CHANGES revision 01d82bc3ace026e822ea51e680977c6d3e6f7629
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.3.0
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem[ When backported to 2.2.x, remove entry from this file ]
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) mod_proxy_ajp: Differentiate within AJP between GET and HEAD
4da61833a1cbbca94094f9653fd970582b97a72etrawick requests. PR 43060 [Jim Jagielski]
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) mod_proxy_http: Propagate Proxy-Authorization header correctly.
4789804be088bcd86ae637a29cdb7fda25169521jailletc PR 25947 [Nick Kew]
4789804be088bcd86ae637a29cdb7fda25169521jailletc *) mod_proxy: escape error-notes correctly
4789804be088bcd86ae637a29cdb7fda25169521jailletc PR 40952 [Thijs Kinkhorst <thijs debian.org>]
e50c3026198fd496f183cda4c32a202925476778covener *) mod_proxy: check ProxyBlock for all blocked addresses
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin *) mod_proxy: Don't lose bytes when a response line arrives in small chunks.
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic PR 40894 [Andrew Rucker Jones <arjones simultan.dyndns.org>]
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic *) mod_rewrite: Add option to suppress URL unescaping
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic PR 34602 [Guenther Gsenger <guenther.gsenger gmail.com>]
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic *) mod_include: Add an "if" directive syntax to test whether an URL
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic is accessible, and if so, conditionally display content. This
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic allows a webmaster to hide a link to a private page when the user
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic has no access to that page. [Graham Leggett]
69301145375a889e7e37caf7cc7321ac0f91801erpluem *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
69301145375a889e7e37caf7cc7321ac0f91801erpluem parameters to the environment. Improve portability to
506bfe33206b2fece40ef25f695af39dd4130facjkaluza EBCDIC machines by using apr_toupper(). [Martin Kraemer]
506bfe33206b2fece40ef25f695af39dd4130facjkaluza *) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
506bfe33206b2fece40ef25f695af39dd4130facjkaluza to authorize an authenticated user via a "require ldap-group X" directive
d58a848a016d401b965111e50ef829e1641f7834minfrin where the user is not in group X, but is in a subgroup contained in X.
d58a848a016d401b965111e50ef829e1641f7834minfrin PR 42891 [Paul J. Reder]
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf *) Event MPM: Add support for running under mod_ssl, by reverting to the
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf Worker MPM behaviors, when run under an input filter that buffers
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf its own data. [Paul Querna]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) mod_substitute: Added a new experimental output filter, which
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic performs inline response content pattern matching (including
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic regex) and substitution. [Jim Jagielski]
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic *) core: Change etag generation to produce identical results on
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic 32-bit and 64-bit platforms. PR 40064. [Joe Orton]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) ab: Add -r option to continue after socket receive errors.
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic [Filip Hanik <devlist hanik.com>]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic for SDKs that define LDAP_NO_LIMIT to something other than -1.
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener [David Jones <oscaremma gmail.com>]
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) mod_dbd: Introduce configuration groups to allow inheritance by virtual
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener hosts of database configurations from the main server. Determine the
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener minimal set of distinct configurations and share connection pools
44ff304057225e944e220e981d434a046d14cf06covener whenever possible. Allow virtual hosts to override inherited SQL
44ff304057225e944e220e981d434a046d14cf06covener statements. PR 41302. [Chris Darroch]
44ff304057225e944e220e981d434a046d14cf06covener *) core: Fix broken chunk filtering that causes all non blocking reads to be
5d1ba75b8794925e67591c209085a49279791de9covener converted into blocking reads. PR 41056. [Jean-Frederic Clere, Jim Jagielski]
5d1ba75b8794925e67591c209085a49279791de9covener *) apxs: Enhance -q flag to print all known variables and their values
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand when invoked without variable name(s).
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand [William Rowe, Sander Temme]
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand *) apxs: Eliminate run-time check for mod_so. PR 40653.
caad2986f81ab263f7af41467dd622dc9add17f3ylavic [David M. Lee <dmlee crossroads.com>]
caad2986f81ab263f7af41467dd622dc9add17f3ylavic *) beos MPM: Create pmain pool and run modules' child_init hooks when
caad2986f81ab263f7af41467dd622dc9add17f3ylavic entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
45a10d38e6051fd7bdf9d742aaae633d97ff02abjailletc [Chris Darroch]
f7317ff316c2b141feea31bddb74d5d3fa1584edjorton *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
2165214331e4afafca4048f66f303d0253d7b001covener cleanups registered in modules' child_init hooks are performed.
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem [Chris Darroch]
1e2d421a36999d292042a5539971070d54aa6c63ylavic *) mod_dbd: Stash DBD connections in request_config of initial request
1e2d421a36999d292042a5539971070d54aa6c63ylavic only, or else sub-requests and internal redirections may cause
1e2d421a36999d292042a5539971070d54aa6c63ylavic entire DBD pool to be stashed in a single HTTP request. [Chris Darroch]
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh *) Fix issue which could cause error messages to be written to access logs
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
0b67eb8568cd58bb77082703951679b42cf098actrawick *) The LockFile directive, which specifies the location of
0b67eb8568cd58bb77082703951679b42cf098actrawick the accept() mutex lockfile, is deprecated. Instead, the
0b67eb8568cd58bb77082703951679b42cf098actrawick AcceptMutex directive now takes an optional lockfile
5ef3c61605a3a021ff71f488983cb0065f8e1a79covener location parameter, ala SSLMutex. [Jim Jagielski]
09c87c777bed1655621bb20e1c46cb6b1a63279dcovener *) mod_authn_dbd: Export any additional columns queried in the SQL select
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic into the environment with the name AUTHENTICATE_<COLUMN>. This brings
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic *) mod_dbd: Key the storage of prepared statements on the hex string
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic value of server_rec, rather than the server name, as the server name
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic may change (eg when the server name is set) at any time, causing
e6b4bd1113567627ab6bb6c6a7105e1e01a7d889jailletc weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
e466c40e1801982602ee0200c9e8b61cc148742djailletc *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
457468b82e59d01eba00dd9d0817309c8f5e414ejim *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
457468b82e59d01eba00dd9d0817309c8f5e414ejim the first bucket from the brigade, finds it not to be a FILE
457468b82e59d01eba00dd9d0817309c8f5e414ejim bucket and barfs. The fix is to pass a bucket rather than a brigade.
04983e3bd1754764eec7d6bb772fe3b0bf391771jorton [Niklas Edmundsson <nikke acc.umu.se>]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
15660979a30d251681463de2e0584853890082accovener *) ap_get_server_version() has been removed. Third-party modules must
15660979a30d251681463de2e0584853890082accovener now use ap_get_server_banner() or ap_get_server_description().
15660979a30d251681463de2e0584853890082accovener [Jeff Trawick]
cfd9415521847b2f9394fad04fb701cfb955f503rjung *) All MPMs: Introduce a check_config phase between pre_config and
cfd9415521847b2f9394fad04fb701cfb955f503rjung open_logs, to allow modules to review interdependent configuration
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe directive values and adjust them while messages can still be logged
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe to the console. Handle relevant MPM directives during this phase
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe and format messages for both the console and the error log, as
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe appropriate. [Chris Darroch]
8491e0600f69b0405e156ea8a419653c065c645bcovener *) mod_proxy: don't URLencode tilde in path component
63b9f1f5880391261705f696d7d65507bbe9ace3covener [Stijn Hoop <stijn sandcat.nl>]
63b9f1f5880391261705f696d7d65507bbe9ace3covener *) mpm_winnt: Fix return values from wait_for_many_objects.
49dacedb6c387b786b7911082ff35121a45f414bcovener The return value is index to the signaled thread in the
49dacedb6c387b786b7911082ff35121a45f414bcovener creted_threads array. We can not use WAIT_TIMEOUT because
49dacedb6c387b786b7911082ff35121a45f414bcovener his value is defined as 258, thus limiting the MaxThreads
49dacedb6c387b786b7911082ff35121a45f414bcovener to that value. [Mladen Turk]
3c990331fc6702119e4f5b8ba9eae3021aea5265jim *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
3c990331fc6702119e4f5b8ba9eae3021aea5265jim to circumvent the symbolic link checks imposed by FollowSymLinks and
3c990331fc6702119e4f5b8ba9eae3021aea5265jim SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
fc42512879dd0504532f52fe5d0d0383dda96a1eniq *) mod_proxy: Support environment variable interpolation in reverse
fc42512879dd0504532f52fe5d0d0383dda96a1eniq proxying directives. [Nick Kew]
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq *) core: Add the filename of the configuration file to the warning message
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq about the useless use of AllowOverride. PR 39992.
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc [Darryl Miles <darryl darrylmiles.org>]
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
06b8f183140c8e02e0974e938a05078b511d1603covener The default is none as this is far greater debugging resolution than
06b8f183140c8e02e0974e938a05078b511d1603covener the typical administrator is prepared to untangle. [William Rowe]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem *) mod_disk_cache: If possible, check if the size of an object to cache is
259878293a997ff49f5ddfc53d3739cbdc25444ecovener within the configured boundaries before actually saving data.
259878293a997ff49f5ddfc53d3739cbdc25444ecovener [Niklas Edmundsson <nikke acc.umu.se>]
259878293a997ff49f5ddfc53d3739cbdc25444ecovener *) mod_cache: Convert all values to seconds before comparing them when
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem checking whether to send a Warning header for a stale response.
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin PR 39713. [Owen Taylor <otaylor redhat.com>]
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
65967d05f839dbf27cf91d91fa79585eeae19660minfrin final name. [Davi Arnaut <davi haxent.com.br>]
65967d05f839dbf27cf91d91fa79585eeae19660minfrin *) Worker and event MPMs: Remove improper scoreboard updates which were
65967d05f839dbf27cf91d91fa79585eeae19660minfrin performed in the event of a fork() failure. [Chris Darroch]
8152945ae46857b170cb227e79bb799f4fc7710dminfrin *) Add support for fcgi:// proxies to mod_rewrite.
8152945ae46857b170cb227e79bb799f4fc7710dminfrin [Markus Schiegl <ms schiegl.com>]
75f5c2db254c0167a0e396254460de09b775d203trawick *) Remove incorrect comments from scoreboard.h regarding conditional
75f5c2db254c0167a0e396254460de09b775d203trawick loading of worker_score structure with mod_status, and remove unused
75f5c2db254c0167a0e396254460de09b775d203trawick definitions relating to old life_status field.
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph [Chris Darroch <chrisd pearsoncmg.com>]
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph *) Remove allocation of memory for unused array of lb_score pointers
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick [Garrett Rooney, Jim Jagielski, Paul Querna]
54d750a84a175d8e338880514d440773eb986b50covener *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
54d750a84a175d8e338880514d440773eb986b50covener [Chris Darroch <chrisd pearsoncmg.com>]
54d750a84a175d8e338880514d440773eb986b50covener *) mod_charset_lite: Remove Content-Length when output filter can
54d750a84a175d8e338880514d440773eb986b50covener invalidate it. Warn when input filter can invalidate it.
54d750a84a175d8e338880514d440773eb986b50covener [Jeff Trawick]
7a3aa12f0eda24793ee26d6a179bd53132e9dae8covener *) Authz: Add the new module mod_authn_core that will provide common
54d750a84a175d8e338880514d440773eb986b50covener authn directives such as 'AuthType', 'AuthName'. Move the directives
54d750a84a175d8e338880514d440773eb986b50covener 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
83b50288fa7d306324bba68832011ea08f5c7832covener into mod_authn_core. [Brad Nicholes]
83b50288fa7d306324bba68832011ea08f5c7832covener *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick into the new module mod_access_compat which can be loaded to provide
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick support for these directives.
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick [Brad Nicholes]
2e15620d724fb8e3a5be183b917359a2fd6e9468covener *) Authz: Move the 'Require' directive from the core module as well as
2e15620d724fb8e3a5be183b917359a2fd6e9468covener add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
2e15620d724fb8e3a5be183b917359a2fd6e9468covener and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener logic into the authorization processing. [Brad Nicholes]
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener *) Authz: Add the new module mod_authz_core which acts as the
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener authorization provider vector and contains common authz
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener directives. [Brad Nicholes]
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
179565be4043d7e5f9161aa75271fa0a001866d9covener host-based access control provided by mod_authz_host and invoked
179565be4043d7e5f9161aa75271fa0a001866d9covener through the 'Require' directive. [Brad Nicholes]
111436a32ba1254291e4883292fb116d15fe8f64covener *) Authz: Convert all of the authz modules from hook based to
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener provider based. [Brad Nicholes]
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener *) mod_cache: Add CacheMinExpire directive to set the minimum time in
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener seconds to cache a document.
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz *) Fix typo in ProxyStatus syntax error message.
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza *) Asynchronous write completion for the Event MPM. [Brian Pane]
efe780dcf13b2b95effabf897d694d8f23feac74trawick *) Added an End-Of-Request bucket type. The logging of a request and
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin the freeing of its pool are now done when the EOR bucket is destroyed.
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin This has the effect of delaying the logging until right after the last
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin of the response is sent; ap_core_output_filter() calls the access logger
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza indirectly when it destroys the EOR bucket. [Brian Pane]
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza *) Rewrite of logresolve support utility: IPv6 addresses are now supported
ba050a6f942b9fa0e81ed73437588005c569655ccovener and the format of statistical output has changed. [Colm MacCarthaigh]
ba050a6f942b9fa0e81ed73437588005c569655ccovener *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
135ddda3a989215d2bedbcf1529bfb269c3eda23niq *) Added new connection states for handler and write completion
135ddda3a989215d2bedbcf1529bfb269c3eda23niq [Brian Pane]
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh [Justin Erenkrantz]
efe780dcf13b2b95effabf897d694d8f23feac74trawick *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
793214f67dede32edfd9ee96c664ead04d175cbbjfclere allowing string-valued client certificate attributes to be used for
cc5a4a08dc9783fcbc52ce86f11e01c281a43810minfrin access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener [Martin Kraemer, David Reid]
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener [Apache 2.1.0-dev includes those bug fixes and changes with the
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza Apache 2.2.xx tree as documented, and except as noted, below.]
249d09d51808cb7981af99762c3b3736ca126cd5jkaluzaChanges with Apache 2.2.x and later:
56589be3d7a3e9343370df240010c6928cc78b39jkaluza *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
56589be3d7a3e9343370df240010c6928cc78b39jkaluzaChanges with Apache 2.0.x and later:
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletcChanges with Apache 1.3.x and later: