CHANGES revision 77ca16c5676da23155311e13cee61e7eaba9fa3e
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley -*- coding: utf-8 -*-
0e9b328d62f6b051113287e6bade704bff66a009Tinderbox UserChanges with Apache 2.5.0
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_status, mod_echo: Fix the display of client addresses.
ec5347e2c775f027573ce5648b910361aa926c01Automatic Updater They were truncated to 31 characters which is not enough for IPv6 addresses.
dd750c560ae48cf6caeb9a9fe81d33fc4746106dBrian Wellington PR 54848 [Bernhard Schmidt <berni birkenwald de>]
dd750c560ae48cf6caeb9a9fe81d33fc4746106dBrian Wellington *) mod_lua: If the first yield() of a LuaOutputFilter returns a string, it should
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews be prefixed to the response as documented. [Eric Covener]
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews *) mod_lua: Remove ETAG, Content-Length, and Content-MD5 when a LuaOutputFilter
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews is configured without mod_filter. [Eric Covener]
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews *) mod_lua: Register LuaOutputFilter scripts as changing the content and
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews content-length by default, when run my mod_filter. Previously,
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley growing or shrinking a response that started with Content-Length set
2eeb74d1cf5355dd98f6d507a10086e16bb08c4bTinderbox User would require mod_filter and FilterProtocol change=yes. [Eric Covnener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) mod_filter: Add "change=no" as a proto-flag to FilterProtocol
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt to remove a providers initial flags set at registration time.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt [Eric Covener]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_lua: Return a 500 error if a LuaHook* script doesn't return a
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt numeric return code. [Eric Covener]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) Add experimental cmake-based build system for Windows. [Jeff Trawick,
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley Tom Donovan]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_ldap: Change "LDAPReferrals off" to actually set the underlying LDAP
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley SDK option to OFF, and introduce "LDAPReferrals default" to take the SDK
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley default, sans rebind authentication callback.
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley [Jan Kaluza <jkaluza AT redhat.com>]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_authz_groupfile, mod_authz_user: Reduce severity of AH01671 and AH01663
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley from ERROR to DEBUG, since these modules do not know what mod_authz_core
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley is doing with their AUTHZ_DENIED return value. [Eric Covener]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_authnz_fcgi: New module to enable FastCGI authorizer
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein applications to authenticate and/or authorize clients.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Jeff Trawick]
f5d30e2864e048a42c4dc1134993ae7efdb5d6c3Mark Andrews *) mod_auth_basic: Add AuthBasicUseDigestAlgorithm directive to
c1a883f2e04d94e99c433b1f6cfd0c0338f4ed85Mark Andrews allow migration of passwords from digest to basic authentication.
3398334b3acda24b086957286288ca9852662b12Automatic Updater [Chris Darroch]
938440694b33cd752e9e4b71a526368b4811c177Tinderbox User *) core: Add util_fcgi.h and associated definitions and support
0e9b328d62f6b051113287e6bade704bff66a009Tinderbox User routines for FastCGI, based largely on mod_proxy_fcgi.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Jeff Trawick]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Jeff Trawick]
f5d30e2864e048a42c4dc1134993ae7efdb5d6c3Mark Andrews *) mod_unique_id: Use output of the PRNG rather than IP address and
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein pid, avoiding sleep() call and possible DNS issues at startup,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein plus improving randomness for IPv6-only hosts.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Jan Kaluza <jkaluza redhat.com>]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) core: Log a message at TRACE1 when the client aborts a connection.
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley [Eric Covener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt filter "none" to be specified in AuthLDAPURL. [Eric Covener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) mod_file_cache: mod_file_cache should be able to serve files that
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) core: merge AllowEncodedSlashes from the base configuration into
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt virtual hosts. [Eric Covener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) mod_headers: Add 'setifempty' command to Header and RequestHeader.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt [Eric Covener]
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) AIX: Install DSO's with "cp" instead of "install" in instdso.sh
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt [Eric Covener]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_ldap: Retry transient LDAP connection errors when they occur
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley during the authorization stage.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt [Eric Covener]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Eric Covener]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_deflate: permit compilation of mod_deflate against a zlib that has
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein been configured with -D Z_PREFIX, which redefines the token "deflate".
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Eric Covener]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein previously limited to 64MB. [Jens Låås <jelaas gmail.com>]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_auth_digest: Use the secret when generating nonces in all cases and
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein not only when AuthName is used in .htaccess files (this change may cause
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein problems if used with round robin load balancers). Don't regenerate the
f9f11eb54be19b7deedf3978496f71d81432a5eeJeremy Reed secret on graceful restarts. PR 54637 [Stefan Fritsch]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) ab: Add a new -l parameter in order not to check the length of the responses.
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley This can be usefull with dynamic pages.
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley PR9945, PR27888, PR42040 [<ccikrs1 cranbrook edu>]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_logio: new format-specifier %C (combined) which is the sum of received
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein and sent byte counts.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein PR54015 [Christophe Jaillet]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) core: Remove apr_brigade_flatten(), buffering and duplicated code
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley from the HTTP_IN filter, parse chunks in a single pass with zero copy.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein Reduce memory usage by 48 bytes per request. [Graham Leggett]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) core: Stop the HTTP_IN filter from attempting to write error buckets
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein to the output filters, which is bogus in the proxy case. Create a
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein clean mapping from APR codes to HTTP status codes, and use it where
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein needed. [Graham Leggett]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_proxy: Ensure network errors detected by the proxy are returned as
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews [Basant Kumar Kukreja <basant.kukreja sun.com>, Alejandro Alvarez
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) core, mod_ssl: Enable the ability for a module to reverse the sense of
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews a poll event from a read to a write or vice versa. This is a step on
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews the way to allow mod_ssl taking full advantage of the event MPM.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews [Graham Leggett]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_ldap: LDAP connections used for authentication were not respecting
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews LDAPConnectionPoolTimeout. PR 54587
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) core: ap_rgetline_core now pulls from r->proto_input_filters.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_proxy_html: process parsed comments immediately.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews Fixes bug where parsed comments may be lost. [Nick Kew]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) core: Add option to add valgrind support. Use it to reduce false positive
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews warnings in mod_ssl. [Stefan Fritsch]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews Cache the result of the most recent password hash verification for every
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews keep-alive connection. This saves some expensive calculations.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews [Stefan Fritsch]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) http: Remove support for Request-Range header sent by Navigator 2-3 and
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews MSIE 3. [Stefan Fritsch]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews conformance or to only log the found problems. [Stefan Fritsch]
48a866144e3b14efa6c51af05ef7641b23c7516dJeremy Reed *) core: Correctly parse an IPv6 literal host specification in an absolute
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews URL in the request line. [Stefan Fritsch]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_ssl: Add support for OpenSSL configuration commands [Stephen Henson]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) EventOpt MPM
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) core: Add LogLevelOverride directive that allows to override the
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein loglevel for clients from certain IPs. This also works for things
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein like the SSL handshake where <If> LogLevel ... </If> is evaluated
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein too late. [Stefan Fritsch]
48a866144e3b14efa6c51af05ef7641b23c7516dJeremy Reed *) core: Add new directive Warning to issue warnings from a configuration
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley file. Both Warning and Error now generate a timestamped log message.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Fabien Coelho]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley variables. [Stefan Fritsch]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) core: New directive RegisterHttpMethod for registering non-standard
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein HTTP methods. [Stefan Fritsch]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) core: New directive HttpProtocol which allows to disable HTTP/0.9
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein support. [Stefan Fritsch]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_allowhandlers: New module to forbid specific handlers for specific
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley directories. [Stefan Fritsch]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_systemd: New module, for integration with systemd on Linux.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Jan Kaluza <jkaluza redhat.com>]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) WinNT MPM: Store pid and generation for each thread in scoreboard
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein to allow tracking of threads from exiting children via mod_status
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley or other such mechanisms. [Jeff Trawick]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley *) mod_ssl: Catch missing or mismatched client cert/key pairs with
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley SSLProxyMachineCertificateFile/Path directives. PR 52212.
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley [Keith Burdis <keith burdis.org>, Joe Orton]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein mutexes (Mutex)
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley - mod_cache: thundering herd lock directory
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley - mod_ldap: shared memory cache
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews [Jeff Trawick]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) suexec: Add --enable-suexec-capabilites support on Linux, to use
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews setuid/setgid capability bits rather than a setuid root binary.
f6f1672b4e460571c418e43ae3bd0fae97e4c149Mark Andrews *) suexec: Add support for logging to syslog as an alternative to logging
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews to a file; configure --without-suexec-logfile --with-suexec-syslog.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews [Matthew Steele <mdsteele google.com>]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews be compiled by the build compiler instead of the host compiler.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews PR 51257. [Guenter Knauf]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) core: In maintainer mode, replace apr_palloc with a version that
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews initializes the allocated memory with non-zero values, except if
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_policy: Add a new testing module to help server administrators
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews enforce a configurable level of protocol compliance on their
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews servers and application servers behind theirs. [Graham Leggett]
0f78f780648806bcb3e374b7dafac73e6c558ea8Mark Andrews *) mod_firehose: Add a new debugging module able to record traffic
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley passing through the server in such a way that connections and/or
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein requests be reconstructed and replayed. [Graham Leggett]
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) mod_noloris
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) Simple MPM
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein [Apache 2.5.0-dev includes those bug fixes and changes with the
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob Halley Apache 2.4.xx tree as documented below, except as noted.]
6ea1b817e31b89a627e146fe69e23ea0a64c89ecBob HalleyChanges with Apache 2.4.x and later:
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
268a4475065fe6a8cd7cc707820982cf5e98f430Rob AusteinChanges with Apache 2.2.x and later:
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
268a4475065fe6a8cd7cc707820982cf5e98f430Rob AusteinChanges with Apache 2.0.x and later: