CHANGES revision 8491e0600f69b0405e156ea8a419653c065c645b
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews -*- coding: utf-8 -*-
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic UpdaterChanges with Apache 2.5.0
1167fc7904c5f0a472f8df207ac46dd52c7f1ec8Automatic Updater *) SECURITY: CVE-2013-5704 (cve.mitre.org)
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater core: HTTP trailers could be used to replace HTTP headers
46da3117812814a29432a8d9a9ccf8acdbfdadceAutomatic Updater late during request processing, potentially undoing or
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater otherwise confusing modules that examined or modified
cd0aa2d941d1438fabb5337f1f38c49478edf71dAutomatic Updater request headers earlier. Adds "MergeTrailers" directive to restore
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews *) http_protocol: fix logic in ap_method_list_(add|remove) in order:
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater - to correctly reset bits
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - not to modify the 'method_mask' bitfield unnecessarily
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater *) mod_log_config: Allow three character log formats to be registered. For
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater backwards compatibility, the first character of a three-character format
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews must be the '^' (caret) character. [Eric Covener]
3cc98b8ecedcbc8465f1cf2740b966b315662430Automatic Updater *) mod_ssl: Extend the scope of SSLSessionCacheTimeout to sessions
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews resumed by TLS session resumption (RFC 5077). [Rainer Jung]
e171a4137c6ba348957e61b7c4c3541493c0da02Automatic Updater *) mod_authnz_ldap: Return LDAP connections to the pool before the handler
831f79c4310a7d38fc3475ccfff531b2b2535641Automatic Updater is run, instead of waiting until the end of the request. [Eric Covener]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_ldap: Be more conservative with the last-used time for
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews LDAPConnectionPoolTTL. PR54587 [Eric Covener]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_deflate: Don't fail when flushing inflated data to the user-agent
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater and that coincides with the end of stream ("Zlib error flushing inflate
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater buffer"). PR 56196. [Christoph Fausak <christoph fausak glueckkanja.com>]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_proxy: Don't limit the size of the connectable Unix Domain Socket
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater paths. [Christophe Jaillet, Yann Ylavic]
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt *) mod_ssl: dump SSL IO/state for the write side of the connection(s),
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater like reads (level TRACE4). [Yann Ylavic]
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt *) mod_proxy: Shutdown (eg. close notify) the backend connection before
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater closing. [Yann Ylavic]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mpm_event[opt]: Send the SSL close notify alert when the KeepAliveTimeout
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt expires. PR54998. [Yann Ylavic]
2d2dc37599979c83495510f8af8d1756753aa2c5Automatic Updater *) mod_ssl: Ensure that the SSL close notify alert is flushed to the client.
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt PR54998. [Tim Kosse <tim.kosse filezilla-project.org>, Yann Ylavic]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_log_config: Add GlobalLog to allow a globally defined log to
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater be inherited by virtual hosts that define a CustomLog.
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater [Edward Lu <Chaosed0 gmail.com>]
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater records for scalability. [Yingqi Lu <yingqi.lu@intel.com>,
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater Jeff Trawick, Jim Jagielski]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_proxy_html: support automatic detection of doctype and processing
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater of FPIs. PR56285 [Micha Lenk <micha lenk info>, Nick Kew]
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews *) mod_proxy_html: skip documents shorter than 4 bytes
eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews PR 56286 [Micha Lenk <micha lenk info>]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_proxy_fdpass: Fix computation of the size of 'struct sockaddr_un'
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews when passed to 'connect()'.
129090f0f6f91753b4a085ab635e28549fd018adAutomatic Updater [Graham Dumpleton <grahamd apache org>]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) core: Add ap_mpm_resume_suspended() API to allow a suspended connection
d7a77415c13bb2fc2d1acb857486d97e4466e3b8Automatic Updater to resume. PR56333
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Artem <artemciy gmail.com>, Edward Lu <Chaosed0 gmail.com>]
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater *) core: Add ap_mpm_register_socket_callback_timeout() API. [Eric Covener]
1a06700908f5a1d9f4a8d51285a0fd971e2f9117Automatic Updater *) mod_proxy_wstunnel: Honor ProxyWebsocketIdleTimeout in asynchronous
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews processing mode. [Eric Covener]
693c4232dfdffaff672197d4b9fea944c64cf80aAutomatic Updater *) mod_authnz_ldap: Fail explicitly when the filter is too long. Remove
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews unnecessary apr_pstrdup() and strlen(). [Graham Leggett]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) Add the ldap-search option to mod_authnz_ldap, allowing authorization
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater to be based on arbitrary expressions that do not include the username.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater [Graham Leggett]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) Add the ldap function to the expression API, allowing LDAP filters and
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson distinguished names based on expressions to be escaped correctly to
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater guard against LDAP injection. [Graham Leggett]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) Add module mod_ssl_ct, which provides an implementation of Certificate
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater Transparency (RFC 6962) for httpd. [Jeff Trawick]
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater *) mod_proxy: Preserve original request headers even if they differ
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews from the ones to be forwarded to the backend. PR 45387.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_remoteip: Prevent an external proxy from presenting an internal
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont proxy. PR 55962. [Mike Rumph]
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater *) mod_ssl: Add hooks to allow other modules to perform processing at
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont several stages of initialization and connection handling. See
e23256e740b238bddb4ba41ffac5f81a01c92245Automatic Updater *) mod_proxy_wstunnel: Avoid sending error responses down an upgraded
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews websockets connection as it is being close down. [Eric Covener]
08e3b6797706a13054bad749dea04e94b514b8e7Automatic Updater *) mod_proxy_wstunnel: Allow the administrator to cap the amount
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater of time a synchronous websockets connection stays idle with
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews ProxyWebsocketIdleTimeout. [Eric Covener]
b29e5c56eb74a6de1a84c29879afc90ffc6b1436Automatic Updater *) mod_proxy_wstunnel: Change to opt-in for asynchronous support, adding
418cc932318b1d67f88a36904d88d8a5a0a2ba09Automatic Updater directives ProxyWebsocketAsync and ProxyWebsocketAsyncDelay.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Eric Covener]
0977f3f39ef6728516be7976452b9122c8f5607aAutomatic Updater *) mod_proxy_wstunnel: Stop leaking websockets backend connections under
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater event MPM (trunk-only). [Eric Covener]
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater *) mod_proxy_http: Add detach_backend hook (potentially usable
0c39b3ed9409ecb277d5e32fa763a4e4d6598df8Automatic Updater in other proxy scheme handlers). [Jeff Trawick]
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater *) mod_deflate: Add DeflateAlterETag to control how the ETag
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater is modified. The 'NoChange' parameter mimics 2.2.x behavior.
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater PR 45023, PR 39727. [Eric Covener]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_rewrite: Add 'BNF' (backreferences-no-plus) flag to RewriteRule to
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater allow spaces in backreferences to be encoded as %20 instead of '+'.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater [Eric Covener]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_rewrite: Support an optional list of characters to escape in the
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater argument for the 'B' (escape backreferences) flag. [Eric Covener]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater OCSP requests should use a nonce to be checked against the responder's
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater one. PR 56233. [ Yann Ylavic ]
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater *) mod_dir: Default to 2.2-like behavior and skip execution when method is
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater neither GET nor POST, such as for DAV requests. PR 54914. [Chris Darroch]
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater *) mod_rewrite: Rename the handler that does per-directory internal
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson redirects to "rewrite-redirect-handler" from "redirect-handler" so
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater it is less ambiguous and less likely to be reused. [Eric Covener]
27794bebe2634b5ac374e78972649c79300b876aAutomatic Updater *) mod_rewrite: Protect against looping with the [N] flag by enforcing a
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater default limit of 10000 iterations, and allowing each rule to change its
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater limit. [Eric Covener]
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater *) mod_ssl: Fix config merging of SSLOCSPEnable and SSLOCSPOverrideResponder.
be63e68c516117af6af8850904e46a89c7d4423eAutomatic Updater [Jeff Trawick]
c453a50776145e9c1c3fc9c846cfa11f42505081Automatic Updater *) Add HttpContentLengthHeadZero and HttpExpectStrict directives.
f4029eb7463e99df00618de89f0bee5ac062a237Automatic Updater [Yehuda Sadeh <yehuda inktank com>, Justin Erenkrantz]
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater *) mod_ssl: Add -t -DDUMP_CA_CERTS option which dumps the filenames of all
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater configured SSL CA certificates to stdout the same way as DUMP_CERTS does.
f4029eb7463e99df00618de89f0bee5ac062a237Automatic Updater *) mod_ssl: Don't flush when an EOS is received. Prepares mod_ssl
e628576d3b3d91c8954679077f4c208f1e43b433Automatic Updater to support write completion. [Graham Leggett]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Add parse_errorlog_arg callback to ap_errorlog_provider
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater to allow providers to check the ErrorLog argument. [Jan Kaluza]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) mod_cgid: Use the servers Timeout for each read from a CGI script,
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater allow override with new CGIDRequestTimeout directive. PR43494
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eric Covener, Toshikuni Fukaya <toshikuni-fukaya cybozu co jp>]
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater *) core: ensure any abnormal exit is reported to stderr if it's a tty.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater PR 55670 [Nick Kew]
9b1207058e739f5267dd1565cd04cc93092f068fAutomatic Updater *) mod_lua: Let the Inter-VM get/set functions work with a global
c453a50776145e9c1c3fc9c846cfa11f42505081Automatic Updater shared memory pool instead of a per-process pool. [Daniel Gruno]
19b3dc94bce93fa76bd7e066f9298630dbc9dcb4Automatic Updater *) ldap: Support ldaps when using the Microsoft LDAP SDK.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater PR 54626. [Jean-Frederic Clere]
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater *) mod_proxy: Add ap_connection_reusable() for checking if a connection
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is reusable as of this point in processing. [Jeff Trawick]
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater *) mod_authnz_ldap: Change default value of AuthLDAPMaxSubGroupDepth to 0
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater to avoid performance problems when subgroups aren't in use. [Eric Covener]
71bd43eebd9d6e42dbcae62b730f5b6508d5acd8Automatic Updater *) mod_syslog: New module implementing syslog ap_error_log provider.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Previously, this code was part of core, now it's in separate module.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Add ap_errorlog_provider to make ErrorLog logging modular. Move
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater syslog support from core to new mod_syslog. [Jan Kaluza]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_status, mod_echo: Fix the display of client addresses.
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater They were truncated to 31 characters which is not enough for IPv6 addresses.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews PR 54848 [Bernhard Schmidt <berni birkenwald de>]
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [Jeff Trawick]
e628576d3b3d91c8954679077f4c208f1e43b433Automatic Updater *) mod_unique_id: Use output of the PRNG rather than IP address and
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews pid, avoiding sleep() call and possible DNS issues at startup,
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews plus improving randomness for IPv6-only hosts.
c453a50776145e9c1c3fc9c846cfa11f42505081Automatic Updater [Jan Kaluza <jkaluza redhat.com>]
f7c88d61cc1ad2435b0b7cfaedfc9d5248c0be25Automatic Updater *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater filter "none" to be specified in AuthLDAPURL. [Eric Covener]
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic Updater *) mod_file_cache: mod_file_cache should be able to serve files that
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
f7a71eef29bcbf892270460269c79664f600cffdAutomatic Updater *) core: merge AllowEncodedSlashes from the base configuration into
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater virtual hosts. [Eric Covener]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) AIX: Install DSO's with "cp" instead of "install" in instdso.sh
cf7e98f59148b559946a7f1ca728471374f1eef3Automatic Updater [Eric Covener]
bf9b61c7904437745aeeb0f7d5036b35dad2a8a5Automatic Updater *) mod_ldap: Don't keep retrying if a new LDAP connection times out.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater [Eric Covener]
415827fa645306ee54b7c5480f52c19217035103Automatic Updater *) mod_deflate: permit compilation of mod_deflate against a zlib that has
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson been configured with -D Z_PREFIX, which redefines the token "deflate".
415827fa645306ee54b7c5480f52c19217035103Automatic Updater [Eric Covener]
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater *) mod_auth_digest: Use the secret when generating nonces in all cases and
48b36fa08b2b5bc0d552dc2a4425b3f7007b3d59Automatic Updater not only when AuthName is used in .htaccess files (this change may cause
e5fe07a7ebff18f7ed4ac434b37daff6c8ee5d5bAutomatic Updater problems if used with round robin load balancers). Don't regenerate the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington secret on graceful restarts. PR 54637 [Stefan Fritsch]
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews *) core: Remove apr_brigade_flatten(), buffering and duplicated code
129090f0f6f91753b4a085ab635e28549fd018adAutomatic Updater from the HTTP_IN filter, parse chunks in a single pass with zero copy.
7858b0168b866c0c2878fc4ea31fb5e581c1a6a9Automatic Updater Reduce memory usage by 48 bytes per request. [Graham Leggett]
9174e44c14b1cb91a651fa1dc29470438c246ab9Automatic Updater *) core: Stop the HTTP_IN filter from attempting to write error buckets
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson to the output filters, which is bogus in the proxy case. Create a
e2caa7536302de34de6cc04025abcd53dc3a499aAutomatic Updater clean mapping from APR codes to HTTP status codes, and use it where
56e7dc0c24b04210dcbffb180a9e35644fb820daAutomatic Updater needed. [Graham Leggett]
8292deab031e7599cd7622aa7675fbe139ca6095Mark Andrews *) mod_proxy: Ensure network errors detected by the proxy are returned as
0b57424d28c9a67018107133f9fbc0a7dcf057e2Mark Andrews 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
0b57424d28c9a67018107133f9fbc0a7dcf057e2Mark Andrews compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.
ca35524ce2b57e6f1b261d23565d1288a355d12fAutomatic Updater *) mod_dav: mod_dav overrides dav_fs response on PUT failure. PR 35981
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews [Basant Kumar Kukreja <basant.kukreja sun.com>, Alejandro Alvarez
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_ldap: LDAP connections used for authentication were not respecting
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews LDAPConnectionPoolTimeout. PR 54587
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) core: ap_rgetline_core now pulls from r->proto_input_filters.
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_proxy_html: process parsed comments immediately.
3351ccbd5c1961404044f8273d54dad405f53960Mark Andrews Fixes bug where parsed comments may be lost. [Nick Kew]
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater *) core: Add option to add valgrind support. Use it to reduce false positive
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater warnings in mod_ssl. [Stefan Fritsch]
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater Cache the result of the most recent password hash verification for every
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater keep-alive connection. This saves some expensive calculations.
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater [Stefan Fritsch]
7d12a6b412fe47e6d6582923fd6954ab8cd0baebAutomatic Updater *) http: Remove support for Request-Range header sent by Navigator 2-3 and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington MSIE 3. [Stefan Fritsch]
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews conformance or to only log the found problems. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: Correctly parse an IPv6 literal host specification in an absolute
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews URL in the request line. [Stefan Fritsch]
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) EventOpt MPM
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews *) core: Add LogLevelOverride directive that allows to override the
06f5acb11f1c32228d93eefd1eb841dbfb1c7f4dAutomatic Updater loglevel for clients from certain IPs. This also works for things
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater like the SSL handshake where <If> LogLevel ... </If> is evaluated
7f79131f9a8e804b93c57f3c679065cce878b726Automatic Updater too late. [Stefan Fritsch]
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson *) core: Add new directive Warning to issue warnings from a configuration
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic Updater file. Both Warning and Error now generate a timestamped log message.
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews [Fabien Coelho]
ac4e70ff8955669341f435bc0a734a17c01af124Mark Andrews *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington variables. [Stefan Fritsch]
b109432c3a939bff66a463be86c371bd88efe3aaAutomatic Updater *) core: New directive RegisterHttpMethod for registering non-standard
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater HTTP methods. [Stefan Fritsch]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater *) core: New directive HttpProtocol which allows to disable HTTP/0.9
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater support. [Stefan Fritsch]
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater *) mod_allowhandlers: New module to forbid specific handlers for specific
b1265b5a06df36d490d4bdf54284fb133a1f5a84Automatic Updater directories. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_systemd: New module, for integration with systemd on Linux.
665ba746c0585088d0c314dcfc4671aa2c7b2dc1Automatic Updater [Jan Kaluza <jkaluza redhat.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) WinNT MPM: Store pid and generation for each thread in scoreboard
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to allow tracking of threads from exiting children via mod_status
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington or other such mechanisms. [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mutexes (Mutex)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - mod_cache: thundering herd lock directory
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - mod_ldap: shared memory cache
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Jeff Trawick]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) suexec: Add --enable-suexec-capabilites support on Linux, to use
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington setuid/setgid capability bits rather than a setuid root binary.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) suexec: Add support for logging to syslog as an alternative to logging
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to a file; configure --without-suexec-logfile --with-suexec-syslog.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington [Matthew Steele <mdsteele google.com>]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington be compiled by the build compiler instead of the host compiler.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington PR 51257. [Guenter Knauf]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) core: In maintainer mode, replace apr_palloc with a version that
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington initializes the allocated memory with non-zero values, except if
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_policy: Add a new testing module to help server administrators
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington enforce a configurable level of protocol compliance on their
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington servers and application servers behind theirs. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_firehose: Add a new debugging module able to record traffic
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington passing through the server in such a way that connections and/or
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington requests be reconstructed and replayed. [Graham Leggett]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) mod_noloris
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington *) Simple MPM
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater [Apache 2.5.0-dev includes those bug fixes and changes with the
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater Apache 2.4.xx tree as documented below, except as noted.]
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterChanges with Apache 2.4.x and later:
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterChanges with Apache 2.2.x and later:
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterChanges with Apache 2.0.x and later: