1124N/A *) mod_proxy_wstunnel: Don't pool backend websockets connections,
1124N/A because we need to handshake every time. PR 55890.
1124N/A *) mod_proxy_http: Add detach_backend hook (potentially usable
1124N/A in other proxy scheme handlers). [Jeff Trawick]
1124N/A *) mod_deflate: Add DeflateAlterETag to control how the ETag
1124N/A is modified. The 'NoChange' parameter mimics
2.2.x behavior.
1124N/A PR 45023, PR 39727. [Eric Covener]
1124N/A *) mod_ssl: fix merging of global and vhost-level settings with the
1124N/A SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
1124N/A directives. PR 56353. [Kaspar Brand]
1124N/A *) mod_ssl: avoid processing bogus SSLCertificateKeyFile values
1124N/A (and logging garbled file names). PR 56306. [Kaspar Brand]
1124N/A *) mod_proxy_fcgi: Fix sending of response without some HTTP headers
1124N/A *) mod_rewrite: Add 'BNF' (backreferences-no-plus) flag to RewriteRule to
1124N/A allow spaces in backreferences to be encoded as %20 instead of '+'.
1124N/A *) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
1124N/A no longer send warning-level unrecognized_name(112) alerts,
1124N/A and limit startup warnings to cases where an OpenSSL version
1124N/A without TLS extension support is used. PR 56241. [Kaspar Brand]
1124N/A *) mod_proxy_html: Do not delete the wrong data from HTML code when a
1124N/A "http-equiv" meta tag specifies a Content-Type behind any other
1124N/A "http-equiv" meta tag. PR 56287 [Micha Lenk <micha lenk info>]
1124N/A *) mod_expires: don't add Expires header to error responses (4xx/5xx),
1124N/A be they generated or forwarded. PR 55669. [ Yann Ylavic ]
1124N/A *) mod_rewrite: Support an optional list of characters to escape in the
1124N/A argument for the 'B' (escape backreferences) flag. [Eric Covener]
1124N/A *) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
1124N/A OCSP requests should use a nonce to be checked against the responder's
1124N/A one. PR 56233. [ Yann Ylavic ]
1124N/A *) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
1124N/A under the Event MPM. PR56216. [Frank Meier <frank meier ergon ch>]
1124N/A *) mod_lua: Add r:wspeek for checking if there is any data waiting on the line
1124N/A *) mod_proxy: Do not try to parse the regular expressions passed by
1124N/A ProxyPassMatch as URL as they do not follow their syntax.
1124N/A *) mod_dir: Default to 2.2-like behavior and skip execution when method is
1124N/A neither GET nor POST, such as for DAV requests. PR 54914. [Chris Darroch]
1124N/A *) mod_rewrite: Rename the handler that does per-directory internal
1124N/A redirects to "rewrite-redirect-handler" from "redirect-handler" so
1124N/A it is less ambiguous and less likely to be reused. [Eric Covener]
1124N/A *) mod_rewrite: Protect against looping with the [N] flag by enforcing a
1124N/A default limit of 10000 iterations, and allowing each rule to change its
1124N/A *) mod_ssl: Fix config merging of SSLOCSPEnable and SSLOCSPOverrideResponder.
1124N/A *) Add HttpContentLengthHeadZero and HttpExpectStrict directives.
1124N/A [Yehuda Sadeh <yehuda inktank com>, Justin Erenkrantz]
1124N/A *) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
1124N/A 5+ instead of just for FreeBSD 5. PR 53824. [Jeff Trawick]
1124N/A *) mod_auth_form: Add a debug message when the fields on a form are not
1124N/A recognised. [Graham Leggett]
1124N/A *) mod_ssl: Add -t -DDUMP_CA_CERTS option which dumps the filenames of all
1124N/A configured SSL CA certificates to stdout the same way as DUMP_CERTS does.
1124N/A *) mod_headers: Allow the "value" parameter of Header and RequestHeader to
1124N/A contain an ap_expr expression if prefixed with "expr=". [Eric Covener]
1124N/A *) Add suspend_connection and resume_connection hooks to notify modules
1124N/A only for the Event MPM; should be implemented for all async MPMs.)
1124N/A *) mod_ssl: Don't flush when an EOS is received. Prepares mod_ssl
1124N/A to support write completion. [Graham Leggett]
1124N/A *) core: Add parse_errorlog_arg callback to ap_errorlog_provider
1124N/A to allow providers to check the ErrorLog argument. [Jan Kaluza]
1124N/A *) mod_cgid: Use the servers Timeout for each read from a CGI script,
1124N/A allow override with new CGIDRequestTimeout directive. PR43494
1124N/A [Eric Covener, Toshikuni Fukaya <toshikuni-fukaya cybozu co jp>]
1124N/A *) core: Add missing Reason-Phrase in HTTP response headers.
1124N/A *) core: ensure any abnormal exit is reported to stderr if it's a tty.
1124N/A *) mod_auth_form: Make sure the optional functions are loaded even when
1124N/A the AuthFormProvider isn't specified. [Graham Leggett]
1301N/A *) mod_lua: Let the Inter-VM
get/set functions work with a global
1124N/A shared memory pool instead of a per-process pool. [Daniel Gruno]
1124N/A *) ldap: Support ldaps when using the Microsoft LDAP SDK.
1124N/A PR 54626. [Jean-Frederic Clere]
1124N/A *) mod_proxy: Add ap_connection_reusable() for checking if a connection
1124N/A is reusable as of this point in processing. [Jeff Trawick]
1124N/A *) mod_authnz_ldap: Change default value of AuthLDAPMaxSubGroupDepth to 0
1124N/A to avoid performance problems when subgroups aren't in use. [Eric Covener]
1124N/A *) mod_syslog: New module implementing syslog ap_error_log provider.
1124N/A Previously, this code was part of core, now it's in separate module.
1124N/A *) core: Add ap_errorlog_provider to make ErrorLog logging modular. Move
1124N/A syslog support from core to new mod_syslog. [Jan Kaluza]
1124N/A *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
1124N/A save the socket for reuse by the next worker as if it were an
1124N/A APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener]
1124N/A *) mod_status, mod_echo: Fix the display of client addresses.
1124N/A They were truncated to 31 characters which is not enough for IPv6 addresses.
1124N/A PR 54848 [Bernhard Schmidt <berni birkenwald de>]
1124N/A *) mod_authnz_fcgi: New module to enable FastCGI authorizer
1124N/A *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
1124N/A *) mod_unique_id: Use output of the PRNG rather than IP address and
1124N/A pid, avoiding sleep() call and possible DNS issues at startup,
1124N/A plus improving randomness for IPv6-only hosts.
1124N/A *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
1124N/A filters, such as "SDBM-backed LDAP" on
z/OS, by allowing a special
1124N/A filter "none" to be specified in AuthLDAPURL. [Eric Covener]
1124N/A *) mod_file_cache: mod_file_cache should be able to serve files that
1124N/A haven't had a Content-Type set via
e.g. mod_mime. [Eric Covener]
1124N/A *) core: merge AllowEncodedSlashes from the base configuration into
1124N/A virtual hosts. [Eric Covener]
1124N/A *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
1124N/A *) mod_deflate: permit compilation of mod_deflate against a zlib that has
1124N/A been configured with -D Z_PREFIX, which redefines the token "deflate".
1124N/A *) mod_auth_digest: Use the secret when generating nonces in all cases and
1124N/A not only when AuthName is used in .htaccess files (this change may cause
1124N/A problems if used with round robin load balancers). Don't regenerate the
1124N/A secret on graceful restarts. PR 54637 [Stefan Fritsch]
1124N/A *) core: Remove apr_brigade_flatten(), buffering and duplicated code
1124N/A from the HTTP_IN filter, parse chunks in a single pass with zero copy.
1124N/A Reduce memory usage by 48 bytes per request. [Graham Leggett]
1124N/A *) core: Stop the HTTP_IN filter from attempting to write error buckets
1124N/A to the output filters, which is bogus in the proxy case. Create a
1124N/A clean mapping from APR codes to HTTP status codes, and use it where
1124N/A *) mod_proxy: Ensure network errors detected by the proxy are returned as
1124N/A 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
1124N/A compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
1124N/A *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
1124N/A *) core, mod_ssl: Enable the ability for a module to reverse the sense of
1124N/A a poll event from a read to a write or vice versa. This is a step on
1124N/A the way to allow mod_ssl taking full advantage of the event MPM.
1124N/A *) mod_ldap: LDAP connections used for authentication were not respecting
1124N/A LDAPConnectionPoolTimeout. PR 54587
1124N/A *) core: ap_rgetline_core now pulls from r->proto_input_filters.
1124N/A *) mod_proxy_html: process parsed comments immediately.
1124N/A Fixes bug where parsed comments may be lost. [Nick Kew]
1124N/A *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
1124N/A *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
1124N/A *) core: Add option to add valgrind support. Use it to reduce false positive
1124N/A warnings in mod_ssl. [Stefan Fritsch]
1124N/A *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
1124N/A Cache the result of the most recent password hash verification for every
1124N/A keep-alive connection. This saves some expensive calculations.
1124N/A *) http: Remove support for Request-Range header sent by Navigator 2-3 and
1124N/A *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
1124N/A conformance or to only log the found problems. [Stefan Fritsch]
1124N/A *) core: Correctly parse an IPv6 literal host specification in an absolute
1124N/A URL in the request line. [Stefan Fritsch]
1124N/A *) core: Add LogLevelOverride directive that allows to override the
1124N/A loglevel for clients from certain IPs. This also works for things
1124N/A like the SSL handshake where <If> LogLevel ... </If> is evaluated
1124N/A *) core: Add new directive Warning to issue warnings from a configuration
1124N/A file. Both Warning and Error now generate a timestamped log message.
1124N/A *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
1124N/A variables. [Stefan Fritsch]
1124N/A *) core: New directive RegisterHttpMethod for registering non-standard
1088N/A HTTP methods. [Stefan Fritsch]
1088N/A *) core: New directive HttpProtocol which allows to disable HTTP/0.9
1088N/A *) mod_allowhandlers: New module to forbid specific handlers for specific
1088N/A directories. [Stefan Fritsch]
1088N/A *) mod_systemd: New module, for integration with systemd on Linux.
1088N/A *) WinNT MPM: Store pid and generation for each thread in scoreboard
1088N/A to allow tracking of threads from exiting children via mod_status
1088N/A or other such mechanisms. [Jeff Trawick]
1088N/A - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
1088N/A - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
1088N/A - mod_cache: thundering herd lock directory
1124N/A - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
1124N/A - mod_ldap: shared memory cache
1301N/A - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
1301N/A *) suexec: Add --enable-suexec-capabilites support on Linux, to use
1301N/A *) suexec: Add support for logging to syslog as an alternative to logging
1301N/A to a file; configure --without-suexec-logfile --with-suexec-syslog.
1301N/A *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
1301N/A *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
1301N/A be compiled by the build compiler instead of the host compiler.
1301N/A Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
1301N/A *) core: In maintainer mode, replace apr_palloc with a version that
1301N/A initializes the allocated memory with non-zero values, except if
1301N/A AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
1301N/A *) mod_policy: Add a new testing module to help server administrators
1301N/A enforce a configurable level of protocol compliance on their
1124N/A servers and application servers behind theirs. [Graham Leggett]
1124N/A *) mod_firehose: Add a new debugging module able to record traffic
1124N/A passing through the server in such a way that connections
and/or 1124N/A requests be reconstructed and replayed. [Graham Leggett]
1124N/A [Apache 2.5.0-dev includes those bug fixes and changes with the
1124N/A Apache
2.4.xx tree as documented below, except as noted.]