CHANGES revision 85af5dafbbd8ae9f496e4349ec0d7b0411439a71
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.5.0
5cb0075c38fc868730c4981e346845dad6c7ea58chrisd *) Suppress formatting of startup messages written to the console when
5cb0075c38fc868730c4981e346845dad6c7ea58chrisd ErrorLogFormat is used. [Jeff Trawick]
5cb0075c38fc868730c4981e346845dad6c7ea58chrisd *) mod_authnz_ldap: Change default value of AuthLDAPMaxSubGroupDepth to 0
ffaa9771884a8664f0e6267efbe9d26b40000461trawick to avoid performance problems when subgroups aren't in use. [Eric Covener]
ffaa9771884a8664f0e6267efbe9d26b40000461trawick *) mod_syslog: New module implementing syslog ap_error_log provider.
ffaa9771884a8664f0e6267efbe9d26b40000461trawick Previously, this code was part of core, now it's in separate module.
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick [Jan Kaluza]
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick *) core: Add ap_errorlog_provider to make ErrorLog logging modular. Move
77c6374e145713c55bc3d6e648abe917b04921f3trawick syslog support from core to new mod_syslog. [Jan Kaluza]
77c6374e145713c55bc3d6e648abe917b04921f3trawick *) mod_proxy_fcgi: Handle reading protocol data that is split between
77c6374e145713c55bc3d6e648abe917b04921f3trawick packets. [Jeff Trawick]
4d12805e6c18253040223ea637acd6b3b3c18f60jorton *) mod_proxy_fcgi: Remove 64K limit on encoded length of all envvars.
4d12805e6c18253040223ea637acd6b3b3c18f60jorton An individual envvar with an encoded length of more than 16K will be
4d12805e6c18253040223ea637acd6b3b3c18f60jorton omitted. [Jeff Trawick]
f2287adf33e3664c55b421fd65c45f0e05fe6977covener *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
f2287adf33e3664c55b421fd65c45f0e05fe6977covener TE/CL conflicts. [Yann Ylavic <ylavic.dev gmail com>, Jim Jagielski]
e5d909f2b06bd880fb3675cd49363df981caa631trawick *) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener 30 seconds timeout. [Jan Kaluza]
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
cb666b29f81df1d11d65002250153353568021fccovener save the socket for reuse by the next worker as if it were an
cb666b29f81df1d11d65002250153353568021fccovener APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener]
6a80c3c6f4b8ea7ba5e89402b8b779b09ce020e0covener *) mod_cache: Avoid a crash with strcmp() when the hostname is not provided.
1c2cab00d988fc48cbe59032cf76cc0bab20d6f7covener [Graham Leggett]
45dffe6c346dd73571ccaead10295fc7d53b59a6covener *) mod_lua: Add rudimentary support for WebSocket interaction. This is
45dffe6c346dd73571ccaead10295fc7d53b59a6covener currently request-bound and only supports the WS protocol. [Daniel Gruno]
75a230a728338d84dcfe81edd375352f34de22d0covener *) mod_lua: Add getcookie/setcookie for reading/writing HTTP cookies
75a230a728338d84dcfe81edd375352f34de22d0covener [Daniel Gruno]
3694b0116c5729804ed6a5ce119bd8efda116c7fcovener *) WinNT MPM: Don't crash during child process initialization if the
3694b0116c5729804ed6a5ce119bd8efda116c7fcovener Listen protocol is unrecognized. [Jeff Trawick]
3694b0116c5729804ed6a5ce119bd8efda116c7fcovener *) mod_lua: Add a logging hook for modifying/skipping logs. [Daniel Gruno]
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener *) mod_status, mod_echo: Fix the display of client addresses.
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener They were truncated to 31 characters which is not enough for IPv6 addresses.
63a5ea80bddcc84a462e40f402b4f330e0e05411covener PR 54848 [Bernhard Schmidt <berni birkenwald de>]
63a5ea80bddcc84a462e40f402b4f330e0e05411covener *) mod_lua: If the first yield() of a LuaOutputFilter returns a string, it should
63a5ea80bddcc84a462e40f402b4f330e0e05411covener be prefixed to the response as documented. [Eric Covener]
986f3ea2c314d4d4b3b937149853a0f23f6119aaminfrin *) mod_lua: Remove ETAG, Content-Length, and Content-MD5 when a LuaOutputFilter
986f3ea2c314d4d4b3b937149853a0f23f6119aaminfrin is configured without mod_filter. [Eric Covener]
65a4e663b82f8bce28ac22ab2edfd7502de36998sf *) mod_lua: Register LuaOutputFilter scripts as changing the content and
65a4e663b82f8bce28ac22ab2edfd7502de36998sf content-length by default, when run my mod_filter. Previously,
65a4e663b82f8bce28ac22ab2edfd7502de36998sf growing or shrinking a response that started with Content-Length set
c7de1955eb0eaeabf7042902476397692672d549sf would require mod_filter and FilterProtocol change=yes. [Eric Covnener]
509622419be000045d461ef38fb97df778fdf81djailletc *) mod_lua: Return a 500 error if a LuaHook* script doesn't return a
509622419be000045d461ef38fb97df778fdf81djailletc numeric return code. [Eric Covener]
0b9de55d178312ec929dbe417dd61199b269991djailletc *) Add experimental cmake-based build system for Windows. [Jeff Trawick,
0b9de55d178312ec929dbe417dd61199b269991djailletc Tom Donovan]
0b9de55d178312ec929dbe417dd61199b269991djailletc *) mod_authnz_fcgi: New module to enable FastCGI authorizer
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin applications to authenticate and/or authorize clients.
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin [Jeff Trawick]
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin *) mod_auth_basic: Add AuthBasicUseDigestAlgorithm directive to
a511a29faf2ff7ead3b67680154a624effb31aafminfrin allow migration of passwords from digest to basic authentication.
a511a29faf2ff7ead3b67680154a624effb31aafminfrin [Chris Darroch]
a511a29faf2ff7ead3b67680154a624effb31aafminfrin *) core: Add util_fcgi.h and associated definitions and support
a511a29faf2ff7ead3b67680154a624effb31aafminfrin routines for FastCGI, based largely on mod_proxy_fcgi.
63921358ef93fcb41bc71d9894221ba3d7fbb87bminfrin [Jeff Trawick]
63921358ef93fcb41bc71d9894221ba3d7fbb87bminfrin *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
deec48c67d4786bc77112ffbf3a4e70b931097edminfrin [Jeff Trawick]
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin *) mod_unique_id: Use output of the PRNG rather than IP address and
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin pid, avoiding sleep() call and possible DNS issues at startup,
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin plus improving randomness for IPv6-only hosts.
2c487ac43b583db869e743772a7a10b278aa2bcfminfrin [Jan Kaluza <jkaluza redhat.com>]
2c487ac43b583db869e743772a7a10b278aa2bcfminfrin *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
2c487ac43b583db869e743772a7a10b278aa2bcfminfrin filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
2c487ac43b583db869e743772a7a10b278aa2bcfminfrin filter "none" to be specified in AuthLDAPURL. [Eric Covener]
684e0cfc200f66287a93bbd1708d1dd8a92a7eefcovener *) mod_file_cache: mod_file_cache should be able to serve files that
5c43d2fb853f84497b5ece2d414ef9484aa87e5fsf haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
05a5a9c3e16f21566e1b61f4bd68025ce1b741ccjoes *) core: merge AllowEncodedSlashes from the base configuration into
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq virtual hosts. [Eric Covener]
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq *) AIX: Install DSO's with "cp" instead of "install" in instdso.sh
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq [Eric Covener]
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq [Eric Covener]
413ee814748f37be168ff12407fa6dba0ceeabe6trawick *) mod_deflate: permit compilation of mod_deflate against a zlib that has
c12917da693bae4028a1d5a5e8224bceed8c739dsf been configured with -D Z_PREFIX, which redefines the token "deflate".
c12917da693bae4028a1d5a5e8224bceed8c739dsf [Eric Covener]
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf previously limited to 64MB. [Jens Låås <jelaas gmail.com>]
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf *) mod_auth_digest: Use the secret when generating nonces in all cases and
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sf not only when AuthName is used in .htaccess files (this change may cause
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sf problems if used with round robin load balancers). Don't regenerate the
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sf secret on graceful restarts. PR 54637 [Stefan Fritsch]
4576c1a9ef54cd1e5555ee07d016a7f559f80338sf *) ab: Add a new -l parameter in order not to check the length of the responses.
4576c1a9ef54cd1e5555ee07d016a7f559f80338sf This can be usefull with dynamic pages.
9811aed12bbc71783d2e544ccb5fecd193843eadsf PR9945, PR27888, PR42040 [<ccikrs1 cranbrook edu>]
9811aed12bbc71783d2e544ccb5fecd193843eadsf *) mod_logio: new format-specifier %C (combined) which is the sum of received
1366443dc565c33e7b449ae428bbfc4c86f33935drh and sent byte counts.
1366443dc565c33e7b449ae428bbfc4c86f33935drh PR54015 [Christophe Jaillet]
88fac54d9d64f85bbdab5d7010816f4377f95bd7rjung *) core: Remove apr_brigade_flatten(), buffering and duplicated code
bd3f5647b96d378d9c75c954e3f13582af32c643sf from the HTTP_IN filter, parse chunks in a single pass with zero copy.
bd3f5647b96d378d9c75c954e3f13582af32c643sf Reduce memory usage by 48 bytes per request. [Graham Leggett]
bd3f5647b96d378d9c75c954e3f13582af32c643sf *) core: Stop the HTTP_IN filter from attempting to write error buckets
bd3f5647b96d378d9c75c954e3f13582af32c643sf to the output filters, which is bogus in the proxy case. Create a
2a7beea91d46beb41f043a84eaad060047ee04aafabien clean mapping from APR codes to HTTP status codes, and use it where
2a7beea91d46beb41f043a84eaad060047ee04aafabien needed. [Graham Leggett]
2a7beea91d46beb41f043a84eaad060047ee04aafabien *) mod_proxy: Ensure network errors detected by the proxy are returned as
584a85dd4047e38d3ed3a29b6662fcc9d100ae4csf 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
584a85dd4047e38d3ed3a29b6662fcc9d100ae4csf compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
f21e9e3d0bfb7a507ecc5bc963f2159d693503d1sf *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
f21e9e3d0bfb7a507ecc5bc963f2159d693503d1sf [Basant Kumar Kukreja <basant.kukreja sun.com>, Alejandro Alvarez
f6b9c755a0b793e8a3a3aebd327ca20a86478117sf *) core, mod_ssl: Enable the ability for a module to reverse the sense of
f6b9c755a0b793e8a3a3aebd327ca20a86478117sf a poll event from a read to a write or vice versa. This is a step on
132ee6ac1c26d6e8953836316ba50734eefab47bsf the way to allow mod_ssl taking full advantage of the event MPM.
132ee6ac1c26d6e8953836316ba50734eefab47bsf [Graham Leggett]
85eacfc96a04547ef25aabbc06440039715084c2jorton *) mod_ldap: LDAP connections used for authentication were not respecting
85eacfc96a04547ef25aabbc06440039715084c2jorton LDAPConnectionPoolTimeout. PR 54587
79223c59f9f8cc58860761b62996e25029659627rjung *) core: ap_rgetline_core now pulls from r->proto_input_filters.
f4ca9f6f002fece336168a16355434ca966f96a9trawick *) mod_proxy_html: process parsed comments immediately.
536d2e7cd1fdec1255b8c3bdf41fdc714c506a54trawick Fixes bug where parsed comments may be lost. [Nick Kew]
536d2e7cd1fdec1255b8c3bdf41fdc714c506a54trawick *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
70caa242e6b90e0d6f0fabb56b8c5c2fb51717b3jorton *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
70caa242e6b90e0d6f0fabb56b8c5c2fb51717b3jorton *) core: Add option to add valgrind support. Use it to reduce false positive
79c5787b92ac5f0e1cc82393816c77a006399316trawick warnings in mod_ssl. [Stefan Fritsch]
79c5787b92ac5f0e1cc82393816c77a006399316trawick *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
79c5787b92ac5f0e1cc82393816c77a006399316trawick Cache the result of the most recent password hash verification for every
c967bf3bc89e8aa60dbd30d9da388e448ddc1cc4trawick keep-alive connection. This saves some expensive calculations.
79c5787b92ac5f0e1cc82393816c77a006399316trawick [Stefan Fritsch]
79c5787b92ac5f0e1cc82393816c77a006399316trawick *) http: Remove support for Request-Range header sent by Navigator 2-3 and
79c5787b92ac5f0e1cc82393816c77a006399316trawick MSIE 3. [Stefan Fritsch]
7b395e4e878c28a4784919cfd2e704ddd14a3390jorton *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
7b395e4e878c28a4784919cfd2e704ddd14a3390jorton conformance or to only log the found problems. [Stefan Fritsch]
7b395e4e878c28a4784919cfd2e704ddd14a3390jorton *) core: Correctly parse an IPv6 literal host specification in an absolute
536e48c08d674acac5d44929318f2ad928edc361jorton URL in the request line. [Stefan Fritsch]
e81785da447b469da66f218b3f0244aab507958djorton *) mod_ssl: Add support for OpenSSL configuration commands [Stephen Henson]
3e4e54d4e3fc0123c63d57aa84ac7ad7a8c73ff8jorton *) EventOpt MPM
3e4e54d4e3fc0123c63d57aa84ac7ad7a8c73ff8jorton *) core: Add LogLevelOverride directive that allows to override the
53e9b27aba029b18be814df40bcf6f0428771d1efuankg loglevel for clients from certain IPs. This also works for things
53e9b27aba029b18be814df40bcf6f0428771d1efuankg like the SSL handshake where <If> LogLevel ... </If> is evaluated
53e9b27aba029b18be814df40bcf6f0428771d1efuankg too late. [Stefan Fritsch]
53e9b27aba029b18be814df40bcf6f0428771d1efuankg *) core: Add new directive Warning to issue warnings from a configuration
6bb524f1895f30265a1431afc460977d391cb36bsf file. Both Warning and Error now generate a timestamped log message.
6bb524f1895f30265a1431afc460977d391cb36bsf [Fabien Coelho]
6bb524f1895f30265a1431afc460977d391cb36bsf *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin variables. [Stefan Fritsch]
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin *) core: New directive RegisterHttpMethod for registering non-standard
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin HTTP methods. [Stefan Fritsch]
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin *) core: New directive HttpProtocol which allows to disable HTTP/0.9
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin support. [Stefan Fritsch]
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) mod_allowhandlers: New module to forbid specific handlers for specific
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung directories. [Stefan Fritsch]
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) mod_systemd: New module, for integration with systemd on Linux.
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung [Jan Kaluza <jkaluza redhat.com>]
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) WinNT MPM: Store pid and generation for each thread in scoreboard
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung to allow tracking of threads from exiting children via mod_status
6249dfa569d3b4f1f539665b979a80c6e335d93etrawick or other such mechanisms. [Jeff Trawick]
0827cb14e550f6f65018431c22c2c913631c8f25kbrand *) mod_ssl: Catch missing or mismatched client cert/key pairs with
6249dfa569d3b4f1f539665b979a80c6e335d93etrawick SSLProxyMachineCertificateFile/Path directives. PR 52212.
ae600ca541efc686b34f8b1f21bd3d0741d37674covener [Keith Burdis <keith burdis.org>, Joe Orton]
cfa64348224b66dd1c9979b809406c4d15b1c137fielding *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
cfa64348224b66dd1c9979b809406c4d15b1c137fielding - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim mutexes (Mutex)
cfa64348224b66dd1c9979b809406c4d15b1c137fielding - mod_cache: thundering herd lock directory
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
cfa64348224b66dd1c9979b809406c4d15b1c137fielding - mod_ldap: shared memory cache
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
cfa64348224b66dd1c9979b809406c4d15b1c137fielding [Jeff Trawick]
setuid/setgid capability bits rather than a setuid root binary.
[Matthew Steele <mdsteele google.com>]
passing through the server in such a way that connections and/or
Apache 2.4.xx tree as documented below, except as noted.]
Changes with Apache 2.4.x and later:
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later: