CHANGES revision cc45ee60ddfb8380b3703455098475eb72625ca8
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.5.0
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic *) mod_proxy_ftp: Fix segfaults on IPv4 requests to hosts with DNS AAAA records.
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic PR 40841. [Andrew Rucker Jones <arjones simultan dyndns org>,
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic <ast domdv de>, Jim Jagielski]
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) ap_expr: Add req_novary function that allows HTTP header lookups
4da61833a1cbbca94094f9653fd970582b97a72etrawick without adding the name to the Vary header. [Stefan Fritsch]
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) mod_ssl: Change default for SSLCompression to off, as compression
4da61833a1cbbca94094f9653fd970582b97a72etrawick causes security issues in most setups. (The so called "CRIME" attack).
4789804be088bcd86ae637a29cdb7fda25169521jailletc [Stefan Fritsch]
4789804be088bcd86ae637a29cdb7fda25169521jailletc *) syslog logging: Remove stray ", referer" at the end of some messages.
4789804be088bcd86ae637a29cdb7fda25169521jailletc [Jeff Trawick]
e50c3026198fd496f183cda4c32a202925476778covener *) configure: Fix processing of --disable-FEATURE for various features.
e50c3026198fd496f183cda4c32a202925476778covener [Jeff Trawick]
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin *) "Iterate" directives: Report an error if no arguments are provided.
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic [Jeff Trawick]
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic *) htpasswd, htdbm: Optionally read passwords from stdin, as more
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic secure alternative to -b. PR 40243. [Adomas Paltanavicius <adomas
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic paltanavicius gmail com>, Stefan Fritsch]
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic *) htpasswd, htdbm: Add support for bcrypt algorithm (requires
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic apr-util 1.5 or higher). PR 49288. [Stefan Fritsch]
69301145375a889e7e37caf7cc7321ac0f91801erpluem *) htpasswd, htdbm: Put full 48bit of entropy into salt, improve
69301145375a889e7e37caf7cc7321ac0f91801erpluem error handling. Add some of htpasswd's improvements to htdbm,
69301145375a889e7e37caf7cc7321ac0f91801erpluem e.g. warn if password is truncated by crypt(). [Stefan Fritsch]
506bfe33206b2fece40ef25f695af39dd4130facjkaluza *) ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output
506bfe33206b2fece40ef25f695af39dd4130facjkaluza to more accurately report the negotiated protocol. PR 53916.
506bfe33206b2fece40ef25f695af39dd4130facjkaluza [Nicolás Pernas Maradei <nico emutex com>, Kaspar Brand]
d58a848a016d401b965111e50ef829e1641f7834minfrin *) mod_systemd: New module, for integration with systemd on Linux.
d58a848a016d401b965111e50ef829e1641f7834minfrin [Jan Kaluza <jkaluza redhat.com>]
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf *) core: ErrorDocument now works for requests without a Host header.
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf PR 48357. [Jeff Trawick]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) --with-module: Fix failure to integrate them into some existing
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic module directories. PR 40097. [Jeff Trawick]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) mod_headers: New params: %l for load averages, %i for an
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic idle percentage rating of httpd, and %b for a busy percentage
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic rating. [Jim Jagielski]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) core: New functions to obtain load parameters: ap_get_sload()
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic and ap_get_loadavg(). [Jim Jagielski]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) mod_cache_socache: New cache implementation backed by mod_socache
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic that replaces mod_mem_cache removed from httpd v2.2. [Graham
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) mod_auth_form: Support the expr parser in the
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener AuthFormLoginRequiredLocation, AuthFormLoginSuccessLocation and
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener AuthFormLogoutLocation directives. [Graham Leggett]
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) core: Add dirwalk_stat and pre_htaccess hooks, allowing mpm-itk
44ff304057225e944e220e981d434a046d14cf06covener to be used without patches to httpd core. [Jeff Trawick]
44ff304057225e944e220e981d434a046d14cf06covener *) mod_proxy: Allow for persistence of local changes (via the
44ff304057225e944e220e981d434a046d14cf06covener balancer-manager) between graceful and normal restarts.
5d1ba75b8794925e67591c209085a49279791de9covener [Jim Jagielski]
5d1ba75b8794925e67591c209085a49279791de9covener *) mod_slotmem: New provider function, fgrab(), which forces an
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand allocation of a slot. [Jim Jagielski]
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand *) mod_proxy_balancer: The nonce is only derived from the UUID iff
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand not set via the 'nonce' balancer param. [Jim Jagielski]
caad2986f81ab263f7af41467dd622dc9add17f3ylavic *) mod_lua: Add LuaInputFilter/LuaOutputFilter for creating content
caad2986f81ab263f7af41467dd622dc9add17f3ylavic filters in Lua [Daniel Gruno]
45a10d38e6051fd7bdf9d742aaae633d97ff02abjailletc *) core: Apply length limit when logging Status header values.
f7317ff316c2b141feea31bddb74d5d3fa1584edjorton [Jeff Trawick, Chris Darroch]
2165214331e4afafca4048f66f303d0253d7b001covener *) mod_ssl: Match wildcard SSL certificate names in proxy mode.
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem PR 53006. [Joe Orton]
1e2d421a36999d292042a5539971070d54aa6c63ylavic *) WinNT MPM: Store pid and generation for each thread in scoreboard
1e2d421a36999d292042a5539971070d54aa6c63ylavic to allow tracking of threads from exiting children via mod_status
1e2d421a36999d292042a5539971070d54aa6c63ylavic or other such mechanisms. [Jeff Trawick]
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh *) mod_ssl: Catch missing or mismatched client cert/key pairs with
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh SSLProxyMachineCertificateFile/Path directives. PR 52212.
0b67eb8568cd58bb77082703951679b42cf098actrawick [Keith Burdis <keith burdis.org>, Joe Orton]
0b67eb8568cd58bb77082703951679b42cf098actrawick *) mod_lua: Allow scripts handled by the lua-script handler to return
0b67eb8568cd58bb77082703951679b42cf098actrawick a status code to the client (such as a 302 or a 500) [Daniel Gruno]
fb1985a97912b25ec6564c73e610a31e5fc6e25fcovener *) mod_proxy_ajp: Fix crash in packet dump code when logging
09c87c777bed1655621bb20e1c46cb6b1a63279dcovener with LogLevel trace7 or trace8. PR 53730. [Rainer Jung]
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic *) mod_cache: Wrong content type and character set when
3060ce7f798fbda7999cd4ddf89b525d2b294185covener mod_cache serves stale content because of a proxy error.
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic PR 53539. [Rainer Jung, Ruediger Pluem]
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic *) mod_lua: Decline handling 'lua-script' if the file doesn't exist,
e6b4bd1113567627ab6bb6c6a7105e1e01a7d889jailletc rather than throwing an internal server error. [Daniel Gruno]
e466c40e1801982602ee0200c9e8b61cc148742djailletc *) mod_lua: Add functions r:flush and r:sendfile as well as additional
e466c40e1801982602ee0200c9e8b61cc148742djailletc request information to the request_rec structure. [Daniel Gruno]
457468b82e59d01eba00dd9d0817309c8f5e414ejim *) mod_lua: Add a server scope for Lua states, which creates a pool of
457468b82e59d01eba00dd9d0817309c8f5e414ejim states with managable minimum and maximum size. [Daniel Gruno]
04983e3bd1754764eec7d6bb772fe3b0bf391771jorton *) core: Add post_perdir_config hook.
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem [Steinar Gunderson <sgunderson bigfoot.com>]
15660979a30d251681463de2e0584853890082accovener *) mod_lua: Add new directive, LuaMapHandler, for dynamically mapping
49dacedb6c387b786b7911082ff35121a45f414bcovener URIs to Lua scripts and functions using regular expressions.
49dacedb6c387b786b7911082ff35121a45f414bcovener [Daniel Gruno]
cfd9415521847b2f9394fad04fb701cfb955f503rjung *) mod_lua: Add new directive LuaCodeCache for controlling in-memory
cfd9415521847b2f9394fad04fb701cfb955f503rjung caching of lua scripts. [Daniel Gruno]
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe mutexes (Mutex)
8491e0600f69b0405e156ea8a419653c065c645bcovener - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
63b9f1f5880391261705f696d7d65507bbe9ace3covener - mod_ldap: shared memory cache
63b9f1f5880391261705f696d7d65507bbe9ace3covener - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
63b9f1f5880391261705f696d7d65507bbe9ace3covener [Jeff Trawick]
49dacedb6c387b786b7911082ff35121a45f414bcovener *) mod_ssl: Add RFC 5878 support. [Ben Laurie]
49dacedb6c387b786b7911082ff35121a45f414bcovener *) mod_ssl: Add support for TLS-SRP (Secure Remote Password key exchange
3c990331fc6702119e4f5b8ba9eae3021aea5265jim for TLS, RFC 5054). PR 51075. [Quinn Slack <sqs cs stanford edu>,
3c990331fc6702119e4f5b8ba9eae3021aea5265jim Christophe Renou, Peter Sylvester]
3c990331fc6702119e4f5b8ba9eae3021aea5265jim *) core: Make ap_regcomp() return AP_REG_ESPACE if out of memory. Make
fc42512879dd0504532f52fe5d0d0383dda96a1eniq ap_pregcomp() abort if out of memory. This raises the minimum PCRE
fc42512879dd0504532f52fe5d0d0383dda96a1eniq requirement to version 6.0. PR 53284. [Stefan Fritsch]
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq *) suexec: Add --enable-suexec-capabilites support on Linux, to use
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq setuid/setgid capability bits rather than a setuid root binary.
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq [Joe Orton]
983528026996668ea295be95aedb9c7a346af470ylavic *) suexec: Add support for logging to syslog as an alternative to logging
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc to a file; configure --without-suexec-logfile --with-suexec-syslog.
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc [Joe Orton]
06b8f183140c8e02e0974e938a05078b511d1603covener *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
06b8f183140c8e02e0974e938a05078b511d1603covener [Matthew Steele <mdsteele google.com>]
259878293a997ff49f5ddfc53d3739cbdc25444ecovener *) various modules, rotatelogs: Replace use of apr_file_write() with
259878293a997ff49f5ddfc53d3739cbdc25444ecovener apr_file_write_full() to prevent incomplete writes. PR 53131.
259878293a997ff49f5ddfc53d3739cbdc25444ecovener [Nicolas Viennot <apache viennot biz>, Stefan Fritsch]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin be compiled by the build compiler instead of the host compiler.
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin PR 51257. [Guenter Knauf]
65967d05f839dbf27cf91d91fa79585eeae19660minfrin *) core: In maintainer mode, replace apr_palloc with a version that
65967d05f839dbf27cf91d91fa79585eeae19660minfrin initializes the allocated memory with non-zero values, except if
65967d05f839dbf27cf91d91fa79585eeae19660minfrin AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
8152945ae46857b170cb227e79bb799f4fc7710dminfrin *) mod_policy: Add a new testing module to help server administrators
8152945ae46857b170cb227e79bb799f4fc7710dminfrin enforce a configurable level of protocol compliance on their
8152945ae46857b170cb227e79bb799f4fc7710dminfrin servers and application servers behind theirs. [Graham Leggett]
75f5c2db254c0167a0e396254460de09b775d203trawick *) mod_firehose: Add a new debugging module able to record traffic
75f5c2db254c0167a0e396254460de09b775d203trawick passing through the server in such a way that connections and/or
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph requests be reconstructed and replayed. [Graham Leggett]
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph *) mod_noloris
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick *) Simple MPM
54d750a84a175d8e338880514d440773eb986b50covener *) mod_serf
54d750a84a175d8e338880514d440773eb986b50covener [Apache 2.5.0-dev includes those bug fixes and changes with the
54d750a84a175d8e338880514d440773eb986b50covener Apache 2.4.xx tree as documented below, except as noted.]
54d750a84a175d8e338880514d440773eb986b50covenerChanges with Apache 2.4.x and later:
7a3aa12f0eda24793ee26d6a179bd53132e9dae8covener *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
54d750a84a175d8e338880514d440773eb986b50covenerChanges with Apache 2.2.x and later:
4e30ef014533a7e93c92d88306291f5e49c9692ftrawick *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawickChanges with Apache 2.0.x and later: