CHANGES revision 60284a9f9158baa60cc8ab4a69066404b1dcae7a
f743002678eb67b99bbc29fee116b65d9530fec0wrowe -*- coding: utf-8 -*-
80833bb9a1bf25dcf19e814438a4b311d2e1f4cffuankgChanges with Apache 2.5.0
e81785da447b469da66f218b3f0244aab507958djorton *) mod_ldap: Change "LDAPReferrals off" to actually set the underlying LDAP
e81785da447b469da66f218b3f0244aab507958djorton SDK option to OFF, and introduce "LDAPReferrals default" to take the SDK
e81785da447b469da66f218b3f0244aab507958djorton default, sans rebind authentication callback.
e81785da447b469da66f218b3f0244aab507958djorton [Jan Kaluza <kaluze AT redhat.com>]
424b4e796cde9df955948c354cb4df6080a92d4esf *) mod_authz_groupfile, mod_authz_user: Reduce severity of AH01671 and AH01663
424b4e796cde9df955948c354cb4df6080a92d4esf from ERROR to DEBUG, since these modules do not know what mod_authz_core
5cc1d035c9293c4d64b2344b5eac35edd1bd4537rpluem is doing with their AUTHZ_DENIED return value. [Eric Covener]
5cc1d035c9293c4d64b2344b5eac35edd1bd4537rpluem *) mod_authnz_fcgi: New module to enable FastCGI authorizer
5cc1d035c9293c4d64b2344b5eac35edd1bd4537rpluem applications to authenticate and/or authorize clients.
3e4e54d4e3fc0123c63d57aa84ac7ad7a8c73ff8jorton [Jeff Trawick]
3e4e54d4e3fc0123c63d57aa84ac7ad7a8c73ff8jorton *) mod_auth_basic: Add AuthBasicUseDigestAlgorithm directive to
00f53c09b10014571b639d5e9df993fb188220a6sf allow migration of passwords from digest to basic authentication.
00f53c09b10014571b639d5e9df993fb188220a6sf [Chris Darroch]
00f53c09b10014571b639d5e9df993fb188220a6sf *) core: Add util_fcgi.h and associated definitions and support
459eaf0826f995b73a0dc066f59ea10d2824e72dsf routines for FastCGI, based largely on mod_proxy_fcgi.
459eaf0826f995b73a0dc066f59ea10d2824e72dsf [Jeff Trawick]
459eaf0826f995b73a0dc066f59ea10d2824e72dsf *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
6d6cd31bddca0b7d9cf9d18e46cd2361530e24f3sf [Jeff Trawick]
6d6cd31bddca0b7d9cf9d18e46cd2361530e24f3sf *) mod_unique_id: Use output of the PRNG rather than IP address and
53e9b27aba029b18be814df40bcf6f0428771d1efuankg pid, avoiding sleep() call and possible DNS issues at startup,
53e9b27aba029b18be814df40bcf6f0428771d1efuankg plus improving randomness for IPv6-only hosts.
53e9b27aba029b18be814df40bcf6f0428771d1efuankg [Jan Kaluza <jkaluza redhat.com>]
53e9b27aba029b18be814df40bcf6f0428771d1efuankg *) core: Log a message at TRACE1 when the client aborts a connection.
347074f011eae59e518ddf8d8474d35e029a2056sf [Eric Covener]
fe2e0971201136f2dbc6b000ad5c006a1a6ff672sf *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
347074f011eae59e518ddf8d8474d35e029a2056sf filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
21da42a6b8f551ef603bd06356d3bf71d6d0c21dsf filter "none" to be specified in AuthLDAPURL. [Eric Covener]
21da42a6b8f551ef603bd06356d3bf71d6d0c21dsf *) mod_file_cache: mod_file_cache should be able to serve files that
2876a591f17b0c6ed0cf28da929643965e67c953sf haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
2876a591f17b0c6ed0cf28da929643965e67c953sf *) core: merge AllowEncodedSlashes from the base configuration into
2876a591f17b0c6ed0cf28da929643965e67c953sf virtual hosts. [Eric Covener]
976f49eaf81ffe917272e4f1834115dec06962b0sf *) mod_headers: Add 'setifempty' command to Header and RequestHeader.
38eb64d29a17648e108852de42f23335aecaa8f8sf [Eric Covener]
5a1f28ac93914b4bae892c69ac4b3e670bc10da8nd *) AIX: Install DSO's with "cp" instead of "install" in instdso.sh
5a1f28ac93914b4bae892c69ac4b3e670bc10da8nd [Eric Covener]
0361488d59792d052a9f8024c0e5a1ef909252e6rpluem *) mod_ldap: Retry transient LDAP connection errors when they occur
0361488d59792d052a9f8024c0e5a1ef909252e6rpluem during the authorization stage.
6135cc8178d75a52828ad225b1d568cd1e97799erpluem [Eric Covener]
6135cc8178d75a52828ad225b1d568cd1e97799erpluem *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
44761f3e3072cf78a4997a88bb9a515ca101a1f4covener [Eric Covener]
44761f3e3072cf78a4997a88bb9a515ca101a1f4covener *) mod_deflate: permit compilation of mod_deflate against a zlib that has
2ba1586475aa4ec972ca7c19b06d53bf76f0ee7efuankg been configured with -D Z_PREFIX, which redefines the token "deflate".
2ba1586475aa4ec972ca7c19b06d53bf76f0ee7efuankg [Eric Covener]
c7502880be24058c7fc03771fda61f95bc238339sf *) mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size
c7502880be24058c7fc03771fda61f95bc238339sf previously limited to 64MB. [Jens Låås <jelaas gmail.com>]
ca61ccd0c306c2c72df153688ba1b49f3eceed80sf *) mod_auth_digest: Use the secret when generating nonces in all cases and
ca61ccd0c306c2c72df153688ba1b49f3eceed80sf not only when AuthName is used in .htaccess files (this change may cause
6bb524f1895f30265a1431afc460977d391cb36bsf problems if used with round robin load balancers). Don't regenerate the
6bb524f1895f30265a1431afc460977d391cb36bsf secret on graceful restarts. PR 54637 [Stefan Fritsch]
6bb524f1895f30265a1431afc460977d391cb36bsf *) ab: Add a new -l parameter in order not to check the length of the responses.
8233250a7f6c06225752db92bf32117bd9648c1dsf This can be usefull with dynamic pages.
8233250a7f6c06225752db92bf32117bd9648c1dsf PR9945, PR27888, PR42040 [<ccikrs1 cranbrook edu>]
b40bfdb714672f972887f9f1f1e154e00125bb68covener *) mod_logio: new format-specifier %C (combined) which is the sum of received
b40bfdb714672f972887f9f1f1e154e00125bb68covener and sent byte counts.
b40bfdb714672f972887f9f1f1e154e00125bb68covener PR54015 [Christophe Jaillet]
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin *) core: Remove apr_brigade_flatten(), buffering and duplicated code
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin from the HTTP_IN filter, parse chunks in a single pass with zero copy.
e6dd71992459d05a676b98b7963423dc5dc1e24aminfrin Reduce memory usage by 48 bytes per request. [Graham Leggett]
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin *) core: Stop the HTTP_IN filter from attempting to write error buckets
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin to the output filters, which is bogus in the proxy case. Create a
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin clean mapping from APR codes to HTTP status codes, and use it where
23f1535d6a60817d2846bac0aea230ea475d7dccminfrin needed. [Graham Leggett]
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) mod_proxy: Ensure network errors detected by the proxy are returned as
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung [Basant Kumar Kukreja <basant.kukreja sun.com>, Alejandro Alvarez
ec7520b24cd80d34d82bbcaca153cbb23cc04bc0rjung *) core, mod_ssl: Enable the ability for a module to reverse the sense of
6249dfa569d3b4f1f539665b979a80c6e335d93etrawick a poll event from a read to a write or vice versa. This is a step on
6249dfa569d3b4f1f539665b979a80c6e335d93etrawick the way to allow mod_ssl taking full advantage of the event MPM.
0827cb14e550f6f65018431c22c2c913631c8f25kbrand [Graham Leggett]
ae600ca541efc686b34f8b1f21bd3d0741d37674covener *) mod_ldap: LDAP connections used for authentication were not respecting
6249dfa569d3b4f1f539665b979a80c6e335d93etrawick LDAPConnectionPoolTimeout. PR 54587
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim *) core: ap_rgetline_core now pulls from r->proto_input_filters.
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim *) mod_proxy_html: process parsed comments immediately.
cfa64348224b66dd1c9979b809406c4d15b1c137fielding Fixes bug where parsed comments may be lost. [Nick Kew]
cfa64348224b66dd1c9979b809406c4d15b1c137fielding *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
cfa64348224b66dd1c9979b809406c4d15b1c137fielding *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
HTML/XHTML [Nick Kew]
[Jan Kaluza <jkaluza redhat.com>]
*) mod_ssl: Catch missing or mismatched client cert/key pairs with
SSLProxyMachineCertificateFile/Path directives. PR 52212.
[Keith Burdis <keith burdis.org>, Joe Orton]
*) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
setuid/setgid capability bits rather than a setuid root binary.
[Matthew Steele <mdsteele google.com>]
passing through the server in such a way that connections and/or
Apache 2.4.xx tree as documented below, except as noted.]
Changes with Apache 2.4.x and later:
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later: