CHANGES revision d4ee4552489641d35d1195bbbd6021351c4b79aa
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher -*- coding: utf-8 -*-
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen GallagherChanges with Apache 2.3.2
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher[ When backported to 2.2.x, remove entry from this file ]
8c294c1cd4d721818a59684cf7f2b36123f79163Stephen Gallagher *) rotatelogs: Allow size units B, K, M, G and combination of
c252d148fa8ab50aaaa8bbae7beb4d208025171dNikolai Kondrashov time and size based rotation. [Rainer Jung]
9542512d7be40f2000298c86d3d2b728f4f0f65aStephen Gallagher *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
c6e39e15178675d0779e0ae855245774a09b4eb5Nikolai Kondrashov *) rotatelogs: Allow to trigger log file rotation from outside
c6e39e15178675d0779e0ae855245774a09b4eb5Nikolai Kondrashov using HUP and INT signals. PR 44427 [Rainer Jung]
c6e39e15178675d0779e0ae855245774a09b4eb5Nikolai Kondrashov *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher *) core: Translate the the status line to ASCII on EBCDIC platforms in
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher ap_send_interim_response() and for locally generated "100 Continue"
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher responses. [Eric Covener]
8b1f525acd20f36c836e827de3c251088961c5d9Stephen Gallagher *) mod_authnz_ldap: Reduce number of initialization debug messages and make
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallagher information more clear. PR 46342 [Dan Poirier]
428db8a58c0c149d5efccc6d788f70916c1d34d7Jakub Hrozek *) prefork: Fix child process hang during graceful restart/stop in
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher configurations with multiple listening sockets. PR 42829. [Joe Orton,
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) prefork: Log an error instead of segfaulting when child startup fails
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher due to pollset creation failures. PR 46467. [Jeff Trawick]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher set in the global scope. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_ext_filter: We need to detect failure to startup the filter
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher program (a mangled response is not acceptable). Fix to detect
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher failure, and offer configuration option either to abort or
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher to remove the filter and continue.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 41120 [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_session_crypto: Rewrite the session_crypto module against the
8a5e793a0576250da80371e53aa3e7eba15cdb63Sumit Bose apr_crypto API. [Graham Leggett]
8a5e793a0576250da80371e53aa3e7eba15cdb63Sumit Bose *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose until the main request is cleaned up. [Graham Leggett]
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit BoseChanges with Apache 2.3.1
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke *) ap_slotmem: Add in new slot-based memory access API impl., including
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
f3c85d900c4663854cc7bbae7d9f77867ed1f69bSumit Bose Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
f3c85d900c4663854cc7bbae7d9f77867ed1f69bSumit Bose *) mod_include: support generating non-ASCII characters as entities in SSI
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 25202 [Nick Kew]
2a552e43581c74f51205c7141ec9f6e9542509f8Stephen Gallagher *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
8214510f125879c3b1d247f2ce981ee20b5375d1Jakub Hrozek PR 25202 [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_rewrite: fix "B" flag breakage by reverting r5589343
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
2cbdd12983eb85eddb90f64cfafb24eae5b448f4Jakub Hrozek *) CGI: return 504 (Gateway timeout) rather than 500 when a script
b9c8ce2bdd4045782c243605a1b999098bedcffcNoam Meltzer times out before returning status line/headers.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 42190 [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_cgid: fix segfault problem on solaris.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
eb2e21b764d03544d8161e9956d7f70b07b75f77Simo Sorce *) mod_proxy_scgi: Added. [André Malo]
2a5790216f57e9bdfb2930d52860bb5300366536Jakub Hrozek *) mod_cache: Introduce 'no-cache' per-request environment variable
5377441d7a846461c2d9a7a870cea711360a529aNikolai Kondrashov to prevent the saving of an otherwise cacheable response.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Eric Covener]
32381402a4a9afc003782c9e2301fc59c9bda2a9Yassir Elley *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher way that per-directory rewrites append the previous notion of PATH_INFO
4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256Stephen Gallagher to each substitution before evaluating subsequent rules.
e124844907ed6973915e4d56f5442ecd07535a12Jakub Hrozek PR38642 [Eric Covener]
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher *) mod_cgid: Do not add an empty argument when calling the CGI script.
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher PR 46380 [Ruediger Pluem]
bc13c352ba9c2877f1e9bc62e55ad60fc000a55dJakub Hrozek *) scoreboard: Remove unused sb_type from process_score.
bc13c352ba9c2877f1e9bc62e55ad60fc000a55dJakub Hrozek [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
bc13c352ba9c2877f1e9bc62e55ad60fc000a55dJakub Hrozek *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher size of the buffer used for the request-body where necessary
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher during a per-dir renegotiation. PR 39243. [Joe Orton]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_proxy_fdpass: New module to pass a client connection over to a separate
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher process that is reading from a unix daemon socket.
054b5d4bb98973698f74d66b14ccd14394b53f10Lukas Slebodnik *) mod_ssl: Improve environment variable extraction to be more
054b5d4bb98973698f74d66b14ccd14394b53f10Lukas Slebodnik efficient and to correctly handle DNs with duplicate tags.
a3d176d116ceccd6a7547c128fab5df5cdd2c2b6Michal Zidek PR 45975. [Joe Orton]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Remove the obsolete serial attribute from the RPM spec file. Compile
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher against the external pcre. Add missing binaries fcgistarter, and
4f6931e854c698dcb1c09f99eb330ce2fb97e7c6Lukas Slebodnik mod_socache* and mod_session*. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen GallagherChanges with Apache 2.3.0
558998ce664055a75595371118f818084d8f2b23Jan Cholasta *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholasta *) Remove X-Pad header which was added as a work around to a bug in
9a3e40dc49c1e38bf58e45be5adff37615f3910bJan Cholasta Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
558998ce664055a75595371118f818084d8f2b23Jan Cholasta *) Add DTrace Statically Defined Tracing (SDT) probes.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_proxy_balancer: Move all load balancing implementations
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher as individual, self-contained mod_proxy submodules under
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Rename APIs to include ap_ prefix:
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher find_child_by_pid -> ap_find_child_by_pid
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny suck_in_APR -> ap_suck_in_APR
f1828234a850dd28465425248a83a993f262918fPavel Březina sys_privileges_handlers -> ap_sys_privileges_handlers
6ea6ec5cb7d9985e2730fb9d4657624d10aed4d8Nick Guay unixd_accept -> ap_unixd_accept
6ea6ec5cb7d9985e2730fb9d4657624d10aed4d8Nick Guay unixd_config -> ap_unixd_config
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher unixd_killpg -> ap_unixd_killpg
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher unixd_set_rlimit -> ap_unixd_set_rlimit
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) core: When the ap_http_header_filter processes an error bucket, cleanup
1746e8b8399da2a7a8da4aace186f66055ccfec1Jakub Hrozek the passed brigade before returning AP_FILTER_ERROR down the filter
1746e8b8399da2a7a8da4aace186f66055ccfec1Jakub Hrozek chain. This unambiguously ensures the same error bucket isn't revisited
1746e8b8399da2a7a8da4aace186f66055ccfec1Jakub Hrozek [Ruediger Pluem]
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina *) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers
2827b0d03f7b6bafa504d22a5d7ca39cbda048b3Pavel Březina based on heartbeats. [Paul Querna]
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek *) mod_heartmonitor: New module to collect heartbeats, and write out a file
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek so that other modules can load balance traffic as needed. [Paul Querna]
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta *) mod_heartbeat: New module to generate multicast heartbeats to know if a
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta server is online. [Paul Querna]
cb4d5b588e704114b7090678752d33512baa718eJakub Hrozek *) core: Error responses set by filters were being coerced into 500 errors,
cb4d5b588e704114b7090678752d33512baa718eJakub Hrozek sometimes appended to the original error response. Log entry of:
19d3aba12c70528708be9440aca66038a291f29eYassir Elley 'Handler for (null) returned invalid result code -3'
19d3aba12c70528708be9440aca66038a291f29eYassir Elley [Eric Covener]
f3a25949de81f80c136bb073e4a8f504b080c20cJakub Hrozek *) mod_buffer: Honour the flush bucket and flush the buffer in the
f3a25949de81f80c136bb073e4a8f504b080c20cJakub Hrozek input filter. Make sure that metadata buckets are written to
f3a25949de81f80c136bb073e4a8f504b080c20cJakub Hrozek the buffer, not to the final brigade. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_buffer: Optimise the buffering of heap buckets when the heap
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett,
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose Ruediger Pluem]
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose *) mod_buffer: Optional support for buffering of the input and output
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher filter stacks. Can collapse many small buckets into fewer larger
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher buckets, and prevents excessively small chunks being sent over
36ccdecd053a9ad88dce86b8c84770dc2aa11d21Simo Sorce the wire. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_privileges: new module to make httpd on Solaris privileges-aware
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher and to enable different virtualhosts to run with different
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher privileges and Unix user/group IDs [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) authn/z: Remove mod_authn_default and mod_authz_default.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) authz: Fix handling of authz configurations, make default authz
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge
effcbdb12c7ef892f1fd92a745cb33a08ca4ba30Stephen Gallagher directives. [Chris Darroch]
69aaef8719c5cf33ed1c4090fa313ba281bf8a02Jakub Hrozek *) mod_authn_core: Prevent crash when provider alias created to
4dd615c01357b8715711aad6820ba9595d3ad377Stephen Gallagher provider which is not yet registered. [Chris Darroch]
a6098862048d4bb469130b9ff21be3020d6f2c54Sumit Bose *) mod_authn_core: Add AuthType of None to support disabling
2d257ccf620ce1b611f89cec8f0a94c88c2f2881Sumit Bose authentication. [Chris Darroch]
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek *) core: Allow <Limit> and <LimitExcept> directives to nest, and
e5e8252ec48bfdd4e7529debc705c8e090264b9aSumit Bose constrain their use to conform with that of other access control
71e7918be3ca5d38794a16a17f6b4f19a24d51fcPavel Březina and authorization directives. [Chris Darroch]
71e7918be3ca5d38794a16a17f6b4f19a24d51fcPavel Březina *) unixd: turn existing code into a module, and turn the set user/group
71e7918be3ca5d38794a16a17f6b4f19a24d51fcPavel Březina and chroot into a child_init function. [Nick Kew]
80314a6f3ea8d81abe73d501d5b953a256cb2167Pavel Březina *) core: Add ap_timeout_parameter_parse to public API. [Ruediger Pluem]
bbaba8b3ef9bc101863b8687f234f4ee956caacdPavel Březina *) mod_dir: Support "DirectoryIndex disabled"
bbaba8b3ef9bc101863b8687f234f4ee956caacdPavel Březina Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek *) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek *) Export and install the mod_rewrite.h header to ensure the optional
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek rewrite_mapfunc_t and ap_register_rewrite_mapfunc functions are
4bd20c075f0f187db0181dc53d00ab6cd47fdb4dJakub Hrozek available to third party modules. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_authnz_ldap: don't return NULL-valued environment variables to
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
a65a64aee968bd2ac18156ced15a1e2509a8acbaAbhishek Singh *) Don't adjust case in pathname components that are not of interest
ae6c1596225c65bec2a2dabff9eee4e3e0691181Abhishek Singh to mod_mime. Fixes mod_negotiation's use of such components.
2a9af1f71887f02935e2fb6ad5023afba5b6d43eSumit Bose PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
461da2984c747708e8badd27fa55ef879f40e712Pallavi Jha *) Be tolerant in what you accept - accept slightly broken
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek status lines from a backend provide they include a valid status code.
777374243e15c53e7b0a7345e190c1018920be18Jakub Hrozek PR 44995 [Rainer Jung <rainer.jung kippdata.de>]
e046ae03d0f55b1c8b0ec2fa6139bf86a3449adfPavel Březina *) New module mod_sed: filter Request/Response bodies through sed
1ce58f139699dd26b8888f4131c996263b6a80a5Jakub Hrozek *) mod_auth_form: Make sure that basic authentication is correctly
72ae534f5aef6d2e5d3f2f51299aede5abf9687eJakub Hrozek faked directly after login. [Graham Leggett]
7caf7ed4f2eae1ec1c0717b4ee6ce78bdacd5926Jakub Hrozek *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
0161a3c5637a0c0092bf54c436bb3d6508d7df26Jakub Hrozek within the output headers and error output headers, so that the
f43c6a9ae2aea13b7a83fd932139f9352efbfcadPavel Březina session is maintained across redirects. [Graham Leggett]
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek *) mod_auth_form: Make sure the logged in user is populated correctly
a524965fbe0551f1b3a68f1e5c7a5689a652998fSumit Bose after a form login. Fixes a missing REMOTE_USER variable directly
a5623363d6042290fe652a1ca5ce5a85a821236fPavel Březina following a login. [Graham Leggett]
a0ab15ceb80290db80c2052520830a95390de385Sumit Bose *) mod_session_cookie: Make sure that cookie attributes are correctly
e00c2b5ac4963de9521599c88597b7fb97339d0eJakub Hrozek included in the blank cookie when cookies are removed. This fixes an
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina inability to log out when using mod_auth_form. [Graham Leggett]
e592d5f157be869151983bd1b46d6f4f7a29daafJakub Hrozek *) mod_autoindex: add configuration option to insert string
f92ace4a52602e8c38a34f2392bec3deeac2ddddJakub Hrozek in HTML HEAD. [Nick Kew]
bf54fbed126ec3d459af40ea370ffadacd31c76dJakub Hrozek *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
bf54fbed126ec3d459af40ea370ffadacd31c76dJakub Hrozek null value. [David Shane Holden <dpejesh apache.org>]
f92ace4a52602e8c38a34f2392bec3deeac2ddddJakub Hrozek *) mod_headers: Prevent Header edit from processing only the first header
f92ace4a52602e8c38a34f2392bec3deeac2ddddJakub Hrozek of possibly multiple headers with the same name and deleting the
f92ace4a52602e8c38a34f2392bec3deeac2ddddJakub Hrozek remaining ones. PR 45333. [Ruediger Pluem]
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
99f8be128274eba264ea1434a7eb2800bced5902Lukas Slebodnik [Tom Donovan]
99f8be128274eba264ea1434a7eb2800bced5902Lukas Slebodnik *) core, authn/z: Determine registered authn/z providers directly in
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik ap_setup_auth_internal(), which allows optional functions that just
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik wrapped ap_list_provider_names() to be removed from authn/z modules.
f92ace4a52602e8c38a34f2392bec3deeac2ddddJakub Hrozek [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) authn/z: Convert common provider version strings to macros.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Chris Darroch]
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek *) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) configure: Don't reject libtool 2.x
9f521c61c17cecd9625ebc1b33c666fa3488622cJakub Hrozek PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>]
9f521c61c17cecd9625ebc1b33c666fa3488622cJakub Hrozek *) core: When testing for slash-terminated configuration paths in
9f521c61c17cecd9625ebc1b33c666fa3488622cJakub Hrozek ap_location_walk(), don't look past the start of an empty string
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher such as that created by a <Location ""> directive.
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher [Chris Darroch]
fa551077410019fb34460dc730950e93b62b2963Jakub Hrozek *) core, mod_proxy: If a kept_body is present, it becomes safe for
fa551077410019fb34460dc730950e93b62b2963Jakub Hrozek subrequests to support message bodies. Make sure that safety
fa551077410019fb34460dc730950e93b62b2963Jakub Hrozek checks within the core and within the proxy are not triggered
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher when kept_body is present. This makes it possible to embed
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher proxied POST requests within mod_include. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_auth_form: Make sure the input filter stack is properly set
bf5a808fa92007c325c3996e79694badfab201d4Stephen Gallagher up before reading the login form. Make sure the kept body filter
150b76e13b7c4f3ccf1d709bf517ca2af6b2c9a2Jakub Hrozek is correctly inserted to ensure the body can be read a second
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher time safely should the authn be successful. [Graham Leggett,
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher Ruediger Pluem]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_request: Insert the KEPT_BODY filter via the insert_filter
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher hook instead of during fixups. Add a safety check to ensure the
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher filters cannot be inserted more than once. [Graham Leggett,
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher Ruediger Pluem]
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik *) core: Do not allow Options ALL if not all options are allowed to be
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>]
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik *) ap_cache_cacheable_headers_out() will (now) always
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik merge an error heaeders _before_ clearing them and _before_
a2e417f38c57ed87c956ddcecf4dafca93842b65Lukas Slebodnik merging in the actual entity headers and doing normal
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher hop-by-hop cleansing. [Dirk-Willem van Gulik].
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) cache: retire ap_cache_cacheable_hdrs_out() which was used
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher for both in- and out-put headers; and replace it by a single
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher ap_cache_cacheable_headers() wrapped in a in- and out-put
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher specific ap_cache_cacheable_headers_in()/out(). The latter
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher which will also merge error and ensure content-type. To keep
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher cache modules consistent with ease. This API change bumps
8a5e793a0576250da80371e53aa3e7eba15cdb63Sumit Bose up the minor MM by one [Dirk-Willem van Gulik].
8a5e793a0576250da80371e53aa3e7eba15cdb63Sumit Bose *) mod_rewrite: Allow Cookie option to set secure and HttpOnly flags.
8a5e793a0576250da80371e53aa3e7eba15cdb63Sumit Bose PR 44799 [Christian Wenz <christian wenz.org>]
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose *) Move the KeptBodySize directive, kept_body filters and the
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose ap_parse_request_body function out of the http module and into a
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose new module called mod_request, reducing the size of the core.
90fd1bbd6035cdab46faa3a695a2fb2be6508b17Sumit Bose [Graham Leggett]
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke *) mod_dbd: Handle integer configuration directive parameters with a
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke dedicated function.
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke *) Change the directives within the mod_session* modules to be valid
af4ffe1001adcc0a96897e426d26444f07af9aa1Benjamin Franzke both inside and outside the location/directory sections, as
96453f402831275a39d5fb89c33c9776e148d03fStephen Gallagher suggested by wrowe. [Graham Leggett]
25d4435998d0446f7699e7ab0874c7a6f610ab58Lukas Slebodnik *) mod_auth_form: Add a module capable of allowing end users to log
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher in using an HTML form, storing the credentials within mod_session.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Graham Leggett]
667db40da4db362d7ca0a1f7f1c4ba40fb71795aJakub Hrozek *) Add a function to the http filters that is able to parse an HTML
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose form request with the type of application/x-www-form-urlencoded.
c080a11e9e88f35e40aff4e476cabbd971833019Sumit Bose [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_session_crypto: Initialise SSL in the post config hook.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Ruediger Pluem, Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_session_dbd: Add a session implementation capable of storing
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher session information in a SQL database via the dbd interface. Useful
1467daed400d6c186bd0c99c057c42e764309ff3Stephen Gallagher for sites where session privacy is important. [Graham Leggett]
15b266d9f14dad26da8678a79019749d0f69532eStephen Gallagher *) mod_session_crypto: Add a session encoding implementation capable
1467daed400d6c186bd0c99c057c42e764309ff3Stephen Gallagher of encrypting and decrypting sessions wherever they may be stored.
b97595ae059c69b1960a6e7e56d74660388a683bJan Zeleny Introduces a level of privacy when sessions are stored on the
6a6a821866091e0f722808566c25b951aa346d7cStephen Gallagher browser. [Graham Leggett]
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov *) mod_session_cookie: Add a session implementation capable of storing
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov session information within cookies on the browser. Useful for high
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov volume sites where server bound sessions are too resource intensive.
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov [Graham Leggett]
60e51fd2764291df2332f36ff478777627d92b57Sumit Bose *) mod_session: Add a generic session interface to unify the different
51d65c4ad15c2cc23f38fa09dd6efeb15e4f3e86Jakub Hrozek attempts at saving persistent sessions across requests.
51d65c4ad15c2cc23f38fa09dd6efeb15e4f3e86Jakub Hrozek [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) core, authn/z: Avoid calling access control hooks for internal requests
84ae5edab16ad6be5e3be956cb6fa031c1428eb5Stephen Gallagher with configurations which match those of initial request. Revert to
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher original behaviour (call access control hooks for internal requests
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher with URIs different from initial request) if any access control hooks or
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher providers are not registered as permitting this optimization.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher Introduce wrappers for access control hook and provider registration
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher which can accept additional mode and flag data. [Chris Darroch]
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov *) Introduced ap_expr API for expression evaluation.
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov This is adapted from mod_include, which is the first module
3ce85a5f5264e7118beb6524e120fd8b53a13da4Nikolai Kondrashov to use the new API.
6398f22526303343193a18e514602f1af6fb29cbNikolai Kondrashov *) mod_authz_dbd: When redirecting after successful login/logout per
6398f22526303343193a18e514602f1af6fb29cbNikolai Kondrashov AuthzDBDRedirectQuery, do not report authorization failure, and use
6398f22526303343193a18e514602f1af6fb29cbNikolai Kondrashov first row returned by database query instead of last row.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_ldap: Correctly return all requested attribute values
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher when some attributes have a null value.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 44560 [Anders Kaseorg <anders kaseorg.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) core: check symlink ownership if both FollowSymlinks and
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher SymlinksIfOwnerMatch are set [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) core: fix origin checking in SymlinksIfOwnerMatch
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Activate mod_cache, mod_file_cache and mod_disc_cache as part of the
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher 'most' set for '--enable-modules' and '--enable-shared-mods'. Include
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher contain public function declarations which are useful for
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher third party module authors. PR 42431 [Dirk-Willem van Gulik].
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_dir, mod_negotiation: pass the output filter information
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher to newly created sub requests; as these are later on used
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher as true requests with an internal redirect. This allows for
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher mod_cache et.al. to trap the results of the redirect.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Dirk-Willem van Gulik, Ruediger Pluem]
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher *) mod_ldap: Add support (taking advantage of the new APR capability)
77c0d1f6074059dafd2293f9c42ea0f9d60f8aadJakub Hrozek for ldap rebind callback while chasing referrals. This allows direct
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher searches on LDAP servers (in particular MS Active Directory 2003+)
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher using referrals without the use of the global catalog.
eaaeaa7e00c3d4bfa792cc4d3c6770dc1e28ef0cSumit Bose PRs 26538, 40268, and 42557 [Paul J. Reder]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_ssl: Added server name indication support (SNI, RFC 4366).
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
eb2e21b764d03544d8161e9956d7f70b07b75f77Simo Sorce can be created with test/make_sni.sh [Dirk-Willem van Gulik].
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) ApacheMonitor.exe: Introduce --kill argument for use by the
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose installer. This will permit the installation tool to remove
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher all running instances before attempting to remove the .exe.
0ef783e186ef1c9f60e61a4e8e54c44cb366fdfePavel Březina [William Rowe]
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta *) mod_ssl: Add support for OCSP validation of client certificates.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
b3b6189850d50c656d62efbd498789124c033b00Lukas Slebodnik *) mod_serf: New module for Reverse Proxying. [Paul Querna]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) core: Add the option to keep aside a request body up to a certain
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher size that would otherwise be discarded, to be consumed by filters
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher such as mod_include. When enabled for a directory, POST requests
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher to shtml files can be passed through to embedded scripts as POST
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher requests, rather being downgraded to GET requests. [Graham Leggett]
769347ad4d35d43488eb98f980143495b0db415dStef Walter *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina *) scoreboard: Correctly declare ap_time_process_request.
769347ad4d35d43488eb98f980143495b0db415dStef Walter *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
769347ad4d35d43488eb98f980143495b0db415dStef Walter from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher provide the unusual legacy lookup. [William Rowe]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mpm winnt: fix null pointer dereference
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher PR 42572 [Davi Arnaut]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
db78f4c750943fcd4b60bca5f3fdfd6cc5d3d4f8Ondrej Kos parameters to the environment. Improve portability to
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher EBCDIC machines by using apr_toupper(). [Martin Kraemer]
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek *) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek to authorize an authenticated user via a "require ldap-group X" directive
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek where the user is not in group X, but is in a subgroup contained in X.
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek PR 42891 [Paul J. Reder]
ca261795ce61c41d7e62217ccb2ee913923040ffPavel Březina *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher for SDKs that define LDAP_NO_LIMIT to something other than -1.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [David Jones <oscaremma gmail.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) apxs: Enhance -q flag to print all known variables and their values
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher when invoked without variable name(s).
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [William Rowe, Sander Temme]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) apxs: Eliminate run-time check for mod_so. PR 40653.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [David M. Lee <dmlee crossroads.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) beos MPM: Create pmain pool and run modules' child_init hooks when
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher cleanups registered in modules' child_init hooks are performed.
126c9338cf12a3e4404c36bbe4ec14b18f23537cMaxim [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_dbd: Stash DBD connections in request_config of initial request
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher only, or else sub-requests and internal redirections may cause
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher entire DBD pool to be stashed in a single HTTP request. [Chris Darroch]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Fix issue which could cause error messages to be written to access logs
4e0404ca1b19830dc0f729e59efd5bbd0a9d6103Lukas Slebodnik on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) The LockFile directive, which specifies the location of
eaa723b4d06b4c1e588df67bef44a84bbfaebf1aLukas Slebodnik the accept() mutex lockfile, is deprecated. Instead, the
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher AcceptMutex directive now takes an optional lockfile
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher location parameter, ala SSLMutex. [Jim Jagielski]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_authn_dbd: Export any additional columns queried in the SQL select
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher into the environment with the name AUTHENTICATE_<COLUMN>. This brings
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_dbd: Key the storage of prepared statements on the hex string
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher value of server_rec, rather than the server name, as the server name
bfbf5cb0f00c60c0f000f56c282377b13b9a89abSumit Bose may change (eg when the server name is set) at any time, causing
fe2091327ff44f80d6681c261494e4432404e9baStephen Gallagher weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher the first bucket from the brigade, finds it not to be a FILE
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher bucket and barfs. The fix is to pass a bucket rather than a brigade.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Niklas Edmundsson <nikke acc.umu.se>]
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) ap_get_server_version() has been removed. Third-party modules must
3a4186ae40d0c3b7be46a4c973166f6048fcfe38Lukas Slebodnik now use ap_get_server_banner() or ap_get_server_description().
8bcabb97d988d1602882a1f036aac2eaf5e09234Simo Sorce [Jeff Trawick]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) All MPMs: Introduce a check_config phase between pre_config and
1658c567191c35beaddffafdb079abe33248037bLukas Slebodnik open_logs, to allow modules to review interdependent configuration
29be7d76c949b82350c7603cfd362a1fcb47eb1bJan Zeleny directive values and adjust them while messages can still be logged
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher to the console. Handle relevant MPM directives during this phase
72e60fd4eabcfbcdbfe01e8c38b94052bc6c2067Jakub Hrozek and format messages for both the console and the error log, as
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher appropriate. [Chris Darroch]
b32159300fea63222d8dd9200ed634087704ea74Stephen Gallagher *) mod_proxy: don't URLencode tilde in path component
748ba184db97b7534254f97018fa04e8aa458faeJan Cholasta [Stijn Hoop <stijn sandcat.nl>]
701f13b5c8e27bcbfc79e77ce7c76d9f768a448cLukas Slebodnik *) mpm_winnt: Fix return values from wait_for_many_objects.
3fc158e59eebbc2f538fe0076a03928d0d4eab9fPavel Březina The return value is index to the signaled thread in the
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher creted_threads array. We can not use WAIT_TIMEOUT because
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher his value is defined as 258, thus limiting the MaxThreads
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher to that value. [Mladen Turk]
5f90993426fa2bdc3b3d994c9e85e0805bb92bbcSimo Sorce *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
9959c512ac3ba36f7a0db7614f0357ce0bae748fJakub Hrozek to circumvent the symbolic link checks imposed by FollowSymLinks and
7452f1b637276ce582b120f8f5482ae7f3b6bd47Jakub Hrozek SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
2fa8d6655ac37f9bdeb34420000052d921f4a543Michal Zidek *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
a473fb88e6015cf0ccbd2e9005c7e6acca18f452Pavel Březina configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher The default is none as this is far greater debugging resolution than
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher the typical administrator is prepared to untangle. [William Rowe]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_disk_cache: If possible, check if the size of an object to cache is
e850be1ff2e13bba9812c94c3d102c0a0b570820Jakub Hrozek within the configured boundaries before actually saving data.
360a4be4266d6a72be99dfd252623dc0527f5b84Pavel Březina [Niklas Edmundsson <nikke acc.umu.se>]
d844aab866ae237844360cea70e2dccdc90c783dStephen Gallagher *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher final name. [Davi Arnaut <davi haxent.com.br>]
ef39c0adcb61b16f9edc7beb4cdc8f3b0d5a8f15Stephen Gallagher *) Worker and event MPMs: Remove improper scoreboard updates which were
8c3a4809b3420657289b42f028a1c9019b112991Stephen Gallagher performed in the event of a fork() failure. [Chris Darroch]
b9e5bd09a5ff7009537a18914dbebcf10498f592Sumit Bose *) Add support for fcgi:// proxies to mod_rewrite.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Markus Schiegl <ms schiegl.com>]
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek *) Remove incorrect comments from scoreboard.h regarding conditional
e7311aec8d691e5427317442387af1bc8fff3742Jan Cholasta loading of worker_score structure with mod_status, and remove unused
cb4d5b588e704114b7090678752d33512baa718eJakub Hrozek definitions relating to old life_status field.
590582be38cdbfde387fcc57df92903d48c5a083Jakub Hrozek [Chris Darroch <chrisd pearsoncmg.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Remove allocation of memory for unused array of lb_score pointers
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
df4e1db5d41c903ae57fd880acc76a0ad84aa7b2Pavel Březina [Garrett Rooney, Jim Jagielski, Paul Querna]
3f98cdc011bb4e8cd22c088f288b0bcdb6452492Jakub Hrozek *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
1f1e6cbc59868f06dee3ab4b3df660fcb77ce1c8Jakub Hrozek [Chris Darroch <chrisd pearsoncmg.com>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) mod_charset_lite: Remove Content-Length when output filter can
4c1bf6607060cea867fccf667063c028dfd51e96Stephen Gallagher invalidate it. Warn when input filter can invalidate it.
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta [Jeff Trawick]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Authz: Add the new module mod_authn_core that will provide common
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher authn directives such as 'AuthType', 'AuthName'. Move the directives
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher into mod_authn_core. [Brad Nicholes]
fa70db6004a099afb7cb55031cd7bacb9e78202ePavel Březina *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
ac47e8854f3bc404f2a35c6682faf621673d6b32Pavel Březina into the new module mod_access_compat which can be loaded to provide
b79e0e50a935d108173ca3062f2afe16103fcb1dPavel Březina support for these directives.
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher [Brad Nicholes]
87c07559af5cfcd2752295ef7c425bd3205f426fStephen Gallagher *) Authz: Move the 'Require' directive from the core module as well as
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher logic into the authorization processing. [Brad Nicholes]
3441d0c2d11aea0c39b009751a1898333c009674Stephen Gallagher *) Authz: Add the new module mod_authz_core which acts as the
65e8f538ad35ba7d86cd9e60a3d86aec34537027Stephen Gallagher authorization provider vector and contains common authz
45aeb924ec3ac448bb8d174a5cc061ed98b147c7Jakub Hrozek directives. [Brad Nicholes]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
4af1d1869d659fec84c518c26844132fa1df8f64Jakub Hrozek host-based access control provided by mod_authz_host and invoked
e9eeb4302e0e426c6cc1a4e65b95a6f7066e80b9Pavel Březina through the 'Require' directive. [Brad Nicholes]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Authz: Convert all of the authz modules from hook based to
65e8f538ad35ba7d86cd9e60a3d86aec34537027Stephen Gallagher provider based. [Brad Nicholes]
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce *) mod_cache: Add CacheMinExpire directive to set the minimum time in
9cb46bc62f22e0104f1b41a423b014c281ef5fc2Jakub Hrozek seconds to cache a document.
8ca73915a3bf60331468fed6b3b38652c979f95dJakub Hrozek [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
213ce2a78b1abe3921d8dc13c949a28130d00aecJan Zeleny *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
38e2ec1c757955ab557fd95807afa58042d09482Jan Zeleny *) Fix typo in ProxyStatus syntax error message.
ad07ed37b6b51ef134d4524edaf2259e19ac984fJan Zeleny [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Asynchronous write completion for the Event MPM. [Brian Pane]
81165faf5d951aca69f410713730c26ff048ec44Sumit Bose *) Added an End-Of-Request bucket type. The logging of a request and
3a62a99faf8e12965100d0b26fc9e07752bd3e2dStephen Gallagher the freeing of its pool are now done when the EOR bucket is destroyed.
1a7d1977037864e52858058777af8ff8401547ddJan Cholasta This has the effect of delaying the logging until right after the last
65e8f538ad35ba7d86cd9e60a3d86aec34537027Stephen Gallagher of the response is sent; ap_core_output_filter() calls the access logger
88275cccddf39892e01682b39b02292eb74729bdPavel Březina indirectly when it destroys the EOR bucket. [Brian Pane]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Rewrite of logresolve support utility: IPv6 addresses are now supported
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher and the format of statistical output has changed. [Colm MacCarthaigh]
551aa6c36797ed720487f5974dcadabf19e6ff9fStephen Gallagher *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
4139a7a731f2831963a42b26aac111422be28792Jakub Hrozek *) Added new connection states for handler and write completion
3f32406640d89face5e79244b4d8dab34adb6c7cPavel Březina *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
17d37aecdf397fcb7a1d0c75adebdb25d7be112ePavel Březina [Justin Erenkrantz]
e293fba4f5459f3c2dad254dcc966407d8fc3312Jakub Hrozek *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
885386b7e3f1c3e74b354576b98a092b0835d64eSumit Bose allowing string-valued client certificate attributes to be used for
885386b7e3f1c3e74b354576b98a092b0835d64eSumit Bose access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
885386b7e3f1c3e74b354576b98a092b0835d64eSumit Bose [Martin Kraemer, David Reid]
b9c8ce2bdd4045782c243605a1b999098bedcffcNoam Meltzer [Apache 2.1.0-dev includes those bug fixes and changes with the
a7e27c11866a48742bb70564b88e15bf15e9367dPavel Březina Apache 2.2.xx tree as documented, and except as noted, below.]
462db32918a05097652f8232cd6c8d78a826e63cLukas SlebodnikChanges with Apache 2.2.x and later:
347f7c4d1e8e83fc7ffcaf9524a67e8b3ad5d7c5Jan Cholasta *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub HrozekChanges with Apache 2.0.x and later:
3b08dec5ee634f83ee18e1753d5ffe0ac5e3c458Jakub Hrozek *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
374bf54785365273b20690bd3792c25a44738041Pavel BřezinaChanges with Apache 1.3.x and later: