabb860b6ba2cf9c061c6060fstoddard PR 41120 [Nick Kew]
9b8afc47122e9b0eabb860b6ba2cf9c061c6060fstoddard *) mod_session_crypto: Rewrite the session_crypto module against the
a21148678a1459064627d917a66669e7e8d140e6stoddard apr_crypto API. [Graham Leggett]
910df8b3f50a0515b430b999d4750de94c509f2atrawick *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
c6a9d49433c9ba5b18b26c3d764f1bbcb9746090wrowe until the main request is cleaned up. [Graham Leggett]
c6a9d49433c9ba5b18b26c3d764f1bbcb9746090wroweChanges with Apache 2.3.1
51be7fc538641ed7cb22e959eb31629f7183f70fianh *) ap_slotmem: Add in new slot-based memory access API impl., including
bb6a7fc0427d0d197c50de34b94a0d23e5732696wrowe 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
bb6a7fc0427d0d197c50de34b94a0d23e5732696wrowe Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
bb6a7fc0427d0d197c50de34b94a0d23e5732696wrowe *) mod_include: support generating non-ASCII characters as entities in SSI
decd0c23bb26f6662f4b963cf86ee569613bffeagregames PR 25202 [Nick Kew]
decd0c23bb26f6662f4b963cf86ee569613bffeagregames *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
e1753aabf5df187b5b04e72a958af4b65b1a125daaron PR 25202 [Nick Kew]
e1753aabf5df187b5b04e72a958af4b65b1a125daaron *) mod_rewrite: fix "B" flag breakage by reverting r5589343
e1753aabf5df187b5b04e72a958af4b65b1a125daaron PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
e1753aabf5df187b5b04e72a958af4b65b1a125daaron *) CGI: return 504 (Gateway timeout) rather than 500 when a script
e1753aabf5df187b5b04e72a958af4b65b1a125daaron times out before returning status line/headers.
e57f991fe2b9a4c080cd50ca913a2a5693b096b5aaron PR 42190 [Nick Kew]
e57f991fe2b9a4c080cd50ca913a2a5693b096b5aaron *) mod_cgid: fix segfault problem on solaris.
924c8dd40352ca7775704a31a7a77ab86dc951b4ianh PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
910df8b3f50a0515b430b999d4750de94c509f2atrawick *) mod_proxy_scgi: Added. [André Malo]
910df8b3f50a0515b430b999d4750de94c509f2atrawick *) mod_cache: Introduce 'no-cache' per-request environment variable
910df8b3f50a0515b430b999d4750de94c509f2atrawick to prevent the saving of an otherwise cacheable response.
0d628dd174dd6de13463b10d2599f6cac24e9fe8brianp [Eric Covener]
0d628dd174dd6de13463b10d2599f6cac24e9fe8brianp *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
2fee4fe267fa3577fd71d8c314fe9b527e2b90c0brianp way that per-directory rewrites append the previous notion of PATH_INFO
2fee4fe267fa3577fd71d8c314fe9b527e2b90c0brianp to each substitution before evaluating subsequent rules.
2fee4fe267fa3577fd71d8c314fe9b527e2b90c0brianp PR 38642 [Eric Covener]
7bf77d70b6830636bc36e6b76a228c301be23ff7brianp *) mod_cgid: Do not add an empty argument when calling the CGI script.
7bf77d70b6830636bc36e6b76a228c301be23ff7brianp PR 46380 [Ruediger Pluem]
185b73b1f914e5d8f99f31225cc656b882dcbf73ianh *) scoreboard: Remove unused sb_type from process_score.
6ef713e25735887d4a59a879b97a68bd575ecb92trawick [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
cef5cb47e2ea4c174c01762d4430613db0f41e5cstoddard *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
cef5cb47e2ea4c174c01762d4430613db0f41e5cstoddard size of the buffer used for the request-body where necessary
1eb1f02a23de724c105b2c6c9fbd469a611059c6trawick during a per-dir renegotiation. PR 39243. [Joe Orton]
8abd60101b9794e224795ccf68b8ba984efbc94astoddard *) mod_proxy_fdpass: New module to pass a client connection over to a separate
ca47a2b6bcea23e8af185c68f256dcbbfd2a0f9dtrawick process that is reading from a unix daemon socket.
6ef713e25735887d4a59a879b97a68bd575ecb92trawick *) mod_ssl: Improve environment variable extraction to be more
6ef713e25735887d4a59a879b97a68bd575ecb92trawick efficient and to correctly handle DNs with duplicate tags.
ca47a2b6bcea23e8af185c68f256dcbbfd2a0f9dtrawick PR 45975. [Joe Orton]
26d590c0e5338f66ca1aad6f925374843fac5121stoddard *) Remove the obsolete serial attribute from the RPM spec file. Compile
26d590c0e5338f66ca1aad6f925374843fac5121stoddard against the external pcre. Add missing binaries fcgistarter, and
26d590c0e5338f66ca1aad6f925374843fac5121stoddard mod_socache* and mod_session*. [Graham Leggett]
2b31ac2c6342d2afcf67b7b0f08c928a87f98c74wroweChanges with Apache 2.3.0
d472f67198d6b15dd1270136f180cca9c9263243trawick *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
d472f67198d6b15dd1270136f180cca9c9263243trawick *) Remove X-Pad header which was added as a work around to a bug in
d472f67198d6b15dd1270136f180cca9c9263243trawick Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
d472f67198d6b15dd1270136f180cca9c9263243trawick *) Add DTrace Statically Defined Tracing (SDT) probes.
a3bb95a3600153c7f09f62749e32093658943c32brianp [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
a3bb95a3600153c7f09f62749e32093658943c32brianp *) mod_proxy_balancer: Move all load balancing implementations
b760518cc17e7124ba546ed63063603f1ab82a40aaron as individual, self-contained mod_proxy submodules under
b760518cc17e7124ba546ed63063603f1ab82a40aaron modules/proxy/balancers [Jim Jagielski]
b760518cc17e7124ba546ed63063603f1ab82a40aaron *) Rename APIs to include ap_ prefix:
b760518cc17e7124ba546ed63063603f1ab82a40aaron find_child_by_pid -> ap_find_child_by_pid
b760518cc17e7124ba546ed63063603f1ab82a40aaron suck_in_APR -> ap_suck_in_APR
b760518cc17e7124ba546ed63063603f1ab82a40aaron sys_privileges_handlers -> ap_sys_privileges_handlers
b760518cc17e7124ba546ed63063603f1ab82a40aaron unixd_accept -> ap_unixd_accept
23d8f62856c1531526042e1c5edf44557cadd2e5trawick unixd_config -> ap_unixd_config
23d8f62856c1531526042e1c5edf44557cadd2e5trawick unixd_killpg -> ap_unixd_killpg
23d8f62856c1531526042e1c5edf44557cadd2e5trawick unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms
705c8ed3ef608706c91ca12483d7b54ff9007cc9jerenkrantz unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms
705c8ed3ef608706c91ca12483d7b54ff9007cc9jerenkrantz unixd_set_rlimit -> ap_unixd_set_rlimit
705c8ed3ef608706c91ca12483d7b54ff9007cc9jerenkrantz [Paul Querna]
ef154948c97c53cdc1ad5329cb83c32ad26cf416aaron *) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers
ef154948c97c53cdc1ad5329cb83c32ad26cf416aaron based on heartbeats. [Paul Querna]
c6741d11357aace4c9ba39535d3cb2d751f46114trawick *) mod_heartmonitor: New module to collect heartbeats, and write out a file
c6741d11357aace4c9ba39535d3cb2d751f46114trawick so that other modules can load balance traffic as needed. [Paul Querna]
7230f1eb017a35b7d20e0e9ec0d234766f2a732dtrawick *) mod_heartbeat: New module to generate multicast heartbeats to know if a
7230f1eb017a35b7d20e0e9ec0d234766f2a732dtrawick server is online. [Paul Querna]
86a5d34400b7f586ad2cca97c8b33b2f55bac61btrawick *) mod_buffer: Honour the flush bucket and flush the buffer in the
86a5d34400b7f586ad2cca97c8b33b2f55bac61btrawick input filter. Make sure that metadata buckets are written to
86a5d34400b7f586ad2cca97c8b33b2f55bac61btrawick the buffer, not to the final brigade. [Graham Leggett]
86a5d34400b7f586ad2cca97c8b33b2f55bac61btrawick *) mod_buffer: Optimise the buffering of heap buckets when the heap
86a5d34400b7f586ad2cca97c8b33b2f55bac61btrawick buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett,
6b477c0a238733ca8fd156629310513d29dc7e02trawick Ruediger Pluem]
6b477c0a238733ca8fd156629310513d29dc7e02trawick *) mod_buffer: Optional support for buffering of the input and output
6b477c0a238733ca8fd156629310513d29dc7e02trawick filter stacks. Can collapse many small buckets into fewer larger
2b31ac2c6342d2afcf67b7b0f08c928a87f98c74wrowe buckets, and prevents excessively small chunks being sent over
2b31ac2c6342d2afcf67b7b0f08c928a87f98c74wrowe the wire. [Graham Leggett]
557eb8d48357657fa898250560f089c65539c634gregames *) mod_privileges: new module to make httpd on Solaris privileges-aware
557eb8d48357657fa898250560f089c65539c634gregames and to enable different virtualhosts to run with different
adb8c5e5291be5943122bbff404bc1018c79d555ianh privileges and Unix user/group IDs [Nick Kew]
25b715e9687f82ea055fdea2a9761c7e5f1ac6eetrawick *) mod_mem_cache: this module has been removed. [William Rowe]
25b715e9687f82ea055fdea2a9761c7e5f1ac6eetrawick *) authn/z: Remove mod_authn_default and mod_authz_default.
51ced3b28ef430a96586284d4320f7dbdaf7225ebrianp [Chris Darroch]
51ced3b28ef430a96586284d4320f7dbdaf7225ebrianp *) authz: Fix handling of authz configurations, make default authz
a222035458f89e2db231450ba6d5fae8052da5f5aaron logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
a222035458f89e2db231450ba6d5fae8052da5f5aaron and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge
a222035458f89e2db231450ba6d5fae8052da5f5aaron directives. [Chris Darroch]
4a872628ca5bf20847f442a625c255b643120db0wrowe *) mod_authn_core: Prevent crash when provider alias created to
4a872628ca5bf20847f442a625c255b643120db0wrowe provider which is not yet registered. [Chris Darroch]
74528257888620220641cd28366731539a37e1f3ianh *) mod_authn_core: Add AuthType of None to support disabling
74528257888620220641cd28366731539a37e1f3ianh authentication. [Chris Darroch]
0632de713e41fa3aa928a1777677b0d79843ae2bdougm *) core: Allow <Limit> and <LimitExcept> directives to nest, and
0632de713e41fa3aa928a1777677b0d79843ae2bdougm constrain their use to conform with that of other access control
0cc82c261350ab8dc8a9992cad7197c4d22d597eianh and authorization directives. [Chris Darroch]
855e263a93fde2e30d10a48a9ffc047039bfc9d9brianp *) unixd: turn existing code into a module, and turn the set user/group
855e263a93fde2e30d10a48a9ffc047039bfc9d9brianp and chroot into a child_init function. [Nick Kew]
855e263a93fde2e30d10a48a9ffc047039bfc9d9brianp *) mod_dir: Support "DirectoryIndex disabled"
54b3b7946d22324cea615d7c8a4ff0c9eadd1f8crbb Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
54b3b7946d22324cea615d7c8a4ff0c9eadd1f8crbb *) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
54b3b7946d22324cea615d7c8a4ff0c9eadd1f8crbb OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
e28c02dc08247d3fcb71e81791cac2311a248dfdrbb *) mod_authnz_ldap: don't return NULL-valued environment variables to
e28c02dc08247d3fcb71e81791cac2311a248dfdrbb other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
e28c02dc08247d3fcb71e81791cac2311a248dfdrbb *) Don't adjust case in pathname components that are not of interest
e28c02dc08247d3fcb71e81791cac2311a248dfdrbb to mod_mime. Fixes mod_negotiation's use of such components.
e28c02dc08247d3fcb71e81791cac2311a248dfdrbb PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
f9f506f0686ad065b4c6fe14dd962cdd478350dbianh *) Be tolerant in what you accept - accept slightly broken
f9f506f0686ad065b4c6fe14dd962cdd478350dbianh status lines from a backend provided they include a valid status code.
9d0665da83d1e22c0ea0e5f6f940f70f75bf5237ianh *) New module mod_sed: filter Request/Response bodies through sed
9d0665da83d1e22c0ea0e5f6f940f70f75bf5237ianh *) mod_auth_form: Make sure that basic authentication is correctly
47c2fb4c1f155ddb6954e46e7f6d125eef78b3bbaaron faked directly after login. [Graham Leggett]
47c2fb4c1f155ddb6954e46e7f6d125eef78b3bbaaron *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
47c2fb4c1f155ddb6954e46e7f6d125eef78b3bbaaron within the output headers and error output headers, so that the
9ca934cec0a1cc3c425fde5dc51956bce6cd3183brianp session is maintained across redirects. [Graham Leggett]
9ca934cec0a1cc3c425fde5dc51956bce6cd3183brianp *) mod_auth_form: Make sure the logged in user is populated correctly
0cdca1e056a05a09fe16fe736abcf79969c9767ejerenkrantz after a form login. Fixes a missing REMOTE_USER variable directly
0cdca1e056a05a09fe16fe736abcf79969c9767ejerenkrantz following a login. [Graham Leggett]
f2afeedf074acc1a698a9527154eacd138e6c5a1trawick *) mod_session_cookie: Make sure that cookie attributes are correctly
f2afeedf074acc1a698a9527154eacd138e6c5a1trawick included in the blank cookie when cookies are removed. This fixes an
f2afeedf074acc1a698a9527154eacd138e6c5a1trawick inability to log out when using mod_auth_form. [Graham Leggett]
0a2d57d962bef3a8898723925b3fb02d2e836994dougm *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames null value. [David Shane Holden <dpejesh apache.org>]
06461d67f387ea068187e6dfa036875a8205c04cjerenkrantz *) core, authn/z: Determine registered authn/z providers directly in
900127764fb985c340ee4979cac97146a330c694trawick ap_setup_auth_internal(), which allows optional functions that just
900127764fb985c340ee4979cac97146a330c694trawick wrapped ap_list_provider_names() to be removed from authn/z modules.
1a6a0072a95887164091e366ba0e89c2b39a954abrianp [Chris Darroch]
1a6a0072a95887164091e366ba0e89c2b39a954abrianp *) authn/z: Convert common provider version strings to macros.
6f4c27ba6e152792f3729069e8d8313ebc87cc60jwoolley [Chris Darroch]
6f4c27ba6e152792f3729069e8d8313ebc87cc60jwoolley *) core: When testing for slash-terminated configuration paths in
23ce412bd50a47accab4dd26019b78810bbf46ebtrawick ap_location_walk(), don't look past the start of an empty string
23ce412bd50a47accab4dd26019b78810bbf46ebtrawick such as that created by a <Location ""> directive.
23ce412bd50a47accab4dd26019b78810bbf46ebtrawick [Chris Darroch]
6865813dee5d3c1ebf12dd810368171792a0190atrawick *) core, mod_proxy: If a kept_body is present, it becomes safe for
6865813dee5d3c1ebf12dd810368171792a0190atrawick subrequests to support message bodies. Make sure that safety
97719ad970d779ac48af9364ab0ea9fdcc27470ajwoolley checks within the core and within the proxy are not triggered
97719ad970d779ac48af9364ab0ea9fdcc27470ajwoolley when kept_body is present. This makes it possible to embed
97719ad970d779ac48af9364ab0ea9fdcc27470ajwoolley proxied POST requests within mod_include. [Graham Leggett]
5ad238c42b1e159ee8f164515e0c4ee6c727c2fdtrawick *) mod_auth_form: Make sure the input filter stack is properly set
5ad238c42b1e159ee8f164515e0c4ee6c727c2fdtrawick up before reading the login form. Make sure the kept body filter
ba00c3b7c20f00ce631b89ae3b1cd3bae8d1b165rbb is correctly inserted to ensure the body can be read a second
ba00c3b7c20f00ce631b89ae3b1cd3bae8d1b165rbb time safely should the authn be successful. [Graham Leggett,
ba00c3b7c20f00ce631b89ae3b1cd3bae8d1b165rbb Ruediger Pluem]
ba00c3b7c20f00ce631b89ae3b1cd3bae8d1b165rbb *) mod_request: Insert the KEPT_BODY filter via the insert_filter
ba00c3b7c20f00ce631b89ae3b1cd3bae8d1b165rbb hook instead of during fixups. Add a safety check to ensure the
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb filters cannot be inserted more than once. [Graham Leggett,
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb Ruediger Pluem]
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb *) ap_cache_cacheable_headers_out() will (now) always
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb merge an error headers _before_ clearing them and _before_
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb merging in the actual entity headers and doing normal
6e954603b02f2b7d4ad80af17d9b3cc6f0bacf69rbb hop-by-hop cleansing. [Dirk-Willem van Gulik].
fa449f5bc87c5d87c4c60e778c9c882e7254de7ejwoolley *) cache: retire ap_cache_cacheable_hdrs_out() which was used
fa449f5bc87c5d87c4c60e778c9c882e7254de7ejwoolley for both in- and out-put headers; and replace it by a single
fa449f5bc87c5d87c4c60e778c9c882e7254de7ejwoolley ap_cache_cacheable_headers() wrapped in a in- and out-put
fa449f5bc87c5d87c4c60e778c9c882e7254de7ejwoolley specific ap_cache_cacheable_headers_in()/out(). The latter
fa449f5bc87c5d87c4c60e778c9c882e7254de7ejwoolley which will also merge error and ensure content-type. To keep
1c0b7c3bdace07946457fa7ba04b7f97b6599792rbb cache modules consistent with ease. This API change bumps
227d23a7db41dd89f52391c9356dbb1adcd675e0jwoolley up the minor MM by one [Dirk-Willem van Gulik].
227d23a7db41dd89f52391c9356dbb1adcd675e0jwoolley *) Move the KeptBodySize directive, kept_body filters and the
227d23a7db41dd89f52391c9356dbb1adcd675e0jwoolley ap_parse_request_body function out of the http module and into a
227d23a7db41dd89f52391c9356dbb1adcd675e0jwoolley new module called mod_request, reducing the size of the core.
227d23a7db41dd89f52391c9356dbb1adcd675e0jwoolley [Graham Leggett]
17bc0e8f2e3816e25bc8fd3fadf39357340aebd0jerenkrantz *) mod_dbd: Handle integer configuration directive parameters with a
17bc0e8f2e3816e25bc8fd3fadf39357340aebd0jerenkrantz dedicated function.
17bc0e8f2e3816e25bc8fd3fadf39357340aebd0jerenkrantz *) Change the directives within the mod_session* modules to be valid
17bc0e8f2e3816e25bc8fd3fadf39357340aebd0jerenkrantz both inside and outside the location/directory sections, as
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb suggested by wrowe. [Graham Leggett]
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb *) mod_auth_form: Add a module capable of allowing end users to log
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb in using an HTML form, storing the credentials within mod_session.
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb [Graham Leggett]
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb *) Add a function to the http filters that is able to parse an HTML
e6cc28a5eb3371ba0c38e941855e71ff0054f50erbb form request with the type of application/x-www-form-urlencoded.
cf233fb4b439415a2bf7bab7e622afd994e0bebftrawick [Graham Leggett]
cf233fb4b439415a2bf7bab7e622afd994e0bebftrawick *) mod_session_crypto: Initialise SSL in the post config hook.
cf233fb4b439415a2bf7bab7e622afd994e0bebftrawick [Ruediger Pluem, Graham Leggett]
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames *) mod_session_dbd: Add a session implementation capable of storing
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames session information in a SQL database via the dbd interface. Useful
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames for sites where session privacy is important. [Graham Leggett]
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames *) mod_session_crypto: Add a session encoding implementation capable
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames of encrypting and decrypting sessions wherever they may be stored.
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames Introduces a level of privacy when sessions are stored on the
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames browser. [Graham Leggett]
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames *) mod_session_cookie: Add a session implementation capable of storing
2a20a2f8432a15b530e0a6b0998c32f40aef82a8gregames session information within cookies on the browser. Useful for high
8d49090fd56a8ce06c7f7135f19e5ff8e24b5ff3gregames volume sites where server bound sessions are too resource intensive.
f99bffd6087564cf9c05cc29d1c6b38d94e0ed30gregames [Graham Leggett]
270609308f247c5e934b400b5f1691c2cca16c61jerenkrantz *) mod_session: Add a generic session interface to unify the different
270609308f247c5e934b400b5f1691c2cca16c61jerenkrantz attempts at saving persistent sessions across requests.
8458877c9ba0af86acd590eea531476adde3d02dmartin [Graham Leggett]
8458877c9ba0af86acd590eea531476adde3d02dmartin *) core, authn/z: Avoid calling access control hooks for internal requests
8458877c9ba0af86acd590eea531476adde3d02dmartin with configurations which match those of initial request. Revert to
8458877c9ba0af86acd590eea531476adde3d02dmartin original behaviour (call access control hooks for internal requests
644be6f54749d2d9950d2c4d2ac448f7af016d26martin with URIs different from initial request) if any access control hooks or
644be6f54749d2d9950d2c4d2ac448f7af016d26martin providers are not registered as permitting this optimization.
644be6f54749d2d9950d2c4d2ac448f7af016d26martin Introduce wrappers for access control hook and provider registration
644be6f54749d2d9950d2c4d2ac448f7af016d26martin which can accept additional mode and flag data. [Chris Darroch]
b30b04f639d479b96cc08c43ffa34c92ba275676ianh *) Introduced ap_expr API for expression evaluation.
b30b04f639d479b96cc08c43ffa34c92ba275676ianh This is adapted from mod_include, which is the first module
b30b04f639d479b96cc08c43ffa34c92ba275676ianh to use the new API.
c4fbc4018fd2b6716673a38ee27eeb36cba41c5djwoolley *) mod_authz_dbd: When redirecting after successful login/logout per
c4fbc4018fd2b6716673a38ee27eeb36cba41c5djwoolley AuthzDBDRedirectQuery, do not report authorization failure, and use
f4e4643c309e5b5da60e13f9a25984d54b307caawrowe first row returned by database query instead of last row.
f4e4643c309e5b5da60e13f9a25984d54b307caawrowe [Chris Darroch]
2548497d480c4f3e9b3fe14711bd510aa2157434gregames *) mod_ldap: Correctly return all requested attribute values
2548497d480c4f3e9b3fe14711bd510aa2157434gregames when some attributes have a null value.
2548497d480c4f3e9b3fe14711bd510aa2157434gregames PR 44560 [Anders Kaseorg <anders kaseorg.com>]
0e58e92812f2f679d6bf2ff66cbcfa6c1d1e14bbjerenkrantz *) core: check symlink ownership if both FollowSymlinks and
da6e93dca0222159650783802e23172e3160605egregames SymlinksIfOwnerMatch are set [Nick Kew]
da6e93dca0222159650783802e23172e3160605egregames *) core: fix origin checking in SymlinksIfOwnerMatch
c927e13f298c42251296d33cc1fa3eb8232b843daaron PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
c927e13f298c42251296d33cc1fa3eb8232b843daaron *) Activate mod_cache, mod_file_cache and mod_disk_cache as part of the
c927e13f298c42251296d33cc1fa3eb8232b843daaron 'most' set for '--enable-modules' and '--enable-shared-mods'. Include
c927e13f298c42251296d33cc1fa3eb8232b843daaron mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
9126ed10455a2a98a3a51c68ed1b356e1873e8e6aaron *) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these
9126ed10455a2a98a3a51c68ed1b356e1873e8e6aaron contain public function declarations which are useful for
9126ed10455a2a98a3a51c68ed1b356e1873e8e6aaron third party module authors. PR 42431 [Dirk-Willem van Gulik].
fa3ca21e09bac0dbc2045e9f53963ba46cfed5b1trawick *) mod_dir, mod_negotiation: pass the output filter information
fa3ca21e09bac0dbc2045e9f53963ba46cfed5b1trawick to newly created sub requests; as these are later on used
fa3ca21e09bac0dbc2045e9f53963ba46cfed5b1trawick as true requests with an internal redirect. This allows for
18acb2c0df442ead1d075a1a2207cbb197725b14coar mod_cache et.al. to trap the results of the redirect.
18acb2c0df442ead1d075a1a2207cbb197725b14coar [Dirk-Willem van Gulik, Ruediger Pluem]
18acb2c0df442ead1d075a1a2207cbb197725b14coar *) mod_ldap: Add support (taking advantage of the new APR capability)
617f972690d850a52cd4e9ef2f32d356e0fae715aaron for ldap rebind callback while chasing referrals. This allows direct
617f972690d850a52cd4e9ef2f32d356e0fae715aaron searches on LDAP servers (in particular MS Active Directory 2003+)
617f972690d850a52cd4e9ef2f32d356e0fae715aaron using referrals without the use of the global catalog.
617f972690d850a52cd4e9ef2f32d356e0fae715aaron PRs 26538, 40268, and 42557 [Paul J. Reder]
9278d5393ef084f4fc6d7ec8641af5959442c157jwoolley *) ApacheMonitor.exe: Introduce --kill argument for use by the
9278d5393ef084f4fc6d7ec8641af5959442c157jwoolley installer. This will permit the installation tool to remove
9278d5393ef084f4fc6d7ec8641af5959442c157jwoolley all running instances before attempting to remove the .exe.
022cff78006f698453640e0a0e97cc5f8c9de59drbb [William Rowe]
022cff78006f698453640e0a0e97cc5f8c9de59drbb *) mod_ssl: Add support for OCSP validation of client certificates.
022cff78006f698453640e0a0e97cc5f8c9de59drbb PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
526a776292f420ffeea0d081c61971ed381fad20stoddard *) mod_serf: New module for Reverse Proxying. [Paul Querna]
526a776292f420ffeea0d081c61971ed381fad20stoddard *) core: Add the option to keep aside a request body up to a certain
526a776292f420ffeea0d081c61971ed381fad20stoddard size that would otherwise be discarded, to be consumed by filters
526a776292f420ffeea0d081c61971ed381fad20stoddard such as mod_include. When enabled for a directory, POST requests
526a776292f420ffeea0d081c61971ed381fad20stoddard to shtml files can be passed through to embedded scripts as POST
526a776292f420ffeea0d081c61971ed381fad20stoddard requests, rather being downgraded to GET requests. [Graham Leggett]
526a776292f420ffeea0d081c61971ed381fad20stoddard *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
452d2fd15cebd2da9331d5d765558a60b488c1a9rbb *) scoreboard: Correctly declare ap_time_process_request.
62ddc9851530478919d169ba9c34b80f60cf7718trawick *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
62ddc9851530478919d169ba9c34b80f60cf7718trawick from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
62ddc9851530478919d169ba9c34b80f60cf7718trawick provide the unusual legacy lookup. [William Rowe]
904d7bf799c6216beb34519463596b4fce630308wrowe *) mpm winnt: fix null pointer dereference
904d7bf799c6216beb34519463596b4fce630308wrowe PR 42572 [Davi Arnaut]
904d7bf799c6216beb34519463596b4fce630308wrowe *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
904d7bf799c6216beb34519463596b4fce630308wrowe parameters to the environment. Improve portability to
904d7bf799c6216beb34519463596b4fce630308wrowe EBCDIC machines by using apr_toupper(). [Martin Kraemer]
904d7bf799c6216beb34519463596b4fce630308wrowe *) mod_ldap, mod_authnz_ldap: Add support for nested groups (i.e. the ability
17a4c6968b2fa692ff4dde12fe305230ee6b0421aaron to authorize an authenticated user via a "require ldap-group X" directive
17a4c6968b2fa692ff4dde12fe305230ee6b0421aaron where the user is not in group X, but is in a subgroup contained in X.
17a4c6968b2fa692ff4dde12fe305230ee6b0421aaron PR 42891 [Paul J. Reder]
83b031099aa3dc8a5fd2f708e397818cbd16c9aajerenkrantz *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
83b031099aa3dc8a5fd2f708e397818cbd16c9aajerenkrantz *) apxs: Enhance -q flag to print all known variables and their values
01e77cadbd9ad4962993380245bcc033dde523e4rbb when invoked without variable name(s).
01e77cadbd9ad4962993380245bcc033dde523e4rbb [William Rowe, Sander Temme]
8ea9794272347cfdd92861f46295406649f01afatrawick *) apxs: Eliminate run-time check for mod_so. PR 40653.
8ea9794272347cfdd92861f46295406649f01afatrawick [David M. Lee <dmlee crossroads.com>]
8ea9794272347cfdd92861f46295406649f01afatrawick *) beos MPM: Create pmain pool and run modules' child_init hooks when
b900452c9c36031434d318880f023c0fb9143325rbb entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
b900452c9c36031434d318880f023c0fb9143325rbb [Chris Darroch]
b900452c9c36031434d318880f023c0fb9143325rbb *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
b900452c9c36031434d318880f023c0fb9143325rbb cleanups registered in modules' child_init hooks are performed.
b900452c9c36031434d318880f023c0fb9143325rbb [Chris Darroch]
b900452c9c36031434d318880f023c0fb9143325rbb *) Fix issue which could cause error messages to be written to access logs
8b666e1fb772b6fe45de3604b224f3e1f2cfd620rbb *) The LockFile directive, which specifies the location of
c453a141db60a5b19649eac508f4851a8729c556rbb the accept() mutex lockfile, is deprecated. Instead, the
c453a141db60a5b19649eac508f4851a8729c556rbb AcceptMutex directive now takes an optional lockfile
c453a141db60a5b19649eac508f4851a8729c556rbb location parameter, ala SSLMutex. [Jim Jagielski]
8b91dcac0e1ef7796c72d16b0962267313cac486jerenkrantz *) mod_authn_dbd: Export any additional columns queried in the SQL select
8b91dcac0e1ef7796c72d16b0962267313cac486jerenkrantz into the environment with the name AUTHENTICATE_<COLUMN>. This brings
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe *) mod_dbd: Key the storage of prepared statements on the hex string
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe value of server_rec, rather than the server name, as the server name
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe may change (eg when the server name is set) at any time, causing
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
7dfed2b71c9c4223996cbd7c5c0c85c7c8fef2a4rbb *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
6ce942b017db75b559a42bdc2d7b8ea9e869a956wrowe the first bucket from the brigade, finds it not to be a FILE
7dfed2b71c9c4223996cbd7c5c0c85c7c8fef2a4rbb bucket and barfs. The fix is to pass a bucket rather than a brigade.
574f6ff9ee80ef4f772649c5c8319b764a8abe42jerenkrantz [Niklas Edmundsson <nikke acc.umu.se>]
574f6ff9ee80ef4f772649c5c8319b764a8abe42jerenkrantz *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
6d7d70dbda8e461d87f2d41e323755496ae3ebc7trawick *) ap_get_server_version() has been removed. Third-party modules must
6d7d70dbda8e461d87f2d41e323755496ae3ebc7trawick now use ap_get_server_banner() or ap_get_server_description().
22a25f3393393b781e214f4abef17950bcb8bbe3jerenkrantz [Jeff Trawick]
22a25f3393393b781e214f4abef17950bcb8bbe3jerenkrantz *) All MPMs: Introduce a check_config phase between pre_config and
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe open_logs, to allow modules to review interdependent configuration
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe directive values and adjust them while messages can still be logged
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe to the console. Handle relevant MPM directives during this phase
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe and format messages for both the console and the error log, as
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe appropriate. [Chris Darroch]
a310497ca9c5112d759871e1b7d9f6a40fb78bcfwrowe *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
8bda0627eb2aca9e678c1303a0423d33069388dfwrowe to circumvent the symbolic link checks imposed by FollowSymLinks and
de63b1eeff87cd19cf42bb83cca85381026965ddjerenkrantz SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb The default is none as this is far greater debugging resolution than
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb the typical administrator is prepared to untangle. [William Rowe]
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb *) mod_disk_cache: If possible, check if the size of an object to cache is
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb within the configured boundaries before actually saving data.
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb [Niklas Edmundsson <nikke acc.umu.se>]
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb *) Worker and event MPMs: Remove improper scoreboard updates which were
e36ef0d081aa59867688bcbb3da65952ec16fae3rbb performed in the event of a fork() failure. [Chris Darroch]
52df98b165194a0ad68885f49f81fdaf56ece568wrowe *) Add support for fcgi:// proxies to mod_rewrite.
52df98b165194a0ad68885f49f81fdaf56ece568wrowe [Markus Schiegl <ms schiegl.com>]
2c294c31addd5c957bafe6e78c4a30d423ad6e80rbb *) Remove incorrect comments from scoreboard.h regarding conditional
2c294c31addd5c957bafe6e78c4a30d423ad6e80rbb loading of worker_score structure with mod_status, and remove unused
2c294c31addd5c957bafe6e78c4a30d423ad6e80rbb definitions relating to old life_status field.
7e44dd5082cd865068285e8f915bb5f045e0bb80lars [Chris Darroch <chrisd pearsoncmg.com>]
7e44dd5082cd865068285e8f915bb5f045e0bb80lars *) Remove allocation of memory for unused array of lb_score pointers
7e44dd5082cd865068285e8f915bb5f045e0bb80lars in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
44a4ee1140769173da7bc2b42d1a686e3260ad84wrowe *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
44a4ee1140769173da7bc2b42d1a686e3260ad84wrowe [Garrett Rooney, Jim Jagielski, Paul Querna]
44a4ee1140769173da7bc2b42d1a686e3260ad84wrowe *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
e379fc6d7f79163700290d92ce75deb4f3005301jerenkrantz [Chris Darroch <chrisd pearsoncmg.com>]
e379fc6d7f79163700290d92ce75deb4f3005301jerenkrantz *) mod_charset_lite: Remove Content-Length when output filter can
978faa9e29e0f0c42e66c07240e562325a4717b0jerenkrantz invalidate it. Warn when input filter can invalidate it.
978faa9e29e0f0c42e66c07240e562325a4717b0jerenkrantz [Jeff Trawick]
978faa9e29e0f0c42e66c07240e562325a4717b0jerenkrantz *) Authz: Add the new module mod_authn_core that will provide common
976501adbc040220270f7d1d77c4b8373033be69wrowe authn directives such as 'AuthType', 'AuthName'. Move the directives
976501adbc040220270f7d1d77c4b8373033be69wrowe 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
976501adbc040220270f7d1d77c4b8373033be69wrowe into mod_authn_core. [Brad Nicholes]
976501adbc040220270f7d1d77c4b8373033be69wrowe *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
976501adbc040220270f7d1d77c4b8373033be69wrowe into the new module mod_access_compat which can be loaded to provide
10a00688adcf1df367b1243810beedaabe6b1abeminfrin support for these directives.
10a00688adcf1df367b1243810beedaabe6b1abeminfrin [Brad Nicholes]
8a3a703eae0e35f674b189181609545c6fc77a09rbb *) Authz: Move the 'Require' directive from the core module as well as
8a3a703eae0e35f674b189181609545c6fc77a09rbb add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
8a3a703eae0e35f674b189181609545c6fc77a09rbb and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
8a3a703eae0e35f674b189181609545c6fc77a09rbb logic into the authorization processing. [Brad Nicholes]
9af1ccb223d0669b3c3a43eed070d815afde9084mjc *) Authz: Add the new module mod_authz_core which acts as the
9af1ccb223d0669b3c3a43eed070d815afde9084mjc authorization provider vector and contains common authz
9d41fafe32b324c197f25224207fc6ce34f085bfrbb directives. [Brad Nicholes]
9d41fafe32b324c197f25224207fc6ce34f085bfrbb *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
9d41fafe32b324c197f25224207fc6ce34f085bfrbb 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
889d9c84f8b1ad850f977a6d8e548696994f8f86jerenkrantz *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
889d9c84f8b1ad850f977a6d8e548696994f8f86jerenkrantz host-based access control provided by mod_authz_host and invoked
889d9c84f8b1ad850f977a6d8e548696994f8f86jerenkrantz through the 'Require' directive. [Brad Nicholes]
8c83461e53ca7d204e1d634f0c78199d60320d7bjerenkrantz *) Authz: Convert all of the authz modules from hook based to
8c83461e53ca7d204e1d634f0c78199d60320d7bjerenkrantz provider based. [Brad Nicholes]
8e5842bc05146bb5c171e53b00b24063d17c666cjerenkrantz *) mod_cache: Add CacheMinExpire directive to set the minimum time in
8e5842bc05146bb5c171e53b00b24063d17c666cjerenkrantz seconds to cache a document.
cdb15137887e284797e9510029098dc725b4dacfjerenkrantz [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
798c7c11dc2fe3b08e591e9c76fc1a84857f2cd4jerenkrantz *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
798c7c11dc2fe3b08e591e9c76fc1a84857f2cd4jerenkrantz *) Fix typo in ProxyStatus syntax error message.
798c7c11dc2fe3b08e591e9c76fc1a84857f2cd4jerenkrantz [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
abaaa634d7cee882b7c4bf078ded749ebf11997erbb *) Asynchronous write completion for the Event MPM. [Brian Pane]
abaaa634d7cee882b7c4bf078ded749ebf11997erbb *) Added an End-Of-Request bucket type. The logging of a request and
0aa8e8fd5a242948518655f2296b3c76386754e5jerenkrantz the freeing of its pool are now done when the EOR bucket is destroyed.
0aa8e8fd5a242948518655f2296b3c76386754e5jerenkrantz This has the effect of delaying the logging until right after the last
0aa8e8fd5a242948518655f2296b3c76386754e5jerenkrantz of the response is sent; ap_core_output_filter() calls the access logger
de3abad1fe263e577bb11e99b358836bd901397crbb indirectly when it destroys the EOR bucket. [Brian Pane]
de3abad1fe263e577bb11e99b358836bd901397crbb *) Rewrite of logresolve support utility: IPv6 addresses are now supported
de3abad1fe263e577bb11e99b358836bd901397crbb and the format of statistical output has changed. [Colm MacCarthaigh]
de3abad1fe263e577bb11e99b358836bd901397crbb *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
de3abad1fe263e577bb11e99b358836bd901397crbb *) Added new connection states for handler and write completion
de3abad1fe263e577bb11e99b358836bd901397crbb [Brian Pane]
0a549489abdb309ef25483431e1e5610ed4ba7a8gstein *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
0a549489abdb309ef25483431e1e5610ed4ba7a8gstein [Justin Erenkrantz]
0a549489abdb309ef25483431e1e5610ed4ba7a8gstein *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
0a549489abdb309ef25483431e1e5610ed4ba7a8gstein allowing string-valued client certificate attributes to be used for
14c6f2e13d97a4fafac1fbc247a274a298d5b418wrowe access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
14c6f2e13d97a4fafac1fbc247a274a298d5b418wrowe [Martin Kraemer, David Reid]
14c6f2e13d97a4fafac1fbc247a274a298d5b418wrowe [Apache 2.3.0-dev includes those bug fixes and changes with the
f00d1e76bae896c2f6a520eec69b1d0d802d4108jerenkrantz Apache 2.2.xx tree as documented, and except as noted, below.]
f00d1e76bae896c2f6a520eec69b1d0d802d4108jerenkrantzChanges with Apache 2.2.x and later:
58097d7d8d1a394092374b9f6ddf76b7993724a4rbb *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
58097d7d8d1a394092374b9f6ddf76b7993724a4rbbChanges with Apache 2.0.x and later: