CHANGES revision 8eee941f4b6c13e7a598dff3554e5fb4ac7b501b
842ae4bd224140319ae7feec1872b93dfd491143fielding -*- coding: utf-8 -*-
842ae4bd224140319ae7feec1872b93dfd491143fieldingChanges with Apache 2.5.0
842ae4bd224140319ae7feec1872b93dfd491143fielding *) htdigest: Fix buffer overflow when reading digest password file
842ae4bd224140319ae7feec1872b93dfd491143fielding with very long lines. PR 54893. [Rainer Jung]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_setenvif: Fix crash in case SetEnvif and SetEnvIfExpr are used
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd together. PR 54881. [Ruediger Pluem]
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd *) mod_dav: Make sure that when we prepare an If URL for Etag comparison,
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd we compare unencoded paths. PR 53910 [Timothy Wood <tjw omnigroup.com>]
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd *) core, mod_ssl: Lift the restriction that prevents mod_ssl taking
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd full advantage of the event MPM. Enable the ability for a module
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb to reverse the sense of a poll event from a read to a write or vice
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb versa. [Graham Leggett]
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh *) core: Add workaround for gcc bug on sparc/64bit. PR 52900.
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh [Stefan Fritsch]
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh *) htpasswd: Add -v option to verify a password. [Stefan Fritsch]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) htpasswd, htdbm: Fix password generation. PR 54735. [Stefan Fritsch]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_dav: Improve error handling in dav_method_put(), add new
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb dav_join_error() function. PR 54145. [Ben Reser <ben reser.org>]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_auth_digest: Fix crashes if shm initialization failed. [Stefan
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_ldap: LDAP connections used for authentication were not respecting
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb LDAPConnectionPoolTimeout. PR 54587
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) core: ap_rgetline_core now pulls from r->proto_input_filters.
a72211e92bab814bfa28ee086ca9b2a1a6095c92chrisd *) mod_proxy_html: process parsed comments immediately.
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb Fixes bug where parsed comments may be lost. [Nick Kew]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_proxy_html: introduce doctype for HTML 5 [Nick Kew]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_proxy_html: fix typo-bug processing "strict" vs "transitional"
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) core: Add option to add valgrind support. Use it to reduce false positive
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb warnings in mod_ssl. [Stefan Fritsch]
750d12c59545dbbac70390988de94f7e901b08f2niq *) mod_lua: Add bindings for apr_dbd/mod_dbd database access
82632a19f2f9c346fee2b28a65920ba9737b3973minfrin [Daniel Gruno]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) mod_authn_file, mod_authn_dbd, mod_authn_dbm, mod_authn_socache:
db455cbc662c98dbbf53175393c50086ff63370cchrisd Cache the result of the most recent password hash verification for every
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb keep-alive connection. This saves some expensive calculations.
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb [Stefan Fritsch]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) http: Remove support for Request-Range header sent by Navigator 2-3 and
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb MSIE 3. [Stefan Fritsch]
7184de27ec1d62a83c41cdeac0953ca9fd661e8csf *) core, http: Extend HttpProtocol with an option to enforce stricter HTTP
7184de27ec1d62a83c41cdeac0953ca9fd661e8csf conformance or to only log the found problems. [Stefan Fritsch]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) core: Correctly parse an IPv6 literal host specification in an absolute
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz URL in the request line. [Stefan Fritsch]
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz *) mod_ssl: add support for subjectAltName-based host name checking
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz in proxy mode. PR 54030. [Kaspar Brand]
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz *) mpm_event: Check that AsyncRequestWorkerFactor is not negative. PR 54254.
18b5268e013574026b2503b1641baf3299045f45sf [Jackie Zhang <jackie qq zhang gmail com>]
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz *) mod_ssl: Add support for OpenSSL configuration commands [Stephen Henson]
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) EventOpt MPM
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb *) core: Add LogLevelOverride directive that allows to override the
4f9c22c4f27571d54197be9674e1fc0d528192aestriker loglevel for clients from certain IPs. This also works for things
a2a0abd88b19e042a3eb2a9fa1702c25ad51303dwrowe like the SSL handshake where <If> LogLevel ... </If> is evaluated
4f9c22c4f27571d54197be9674e1fc0d528192aestriker too late. [Stefan Fritsch]
4f9c22c4f27571d54197be9674e1fc0d528192aestriker *) core: Add new directive Warning to issue warnings from a configuration
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb file. Both Warning and Error now generate a timestamped log message.
4f9c22c4f27571d54197be9674e1fc0d528192aestriker [Fabien Coelho]
4f9c22c4f27571d54197be9674e1fc0d528192aestriker *) ap_expr: Add SERVER_PROTOCOL_VERSION, ..._MAJOR, and ..._MINOR
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb variables. [Stefan Fritsch]
18b5268e013574026b2503b1641baf3299045f45sf *) core: New directive RegisterHttpMethod for registering non-standard
18b5268e013574026b2503b1641baf3299045f45sf HTTP methods. [Stefan Fritsch]
4f9c22c4f27571d54197be9674e1fc0d528192aestriker *) core: New directive HttpProtocol which allows to disable HTTP/0.9
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb support. [Stefan Fritsch]
4f9c22c4f27571d54197be9674e1fc0d528192aestriker *) mod_allowhandlers: New module to forbid specific handlers for specific
b38846b15c8891c6dec44dcc4f96ca40721bf663rbb directories. [Stefan Fritsch]
a72211e92bab814bfa28ee086ca9b2a1a6095c92chrisd *) configure: Fix processing of --disable-FEATURE for various features.
a72211e92bab814bfa28ee086ca9b2a1a6095c92chrisd [Jeff Trawick]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_systemd: New module, for integration with systemd on Linux.
963f8b44ac95132458ea3b6aaa8ebc135188e473takashi [Jan Kaluza <jkaluza redhat.com>]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_cache_socache: New cache implementation backed by mod_socache
2d399cd7535887fceaa9f8f116eb98ce68ddd602trawick that replaces mod_mem_cache removed from httpd v2.2. [Graham
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) core: Add dirwalk_stat and pre_htaccess hooks, allowing mpm-itk
731344ed8f3677d1661c261ca5fcdd2ee3dbc74ccoar to be used without patches to httpd core. [Jeff Trawick]
4760b58cc9fe170e4ad4648ed4ff7a422a2cef38sf *) mod_lua: Add LuaInputFilter/LuaOutputFilter for creating content
4760b58cc9fe170e4ad4648ed4ff7a422a2cef38sf filters in Lua [Daniel Gruno]
731344ed8f3677d1661c261ca5fcdd2ee3dbc74ccoar *) WinNT MPM: Store pid and generation for each thread in scoreboard
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe to allow tracking of threads from exiting children via mod_status
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe or other such mechanisms. [Jeff Trawick]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_ssl: Catch missing or mismatched client cert/key pairs with
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe SSLProxyMachineCertificateFile/Path directives. PR 52212.
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe [Keith Burdis <keith burdis.org>, Joe Orton]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_lua: Allow scripts handled by the lua-script handler to return
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe a status code to the client (such as a 302 or a 500) [Daniel Gruno]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_lua: Decline handling 'lua-script' if the file doesn't exist,
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf rather than throwing an internal server error. [Daniel Gruno]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_lua: Add functions r:flush and r:sendfile as well as additional
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe request information to the request_rec structure. [Daniel Gruno]
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar *) mod_lua: Add a server scope for Lua states, which creates a pool of
3770ed746d69c7a4111cba9966169bd5d7a509a6poirier states with managable minimum and maximum size. [Daniel Gruno]
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar *) core: Add post_perdir_config hook.
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar [Steinar Gunderson <sgunderson bigfoot.com>]
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz *) mod_lua: Add new directive, LuaMapHandler, for dynamically mapping
2a6e98ba4ffa30ded5d8831664c5cb2a170a56b6coar URIs to Lua scripts and functions using regular expressions.
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar [Daniel Gruno]
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar *) mod_lua: Add new directive LuaCodeCache for controlling in-memory
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar caching of lua scripts. [Daniel Gruno]
8419e6f8bff1a3617933f3ba760d2bdec7442f44coar *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
2a6e98ba4ffa30ded5d8831664c5cb2a170a56b6coar - APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
d4abb06ac220bb280ae996b6d21bbd257db51bb1jerenkrantz mutexes (Mutex)
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe - mod_cache: thundering herd lock directory
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe - mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe - mod_ldap: shared memory cache
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe - mod_socache_shmcb, mod_socache_dbm: shared memory or dbm for cache
4f9c22c4f27571d54197be9674e1fc0d528192aestriker [Jeff Trawick]
3e392a5afd51526de3cb15d57ee46d8cb160ae65gregames *) suexec: Add --enable-suexec-capabilites support on Linux, to use
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe setuid/setgid capability bits rather than a setuid root binary.
731344ed8f3677d1661c261ca5fcdd2ee3dbc74ccoar [Joe Orton]
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe *) suexec: Add support for logging to syslog as an alternative to logging
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe to a file; configure --without-suexec-logfile --with-suexec-syslog.
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf [Joe Orton]
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe [Matthew Steele <mdsteele google.com>]
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf *) cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf be compiled by the build compiler instead of the host compiler.
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected.
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf PR 51257. [Guenter Knauf]
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe *) core: In maintainer mode, replace apr_palloc with a version that
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe initializes the allocated memory with non-zero values, except if
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
4f9c22c4f27571d54197be9674e1fc0d528192aestriker *) mod_policy: Add a new testing module to help server administrators
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe enforce a configurable level of protocol compliance on their
fa06de8a28a737e8fbaad76d7f3ff67aaa5e4a09wrowe servers and application servers behind theirs. [Graham Leggett]
c2cf53a40a9814eb91db2cdf820f97d943f21628coar *) mod_firehose: Add a new debugging module able to record traffic
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe passing through the server in such a way that connections and/or
4775dfc34c90fada8c7c4d6a57ed8a3114d55c2dtrawick requests be reconstructed and replayed. [Graham Leggett]
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) mod_noloris
11a0edf478ca9c59d80bf73491d89cf019259feeniq *) Simple MPM
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf *) mod_serf
48e4b65042d94992c50f1db6c0b0cdbd99ca77e8sf [Apache 2.5.0-dev includes those bug fixes and changes with the
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe Apache 2.4.xx tree as documented below, except as noted.]
efd83d1dd1a25688a3093c5a542ae16bacef62ddsfChanges with Apache 2.4.x and later:
efd83d1dd1a25688a3093c5a542ae16bacef62ddsf *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewroweChanges with Apache 2.2.x and later:
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewrowe *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
83a8dc5a596a8a1b9d14f063268287d123b9ed7ewroweChanges with Apache 2.0.x and later: