STATUS revision 771a4d2c4ebe8debc609ed7d65938c4b72b9d4ce
48c0c81cd6fabac9d3386406d97633780365b839coarAPACHE 2.1 STATUS: -*-text-*-
5c9a6bc911baa7cef34d64de59af1e8d6e09c13abrianpLast modified at [$Date: 2004/11/06 08:28:24 $]
2a6c49cfaef5979a5a06098f3ce987cd76769409manojRelease [NOTE that only Alpha/Beta releases occur in 2.1 development]:
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe 2.1.1 : Proposed roll on 11/14/2004 (around/after Hackathon).
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe Justin volunteers as RM.
4bc630d510cef730e37b9207e145267f473b4471striker 2.1.0 : in development
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolleyPlease consult the following STATUS files for information
dba571e5c5a2586c7e2b382789f3250136ff7577jwoolleyon related projects:
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wroweContributors looking for a mission:
d89c116f82699294ca744125723651c554bc5925wrowe * Just do an egrep on "TODO" or "XXX" in the source.
8721697e2aece27b0e738519329f7976c72b27bfjerenkrantz * Review the "PatchAvailable" bugs in the bug database.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe Append a comment saying "Reviewed and tested".
91cacb801f6c0215b38322f6d2fc58cbfedfecfbjerenkrantz * Open bugs in the bug database.
df14f0d3a5191cdd7c4bb5b03acd135d43a6f51brbbCURRENT RELEASE NOTES:
571760de5e60c0b459cb11be45507b923cd023eejwoolley * When the CVS->SVN is done, there's a bogus avendor branch that should be
571760de5e60c0b459cb11be45507b923cd023eejwoolley removed from most files. The branch was created 4/27/2004. It's safest
9180a5933673ffb1af633c255ceee029340f3b1erbb (and easiest) for now just to leave it in there; the MAIN branch and the
bcb6e1be6041dfeb549c8ea8d37f97ad4e90a0c3rbb APACHE_2_0_BRANCH are untouched and unharmed. --jwoolley
2900ab946a2d76b73a14cebfe2985d253f01c967stoddardRELEASE SHOWSTOPPERS:
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb * Convert httpd-2.x to Subversion. Yes, we've voted on this a billion
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb times on dev@httpd, but let's make this one official. Majority rules.
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein +1: jerenkrantz, pquerna
6f6f4a4bca281779d196acbdd5c017bb90858305trawick * Handling of non-trailing / config by non-default handler is broken
8dd4618c4709236b4ea297d7250d282e463ce2d8rbb http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
09bd86d0db1114ee23eda0a6eb76ca055877a1cftrawick jerenkrantz asks: Why should this block a release?
bd929c73ef04789b7183b840d8db6e01d03a4d86rbb * the edge connection filter cannot be removed
70f6f32765cfaadd6da8de6f0fea97ddd72d8fadmanoj http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj jerenkrantz asks: Why should this block a release?
af4c982a7cf4515f124935f99a329744035fc699sliveCURRENT VOTES:
af4c982a7cf4515f124935f99a329744035fc699slive * Promote mod_cache from experimental to non-experimental
af4c982a7cf4515f124935f99a329744035fc699slive status (keep issues noted below in EXPERIMENTAL MODULES as
af4c982a7cf4515f124935f99a329744035fc699slive items to be addressed as a supported module).
af4c982a7cf4515f124935f99a329744035fc699slive +1: jerenkrantz, pquerna
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe +0: jim, bnicholes
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe -1: stoddard
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe There are a couple of problems that need to be resolved
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe before this module is moved out of experimental.
10270f6f94b2069d0d357805c140a9897449b9ccianh 1) We need to at least review and comment on the RFC violations
4b62424416882687387923b3130b96241503cbe0jerenkrantz 2) Resolve issue of how to cache page fragements (or perhaps -if- we
5ca8e11fadb6f7a8d9d0367c1800205c99d4bcd6jerenkrantz want to cache page fragements). Today, mod_cache/mod_mem_cache
5ca8e11fadb6f7a8d9d0367c1800205c99d4bcd6jerenkrantz will cache #include 'virtual' requests (but not #include 'file'
45b0e1c775c1cfed6473c9e5304179ccb9609f53stoddard requests). This was accomplished by making CACHE_IN a
dbec4658981e4f9127e8676457c28d42932be7cdtrawick CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
1b7e9aeb9867a1c94e24e8ae491d2dfcd0d225e3jerenkrantz filter. But now responses cannot be cached that include the
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz effects of having been run through CONTENT_SET filters
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz (mod_deflate, mod_expires, etc). We could rerun all the
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe CONTENT_SET filters on the cached response, but this will not
5c9a6bc911baa7cef34d64de59af1e8d6e09c13abrianp work in all cases. For example, mod_expires relies on installing
5c9a6bc911baa7cef34d64de59af1e8d6e09c13abrianp the EXPIRATION filter during fixups. Contents served out of
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe mod_cache (out of the quick_handler) bypass -all- the request
5c9a6bc911baa7cef34d64de59af1e8d6e09c13abrianp line server hooks (Ryan really hated this. It is great for
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe performance, but bad because of the complications listed above).
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe jerenkrantz: I think it's time. We've done a *lot* of work to it, and
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe we think most of the blatant RFC violations are now gone.
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe mod_cache just belongs in cache/. There may still be bugs,
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe but not likely to be major ones. Note that I'm not moving
5f351d29253bc16eca80c0b43c271d9b256f8095aaron *anything* until we switch to SVN.
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe * httpd-std.conf and friends
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe a) httpd-std.conf should be tailored by install (from src or
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe binbuild) even if user has existing httpd.conf
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley, jim, nd,
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe wrowe - prefer httpd.default.conf to avoid ambiguity with cvs
5f351d29253bc16eca80c0b43c271d9b256f8095aaron b) tailored httpd-std.conf should be copied by install to
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe -0: striker
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe c) tailored httpd-std.conf should be installed to
5f351d29253bc16eca80c0b43c271d9b256f8095aaron +1: slive, trawick, Ken, nd (prefer the latter), erikabele
941cb476bf470040d0a33c397eb85c68d9d82d4djerenkrantz d) Installing a set of default config files when upgrading a server
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe doesn't make ANY sense at all.
4520f2a938626a879b33dac9fd940072b6c2bd42wrowe +1: ianh - medium/big sites don't use 'standard config' anyway, as it
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick usually needs major customizations
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick -1: Ken, wrowe, jwoolley, jim, nd, erikabele
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick wrowe - diff is wonderful when comparing old/new default configs,
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick even for customized sites that ianh mentions
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe jim - ... assuming that the default configs have been updated
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe with the required inline docs to explain the
418f39e60a288f855ec033b566744489c3bbbf39trawick * If the parent process dies, should the remaining child processes
cc22a72861c58dda7f3768613aec864e4c4e0353striker "gracefully" self-terminate. Or maybe we should make it a runtime
f95a0b59eb24c631f15bd83e20c6cf823c432d83trawick option, or have a concept of 2 parent processes (one being a
ddafc111b94558ef4e2d7357ceda623315566ce3slive "hot spare").
ddafc111b94558ef4e2d7357ceda623315566ce3slive See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
ddafc111b94558ef4e2d7357ceda623315566ce3slive Self-destruct: Ken, Martin, Lars
93f189f1198f539d3cfa75a15b23dcde60ee35ffrbb Not self-destruct: BrianP, Ian, Cliff, BillS
93f189f1198f539d3cfa75a15b23dcde60ee35ffrbb Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd
a4d9e6fdcd5d2ddd93a896b42a1d607ed258c316ianh /* The below was a concept on *how* to handle the problem */
a4d9e6fdcd5d2ddd93a896b42a1d607ed258c316ianh Have 2 parents: +1: jim
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe -1: Justin, wrowe, rederpj, nd
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe +0: Lars, Martin (while standing by, could it do
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe something useful?)
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Make the worker MPM the default MPM for threaded Unix boxes.
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz +0: BrianP, Aaron (mutex contention is looking better with the
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz latest code, let's continue tuning and testing), rederpj, jim
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz pquerna: Do we want to change this for 2.2?
13402b2193f52031b2acfbee2b0965e02f3f29b4wroweRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe * Patches submitted to the bug database:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz http://nagoya.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Filter stacks and subrequests, redirects and fast redirects.
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz There's at least one PR that suffers from the current unclean behaviour
13402b2193f52031b2acfbee2b0965e02f3f29b4wrowe (which lets the server send garbage): PR 17629
1af5c0e25a649bb298e25ddfa5418fa18bdcb107aaron nd says: Every subrequest should get its own filter stack with the
82455c2e3b6991846fbcbf0c9e41f57dbc681217brianp subreq_core filter as bottom-most. That filter does two things:
82455c2e3b6991846fbcbf0c9e41f57dbc681217brianp - swallow EOS buckets
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz - redirect the data stream to the upper request's (rr->main)
1b3f48fd6b1ccb8745f908e40156c5a85ca3c347jerenkrantz filter chain directly after the subrequest's starting
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe Once we have a clean solution, we can try to optimize
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe it, so that the server won't be slow down too much.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * RFC 2616 violations.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe Closed PRs: 15857.
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe 16138, 16139, 16140, 16142, 16518, 16520, 16521,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe jerenkrantz says: need to decide how many we need to backport and/or
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe if these rise to showstopper status.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe out of this list, without reviewing them individually.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * There is a bug in how we sort some hooks, at least the pre-config
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe hook. The first time we call the hooks, they are in the correct
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe order, but the second time, we don't sort them correctly. Currently,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the modules/http/config.m4 file has been renamed to
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe modules/http/config2.m4 to work around this problem, it should moved
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe back when this is fixed.
630f5fc1277582643fe0f831a4830e15127bd047jwoolley OtherBill offers that this is a SERIOUS problem. We do not sort
630f5fc1277582643fe0f831a4830e15127bd047jwoolley correctly by the ordering arguments passed to the register hook
630f5fc1277582643fe0f831a4830e15127bd047jwoolley functions. This was proven when I reordered the open_logs hook
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe to attempt to open the error logs prior to the access logs. Possibly
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the entire sorting code needs to be refactored.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * pipes deadlock on all platforms with limited pipe buffers (e.g. both
56b2562cb4041a21bc313fde3204beabdb758800jwoolley Linux and Win32, as opposed to only Win32 on 1.3). The right solution
56b2562cb4041a21bc313fde3204beabdb758800jwoolley is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
56b2562cb4041a21bc313fde3204beabdb758800jwoolley for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
56b2562cb4041a21bc313fde3204beabdb758800jwoolley * All handlers should always send content down even if r->header_only
56b2562cb4041a21bc313fde3204beabdb758800jwoolley is set. If not, it means that the HEAD requests don't generate the
56b2562cb4041a21bc313fde3204beabdb758800jwoolley same headers as a GET which is wrong.
f881b8be216de36c6b964324c772450bca38a4e6trawick * HP/UX 10.20: compile breakage in APR. Looks like it should be easy
f881b8be216de36c6b964324c772450bca38a4e6trawick to fix, probably just some extraneous #include's that are fouling
f881b8be216de36c6b964324c772450bca38a4e6trawick Jeff: See my reply and patch in the PR (and previous commit to
56b2562cb4041a21bc313fde3204beabdb758800jwoolley stop using "pipe" as a field name). If patch is committed, we
b05930e6008f69bd323abe0c10f81f40ffd27983brianp should be okay. I'll wait to see if the user tests the patch.
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Update by Jeff 20020722: I got an account on HP 10.20. It looks
b05930e6008f69bd323abe0c10f81f40ffd27983brianp like some of the APR thread detection is screwed up. If we find
b05930e6008f69bd323abe0c10f81f40ffd27983brianp pthread.h but we can't compile the pthread test program we still
b05930e6008f69bd323abe0c10f81f40ffd27983brianp think we can use threads. For that reason, the patch I posted
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley to the PR won't work as-is since a failed compile of the test
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley program means nothing.
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley * exec cmd and suexec arg-passing enhancements
bb2a72a6e2327ae4f177c9d26e9d433033cfc27eaaron Status: Patches proposed
8c8fbb8546af54582539898be704411a60058d85trawick Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
8c8fbb8546af54582539898be704411a60058d85trawick (see the "proc.patch" and "suexec-shell.patch" links in this message)
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard * The 2.0.36 worker MPM graceless shutdown changes work but are
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard a bit clunky on some platforms; eg, on Linux, the loop to
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard join each worker thread seems to hang, and the parent ends up
a23b1c5a74208b03884c09a6f9dd5d6c97fa6415trawick killing off the child with SIGKILL. But at least it shuts down.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * We do not properly substitute the prefix-variables in the configuration
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe scripts or generated-configs. (i.e. if sysconfdir is etc,
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe httpd-std.conf points to conf.)
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * If any request gets through ap_process_request_internal() and is
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe scheduled to be served by the core handler, without a flag that this
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe r->filename was tested by dir/file_walk, we need to 500 at the very
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe end of the ap_process_request_internal() processing so sub_req-esters
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe know this request cannot be run. This provides authors of older
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe modules better compatibility, while still improving the security and
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe robustness of 2.0.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Status: still need to decide where this goes, OtherBill comments...
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe [Deleted comments regarding the ap_run_handler phase, as irrelevant
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe as BillS points out that "common case will be caught in
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe default_handler already (with the r->finfo.filetype == 0 check)"
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe and the issue is detecting this -before- we try to run the req.]
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard gregames says: can this happen somehow without a broken module
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard being involved? If not, why waste cycles trying to defend against
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard potential broken modules? It seems futile.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb wrowe counters: no, it shouldn't happen unless the module is broken.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb But the right answer is to fail the request up-front in dir/file
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb walk if the path was entirely invalid; and we can't do that either
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb how the Perchild MPM should be re-written. It hasn't worked
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron correctly since filters were added because it wasn't possible to
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron get the content that had already been written and the socket at
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron the same time. This mode lets us do that, so the MPM can be
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron * Can a static httpd be built reliably?
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron Message-ID: <20020207142751.T31582@clove.org>
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * [Ken] Test suite failures:
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz o worker is also failing some of the 'cgi' subtests
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz (see <URL:http://Source-Zone.Org/Apache/regression/>):
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Justin says: "Worker should be fine and passes httpd-test here.
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz I think it's a perl or a httpd-test problem."
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz removed if possible.
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Jeff wonders if we still care about this. It is no longer an
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz API issue but simply an extra trip through the brigade.
f881b8be216de36c6b964324c772450bca38a4e6trawick * The Add...Filter and Set...Filter directives do not allow the
f881b8be216de36c6b964324c772450bca38a4e6trawick administrator to order filters, beyond the order of filename (mime)
dc098c7ce5d36179c504d09fc722d190683d0262aaron extensions. It isn't clear if Set...Filter(s) should be inserted
dc098c7ce5d36179c504d09fc722d190683d0262aaron before or after the Add...Filter(s) which are ordered by sequence of
dc098c7ce5d36179c504d09fc722d190683d0262aaron filename extensions. At minimum, some sort of +-[0-10] syntax seems
dc098c7ce5d36179c504d09fc722d190683d0262aaron like a nice solution. See ROADMAP.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * Get perchild to work on platforms other than Linux. This
dc098c7ce5d36179c504d09fc722d190683d0262aaron will require a portable mechanism to pass data and file/socket
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron descriptors between vhost child groups. An API was proposed
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron on dev@apr:
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron Message-ID: <20020111115006.K1529@clove.org>
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron * Try to get libtool inter-library dependency code working on AIX.
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Justin says: If we get it working on AIX, we can enable this
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz on all platforms and clean up our build system
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Jeff says: I thought I tested a patch for you sometime in
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz January that you were going to commit within a few
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick * Handling of %2f in URIs. Currently both 1.3 and 2.0
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz completely disallow %2f in the request URI path (see
54e1babd5a5a56c576eeeace54110150769cc916coar ap_unescape_url() in util.c). It's permitted and passed
54e1babd5a5a56c576eeeace54110150769cc916coar through in the query string, however. Roy says the
54e1babd5a5a56c576eeeace54110150769cc916coar original reason for disallowing it, from five years ago,
54e1babd5a5a56c576eeeace54110150769cc916coar was to protect CGI scripts that applied PATH_INFO to
54e1babd5a5a56c576eeeace54110150769cc916coar a filesystem location and which might be tricked by
54e1babd5a5a56c576eeeace54110150769cc916coar ..%2f..%2f(...). We *should* allow path-info of the
54e1babd5a5a56c576eeeace54110150769cc916coar Since we've revamped a lot of our processing of path
54e1babd5a5a56c576eeeace54110150769cc916coar segments, it would be nice to allow this, or at least
54e1babd5a5a56c576eeeace54110150769cc916coar allow it conditionally with a directive.
54e1babd5a5a56c576eeeace54110150769cc916coar OtherBill adds that %2f as the SECOND character of a multibyte
54e1babd5a5a56c576eeeace54110150769cc916coar sequence causes the request to fail! This happens notably in
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the ja-jis encoding.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * FreeBSD, threads, and worker MPM. All seems to work fine
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe if you only have one worker process with many threads. Add
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz a second worker process and the accept lock seems to be
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz lost. This might be an APR issue with how it deals with
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz the child_init hook (i.e. the fcntl lock needs to be resynced).
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz More examination and analysis is required.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz Status: This has also been reported on Cygwin.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz FreeBSD 4.7 was reputed to have 'fixed' threads. Not.
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar FreeBSD 5.2-RC is a confirmed fix w/either libkse or libthr.
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar [libc_r, still the default, does not serve any pages w/worker;
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz so on FreeBSD 5.2, you must use libmap.conf (see man page).]
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Work needs to be done to get APR to try to be knowledgable that
f126ee03179eb54308118f1ec3de5a7b461685d8aaron libkse/libthr are acceptable. Still not recommended for the
f126ee03179eb54308118f1ec3de5a7b461685d8aaron default since libc_r is still broken.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
f126ee03179eb54308118f1ec3de5a7b461685d8aaron * There is increasing demand from module writers for an API
f126ee03179eb54308118f1ec3de5a7b461685d8aaron that will allow them to control the server � la apachectl.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Reasons include sole-function servers that need to die if
f126ee03179eb54308118f1ec3de5a7b461685d8aaron an external dependency (e.g., a database) fails, et cetera.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Perhaps something in the (ever more abused) scoreboard?
f126ee03179eb54308118f1ec3de5a7b461685d8aaron On the other hand, we already have a pipe that goes between parent
f126ee03179eb54308118f1ec3de5a7b461685d8aaron and child for graceful shutdown events, along with an API that
f126ee03179eb54308118f1ec3de5a7b461685d8aaron can be used to send a message down that pipe. In threaded MPMs,
f126ee03179eb54308118f1ec3de5a7b461685d8aaron it is easy enough to make that one pipe be used for graceful
109faf633e12ab0bbdd602c7addc795cce59e8addreid and graceless events, and it is also easy to open that pipe
109faf633e12ab0bbdd602c7addc795cce59e8addreid to both parent and child for writing. Then we just need to
109faf633e12ab0bbdd602c7addc795cce59e8addreid figure out how to do graceless on non-threaded MPMs.
109faf633e12ab0bbdd602c7addc795cce59e8addreid * Allow the DocumentRoot directive within <Location > scopes? This
109faf633e12ab0bbdd602c7addc795cce59e8addreid allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
109faf633e12ab0bbdd602c7addc795cce59e8addreid by a <Directory /somepath/foo> to become simply
109faf633e12ab0bbdd602c7addc795cce59e8addreid <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
109faf633e12ab0bbdd602c7addc795cce59e8addreid and in-your-face.) DocumentRoot unset would be accepted [and would
109faf633e12ab0bbdd602c7addc795cce59e8addreid not permit content to be served, only virtual resources such as
109faf633e12ab0bbdd602c7addc795cce59e8addreid server-info or server-status.
109faf633e12ab0bbdd602c7addc795cce59e8addreid This proposed change would _not_ depricate Alias.
109faf633e12ab0bbdd602c7addc795cce59e8addreid striker: See the thread starting with Message-ID:
109faf633e12ab0bbdd602c7addc795cce59e8addreid JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
4ca13a5e126946272f02637e268a8e09193c553ecoar * Win32: Rotatelogs sometimes is not terminated when Apache
4ca13a5e126946272f02637e268a8e09193c553ecoar goes down hard. FirstBill was looking at possibly tracking the
4ca13a5e126946272f02637e268a8e09193c553ecoar child's-child processes in the parent process.
4ca13a5e126946272f02637e268a8e09193c553ecoar stoddard: Shared scoreboard might offer a good way for the parent
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe to keep track of 'other child' processes and whack them if the child
48c0c81cd6fabac9d3386406d97633780365b839coar Other thoughts on walking the process chain using the NT kernel
48c0c81cd6fabac9d3386406d97633780365b839coar have also been proposed on APR.
48c0c81cd6fabac9d3386406d97633780365b839coar * Eliminate unnecessary creation of pipes in mod_cgid
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar * Combine log_child and piped_log_spawn. Clean up http_log.c.
4ca13a5e126946272f02637e268a8e09193c553ecoar Common logging API.
b84f66c93f820824b1d5455181f55598b766319cwrowe * Platforms that do not support fork (primarily Win32 and AS/400)
b84f66c93f820824b1d5455181f55598b766319cwrowe Architect start-up code that avoids initializing all the modules
b84f66c93f820824b1d5455181f55598b766319cwrowe in the parent process on platforms that do not support fork.
7fe18c15b669db9d191859695901dc4fcf3829dawrowe * There are still a number of places in the code where we are
7fe18c15b669db9d191859695901dc4fcf3829dawrowe losing error status (i.e. throwing away the error returned by a
cc22a72861c58dda7f3768613aec864e4c4e0353striker system call and replacing it with a generic error code)
cc22a72861c58dda7f3768613aec864e4c4e0353striker * Mass vhosting version of suEXEC.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * All DBMs suffer from confusion in support/dbmmanage (perl script) since
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe the dbmmanage employs the first-matched dbm format. This is not
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe necessarily the library that Apache was built with. Aught to
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe rewrite dbmmanage upon installation to bin/ with the proper library
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe for predictable mod_auth_dbm administration.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe Questions; htdbm exists, time to kill dbmmanage, or does it remain
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe useful as a perl dbm management example? If we keep it,
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe do we address the issue above?
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard * Integrate mod_dav.
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard Some additional items remaining:
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard - case_preserved_filename stuff
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard (use the new canonical name stuff?)
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard - find a new home for ap_text(_header)
1c6fb1e726ce22694de0e9a957adb67b929e5d4fstoddard - is it possible to remove the DAV: namespace stuff from util_xml?
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb are a bit wonky. The function should probably be exposed as a utility
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb function (such as ap_translate_url2fs() or ap_validate_fs_url() or
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard something). Another approach would be a new hook phase after
0bff2f28ef945280c17099c142126178a78e1e54manoj "translate" which would allow the module to munge what the
0bff2f28ef945280c17099c142126178a78e1e54manoj translation has decided to do.
0bff2f28ef945280c17099c142126178a78e1e54manoj Status: Greg +1 (volunteers)
0bff2f28ef945280c17099c142126178a78e1e54manoj * Explore use of a post-config hook for the code in http_main.c which
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
0bff2f28ef945280c17099c142126178a78e1e54manoj ap_sort_hooks() [to reduce the logic in main()]
ff849e4163ed879288f0df15f78b6c9d278ec804fanf * read the config tree just once, and process N times (as necessary)
447c6ce3ff08073c44f6785d5256271fcb877512wrowe * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar into a VirtualHost container) to 2.0.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe * shift stuff to mod_core.h
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe * callers of ap_run_create_request() should check the return value
7fe18c15b669db9d191859695901dc4fcf3829dawrowe for failure (Doug volunteers)
dd4713dc5b186f4d1be7b88f86608fdb84cbe5d5gstein * Win32: Get Apache working on Windows 95/98. The following work
48c0c81cd6fabac9d3386406d97633780365b839coar (at least) needs to be done:
48c0c81cd6fabac9d3386406d97633780365b839coar - Document warning that OSR2 is required (for Crypt functions, in
48c0c81cd6fabac9d3386406d97633780365b839coar rand.c, at least.) This could be resolved with an SSL library, or
48c0c81cd6fabac9d3386406d97633780365b839coar randomization in APR itself.
db3ccce11afac4fc1d4f51a65424412f7480c46cgstein - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick actually works) and add in a splash of Win9x service code.
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick * Fix the worker MPM to use POD to kill child processes instead
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein of ap_os_killpg, regardless of how they should die.
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein * Scoreboard structures could be changed in the future such that
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe proper alignment is not maintained, leading to segfaults on
93c5cba06b623ebe8e4372e886eece12d9a80c3egstein some systems. Cliff posted a patch to deal with this issue but
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein later recanted. See this message to dev@apr.apache.org:
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * When sufficiently tested, the AllowEncodedSlashes/%2f patch
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein needs to be backported to 2.0 and 1.3.
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein * APXS either needs to be fixed completely for use when apr is out of tree,
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj or it should drop query mode altogether, and we just grow an
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj httpd-config or similar arrangement.
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj To quote a discussion in STATUS earlier:
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein thommay: this doesn't fix all the problems with apxs and out of
2f728b2e8555fee1b7cc11e886488692f2575fbddougm tree apr/apr-util, but it's a good start. There's still the
2f728b2e8555fee1b7cc11e886488692f2575fbddougm query cases; but I'm beginning to think that in these cases
2f728b2e8555fee1b7cc11e886488692f2575fbddougm the app should be querying ap{r,u}-config directly
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe gstein: agreed. apxs should deprecate the -q flag
60d567a0c2aae815ee6fc20c0d65032bea52c92cwroweTODO ISSUES REMAINING IN MOD_SSL:
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * In order to use a DSO version of mod_ssl we have to link with
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe -lssl and -lcrypto. A workaround is in place right now where the
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe entire EXTRA_LIBS macro is being appended to the objects list, but
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
27757f6699a924d4b493a1b6cceb27df27a43287dreid autoconf function or come up with some other autoconf checks to
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe search for libssl and libcrypto and properly add them to mod_ssl's
27757f6699a924d4b493a1b6cceb27df27a43287dreid link flags.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * SSL renegotiations in combination with POST request
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Port or dispose all code inside #if 0...#endif blocks that remain
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick from the porting effort.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * Do we need SSL_set_read_ahead()?
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -in ssl_expr_comp() if SSLRequire is used in .htaccess
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_info is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -is ssl_expr_eval() if there is an error
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_error is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSLRequire directive (parsing of) leaks memory
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Diffie-Hellman-Parameters for temporary keys are hardcoded in
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe "it is suggested that keys be changed daily or every 500
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe transactions, and more often if possible."
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_var_lookup could be rewritten to be MUCH faster
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * CRL callback should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * session cache store should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * init functions should return status code rather than ssl_die()
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_engine_pphrase.c needs to be reworked so it is generic enough
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe to also decrypt proxy keys
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the shmcb code should just align its memory segment rather than
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe jumping through all the "safe" memcpy and memset hoops
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * mod_proxy performance: when mod_proxy is configured to do proxy
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe gateway (aka reverse proxy), it would be nice to be able to reuse
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe connections to the backend servers. Now, connections to the
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe backend servers are taken down when the corresponding frontend
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe connection is taken down.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * mod_proxy: Ability to run SSL over proxy gateway connections,
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe encrypting (or reencrypting) at the proxy.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * mod_proxy: Add capability of mod_proxy to load balance across
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe a farm of backend servers.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * mod_cache: Handle ESI tags.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wroweEXPERIMENTAL MODULES:
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard Experimental modules should eventually be be promoted to fully supported
f881b8be216de36c6b964324c772450bca38a4e6trawick status or removed from the repository entirely (ie, the
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard 'experiment' failed). This section tracks what needs to happen to
6f1e2a1eb9944358dc96ee52f2048377c57f1cfaaaron get the modules promoted to fully supported status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache: Consider adding a RevalidateTimeout directive to
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard specify time at which local cached content is to be revalidated
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard (ie, underlying file stat'ed to see if it has changed).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard jerenkrantz says: Too slow. Get regexs away from speedy caches by
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard default. Introduce a new CacheEnableRegex if you want.
c408915e2a85fedc520e97e96abda8f61aafc804stoddard * mod_cache: Fix dependency on ATOMIC operators. Need
c408915e2a85fedc520e97e96abda8f61aafc804stoddard APR_HAS_ATOMIC_* feature macros.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard jerenkrantz says: APR 1.0+ has some guaranteed form of atomics.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache/mod_disk_cache: Need to be able to query cache
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard status (num of entries, cache object properties, etc.).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_status could be extended to query optional hooks defined
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard by modules for the purpose of reporting module status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_cache (et. al.) could define optional hooks that are called
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard to collect status. Status should be queryable by
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard HTTP or SNMP?
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard jerenkrantz says: Yawn. Who cares.
a32ddb6cabb635ca29ccff87f8bf5c6af3b78ecfstoddardPRs that have been suspended forever waiting for someone to
a32ddb6cabb635ca29ccff87f8bf5c6af3b78ecfstoddardput them into 'the next release':
a32ddb6cabb635ca29ccff87f8bf5c6af3b78ecfstoddard * documentation and Q&A
951342b69609b2b45303f89f91275676d5325217bnicholes PR#2221: Make online documentation search link back to my installation
951342b69609b2b45303f89f91275676d5325217bnicholes PR#2906: Propose that Apache recommend $UNIQUE_ID for all "session id"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2793: When will Apache support P3P? Any Plans?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2113: HTTP Server Rebuild Line Needs Changing for the better
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2421: problem specifying ndbm library for build ?with autoconfigure
48c0c81cd6fabac9d3386406d97633780365b839coar PR#76: missing call to "setlocale();"
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#628: Request of "Options SymLinksIfGroupMatch"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#793: RLimitCPU and RLimitMEM don't apply to all children like they should
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#922: it is useful to allow specifiction that root-owned symlinks
7787343a549c7309035b3b7836e00edb6e3a915ewrowe should always be followed
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1028: DoS attacks involving memory consumption
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1191: setlogin() is not called, causing problems with e.g. identd
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1204: regerror() exists, use it
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2284: Can not POST to ErrorDocument - Apache/1.3b6
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2396: Proposal for TimeZone directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2446: AllowOverride FileInfo is too coarse
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2760: [PATCH] User/Group for <Directory> and <Location> i.e. not only
48c0c81cd6fabac9d3386406d97633780365b839coar in global and <Virtual>.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2907: suggestion: power up your Include directive :)
48c0c81cd6fabac9d3386406d97633780365b839coar PR#3018: cannot limit some HTTP methods
48c0c81cd6fabac9d3386406d97633780365b839coar PR#3677: New ErrorDocumentMatch directive
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4244: "Files" and "FilesMatch" regexp does not recognize bang as
48c0c81cd6fabac9d3386406d97633780365b839coar negation operator
48c0c81cd6fabac9d3386406d97633780365b839coar PR#5993: AllowOverride should have a 'CheckNone' and 'AllowNone' argument
64ad864fa0f4493eebb181e393b40a8a90beccb9coar instead of only 'None'
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_access
48c0c81cd6fabac9d3386406d97633780365b839coar PR#537: mod_access syntax allows hosts that should be restricted
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1287: add allow,deny/deny,allow warning to mod_access
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2512: <IfDenied> directive wanted
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_auth-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#557: ~UserHome directories are not honored in absolute pathname
7787343a549c7309035b3b7836e00edb6e3a915ewrowe requests (.htaccess)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1117: Using NIS passwd.byname dbm files with AuthDBMUserFile
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1809: Suggestion for improving authentication modules and core source
48c0c81cd6fabac9d3386406d97633780365b839coar code, problem with 401 and ErrorDocument
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_autoindex
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1263: Add frame-safe anchor attribute to mod_autoindex links
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_cgi (and suexec)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#921: suexec Uses cwd before filling it in, doesn't use syslog
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1176: Apache cannot handle continuation line in headers
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1120: suexec does not parse arguments to #exec cmd
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1268: CGI scripts running as Apache user: security (suexec etc.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1285: Error messages could be easier to spot in cgi.log file for suexec.c
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1905: suexec - Allow modules to set user:group for execution.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2360: suexec for general access of user content?
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2460: TimeOut applies to output of CGI scripts
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2573: CGI's for general use still have to be run as another user
48c0c81cd6fabac9d3386406d97633780365b839coar with suExec
48c0c81cd6fabac9d3386406d97633780365b839coar PR#4241: Need to be able to override shebang line to make CGI scripts
64ad864fa0f4493eebb181e393b40a8a90beccb9coar more portable.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#4490: mod_cgi prevents handling of OPTIONS requests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#370: Modified PATH environemnt variable is not passed, instead
48c0c81cd6fabac9d3386406d97633780365b839coar system's is used
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_headers
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1383: I make mod_headers to modify request headers as well as
7787343a549c7309035b3b7836e00edb6e3a915ewrowe response ones.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1677: mod_headers should allow mod_log_config-style formats in
7787343a549c7309035b3b7836e00edb6e3a915ewrowe header values
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_imap
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#759: imap should read <MAP><AREA>*</MAP> too!
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_include
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#78: Additional status for XBitHack directive
48c0c81cd6fabac9d3386406d97633780365b839coar PR#623: A smarter "Last Modified" value for SSI documents (see PR number 600)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1145: mod_include
7787343a549c7309035b3b7836e00edb6e3a915ewrowe Allow for Last-Modified: without resorting to XBitHack
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1803: patches to mod_include to allow for file tests
48c0c81cd6fabac9d3386406d97633780365b839coar PR#4459: Suggestion for better handling of Last-modified headers
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_log-any
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1050: Logging of virtual server to error_log as well
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1358: Selective url-encode of log fields (or maybe a pseudo
7787343a549c7309035b3b7836e00edb6e3a915ewrowe log_rewrite module?)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2073: pipelined connections are not logged correctly
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#4448: Please allow CGI env variables (QUERY_STRING, ...) to be logged
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_negotiation
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3191: no way to set global quality-of-source (qs) coneg values
7787343a549c7309035b3b7836e00edb6e3a915ewrowe with multiviews
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_proxy
48c0c81cd6fabac9d3386406d97633780365b839coar PR#362: Mod_proxy doesn't allow change of error pages
48c0c81cd6fabac9d3386406d97633780365b839coar PR#440: Proxy doesn't deliver documents if not connected
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#534: proxy converts ~name to %7Ename when name starts with a dot (.)
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#612: Proxy FTP Authentication Fails
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#700: Proxy doesn't do links right for OpenVMS files through ftp:
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#980: Controlling Access to Remote Proxies would be nice...
48c0c81cd6fabac9d3386406d97633780365b839coar PR#994: Adding authentication "on the fly" through the proxy module
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1085: ProxyRemote make a dead cycle.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1166: ``nph-'' not honored (no buffering) for ProxyRemote mapping
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1290: Need to know "hit-rate" on proxy cache
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1532: Proxy transfer logging
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1547: No HTTP_X_FORWARDED_FOR set...
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1567: ProxyRemote proxy requests fail authentication by firewall
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1702: mod_proxy to support persistent conns?
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1878: listing of proxy cache content
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2314: patterns in ProxyRemote
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2648: Cache file names in Proxy module
48c0c81cd6fabac9d3386406d97633780365b839coar PR#3568: Accessing URL through proxy server corrupts data.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#3605: Some anonymous FTP URLs ask for authentication
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_rewrite
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1582: mod_rewrite forms REQUEST_URI different than mod_cgi does
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2074: mod_rewrite doesn't pass Proxy Throughput on internal subrequests
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * mod_status
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2138: mod_status always displays 256 possible connection slots
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2343: Status module averages are for entire uptime
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * apache-api
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#1004: request_config field in request_rec is moderately bogus
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1158: improvements to child spawning API
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1233: there is no way to keep per-connection per-module state
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2024: adding auth_why to conn_rec
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2873: Feedback/Comment on APACI
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#3143: No module specific data hook for per-connection data
48c0c81cd6fabac9d3386406d97633780365b839coar * generally odds and ends
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2431: A small addition to rotatelogs.c to improve program functionality.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2763: mailto tags and bundling bug report script
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2785: os-aix Support for System Resource Controller
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#2889: Inclusion of RPM spec file in CVS/distributions
7787343a549c7309035b3b7836e00edb6e3a915ewrowe PR#5713: os-windows [PATCH] install as win32 service with domain account
48c0c81cd6fabac9d3386406d97633780365b839coar Status: Cannot accept password-as-arg, we should prompt the
64ad864fa0f4493eebb181e393b40a8a90beccb9coar user when -k install/-k config with a user argument.
48c0c81cd6fabac9d3386406d97633780365b839coarOther bugs that need fixing:
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * ap_discard_request should be converted to use the bucket API
48c0c81cd6fabac9d3386406d97633780365b839coar directly rather than waste cycles copying buffers with the old API.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * MaxRequestsPerChild measures connections, not requests.
7787343a549c7309035b3b7836e00edb6e3a915ewrowe Until someone has a better way, we'll probably just rename it
7787343a549c7309035b3b7836e00edb6e3a915ewrowe "MaxConnectionsPerChild".
7787343a549c7309035b3b7836e00edb6e3a915ewrowe * Regex containers don't work in an intutive way
7787343a549c7309035b3b7836e00edb6e3a915ewrowe Status: No one has come up with an efficient way to fix this
7787343a549c7309035b3b7836e00edb6e3a915ewrowe behavior. Dean has suggested getting rid of regex containers
48c0c81cd6fabac9d3386406d97633780365b839coar completely.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe OtherBill suggests: We at least seem to agree on eliminating
64ad864fa0f4493eebb181e393b40a8a90beccb9coar the <Container ~ foo> forms, and using only
7787343a549c7309035b3b7836e00edb6e3a915ewrowe <ContainerMatch foo> semantics.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj sigwaiting thread. We need to work around this, perhaps unless
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding there is hope soon for a fixed glibc.
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding * orig_ct in the byterange/multipart handling may not be
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj needed. Apache 1.3 just never stashed "multipart" into
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj r->content_type. We should probably follow suit since the
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj byterange stuff doesn't want the rest of the code to see the
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj multipart content-type; the other code should still think it is
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj dealing with the <orig_ct> stuff.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj Status: Greg volunteers to investigate (esp. since he was most
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj likely the one to break it :-)
6758b07b4b79f898b0f56375016cea7da0bfb495wroweBinaries (probably not till beta):
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe Platform Avail. Volunteer
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj ------------------------------------------------------------------
0bff2f28ef945280c17099c142126178a78e1e54manoj AIX 4.3.3 no Bill Stoddard
0bff2f28ef945280c17099c142126178a78e1e54manoj Mandrake 8.1 no open
0bff2f28ef945280c17099c142126178a78e1e54manoj FreeBSD 4.1 no open
d6b3cb141f0667101c1bca883ad15b383402c93bfielding hppa2.0w-hp-hpux11.00 no Cliff Woolley
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i386-pc-solaris2.8 no Aaron Bannert
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i386-unknown-freebsd4.5 no
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i386-unknown-freebsd4.6 no Cliff Woolley
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i686-pc-linux-gnu-slackware81 no Cliff Woolley
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i686-pc-linux-gnu-rh70 no Aaron Bannert
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein i686-pc-linux-gnu-rh73 no Cliff Woolley
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein ia64-hp-hpux11.20 no
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein powerpc-apple-darwin5.5 no Aaron Bannert
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein powerpc-unknown-linux-gnu no Graham Leggett
9a93784d34c322d1996e8a7b794a75230eac81a4wrowe s390-ibm-linux no Greg Ames
92d75991039fc1155961044d642816b4c0323687aaron sparc-sun-solaris2.8 no Jim Jagielski
92d75991039fc1155961044d642816b4c0323687aaron NetWare no Brad Nicholes
92d75991039fc1155961044d642816b4c0323687aaron OS/2 no Brian Havard
d9ca73cb0e701d10a94734a2ce553d9a1c906b8baaron OS/390 no Greg Ames
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe Win32-x86 no William Rowe