CHANGES revision e2bb6b0c7c3677acdf102b743a2218aa37725c81
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.3.0
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem[ When backported to 2.2.x, remove entry from this file ]
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic *) core: Lower memory consumption of ap_r* functions by reusing the brigade
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic instead of recreating it during each filter pass.
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic [Stefan Fritsch <sf sfritsch.de>]
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) mod_proxy_ajp: Use 64K as maximum AJP packet size. This is the maximum
4da61833a1cbbca94094f9653fd970582b97a72etrawick length we can squeeze inside the AJP message packet.
4da61833a1cbbca94094f9653fd970582b97a72etrawick [Mladen Turk]
4789804be088bcd86ae637a29cdb7fda25169521jailletc *) core: Lower memory consumption in case that flush buckets are passed thru
4789804be088bcd86ae637a29cdb7fda25169521jailletc the chunk filter as last bucket of a brigade. PR 23567.
4789804be088bcd86ae637a29cdb7fda25169521jailletc [Stefan Fritsch <sf sfritsch.de>]
e50c3026198fd496f183cda4c32a202925476778covener *) mod_proxy: Keep connections to the backend persistent in the HTTPS case.
e50c3026198fd496f183cda4c32a202925476778covener [Ruediger Pluem]
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin *) rotatelogs: Improve atomicity when using -l and cleaup code.
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin PR 44004 [Rainer Jung]
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic *) mod_ssl: Add support for OCSP validation of client certificates.
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic *) mod_unique_id: Fix timestamp value in UNIQUE_ID.
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic PR 37064 [Kobayashi <kobayashi firstserver.co.jp>]
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic *) mod_serf: New module for Reverse Proxying. [Paul Querna]
69301145375a889e7e37caf7cc7321ac0f91801erpluem *) core: Add the option to keep aside a request body up to a certain
69301145375a889e7e37caf7cc7321ac0f91801erpluem size that would otherwise be discarded, to be consumed by filters
69301145375a889e7e37caf7cc7321ac0f91801erpluem such as mod_include. When enabled for a directory, POST requests
506bfe33206b2fece40ef25f695af39dd4130facjkaluza to shtml files can be passed through to embedded scripts as POST
506bfe33206b2fece40ef25f695af39dd4130facjkaluza requests, rather being downgraded to GET requests. [Graham Leggett]
506bfe33206b2fece40ef25f695af39dd4130facjkaluza *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
d58a848a016d401b965111e50ef829e1641f7834minfrin *) scoreboard: Correctly declare ap_time_process_request.
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic provide the unusual legacy lookup. [William Rowe]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) mpm winnt: fix null pointer dereference
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic PR 42572 [Davi Arnaut]
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic *) mod_proxy_http: Correctly forward unexpected interim (HTTP 1xx)
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic responses from the backend according to RFC2616. But make it
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic configurable in case something breaks on it.
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic PR 16518 [Nick Kew]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) mod_deflate: Don't leave a strong ETag in place while transforming
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic the entity.
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic PR 39727 [Nick Kew]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) core: reinstate location walk to fix config for subrequests
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener PR 41960 [Jose Kahan <jose w3.org>]
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) mod_log_config: Add format options for %p so that the actual local
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener or remote port can be logged. PR 43415. [Adam Hasselbalch Hansen
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener <ahh@one.com>, Ruediger Pluem, Jeff Trawick]
44ff304057225e944e220e981d434a046d14cf06covener *) mod_include: Add an "if" directive syntax to test whether an URL
44ff304057225e944e220e981d434a046d14cf06covener is accessible, and if so, conditionally display content. This
44ff304057225e944e220e981d434a046d14cf06covener allows a webmaster to hide a link to a private page when the user
5d1ba75b8794925e67591c209085a49279791de9covener has no access to that page. [Graham Leggett]
5d1ba75b8794925e67591c209085a49279791de9covener *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand parameters to the environment. Improve portability to
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand EBCDIC machines by using apr_toupper(). [Martin Kraemer]
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand *) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
caad2986f81ab263f7af41467dd622dc9add17f3ylavic to authorize an authenticated user via a "require ldap-group X" directive
caad2986f81ab263f7af41467dd622dc9add17f3ylavic where the user is not in group X, but is in a subgroup contained in X.
caad2986f81ab263f7af41467dd622dc9add17f3ylavic PR 42891 [Paul J. Reder]
45a10d38e6051fd7bdf9d742aaae633d97ff02abjailletc *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
f7317ff316c2b141feea31bddb74d5d3fa1584edjorton *) ab: Add -r option to continue after socket receive errors.
2165214331e4afafca4048f66f303d0253d7b001covener [Filip Hanik <devlist hanik.com>]
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem *) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
1e2d421a36999d292042a5539971070d54aa6c63ylavic for SDKs that define LDAP_NO_LIMIT to something other than -1.
1e2d421a36999d292042a5539971070d54aa6c63ylavic [David Jones <oscaremma gmail.com>]
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh *) mod_dbd: Introduce configuration groups to allow inheritance by virtual
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh hosts of database configurations from the main server. Determine the
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh minimal set of distinct configurations and share connection pools
0b67eb8568cd58bb77082703951679b42cf098actrawick whenever possible. Allow virtual hosts to override inherited SQL
0b67eb8568cd58bb77082703951679b42cf098actrawick statements. PR 41302. [Chris Darroch]
0b67eb8568cd58bb77082703951679b42cf098actrawick *) apxs: Enhance -q flag to print all known variables and their values
5ef3c61605a3a021ff71f488983cb0065f8e1a79covener when invoked without variable name(s).
fb1985a97912b25ec6564c73e610a31e5fc6e25fcovener [William Rowe, Sander Temme]
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic *) apxs: Eliminate run-time check for mod_so. PR 40653.
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic [David M. Lee <dmlee crossroads.com>]
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic *) beos MPM: Create pmain pool and run modules' child_init hooks when
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic [Chris Darroch]
e6b4bd1113567627ab6bb6c6a7105e1e01a7d889jailletc *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
e466c40e1801982602ee0200c9e8b61cc148742djailletc cleanups registered in modules' child_init hooks are performed.
e466c40e1801982602ee0200c9e8b61cc148742djailletc [Chris Darroch]
457468b82e59d01eba00dd9d0817309c8f5e414ejim *) mod_dbd: Stash DBD connections in request_config of initial request
457468b82e59d01eba00dd9d0817309c8f5e414ejim only, or else sub-requests and internal redirections may cause
04983e3bd1754764eec7d6bb772fe3b0bf391771jorton entire DBD pool to be stashed in a single HTTP request. [Chris Darroch]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem *) Fix issue which could cause error messages to be written to access logs
15660979a30d251681463de2e0584853890082accovener on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
49dacedb6c387b786b7911082ff35121a45f414bcovener *) The LockFile directive, which specifies the location of
49dacedb6c387b786b7911082ff35121a45f414bcovener the accept() mutex lockfile, is deprecated. Instead, the
cfd9415521847b2f9394fad04fb701cfb955f503rjung AcceptMutex directive now takes an optional lockfile
cfd9415521847b2f9394fad04fb701cfb955f503rjung location parameter, ala SSLMutex. [Jim Jagielski]
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe *) mod_authn_dbd: Export any additional columns queried in the SQL select
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe into the environment with the name AUTHENTICATE_<COLUMN>. This brings
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe *) mod_dbd: Key the storage of prepared statements on the hex string
8491e0600f69b0405e156ea8a419653c065c645bcovener value of server_rec, rather than the server name, as the server name
63b9f1f5880391261705f696d7d65507bbe9ace3covener may change (eg when the server name is set) at any time, causing
63b9f1f5880391261705f696d7d65507bbe9ace3covener weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
49dacedb6c387b786b7911082ff35121a45f414bcovener *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
49dacedb6c387b786b7911082ff35121a45f414bcovener *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
49dacedb6c387b786b7911082ff35121a45f414bcovener the first bucket from the brigade, finds it not to be a FILE
3c990331fc6702119e4f5b8ba9eae3021aea5265jim bucket and barfs. The fix is to pass a bucket rather than a brigade.
3c990331fc6702119e4f5b8ba9eae3021aea5265jim [Niklas Edmundsson <nikke acc.umu.se>]
3c990331fc6702119e4f5b8ba9eae3021aea5265jim *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
fc42512879dd0504532f52fe5d0d0383dda96a1eniq *) ap_get_server_version() has been removed. Third-party modules must
fc42512879dd0504532f52fe5d0d0383dda96a1eniq now use ap_get_server_banner() or ap_get_server_description().
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq [Jeff Trawick]
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq *) All MPMs: Introduce a check_config phase between pre_config and
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc open_logs, to allow modules to review interdependent configuration
983528026996668ea295be95aedb9c7a346af470ylavic directive values and adjust them while messages can still be logged
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc to the console. Handle relevant MPM directives during this phase
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc and format messages for both the console and the error log, as
06b8f183140c8e02e0974e938a05078b511d1603covener appropriate. [Chris Darroch]
06b8f183140c8e02e0974e938a05078b511d1603covener *) mod_proxy: don't URLencode tilde in path component
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem [Stijn Hoop <stijn sandcat.nl>]
259878293a997ff49f5ddfc53d3739cbdc25444ecovener *) mpm_winnt: Fix return values from wait_for_many_objects.
259878293a997ff49f5ddfc53d3739cbdc25444ecovener The return value is index to the signaled thread in the
259878293a997ff49f5ddfc53d3739cbdc25444ecovener creted_threads array. We can not use WAIT_TIMEOUT because
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem his value is defined as 258, thus limiting the MaxThreads
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin to that value. [Mladen Turk]
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
65967d05f839dbf27cf91d91fa79585eeae19660minfrin to circumvent the symbolic link checks imposed by FollowSymLinks and
65967d05f839dbf27cf91d91fa79585eeae19660minfrin SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
65967d05f839dbf27cf91d91fa79585eeae19660minfrin *) mod_proxy: Support environment variable interpolation in reverse
8152945ae46857b170cb227e79bb799f4fc7710dminfrin proxying directives. [Nick Kew]
8152945ae46857b170cb227e79bb799f4fc7710dminfrin *) core: Add the filename of the configuration file to the warning message
8152945ae46857b170cb227e79bb799f4fc7710dminfrin about the useless use of AllowOverride. PR 39992.
75f5c2db254c0167a0e396254460de09b775d203trawick [Darryl Miles <darryl darrylmiles.org>]
75f5c2db254c0167a0e396254460de09b775d203trawick *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph The default is none as this is far greater debugging resolution than
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph the typical administrator is prepared to untangle. [William Rowe]
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick *) mod_disk_cache: If possible, check if the size of an object to cache is
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick within the configured boundaries before actually saving data.
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick [Niklas Edmundsson <nikke acc.umu.se>]
54d750a84a175d8e338880514d440773eb986b50covener *) mod_cache: Convert all values to seconds before comparing them when
54d750a84a175d8e338880514d440773eb986b50covener checking whether to send a Warning header for a stale response.
54d750a84a175d8e338880514d440773eb986b50covener PR 39713. [Owen Taylor <otaylor redhat.com>]
54d750a84a175d8e338880514d440773eb986b50covener *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
54d750a84a175d8e338880514d440773eb986b50covener final name. [Davi Arnaut <davi haxent.com.br>]
7a3aa12f0eda24793ee26d6a179bd53132e9dae8covener *) Worker and event MPMs: Remove improper scoreboard updates which were
54d750a84a175d8e338880514d440773eb986b50covener performed in the event of a fork() failure. [Chris Darroch]
83b50288fa7d306324bba68832011ea08f5c7832covener *) Add support for fcgi:// proxies to mod_rewrite.
4e30ef014533a7e93c92d88306291f5e49c9692ftrawick [Markus Schiegl <ms schiegl.com>]
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick *) Remove incorrect comments from scoreboard.h regarding conditional
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick loading of worker_score structure with mod_status, and remove unused
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick definitions relating to old life_status field.
2e15620d724fb8e3a5be183b917359a2fd6e9468covener [Chris Darroch <chrisd pearsoncmg.com>]
2e15620d724fb8e3a5be183b917359a2fd6e9468covener *) Remove allocation of memory for unused array of lb_score pointers
2e15620d724fb8e3a5be183b917359a2fd6e9468covener in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener [Garrett Rooney, Jim Jagielski, Paul Querna]
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener [Chris Darroch <chrisd pearsoncmg.com>]
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd *) mod_charset_lite: Remove Content-Length when output filter can
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd invalidate it. Warn when input filter can invalidate it.
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd [Jeff Trawick]
179565be4043d7e5f9161aa75271fa0a001866d9covener *) Authz: Add the new module mod_authn_core that will provide common
179565be4043d7e5f9161aa75271fa0a001866d9covener authn directives such as 'AuthType', 'AuthName'. Move the directives
111436a32ba1254291e4883292fb116d15fe8f64covener 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener into mod_authn_core. [Brad Nicholes]
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener into the new module mod_access_compat which can be loaded to provide
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick support for these directives.
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick [Brad Nicholes]
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz *) Authz: Move the 'Require' directive from the core module as well as
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza logic into the authorization processing. [Brad Nicholes]
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza *) Authz: Add the new module mod_authz_core which acts as the
efe780dcf13b2b95effabf897d694d8f23feac74trawick authorization provider vector and contains common authz
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin directives. [Brad Nicholes]
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
ba050a6f942b9fa0e81ed73437588005c569655ccovener host-based access control provided by mod_authz_host and invoked
ba050a6f942b9fa0e81ed73437588005c569655ccovener through the 'Require' directive. [Brad Nicholes]
ba050a6f942b9fa0e81ed73437588005c569655ccovener *) Authz: Convert all of the authz modules from hook based to
135ddda3a989215d2bedbcf1529bfb269c3eda23niq provider based. [Brad Nicholes]
135ddda3a989215d2bedbcf1529bfb269c3eda23niq *) mod_cache: Add CacheMinExpire directive to set the minimum time in
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh seconds to cache a document.
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
efe780dcf13b2b95effabf897d694d8f23feac74trawick *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
cc5a4a08dc9783fcbc52ce86f11e01c281a43810minfrin *) Fix typo in ProxyStatus syntax error message.
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener *) Asynchronous write completion for the Event MPM. [Brian Pane]
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza *) Added an End-Of-Request bucket type. The logging of a request and
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza the freeing of its pool are now done when the EOR bucket is destroyed.
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza This has the effect of delaying the logging until right after the last
56589be3d7a3e9343370df240010c6928cc78b39jkaluza of the response is sent; ap_core_output_filter() calls the access logger
56589be3d7a3e9343370df240010c6928cc78b39jkaluza indirectly when it destroys the EOR bucket. [Brian Pane]
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc *) Rewrite of logresolve support utility: IPv6 addresses are now supported
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc and the format of statistical output has changed. [Colm MacCarthaigh]
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick *) Added new connection states for handler and write completion
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick [Brian Pane]
4d12805e6c18253040223ea637acd6b3b3c18f60jorton *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
4d12805e6c18253040223ea637acd6b3b3c18f60jorton [Justin Erenkrantz]
85eacfc96a04547ef25aabbc06440039715084c2jorton *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
e5d909f2b06bd880fb3675cd49363df981caa631trawick allowing string-valued client certificate attributes to be used for
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener [Martin Kraemer, David Reid]
cb666b29f81df1d11d65002250153353568021fccovener [Apache 2.1.0-dev includes those bug fixes and changes with the
cb666b29f81df1d11d65002250153353568021fccovener Apache 2.2.xx tree as documented, and except as noted, below.]
6a80c3c6f4b8ea7ba5e89402b8b779b09ce020e0covenerChanges with Apache 2.2.x and later:
6a80c3c6f4b8ea7ba5e89402b8b779b09ce020e0covener *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
75a230a728338d84dcfe81edd375352f34de22d0covenerChanges with Apache 2.0.x and later:
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covenerChanges with Apache 1.3.x and later: