CHANGES revision 784e72b9673ae72f981ae5ee062330bc30ad9efc
436aad11e01e916f75e68a2e9cb89ac217a990d3Tinderbox User -*- coding: utf-8 -*-
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterChanges with Apache 2.3.0
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User [Remove entries to the current 2.0 and 2.2 section below, when backported]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) mod_proxy: Fix KeepAlives not being allowed and set to
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User backend servers. PR38602. [Ruediger Pluem, Jim Jagielski]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Correctly initialize mod_proxy workers, which use a
1f4c645185bd8fc70048e0a69eee46193a284e5cTinderbox User combination of local and shared datasets. Adjust logging
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews to better trace usage. PR38403. [Jim Jagielski]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) Respect GracefulShutdownTimeout in the worker and event MPMs.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Chris Darroch <chrisd pearsoncmg.com>, Garrett Rooney]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) mod_proxy_balancer: Do not overwrite the status of initialized workers and
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews respect the configured status of uninitilized workers when creating a new
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews child process. [Ruediger Pluem]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) mod_speling: Stop crashing with certain non-file requests. [Jeff Trawick]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_proxy_ajp: Support common headers of the AJP protocol in responses.
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews PR 38340. [Aleksey Pesternikov <apesternikov yahoo.com>, Ruediger Pluem]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) core: Reject invalid Expect header immediately. PR 38123.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Ruediger Pluem]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) Authz: Add the new module mod_authn_core that will provide common
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews authn directives such as 'AuthType', 'AuthName'. Move the directives
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews into mod_authn_core. [Brad Nicholes]
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews *) Authz: Mark the directives 'Order', 'Allow', 'Deny' and 'Satisfy' as
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews deprecated and move them into the new module mod_access_compat which
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User can be loaded to provide backwards compatibility for these directives.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Brad Nicholes]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Authz: Move the 'Require' directive from the core module as well as
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User logic into the authorization processing. [Brad Nicholes]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Authz: Add the new module mod_authz_core which acts as the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews authorization provider vector and contains common authz
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt directives. [Brad Nicholes]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
24934f08b9ff81c2be711e566e8002d145573031Tinderbox User *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater host-based access control provided by mod_authz_host and invoked
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt through the 'Require' directive. [Brad Nicholes]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Authz: Convert all of the authz modules from hook based to
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt provider based. [Brad Nicholes]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_cache: Add CacheMinExpire directive to set the minimum time in
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater seconds to cache a document.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater *) Refactored ap_read_request() to provide a foundation for
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews nonblocking reads of requests. [Brian Pane]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) If a connection is aborted while waiting for a chunked line, flag the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews connection as errored out. [Justin Erenkrantz]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: If we get an error reading the upstream response,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews close the connection.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz, Roy T. Fielding, Jim Jagielski, Ruediger Pluem]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews *) Fix typo in ProxyStatus syntax error message.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Asynchronous write completion for the Event MPM. [Brian Pane]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) Added an End-Of-Request bucket type. The logging of a request and
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User the freeing of its pool are now done when the EOR bucket is destroyed.
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User This has the effect of delaying the logging until right after the last
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User of the response is sent; ap_core_output_filter() calls the access logger
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User indirectly when it destroys the EOR bucket. [Brian Pane]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Rewrite of logresolve support utility: IPv6 addresses are now supported
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User and the format of statistical output has changed. [Colm MacCarthaigh]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Added new connection states for handler and write completion
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Brian Pane]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) New module: mod_authn_dbd [Nick Kew]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User [Justin Erenkrantz]
ad411d8ccf8a27eb903b842ab507ba6729d0246bTinderbox User *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User allowing string-valued client certificate attributes to be used for
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User [Martin Kraemer, David Reid]
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark AndrewsChanges with Apache 2.2.1
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) SECURITY: CVE-2005-3357 (cve.mitre.org)
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User mod_ssl: Fix a possible crash during access control checks if a
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson non-SSL request is processed for an SSL vhost (such as the
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User "HTTP request received on SSL port" error message when an 400
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews ErrorDocument is configured, or if using "SSLEngine optional").
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User PR 37791. [R�diger Pl�m, Joe Orton]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) SECURITY: CVE-2005-3352 (cve.mitre.org)
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews mod_imagemap: Escape untrusted referer header before outputting
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews in HTML to avoid potential cross-site scripting. Change also
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User made to ap_escape_html so we escape quotes. Reported by JPCERT.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_cache: Make caching of reverse proxies possible again. PR 38017.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Ruediger Pluem]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) Modify apr[util] .h detection to avoid breakage on VPATH builds
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews using Solaris make (amoung others) and avoid breakage in ./buildconf
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User when srclib/apr[-util] are symlinks rather than directories proper.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson [William Rowe]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Chunk filter: Fix chunk filter to create correct chunks in the case that
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User a flush bucket is surrounded by data buckets. [Ruediger Pluem]
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews *) Fix syntax error in httpd.h with strict compilers. PR 38740.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Per Olausson <pao darkheim.freeserve.co.uk>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Preserve the Content-Length header for a proxied HEAD response.
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User PR 18757. [Greg Ames]
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews *) Fix recursive ErrorDocument handling. PR 36090.
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User [Chris Darroch <chrisd pearsoncmg.com>]
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews *) Don't hang on error return from post_read_request. PR37790 [Nick Kew]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix off-by-one error in proxy_balancer. PR37753
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Kazuhiro Osawa <ko yappo ne jp>]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsChanges with Apache 2.2.0
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_negotiation: Minor performance tweak by reusing already calculated
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Ruediger Pluem, Christophe Jaillet <christophe.jaillet wanadoo.fr>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Remove support for 'On' and 'Off' for AuthBasicProvider and
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews AuthDigestProvider. [Joshua Slive, Justin Erenkrantz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add in new UseCanonicalPhysicalPort directive, which controls
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews whether or not Apache will ever use the actual physical port
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews when constructing the canonical port number. [Jim Jagielski]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) mod_dav: Fix a null pointer dereference in an error code path during the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews handling of MKCOL.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Ruediger Pluem, Ghassan Misherghi <ghassanm ucdavis.edu>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix DESTDIR=... installation when using bundled copy of APR.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) mod_proxy_balancer: When finding best worker, use case insensitive
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User match for scheme and host, but case sensitive for the rest of
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User the path. [Jim Jagielski, Ruediger Pluem]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsChanges with Apache 2.1.9
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy_ajp: Do not spool the entire response from AJP backend before
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User sending it up the filter chain. PR37100. [Ruediger Pluem]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) mod_cache: Create new filters CACHE_OUT_SUBREQ / CACHE_SAVE_SUBREQ which
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews only differ by the type from CACHE_OUT / CACHE_SAVE to ensure that
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User subrequests to non local resources work again. [Ruediger Pluem]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) mod_proxy: Do not lowercase the entire worker name of a BalancerMember
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User since this breaks case sensitive URI's. PR36906. [Ruediger Pluem]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) core: AddOutputFilterByType is ignored for proxied requests. PR31226.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Joe Orton, Ruediger Pluem]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) mod_proxy_http: Prevent data corruption of POST request bodies when
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater client accesses proxied resources with SSL. PR37145.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Ruediger Pluem, William Rowe]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) mod_proxy_balancer: BalancerManager and proxies correctly handle
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews member workers with paths. PR36816. [Ruediger Pluem, Jim Jagielski]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_log_config: %{hextid}P will log the thread id in hex with APR
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User versions 1.2.0 or higher. [Jeff Trawick]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) httpd.exe/apachectl -V: display the DYNAMIC_MODULE_LIMIT setting, as
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews in 1.3. [Jeff Trawick]
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater *) Support dbd connections tied to the conn_rec [Nick Kew]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Move mod_dbd to /modules/database/ [Nick Kew]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Move mod_filter and mod_charset_lite to /modules/filters/ [Nick Kew]
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater *) Fix mod_dbd's config [Brian J. France <list firehawksystems.com>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy_ajp: mod_proxy_ajp sends empty SSL attributes for non SSL
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User connections. PR36883.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [William Barker <william.barker wilshire.com>, Ruediger Pluem]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) Elimiated the NET_TIME filter, restructuring the timeout logic.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User This provides a working mod_echo on all platforms, and ensures any
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews custom protocol module is at least given an initial timeout value
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User based on the <VirtualHost > context's Timeout directive.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [William Rowe]
5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox User *) mod_proxy: Run the request_status hook also if there are no free workers
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User or all workers are in error state.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Ruediger Pluem, Brian Akins <brian.akins turner.com>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy_balancer: mod_proxy_balancer does not handle sticky sessions
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User with tomcat correctly. PR36507. [Ruediger Pluem]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) mod_proxy_connect: Fix high CPU loop on systems like UnixWare which
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews trigger POLL_ERR or POLL_HUP on a terminated connection. PR 36951.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Jeff Trawick, Ruediger Pluem]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) SECURITY: CVE-2005-2970 (cve.mitre.org)
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User worker MPM: Fix a memory leak which can occur after an aborted
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User connection in some limited circumstances. [Greg Ames]
7ca715ad1587a68a531ea1cdea07515d7232567eTinderbox User *) Doxygen fixup [Neale Ranns <neale ranns.org>, Ian Holsman]
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater *) mod_cache/mod_dir: Correct a subrequest lookup bug which was preventing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_dir from serving indexes correctly with mod_cache enabled.
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews [Colm MacCarthaigh]
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox UserChanges with Apache 2.1.8
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix lingering close implementation to match 1.3.x behaviour.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews PR 35292. [Joe Orton]
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater *) mod_ssl: Support limited buffering of request bodies to allow
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater per-location renegotiation to proceed. PR 12355. [Joe Orton]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) Fix regression since 2.0.x in AllowOverride Options handling.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 35330. [kabe <kabe sra-tohoku.co.jp>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_ssl: Fix memory leak in ssl_util_algotypeof().
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater PR 25659. [David Blake <dblake hp com>, Martin Kraemer]
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User *) prefork, worker and event MPMs: Support a graceful-stop procedure:
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User Server will wait until existing requests are finished or until
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater "GracefulShutdownTimeout" number of seconds before exiting.
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater [Colm MacCarthaigh, Ken Coar, Bill Stoddard]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) prefork, worker and event MPMs: Prevent children from holding open
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater listening ports upon graceful restart or stop. PR 28167.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater *) SECURITY: CVE-2005-2700 (cve.mitre.org)
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User mod_ssl: Fix a security issue where "SSLVerifyClient" was not
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews enforced in per-location context if "SSLVerifyClient optional"
6a9d2121152c94cb9e35832126c3f2e4d18d81edTinderbox User was configured in the vhost configuration. [Joe Orton]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) mod_ssl: Catch parse errors from misconfigured or malformed
96ea71632887c58a9d00f47eb318bf76b35903c3Mark Andrews CRLs. PR 36438. [Joe Orton]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_proxy/mod_proxy_balancer: lbmethods now implemented as
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User providers. Prevent problems when no Vhost containers were
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User configured with proxy balancers. [Jim Jagielski]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) New provider function to list all available provider names in a
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews specific group and version (ap_list_provider_names). [Jim Jagielski]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_cache: Enhance CacheEnable/CacheDisable to control caching on a
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater per-protocol, per-host and per-path basis. Intended for proxy
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User configurations. [Colm MacCarthaigh]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_disk_cache: Canonicalise the storage key, for improved hit/miss
bf5e2127e92e52cbf661e77dd6a76e5aef43542fTinderbox User ratio. [Colm MacCarthaigh]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_cgid: Append .PID to the script socket filename and remove the
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews script socket on exit. [Colm MacCarthaigh, Jim Jagielski]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) mod_cgid: run the get_suexec_identity hook within the request-handler
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User instead of within cgid. PR 36410. [Colm MacCarthaigh]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews of SIGUSR1 clashing with graceful restart signal. [Colm MacCarthaigh]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserChanges with Apache 2.1.7
cf7e98f59148b559946a7f1ca728471374f1eef3Automatic Updater *) SECURITY: CVE-2005-2491 (cve.mitre.org):
6025cbbe8408f4b09d53d5ec1e95cb6da97e0a8dTinderbox User Fix integer overflows in PCRE in quantifier parsing which could
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews be triggered by a local user through use of a carefully-crafted
dc5552b4df5e3821783821c8d4e734c1608c446eTinderbox User regex in an .htaccess file. [Philip Hazel]
cf7e98f59148b559946a7f1ca728471374f1eef3Automatic Updater *) mod_proxy/mod_proxy_balancer: Provide a simple, functional
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews interface to add additional balancer lb selection methods
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson without requiring code changes to mod_proxy/mod_proxy_balancer;
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews these can be implemented via sub-modules now. [Jim Jagielski]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_cache: Fix incorrectly served 304 responses when expired cache
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews entity is valid, but cache is unwritable and headers cannot be
cd6e9010079a4e58f7e30063df3dec0ff154ad59Tinderbox User updated. [Colm MacCarthaigh <colm stdlib.net>]
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User *) mod_cache: Remove entities from the cache when re-validation
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User receives a 404 or other content-no-longer-present error.
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews *) mod_disk_cache: Properly remove files from cache when needed.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_disk_cache: Support htcacheclean removing directories.
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Andreas Steinmetz]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) htcacheclean: Add -t option to remove empty directories.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Colm MacCarthaigh <colm stdlib.net>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Remove the base href tag from mod_proxy_ftp, as it breaks relative
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews links for clients not using an Authorization header. [Graham Leggett,
8292deab031e7599cd7622aa7675fbe139ca6095Mark Andrews Jon Snow <jsnow27 gatesec.net>]
7ac34650fa344f42211d6da744ae486b0145a083Tinderbox User *) mod_cache: Restore the HTTP status of cached responses.
7ac34650fa344f42211d6da744ae486b0145a083Tinderbox User [Hansjoerg Pehofer <hansjoerg.pehofer uibk.ac.at>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_cache: Store varied contents all in the same prefix for a varied URI.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Paul Querna]
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_cache: Run the CACHE_SAVE and CACHE_OUT Filters after other content
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews filters. [Paul Querna]
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_negotiation: Correctly report 404 instead of 403 for missing files.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Paul Querna]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) new hook (request_status) that gets ran in proxy_handler just before
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews the final return. This gives modules an opportunity to do something
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews based on the proxy status. (minor MMN bump)
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Brian Akins <bakins turner.com>, Ian Holsman]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add additional SSLSessionCache option, 'nonenotnull', which is
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews similar to 'none' (disabling any external shared cache) but forces
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater OpenSSL to provide a non-null session ID. [Jim Jagielski]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add httxt2dbm to support/ for creating RewriteMap DBM Files.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Paul Querna]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add SSL_COMPRESS_METHOD variable (included in +StdEnvVars) to note
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater the negotiated compression. [Georg v. Zezschwitz <gvz 2scale.de>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fixed complaints about unpackaged files within the RPM build
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews after changes to the config files. [Graham Leggett]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater just closing the socket, a HTTP request is made, to make sure the child is
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews always awakened. [Paul Querna]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsChanges with Apache 2.1.6
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix htdbm password validation for records which included comments.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Eric Covener <covener gmail.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_cgid: Fix buffer overflow processing ScriptSock directive.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Steve Kemp <steve steve.org.uk>]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsChanges with Apache 2.1.5
c5a97a549c89d562e999d4f906b882c5a2a474e1Tinderbox User *) mod_ssl: Setting the Protocol to 'https' can replace the use of the
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User 'SSLEngine on' command. [Paul Querna]
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews *) core: Refactor the mapping of Accept Filters to Sockets. Add the
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User AcceptFilter and Protocol directives to aid in mapping filter types.
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User Extend the Listen directive to optionally take a protocol name.
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User [Paul Querna]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) mod_disk_cache: Support storing multiple variations of one URL. PR 35211.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Paul Querna]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_disk_cache: Atomically create the header data file. [Paul Querna]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Paul Querna]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) mod_cache: Rename 'generate_name' to 'ap_cache_generate_name'.
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User [Paul Querna]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_mime_magic: Handle CRLF-format magic files so that it works with
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater the default installation on Windows. [Jeff Trawick]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) core: Allow multiple modules to register interest in a single
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews configuration command. [Paul Querna]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) authn_provider_alias: Adds the configuration block tag
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <AuthnProviderAlias baseProvider Alias>
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews Authentication directives contained within this block can be
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews referenced as a new authProvider using the AuthBasicProvider or
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews AuthDigestProvider directive. These directives will be merged in to
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews the per_dir configuration just before the base provider is called.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Brad Nicholes]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) ap_getword_conf: Fix backslashes at the end of configuration directives.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 34834. [Timo Viipuri <viipuri dlc.fi>]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) mod_dbd: New additions: mod_dbd.c, mod_dbd.h, mod_dbd.xml
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews Provide module hooks for apr_dbd; optimise for httpd
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews threaded and non-threaded arch [Nick Kew]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) ab: SSL support rewritten, improved, and enabled if SSL is enabled
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews during the build; -f and -Z arguments added to specify SSL protocol
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews options. [Masaoki Kobayashi <masaoki techfirm.co.jp>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_info: Show the Quick Handler [Paul Querna]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_ldap: Add the directive LDAPVerifyServerCert to specify
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews whether to force verification of the server certificate when
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews establishing an SSL connection to the LDAP server.
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews [Brad Nicholes]
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews *) mod_proxy: Run mod_rewrite before mod_proxy in the translate_name
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews hook. [Paul Querna]
f7369b2881b5e63d69600adcedc8ba938303d30cTinderbox User *) Add AP_INIT_TAKE_ARGV for configuration commands. (minor MMN bump)
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) ap_get_local_host() rewritten for APR. [Jim Jagielski]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Add the ap_vhost_iterate_given_conn function to expose the information
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington used in Name Based Virtual Hosting. (minor MMN bump)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Remove the never working ap_method_list_do and ap_method_list_vdo.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Added makefile and doc for building mod_ssl on the NetWare
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington platform. [Guenter Knauf, Brad Nicholes]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_deflate: Merge the Vary header, isntead of Setting it. Fixes
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington applications that send the Vary Header themselves, and also apply
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_deflate as an output filter. [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Change the default (when not present in the config file) setting
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington for UseCanonicalName to Off.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Joshua Slive]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_userdir: The module no longer does any remapping unless the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington UserDir directive is present in the config file.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Joshua Slive]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Massively simplify the distributed httpd.conf by removing
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington many features and many directives that are at their default
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington setting. Add a selection of example config excerpts for adding
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington extra features in the conf/extra/ directory. Install the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington distributed config and the extra config examples in the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington conf/original/ directory during make install.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Joshua Slive, Justin Erenkrantz]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) NetWare: Reposition mod_asis, mod_actions, mod_cgi, mod_imagemap,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_userdir and mod_autoindex as shared modules rather than
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington built-in modules within the NetWare build.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Brad Nicholes]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Rename mod_imap to mod_imagemap.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) util_ldap: Eliminate the load ordering of mod_ldap and mod_authnz_ldap
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington by changing the mod_ldap exported functions to optional functions.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Brad Nicholes]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonChanges with Apache 2.1.4
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Don't let a subrequest inherit headers describing the original request's
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington body. [Greg Ames]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Fix Windows CompContext buff size miscalculation
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Allan Edwards]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Add ReceiveBufferSize directive to control the TCP receive buffer.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Eric Covener <covener gmail.com>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: Add proxy-sendextracrlf option to send an extra CRLF at the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews end of the request body to work with really old HTTP servers.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) util_ldap: Keep track of the number of attributes retrieved from
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater LDAP so that all the values can be properly cached even if the
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater value is NULL. PR 33901 [Brad Nicholes]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) mod_cache: Fix error where incoming Cache-Control would be ignored.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater [Justin Erenkrantz]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) mod_cache: Correctly handle originally conditional requests.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater [Sander Striker]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) mod_disk_cache: Correctly update cached headers on revalidated responses.
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater [Sander Striker, Justin Erenkrantz]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) worker MPM/mod_status: Support per-worker tracking of pid and
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater generation in the scoreboard so that mod_status can accurately
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews represent workers in processes which are gracefully terminating.
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User (major MMN bump)
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User [Jeff Trawick]
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User *) Correctly export all mod_dav public functions.
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User [Branko Čibej <brane xbc.nu>]
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserChanges with Apache 2.1.3
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User *) mod_ssl: Add ssl_ext_lookup optional function for accessing
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User certificate extensions. [David Reid, Joe Orton]
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User *) Add support for use of an external PCRE library; pass the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews --with-pcre flag to configure. PR 27550. [Joe Orton,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews Andres Salomon <dilinger voxel.net>]
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User *) Renamed regex interfaces to be namespace-safe, and moved from
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User pcreposix.h header to ap_regex.h: regex_t->ap_regex_t,
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox User regmatch_t->ap_regmatch_t; REG_*->AP_REG_*; functions
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews reg*->ap_reg*. PR 27550. [Andres Salomon <dilinger voxel.net>,
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Only recompile buildmark.c when we have to relink httpd.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_cache: Fix up handling of revalidated responses.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_disk_cache: Properly load cached ETag from on-disk structures.
febbdb34a7f7759922e239655e7429d78d3a8d26Tinderbox User [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_authnz_ldap: Added an optional second parameter to AuthLDAPURL
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User to allow it to override the connection type set in mod_ldap. This
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews parameter can be set to NONE, SSL or TLS | STARTTLS.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Brad Nicholes]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Fix --with-apr=/usr and/or --with-apr-util=/usr. PR 29740.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Max Bowsher <maxb ukf.net>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: Fix ProxyRemoteMatch directive. PR 33170.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Rici Lake <rici ricilake.net>]
c01dec514a81ecf8c17ca3ef8c3ba95e437295ebAutomatic Updater *) mod_proxy: Fix ap_proxy_canonenc API.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 32459. [Jim Jagielski]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cache: Add CacheStorePrivate and CacheStoreNoStore directive.
e8c42d50cdaf3a3b841074d8bf72b40ffbae2a4bTinderbox User [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add --enable-pie flag to configure, to build httpd as a Position
e20309353e6246485c521278131d3fced73d7957Tinderbox User Independent Executable where supported (GCC/binutils).
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) proxy_balancer: Add in load-balancing via weighted traffic
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington byte count. [Jim Jagielski]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_disk_cache: Cache r->err_headers_out headers. This allows CGI
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington scripts to be properly cached. [Justin Erenkrantz, Sander Striker]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ldap: Updated to use the new apr-util v1.1 apr_ldap_*_option()
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington API for the setting of server and client SSL certificates. Replaced
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington LDAPTrustedCA directive with LDAPTrustedGlobalCert and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington LDAPTrustedClientCert directives to correctly support global certs
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (CA certs / Netware client certs) and per connection client certs
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington as supported by Netware, OpenLDAP and Netscape/Mozilla.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cache: Remove unimplemented CacheForceCompletion directive.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Justin Erenkrantz]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) support/check_forensic: Fix temp file usage
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews [Javier Fernandez-Sanguino Pen~a <jfs computer.org>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: Add SSLCADNRequestFile and SSLCADNRequestPath directives
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews which can be used to configure a specific list of CA names to send
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews in a client certificate request. PR 32848.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) --with-module can now take more than one module to be statically
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews If the <modtype>-subdirectory doesn't exist it will be created and
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater populated with a standard Makefile.in. [Erik Abele]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Remove some compiler warnings within the LDAP modules [Graham Leggett]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Add a build script to create a solaris package. [Graham Leggett]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) ap_http_scheme() replaced with ap_http_method() - this function
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews returns the scheme (http v.s. https).
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [William Rowe]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_proxy: Fix a request corruption problem and a buffering problem
79cea03ba823e2d3a34895f0ba91d7fb5ad799e7Automatic Updater which sometimes prevented proxy-sendchunks from working.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Jeff Trawick]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) Fix the RPM spec file so that an RPM build now works. An RPM
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews build now requires system installations of APR and APR-util.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Significantly simplify the load balancer scheduling algorithm
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington for the proxy BalancerMember weighting. loadfactors (lbfactors)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington are now normalized with respect to each other. [Jim Jagielski]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_dumpio: Added to the available module suite; it is an
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington I/O logging/dumping module. Placed in the (new) debug module
b7aab05edae933e169d5f83c653935b17c7f0a8bMark Andrews subdirectory. mod_bucketeer moved to that directory as well.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Jim Jagielski]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Add support for APR_TCP_DEFER_ACCEPT to defer accepting
409ba95e573b40cf36acf97dd62ee7e9c7775851Tinderbox User of a connection until data is available.
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonChanges with Apache 2.1.2
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_proxy: Respect errors reported by pre_connection hooks.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Jeff Trawick]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) core: Error out on sections that are missing an argument instead of
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews silently consuming the section. PR 25460.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Geoffrey Young, Paul Querna]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_cache/mod_mem_cache/mod_disk_cache: Move out of experimental.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Upgraded PCRE to version 5.0. [Brian Pane]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cgid: Catch configuration problem where two web server instances
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington share same ServerRoot but admin forgot to use ScriptSock.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_cgi: Ensure that all stderr is logged for a script which returns
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington a Location header to generate a non-local redirect. PR 20111.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Added the Event MPM to more efficiently handle clients during a
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Keep Alive request.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Paul Querna, Greg Ames]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.1.1
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_proxy_http: Stream content better - always flush buffered data to
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the client before blocking waiting for new data. PR 19954.
0e91f17da8a29086876a88962e0a3482094b6057Evan Hunt *) mod_ssl: Add support for command-line option "-t -DDUMP_CERTS" which
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews will dump the filenames of all configured SSL certificates to stdout.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_disk_cache: Remove a bunch of non-implemented garbage collection
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews and cache size directives that are now available through htcacheclean.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Justin Erenkrantz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add htcacheclean to support/ for assistance with mod_disk_cache.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Andreas Steinmetz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_authnz_ldap: Added the directive "Requires ldap-filter" that
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews allows the module to authorize a user based on a complex LDAP
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews search filter. [Brad Nicholes]
42bee07ebb8152a6ec2f87f4790d87368c24704cAutomatic Updater *) mod_usertrack: Run the fixups hook before other modules.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 29755. [Paul Querna]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Allow mod_authnz_ldap authorization functionality to be used
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington without requiring the user to also be authenticated through
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews mod_authnz_ldap. This allows other authentication modules to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington take advantage of LDAP authorization only [PR 28253]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews [Jari Ahonen jah progress.com, Brad Nicholes]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) Log the client IP address when an error occurs disabling nagle on a
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews connection, but log at a severity of debug since this error
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews generally means that the connection was dropped before data was
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews sent. Log the client IP address when reporting errors in the core
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews output filter. [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: Add a warning message if the request line read fails.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_rewrite: Removed the MaxRedirects option in favor of the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington core LimitInternalRecursion directive. [André Malo]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_info: Added listing of the Request Hooks and added more build
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington information like 'httpd -V' contains. Changed output to XHTML.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Paul Querna]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_info: Rewrote config tree walk using a recursive function.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews Added ?config option. Added printout of config filename and line numbers.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Rici Lake <rici ricilake.net>, Paul Querna]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: Fix type error that prevents proxy-sendchunks from working.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: Fix data corruption by properly setting aside buckets.
89623368b8f662d458d9964b923050f33c5f75b0Tinderbox User [Justin Erenkrantz]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_proxy: If a request has a blank body and has a 0 Content-Length
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User headers, pass that to the proxy. [Justin Erenkrantz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Recognize QSA flag in mod_rewrite again.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews [Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Restructured mod_auth_ldap to fit the new authentication model.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews The module is now called authnz_ldap and has been moved out of
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews the modules/experimental area and into modules/aaa with the other
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews auth modules. Both the authn_ldap provider and the authz_ldap
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews handler are contained within the authnz_ldap module. The
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews authz_ldap handler introduces 3 new "requires" values for handling
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater authorization. These handlers are ldap-user, ldap-group and
22d32791e5daa0bc80335a0f10ab2de95f41ccdbTinderbox User ldap-dn. [Brad Nicholes]
22d32791e5daa0bc80335a0f10ab2de95f41ccdbTinderbox User *) Fix some compiler warnings in proxy
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Geoffrey Young <geoff@modperlcookbook.org>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_ssl: Add SSL_CLIENT_V_REMAIN variable, representing the
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews number of days until the client cert expires. [Joe Orton]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Add test_config hook, run only if httpd is invoked using -t.
1fdd58445074579ee3b65c871137a7a1740eb542Mark Andrews *) Improve error handling for corrupted pid files. [Jeff Trawick]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_proxy.c and proxy_util.c: Enable compiling on 2.0-HEAD
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User (for backwards compatibility):
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User Avoids mod_ssl.h (not included in 2.0-HEAD) and
cc5a9ce75af9870f2cb9e2bf00548c2f7e6398d6Automatic Updater use apr_socket_create_ex for 0.9.x
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Added proxy_ajp.c module for proxy support to ajp:// backends.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [Jean Frederic Clere]
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater *) Fixes the build of proxy on Windows. Since the proxy_module is declared
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater as extern using AP_MODULE_DECLARE_DATA that expands to dllexport, there
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater is a LNK2001 error when building proxy_http. [Mladen Turk]
91faa748a27dee38f6caea461d3e87f15b93abeaTinderbox User *) Remove LDAP toolkit specific code from util_ldap and mod_auth_ldap.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Graham Leggett]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Remove deprecated/removed APR_STATUS_IS_SUCCESS(). [Justin Erenkrantz]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) perchild MPM: Fix thread safety problem in the use of longjmp().
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews [Tsuyoshi SASAMOTO <nazonazo super.win.ne.jp>]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Add load balancer support to the scoreboard in preparation for
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews load balancing support in mod_proxy. [Mladen Turk]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews allow a non-secure connection to be upgraded to secure connections
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews [Brad Nicholes]
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User *) core: Add Options= syntax to AllowOverride to specify which options
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User may be overridden in .htaccess files. PR 29310.
861836e5f5df62bfaea9ad8923a05278d5ab2f3dTinderbox User [Tom Alsberg <alsbergt cs.huji.ac.il>, Paul Querna]
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User *) ab: Handle long URLs with an error instead of an buffer overflow.
665ba746c0585088d0c314dcfc4671aa2c7b2dc1Automatic Updater PR 28204. [Erik Weide <erik.weidel mplus-technologies.de>, Paul Querna]
665ba746c0585088d0c314dcfc4671aa2c7b2dc1Automatic Updater *) mod_so, core: Add new command line options to print all loaded
665ba746c0585088d0c314dcfc4671aa2c7b2dc1Automatic Updater modules. '-t -D DUMP_MODULES' and '-M' will show all static
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User and shared modules as loaded from the configuration file.
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User [Paul Querna]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_autoindex: Add ShowForbidden to IndexOptions to list files
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater that are not shown because the subrequest returned 401 or 403.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater PR 10575. [Paul Querna]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_headers: implement "Early" processing option in post_read_request
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater to enable Header and RequestHeader directives to be used to set up
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater testcases for pre-fixups request phases [Nick Kew]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_proxy: multiple bugfixes, principally support cookies in
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater ProxyPassReverse, and don't canonicalise URL passed to backend.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater Documentation correspondingly updated. [Nick Kew <nick webthing.com>]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_deflate: support gzip flags in inflate_out_filter
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater [Nick Kew <nick webthing.com>]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) Drop the ErrorHeader directive which turned out to be a misnomer.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater Instead there's a new optional flag for the Header directive
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater ('always'), which keeps the former ErrorHeader functionality.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_deflate: Don't deflate responses with zero length
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater e.g. proxied 304's [Allan Edwards]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) <IfModule> now recognizes the module identifier in addition to the
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater file name. PR 29003. [Edward Rudd <eddie omegaware.com>, André Malo]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater OpenSSL 0.9.7 flag which uses the server's cipher order rather
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater than the client's. PR 28665.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater [Jim Schneider <jschneid netilla.com>]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) mod_ssl: Drop support for the CompatEnvVars argument to
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater SSLOptions, which was never actually implemented in 2.0.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) Fix bug in mod_deflate that unconditionally sent deflate'd output
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater even when Accept-Encoding is not present. [Justin Erenkrantz]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) Pass environment variables through to piped loggers and start
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater them via the shell, resolving regressions since 1.3. PR 28815
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater [Ken Coar, Jeff Trawick]
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater *) External rewrite map responses are no longer limited to 2048
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater bytes. [André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Proxy server was deleting cookies that Apache had already
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User assigned if the origin server had set any cookies. PR 27023.
fe84edc17e0d582cf7b4270f8df9d4742a107b1cAutomatic Updater [Jim Jagielski]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Removed old and unmaintained ap_add_named_module API and changed
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User the following APIs to return an error instead of hard exiting:
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater ap_add_module, ap_add_loaded_module, ap_setup_prelinked_modules,
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrews and ap_process_resource_config. [André Malo]
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrews *) mod_headers: Allow %% in header values to represent a literal %.
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrews [André Malo]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_headers: Allow env clauses also for 'echo' and 'unset' actions.
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) mod_headers: Allow 'echo' also for ErrorHeaders. [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_deflate: New option for DEFLATE output file (force-gzip),
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User new output filter 'INFLATE' for uncompressing responses.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater [Nick Kew <Nick at WebThing dot com>, Ian Holsman]
4ea3649f028ea6a1e42377082a7ccf8f789fb950Automatic Updater *) Added new module mod_version, which provides version dependent
40072ce70bc4125329addb4aaa56d18a1230bc17Automatic Updater configuration containers. [André Malo]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
3040b455151b1e1173193933664b2891b6159f24Mark Andrews format is used. PR 27787. [André Malo]
60d5d17479b47c03b9c7c86f54269718103750b8Automatic Updater *) Allow Digest providers to return AUTH_DENIED to propagate a 401
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater status and terminate the provider chain prior to checking the password.
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater [Geoffrey Young]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_cgid: Don't allow Scriptsock to be specified inside VirtualHost;
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater Don't place script socket inside default server root instead of
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater actual server root. PR 27886. [Jeff Trawick]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_proxy: Fix handling of non-200 success status codes when
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater "ProxyErrorOverride On" is configured. PR 20183.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater [Marcus Janson <marcus.janson tre.se>, Joe Orton]
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater *) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize
19dbf2e20df03f2b81ed1f347e27718084374059Automatic Updater directive (previously NetWare-only) to override default thread
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater stack size for threads which handle client connections. Required
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater for some third-party modules on platforms with small default
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater thread stack size. [Jeff Trawick]
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater *) minor mod_auth_basic and mod_auth_digest sync. mod_auth_basic
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater now populates r->user with the (possibly unauthenticated) user,
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updater and mod_auth_digest returns 500 when a provider returns
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater AUTH_GENERAL_ERROR.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater [Geoffrey Young]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) The whole codebase was relicensed and is now available under
3040b455151b1e1173193933664b2891b6159f24Mark Andrews the Apache License, Version 2.0 (http://www.apache.org/licenses).
7dd02af3c9350553e1d52d980a7812425b3f1295Automatic Updater [Apache Software Foundation]
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User *) Delete some make-generated files in the server directory during
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington "make clean" processing. PR 26552. [Jeff Trawick]
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews *) Add core version query function (ap_get_server_revision) and
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User accompanying ap_version_t structure (minor MMN bump).
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User *) mod_rewrite: EOLs sent by external rewritemaps are now consumed
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox User as whole. That way, on systems with more than one EOL character
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User rewritemap programs no longer need to switch stdout to binary
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User mode. PR 25635. [André Malo]
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User *) mod_rewrite: Introduce the ability to force a content handler via
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User the [handler=...] flag. [André Malo]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) mod_rewrite: Introduce the RewriteCond -x check, which returns
d642d3857129678797a01adee14fbd70335b05a9Mark Andrews true if the pattern is a file with execution permissions.
aa49af836ce7a7a2888f5cedf4cbb14ff4dc1d11Mark Andrews [André Malo]
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews *) mod_rewrite: Allow proxying and RewriteRules in directory context
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews for subrequests. PR 14648, 15114. [André Malo]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) mod_rewrite: Allow setting of any valid HTTP response code.
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User PR 25917. [André Malo]
789875a1bd6d50c00d3bd883cad17ead1d3c21cdMark Andrews *) mod_rewrite: Cookie creation now works locale independent.
789875a1bd6d50c00d3bd883cad17ead1d3c21cdMark Andrews [André Malo]
08a1e53c738c425390557196a2ba5039e5afd364Mark Andrews *) mod_ssl: Add support for distributed session cache using 'distcache'.
7e8129652903780873ba91f379f9ffca1f59773cMark Andrews [Geoff Thorpe <geoff geoffthorpe.net>]
7e8129652903780873ba91f379f9ffca1f59773cMark Andrews *) mod_dav: Disallow requests with an unescaped hash character in
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews the Request-URI. PR 21779. [Amit Athavale <amit_athavale lycos.com>]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews attaches a body to the 302 response and a wrong Content-Length header.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews PR: 22951 [Ermanno Scaglione scaglione ..at.. starnetone.de]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Bring ErrorHeader concept forward from 1.3, so that response
f6ba5791728d244650c1887d8dd8ed771fd50a1dMark Andrews header fields can be set for return even on errors or external
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User redirects. [Ken Coar]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) Fix <Limit> and <LimitExcept> parsing to require a closing '>'
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt in the initial container. PR 25414.
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt [Geoffrey Young <geoff apache.org>]
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt *) Clean up httpd -V output: Instead of displaying the MPM source
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt directory, display the MPM name and some MPM properties.
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt [Geoffrey Young <geoff apache.org>]
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt *) mod_ssl/mod_status: Re-enable support for output of SSL session
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt cache information in server-status page. [Joe Orton]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) mod_ssl: Remove the shmht session cache, shmcb should be used
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt instead. [Joe Orton]
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt *) mod_logio: Account for some bytes handed to the network layer prior to
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User dropped connections. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_autoindex: new directive IndexStyleSheet
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Tyler Riddle <triddle_1999 yahoo.com>, Paul Querna <chip force-elite.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix uninitialized gprof directory name in prefork MPM. PR 24450.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Chris Knight <Christopher.D.Knight nasa.gov>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Log an error when requests for URIs which fail to map to a valid
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater filesystem name are rejected with 403. [Jeff Trawick]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) Switch to APR 1.0 API.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Major overhaul of mod_include's filter parser. The new parser code
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews is expected to be more robust and should catch all of the edge cases
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews that were not handled by the previous one. This includes a binary
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews incompatible change of mod_include's external API. [André Malo]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) mod_rewrite: Allow forced mimetypes [T=...] to get expanded.
ff62ab3c2e6274f19190ded15548c723d38bbbe3Automatic Updater PR 14223. [André Malo]
e20309353e6246485c521278131d3fced73d7957Tinderbox User *) mod_rewrite: Fix LA-U and LA-F lookups in directory context. Previously
e20309353e6246485c521278131d3fced73d7957Tinderbox User the current rewrite state was just used as lookup path, which lead to
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User strange and often useless results. Related to PR 8493. [André Malo]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Change Listen directive to bind to all addresses when a hostname is
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User not specified. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Correct failure with Listen directives on machines with IPv6 enabled.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Colm MacCárthaigh <colm stdlib.net>, Justin Erenkrantz]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews *) Fix a link failure in mod_ssl when the OpenSSL libraries contain
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews the ENGINE functions but the engine header files are missing.
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews [Cliff Woolley]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews *) mod_rewrite: RewriteRules in server context using the force
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews type feature [T=...] no longer disable MultiViews. [André Malo]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews *) mod_rewrite: Allow piped rewrite logs to be relative to ServerRoot.
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews [André Malo]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews *) mod_authz_groupfile: Strip trailing spaces of group names. This
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews hopefully saves some hours of searching for typos. PR 12863.
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews [André Malo]
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews *) mod_actions: Propagate the handler name to the action script via
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews the REDIRECT_HANDLER environment variable. [André Malo]
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews *) mod_actions: Introduce the "virtual" modifier to the Action directive,
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews which allows the use of handlers for virtual locations. PR 8431.
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_speling: Recognize AcceptPathInfo setting for the particular
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt location. Default is to reject path information. PR 21059.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_ext_filter: Add the ability to filter request bodies.
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User [Philipp Reisner <philipp.reisner linbit.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Fix some broken log messages in WinNT MPM.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) prefork MPM: Use the right permissions for the directory created
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater for gprof support. [Jim Carlson <jcarlson jnous.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix a compile failure with recent OpenSSL and picky compilers
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater (e.g., OpenSSL 0.9.7a and xlc_r on AIX). [Jeff Trawick]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User the INCLUDE path to be defined properly.
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User PR 11310. [Geoff Thorpe <geoff geoffthorpe.net>]
7f814b8b164ae04916a8487cdc5e88ee3ff51a58Automatic Updater *) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
3040b455151b1e1173193933664b2891b6159f24Mark Andrews autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
88d58d79c5bc7ce3c20a42461a5070116c736836Automatic Updater [Geoff Thorpe <geoff geoffthorpe.net>]
7f814b8b164ae04916a8487cdc5e88ee3ff51a58Automatic Updater *) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Ian Holsman, André Malo]
48b36fa08b2b5bc0d552dc2a4425b3f7007b3d59Automatic Updater *) mod_negotiation: quality values are now parsed independent from
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the current locale. level values are now really parsed as integers.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 17564. [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Extend mod_negotiation to evaluate the environment variables
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater no-gzip and gzip-only-text/html the same way as mod_deflate does.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite: Fix some problems reporting errors with mapping
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User programs (RewriteMap prg:/something). [Jeff Trawick]
48b36fa08b2b5bc0d552dc2a4425b3f7007b3d59Automatic Updater *) Return 413 if chunk-ext-header is too long rather than reading from
9fa39c73fc1d8bc44fdbbb79a1d26b837e7dd555Mark Andrews the truncated line. PR 15857. [Justin Erenkrantz]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Allow restart of httpd to occur even with syntax errors in the config
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt file. PR 16813. [Justin Erenkrantz]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure. PR 15679.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Justin Erenkrantz]
1959fd489a8832e4e3d311670f64ae18e5d08156Automatic Updater *) Remove files on 'make distclean' that should be. PR 15592.
1959fd489a8832e4e3d311670f64ae18e5d08156Automatic Updater [Justin Erenkrantz]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Allow apachectl to perform status with links and elinks as well.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) mod_log_config change optional hook to return previous handler
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User [Ian Holsman]
8bc194b266a17f89e6c54469d4dfbb408070f39eMark Andrews *) Forward port of mod_actions' ability to handle arbitrary methods
8bc194b266a17f89e6c54469d4dfbb408070f39eMark Andrews with the Script directive. [André Malo]
8bc194b266a17f89e6c54469d4dfbb408070f39eMark Andrews *) Let suexec send a message to stderr, if it failed or its policy
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews was violated. This message appears in the error log and allows
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User for easier debugging. PR 5381, 7638, 8255, 10773. [André Malo]
7addb3e8b5cf6e0c4df0e3cb8135aa71269f0261Tinderbox User *) Modify buildconf to copy all required files into httpd's tree.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Thom May <thom planetarytramp.net>]
f751b1576ee6fef4023bf7101d10167e4fe520f3Tinderbox User *) Allow mod_dav to do weak entity comparison functions.
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater [Justin Erenkrantz]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Move RFC 1413 ident requests from core to new module mod_ident.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [André Malo]
90b25b84f037ec923efaee84d2c0dc599293d04eTinderbox User *) Add mod_authz_owner - a forward port of "Require file-owner"
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews and "Require file-group", which was already present in version
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews 1.3.21. [André Malo]
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews *) Add mod_dav_lock - a generic subset of the DAV locking implementation.
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews [Justin Erenkrantz]
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews *) Replace some of the mutex locking in the worker MPM with
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark Andrews atomic operations for higher concurrency. [Brian Pane]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Allow 'make depend' to work with non-GCC compilers.
e5bf83fe0bbca838a0749e9071bd76d9ee0fb59bFrancis Dupont [Justin Erenkrantz]
e5bf83fe0bbca838a0749e9071bd76d9ee0fb59bFrancis Dupont *) If an httpd.conf has commented out AddModule directives,
4dca64bb8991502db368028aeeba2f832d3b971dAutomatic Updater apxs -i -a will add an un-commented AddModule directive for
e5bf83fe0bbca838a0749e9071bd76d9ee0fb59bFrancis Dupont the new module, which breaks the config.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User PR: 11212 [Joe Orton]
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater *) Fix mod_proxy handling of filtered input bodies. [Justin Erenkrantz]
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater *) Move the check of the Expect request header field after the hook
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater for ap_post_read_request, since that is the only opportunity for
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater modules to handle Expect extensions. [Justin Erenkrantz]
7169f76a893666eb20fc7750782e7f411db742d6Tinderbox User *) Rewrite of aaa modules to an authn/authz model.
7169f76a893666eb20fc7750782e7f411db742d6Tinderbox User [Dirk-Willem van Gulik, Justin Erenkrantz]
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater [Apache 2.1.0-dev includes those bug fixes and changes with the
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater Apache 2.0.xx tree as documented, and except as noted, below.]
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic UpdaterChanges with Apache 2.0.56
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater *) Chunk filter: Fix chunk filter to create correct chunks in the case that
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater a flush bucket is surrounded by data buckets. [Ruediger Pluem]
2ba8f584b97cbab864570e38fd26b8cb90961428Tinderbox User *) mod_cgi(d): Remove block on OPTIONS method so that scripts can
2ba8f584b97cbab864570e38fd26b8cb90961428Tinderbox User respond to OPTIONS directly rather than via server default.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt [Roy Fielding] PR 15242
2ba8f584b97cbab864570e38fd26b8cb90961428Tinderbox UserChanges with Apache 2.0.55
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) SECURITY: CVE-2005-2088 (cve.mitre.org)
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User proxy: Correctly handle the Transfer-Encoding and Content-Length
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater headers. Discard the request Content-Length whenever T-E: chunked
e20309353e6246485c521278131d3fced73d7957Tinderbox User is used, always passing one of either C-L or T-E: chunked whenever
3040b455151b1e1173193933664b2891b6159f24Mark Andrews the request includes a request body. Resolves an entire class of
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater proxy HTTP Request Splitting/Spoofing attacks. [William Rowe]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) Added TraceEnable [on|off|extended] per-server directive to alter
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater the behavior of the TRACE method. This addresses a flaw in proxy
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater conformance to RFC 2616 - previously the proxy server would accept
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater a TRACE request body although the RFC prohibited it. The default
50fa300826799727204b93cbe63bebc341c5eadeTinderbox User remains 'TraceEnable on'. [William Rowe]
da82e232161d67b77df2d67898bdac693f647be1Automatic Updater *) Add ap_log_cerror() for logging messages associated with particular
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater client connections. [Jeff Trawick]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Correct mod_cgid's argv[0] so that the full path can be delved by the
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater invoked cgi application, to conform to the behavior of mod_cgi.
c53a6f37deaa396660adb6a4ca600c4a58adfd3fAutomatic Updater [Pradeep Kumar S <pradeep.smani gmail.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_include: Fix possible environment variable corruption when
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater using nested includes. PR 12655. [Joe Orton]
19ad308d84cbf446a144e5a91f2032389a9d65c1Tinderbox User *) Support the suppress-error-charset setting, as with Apache 1.3.x.
b3386fba31414344f38f0c30849c056dceb22dceTinderbox User PR 31274. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) EBCDIC: Handle chunked input from client or, with proxy, origin
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater server. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix bad globbing comparison which could result in getting
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater a directory listing when a file was requested. PR 34512.
af9cf290cea6ada6ce27b51c724ab77ad5d73fa0Tinderbox User [sean <infamous41md hotmail.com>]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
6671e343b8c7e44ac10a7900fde59555fbc71571Automatic Updater was called even if mod_auth_ldap_check_user_id() was not
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater (or if it didn't succeed) for non-authoritative cases.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater [Jim Jagielski]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) SECURITY: CVE-2005-2728 (cve.mitre.org)
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater Fix cases where the byterange filter would buffer responses
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater into memory. PR 29962. [Joe Orton]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) mod_proxy: Fix over-eager handling of '%' for reverse proxies.
99c231a3bd27893583204cd0a3e3103dc78dbc28Tinderbox User PR 15207. [Jim Jagielski]
4104e236f71eb5108fcfda6711878a97f6f4a8e7Automatic Updater *) mod_ldap: Fix various shared memory cache handling bugs.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater PR 34209. [Joe Orton]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) Fix a file descriptor leak when starting piped loggers. PR 33748.
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews *) mod_ldap: Avoid segfaults when opening connections if using a version
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews of OpenLDAP older than 2.2.21. PR 34618. [Brad Nicholes]
8e9f3b69914ee02a80b87c97b1f8093edb3e9ae0Automatic Updater *) mod_ssl: Fix build with OpenSSL 0.9.8. PR 35757. [William Rowe]
664917bedafa65dee4349c84324a31731aa1e228Francis Dupont *) SECURITY: CVE-2005-2088 (cve.mitre.org)
c53a6f37deaa396660adb6a4ca600c4a58adfd3fAutomatic Updater core: If a request contains both Transfer-Encoding and Content-Length
af9cf290cea6ada6ce27b51c724ab77ad5d73fa0Tinderbox User headers, remove the Content-Length, mitigating some HTTP Request
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User Splitting/Spoofing attacks. [Paul Querna, Joe Orton]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) proxy HTTP: If a response contains both Transfer-Encoding and a
50fa300826799727204b93cbe63bebc341c5eadeTinderbox User Content-Length, remove the Content-Length and don't reuse the
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater connection, mitigating some HTTP Response Splitting attacks.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
e20309353e6246485c521278131d3fced73d7957Tinderbox User *) Prevent hangs of child processes when writing to piped loggers at
e20309353e6246485c521278131d3fced73d7957Tinderbox User the time of graceful restart. PR 26467. [Jeff Trawick]
e628576d3b3d91c8954679077f4c208f1e43b433Automatic Updater *) SECURITY: CVE-2005-1268 (cve.mitre.org)
f8a9a38ee40c139a8d145ac76ecbff3a0f986453Mark Andrews mod_ssl: Fix off-by-one overflow whilst printing CRL information
e628576d3b3d91c8954679077f4c208f1e43b433Automatic Updater at "LogLevel debug" which could be triggered if configured
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews to use a "malicious" CRL. PR 35081. [Marc Stern <mstern csc.com>]
9d80d23172c30fd63e5046a7e69b8445e564ff31Automatic Updater *) mod_userdir: Fix possible memory corruption issue. PR 34588.
1f4c645185bd8fc70048e0a69eee46193a284e5cTinderbox User [David Leonard <dleonard vintela.com>]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) worker mpm: don't take down the whole server for a transient
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews thread creation failure. PR 34514 [Greg Ames]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) mod_rewrite: use buffered I/O to improve performance with large
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews RewriteMap txt: files. [Greg Ames]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) proxy HTTP: Rework the handling of request bodies to handle
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews chunked input and input filters which modify content length, and
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews avoid spooling arbitrary-sized request bodies in memory.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews PR 15859. [Jeff Trawick]
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsChanges with Apache 2.0.54
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) mod_cache: Add CacheIgnoreHeaders directive. PR 30399.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) mod_ldap: Added the directive LDAPConnectionTimeout to configure
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews the ldap socket connection timeout value.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews [Brad Nicholes]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Correctly export all mod_dav public functions.
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User [Branko Čibej <brane xbc.nu>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Add a build script to create a solaris package. [Graham Leggett]
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User *) worker MPM: Fix a problem which could cause httpd processes to
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User remain active after shutdown. [Jeff Trawick]
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User *) Unix MPMs: Shut down the server more quickly when child processes are
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User slow to exit. [Joe Orton, Jeff Trawick]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Remove formatting characters from ap_log_error() calls. These
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User were escaped as fallout from CVE-2003-0020.
3a988722ad9e209ba4064604d482dc4efe0e19ebTinderbox User [Eric Covener <ecovener gmail.com>]
3349f0044fda807e1fd6681c833d3593a22dad86Tinderbox User *) mod_ssl: If SSLUsername is used, set r->user earlier. PR 31418.
3349f0044fda807e1fd6681c833d3593a22dad86Tinderbox User *) htdigest: Fix permissions of created files. PR 33765. [Joe Orton]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) core_input_filter: Move buckets to a persistent brigade instead of
e80c7005e3d59dfeb04dad186d36f3c15622954cTinderbox User creating a new brigade. This stop a memory leak when proxying a
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews Streaming Media Server. PR 33382. [Paul Querna]
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews hiccups from additional path information passed in non-utf-8 format.
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews [Richard Donkin <rd9 donkin.org]
08190bd4d89153cee463b34f9233ad6dd88965fcMark AndrewsChanges with Apache 2.0.53
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User *) Fix --with-apr=/usr and/or --with-apr-util=/usr. PR 29740.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Max Bowsher <maxb ukf.net>]
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews *) mod_proxy: Fix ProxyRemoteMatch directive. PR 33170.
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews [Rici Lake <rici ricilake.net>]
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews *) mod_proxy: Respect errors reported by pre_connection hooks.
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews [Jeff Trawick]
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews *) --with-module can now take more than one module to be statically
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews If the <modtype>-subdirectory doesn't exist it will be created and
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews populated with a standard Makefile.in. [Erik Abele]
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews *) Fix the RPM spec file so that an RPM build now works. An RPM
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews build now requires system installations of APR and APR-util.
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews Remove some arbitrary moving around of binaries - the RPM now
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User maps to the ASF build of httpd.
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User [Graham Leggett]
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater *) mod_dumpio, an I/O logging/dumping module, added to the
3040b455151b1e1173193933664b2891b6159f24Mark Andrews modules/expermimental subdirectory. [Jim Jagielski]
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews library handles special characters. PR 24437. [Jess Holle]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Win32 MPM: Correct typo in debugging output. [William Rowe]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) conf: Remove AddDefaultCharset from the default configuration because
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User setting a site-wide default does more harm than good. PR 23421.
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User [Roy Fielding]
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater *) Add charset to example CGI scripts. [Roy Fielding]
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater *) mod_ssl: fail quickly if SSL connection is aborted rather than
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater making many doomed ap_pass_brigade calls. PR 32699. [Joe Orton]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Remove compiled-in upper limit on LimitRequestFieldSize.
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater [Bill Stoddard]
6025cbbe8408f4b09d53d5ec1e95cb6da97e0a8dTinderbox User *) Start keeping track of time-taken-to-process-request again for
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews mod_status if ExtendedStatus is enabled. [Jim Jagielski]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) mod_proxy: Handle client-aborted connections correctly. PR 32443.
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews [Janne Hietamäki, Joe Orton]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Fix handling of files >2Gb on all platforms (or builds) where
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User apr_off_t is larger than apr_size_t. PR 28898. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_include: Fix bug which could truncate variable expansions
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater of N*64 characters by one byte. PR 32985. [Joe Orton]
166c467a9414778bdd0f2a1e4a32220843c0fde3Tinderbox User *) Correct handling of certain bucket types in ap_save_brigade, fixing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater possible segfaults in mod_cgi with #include virtual. PR 31247.
166c467a9414778bdd0f2a1e4a32220843c0fde3Tinderbox User *) Allow for the use of --with-module=foo:bar where the ./modules/foo
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater directory is local only. Assumes, of course, that the required
e007e3e5b0316c6c05698a71101885743aca22bdAutomatic Updater files are in ./modules/foo, but makes it easier to statically
e007e3e5b0316c6c05698a71101885743aca22bdAutomatic Updater build/log "external" modules. [Jim Jagielski]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews ldap authorization only modules have access to the util_ldap
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews user cache without having to require ldap authentication as well.
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User PR 31898. [Jari Ahonen jah progress.com, Brad Nicholes]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_auth_ldap: Added the directive "Requires ldap-attribute" that
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews allows the module to only authorize a user if the attribute value
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews specified matches the value of the user object. PR 31913
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Ryan Morgan <rmorgan pobox.com>]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) SECURITY: CVE-2004-0942 (cve.mitre.org)
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews Fix for memory consumption DoS in handling of MIME folded request
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews headers. [Joe Orton]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) SECURITY: CVE-2004-0885 (cve.mitre.org)
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews bypassed during an SSL renegotiation. PR 31505.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_ssl: Fail at startup rather than segfault at runtime if a
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews client cert is configured with an encrypted private key.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews PR 24030. [Joe Orton]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) apxs: fix handling of -Wc/-Wl and "-o mod_foo.so". PR 31448
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Jeff Trawick]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_cache: CacheDisable will only disable the URLs it was meant to
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews disable, not all caching. PR 31128.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Edward Rudd <eddie omegaware.com>, Paul Querna]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews cache responses. [Justin Erenkrantz]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_rewrite: Handle per-location rules when r->filename is unset.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews Previously this would segfault or simply not match as expected,
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews depending on the platform. [Jeff Trawick]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) mod_rewrite: Fix 0 bytes write into random memory position.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews PR 31036. [André Malo]
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User *) mod_disk_cache: Do not store aborted content. PR 21492.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_disk_cache: Correctly store cached content type. PR 30278.
bbf7c3fd96ae5e02cb84743c581862e35327032aAutomatic Updater *) mod_ldap: prevent the possiblity of an infinite loop in the LDAP
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater statistics display. PR 29216. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ldap: fix a bogus error message to tell the user which file
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User is causing a potential problem with the LDAP shared memory cache.
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User PR 31431 [Graham Leggett]
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews *) SECURITY: CVE-2004-1834 (cve.mitre.org)
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz]
95cfad51a3f71246d263af79a7861a6821f7a0beAutomatic Updater *) Fix the re-linking issue when purging elements from the LDAP cache
95cfad51a3f71246d263af79a7861a6821f7a0beAutomatic Updater PR 24801. [Jess Holle <jessh ptc.com>]
95cfad51a3f71246d263af79a7861a6821f7a0beAutomatic Updater *) mod_disk_cache: Fix races in saving responses. [Justin Erenkrantz]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Fix Expires handling in mod_cache. [Justin Erenkrantz]
e135e3c4b1f4f986f00997f5ad5866effb203139Tinderbox User *) Alter mod_expires to run at a different filter priority to allow
0e91f17da8a29086876a88962e0a3482094b6057Evan Hunt proper Expires storage by mod_cache. [Justin Erenkrantz]
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic UpdaterChanges with Apache 2.0.52
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
6fd5f289d8455283fad33d1051e6fbaa3bec43d5Tinderbox User *) Fix the global mutex crash when the global mutex is never allocated
08d53af7d51409036462fa80fb1bde7a8c2ac123Automatic Updater due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater *) Fix a segfault in the LDAP cache when it is configured switched
ec7751119a08c6a7250f3187beed69a8b836d349Tinderbox User off. [Jess Holle <jessh ptc.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) SECURITY: CVE-2004-0811 (cve.mitre.org)
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater Fix merging of the Satisfy directive, which was applied to
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater the surrounding context and could allow access despite configured
07d9d0dbcc0c79deb3c34f4a8af05ac68a6800e4Mark Andrews authentication. PR 31315. [Rici Lake <rici ricilake.net>]
a66012b52c20200f118781463db4e4ee44454298Automatic Updater *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt is enabled. Previously, such urls would still be rejected.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Jeff Trawick, Bill Stoddard]
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater *) mod_mem_cache: Fixed race condition causing segfault because of memory being
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User freed twice, or reused after being freed.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [J. Clar, W. Stoddard, G. Ames]
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User *) Add -l option to rotatelogs to let it use local time rather than
2fd1e3918971180155c10d09454a277f015daecaAutomatic Updater UTC. PR 24417. [Ken Coar, Uli Zappe <uli ritual.org>]
2fd1e3918971180155c10d09454a277f015daecaAutomatic Updater *) mod_log_config: Fix a bug which prevented request completion time
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
2fd1e3918971180155c10d09454a277f015daecaAutomatic Updater processing. PR 29696. [Alois Treindl <alois astro.ch>]
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox UserChanges with Apache 2.0.51
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) SECURITY: CVE-2004-0786 (cve.mitre.org)
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User Fix an input validation issue in apr-util which could be
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User triggered by malformed IPv6 literal addresses. [Joe Orton]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) SECURITY: CVE-2004-0747 (cve.mitre.org)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Fix buffer overflow in expansion of environment variables in
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington configuration file parsing. [André Malo]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) SECURITY: CVE-2004-0809 (cve.mitre.org)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_dav_fs: Fix a segfault in the handling of an indirect lock
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater refresh. PR 31183. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_include no longer checks for recursion, because that's done
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User in the core. This allows for careful usage of recursive SSI.
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Fix memory leak in the cache handling of mod_rewrite. PR 27862.
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User [chunyan sheng <shengperson yahoo.com>, André Malo]
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater *) Include directives no longer refuse to process symlinks on
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User directories. Instead there's now a maximum nesting level
6a9d2121152c94cb9e35832126c3f2e4d18d81edTinderbox User of included directories (128 as distributed). This is configurable
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch.
85b52a5959291f5014442814488ccb267cdea369Tinderbox User PR 28492. [André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Win32: apache -k start|restart|install|config can leave stranded
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews piped logger processes (eg, rotatelogs.exe) due to improper
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater server shutdown on these code paths.
e062b72f783cdb436a1a57a630bdff471dbb3038Mark Andrews [Bill Stoddard]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) SECURITY: CVE-2004-0751 (cve.mitre.org)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_ssl: Fix a segfault in the SSL input filter which could be
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater triggered if using "speculative" mode, for instance by a
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater proxy request to an SSL server. PR 30134. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_rewrite: Add %{SSL:...} and %{HTTPS} variable lookups.
85b52a5959291f5014442814488ccb267cdea369Tinderbox User PR 30464. [Joe Orton, Madhusudan Mathihalli]
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews *) mod_ssl: Add new 'ssl_is_https' optional function. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Prevent CGI script output which includes a Content-Range header
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater from being passed through the byterange filter. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Satisfy directives now can be influenced by a surrounding <Limit>
2cdbfcdad94eba75f3f8e77343a0eefabf553b8eAutomatic Updater container. PR 14726. [André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_rewrite now officially supports RewriteRules in <Proxy> sections.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews PR 27985. [André Malo]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_disk_cache: Implement binary format for on-disk header files.
52cfbde0bd391cfb37e3c1a1b460c16ba6bf1a73Automatic Updater [Brian Akins <bakins web.turner.com>, Justin Erenkrantz]
5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox User *) mod_disk_cache: Optimize network performance of disk cache subsystem by
24e0e8d17df315d5d494ca933874e545eadce773Automatic Updater allowing zero-copy (sendfile) writes and other miscellaneous fixes.
52cfbde0bd391cfb37e3c1a1b460c16ba6bf1a73Automatic Updater [Justin Erenkrantz]
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt *) mod_cache, mod_disk_cache, mod_mem_cache: Refactor cache modules, and
3040b455151b1e1173193933664b2891b6159f24Mark Andrews switch to the provider API instead of hooks. [Justin Erenkrantz]
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater *) mod_autoindex: Don't truncate the directory listing if a stat()
3040b455151b1e1173193933664b2891b6159f24Mark Andrews call fails (for instance on a >2Gb file). PR 17357.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Makefile fix: httpd is linked against LIBS given to the
3040b455151b1e1173193933664b2891b6159f24Mark Andrews 'make' invocation. PR 7882. [Joe Orton]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) WinNT MPM: Fix a broken log message at termination. PR 28063.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eider Oliveira <eider bol.com.br>]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) Prevent Win32 pool corruption at startup [Allan Edwards]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
0c7657e9302e7f9a8fe4f32fe561dc7e7e7ee6b5Automatic Updater chosen SSL environment variable. PR 20957.
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater [Martin v. Loewis <martin v.loewis.de>]
dcff0bfce2963a14e5af5774fd8901a42f18c720Tinderbox User *) suexec: Pass the SERVER_SIGNATURE envvar through to CGIs.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Zvi Har'El <rl math.technion.ac.il>]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) apachectl: Fix a problem finding envvars if sbindir != bindir.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews PR 30723. [Friedrich Haubensak <hsk imb-jena.de>]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) SECURITY: CVE-2004-0748 (cve.mitre.org)
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton]
cd839f5cf5f84cf163f55ff05cb88ce37efd24d1Automatic Updater *) mod_ssl: Avoid startup failure after unclean shutdown if using shmcb.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews PR 18989. [Joe Orton]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_userdir: Ensure that the userdir identity is used for
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt suexec userdir access in a virtual host which has suexec configured.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews PR 18156. [Joshua Slive]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_rewrite no longer confuses the RewriteMap caches if
d642d3857129678797a01adee14fbd70335b05a9Mark Andrews different maps defined in different virtual hosts use the
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews same map name. PR 26462. [André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_setenvif: Remove "support" for Remote_User variable which
3040b455151b1e1173193933664b2891b6159f24Mark Andrews never worked at all. PR 25725. [André Malo]
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater *) Backport from 2.1 / Regression from 1.3: mod_headers now knows
3040b455151b1e1173193933664b2891b6159f24Mark Andrews again the functionality of the ErrorHeader directive. But instead
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater using this misnomer additional flags to the Header directive were
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater introduced ("always" and "onsuccess", defaulting to the latter).
f9119ad8f6114b2255e7545bf5cd187f4db0a89bAutomatic Updater PR 28657. [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Use the higher performing 'httpready' Accept Filter on all platforms
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater except FreeBSD < 4.1.1. [Paul Querna]
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater *) mod_usertrack: Escape the cookie name before pasting into the
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater regexp. [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Extend the SetEnvIf directive to capture subexpressions of the
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User matched value. [André Malo]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Recursive Include directives no longer crash. The server stops
45c349c278fd83acd4dcb91eec3482401a623e47Automatic Updater including configuration files after a certain nesting level (128
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews as distributed). This is configurable at compile time using the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews -DAP_MAX_INCLUDE_DEPTH switch. PR 28370. [André Malo]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_dir: the trailing-slash behaviour is now configurable using the
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrews DirectorySlash directive. [André Malo]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Allow proxying of resources that are invoked via DirectoryIndex.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews PR 14648, 15112, 29961. [André Malo]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) util_ldap: Switched the lock types on the shared memory cache
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews from thread reader/writer locks to global mutexes in order to
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews provide cross process cache protection. [Brad Nicholes]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) util_ldap: Reworked the cache locking scheme to eliminate duplicate
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater cache entries in the credentials cache due to race conditions.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater [Brad Nicholes]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater *) util_ldap: Enhanced the util_ldap cache-info display to show more
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater detail about the contents and current state of the cache.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater [Brad Nicholes]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater *) Enable the option to support anonymous shared memory in mod_ldap.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater This makes the cache work on Linux again. [Graham Leggett]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater *) Enable special ErrorDocument value 'default' which restores the
3040b455151b1e1173193933664b2891b6159f24Mark Andrews canned server response for the scope of the directive.
560d6da48f066000541dd43f5d407644dee12bebTinderbox User [Geoffrey Young, André Malo]
9bc394fffdd50f6e47614b2d317da7274122366fTinderbox User *) work around MSIE Digest auth bug - if AuthDigestEnableQueryStringHack
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt is set in r->subprocess_env allow mismatched query strings to pass.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews PR 27758. [Paul Querna, Geoffrey Young]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Accept URLs for the ServerAdmin directive. If the supplied
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User argument is not recognized as an URL, assume it's a mail address.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 28174. [André Malo, Paul Querna]
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater *) initialize server arrays prior to calling ap_setup_prelinked_modules
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater so that static modules can push Defines values when registering
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater hooks just like DSO modules can ["Philippe M. Chiasson" <gozer cpan.org>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Small fix to allow reverse proxying to an ftp server. Previously
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater an attempt to do this would try and connect to 0.0.0.0, regardless
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater of the server specified. PR 24922
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Pascal Terjan <pterjan@linuxfr.org>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Add the NOTICE file to the rpm spec file in compliance with the
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User Apache v2.0 license. [Graham Leggett]
90b25b84f037ec923efaee84d2c0dc599293d04eTinderbox User *) RPM spec file changes: changed default dependancy to link to db4
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater instead of db3. Fixed complaints about unpackaged files.
e0bf4fc289705375be65c05a8fb085d514a98c97Tinderbox User [Graham Leggett]
f42fc714eda962112e45b904d1f846c61a080114Automatic UpdaterChanges with Apache 2.0.50
a6e1f63f50af688610ebd2521ba7f028767b51f3Mark Andrews *) SECURITY: CVE-2004-0493 (cve.mitre.org)
2cdbfcdad94eba75f3f8e77343a0eefabf553b8eAutomatic Updater Close a denial of service vulnerability identified by Georgi
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User Guninski which could lead to memory exhaustion with certain
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User input data. [Jeff Trawick]
f42fc714eda962112e45b904d1f846c61a080114Automatic Updater *) mod_cgi: Handle output on stderr during script execution on Unix
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User platforms; preventing deadlock when stderr output fills pipe buffer.
2cdbfcdad94eba75f3f8e77343a0eefabf553b8eAutomatic Updater Also fixes case where stderr from nph- scripts could be lost.
e0bf4fc289705375be65c05a8fb085d514a98c97Tinderbox User PR 22030, 18348. [Joe Orton, Jeff Trawick]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_alias now emits a warning if it detects overlapping *Alias*
f42fc714eda962112e45b904d1f846c61a080114Automatic Updater directives. [André Malo]
f42fc714eda962112e45b904d1f846c61a080114Automatic Updater *) mod_rewrite no longer turns forward proxy requests into reverse proxy
4d813066e967a36c407ee641155ada0c614d4dc6Automatic Updater requests. PR 28125 [ast domdv.de, André Malo]
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User exported on Win32 and Netware as well (minor MMN bump). PR 28523.
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater [Edward Rudd <eddie omegaware.com>, André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Restore the ability to disable the use of AcceptEx on Win9x systems
3040b455151b1e1173193933664b2891b6159f24Mark Andrews automatically (broken in 2.0.49). PR 28529. [André Malo]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) <VirtualHost myhost> now applies to all IP addresses for myhost
d98b4b724343547314bde32a54966c8f124a5f03Mark Andrews instead of just the first one reported by the resolver. This
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User corrects a regression since 1.3. [Jeff Trawick]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User against ServerRoot PR#26602 [Brad Nicholes]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) SECURITY: CVE-2004-0488 (cve.mitre.org)
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews (trusted) client certificate subject DN which exceeds 6K in length.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) mod_dav_fs: Fix MKCOL response for missing parent collections, which
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews caused issues for the Eclipse WebDAV extension.
e8e87ede5c36b95806c77bcd34894ad9c4b39a78Tinderbox User PR 29034. [Joe Orton]
e8e87ede5c36b95806c77bcd34894ad9c4b39a78Tinderbox User *) mod_deflate: Fix memory consumption (which was proportional to the
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews response size). PR 29318. [Joe Orton]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) mod_ssl: Log the errors returned on failure to load or initialize
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews a crypto accelerator engine. [Joe Orton]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Allow RequestHeader directives to be conditional. PR 27951.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [Vincent Deffontaines <vincent gryzor.com>, André Malo]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Allow LimitRequestBody to be reset to unlimited. PR 29106
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [André Malo]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Fix a bunch of cases where the return code of the regex compiler
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews was not checked properly. This affects: mod_setenvif, mod_usertrack,
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews small cache sizes. PR 27751. [Geoff Thorpe <geoff geoffthorpe.net>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Remove 2Gb log file size restriction on some 32-bit platforms.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews PR 13511. [Joe Orton]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) mod_logio no longer removes the EOS bucket. PR 27928.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [Bojan Smojver <bojan rexursive.com>]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) htpasswd no longer refuses to process files that contain empty
d98b4b724343547314bde32a54966c8f124a5f03Mark Andrews lines. [André Malo]
015f044f7f916eb18d053f2e5dcbee481425bc66Mark Andrews *) Regression from 1.3: At startup, suexec now will be checked for
e7d35dad55e8deae14f29aabfb20d540b4b6ab3dMark Andrews availability, the setuid bit and user root. The works only if
015f044f7f916eb18d053f2e5dcbee481425bc66Mark Andrews httpd is compiled with the shipped APR version (0.9.5).
e7d35dad55e8deae14f29aabfb20d540b4b6ab3dMark Andrews PR 28287. [André Malo]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Unix MPMs: Stop dropping connections when the file descriptor
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews is at least FD_SETSIZE. [Jeff Trawick]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Fix handling of IPv6 numeric strings in mod_proxy. [Jeff Trawick]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) mod_isapi: send_response_header() failed to copy status string's
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Fix a segfault when requests for shared memory fails and returns
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews NULL. Fix a segfault caused by a lack of bounds checking on the
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews cache. PR 24801. [Graham Leggett]
ec8755f605d7dcb2de1076040e77bc2d7ec33b4aTinderbox User *) Throw an error message if an attempt is made to use the LDAPTrustedCA
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews or LDAPTrustedCAType directives in a VirtualHost. PR 26390
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews [Brad Nicholes]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) Fix a potential segfault if the bind password in the LDAP cache
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews is NULL. PR 28250. [Jari Ahonen <jah progress.com>]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) Quotes cannot be used around require group and require dn
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews directives, update the documentation to reflect this. Also add
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews quotes around the dn and group within debug messages, to make it
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews more obvious why authentication is failing if quotes are used in
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews error. PR 19304. [Graham Leggett]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews from escaping filters twice when the backslash character is used.
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews PR 24437. [Jess Holle <jessh ptc.com>]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) Overhaul handling of LDAP error conditions, so that the util_ldap_*
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews functions leave the connections in a sane state after errors have
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews 27271 [Graham Leggett]
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews *) mod_ldap calls ldap_simple_bind_s() to validate the user
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews credentials. If the bind fails, the connection is left
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews in an unbound state. Make sure that the ldap connection
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews record is updated to show that the connection is no longer
bbd726b86a5b0f97a192b6027958dc7b763dc48bTinderbox User bound. [Brad Nicholes]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Ensure that lines in the request which are too long are
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater properly terminated before logging.
7a2a1b8b14fc804ac80612d7b98064095e445be5Automatic Updater [Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Update the bind credentials for the cached LDAP connection to
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews reflect the last bind. This prevents util_ldap from creating
3040b455151b1e1173193933664b2891b6159f24Mark Andrews unnecessary connections rather than reusing cached connections.
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews [Brad Nicholes]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) mod_isapi: GetServerVariable returned improperly terminated header
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews [Jesse Pelton <jsp pkc.com>]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews size. PR 20617. [Jesse Pelton <jsp pkc.com>]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) mod_dav: Fix a problem that could cause crashes when manipulating
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews locks on some platforms. [Jeff Trawick]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) mod_headers no longer crashes if an empty header value should
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews be added. [André Malo]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) Fix segfault in mod_expires, which occured under certain
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews circumstances. PR 28047. [André Malo]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) htpasswd: use apr_temp_dir_get() and general cleanup
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Guenter Knauf <eflash gmx.net>, Thom May]
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews *) mod_ssl: Fix memory leak in session cache handling. PR 26562
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Madhusudan Mathihalli]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_ssl: Fix potential segfaults when performing SSL shutdown from
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User a pool cleanup. PR 27945. [Joe Orton]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) Add forensic logging module (mod_log_forensic).
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews [Ben Laurie]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) logresolve: Allow size of log line buffer to be overridden at
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews build time (MAXLINE). PR 27793. [Jeff Trawick]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) Fix the comment delimiter in htdbm so that it correctly parses the
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews username comment. Also add a terminate function to allow NetWare
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater to pause the output before the screen is destroyed.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Guenter Knauf <eflash gmx.net>, Brad Nicholes]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix crash when Apache was started with no Listen directives.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Michael Corcoran <mcorcoran warpsolutions.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) core_output_filter: Fix bug that could result in sending
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater garbage over the network when module handlers construct
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater bucket brigades containing multiple file buckets all referencing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the same open file descriptor. [Bojan Smojver]
9a5217f827ac0e006016745e5305b31dc0c7767fTinderbox User *) Fix memory corruption problem with ap_custom_response() function.
9a5217f827ac0e006016745e5305b31dc0c7767fTinderbox User The core per-dir config would later point to request pool data
9a5217f827ac0e006016745e5305b31dc0c7767fTinderbox User that would be reused for different purposes on different requests.
9a5217f827ac0e006016745e5305b31dc0c7767fTinderbox User [Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Win32: Tweak worker thread accounting routines to eliminate
3040b455151b1e1173193933664b2891b6159f24Mark Andrews server hang when number of Listen directives in httpd.conf
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater is greater than or equal to the setting of ThreadsPerChild.
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater [Bill Stoddard]
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic UpdaterChanges with Apache 2.0.49
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater *) SECURITY: CVE-2004-0174 (cve.mitre.org)
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater Fix starvation issue on listening sockets where a short-lived
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater connection on a rarely-accessed listening socket will cause a
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater child to hold the accept mutex and block out new connections until
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater another connection arrives on that rarely-accessed listening socket.
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater With Apache 2.x there is no performance concern about enabling the
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater logic for platforms which don't need it, so it is enabled everywhere
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater except for Win32. [Jeff Trawick]
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater *) mod_cgid: Fix storage corruption caused by use of incorrect pool.
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater [Jeff Trawick]
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater *) Win32: find_read_listeners was not correctly handling multiple
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater listeners on the Win32DisableAcceptEx path. [Bill Stoddard]
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater *) Fix bug in mod_usertrack when no CookieName is set. PR 24483.
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater [Manni Wood <manniwood planet-save.com>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Fix some piped log problems: bogus "piped log program '(null)'
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater failed" messages during restart and problem with the logger
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater respawning again after Apache is stopped. PR 21648, PR 24805.
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater [Jeff Trawick]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Fixed file extensions for real media files and removed rpm extension
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater from mime.types. PR 26079. [Allan Sandfeld <kde carewolf.com>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Remove compile-time length limit on request strings. Length is
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews now enforced solely with the LimitRequestLine config directive.
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User [Paul J. Reder]
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User *) mod_ssl: Send the Close Alert message to the peer before closing
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User the SSL session. PR 27428. [Madhusudan Mathihalli, Joe Orton]
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User *) SECURITY: CVE-2004-0113 (cve.mitre.org)
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User PR 27106. [Joe Orton]
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User *) mod_ssl: Fix bug in passphrase handling which could cause spurious
3040b455151b1e1173193933664b2891b6159f24Mark Andrews failures in SSL functions later. PR 21160. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_log_config: Fix corruption of buffered logs with threaded
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User MPMs. PR 25520. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix mod_include's expression parser to recognize strings correctly
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater even if they start with an escaped token. [André Malo]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) Add fatal exception hook for use by diagnostic modules. The hook
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User is only available if the --enable-exception-hook configure parm
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User is used and the EnableExceptionHook directive has been set to
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User "on". [Jeff Trawick]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Allow mod_auth_digest to work with sub-requests with different
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington methods than the original request. PR 25040.
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews [Josh Dady <jpd indecisive.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) fix "Expected </Foo>> but saw </Foo>" errors in nested,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater argumentless containers.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater ["Philippe M. Chiasson" <gozer cpan.org>]
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater *) mod_auth_ldap: Fix some segfaults in the cache logic. PR 18756.
a5636b773fa05a272b6876afd99309c0b3090e2fMark Andrews [Matthieu Estrade <apache moresecurity.org>, Brad Nicholes]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) mod_cgid: Restart the cgid daemon if it crashes. PR 19849
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Glenn Nielsen <glenn apache.org>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) The whole codebase was relicensed and is now available under
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews the Apache License, Version 2.0 (http://www.apache.org/licenses).
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Apache Software Foundation]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Fixed cache-removal order in mod_mem_cache.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Jean-Jacques Clar, Cliff Woolley]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_setenvif: Fix the regex optimizer, which under circumstances
3040b455151b1e1173193933664b2891b6159f24Mark Andrews treated the supplied regex as literal string. PR 24219.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) ap_mpm.h: Fix include guard of ap_mpm.h to reference mpm
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User instead of mmn. [André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
3040b455151b1e1173193933664b2891b6159f24Mark Andrews could lead to a 400 (Bad Request) response. [André Malo]
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater *) Keep focus of ITERATE and ITERATE2 on the current module when
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater the module chooses to return DECLINE_CMD for the directive.
8f536463f9fdfa7da6a8310e4f4895373beb2961Mark Andrews PR 22299. [Geoffrey Young <geoff apache.org>]
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater *) Add support for IMT minor-type wildcards (e.g., text/*) to
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt ExpiresByType. PR#7991 [Ken Coar]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Fix segfault in mod_mem_cache cache_insert() due to cache size
c5f7f6aa6c51d35353a9485b32abbabfe8358b4eMark Andrews becoming negative. PR: 21285, 21287
dcd42a39d311b44877161ffd1e27fa62700c0171Mark Andrews [Bill Stoddard, Massimo Torquati, Jean-Jacques Clar]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core.c: If large file support is enabled, allow any file that is
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater greater than AP_MAX_SENDFILE to be split into multiple buckets.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater This allows Apache to send files that are greater than 2gig.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Otherwise we run into 32/64 bit type mismatches in the file size.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Brad Nicholes]
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User *) proxy_http fix: mod_proxy hangs when both KeepAlive and
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User ProxyErrorOverride are enabled, and a non-200 response without a
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater body is generated by the backend server. (e.g.: a client makes a
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User request containing the "If-Modified-Since" and "If-None-Match"
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User headers, to which the backend server respond with status 304.)
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Graham Wiseman <gwiseman fscinternet.com>, Richard Reiner]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) mod_dav: Reject requests which include an unescaped fragment in the
c5f7f6aa6c51d35353a9485b32abbabfe8358b4eMark Andrews Request-URI. PR 21779. [Amit Athavale <amit_athavale lycos.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Build array of allowed methods with proper dimensions, fixing
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User possible memory corruption. [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 15057. [Otmar Lendl <lendl nic.at>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
63654fea53d6a58a65112234bc8d0c322e0c81b5Automatic Updater *) mod_usertrack no longer inspects the Cookie2 header for
63654fea53d6a58a65112234bc8d0c322e0c81b5Automatic Updater the cookie name. PR 11475. [Chris Darrochi <chrisd pearsoncmg.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_usertrack no longer overwrites other cookies.
64d59a0480180940d855a3431ac5ff617b53e997Tinderbox User PR 26002. [Scott Moore <apache nopdesign.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) worker MPM: fix stack overlay bug that could cause the parent
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater process to crash. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Win32: Add Win32DisableAcceptEx directive. This Windows
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater NT/2000/CP directive is useful to work around bugs in some
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater third party layered service providers like virus scanners,
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater VPN and firewall products, that do not properly handle
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User WinSock 2 APIs. Use this directive if your server is issuing
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrews AcceptEx failed messages.
3040b455151b1e1173193933664b2891b6159f24Mark Andrews [Allan Edwards, Bill Rowe, Bill Stoddard, Jeff Trawick]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Make REMOTE_PORT variable available in mod_rewrite.
551271d8198ae06e37edf5da519d8ee153eeac0fTinderbox User PR 25772. [André Malo]
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrews *) Fix a long delay with CGI requests and keepalive connections on
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews AIX. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_autoindex: Add 'XHTML' option in order to allow switching between
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox User HTML 3.2 and XHTML 1.0 output. PR 23747. [André Malo]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add XHTML Document Type Definitions to httpd.h (minor MMN bump).
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews *) mod_ssl: Advertise SSL library version as determined at run-time rather
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews than at compile-time. PR 23956. [Eric Seidel <seidel apple.com>]
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews *) mod_ssl: Fix segfault on a non-SSL request if the 'c' log
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater format code is used. PR 22741. [Gary E. Miller <gem rellim.com>]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Fix build with parallel make. PR 24643. [Joe Orton]
80f05de86cd3cd8e4a4215c4501643891b942dafTinderbox User *) mod_rewrite: In external rewrite maps lookup keys containing
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User a newline now cause a lookup failure. PR 14453.
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews [Cedric Gavage <cedric.gavage unixtech.be>, André Malo]
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews *) Backport major overhaul of mod_include's filter parser from 2.1.
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews The new parser code is expected to be more robust and should
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User catch all of the edge cases that were not handled by the previous one.
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User The 2.1 external API changes were hidden by a wrapper which is
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User expected to keep the API backwards compatible. [André Malo]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) Add a hook (insert_error_filter) to allow filters to re-insert
3040b455151b1e1173193933664b2891b6159f24Mark Andrews themselves during processing of error responses. Enable mod_expires
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews to use the new hook to include Expires headers in valid error
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews responses. This addresses an RFC violation. It fixes PRs 19794,
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews 24884, and 25123. [Paul J. Reder]
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews *) Add Polish translation of error messages. PR 25101.
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews [Tomasz Kepczynski <tomek jot23.org>]
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt *) Add AP_MPMQ_MPM_STATE function code for ap_mpm_query. (Not yet
3040b455151b1e1173193933664b2891b6159f24Mark Andrews supported for BeOS or OS/2 MPMs.) [Jeff Trawick, Brad Nicholes,
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews Bill Stoddard]
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater *) Add mod_status hook to allow modules to add to the mod_status
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater report. [Joe Orton]
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater *) Fix htdbm to generate comment fields in DBM files correctly.
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater [Justin Erenkrantz]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) mod_dav: Use bucket brigades when reading PUT data. This avoids
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews problems if the data stream is modified by an input filter. PR 22104.
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater [Tim Robbins <tim robbins.dropbear.id.au>, André Malo]
551271d8198ae06e37edf5da519d8ee153eeac0fTinderbox User *) Fix RewriteBase directive to not add double slashes. [André Malo]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Improve 'configure --help' output for some modules. [Astrid Keßler]
183b6c7fca54001820078f324d102fc33e64bbc6Automatic Updater *) Correct UseCanonicalName Off to properly check incoming port number.
e130ab53e992670e2a2ecf043976ac09f21358d1Automatic Updater [Jim Jagielski]
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews *) Fix slow graceful restarts with prefork MPM. [Joe Orton]
551271d8198ae06e37edf5da519d8ee153eeac0fTinderbox User *) Fix a problem with namespace mappings being dropped in mod_dav_fs;
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User if any property values were set which defined namespaces these
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater came out mangled in the PROPFIND response. PR 11637.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Amit Athavale <amit_athavale persistent.co.in>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_dav: Return a WWW-auth header for MOVE/COPY requests where
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater the destination resource gives a 401. PR 15571. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) SECURITY: CVE-2003-0020 (cve.mitre.org)
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User Escape arbitrary data before writing into the errorlog. Unescaped
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User errorlogs are still possible using the compile time switch
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo]
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User *) mod_autoindex / core: Don't fail to show filenames containing
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User special characters like '%'. PR 13598. [André Malo]
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User *) mod_status: Report total CPU time accurately when using a threaded
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User MPM. PR 23795. [Jeff Trawick]
f46621af221784fd08339c6fe9509d9e48334561Tinderbox User *) Fix memory leak in handling of request bodies during reverse
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater proxy operations. PR 24991. [Larry Toppi <larry.toppi citrix.com>]
3040b455151b1e1173193933664b2891b6159f24Mark Andrews *) Win32 MPM: Implement MaxMemFree to enable setting an upper
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater limit on the amount of storage used by the bucket brigades
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater in each server thread. [Bill Stoddard]
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User *) Modified the cache code to be header-location agnostic. Also
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User fixed a number of other cache code bugs related to PR 15852.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Includes a patch submitted by Sushma Rai <rsushma novell.com>.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
3040b455151b1e1173193933664b2891b6159f24Mark Andrews closing the PR since that is what they are using. [Paul J. Reder]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) complain via error_log when mod_include's INCLUDES filter is
22d32791e5daa0bc80335a0f10ab2de95f41ccdbTinderbox User enabled, but the relevant Options flag allowing the filter to run
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews for the specific resource wasn't set, so that the filter won't
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews silently get skipped. next remove itself, so the warning will be
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews logged only once [Stas Bekman, Jeff Trawick, Bill Rowe]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_info: HTML escape configuration information so it displays
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews correctly. PR 24232. [Thom May]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Restore the ability to add a description for directories that
22d32791e5daa0bc80335a0f10ab2de95f41ccdbTinderbox User don't contain an index file. (Broken in 2.0.48) [André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Fix a problem with the display of empty variables ("SetEnv foo") in
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews mod_include. PR 24734 [Markus Julen <mj zermatt.net>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_log_config: Log the minutes component of the timezone correctly.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews PR 23642. [Hong-Gunn Chew <hgbug gunnet.org>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_proxy: Fix cases where an invalid status-line could be sent
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User to the client. PR 23998. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_ssl: Fix segfaults at startup if other modules which use OpenSSL
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater are also loaded. [Joe Orton]
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater *) mod_ssl: Use human-readable OpenSSL error strings in logs; use
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User thread-safe interface for retrieving error strings. [Joe Orton]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_expires: Initialize ExpiresDefault to NULL instead of "" to
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User avoid reporting an Internal Server error if it is used without
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User having been set in the httpd.conf file. PR: 23748, 24459
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater [André Malo, Liam Quinn <liam htmlhelp.com>]
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater *) mod_autoindex: Don't omit the <tr> start tag if the SuppressIcon
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User option is set. PR 21668. [Jesse Tie-Ten-Quee <highos highos.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_include no longer allows an ETag header on 304 responses.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User PR 19355. [Geoffrey Young <geoff apache.org>, André Malo]
de73ef7ecdb9e009155993a6fa8dee5cd1bde319Mark Andrews *) EBCDIC: Convert header fields to ASCII before sending (broken
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updater since 2.0.44). [Martin Kraemer]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Fix the inability to log errors like exec failure in
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User mod_ext_filter/mod_cgi script children. This was broken after
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User such children stopped inheriting the error log handle.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Jeff Trawick]
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updater *) Fix mod_info to use the real config file name, not the default
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updater config file name. [Aryeh Katz <aryeh secured-services.com>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Set the scoreboard state to indicate logging prior to running
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User logging hooks so that server-status will show 'L' for hung loggers
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User instead of 'W'. [Jeff Trawick]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserChanges with Apache 2.0.48
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) SECURITY: CVE-2003-0789 (cve.mitre.org)
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User mod_cgid: Resolve some mishandling of the AF_UNIX socket used to
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updater communicate with the cgid daemon and the CGI script.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) SECURITY: CVE-2003-0542 (cve.mitre.org)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews Fix buffer overflows in mod_alias and mod_rewrite which occurred
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews if one configured a regular expression with more than 9 captures.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_include: fix segfault which occured if the filename was not
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews set, for example, when processing some error conditions.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews PR 23836. [Brian Akins <bakins web.turner.com>, André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) fix the config parser to support <Foo>..</Foo> containers (no
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews arguments in the opening tag) supported by httpd 1.3. Without
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews this change mod_perl 2.0's <Perl> sections are broken.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews ["Philippe M. Chiasson" <gozer cpan.org>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_cgid: fix a hash table corruption problem which could
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews result in the wrong script being cleaned up at the end of a
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews request. [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Update httpd-*.conf to be clearer in describing the connection
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews between AddType and AddEncoding for defining the meaning of
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews compressed file extensions. [Roy Fielding]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_rewrite: Don't die silently when failing to open RewriteLogs.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews PR 23416. [André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews rewritten request using "proxy:". The code was adding multiple "proxy:"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews fields in the rewritten URI. PR: 13946.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Eider Oliveira <eider bol.com.br>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews expires as directed in RFC 2616. [Thomas Castelle <tcastelle generali.fr>]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Ensure that ssl-std.conf is generated at configure time, and switch
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews to using the expanded config variables to work the same as
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_autoindex: If a directory contains a file listed in the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington DirectoryIndex directive, the folder icon is no longer replaced
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington by the icon of that file. PR 9587.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [David Shane Holden <dpejesh yahoo.com>]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fixed mod_usertrack to not get false positive matches on the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews user-tracking cookie's name. PR 16661.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Manni Wood <manniwood planet-save.com>]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) mod_cache: Fix the cache code so that responses can be cached
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews if they have an Expires header but no Etag or Last-Modified
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews headers. PR 23130.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_log_config: Fix %b log format to write really "-" when 0 bytes
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews were sent (e.g. with 304 or 204 response codes). [Astrid Keßler]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Modify ap_get_client_block() to note if it has seen EOS.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Justin Erenkrantz]
71ba75c604df3604673232828a68bb28c420e698Mark Andrews *) Fix a bug, where mod_deflate sometimes unconditionally compressed the
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User content if the Accept-Encoding header contained only other tokens than
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews "gzip" (such as "deflate"). PR 21523. [Joe Orton, André Malo]
e7d35dad55e8deae14f29aabfb20d540b4b6ab3dMark Andrews *) Avoid an infinite recursion, which occured if the name of an included
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User config file or directory contained a wildcard character. PR 22194.
dfd613f037c1385db661f17e086d34ea57fea9b0Automatic Updater *) mod_ssl: Fix a problem setting variables that represent the
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User client certificate chain. PR 21371 [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Unix: Handle permissions settings for flock-based mutexes in
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater unixd_set_global|proc_mutex_perms(). Allow the functions to be
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews called for any type of mutex. PR 20312 [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Fix a misleading message from the some of the threaded MPMs when
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater MaxClients has to be lowered due to the setting of ServerLimit.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Lower the severity of the "listener thread didn't exit" message
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews to debug, as it is of interest only to developers. PR 9011
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User [Jeff Trawick]
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User *) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Cliff Woolley, Jean-Jacques Clar]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Install config.nice into the build/ directory to make
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews minor version upgrades easier. [Joshua Slive]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Fix mod_deflate so that it does not call deflate() without checking
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews first whether it has something to deflate. (Currently this causes
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews deflate to generate a fatal error according to the zlib spec.)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews PR 22259. [Stas Bekman]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) mod_ssl: Fix FakeBasicAuth for subrequest. Log an error when an
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User identity spoof is encountered.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Sander Striker]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews containing the .htaccess file is requested without a trailing slash.
51901858be9d4632c1d0bed28cfa8f29932c1967Tinderbox User PR 20195. [André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) ab: Overlong credentials given via command line no longer clobber
347333bc39e9e2df63cc4e7309cef5354d52b1fbTinderbox User the buffer. [André Malo]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_deflate: Don't attempt to hold all of the response until we're
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater done. [Justin Erenkrantz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Assure that we block properly when reading input bodies with SSL.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson PR 19242. [David Deaves <David.Deaves dd.id.au>, William Rowe]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Update mime.types to include latest IANA and W3C types. [Roy Fielding]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) mod_ext_filter: Set additional environment variables for use by
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews the external filter. PR 20944. [Andrew Ho, Jeff Trawick]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix buildconf errors when libtool version changes. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Remember an authenticated user during internal redirects if the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater redirection target is not access protected and pass it
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson to scripts using the REDIRECT_REMOTE_USER environment variable.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews PR 10678, 11602. [André Malo]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_include: Fix a trio of bugs that would cause various unusual
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson sequences of parsed bytes to omit portions of the output stream.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson PR 21095. [Ron Park <ronald.park cnet.com>, André Malo, Cliff Woolley]
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater *) Update the header token parsing code to allow LWS between the
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews token word and the ':' seperator. [PR 16520]
8bc3d252395842452a6d2c775cf8445f6349e331Tinderbox User [Kris Verbeeck <kris.verbeeck advalvas.be>, Nicel KM <mnicel yahoo.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Eliminate creation of a temporary table in ap_get_mime_headers_core()
8bc3d252395842452a6d2c775cf8445f6349e331Tinderbox User [Joe Schaefer <joe+gmane sunstarsys.com>]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Added FreeBSD directory layout. PR 21100.
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews [Sander Holthaus <info orangexl.com>, André Malo]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User response. PR 21085. [Glenn Nielsen <glenn apache.org>, André Malo]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_rewrite: Perform child initialization on the rewrite log lock.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User This fixes a log corruption issue when flock-based serialization
467a823e57af687ebd486dfd73ea32f9d2a145beTinderbox User is used (e.g., FreeBSD). [Jeff Trawick]
7d704e522860496310bb29c28e76064868401a9cMark Andrews *) Don't respect the Server header field as set by modules and CGIs.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews As with 1.3, for proxy requests any such field is from the origin
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User server; otherwise it will have our server info as controlled by
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User the ServerTokens directive. [Jeff Trawick]
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark AndrewsChanges with Apache 2.0.47
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater *) SECURITY: CVE-2003-0192 (cve.mitre.org)
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User Fixed a bug whereby certain sequences of per-directory
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User renegotiations and the SSLCipherSuite directive being used to
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User upgrade from a weak ciphersuite to a strong one could result in
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User the weak ciphersuite being used in place of the strong one.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) SECURITY: CVE-2003-0253 (cve.mitre.org)
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews Fixed a bug in prefork MPM causing temporary denial of service
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater when accept() on a rarely accessed port returns certain errors.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews Reported by Saheed Akhtar <S.Akhtar talis.com>. [Jeff Trawick]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) SECURITY: CVE-2003-0254 (cve.mitre.org)
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews Fixed a bug in ftp proxy causing denial of service when target
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews host is IPv6 but proxy server can't create IPv6 socket. Fixed by
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews the reporter. [Yoshioka Tsuneo <tsuneo.yoshioka f-secure.com>]
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews *) SECURITY [VU#379828] Prevent the server from crashing when entering
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater infinite loops. The new LimitInternalRecursion directive configures
409ba95e573b40cf36acf97dd62ee7e9c7775851Tinderbox User limits of subsequent internal redirects and nested subrequests, after
f751b1576ee6fef4023bf7101d10167e4fe520f3Tinderbox User which the request will be aborted. PR 19753 (and probably others).
261ef37955c3468cbcb55d54b83c9a3b14e114dfTinderbox User [William Rowe, Jeff Trawick, André Malo]
24bf1e02f03577db0feb50b80238c4150c96d05dAutomatic Updater *) core_output_filter: don't split the brigade after a FLUSH bucket if
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater it's the last bucket. This prevents creating unneccessary empty
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater brigades which may not be destroyed until the end of a keepalive
261ef37955c3468cbcb55d54b83c9a3b14e114dfTinderbox User *) Add support for "streamy" PROPFIND responses.
261ef37955c3468cbcb55d54b83c9a3b14e114dfTinderbox User [Ben Collins-Sussman <sussman collab.net>]
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User *) mod_cgid: Eliminate a double-close of a socket. This resolves
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User various operational problems in a threaded MPM, since on the
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User second attempt to close the socket, the same descriptor was
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User often already in use by another thread for another purpose.
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User [Jeff Trawick]
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User *) mod_negotiation: Introduce "prefer-language" environment variable,
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User which allows to influence the negotiation process on request basis
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User to prefer a certain language. [André Malo]
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User *) Make mod_expires' ExpiresByType work properly, including for
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User dynamically-generated documents. [Ken Coar, Bill Stoddard]
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox UserChanges with Apache 2.0.46
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User *) SECURITY: CVE-2003-0245 (cve.mitre.org)
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox User Fixed a bug causing apr_pvsprintf() to crash by sending an overly
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox User long string. This can be triggered remotely through mod_dav,
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox User mod_ssl, and other mechanisms.
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox User Reported by David Endler <DEndler iDefense.com>. [Joe Orton]
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox User *) SECURITY: CVE-2003-0189 (cve.mitre.org)
b8cc0c5d896c361525708a2be2e5af7df76c96d7Tinderbox User Fixed a denial-of-service vulnerability affecting basic
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User authentication on Unix platforms related to thread-safety in
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User apr_password_validate().
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User Reported by John Hughes <john.hughes entegrity.com>.
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User *) Fix for mod_dav. Call the 'can_be_activity' callback, if provided,
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User when a MKACTIVITY request comes in.
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User [Ben Collins-Sussman <sussman collab.net>]
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User *) Perform run-time query in apxs for apr and apr-util's includes.
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox User [Justin Erenkrantz]
2ec4ab21838e218863d052ebfa3e106e04f50820Evan Hunt *) run libtool from the apr install directory (in case that is different
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews from the apache install directory) [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) configure.in: Play nice with libtool-1.5. [Wilfredo Sanchez]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) If mod_mime_magic does not know the content-type, do not attempt to
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews guess. PR 16908. [Andrew Gapon <agapon telcordia.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) ssl session caching(shmht) : Fix a SEGV problem with SHMHT session
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews caching. PR 17864.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Andreas Leimbacher <andreasl67 yahoo.de>, Madhusudan Mathihalli]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Add a delete flag to htpasswd.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix mod_rewrite's handling of absolute URIs. The escaping routines
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews now work scheme dependent and the query string will only be
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews appended if supported by the particular scheme. [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Add another check for already compressed content in mod_deflate.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 19913. [Tsuyoshi SASAMOTO <nazonazo super.win.ne.jp>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fixes for VPATH builds; copying special.mk and any future .mk files
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews from the source tree as well as the build tree (now creates a usable
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews configuration for apxs), and eliminated redundant -I'nclude paths.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [William Rowe]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Code fixes, constness corrections and ssl_toolkit_compat.h updates
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews for SSLC and OpenSSL toolkit compatibility. Still work remains to
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews be done to cripple features based on the limitations of RSA's binary
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews distribution of their SSL-C toolkit.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [William Rowe, Madhusudan Mathihalli, Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Linux 2.4+: If Apache is started as root and you code
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews CoreDumpDirectory, coredumps are enabled via the prctl() syscall.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) ap_get_mime_headers_core: allocate space for the trailing null
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews when folding is in effect.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 18170 [Peter Mayne <PeterMayne SPAM_SUX.ap.spherion.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix --enable-mods-shared=most and other variants. [Aaron Bannert]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_log_config: Add the ability to log the id of the thread
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews processing the request via new %P formats. [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Use appropriate language codes for Czech (cs) and Traditional Chinese
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews (zh-tw) in default config files. PR 9427. [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_auth_ldap: Use generic whitespace character class when parsing
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews "require" directives, instead of literal spaces only. PR 17135.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Hook mod_rewrite's type checker before mod_mime's one. That way the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews RewriteRule [T=...] Flag should work as expected now. PR 19626.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) htpasswd: Check the processed file on validity. If a line is not empty
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews and not a comment, it must contain at least one colon. Otherwise exit
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews with error code 7. [Kris Verbeeck <Kris.Verbeeck ubizen.com>, Thom May]
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews *) Fix a problem that caused httpd to be linked with incorrect flags
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews on some platforms when mod_so was enabled by default, breaking
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews DSOs on AIX. PR 19012 [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) By default, use the same CC and CPP with which APR was built.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews The user can override with CC and CPP environment variables.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix ap_construct_url() so that it surrounds IPv6 literal address
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews strings with []. This fixes certain types of redirection.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 19207. [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) forward port of buffer overflow fixes for htdigest. [Thom May]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Added AllowEncodedSlashes directive to permit control of whether
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews the server will accept encoded slashes ('%2f') in the URI path.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Default condition is off (the historical behaviour). This permits
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews environments in which the path-info needs to contain encoded
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews slashes. PR 543, 2389, 3581, 3589, 5687, 7066, 7865, 14639. [Ken Coar]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) When using Redirect in directory context, append requested query
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews string if there's no one supplied by configuration. PR 10961.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Unescape the supplied wildcard pattern in mod_autoindex. Otherwise
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews the pattern will not always match as desired. PR 12596.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_autoindex now emits and accepts modern query string parameter
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews delimiters (;). Thus column headers no longer contain unescaped
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews ampersands. PR 10880 [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Enable ap_sock_disable_nagle for Windows. This along with the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews addition of APR_TCP_NODELAY_INHERITED to apr.hw will cause Nagle
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews to be disabled for Windows. [Allan Edwards]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Correct a mis-correlation between mpm_common.c and mpm_common.h;
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews This patch reverts us to pre-2.0.46 behavior, using the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews ap_sock_disable_nagle noop macro, because ap_sock_disable_nagle
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews was never compiled on Win32. [Allan Edwards, William Rowe]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix a build problem with passing unsupported --enable-layout
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews args to apr and apr-util. This broke binbuild.sh as well as
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews user-specified layout parameters. PR 18649 [Justin Erenkrantz,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) If a Date response header was already set in the headers array,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews this value was ignored in favour of the current time. This meant
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews that Date headers on proxied requests where rewritten when they
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews should not have been. PR: 14376 [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Add code to buildconf that produces an httpd.spec file from
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews httpd.spec.in, using build/get-version.sh from APR.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fixed a segfault when multiple ProxyBlock directives were used.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR: 19023 [Sami Tikka <sami.tikka f-secure.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) SECURITY: CVE-2003-0134 (cve.mitre.org)
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews OS2: Fix a Denial of Service vulnerability identified and
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews reported by Robert Howard <rihoward rawbw.com> that where device
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews names faulted the running OS2 worker process. The fix is
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews actually in APR 0.9.4. [Brian Havard]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) SECURITY: CVE-2003-0083 (cve.mitre.org)
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Forward port: Escape special characters (especially control
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews characters) in mod_log_config to make a clear distinction between
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews client-supplied strings (with special characters) and server-side
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews strings. This was already introduced in version 1.3.25.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_deflate: Check also err_headers_out for an already set
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Content-Encoding: gzip header. This prevents gzip compressed content
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews from a CGI script from being compressed once more. PR 17797.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsChanges with Apache 2.0.45
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix possible segfaults under obscure error conditions within the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews cgid daemon. [Jeff Trawick, William Rowe]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) SECURITY: CVE-2003-0132 (cve.mitre.org)
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Close a Denial of Service vulnerability identified by David
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Endler <DEndler iDefense.com> on all platforms. An unlimited
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews stream of newlines were acceptable between requests where each
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater <lf> would allocate an 80 byte buffer, leading very quickly to
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews memory exahustion. [Brian Pane]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Added an rpm build script.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Graham Leggett, Joe Orton <jorton redhat.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Simpler, faster code path for request header scanning [Brian Pane]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) SECURITY: Eliminated leaks of several file descriptors to child
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews processes, such as CGI scripts. This fix depends on the APR library
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews release 0.9.2 or later (0.9.3 was distributed with the httpd
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews source tarball for Apache 2.0.45.) PR 17206
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Christian Kratzer <ck cksoft.de>, Bjoern A. Zeeb <bz zabbadoz.net>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Fix path handling of mod_rewrite, especially on non-unix systems.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews There was some confusion between local paths and URL paths.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews PR 12902. [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Prevent endless loops of internal redirects in mod_rewrite by
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews aborting after exceeding a limit of internal redirects. The
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews limit defaults to 10 and can be changed using the RewriteOptions
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews directive. PR 17462. [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Win32: Avoid busy wait (consuming all the CPU idle cycles) when
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews all worker threads are busy.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Igor Nazarenko <igor_nazarenko hotmail.com>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Keep the subrequest filter in place when a subrequest is
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews redirected. PR 15423. [Jeff Trawick]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) you can now specify the compression level for mod_deflate.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [Ian Holsman, Stephen Pierzchala <stephen pierzchala.com>,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Michael Schroepl <Michael.Schroepl telekurs.de>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) mod_deflate: Extend the DeflateFilterNote directive to
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews allow accurate logging of the filter's in- and outstream.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews [André Malo]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Allow SSLMutex to select/use the full range of APR locking
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews mechanisms available to it. Also, fix the bug that SSLMutex uses
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews APR_LOCK_DEFAULT no matter what. PR 8122 [Jim Jagielski,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews Martin Kutschker <martin.t.kutschker blackbox.net>]
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews *) Restore the ability of htdigest.exe to create files that contain
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews more than one user. PR 12910. [André Malo]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Improve binary compatibility of the core between debug (aka
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt maintainer-mode) and a non-debug compile.
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt [Sander Striker]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) mod_usertrack: don't set the cookie in subrequests. This works
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt around the problem that cookies were set twice during fast internal
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt redirects. PR 13211. [André Malo]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) mod_autoindex no longer forgets output format and enabled version
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt sort in linked column headers. [André Malo]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Use .sv instead of .se as extension for Swedish documents in the
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt default configuration. PR 12877. [André Malo]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Updated mod_ldap and mod_auth_ldap to support the Novell LDAP SDK SSL
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt and standardized the LDAP SSL support across the various LDAP SDKs.
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt Isolated the SSL functionality to mod_ldap rather than speading it
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt across mod_auth_ldap and mod_ldap. Also added LDAPTrustedCA
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User and LDAPTrustedCAType directives to mod_ldap to allow for a more
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater common method of specifying the SSL certificate.
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater [Dave Ward, Brad Nicholes]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Fixed mod_ssl's SSLCertificateChain initialization to no longer
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater skip the first cert of the chain by default. This misbehavior
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater was introduced in 2.0.34. PR 14560 [Madhusudan Mathihalli]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) mod_cgi, mod_cgid, mod_ext_filter: Log errors when scripts cannot
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater be started on Unix because of such problems as bad permissions,
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater bad shebang line, etc. [Jeff Trawick]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Fix 64-bit problem in mod_ssl input logic.
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User [Madhusudan Mathihalli <madhusudan_mathihalli hp.com>]
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater *) Fix potential memory leaks in mod_deflate on malformed data. PR 16046.
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater [Justin Erenkrantz]
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson *) Rewrite ap_xml_parse_input to use bucket brigades. PR 16134.
309b912841e8b97bf0b0df0d96c3eaf16990c080Automatic Updater [Justin Erenkrantz]
66d24a46538c7c2d29fdb5611ab1173e83685b1dTinderbox User *) Fix segfault which occurred when a section in an included
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson configuration file was not closed. PR 17093. [André Malo]
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark Andrews *) Enhance the behavior of mod_isapi's WriteClient() callback to
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark Andrews provide better emulation for isapi modules that presume that the
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark Andrews first WriteClient() call may send status and headers. An example
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews of WriteClient() abuse is the foxisapi module, which relies on
94df856897945fe58f130ba78765c57308bc5400Automatic Updater that assumpion and now works. [William Rowe, Milan Kosina]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Check the return value of ap_run_pre_connection(). So if the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User pre_connection phase fails (without setting c->aborted)
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User ap_run_process_connection is not executed. [Stas Bekman]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fixed a problem with mod_ldap which caused it to fault when caching
5c679dbb66df92766f6a7e7bb93c18d61275d1feMark Andrews was disabled. Needed to make sure that the code did not
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater attempt to use the cache if it didn't exist. Also fixed some memory
5c679dbb66df92766f6a7e7bb93c18d61275d1feMark Andrews leaks which were due to not releasing LDAP resources on error
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater conditions. [Brad Nicholes]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Hook mod_proxy's fixup before mod_rewrite's fixup, so that by
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews mod_rewrite proxied URLs will not be escaped accidentally by
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews mod_proxy's fixup. PR 16368 [André Malo]
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater *) While processing filters on internal redirects, remember seen EOS
da93950363b307b718d156514b95b9df93a63776Mark Andrews buckets also in the request structure of the redirect issuer(s). This
da93950363b307b718d156514b95b9df93a63776Mark Andrews prevents filters (such as mod_deflate) from adding garbage to the
35bc7055d1b9b816e68a4180d46a49963e45c233Automatic Updater response. PR 14451. [André Malo]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) suexec: Be more pedantic when cleaning environment. Clean it
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater immediately after startup. PR 2790, 10449.
f6056ad06781c95198505ae3a361e6dd98df4b91Automatic Updater [Jeff Stewart <jws purdue.edu>, André Malo]
f6056ad06781c95198505ae3a361e6dd98df4b91Automatic Updater *) Fix apxs to insert LoadModule directives only outside of sections.
fbcaee30a27f47fe337152c27e7d90489dc8fd63Tinderbox User PR 8712, 9012. [André Malo]
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater *) Fix suexec compile error under SUNOS4, where strerror() doesn't
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater exist. PR 5913, 9977.
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater [Jonathan W Miner <Jonathan.W.Miner lmco.com>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix If header parsing when a non-mod_dav lock token is passed to it.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User PR 16452. [Justin Erenkrantz]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User not specified. Now it assumes "/" as already documented. PR 16937.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Try to log an error if a piped log program fails. Try to
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User restart a piped log program in more failure situations. Fix an
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User existing problem with error handling in piped_log_spawn(). Use
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User new APR apr_proc_create() features to prevent Apache from starting
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User on Unix* in most cases where a piped log program can be started,
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User and add log messages for the other situations. *Other platforms
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User already failed Apache initialization if a piped log program
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt couldn't be started. PR 15761 [Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix mod_cern_meta to not create empty metafiles when the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User metafile searched for does not exist. PR 12353
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Owen Rees <owen_rees hp.com>]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Introduce debugging symbols for Win32 release builds, both .pdb
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt and .dbg files (older debuggers and Dr. Watson-type utilities
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User on WinNT or Win9x don't support the newer .pdb flavor.)
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Allen Edwards, William Rowe]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix bug where 'Satisfy Any' without an AuthType lost all MIME
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt information (and more). Related to PR 9076. [André Malo]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) mod_file_cache: fix segfault serving mmaped cached files.
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt [Bill Stoddard]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_file_cache: fixed a segfault when multiple MMapFile directives
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt were used. PR 16313. [Cliff Woolley]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix a nasty segfault in mmap_bucket_setaside() caused by passing
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User an incompatible pointer type to mmap_bucket_destroy(void*).
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Gerard Eviston <geviston bigpond.net.au>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Enable the -n name parameter on NetWare to allow the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User administrator to rename the Apache console screen
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Brad Nicholes]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fixed piped access logs on Win32 by disabling OTHER_CHILD
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User support by default in APR. More development is required
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User to deploy OTHER_CHILD on Win32. [William Rowe]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Use saner default config values for suexec. PR 15713.
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt [Thom May <thom planetarytramp.net>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_rewrite: Allow "RewriteEngine Off" even if no "Options FollowSymlinks"
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User (or SymlinksIfOwnermatch) is set. PR 12395. [André Malo]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) apxs: Include any special APR ld flags when linking the DSO.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User This resolves problems on AIX when building a DSO with apxs+gcc.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Added character set support to mod_auth_LDAP to allow it to
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User convert extended characters used in the user ID to UTF-8
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User before authenticating against the LDAP directory. The new
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User directive AuthLDAPCharsetConfig is used to specify the config
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User file that contains the character set conversion table.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Brad Nicholes]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Don't remove the Content-Length from responses in mod_proxy
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User PR: 8677 [Brian Pane]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Ensure LDAP version is set to v3 on every bind. PR 14235.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Sergey A. Lipnevich <sergeyli pisem.net>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix mod_ldap to open an existing shared memory file should one
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User already exist. PR 12757. [Scooter Morris <scooter gene.com>,
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User Graham Leggett]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix the ulimit command used by apachectl on Tru64. PR 13609.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Joseph Senulis <Joseph.Senulis dnr.state.wi.us>, Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Change the ulimit command used by apachectl on AIX so that it
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User works in all locales. [Jeff Trawick]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) mod_ext_filter: Fix a problem building argument lists which
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User occasionally caused exec to fail. PR 15491. [Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox UserChanges with Apache 2.0.44
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_autoindex: Bring forward the IndexOptions IgnoreCase option
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User from Apache 1.3. PR 14276
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [David Shane Holden <dpejesh yahoo.com>, William Rowe]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_mime: Workaround to prevent a segfault if r->filename=NULL
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Reorder the definitions for mod_ldap and mod_auth_ldap within
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User config.m4 to make sure the parent mod_ldap is defined first.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User This ensures that mod_ldap comes before mod_auth_ldap in the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User httpd.conf file, which is necessary for mod_auth_ldap to load.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User PR 14256 [Graham Leggett]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix the building of cgi command lines when the query string
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User contains '='. PR 13914 [Ville Skyttä <ville.skytta iki.fi>,
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Rename CacheMaxStreamingBuffer to MCacheMaxStreamingBuffer. Move
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User implementation of MCacheMaxStreamingBuffer from mod_cache to
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User mod_mem_cache. MCacheMaxStreamingBuffer now defaults to the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User lesser of 100,000 bytes or MCacheMaxCacheObjectSize. This should
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User eliminate the need for explicitly coding MCacheMaxStreamingBuffer
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User in most configurations. [Bill Stoddard]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_cache: Fix PR 15113, a core dump in cache_in_filter when
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User a redirect occurs. The code was passing a format string and
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User integer to apr_pstrcat. Changed to apr_psprintf.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Paul J. Reder]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Replace APU_HAS_LDAPSSL_CLIENT_INIT with APU_HAS_LDAP_NETSCAPE_SSL
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User as set by apr-util in util_ldap.c. This should allow mod_ldap
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User to work with the Netscape/Mozilla LDAP library. [Øyvin Sømme
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User <somme oslo.westerngeco.slb.com>, Graham Leggett]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix critical bug in new --enable-v4-mapped configure option
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User implementation which broke IPv4 listening sockets on some
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User systems. [hiroyuki hanai <hanai imgsrc.co.jp>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_setenvif: Fix BrowserMatchNoCase support for non-regex
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User patterns [André Malo <nd perlig.de>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Add version string to provider API. [Justin Erenkrantz]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) build: './configure && make' now works without an in-tree
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt apr and apr-util. [Wilfredo Sanchez]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_negotiation: Set the appropriate mime response headers
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User (Content-Type, charset, Content-Language and Content-Encoding)
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User for negotated type-map "Body:" responses (such as the error
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User pages.) [André Malo <nd perlig.de>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_log_config: Allow '%%' escaping in CustomLog format
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User strings to insert a literal, single '%'.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [André Malo <nd perlig.de>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_autoindex: AddDescription directives for directories
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User now work as in Apache 1.3, where no trailing '/' is
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User specified on the directory name. Previously, the trailing
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User '/' *had* to be specified, which was incompatible with
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User Apache 1.3. PR 7990 [Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fix for PR 14556. The expiry calculations in mod_cache were
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User trying to perform "now + ((date - lastmod) * factor)" where
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User date == lastmod resulting in "now + 0". The code now follows
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User the else path (using the default expiration) if date is
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User equal to lastmod. [Sergey <rx armstrike.com>, Paul J. Reder]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Use AP_DECLARE in the debug versions of ap_strXXX in case the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User default calling convention is not the same as the one used by
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User AP_DECLARE. [Juan Rivera <Juan.Rivera citrix.com>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_cache: Don't cache response header fields designated
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User as hop-by-hop headers in HTTP/1.1 (RFC 2616 Section 13.5.1).
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Estrade Matthieu <estrade-m ifrance.com>, Brian Pane]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_cgid: Handle environment variables containing newlines.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User PR 14550 [Piotr Czejkowski <apache czarny.eu.org>, Jeff
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Move mod_ext_filter out of experimental and into filters.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [Jeff Trawick]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Fixed a memory leak in mod_deflate with dynamic content.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User PR 14321 [Ken Franken <kfranken decisionmark.com>]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Add --[enable|disable]-v4-mapped configure option to control
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User whether or not Apache expects to handle IPv4 connections
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User on IPv6 listening sockets. Either setting will work on
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User systems with the IPV6_V6ONLY socket option. --enable-v4-mapped
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User must be used on systems that always allow IPv4 connections on
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User IPv6 listening sockets. PR 14037 (Bugzilla), PR 7492 (Gnats)
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt [Jeff Trawick]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) This fixes a problem where the underlying cache code
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User indicated that there was one more element on the cache
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User than there actually was. This happened since element 0
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User exists but is not used. This code allocates the correct
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User number of useable elements and reports the number of
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User actually used elements. The previous code only allowed
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User MCacheMaxObjectCount-1 objects to be stored in the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User cache. [Paul J. Reder]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_setenvif: Add SERVER_ADDR special keyword to allow
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User envariable setting according to the server IP address
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User which received the request. [Ken Coar]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_cgid: Terminate CGI scripts when the client connection
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User drops. PR 8388 [Jeff Trawick]
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt *) Rearrange OpenSSL engine initialization to support RAND
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt redirection on crypto accelerator.
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) Always emit Vary header if mod_deflate is involved in the
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User request. [André Malo <nd perlig.de>]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_isapi: Stop unsetting the 'empty' query string result with
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User a NULL argument in ecb->lpszQueryString, eliminating segfaults
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User for some ISAPI modules. PR 14399
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_isapi: Fix an issue where the HSE_REQ_DONE_WITH_SESSION
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt notification is received before the HttpExtensionProc() returns
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User HSE_STATUS_PENDING. This only affected isapi .dll's configured
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User with the ISAPIFakeAsync on directive. PR 11918
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User [John DeSetto <jdesetto radiantsystems.com>, William Rowe]
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User *) mod_isapi: Fix the issue where all results from mod_isapi would
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User run through the core die handler resulting in invalid responses
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User or access log entries. PR 10216 [William Rowe]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Improves the user friendliness of the CacheRoot processing
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews over my last pass. This version avoids the pool allocations
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User but doesn't avoid all of the runtime checks. It no longer
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User terminates during post-config processing. An error is logged
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User once per worker, indicating that the CacheRoot needs to be set.
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User [Paul J. Reder]
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Fix a bug where we keep files open until the end of a
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User keepalive connection, which can result in:
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User (24)Too many open files: file permissions deny server access
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User especially on threaded servers. [Greg Ames, Jeff Trawick]
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Fix a bug in which mod_proxy sent an invalid Content-Length
6a0d2961c04b20f0114cca12157cfed64c5b126fTinderbox User when a proxied URL was invoked as a server-side include within
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User a page generated in response to a form POST. [Brian Pane]
c7ef13f6c9ef4436bc804b150e0a93307b11fa27Tinderbox User *) Added code to process min and max file size directives and to
4ea3649f028ea6a1e42377082a7ccf8f789fb950Automatic Updater init the expirychk flag in mod_disk_cache. Added a clarifying
644973f327e9db74779e7c0426db90909173b284Automatic Updater comment to cache_util. [Paul J. Reder]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) The value emitted by ServerSignature now mimics the Server HTTP
418cc932318b1d67f88a36904d88d8a5a0a2ba09Automatic Updater header as controlled by ServerTokens. [Francis Daly <deva daoine.org>]
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Gracefully handly retry situations in the SSL input filter,
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User by following the SSL libraries' retry semantics.
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User [William Rowe]
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Terminate CGI scripts when the client connection drops. This
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User fix only applies to some normal paths in mod_cgi. mod_cgid
347333bc39e9e2df63cc4e7309cef5354d52b1fbTinderbox User is still busted. PR 8388 [Jeff Trawick]
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Fix a bug where 416 "Range not satisfiable" was being
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User returned for content that should have been redirected.
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Fix memory leak in mod_ssl from internal SSL library allocations
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User within SSL_get_peer_certificate and X509_get_pubkey.
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User Madhusudan Mathihalli <madhusudan_mathihalli hp.com>].
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) mod_ssl uses free() inappropriately in several places, to free
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User memory which has been previously allocated inside OpenSSL.
347333bc39e9e2df63cc4e7309cef5354d52b1fbTinderbox User Such memory should be freed with OPENSSL_free(), not with free().
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User [Nadav Har'El <nyh math.technion.ac.il>,
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User Madhusudan Mathihalli <madhusudan_mathihalli hp.com>].
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User *) Emit a message to the error log when we return 404 because
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User the URI contained '%2f'. (This was previously nastily silent
d585233c52e283d9a8849f16f04f452419a2484eTinderbox User and difficult to debug.) [Ken Coar]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix streaming output from an nph- CGI script. CGI:IRC now
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews works. PR 8482 [Jeff Trawick]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) More accurate logging of bytes sent in mod_logio when
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews the client terminates the connection before the response
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews is completely sent [Bojan Smojver <bojan rexursive.com>]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Fix some problems in the perchild MPM.
90863a6f9bfb06062c7fdf269bb675e7b674fc31Mark Andrews [Jonas Eriksson <jonas webkonsulterna.com>]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Change the CacheRoot processing to check for a required
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews value at config time. This saves a lot of wasted processing
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews if the mod_disk_cache module is loaded but no CacheRoot
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews was provided. This fix also adds code to log an error
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews and avoid useless pallocs and procesing when the computed
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews cache file name cannot be opened. This also updates the
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews docs accordingly. [Paul J. Reder]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Introduce the EnableSendfile directive, allowing users of NFS
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews shares to disable sendfile mechanics when they either fail
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews outright or provide intermitantly corrupted data. PR
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Resolve the error "An operation was attempted on something
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews that is not a socket. : winnt_accept: AcceptEx failed.
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews Attempting to recover." for users of various firewall and
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater anti-virus software on Windows. PR 8325 [William Rowe]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Add the ProxyBadHeader directive, which gives the admin some
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews control on how mod_proxy should handle bogus HTTP headers from
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews proxied servers. This allows 2.0 to "emulate" 1.3's behavior if
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User desired. [Jim Jagielski]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Change the LDAP modules to export their symbols correctly
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User during a Windows build. Add dsp files for Windows. Update
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater README.ldap file for Windows build instructions.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Performance improvements for the code that generates HTTP
f4193c2021ab0aeaad33fe0b3d1d49c80db5c725Mark Andrews response headers [Brian Pane]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Add -S as a synonym for -t -DDUMP_VHOSTS.
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews [Thom May <thom planetarytramp.net>]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Fix a bug with dbm rewrite maps which caused the wrong value to
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User be used when the key was not found in the dbm. PR 13204
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews [Jeff Trawick]
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews *) Fix a problem with streaming script output and mod_cgid.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Jeff Trawick]
7a2a1b8b14fc804ac80612d7b98064095e445be5Automatic Updater *) Add ap_register_provider/ap_lookup_provider API.
7a42357217528037bdfedcb17eeebfe96ae4266aAutomatic Updater [John K. Sterling <john sterls.com>, Justin Erenkrantz]
e007e3e5b0316c6c05698a71101885743aca22bdAutomatic UpdaterChanges with Apache 2.0.43
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) SECURITY: CVE-2002-0840 (cve.mitre.org)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington HTML-escape the address produced by ap_server_signature() against
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington this cross-site scripting vulnerability exposed by the directive
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington 'UseCanonicalName Off'. Also HTML-escape the SERVER_NAME
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington environment variable for CGI and SSI requests. It's safe to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington escape as only the '<', '>', and '&' characters are affected,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington which won't appear in a valid hostname. Reported by Matthew
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Murphy <mattmurphy kc.rr.com>. [Brian Pane]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fix a core dump in mod_cache when it attemtped to store uncopyable
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User buckets. This happened, for instance, when a file to be cached
cff0e0b52cf0928123bad6f3bccf56e22bbc07f5Automatic Updater contained SSI tags to execute a CGI script (passed as a pipe
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater bucket). [Paul J. Reder]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Ensure that output already available is flushed to the network
644973f327e9db74779e7c0426db90909173b284Automatic Updater when the content-length filter realizes that no new output will
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater be available for a while. This helps some streaming CGIs as
c28a1243429dfaf8dc5f6c1db0dccdc6ce386baeMark Andrews well as some other dynamically-generated content. [Jeff Trawick]
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews *) Fix a mutex problem in mod_ssl session cache support which
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews could lead to an infinite loop. PR 12705
5f7e0eb1cb917b788906d3e2aa01bfc4885dcae4Mark Andrews [Amund Elstad <amund.elstad ergo.no>, Jeff Trawick]
15ae68f3db8261770fc33b8e0f83f5d8c7021e84Mark Andrews *) SECURITY: CVE-2002-1156 (cve.mitre.org)
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews Fix the exposure of CGI source when a POST request is sent to
c5a97a549c89d562e999d4f906b882c5a2a474e1Tinderbox User a location where both DAV and CGI are enabled. [Ryan Bloom]
c5a97a549c89d562e999d4f906b882c5a2a474e1Tinderbox User *) Allow the UserDir directive to accept a list of directories.
9bc394fffdd50f6e47614b2d317da7274122366fTinderbox User This matches what Apache 1.3 does. Also add documentation for
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User this feature. [Jay Ball <jay veggiespam.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) New Module: mod_logio. adds the ability to log bytes sent and
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User received. [Bojan Smojver <bojan rexursive.com>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) SuExec needs to use the same default directory as the rest of
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [SangBeom han <sbhan os.korea.ac.kr>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Get mod_auth_ldap to retry connections on LDAP_SERVER_DOWN.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater [Thomas Bennett <thomas.bennett eds.com>, Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Make sure the contents of the WWW-Authenticate header is
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater passed on a 4xx error by proxy. Previously all headers
10640b2e3efc7bc8034108136d7487f7407fbf37Andreas Gustafsson were dropped, resulting in the browser being unable to
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews authenticate. [Dr Richard Reiner <rreiner fscinternet.com>,
10640b2e3efc7bc8034108136d7487f7407fbf37Andreas Gustafsson Richard Danielli <rdanielli fscinternet.com>, Graham Wiseman
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews <gwiseman fscinternet.com>, David Henderson
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Make mod_cache's CacheMaxStreamingBuffer directive work
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater properly for virtual hosts that override server-wide mod_cache
436aad11e01e916f75e68a2e9cb89ac217a990d3Tinderbox User setttings. [Matthieu Estrade <estrade-m ifrance.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add -p option to apxs to allow programs to be compiled with apxs.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserChanges with Apache 2.0.42
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User *) SECURITY: CVE-2002-1593 (cve.mitre.org) [CERT VU#406121]
a792d42c3cdd6cd4608b936c0a06437b8c2d99ccTinderbox User mod_dav: Check for versioning hooks before using them.
a01aa536188bb3535dfc1107a623e6355a8e6b7cMark Andrews [Greg Stein]
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic UpdaterChanges with Apache 2.0.41
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) The protocol version (eg: HTTP/1.1) in the request line parsing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is now case insensitive. [Jim Jagielski]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Allow AddOutputFilterByType to add multiple filters per directive.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Remove warnings with Sun's Forte compiler. [Justin Erenkrantz]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fixed mod_disk_cache's generation of 304s
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Add support for using fnmatch patterns in the final path
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater segment of an Include statement (eg.. include /foo/bar/*.conf).
e10d61d84e0b735f1e8eca18644cfdb1b06cad33Tinderbox User and remove the noise on stderr during config dir processing.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Joe Orton <jorton redhat.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) mod_cache: cache_storage.c. Add the hostname and any request
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User args to the key generated for caching. This provides a unique
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews key for each virtual host and for each request with unique
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews args. [Paul J. Reder, args code provided by Kris Verbeeck]
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User *) mod_cache: Do not cache responses to GET requests with query
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User URLs if the origin server does not explicitly provide an
90cde4c188ac5bdea4f402b241c387c9cc9d4cc4Tinderbox User Expires header on the response (RFC 2616 Section 13.9)
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Kris Verbeeck <krisv be.ubizen.com>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix memory leak in core_output_filter. [Justin Erenkrantz]
4c9f230f7ca5b2b08ea8fd7a6944135801dbe152Tinderbox User *) Update OpenSSL detection to work on Darwin.
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews [Sander Temme <sctemme covalent.net>]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) Update the xslt and css to give the documentation a more
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [André Malo <nd perlig.de>, Gernot Winkler <greh o3media.de>]
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark Andrews *) Fix some bucket memory leaks in the chunking code
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Joe Schaefer <joe+apache sunstarsys.com>]
1d4f4d2db2d69e48fec2dde5c1535853677d22a7Automatic Updater *) Add ModMimeUsePathInfo directive. [Justin Erenkrantz]
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User *) mod_cache: added support for caching streamed responses (proxy,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater CGI, etc) with optional CacheMaxStreamingBuffer setting [Brian Pane]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews [Ian Holsman, Peter Bieringer <pb bieringer.de>]
dc5552b4df5e3821783821c8d4e734c1608c446eTinderbox User *) Fix FileETags none operation. PR 12207.
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater [Justin Erenkrantz, Andrew Ho <andrew tellme.com>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Restored the experimental leader/followers MPM to working
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User condition and converted its thread synchronization from
02b3e44a996e9753d86306b6a1b6b579a73787fcTinderbox User mutexes to atomic CAS. [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix Logic on non-html file removal in mod_deflate
53b97c9873a923f504893d1e2ab62000dfac221fTinderbox User *) Fix "ab -g"'s truncated year: the last digit was cut off.
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews [Leon Brocard <acme astray.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite can now sets cookies in err_headers, uses the correct
8c6328ab5890aa79d84b86ed672e185dc111bb68Automatic Updater expiry date, and can now set the path as well
3349f0044fda807e1fd6681c833d3593a22dad86Tinderbox User PR 12132,12181,12172.
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater [Ian Holsman / Rob Cromwell <apachechangelog robcromwell.com>]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) The content-length filter no longer tries to buffer up
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews the entire output of a long-running request before sending
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User anything to the client. [Brian Pane]
cd34c1adb0fa2120327fc8c11cda0d4a5f722aeeTinderbox User *) Win32: Lower the default stack size from 1MB to 256K. This will
e20309353e6246485c521278131d3fced73d7957Tinderbox User allow around 8000 threads to be started per child process.
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrews 'EDITBIN /STACK:size apache.exe' can be used to change this
c74518d655c1c563060f49569dce71e4a00f5f4eTinderbox User value directly in the apache.exe executable.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Bill Stoddard]
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews *) Win32: Implement ThreadLimit directive in the Windows MPM.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Bill Stoddard]
e8c42d50cdaf3a3b841074d8bf72b40ffbae2a4bTinderbox User *) Remove CacheOn config directive since it is set but never checked.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater No sense wasting cycles on unused code. Besides, the only truly
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews bug free code is deleted code. :) [Paul J. Reder]
ca904804e43f663f08eb1ac9d6d617930b9a3cd3Automatic Updater *) BufferLogs are now run-time enabled, and the log_config now has 2 new
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User callbacks to allow a 3rd party module to actually do the writing of the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater log file [Ian Holsman]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater *) Correct ISAPIReadAheadBuffer to default to 49152, per mod_isapi docs.
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews [André Malo, Astrid Keßler <kess kess-net.de>]
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User *) Fix Segfault in mod_cache. [Kris Verbeeck <Kris.Verbeeck ubizen.com>]
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews *) Fix a null pointer dereference in the merge_env_dir_configs
f8b9948a4116226ac41b5509cca152849006c66cAutomatic Updater function of the mod_env module. PR 11791
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [Paul J. Reder]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) New option to ServerTokens 'maj[or]'. Only show the major version
c243d779731a410f8dc2d2feeed20c15f299b6e3Automatic Updater Also Surfaced this directive in the standard config (default FULL)
099b86fb8136a7dff81df85cf395978c16eb254cAutomatic Updater *) Change mod_rewrite to use apr-util's dbm support for dbm rewrite
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews maps. The dbm type (e.g., ndbm, gdbm) can be specified on the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater RewriteMap directive. PR 10644 [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fixed mod_rewrite's RewriteMap prg: support so that request/response
572cb2c1c931f6bc6a4a019c103ae88239b0eb96Automatic Updater pairs will no longer get out of sync with each other. PR 9534
02b3e44a996e9753d86306b6a1b6b579a73787fcTinderbox User [Cliff Woolley]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fixes required to get quoted and escaped command args working in
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark Andrews mod_ext_filter. PR 11793 [Paul J. Reder]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) mod-proxy: handle proxied responses with no status lines
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark Andrews [JD Silvester <jsilves uwo.ca>, Brett Huttley <brett huttley.net>]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Fix bug where environment or command line arguments containing
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews non-ASCII-7 characters would cause the Win32 child process creation
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to fail. PR 11854 [William Rowe]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Bug #11213.. make module loading error messages more informative
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Ian Darwin <Ian779 darwinsys.com>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) thread safety & proxy-ftp [Alexey Panchenko <alexey liwest.ru>, Ian Holsman]
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User *) mod_disk_cache works much better. This module should still
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User be considered experimental. [Eric Prud'hommeaux]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Performance improvement for keepalive requests: when setting
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User aside a small file for potential concatenation with the next
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User response on the connection, set aside the file descriptor rather
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User than copying the file into the heap. [Brian Pane]
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark Andrews *) Modified version check on openssl so that it finds the executable
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews first and then performs a check of the version, only warning the
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User user if they chose, or we selected, an old version of OpenSSL.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User This change also allows the code to work for non-openssl libraries
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User selected via the --with-ssl=dir option, which can override the
e20309353e6246485c521278131d3fced73d7957Tinderbox User automated library check in any case. [Roy Fielding]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserChanges with Apache 2.0.40
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) SECURITY: CVE-2002-0661 (cve.mitre.org)
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews Close a very significant security hole that
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User applies only to the Win32, OS2 and Netware platforms. Unix was not
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User affected, Cygwin may be affected. Certain URIs will bypass security
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User and allow users to invoke or access any file depending on the system
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater configuration. Without upgrading, a single .conf change will close
90b25b84f037ec923efaee84d2c0dc599293d04eTinderbox User the vulnerability. Add the following directive in the global server
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews httpd.conf context before any other Alias or Redirect directives;
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews RedirectMatch 400 "\\\.\."
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews Reported by Auriemma Luigi <bugtest sitoverde.com>.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Brad Nicholes]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) SECURITY: CVE-2002-0654 (cve.mitre.org)
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User Close a path-revealing exposure in multiview type
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User map negotiation (such as the default error documents) where the
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User module would report the full path of the typemapped .var file when
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User multiple documents or no documents could be served based on the mime
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User negotiation. Reported by Auriemma Luigi <bugtest sitoverde.com>.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [William Rowe]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) SECURITY: CVE-2002-0654 (cve.mitre.org)
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User Close a path-revealing exposure in cgi/cgid when we
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User fail to invoke a script. The modules would report "couldn't create
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater child process /path-to-script/script.pl" revealing the full path
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User of the script. Reported by Jim Race <jrace qualys.com>.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Bill Stoddard]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Set aside the apr-iconv and apr_xlate() features for the Win32
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User build of 2.0.40 so development can be completed. A patch, from
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <http://www.apache.org/dist/httpd/patches/apply_to_2.0.40/>
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater will be available for those that wish to work with apr-iconv.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix proxy so that it is possible to access ftp: URLs via a proxy
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater chain. [Peter Van Biesen <peter.vanbiesen vlafo.be>]
f89eb76a7516649f8717c6397fc496ca906ddb57Tinderbox User *) mod-deflate now checks to make sure that 'gzip-only-text/html' is
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater set to 1, so we can exclude things from the general case with
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews browsermatch. [Ian Holsman, Andre Schild <A.Schild aarboard.ch>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Accept multiple leading /'s for requests within the DocumentRoot.
a61158fed2e0281a40e3e97e0b7c3f9789a07b4eTinderbox User PR 10946 [William Rowe, David Shane Holden <dpejesh yahoo.com>]
a61158fed2e0281a40e3e97e0b7c3f9789a07b4eTinderbox User *) Solved the reports of .pdf byterange failures on Win32 alone.
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater APR's sendfile for the win32 platform collapses header and trailer
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater buffers into a single buffer. However, we destroyed the pointers
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater to the header buffer if a trailer buffer was present. PR 10781
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [William Rowe]
59b277af9d9aac08d16be63aed5ae60ac9eef0d5Automatic Updater *) mod_ext_filter: Add the ability to enable or disable a filter via
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User an environment variable. Add the ability to register a filter of
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater type other than AP_FTYPE_RESOURCE. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Restore the ability to specify host names on Listen directives.
c7f4dfc8decb44451cff27ef160d539d4954dc31Tinderbox User PR 11030. [Jeff Trawick, David Shane Holden <dpejesh yahoo.com>]
f34958b7669dfca333cc0cd20113b1f55a89e1deTinderbox User *) When deciding on the default address family for listening sockets,
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater make sure we can actually bind to an AF_INET6 socket before
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User deciding that we should default to AF_INET6. This fixes a startup
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews problem on certain levels of OpenUNIX. PR 10235. [Jeff Trawick]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Replace usage of atol() to parse strings when we might want a
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater larger-than-long value with apr_atoll(), which returns long long.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater This allows HTTPD to deal with larger files correctly.
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews [Shantonu Sen <ssen apple.com>]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) mod_ext_filter: Ignore any content-type parameters when checking if
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater the response should be filtered. Previously, "intype=text/html"
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater wouldn't match something like "text/html;charset=8859_1".
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ext_filter: Set up environment variables for external programs.
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater [Craig Sebenik <craig netapp.com>]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) Modified the HTTP_IN filter to immediately append the EOS (end of
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater stream) bucket for C-L POST bodies, saving a roundtrip and allowing
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater the caller to determine that no content remains without prefetching
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater additional POST body. [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Get proxy ftp to work over IPv6. [Shoichi Sakane <sakane kame.net>]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Look for OpenSSL libraries in /usr/lib64. [Peter Poeml <poeml suse.de>]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Update SuSE layout. [Peter Poeml <poeml suse.de>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Changes to the internationalized error documents:
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User Comment them out in the default config file to make the default
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User install as simple as possible; Correct the english 500 error to
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater be more understandable; Add a Swedish translation.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater [Thomas Sjogren <thomas northernsecurity.net>,
3f616e6f846be57b1717c6beaba0f74de9d5a7c6Automatic Updater Erik Abele <erik codefaktor.de>, Rich Bowen, Joshua Slive]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Increase the limit on file descriptors per process in apachectl.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix a dependency error when building ApacheMonitor, so that Win32
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User and MSVC now trust that the project is current (when it is).
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [James Cox <imajes php.net>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_ext_filter: don't segfault if content-type is not set. PR 10617.
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater [Arthur P. Smith <apsmith aps.org>, Jeff Trawick]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) APR-Util Renames pending have been completed [Thom May]
1f4c645185bd8fc70048e0a69eee46193a284e5cTinderbox User *) Performance improvements for the code that reads request
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater headers (ap_rgetline_core() and related functions) [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add a new directive: MaxMemFree. MaxMemFree makes it possible
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User to configure the maximum amount of memory the allocators will
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater hold on to for reuse. Anything over the MaxMemFree threshold
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User will be free()d. This directive is useful when uncommon large
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater peaks occur in memory usage. It should _not_ be used to mask
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User defective modules' memory use. [Sander Striker]
324a8797b46d646fe8d3b2eef6785e0b2b3ac956Tinderbox User *) Fixed the Content-Length filter so that HTTP/1.0 requests to CGI
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater scripts would not result in a truncated response.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Ryan Bloom, Justin Erenkrantz, Cliff Woolley]
79b627f399ce925988bb326315e6742d5316cb6bTinderbox User *) Add a filter_init parameter to the filter registration functions
79b627f399ce925988bb326315e6742d5316cb6bTinderbox User so that a filter can execute arbitrary code before the handlers
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User are invoked. This resolves a problem where mod_include requests
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater would incorrectly return a 304. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix a long-standing bug in 2.0, CGI scripts were being called
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User with relative paths instead of absolute paths. Apache 1.3 used
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User absolute paths for everything except for SuExec, this brings back
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater that standard. [Ryan Bloom]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix infinite loop due to two HTTP_IN filters being present for
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater internally redirected requests. PR 10146. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Switch conn_rec->keepalive to an enumeration rather than a bitfield.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix mod_ext_filter to look in the main server for filter definitions
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater when running in a vhost if the filter definition is not found in
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User the vhost. PR 10147 [Jeff Trawick]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Support WinNT CGI invocation through ScriptInterpreterSource
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater 'registry' for script interpreter paths and names with non-ascii
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater characters in the executable filepath. [William Rowe]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) Support the -w flag on to keep the Win32 console open on error.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Normalize the hostname value in the request_rec to all-lowercase
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater [Perry Harrington <pedward webcom.com>]
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic Updater *) Fix WinNT cgi 500 errors when QUERY_ARGS or other strings include
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater extended characters (non US-ASCII) in non-utf8 format. This brings
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User Win32 back into CGI/1.1 compliance, and leaves charset decoding up
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to the cgi application itself. [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Major overhaul of mod_dav, mod_dav_fs and the experimental/cache
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User modules to bring them up to the current apr/apr-util APIs.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix segfault in mod_mem_cache most frequently observed when
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User serving the same file to multiple clients on an MP machine.
402eda3e7d4254ffac1543bf2917c71248a09e4cTinderbox User [Bill Stoddard]
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User *) mod_rewrite can now set cookies (RewriteRule (.*) - [CO=name:$1:.domain])
b4846627b60aff904d523a433b44482b3b1825a7Tinderbox User [Brian Degenhardt <bmd mp3.com>, Ian Holsman]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fix perchild to work with apachectl by adding -k support to perchild.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User PR 10074 [Jeff Trawick]
dc5552b4df5e3821783821c8d4e734c1608c446eTinderbox User *) Fix a silly htpasswd.c logic error that incorrectly reported that
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater both -c and -n had been used. PR 9989 [Cliff Woolley]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fixed a mod_include error case in which no HTTP response was sent
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to the client if an shtml document contained an unterminated SSI
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews directive [Brian Pane]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Improve ap_get_client_block implementation by using APR-util brigade
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews helper functions and relying on current filter assumptions.
114f7780384371121918624ae2c80ecfce545683Tinderbox User [Justin Erenkrantz]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterChanges with Apache 2.0.39
49ab13eefc8841ea42865ae09d5a2f760577089eTinderbox User *) Fixed a build problem in htpasswd.c on Win32.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Guenter Knauf <eflash gmx.net>, Cliff Woolley]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserChanges with Apache 2.0.38
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User *) Rewrite htpasswd to use APR. The removes the annoying warning about
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User tmpnam being unsafe. [Ryan Bloom]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) We must set the MIME-type for .shtml files to text/html if we want them
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User to be parsed for SSI tags. Add the config for that to the default
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User config file so that it is easier to enable .shtml parsing.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt [Dave Dyer <ddyer real-me.net>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fixed a problem with 'make install' on ReliantUnix.
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews [Jean-frederic Clere <jfrederic.clere fujitsu-siemens.com>]
114f7780384371121918624ae2c80ecfce545683Tinderbox User *) Make the default_handler catch all requests that aren't served by
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User another handler. This also gets us to return a 404 if a directory
42c81cf2de732ec6d00e73fc755a399ca037e543Mark Andrews is requested, there is no DirectoryIndex, and mod_autoindex isn't
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User loaded. [Justin Erenkrantz]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fixed the handling of nested if-statements in shtml files.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User PR 9866 [Brian Pane]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater *) Allow 'make install DESTDIR=/path'. This allows packagers to install
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater into a directory different from the one that was configured. This
71fc4775d04aea66809e3eb5b5159c55413bdc5cMark Andrews also mirrors the root= feature from 1.3. We cannot use prefix=,
71fc4775d04aea66809e3eb5b5159c55413bdc5cMark Andrews because both APR and APR-util resolve their installation paths at
71fc4775d04aea66809e3eb5b5159c55413bdc5cMark Andrews configuration time. This means that there is no variable prefix
7d704e522860496310bb29c28e76064868401a9cMark Andrews to replace. [Andreas Hasenack <andreas netbank.com.br>]
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews *) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater These levels of AIX don't have a thundering herd problem with
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater accept(). [Jeff Trawick]
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater *) prefork MPM: Ignore mutex errors during graceful restart. For
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater certain types of mutexes (particularly SysV semaphores), we
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater should expect to occasionally fail to obtain or release the
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater mutex during restart processing. [Jeff Trawick]
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater *) Fix install-bindist.sh so that it finds any perl instead of just
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater early perl 5.x versions. This is consistent with a build/install
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater from source, and it allows the perl scripts installed by a bindist
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater to work on systems with perl 5.6. [Jeff Trawick]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fix apxs so that the makefile created by "apxs -g" works on AIX and
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User Tru64 (and probably some other platforms). [Jeff Trawick]
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User *) Allow CGI scripts to return their Content-Length. This also fixes a
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User hang on HEAD requests seen on certain platforms (such as FreeBSD).
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Added log rotation based on file size to the RotateLog support
da24e725ff982595d74da7e75e9fbd6a696367ccAutomatic Updater utility. [Brad Nicholes]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix some casting in mod_rewrite which broke random maps.
99c231a3bd27893583204cd0a3e3103dc78dbc28Tinderbox User PR 9770 [Allan Edwards, Greg Ames, Jeff Trawick]
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark AndrewsChanges with Apache 2.0.37
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater *) allow POST method over SSL when per-directory client cert
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews authentication is used with 'SSLOptions +OptRenegotiate' enabled
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson and a client cert was found in the ssl session cache.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews session cache when there is no cert chain in the cache. prior to
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews the fix this situation would result in a FORBIDDEN response and
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews error message "Cannot find peer certificate chain"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Doug MacEachern]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews one was already sent. PR 9644 [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Fix the display of the default name for the mime types config
8bc3d252395842452a6d2c775cf8445f6349e331Tinderbox User file. PR 9729 [Matthew Brecknell <mbrecknell orchestream.com>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix the working directory *for WinNT/2K/XP services only* to
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater change to the Apache directory (one level above the location
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark Andrews of Apache.exe, in the case that Apache.exe resides in bin/.)
90cde4c188ac5bdea4f402b241c387c9cc9d4cc4Tinderbox User Solves the case of ServerRoot /foo paths where /foo was not
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User on the same drive as /winnt/system32. [William Rowe]
da59e63e7af147a8bcef985b98b04443e04c3a0eTinderbox User *) Make 2.0's "AcceptMutex" startup message now "completely"
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User match how 1.3 does it. [Jim Jagielski]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) Implement a fixed size memory cache using a priority queue
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Ian Holsman]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) Fix apxs to allow "apxs -q installbuilddir" and to allow
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater querying certain other variables from config_vars.mk. PR 9316
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater [Jeff Trawick]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Added the "detached" attribute to the cgi_exec_info_t internals
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater so that Win32 and Netware won't create a new window or console
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater for each CGI invoked. PR 8387
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Brad Nicholes, William Rowe]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Consolidated the command line parameters and attributes that are
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt manipulated by the optional function ap_cgi_build_command() in
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt mod_cgi into a single structure.
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt [Brad Nicholes]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Get rid of uninitialized value errors with "apxs -q" on certain
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt variables. [Stas Bekman <stas stason.org>]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Fix apxs to allow it to work when the build directory is somewhere
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt besides server-root/build. PR 8453
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt [Jeff Trawick and a host of others]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Allow ap_discard_request_body to be called multiple times in the
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt same request. Essentially, ap_http_filter keeps track of whether
1fdd58445074579ee3b65c871137a7a1740eb542Mark Andrews it has sent an EOS bucket up the stack, if so, it will only ever
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews send an EOS bucket for this request.
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews [Ryan Bloom, Justin Erenkrantz, Greg Stein]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Remove all special mod_ssl URIs. This also fixes the bug where
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User redirecting (.*) will allow an SSL protected page to be viewed
603cf17f33da24d460616389ec40d6f2a6e110a0Automatic Updater without SSL. [Ryan Bloom]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Fix the binary build install script so that the build logic
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater created by "apxs -g" will work when the user has a binary
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater build. [Jeff Trawick]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Allow instdso.sh to work with full paths to the shared module.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) NetWare: Enabled CGI functionality and added mod_cgi as a built
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater in module for NetWare [Brad Nicholes]
b5423cbff7175727ed9046c8c670d8a7bb4d01eaTinderbox User *) Changed cgi and piped log behavior to accept 65536 characters
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews on Win32 (matching Linux) before deadlocking between outputing
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater client stdin, slurping the output from stdout and then the stderr
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater stream. PR 8179 [William Rowe]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fixed Win32 wintty.exe support to assure the window title is valid.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User Elimiates possible gpfault or garbage title without the -t option.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [William Rowe]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews brigades and input filters. [Justin Erenkrantz]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User body. [Justin Erenkrantz]
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User *) NetWare: Piping log entries through RotateLogs using the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews CustomLogs directive is finally supported now that we have
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews the pipes and spawning functionality working.
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User [Brad Nicholes]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) SECURITY: CVE-2002-0392 (cve.mitre.org) [CERT VU#944335]
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater Detect overflow when reading the hex bytes forming a chunk line.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Aaron Bannert]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Allow RewriteMap prg:'s to take command-line arguments. PR 8464.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [James Tait <JTait wyrddreams.demon.co.uk>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Correctly return 413 when an invalid chunk size is given on
b5423cbff7175727ed9046c8c670d8a7bb4d01eaTinderbox User input. Also modify ap_discard_request_body to not do anything
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater on sub-requests or when the connection will be dropped.
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix the TIME_* SSL var lookups to be threadsafe. PR 9469.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Cliff Woolley]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) Ensure that apr_brigade_write() flushes in all of the cases that
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews it should to avoid conditions in some modules that could cause
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrews large amounts of data to be buffered. [Cliff Woolley]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix problem where mod_cache/mod_disk_cache was incorrectly
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews stripping the content_type from cached responses.
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews [Bill Stoddard]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) apachectl passes through any httpd options. Note: apachectl
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater should be used in preference to httpd since it ensures that any
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User appropriate environment variables have been set up.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater PR 7810 [Colm MacCarthaigh <colmmacc redbrick.dcu.ie>]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) Fix suexec execution of CGI scripts from mod_include.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 7791, 8291 [Colm MacCarthaigh <colmmacc redbrick.dcu.ie>]
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User *) Fix segfaults at startup on some platforms when mod_auth_digest,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_suexec, or mod_ssl were used as DSO's due to the way they
098097efb95046a4a5285b6dae95dea3e3b70853Automatic Updater were tracking the current init phase since DSO's get completely
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater unloaded and reloaded between phases. PR 9413.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater [Tsuyoshi Sasamoto <nazonazo super.win.ne.jp>, Brad Nicholes]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix mod_include's handling of regular expressions in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater "<!--#if" directives [Julius Gawlas <julius_gawlas hp.com>]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Fix the worker MPM deadlock problem [Brian Pane]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) Modify the module documentation to allow for translations.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Yoshiki Hayashi, Joshua Slive]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix a file permissions problem which prevented mod_disk_cache
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User from working on Unix. [Jeff Trawick]
faa406d25d1d73b04a1351d1e62ab55557ed61ebAutomatic Updater *) Add "-k start|restart|graceful|stop" support to httpd for the Unix
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater MPMs. These have semantics very similar to the old apachectl
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews commands of the same name. [Justin Erenkrantz, Jeff Trawick]
e705db6d5d886dc14f4a75a2046a075c0750e7eeAutomatic Updater *) Make sure that the runtime dir is created by make install.
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater PR 9233. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix an unusual set of ./configure arguments that could cause
d3ba57ed92b7095fdeabc444af5dd18ac4781064Tinderbox User mod_http to be built as a DSO, which it currently doesn't
faa406d25d1d73b04a1351d1e62ab55557ed61ebAutomatic Updater support. PR 9244.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Cliff Woolley, Robin Johnson <robbat2 orbis-terrarum.net>]
6c910bd5e4a85a56e3a61fdf7b237a45bb2553eeTinderbox User *) Win32: Fix bug in apr_sendfile() that caused incorrect operation
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User of the %X, %b and %B logformat options. PR 8253, 8996.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Bill Stoddard]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) If content-encoding is already present, do not run deflate (PR 9222)
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews [Kazuhisa ASADA <kaz asada.sytes.net>]
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User *) The APLOG_NOERRNO flag to ap_log_[r]error() is now deprecated.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User It is currently ignored and it will be removed in a future release
71fa3534bfaf174f6a938dc1ba3522f66606c4e1Mark Andrews of Apache. [Jeff Trawick]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Removed documentation references to the no-longer-supported
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User "make certificate" feature of mod_ssl for Apache 1.3.x. Test
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater certificates, if truly desired, can be generated using openssl
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater commands. PR 8724. [Cliff Woolley]
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt *) Remove SSLLog and SSLLogLevel directives in favor of having
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt mod_ssl use the standard ErrorLog directives. [Justin Erenkrantz]
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt *) OS/390: LIBPATH no longer has to be manually uncommented in
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt envvars to get apachectl to set up httpd properly. [Jeff Trawick]
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt *) mod_isapi: All mod_isapi directives, excluding ISAPICacheFile,
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User may now be specified to the <File/Directory > container, rather
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater than by vhost. [William Rowe]
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater *) mod_isapi: Experimental support for faux async support for ISAPI
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User modules. [William Rowe]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) mod_isapi: Major refactoring of the code to rely on apr internals
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User rather than MS APIs (using our own mod_isapi.h headers for ISAPI
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User symbol definitions.) [William Rowe]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) mod_isapi: Fixed the return string length from GetServerVariable
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User callback, it was not including the trailing null in the consumed
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User buffer size. This was particularly bad for Delphi 6.0 users.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 8934 [Sebastian Hantsch <sebastian.hantsch gmx.de>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fixed Win32 builds for Microsoft VisualStudio 7.0 (.net).
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Make apxs look in the correct directory for envvars. It was
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User broken when sbindir != bindir. PR 8869
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Andreas Sundström <sunkan zappa.cx>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix mod_deflate corruption when using multiple buckets. PR 9014.
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User [Asada Kazuhisa <kaz asada.sytes.net>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Performance enhancements for access logger when using
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User default timestamp formatting [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Added EnableMMAP config directive to enable the server
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater administrator to disable memory-mapping of delivered files
4cde88fbf4c5e78a785d40f364cdcf60f3575f0cTinderbox User on a per-directory basis. [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Performance enhancements for mod_setenvif [Brian Pane]
1ac49378a458420bc685293d12e567d7222d17b6Tinderbox User *) Fix a mod_ssl build problem on OS/390. [Jeff Trawick]
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User *) Fixed If-Modified-Since on Win32, which would give false positives
681beefc668253b3e469a1de282fbc33a3752422Automatic Updater because of the sub-second resolution of file timestamps on that
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User platform. [Cliff Woolley]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Reverse the hook ordering for mod_userdir and mod_alias so
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User that Alias/ScriptAlias will override Userdir. PR 8841
b16e2045ac28229c31f1ea3ebad15cbcb13e1d24Automatic Updater [Joshua Slive]
b3386fba31414344f38f0c30849c056dceb22dceTinderbox User *) Move mod_deflate out of experimental and into filters.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Get proxy CONNECT basically working. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix mod_rewrite hang when APR uses SysV Semaphores and
4cde88fbf4c5e78a785d40f364cdcf60f3575f0cTinderbox User RewriteLogLevel is set to anything other than 0. PR: 8143
71bfd0968456cc0c69fd400d2dafd02977c649d2Tinderbox User [Aaron Bannert, Cliff Woolley]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix byterange requests from returning 416 when using dynamic data
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User (such as filters like mod_include). [Justin Erenkrantz]
6c910bd5e4a85a56e3a61fdf7b237a45bb2553eeTinderbox User *) Allow mod_rewrite's set of "int:" internal RewriteMap functions
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to be extended by third-party modules via an optional function.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews [Tahiry Ramanamampanoharana <nomentsoa hotmail.com>, Cliff Woolley]
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic Updater *) Fix mod_include expression parser's handling of unquoted strings
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User followed immediately by a closing paren. PR 8462. [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Remove autom4te.cache in 'make distclean'.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Thom May <thom planetarytramp.net>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix generated httpd.conf to respect layout for LoadModule lines.
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User PR 8170. [Thom May <thom planetarytramp.net>]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Win32: During a graceful restart, threads in the new process
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User were accessing scoreboard slots still in use by active threads in
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews the old process. [Bill Stoddard]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserChanges with Apache 2.0.36
ca5ba35827e475a824ec79d489dbcdb3341a35ccTinderbox User *) Fix some minor formatting issues with ab. Part of this is
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User in reference to PR 8544, the rest I noticed while testing
71fa3534bfaf174f6a938dc1ba3522f66606c4e1Mark Andrews the PR fix. [Paul J. Reder]
1fdd58445074579ee3b65c871137a7a1740eb542Mark Andrews *) Fix a case where an invalid pass phrase is entered and an
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews error message is given, but the prompt is not shown again.
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews This left the user in an ambiguous state. PR 8320 [Paul J. Reder]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Close sockets on worker MPM when doing a graceless restart.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Aaron Bannert]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) Reverted a minor optimization in mod_ssl.c that used the vhost ID
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User as the session id context rather that a MD5 hash of that vhost ID,
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User because it caused very long vhost id's to be unusable with mod_ssl.
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews PR 8572. [Cliff Woolley]
6c910bd5e4a85a56e3a61fdf7b237a45bb2553eeTinderbox User *) Fix the link to the description of the CoredumpDirectory
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews directive in the server-wide document. PR 8643. [Jeff Trawick]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fixed SHMCB session caching. [Aaron Bannert, Cliff Woolley]
fd0f3e7cd8bc0e7fd08cc81ceb6ced861b706c97Mark Andrews *) Synced with remaining changes from mod_ssl 2.8.8-1.3.24:
71fa3534bfaf174f6a938dc1ba3522f66606c4e1Mark Andrews - Avoid SIGBUS on sparc machines with SHMCB session caches
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater - Allow whitespace between the pipe and the name of the
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews program in SSLLog "| /path/to/program". [Cliff Woolley]
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User *) Introduce mod_ext_filter and mod_deflate experimental modules
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User to the Win32 build (zlib sources must be in srclib\zlib.)
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox User [William Rowe]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Changes to the worker MPM's queue management and thread
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User synchronization code to reduce mutex contention [Brian Pane]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Don't install *.in configuration files since we already install
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *-std.conf files. [Aaron Bannert]
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User *) Many improvements to the threadpool MPM. [Aaron Bannert]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix subreqs that are promoted via fast_redirect from having invalid
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater frec->r structures. This would cause subtle errors later on in
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater request processing such as seen in PR 7966. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) More efficient pool recycling logic for the worker MPM [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Modify the worker MPM to not accept() new connections until
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User there is an available worker thread. This prevents queued
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater connections from starving for processing time while long-running
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater connections were hogging all the available threads. [Aaron Bannert]
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt *) Convert the worker MPM's fdqueue from a LIFO back into a FIFO.
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt [Aaron Bannert]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Get basic HTTP proxy working on EBCDIC machines. [Jeff Trawick]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Allow mod_unique_id to work on systems with no IPv4 address
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater corresponding to their host name. [Jeff Trawick]
ce0fd07045292942bfa3e755d9ce596941528a63Automatic Updater *) Fix suexec behavior with user directories. PR 7810.
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Colm <colmmacc redbrick.dcu.ie>]
04bc14c887243e624469fdbd336c1d3cb8ed7cc7Tinderbox User *) Reject a blank UserDir directive since it is ambiguous. PR 8472.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Make mod_mime use case-insensitive matching when examining
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews extensions on all platforms. PR 8223. [Justin Erenkrantz]
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater *) Add an intelligent error message should no proxy submodules be
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User valid to handle a request. PR 8407 [Graham Leggett]
c6517a807173827b8f638d31303805ee4c1d8054Automatic Updater *) Major improvements in concurrent processing for AB by enabling
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews non-blocking connect()s and preventing APR from doing blocking
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews read()s. Also implement fatal error checking for apr_recv().
04bc14c887243e624469fdbd336c1d3cb8ed7cc7Tinderbox User [Aaron Bannert]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Fix Win32 NTFS Junctions (symlinks). PR 8014 [William Rowe]
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User *) Fix Win32 'short name' aliases in httpd.conf directives.
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox User PR 8009 [William Rowe]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix generation of default httpd.conf when the layout paths are
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater disjoint. PR 7979, 8227. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Swap downgrade-1.0 and force-response-1.0 conditional checks so
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater that downgraded responses can have force-response. PR 8357.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [Justin Erenkrantz]
faa406d25d1d73b04a1351d1e62ab55557ed61ebAutomatic Updater *) Fix perchild MPM so that it can be configured with the move to the
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews experimental directory. [Scott Lamb <slamb slamb.org>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix perchild MPM so that it uses ap_gname2id for groups instead of
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater ap_uname2id. [Scott Lamb <slamb slamb.org>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix AcceptPathInfo. PR 8234 [Cliff Woolley]
0ead2ac0a4b59c3e4a731027f0f66fbe602b1289Tinderbox User *) SECURITY: CVE-2002-1592 (cve.mitre.org) [CERT VU#165803]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User Added the APLOG_TOCLIENT flag to ap_log_rerror() to
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater explicitly tell the server that warning messages should be sent
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to the client in addition to being recorded in the error log.
d98b4b724343547314bde32a54966c8f124a5f03Mark Andrews Prior to this change, ap_log_rerror() always sent warning
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews messages to the client. In one case, a faulty CGI script caused
78bc8fdc2488c92d7228e8de19827e2c114c56caAutomatic Updater the server to send a warning message to the client that contained
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt the full path to the CGI script. This could be considered a
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt minor security exposure. [Bill Stoddard]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_autoindex output when SuppressRules was specified would
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater omit the first carriage return so the first item in the list
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater would appear to the right of the column headings instead of
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews underneath them. PR 8016 [David Shane Holden <dpejesh yahoo.com>]
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson *) Moved the call to apr_mmap_dup outside the error branch so
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews that it would actually get called. This fixes a core dump
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews at init everytime you use the MMapFile directive. PR 8314
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Paul J. Reder]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Trigger an error when a LoadModule directive attempts to
cd6e9010079a4e58f7e30063df3dec0ff154ad59Tinderbox User load a module which is built-in. This is a common error when
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews switching from a DSO build to a static build. [Jeff Trawick]
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater *) Change instdso.sh to use libtool --install everywhere and then
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews clean up some stray files and symlinks that libtool leaves around
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt on some platforms. This gets subversion building properly since
e705db6d5d886dc14f4a75a2046a075c0750e7eeAutomatic Updater it needed a re-link to be performed by libtool at install time,
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User and the old instdso.sh logic to simply cp the DSO didn't handle
04bc14c887243e624469fdbd336c1d3cb8ed7cc7Tinderbox User that requirement. [Sander Striker]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Allow VPATH builds to succeed when configured from an empty
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater directory. [Thom May <thom planetarytramp.net>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix 'control reaches end of non-void function' warning in
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews server/log.c. [Ben Collins-Sussman <sussman collab.net>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Perchild MPM is now correctly deemed as experimental and is now
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews located in server/mpm/experimental. [Justin Erenkrantz]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Fix segfault in mod_mem_cache when garabge collecting an expired
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User cache entry. [Bill Stoddard]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Introduced -E startup_logfile_name option to httpd to allow admins
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User to begin logging errors immediately. This provides Win32 users
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User an alternative to sending startup errors to the event viewer, and
40696c4c389a780082fb77840c173b201ce696d6Automatic Updater allows other daemon tool authors an alternative to logging to stderr.
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User [William Rowe]
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User *) Fix subreqs with non-defined Content-Types being served improperly.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Merge in latest GNU config.guess and config.sub files. PR 7818.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Move 100 - Continue support to the HTTP_IN filter so that filters
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater are guaranteed to support 100 - Continue logic without any
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User intervention. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add HTTP chunked input trailer support. [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Rename and export get_mime_headers as ap_get_mime_headers.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Justin Erenkrantz]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Allow empty Host: header arguments. PR 7441. [Justin Erenkrantz]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Properly substitute sbindir as httpd's location in apachectl. PR 7840.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Andreas Hasenack <andreas netbank.com.br>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Allow Win32 shebang scripts to follow the path (or omit the .exe
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User suffix from the shebang command), and allow ScriptInterpreterSource
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Registry or RegistryStrict to override shebang lines, as 1.3 did.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 8004 [William Rowe]
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson *) worker MPM: Fix a situation where a child exited without releasing
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews the accept mutex. Depending on the OS and mutex mechanism this
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson could result in a hang. [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Update the instructions for how to get started with mod_example.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Stas Bekman]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fix PidFile to default to rel_runtimedir instead of
71fa3534bfaf174f6a938dc1ba3522f66606c4e1Mark Andrews rel_logfiledir. PR 7841. [Andreas Hasenack <andreas netbank.com.br>]
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User *) Win32: Fix problem that caused rapid performance degradation
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater when number of connecting clients exceeded ThreadsPerChild.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Bill Stoddard]
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews *) Fixed a segfault parsing large SSIs on non-mmap systems.
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews [Brian Havard]
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews *) Proxy was bombing out every second keepalive request, caused by a
faa406d25d1d73b04a1351d1e62ab55557ed61ebAutomatic Updater stray CRLF before the second response's status line. Proxy now
e5fe07a7ebff18f7ed4ac434b37daff6c8ee5d5bAutomatic Updater tries to read one more line if it encounters a CRLF where it
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater expected a status. PR 10010 [Graham Leggett]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Deprecated the apr_lock.h API. Please see the following files
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User for the improved thread and process locking and signaling:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater apr_proc_mutex.h, apr_thread_mutex.h, apr_thread_rwlock.h,
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater apr_thread_cond.h, and apr_global_mutex.h. [Aaron Bannert]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Change mod_status to use scoreboard accessor functions so it can
e4757e3dafe50ae59f693eec828f68c42c197a70Andreas Gustafsson be used in any MPM without having to be recompiled.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Ryan Morgan <rmorgan covalent.net>]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fix parsing of some AP_DECLARE_DATA declarations so that the filter
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews handle declarations are recognized. This fixes problems loading
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater mod_autoindex on some platforms. [Brian Havard]
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User *) add optional fixup hook to proxy [Daniel Lopez <daniel covalent.net>]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Remind the admin about the User and Group directives when we are
a900e4f99ff134b567b6df5ac2c841c7d0c551d3Automatic Updater unable to set permissions on a semaphore. PR 7812 [Jeff Trawick]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) fix possible compilation problem in ssl_engine_kernel.c. PR 7802
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User [Doug MacEachern]
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews *) fix possible infinite loop in mod_ssl triggered by certain
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User netscape clients [Doug MacEachern]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) fix ProxyPass when frontend is https and backend is http
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User [Doug MacEachern]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Add DASL support to mod_dav
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Sung Kim <hunkim cse.ucsc.edu>]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterChanges with Apache 2.0.35
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_rewrite: updated to use the new APR global mutex type.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Aaron Bannert]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Fixes for mod_include errors on boundary conditions in which
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater "<!--#" occurs at the very end of a bucket
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Paul Reder, Brian Pane]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) worker, prefork, perchild, beos MPMs: Add -DFOREGROUND switch to
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User cause the Apache parent process to run in the foreground (similar to
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User -DNO_DETACH except that it doesn't switch session ids).
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) Added support for Posix semaphore mutex locking (AcceptMutex posixsem)
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews for those platforms that support it. If using the default
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews implementation, this is between pthread and sysvsem in priority.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews This implies it's the new default for Darwin. [Jim Jagielski]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) AIX: Fix the syntax for setting the LDR_CNTRL and AIXTHREAD_SCOPE
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User environment variables in the envvars file. [Jeff Trawick]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) worker MPM: Don't create a listener thread until we have a worker
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews thread. Otherwise, in situations where we'll have to wait a while
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews to take over scoreboard slots from a previous generation, we'll be
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User accepting connections we can't process yet. [Jeff Trawick]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Allow worker MPM to build on systems without pthread_kill().
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User [Pier Fumagalli, Jeff Trawick]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Prevent ap_add_output_filters_by_type from being called in
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User ap_set_content_type if the content-type hasn't changed.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Justin Erenkrantz]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Performance: implemented the bucket allocator made possible by the
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews API change in 2.0.34. [Cliff Woolley]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Don't allow initialization to succeed if we can't get a socket
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews corresponding to one of the Listen statements. [Jeff Trawick]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox UserChanges with Apache 2.0.34
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Allow all Perchild directives to accept either numerical UID/GID
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User or logical user/group names. [Scott Lamb <slamb slamb.org>]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Make Perchild compile cleanly and serve pages again. [Ryan Bloom]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) implement ssl proxy to support ProxyPass / https:// and the
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews SSLProxy* directives [Doug MacEachern]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Update mod_cgid to not do single-byte socket reads for CGI headers
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Brian Pane]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Made AB's use of the Host: header rfc2616 compliant
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews by Taisuke Yamada <tai iij.ad.jp> [Dirk-Willem van Gulik].
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) The old, legacy (and unused) code in which the scoreboard was totally
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews and completely contained in a file (SCOREBOARD_FILE) has been
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User removed. This does not affect scoreboards which are *mapped* to
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews files using named-shared-memory. [Jim Jagielski]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Change bucket brigades API to allow a "bucket allocator" to be
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews passed in at certain points. This allows us to implement freelists
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews so that we can stop using malloc/free so frequently.
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User [Cliff Woolley, Brian Pane]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Add support for macro expansion within the variable names in
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User <!--#echo--> and <!--#set--> directives [Brian Pane]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Fix some mod_include segfaults [Cliff Woolley, Brian Pane, Brad Nicholes]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) Update the "RedHat" Layout to match Red Hat Linux version 7. PR BZ-7422
e23256e740b238bddb4ba41ffac5f81a01c92245Automatic Updater *) add compat layer to support RSA SSLC 1.x and 2.x in mod_ssl
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User [Jon Travis, John Barbee, William Rowe, Ryan Bloom, Doug MacEachern]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Add a new parameter to the quick_handler hook to instruct
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User quick handlers to optionally do a lookup rather than actually
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater serve content. This is the first of several changes required fix
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater several problems with how quick handlers work with subrequests.
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater [Bill Stoddard]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) worker MPM: Get MaxRequestsPerChild to work again. [Jeff Trawick]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) [APR-related] The ordering of the default accept mutex method has
cd6e9010079a4e58f7e30063df3dec0ff154ad59Tinderbox User been changed to better match what's done in Apache 1.3. The ordering
cd6e9010079a4e58f7e30063df3dec0ff154ad59Tinderbox User is now (highest to lowest): pthread -> sysvsem -> fcntl -> flock.
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater [Jim Jagielski]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Ensure that the build/ directory is created when using VPATH.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson [Justin Erenkrantz]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Add some popular types to the mime magic file. PR 7730.
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews [Linus Walleij <triad df.lth.se>, Justin Erenkrantz]
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews *) Remove the single-byte socket reads for CGI headers [Brian Pane]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) When a proxied site was being served, Apache was replacing
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User the original site Server header with it's own, which is not
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews allowed by RFC2616. Fixed. [Graham Leggett]
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User *) Fix a mod_cgid problem that left daemon processes stranded
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User in some server restart scenarios. [Jeff Trawick]
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User *) Added exp_foo and rel_foo variables to config_vars.mk for
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox User all Apache and Autoconf path variables (like --sysconfdir,
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User --sbindir, etc). exp_foo is the "expanded" version, which means
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User that all internal variable references have been interpolated.
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt rel_foo is the same as $exp_foo, only relative to $prefix if they
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt share a common path. [Aaron Bannert]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Fix some restart/terminate problems in the worker MPM. Don't
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt drop connections during graceful restart. [Jeff Trawick]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Change the header merging behaviour in proxy, as some headers
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt (like Set-Cookie) cannot be unmerged due to stray commas in
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt dates. [Graham Leggett]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Be more vocal about what AcceptMutex values we allow, to make
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt us closer to how 1.3 does it. [Jim Jagielski]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Get nph- CGI scripts working again. PRs 8902, 8907, 9983
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt [Jeff Trawick]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Upgraded PCRE library to latest version 3.9 [Brian Pane]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Add accessor function to set r->content_type. From now on,
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt ap_rset_content_type() should be used to set r->content_type.
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt This change is required to properly implement the
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt AddOutputFilterByType configuration directive.
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt [Bill Stoddard, Sander Striker, Ryan Bloom]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Add new M_FOO symbols for the WebDAV/DeltaV methods specified by
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt RFC 3253. Improved the method name/number mapping functions.
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt [Greg Stein]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) remove sock_enable_linger from connection.c [Ian Holsman]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) Fix for virtual host processing where the requested hostname
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt has a '.' at the end (PR 9187) [Ryan Cruse <ryan estara.com>]
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt *) mod_dav's APIs for REPORT response handling was changed so that
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt providers can generate the content directly into the output filter
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt stack, rather than buffering the response into memory. [Greg Stein]
713c3d5b18463f2479973e4d14f73248e60a5df7Mark Andrews *) Fix a hang condition with graceful restart and prefork MPM
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User in the situation where MaxClients is very high but
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User much fewer servers are actually started at the time of the
37d8e0a4455876fe1e4cca511076cc2c5ab9eedeTinderbox User restart. [Jeff Trawick]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Small performance fixes for mod_include [Brian Pane]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Performance improvement for the error logger [Brian Pane]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Change configure so that Solaris 8 and above have
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews SINGLE_LISTEN_UNSERIALIZED_ACCEPT defined by default.
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews according to sun people solaris 8+ doesn't have a thundering
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews herd problem [Ian Holsman]
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews *) Allow URIs specifying CGI scripts to include '/' at the end
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson (e.g., /cgi-bin/printenv/) on AIX and Solaris (and other OSs
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews which ignore '/' at the end of the names of non-directories).
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 10138 [Jeff Trawick]
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User *) implement SSLSessionCache shmht and shmcb based on apr_rmm and
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews apr_shm. [Madhusudan Mathihalli <madhusudan_mathihalli hp.com>]
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrews *) Fix apxs -g handling. Move config_vars.mk from the top build
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrews directory to the build directory. PR 10163 [Jeff Trawick]
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrews *) Fix some mod_include problems which broke evaluation of some
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrews expressions. PR 10108 [Jeff Trawick]
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User *) Fix the calculation of request time in mod_status. [Stas Bekman]
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox User *) Fix the calculation of thread_num in the worker score structure.
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User [Stas Bekman]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Use apr_atomic operations in managing the mod_mem_cache
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User cache_objects for SMP scalability. (see USE_ATOMICS
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User preprocessor directive in mod_file_cache)
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add filehandle caching to mod_mem_cache. (see CACHE_FD
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User preprocessor directive in mod_file_cache)
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Implement prototype mod_disk_cache for use with mod_cache.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add a missing manualdir entry in the Debian config.layout.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Thom May <thom planetarytramp.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Stop installing libtool for APR and tell APR where it should place
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User its copy of libtool (via our installbuildpath layout variable).
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) New directive ProxyIOBufferSize. Sets the size of the buffer used
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User when reading from a remote HTTP server in proxy. [Graham Leggett]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Modify receive/send loop in proxy_http and proxy_ftp so that
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews should it be necessary, the remote server socket is closed before
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User transmitting the last buffer (set by ProxyIOBufferSize) to the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User client. This prevents the backend server from being forced to hang
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User around while the last few bytes are transmitted to a slow client.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User Fix the case where no error checking was performed on the final
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User brigade in the loop. [Graham Leggett]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Scrap CacheMaxExpireMin and CacheDefaultExpireMin. Change
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User CacheMaxExpire and CacheDefaultExpire to use seconds rather than
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User hours. [Graham Leggett, Bill Stoddard]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) New Directive SSIUndefinedEcho. to change the '(none)' echoed
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews for a undefined variable. [Ian Holsman]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Proxy HTTP and CONNECT: Keep trying other addresses from the DNS
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews when we can't get a socket in the specified address family. We may
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User have gotten back an IPv6 address first and yet our system is not
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User configured to allow IPv6 sockets. [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Be more careful about recursively removing CVS directories. Make
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User sure that we aren't cd'ing to their home directory first. PR: 9993
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Aaron Bannert, James LewisMoss <dres lewismoss.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add a missing errordir entry in the Debian config.layout. PR: 10067
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Dirk-Jan Faber <dirk-jan selwerd.nl>, Aaron Bannert,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User Thom May <thom planetarytramp.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Rename the filter ordering priorities. The recent filtering fixes
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User have showcased problems with their usage. Therefore, we need to
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User rename them to increase the clarity. (CONTENT->RESOURCE,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User HTTP_HEADER->CONTENT_SET/PROTOCOL) [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserChanges with Apache 2.0.33
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix a problem in the new --enable-layout functionality where
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User it wouldn't allow overrides from variables like --prefix,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User --bindir, etc. [Thom May <thom planetarytramp.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix a bug in the core input filter for AP_MODE_EXHAUSTIVE. It
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User no longer hangs around waiting for the socket to close before
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User returning exhaustive data. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) rename apr_exploded_time_t to apr_time_exp_t (as per renames pending)
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Thom May <thom planetarytramp.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Change mod_ssl to always do a full startup/teardown on restarts.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User this allows mod_ssl to be added to a server that is already
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User running and makes it possible to add/change certs/keys after the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User server has been started. [Doug MacEachern]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User This pipe must be a bidirectional 'console' style relay, which
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User mod_ssl prints all prompts to the pipe's stdin, and reads the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User passphrases from the pipe's stdout. [William Rowe]
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews *) Fix bug where --sysconfdir and --localstatedir were being
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User ignored. [Thom May <thom planetarytramp.net>, Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix --enable-layout to work again. Caution: When specifying
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User --enable-layout, common arguments like --prefix, --exec-prefix,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User etc. will be ignored and the settings from the layout will be
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User used instead. [Thom May <thom planetarytramp.net>, Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User PR 9124, 9873, 9885
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) New Directive for mod_proxy: ProxyRemoteMatch. This provides
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User regex pattern matching for the determination of which requests
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User to use the remote proxy for. [Jim Jagielski]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix CustomLog bytes-sent with HTTP 0.9. [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Prevent Apache from ignoring SIGHUP due to some lingering 1.3
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User cruft in piped logs and rewritemap child processes.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [William Rowe]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) All instances of apr_lock_t have been removed and converted
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews to one of the following new lock APIs: apr_thread_mutex.h,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User apr_proc_mutex.h, or apr_global_mutex.h. No new code should
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User use the apr_lock.h API, as the old API will soon be deprecated.
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews [Aaron Bannert]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Merged in changes to mod_ssl up through 2.8.7-1.3.23.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Ralf S. Engelschall, Cliff Woolley]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) mod-include: make it handle flush'es and fix the 'false-alarm'
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Justin Erenkrantz, Brian Pane, Ian Holsman]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) ap_get_*_filter_handle() functions to allow 3rd party modules
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User to lookup filter handles so they can bypass the filter name
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User lookup when adding filters to a request (via ap_add_*_filter_handle())
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Ryan Morgan <rmorgan covalent.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix for multiple file buckets on Win32, where the first file
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User bucket would cause the immediate closure of the socket on any
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User non-keepalive requests. [Ryan Morgan <rmorgan covalent.net>]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Correct Win32 failure of mmap of a segment beyond start of the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User file; fixes large SSL and similar transfers. [William Rowe]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Implement apr_proc_detach changes and allow -DNO_DETACH in the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User multi-process mode to not "daemonize" while detaching from the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User controlling terminal. This is necessary for Apache to work with
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User process-management tools like AIX's "System Resource Controller"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User as well as Dan Bernstein's "daemontools".
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Jos Backus <josb cncdsl.com>, Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Convert mod_auth_digest to use the new apr_global_mutex_t
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User type. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) fix bug in mod-include where it wouldn't send a unmatched
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews part if it was at the end of a bucket [Ian Holsman]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) worker MPM: Improve logging of errors with the interface between
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User the listener thread and worker threads. [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Some browsers ignore cookies that have been merged into a
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User single Set-Cookie header. Set-Cookie and Set-Cookie2 headers
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User are now unmerged in the http proxy before being sent to the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User client. [Graham Leggett]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix a problem with proxy where each entry of a duplicated
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User header such as Set-Cookie would overwrite and obliterate the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User previous value of the header, resulting in multiple header
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User values (like cookies) going missing.
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews [Graham Leggett, Joshua Slive]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Add the server-limit and thread-limit values to the scoreboard
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User for the sake of third-party applications.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Adam Sussman <myddryn vishnu.vidya.com>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix segfault when proxy recieves an invalid HTTP response [Ian Holsman]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) OS/390: Get make install to properly copy DSO modules.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Win32: Fix bug in mod_status with displaying "Restart Time"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User and "Server uptime".
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix IPv6 name-based virtual hosts. [Jeff Trawick]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Introduce AddOutputFilterByType directive. [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix DEBUG_CGI support in mod_cgi. PR 9670, 9671.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [David MacKenzie <djm pix.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix incorrect check for script_in in mod_cgi. PR 9669.
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews [David MacKenzie <djm pix.net>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix segfault and display error when SSLMutex file can not be
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User created. [Adam Sussman <myddryn vishnu.vidya.com>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add reference counting to mod_mem_cache cache objects to
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User better manage removing objects from the cache.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Change the verbage on the ScoreBoardFile in our default configs.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User Also change the default to be commented out (unspecified) so we
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User get anonymous shared memory by default. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Implement new ScoreBoardFile directive logic. This affects how
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User we create the scoreboard's shared memory segment. If the directive
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews is present, a name-based segment is created. If the directive is
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User not present, first an anonymous segment is created, and if that
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User fails, a name-based segment is created from a file of the name
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User DEFAULT_SCOREBOARD. This gives third-party applications the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User ability to access our scoreboard. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Allow mod_deflate to work with non-GET requests and properly send
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User Content-Lengths. [Sander Striker <striker apache.org>]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix ap_directory_merge() to correctly merge configs when there is
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews no <Directory /> block. [Justin Erenkrantz, William Rowe]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) Remove spurious debug messsages that are normal under HTTP
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User keep-alive logic. [Jeff Trawick, Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix a bug in mod_cgid that would prevent proper shutdown death
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User of the cgid process. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add signal handling back in to the worker MPM for the one_process
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User (-X, -DDEBUG, -DONE_PROCESS) case. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Performance: Reuse per-connection transaction pools in the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User worker MPM, rather than destroying and recreating them. [Brian Pane]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Remove all signals from the worker MPM's child process. Instead,
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater the parent uses the Pipe of Death for all communication with the
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater child processes. [Ryan Bloom]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserChanges with Apache 2.0.32
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) mod_negotiation: ForceLanguagePriority now uses 'Prefer' as the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User default if the directive is not specified. This mirrors older
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User behavior without changes to the httpd.conf. [William Rowe]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Win32: solve the win32 service problems in 2.0.31-alpha, by fixing
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User the service, mpm and logging code, and bugs in apr_file_open_stderr
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User and apr_file_dup2 functions. Win2K/XP services have no handles
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews associated for stdin/out/err, which caused unpredictable behavior
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User in the prior release. [William Rowe, Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Win32: simplify the Application Event Log messages, since there isn't
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews likely to be 'more information in the error log' before an error log
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User has been opened. [William Rowe]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Win32: substantial cleanup to the mpm_winnt code for legibility and
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews to follow the program flow of other MPMs. [Ryan Bloom, William Rowe]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Win32: apache -k shutdown now behaves like apache -k stop.
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews [Bill Stoddard]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix prefork to not kill the parent if a child hits a resource shortage
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User on accept(). [Greg Ames]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix seg faults that occur when what should be the httpd request line
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater starts with \r\n followed by garbage. [Greg Ames]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Allow statically linked support binaries with the new
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User --enable-static-support flag, and enable this behavior in
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User the binbuild script. Also add a new --enable-static-htdbm
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User flag. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Allow mod_autoindex to serve symlinks if permitted and attempt to
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User do only one stat() call when generating the directory listings.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Fix resolve_symlink to save the original symlink name if known.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Justin Erenkrantz]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Be a bit more sane with regard to CanonicalNames. If the user has
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews specified they want to use the CanonicalName, but they have not
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User configured a port with the ServerName, then use the same port that
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User the original request used. [Ryan Bloom and Ken Coar]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) In core_input_filter, check for an empty brigade after
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User client says it will post some data but we get FIN before any
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User data arrives. [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Not being able to bind to the socket is a fatal error. We should
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User print an error to the console, and return a non-zero status code.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User With these changes, all of the Unix MPMs do that correctly.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) suexec: Allow HTTPS and SSL_* environment variables to be passed
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User through to CGI scripts. PR 9163
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Brian Reid <breid customlogic.com>,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) binbuild.sh: Make sure that we use the expat from our source
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User tree so that there aren't any surprises on the target machine.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) mod_cgid: Add retry logic for when the daemon can't fork fast
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User enough to keep up with new requests. Start using
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User HTTP_SERVER_UNAVAILABLE instead of HTTP_INTERNAL_SERVER_ERROR
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User when we can't talk to the daemon. [Jeff Trawick]
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews *) apxs: LTFLAGS envvar can override default libtool options. Try
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews "LTFLAGS=' ' apxs -c mod_foo.c" to see what libtool does under
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews the covers. [Jeff Trawick]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) The Location: response header field, used for external
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User redirect, *must* be an absoluteURI. The Redirect directive
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User tested for that, but RedirectMatch didn't -- it would allow
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User almost anything through. Now it will try to turn an abs_path
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User into an absoluteURI, but it will correctly varf like Redirect
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User if the final redirection target isn't an absoluteURI. [Ken Coar]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserChanges with Apache 2.0.31
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Create the scoreboard (in the parent) in a global pool context,
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User so it survives graceful restarts. This fixes a SEGV during
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews graceful restarts. [Aaron Bannert]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) Add a timeout option to the proxy code 'ProxyTimeout'
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User [Ian Holsman]
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User *) FTP directory listings are now always retrieved in ASCII mode.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User The FTP proxy properly escapes URI's and HTML in the generated
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User listing, and escapes the path components when talking to the FTP
017d755d7a606dfb1e02a9d6e2b29e49e39fde16Tinderbox User server. It is now possible to browse the root directory by using
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater a url like: ftp://user@host/%2f/ (ported from apache_1.3.24)
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews Also, the last path component may contain wildcard characters
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater '*' and '?', and if they do, a directory listing is created instead
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater of a file retrieval. Example: ftp://user@host/httpd/server/*.c
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updater [Martin Kraemer]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Added single-listener unserialized accept support to the
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews worker MPM [Brian Pane]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) New Directive for mod_proxy: 'ProxyPreserveHost'. This passes
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User the incoming host header through to the proxied server
be41770245bd56746fbb61f9b5ba0aca683f318eTinderbox User *) New Directive Option for ProxyPass. It now can block a location
200a9e7da827b67d99193bf793aea9f3e3fa1b43Tinderbox User from being proxied [Jukka Pihl <jukka.pihl entirem.com>]
af9dbf1ccdd53933aaae9300d13ce0965d39b067Evan Hunt *) Don't let the default handler try to serve a raw directory. At
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox User best you get gibberish. Much worse things can happen depending
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User on the OS. [Jeff Trawick]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Change the pre_config hook to return a value. Modules can now emit
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews an error message and then cause the server to quit gracefully during
8f2c45a35dd8c40bcc9caba8f7d40ce64fc27bcdAutomatic Updater startup. This required a bump to the MMN. [Aaron Bannert]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Fix some unix socket descriptor leaks in the handler side of
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User mod_cgid (the part that runs in the server process). Whack a
af9dbf1ccdd53933aaae9300d13ce0965d39b067Evan Hunt silly "close(-1)" in the handler too. [Jeff Trawick]
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User *) Change the pre_mpm hook to return a value, so that scoreboard
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User init errors percolate up to code that knows how to exit
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User cleanly. This required a bump to the MMN. [Jeff Trawick]
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User *) Add the socket back to the conn_rec and remove the create_connection
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User hook. The create_connection hook had a design flaw that did not
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrews allow creating connections based on vhost info. [Bill Stoddard]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Fixed PATH_INFO and QUERY_STRING from mod_negotiation results.
7ac34650fa344f42211d6da744ae486b0145a083Tinderbox User Resolves the common case of using negotation to resolve the request
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User /script/foo for /script.cgi/foo. [William Rowe]
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews *) Added new functions ap_add_(input|output)_filter_handle to
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews allow modules to bypass the usual filter name lookup when
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews adding hard-coded filters to a request [Brian Pane]
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User *) caching should now work on subrequests (still very experimental)
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User [Ian Holsman]
[Joe Orton <joe manyfish.co.uk>]
[Madhusudan Mathihalli <madhusudan_mathihalli hp.com>, Bill Stoddard]
filter stack when handling a GET request. The mod_dav/provider
duplicating the appropriate .h files such as os.h into the include
Use SSL functions/macros instead of directly dereferencing SSL
Add $SSL/include to configure search path.
[Madhusudan Mathihalli <madhusudan_mathihalli hp.com>]
[albert chin <china thewrittenword.com>]
modules (e.g., the identifer for mod_log_config was previously
[James Watson <ap2bug sowega.org>]
*) Change core code to allow an MPM to set hard thread/server
working with more than one vhost/uid. [Aaron Bannert]
mod_foo.so. This fixes some wonkiness on HP-UX, Tru64, and AIX
working on AIX. [Aaron Bannert, Dick Dunbar <RLDunbar pacbell.net>,
Gary Hook <ghook us.ibm.com>, Victor Orlikowski, Jeff Trawick]
*) Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"
[Yoshifumi Hiramatsu <hiramatu boreas.dti.ne.jp> and
Gomez Henri <hgomez slib.fr>]
configured [John Sterling <sterling covalent.net>]
*) Fix apxs to use sbindir. [Henri Gomez <hgomez slib.fr>]
[Taketo Kabe <kabe sra-tohoku.co.jp>, Cliff Woolley] PR#8804
done being generated. [Brian Pane <bpane pacbell.net>]
[John Sterling <sterling covalent.net>]
*) Add Debian layout. [Daniel Stone <daniel sfarc.net>]
do. [Brian Pane <bpane pacbell.net>]
[Brian Pane <bpane pacbell.net>]
*) Fix infinite loop in mod_cgid.c.
SSL/plain, and depending also on the current setting of
AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
*) Introduce htdbm, a user management utility for db/dbm authorization
databases. [Mladen Turk <mturk mappingsoft.com>]
[Brian Pane <bpane pacbell.net>]
the port string. [Zvi Har'El <rl math.technion.ac.il>]
*) Add the support/checkgid helper app, which checks the run-time
*) Fix some bungling of the remote port in rfc1413.c so that
[Brian Pane <bpane pacbell.net>]
input and/or output filters to the request to the origin. While
the default httpd.conf for any module that was compiled
as a DSO. [Aaron Bannert <aaron clove.org>]
[Aaron Bannert <aaron clove.org>]
WinNT/2K machines. [Mladen Turk <mturk mappingsoft.com>]
[Aaron Bannert <aaron clove.org>]
and add commonly used audio/x-mpegurl for m3u extensions.
[Heiko Recktenwald <uzs106 uni-bonn.de>, Lars Eilebrecht]
relocated. [Aaron Bannert <aaron clove.org>]
*) Update the mime.types file to the registered media types as
[Aaron Bannert <aaron clove.org>]
[Brian Pane <bpane pacbell.net>]
[Ian Holsman <ianh cnet.com>]
*) Fix worker MPM's scoreboard logic. [Aaron Bannert <aaron clove.org>]
[Brian Pane <bpane pacbell.net>]
[Aaron Bannert <aaron clove.org>]
segments for. [Aaron Bannert <aaron clove.org>]
*) Fix SSL VPATH builds [Cody Sherr <csherr covalent.net>]
roll build_command_line/build_argv_list into a unified, overrideable
*) Back out the 1.45 change to util_script.c. This change made
[Taketo Kabe <kabe sra-tohoku.co.jp>]
compute variables. [Brian Pane <bpane pacbell.net>]
the file size. [Taketo Kabe <kabe sra-tohoku.co.jp>]
than per character. [Brian Pane <bpane pacbell.net>]
(which is the case with mod_proxy). [Ian Holsman <ianh cnet.com>]
This is not to be confused with support for the WinNT/Win32
cygwin platform users. [Stipe Tolj <tolj wapme-systems.de>]
but refused to check the mime.types file if AddType wasn't given
without setting the AddType text/html html would cause Apache to
[Aaron Bannert <aaron clove.org>]
an explicit request. E.g., if the .Z extension is associated with
an unzip filter, the user request somefile.Z.html, mod_negotiation
.html extension is associated with ContentType text/html.
shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
get/set/delete sessions using mod_ssl's callbacks
[Madhusudan Mathihalli <madhusudan_mathihalli hp.com>,
Geoff Thorpe <geoff geoffthorpe.net>]
pools more cleanly. [Aaron Bannert <aaron clove.org>]
[Madhusudan Mathihalli <madhusudan_mathihalli hp.com>]
[Paul J. Reder <rederpj raleigh.ibm.com>]
[John Sterling <sterling covalent.net>]
[Madhusudan Mathihalli <madhusudan_mathihalli hp.com>]
associated filename (e.g., we're filtering the error document for
*) Added the common error/ tree to the build/install targets
[Dave Carrigan <dave rudedog.org>, Graham Leggett]
[Dave Carrigan <dave rudedog.org>, Graham Leggett]
[Mladen Turk <mturk mappingsoft.com>, William Rowe]
*) Rounded out the mod_mime Add/Remove pairs by adding RemoveLanguage
[Cody Sherr <csherr covalent.net>]
*) We have always used the obsolete/deprecated Netscape syntax
in a dependency list (e.g., OS/390 make, certain levels of GNU
*) Install the SSL headers. [John Sterling <sterling covalent.net>]
[Cody Sherr <csherr covalent.net>]
[Mladen Turk <mturk mappingsoft.com>]
[Richard Labennett <rlabenn us.ibm.com>]
(e.g. for mod_dir) but none can be served. mod_negotation now
*) Add a handler to mod_includes.c. This handler is designed to
and have those methods <limit>able in the httpd.conf. It uses
the same bit mask/shifted offset as the original HTTP methods
an int provides. [Cody Sherr <csherr covalent.net>]
Madhusudan Mathihalli <madhusudan_mathihalli hp.com>,
*) Add a single listener/multiple worker MPM. This MPM is
*) Apache/Win32 now fills in the service description with Apache's
create the proper cgi-bin examples, including a test-cgi.bat, and
fix the perl shebang line for printenv.pl, when installing from
*) Fix a segfault in threaded.c caused by passing uninitialized
*) Fix problem reported by Taketo Kabe <kabe sra-tohoku.co.jp>
[Günter Knauf <eflash gmx.net>]
#ifdefs. This has bitten us many times in generating the exports.c
[Sander Striker <striker apache.org>]
[Cody Sherr <csherr covalent.net>]
*) Performance improvement to mod_mime.c. find_ct() in mod_mime,
httpd.conf, the tables for languages and charsets are somewhat
a nice speedup. [Brian Pane <bpane pacbell.net>]
[Harrie Hazewinkel <harrie covalent.net>]
with certain invocations (e.g., ab -k -c 6 -n 100 localhost/).
[Ian Holsman <ianh cnet.com>]
*) Fix seg faults and/or missing output from mod_include. The
*) Automatically generate httpd.exp for AIX.
[Ryan Morgan <rmorgan covalent.net>]
add/append/set headers based on this envar thusly:
*) Optimise reset_filter() in http_protocol.c. [Greg Stein]
*) include/ap_compat.h tested and set APR_COMPAT_H instead of AP_COMPAT_H.
This prevented the inclusion of apr_compat.h. PR #7773
[Oleg Broytmann <phd phd.pp.ru>]
been part of Apache on Unix/Linux/BSD since the early v1.3 releases.
[Barrie Slaymaker <barries slaysys.com>]
and moving hints.m4 inline. [Roy Fielding]
[Ian Holsman <IanH cnet.com>]
[Ryan Bloom, Justin Erenkrantz <jerenkrantz ebuilt.com>,
*) Get mod_tls to compile/work better on Windows. PR #7612
*) Fix shutdown/restart hangs in the threaded MPM.
[John K. Sterling <sterling covalent.net>]
[Graham Leggett <minfrin sharp.fm>]
required into the core. [Harrie Hazewinkel <harrie covalent.net>]
[jun-ichiro hagino <itojun iijlab.net>]
[Ryan Morgan <rmorgan covalent.net>]
[Justin Erenkrantz <jerenkrantz ebuilt.com>]
Gnu makefile guidelines. [Justin Erenkrantz <jerenkrantz ebuilt.com>]
[<giles nemeton.com.au>]
--with-module=module_type:/path/to/module.c
The configure script will copy the module.c file to
modules/module_type, and it will be added to the relevant Makefiles.
*) Change the default installation directory to /usr/local/apache2,
as now defined by the "Apache" layout in config.layout. [Marc Slemko]
*) Make generic hooks to work, with mod_generic_hook_import/export
us use a consistent location for the config.layout file, and it
[jun-ichiro hagino <itojun iijlab.net>]
csv/gnuplot format, rudimentary ssl support and various other tweaks
apache. Often by a order of magnitude :-) See talk/paper of Sander
[Taketo Kabe <kabe sra-tohoku.co.jp>]
libtool muck that is now under srclib/apr/build. [Roy Fielding]
*) Fix bug in the Unix threaded.c MPM that allowed child processes
PR #7407 [Taketo Kabe <kiabe sra-tohoku.co.jp>]
[Mike Abbot <mja trudge.engr.sgi.com>, Bill Stoddard]
IPv6 listening sockets were used, allow/deny-from-IPv4-address rules
*) Reimplement the Windows MPM (mpm_winnt.c) to eliminate calling
[Graham Leggett <minfrin sharp.fm>]
[Jon Travis <jtravis covalent.net>]
[Paul J. Reder <rederpj raleigh.ibm.com>]
[Ryan Morgan <rmorgan covalent.net>]
[Dan Rench <drench xnet.com>]
one call to the filter. [Ryan Morgan <rmorgan covalent.net>]
[Mike Abbot <mja trudge.engr.sgi.com>]
[Jon Travis <jtravis covalent.net>]
*) Fix a seg fault in mod_userdir.c. We used to use the pw structure
[Taketo Kabe <kabe sra-tohoku.co.jp> and
Cliff Woolley <cliffwoolley yahoo.com>]
[Jon Travis <jtravis covalent.net>]
versions of MSIE and Netscape. [Clive Lin <clive CirX.ORG>] PR#7142
[Taketo Kabe <kabe sra-tohoku.co.jp>]
current hooks better. [Ryan Morgan <rmorgan covalent.net>]
added feature of allowing a uid/gid per child process. If no
uid/gid is specified, then Perchild behaves exactly like dexter.
[Gomez Henri <new-httpd slib.fr>]
*) Add a very early prototype of SSL support (in mod_tls.c). It is
vital that you read modules/tls/README before attempting to build
to #ifdef it. [Cliff Woolley <cliffwoolley yahoo.com>]
[Paul J. Reder <rederpj raleigh.ibm.com>]
*) Correct a typo in httpd.conf.
[Kunihiro Tanaka <tanaka apache.or.jp>] PR#7154
PR#7170 [Danek Duvall <dduvall eng.sun.com>]
*) Adopt apr user/group name features for mod_rewrite. Eliminates some
'extra' stat's for user/group since they should never occur, and now
Win32/OS2 exceptions without hiccuping. [William Rowe]
*) Modify the apr_stat/lstat/getfileinfo calls within apache to use
*) Move initgroupgs, ap_uname2id and ap_gname2id from util.c to
mpm_common.c. These functions are only valid on some platforms,
*) Update highperformance.conf to work with either prefork or
i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of
Host: header. PR#7079 [Alexey Toptygin <alexeyt wam.umd.edu>]
hints.m4) of various compilation flags (eg: CFLAGS). Also,
*) Allow the buildconf process to find the config.m4 files in the correct
the changes in Apache 2.0 [Cliff Woolley <cliffwoolley yahoo.com>]
such as apache_2.0a9.tar.gz on FreeBSD again. [Ryan Bloom]
[Cliff Woolley <cliffwoolley yahoo.com>]
server root from the Apache.exe path.
loadable modules, dynamic libs are all named libfoo.dll, and the
makefile.win populates the include, lib and libexec directories.
numeric address strings (e.g., "Listen [fe80::1]:8080").
*) Get the functions in server/linked into the server, regardless of
be loadable into the server. Our new build/install mechanism expects
to build + install on Win32. Makefile.win now rewrites @@ServerRoot@
and installs the conf, htdocs and htdocs/manual directories.
[Paul J. Reder <rederpj raleigh.ibm.com>]
time, and that list is then used to generate the exports.c file.
[Sander van Zoest <sander covalent.net>]
*) Added lib/aputil/ as a placeholder for utility functions which are not
[Paul Reder <rederpj raleigh.ibm.com>]
rotatelogs.c code, and no longer churn log processes for this
[B. W. Fitzpatrick <fitz red-bean.com>]
hostname resolution/address string parsing and building
[Markus Gyger <mgyger itr.ch>]
*) Mod_info.c has now been ported to Apache 2.0. As a part of this
[Ryan Morgan <rmorgan covalent.net>]
[Branko Čibej <brane xbc.nu>]
[Shuichi Kitaguchi <ki hh.iij4u.or.jp>]
*) APR read/write functions and bucket read functions now operate
code in mod_log_config.c
*) In the Apache/Win32 console window, accept Ctrl+C to stop the
since we don't compute digests of filtered (e.g., translated)
*) Update the mime.types file to the registered media types as
*) Namespace protect some macros declared in ap_config.h
[Tomas Ögren <stric ing.umu.se>]
[Cliff Woolley <cliffwoolley yahoo.com>]
*) Add support for /, //, //servername and //server/sharename
*) Fix another bug in the send_the_file() read/write loop. A partial
*) Reimplement core_output_filter to buffer/save bucket brigades
[Mike Abbott <mja sgi.com>]
*) send_the_file now falls back to a read/write loop on platforms that
*) APR now has UUID generation/formatting/parsing support.
-add rules for cross-compiling in rules.mk. Okay, rule to check for
-add missing "AR=@AR@" to severaly Makefile.in's
[Rüdiger Kuhlmann <Tadu gmx.de>]
[Rüdiger Kuhlmann <Tadu gmx.de>]
*) Fix building on BSD/OS using its native make. The build system
hook in http_core.c. This removes the need to add the filter in
*) SECURITY: CVE-2000-0913 (cve.mitre.org)
update allows the user to clear or preserve pw/groups/comment.
<IfModule mod_kilroy.c>
<IfModule mod_lovejoy.c>
*) Fix some compile warnings in mod_mmap_static.c
[Mike Abbott <mja sgi.com>]
*) APRVARS.in no longer overwrites the EXTRA_LIBS variable.
[Mike Abbott <mja sgi.com>]
*) Fix compile break on some platforms for mod_mime_magic.c
[John K. Sterling <sterling covalent.net>]
PR #5872 (1.3) [Jun Kuriyama <kuriyama imgsrc.co.jp>]
platforms to hints.m4, which contains (or should contain)
*) Add tables with non-string/binary values to APR.
[Rob Simonson <simo us.ibm.com>]
configuration file started with an IfModule/IfDefine container,
[Gregory Nicholls <gnicholls level8.com>]
[Gregory Nicholls <gnicholls level8.com>]
code was being returned. [Gregory Nicholls <gnicholls level8.com>]
not terminated with cr/lf sequences in Win32. [William Rowe]
*) Move all strings functions in APR to src/lib/apr/strings and create
apr_strings.h for the prototypes. [Ryan Bloom]
*) Clean out obsolete names (from httpd.h) for the HTTP Status Codes
*) Update the lib/expat-lite/ library (bring forward changes from
[Dave Hill <ddhill zk3.dec.com>]
timeouts (i.e, if a timeout was specified, the pipe reverted to
3x the rate of Apache 1.3.(e.g, Apache 1.3 will serve 400 rps
compiled-in limits (e.g., ThreadsPerChild, MaxClients, StartTreads).
[Tyler J. Brooks <tylerjbrooks home.com>, Jeff Trawick]
*) SECURITY: CVE-2000-1204 (cve.mitre.org)
and a user makes a request like http://www.example.com//cgi-bin/cgi
as reported in <news:960999105.344321 ernani.logica.co.uk>
*) Yet another update to saferead/halfduplex stuff -- need to ensure
to the configured User/Group (like other httpd processes)
if the len was negative. Use <sys/un.h> for struct sockaddr_un
doesn't seem to have a problem but /bin/sh on Solaris does.
ContentDigest enabled and we can't/don't mmap the file.
related bugs, and changed shmem/locking to use apr API. Shared-mem
would be errors generating ap_config_auto.h later in the configure
*) Organize http_main.c as independent code, such that no code or
[William Rowe, Jan Just Keijser <KEIJSERJJ logica.com>]
[Ask Bjoern Hansen <ask valueclick.com>]
[Paul Reder <rederpj raleigh.ibm.com>]
in 1.3's ebcdic.c. [Jeff Trawick]
buffer if the implementation knows how to use it (i.e., if L_tmpnam
*) Configure creates config.nice now containing your configure
options. Syntax: ./config.nice [--more-options]
*) Fix mm's memcpy/memset macros, pointer arithmetic was broken.
[Tim Costello <timcostello ozemail.com.au>]
[Chia-liang Kao <clkao CirX.ORG>]
*) The ab program in the src/support directory is now portable using
*) Finished move of ap_md5 routines to apr_md5. Removed ap_md5.h.
Apache.dsw created to bring together all the pieces. Create new file
os/win32/BaseAddr.ref to define module base addresses (to prevent
*) More FAQs and answers from comp.infosystems.www.servers.unix.
[Joshua Slive <slive finance.commerce.ubc.ca>]
in the field. [William Rowe <wrowe lnd.com>]
[William Rowe <wrowe lnd.com>]
[William Rowe <wrowe lnd.com>]
[Brian Martin <bmartin penguincomputing.com>]
fix up from Apache 1.3. #include'ing "ap_mpm.h" fixes up an
[William Rowe <wrowe lnd.com>]
[William Rowe <wrowe lnd.com>]
[William Rowe <wrowe lnd.com>]
we can use ReadFileScatter and WriteFileGather in readwrite.c.
[Allan Edwards <ake raleigh.ibm.com>]
[Brian Martin <bmartin penguincomputing.com>]
fixes to mod_so.c.
[Joshua Slive <slive finance.commerce.ubc.ca>]
[Jon Travis <jtravis covalent.net>]
[Paul Reder <rederpj raleigh.ibm.com>]
[Allan Edwards <ake raleigh.ibm.com>]
[William Rowe <wrowe lnd.com>]
[William Rowe <wrowe lnd.com>]
Makefile.win includes the same user interface as the old
[William Rowe <wrowe lnd.com>] PR#3715
[Allen Prescott <allen clanprescott.com>]
[Jeff Trawick <trawick us.ibm.com>]
*) Put in Korean and Norwegian index.html pages (2.0 and 1.3)
config file. E.g. 'ServerAdmin ${POSTMASTER}'. As commited
it does this on a line by line basis; i.e. if the envvar
ErrorDocument XXX /local/uri
ErrorDocument XXX http://valid/url
*) Changed 'CacheNegotiatedDocs' from its present/not-present
done with --with-module=/path/to/module. Modules can only be added
[Jeff Trawick <trawick us.ibm.com>]
*) Enable Apache to use sendfile/TransmitFile API
*) Make file I/O and network I/O writev/sendv APIs consistent.
bytes_read/bytes_written is always valid (never -1). Plus
some fixes to buff.c to correct problems introduced by the
*) port mod_rewrite to 2.0. [Paul J. Reder <rederpj raleigh.ibm.com>]
[Paul Reder <rederpj raleigh.ibm.com>]
[John Zedlewski <zedlwski Princeton.EDU>]
*) buff.c has been converted to no longer use errno.
[Dilip Khandekar <dilip cup.hp.com>]
automatically for developers from src/Configure.
*) Fixed building of src/support/htpasswd.c
*) Moved mod_auth_digest.c from experimental to standard. [Roy Fielding]
for a wildcard handler. [Dirk <dirkm teleport.com>, Roy Fielding]
*) Support line-continuation feature in config.option file and
*) Implement WINNT Win32 MPM from original Win32 code in http_main.c
(per default used the config.option file).
*) MPM BEOS port. [David Reid <abb37 dial.pipex.com>]
calling order to be specified on a per-hook/per-module basis.
*) os/unix/unixd.[ch]: detach, setuid, setgid, stuff which will be common
*) mpm_prefork: throw away all the alarm/timeout crud; and clean up the
of alloc.c for now. [Dean Gaudet]
based on IP/port. [Ben Laurie]
["Michael H. Voase" <mvoase midcoast.com.au>]
*) I/O layering and BUFF revamp. See docs/buff.txt. [Dean Gaudet]
docs/initial_blurb.txt. [Dean Gaudet]
[James Morris <jmorris intercode.com.au>]
an absolute path to the ./libexec directory where the libhttp.ep file
routines are now called ap_base64* and are 'plain' (i.e., no
pool access or anything clever). Inside util.c the routines acting
*) Fixed assumption of absolute paths in binbuild.sh. [Tony Finch]
src/support/httpd.exp. [Bill Stoddard, Randy Terbush]
*) Make ap_sha1.c compile for EBCDIC platforms: replace remaining LONG
[Tom Vaughan <tvaughan aventail.com>, Roy Fielding]
*) PORT: Improved compilation and DSO support on Sequent DYNIX/ptx.
[Ian Turner <iant sequent.com>] PR#4735
*) Local struct mmap in http_core.c conflicted with system structure
*) Added updated mod_digest as modules/experimental/mod_auth_digest.
[Ronald Tschalär <ronald innovation.ch>]
up across restarts. [David Harris <dharris drh.net>]
*) CIDR addresses such as a.b.c.d/24 where d != 0 weren't handled
["Paul J. Reder" <rederpj raleigh.ibm.com>] PR#4770
*) RewriteLock/RewriteMap didn't work properly with virtual hosts.
[Dmitry Khrustalev <dima bog.msu.su>] PR#3874
*) PORT: Support for compaq/tandem/com.
Netscape servers. See support/SHA1 for more information.
Caused the separation of ap_md5.c into md5, sha1 and a general
ap_checkpass.c with just a validate_passwd routine. Added a
couple of flags to support/htpasswd. Some reuse of the to64()
[Dirk-Willem van Gulik, Clinton Wong <clintdw netcom.com>]
with ASCII/EBCDIC conversions in "ident" query.
[David McCreedy <McCreedy us.ibm.com>]
are combined, and duplicate tokens (e.g., "Vary: host, host" or
*) Portability changes for BeOS. [David Reid <abb37 dial.pipex.com>]
[Bill Stoddard <stoddard raleigh.ibm.com>]
[Roy Fielding, Joe Orton <jeo101 york.ac.uk>] PR#4499, PR#3806
install the DSO; useful for editing httpd.conf with apxs. Fix
create duplicate LoadModule/AddModule entries; apxs can now be
used to re- enable/disable a module. [Wilfredo Sanchez]
Win 95 users may need to update their TCP/IP stack to pick up
Winsock 2. (See http://www.microsoft.com/windows95/downloads/)
[Bill Stoddard <stoddard raleigh.ibm.com>]
error.log when CGI scripts fail. This makes Apache on Win32
[Bill Stoddard <stoddard raleigh.ibm.com>]
*) Fix `make r' test procedure in src/regex/: ap_isprint was not found.
*) Add DSO support for DGUX 4.x using gcc. Tested on x86 platforms.
[Randy Terbush <randy covalent.net>]
*) Add the new mass-vhost module (mod_vhost_alias.c) developed and
used by Demon Internet, Ltd. [Tony Finch <fanf demon.net>]
[Rasmus Lerdorf <rasmus raleigh.ibm.com>]
[Bill Stoddard <stoddard raleigh.ibm.com>]
parent/child process management code.
[Bill Stoddard <stoddard raleigh.ibm.com>]
[John Giannandrea <jg meer.net>] PR#4122
*) Fix ndbm.h include problems with brain-dead glibc >= 2.1 which
has ndbm.h in a non-standard db1/ subdir. PR#4431, PR#4528
[Henri Gomez <gomez slib.fr>, Ralf S. Engelschall]
*) Determine AP_BYTE_ORDER for ap_config_auto.h and already
content-types are "text/html;parameters". PR#4524 [Ken Coar]
*void. When the OS/platform/compiler supports quads, ap_snprintf()
[Aidan Cully <aidan panix.com>] PR#4456
*) Add RULE_EXPAT, the src/lib/ directory structure, and a modified copy
library. [Jens-Uwe Mager <jum helios.de>, Ralf S. Engelschall]
(e.g., HTTP/0.9 or HTTP/1.1) of the request. [Ken Coar]
[Ralf S. Engelschall, Rex Dieter <rdieter math.unl.edu>] PR#3997
[Jan Gallo <gallo pvt.sk>] PR#3690, PR#4373
*) Switch to /bin/sh5 in APACI on Ultrix and friends to avoid problems with
their brain-dead /bin/sh. [Ralf S. Engelschall] PR#4372
[Todd Vierling <tv pobox.com>] PR#4310
[Petr Lampa <lampa fee.vutbr.cz>] PR#4366, 679
[Raymond S Brand <rsbx rsbx.net>, Ken Coar] PR#1574, 3026, 3529,
the struct stat. [Ed Korthof <ed bitmechanic.com>]
[Salvador Ortiz Garcia <sog msg.com.mx>]
[Rob Saccoccio <robs InfiniteTechnology.com>] PR#2579
*) mod_include's fsize/flastmod should allow only relative paths, just
like "include file". [Jaroslav Benkovsky <benkovsk pha.pvt.cz>]
*) Add iconsdir, htdocsdir, and cgidir to config.layout.
*) Fix minor but annoying bug with the test for Configuration.tmpl
in unix/os.c, and don't install the dyld error handlers, which
*) Add functionality to the install-bindist.sh script created by
binbuild.sh to use tar when copying distribution files to the
install-bindist.sh now detects the local perl5 path to install
[Randy Terbush, Covalent Technologies, <randy covalent.net>]
src/modules/proxy_util.c where a NULL filepointer and
[Graham Leggett <minfrin sharp.fm>,
Tim Costello <tjcostel socs.uts.edu.au>] PR#3178
[Graham Leggett <minfrin sharp.fm>]
have assurance about how string manipulators (e.g., tr) will
[Ken Coar, Dmitry Khrustalev <dima zippy.machaon.ru>] PR#4118
[Raymond S Brand <rsbx rsbx.net>]
[Raymond S Brand <rsbx rsbx.net>] PR#4248
*) Add "opt" (SysV-style) layout to config.layout. [Raymond S Brand
<rsbx rsbx.net>]
[Yitzchak Scott-Thoennes <sthoenna efn.org>, Ralf S. Engelschall] PR#4269
[Joe Moenich <moenich us.ibm.com>]
*) Fix number of bytes copied by read_connection() in src/support/ab.c
[Jim Cox <jc superlink.net>] PR#4271
[Bob Finch <bob nas.com>]
[Paul Sutton <paul awe.com>]
*) Make sure RewriteLock can be used only in the global context, (i.e.
<mariav icgeb.trieste.it>] PR#4260
uncompress/gzip, but those tools sometimes do not produce
[Marcin Cieslak <saper system.pl>] PR#4097
line. [<inkling firstnethou.com>] PR#3770
redirects. [Jose KAHAN <kahan w3.org>] PR#3910, 3806, 3575
[Jacques Distler <distler golem.ph.utexas.edu>] PR#4130
*) PORT: deal with UTS compiler error in http_protocol.c
[Dave Dykstra <dwd bell-labs.com>] PR#4189
*) Add ap_vrprintf() function. [John Tobey <jtobey banta-im.com>] PR#4246
by "Peter 'Luna' Altberg <peter altberg.nu>" and PR#3422
[Peter 'Luna' Altberg <peter altberg.nu>, Ronald Tschalär]
binary (e.g., image file) in the first place.
[David McCreedy <mccreedy us.ibm.com>]
*) support/htpasswd now permits the password to be specified on the
apache -n apache1 -i -f c:/httpd.conf
Installs apache as service 'apache1' and associates c:/httpd.conf
Installs apache as service 'apache2'. httpd.conf is located under
the default server root (/apache/conf/httpd.conf).
apache -n apache3 -i -d c:/program files/apache
c:/program files/apache.
*) Correct the signed/unsigned character handling for the MD5 routines;
*) OS/2: Rework CGI handling to use spawn*() instead of fork/exec, achieving
*) proxy ftp: instead of using the hardwired string "text/plain" as
<Directory proxy:ftp://some.host>
DefaultType gargle/blurb
*) Be more smart in APACI's configure script when determining the UID/GID
the number of fork()s from one/request to just the odd one an hour.
*) Added proxy, auth and header support to src/support/ab.c. Added a
README file to src/support/
*) Fix sed-substitutions in `make install': path elements like `httpd/conf'
(for instance from an APACI configure --sysconfdir=/etc/httpd/conf
*) PORT: Add support for FreeBSD 4.x [Ralf S. Engelschall]
[Ronald Tschalär <ronald innovation.ch>] PR#3411
the reboot prompt (which is only given if MSVCRT.DLL system
*) WIN32: Apache.exe now contains an icon. [Paul Sutton]
*) Using APACI, the main config file (usually httpd.conf) was
<wsanchez apple.com>]
[Ryan Bloom <rbb raleigh.ibm.com>]
[Dean Gaudet, Jeff Lewis <lewis stanford.edu>] PR#3872
*) Move the directive `ExtendedStatus' in httpd.conf-dist-win _after_ the
DSO/DLL section because it's a directive from mod_status and isn't
[Martin POESCHL <mpoeschl gmx.net>] PR#3936
option more clear. [Jan Wolter <janc wwnet.net>] PR#3995
[John Tobey <jtobey banta-im.com>] PR#3983
against libap.a and use its ap_snprintf() instead of sprintf() to avoid
*) Add Apple's Mac OS X Server Layout "Rhapsody" to config.layout.
*) Add cgidir, htdocsdir, iconsdir variables to Makefile.tmpl in order
[Michael van Elst <mlelstv serpens.swb.de>, Lars Eilebrecht] PR#3160
*) Use proper pid_t type for saving PIDs in alloc.c. [John Bley]
%v). Useful for mass vhosting. [Tony Finch <dot dotat.at>]
more reliable logs with multiline entries. [Tony Finch <dot dotat.at>]
*) Fixed a few compiler nits. [John Bley <jbb6 acpub.duke.edu>]
in http_core.c. [John Bley, Roy Fielding]
calls. [John Bley <jbb6 acpub.duke.edu>, Jim Jagielski]
[Brian Havard <brianh kheldar.apana.org.au>]
[Joshua Slive <slive finance.commerce.ubc.ca>] PR#2497
*) src/support/: The ApacheBench benchmark program was overhauled by
[David N. Welton <davidw prosa.it>]
*) Added -S option to install.sh so that options can be passed to
the test case of no modules being selected. [<chaz reliant.com>]
is *not* given in the argument list; i.e., the logical negation
*) Win32: Add global symbols missing from ApacheCore.def. [Carl Olsen]
to util.c for parsing an HTTP header field value to extract the next
code different from 500. This allows the proxy to, e.g., return
and no Accept-Language. [James Treacy <treacy debian.org>] PR#3299, 3688
as "com.name" to be served. [Paul Sutton] PR#3769.
make subtasking easier on the OSD/POSIX mainframe environment.
*) Make NDBM file suffix determination for mod_rewrite more accurate, i.e.
[Ryan Bloom <rbb Raleigh.IBM.Com>]
impossible to exploit.) [Rick Perry <perry ece.vill.edu>]
*) Let src/Configure be aware of CFLAGS options starting with plus
signs as it's the case for the HP/UX compiler.
[Doug Yatcilla <yatcilda umdnj.edu>] PR#3681
and this makes its functions available to things in src/support.
*) WIN32: Created new makefiles Makefile_win32.txt (normal build)
and Makefile_win32_debug.txt (debug build) that work on Win95.
nmake /f Makefile_win32.txt # compiles normal build
nmake /f Makefile_win32.txt install # compiles and installs
nmake /f Makefile_win32.txt clean # removes compiled junk
nmake /f Makefile_win32_debug.txt # compiles debug build
nmake /f Makefile_win32_debug.txt install
nmake /f Makefile_win32_debug.txt clean
for FreeBSD 3.0). [Todd Vierling <tv pobox.com>] PR#2462
*) Small fix for mod_env.html: The module was documented as to be _not_
Apache per default. [Sim Harbert <sim mindspring.com>] PR#3572
*) Instead of fixing a bug in the generation procedure for config.status (a
making sure the src/support/ tools are _forced_ to be build last (they
*) Fix installation procedure: Now that os-inline.c is actually used (a
recently fixed bug prevented this) we need to also install os-include.c
`escape' and `unescape' were added which can be used to escape/unescape
to/from hex-encodings in URLs parts (this is especially useful in
*) Major overhaul of mod_negotiation.c, part 2.
- added ap_array_pstrcat() to alloc.c for efficient concatenation
*) Major overhaul of mod_negotiation.c, part 1.
revision (draft-ietf-http-v11-spec-rev-06.txt).
e.g. no feature negotiation). Removed old experimental version.
negotiation results are consistent across backup/restores and mirrors
*) RFC2396 allows the syntax http://host:/path (with no port number)
[David Kristol <dmk bell-labs.com>] PR#3530
*) When modules update/modify the file name in the configfile_t structure,
[Fabien Coelho <coelho cri.ensmp.fr>] PR#3573
CASE_BLIND_FILESYSTEM. [Brian Havard <brianh kheldar.apana.org.au>]
*) The hashbang emulation code in ap_execve.c would interpret
#!/hashbang/scripts correctly, but failed to fall back to a
*) PORT: Added the Cyberguard V2 port [Richard Stagg <stagg lentil.org>]
and another was incorrect. [Mark Anderson <mda discerning.com>] PR#3553
wasn't defined. [Rick Franchuk <rickf transpect.net>]
o fixed auto-suffix handling now that config.layout exists.
config.layout and every path now can be marked this way (not only the
SINGLE_LISTEN_UNSERIALIZED_ACCEPT to NetBSD/OpenBSD section
of ap_config.h to allow serialized accept for multiport listens.
*) PORT: Fixed a misplaced #endif for NetBSD/OpenBSD section
of ap_config.h that would skip several defines if DEFAULT_GROUP
strcasecmp, so allow it in ap_config.h. [Amiel Lee Yee] PR#3247
*) Fix ordering of definitions in ap_config.h so that ap_inline is
[Tom Serkowski <tks bsdi.com>] PR#3453
*) Make generation of src/Configuration.apaci more robust: It failed to
another (e.g. cgi vs. fastcgi). We now check for mod_XXX, libXXX and even
*) In src/Configure remove the SERVER_SUBVERSION support (already deprecated
[Ralf S. Engelschall, Wilfredo Sanchez <wsanchez apple.com>]
[Paul Ausbeck <paula alumni.cse.ucsc.edu>, Paul Sutton] PR#3447
*) Allow special options -Wc,xxx and -Wl,xxx on APXS compile/link command.
IS to the compiler/linker command. [Ralf S. Engelschall]
config.layout. Custom layouts are possible by using FILE:ID as the
The config.layout file consists of <Layout ID>..</Layout> sections
extension (e.g., .fr, .de) can be labelled as being some other
*) mod_include.c:handle_perl() now properly tests for OPT_INCNOEXEC
rather than OPT_INCLUDES [Rainer Schoepf <schoepf uni-mainz.de>]
[Ronald Tschalär <ronald innovation.ch>] PR#3409
[Martin Plechsmid <plechsmi karlin.mff.cuni.cz>] PR#1987
[Andrew Pimlott <pimlott math.harvard.edu>] PR#3340
[David MacKenzie <djm uu.net>] PR#3394
*) Updated mime.types to reflect current Internet media types
Improved mod_actions.c so that it can use any of the methods
defined in httpd.h. Added ap_method_number_of(method) for
*) PORT: Add a port to the TPF OS. [Joe Moenich <moenich us.ibm.com> and
*) Fix problems with handling of UNC names (e.g., \\host\path)
on Win32. [Ken Parzygnat <kparz us.ibm.com>]
robust, and works. [Ken Parzygnat <kparz us.ibm.com>]
[Manoj Kasichainula, Ken Parzygnat <kparz us.ibm.com>]
*) Move a typedef to fix compile problems on Linux with 1.x kernels.
*) http_config.c would respond with 501 (Method Not Implemented) if a
should have been a 500 response. Likewise, mod_proxy.c would responsd
on-the-fly/batch permute the order of two modules (mod_foo and mod_bar)
mod_foo with the begin of the module list, i.e. it `moves' the module to
which permutes mod_foo with the end of the module list, i.e. it `moves'
synchronisation (Win32). [Ken Parzygnat <kparz raleigh.ibm.com>]
on container start lines (e.g., it wouldn't spot
"<Directory /" as a syntax error). [Ryan Bloom <rbbloom us.ibm.com>]
[Ryan Bloom <rbbloom us.ibm.com>] PR#1799.
[Ken Parzygnat <kparz raleigh.ibm.com>] PR#2078, 2303.
[Ivan Richwalski <ivan seppuku.net>] PR#3249
*) Fix Berkeley-DB/2.x support in mod_auth_db: The data structures were not
parameter. [Ron Klatchko <ron ckm.ucsf.edu>] PR#3171
[Ralf S. Engelschall, Ron Record <rr sco.com>]
httpd.conf-dist* files. The srm and access files now contain
only comments, and httpd.conf has all the combined contents in
*) PORT: DSO/ELF support for FreeBSD 3.0.
[Ralf S. Engelschall, Dirk Froemberg <ibex physik.TU-Berlin.DE>]
do this. [Ken Parzygnat <kparz raleigh.ibm.com>] PR#2976, 3074
[Wilfredo Sanchez <wsanchez apple.com>]
of "-". [Martin Plechsmid <plechsmi karlin.mff.cuni.cz>, Marc Slemko]
*) PORT: DRS 6000 machine. [Paul Debleecker <pdebleecker jetair.be>]
[M. Laak <maert proinv.ee>] PR#3108
[Dave Dykstra <dwd bell-labs.com>] PR#3055
but not tabs). [James Morris <jmorris intercode.com.au>,
[James Grinter <jrg blodwen.demon.co.uk>] PR#3111
[Youichirou Koga <y-koga jp.FreeBSD.org>] PR#3095
[Youichirou Koga <y-koga jp.FreeBSD.org>] PR#3096
*) Fix http://localhost/ hints in top-level INSTALL document.
[Rob Jenson <robjen spotch.com>, Ralf S. Engelschall] PR#3088
[Wilfredo Sanchez <wsanchez apple.com>]
[Ken Parzygnat <kparz raleigh.ibm.com>] PR#2884, 2910
<kparz raleigh.ibm.com>] PR#3001
[Ken Parzygnat <kparz raleigh.ibm.com>] PR#2976, 3074
ap_config.h. [Brian Havard]
*) PORT: Add Pyramid DC/OSx support to configuration mechanism.
[Earle Ake <akee wpdiss1.wpafb.af.mil>]
*) PORT: Fix sys/resource.h handling for Amdahl's UTS 2.1
[Dave Dykstra <dwd bell-labs.com>] PR#3054
*) Correct comment in mod_log_config.c about its internals.
[Elf Sternberg <elf halcyon.com>]
handle the creation of modules.c [Jim Jagielski]
and to avoid problems under platforms where only version 2.x is present.
[Dan Jacobowitz <drow false.org>, Ralf S. Engelschall]
[Bill Stoddard <stoddard raleigh.ibm.com>]
*) Remove redundant substitutions in top-level Makefile.tmpl.
platforms where `nogroup' exists in /etc/group. [Ralf S. Engelschall]
the possibility to override it manually via APACI or src/Configuration.
existance of the file under /usr/include, too.
[Wilfredo Sanchez <wsanchez apple.com>]
[Charles Randall <crandall matchlogic.com>] PR#2947
[Youichirou Koga <y-koga jp.FreeBSD.org>] PR#2991
[Karl Berry <karl gnu.org>] PR#2994
[Youichirou Koga <y-koga jp.FreeBSD.org>] PR#2992
*) Fix possible buffer overflow situation in suexec.c.
[Jeff Stewart <jws purdue.edu>] PR#2790
[Ronald Record <rr sco.com>] PR#2533
*) Fix documentation of ProxyPass/ProxyPassReverse according to the
trailing slash problem. [Jon Drukman <jsd gamespot.com>] PR#2933
[Marc Slemko, Paul Phillips <paulp go2net.com>]
SCO OpenServer. [David Coelho <drc ppt.com>]
in /home/user, not in /, therefore clicking on "../" in the
dump core for replies with invalid headers (e.g., duplicate
plop gmon.out profile data for each child [Doug MacEachern]
config.status script to be immune against arguments with whitespaces.
[Yves Arrouye <yves apple.com>] PR#2866
script `buildinfo.sh' which is both more flexible and already proofed to
*) Make ab.c again pass ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align
*) Remove bad reference to non-existing SERVER_VERSION in mod_rewrite.html
[Youichirou Koga <y-koga jp.FreeBSD.ORG>] PR#2895
[Kurt Sussman <kls best.com>] PR#2871
*) Bump up MAX_ENV_FLAGS in mod_rewrite.h from the too conservatice limit of
variables in one RewriteRule and had to patch mod_rewrite.h for every
*) Make sure the config.status file is not overridden when just
See include/ap_mmn.h for more details. [Randy Terbush]
*) SECURITY: CVE-1999-1199 (cve.mitre.org)
*) Cleanup of the PrintPath/PrintPathOS2 helper functions. Avoid
following the same idea as "MSVC vs WIN32". Additionally the src/os/emx/
directory was renamed to src/os/os2/ for consistency.
linking the DSOs, i.e. PIC libs and shared libs. Currently the rule is
*) Add correct `model' MIME types from RFC2077 to mime.types file.
*) Fixed examples in mod_rewrite.html document.
[Youichirou Koga <y-koga jp.FreeBSD.org>, Ralf S. Engelschall] PR#2756
[MATSUURA Takanori <t-matsuu protein.osaka-u.ac.jp>]
programs under Win32. [Marco De Michele <mdemichele tin.it>] PR#2483
*) Update the mod_rewrite.html document to correctly reflect the situation
Makefile.tmpl: The umask+cp approach didn't work as expected (especially
*) Fix `distclean' and `clean' targets in src/Makefile.tmpl to have same
src/helper/mkdir.sh script. [Ralf S. Engelschall]
`search' entries in /etc/resolv.conf.
INSTALL file because a lot of users don't read htdocs/manual/dso.html
(compilers complained) and the .so.V.R.P filename extension was adjusted
[Manoj Kasichainula <manojk raleigh.ibm.com>] PR#2355
*) Disable the incorrect entry for application/msword in the
*) Fix broken RANLIB handling in src/Configure (the entry from
src/Configuration.tmpl was ignored) and additionally force RANLIB to
[Steve VanDevender <stevev darkwing.uoregon.edu>, Lars Eilebrecht] PR#2613
*) Autogenerate some HAVE_XXXXX_H defines in conf_auto.h (determined via
TestCompile) instead of defining them manually in conf.h based on less
OS-type and/or OS-version identifiers to discover whether a system header
[Glen Parker <glenebob nwlink.com>] PR#2277
required by HTML 3.2 and later) to mod_mime_magic's conf/magic.
[Anna Shergold <anna inext.co.uk>]
[John Van Essen <jve gamers.org>] PR#2529
*) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x).
[Ronald Record <rr sco.com>] PR#2533
[Charles Levert <charles comm.polymtl.ca>] PR#2551
[Vadim Kostoglodoff <vadim olly.ru>] PR#2463
*) Fix the Guess-DSO-flags-from-Perl stuff in src/Configure: "perl" was
[Ben Laurie, Bill Stoddard <wgstodda us.ibm.com>] PR#2274
*) PORT: remove broken test for MAP_FILE in http_main.c.
[Wilfredo Sanchez <wsanchez apple.com>]
*) PORT: Change support/apachectl to use "kill -0 $pid" to test if the
but case-insensitive platforms). New #define for this added to conf.h
*) Enable DSO support for OpenBSD in general, not only for 2.x, because it
also works for OpenBSD 1.x. [Ralf S. Engelschall]
[Sam Kington <sam illuminated.co.uk>] PR#2443
reponse. [Ralf S. Engelschall, Charles Fu <ccwf bacchus.com>]
output of Awk. [Bill Houle <bhoule sandiegoca.ncr.com>] PR#2435
of a config.status script (as GNU Autoconf does) which remembers the used
*) Correct initialization of variable `allowed_globals' in http_main.c
[Justin Bradford <justin ukans.edu>] PR#2400
multipart/x-mixed-replace;boundary=ThisRandomString.
[Sean Boudreau <seanb qnx.com>] PR#2390
modules/xxx/Makefile's to avoid problems with SVR4 Make under "full-DSO"
[David MacKenzie <djm va.pubnix.com>] PR#2384
main server. [Christof Damian <damian mediaconsult.com>] PR#2090
[Klaus Weber <kweber chephren.germany.ncr.com>] PR#1973
<Directory /> section of the default access.conf-dist
[Dave Dykstra <dwd bell-labs.com>] PR#2320
*) Fix symbol export list (src/support/httpd.exp) after recent
[Jens-Uwe Mager <jum helios.de>]
solved by another helper script findprg.sh which searches for Perl and
*) Remove the system() call from htpasswd.c, which eliminates a system
[Rex Dieter <rdieter math.unl.edu>] PR#2293, 2316
O_NDELAY on various systems. [Dave Dykstra <dwd bell-labs.com>] PR#2313
*) PORT: helpers/GuessOS updates for various versions for NCR SVR4.
*) Fix recently introduced Win32 child spawning code in mod_rewrite.c which
[Dave Dykstra <dwd bell-labs.com>, Ralf S. Engelschall] PR#2319
configure and src/Configure depend on this.
*) Changes usage of perror/fprintf to stderr to more proper ap_log_error
*) Various OS/2 cleanups ["Brian Havard" <brianh kheldar.apana.org.au>]
*) PORT: QNX needed a #include <sys/mman.h>; and now it uses flock
[Rob Saccoccio <robs InfiniteTechnology.com>] PR#2295, 2296
[W G Stoddard <wgstodda us.ibm.com>]
[W G Stoddard <wgstodda us.ibm.com>] PR#2294
spawn_child was obsoleted and moved to compat.h
memory. [Rob Saccoccio <robs InfiniteTechnology.com>] PR#2252
*) Fix src/support/httpd.exp (DSO export file which is currently only
``RewriteRule ^myscript$ - [T=application/x-httpd-cgi]'' This was often
*) Fix discrepancy in proxy_ftp.c which was causing failures when
[Rick Ohnemus <rick ecompcon.com>]
*) Improve RFC1413 support. [Bob Beck <beck bofh.ucs.ualberta.ca>]
[Ben Laurie and Bill Stoddard <wgstodda us.ibm.com>] PR#1129, 1607
[Ernst Kloppenburg <kloppen isr.uni-stuttgart.de>] PR#2094
*) Support for the NCR MP/RAS 3.0
[John Withers <withers semi.kcsc.mwr.irs.gov>]
*) The LDFLAGS_SHLIB_EXPORT variable of src/Configuration[.tmpl] was
not retrieved in src/Configure and thus was not useable.
- SUBDIRS is now generated in src/Makefile only and not in
Makefile.config because it is a local define for this location.
- update the "depend" targets in Makefile.tmpl files to use $(OSDIR), too.
- replaced SHLIB_OBJS/SHLIBS_OBJ consistently with OBJS_PIC because OBJS
- replaced ugly xx-so.o/xx.so-o hack with a clean and consistent usage
of xxx.lo as GNU libtool does with its PIC objects
- reduce local complexity in modules Makefile.tmpl by moving the last
*) WIN32: Make Win32 work again after the /dev/null DoS fix.
*) When opening "configuration" files (like httpd.conf, htaccess
and htpasswd), Apache will not allow them to be non-/dev/null
necessary. Long-term fix is to either serialize the chdir/spawn combo
htdocs/manual/suexec.html document before using the suexec-related
and htdocs/manual/suexec.html documents.
UID/GID and safe PATH, too.
- overhauled mkshadow.sh script: now its more IFS-safe and approx. twice
*) Add a note to httpd.conf-dist that apache will on some systems fail
and not the original statically list from modules.c
confusion with the next point and reduces the Makefile.tmpl complexity
6. The modules.c generation was extended to now contain two
of loading/linking (we use load=link+load & link=activate instead of
*) Fix the generated mod_xxx.c from "apxs -g -f xxx" after the
*) Add a comment to mod_example.c showing the format of a FLAG command
places in the code (e.g. DATE_GMT). PR#1551
zone information in their tm struct. [Paul Eggert <eggert twinsun.com>]
*) get/set_module_config are trivial enough to be better off inline. Worth
*) Fix off-by-one error in ap_proxy_date_canon() in proxy_util.c
*) Fix debug log messages for BS2000/OSD: instead of logging the whole
[Michael Anderson's <mka redes.int.com.mx>]
*) Make sure the referer_log and agent_log entries in the default httpd.conf
*) WIN32: Make roots of filesystems (e.g. c:/) work. [Ben Laurie]
from mod_so.c to Configure because first it needs $PLAT etc. and second
[Jaromir Dolecek <dolecek ics.muni.cz>] PR#2165
[Jaromir Dolecek <dolecek ics.muni.cz>, Ralf S. Engelschall] PR#2158
AIX variants should work fine, too. Even AIX 3.x should work). This is
which we put into a os/unix/os-dso-aix.c file.
*) Fix two bugs in select() handling in http_main.c.
side-effect this reduces some subdir fiddling in configure+Makefile.tmpl.
"make root=/tmp/apache install" for rolling the package without bristling
*) Workaround braindead AWK's when generating ap_config.h: The split() and
*) Fix DEBUG_CGI situation in mod_cgi.c [David MacKenzie] PR#2114
*) Make sure that "make install" doesn't overwrite the `mime.types' and
*) PORT: Dynamic Shared Object (DSO) support for OpenBSD 2.x
variables) to avoid side-effects in "src/Configure" when the user
*) Provide backward compatibility from some old src/Configuration.tmpl
*) NeXT required strdup() in support/logresolve.c
[Francisco Tomei <fatomei sandburg.unm.edu>] PR#2082
*) PORT: Added HP-UX 11 patches [Jeff Earickson <jaearick colby.edu>]
ap_snprintf, and ap_psprintf). See include/ap.h for docs.
*) Because /usr/local/apache is the default prefix the ``configure
to `char *' under OSF1 and FreeBSD 2.x where it is defined this way
*) PORT: Make sure some AWK's don't fail in src/Configure with "string too
long" errors when generating the MODULES entry for src/Makefile
*) Make sure src/Configure doesn't complain about the old directory
/usr/local/etc/httpd/ when APACI is used. [Lars Eilebrecht]
*) Adding DSO support for the HP/UX platform by emulating the dlopen-style
interface via the similar but proprietary HP/UX shl_xxx-style system
APACI Makefile.tmpl "install" target more robust for sensible UnixWare
- Apache provided general functions (e.g., ap_cpystrn)
- Public API functions (e.g., palloc, bgets)
cross-object usage) but should be (e.g., new_connection)
For backward source compatibility a new header file named compat.h was
dummy.so file (containing dummy references to all global symbols) the
Placing the Apache core code itself into a DSO library named libhttpd.so.
where we perhaps exploit this libhttpd.so mechanism for providing nifty
inside the src subtree (i.e. for non-APACI users). Following GNU Makefile
[Todd Eigenschink <eigenstr mixi.net>] PR#2045
to the mak/dsp files. [Alexei Kosut]
*) Add documentation file and src/Configuration.tmpl entry for the
*) Now src/Configure uses a fallback strategy for the shared object support
and installation of the support tools from the src/support/ area.
dynamic shared object (DSO) mechanism [mod_so.c]. The trick here is that
Apache C header files (PREFIX/include) and the new APXS tool
(SBINDIR/apxs). The intend is to provide a handy tool for third-party
modules, from trivial ones (single mod_foo.c) to complex ones (like PHP3
*) Modify the log directives in httpd.conf-dist files to use CustomLog
script and a corresponding top-level "Makefile.tmpl" file. The goal is
the old src/Configure stuff in batch and additionally installs the
routines. Use this to replace http_bprintf.c. Add new routines
is necessary on at least Solaris where the /etc/rc?.d scripts
[Rein Tollevik <reint sys.sol.no>] PR#2009
[Rein Tollevik <reint sys.sol.no>] PR#2010
[Jürgen Keil <jk tools.de>] PR#2000
http://.../cgi-bin/...?http%3A%2F%2F... references) [Martin Kraemer]
[Tim Costello <tjcostel socs.uts.edu.au>] PR#1890
the mod_proxy.html and corrected the hyperlink to it in the
new_features_1.3.html document. [Ralf S. Engelschall] PR#1348
*) Fix a bug in the src/helpers/fp2rp script and make it a little bit
*) Add the new ApacheBench program "ab" to src/support/: This is derived
*) src/include/ap_config.h now wraps it's #define's with #ifndef/#endif's
*) [PORT] For A/UX change the OS-#define for -DAUX to -DAUX3.
the ugly export kludge, makes the one-liner file mod_mime.h obsolete, and
*) util.c cleanup and speedup. [Dean Gaudet]
[Dmitry Khrustalev <dima bog.msu.su>]
TZ variable. [Jay Soffian <jay cimedia.com>] PR#1888
[Siegmund Stirnweiss <siegst kat.ina.de>] PR#1900
[Tony Finch <fanf demon.net>] PR#1925
modules as shared objects. Especially Solaris 2.x, SunOS 4.1, IRIX and
*) The Configure script now generates src/include/ap_config.h which
[Joel Truher <truher wired.com>]
"http://host" url is treated as if a similar "Host:" header had been
supplied. This change was made to support future HTTP/1.x protocols
*) API: Cleanup of code in http_vhost.c, and remove vhost matching
[Chia-liang Kao <clkao cirx.org>] PR#1531
[Konstantin Morshnev <moko design.ru>] PR#1771
address. [Todd Eigenschink <eigenstr mixi.net>] PR#1885
*) API: A new source module main/util_uri.c; It contains a routine
user; /* user name, as in http://user:passwd@host:port/ */
password; /* password, as in http://user:passwd@host:port/ */
a username can contain when trying to expand it via /etc/passwd.
Jay Soffian <jay cimedia.com>] PR#1631
*) Hide Proxy-Authorization from CGI/SSI/etc just like Authorization is
<luomat peak.org>]
<ache nagual.pp.ru> and Jim] PR#1450
Alvaro Martinez Echevarria <alvaro lander.es>]
[Charles Fu <ccwf klab.caltech.edu>] PR#1847
directive. [Enrik Berkhan <enrik inka.de>] PR#1816
[Lauri Jesmin <jesmin ut.ee>] PR#1701
*) Source file dependencies in Makefile.tmpl files throughout the
htdocs/manual/known_client_problems.html are in the default
(like mod_dld for Win32). This replaces mod_dld.c. Use SharedModule
[Michael Douglass <mikedoug texas.net>, Dean Gaudet]
header files are in the src/include directory. The -Imain -Iap
and mod_rewrite) have not been moved to src/include; nor have
calls that use too small an initial guess, see alloc.c.
[Mark Andrew Heinrich <heinrich tinderbox.Stanford.EDU>]
because the key/value is a constant, or the value has been built
Note that it is easy to get code subtly wrong if you pass a key/value
safe thing to do is to pass key/values which are in the pool of
i.e. if the table is part of a subrequest, a value from the main
usage, enabled by defining POOL_DEBUG. See alloc.c for more details.
[Dmitry Khrustalev <dima bog.msu.su>, Dean Gaudet]
[Martin Kraemer, with code from Peter Wemm <peter zeus.dialix.oz.au>
*) API: "typedef array_header table" removed from alloc.h, folks should
HAVE_MMAP/SHMGET #defines strictly are informational that the
Unixware 1.x appears to have the same SIGHUP bug as solaris does with
[Tom Hughes <thh cyberscience.com>] PR#1082, PR#1282, PR#1499, PR#1553
*) PORT: A/UX can handle single-listen accepts without mutex
[Paul Eggert <eggert twinsun.com>] PR#1343
*) suexec errors now include the errno/description. [Marc Slemko] PR#1543
[Keith Severson <keith sssd.navy.mil>] PR#1613
[Keith Severson <keith sssd.navy.mil>] PR#1614
*) Some const declarations in mod_imap.c that were added for debugging
*) The src/main/*.h header files have had #ifndef wrappers added to
multiple paths (e.g., in .c files as well as other .h files).
src/ap/ap.h, to ease their use in non-httpd applications. [Ken Coar]
but before the header file contents. [John Van Essen <jve gamers.org>]
set with SetEnv/BrowserMatch and similar directives.
was found. Noticed by <robinton amtrash.comlink.de> (Soeren Ziehe)
[Soeren Ziehe <robinton amtrash.comlink.de>, Martin Kraemer]
(the Siemens BS2000/OSD family) in the POSIX subsystem
Located in libap.a. [Jim Jagielski]
[Stephen Scheck <sscheck infonex.net>, Ben Laurie] PR#1604
alloc.c (affects win32 only). [Ben Hyde]
[Ben Reser <breser regnow.com>] PR#1366
[Gregory A Lundberg <lundberg vr.net>]
server itself (like the src/support tools). [Ken Coar]
[Igor Tatarinov <tatarino prairie.NoDak.edu>]
It also wouldn't handle "AddIconByType (TXT,/icons/text.gif text/*"
htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
[<malcolm mgdev.demon.co.uk>] PR#1378
set errno. [Igor Tatarinov <tatarino prairie.NoDak.edu>]
*) WIN32: Cure file leak in CGIs. [Peter Tillemans <pti net4all.be>] PR#1523
[Frank Faubert <frank sane.com>]
can be used by items in src/support among other things.
(e.g., <Directory>) where they're invalid. [Martin Kraemer]
for fgetc() and fgets() on SunOS 4.x. [Martin Kraemer, Ben Hyde]
read the file. [Ben Hyde <bhyde gensym.com>]
the display. [Ken Coar, suggested by Brian Tiemann <btman pacific.net>]
*) PORT: Update the LynxOS port. [Marius Groeger <mag sysgo.de>]
[David Chambers <davidc flosun.salk.edu>] PR#1294
[M.D.Parker] PR#1352
*) Inherit a bugfix to fnmatch.c from FreeBSD sources.
[Андрей Чернов <ache nagual.pp.ru>] PR#1311
sources as Unix now. [Brian Havard <brianh kheldar.apana.org.au>]
[Paul Eggert <eggert twinsun.com>] PR#1342
*) A mild SIGTERM/SIGALRM race condition was eliminated.
*) Warn user that default path has changed if /usr/local/etc/httpd
*) PORT: On AIX 1.x files can't be named '@', fix the proxy cache
[David Schuler <schuld btv.ibm.com>] PR#1317
Document this a bit more in src/PORTING. [Dean Gaudet] PR#467
*) WIN32: Make index.html and friends work under Win95. [Ben Laurie]
[John Line <jml4 cam.ac.uk>] PR#1321
*) Default pathname has been changed everywhere to /usr/local/apache
[Sameer <sameer c2.net>]
[David Bronder <David-Bronder uiowa.edu>] PR#849
[David Schuler <schuld btv.ibm.com>] PR#1267
[Philippe Vanhaesendonck <pvanhaes be.oracle.com>,
Omar Del Rio <al112263 academ01.lag.itesm.mx>] PR#482, 1246
[Chris Craft <ccraft cncc.cc.co.us>] PR#977
*) PORT: UnixWare 2.x requires -lgen for syslog.
[Hans Snijder <hs meganet.nl>] PR#1249
["Pavel Yakovlev (Paul McHacker)" <hac tomcat.olly.ru>]
*) New support tool: src/support/split-logfile, a sample Perl script which
*) Makefile.tmpl was not using $CFLAGS in the link phase.
*) Add debugging code to alloc.c. Defining ALLOC_DEBUG provides a
Purify. See main/alloc.c for more details. [Dean Gaudet]
be used for whatever reason is appropriate (i.e. format() warnings
gcc >= 2.7.x (so that we have fewer support issues with older
Also removed the auto-generated link to www.apache.org that was the
*) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
this is a bug. ["Paul B. Henson" <henson intranet.csupomona.edu>]
[Rick Franchuk <rickf transpect.net>] PR#1107, 987, 588
*) Fixed error in proxy_util.c when looping through multiple host IP
buffered writes -- that is, it will buffer up to PIPE_BUF (i.e. 4k)
*) API: New register_other_child() API (see http_main.h) which allows
*) API: New piped_log API (see http_log.h) which implements piped logs,
Some things (like RewriteMaps) were checked/performed even if they
*) Removal of mod_auth_msql.c from the distribution. There are many
http://modules.apache.org/ It would be nice to offer a generic
Makefile on the fly based on Makefile.tmpl and Configuration.
Encore's UMAX V: Arieh Markel <amarkel encore.com>
Acorn RISCiX: Stephen Borrill <sborrill xemplar.co.uk>
*) support/httpd_monitor is no longer distributed because the
the headers/contents of the request. It does not run during subrequests
USE_xxx_SERIALIZED_ACCEPT in conf.h. xxx is FCNTL for fcntl(),
- Linux 2.x uses flock instead of fcntl
- Solaris 2.x uses pthreads
*) PORT: The semantics of accept/select make it very desirable to use
Modules can be dropped into modules/extra, or in their own
modules/standard. All other source code is in main. OS-specific
match "/home/a/andrew/public_html", now it only matches things
[Dean Gaudet, Dave Hankins <dhankins sugarat.net>]
/dev/tty, etc.)
[Jason Venner <jason idiom.com>] PR#667
and cidr syntax (i.e. 10.1.0.0/16). PR#762
Apache would omit the chunk header/footer on the next block. Cleaned
e.g. when max_requests_per_child is reached, etc.
[Alexander L Jones <alex systems-options.co.uk>] PR#732
*) PORT: QNX mmap() support for faster/more reliable scoreboard handling.
[Igor N Kovalenko <infoh mail.wplus.net>] PR#683
setting. The define MAX_SPAWN_RATE can be used to raise/lower
in a language that by default does buffering (e.g. perl) this
*) PORT: Allow for use of n32bit libraries under IRIX 6.x
[derived from patch from Jeff Hayes <jhayes aw.sgi.com>]
*) PORT: Linux: Attempt to detect glibc based systems and include crypt.h
*) PORT: QNX doesn't have initgroups() which support/suexec.c uses.
[Igor N Kovalenko <infoh mail.wplus.net>]
[Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#815
rect /url.hrm 10 20 30 40
["Chris O'Byrne" <obyrne iol.ie>] PR#807
["Darren O'Shaughnessy" <darren aaii.oz.au>] PR#846
the output of mod_info. ["Lou D. Langholtz" <ldl usi.utah.edu>]
braindead SunOS 4.1.x, allow env variables to be set even on rules with
i.e. now mod_rewrite no longer has a shared copyright. Instead is is
See http_config.h for more details. [Dean Gaudet]
LoadModule/LoadFile directives. Note that module DLLs must be
Module autoindex_module mod_autoindex.o
*) popendir/pclosedir created to properly protect directory scanning.
["Lou D. Langholtz" <ldl usi.utah.edu>]
command. [Ian Kluft <ikluft cisco.com>]
*) Makefile.nt added - to build all the bits from the command line:
nmake -f Makefile.nt
httpd.h. [Dean Gaudet]
the SFIO library calls sfread/sfwrite if B_SFIO is defined at
work however.) [Alexander Spohr <aspohr netmatic.com>] PR#444
*) Turn off chunked encoding after sending terminating chunk/footer
[Stanley Gambarin <gambarin OpenMarket.com>]
[Ben Laurie and Ambarish Malpani <ambarish valicert.com>]
*) SECURITY: When a client connects to a particular port/addr, and
*) Support virtual hosts with wildcard port and/or multiple ports
properly. [Ed Korthof <ed organic.com>]
and mod_include.c. [Dean Gaudet]
[Mark Andrew Heinrich <heinrich tinderbox.Stanford.EDU>]
<sscheck infonex.net>, Ben Laurie] PR#1604
cases. [Ben Reser <breser regnow.com>] PR#1366
Also removed the auto-generated link to www.apache.org that was the
htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
*) #ifdef wrap a few #defines in httpd.h to make life easier on
*) Fix MPE compilation error in mod_usertrack.c. [Mark Bixby]
should consider comparing against src/modules/standard/mod_include.c
Michal Zalewski <lcamtuf boss.staszic.waw.pl> for reporting
[Brian Slesinsky <bslesins wired.com>] PR#1139
[Jay Bloodworth <jay pathways.sde.state.sc.us>]
*) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
this is a bug. ["Paul B. Henson" <henson intranet.csupomona.edu>]
[Rick Franchuk <rickf transpect.net>] PR#1107
minus WIN32/NT stuff, but plus copyright removement.
[Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#815
an HTTP/0.9 server. [Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#813,814
[Skip Montanaro <skip calendar.com>, Marc Slemko] PR#797
under Solaris 2.x (up through 2.5.1). It has been fixed.
lockfile in any location. It previously defaulted to /usr/tmp/htlock.
*) Add a placeholder in modules/Makefile to avoid errors with certain
*) USE_FLOCK_SERIALIZED_ACCEPT is now default for FreeBSD, A/UX, and
redirect flag, e.g. R=permanent, the permanent status was lost.
[Lawrence Rosenman <ler lerctr.org>] PR#511
*) PORT: NonStop-UX [Joachim Schmitz <schmitz_joachim tandem.com>] PR#327
[David DeSimone <fox convex.com>] PR#399
["P. Alejandro Lopez-Valencia" <alejolo ideam.gov.co>] PR#388
*) PORT: Support for Maxion/OS SVR4.2 Real Time Unix. [no name given] PR#383
*) PORT: fix problem compiling http_bprintf.c with gcc under SCO
*) Fixed open timestamp fd in proxy_cache.c [Chuck Murcko]
change submitted by Jozsef Hollosi <hollosi sbcm.com>.
directive and the DEFAULT_TYPE symbol in httpd.h. Changed the value
of DEFAULT_TYPE to match the documented default (text/plain).
*) In mod_proxy.c, check return values for proxy_host2addr() when reading
the connection (e.g., when user presses Stop). Apache will now stop
*) Rearrange Configuration.tmpl so that mod_rewrite has higher priority
htdocs/manual/stopping.html for details on stopping and
*) The default handler now logs invalid methods or URIs (i.e. PUT on an
buffer or write inside buff.c or fread'ing from a CGI's output,
*) Use /bin/sh5 on ULTRIX. [P. Alejandro Lopez-Valencia] PR#369
*) Add UnixWare compile/install instructions. [Chuck Murcko]
*) Add macro for memmove to conf.h for SUNOS4. [Marc Slemko]
*) More signed/unsigned port fixes. [Dean Gaudet]
*) suexec.c doesn't close the log file, allowing CGIs to continue writing
*) Improved generation of modules/Makefile to be more generic for
*) Fixed overlaying of request/sub-request notes and headers in
when nalloc==0. [Kai Risku <krisku tf.hut.fi> and Roy Fielding]
*) changed status check mask in proxy_http.c from "HTTP/#.# ### *" to
- Changed send_dir() to remove user/passwd from displayed URL.
[Marc Slemko, reported by Onno Witvliet <onno tc.hsa.nl>]
select/accept and keep-alive requests, fixed several bugs regarding
[Ben Laurie, reported by <geddis tesserae.com>]
*) Tweak byteserving code (e.g. serving PDF files) to work around
Emit Content-Length header when sending multipart/byteranges.
*) Port to HI-UX/WE2. [Nick Maclaren]
[Mark Bixby <markb cccd.edu>]
regex/regcomp.c since that file also used a NEXT define.
*) Portability Fix: NeXT lacks unistd.h so we wrap it's inclusion
*) Remove mod_fastcgi.c from the distribution. This module appears
continue to be easily available at http://www.fastcgi.com/
*) Fixed bug in modules/Makefile that wouldn't allow building in more
- execution restricted to UID/GID > 100
*) Replace references to make in Makefile.tmpl with $(MAKE).
*) Add ProxyBlock directive w/IP address caching. Add IP address
[<mgyger itr.ch>, Adrian Filipi-Martin]
[Roy Fielding, after useful PR from <adrian virginia.edu>]
*) Remove requirement for ResourceConfig/AccessConfig if not using
2. initgroups() on Linux 2.0.x clobbers gr->grid.
*) Reset timeout while reading via get_client_block() in mod_cgi.c
*) Add the ability to pass different Makefile.tmpl files to Configure
*) proxy_http.c bugfixes: [Chuck Murcko]
1) fixes possible NULL pointer reference w/NoCache
*) mod_include.c bugfixes:
3) Patch to fix compiler warnings [<perrot lal.in2p3.fr>]
[Ben Yoshino <ben wiliki.eng.hawaii.edu>]
*) Added definitions for S_IWGRP and S_IWOTH to conf.h [Ben Laurie]
http_protocol.c [Roy Fielding]
*) Replaced use of index() in mod_expires.c with more appropriate
*) In helpers/CutRule, replaced "cut" invocation with "awk" invocation
*) Updated helpers/GuessOS for ...
SCO UnixWare 2.1.1 (requires a separate set of #defines in conf.h)
and fixed something in helpers/PrintPath [Ben Laurie]
*) Not listed. See <http://www.apache.org/docs/new_features_1_2.html>
*) mod_env now turned on by default in Configuration.tmpl.
c) Leading colons were stripped from passwords [<osm interguide.com>]
d) Another fix to multi-method Limit problem [<jk tools.de>]
b) truncated hostnames/ip address in the logs
*) Not listed. See <http://www.apache.org/docs/new_features_1_1.html>
*) Internal redirects which occur in mod_dir.c now preserve the
*) Fix for POSIX compliance in waiting for processes in alloc.c.
which works similar to PidFile (in httpd.conf) [Rob Hartill]
*) Include sys/resource.h in the correct place for SunOS4 [Sameer Parekh]
*) the pstrcat call in mod_cookies.c didn't have an ending NULL,
*) Add strerror function to util.c for SunOS4 [Randy Terbush]
*) patch to get Apache compiled on UnixWare 2.x, recommended as
a temporary measure, pending rewrite of rfc931.c. [Chuck Murcko]
*) past changes to http_config.c to only use the
*) Remove uses of MAX_STRING_LEN/HUGE_STRING_LEN from several routines.
and the server provider uses relative links; as file.html
*) Not listed. See <http://www.apache.org/docs/new_features_1_0.html>
*) Fixed potential FILE* leak in http_main.c [Ben Laurie]
*) Eliminated some bogus Linux-only #defines in conf.h [Aram Mirzadeh]
*) Nuked bogus #define in httpd.h [David Robinson]
*) gcc -Wall no longer complains about an unused variable when util.c
*) Rationalize handling of BSD in conf.h and elsewhere [Randy Terbush,
*) Suppress -Wall warning by casting const away in util.c [Aram Mirzadeh]
subprocesses, including the SIGTERM/pause/SIGKILL routine, until
causing certain extremely marginal cases (e.g., ScriptAlias of a
*particular* index.html file) to fail. [David Robinson]
*) Cleaned up compiler warning from mod_access.c [Robert Thau]
*) Cleaned up comments in mod_cgi.c [Robert Thau]
"/path/to/some/link/" follows the link. [Thau, Fielding]
*) Doesn't reset DirectoryIndex to 'index.html' when
*) Clarified init code and nuked bogus warning in mod_access.c
*) Corrected several directives in sample srm.conf
*) Fixed ScriptAlias/Alias interaction by moving ScriptAlias handling to
mod_alias.c, merging it almost completely with handling of Alias, and
using a special file created for the purpose in /usr/tmp, and
which try to print out the last-modified date). [Eric Hagberg/Robert
*) <!--exec cgi="/some/uri/here"--> always treats the item named by the
*) POST to CGI works on A/UX [Jim Jagielski]
it seems to work well enough without it (even in a 10 hits/sec
workout), and the overhead for the locking under A/UX is
*) Fixed portability problems with mod_cookies.c [Cliff Skolnick]
*) Further de-Berklize mod_cookies.c; change the bogus #include. [Brian
Behlendorf/Eric Hagberg]
*) More improvements to default Configuration for A/UX [Jim Jagielski]
*) SunOS lib-function prototypes in conf.h conditionalized on __GNUC__,
*) Scoreboard file (/tmp/htstatus.*) no longer publically writable.
properly. (One-line fix to http_protocol.c).
*) Corrected cgi-src/Makefile entry for new imagemap script. [Alexei Kosut]
*) Nuked Shambhala name from src/README; had already cleaned it out
*) Set config file locations properly if not set in httpd.conf
*) Fixed mod_imap.c --- relative paths with base_uri referer don't
be nice if mod_dir.c was robust enough to handle that, but for now,
/tmp/htstatus.*, on which each process has an independent file
*) Moved FCNTL_SERIALIZED_ACCEPT defines into conf.h (that's what
*) Incidental code cleanups in http_main.c --- stop dragging
*) Fixed auth_name-related typos in http_core.c [Brian Behlendorf]
Also, fixed auth typo in http_protocol.c unmasked by this fix.
*) Reordered modules in modules.c so that Redirect takes priority
the same SIGTERM/pause/SIGKILL routine used to ding an errant CGI
*) Fixed silly typo in http_main.c which was suddenly fatal in HP-UX.
*) mod_core.c --- default_type returns DEFAULT_TYPE (the compile-time
memory area every time). Fix is in mod_dir.c. [Paul Sutton]
*) Changes to http_main.c --- root server no longer plays silly
*) mod_dir.c bug fixes: ReadmeName and HeaderName
*) http_request.c now calls unescape_url() more places where it
*) Generalized cleanup interface in alloc.c --- any function can be
registered with alloc.c as a cleanup for a resource pool;
*) More changes in alloc.c --- new cleanup_for_exec() function,
registered with the alloc.c machinery before the server exec()s a
*) Fixed basic thinkos in mod_dbm_auth.c [rst, reported by Mark Cox]
in alloc.c [rst]