10139N/ALast modified at [$Date: 2002/01/27 05:48:31 $]
10139N/A 2.0.30 : tagged January 8, 2002. not rolled.
10139N/A 2.0.29 : tagged November 27, 2001. not rolled.
10139N/A 2.0.28 : released November 13, 2001
10139N/A 2.0.27 : rolled November 6, 2001
10139N/A 2.0.26 : tagged October 16, 2001. not rolled.
10139N/A 2.0.25 : rolled August 29, 2001
10139N/A 2.0.24 : rolled August 18, 2001
10139N/A 2.0a9 : released December 12, 2000
10139N/A 2.0a8 : released November 20, 2000
10139N/A 2.0a7 : released October 8, 2000
10139N/A 2.0a6 : released August 18, 2000
10139N/A 2.0a5 : released August 4, 2000
10139N/A 2.0a3 : released April 28, 2000
10139N/A 2.0a2 : released March 31, 2000
10139N/A 2.0a1 : released March 10, 2000
10139N/APlease consult the following STATUS files for information
10139N/A * mod_rewrite's locks (win32) were broken by recent changes to the
10139N/A apr_lock_t api (which we were deprecating in the first place, so
10139N/A I'm far from certain why it changed.) It has to do with creating
10139N/A the rewrite logs mutex. The solution is to find the brokenness in
10139N/A apr_lock_t, but if it goes away, why waste the time?
10139N/A * ap_directory_walk skips some per-dir config merge functions
10139N/A if there is no "<Directory />" block in the configuration
10139N/A Message-ID: <m3itbdiijq.fsf@rdu163-40-092.nc.rr.com>
10139N/A * That is very unlikely, merges are additive. Much more likely,
10139N/A the default SetOutputFilter default or merge is borked.
10139N/A Unless it's the code that permits 'null' merges, per module.
10139N/A Still, it's probably in SetOutputFilter's behavior.
10139N/A o worker is also failing some of the 'cgi' subtests
10139N/A * If any request gets to the core handler, without a flag that this
10139N/A end of the ap_process_request_internal() processing. This provides
10139N/A authors of older modules better compatibility, while still improving
10139N/A the security and robustness of 2.0.
10139N/A Status: still need to decide where this goes, OtherBill comments...
10139N/A Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
13570N/A we need to look at halting this in the 'default handler' case,
10139N/A and that implies pushing the 'handler election' into the request
10139N/A internal processing phase from the run request phase.
14177N/A * There is a bug in how we sort some hooks, at least the pre-config
11965N/A hook. The first time we call the hooks, they are in the correct
11965N/A order, but the second time, we don't sort them correctly. Currently,
10139N/A administrator to order filters, beyond the order of filename (mime)
10139N/A filename extensions. At minimum, some sort of +-[0-10] syntax seems
15288N/A like the quickest fix for a 2.0 gold release.
10139N/A * Convert all instances of the old apr_lock_t type to the new
13760N/A types (once they are fully supported in APR).
10139N/A Status: Aaron is working on converting INTRAPROCESS
10139N/A to apr_thread_mutex_t types. Full replacements for
10139N/A LOCKALL and CROSS_PROCESS are not yet complete on all
10139N/A platforms, and should only be used in MPMs like worker
10139N/A * ap_create_scoreboard() can exit the process, leaving stuff like
10139N/A mod_cgid's daemon process stranded. Either ap_create_scoreboard()
10139N/A needs to be called at a different time or the pre-mpm hook needs
10139N/A to be able to return an error code.
10139N/A * A binbuild installation picks up the right libraries when
10139N/A running apachectl because we set the appropriate environment
10139N/A variable, but ab, htpasswd, etc. don't know how to pick up apr,
10139N/A Message-ID: <20020116000226.GA15991@ebuilt.com>
10139N/A * Redirected autoindex requests no longer work. Example:
10139N/ARELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
10139N/A BrianP suggests that this is caused by the ap_scan_script_header_err()
10139N/A routine, which will do single-byte reads until it finds the end
10139N/A of the header, at which point it constructs a pipe-bucket (buffered)
10139N/A Message-ID: <3C36ADAF.60601@cnet.com>
10139N/A * Try to get libtool inter-library dependency code working on AIX.
10139N/A Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
10139N/A Justin says: If we get it working on AIX, we can enable this
10139N/A on all platforms and clean up our build system
10139N/A * Handling of %2f in URIs. Currently both 1.3 and 2.0
10139N/A completely disallow %2f in the request URI path (see
10139N/A through in the query string, however. Roy says the
10139N/A original reason for disallowing it, from five years ago,
10139N/A was to protect CGI scripts that applied PATH_INFO to
10139N/A a filesystem location and which might be tricked by
15589N/A ..%2f..%2f(...). We *should* allow path-info of the
13727N/A Since we've revamped a lot of our processing of path
10139N/A segments, it would be nice to allow this, or at least
10139N/A allow it conditionally with a directive.
10139N/A * FreeBSD, threads, and worker MPM. All seems to work fine
10139N/A if you only have one worker process with many threads. Add
10697N/A a second worker process and the accept lock seems to be
12374N/A lost. This might be an APR issue with how it deals with
10915N/A the child_init hook (
i.e. the fcntl lock needs to be resynced).
11161N/A More examination and analysis is required.
12385N/A Status: This has also been reported on Cygwin.
13747N/A Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
15815N/A Justin says: So, FreeBSD-CURRENT and Cywin have the same
12780N/A problem. Yum. If another platform has this
12780N/A with worker, this becomes a showstopper.
13092N/A Aaron says: I spent some time disecting this and have come to
13360N/A the conclusion that it is not a problem in the worker MPM
13409N/A (or at least, it is not isolated to a problem in worker).
13685N/A I'll list some of the problems I'm seeing in case someone
13695N/A else wants to pick up where I've left off:
13702N/A - Delivery of just about any signal to one of the child
13705N/A processes will send it into an infinite loop as well.
13711N/A - Even though the parent is spinning out of control,
13738N/A at first the child or children will appear to work
13787N/A properly. At times it is possible to get it into a state,
13891N/A however, where a request will hang until another concurrent
13891N/A request "kicks" the first, at which point the second will
13980N/A hang. My theory is that this has to do with the
14027N/A pthread_cond_*() implementation in FreeBSD, but it's still
15244N/A Justin adds: Oh, FreeBSD threads are implemented entirely with
15257N/A select()/poll()/longjmp(). Welcome to the nightmare.
15317N/A So, that means a ktrace output also has the thread
15341N/A scheduling internals in it (since it is all the same to
15342N/A the kernel). Which makes it hard to distinguish between
15342N/A our select() calls and their select() calls.
15317N/A *bangs head on wall repeatedly* But, some of the libc_r
10139N/A files have a DBG_MSG #define. This is moderately helpful
10139N/A when used with -DNO_DETACH. The kernel scheduler isn't
10139N/A waking up the threads on a select(). Yum. And, I bet
10139N/A those decrementing select calls have to do with the
10139N/A scheduler. Time to brush up on our OS fundamentals.
10139N/A * There is increasing demand from module writers for an API
10139N/A that will allow them to control the server � la apachectl.
10139N/A Reasons include sole-function servers that need to die if
10139N/A an external dependency (
e.g., a database) fails, et cetera.
10139N/A Perhaps something in the (ever more abused) scoreboard?
10139N/A rbb: I don't believe the scoreboard is the correct mechanism
10139N/A for this. We already have a pipe that goes between parent
10139N/A and child for graceful shutdown events, along with an API that
10139N/A can be used to send a message down that pipe. In threaded MPMs,
10139N/A it is easy enough to make that one pipe be used for graceful
10139N/A and graceless events, and it is also easy to open that pipe
10139N/A to both parent and child for writing. Then we just need to figure
10139N/A out how to do graceless on non-threaded MPMs.
10139N/A * revamp the input filter behavior, per discussions since
10139N/A February (and especially at the hackathon last
10139N/A April). Specifically, ap_get_brigade will return a brigade with
10139N/A *up to* a specific number of bytes, or a "line" of data. The
10139N/A read may be blocking or nonblocking. ap_getline() will be
10139N/A refactored into apr_brigade_getline(), and then DECHUNK can use
10139N/A f->next (ap_getline will always read "top of input stack"). Also
10139N/A fix the bug where request body content will end up closing the
10139N/A connection (buggering up persistent conns).
10139N/A Status: Justin is working on this as fast as he can.
10139N/A The core input filters, HTTP-related filters, mod_ssl, and
10139N/A mod_proxy are switched to the new logic.
10139N/A However, ap_getline() still needs to be refactored out. But,
10139N/A there's a problem there: ap_getline() peeks ahead for MIME
10139N/A continuation (first character on line is space or \t) and
10139N/A stores unused data in core_request_config which violates the
10139N/A abstraction. That's cheating. So, we may not be able to
10139N/A implement this without setting some data aside (yuck!).
10139N/A I believe this is OtherBill's main complaint with the current
10139N/A AIUI (correct me if I'm wrong!), OtherBill believes we
10139N/A should have a pushback option so that we can return unread
10139N/A data - this would solve this case. However, my question to
10139N/A him is how do we handle stuff like mod_ssl - we can't "unread"
10139N/A data. So, do we have two brigades for each filter? An in
10139N/A brigade and a returned brigade? That seems messy. To
10139N/A everyone else, can we refactor ap_getline() without pushback
10139N/A - socket bucket and core input filter changes. see end of
10139N/A message ID (Feb 27): <20010227075326.S2297@lyra.org>
10139N/A - fix up ap_get_brigade() semantics, fix bug in DECHUNK /
10139N/A Message-ID: <20010402101207.J27539@lyra.org>
10139N/A Message-ID: <3AF7F921.D2EEC41A@algroup.co.uk>
10139N/A Message-ID: <20010508190029.E18404@lyra.org>
10139N/A Message-ID: <20010509115445.D1374@lyra.org>
10139N/A Message-ID: <021b01c14dee$09782af0$93c0b0d0@roweclan.net>
10139N/A - proposal for getline rewrite:
10139N/A Message-ID: <20011231104019.GD3904@ebuilt.com>
10139N/A Message-ID: <20020122072605.GF28051@ebuilt.com>
10139N/A - Change ap_get_brigade prototype:
10139N/A Message-ID: <20020120115136.GI17601@ebuilt.com>
10139N/A * Allow the DocumentRoot directive within <Location > scopes? This
10139N/A and in-your-face.) DocumentRoot unset would be accepted [and would
10139N/A not permit content to be served, only virtual resources such as
10139N/A This proposed change would _not_ depricate Alias.
10139N/A * Win32: Rotatelogs sometimes is not terminated when Apache
10139N/A goes down hard. FirstBill was looking at possibly tracking the
10139N/A child's-child processes in the parent process.
10139N/A OtherBill asks, wasn't this fixed?
10139N/A OtherBill asks again, what is the status?
10139N/A * Win32: Add a simple hold console open patch (wait for close or
10139N/A the ESC key, with a nice message) if the server died a bad
10139N/A death (non-zero exit code) in console mode.
10139N/A Resolution: bring forward same ugly hacks from 1.3.13-.20
10139N/A * Port of mod_ssl to Apache 2.0:
10139N/A (2) Enabling the various SSL caching mechanisms (shmcb, shmht)
10139N/A (4) Trying to seperate the https filter logic from mod_ssl -
10139N/A This is to facilitate other modules that wish to use the https
10139N/A filter or the mod_ssl logic or both as required.
10139N/A Justin: mod_ssl filter logic is redone, so that should be fine.
10139N/A Madhu has submitted a patch for SSL caching - however, I
10139N/A am -0 on that patch as I *think* we could implement the
10139N/A shared memory another way that is much cleaner (
i.e. 10139N/A treat shmem directly as a dbm via APR routines). Justin
10139N/A also thinks that the https filter logic may be sufficiently
10139N/A decoupled now, but isn't really sure.
10139N/A * Performance: Get the SINGLE_LISTEN_UNSERIALIZED_ACCEPT
10139N/A optimization working in worker. prefork's new design for how
10139N/A to notice data on the pod should be sufficient.
10139N/A * Performance & Debug: Eliminate most (and perhaps all) of the
10139N/A light weight memory management functions that allow freeing
14177N/A memory (putting it back into a memory pool) when it is no
14177N/A longer needed. Enabling simple debugging features like guard
14177N/A bands, double free detection, etc. would be cool but certainly
11965N/A Status: Cliff started to implement this using SMS as has
13931N/A been discussed at length for months, but since
11965N/A SMS is not being used anywhere else in the server,
11965N/A several people expressed the opinion that we should
11965N/A get rid of it entirely, meaning that the buckets
13931N/A need their own memory management (free list) functions.
11965N/A Cliff will implement that this weekend so we at least
11965N/A * Eliminate unnecessary creation of pipes in mod_cgid
11965N/A * the autoconf setup should be fixed to default to using the
13678N/A in a layout should be overridable on the command line. Plus,
13678N/A what we do right now just doesn't seem to fully fit into how autoconf
13678N/A works, eg. AC_PREFIX_DEFAULT issues.
13678N/A Message-ID: <Pine.BSF.4.20.0104031557420.20876-100000@alive.znep.com>
10139N/A * OS/2: Make mod_status work for spmt_os2 MPM.
10139N/A * Platforms that do not support fork (primarily Win32 and AS/400)
10139N/A Architect start-up code that avoids initializing all the modules
10139N/A in the parent process on platforms that do not support fork.
10139N/A would eliminate some code in the Win32 branch that essentially
13806N/A * There are still a number of places in the code where we are
13806N/A losing error status (
i.e. throwing away the error returned by a
13806N/A system call and replacing it with a generic error code)
10139N/A * Mass vhosting version of suEXEC.
13680N/A the dbmmanage employs the first-matched dbm format. This is not
13678N/A necessarily the library that Apache was built with. Aught to
10139N/A rewrite dbmmanage upon installation to bin/ with the proper library
10139N/A for predictable mod_auth_dbm administration.
10139N/A Questions; htdbm exists, time to kill dbmmanage, or does it remain
10139N/A useful as a perl dbm management example? If we keep it,
11933N/A Status: Greg +1 (low-priority volunteer)
10139N/A Justin says: "Seems like this is already there, so should we just
10139N/A remove the other DBM code in that file? If you want
10139N/A to use gdbm, or dbm, etc, you should tell apr-util."
10139N/A Will says: "bs - I may choose the fastest - most efficient native
10139N/A dbm implementation, for shared proc caches, ssl session
10139N/A caching, etc, but that has nothing to do with maintaining
13760N/A a userlist via dbm, which has to remain readable between
10139N/A for apr-util would let us do this with just apr, though."
10139N/A Ian says: "multi-dbm is in, but it still has ndbm support hardcoded
13760N/A is this still required? isn't ndbm supported via gdbm?"
10139N/A Some additional items remaining:
15288N/A - case_preserved_filename stuff
15288N/A (use the new canonical name stuff?)
15288N/A - find a new home for ap_text(_header)
15288N/A - is it possible to remove the DAV: namespace stuff from util_xml?
15288N/A * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
11161N/A are a bit wonky. The function should probably be exposed as a utility
11161N/A function (such as ap_translate_url2fs() or ap_validate_fs_url() or
11161N/A something). Another approach would be a new hook phase after
11161N/A "translate" which would allow the module to munge what the
10139N/A Status: Greg +1 (volunteers), Ryan +1
10139N/A calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
15238N/A ap_sort_hooks() [to reduce the logic in main()]
15238N/A * read the config tree just once, and process N times (as necessary)
13760N/A * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
13760N/A into a VirtualHost container) to 2.0.
10139N/A * callers of ap_run_create_request() should check the return value
10139N/A * Win32: Get Apache working on Windows 95/98. The following work
10139N/A - winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT
10139N/A specific code that is still not in NT only code paths
10139N/A - IOL binds to APR sendfile, implemented with TransmitFile, which
10139N/A - Document warning that OSR2 is required (for Crypt functions, in
10139N/A rand.c, at least.) This could be resolved with an SSL library, or
10139N/A actually works) and add in a splash of Win9x service code.
10139N/A * In order to use a DSO version of mod_ssl we have to link with
10139N/A -lssl and -lcrypto. A workaround is in place right now where the
10139N/A entire EXTRA_LIBS macro is being appended to the objects list, but
10139N/A this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
10139N/A autoconf function or come up with some other autoconf checks to
10139N/A search for libssl and libcrypto and properly add them to mod_ssl's
10139N/A * Make the worker MPM the default MPM for threaded Unix boxes.
10139N/A -0: Aaron (premature decision, needs more discussion), Lars
10139N/A -0: Cliff (I think the default config should be the safest possible)
10139N/A * Fix the worker MPM to use POD to kill child processes instead
10139N/A of ap_os_killpg, regardless of how they should die. (Ryan Bloom)
10139N/APRs that have been suspended forever waiting for someone to
11193N/Aput them into 'the next release':
10139N/A Additional status for XBitHack directive
10139N/A Mod_proxy doesn't allow change of error pages
10139N/A Modified PATH environemnt variable is not passed, instead
10139N/A Proxy doesn't deliver documents if not connected
10139N/A proxy converts ~name to %7Ename when name starts with a dot (.)
10139N/A mod_access syntax allows hosts that should be restricted
10139N/A ~UserHome directories are not honored in absolute pathname
10139N/A A smarter "Last Modified" value for SSI documents (see PR number 600)
10139N/A Request of "Options SymLinksIfGroupMatch"
10139N/A Proxy doesn't do links right for OpenVMS files through ftp:
10139N/A imap should read <MAP><AREA>*</MAP> too!
10139N/A RLimitCPU and RLimitMEM don't apply to all children like they should
10139N/A Uses cwd before filling it in, doesn't use syslog
10139N/A it is useful to allow specifiction that root-owned symlinks
10139N/A Controlling Access to Remote Proxies would be nice...
10139N/A Adding authentication "on the fly" through the proxy module
10139N/A request_config field in request_rec is moderately bogus
11904N/A DoS attacks involving memory consumption
11904N/A Logging of virtual server to error_log as well
10139N/A suexec does not parse arguments to #exec cmd
10139N/A Allow for Last-Modified: without resorting to XBitHack
10139N/A improvements to child spawning API
10139N/A ``nph-'' not honored (no buffering) for ProxyRemote mapping
10139N/A Apache cannot handle continuation line in headers
10139N/A setlogin() is not called, causing problems with
e.g. identd
12787N/A there is no way to keep per-connection per-module state
12787N/A Add frame-safe anchor attribute to mod_autoindex links
12787N/A CGI scripts running as Apache user: security (suexec etc.)
10139N/A Need to know "hit-rate" on proxy cache
10139N/A Selective url-encode of log fields (or maybe a pseudo
12741N/A I make mod_headers to modify request headers as well as
13691N/A ProxyRemote proxy requests fail authentication by firewall
11232N/A mod_rewrite forms REQUEST_URI different than mod_cgi does
10139N/A mod_headers should allow mod_log_config-style formats in
10139N/A mod_proxy to support persistent conns?
10139N/A patches to mod_include to allow for file tests
10139N/A Suggestion for improving authentication modules and core source
10139N/A code, problem with 401 and ErrorDocument
13725N/A Allow modules to set user:group for execution.
10139N/A pipelined connections are not logged correctly
10139N/A mod_rewrite doesn't pass Proxy Throughput on internal subrequests
12013N/A HTTP Server Rebuild Line Needs Changing for the better
10139N/A mod_status always displays 256 possible connection slots
10139N/A Make online documentation search link back to my installation
10139N/A Can not POST to ErrorDocument - Apache/1.3b6
10139N/A Status module averages are for entire uptime
10139N/A suexec for general access of user content?
10139N/A Proposal for TimeZone directive
10139N/A /server-info doesn't check for the virtual host to list the info
11925N/A problem specifying ndbm library for build ?with autoconfigure
13732N/A AllowOverride FileInfo is too coarse
13732N/A TimeOut applies to output of CGI scripts
10139N/A <IfDenied> directive wanted
10139N/A CGI's for general use still have to be run as another user
10139N/A Cache file names in Proxy module
10139N/A mailto tags and bundling bug report script
10139N/A Support for System Resource Controller
10139N/A When will Apache support P3P? Any Plans?
10139N/A Propose that Apache recommend $UNIQUE_ID for all "session id"
10139N/A suggestion: power up your Include directive :)
10139N/A No module specific data hook for per-connection data
10139N/A no way to set global quality-of-source (qs) coneg values
10139N/A Accessing URL through proxy server corrupts data.
10139N/A Some anonymous FTP URLs ask for authentication
10139N/A New ErrorDocumentMatch directive
10139N/A Need to be able to override shebang line to make CGI scripts
10139N/A "Files" and "FilesMatch" regexp does not recognize bang as
10139N/A Please allow CGI env variables (QUERY_STRING, ...) to be logged
15589N/A Suggestion for better handling of Last-modified headers
10139N/A mod_cgi prevents handling of OPTIONS requests
10139N/A [PATCH] install as win32 service with domain account
10139N/A Status: Cannot accept password-as-arg, we should prompt the
10139N/A user when -k install/-k config with a user argument.
10139N/A AllowOverride should have a 'CheckNone' and 'AllowNone' argument
10139N/A * MaxRequestsPerChild measures connections, not requests.
10139N/A Until someone has a better way, we'll probably just rename it
10139N/A * Regex containers don't work in an intutive way
10139N/A Status: No one has come up with an efficient way to fix this
10139N/A behavior. Dean has suggested getting rid of regex containers
10139N/A OtherBill suggests: We at least seem to agree on eliminating
10139N/A the <Container ~ foo> forms, and using only
10139N/A <ContainerMatch foo> semantics.
10139N/A * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
13704N/A sigwaiting thread. We need to work around this, perhaps unless
13704N/A there is hope soon for a fixed glibc.
10320N/A needed. Apache 1.3 just never stashed "multipart" into
10320N/A r->content_type. We should probably follow suit since the
12374N/A byterange stuff doesn't want the rest of the code to see the
12374N/A multipart content-type; the other code should still think it is
12374N/A dealing with the <orig_ct> stuff.
12374N/A Status: Greg volunteers to investigate (esp. since he was most
10697N/AOther features that need writing:
10697N/A * Finish infrastructure in core for async MPMs
10915N/A * TODO in source -- just do an egrep on "TODO" and see what's there
10915N/A * Jon Travis's <jtravis@covalent.net> patch to deal with thread-safe
12385N/A issues with inet_ntoa. See message <20001201163220.A12827@covalent.net>
12385N/A Status: This is being set aside until the IPv6 work is finished
12385N/A so that we know exactly what is required.
13360N/A * Martin Sojka <msojka@gmx.de>'s patch to add error reporting for failed
13360N/A htpasswd actions due to a full /tmp volume (other programs may have
12780N/A * Mike Abbott's <mja@trudge.engr.sgi.com> patches to improve
12780N/A Status: These were written for 1.3, and are awaiting a port to
12780N/A * Jim Winstead's <jimw@trainedmonkey.com> patch to add CookieDomain and
12780N/A other small mod_usertrack features
12780N/A * Dan Rench's <drench@xnet.com> patch to add allow the errmsg and timefmt
12780N/A of SSI's to be modified in the config file. Patch is available in
13092N/A * Which MPMs will be included with Apache 2.0?