CHANGES revision 54d750a84a175d8e338880514d440773eb986b50
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.5.0
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic *) mod_proxy_wstunnel: Avoid sending error responses down an upgraded
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic websockets connection as it is being close down. [Eric Covener]
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic
1337c7673efc1f80f634139fbad7cbb98a0dc657ylavic *) mod_proxy_wstunnel: Allow the administrator to cap the amount
4da61833a1cbbca94094f9653fd970582b97a72etrawick of time a synchronous websockets connection stays idle with
4da61833a1cbbca94094f9653fd970582b97a72etrawick ProxyWebsocketIdleTimeout. [Eric Covener]
4da61833a1cbbca94094f9653fd970582b97a72etrawick
4da61833a1cbbca94094f9653fd970582b97a72etrawick *) mod_proxy_wstunnel: Change to opt-in for asynchronous support, adding
4da61833a1cbbca94094f9653fd970582b97a72etrawick directives ProxyWebsocketAsynch and ProxyWebsocketAsynchDelay.
4789804be088bcd86ae637a29cdb7fda25169521jailletc [Eric Covener]
4789804be088bcd86ae637a29cdb7fda25169521jailletc
4789804be088bcd86ae637a29cdb7fda25169521jailletc *) mod_proxy_wstunnel: Stop leaking websockets backend connections under
4789804be088bcd86ae637a29cdb7fda25169521jailletc event MPMi (trunk-only). [Eric Covener]
e50c3026198fd496f183cda4c32a202925476778covener
e50c3026198fd496f183cda4c32a202925476778covener *) mod_proxy_wstunnel: Don't issue AH02447 and log a 500 on routine
e50c3026198fd496f183cda4c32a202925476778covener hangups from websockets origin servers. PR 56299
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin [Yann Ylavic, Edward Lu <Chaosed0 gmail com>, Eric Covener]
5b88c8507d5ef6d0c4cfbc78230294968175b638minfrin
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic *) mod_proxy_wstunnel: Don't pool backend websockets connections,
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic because we need to handshake every time. PR 55890.
6c3b9cebb551140fbb25d58bae08b539b3802133ylavic [Eric Covener]
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic
4f29b65ab4b547ad5dbe506e2d0ff5d12ead9247ylavic *) mod_proxy_http: Add detach_backend hook (potentially usable
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic in other proxy scheme handlers). [Jeff Trawick]
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic *) mod_deflate: Add DeflateAlterETag to control how the ETag
0a0df13b7f1f4f1a74fe295253d89ca3911b301aylavic is modified. The 'NoChange' parameter mimics 2.2.x behavior.
69301145375a889e7e37caf7cc7321ac0f91801erpluem PR 45023, PR 39727. [Eric Covener]
69301145375a889e7e37caf7cc7321ac0f91801erpluem
69301145375a889e7e37caf7cc7321ac0f91801erpluem *) mod_ssl: fix merging of global and vhost-level settings with the
506bfe33206b2fece40ef25f695af39dd4130facjkaluza SSLCertificateFile, SSLCertificateKeyFile, and SSLOpenSSLConfCmd
506bfe33206b2fece40ef25f695af39dd4130facjkaluza directives. PR 56353. [Kaspar Brand]
506bfe33206b2fece40ef25f695af39dd4130facjkaluza
506bfe33206b2fece40ef25f695af39dd4130facjkaluza *) mod_ssl: avoid processing bogus SSLCertificateKeyFile values
d58a848a016d401b965111e50ef829e1641f7834minfrin (and logging garbled file names). PR 56306. [Kaspar Brand]
d58a848a016d401b965111e50ef829e1641f7834minfrin
d58a848a016d401b965111e50ef829e1641f7834minfrin *) mod_proxy_fcgi: Fix sending of response without some HTTP headers
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf that might be set by filters. [Jim Riggs <jim riggs.me>]
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf
2e6f4d654c96c98b761fb012fd25c5d5b1558c44sf *) mod_rewrite: Add 'BNF' (backreferences-no-plus) flag to RewriteRule to
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic allow spaces in backreferences to be encoded as %20 instead of '+'.
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic [Eric Covener]
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic *) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
17e6c95f3b22d18acdf8380fb26a8d0e10c80767ylavic no longer send warning-level unrecognized_name(112) alerts,
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic and limit startup warnings to cases where an OpenSSL version
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic without TLS extension support is used. PR 56241. [Kaspar Brand]
e8bd80a4bb88199d2f9a24a50345688e52d9c116ylavic
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) mod_proxy_html: Do not delete the wrong data from HTML code when a
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic "http-equiv" meta tag specifies a Content-Type behind any other
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic "http-equiv" meta tag. PR 56287 [Micha Lenk <micha lenk info>]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic *) mod_expires: don't add Expires header to error responses (4xx/5xx),
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic be they generated or forwarded. PR 55669. [ Yann Ylavic ]
330e16bea8fe9cace4de90c349750c03dfb1fe64ylavic
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) mod_rewrite: Support an optional list of characters to escape in the
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener argument for the 'B' (escape backreferences) flag. [Eric Covener]
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener *) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
d7205b1a86c51c27b71a2c458dc453fd53a261c1covener OCSP requests should use a nonce to be checked against the responder's
44ff304057225e944e220e981d434a046d14cf06covener one. PR 56233. [ Yann Ylavic ]
44ff304057225e944e220e981d434a046d14cf06covener
44ff304057225e944e220e981d434a046d14cf06covener *) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
44ff304057225e944e220e981d434a046d14cf06covener under the Event MPM. PR56216. [Frank Meier <frank meier ergon ch>]
5d1ba75b8794925e67591c209085a49279791de9covener
5d1ba75b8794925e67591c209085a49279791de9covener *) mod_lua: Add r:wspeek for checking if there is any data waiting on the line
5d1ba75b8794925e67591c209085a49279791de9covener [Daniel Gruno]
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand *) mod_proxy: Do not try to parse the regular expressions passed by
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand ProxyPassMatch as URL as they do not follow their syntax.
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand PR 56074. [Ruediger Pluem]
caad2986f81ab263f7af41467dd622dc9add17f3ylavic
caad2986f81ab263f7af41467dd622dc9add17f3ylavic *) mod_dir: Default to 2.2-like behavior and skip execution when method is
caad2986f81ab263f7af41467dd622dc9add17f3ylavic neither GET nor POST, such as for DAV requests. PR 54914. [Chris Darroch]
caad2986f81ab263f7af41467dd622dc9add17f3ylavic
45a10d38e6051fd7bdf9d742aaae633d97ff02abjailletc *) mod_rewrite: Rename the handler that does per-directory internal
f7317ff316c2b141feea31bddb74d5d3fa1584edjorton redirects to "rewrite-redirect-handler" from "redirect-handler" so
f7317ff316c2b141feea31bddb74d5d3fa1584edjorton it is less ambiguous and less likely to be reused. [Eric Covener]
2165214331e4afafca4048f66f303d0253d7b001covener
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem *) mod_rewrite: Protect against looping with the [N] flag by enforcing a
a34684a59b60a4173c25035d0c627ef17e6dc215rpluem default limit of 10000 iterations, and allowing each rule to change its
1e2d421a36999d292042a5539971070d54aa6c63ylavic limit. [Eric Covener]
1e2d421a36999d292042a5539971070d54aa6c63ylavic
1e2d421a36999d292042a5539971070d54aa6c63ylavic *) mod_ssl: Fix config merging of SSLOCSPEnable and SSLOCSPOverrideResponder.
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh [Jeff Trawick]
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh
fa7ed98b9dc94c5845cf845aea0a44ecacd290c9humbedooh *) Add HttpContentLengthHeadZero and HttpExpectStrict directives.
0b67eb8568cd58bb77082703951679b42cf098actrawick [Yehuda Sadeh <yehuda inktank com>, Justin Erenkrantz]
0b67eb8568cd58bb77082703951679b42cf098actrawick
0b67eb8568cd58bb77082703951679b42cf098actrawick *) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
0b67eb8568cd58bb77082703951679b42cf098actrawick 5+ instead of just for FreeBSD 5. PR 53824. [Jeff Trawick]
5ef3c61605a3a021ff71f488983cb0065f8e1a79covener
fb1985a97912b25ec6564c73e610a31e5fc6e25fcovener *) mod_auth_form: Add a debug message when the fields on a form are not
09c87c777bed1655621bb20e1c46cb6b1a63279dcovener recognised. [Graham Leggett]
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic
6502b7b32f980cc2093bb3ebce37e5e4dc68fba4ylavic *) mod_ssl: Add -t -DDUMP_CA_CERTS option which dumps the filenames of all
3060ce7f798fbda7999cd4ddf89b525d2b294185covener configured SSL CA certificates to stdout the same way as DUMP_CERTS does.
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic [Jan Kaluza]
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic
c1a63b8fad09c419c1a64f75993feb8a343a6801ylavic *) mod_headers: Allow the "value" parameter of Header and RequestHeader to
e6b4bd1113567627ab6bb6c6a7105e1e01a7d889jailletc contain an ap_expr expression if prefixed with "expr=". [Eric Covener]
e6b4bd1113567627ab6bb6c6a7105e1e01a7d889jailletc
e466c40e1801982602ee0200c9e8b61cc148742djailletc *) Add suspend_connection and resume_connection hooks to notify modules
e466c40e1801982602ee0200c9e8b61cc148742djailletc when the thread/connection relationship changes. (Currently implemented
457468b82e59d01eba00dd9d0817309c8f5e414ejim only for the Event MPM; should be implemented for all async MPMs.)
457468b82e59d01eba00dd9d0817309c8f5e414ejim [Jeff Trawick]
457468b82e59d01eba00dd9d0817309c8f5e414ejim
04983e3bd1754764eec7d6bb772fe3b0bf391771jorton *) mod_ssl: Don't flush when an EOS is received. Prepares mod_ssl
04983e3bd1754764eec7d6bb772fe3b0bf391771jorton to support write completion. [Graham Leggett]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem
15660979a30d251681463de2e0584853890082accovener *) core: Add parse_errorlog_arg callback to ap_errorlog_provider
15660979a30d251681463de2e0584853890082accovener to allow providers to check the ErrorLog argument. [Jan Kaluza]
49dacedb6c387b786b7911082ff35121a45f414bcovener
49dacedb6c387b786b7911082ff35121a45f414bcovener *) mod_cgid: Use the servers Timeout for each read from a CGI script,
cfd9415521847b2f9394fad04fb701cfb955f503rjung allow override with new CGIDRequestTimeout directive. PR43494
cfd9415521847b2f9394fad04fb701cfb955f503rjung [Eric Covener, Toshikuni Fukaya <toshikuni-fukaya cybozu co jp>]
cfd9415521847b2f9394fad04fb701cfb955f503rjung
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe *) core: Add missing Reason-Phrase in HTTP response headers.
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe PR 54946. [Rainer Jung]
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe *) core: ensure any abnormal exit is reported to stderr if it's a tty.
28c31fb73c1264bd1d0ff932573677030b024c7dwrowe PR 55670 [Nick Kew]
8491e0600f69b0405e156ea8a419653c065c645bcovener
63b9f1f5880391261705f696d7d65507bbe9ace3covener *) mod_auth_form: Make sure the optional functions are loaded even when
63b9f1f5880391261705f696d7d65507bbe9ace3covener the AuthFormProvider isn't specified. [Graham Leggett]
63b9f1f5880391261705f696d7d65507bbe9ace3covener
49dacedb6c387b786b7911082ff35121a45f414bcovener *) mod_lua: Let the Inter-VM get/set functions work with a global
49dacedb6c387b786b7911082ff35121a45f414bcovener shared memory pool instead of a per-process pool. [Daniel Gruno]
49dacedb6c387b786b7911082ff35121a45f414bcovener
49dacedb6c387b786b7911082ff35121a45f414bcovener *) ldap: Support ldaps when using the Microsoft LDAP SDK.
3c990331fc6702119e4f5b8ba9eae3021aea5265jim PR 54626. [Jean-Frederic Clere]
3c990331fc6702119e4f5b8ba9eae3021aea5265jim
3c990331fc6702119e4f5b8ba9eae3021aea5265jim *) mod_proxy: Add ap_connection_reusable() for checking if a connection
3c990331fc6702119e4f5b8ba9eae3021aea5265jim is reusable as of this point in processing. [Jeff Trawick]
fc42512879dd0504532f52fe5d0d0383dda96a1eniq
fc42512879dd0504532f52fe5d0d0383dda96a1eniq *) mod_authnz_ldap: Change default value of AuthLDAPMaxSubGroupDepth to 0
fc42512879dd0504532f52fe5d0d0383dda96a1eniq to avoid performance problems when subgroups aren't in use. [Eric Covener]
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq *) mod_syslog: New module implementing syslog ap_error_log provider.
0451df5dc50fa5d8b3e07d92ee6a92e36a1181a5niq Previously, this code was part of core, now it's in separate module.
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc [Jan Kaluza]
983528026996668ea295be95aedb9c7a346af470ylavic
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc *) core: Add ap_errorlog_provider to make ErrorLog logging modular. Move
da0442c0440caef34706e2c2f3af05cb65921cc0jailletc syslog support from core to new mod_syslog. [Jan Kaluza]
06b8f183140c8e02e0974e938a05078b511d1603covener
06b8f183140c8e02e0974e938a05078b511d1603covener *) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
06b8f183140c8e02e0974e938a05078b511d1603covener save the socket for reuse by the next worker as if it were an
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener]
259878293a997ff49f5ddfc53d3739cbdc25444ecovener
259878293a997ff49f5ddfc53d3739cbdc25444ecovener *) mod_status, mod_echo: Fix the display of client addresses.
259878293a997ff49f5ddfc53d3739cbdc25444ecovener They were truncated to 31 characters which is not enough for IPv6 addresses.
259878293a997ff49f5ddfc53d3739cbdc25444ecovener PR 54848 [Bernhard Schmidt <berni birkenwald de>]
15890c9306ba98f6fc243e15a3c4778ddc7d773erpluem
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin *) mod_authnz_fcgi: New module to enable FastCGI authorizer
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin applications to authenticate and/or authorize clients.
b54b024c06a19926832d77d40ba35ad8c41e4d3dminfrin [Jeff Trawick]
65967d05f839dbf27cf91d91fa79585eeae19660minfrin
65967d05f839dbf27cf91d91fa79585eeae19660minfrin *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
65967d05f839dbf27cf91d91fa79585eeae19660minfrin [Jeff Trawick]
65967d05f839dbf27cf91d91fa79585eeae19660minfrin
8152945ae46857b170cb227e79bb799f4fc7710dminfrin *) mod_unique_id: Use output of the PRNG rather than IP address and
8152945ae46857b170cb227e79bb799f4fc7710dminfrin pid, avoiding sleep() call and possible DNS issues at startup,
8152945ae46857b170cb227e79bb799f4fc7710dminfrin plus improving randomness for IPv6-only hosts.
8152945ae46857b170cb227e79bb799f4fc7710dminfrin [Jan Kaluza <jkaluza redhat.com>]
75f5c2db254c0167a0e396254460de09b775d203trawick
75f5c2db254c0167a0e396254460de09b775d203trawick *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
75f5c2db254c0167a0e396254460de09b775d203trawick filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph filter "none" to be specified in AuthLDAPURL. [Eric Covener]
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph
4f0358189bfa57b8e75bd6b94db264302a8f336amrumph *) mod_file_cache: mod_file_cache should be able to serve files that
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick *) core: merge AllowEncodedSlashes from the base configuration into
5716f9c6daa92dde5f2f9d11ed63f7c9549c223atrawick virtual hosts. [Eric Covener]
54d750a84a175d8e338880514d440773eb986b50covener
54d750a84a175d8e338880514d440773eb986b50covener *) AIX: Install DSO's with "cp" instead of "install" in instdso.sh
54d750a84a175d8e338880514d440773eb986b50covener [Eric Covener]
54d750a84a175d8e338880514d440773eb986b50covener
54d750a84a175d8e338880514d440773eb986b50covener *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
54d750a84a175d8e338880514d440773eb986b50covener [Eric Covener]
54d750a84a175d8e338880514d440773eb986b50covener
54d750a84a175d8e338880514d440773eb986b50covener *) mod_deflate: permit compilation of mod_deflate against a zlib that has
7a3aa12f0eda24793ee26d6a179bd53132e9dae8covener been configured with -D Z_PREFIX, which redefines the token "deflate".
54d750a84a175d8e338880514d440773eb986b50covener [Eric Covener]
54d750a84a175d8e338880514d440773eb986b50covener
83b50288fa7d306324bba68832011ea08f5c7832covener *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
4e30ef014533a7e93c92d88306291f5e49c9692ftrawick previously limited to 64MB. [Jens Låås <jelaas gmail.com>]
83b50288fa7d306324bba68832011ea08f5c7832covener
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick *) mod_auth_digest: Use the secret when generating nonces in all cases and
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick not only when AuthName is used in .htaccess files (this change may cause
5f066f496cd9f20a2a701255bc67d44e7cb46daetrawick problems if used with round robin load balancers). Don't regenerate the
2e15620d724fb8e3a5be183b917359a2fd6e9468covener secret on graceful restarts. PR 54637 [Stefan Fritsch]
2e15620d724fb8e3a5be183b917359a2fd6e9468covener
2e15620d724fb8e3a5be183b917359a2fd6e9468covener *) core: Remove apr_brigade_flatten(), buffering and duplicated code
2e15620d724fb8e3a5be183b917359a2fd6e9468covener from the HTTP_IN filter, parse chunks in a single pass with zero copy.
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener Reduce memory usage by 48 bytes per request. [Graham Leggett]
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener *) core: Stop the HTTP_IN filter from attempting to write error buckets
1b988c41ee505962781d110a3e4c2c90f1ea0aa4covener to the output filters, which is bogus in the proxy case. Create a
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener clean mapping from APR codes to HTTP status codes, and use it where
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener needed. [Graham Leggett]
b8efdc95bec9cf089aa1be0bfd07d46aa1137a7acovener
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd *) mod_proxy: Ensure network errors detected by the proxy are returned as
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
f06e7c4b1bce6b6491e5de0b7998d3f5696b293dchrisd compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
179565be4043d7e5f9161aa75271fa0a001866d9covener
179565be4043d7e5f9161aa75271fa0a001866d9covener *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
179565be4043d7e5f9161aa75271fa0a001866d9covener [Basant Kumar Kukreja <basant.kukreja sun.com>, Alejandro Alvarez
111436a32ba1254291e4883292fb116d15fe8f64covener <alejandro.alvarez.ayllon cern.ch>]
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener *) core, mod_ssl: Enable the ability for a module to reverse the sense of
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener a poll event from a read to a write or vice versa. This is a step on
fce4949fb0b309a5744afcd503c6ed2d35621ee2covener the way to allow mod_ssl taking full advantage of the event MPM.
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick [Graham Leggett]
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick
7b7430e701e9a31ce809da7c220bb8dfcf68c86etrawick *) mod_ldap: LDAP connections used for authentication were not respecting
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz LDAPConnectionPoolTimeout. PR 54587
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz
ccc20788c1e5fc973f36df634399c89acb70deaejerenkrantz *) core: ap_rgetline_core now pulls from r->proto_input_filters.
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza *) mod_proxy_html: process parsed comments immediately.
273e512f20f262e5e2aa8e0e83371d1929fb76adjkaluza Fixes bug where parsed comments may be lost. [Nick Kew]
efe780dcf13b2b95effabf897d694d8f23feac74trawick
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin
fe83f60b41477b14a37edcfcd1f7f5c5a1ebfe44minfrin *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza HTML/XHTML [Nick Kew]
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza
993d1261a278d7322bccef219101220b7b4fb8c5jkaluza *) core: Add option to add valgrind support. Use it to reduce false positive
ba050a6f942b9fa0e81ed73437588005c569655ccovener warnings in mod_ssl. [Stefan Fritsch]
ba050a6f942b9fa0e81ed73437588005c569655ccovener
ba050a6f942b9fa0e81ed73437588005c569655ccovener *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
ba050a6f942b9fa0e81ed73437588005c569655ccovener Cache the result of the most recent password hash verification for every
135ddda3a989215d2bedbcf1529bfb269c3eda23niq keep-alive connection. This saves some expensive calculations.
135ddda3a989215d2bedbcf1529bfb269c3eda23niq [Stefan Fritsch]
135ddda3a989215d2bedbcf1529bfb269c3eda23niq
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh *) http: Remove support for Request-Range header sent by Navigator 2-3 and
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh MSIE 3. [Stefan Fritsch]
001a44c352f89c9ec332ffd3e0a6927dcd19432chumbedooh
efe780dcf13b2b95effabf897d694d8f23feac74trawick *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
793214f67dede32edfd9ee96c664ead04d175cbbjfclere conformance or to only log the found problems. [Stefan Fritsch]
cc5a4a08dc9783fcbc52ce86f11e01c281a43810minfrin
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener *) core: Correctly parse an IPv6 literal host specification in an absolute
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener URL in the request line. [Stefan Fritsch]
9b0076ddd1103e5fa9c1f9bafde4b06ce244fbaecovener
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza *) EventOpt MPM
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza *) core: Add LogLevelOverride directive that allows to override the
249d09d51808cb7981af99762c3b3736ca126cd5jkaluza loglevel for clients from certain IPs. This also works for things
56589be3d7a3e9343370df240010c6928cc78b39jkaluza like the SSL handshake where <If> LogLevel ... </If> is evaluated
56589be3d7a3e9343370df240010c6928cc78b39jkaluza too late. [Stefan Fritsch]
56589be3d7a3e9343370df240010c6928cc78b39jkaluza
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc *) core: Add new directive Warning to issue warnings from a configuration
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc file. Both Warning and Error now generate a timestamped log message.
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc [Fabien Coelho]
77ca16c5676da23155311e13cee61e7eaba9fa3ejailletc
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick variables. [Stefan Fritsch]
f87299dab99bc04b51a6b8cad51b6795db862c0atrawick
4d12805e6c18253040223ea637acd6b3b3c18f60jorton *) core: New directive RegisterHttpMethod for registering non-standard
4d12805e6c18253040223ea637acd6b3b3c18f60jorton HTTP methods. [Stefan Fritsch]
4d12805e6c18253040223ea637acd6b3b3c18f60jorton
85eacfc96a04547ef25aabbc06440039715084c2jorton *) core: New directive HttpProtocol which allows to disable HTTP/0.9
85eacfc96a04547ef25aabbc06440039715084c2jorton support. [Stefan Fritsch]
e5d909f2b06bd880fb3675cd49363df981caa631trawick
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener *) mod_allowhandlers: New module to forbid specific handlers for specific
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener directories. [Stefan Fritsch]
a4df2cd1e1391575a327c2a90ba4315f805a0a78covener
cb666b29f81df1d11d65002250153353568021fccovener *) mod_systemd: New module, for integration with systemd on Linux.
cb666b29f81df1d11d65002250153353568021fccovener [Jan Kaluza <jkaluza redhat.com>]
cb666b29f81df1d11d65002250153353568021fccovener
6a80c3c6f4b8ea7ba5e89402b8b779b09ce020e0covener *) WinNT MPM: Store pid and generation for each thread in scoreboard
1c2cab00d988fc48cbe59032cf76cc0bab20d6f7covener to allow tracking of threads from exiting children via mod_status
6a80c3c6f4b8ea7ba5e89402b8b779b09ce020e0covener or other such mechanisms. [Jeff Trawick]
75a230a728338d84dcfe81edd375352f34de22d0covener
75a230a728338d84dcfe81edd375352f34de22d0covener *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
75a230a728338d84dcfe81edd375352f34de22d0covener - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener mutexes (Mutex)
1f50dc34ae069adeed20b2986e5ffdefa5c410e0covener - mod_cache: thundering herd lock directory
63a5ea80bddcc84a462e40f402b4f330e0e05411covener - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
63a5ea80bddcc84a462e40f402b4f330e0e05411covener - mod_ldap: shared memory cache
63a5ea80bddcc84a462e40f402b4f330e0e05411covener - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
63a5ea80bddcc84a462e40f402b4f330e0e05411covener [Jeff Trawick]
65a4e663b82f8bce28ac22ab2edfd7502de36998sf
65a4e663b82f8bce28ac22ab2edfd7502de36998sf *) suexec: Add --enable-suexec-capabilites support on Linux, to use
65a4e663b82f8bce28ac22ab2edfd7502de36998sf setuid/setgid capability bits rather than a setuid root binary.
65a4e663b82f8bce28ac22ab2edfd7502de36998sf [Joe Orton]
c7de1955eb0eaeabf7042902476397692672d549sf
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin *) suexec: Add support for logging to syslog as an alternative to logging
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin to a file; configure --without-suexec-logfile --with-suexec-syslog.
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin [Joe Orton]
74e7f6c55fd67b10cb400b3f6d1dc718a303d944minfrin
a511a29faf2ff7ead3b67680154a624effb31aafminfrin *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
a511a29faf2ff7ead3b67680154a624effb31aafminfrin [Matthew Steele <mdsteele google.com>]
a511a29faf2ff7ead3b67680154a624effb31aafminfrin
a511a29faf2ff7ead3b67680154a624effb31aafminfrin *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
a511a29faf2ff7ead3b67680154a624effb31aafminfrin be compiled by the build compiler instead of the host compiler.
63921358ef93fcb41bc71d9894221ba3d7fbb87bminfrin Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
63921358ef93fcb41bc71d9894221ba3d7fbb87bminfrin PR 51257. [Guenter Knauf]
63921358ef93fcb41bc71d9894221ba3d7fbb87bminfrin
deec48c67d4786bc77112ffbf3a4e70b931097edminfrin *) core: In maintainer mode, replace apr_palloc with a version that
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin initializes the allocated memory with non-zero values, except if
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin
6d601599d3d65df0410eae6e573e75b2dbfb1fb4minfrin *) mod_policy: Add a new testing module to help server administrators
684e0cfc200f66287a93bbd1708d1dd8a92a7eefcovener enforce a configurable level of protocol compliance on their
684e0cfc200f66287a93bbd1708d1dd8a92a7eefcovener servers and application servers behind theirs. [Graham Leggett]
5c43d2fb853f84497b5ece2d414ef9484aa87e5fsf
05a5a9c3e16f21566e1b61f4bd68025ce1b741ccjoes *) mod_firehose: Add a new debugging module able to record traffic
05a5a9c3e16f21566e1b61f4bd68025ce1b741ccjoes passing through the server in such a way that connections and/or
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq requests be reconstructed and replayed. [Graham Leggett]
26c5829347f6a355c00f1ba0301d575056b69536niq
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq *) mod_noloris
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq *) APREQ
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq *) Simple MPM
ef82e8fa164e0a1f8b813f7deb6b7ead96018c94niq
413ee814748f37be168ff12407fa6dba0ceeabe6trawick *) mod_serf
c12917da693bae4028a1d5a5e8224bceed8c739dsf
c12917da693bae4028a1d5a5e8224bceed8c739dsf [Apache 2.5.0-dev includes those bug fixes and changes with the
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf Apache 2.4.xx tree as documented below, except as noted.]
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsfChanges with Apache 2.4.x and later:
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf
eafcc0ebf263d0ba69855b6e10958c4c1a2361bdsf *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sf
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sfChanges with Apache 2.2.x and later:
d7ffd2da16d58b1a0de212e4d56f7aebb72bef26sf
4576c1a9ef54cd1e5555ee07d016a7f559f80338sf *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
4576c1a9ef54cd1e5555ee07d016a7f559f80338sf
4576c1a9ef54cd1e5555ee07d016a7f559f80338sfChanges with Apache 2.0.x and later:
9811aed12bbc71783d2e544ccb5fecd193843eadsf
9811aed12bbc71783d2e544ccb5fecd193843eadsf *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
9811aed12bbc71783d2e544ccb5fecd193843eadsf
88fac54d9d64f85bbdab5d7010816f4377f95bd7rjung