CHANGES revision 925a6d92173ab96cdb0a8976c7aac13ef809e218
298cb3d14d0326f801d6dd105c3e1025227263e0ludo -*- coding: utf-8 -*-
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.12
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Add child_status hook for tracking creation/termination of MPM child
298cb3d14d0326f801d6dd105c3e1025227263e0ludo processes. Add end_generation hook for notification when the last
298cb3d14d0326f801d6dd105c3e1025227263e0ludo MPM child of a generation exits. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Make LDAPSharedCacheSize 0 create a non-shared-memory cache per
298cb3d14d0326f801d6dd105c3e1025227263e0ludo process as opposed to disabling caching completely. This allows to use
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the non-shared-memory cache as a workaround for the shared memory cache
298cb3d14d0326f801d6dd105c3e1025227263e0ludo not being available during graceful restarts. PR 48958. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Add new ap_reserve_module_slots/ap_reserve_module_slots_directive API,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo necessary if a module (like mod_perl) registers additional modules late
298cb3d14d0326f801d6dd105c3e1025227263e0ludo in the startup phase. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Prevent segfault if DYNAMIC_MODULE_LIMIT is reached. PR 51072.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Torsten Förtsch <torsten foertsch gmx net>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) WinNT MPM: Improve robustness under heavy load. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) MinGW build improvements. PR 49535. [John Vandenberg
298cb3d14d0326f801d6dd105c3e1025227263e0ludo <jayvdb gmail.com>, Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Support module names with colons in loglevel configuration.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Torsten Förtsch <torsten foertsch gmx net>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Abort if the MPM is changed across restart. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Peter Pramberger <peter pramberger.at>, Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_fcgi: Add support for 'ProxyErrorOverride on'. PR 50913.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Mark Montague <mark catseye.org>, Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Change the APIs of ap_cfg_getline() and ap_cfg_getc() to return an
298cb3d14d0326f801d6dd105c3e1025227263e0ludo error code. Abort with a nice error message if a config line is too long.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Partial fix for PR 50824. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_info: Dump config to stdout during startup if -DDUMP_CONFIG is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo specified. PR 31956. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Restore visibility of DEFAULT_PIDLOG to core and modules. MPM
298cb3d14d0326f801d6dd105c3e1025227263e0ludo helper function ap_remove_pid() added. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Enable DEFAULT_REL_RUNTIMEDIR on Windows and NetWare. [various]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Correct C++ incompatibility with http_log.h. [Stefan Fritsch, Jeff
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_log_config: Prevent segfault. PR 50861. [Torsten Förtsch
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
298cb3d14d0326f801d6dd105c3e1025227263e0ludo in request URL path info but not decode them. Change behavior of option
298cb3d14d0326f801d6dd105c3e1025227263e0ludo "On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46830. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Check SNI hostname against Host header case-insensitively.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 49491. [Mayank Agrawal <magrawal.08 gmail.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Add LDAPConnectionPoolTTL to give control over lifetime
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of bound backend LDAP connections. PR47634 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Make CacheEnable and CacheDisable configurable per
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directory in addition to per server, making them work from within
298cb3d14d0326f801d6dd105c3e1025227263e0ludo a LocationMatch. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) worker, event, prefork: Correct several issues when built as
298cb3d14d0326f801d6dd105c3e1025227263e0ludo DSOs; most notably, the scoreboard was reinitialized during graceful
298cb3d14d0326f801d6dd105c3e1025227263e0ludo restart, such that processes of the previous generation were not
298cb3d14d0326f801d6dd105c3e1025227263e0ludo observable. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.11
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Win32's cscript interpreter can only use a single quote as comment char.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Guenter Knauf]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: balancer-manager now uses POST instead of GET.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: new util function: ap_parse_form_data(). Previously,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo this capability was tucked away in mod_request. [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: new hook: ap_run_pre_read_request. [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: When a request other than GET or HEAD arrives, we must
298cb3d14d0326f801d6dd105c3e1025227263e0ludo invalidate existing cache entities as per RFC2616 13.10. PR 15868.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) modules: Fix many modules that were not correctly initializing if they
298cb3d14d0326f801d6dd105c3e1025227263e0ludo were not active during server startup but got enabled later during a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo graceful restart. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Create new ap_state_query function that allows modules to determine
298cb3d14d0326f801d6dd105c3e1025227263e0ludo if the current configuration run is the initial one at server startup,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and if the server is started for testing/config dumping only.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Runtime configuration of many parameters for existing
298cb3d14d0326f801d6dd105c3e1025227263e0ludo balancers via the balancer-manager. [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Runtime addition of new workers (BalancerMember) for existing
298cb3d14d0326f801d6dd105c3e1025227263e0ludo balancers via the balancer-manager. [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: When a bad Expires date is present, we need to behave as if
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the Expires is in the past, not as if the Expires is missing. PR 16521.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Co-Advisor <coad@measurement-factory.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: We must ignore quoted-string values that appear in a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Cache-Control header. PR 50199. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Revert change to send 501 error if unknown Content-* header is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo received for a PUT request. PR 42978. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Respect s-maxage as described by RFC2616 14.9.3, which must
298cb3d14d0326f801d6dd105c3e1025227263e0ludo take precedence if present. PR 35247. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Fix a possible startup failure if multiple SSL vhosts
298cb3d14d0326f801d6dd105c3e1025227263e0ludo are configured with the same ServerName and private key file.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Masahiro Matsuya <mmatsuya redhat.com>, Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_socache_dc: Make module compile by fixing some typos.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 50735 [Mark Montague <mark catseye.org>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) prefork: Update MPM state in children during a graceful stop or
298cb3d14d0326f801d6dd105c3e1025227263e0ludo restart. PR 41743. [Andrew Punch <andrew.punch 247realmedia.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_mime: Ignore leading dots when looking for mime extensions.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 50434 [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Add support to set variables with the 'Define' directive. The
298cb3d14d0326f801d6dd105c3e1025227263e0ludo variables that can then be used in the config using the ${VAR} syntax
298cb3d14d0326f801d6dd105c3e1025227263e0ludo known from envvar interpolation. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ProxyAddHeaders defaults to On. [Vincent Deffontaines]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_slotmem_shm: Increase memory alignment for slotmem data.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Add config options for OCSP: SSLOCSPResponderTimeout,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo SSLOCSPResponseMaxAge, SSLOCSPResponseTimeSkew.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Kaspar Brand <httpd-dev.2011 velox.ch>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Revamp output buffering to reduce network overhead for
298cb3d14d0326f801d6dd105c3e1025227263e0ludo output fragmented into many buckets, such as chunked HTTP responses.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Apply <If> sections to all requests, not only to file base requests.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Allow to use <If> inside <Directory>, <Location>, and <Files> sections.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo The merging of <If> sections now happens after the merging of <Location>
298cb3d14d0326f801d6dd105c3e1025227263e0ludo sections, even if an <If> section is embedded inside a <Directory> or
298cb3d14d0326f801d6dd105c3e1025227263e0ludo <Files> section. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Refactor usage of shared data by dropping the scoreboard
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and using slotmem. Create foundation for dynamic growth/changes of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo members within a balancer. Remove BalancerNonce in favor of a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo per-balancer 'nonce' parameter. [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_status: Don't show slots which are disabled by MaxClients as open.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR: 47022 [Jordi Prats <jordi prats gmail com>, Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo AP_MPMQ_MAX_THREADS.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authz_core: Fix bug in merging logic if user-based and non-user-based
298cb3d14d0326f801d6dd105c3e1025227263e0ludo authorization directives were mixed. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authn_socache: change directive name from AuthnCacheProvider
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to AuthnCacheProvideFor. The term "provider" is overloaded in
298cb3d14d0326f801d6dd105c3e1025227263e0ludo this module, and we should avoid confusion between the provider
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of a backend (AuthnCacheSOCache) and the authn provider(s) for
298cb3d14d0326f801d6dd105c3e1025227263e0ludo which this module provides cacheing (AuthnCacheProvideFor).
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_http: Allocate the fake backend request from a child pool
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of the backend connection, instead of misusing the pool of the frontend
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request. Fixes a thread safety issue where buckets set aside in the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo backend connection leak into other threads, and then disappear when
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the frontend request is cleaned up, in turn causing corrupted buckets
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to make other threads spin. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo escape other special characters with backslashes. The old format can
298cb3d14d0326f801d6dd105c3e1025227263e0ludo still be used with the LegacyDNStringFormat argument to SSLOptions.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core, mod_rewrite: Make the REQUEST_SCHEME variable available to
298cb3d14d0326f801d6dd105c3e1025227263e0ludo scripts and mod_rewrite. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Allow to use arbitrary boolean expressions (ap_expr) in
298cb3d14d0326f801d6dd105c3e1025227263e0ludo RewriteCond. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Allow to unset environment variables using E=!VAR.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 49512. [Mark Drayton <mark markdrayton info>, Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_headers: Restore the 2.3.8 and earlier default for the first
298cb3d14d0326f801d6dd105c3e1025227263e0ludo argument of the Header directive ("onsuccess"). [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Disallow the mixing of relative and absolute Options PR 33708.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Sönke Tesch <st kino-fahrplan.de>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: When exporting request headers to HTTP_* environment variables,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo drop variables whose names contain invalid characters. Describe in the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo docs how to restore the old behaviour. [Malte S. Stretz <mss apache org>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: When selecting an IP-based virtual host, favor an exact match for
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the port over a wildcard (or omitted) port instead of favoring the one
298cb3d14d0326f801d6dd105c3e1025227263e0ludo that came first in the configuration file. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Overlapping virtual host address/port combinations now implicitly
298cb3d14d0326f801d6dd105c3e1025227263e0ludo enable name-based virtual hosting for that address. The NameVirtualHost
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directive has no effect, and _default_ is interpreted the same as "*".
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: In the absence of any Options directives, the default is now
298cb3d14d0326f801d6dd105c3e1025227263e0ludo "FollowSymlinks" instead of "All". [Igor Galić]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) rotatelogs: Add -e option to write logs through to stdout for optional
298cb3d14d0326f801d6dd105c3e1025227263e0ludo further processing. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Correctly read full lines in input filter when the line is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo incomplete during first read. PR 50481. [Ruediger Pluem]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
298cb3d14d0326f801d6dd105c3e1025227263e0ludo sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
298cb3d14d0326f801d6dd105c3e1025227263e0ludo fails for an authenticated user. PR 40721. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.10
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Don't implicitly URL-escape the original query string
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when no substitution has changed it. PR 50447. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo such as per-directory mod_rewrite substitutions. PR 50349.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Add 'RewriteOptions InheritBefore' to put the base
298cb3d14d0326f801d6dd105c3e1025227263e0ludo rules/conditions before the overridden rules/conditions. PR 39313.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_autoindex: add IndexIgnoreReset to reset the list of IndexIgnored
298cb3d14d0326f801d6dd105c3e1025227263e0ludo filenames in higher precedence configuration sections. PR 24243.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cgid: RLimit* directive support for mod_cgid. PR 42135
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Fail startup when the argument to ServerName looks like a glob
298cb3d14d0326f801d6dd105c3e1025227263e0ludo or a regular expression instead of a hostname (*?[]). PR 39863
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_userdir: Add merging of enable, disable, and filename arguments
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to UserDir directive, leaving enable/disable of userlists unmerged.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 44076 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) httpd: When no -k option is provided on the httpd command line, the server
298cb3d14d0326f801d6dd105c3e1025227263e0ludo was starting without checking for an existing pidfile. PR 50350
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Put the worker in error state if the SSL handshake with the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo backend fails. PR 50332.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache_disk: Fix Windows build which was broken after renaming
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the module. [Gregg L. Smith]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.9
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2010-1623 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Fix a denial of service attack against mod_reqtimeout.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_headers: Change default first argument of Header directive
298cb3d14d0326f801d6dd105c3e1025227263e0ludo from "onsuccess" to "always". [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_include: Add the onerror attribute to the include element,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo allowing an URL to be specified to include on error. [Graham
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache_disk: mod_disk_cache renamed to mod_cache_disk, to be
298cb3d14d0326f801d6dd105c3e1025227263e0ludo consistent with the naming of other modules. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_setenvif: Add SetEnvIfExpr directive to set env var depending on
298cb3d14d0326f801d6dd105c3e1025227263e0ludo expression. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Fix ProxyPassInterpolateEnv directive. PR 50292.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo binary (Suexec Off), or force startup failure if suEXEC is required
298cb3d14d0326f801d6dd105c3e1025227263e0ludo but not supported (Suexec On). Change SuexecUserGroup to fail
298cb3d14d0326f801d6dd105c3e1025227263e0ludo startup instead of just printing a warning if suEXEC is disabled.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Add Error directive for aborting startup or htaccess processing
298cb3d14d0326f801d6dd105c3e1025227263e0ludo with a specified error message. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Fix the RewriteEngine directive to work within a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo location. Previously, once RewriteEngine was switched on globally,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo it was impossible to switch off. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core, mod_include, mod_ssl: Move the expression parser derived from
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_include back into mod_include. Replace ap_expr with a parser
298cb3d14d0326f801d6dd105c3e1025227263e0ludo derived from mod_ssl's parser. Make mod_ssl use the new parser. Rework
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ap_expr's public interface and provide hooks for modules to add variables
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and functions. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Do the hook sorting earlier so that the hooks are properly sorted
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for the pre_config hook and during parsing the config. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: In the absence of any AllowOverride directives, the default is now
298cb3d14d0326f801d6dd105c3e1025227263e0ludo "None" instead of "All". PR49823 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
298cb3d14d0326f801d6dd105c3e1025227263e0ludo <Directory> or <Files>. PR47765 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) prefork/worker/event MPMS: default value (when no directive is present)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of MaxConnectionsPerChild/MaxRequestsPerChild is changed to 0 from 10000
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to match default configuration and manual. PR47782 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) proxy_connect: Don't give up in the middle of a CONNECT tunnel
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when the child process is starting to exit. PR50220. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_autoindex: Fix inheritance of mod_autoindex directives into
298cb3d14d0326f801d6dd105c3e1025227263e0ludo contexts that don't have any mod_autoindex directives. PR47766.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Add END flag for RewriteRule to prevent further rounds
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of rewrite processing when a per-directory substitution occurs.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Make sure to always log an error if loading of CA certificates
298cb3d14d0326f801d6dd105c3e1025227263e0ludo fails. PR 40312. [Paul Tiemann <issues apache org ourdetour com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Send 501 error if unknown Content-* header is received for a PUT
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request (RFC 2616 9.6). PR 42978. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Send 400 error if malformed Content-Range header is received for
298cb3d14d0326f801d6dd105c3e1025227263e0ludo a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Release the backend connection as soon as EOS is detected,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo so the backend isn't forced to wait for the client to eventually
298cb3d14d0326f801d6dd105c3e1025227263e0ludo acknowledge the data. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Optimise ProxyPass within a Location so that it is stored
298cb3d14d0326f801d6dd105c3e1025227263e0ludo per-directory, and chosen during the location walk. Make ProxyPass
298cb3d14d0326f801d6dd105c3e1025227263e0ludo work correctly from within a LocationMatch. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Fix segfault if per-module LogLevel is on virtual host
298cb3d14d0326f801d6dd105c3e1025227263e0ludo scope. PR 50117. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Move the ProxyErrorOverride directive to have per
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directory scope. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_allowmethods: New module to deny certain HTTP methods without
298cb3d14d0326f801d6dd105c3e1025227263e0ludo interfering with authentication/authorization. [Paul Querna,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Igor Galić, Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Log certificate information and improve error message if client
298cb3d14d0326f801d6dd105c3e1025227263e0ludo cert verification fails. PR 50093, PR 50094. [Lassi Tuura <lat cern ch>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: Teach htcacheclean to limit cache size by number of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo inodes in addition to size of files. Prevents a cache disk from
298cb3d14d0326f801d6dd105c3e1025227263e0ludo running out of space when many small files are cached.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Rename MaxRequestsPerChild to MaxConnectionsPerChild, which
298cb3d14d0326f801d6dd105c3e1025227263e0ludo describes more accurately what the directive does. The old name
298cb3d14d0326f801d6dd105c3e1025227263e0ludo still works but logs a warning. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Optionally serve stale data when a revalidation returns a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo 5xx response, controlled by the CacheStaleOnError directive.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: Allow the listing of valid URLs within the cache, with
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the option to list entry metadata such as sizes and times. [Graham
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: correctly parse quoted strings in cache headers.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 50199 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Allow control over the base URL of reverse proxied requests
298cb3d14d0326f801d6dd105c3e1025227263e0ludo using the CacheKeyBaseURL directive, so that the cache key can be
298cb3d14d0326f801d6dd105c3e1025227263e0ludo calculated from the endpoint URL instead of the server URL. [Graham
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: CacheLastModifiedFactor, CacheStoreNoStore, CacheStorePrivate,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo CacheStoreExpired, CacheIgnoreNoLastMod, CacheDefaultExpire,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo CacheMinExpire and CacheMaxExpire can be set per directory/location.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_disk_cache: CacheMaxFileSize, CacheMinFileSize, CacheReadSize and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo CacheReadTime can be set per directory/location. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Speed up config parsing if using a very large number of config
298cb3d14d0326f801d6dd105c3e1025227263e0ludo files. PR 50002 [andrew cloudaccess net]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Support the caching of HEAD requests. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: Allow the option to round up file sizes to a given
298cb3d14d0326f801d6dd105c3e1025227263e0ludo block size, improving the accuracy of disk usage. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Add authz providers for use with mod_authz_core and its
298cb3d14d0326f801d6dd105c3e1025227263e0ludo RequireAny/RequireAll containers: 'ssl' (equivalent to SSLRequireSSL),
298cb3d14d0326f801d6dd105c3e1025227263e0ludo 'ssl-verify-client' (for use with 'SSLVerifyClient optional'), and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo 'ssl-require' (expressions with same syntax as SSLRequire).
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Make the ssl expression parser thread-safe. It now requires
298cb3d14d0326f801d6dd105c3e1025227263e0ludo bison instead of yacc. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_disk_cache: Change on-disk header file format to support the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo link of the device/inode of the data file to the matching header
298cb3d14d0326f801d6dd105c3e1025227263e0ludo file, and to support the option of not writing a data file when
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the data file is empty. [Graham Leggett]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) core/mod_unique_id: Add generate_log_id hook to allow to use
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the ID generated by mod_unique_id as error log ID for requests.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_cache: Make sure that we never allow a 304 Not Modified response
298cb3d14d0326f801d6dd105c3e1025227263e0ludo that we asked for to leak to the client should the 304 response be
298cb3d14d0326f801d6dd105c3e1025227263e0ludo uncacheable. PR45341 [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Add the cache_status hook to register the final cache
298cb3d14d0326f801d6dd105c3e1025227263e0ludo decision hit/miss/revalidate. Add optional support for an X-Cache
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and/or an X-Cache-Detail header to add the cache status to the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo response. PR48241 [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authz_host: Add 'local' provider that matches connections originating
298cb3d14d0326f801d6dd105c3e1025227263e0ludo on the local host. PR 19938. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Event MPM: Fix crash accessing pollset on worker thread when child
298cb3d14d0326f801d6dd105c3e1025227263e0ludo process is exiting. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: For process invocation (cgi, fcgid, piped loggers and so forth)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo pass the system library path (LD_LIBRARY_PATH or platform-specific
298cb3d14d0326f801d6dd105c3e1025227263e0ludo variables) along with the system PATH, by default. Both should be
298cb3d14d0326f801d6dd105c3e1025227263e0ludo overridden together as desired using PassEnv etc; see mod_env.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [William Rowe]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_cache: Introduce CacheStoreExpired, to allow administrators to
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo capture a stale backend response, perform If-Modified-Since requests
298cb3d14d0326f801d6dd105c3e1025227263e0ludo against the backend, and serving from the cache all 304 responses.
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo This restores pre-2.2.4 cache behavior. [William Rowe]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_rewrite: Introduce <=, >= string comparison operators, and integer
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo comparators -lt, -le, -eq, -ge, and -gt. To help bash users and drop
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo the ambiguity of the symlink test "-ltest", introduce -h or -L as
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo symlink test operators. [William Rowe]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_cache: Give the cache provider the opportunity to choose to cache
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo or not cache based on the buckets present in the brigade, such as the
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo presence of a FILE bucket.
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo [Graham Leggett]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_authz_core: Allow authz providers to check args while reading the
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo config and allow to cache parsed args. Move 'all' and 'env' authz
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo providers from mod_authz_host to mod_authz_core. Add 'method' authz
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo provider depending on the HTTP method. [Stefan Fritsch]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_include: Move the request_rec within mod_include to be
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo exposed within include_ctx_t. [Graham Leggett]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_include: Reinstate support for UTF-8 character sets by allowing a
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo variable being echoed or set to be decoded and then encoded as separate
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo steps. PR47686 [Graham Leggett]
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo *) mod_cache: Add a discrete commit_entity() provider function within the
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo mod_cache provider interface which is called to indicate to the
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo provider that caching is complete, giving the provider the opportunity
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo to commit temporary files permanently to the cache in an atomic
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo fashion. Replace the inconsistent use of error cleanups with a formal
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo set of pool cleanups attached to a subpool, which is destroyed on error.
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Change the signature of the store_body() provider function
298cb3d14d0326f801d6dd105c3e1025227263e0ludo within the mod_cache provider interface to support an "in" brigade
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and an "out" brigade instead of just a single input brigade. This
298cb3d14d0326f801d6dd105c3e1025227263e0ludo gives a cache provider the option to consume only part of the brigade
298cb3d14d0326f801d6dd105c3e1025227263e0ludo passed to it, rather than the whole brigade as was required before.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo This fixes an out of memory and a request timeout condition that would
298cb3d14d0326f801d6dd105c3e1025227263e0ludo occur when the original document was a large file. Introduce
298cb3d14d0326f801d6dd105c3e1025227263e0ludo CacheReadSize and CacheReadTime directives to mod_disk_cache to control
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the amount of data to attempt to cache at a time. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Add ErrorLogFormat to allow configuring error log format, including
298cb3d14d0326f801d6dd105c3e1025227263e0ludo additional information that is logged once per connection or request. Add
298cb3d14d0326f801d6dd105c3e1025227263e0ludo error log IDs for connections and request to allow correlating error log
298cb3d14d0326f801d6dd105c3e1025227263e0ludo lines and the corresponding access log entry. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Disable sendfile by default. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Check the request to determine whether we are allowed
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to return cached content at all, and respect a "Cache-Control:
298cb3d14d0326f801d6dd105c3e1025227263e0ludo no-cache" header from a client. Previously, "no-cache" would
298cb3d14d0326f801d6dd105c3e1025227263e0ludo behave like "max-age=0". [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Use a proper filter context to hold filter data instead
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of misusing the per-request configuration. Fixes a segfault on trunk
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when the normal handler is used. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cgid: Log a warning if the ScriptSock path is truncated because
298cb3d14d0326f801d6dd105c3e1025227263e0ludo it is too long. PR 49388. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) vhosts: Do not allow _default_ in NameVirtualHost, or mixing *
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and non-* ports on NameVirtualHost, or multiple NameVirtualHost
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directives for the same address:port, or NameVirtualHost
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directives with no matching VirtualHosts, or multiple ip-based
298cb3d14d0326f801d6dd105c3e1025227263e0ludo VirtualHost sections for the same address:port. These were
298cb3d14d0326f801d6dd105c3e1025227263e0ludo previously accepted with a warning, but the behavior was
298cb3d14d0326f801d6dd105c3e1025227263e0ludo undefined. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_remoteip: Fix a segfault when using mod_remoteip in conjunction with
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Allow/Deny. PR 49838. [Andrew Skalski <voltara gmail.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: DirectoryMatch can now match on the end of line character ($),
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and sub-directories of matched directories are no longer implicitly
298cb3d14d0326f801d6dd105c3e1025227263e0ludo matched. PR49809 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Regexps: introduce new higher-level regexp utility including parsing
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and executing perl-style regexp ops (e.g s/foo/bar/i) and regexp memory
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Proxy: support setting source address. PR 29404
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Multiple contributors iterating through bugzilla,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Aron Ujvari <xanco nikhok.hu>, Aleksey Midenkov <asm uezku.kemsu.ru>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo <dan listening-station.net; trunk version Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) HTTP protocol: return 400 not 503 if we have to abort due to malformed
298cb3d14d0326f801d6dd105c3e1025227263e0ludo chunked encoding. [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.8
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) suexec: Support large log files. PR 45856. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Abort with sensible error message if no or more than one MPM is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo loaded. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy: Rename erroronstatus to failonstatus.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Daniel Ruggeri <DRuggeri primary.net>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav_fs: Fix broken "creationdate" property.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Regression in version 2.3.7. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.7
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2010-1452 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_dav, mod_cache, mod_session: Fix Handling of requests without a path
298cb3d14d0326f801d6dd105c3e1025227263e0ludo segment. PR: 49246 [Mark Drayton, Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Log errors if rewrite map files cannot be opened. PR 49639.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_http: Support the 'ping' property for backend HTTP/1.1 servers
298cb3d14d0326f801d6dd105c3e1025227263e0ludo via leveraging 100-Continue as the initial "request".
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core/mod_authz_core: Introduce new access_checker_ex hook that enables
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_authz_core to bypass authentication if access should be allowed by
298cb3d14d0326f801d6dd105c3e1025227263e0ludo IP address/env var/... [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Introduce note_auth_failure hook to allow modules to add support
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for additional auth types. This makes ap_note_auth_failure() work with
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_auth_digest again. PR 48807. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authn_socache: new module [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Fix Windows build when using VC6. [Gregg L. Smith <lists glewis com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Allow to set environment variables without explicitly
298cb3d14d0326f801d6dd105c3e1025227263e0ludo giving a value. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Remove superfluous EOL from rewrite logging. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_include: recognise "text/html; parameters" as text/html
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 49616 [Andrey Chernov <ache nagual.pp.ru>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) CGI vars: allow PATH to be set by SetEnv, consistent with LD_LIBRARY_PATH
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 43906 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Core: Extra robustness: don't try authz and segfault if authn
298cb3d14d0326f801d6dd105c3e1025227263e0ludo fails to set r->user. Log bug and return 500 instead.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 42995 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) HTTP protocol filter: fix handling of longer chunk extensions
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Update SSL cipher suite and add example for SSLHonorCipherOrder.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Lars Eilebrecht, Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) move AddOutputFilterByType from core to mod_filter. This should
298cb3d14d0326f801d6dd105c3e1025227263e0ludo fix nasty side-effects that happen when content_type is set
298cb3d14d0326f801d6dd105c3e1025227263e0ludo more than once in processing a request, and make it fully
298cb3d14d0326f801d6dd105c3e1025227263e0ludo compatible with dynamic and proxied contents. [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_log_config: Implement logging for sub second timestamps and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request end time. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.6
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2009-3555 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
298cb3d14d0326f801d6dd105c3e1025227263e0ludo attack when compiled against OpenSSL version 0.9.8m or later. Introduces
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and offer unsafe legacy renegotiation with clients which do not yet
298cb3d14d0326f801d6dd105c3e1025227263e0ludo support the new secure renegotiation protocol, RFC 5746.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Joe Orton, and with thanks to the OpenSSL Team]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2009-3555 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
298cb3d14d0326f801d6dd105c3e1025227263e0ludo by rejecting any client-initiated renegotiations. Forcibly disable
298cb3d14d0326f801d6dd105c3e1025227263e0ludo keepalive for the connection if there is any buffered data readable. Any
298cb3d14d0326f801d6dd105c3e1025227263e0ludo configuration which requires renegotiation for per-directory/location
298cb3d14d0326f801d6dd105c3e1025227263e0ludo access control is still vulnerable, unless using OpenSSL >= 0.9.8l.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2010-0408 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when request headers indicate a request body is incoming; not a case of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo HTTP_INTERNAL_SERVER_ERROR. [Niku Toivola <niku.toivola sulake.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2010-0425 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_isapi: Do not unload an isapi .dll module until the request
298cb3d14d0326f801d6dd105c3e1025227263e0ludo processing is completed, avoiding orphaned callback pointers.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Filter init functions are now run strictly once per request
298cb3d14d0326f801d6dd105c3e1025227263e0ludo before handler invocation. The init functions are no longer run
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for connection filters. PR 49328. [Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Adjust the output filter chain correctly in an internal
298cb3d14d0326f801d6dd105c3e1025227263e0ludo redirect from a subrequest, preserving filters from the main
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request as necessary. PR 17629. [Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Explicitly allow cache implementations to cache a 206 Partial
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Response if they so choose to do so. Previously an attempt to cache a 206
298cb3d14d0326f801d6dd105c3e1025227263e0ludo was arbitrarily allowed if the response contained an Expires or
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Cache-Control header, and arbitrarily denied if both headers were missing.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Add microsecond timestamp fractions, process id and thread id
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to the error log. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) configure: The "most" module set gets build by default. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) configure: Building dynamic modules (DSO) by default. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) configure: Fix broken VPATH build when using included APR.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_session_crypto: Fix configure problem when building
298cb3d14d0326f801d6dd105c3e1025227263e0ludo with APR 2 and for VPATH builds with included APR.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_session_crypto: API compatibility with APR 2 crypto and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo APR Util 1.x crypto. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) ab: Fix memory leak with -v2 and SSL. PR 49383.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Pavel Kankovsky <peak argo troja mff cuni cz>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Add per-module and per-directory loglevel configuration.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Add some more trace logging.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_rewrite: Replace RewriteLog/RewriteLogLevel with trace log levels.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_ssl: Replace LogLevelDebugDump with trace log levels.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_ssl/mod_proxy*: Adjust loglevels to be less verbose at levels info
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and debug.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_dumpio: Replace DumpIOLogLevel with trace log levels.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
298cb3d14d0326f801d6dd105c3e1025227263e0ludo title page only) when any mod_ldap directives were used in VirtualHost
298cb3d14d0326f801d6dd105c3e1025227263e0ludo context. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_disk_cache: Decline the opportunity to cache if the response is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo a 206 Partial Content. This stops a reverse proxied partial response
298cb3d14d0326f801d6dd105c3e1025227263e0ludo from becoming cached, and then being served in subsequent responses.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_deflate: avoid the risk of forwarding data before headers are set.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 49369 [Matthew Steele <mdsteele google.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Ensure nested groups are checked when the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo top-level group doesn't have any direct non-group members
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of attributes in AuthLDAPGroupAttribute. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Search or Comparison during authorization phase
298cb3d14d0326f801d6dd105c3e1025227263e0ludo can use the credentials from the authentication phase
298cb3d14d0326f801d6dd105c3e1025227263e0ludo (AuthLDAPSearchAsUSer,AuthLDAPCompareAsUser).
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48340 [Domenico Rotiroti, Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Allow the initial DN search during authentication
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to use the HTTP username/pass instead of an anonymous or hard-coded
298cb3d14d0326f801d6dd105c3e1025227263e0ludo LDAP id (AuthLDAPInitialBindAsUser, AuthLDAPInitialBindPattern).
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Publish requested LDAP data with an AUTHORIZE_ prefix
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when this module is used for authorization. See AuthLDAPAuthorizePrefix.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 45584 [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) apxs -q: Stop filtering out ':' characters from the reported values.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 45343. [Bill Cole]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) prefork MPM: Work around possible crashes on child exit in APR reslist
298cb3d14d0326f801d6dd105c3e1025227263e0ludo cleanup code. PR 43857. [Tom Donovan]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) ab: fix number of requests sent by ab when keepalive is enabled. PR 48497.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Bryn Dole <dole blekko.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Log an error for failures to read a chunk-size, and return 408 instead of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo 413 when this is due to a read timeout. This change also fixes some cases
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of two error documents being sent in the response for the same scenario.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener] PR49167
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_balancer: Add new directive BalancerNonce to allow admin
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to control/set the nonce used in the balancer-manager application.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jim Jagielski]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_connect: Support port ranges in AllowConnect. PR 23673.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Proxy balancer: support setting error status according to HTTP response
298cb3d14d0326f801d6dd105c3e1025227263e0ludo code from a backend. PR 48939. [Daniel Ruggeri <DRuggeri primary.net>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: Introduce the ability to clean specific URLs from the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo cache, if provided as an optional parameter on the command line.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Introduce the IncludeStrict directive, which explicitly fails
298cb3d14d0326f801d6dd105c3e1025227263e0ludo server startup if no files or directories match a wildcard path.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: Report additional statistics about entries deleted.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48944. [Mark Drayton mark markdrayton.info]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Introduce SSLFIPS directive to support OpenSSL FIPS_mode; permits all
298cb3d14d0326f801d6dd105c3e1025227263e0ludo builds of mod_ssl to use 'SSLFIPS off' for portability, but the proper
298cb3d14d0326f801d6dd105c3e1025227263e0ludo build of openssl is required for 'SSLFIPS on'. PR 46270.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Dr Stephen Henson <steve openssl.org>, William Rowe]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_http: Log the port of the remote server in various messages.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48812. [Igor Galić <i galic brainsware org>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend
298cb3d14d0326f801d6dd105c3e1025227263e0ludo connections and other protocol handlers (like mod_ftp). [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_ajp: Really regard the operation a success, when the client
298cb3d14d0326f801d6dd105c3e1025227263e0ludo aborted the connection. In addition adjust the log message if the client
298cb3d14d0326f801d6dd105c3e1025227263e0ludo aborted the connection. [Ruediger Pluem]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Add the 'SSLInsecureRenegotiation' directive, which
298cb3d14d0326f801d6dd105c3e1025227263e0ludo allows insecure renegotiation with clients which do not yet
298cb3d14d0326f801d6dd105c3e1025227263e0ludo support the secure renegotiation protocol. [Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Fix a potential I/O hang if a long list of trusted CAs
298cb3d14d0326f801d6dd105c3e1025227263e0ludo is configured for client cert auth. PR 46952. [Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Only log a 408 if it is no keepalive timeout. PR 39785
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Ruediger Pluem, Mark Montague <markmont umich.edu>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) support/rotatelogs: Add -L option to create a link to the current
298cb3d14d0326f801d6dd105c3e1025227263e0ludo log file. PR 48761 [<lyndon orthanc.ca>, Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Update LDAPTrustedClientCert to consistently be a per-directory
298cb3d14d0326f801d6dd105c3e1025227263e0ludo setting only, matching most of the documentation and examples.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46541 [Paul Reder, Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: LDAPTrustedClientCert now accepts CA_DER/CA_BASE64 argument
298cb3d14d0326f801d6dd105c3e1025227263e0ludo types previously allowed only in LDAPTrustedGlobalCert. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_negotiation: Preserve query string over multiviews negotiation.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo This buglet was fixed for type maps in 2.2.6, but the same issue
298cb3d14d0326f801d6dd105c3e1025227263e0ludo affected multiviews and was overlooked.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 33112 [Joergen Thomsen <apache jth.net>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Eliminate a potential crash with multiple LDAPTrustedClientCert
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when some are not password-protected. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Fix startup segfault when the Mutex directive is used but no loaded
298cb3d14d0326f801d6dd105c3e1025227263e0ludo modules use httpd mutexes. PR 48787. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Proxy: get the headers right in a HEAD request with
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ProxyErrorOverride, by checking for an overridden error
298cb3d14d0326f801d6dd105c3e1025227263e0ludo before not after going into a catch-all code path.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 41646. [Nick Kew, Stuart Children]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) support/rotatelogs: Support the simplest log rotation case, log
298cb3d14d0326f801d6dd105c3e1025227263e0ludo truncation. Useful when the log is being processed in real time
298cb3d14d0326f801d6dd105c3e1025227263e0ludo using a command like tail. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) support/htcacheclean: Teach it how to write a pid file (modelled on
298cb3d14d0326f801d6dd105c3e1025227263e0ludo httpd's writing of a pid file) so that it becomes possible to run
298cb3d14d0326f801d6dd105c3e1025227263e0ludo more than one instance of htcacheclean on the same machine.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Log command line on startup, so there's a record of command line
298cb3d14d0326f801d6dd105c3e1025227263e0ludo arguments like -f. PR 48752. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Introduce mod_reflector, a handler capable of reflecting POSTed
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request bodies back within the response through the output filter
298cb3d14d0326f801d6dd105c3e1025227263e0ludo stack. Can be used to turn an output filter into a web service.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_http: Make sure that when an ErrorDocument is served
298cb3d14d0326f801d6dd105c3e1025227263e0ludo from a reverse proxied URL, that the subrequest respects the status
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of the original request. This brings the behaviour of proxy_handler
298cb3d14d0326f801d6dd105c3e1025227263e0ludo in line with default_handler. PR 47106. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Support wildcards in both the directory and file components of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the path specified by the Include directive. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy, mod_proxy_http: Support remote https proxies
298cb3d14d0326f801d6dd105c3e1025227263e0ludo by using HTTP CONNECT. PR 19188.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Philippe Dutrueux <lilas evidian.com>, Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Philip M. Gollucci]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) worker: Don't report server has reached MaxClients until it has.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Add message when server gets within MinSpareThreads of MaxClients.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46996. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_session: Session expiry was being initialised, but not updated
298cb3d14d0326f801d6dd105c3e1025227263e0ludo on each session save, resulting in timed out sessions when there
298cb3d14d0326f801d6dd105c3e1025227263e0ludo should not have been. Fixed. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_log_config: Add the R option to log the handler used within the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo request. [Christian Folini <christian.folini netnea com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_include: Allow fine control over the removal of Last-Modified and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ETag headers within the INCLUDES filter, making it possible to cache
298cb3d14d0326f801d6dd105c3e1025227263e0ludo responses if desired. Fix the default value of the SSIAccessEnable
298cb3d14d0326f801d6dd105c3e1025227263e0ludo directive. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Add new UnDefine directive to undefine a variable. PR 35350.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Make ap_pregsub(), used by AliasMatch and friends, use the same syntax
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for regex backreferences as mod_rewrite and mod_include: Remove the use
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of '&' as an alias for '$0' and allow to escape any character with a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo backslash. PR 48351. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo password to UTF-8. PR 45318.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Johannes Müller <joh_m gmx.de>, Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) ab: Fix calculation of requests per second in HTML output. PR 48594.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Failures to map a username to a DN, or to check a user
298cb3d14d0326f801d6dd105c3e1025227263e0ludo password now result in an informational level log entry instead of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo warning level. [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.5
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2010-0434 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Ensure each subrequest has a shallow copy of headers_in so that the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo parent request headers are not corrupted. Eliminates a problematic
298cb3d14d0326f801d6dd105c3e1025227263e0ludo optimization in the case of no request body. PR 48359
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jake Scott, William Rowe, Ruediger Pluem]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Turn static function get_server_name_for_url() into public
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ap_get_server_name_for_url() and use it where appropriate. This
298cb3d14d0326f801d6dd105c3e1025227263e0ludo fixes mod_rewrite generating invalid URLs for redirects to IPv6
298cb3d14d0326f801d6dd105c3e1025227263e0ludo literal addresses. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Introduce new config option LDAPTimeout to set the timeout
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for LDAP operations like bind and search. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy, mod_proxy_ftp: Move ProxyFtpDirCharset from mod_proxy to
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_proxy_ftp. [Takashi Sato]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy, mod_proxy_connect: Move AllowCONNECT from mod_proxy to
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_proxy_connect. [Takashi Sato]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Do an exact match of the keys defined by
298cb3d14d0326f801d6dd105c3e1025227263e0ludo CacheIgnoreURLSessionIdentifiers against the querystring instead of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo a partial match. PR 48401.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Dodou Wang <wangdong.08 gmail.com>, Ruediger Pluem]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_proxy_balancer: Fix crash in balancer-manager. [Rainer Jung]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Core HTTP: disable keepalive when the Client has sent
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Expect: 100-continue
298cb3d14d0326f801d6dd105c3e1025227263e0ludo but we respond directly with a non-100 response.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Keepalive here led to data from clients continuing being treated as
298cb3d14d0326f801d6dd105c3e1025227263e0ludo a new request.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 47087 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Core: reject NULLs in request line or request headers.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 43039 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Core: (re)-introduce -T commandline option to suppress documentroot
298cb3d14d0326f801d6dd105c3e1025227263e0ludo check at startup.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 41887 [Jan van den Berg <janvdberg gmail.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_autoindex: support XHTML as equivalent to HTML in IndexOptions,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo ScanHTMLTitles, ReadmeName, HeaderName
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48416 [Dmitry Bakshaev <dab18 izhnet.ru>, Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Proxy: Fix ProxyPassReverse with relative URL
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Derived (slightly erroneously) from PR 38864 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_headers: align Header Edit with Header Set when used on Content-Type
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48422 [Cyril Bonté <cyril.bonte free.fr>, Nick Kew>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_headers: Enable multi-match-and-replace edit option
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46594 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_filter: enable it to act on non-200 responses.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48377 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.4
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and WatchdogMutexPath with a single Mutex directive. Add APIs to
298cb3d14d0326f801d6dd105c3e1025227263e0ludo simplify setup and user customization of APR proc and global mutexes.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
298cb3d14d0326f801d6dd105c3e1025227263e0ludo respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) http_core: KeepAlive no longer accepts other than On|Off.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Takashi Sato]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Remove errno from dav_error interface. Calls to dav_new_error()
298cb3d14d0326f801d6dd105c3e1025227263e0ludo and dav_new_error_tag() must be adjusted to add an apr_status_t parameter.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Jeff Trawick]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_authnz_ldap: Add AuthLDAPBindAuthoritative to allow Authentication to
298cb3d14d0326f801d6dd105c3e1025227263e0ludo try other providers in the case of an LDAP bind failure.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46608 [Justin Erenkrantz, Joe Schaefer, Tony Stevenson]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Build: fix --with-module to work as documented
298cb3d14d0326f801d6dd105c3e1025227263e0ludoChanges with Apache 2.3.3
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2009-3095 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_proxy_ftp: sanity check authn credentials.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch <sf fritsch.de>, Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) SECURITY: CVE-2009-3094 (cve.mitre.org)
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_proxy_ftp: NULL pointer dereference on error paths.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch <sf fritsch.de>, Joe Orton]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against
298cb3d14d0326f801d6dd105c3e1025227263e0ludo OpenSSL 1.0.0b3. [Vipul Gupta <vipul.gupta sun.com>, Sander Temme]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Include uri when logging a PUT error due to connection abort.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 38149. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Return 409 instead of 500 for a LOCK request if the parent
298cb3d14d0326f801d6dd105c3e1025227263e0ludo resource does not exist or is not a collection. PR 43465. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav_fs: Return 409 instead of 500 for Litmus test case copy_nodestcoll
298cb3d14d0326f801d6dd105c3e1025227263e0ludo (a COPY request where the parent of the destination resource does not
298cb3d14d0326f801d6dd105c3e1025227263e0ludo exist). PR 39299. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav_fs: Don't delete the whole file if a PUT with content-range failed.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 42896. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav_fs: Make PUT create files atomically and no longer destroy the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo old file if the transfer aborted. PR 39815. [Paul Querna, Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav_fs: Remove inode keyed locking as this conflicts with atomically
298cb3d14d0326f801d6dd105c3e1025227263e0ludo creating files. On systems with inode numbers, this is a format change of
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the DavLockDB. The old DavLockDB must be deleted on upgrade.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_log_config: Make ${cookie}C correctly match whole cookie names
298cb3d14d0326f801d6dd105c3e1025227263e0ludo instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) vhost: A purely-numeric Host: header should not be treated as a port.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 44979 [Nick Kew]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: Avoid 500 errors with "Unable to set LDAP_OPT_REFHOPLIMIT option to 5"
298cb3d14d0326f801d6dd105c3e1025227263e0ludo when built against openldap by using SDK LDAP_OPT_REFHOPLIMIT defaults unless
298cb3d14d0326f801d6dd105c3e1025227263e0ludo LDAPReferralHopLimit is explicitly configured.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_charset_lite: Honor 'CharsetOptions NoImplicitAdd'.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Eric Covener]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Add support for OCSP Stapling. PR 43822.
c1609bb80253d761aebb46efe0e052fb6bb10f5aludo [Dr Stephen Henson <shenson oss-institute.org>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_socache_shmcb: Allow parens in file name if cache size is given.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Fixes SSLSessionCache directive mis-parsing parens in pathname.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 47945. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_sed: Reduce memory consumption when processing very long lines.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 48024 [Basant Kumar Kukreja <basant.kukreja sun.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) ab: Fix segfault in case the argument for -n is a very large number.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 47178. [Philipp Hagemeister <oss phihag.de>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Allow ProxyPreserveHost to work in <Proxy> sections. PR 34901.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) configure: Fix THREADED_MPMS so that mod_cgid is enabled again
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for worker MPM. [Takashi Sato]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Provide a mechanism to obtain the request_rec and pathname
298cb3d14d0326f801d6dd105c3e1025227263e0ludo from the dav_resource. [Jari Urpalainen <jari.urpalainen nokia.com>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Brian France <brian brianfrance.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) Build: Use install instead of cp if available on installing
298cb3d14d0326f801d6dd105c3e1025227263e0ludo modules to avoid segmentation fault. PR 47951. [hirose31 gmail.com]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: correctly consider s-maxage in cacheability
298cb3d14d0326f801d6dd105c3e1025227263e0ludo decisions. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_logio/core: Report more accurate byte counts in mod_status if
298cb3d14d0326f801d6dd105c3e1025227263e0ludo mod_logio is loaded. PR 25656. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ldap: If LDAPSharedCacheSize is too small, try harder to purge
298cb3d14d0326f801d6dd105c3e1025227263e0ludo some cache entries and log a warning. Also increase the default
298cb3d14d0326f801d6dd105c3e1025227263e0ludo LDAPSharedCacheSize to 500000. This is a more realistic size suitable
298cb3d14d0326f801d6dd105c3e1025227263e0ludo for the default values of 1024 for LdapCacheEntries/LdapOpCacheEntries.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 46749. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_rewrite: Make sure that a hostname:port isn't fully qualified if
298cb3d14d0326f801d6dd105c3e1025227263e0ludo the request is a CONNECT request. [Bill Zajac <billz consultla.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Teach CacheEnable and CacheDisable to work from within a
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Location section, in line with how ProxyPass works. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_reqtimeout: New module to set timeouts and minimum data rates for
298cb3d14d0326f801d6dd105c3e1025227263e0ludo receiving requests from the client. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Fix potential memory leaks by making sure to not destroy
298cb3d14d0326f801d6dd105c3e1025227263e0ludo bucket brigades that have been created by earlier filters.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core, mod_deflate, mod_sed: Reduce memory usage by reusing bucket
298cb3d14d0326f801d6dd105c3e1025227263e0ludo brigades in several places. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Fix uri_meets_conditions() so that CacheEnable will
298cb3d14d0326f801d6dd105c3e1025227263e0ludo match by scheme, or by a wildcarded hostname. PR 40169
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Peter Grandi <pg_asf asf.for.sabi.co.uk>, Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) suxec: Allow to log an error if exec fails by setting FD_CLOEXEC
298cb3d14d0326f801d6dd105c3e1025227263e0ludo on the log file instead of closing it. PR 10744. [Nicolas Rachinsky]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_mime: Make RemoveType override the info from TypesConfig.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 38330. [Stefan Fritsch]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_cache: Introduce the option to run the cache from within the
298cb3d14d0326f801d6dd105c3e1025227263e0ludo normal request handler, and to allow fine grained control over
298cb3d14d0326f801d6dd105c3e1025227263e0ludo where in the filter chain content is cached. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Treat timeout reading request as 408 error, not 400.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Log 408 errors in access log as was done in Apache 1.3.x.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Stefan Fritsch <sf fritsch.de>, Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_ssl: Reintroduce SSL_CLIENT_S_DN, SSL_CLIENT_I_DN, SSL_SERVER_S_DN,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo SSL_SERVER_I_DN back to the environment variables to be set by mod_ssl.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_disk_cache: don't cache incomplete responses, per RFC 2616, 13.8.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR15866. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) ab: ab segfaults in verbose mode on https sites
298cb3d14d0326f801d6dd105c3e1025227263e0ludo PR46393. [Ryan Niebur]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Allow other modules to become providers and add resource types
298cb3d14d0326f801d6dd105c3e1025227263e0ludo to the DAV response. [Jari Urpalainen <jari.urpalainen nokia.com>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Brian France <brian brianfrance.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_dav: Allow other modules to add things to the DAV or Allow headers
298cb3d14d0326f801d6dd105c3e1025227263e0ludo of an OPTIONS request. [Jari Urpalainen <jari.urpalainen nokia.com>,
298cb3d14d0326f801d6dd105c3e1025227263e0ludo Brian France <brian brianfrance.com>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) core: Lower memory usage of core output filter.
298cb3d14d0326f801d6dd105c3e1025227263e0ludo [Stefan Fritsch <sf sfritsch.de>]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_mime: Detect invalid use of MultiviewsMatch inside Location and
298cb3d14d0326f801d6dd105c3e1025227263e0ludo LocationMatch sections. PR47754. [Dan Poirier]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_request: Make sure the KeptBodySize directive rejects values
298cb3d14d0326f801d6dd105c3e1025227263e0ludo that aren't valid numbers. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_session_crypto: Sanity check should the potentially encrypted
298cb3d14d0326f801d6dd105c3e1025227263e0ludo session cookie be too short. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_session.c: Prevent a segfault when session is added but not
298cb3d14d0326f801d6dd105c3e1025227263e0ludo configured. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett]
298cb3d14d0326f801d6dd105c3e1025227263e0ludo *) mod_auth_digest: Fail server start when nonce count checking
298cb3d14d0326f801d6dd105c3e1025227263e0ludo is configured without shared memory, or md5-sess algorithm is
298cb3d14d0326f801d6dd105c3e1025227263e0ludo configured. [Dan Poirier]
definition. [Stefan Fritsch sf sfritsch.de]
*) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb yahoo.com>]
PR 46971 [evanc nortel.com]
[Stefan Fritsch <sf sfritsch.de>]
for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
*) SECURITY: CVE-2009-1191 (cve.mitre.org)
by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
PR 42175 [Jim Radford <radford blackbean.org>]
type. PR 45107. [Michael Ströder <michael stroeder.com>,
PR 44020 [Håkon Stordahl <hakon stordahl.org>]
CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
PR 46942 [Dan Poirier <poirier pobox.com>]
PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
[Marko Kevac <mkevac gmail.com>]
as A/UX, Next, and Tandem. [Jeff Trawick]
directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
of module state across unload/load. [Jeff Trawick]
[Dan Poirier <poirier pobox.com>]
[Geoff Keating <geoffk apple.com>]
with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
a media type has not been configured via mime.types, AddType,
[Ryan Phillips <ryan-apache trolocsis.com>]
[<tlhackque yahoo.com>]
*) prefork: Fix child process hang during graceful restart/stop in
*) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
times out before returning status line/headers.
PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
[Theo Schlossnagle <jesus omniti.com>, Paul Querna]
modules/proxy/balancers [Jim Jagielski]
privileges and Unix user/group IDs [Nick Kew]
logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
*) unixd: turn existing code into a module, and turn the set user/group
Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
*) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
*) New module mod_sed: filter Request/Response bodies through sed
null value. [David Shane Holden <dpejesh apache.org>]
both inside and outside the location/directory sections, as
form request with the type of application/x-www-form-urlencoded.
*) mod_authz_dbd: When redirecting after successful login/logout per
PR 44560 [Anders Kaseorg <anders kaseorg.com>]
mod_cache et.al. to trap the results of the redirect.
*) ApacheMonitor.exe: Introduce --kill argument for use by the
*) mod_ldap, mod_authnz_ldap: Add support for nested groups (i.e. the ability
[David M. Lee <dmlee crossroads.com>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Markus Schiegl <ms schiegl.com>]
*) Remove incorrect comments from scoreboard.h regarding conditional
[Chris Darroch <chrisd pearsoncmg.com>]
in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
[Chris Darroch <chrisd pearsoncmg.com>]
and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
*) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
Apache 2.2.xx tree as documented, and except as noted, below.]
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later: