CHANGES revision 50c06405bc48121db2913925549407fd3e79bced
ee9c9500ab13c1093fc3feaf2aa5a0d330d0bfadKay Sievers -*- coding: utf-8 -*-
ee9c9500ab13c1093fc3feaf2aa5a0d330d0bfadKay SieversChanges with Apache 2.3.0
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt [Remove entries to the current 2.0 and 2.2 section below, when backported]
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
cff452c7e974db5053cdbd0d7bbbab2e3b4c91b9Kay Sievers *) mod_authnz_ldap: Add an AuthLDAPRemoteUserAttribute directive. If
7c66aeba0f28cb82027d6015405ed71afa3b6059Kay Sievers set, REMOTE_USER will be set to this attribute, rather than the
7c66aeba0f28cb82027d6015405ed71afa3b6059Kay Sievers username supplied by the user. Useful for example when you want users
c904f64d84db8c4eebedf210ba10893f19ba05edLennart Poettering to log in using an email address, but need to supply a userid instead
c904f64d84db8c4eebedf210ba10893f19ba05edLennart Poettering to the backend. [Graham Leggett]
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers *) Allow mod_dumpio to log at other than DEBUG levels via
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers the new DumpIOLogLevel directive. [Jim Jagielski]
a40593a0d0d740efa387e35411e1e456a6c5aba7Lennart Poettering *) mod_disk_cache: Implement read-while-caching.
20ffc4c4a9226b0e45cc02ad9c0108981626c0bbKay Sievers [Niklas Edmundsson <nikke acc.umu.se>]
ea92ae33e0fbbf8a98cd2e08ca5a850d83d57faeMaciej Wereski *) mod_disk_cache: NULL fd pointers when closing them, fix missing
ea92ae33e0fbbf8a98cd2e08ca5a850d83d57faeMaciej Wereski close/flush, remove some unneccessary code duplication instead
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek of calling the right helper in replace_brigade_with_cache().
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek [Niklas Edmundsson <nikke acc.umu.se>]
04ac799283f517672a5424e7c5bf066cfa4ca020Zbigniew Jędrzejewski-Szmek *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers the first bucket from the brigade, finds it not to be a FILE
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering bucket and barfs. The fix is to pass a bucket rather than a brigade.
dc7adf202b82fc0054c457ce6ca3bcedb88dde57Lennart Poettering [Niklas Edmundsson <nikke acc.umu.se>]
81d112a8f0522a09fcfe317f420363a2b728137cLennart Poettering *) mod_disk_cache: Do away with the write-to-file-then-move-in-place
81d112a8f0522a09fcfe317f420363a2b728137cLennart Poettering mentality. [Niklas Edmundsson <nikke acc.umu.se>]
55d32caf94d8df547ca763be52b0c35bb6388606Lennart Poettering *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
55d32caf94d8df547ca763be52b0c35bb6388606Lennart Poettering *) Fix issue which could cause piped loggers to be orphaned and never
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering terminate after a graceful restart. PR 40651. [Joe Orton,
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering Ruediger Pluem]
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering *) mod_headers: support regexp-based editing of HTTP headers [Nick Kew]
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering *) mod_cache: Eliminate a bogus error in the log when a filter returns
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering AP_FILTER_ERROR. [Niklas Edmundsson <nikke acc.umu.se>]
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering *) mod_disk_cache: Make caching of large files possible on 32bit machines
bafb15bab99887d1b6b8a35136531bac6c3876a6Lennart Poettering by determining whether the cached file should be copied on disk rather
049b4474b35d0b854f87b0795a5113665413f6a4Lennart Poettering than loaded into RAM. PR39380 [Niklas Edmundsson <nikke acc.umu.se>]
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering *) mod_mem_cache: Convert mod_mem_cache to use APR memory pool functions
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering by creating a root pool for object persistence across requests. This
d16bd0556127962e0dc19f2b049edb09f354bedbLennart Poettering also eliminates the need for custom serialization code.
d16bd0556127962e0dc19f2b049edb09f354bedbLennart Poettering [Davi Arnaut <davi haxent.com.br>]
ced4d06784dbb19666688947901961f949f2aa6dLennart Poettering *) mod_mem_cache: Memory leak fix: Unconditionally free the buffer.
ced4d06784dbb19666688947901961f949f2aa6dLennart Poettering [Davi Arnaut <davi haxent.com.br>]
4ba93280223ceb5de1bcedb196c38252f334521aLennart Poettering *) mod_proxy_balancer: Set the new environment variable BALANCER_ROUTE_CHANGED
a427c13d26d08195f96679bde6753796f0e0b54aDavid Strauss if a worker with a route different from the one supplied by the client
a427c13d26d08195f96679bde6753796f0e0b54aDavid Strauss had been chosen or if the client supplied no routing information for
a427c13d26d08195f96679bde6753796f0e0b54aDavid Strauss a balancer with sticky sessions. [Ruediger Pluem]
a427c13d26d08195f96679bde6753796f0e0b54aDavid Strauss *) mod_proxy: Print the correct error message for erroneous configured
ae25936d0f92472bd3365627b1d87fec9d322a98David Strauss ProxyPass directives. PR 40439. [serai lans-tv.com]
c20fd707a2b8c75166096544ee6f1538505e40a9Lennart Poettering *) Allow htcacheclean, httxt2dbm, and fcgistarter to link apr/apr-util
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering statically like the older support programs.
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering [Eric Covener <covener gmail.com>]
416446221d905b6815175dc4d525d27f8ae43d1bLennart Poettering *) ap_get_server_version() has been removed. Third-party modules must
9db76355212de5eb7985829d352183d3bdfb56d5Lennart Poettering now use ap_get_server_banner() or ap_get_server_description().
9db76355212de5eb7985829d352183d3bdfb56d5Lennart Poettering [Jeff Trawick]
7f79cd7109a60810140a045cc725291fc5515264Lennart Poettering *) mod_proxy_balancer: Extract stickysession routing information contained as
0b926f194aa117519bfc89a12ee6f01ffeeccc21Lennart Poettering parameter in the URL correctly. PR 40400.
0b926f194aa117519bfc89a12ee6f01ffeeccc21Lennart Poettering [Ruediger Pluem, Tomokazu Harada <harada sysrdc.ns-sol.co.jp>]
baa89da40a1d42242c9c62603501ada7e9e52613Lennart Poettering *) mod_deflate: Rework inflate output and deflate output filter to fix several
360e09ea9ad3a8e84e1729ebd2967ab8f7348170Lennart Poettering issues: Incorrect handling of flush buckets, potential memory leaks,
360e09ea9ad3a8e84e1729ebd2967ab8f7348170Lennart Poettering excessive memory usage in inflate output filter for large compressed
7f79cd7109a60810140a045cc725291fc5515264Lennart Poettering content. PR 39854. [Ruediger Pluem, Nick Kew, Justin Erenkrantz]
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt *) All MPMs: Introduce a check_config phase between pre_config and
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt open_logs, to allow modules to review interdependent configuration
df5f6971e6e15b4632884916c71daa076c8bae96Lennart Poettering directive values and adjust them while messages can still be logged
df5f6971e6e15b4632884916c71daa076c8bae96Lennart Poettering to the console. Handle relevant MPM directives during this phase
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt and format messages for both the console and the error log, as
982e44dbc3e70c97e83464a30354b80973d52b41Lennart Poettering appropriate. [Chris Darroch]
982e44dbc3e70c97e83464a30354b80973d52b41Lennart Poettering *) mod_proxy: Don't try to use dead backend connection. PR 37770.
fcba531ed4c6e6f8f21d8ca4e3a56e3162b1c578Lennart Poettering [Olivier BOEL <ob dorrboel.com>]
7b617155b50fdaad5d06359eb03e98f0c7b3087bLennart Poettering *) mod_proxy: don't URLencode tilde in path component
7b617155b50fdaad5d06359eb03e98f0c7b3087bLennart Poettering [Stijn Hoop <stijn sandcat.nl>]
38563c1947e34b71bf5557f2cd22fb7806c60077Lennart Poettering *) mpm_winnt: Fix return values from wait_for_many_objects.
94bbc9915a4272a20feda86c5f97b8a587482aa1Lennart Poettering The return value is index to the signaled thread in the
94bbc9915a4272a20feda86c5f97b8a587482aa1Lennart Poettering creted_threads array. We can not use WAIT_TIMEOUT because
07beec1244817a0e6e9d79798f7c65bd89b23549Lennart Poettering his value is defined as 258, thus limiting the MaxThreads
07beec1244817a0e6e9d79798f7c65bd89b23549Lennart Poettering to that value. [Mladen Turk]
5a4555ba6bc8ea086823fb71cb1cb92d4ec087a2Lennart Poettering *) SECURITY: CVE-2006-3747 (cve.mitre.org)
afaba0234727db6a82e323665d7d86f971f3090cLennart Poettering mod_rewrite: Fix an off-by-one security problem in the ldap scheme
afaba0234727db6a82e323665d7d86f971f3090cLennart Poettering handling. For some RewriteRules this could lead to a pointer being
4c4ae27d4d314d0dc1c42cd6bfc7b9ae31660885Lennart Poettering written out of bounds. Reported by Mark Dowd of McAfee.
408f281bc7d65c86563f46e99e07efd1a1d9e03aLennart Poettering *) mod_cache: While serving a cached entity ensure that filters that have
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt been applied to this cached entity before saving it to the cache are not
e1b7e7ec9b34ae6ae54a4c8084395cbf2bfe9960Lennart Poettering applied again. PR 40090. [Ruediger Pluem]
6aaa8c2f783cd1b3ac27c5ce40625d032e7e3d71Zbigniew Jędrzejewski-Szmek *) mod_proxy_ajp: Added cping/cpong support for the AJP protocol.
c3bb87dbab8b79bb9253407cb5b7f3e6fe8db395Lennart Poettering A new worker directive ping=timeout will cause CPING packet
e7256c5c137e58fb3dc1ebca8e5845733a5f733cLennart Poettering to be send expecting CPONG packet within defined timeout.
e7256c5c137e58fb3dc1ebca8e5845733a5f733cLennart Poettering In case the backend is too busy this will fail instead
042e33ae3a7feb08c8105f1345fd244315109405Lennart Poettering sending the full header. [Mladen Turk]
e1b7e7ec9b34ae6ae54a4c8084395cbf2bfe9960Lennart Poettering *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
18d4e7c26e7806ac363d19989df7144d5058ce41Lennart Poettering to circumvent the symbolic link checks imposed by FollowSymLinks and
36c0868b67a9387d39c97983d3d22cfce0fedc62Lennart Poettering SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt *) mod_proxy: Support environment variable interpolation in reverse
fa7deadb074dfbe473cf3bd942768dbd94cbf7c3Lennart Poettering proxying directives. [Nick Kew]
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek *) core: Add the filename of the configuration file to the warning message
c5757cc8dbcddb3e8b13ebba4ea4b36589bfd3dbLennart Poettering about the useless use of AllowOverride. PR 39992.
c5757cc8dbcddb3e8b13ebba4ea4b36589bfd3dbLennart Poettering [Darryl Miles <darryl darrylmiles.org>]
c5757cc8dbcddb3e8b13ebba4ea4b36589bfd3dbLennart Poettering *) mod_proxy_balancer: Add information about the route, the sticky session
d907c2086716681936755f28ac80b3445c6d0196Lennart Poettering and the worker used during a request as environment variables. PR 39806.
d907c2086716681936755f28ac80b3445c6d0196Lennart Poettering [Brian <brectanu gmail.com>]
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering The default is none as this is far greater debugging resolution than
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering the typical administrator is prepared to untangle. [William Rowe]
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering *) mod_disk_cache: If possible, check if the size of an object to cache is
bdeeb6b543a2a2d0a494f17b85f1498859cdfc2fLennart Poettering within the configured boundaries before actually saving data.
fb6becb4436ae4078337011b2017ce294e7361cfLennart Poettering [Niklas Edmundsson <nikke acc.umu.se>]
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt *) mod_cache: Convert all values to seconds before comparing them when
6c12b52e19640747e96f89d85422941a23dc6b29Lennart Poettering checking whether to send a Warning header for a stale response.
11ddb6f48e367ae4b51c31d199b28f5be041a301Lennart Poettering PR 39713. [Owen Taylor <otaylor redhat.com>]
7041efe9600e569da6089c36d00fa3ff58e33178Lennart Poettering *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
7041efe9600e569da6089c36d00fa3ff58e33178Lennart Poettering final name. [Davi Arnaut <davi haxent.com.br>]
b42defe3b8ed3947d85db654a6cdb1b9999f394dLennart Poettering *) Worker and event MPMs: Remove improper scoreboard updates which were
4ad490007b70e6ac18d3cb04fa2ed92eba1451faLennart Poettering performed in the event of a fork() failure. [Chris Darroch]
9444b1f20e311f073864d81e913bd4f32fe95cfdLennart Poettering *) Add support for fcgi:// proxies to mod_rewrite.
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek [Markus Schiegl <ms schiegl.com>]
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers *) Remove incorrect comments from scoreboard.h regarding conditional
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers loading of worker_score structure with mod_status, and remove unused
9444b1f20e311f073864d81e913bd4f32fe95cfdLennart Poettering definitions relating to old life_status field.
a016b9228f338cb9b380ce7e00826ef462767d98Lennart Poettering [Chris Darroch <chrisd pearsoncmg.com>]
a016b9228f338cb9b380ce7e00826ef462767d98Lennart Poettering *) Remove allocation of memory for unused array of lb_score pointers
1f263d4dc23b9807ac6138eb5014d3d94c5fe51aLennart Poettering in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
1f263d4dc23b9807ac6138eb5014d3d94c5fe51aLennart Poettering [Garrett Rooney, Jim Jagielski, Paul Querna]
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
a65f06bb27688a6738f2f94b7f055f4c66768d63Zbigniew Jędrzejewski-Szmek [Chris Darroch <chrisd pearsoncmg.com>]
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering *) mod_charset_lite: Remove Content-Length when output filter can
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering invalidate it. Warn when input filter can invalidate it.
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering [Jeff Trawick]
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering *) mod_ssl: Fix spurious hostname mismatch warning for valid
4e09014daf8f98584b3f15e64e93bed232e70a6bLennart Poettering wildcard certificates. PR 37911. [Nick Burch <nick torchbox.com>]
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering *) Authz: Add the new module mod_authn_core that will provide common
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering authn directives such as 'AuthType', 'AuthName'. Move the directives
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering into mod_authn_core. [Brad Nicholes]
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering *) Authz: Mark the directives 'Order', 'Allow', 'Deny' and 'Satisfy' as
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering deprecated and move them into the new module mod_access_compat which
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering can be loaded to provide backwards compatibility for these directives.
e4ee6e5cc3e8e23e1ecc0d9fa756d9cc2534d218Lennart Poettering [Brad Nicholes]
86312ab8de59c1066d6d2b456f3a9106ce3e0991Lennart Poettering *) Authz: Move the 'Require' directive from the core module as well as
07459db69f3c48ef4d69308faa14f457bd903bcfLennart Poettering add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
86312ab8de59c1066d6d2b456f3a9106ce3e0991Lennart Poettering and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
86312ab8de59c1066d6d2b456f3a9106ce3e0991Lennart Poettering logic into the authorization processing. [Brad Nicholes]
eb01ba5de14859d7a94835ab9299de40132d549aLennart Poettering *) Authz: Add the new module mod_authz_core which acts as the
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering authorization provider vector and contains common authz
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering directives. [Brad Nicholes]
154ff088d371bee5651eaa2bc9bde8a34c185656Lennart Poettering *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
7e853a9b9a858edbc24e6c85d134478cec840173Lennart Poettering 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
7e853a9b9a858edbc24e6c85d134478cec840173Lennart Poettering *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
7e853a9b9a858edbc24e6c85d134478cec840173Lennart Poettering host-based access control provided by mod_authz_host and invoked
7e853a9b9a858edbc24e6c85d134478cec840173Lennart Poettering through the 'Require' directive. [Brad Nicholes]
d686f034c3b9021e07faefe172ee660abd952871Lennart Poettering *) Authz: Convert all of the authz modules from hook based to
d686f034c3b9021e07faefe172ee660abd952871Lennart Poettering provider based. [Brad Nicholes]
19aa7c4fef4a3f1dfc6d9980574ca220a6a40a71Lennart Poettering *) mod_cache: Add CacheMinExpire directive to set the minimum time in
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek seconds to cache a document.
e8a7a315391a6a07897122725cd707f4e9ce63d7Lennart Poettering [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
461bd8e47cafacfcd38389e7558330bfb6e902adLennart Poettering *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering *) Fix typo in ProxyStatus syntax error message.
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering *) Asynchronous write completion for the Event MPM. [Brian Pane]
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering *) Added an End-Of-Request bucket type. The logging of a request and
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering the freeing of its pool are now done when the EOR bucket is destroyed.
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering This has the effect of delaying the logging until right after the last
ab8e074ce25b9947314c69e17afe1bd2527ee26dLennart Poettering of the response is sent; ap_core_output_filter() calls the access logger
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering indirectly when it destroys the EOR bucket. [Brian Pane]
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering *) Rewrite of logresolve support utility: IPv6 addresses are now supported
b454b11220e87add6d0f011695c7912b009c853dLennart Poettering and the format of statistical output has changed. [Colm MacCarthaigh]
755123030a4b4c82251b49155aa0e7f523081558Harald Hoyer *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
4ff49cb63075aba646b578f2516b37a8dfd5a65bLennart Poettering *) Added new connection states for handler and write completion
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
fff87a35d9e26c0d4ea41273a963c0eb20e18da4Zbigniew Jędrzejewski-Szmek [Justin Erenkrantz]
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
b8b4d3dddc7611dce3bf28004b0375d661120c62Lennart Poettering allowing string-valued client certificate attributes to be used for
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart Poettering access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart Poettering [Martin Kraemer, David Reid]
3df82d5a8cdc510f518fd5e234ccb3233b748719Lennart PoetteringChanges with Apache 2.2.4
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering *) mod_cache: From RFC3986 (section 6.2.3.) if a URI contains an
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering authority component and an empty path, the empty path is to be equivalent
b5c03638d48c07aa0eaf13b5f54000c7133e1883Lennart Poettering to "/". It explicitly cites the following four URIs as equivalents:
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering [Davi Arnaut <davi haxent.com.br>]
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering *) mod_cache: Don't cache requests with a expires date in the past;
356ce9915ab1a4a1e6dc26954df34936a69e7c12Lennart Poettering otherwise mod_cache will always try to cache the URL. This bug
3b953d68c628c6ae70adba871719ac0f16083b51Josh Triplett might lead to numerous rename() errors on win32 if the URL was
3b953d68c628c6ae70adba871719ac0f16083b51Josh Triplett previously cached. [Davi Arnaut <davi haxent.com.br>]
3b953d68c628c6ae70adba871719ac0f16083b51Josh Triplett *) mod_disk_cache: Make sure that only positive integers are accepted
3b953d68c628c6ae70adba871719ac0f16083b51Josh Triplett for the CacheMaxFileSize and CacheMinFileSize parameters in the
09f727eebd87661f263d3c2c1e0de7b7771acd40Lennart Poettering config file. PR39380 [Niklas Edmundsson <nikke acc.umu.se>]
09f727eebd87661f263d3c2c1e0de7b7771acd40Lennart Poettering *) core: Deal with the widespread use of apr_status_t return values
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering as HTTP status codes, as documented in PR#31759 (a bug shared by
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering the default handler, mod_cgi, mod_cgid, mod_proxy, and probably
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering others). [Jeff Trawick, Ruediger Pluem, Joe Orton]
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering *) mod_ext_filter: Handle filter names which include capital letters.
795607b22308f5b92073b012e43be1892fdd97c0Lennart Poettering PR 40323. [Jeff Trawick]
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering *) mod_isapi: Avoid double trailing slashes in HSE_REQ_MAP_URL_TO_PATH
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering support. Also corrects the slashes for Windows. PR 15993. [William Rowe]
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering *) mod_isapi: Handle "HTTP/1.1 200 OK" style status lines correctly, the
0be8342c04bbf129b4a21e5073eacccbbce4e896Lennart Poettering token parser worked while the resulting length was misinterpreted.
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek PR 29098 [Brock Bland <bbland serena.com>]
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering *) mod_isapi: Return 0 (failure) for more of the various ap_pass_brigade
54c31a79f72ff57ac8eba089acacc4ab482b745dLennart Poettering attempts to stream the response at the client. PR 30022 [William Rowe]
826872b61e4857dfffe63ba84e2b005623baecd6Lennart Poettering *) mod_isapi: Ensure we walk through all the methods the developer may have
54c31a79f72ff57ac8eba089acacc4ab482b745dLennart Poettering employed to report their HTTP status result code.
826872b61e4857dfffe63ba84e2b005623baecd6Lennart Poettering PR 16637 30033 28089 [Matt Lewandowsky <matt iamcode.net>, William Rowe]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_echo: Fix precedence problem in if statement. PR 40658.
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek [Larry Cipriani <lvc lucent.com>]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_mime_magic: Fix precedence problem in if statement. PR 40656.
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering [Larry Cipriani <lvc lucent.com>]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) The full server version information is now included in the error log at
69af45035913e7119cffd94c542bd3039600e45dZbigniew Jędrzejewski-Szmek startup as well as server status reports, irrespective of the setting
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering of the ServerTokens directive. ap_get_server_version() is now
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering deprecated, and is replaced by ap_get_server_banner() and
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering ap_get_server_description(). [Jeff Trawick]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_proxy_balancer: Workers can now be defined as part of
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering a balancer cluster "set" in which members of a lower-numbered set
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering are preferred over higher numbered ones. [Jim Jagielski]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_proxy_balancer: Workers can now be defined as "hot standby" which
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering will only be used if all other workers are unusable (eg: in
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering error or disabled). Also, the balancer-manager displays the election
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering count and I/O counts of all workers. [Jim Jagielski]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_proxy_ajp: Close connection to backend if reading of request body
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering fails. PR 40310. [Ian Abel <ianabel mxtelecom.com>]
cbb7712189527f9f483321607e44c4ead3dd11b8Lennart Poettering *) mod_proxy_balancer: Retry worker chosen by route / redirect worker if
cbb7712189527f9f483321607e44c4ead3dd11b8Lennart Poettering it is in error state before sending "Service Temporarily Unavailable".
d01a73b6396f57792113c1b5df6e8492fc703e5eLennart Poettering PR 38962. [Christian Boitel <cboitel lfdj.com>]
f8aeee1f1fe432924b355f48f01f09c9a552ed97Lennart PoetteringChanges with Apache 2.2.3
f8aeee1f1fe432924b355f48f01f09c9a552ed97Lennart Poettering *) mod_authn_alias: Add a check to make sure that the base provider and the
f8aeee1f1fe432924b355f48f01f09c9a552ed97Lennart Poettering alias names are different and also that the alias has not been registered
f8aeee1f1fe432924b355f48f01f09c9a552ed97Lennart Poettering before. PR 40051. [Brad Nicholes]
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering *) mod_authnz_ldap: Fix a problem with invalid auth error detection for LDAP
81d112a8f0522a09fcfe317f420363a2b728137cLennart Poettering client SDKs that don't support the LDAP_SECURITY_ERROR macro. PR 39529.
490b7e47093d491a2bdb1084fe92b796f4e07eefLennart Poettering [Ray Price <dohrayme yahoo.com>, Josh Fenlason <jfenlason ptc.com>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_cache: Do not overwrite the Content-Type in the cache, for
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering successfully revalidated cached objects. PR 39647. [Ruediger Pluem]
466784c8710e5cb0e0b86a16506d992d7ec5b619Kay Sievers *) mod_speling: Add directive to deal with case corrections only
e41814846c19a48f4490169d82e359e005c4db45Lennart Poettering and ignore other misspellings [Olivier Thereaux <ot w3.org>]
e9fd44b728ff1fc0d1f24fccb87a767f6865df27Lennart Poettering *) mod_dbd: Fix dependence on virtualhost configuration in
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering defining prepared statements (possible segfault at startup
e9fd44b728ff1fc0d1f24fccb87a767f6865df27Lennart Poettering in user modules such as mod_authn_dbd). [Nick Kew]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Add optional 'scheme://' prefix to ServerName directive,
3040728b6691ea2e9df3a2060e2d49a792bbaedaLennart Poettering allowing correct determination of the canonical server URL
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering for use behind a proxy or offload device handling SSL; fixing
8ed206517c2be381324ac5832bf34cc14024270eLennart Poettering redirect generation in those cases. PR 33398. [Sander Temme]
e6c6e7afffa80ad74efdb1ddfa815294624f1608Lennart Poettering *) Added server_scheme field to server_rec for above. Minor MMN bump.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Sander Temme]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_cache: Make caching of reverse SSL proxies possible again. PR 39593.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Ruediger Pluem, Joe Orton]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Worker MPM: On graceless shutdown or restart, send signals to
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering each worker thread to wake them up if they're polling on a
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering Keep-Alive connection. PR 38737. [Chris Darroch]
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering *) worker and event MPMs: fix excessive forking if fork() or child_init
e5ec62c56963d997edaffa904af5dc45dac23988Lennart Poettering take a long time. PR 39275.
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering [Greg Ames, Jeff Trawick, Chris Darroch <chrisd pearsoncmg.com> ]
e673ad0415d89c322e5b1a121e411f1b1d8075c0Lennart Poettering *) configure: Add "--with-included-apr" flag to force use of the
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering bundled version of APR at build time. [Joe Orton]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Respect GracefulShutdownTimeout in the worker and event MPMs.
b87b8b2b5205c0584da220f73322ea4732d44013Kay Sievers [Chris Darroch, Garrett Rooney]
b87b8b2b5205c0584da220f73322ea4732d44013Kay Sievers *) mod_mem_cache: Set content type correctly when delivering data from
c06bf414042cd1bf94e0af63e9e2a0c291bfc546Kay Sievers cache. PR 39266. [Ruediger Pluem]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_autoindex: Fix filename escaping with FancyIndexing disabled.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 38910. [Robby Griffin <rmg terc.edu>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_charset_lite: Bypass translation when the source and dest charsets
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering are the same. [Jeff Trawick]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart PoetteringChanges with Apache 2.2.2
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_deflate: Allow mod_deflate to handle internal redirects.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Brian J. France <list firehawksystems.com>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_proxy_balancer: Initialize members of a balancer correctly.
f47ec8ebb3858553dec870e1c596e39525f46360Lennart Poettering PR 38227. [James A. Robinson <jim.robinson stanford.edu>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_proxy: Do not release connections from connection pool twice.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 38793. [Ruediger Pluem, matthias <mk-asf gigacodes.de>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) core: Prevent reading uninitialized memory while reading a line of
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering protocol input. PR 39282. [Davi Arnaut <davi haxent.com.br>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_dbd: Update defaults, improve error reporting.
f47ec8ebb3858553dec870e1c596e39525f46360Lennart Poettering [Chris Darroch <chrisd pearsoncmg com>, Nick Kew]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_dbd: Create own pool and mutex to avoid problem use of
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering process pool in request processing.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Chris Darroch <chrisd pearsoncmg com>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) HTML-escape the Expect error message. Not classed as security as
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering an attacker has no way to influence the Expect header a victim will
601d9d6fb394a780765e80581daab850623e9698Josh Triplett send to a target site. Reported by Thiago Zaninotti
601d9d6fb394a780765e80581daab850623e9698Josh Triplett <thiango nstalker.com>. [Mark Cox]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) htdbm: Fix crash processing -d option in 64-bit mode on HP-UX.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Jeff Trawick]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) htdbm: Warn the user when adding a plaintext password on a platform
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering where it wouldn't work with the server (i.e., anywhere that has
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering crypt()). [Jeff Trawick]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_proxy: don't reuse a connection that may be to the wrong backend
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 39253 [Ruediger Pluem]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Default handler: Don't return output filter apr_status_t values.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 31759. [Jeff Trawick, Ruediger Pluem, Joe Orton]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart PoetteringChanges with Apache 2.2.1
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) SECURITY: CVE-2005-3357 (cve.mitre.org)
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering mod_ssl: Fix a possible crash during access control checks if a
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering non-SSL request is processed for an SSL vhost (such as the
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering "HTTP request received on SSL port" error message when an 400
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering ErrorDocument is configured, or if using "SSLEngine optional").
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 37791. [Rüdiger Plüm, Joe Orton]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) SECURITY: CVE-2005-3352 (cve.mitre.org)
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering mod_imagemap: Escape untrusted referer header before outputting
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering in HTML to avoid potential cross-site scripting. Change also
8b04b925e587ff56568c62ff5ad3f2ea2b34ca7aLennart Poettering made to ap_escape_html so we escape quotes. Reported by JPCERT.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_proxy_ajp: Flushing of the output after each AJP chunk is now
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering configurable at runtime via the 'flushpackets' and 'flushwait' worker
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering params. Minor MMN bump. [Jim Jagielski]
90e071d1d59be05fcba66561439c3ca67c80ee20Lennart Poettering *) mod_proxy: Fix incorrect usage of local and shared worker init.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering PR 38403. [Jim Jagielski]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_isapi: Fix compiler errors on Unix platforms.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [William Rowe]
90e071d1d59be05fcba66561439c3ca67c80ee20Lennart Poettering *) mod_proxy_http: Send HTTP Keep-Alive Headers. PR 38524.
90e071d1d59be05fcba66561439c3ca67c80ee20Lennart Poettering [Rüdiger Plüm, Joe Orton]
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers *) mod_disk_cache: Return the correct error codes from bucket read
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers failures, instead of APR_EGENERAL.
f6113d42d015ad9f3a9e702a09eb8006511a4424Kay Sievers *) Add APR/APR-Util Compiled and Runtime Version numbers to the
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers output of 'httpd -V'. [William Rowe]
d2e83c23f5f0cdd3b6ec05c5c40209708721e704Kay Sievers *) http: If a connection is aborted while waiting for a chunked line,
c55b1b59b837dfd924b704d457ed77c55f8bfeabLennart Poettering flag the connection as errored out. [Justin Erenkrantz]
59704f3e937c664f7324bfbb08483c358dfbc4c6Lennart Poettering *) core: Reject invalid Expect header immediately. PR 38123.
59704f3e937c664f7324bfbb08483c358dfbc4c6Lennart Poettering [Ruediger Pluem]
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering *) mod_proxy: Fix KeepAlives not being allowed and set to
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering backend servers. PR 38602. [Ruediger Pluem, Jim Jagielski]
7f8732835295fce29479b1afc9e8ee801852db09Lennart Poettering *) mod_proxy: If we get an error reading the upstream response,
7f8732835295fce29479b1afc9e8ee801852db09Lennart Poettering close the connection. [Justin Erenkrantz, Roy T. Fielding,
7f8732835295fce29479b1afc9e8ee801852db09Lennart Poettering Jim Jagielski, Ruediger Pluem]
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering *) mod_proxy_ajp: Support common headers of the AJP protocol in responses.
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering PR 38340. [Aleksey Pesternikov <apesternikov yahoo.com>]
a19554ed92a7460b4e709cc40c558cde827ab85bLennart Poettering *) mod_proxy_balancer: Do not overwrite the status of initialized workers and
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering respect the configured status of uninitilized workers when creating a new
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering child process. [Ruediger Pluem]
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering *) mod_proxy_ajp: Crosscheck the length of the body chunk with the length of
1cb88f2c61f590083847d65cd5a518e834da87d3Lennart Poettering the ajp message to prevent mod_proxy_ajp from reading beyond the buffer
603cd8fe07cb03e8b11722d1a732e569e5a46347Lennart Poettering boundaries and thus revealing possibly sensitive memory contents to the
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering client. [Ruediger Pluem]
6d0274f11547a0f11200bb82bf598a5a253e12cfLennart Poettering *) Ensure that the proper status line is written to the client, fixing
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering incorrect status lines caused by filters which modify r->status without
a7a3f28be404875eff20443a0fa8088bcc4c18dfLennart Poettering resetting r->status_line, such as the built-in byterange filter.
9b27910bb0c23e5225fc1177176e4f9bf9bf787bLennart Poettering [Jeff Trawick]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_speling: Stop crashing with certain non-file requests. [Jeff Trawick]
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers *) mod_cache: Make caching of reverse proxies possible again. PR 38017.
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers [Ruediger Pluem]
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers *) Modify apr[util] .h detection to avoid breakage on VPATH builds
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers using Solaris make (amoung others) and avoid breakage in ./buildconf
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers when srclib/apr[-util] are symlinks rather than directories proper.
7d8197d1f25c1291855bb6cffc705444978c6d8dKay Sievers [William Rowe]
9ee58bddeb6eb044753167e0047fe836479ca5dbKay Sievers *) Chunk filter: Fix chunk filter to create correct chunks in the case that
dcfc4b2e5c1af6375488c00bdc6fb8122f86c4d7Lennart Poettering a flush bucket is surrounded by data buckets. [Ruediger Pluem]
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering *) Fix syntax error in httpd.h with strict compilers. PR 38740.
71ef24d09573874c0f7bc323c07c3aec2a458707Lennart Poettering [Per Olausson <pao darkheim.freeserve.co.uk>]
1b89884ba31cbe98f159ce2c7d6fac5f6a57698fLennart Poettering *) Preserve the Content-Length header for a proxied HEAD response.
1b89884ba31cbe98f159ce2c7d6fac5f6a57698fLennart Poettering PR 18757. [Greg Ames]
1920e37ef9fec04a1fd882f66bfa7a9a5b91c536Lennart Poettering *) Fix recursive ErrorDocument handling. PR 36090.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Chris Darroch <chrisd pearsoncmg.com>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Don't hang on error return from post_read_request. PR37790 [Nick Kew]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Fix off-by-one error in proxy_balancer. PR37753
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Kazuhiro Osawa <ko yappo ne jp>]
eb124a97fb72d076014253b1acde69d428f15ecfLennart PoetteringChanges with Apache 2.2.0
eb124a97fb72d076014253b1acde69d428f15ecfLennart Poettering *) mod_negotiation: Minor performance tweak by reusing already calculated
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering [Ruediger Pluem, Christophe Jaillet <christophe.jaillet wanadoo.fr>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Remove support for 'On' and 'Off' for AuthBasicProvider and
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering AuthDigestProvider. [Joshua Slive, Justin Erenkrantz]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Add in new UseCanonicalPhysicalPort directive, which controls
5f1dac6bf605871615b35891a3966fa474db5b20Lennart Poettering whether or not Apache will ever use the actual physical port
f801968466fed39d50d410b30ac828c26722cc95Lennart Poettering when constructing the canonical port number. [Jim Jagielski]
de34a42bcad31f0648ac0f249801310e0dbf83f9Lennart Poettering *) mod_dav: Fix a null pointer dereference in an error code path during the
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering handling of MKCOL.
41f9172f427bdbb8221c64029f78364b8dd4e527Lennart Poettering [Ruediger Pluem, Ghassan Misherghi <ghassanm ucdavis.edu>]
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering *) Fix DESTDIR=... installation when using bundled copy of APR.
424a19f8a2061c6b058283228734010b2fa24db4Lennart Poettering [Torsten Foertsch <torsten.foertsch gmx.net>]
a1cccad1fe88ddd6943e18af97cf7f466296970fLennart Poettering *) mod_proxy_balancer: When finding best worker, use case insensitive
8556879e0d14925ce897875c6c264368e2d048c2Lennart Poettering match for scheme and host, but case sensitive for the rest of
d05c556b6b2a680ec8b51ecbbc99a9ab14c28eedZbigniew Jędrzejewski-Szmek the path. [Jim Jagielski, Ruediger Pluem]
8556879e0d14925ce897875c6c264368e2d048c2Lennart PoetteringChanges with Apache 2.1.9
4a30847b9d71e0381948d68279c8f775b9de7850Lennart Poettering *) Add mod_authn_dbd (SQL-based authentication) [Nick Kew]
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering *) mod_proxy_ajp: Do not spool the entire response from AJP backend before
5e8b28838e493b59628322b69580097ef7dd9384Lennart Poettering sending it up the filter chain. PR37100. [Ruediger Pluem]
d87be9b0af81a6e07d4fb3028e45c4409100dc26Lennart Poettering *) mod_cache: Create new filters CACHE_OUT_SUBREQ / CACHE_SAVE_SUBREQ which
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering only differ by the type from CACHE_OUT / CACHE_SAVE to ensure that
38a60d7112d33ffd596b23e8df53d75a7c09e71bLennart Poettering subrequests to non local resources work again. [Ruediger Pluem]
d8b78264a5245307babbf5af8e39d6d4a1ae095fLennart Poettering *) mod_proxy: Do not lowercase the entire worker name of a BalancerMember
7560fffcd2531786b9c1ca657667a43e90331326Lennart Poettering since this breaks case sensitive URI's. PR36906. [Ruediger Pluem]
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering *) core: AddOutputFilterByType is ignored for proxied requests. PR31226.
0790b9fed42eefc4e22dbbe2337cba9713b7848cLennart Poettering [Joe Orton, Ruediger Pluem]
5a7e959984788cf89719dec31999409b63bb802bLennart Poettering *) mod_proxy_http: Prevent data corruption of POST request bodies when
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering client accesses proxied resources with SSL. PR37145.
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering [Ruediger Pluem, William Rowe]
68f160039eb78fe122cfe0d4c49695ae91f6f0d1Lennart Poettering *) mod_proxy_balancer: BalancerManager and proxies correctly handle
edca2e2348b314e2d892fe6f8ae276fdc223f014Thomas Hindoe Paaboel Andersen member workers with paths. PR36816. [Ruediger Pluem, Jim Jagielski]
0790b9fed42eefc4e22dbbe2337cba9713b7848cLennart Poettering *) mod_log_config: %{hextid}P will log the thread id in hex with APR
918943c75fbd9dee87ff396de3a7c63a8d228433Lennart Poettering versions 1.2.0 or higher. [Jeff Trawick]
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering *) httpd.exe/apachectl -V: display the DYNAMIC_MODULE_LIMIT setting, as
fd4d89b2c0b31da01d134301e30916931ae3c7d9Lennart Poettering in 1.3. [Jeff Trawick]
8230e26dc954a40d8c9dbc8ddd9376117021f9d2Lennart Poettering *) Support dbd connections tied to the conn_rec [Nick Kew]
4d9909c93e9c58789c71b34555a1908307c6849eLennart Poettering *) Move mod_dbd to /modules/database/ [Nick Kew]
47ae7201b1df43bd3da83a19e38483b0e5694c99Lennart Poettering *) Move mod_filter and mod_charset_lite to /modules/filters/ [Nick Kew]
8351ceaea9480d9c2979aa2ff0f4982cfdfef58dLennart Poettering *) Fix mod_dbd's config [Brian J. France <list firehawksystems.com>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_proxy_ajp: mod_proxy_ajp sends empty SSL attributes for non SSL
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering connections. PR36883.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [William Barker <william.barker wilshire.com>, Ruediger Pluem]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) Elimiated the NET_TIME filter, restructuring the timeout logic.
c66d36e5b5ae81f3c5297d6dacadc13c88c530f6Lennart Poettering This provides a working mod_echo on all platforms, and ensures any
be0aa78406c73a6625308dc0672b5ff27ec6f9a8Lennart Poettering custom protocol module is at least given an initial timeout value
be0aa78406c73a6625308dc0672b5ff27ec6f9a8Lennart Poettering based on the <VirtualHost > context's Timeout directive.
9946996cda11a18b44d82344676e5a0e96339408Lennart Poettering [William Rowe]
9946996cda11a18b44d82344676e5a0e96339408Lennart Poettering *) mod_proxy: Run the request_status hook also if there are no free workers
3471bedc005fab03f40b99bf6599645330adcd9eLennart Poettering or all workers are in error state.
3471bedc005fab03f40b99bf6599645330adcd9eLennart Poettering [Ruediger Pluem, Brian Akins <brian.akins turner.com>]
35eb6b124ebdf82bd77aad6e44962a9a039c4d33Lennart Poettering *) mod_proxy_balancer: mod_proxy_balancer does not handle sticky sessions
5b40d33761376354116a8cddb9b9fbdb6c4727d6Lennart Poettering with tomcat correctly. PR36507. [Ruediger Pluem]
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers *) mod_proxy_connect: Fix high CPU loop on systems like UnixWare which
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers trigger POLL_ERR or POLL_HUP on a terminated connection. PR 36951.
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers [Jeff Trawick, Ruediger Pluem]
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers *) SECURITY: CVE-2005-2970 (cve.mitre.org)
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers worker MPM: Fix a memory leak which can occur after an aborted
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers connection in some limited circumstances. [Greg Ames]
d3a3f22267a7dac426b07a7ed0baa1632f5daf04Kay Sievers *) Doxygen fixup [Neale Ranns <neale ranns.org>, Ian Holsman]
465349c06d994dd2cc6b6fc4109ac0b9952d500aLennart Poettering *) mod_cache/mod_dir: Correct a subrequest lookup bug which was preventing
06dab8e18aebf822392c7ca66c5bf3c1200fdec8Lennart Poettering mod_dir from serving indexes correctly with mod_cache enabled.
06dab8e18aebf822392c7ca66c5bf3c1200fdec8Lennart Poettering [Colm MacCarthaigh]
a888b352eb53b07daa24fa859ceeb254336b293dLennart PoetteringChanges with Apache 2.1.8
3f60bcb5e69846fe8a3156ca1c9a7e0813ac158aKay Sievers *) Fix lingering close implementation to match 1.3.x behaviour.
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers PR 35292. [Joe Orton]
abd55b16547d0bb0ed1c31e72e16838f0f59f48bKay Sievers *) mod_ssl: Support limited buffering of request bodies to allow
b8217b7bd5fd171916a095b150fad4c3a37f5a41Kay Sievers per-location renegotiation to proceed. PR 12355. [Joe Orton]
068665b6fd9839f27bcace7e8f56c0baa6935272Lennart Poettering *) Fix regression since 2.0.x in AllowOverride Options handling.
169c4f65131fbc7bcb51e7d5487a715cdcd0e0ebLennart Poettering PR 35330. [kabe <kabe sra-tohoku.co.jp>]
bd08f2422491169e92dc0899d5ba848fcae4c15cLennart Poettering *) mod_ssl: Fix memory leak in ssl_util_algotypeof().
bd08f2422491169e92dc0899d5ba848fcae4c15cLennart Poettering PR 25659. [David Blake <dblake hp com>, Martin Kraemer]
fb0864e7b9c6d26269ccea6ec5c0fd921c029781Lennart Poettering *) prefork, worker and event MPMs: Support a graceful-stop procedure:
9586cdfab6a2638078702b7fea7e16b3a71899e2Lennart Poettering Server will wait until existing requests are finished or until
9586cdfab6a2638078702b7fea7e16b3a71899e2Lennart Poettering "GracefulShutdownTimeout" number of seconds before exiting.
7f110ff9b8828b477e87de7b28c708cf69a3d008Lennart Poettering [Colm MacCarthaigh, Ken Coar, Bill Stoddard]
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering *) prefork, worker and event MPMs: Prevent children from holding open
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering listening ports upon graceful restart or stop. PR 28167.
d0e5a33374cee92962af33dfc03873e470b014f6Lennart Poettering [Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering *) SECURITY: CVE-2005-2700 (cve.mitre.org)
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering mod_ssl: Fix a security issue where "SSLVerifyClient" was not
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering enforced in per-location context if "SSLVerifyClient optional"
87a8baa35d6d65ac3b58ae8e26e338e67f8ae8edLennart Poettering was configured in the vhost configuration. [Joe Orton]
65c0cf7108ae3537a357c74b4586a783baba82f9Lennart Poettering *) mod_ssl: Catch parse errors from misconfigured or malformed
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers CRLs. PR 36438. [Joe Orton]
f957632b960a0a42999b38ded7089fa602b41745Kay Sievers *) mod_proxy/mod_proxy_balancer: lbmethods now implemented as
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering providers. Prevent problems when no Vhost containers were
ad740100d108282d0244d5739d4dcc86fe4c5fdeLennart Poettering configured with proxy balancers. [Jim Jagielski]
7d441ddb5ca090b5a97f58ac4b4d97b3e84fa81eLennart Poettering *) New provider function to list all available provider names in a
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering specific group and version (ap_list_provider_names). [Jim Jagielski]
ff01d048b4c1455241c894cf7982662c9d28fd34Lennart Poettering *) mod_cache: Enhance CacheEnable/CacheDisable to control caching on a
ff01d048b4c1455241c894cf7982662c9d28fd34Lennart Poettering per-protocol, per-host and per-path basis. Intended for proxy
d3c7d7dd77b2b72315164b672462825cef6c0f9aKay Sievers configurations. [Colm MacCarthaigh]
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering *) mod_disk_cache: Canonicalise the storage key, for improved hit/miss
1d6702e8d3877c0bebf3ac817dc45ff72f5ecfa9Lennart Poettering ratio. [Colm MacCarthaigh]
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering *) mod_cgid: Append .PID to the script socket filename and remove the
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering script socket on exit. [Colm MacCarthaigh, Jim Jagielski]
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering *) mod_cgid: run the get_suexec_identity hook within the request-handler
1258097cd3cdbc5dd3d264850119e553a29c5068Lennart Poettering instead of within cgid. PR 36410. [Colm MacCarthaigh]
a4c279f87451186b8beb1b8cc21c7cad561ecf4bLennart Poettering *) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
7c697168102cb64c5cb65a542959684014da99c7Lennart Poettering of SIGUSR1 clashing with graceful restart signal. [Colm MacCarthaigh]
71092d70af35567dd154d3de2ce04ce62e157a7cLennart PoetteringChanges with Apache 2.1.7
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering *) SECURITY: CVE-2005-2491 (cve.mitre.org):
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering Fix integer overflows in PCRE in quantifier parsing which could
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering be triggered by a local user through use of a carefully-crafted
f28f1daf754a9a07de90e6fc4ada581bf5de677dLennart Poettering regex in an .htaccess file. [Philip Hazel]
a012ab5293a28af93454b3105ca85ca148b1c11fDave Reisner *) mod_proxy/mod_proxy_balancer: Provide a simple, functional
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering interface to add additional balancer lb selection methods
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering without requiring code changes to mod_proxy/mod_proxy_balancer;
88a07670cfa974a605c7c7b520b8a3135fce37f9Lennart Poettering these can be implemented via sub-modules now. [Jim Jagielski]
916abb21d0a6653e0187b91591e492026886b0a4Lennart Poettering *) mod_cache: Fix incorrectly served 304 responses when expired cache
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering entity is valid, but cache is unwritable and headers cannot be
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering updated. [Colm MacCarthaigh <colm stdlib.net>]
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering *) mod_cache: Remove entities from the cache when re-validation
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering receives a 404 or other content-no-longer-present error.
b44be3ecf6326c27aa2c6c6d1fe34e22e22592a0Lennart Poettering [Rüdiger Plüm ruediger.pluem vodafone.com]
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering *) mod_disk_cache: Properly remove files from cache when needed.
21bdae12e11ae20460715475d8a0c991f15464acLennart Poettering [Rüdiger Plüm ruediger.pluem vodafone.com]
9534ce54858c67363b841cdbdc315140437bfdb4Lennart Poettering *) mod_disk_cache: Support htcacheclean removing directories.
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering [Andreas Steinmetz]
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering *) htcacheclean: Add -t option to remove empty directories.
68c7d001f4117f0c3d0a4582e32cbb03ae5fac57Lennart Poettering [Colm MacCarthaigh <colm stdlib.net>]
253ee27a0c7a410d27d490bb79ea97caed6a2b68Lennart Poettering *) Remove the base href tag from mod_proxy_ftp, as it breaks relative
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering links for clients not using an Authorization header. [Graham Leggett,
5d0fcd7c8d29340ac9425c309e8ac436a9af699cLennart Poettering Jon Snow <jsnow27 gatesec.net>]
f530371f1f85a070d7d0fb5112146a43533ae00bLennart Poettering *) mod_cache: Restore the HTTP status of cached responses.
e707c49485b8f4f2ec040d3da232d39153e650b9Lennart Poettering [Hansjoerg Pehofer <hansjoerg.pehofer uibk.ac.at>]
a73d88fa024b5668ed7dde681e99547d41e6a864Lennart Poettering *) mod_cache: Store varied contents all in the same prefix for a varied URI.
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_cache: Run the CACHE_SAVE and CACHE_OUT Filters after other content
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering filters. [Paul Querna]
3679d1126bae52e02f6cd60fca196f616b9e660dLennart Poettering *) mod_negotiation: Correctly report 404 instead of 403 for missing files.
44143309dd0b37d61d7d842ca58f01a65646ec71Kay Sievers *) new hook (request_status) that gets ran in proxy_handler just before
3d57c6ab801f4437f12948e29589e3d00c3ad9dbLennart Poettering the final return. This gives modules an opportunity to do something
71092d70af35567dd154d3de2ce04ce62e157a7cLennart Poettering based on the proxy status. (minor MMN bump)
3f7a8c4e9f1d3ce48919e24eb2c9d56dd6fd88d8Kay Sievers [Brian Akins <bakins turner.com>, Ian Holsman]
2791a8f8dc8764a9247cdba3562bd4c04010f144Lennart Poettering *) Add additional SSLSessionCache option, 'nonenotnull', which is
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering similar to 'none' (disabling any external shared cache) but forces