STATUS revision 80464b326874ee15d74742ae39708ec3f2eae1d7
38dc50ae00a1ea57fa41500d74f4e818747e3cefpquernaAPACHE 2.3 STATUS: -*-text-*-
7d5ac94fda90b837211dadf2585c0fe8c5dc3e5djerenkrantzLast modified at [$Date$]
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantzThe current version of this file can be found at:
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
366616a5cc6212cbf7134ccf877f965d668c6b04wroweDocumentation status is maintained seperately and can be found at:
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * docs/STATUS in this source tree, or
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
366616a5cc6212cbf7134ccf877f965d668c6b04wroweConsult the following STATUS files for information on related projects:
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS
366616a5cc6212cbf7134ccf877f965d668c6b04wrowePatches considered for backport are noted in their branches' STATUS:
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x/STATUS
366616a5cc6212cbf7134ccf877f965d668c6b04wrowe * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
38dc50ae00a1ea57fa41500d74f4e818747e3cefpquerna * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantzRelease history:
80464b326874ee15d74742ae39708ec3f2eae1d7wrowe [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
80464b326874ee15d74742ae39708ec3f2eae1d7wrowe while x.{even}.z versions are Stable/GA releases.]
38dc50ae00a1ea57fa41500d74f4e818747e3cefpquerna 2.3.0 : in development
f610c7c704235bc327dbe9b62982f5b3f8e30a77wroweContributors looking for a mission:
2b8a78eefeba261ced96c3e57527d8ae3fce2f1aerikabele * Just do an egrep on "TODO" or "XXX" in the source.
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantz * Review the bug database at: http://issues.apache.org/bugzilla/
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantz * Review the "PatchAvailable" bugs in the bug database:
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantz http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
ecf8d72af432e53e4c0661fb99dfda8061507bfajerenkrantz After testing, you can append a comment saying "Reviewed and tested".
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive * Open bugs in the bug database.
4b62424416882687387923b3130b96241503cbe0jerenkrantzCURRENT RELEASE NOTES:
45b0e1c775c1cfed6473c9e5304179ccb9609f53stoddardRELEASE SHOWSTOPPERS:
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas * Handling of non-trailing / config by non-default handler is broken
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
47c81da11264e8870b146dbdf3ac0384d3290ae9jerenkrantz jerenkrantz asks: Why should this block a release?
0db0abcbe4211435c08e0c0e8f5daa278bed3524wsanchez wsanchez agrees: this may be a change in behavior, but isn't
0db0abcbe4211435c08e0c0e8f5daa278bed3524wsanchez clearly wrong, and even if so, it doesn't seem like a
0db0abcbe4211435c08e0c0e8f5daa278bed3524wsanchez showstopper.
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas * the edge connection filter cannot be removed
f6a9b598f78b2e745456bfc4bbc4afd2d1572aa9stas http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
47c81da11264e8870b146dbdf3ac0384d3290ae9jerenkrantz jerenkrantz asks: Why should this block a release?
d64eb0a76ec10c2405d14b892b0eb0f7ce27a613stas stas replies: because it requires a rewrite of the filters stack
d64eb0a76ec10c2405d14b892b0eb0f7ce27a613stas implementation (you have suggested that) and once 2.2 is
d64eb0a76ec10c2405d14b892b0eb0f7ce27a613stas released you can't do that anymore.
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantzCURRENT VOTES:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * If the parent process dies, should the remaining child processes
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "gracefully" self-terminate. Or maybe we should make it a runtime
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz option, or have a concept of 2 parent processes (one being a
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz "hot spare").
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars Self-destruct: Ken, Martin, Lars
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz Not self-destruct: BrianP, Ian, Cliff, BillS
7718f3d5b4da70eb063877f5300ee361435910f4nd Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim /* The below was a concept on *how* to handle the problem */
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim Have 2 parents: +1: jim
7718f3d5b4da70eb063877f5300ee361435910f4nd -1: Justin, wrowe, rederpj, nd
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars +0: Lars, Martin (while standing by, could it do
b9b0788ea79de3ee230ccb0abf93a0c2c08f6287lars something useful?)
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Make the worker MPM the default MPM for threaded Unix boxes.
7718f3d5b4da70eb063877f5300ee361435910f4nd +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd
1af5c0e25a649bb298e25ddfa5418fa18bdcb107aaron +0: BrianP, Aaron (mutex contention is looking better with the
38d2c5d41cdb5eb28668d0290b59f8c76ae2a4bfjim latest code, let's continue tuning and testing), rederpj, jim
771a4d2c4ebe8debc609ed7d65938c4b72b9d4cepquerna pquerna: Do we want to change this for 2.2?
1b3f48fd6b1ccb8745f908e40156c5a85ca3c347jerenkrantzRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
d96ee8cda2799e1f2743c1603adeb4833ed0e15fslive * Patches submitted to the bug database:
380584d22150608f50ca4ae8089efeb30794514ajerenkrantz http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
0723420d6007137272f4f140ffd17035b17c1563nd * Filter stacks and subrequests, redirects and fast redirects.
0723420d6007137272f4f140ffd17035b17c1563nd There's at least one PR that suffers from the current unclean behaviour
0723420d6007137272f4f140ffd17035b17c1563nd (which lets the server send garbage): PR 17629
0723420d6007137272f4f140ffd17035b17c1563nd nd says: Every subrequest should get its own filter stack with the
0723420d6007137272f4f140ffd17035b17c1563nd subreq_core filter as bottom-most. That filter does two things:
0723420d6007137272f4f140ffd17035b17c1563nd - swallow EOS buckets
0723420d6007137272f4f140ffd17035b17c1563nd - redirect the data stream to the upper request's (rr->main)
0723420d6007137272f4f140ffd17035b17c1563nd filter chain directly after the subrequest's starting
0723420d6007137272f4f140ffd17035b17c1563nd Once we have a clean solution, we can try to optimize
0723420d6007137272f4f140ffd17035b17c1563nd it, so that the server won't be slow down too much.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz * RFC 2616 violations.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz Closed PRs: 15857.
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz 16138, 16139, 16140, 16142, 16518, 16520, 16521,
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz jerenkrantz says: need to decide how many we need to backport and/or
016f2545c9375ec7fc5e9cb70aa1ae0cace83c98jerenkrantz if these rise to showstopper status.
56afb23a30271d30e87f225cce6c69969d6dd8bbwrowe wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
56afb23a30271d30e87f225cce6c69969d6dd8bbwrowe out of this list, without reviewing them individually.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * There is a bug in how we sort some hooks, at least the pre-config
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe hook. The first time we call the hooks, they are in the correct
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe order, but the second time, we don't sort them correctly. Currently,
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the modules/http/config.m4 file has been renamed to
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe modules/http/config2.m4 to work around this problem, it should moved
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe back when this is fixed.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe OtherBill offers that this is a SERIOUS problem. We do not sort
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe correctly by the ordering arguments passed to the register hook
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe functions. This was proven when I reordered the open_logs hook
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe to attempt to open the error logs prior to the access logs. Possibly
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the entire sorting code needs to be refactored.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * pipes deadlock on all platforms with limited pipe buffers (e.g. both
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe Linux and Win32, as opposed to only Win32 on 1.3). The right solution
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
c330021bf3f45cbf187fa644781e67f7e470a58awrowe for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe * All handlers should always send content down even if r->header_only
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe is set. If not, it means that the HEAD requests don't generate the
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe same headers as a GET which is wrong.
b05930e6008f69bd323abe0c10f81f40ffd27983brianp * exec cmd and suexec arg-passing enhancements
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Status: Patches proposed
b05930e6008f69bd323abe0c10f81f40ffd27983brianp Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
b05930e6008f69bd323abe0c10f81f40ffd27983brianp (see the "proc.patch" and "suexec-shell.patch" links in this message)
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley * The 2.0.36 worker MPM graceless shutdown changes work but are
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley a bit clunky on some platforms; eg, on Linux, the loop to
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley join each worker thread seems to hang, and the parent ends up
4c7dab038d90d7feb67ef8ddbfacc77be8c9dbf0jwoolley killing off the child with SIGKILL. But at least it shuts down.
8c8fbb8546af54582539898be704411a60058d85trawick * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
8c8fbb8546af54582539898be704411a60058d85trawick posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard * We do not properly substitute the prefix-variables in the configuration
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard scripts or generated-configs. (i.e. if sysconfdir is etc,
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard httpd-std.conf points to conf.)
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * If any request gets through ap_process_request_internal() and is
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe scheduled to be served by the core handler, without a flag that this
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe r->filename was tested by dir/file_walk, we need to 500 at the very
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe end of the ap_process_request_internal() processing so sub_req-esters
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe know this request cannot be run. This provides authors of older
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe modules better compatibility, while still improving the security and
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe robustness of 2.0.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Status: still need to decide where this goes, OtherBill comments...
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe [Deleted comments regarding the ap_run_handler phase, as irrelevant
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe as BillS points out that "common case will be caught in
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe default_handler already (with the r->finfo.filetype == 0 check)"
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe and the issue is detecting this -before- we try to run the req.]
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe gregames says: can this happen somehow without a broken module
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe being involved? If not, why waste cycles trying to defend against
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe potential broken modules? It seems futile.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe wrowe counters: no, it shouldn't happen unless the module is broken.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe But the right answer is to fail the request up-front in dir/file
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe walk if the path was entirely invalid; and we can't do that either
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb how the Perchild MPM should be re-written. It hasn't worked
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb correctly since filters were added because it wasn't possible to
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb get the content that had already been written and the socket at
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb the same time. This mode lets us do that, so the MPM can be
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz * Can a static httpd be built reliably?
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Message-ID: <20020207142751.T31582@clove.org>
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz removed if possible.
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
f881b8be216de36c6b964324c772450bca38a4e6trawick Jeff wonders if we still care about this. It is no longer an
f881b8be216de36c6b964324c772450bca38a4e6trawick API issue but simply an extra trip through the brigade.
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron * Get perchild to work on platforms other than Linux. This
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron will require a portable mechanism to pass data and file/socket
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron descriptors between vhost child groups. An API was proposed
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron on dev@apr:
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron Message-ID: <20020111115006.K1529@clove.org>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz * Try to get libtool inter-library dependency code working on AIX.
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Justin says: If we get it working on AIX, we can enable this
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz on all platforms and clean up our build system
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick Jeff says: I thought I tested a patch for you sometime in
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick January that you were going to commit within a few
54e1babd5a5a56c576eeeace54110150769cc916coar * Handling of %2f in URIs. Currently both 1.3 and 2.0
54e1babd5a5a56c576eeeace54110150769cc916coar completely disallow %2f in the request URI path (see
54e1babd5a5a56c576eeeace54110150769cc916coar ap_unescape_url() in util.c). It's permitted and passed
54e1babd5a5a56c576eeeace54110150769cc916coar through in the query string, however. Roy says the
54e1babd5a5a56c576eeeace54110150769cc916coar original reason for disallowing it, from five years ago,
54e1babd5a5a56c576eeeace54110150769cc916coar was to protect CGI scripts that applied PATH_INFO to
54e1babd5a5a56c576eeeace54110150769cc916coar a filesystem location and which might be tricked by
54e1babd5a5a56c576eeeace54110150769cc916coar ..%2f..%2f(...). We *should* allow path-info of the
54e1babd5a5a56c576eeeace54110150769cc916coar Since we've revamped a lot of our processing of path
54e1babd5a5a56c576eeeace54110150769cc916coar segments, it would be nice to allow this, or at least
54e1babd5a5a56c576eeeace54110150769cc916coar allow it conditionally with a directive.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe OtherBill adds that %2f as the SECOND character of a multibyte
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe sequence causes the request to fail! This happens notably in
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe the ja-jis encoding.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz * FreeBSD, threads, and worker MPM. All seems to work fine
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz if you only have one worker process with many threads. Add
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz a second worker process and the accept lock seems to be
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz lost. This might be an APR issue with how it deals with
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz the child_init hook (i.e. the fcntl lock needs to be resynced).
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz More examination and analysis is required.
2b93f4e3bba84578a57e5edcdb510071d2e79ed9pquerna Status: Works with FreeBSD 5.3. Does not work in previous versions.
2b93f4e3bba84578a57e5edcdb510071d2e79ed9pquerna This has also been reported on Cygwin.
4ca13a5e126946272f02637e268a8e09193c553ecoar * There is increasing demand from module writers for an API
4ca13a5e126946272f02637e268a8e09193c553ecoar that will allow them to control the server � la apachectl.
4ca13a5e126946272f02637e268a8e09193c553ecoar Reasons include sole-function servers that need to die if
4ca13a5e126946272f02637e268a8e09193c553ecoar an external dependency (e.g., a database) fails, et cetera.
4ca13a5e126946272f02637e268a8e09193c553ecoar Perhaps something in the (ever more abused) scoreboard?
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe On the other hand, we already have a pipe that goes between parent
48c0c81cd6fabac9d3386406d97633780365b839coar and child for graceful shutdown events, along with an API that
48c0c81cd6fabac9d3386406d97633780365b839coar can be used to send a message down that pipe. In threaded MPMs,
48c0c81cd6fabac9d3386406d97633780365b839coar it is easy enough to make that one pipe be used for graceful
48c0c81cd6fabac9d3386406d97633780365b839coar and graceless events, and it is also easy to open that pipe
48c0c81cd6fabac9d3386406d97633780365b839coar to both parent and child for writing. Then we just need to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar figure out how to do graceless on non-threaded MPMs.
b84f66c93f820824b1d5455181f55598b766319cwrowe * Allow the DocumentRoot directive within <Location > scopes? This
b84f66c93f820824b1d5455181f55598b766319cwrowe allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
b84f66c93f820824b1d5455181f55598b766319cwrowe by a <Directory /somepath/foo> to become simply
b84f66c93f820824b1d5455181f55598b766319cwrowe <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
7fe18c15b669db9d191859695901dc4fcf3829dawrowe and in-your-face.) DocumentRoot unset would be accepted [and would
7fe18c15b669db9d191859695901dc4fcf3829dawrowe not permit content to be served, only virtual resources such as
7fe18c15b669db9d191859695901dc4fcf3829dawrowe server-info or server-status.
cc22a72861c58dda7f3768613aec864e4c4e0353striker This proposed change would _not_ depricate Alias.
cc22a72861c58dda7f3768613aec864e4c4e0353striker striker: See the thread starting with Message-ID:
cc22a72861c58dda7f3768613aec864e4c4e0353striker JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Win32: Rotatelogs sometimes is not terminated when Apache
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe goes down hard. FirstBill was looking at possibly tracking the
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe child's-child processes in the parent process.
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe stoddard: Shared scoreboard might offer a good way for the parent
f610c7c704235bc327dbe9b62982f5b3f8e30a77wrowe to keep track of 'other child' processes and whack them if the child
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Other thoughts on walking the process chain using the NT kernel
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe have also been proposed on APR.
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard * Eliminate unnecessary creation of pipes in mod_cgid
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard * Combine log_child and piped_log_spawn. Clean up http_log.c.
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard Common logging API.
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard * Platforms that do not support fork (primarily Win32 and AS/400)
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb Architect start-up code that avoids initializing all the modules
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb in the parent process on platforms that do not support fork.
0bff2f28ef945280c17099c142126178a78e1e54manoj * There are still a number of places in the code where we are
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick losing error status (i.e. throwing away the error returned by a
0bff2f28ef945280c17099c142126178a78e1e54manoj system call and replacing it with a generic error code)
ff849e4163ed879288f0df15f78b6c9d278ec804fanf * Mass vhosting version of suEXEC.
447c6ce3ff08073c44f6785d5256271fcb877512wrowe * All DBMs suffer from confusion in support/dbmmanage (perl script) since
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar the dbmmanage employs the first-matched dbm format. This is not
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar necessarily the library that Apache was built with. Aught to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar rewrite dbmmanage upon installation to bin/ with the proper library
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar for predictable mod_auth_dbm administration.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe Questions; htdbm exists, time to kill dbmmanage, or does it remain
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe useful as a perl dbm management example? If we keep it,
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe do we address the issue above?
db3ccce11afac4fc1d4f51a65424412f7480c46cgstein * Integrate mod_dav.
dd4713dc5b186f4d1be7b88f86608fdb84cbe5d5gstein Some additional items remaining:
48c0c81cd6fabac9d3386406d97633780365b839coar - case_preserved_filename stuff
48c0c81cd6fabac9d3386406d97633780365b839coar (use the new canonical name stuff?)
48c0c81cd6fabac9d3386406d97633780365b839coar - find a new home for ap_text(_header)
48c0c81cd6fabac9d3386406d97633780365b839coar - is it possible to remove the DAV: namespace stuff from util_xml?
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick are a bit wonky. The function should probably be exposed as a utility
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick function (such as ap_translate_url2fs() or ap_validate_fs_url() or
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein something). Another approach would be a new hook phase after
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein "translate" which would allow the module to munge what the
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein translation has decided to do.
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe Status: Greg +1 (volunteers)
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * Explore use of a post-config hook for the code in http_main.c which
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein ap_sort_hooks() [to reduce the logic in main()]
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * read the config tree just once, and process N times (as necessary)
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj into a VirtualHost container) to 2.0.
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein * shift stuff to mod_core.h
2f728b2e8555fee1b7cc11e886488692f2575fbddougm * callers of ap_run_create_request() should check the return value
2f728b2e8555fee1b7cc11e886488692f2575fbddougm for failure (Doug volunteers)
27757f6699a924d4b493a1b6cceb27df27a43287dreid * Fix the worker MPM to use POD to kill child processes instead
b3b4e853e4958357ee2d50e2fe41effecfde9eedwrowe of ap_os_killpg, regardless of how they should die.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Scoreboard structures could be changed in the future such that
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick proper alignment is not maintained, leading to segfaults on
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick some systems. Cliff posted a patch to deal with this issue but
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick later recanted. See this message to dev@apr.apache.org:
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay * APXS either needs to be fixed completely for use when apr is out of tree,
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay or it should drop query mode altogether, and we just grow an
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay httpd-config or similar arrangement.
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay To quote a discussion in STATUS earlier:
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay thommay: this doesn't fix all the problems with apxs and out of
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay tree apr/apr-util, but it's a good start. There's still the
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay query cases; but I'm beginning to think that in these cases
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay the app should be querying ap{r,u}-config directly
05cd8b63829a8a9047076ffbce8dd6cd1cb2db92thommay gstein: agreed. apxs should deprecate the -q flag
9f95877e5e3f99a43eb6f3f632f87f144da3b8e6pquerna pquerna: I vote for a httpd-config, and to deprecate the -q flag.
1062c731b19eed1efa24e2229e8c3a34240846c6minfrin minfrin: +1 for httpd-config, and to deprecate -q.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wroweTODO ISSUES REMAINING IN MOD_SSL:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * In order to use a DSO version of mod_ssl we have to link with
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -lssl and -lcrypto. A workaround is in place right now where the
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe entire EXTRA_LIBS macro is being appended to the objects list, but
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe autoconf function or come up with some other autoconf checks to
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe search for libssl and libcrypto and properly add them to mod_ssl's
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe link flags.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSL renegotiations in combination with POST request
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Port or dispose all code inside #if 0...#endif blocks that remain
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe from the porting effort.
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Do we need SSL_set_read_ahead()?
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -in ssl_expr_comp() if SSLRequire is used in .htaccess
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_info is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe -is ssl_expr_eval() if there is an error
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe (ssl_expr_error is global)
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * SSLRequire directive (parsing of) leaks memory
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * Diffie-Hellman-Parameters for temporary keys are hardcoded in
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe "it is suggested that keys be changed daily or every 500
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe transactions, and more often if possible."
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_var_lookup could be rewritten to be MUCH faster
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * CRL callback should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * session cache store should be pluggable
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * init functions should return status code rather than ssl_die()
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * ssl_engine_pphrase.c needs to be reworked so it is generic enough
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe to also decrypt proxy keys
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe * the shmcb code should just align its memory segment rather than
28c4fe67d75f8f26504d75b7aa8dc5d868032888wrowe jumping through all the "safe" memcpy and memset hoops
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_proxy: Ability to run SSL over proxy gateway connections,
afbd720d176856630fed7c6576cdd3ae25a407edstoddard encrypting (or reencrypting) at the proxy.
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_cache: Handle ESI tags.
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz * mod_cache: Resolve issue of how to cache page fragements (or perhaps
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz -if- we want to cache page fragements). Today, mod_cache/mod_mem_cache
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz will cache #include 'virtual' requests (but not #include 'file'
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz requests). This was accomplished by making CACHE_IN a
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz filter. But now responses cannot be cached that include the
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz effects of having been run through CONTENT_SET filters
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz (mod_deflate, mod_expires, etc). We could rerun all the
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz CONTENT_SET filters on the cached response, but this will not
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz work in all cases. For example, mod_expires relies on installing
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz the EXPIRATION filter during fixups. Contents served out of
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz mod_cache (out of the quick_handler) bypass -all- the request
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz line server hooks (Ryan really hated this. It is great for
74def8815c725f8128a4e76ab1f5704df80b024ajerenkrantz performance, but bad because of the complications listed above).
afbd720d176856630fed7c6576cdd3ae25a407edstoddard * mod_mem_cache: Consider adding a RevalidateTimeout directive to
afbd720d176856630fed7c6576cdd3ae25a407edstoddard specify time at which local cached content is to be revalidated
afbd720d176856630fed7c6576cdd3ae25a407edstoddard (ie, underlying file stat'ed to see if it has changed).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
47c81da11264e8870b146dbdf3ac0384d3290ae9jerenkrantz jerenkrantz says: Too slow. Get regexs away from speedy caches by
47c81da11264e8870b146dbdf3ac0384d3290ae9jerenkrantz default. Introduce a new CacheEnableRegex if you want.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard * mod_mem_cache/mod_disk_cache: Need to be able to query cache
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard status (num of entries, cache object properties, etc.).
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_status could be extended to query optional hooks defined
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard by modules for the purpose of reporting module status.
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard mod_cache (et. al.) could define optional hooks that are called
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard to collect status. Status should be queryable by
ddd44b06b04507cae083c52451e28f54f0bdb5afstoddard HTTP or SNMP?
47c81da11264e8870b146dbdf3ac0384d3290ae9jerenkrantz jerenkrantz says: Yawn. Who cares.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * MaxRequestsPerChild measures connections, not requests.
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj Until someone has a better way, we'll probably just rename it
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj "MaxConnectionsPerChild".
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * Regex containers don't work in an intutive way
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj Status: No one has come up with an efficient way to fix this
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj behavior. Dean has suggested getting rid of regex containers
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj completely.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe OtherBill suggests: We at least seem to agree on eliminating
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe the <Container ~ foo> forms, and using only
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe <ContainerMatch foo> semantics.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein * orig_ct in the byterange/multipart handling may not be
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein needed. Apache 1.3 just never stashed "multipart" into
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein r->content_type. We should probably follow suit since the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein byterange stuff doesn't want the rest of the code to see the
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein multipart content-type; the other code should still think it is
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein dealing with the <orig_ct> stuff.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein Status: Greg volunteers to investigate (esp. since he was most
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein likely the one to break it :-)
62f7716b14b71603a8004434ca3536902bfb8899wroweEXPERIMENTAL MODULES:
62f7716b14b71603a8004434ca3536902bfb8899wrowe Experimental modules should eventually be be promoted to fully supported
62f7716b14b71603a8004434ca3536902bfb8899wrowe status or removed from the repository entirely (ie, the
62f7716b14b71603a8004434ca3536902bfb8899wrowe 'experiment' failed). This section tracks what needs to happen to
62f7716b14b71603a8004434ca3536902bfb8899wrowe get the modules promoted to fully supported status.