STATUS revision 07847078a10fe4e9229cc08adda5f421cafc0665
48c0c81cd6fabac9d3386406d97633780365b839coarAPACHE 2.0 STATUS: -*-text-*-
07847078a10fe4e9229cc08adda5f421cafc0665jwoolleyLast modified at [$Date: 2002/06/13 21:30:15 $]
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley 2.0.38 : in development.
07847078a10fe4e9229cc08adda5f421cafc0665jwoolley 2.0.37 : rolled June 11, 2002. not released.
0bd0176ce9f4321eeb506aa372d0bcc84befbf4cstriker 2.0.36 : released May 6, 2002 as GA.
d8028365066fca602bf35d014530a1802114378crbb 2.0.35 : released April 5, 2002 as GA.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.34 : tagged March 26, 2002.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.33 : tagged March 6, 2002. not released.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.32 : released Feburary 16, 2002 as beta.
d89c116f82699294ca744125723651c554bc5925wrowe 2.0.31 : rolled Feburary 1, 2002. not released.
4214e98fc9045e5010e66f9a967bd6d68f40d342aaron 2.0.30 : tagged January 8, 2002. not rolled.
8721697e2aece27b0e738519329f7976c72b27bfjerenkrantz 2.0.29 : tagged November 27, 2001. not rolled.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.28 : released November 13, 2001 as beta.
91cacb801f6c0215b38322f6d2fc58cbfedfecfbjerenkrantz 2.0.27 : rolled November 6, 2001
91cacb801f6c0215b38322f6d2fc58cbfedfecfbjerenkrantz 2.0.26 : tagged October 16, 2001. not rolled.
df14f0d3a5191cdd7c4bb5b03acd135d43a6f51brbb 2.0.25 : rolled August 29, 2001
df14f0d3a5191cdd7c4bb5b03acd135d43a6f51brbb 2.0.24 : rolled August 18, 2001
ab71b233b3a36489e44a7b061c48293be0b17788jwoolley 2.0.23 : rolled August 9, 2001
571760de5e60c0b459cb11be45507b923cd023eejwoolley 2.0.22 : rolled July 29, 2001
571760de5e60c0b459cb11be45507b923cd023eejwoolley 2.0.21 : rolled July 20, 2001
9180a5933673ffb1af633c255ceee029340f3b1erbb 2.0.20 : rolled July 8, 2001
bcb6e1be6041dfeb549c8ea8d37f97ad4e90a0c3rbb 2.0.19 : rolled June 27, 2001
9bd71e35f5d26d26d23fe3a677401828e842ed72wrowe 2.0.18 : rolled May 18, 2001
2900ab946a2d76b73a14cebfe2985d253f01c967stoddard 2.0.17 : rolled April 17, 2001
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.16 : rolled April 4, 2001
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.15 : rolled March 21, 2001
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.14 : rolled March 7, 2001
b876b7bcf0ce3d232da723246d709e8dbbfe8762rbb 2.0a9 : released December 12, 2000
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein 2.0a8 : released November 20, 2000
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick 2.0a7 : released October 8, 2000
6f6f4a4bca281779d196acbdd5c017bb90858305trawick 2.0a6 : released August 18, 2000
8dd4618c4709236b4ea297d7250d282e463ce2d8rbb 2.0a5 : released August 4, 2000
09bd86d0db1114ee23eda0a6eb76ca055877a1cftrawick 2.0a4 : released June 7, 2000
2deb319e6b3de239f45c16a3e9e836d44f1f7108rbb 2.0a3 : released April 28, 2000
bd929c73ef04789b7183b840d8db6e01d03a4d86rbb 2.0a2 : released March 31, 2000
70f6f32765cfaadd6da8de6f0fea97ddd72d8fadmanoj 2.0a1 : released March 10, 2000
af4c982a7cf4515f124935f99a329744035fc699slivePlease consult the following STATUS files for information
af4c982a7cf4515f124935f99a329744035fc699sliveon related projects:
4b62424416882687387923b3130b96241503cbe0jerenkrantzCURRENT RELEASE NOTES:
1107fe62c304df86356b39a2f8de2c1149234fe0jwoolley 2.0.38: Cliff plans on tagging TONIGHT (6/13/02). Let's get this thing
07847078a10fe4e9229cc08adda5f421cafc0665jwoolley wrapped up (again).
45b0e1c775c1cfed6473c9e5304179ccb9609f53stoddardRELEASE SHOWSTOPPERS:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantzCURRENT VOTES:
f17588e04d2412bf1345783ed1d173322d728d6ftrawick * apachectl should revert to just being an init script and
f17588e04d2412bf1345783ed1d173322d728d6ftrawick httpd.sh should be the wrapper for httpd which sources envvars
f17588e04d2412bf1345783ed1d173322d728d6ftrawick and allows any options to be passed through
f17588e04d2412bf1345783ed1d173322d728d6ftrawick +1: trawick
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * Should we always build [support*] binaries statically unless otherwise
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Message-ID: <20020129210006.B23512@Lithium.MeepZor.Com>
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe +1: Ken, *wrowe [they are PITAs on OSX]
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz -1: Justin, Ian
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * If the parent process dies, should the remaining child processes
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "gracefully" self-terminate. Or maybe we should make it a runtime
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz option, or have a concept of 2 parent processes (one being a
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "hot spare").
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Self-destruct: Ken, Martin
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Not self-destruct: BrianP, Ian, Cliff, BillS
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Make it runtime configurable: Aaron, Jim, Justin
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Have 2 parents: +1: Jim
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe -1: Justin, wrowe [for 2.0]
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz +0: Martin (while standing by, could it do
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz something useful?)
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Make the worker MPM the default MPM for threaded Unix boxes.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard +1: Justin, Ian, Cliff, BillS
1af5c0e25a649bb298e25ddfa5418fa18bdcb107aaron +0: BrianP, Aaron (mutex contention is looking better with the
82455c2e3b6991846fbcbf0c9e41f57dbc681217brianp latest code, let's continue tuning and testing)
1b3f48fd6b1ccb8745f908e40156c5a85ca3c347jerenkrantzRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
6362fd5c48f6b2193f5d356a9747172101b24e91jerenkrantz * All handlers should always send content down even if r->header_only
6362fd5c48f6b2193f5d356a9747172101b24e91jerenkrantz is set. If not, it means that the HEAD requests don't generate the
6362fd5c48f6b2193f5d356a9747172101b24e91jerenkrantz same headers as a GET which is wrong.
6362fd5c48f6b2193f5d356a9747172101b24e91jerenkrantz Is this a showstopper?
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz * 500 returned instead of 501 if a handler other than default_handler
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz is invoked on a method with M_INVALID.
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz Message-ID: <20020613001913.J22524@apache.org>
6362fd5c48f6b2193f5d356a9747172101b24e91jerenkrantz Proposed patch: <20020613111913.S22524@apache.org>
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz Is this a showstopper?
7a08c1a05c4f1c75e72afaabbbf8449aae0e9e70aaron -1: Cliff, Aaron
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley * Returning invalid 304 errors when filters are present. [PR 9673]
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley Message-ID: <Pine.GSO.4.44.0206061713320.3848-100000@lab26.lacfas.hec.ca>
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz <20020607135121.G19485@apache.org>
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz <20020610204425.B19018@lyra.org>
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz Proposed patch: <20020607214725.K19485@apache.org>
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley Status: We should set r->no_local_copy, but where can we set it?
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley We must set it before the handlers are run so that the
45740d5cd30d22f067c05b95f04f866abd7ebed8jwoolley appropriate handler can call ap_meets_conditions() before
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz generating the data. Greg has reservations about Justin's
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz proposed patch. Consensus needed.
ee7189b4bbce2f62ff79e8261cb28379ea84d3b9jerenkrantz Is this a showstopper?
7a08c1a05c4f1c75e72afaabbbf8449aae0e9e70aaron -1: Cliff, Aaron
630f5fc1277582643fe0f831a4830e15127bd047jwoolley * server pushed CGI's not working. (Is this a showstopper??)
630f5fc1277582643fe0f831a4830e15127bd047jwoolley Message-ID: <3CE15B85.2FF45121@apache.org>
56b2562cb4041a21bc313fde3204beabdb758800jwoolley * HP/UX 10.20: compile breakage in APR. Looks like it should be easy
56b2562cb4041a21bc313fde3204beabdb758800jwoolley to fix, probably just some extraneous #include's that are fouling
56b2562cb4041a21bc313fde3204beabdb758800jwoolley Jeff: See my reply and patch in the PR (and previous commit to
56b2562cb4041a21bc313fde3204beabdb758800jwoolley stop using "pipe" as a field name). If patch is committed, we
56b2562cb4041a21bc313fde3204beabdb758800jwoolley should be okay. I'll wait to see if the user tests the patch.
b05930e6008f69bd323abe0c10f81f40ffd27983brianp * exec cmd and suexec arg-passing enhancements
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Status: Patches proposed
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
b05930e6008f69bd323abe0c10f81f40ffd27983brianp (see the "proc.patch" and "suexec-shell.patch" links in this message)
15304e476fb32988bf988864ddacc5375b9a6080stoddard * Get mod_cache/mod_mem_cache out of experimental (still some
15304e476fb32988bf988864ddacc5375b9a6080stoddard work items left to complete)
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley * The 2.0.36 worker MPM graceless shutdown changes work but are
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley a bit clunky on some platforms; eg, on Linux, the loop to
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley join each worker thread seems to hang, and the parent ends up
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley killing off the child with SIGKILL. But at least it shuts down.
8c8fbb8546af54582539898be704411a60058d85trawick * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
8c8fbb8546af54582539898be704411a60058d85trawick posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard * We do not properly substitute the prefix-variables in the configuration
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard scripts or generated-configs. (i.e. if sysconfdir is etc,
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard httpd-std.conf points to conf.)
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * If any request gets through ap_process_request_internal() and is
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe scheduled to be served by the core handler, without a flag that this
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe r->filename was tested by dir/file_walk, we need to 500 at the very
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe end of the ap_process_request_internal() processing so sub_req-esters
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe know this request cannot be run. This provides authors of older
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe modules better compatibility, while still improving the security and
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe robustness of 2.0.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Status: still need to decide where this goes, OtherBill comments...
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe [Deleted comments regarding the ap_run_handler phase, as irrelevant
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe as BillS points out that "common case will be caught in
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe default_handler already (with the r->finfo.filetype == 0 check)"
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe and the issue is detecting this -before- we try to run the req.]
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe gregames says: can this happen somehow without a broken module
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe being involved? If not, why waste cycles trying to defend against
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe potential broken modules? It seems futile.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe wrowe counters: no, it shouldn't happen unless the module is broken.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe But the right answer is to fail the request up-front in dir/file
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe walk if the path was entirely invalid; and we can't do that either
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe or we break modules that are unwilling to hook map_to_storage.
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard * Rewrite core_output_filter. It is nearly impossible to support
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard it with predictable results as it is implemented now.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb how the Perchild MPM should be re-written. It hasn't worked
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb correctly since filters were added because it wasn't possible to
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb get the content that had already been written and the socket at
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb the same time. This mode lets us do that, so the MPM can be
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron * htpasswd blindly processes the file you give it, and does no
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron sanity checking before totally corrupting whatever file it was
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron you thought you had. It should check the input file and bail
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron if it finds non-comment lines that do not contain exactly 1
a12f07383f9c286519fe88f559187148d5bd1c16aaron ':' character.
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron Message-ID: <20020217150457.A31632@clove.org>
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * Can a static httpd be built reliably?
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Message-ID: <20020207142751.T31582@clove.org>
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * [Ken] Test suite failures:
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz o worker is also failing some of the 'cgi' subtests
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz (see <URL:http://Source-Zone.Org/Apache/regression/>):
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Justin says: "Worker should be fine and passes httpd-test here.
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz If you can provide evidence that it can be reproduced
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz outside of httpd-test, then it's a showstopper. I
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz think it's a perl or a httpd-test problem."
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Not a showstopper: Justin
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz removed if possible.
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * There is a bug in how we sort some hooks, at least the pre-config
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz hook. The first time we call the hooks, they are in the correct
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz order, but the second time, we don't sort them correctly. Currently,
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz the modules/http/config.m4 file has been renamed to
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz modules/http/config2.m4 to work around this problem, it should moved
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz back when this is fixed. rbb
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Justin says: "Is this really a showstopper? This has been here
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz forever. What's wrong? Does this have to do with
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz autoconf or m4?"
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Not a showstopper: Justin, BrianP, trawick, gregames
dc098c7ce5d36179c504d09fc722d190683d0262aaron * The Add...Filter and Set...Filter directives do not allow the
dc098c7ce5d36179c504d09fc722d190683d0262aaron administrator to order filters, beyond the order of filename (mime)
dc098c7ce5d36179c504d09fc722d190683d0262aaron extensions. It isn't clear if Set...Filter(s) should be inserted
dc098c7ce5d36179c504d09fc722d190683d0262aaron before or after the Add...Filter(s) which are ordered by sequence of
dc098c7ce5d36179c504d09fc722d190683d0262aaron filename extensions. At minimum, some sort of +-[0-10] syntax seems
dc098c7ce5d36179c504d09fc722d190683d0262aaron like the quickest fix for a 2.0 gold release.
dc098c7ce5d36179c504d09fc722d190683d0262aaron Justin says: "Could we delay this for a point release or 2.1?"
364dfd4527e6ce37b828a42e2c0bbdf9ba19a9b8gregames Not a showstopper: justin, wrowe, trawick, stoddard, Jim, Ian, Aaron,
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron * Get perchild to work on platforms other than Linux. This
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron will require a portable mechanism to pass data and file/socket
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron descriptors between vhost child groups. An API was proposed
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron on dev@apr:
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron Message-ID: <20020111115006.K1529@clove.org>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz * Try to get libtool inter-library dependency code working on AIX.
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Justin says: If we get it working on AIX, we can enable this
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz on all platforms and clean up our build system
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick Jeff says: I thought I tested a patch for you sometime in
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick January that you were going to commit within a few
54e1babd5a5a56c576eeeace54110150769cc916coar * Handling of %2f in URIs. Currently both 1.3 and 2.0
54e1babd5a5a56c576eeeace54110150769cc916coar completely disallow %2f in the request URI path (see
54e1babd5a5a56c576eeeace54110150769cc916coar ap_unescape_url() in util.c). It's permitted and passed
54e1babd5a5a56c576eeeace54110150769cc916coar through in the query string, however. Roy says the
54e1babd5a5a56c576eeeace54110150769cc916coar original reason for disallowing it, from five years ago,
54e1babd5a5a56c576eeeace54110150769cc916coar was to protect CGI scripts that applied PATH_INFO to
54e1babd5a5a56c576eeeace54110150769cc916coar a filesystem location and which might be tricked by
54e1babd5a5a56c576eeeace54110150769cc916coar ..%2f..%2f(...). We *should* allow path-info of the
54e1babd5a5a56c576eeeace54110150769cc916coar Since we've revamped a lot of our processing of path
54e1babd5a5a56c576eeeace54110150769cc916coar segments, it would be nice to allow this, or at least
54e1babd5a5a56c576eeeace54110150769cc916coar allow it conditionally with a directive.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz * FreeBSD, threads, and worker MPM. All seems to work fine
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz if you only have one worker process with many threads. Add
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz a second worker process and the accept lock seems to be
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz lost. This might be an APR issue with how it deals with
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz the child_init hook (i.e. the fcntl lock needs to be resynced).
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz More examination and analysis is required.
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar Status: This has also been reported on Cygwin.
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz Justin says: So, FreeBSD-CURRENT and Cywin have the same
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz problem. Yum. If another platform has this
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz with worker, this becomes a showstopper.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Aaron says: I spent some time disecting this and have come to
f126ee03179eb54308118f1ec3de5a7b461685d8aaron the conclusion that it is not a problem in the worker MPM
f126ee03179eb54308118f1ec3de5a7b461685d8aaron (or at least, it is not isolated to a problem in worker).
f126ee03179eb54308118f1ec3de5a7b461685d8aaron I'll list some of the problems I'm seeing in case someone
f126ee03179eb54308118f1ec3de5a7b461685d8aaron else wants to pick up where I've left off:
f126ee03179eb54308118f1ec3de5a7b461685d8aaron - Delivery of just about any signal to one of the child
f126ee03179eb54308118f1ec3de5a7b461685d8aaron processes will send it into an infinite loop as well.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron - Even though the parent is spinning out of control,
f126ee03179eb54308118f1ec3de5a7b461685d8aaron at first the child or children will appear to work
f126ee03179eb54308118f1ec3de5a7b461685d8aaron properly. At times it is possible to get it into a state,
f126ee03179eb54308118f1ec3de5a7b461685d8aaron however, where a request will hang until another concurrent
f126ee03179eb54308118f1ec3de5a7b461685d8aaron request "kicks" the first, at which point the second will
f126ee03179eb54308118f1ec3de5a7b461685d8aaron hang. My theory is that this has to do with the
f126ee03179eb54308118f1ec3de5a7b461685d8aaron pthread_cond_*() implementation in FreeBSD, but it's still
f126ee03179eb54308118f1ec3de5a7b461685d8aaron possible that it is in APR.
109faf633e12ab0bbdd602c7addc795cce59e8addreid Justin adds: Oh, FreeBSD threads are implemented entirely with
109faf633e12ab0bbdd602c7addc795cce59e8addreid select()/poll()/longjmp(). Welcome to the nightmare.
109faf633e12ab0bbdd602c7addc795cce59e8addreid So, that means a ktrace output also has the thread
109faf633e12ab0bbdd602c7addc795cce59e8addreid scheduling internals in it (since it is all the same to
109faf633e12ab0bbdd602c7addc795cce59e8addreid the kernel). Which makes it hard to distinguish between
109faf633e12ab0bbdd602c7addc795cce59e8addreid our select() calls and their select() calls.
109faf633e12ab0bbdd602c7addc795cce59e8addreid *bangs head on wall repeatedly* But, some of the libc_r
109faf633e12ab0bbdd602c7addc795cce59e8addreid files have a DBG_MSG #define. This is moderately helpful
109faf633e12ab0bbdd602c7addc795cce59e8addreid when used with -DNO_DETACH. The kernel scheduler isn't
109faf633e12ab0bbdd602c7addc795cce59e8addreid waking up the threads on a select(). Yum. And, I bet
109faf633e12ab0bbdd602c7addc795cce59e8addreid those decrementing select calls have to do with the
109faf633e12ab0bbdd602c7addc795cce59e8addreid scheduler. Time to brush up on our OS fundamentals.
4ca13a5e126946272f02637e268a8e09193c553ecoar * There is increasing demand from module writers for an API
4ca13a5e126946272f02637e268a8e09193c553ecoar that will allow them to control the server � la apachectl.
4ca13a5e126946272f02637e268a8e09193c553ecoar Reasons include sole-function servers that need to die if
4ca13a5e126946272f02637e268a8e09193c553ecoar an external dependency (e.g., a database) fails, et cetera.
4ca13a5e126946272f02637e268a8e09193c553ecoar Perhaps something in the (ever more abused) scoreboard?
48c0c81cd6fabac9d3386406d97633780365b839coar rbb: I don't believe the scoreboard is the correct mechanism
48c0c81cd6fabac9d3386406d97633780365b839coar for this. We already have a pipe that goes between parent
48c0c81cd6fabac9d3386406d97633780365b839coar and child for graceful shutdown events, along with an API that
48c0c81cd6fabac9d3386406d97633780365b839coar can be used to send a message down that pipe. In threaded MPMs,
48c0c81cd6fabac9d3386406d97633780365b839coar it is easy enough to make that one pipe be used for graceful
48c0c81cd6fabac9d3386406d97633780365b839coar and graceless events, and it is also easy to open that pipe
48c0c81cd6fabac9d3386406d97633780365b839coar to both parent and child for writing. Then we just need to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar figure out how to do graceless on non-threaded MPMs.
b84f66c93f820824b1d5455181f55598b766319cwrowe * Allow the DocumentRoot directive within <Location > scopes? This
b84f66c93f820824b1d5455181f55598b766319cwrowe allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
b84f66c93f820824b1d5455181f55598b766319cwrowe by a <Directory /somepath/foo> to become simply
b84f66c93f820824b1d5455181f55598b766319cwrowe <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
7fe18c15b669db9d191859695901dc4fcf3829dawrowe and in-your-face.) DocumentRoot unset would be accepted [and would
7fe18c15b669db9d191859695901dc4fcf3829dawrowe not permit content to be served, only virtual resources such as
7fe18c15b669db9d191859695901dc4fcf3829dawrowe server-info or server-status.
7fe18c15b669db9d191859695901dc4fcf3829dawrowe This proposed change would _not_ depricate Alias.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Rotatelogs sometimes is not terminated when Apache
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe goes down hard. FirstBill was looking at possibly tracking the
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe child's-child processes in the parent process.
d24a92b8a8315e9a266ba84cc2a996d49dd546c1stoddard OtherBill asks, wasn't this fixed?
48c0c81cd6fabac9d3386406d97633780365b839coar stoddard: Not fixed. Shared scoreboard might offer a good
48c0c81cd6fabac9d3386406d97633780365b839coar way for the parent to keep track of 'other child' processes
48c0c81cd6fabac9d3386406d97633780365b839coar and whack them if the child goes down.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Other thoughts on walking the process chain using the NT kernel
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe have also been proposed on APR.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Add a simple hold console open patch (wait for close or
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe the ESC key, with a nice message) if the server died a bad
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe death (non-zero exit code) in console mode.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe Resolution: bring forward same ugly hacks from 1.3.13-.20
addbf2b3199f23773bdcaf7263acfcafe621a3bewrowe This is not so simple. Any exit() from APR or other libraries
addbf2b3199f23773bdcaf7263acfcafe621a3bewrowe can't be caught unless we add some sort of apr_exit(rv) with
addbf2b3199f23773bdcaf7263acfcafe621a3bewrowe registered apr_atexit() fn's that have the return code as an
addbf2b3199f23773bdcaf7263acfcafe621a3bewrowe argument to the registered fn.
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard * Eliminate unnecessary creation of pipes in mod_cgid
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard * Combine log_child and piped_log_spawn. Clean up http_log.c.
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard Common logging API.
1c6fb1e726ce22694de0e9a957adb67b929e5d4fstoddard * Document mod_file_cache.
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard * Platforms that do not support fork (primarily Win32 and AS/400)
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb Architect start-up code that avoids initializing all the modules
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb in the parent process on platforms that do not support fork.
0bff2f28ef945280c17099c142126178a78e1e54manoj * Win32: Migrate the MPM over to use APR thread/process calls. This
0bff2f28ef945280c17099c142126178a78e1e54manoj would eliminate some code in the Win32 branch that essentially
0bff2f28ef945280c17099c142126178a78e1e54manoj duplicates what is in APR.
0bff2f28ef945280c17099c142126178a78e1e54manoj * There are still a number of places in the code where we are
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick losing error status (i.e. throwing away the error returned by a
0bff2f28ef945280c17099c142126178a78e1e54manoj system call and replacing it with a generic error code)
ff849e4163ed879288f0df15f78b6c9d278ec804fanf * Mass vhosting version of suEXEC.
447c6ce3ff08073c44f6785d5256271fcb877512wrowe * All DBMs suffer from confusion in support/dbmmanage (perl script) since
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar the dbmmanage employs the first-matched dbm format. This is not
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar necessarily the library that Apache was built with. Aught to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar rewrite dbmmanage upon installation to bin/ with the proper library
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar for predictable mod_auth_dbm administration.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe Questions; htdbm exists, time to kill dbmmanage, or does it remain
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe useful as a perl dbm management example? If we keep it,
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe do we address the issue above?
db3ccce11afac4fc1d4f51a65424412f7480c46cgstein * Integrate mod_dav.
dd4713dc5b186f4d1be7b88f86608fdb84cbe5d5gstein Some additional items remaining:
48c0c81cd6fabac9d3386406d97633780365b839coar - case_preserved_filename stuff
48c0c81cd6fabac9d3386406d97633780365b839coar (use the new canonical name stuff?)
48c0c81cd6fabac9d3386406d97633780365b839coar - find a new home for ap_text(_header)
48c0c81cd6fabac9d3386406d97633780365b839coar - is it possible to remove the DAV: namespace stuff from util_xml?
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick are a bit wonky. The function should probably be exposed as a utility
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick function (such as ap_translate_url2fs() or ap_validate_fs_url() or
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein something). Another approach would be a new hook phase after
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein "translate" which would allow the module to munge what the
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein translation has decided to do.
6fa71a1bd8c61518b05f5798a7a1594c270e78afrbb Status: Greg +1 (volunteers), Ryan +1
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * Explore use of a post-config hook for the code in http_main.c which
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein ap_sort_hooks() [to reduce the logic in main()]
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * read the config tree just once, and process N times (as necessary)
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj into a VirtualHost container) to 2.0.
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein * shift stuff to mod_core.h
2f728b2e8555fee1b7cc11e886488692f2575fbddougm * callers of ap_run_create_request() should check the return value
2f728b2e8555fee1b7cc11e886488692f2575fbddougm for failure (Doug volunteers)
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Get Apache working on Windows 95/98. The following work
48c0c81cd6fabac9d3386406d97633780365b839coar (at least) needs to be done:
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe - Document warning that OSR2 is required (for Crypt functions, in
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe rand.c, at least.) This could be resolved with an SSL library, or
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe randomization in APR itself.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe actually works) and add in a splash of Win9x service code.
27757f6699a924d4b493a1b6cceb27df27a43287dreid * Fix the worker MPM to use POD to kill child processes instead
27757f6699a924d4b493a1b6cceb27df27a43287dreid of ap_os_killpg, regardless of how they should die. (Ryan Bloom)
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Scoreboard structures could be changed in the future such that
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick proper alignment is not maintained, leading to segfaults on
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick some systems. Cliff posted a patch to deal with this issue but
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick later recanted. See this message to dev@apr.apache.org:
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
28c4fe67d75f8f26504d75b7aa8dc5d868032888wroweTODO ISSUES REMAINING IN MOD_SSL:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * In order to use a DSO version of mod_ssl we have to link with
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -lssl and -lcrypto. A workaround is in place right now where the
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe entire EXTRA_LIBS macro is being appended to the objects list, but
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe autoconf function or come up with some other autoconf checks to
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe search for libssl and libcrypto and properly add them to mod_ssl's
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe link flags.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSL renegotiations in combination with POST request
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Port or dispose all code inside #if 0...#endif blocks that remain
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe from the porting effort.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Do we need SSL_set_read_ahead()?
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -in ssl_expr_comp() if SSLRequire is used in .htaccess
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_info is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -is ssl_expr_eval() if there is an error
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_error is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSLRequire directive (parsing of) leaks memory
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Diffie-Hellman-Parameters for temporary keys are hardcoded in
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe "it is suggested that keys be changed daily or every 500
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe transactions, and more often if possible."
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_var_lookup could be rewritten to be MUCH faster
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * CRL callback should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * session cache store should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * init functions should return status code rather than ssl_die()
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_engine_pphrase.c needs to be reworked so it is generic enough
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe to also decrypt proxy keys
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the shmcb code should just align its memory segment rather than
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe jumping through all the "safe" memcpy and memset hoops
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddardEXPERIMENTAL MODULES:
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard Experimental modules should eventually be be promoted to fully supported
6f1e2a1eb9944358dc96ee52f2048377c57f1cfaaaron status or removed from the repository entirely (ie, the
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard 'experiment' failed). This section tracks what needs to happen to
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard get the modules promoted to fully supported status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: handle cache_control: no_cache "field_name" to enable
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard cacheing the response w/o header "field_name"
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard See RFC2616 section 14.9.1
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
c408915e2a85fedc520e97e96abda8f61aafc804stoddard * mod_cache: Fix dependency on ATOMIC operators. Need
c408915e2a85fedc520e97e96abda8f61aafc804stoddard APR_HAS_ATOMIC_* feature macros.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_disk_cache: Implement garbage collection
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache/mod_disk_cache: Need to be able to query cache
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard status (num of entries, cache object properties, etc.).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_status could be extended to query optional hooks defined
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard by modules for the purpose of reporting module status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_cache (et. al.) could define optional hooks that are called
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard to collect status. Status should be queryable by
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard HTTP or SNMP?
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache: garbage collection. One strategy is to simply
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard remove stale entries as we attempt to serve them. Another
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard strategy is to kick off a GC thread that traverses the cache
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard and preemptively remove stale entries. How to manage a
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard cache that is full? Do LRU GC? Other? Bueller?
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache/mod_disk_cache: Complete implementing config
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard directives.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * Sample config for mod_cache/mod_mem_cache/mod_disk_cache for
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard inclusion into httpd.conf.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache/mod_mem_cache/mod_disk_cache: Documentation.
64ad864fa0f4493eebb181e393b40a8a90beccb9coarPRs that have been suspended forever waiting for someone to
64ad864fa0f4493eebb181e393b40a8a90beccb9coarput them into 'the next release':
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * documentation and Q&A
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2221: Make online documentation search link back to my installation
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2906: Propose that Apache recommend $UNIQUE_ID for all "session id"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2793: When will Apache support P3P? Any Plans?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2113: HTTP Server Rebuild Line Needs Changing for the better
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2421: problem specifying ndbm library for build ?with autoconfigure
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#76: missing call to "setlocale();"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#628: Request of "Options SymLinksIfGroupMatch"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#793: RLimitCPU and RLimitMEM don't apply to all children like they should
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#922: it is useful to allow specifiction that root-owned symlinks
7787343a549c7309035b3b7836e00edb6e3a915ewrowe should always be followed
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1028: DoS attacks involving memory consumption
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1191: setlogin() is not called, causing problems with e.g. identd
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1204: regerror() exists, use it
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2284: Can not POST to ErrorDocument - Apache/1.3b6
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2396: Proposal for TimeZone directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2446: AllowOverride FileInfo is too coarse
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2760: [PATCH] User/Group for <Directory> and <Location> i.e. not only
7787343a549c7309035b3b7836e00edb6e3a915ewrowe in global and <Virtual>.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2907: suggestion: power up your Include directive :)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3018: cannot limit some HTTP methods
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3677: New ErrorDocumentMatch directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4244: "Files" and "FilesMatch" regexp does not recognize bang as
7787343a549c7309035b3b7836e00edb6e3a915ewrowe negation operator
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#5993: AllowOverride should have a 'CheckNone' and 'AllowNone' argument
7787343a549c7309035b3b7836e00edb6e3a915ewrowe instead of only 'None'
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_access
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#537: mod_access syntax allows hosts that should be restricted
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1287: add allow,deny/deny,allow warning to mod_access
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2512: <IfDenied> directive wanted
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_auth-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#557: ~UserHome directories are not honored in absolute pathname
7787343a549c7309035b3b7836e00edb6e3a915ewrowe requests (.htaccess)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1117: Using NIS passwd.byname dbm files with AuthDBMUserFile
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1809: Suggestion for improving authentication modules and core source
7787343a549c7309035b3b7836e00edb6e3a915ewrowe code, problem with 401 and ErrorDocument
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_autoindex
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1263: Add frame-safe anchor attribute to mod_autoindex links
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_cgi (and suexec)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#921: suexec Uses cwd before filling it in, doesn't use syslog
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1176: Apache cannot handle continuation line in headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1120: suexec does not parse arguments to #exec cmd
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1268: CGI scripts running as Apache user: security (suexec etc.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1285: Error messages could be easier to spot in cgi.log file for suexec.c
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1905: suexec - Allow modules to set user:group for execution.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2360: suexec for general access of user content?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2460: TimeOut applies to output of CGI scripts
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2573: CGI's for general use still have to be run as another user
7787343a549c7309035b3b7836e00edb6e3a915ewrowe with suExec
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4241: Need to be able to override shebang line to make CGI scripts
7787343a549c7309035b3b7836e00edb6e3a915ewrowe more portable.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4490: mod_cgi prevents handling of OPTIONS requests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#370: Modified PATH environemnt variable is not passed, instead
7787343a549c7309035b3b7836e00edb6e3a915ewrowe system's is used
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1383: I make mod_headers to modify request headers as well as
7787343a549c7309035b3b7836e00edb6e3a915ewrowe response ones.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1677: mod_headers should allow mod_log_config-style formats in
64ad864fa0f4493eebb181e393b40a8a90beccb9coar header values
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#759: imap should read <MAP><AREA>*</MAP> too!
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_include
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#78: Additional status for XBitHack directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#623: A smarter "Last Modified" value for SSI documents (see PR number 600)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1145: mod_include
7787343a549c7309035b3b7836e00edb6e3a915ewrowe Allow for Last-Modified: without resorting to XBitHack
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1803: patches to mod_include to allow for file tests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4459: Suggestion for better handling of Last-modified headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2415: /server-info doesn't check for the virtual host to list the info
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_log-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1050: Logging of virtual server to error_log as well
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1358: Selective url-encode of log fields (or maybe a pseudo
7787343a549c7309035b3b7836e00edb6e3a915ewrowe log_rewrite module?)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2073: pipelined connections are not logged correctly
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4448: Please allow CGI env variables (QUERY_STRING, ...) to be logged
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_negotiation
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3191: no way to set global quality-of-source (qs) coneg values
7787343a549c7309035b3b7836e00edb6e3a915ewrowe with multiviews
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_proxy
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#362: Mod_proxy doesn't allow change of error pages
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#440: Proxy doesn't deliver documents if not connected
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#534: proxy converts ~name to %7Ename when name starts with a dot (.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#612: Proxy FTP Authentication Fails
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#700: Proxy doesn't do links right for OpenVMS files through ftp:
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#980: Controlling Access to Remote Proxies would be nice...
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#994: Adding authentication "on the fly" through the proxy module
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1085: ProxyRemote make a dead cycle.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1166: ``nph-'' not honored (no buffering) for ProxyRemote mapping
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1290: Need to know "hit-rate" on proxy cache
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1532: Proxy transfer logging
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1547: No HTTP_X_FORWARDED_FOR set...
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1567: ProxyRemote proxy requests fail authentication by firewall
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1702: mod_proxy to support persistent conns?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1878: listing of proxy cache content
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2314: patterns in ProxyRemote
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2648: Cache file names in Proxy module
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3568: Accessing URL through proxy server corrupts data.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3605: Some anonymous FTP URLs ask for authentication
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_rewrite
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1582: mod_rewrite forms REQUEST_URI different than mod_cgi does
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2074: mod_rewrite doesn't pass Proxy Throughput on internal subrequests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_status
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2138: mod_status always displays 256 possible connection slots
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2343: Status module averages are for entire uptime
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * apache-api
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1004: request_config field in request_rec is moderately bogus
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1158: improvements to child spawning API
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1233: there is no way to keep per-connection per-module state
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2024: adding auth_why to conn_rec
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2873: Feedback/Comment on APACI
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3143: No module specific data hook for per-connection data
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * generally odds and ends
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2431: A small addition to rotatelogs.c to improve program functionality.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2763: mailto tags and bundling bug report script
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2785: os-aix Support for System Resource Controller
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2889: Inclusion of RPM spec file in CVS/distributions
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#5713: os-windows [PATCH] install as win32 service with domain account
48c0c81cd6fabac9d3386406d97633780365b839coar Status: Cannot accept password-as-arg, we should prompt the
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe user when -k install/-k config with a user argument.
2a6c49cfaef5979a5a06098f3ce987cd76769409manojOther bugs that need fixing:
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding * ap_discard_request should be converted to use the bucket API
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding directly rather than waste cycles copying buffers with the old API.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * MaxRequestsPerChild measures connections, not requests.
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj Until someone has a better way, we'll probably just rename it
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj "MaxConnectionsPerChild".
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * Regex containers don't work in an intutive way
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj Status: No one has come up with an efficient way to fix this
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj behavior. Dean has suggested getting rid of regex containers
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj completely.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe OtherBill suggests: We at least seem to agree on eliminating
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe the <Container ~ foo> forms, and using only
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe <ContainerMatch foo> semantics.
0bff2f28ef945280c17099c142126178a78e1e54manoj * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
0bff2f28ef945280c17099c142126178a78e1e54manoj sigwaiting thread. We need to work around this, perhaps unless
0bff2f28ef945280c17099c142126178a78e1e54manoj there is hope soon for a fixed glibc.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein * orig_ct in the byterange/multipart handling may not be
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein needed. Apache 1.3 just never stashed "multipart" into
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein r->content_type. We should probably follow suit since the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein byterange stuff doesn't want the rest of the code to see the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein multipart content-type; the other code should still think it is
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein dealing with the <orig_ct> stuff.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein Status: Greg volunteers to investigate (esp. since he was most
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein likely the one to break it :-)
92d75991039fc1155961044d642816b4c0323687aaronBinaries (2.0.35):
92d75991039fc1155961044d642816b4c0323687aaron Platform Avail. Volunteer
92d75991039fc1155961044d642816b4c0323687aaron ------------------------------------------------------------------
fd5d5cef19cb3b114d9136e2d57745a7ec180cdbstoddard AIX 4.3.3 Bill Stoddard
92d75991039fc1155961044d642816b4c0323687aaron Mandrake 8.1 no Ryan Bloom
ad7ca6367fa53c34a7897546210958f2c0f22a26rbb FreeBSD 4.1 yes Ryan Bloom
221bcff578860adfb42459b15e65e2962a208f8caaron i386-unknown-freebsd4.5 yes Aaron Bannert
e3cda447fb3dd17ec89b748aa6a7c0feeb0b1048jim OS X 10.1.3/Darwin 5.3 yes Jim Jagielski
18fcb3eaebbdbc0c0a47e1d6b7c3a6c6819cdafajim Solaris 8.x/sparc yes Jim Jagielski
a601531b52c7b04718fd6cbe0ac525b2bc500462aaron i686-pc-linux-gnu-rh70 yes Aaron Bannert
a601531b52c7b04718fd6cbe0ac525b2bc500462aaron i686-pc-linux-gnu-rh72 yes Aaron Bannert
221bcff578860adfb42459b15e65e2962a208f8caaron i386-pc-solaris2.8 yes Aaron Bannert
f8ce8d962c047327f15cb3a13294f4d988e87fcbminfrin powerpc-unknown-linux-gnu yes Graham Leggett
8170eaebc81c46959e8d98504883964a58f8a56dbnicholes NetWare yes Brad Nicholes
7d3ea4f0d28dfd3d779bb77bd19f878b494a1171wrowe Win32-x86 yes William Rowe
2a6c49cfaef5979a5a06098f3ce987cd76769409manojOther features that need writing:
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * Finish infrastructure in core for async MPMs
40a5b7189dbbb28e107bf008ee625f2f0142c2ccdgaudet Status: post 2.0
dbf0c7bef06259486cd2748a2d0e82f27e099d6efielding * TODO in source -- just do an egrep on "TODO" and see what's there
2a6c49cfaef5979a5a06098f3ce987cd76769409manojAvailable Patches:
863ec32e13d6c9619414c48b51109f3dca99cbc6wrowe * Martin Sojka <msojka@gmx.de>'s patch to add error reporting for failed
863ec32e13d6c9619414c48b51109f3dca99cbc6wrowe htpasswd actions due to a full /tmp volume (other programs may have
863ec32e13d6c9619414c48b51109f3dca99cbc6wrowe similar problems?)
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * Mike Abbott's <mja@trudge.engr.sgi.com> patches to improve
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj performance
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj Status: These were written for 1.3, and are awaiting a port to
ae6907470ddf23ab7c6b506e6407cc5372f9c0dftrawick * Jim Winstead's <jimw@trainedmonkey.com> patch to add CookieDomain and
ae6907470ddf23ab7c6b506e6407cc5372f9c0dftrawick other small mod_usertrack features
ef7ff29d74b8684761de5758423f1cc5a49f48e3rbb * Dan Rench's <drench@xnet.com> patch to add allow the errmsg and timefmt
ef7ff29d74b8684761de5758423f1cc5a49f48e3rbb of SSI's to be modified in the config file. Patch is available in