CHANGES revision 97d20d37d21b8d427a920e211858172f0a82427e
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk -*- coding: utf-8 -*-
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenkChanges with Apache 2.3.3
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_auth_digest: Fix usage of shared memory and re-enable it.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 16057 [Dan Poirier]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Preserve Port information over internal redirects
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Proxy: unable to connect to a backend is SERVICE_UNAVAILABLE,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk rather than BAD_GATEWAY or (especially) NOT_FOUND.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 46971 [evanc nortel.com]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Various modules: Do better checking of pollset operations in order to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk avoid segmentation faults if they fail. PR 46467
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Stefan Fritsch <sf sfritsch.de>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_autoindex: Correctly create an empty cell if the description
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) ab: Fix broken error messages after resolver or connect() failures.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) SECURITY: CVE-2009-1890 (cve.mitre.org)
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Fix a potential Denial-of-Service attack against mod_proxy in a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk reverse proxy configuration, where a remote attacker can force a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) SECURITY: CVE-2009-1191 (cve.mitre.org)
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk mod_proxy_ajp: Avoid delivering content from a previous request which
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk failed to send a request body. PR 46949 [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) htdbm: Fix possible buffer overflow if dbm database has very
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk long values. PR 30586 [Dan Poirier]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Return APR_EOF if request body is shorter than the length announced
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_suexec: correctly set suexec_enabled when httpd is run by a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk non-root user and may have insufficient permissions.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 42175 [Jim Radford <radford blackbean.org>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk type. PR 45107. [Michael Ströder <michael stroeder.com>,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_http: fix case sensitivity checking transfer encoding
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_alias: ensure Redirect issues a valid URL.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 44020 [Håkon Stordahl <hakon stordahl.org>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_dir: add DefaultHandler directive, to enable admin to specify
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk an action to happen when a URL maps to no file, without resorting
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cgid: Do not leak the listening Unix socket file descriptor to the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: Remove locking for writing to the rewritelog.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 46942 [Dan Poirier <poirier pobox.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_alias: check sanity in Redirect arguments.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_http: fix Host: header for literal IPv6 addresses.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk defined session identifiers encoded in the URL when caching.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: Fix the error string returned by RewriteRule.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk argument of RewriteRule was not started with "[" or not ended with "]".
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Windows: Fix usage message.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Rainer Jung]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) apachectl: When passing through arguments to httpd in
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk non-SysV mode, use the "$@" syntax to preserve arguments.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_dbd: add DBDInitSQL directive to enable SQL statements to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk be run when a connection is opened. PR 46827
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Marko Kevac <mkevac gmail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cgid: Improve handling of long AF_UNIX socket names (ScriptSock).
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 47037. [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk protocol. [Mladen Turk]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_ajp: Forward remote port information by default.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Rainer Jung]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Allow MPMs to be loaded dynamically, as with most other modules. This
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk required changes to the MPM interfaces. Removed: mpm.h, mpm_default.h
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk (as an installed header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk ap_max_daemons_limit, ap_my_generation, etc. ap_mpm_query() can't be
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk called until after the register-hooks phase. [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to enable stricter checking of remote server certificates.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) ab: Fix a 100% CPU loop on platforms where a failed non-blocking connect
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk returns EINPROGRESS and a subsequent poll() returns only POLLERR.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Observed on HP-UX. [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Remove broken support for BeOS, OS/2, TPF, and even older platforms such
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk as A/UX, Next, and Tandem. [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_ftp: Add ProxyFtpListOnWildcard directive to allow files with
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk globbing characters to be retrieved instead of converted into a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Provide ap_retained_data_create()/ap_retained_data_get() for preservation
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk of module state across unload/load. [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_substitute: Fix a memory leak. PR 44948
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Dan Poirier <poirier pobox.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenkChanges with Apache 2.3.2
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk HTML injections and HTTP response splitting. PR 46837.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Geoff Keating <geoffk apple.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: add support for type-safe STACK constructs in OpenSSL
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk development HEAD. PR 45521. [Kaspar Brand, Sander Temme]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) ab: Fix maintenance of the pollset to resolve EALREADY errors
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 44584. Use APR_POLLSET_NOCOPY for better performance with some
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk pollset implementations. [Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_disk_cache: The module now turns off sendfile support if
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk 'EnableSendfile off' is defined globally. [Lars Eilebrecht]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_deflate: Adjust content metadata before bailing out on 304
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk responses so that the metadata does not differ from 200 response.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Roy T. Fielding]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_deflate: Fix creation of invalid Etag headers. We now make sure
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk that the Etag value is properly quoted when adding the gzip marker.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Peter Harlow]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Disabled DefaultType directive and removed ap_default_type()
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk from core. We now exclude Content-Type from responses for which
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk a media type has not been configured via mime.types, AddType,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk ForceType, or some other mechanism. PR 13986. [Roy T. Fielding]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: Add IPV6 variable to RewriteCond
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Ryan Phillips <ryan-apache trolocsis.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Enhance KeepAliveTimeout to support a value in milliseconds.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 46275. [Takashi Sato]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) rotatelogs: Allow size units B, K, M, G and combination of
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk time and size based rotation. [Rainer Jung]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [<tlhackque yahoo.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Translate the the status line to ASCII on EBCDIC platforms in
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk ap_send_interim_response() and for locally generated "100 Continue"
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk responses. [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) prefork: Fix child process hang during graceful restart/stop in
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk configurations with multiple listening sockets. PR 42829. [Joe Orton,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Jeff Trawick]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk set in the global scope. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ext_filter: We need to detect failure to startup the filter
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk program (a mangled response is not acceptable). Fix to detect
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk failure, and offer configuration option either to abort or
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to remove the filter and continue.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 41120 [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_session_crypto: Rewrite the session_crypto module against the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk apr_crypto API. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk until the main request is cleaned up. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenkChanges with Apache 2.3.1
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) ap_slotmem: Add in new slot-based memory access API impl., including
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_include: support generating non-ASCII characters as entities in SSI
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 25202 [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 25202 [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: fix "B" flag breakage by reverting r5589343
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) CGI: return 504 (Gateway timeout) rather than 500 when a script
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk times out before returning status line/headers.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 42190 [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cgid: fix segfault problem on solaris.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_scgi: Added. [André Malo]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cache: Introduce 'no-cache' per-request environment variable
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to prevent the saving of an otherwise cacheable response.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk way that per-directory rewrites append the previous notion of PATH_INFO
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to each substitution before evaluating subsequent rules.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 38642 [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_cgid: Do not add an empty argument when calling the CGI script.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 46380 [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) scoreboard: Remove unused sb_type from process_score.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk size of the buffer used for the request-body where necessary
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk during a per-dir renegotiation. PR 39243. [Joe Orton]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_fdpass: New module to pass a client connection over to a separate
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk process that is reading from a unix daemon socket.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Improve environment variable extraction to be more
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk efficient and to correctly handle DNs with duplicate tags.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 45975. [Joe Orton]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Remove the obsolete serial attribute from the RPM spec file. Compile
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk against the external pcre. Add missing binaries fcgistarter, and
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk mod_socache* and mod_session*. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenkChanges with Apache 2.3.0
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Remove X-Pad header which was added as a work around to a bug in
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Add DTrace Statically Defined Tracing (SDT) probes.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_proxy_balancer: Move all load balancing implementations
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk as individual, self-contained mod_proxy submodules under
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Rename APIs to include ap_ prefix:
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk find_child_by_pid -> ap_find_child_by_pid
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk suck_in_APR -> ap_suck_in_APR
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk sys_privileges_handlers -> ap_sys_privileges_handlers
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_accept -> ap_unixd_accept
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_config -> ap_unixd_config
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_killpg -> ap_unixd_killpg
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk unixd_set_rlimit -> ap_unixd_set_rlimit
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: When the ap_http_header_filter processes an error bucket, cleanup
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk the passed brigade before returning AP_FILTER_ERROR down the filter
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk chain. This unambiguously ensures the same error bucket isn't revisited
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk based on heartbeats. [Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_heartmonitor: New module to collect heartbeats, and write out a file
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk so that other modules can load balance traffic as needed. [Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_heartbeat: New module to generate multicast heartbeats to know if a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk server is online. [Paul Querna]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Error responses set by filters were being coerced into 500 errors,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk sometimes appended to the original error response. Log entry of:
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk 'Handler for (null) returned invalid result code -3'
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_buffer: Honour the flush bucket and flush the buffer in the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk input filter. Make sure that metadata buckets are written to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk the buffer, not to the final brigade. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_buffer: Optimise the buffering of heap buckets when the heap
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_buffer: Optional support for buffering of the input and output
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk filter stacks. Can collapse many small buckets into fewer larger
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk buckets, and prevents excessively small chunks being sent over
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk the wire. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_privileges: new module to make httpd on Solaris privileges-aware
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk and to enable different virtualhosts to run with different
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk privileges and Unix user/group IDs [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_mem_cache: this module has been removed. [William Rowe]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) authn/z: Remove mod_authn_default and mod_authz_default.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) authz: Fix handling of authz configurations, make default authz
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk directives. [Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_authn_core: Prevent crash when provider alias created to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk provider which is not yet registered. [Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_authn_core: Add AuthType of None to support disabling
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk authentication. [Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Allow <Limit> and <LimitExcept> directives to nest, and
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk constrain their use to conform with that of other access control
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk and authorization directives. [Chris Darroch]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) unixd: turn existing code into a module, and turn the set user/group
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk and chroot into a child_init function. [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core: Add ap_timeout_parameter_parse to public API. [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_dir: Support "DirectoryIndex disabled"
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Export and install the mod_rewrite.h header to ensure the optional
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk rewrite_mapfunc_t and ap_register_rewrite_mapfunc functions are
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk available to third party modules. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_authnz_ldap: don't return NULL-valued environment variables to
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Don't adjust case in pathname components that are not of interest
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk to mod_mime. Fixes mod_negotiation's use of such components.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) Be tolerant in what you accept - accept slightly broken
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk status lines from a backend provide they include a valid status code.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk PR 44995 [Rainer Jung <rainer.jung kippdata.de>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) New module mod_sed: filter Request/Response bodies through sed
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_auth_form: Make sure that basic authentication is correctly
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk faked directly after login. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk within the output headers and error output headers, so that the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk session is maintained across redirects. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_auth_form: Make sure the logged in user is populated correctly
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk after a form login. Fixes a missing REMOTE_USER variable directly
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk following a login. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_session_cookie: Make sure that cookie attributes are correctly
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk included in the blank cookie when cookies are removed. This fixes an
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk inability to log out when using mod_auth_form. [Graham Leggett]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_autoindex: add configuration option to insert string
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk in HTML HEAD. [Nick Kew]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk null value. [David Shane Holden <dpejesh apache.org>]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_headers: Prevent Header edit from processing only the first header
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk of possibly multiple headers with the same name and deleting the
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk remaining ones. PR 45333. [Ruediger Pluem]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Tom Donovan]
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk *) core, authn/z: Determine registered authn/z providers directly in
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk ap_setup_auth_internal(), which allows optional functions that just
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk wrapped ap_list_provider_names() to be removed from authn/z modules.
4b8d88eb610aa1e0bb6ec632f792744b3d6b5f22jeff.schenk [Chris Darroch]
*) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
*) configure: Don't reject libtool 2.x
overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>]
PR 44799 [Christian Wenz <christian wenz.org>]
both inside and outside the location/directory sections, as
form request with the type of application/x-www-form-urlencoded.
*) mod_authz_dbd: When redirecting after successful login/logout per
PR 44560 [Anders Kaseorg <anders kaseorg.com>]
mod_cache et.al. to trap the results of the redirect.
PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
can be created with test/make_sni.sh [Dirk-Willem van Gulik].
*) ApacheMonitor.exe: Introduce --kill argument for use by the
*) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
[David Jones <oscaremma gmail.com>]
[David M. Lee <dmlee crossroads.com>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Stijn Hoop <stijn sandcat.nl>]
[Niklas Edmundsson <nikke acc.umu.se>]
final name. [Davi Arnaut <davi haxent.com.br>]
[Markus Schiegl <ms schiegl.com>]
*) Remove incorrect comments from scoreboard.h regarding conditional
[Chris Darroch <chrisd pearsoncmg.com>]
in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
[Chris Darroch <chrisd pearsoncmg.com>]
and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
*) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
Apache 2.2.xx tree as documented, and except as noted, below.]
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later:
Changes with Apache 1.3.x and later: