STATUS revision 2b8a78eefeba261ced96c3e57527d8ae3fce2f1a
c330021bf3f45cbf187fa644781e67f7e470a58awroweAPACHE 2.1 STATUS: -*-text-*-
2b8a78eefeba261ced96c3e57527d8ae3fce2f1aerikabeleLast modified at [$Date: 2004/01/04 15:08:00 $]
c330021bf3f45cbf187fa644781e67f7e470a58awroweRelease [NOTE that only Alpha/Beta releases occur in 2.1 development]:
c330021bf3f45cbf187fa644781e67f7e470a58awrowe 2.1.0 : in development
af4c982a7cf4515f124935f99a329744035fc699slivePlease consult the following STATUS files for information
af4c982a7cf4515f124935f99a329744035fc699sliveon related projects:
f610c7c704235bc327dbe9b62982f5b3f8e30a77wroweContributors looking for a mission:
2b8a78eefeba261ced96c3e57527d8ae3fce2f1aerikabele * Just do an egrep on "TODO" or "XXX" in the source.
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive * Review the "PatchAvailable" bugs in the bug database.
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive Append a comment saying "Reviewed and tested".
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive * Open bugs in the bug database.
4b62424416882687387923b3130b96241503cbe0jerenkrantzCURRENT RELEASE NOTES:
45b0e1c775c1cfed6473c9e5304179ccb9609f53stoddardRELEASE SHOWSTOPPERS:
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas * Handling of non-trailing / config by non-default handler is broken
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas * the edge connection filter cannot be removed
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantzCURRENT VOTES:
a3f7a6fb4aedec8585efd990cf99d3917b99a0d3jim * Promote mod_cache from experimental to non-experimental
a3f7a6fb4aedec8585efd990cf99d3917b99a0d3jim status (keep issues noted below in EXPERIMENTAL MODULES as
a3f7a6fb4aedec8585efd990cf99d3917b99a0d3jim items to be addressed as a supported module).
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard +1: jim, bnicholes
1e82fcef33ad0da9e76fbb1f5e440b691a8b3551jerenkrantz -0: jerenkrantz
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard -1: stoddard
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard There are a couple of problems that need to be resolved
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard before this module is moved out of experimental.
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard 1) We need to at least review and comment on the RFC violations
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard 2) Resolve issue of how to cache page fragements (or perhaps -if- we
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard want to cache page fragements). Today, mod_cache/mod_mem_cache
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard will cache #include 'virtual' requests (but not #include 'file'
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard requests). This was accomplished by making CACHE_IN a
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard filter. But now responses cannot be cached that include the
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard effects of having been run through CONTENT_SET filters
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard (mod_deflate, mod_expires, etc). We could rerun all the
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard CONTENT_SET filters on the cached response, but this will not
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard work in all cases. For example, mod_expires relies on installing
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard the EXPIRATION filter during fixups. Contents served out of
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard mod_cache (out of the quick_handler) bypass -all- the request
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard line server hooks (Ryan really hated this. It is great for
9fdeef48d40b7dd34c57d74fcc50a0c6924a4f1dstoddard performance, but bad because of the complications listed above).
1e82fcef33ad0da9e76fbb1f5e440b691a8b3551jerenkrantz jerenkrantz: There are a slew of RFC compliance bugs filed in Bugzilla
1e82fcef33ad0da9e76fbb1f5e440b691a8b3551jerenkrantz for mod_cache (see 'RFC 2616 violations' below). I think
1e82fcef33ad0da9e76fbb1f5e440b691a8b3551jerenkrantz fixing them is a pre-requisite before it isn't experimental.
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick a) httpd-std.conf should be tailored by install (from src or
c95a8116bde20ab75f2e54d0e867bdf2e13643c3jim binbuild) even if user has existing httpd.conf
b08ed1b8a8afa3d8466300f4607b9d1179d2f1eaerikabele +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley, jim, nd,
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe wrowe - prefer httpd.default.conf to avoid ambiguity with cvs
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick b) tailored httpd-std.conf should be copied by install to
cc22a72861c58dda7f3768613aec864e4c4e0353striker -0: striker
ddafc111b94558ef4e2d7357ceda623315566ce3slive c) tailored httpd-std.conf should be installed to
b08ed1b8a8afa3d8466300f4607b9d1179d2f1eaerikabele +1: slive, trawick, Ken, nd (prefer the latter), erikabele
93f189f1198f539d3cfa75a15b23dcde60ee35ffrbb d) Installing a set of default config files when upgrading a server
93f189f1198f539d3cfa75a15b23dcde60ee35ffrbb doesn't make ANY sense at all.
bca5b27d271b6e1690134a83963424b9825d93bdstriker +1: ianh - medium/big sites don't use 'standard config' anyway, as it
bca5b27d271b6e1690134a83963424b9825d93bdstriker usually needs major customizations
b08ed1b8a8afa3d8466300f4607b9d1179d2f1eaerikabele -1: Ken, wrowe, jwoolley, jim, nd, erikabele
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe wrowe - diff is wonderful when comparing old/new default configs,
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe even for customized sites that ianh mentions
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim jim - ... assuming that the default configs have been updated
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim with the required inline docs to explain the
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * If the parent process dies, should the remaining child processes
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "gracefully" self-terminate. Or maybe we should make it a runtime
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz option, or have a concept of 2 parent processes (one being a
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "hot spare").
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars Self-destruct: Ken, Martin, Lars
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Not self-destruct: BrianP, Ian, Cliff, BillS
7718f3d5b4da70eb063877f5300ee361435910f4nd Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim /* The below was a concept on *how* to handle the problem */
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim Have 2 parents: +1: jim
7718f3d5b4da70eb063877f5300ee361435910f4nd -1: Justin, wrowe, rederpj, nd
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars +0: Lars, Martin (while standing by, could it do
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars something useful?)
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Make the worker MPM the default MPM for threaded Unix boxes.
7718f3d5b4da70eb063877f5300ee361435910f4nd +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd
1af5c0e25a649bb298e25ddfa5418fa18bdcb107aaron +0: BrianP, Aaron (mutex contention is looking better with the
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim latest code, let's continue tuning and testing), rederpj, jim
1b3f48fd6b1ccb8745f908e40156c5a85ca3c347jerenkrantzRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive * Patches submitted to the bug database:
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive http://nagoya.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
0723420d6007137272f4f140ffd17035b17c1563nd * Filter stacks and subrequests, redirects and fast redirects.
0723420d6007137272f4f140ffd17035b17c1563nd There's at least one PR that suffers from the current unclean behaviour
0723420d6007137272f4f140ffd17035b17c1563nd (which lets the server send garbage): PR 17629
0723420d6007137272f4f140ffd17035b17c1563nd nd says: Every subrequest should get its own filter stack with the
0723420d6007137272f4f140ffd17035b17c1563nd subreq_core filter as bottom-most. That filter does two things:
0723420d6007137272f4f140ffd17035b17c1563nd - swallow EOS buckets
0723420d6007137272f4f140ffd17035b17c1563nd - redirect the data stream to the upper request's (rr->main)
0723420d6007137272f4f140ffd17035b17c1563nd filter chain directly after the subrequest's starting
0723420d6007137272f4f140ffd17035b17c1563nd Once we have a clean solution, we can try to optimize
0723420d6007137272f4f140ffd17035b17c1563nd it, so that the server won't be slow down too much.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz * RFC 2616 violations.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz Closed PRs: 15857.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz 16138, 16139, 16140, 16142, 16518, 16520, 16521,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz jerenkrantz says: need to decide how many we need to backport and/or
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz if these rise to showstopper status.
56afb23a30271d30e87f225cce6c69969d6dd8bbwrowe wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
56afb23a30271d30e87f225cce6c69969d6dd8bbwrowe out of this list, without reviewing them individually.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * There is a bug in how we sort some hooks, at least the pre-config
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe hook. The first time we call the hooks, they are in the correct
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe order, but the second time, we don't sort them correctly. Currently,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the modules/http/config.m4 file has been renamed to
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe modules/http/config2.m4 to work around this problem, it should moved
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe back when this is fixed.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe OtherBill offers that this is a SERIOUS problem. We do not sort
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe correctly by the ordering arguments passed to the register hook
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe functions. This was proven when I reordered the open_logs hook
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe to attempt to open the error logs prior to the access logs. Possibly
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the entire sorting code needs to be refactored.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * pipes deadlock on all platforms with limited pipe buffers (e.g. both
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe Linux and Win32, as opposed to only Win32 on 1.3). The right solution
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
c330021bf3f45cbf187fa644781e67f7e470a58awrowe for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * All handlers should always send content down even if r->header_only
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe is set. If not, it means that the HEAD requests don't generate the
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe same headers as a GET which is wrong.
56b2562cb4041a21bc313fde3204beabdb758800jwoolley * HP/UX 10.20: compile breakage in APR. Looks like it should be easy
56b2562cb4041a21bc313fde3204beabdb758800jwoolley to fix, probably just some extraneous #include's that are fouling
56b2562cb4041a21bc313fde3204beabdb758800jwoolley Jeff: See my reply and patch in the PR (and previous commit to
56b2562cb4041a21bc313fde3204beabdb758800jwoolley stop using "pipe" as a field name). If patch is committed, we
56b2562cb4041a21bc313fde3204beabdb758800jwoolley should be okay. I'll wait to see if the user tests the patch.
f881b8be216de36c6b964324c772450bca38a4e6trawick Update by Jeff 20020722: I got an account on HP 10.20. It looks
f881b8be216de36c6b964324c772450bca38a4e6trawick like some of the APR thread detection is screwed up. If we find
f881b8be216de36c6b964324c772450bca38a4e6trawick pthread.h but we can't compile the pthread test program we still
f881b8be216de36c6b964324c772450bca38a4e6trawick think we can use threads. For that reason, the patch I posted
f881b8be216de36c6b964324c772450bca38a4e6trawick to the PR won't work as-is since a failed compile of the test
f881b8be216de36c6b964324c772450bca38a4e6trawick program means nothing.
b05930e6008f69bd323abe0c10f81f40ffd27983brianp * exec cmd and suexec arg-passing enhancements
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Status: Patches proposed
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
b05930e6008f69bd323abe0c10f81f40ffd27983brianp (see the "proc.patch" and "suexec-shell.patch" links in this message)
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley * The 2.0.36 worker MPM graceless shutdown changes work but are
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley a bit clunky on some platforms; eg, on Linux, the loop to
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley join each worker thread seems to hang, and the parent ends up
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley killing off the child with SIGKILL. But at least it shuts down.
8c8fbb8546af54582539898be704411a60058d85trawick * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
8c8fbb8546af54582539898be704411a60058d85trawick posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard * We do not properly substitute the prefix-variables in the configuration
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard scripts or generated-configs. (i.e. if sysconfdir is etc,
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard httpd-std.conf points to conf.)
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * If any request gets through ap_process_request_internal() and is
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe scheduled to be served by the core handler, without a flag that this
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe r->filename was tested by dir/file_walk, we need to 500 at the very
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe end of the ap_process_request_internal() processing so sub_req-esters
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe know this request cannot be run. This provides authors of older
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe modules better compatibility, while still improving the security and
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe robustness of 2.0.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Status: still need to decide where this goes, OtherBill comments...
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe [Deleted comments regarding the ap_run_handler phase, as irrelevant
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe as BillS points out that "common case will be caught in
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe default_handler already (with the r->finfo.filetype == 0 check)"
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe and the issue is detecting this -before- we try to run the req.]
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe gregames says: can this happen somehow without a broken module
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe being involved? If not, why waste cycles trying to defend against
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe potential broken modules? It seems futile.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe wrowe counters: no, it shouldn't happen unless the module is broken.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe But the right answer is to fail the request up-front in dir/file
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe walk if the path was entirely invalid; and we can't do that either
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb how the Perchild MPM should be re-written. It hasn't worked
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb correctly since filters were added because it wasn't possible to
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb get the content that had already been written and the socket at
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb the same time. This mode lets us do that, so the MPM can be
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * Can a static httpd be built reliably?
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Message-ID: <20020207142751.T31582@clove.org>
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * [Ken] Test suite failures:
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz o worker is also failing some of the 'cgi' subtests
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz (see <URL:http://Source-Zone.Org/Apache/regression/>):
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Justin says: "Worker should be fine and passes httpd-test here.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe I think it's a perl or a httpd-test problem."
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz removed if possible.
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
f881b8be216de36c6b964324c772450bca38a4e6trawick Jeff wonders if we still care about this. It is no longer an
f881b8be216de36c6b964324c772450bca38a4e6trawick API issue but simply an extra trip through the brigade.
dc098c7ce5d36179c504d09fc722d190683d0262aaron * The Add...Filter and Set...Filter directives do not allow the
dc098c7ce5d36179c504d09fc722d190683d0262aaron administrator to order filters, beyond the order of filename (mime)
dc098c7ce5d36179c504d09fc722d190683d0262aaron extensions. It isn't clear if Set...Filter(s) should be inserted
dc098c7ce5d36179c504d09fc722d190683d0262aaron before or after the Add...Filter(s) which are ordered by sequence of
dc098c7ce5d36179c504d09fc722d190683d0262aaron filename extensions. At minimum, some sort of +-[0-10] syntax seems
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe like a nice solution. See ROADMAP.
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron * Get perchild to work on platforms other than Linux. This
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron will require a portable mechanism to pass data and file/socket
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron descriptors between vhost child groups. An API was proposed
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron on dev@apr:
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron Message-ID: <20020111115006.K1529@clove.org>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz * Try to get libtool inter-library dependency code working on AIX.
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Justin says: If we get it working on AIX, we can enable this
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz on all platforms and clean up our build system
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick Jeff says: I thought I tested a patch for you sometime in
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick January that you were going to commit within a few
54e1babd5a5a56c576eeeace54110150769cc916coar * Handling of %2f in URIs. Currently both 1.3 and 2.0
54e1babd5a5a56c576eeeace54110150769cc916coar completely disallow %2f in the request URI path (see
54e1babd5a5a56c576eeeace54110150769cc916coar ap_unescape_url() in util.c). It's permitted and passed
54e1babd5a5a56c576eeeace54110150769cc916coar through in the query string, however. Roy says the
54e1babd5a5a56c576eeeace54110150769cc916coar original reason for disallowing it, from five years ago,
54e1babd5a5a56c576eeeace54110150769cc916coar was to protect CGI scripts that applied PATH_INFO to
54e1babd5a5a56c576eeeace54110150769cc916coar a filesystem location and which might be tricked by
54e1babd5a5a56c576eeeace54110150769cc916coar ..%2f..%2f(...). We *should* allow path-info of the
54e1babd5a5a56c576eeeace54110150769cc916coar Since we've revamped a lot of our processing of path
54e1babd5a5a56c576eeeace54110150769cc916coar segments, it would be nice to allow this, or at least
54e1babd5a5a56c576eeeace54110150769cc916coar allow it conditionally with a directive.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe OtherBill adds that %2f as the SECOND character of a multibyte
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe sequence causes the request to fail! This happens notably in
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the ja-jis encoding.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz * FreeBSD, threads, and worker MPM. All seems to work fine
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz if you only have one worker process with many threads. Add
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz a second worker process and the accept lock seems to be
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz lost. This might be an APR issue with how it deals with
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz the child_init hook (i.e. the fcntl lock needs to be resynced).
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz More examination and analysis is required.
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz Status: This has also been reported on Cygwin.
e31aa14791ca6ce21f41fefc9678462b34ce11c7jerenkrantz FreeBSD 4.7 was reputed to have 'fixed' threads. Not.
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz FreeBSD 5.2-RC is a confirmed fix w/either libkse or libthr.
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz [libc_r, still the default, does not serve any pages w/worker;
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz so on FreeBSD 5.2, you must use libmap.conf (see man page).]
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz Work needs to be done to get APR to try to be knowledgable that
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz libkse/libthr are acceptable. Still not recommended for the
942f9b7d835bb864a76719c131efcf3861450c96jerenkrantz default since libc_r is still broken.
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
4ca13a5e126946272f02637e268a8e09193c553ecoar * There is increasing demand from module writers for an API
4ca13a5e126946272f02637e268a8e09193c553ecoar that will allow them to control the server � la apachectl.
4ca13a5e126946272f02637e268a8e09193c553ecoar Reasons include sole-function servers that need to die if
4ca13a5e126946272f02637e268a8e09193c553ecoar an external dependency (e.g., a database) fails, et cetera.
4ca13a5e126946272f02637e268a8e09193c553ecoar Perhaps something in the (ever more abused) scoreboard?
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe On the other hand, we already have a pipe that goes between parent
48c0c81cd6fabac9d3386406d97633780365b839coar and child for graceful shutdown events, along with an API that
48c0c81cd6fabac9d3386406d97633780365b839coar can be used to send a message down that pipe. In threaded MPMs,
48c0c81cd6fabac9d3386406d97633780365b839coar it is easy enough to make that one pipe be used for graceful
48c0c81cd6fabac9d3386406d97633780365b839coar and graceless events, and it is also easy to open that pipe
48c0c81cd6fabac9d3386406d97633780365b839coar to both parent and child for writing. Then we just need to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar figure out how to do graceless on non-threaded MPMs.
b84f66c93f820824b1d5455181f55598b766319cwrowe * Allow the DocumentRoot directive within <Location > scopes? This
b84f66c93f820824b1d5455181f55598b766319cwrowe allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
b84f66c93f820824b1d5455181f55598b766319cwrowe by a <Directory /somepath/foo> to become simply
b84f66c93f820824b1d5455181f55598b766319cwrowe <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
7fe18c15b669db9d191859695901dc4fcf3829dawrowe and in-your-face.) DocumentRoot unset would be accepted [and would
7fe18c15b669db9d191859695901dc4fcf3829dawrowe not permit content to be served, only virtual resources such as
7fe18c15b669db9d191859695901dc4fcf3829dawrowe server-info or server-status.
cc22a72861c58dda7f3768613aec864e4c4e0353striker This proposed change would _not_ depricate Alias.
cc22a72861c58dda7f3768613aec864e4c4e0353striker striker: See the thread starting with Message-ID:
cc22a72861c58dda7f3768613aec864e4c4e0353striker JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Rotatelogs sometimes is not terminated when Apache
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe goes down hard. FirstBill was looking at possibly tracking the
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe child's-child processes in the parent process.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe stoddard: Shared scoreboard might offer a good way for the parent
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe to keep track of 'other child' processes and whack them if the child
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Other thoughts on walking the process chain using the NT kernel
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe have also been proposed on APR.
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard * Eliminate unnecessary creation of pipes in mod_cgid
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard * Combine log_child and piped_log_spawn. Clean up http_log.c.
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard Common logging API.
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard * Platforms that do not support fork (primarily Win32 and AS/400)
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb Architect start-up code that avoids initializing all the modules
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb in the parent process on platforms that do not support fork.
0bff2f28ef945280c17099c142126178a78e1e54manoj * There are still a number of places in the code where we are
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick losing error status (i.e. throwing away the error returned by a
0bff2f28ef945280c17099c142126178a78e1e54manoj system call and replacing it with a generic error code)
ff849e4163ed879288f0df15f78b6c9d278ec804fanf * Mass vhosting version of suEXEC.
447c6ce3ff08073c44f6785d5256271fcb877512wrowe * All DBMs suffer from confusion in support/dbmmanage (perl script) since
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar the dbmmanage employs the first-matched dbm format. This is not
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar necessarily the library that Apache was built with. Aught to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar rewrite dbmmanage upon installation to bin/ with the proper library
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar for predictable mod_auth_dbm administration.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe Questions; htdbm exists, time to kill dbmmanage, or does it remain
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe useful as a perl dbm management example? If we keep it,
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe do we address the issue above?
db3ccce11afac4fc1d4f51a65424412f7480c46cgstein * Integrate mod_dav.
dd4713dc5b186f4d1be7b88f86608fdb84cbe5d5gstein Some additional items remaining:
48c0c81cd6fabac9d3386406d97633780365b839coar - case_preserved_filename stuff
48c0c81cd6fabac9d3386406d97633780365b839coar (use the new canonical name stuff?)
48c0c81cd6fabac9d3386406d97633780365b839coar - find a new home for ap_text(_header)
48c0c81cd6fabac9d3386406d97633780365b839coar - is it possible to remove the DAV: namespace stuff from util_xml?
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick are a bit wonky. The function should probably be exposed as a utility
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick function (such as ap_translate_url2fs() or ap_validate_fs_url() or
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein something). Another approach would be a new hook phase after
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein "translate" which would allow the module to munge what the
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein translation has decided to do.
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe Status: Greg +1 (volunteers)
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * Explore use of a post-config hook for the code in http_main.c which
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein ap_sort_hooks() [to reduce the logic in main()]
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * read the config tree just once, and process N times (as necessary)
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj into a VirtualHost container) to 2.0.
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein * shift stuff to mod_core.h
2f728b2e8555fee1b7cc11e886488692f2575fbddougm * callers of ap_run_create_request() should check the return value
2f728b2e8555fee1b7cc11e886488692f2575fbddougm for failure (Doug volunteers)
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Get Apache working on Windows 95/98. The following work
48c0c81cd6fabac9d3386406d97633780365b839coar (at least) needs to be done:
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe - Document warning that OSR2 is required (for Crypt functions, in
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe rand.c, at least.) This could be resolved with an SSL library, or
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe randomization in APR itself.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe actually works) and add in a splash of Win9x service code.
27757f6699a924d4b493a1b6cceb27df27a43287dreid * Fix the worker MPM to use POD to kill child processes instead
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe of ap_os_killpg, regardless of how they should die.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Scoreboard structures could be changed in the future such that
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick proper alignment is not maintained, leading to segfaults on
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick some systems. Cliff posted a patch to deal with this issue but
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick later recanted. See this message to dev@apr.apache.org:
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
0a5d24f1bcf38baf13b60c1a021057a9979ce4fbcoar * When sufficiently tested, the AllowEncodedSlashes/%2f patch
0a5d24f1bcf38baf13b60c1a021057a9979ce4fbcoar needs to be backported to 2.0 and 1.3.
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay * APXS either needs to be fixed completely for use when apr is out of tree,
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay or it should drop query mode altogether, and we just grow an
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay httpd-config or similar arrangement.
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay To quote a discussion in STATUS earlier:
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay thommay: this doesn't fix all the problems with apxs and out of
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay tree apr/apr-util, but it's a good start. There's still the
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay query cases; but I'm beginning to think that in these cases
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay the app should be querying ap{r,u}-config directly
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay gstein: agreed. apxs should deprecate the -q flag
28c4fe67d75f8f26504d75b7aa8dc5d868032888wroweTODO ISSUES REMAINING IN MOD_SSL:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * In order to use a DSO version of mod_ssl we have to link with
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -lssl and -lcrypto. A workaround is in place right now where the
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe entire EXTRA_LIBS macro is being appended to the objects list, but
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe autoconf function or come up with some other autoconf checks to
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe search for libssl and libcrypto and properly add them to mod_ssl's
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe link flags.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSL renegotiations in combination with POST request
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Port or dispose all code inside #if 0...#endif blocks that remain
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe from the porting effort.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Do we need SSL_set_read_ahead()?
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -in ssl_expr_comp() if SSLRequire is used in .htaccess
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_info is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -is ssl_expr_eval() if there is an error
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_error is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSLRequire directive (parsing of) leaks memory
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Diffie-Hellman-Parameters for temporary keys are hardcoded in
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe "it is suggested that keys be changed daily or every 500
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe transactions, and more often if possible."
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_var_lookup could be rewritten to be MUCH faster
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * CRL callback should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * session cache store should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * init functions should return status code rather than ssl_die()
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_engine_pphrase.c needs to be reworked so it is generic enough
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe to also decrypt proxy keys
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the shmcb code should just align its memory segment rather than
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe jumping through all the "safe" memcpy and memset hoops
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_proxy performance: when mod_proxy is configured to do proxy
afbd720d176856630fed7c6576cdd3ae25a407edstoddard gateway (aka reverse proxy), it would be nice to be able to reuse
afbd720d176856630fed7c6576cdd3ae25a407edstoddard connections to the backend servers. Now, connections to the
afbd720d176856630fed7c6576cdd3ae25a407edstoddard backend servers are taken down when the corresponding frontend
afbd720d176856630fed7c6576cdd3ae25a407edstoddard connection is taken down.
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_proxy: Ability to run SSL over proxy gateway connections,
afbd720d176856630fed7c6576cdd3ae25a407edstoddard encrypting (or reencrypting) at the proxy.
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_proxy: Add capability of mod_proxy to load balance across
afbd720d176856630fed7c6576cdd3ae25a407edstoddard a farm of backend servers.
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_cache: Handle ESI tags.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddardEXPERIMENTAL MODULES:
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard Experimental modules should eventually be be promoted to fully supported
6f1e2a1eb9944358dc96ee52f2048377c57f1cfaaaron status or removed from the repository entirely (ie, the
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard 'experiment' failed). This section tracks what needs to happen to
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard get the modules promoted to fully supported status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: handle cache_control: no_cache "field_name" to enable
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard cacheing the response w/o header "field_name"
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard See RFC2616 section 14.9.1
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_mem_cache: Consider adding a RevalidateTimeout directive to
afbd720d176856630fed7c6576cdd3ae25a407edstoddard specify time at which local cached content is to be revalidated
afbd720d176856630fed7c6576cdd3ae25a407edstoddard (ie, underlying file stat'ed to see if it has changed).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
c408915e2a85fedc520e97e96abda8f61aafc804stoddard * mod_cache: Fix dependency on ATOMIC operators. Need
c408915e2a85fedc520e97e96abda8f61aafc804stoddard APR_HAS_ATOMIC_* feature macros.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_disk_cache: Implement garbage collection
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache/mod_disk_cache: Need to be able to query cache
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard status (num of entries, cache object properties, etc.).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_status could be extended to query optional hooks defined
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard by modules for the purpose of reporting module status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_cache (et. al.) could define optional hooks that are called
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard to collect status. Status should be queryable by
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard HTTP or SNMP?
a32ddb6cabb635ca29ccff87f8bf5c6af3b78ecfstoddard * Enable mod_cache/mod_mem_cache/mod_disk_cache to handle
783e9d9e55a1ecb3c0eedb14493667ed642191c5rederpj * mod_mem_cache/mod_disk_cache: Complete implementing config
783e9d9e55a1ecb3c0eedb14493667ed642191c5rederpj directives (mod_disk_cache: CacheExpiryCheck and GC directives
75f8e1cae5ca3a16a7400cdddf604815ab06b5a8rederpj including CacheGc*, CacheSize, and, CacheTimeMargin)
75f8e1cae5ca3a16a7400cdddf604815ab06b5a8rederpj (mod_mem_cache: MCacheMaxObjectCount) and
75f8e1cae5ca3a16a7400cdddf604815ab06b5a8rederpj (mod_cache: CacheForceCompletion).
951342b69609b2b45303f89f91275676d5325217bnicholes * General stabilization and testing
64ad864fa0f4493eebb181e393b40a8a90beccb9coarPRs that have been suspended forever waiting for someone to
64ad864fa0f4493eebb181e393b40a8a90beccb9coarput them into 'the next release':
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * documentation and Q&A
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2221: Make online documentation search link back to my installation
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2906: Propose that Apache recommend $UNIQUE_ID for all "session id"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2793: When will Apache support P3P? Any Plans?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2113: HTTP Server Rebuild Line Needs Changing for the better
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2421: problem specifying ndbm library for build ?with autoconfigure
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#76: missing call to "setlocale();"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#628: Request of "Options SymLinksIfGroupMatch"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#793: RLimitCPU and RLimitMEM don't apply to all children like they should
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#922: it is useful to allow specifiction that root-owned symlinks
7787343a549c7309035b3b7836e00edb6e3a915ewrowe should always be followed
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1028: DoS attacks involving memory consumption
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1191: setlogin() is not called, causing problems with e.g. identd
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1204: regerror() exists, use it
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2284: Can not POST to ErrorDocument - Apache/1.3b6
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2396: Proposal for TimeZone directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2446: AllowOverride FileInfo is too coarse
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2760: [PATCH] User/Group for <Directory> and <Location> i.e. not only
7787343a549c7309035b3b7836e00edb6e3a915ewrowe in global and <Virtual>.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2907: suggestion: power up your Include directive :)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3018: cannot limit some HTTP methods
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3677: New ErrorDocumentMatch directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4244: "Files" and "FilesMatch" regexp does not recognize bang as
7787343a549c7309035b3b7836e00edb6e3a915ewrowe negation operator
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#5993: AllowOverride should have a 'CheckNone' and 'AllowNone' argument
7787343a549c7309035b3b7836e00edb6e3a915ewrowe instead of only 'None'
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_access
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#537: mod_access syntax allows hosts that should be restricted
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1287: add allow,deny/deny,allow warning to mod_access
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2512: <IfDenied> directive wanted
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_auth-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#557: ~UserHome directories are not honored in absolute pathname
7787343a549c7309035b3b7836e00edb6e3a915ewrowe requests (.htaccess)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1117: Using NIS passwd.byname dbm files with AuthDBMUserFile
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1809: Suggestion for improving authentication modules and core source
7787343a549c7309035b3b7836e00edb6e3a915ewrowe code, problem with 401 and ErrorDocument
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_autoindex
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1263: Add frame-safe anchor attribute to mod_autoindex links
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_cgi (and suexec)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#921: suexec Uses cwd before filling it in, doesn't use syslog
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1176: Apache cannot handle continuation line in headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1120: suexec does not parse arguments to #exec cmd
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1268: CGI scripts running as Apache user: security (suexec etc.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1285: Error messages could be easier to spot in cgi.log file for suexec.c
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1905: suexec - Allow modules to set user:group for execution.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2360: suexec for general access of user content?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2460: TimeOut applies to output of CGI scripts
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2573: CGI's for general use still have to be run as another user
7787343a549c7309035b3b7836e00edb6e3a915ewrowe with suExec
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4241: Need to be able to override shebang line to make CGI scripts
7787343a549c7309035b3b7836e00edb6e3a915ewrowe more portable.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4490: mod_cgi prevents handling of OPTIONS requests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#370: Modified PATH environemnt variable is not passed, instead
7787343a549c7309035b3b7836e00edb6e3a915ewrowe system's is used
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1383: I make mod_headers to modify request headers as well as
7787343a549c7309035b3b7836e00edb6e3a915ewrowe response ones.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1677: mod_headers should allow mod_log_config-style formats in
64ad864fa0f4493eebb181e393b40a8a90beccb9coar header values
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#759: imap should read <MAP><AREA>*</MAP> too!
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_include
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#78: Additional status for XBitHack directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#623: A smarter "Last Modified" value for SSI documents (see PR number 600)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1145: mod_include
7787343a549c7309035b3b7836e00edb6e3a915ewrowe Allow for Last-Modified: without resorting to XBitHack
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1803: patches to mod_include to allow for file tests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4459: Suggestion for better handling of Last-modified headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2415: /server-info doesn't check for the virtual host to list the info
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_log-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1050: Logging of virtual server to error_log as well
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1358: Selective url-encode of log fields (or maybe a pseudo
7787343a549c7309035b3b7836e00edb6e3a915ewrowe log_rewrite module?)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2073: pipelined connections are not logged correctly
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4448: Please allow CGI env variables (QUERY_STRING, ...) to be logged
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_negotiation
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3191: no way to set global quality-of-source (qs) coneg values
7787343a549c7309035b3b7836e00edb6e3a915ewrowe with multiviews
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_proxy
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#362: Mod_proxy doesn't allow change of error pages
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#440: Proxy doesn't deliver documents if not connected
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#534: proxy converts ~name to %7Ename when name starts with a dot (.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#612: Proxy FTP Authentication Fails
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#700: Proxy doesn't do links right for OpenVMS files through ftp:
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#980: Controlling Access to Remote Proxies would be nice...
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#994: Adding authentication "on the fly" through the proxy module
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1085: ProxyRemote make a dead cycle.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1166: ``nph-'' not honored (no buffering) for ProxyRemote mapping
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1290: Need to know "hit-rate" on proxy cache
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1532: Proxy transfer logging
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1547: No HTTP_X_FORWARDED_FOR set...
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1567: ProxyRemote proxy requests fail authentication by firewall
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1702: mod_proxy to support persistent conns?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1878: listing of proxy cache content
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2314: patterns in ProxyRemote
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2648: Cache file names in Proxy module
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3568: Accessing URL through proxy server corrupts data.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3605: Some anonymous FTP URLs ask for authentication
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_rewrite
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1582: mod_rewrite forms REQUEST_URI different than mod_cgi does
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2074: mod_rewrite doesn't pass Proxy Throughput on internal subrequests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_status
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2138: mod_status always displays 256 possible connection slots
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2343: Status module averages are for entire uptime
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * apache-api
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1004: request_config field in request_rec is moderately bogus
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1158: improvements to child spawning API
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1233: there is no way to keep per-connection per-module state
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2024: adding auth_why to conn_rec
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2873: Feedback/Comment on APACI
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3143: No module specific data hook for per-connection data
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * generally odds and ends
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2431: A small addition to rotatelogs.c to improve program functionality.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2763: mailto tags and bundling bug report script
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2785: os-aix Support for System Resource Controller
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2889: Inclusion of RPM spec file in CVS/distributions
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#5713: os-windows [PATCH] install as win32 service with domain account
48c0c81cd6fabac9d3386406d97633780365b839coar Status: Cannot accept password-as-arg, we should prompt the
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe user when -k install/-k config with a user argument.
2a6c49cfaef5979a5a06098f3ce987cd76769409manojOther bugs that need fixing:
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding * ap_discard_request should be converted to use the bucket API
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding directly rather than waste cycles copying buffers with the old API.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * MaxRequestsPerChild measures connections, not requests.
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj Until someone has a better way, we'll probably just rename it
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj "MaxConnectionsPerChild".
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * Regex containers don't work in an intutive way
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj Status: No one has come up with an efficient way to fix this
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj behavior. Dean has suggested getting rid of regex containers
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj completely.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe OtherBill suggests: We at least seem to agree on eliminating
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe the <Container ~ foo> forms, and using only
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe <ContainerMatch foo> semantics.
0bff2f28ef945280c17099c142126178a78e1e54manoj * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
0bff2f28ef945280c17099c142126178a78e1e54manoj sigwaiting thread. We need to work around this, perhaps unless
0bff2f28ef945280c17099c142126178a78e1e54manoj there is hope soon for a fixed glibc.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein * orig_ct in the byterange/multipart handling may not be
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein needed. Apache 1.3 just never stashed "multipart" into
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein r->content_type. We should probably follow suit since the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein byterange stuff doesn't want the rest of the code to see the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein multipart content-type; the other code should still think it is
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein dealing with the <orig_ct> stuff.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein Status: Greg volunteers to investigate (esp. since he was most
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein likely the one to break it :-)
c330021bf3f45cbf187fa644781e67f7e470a58awroweBinaries (probably not till beta):
92d75991039fc1155961044d642816b4c0323687aaron Platform Avail. Volunteer
92d75991039fc1155961044d642816b4c0323687aaron ------------------------------------------------------------------
d9ca73cb0e701d10a94734a2ce553d9a1c906b8baaron AIX 4.3.3 no Bill Stoddard
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe Mandrake 8.1 no open
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe FreeBSD 4.1 no open
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe hppa2.0w-hp-hpux11.00 no Cliff Woolley
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley i386-pc-solaris2.8 no Aaron Bannert
49a89ba66ebdc4a3af77764e13f277e1fb4d6d63aaron i386-unknown-freebsd4.5 no
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe i386-unknown-freebsd4.6 no Cliff Woolley
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe i686-pc-linux-gnu-slackware81 no Cliff Woolley
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley i686-pc-linux-gnu-rh70 no Aaron Bannert
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe i686-pc-linux-gnu-rh73 no Cliff Woolley
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley ia64-hp-hpux11.20 no
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley powerpc-apple-darwin5.5 no Aaron Bannert
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley powerpc-unknown-linux-gnu no Graham Leggett
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe s390-ibm-linux no Greg Ames
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley sparc-sun-solaris2.8 no Jim Jagielski
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe NetWare no Brad Nicholes
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolley OS/2 no Brian Havard
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe OS/390 no Greg Ames
c330021bf3f45cbf187fa644781e67f7e470a58awrowe Win32-x86 no William Rowe