CHANGES revision 854c7bc4128fa2ad9fdfe0fc307d5ef30bcb5bb9
71092d70af35567dd154d3de2ce04ce62e157a7cLennart PoetteringChanges with Apache 2.0.44
c904f64d84db8c4eebedf210ba10893f19ba05edLennart Poettering *) mod_isapi: Stop unsetting the 'empty' query string result with
c904f64d84db8c4eebedf210ba10893f19ba05edLennart Poettering a NULL argument in ecb->lpszQueryString, eliminating segfaults
f80781eaf9f927d7b4d5e66116e3f3a4242e6fa1Lennart Poettering for some ISAPI modules. PR 14399
f80781eaf9f927d7b4d5e66116e3f3a4242e6fa1Lennart Poettering [Detlev Vendt <detlev.vendt@brillit.de>]
05677bb78079c3fa0283101aac2c07581f4873f1Lennart Poettering *) mod_isapi: Fix an issue where the HSE_REQ_DONE_WITH_SESSION
73090dc815390f4fca4e3ed8a7e1d3806605daaaLennart Poettering notification is received before the HttpExtensionProc() returns
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering HSE_STATUS_PENDING. This only affected isapi .dll's configured
35c5c7a01daeb2c83c693deea07c8f2d0d6c83e2Lennart Poettering with the ISAPIFakeAsync on directive. PR 11918
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering [John DeSetto <jdesetto@radiantsystems.com>, William Rowe]
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers *) mod_isapi: Fix the issue where all results from mod_isapi would
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers run through the core die handler resulting in invalid responses
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers or access log entries. PR 10216 [William Rowe]
9a36607584bbd1d78775353e022a51794b4e27b1Lennart Poettering *) Improves the user friendliness of the CacheRoot processing
9a36607584bbd1d78775353e022a51794b4e27b1Lennart Poettering over my last pass. This version avoids the pool allocations
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering but doesn't avoid all of the runtime checks. It no longer
effe639c6a66123a7c6626cb9129f6bcbb41b3aeLennart Poettering terminates during post-config processing. An error is logged
25d6283acfeb87730c2c0c4c2ef76a66fa397e87Lennart Poettering once per worker, indicating that the CacheRoot needs to be set.
25d6283acfeb87730c2c0c4c2ef76a66fa397e87Lennart Poettering [Paul J. Reder]
effe639c6a66123a7c6626cb9129f6bcbb41b3aeLennart Poettering *) Fix a bug where we keep files open until the end of a
a6eb9147a820d1c08b315867373a21bd0ece2f05Lennart Poettering keepalive connection, which can result in:
a6eb9147a820d1c08b315867373a21bd0ece2f05Lennart Poettering (24)Too many open files: file permissions deny server access
b011116d1829bde044a638cbabfb070a7e0e8fa7Kay Sievers especially on threaded servers. [Greg Ames, Jeff Trawick]
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering *) Fix a bug in which mod_proxy sent an invalid Content-Length
65c0cf7108ae3537a357c74b4586a783baba82f9Lennart Poettering when a proxied URL was invoked as a server-side include within
65c0cf7108ae3537a357c74b4586a783baba82f9Lennart Poettering a page generated in response to a form POST. [Brian Pane]
7ef5875d142f01ab4fe8d35412d48c10723ae2d4Lennart Poettering *) Added code to process min and max file size directives and to
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers init the expirychk flag in mod_disk_cache. Added a clarifying
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers comment to cache_util. [Paul J. Reder]
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers *) The value emitted by ServerSignature now mimics the Server HTTP
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers header as controlled by ServerTokens. [Francis Daly <deva@daoine.org>]
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers *) Gracefully handly retry situations in the SSL input filter,
a2f5666d06fe8233025738047115bb9e3959df3eLennart Poettering by following the SSL libraries' retry semantics.
a2f5666d06fe8233025738047115bb9e3959df3eLennart Poettering [William Rowe]
ab7f148f81723ef18402b78ea34fb5e1bbe85ff0Lennart Poettering *) Terminate CGI scripts when the client connection drops. This
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering fix only applies to some normal paths in mod_cgi. mod_cgid
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering is still busted. PR 8388 [Jeff Trawick]
c821bd28c2ecce8d35248d61949fe1c0c3030b6cLennart Poettering *) Fix a bug where 416 "Range not satisfiable" was being
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering returned for content that should have been redirected.
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering *) Fix memory leak in mod_ssl from internal SSL library allocations
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering within SSL_get_peer_certificate and X509_get_pubkey.
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering [Zvi Har'El <rl@math.technion.ac.il>
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>].
14e639ae7a1dbf156273ce697d30fbc6c6594209Lennart Poettering *) mod_ssl uses free() inappropriately in several places, to free
b38bb4937972546dcc60ab5ea4a7d4b898349c1cKay Sievers memory which has been previously allocated inside OpenSSL.
034a2a52ac0ec83e0229941d635d310b23eb04dfLennart Poettering Such memory should be freed with OPENSSL_free(), not with free().
ff01d048b4c1455241c894cf7982662c9d28fd34Lennart Poettering [Nadav Har'El <nyh@math.technion.ac.il>,
ff01d048b4c1455241c894cf7982662c9d28fd34Lennart Poettering Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>].
72b9ed828bd22f3ddd74b6853c183eebf006d6d8Lennart Poettering *) Emit a message to the error log when we return 404 because
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering the URI contained '%2f'. (This was previously nastily silent
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering and difficult to debug.) [Ken Coar]
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering *) Fix streaming output from an nph- CGI script. CGI:IRC now
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering works. PR 8482 [Jeff Trawick]
0a55b298d930543c8065bb9e708dd112562b1736Lennart Poettering *) More accurate logging of bytes sent in mod_logio when
97f73ffb04947acf0a5854e3a7bdbb7a0105f6faLennart Poettering the client terminates the connection before the response
97f73ffb04947acf0a5854e3a7bdbb7a0105f6faLennart Poettering is completely sent [Bojan Smojver <bojan@rexursive.com>]
85f248b26653f5322c26735661d63d4e8460c30eLennart Poettering *) Fix some problems in the perchild MPM.
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering [Jonas Eriksson <jonas@webkonsulterna.com>]
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering *) Change the CacheRoot processing to check for a required
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering value at config time. This saves a lot of wasted processing
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering if the mod_disk_cache module is loaded but no CacheRoot
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering was provided. This fix also adds code to log an error
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering and avoid useless pallocs and procesing when the computed
d3fc81bd6a5a046b22600ac1204df220c93d2c15Lennart Poettering cache file name cannot be opened. This also updates the
d3fc81bd6a5a046b22600ac1204df220c93d2c15Lennart Poettering docs accordingly. [Paul J. Reder]
d3fc81bd6a5a046b22600ac1204df220c93d2c15Lennart Poettering *) Introduce the EnableSendfile directive, allowing users of NFS
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering shares to disable sendfile mechanics when they either fail
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering outright or provide intermitantly corrupted data. PR
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering [William Rowe]
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering *) Resolve the error "An operation was attempted on something
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering that is not a socket. : winnt_accept: AcceptEx failed.
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering Attempting to recover." for users of various firewall and
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering anti-virus software on Windows. PR 8325 [William Rowe]
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering *) Add the ProxyBadHeader directive, which gives the admin some
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering control on how mod_proxy should handle bogus HTTP headers from
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering proxied servers. This allows 2.0 to "emulate" 1.3's behavior if
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering desired. [Jim Jagielski]
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering *) Change the LDAP modules to export their symbols correctly
4ecda405d1c26f82fb7afe96ea4c48ca1bd19e17Lennart Poettering during a Windows build. Add dsp files for Windows. Update
4ecda405d1c26f82fb7afe96ea4c48ca1bd19e17Lennart Poettering README.ldap file for Windows build instructions.
b23de6af893c11da4286bc416455cd0926d1532eLennart Poettering [Andre Schild <A.Schild@aarboard.ch>]
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering *) Performance improvements for the code that generates HTTP
adf70c5e4e6673353b8d702baee4e1d21eb05dfeKay Sievers response headers [Brian Pane]
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering *) Add -S as a synonym for -t -DDUMP_VHOSTS.
9534ce54858c67363b841cdbdc315140437bfdb4Lennart Poettering [Thom May <thom@planetarytramp.net>]
19bc719ec28e731159671b06254d9bfd49014894Lennart Poettering *) Fix a bug with dbm rewrite maps which caused the wrong value to
73090dc815390f4fca4e3ed8a7e1d3806605daaaLennart Poettering be used when the key was not found in the dbm. PR 13204
c798c40ec957a35cd4b7d04a196a9e58880c6ff3Lennart Poettering [Jeff Trawick]
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering *) Fix a problem with streaming script output and mod_cgid.
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering [Jeff Trawick]
7a2a0b907b5cc60f5d9a871997d7d6e7f62bf4d8Lennart Poettering *) Add ap_register_provider/ap_lookup_provider API.
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering [John K. Sterling <john@sterls.com>, Justin Erenkrantz]
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering *) Rewrite of aaa modules to an authn/authz model.
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering [Dirk-Willem van Gulik, Justin Erenkrantz]
f957632b960a0a42999b38ded7089fa602b41745Kay SieversChanges with Apache 2.0.43
73090dc815390f4fca4e3ed8a7e1d3806605daaaLennart Poettering *) SECURITY: [CAN-2002-0840] HTML-escape the address produced by
44143309dd0b37d61d7d842ca58f01a65646ec71Kay Sievers ap_server_signature() against this cross-site scripting
3d57c6ab801f4437f12948e29589e3d00c3ad9dbLennart Poettering vulnerability exposed by the directive 'UseCanonicalName Off'.
b9a2a36b519ccd79c4198e7dda4e657d597a14adLennart Poettering Also HTML-escape the SERVER_NAME environment variable for CGI
b9a2a36b519ccd79c4198e7dda4e657d597a14adLennart Poettering and SSI requests. It's safe to escape as only the '<', '>',
ba1a55152c50dfbcd3d4a64353b95f4a2f37985eLennart Poettering and '&' characters are affected, which won't appear in a valid
9408a2d295a312a5472345090e28e0502570494bLennart Poettering hostname. Reported by Matthew Murphy <mattmurphy@kc.rr.com>.
f9276855a1d270b6c3f857cdaf2c4b49920c2228Lennart Poettering *) Fix a core dump in mod_cache when it attemtped to store uncopyable
f9276855a1d270b6c3f857cdaf2c4b49920c2228Lennart Poettering buckets. This happened, for instance, when a file to be cached
260abb780a135e4cae8c10715c7e85675efc345aLennart Poettering contained SSI tags to execute a CGI script (passed as a pipe
260abb780a135e4cae8c10715c7e85675efc345aLennart Poettering bucket). [Paul J. Reder]
2791a8f8dc8764a9247cdba3562bd4c04010f144Lennart Poettering *) Ensure that output already available is flushed to the network
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering when the content-length filter realizes that no new output will
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering be available for a while. This helps some streaming CGIs as
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering well as some other dynamically-generated content. [Jeff Trawick]
c32e0c40f7e706e3ebcd101187d5ced96f083491Lennart Poettering *) Fix a mutex problem in mod_ssl session cache support which