STATUS revision 99665be7f22b9e3421bd698bd731f82ab0deb827
73579c435f9f6c2670c4391114368a2eedaf8ebfrbbAPACHE 2.3 STATUS: -*-text-*-
01f61931c658183042469eb02fd3f61e4e643a6atrawickLast modified at [$Date$]
aa616c3b5a4aa59867472cddf7d8e63693808f0erederpjThe current version of this file can be found at:
aa616c3b5a4aa59867472cddf7d8e63693808f0erederpj * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
80e9324586de2fa55e2da4df409e6a85885ea659fieldingDocumentation status is maintained seperately and can be found at:
bacd210652b4559c2597f62e1d41ccbde92acdfafielding * docs/STATUS in this source tree, or
80e9324586de2fa55e2da4df409e6a85885ea659fielding * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
4682cf97ee2eca42a7222e0113ebacf5ef70c4efrbbConsult the following STATUS files for information on related projects:
9f7fc4627b7d98f6f6955ad6cf0cec5a3e1c4debfielding * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS
9f7fc4627b7d98f6f6955ad6cf0cec5a3e1c4debfielding * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS
1702068419e130e99f021228659597c1ec658edcchuckPatches considered for backport are noted in their branches' STATUS:
1702068419e130e99f021228659597c1ec658edcchuck * http://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x/STATUS
1702068419e130e99f021228659597c1ec658edcchuck * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
01f61931c658183042469eb02fd3f61e4e643a6atrawick * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
01f61931c658183042469eb02fd3f61e4e643a6atrawickRelease history:
7ae8bc63caa2292341a22235223ff1ed17ac02aestoddard [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
7ae8bc63caa2292341a22235223ff1ed17ac02aestoddard while x.{even}.z versions are Stable/GA releases.]
7ae8bc63caa2292341a22235223ff1ed17ac02aestoddard 2.3.9 : In Development. Jim proposes T&R ~ November 14
7ae8bc63caa2292341a22235223ff1ed17ac02aestoddard 2.3.8 : Tagged on August 24, 2010.
7ae8bc63caa2292341a22235223ff1ed17ac02aestoddard 2.3.7 : Tagged on August 19, 2010, not released.
a70c3ad07126101795f5a988e86c88a699b297cerederpj 2.3.6 : Released on June 21, 2010.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.5 : Released on January 26, 2010.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.4 : Released on December 8, 2009.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.3 : Tagged on November 11, 2009, not released.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.2 : Tagged on March 23, 2009, not released.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.1 : Tagged on January 2, 2009, not released.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbb 2.3.0 : Tagged on December 6, 2008, not released.
23851fdc3ee2eac45ebb85f400a5d719656dfa22rbbContributors looking for a mission:
105475009f541187ba7a14a367547d9404c578befielding * Just do an egrep on "TODO" or "XXX" in the source.
105475009f541187ba7a14a367547d9404c578befielding * Review the bug database at: http://issues.apache.org/bugzilla/
105475009f541187ba7a14a367547d9404c578befielding * Review the "PatchAvailable" bugs in the bug database:
105475009f541187ba7a14a367547d9404c578befielding https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
b90c64e517df3fe1c97806830f84a30362187f0afielding After testing, you can append a comment saying "Reviewed and tested".
b90c64e517df3fe1c97806830f84a30362187f0afielding * Open bugs in the bug database.
6ff63662058d5891fc110f8b357a3604d7f7deb3trawick * See also the STATUS file in the docs/ directory, which lists documentation-specific TODO items.
c4be1ca9db22140f3788166f0195304e2fe4743bgregamesCURRENT RELEASE NOTES:
8019a211b7453e80e6e22db6d41fe68dd7f8c4b8fieldingRELEASE SHOWSTOPPERS:
a70c3ad07126101795f5a988e86c88a699b297cerederpj * Modules that are not ready for production use should be marked as
a70c3ad07126101795f5a988e86c88a699b297cerederpj experimental. Candidates:
a70c3ad07126101795f5a988e86c88a699b297cerederpj - MPM simple
357b3c68d77f4187bf6be49c248b90ba50b98f4agregames * Review the example configuration. It should be based on current best
a3a9ceac1bc30598c594c89e1382609496b7752brbb practices and not use deprecated features.
a3a9ceac1bc30598c594c89e1382609496b7752brbb * Modules without documentation need to be moved to experimental or be
25e17566bc9005778707317c8919c610513a4418stoddard * Not all MPMs are updated to set conn_rec::current_thread correctly.
25e17566bc9005778707317c8919c610513a4418stoddard (Prefork, Worker, Event, Simple are updated).
25e17566bc9005778707317c8919c610513a4418stoddard jim sez: Then we just ship with those... mark any others as
25e17566bc9005778707317c8919c610513a4418stoddard experimental
25e17566bc9005778707317c8919c610513a4418stoddard FOR NEXT ALPHA:
44ea927aaaa7c419de1c824beb01b26216f387c3dougm * The mod_session* modules need to be checked that their hooks respect
44ea927aaaa7c419de1c824beb01b26216f387c3dougm the returning of int (HTTP status codes) and apr_status_t as appropriate,
44ea927aaaa7c419de1c824beb01b26216f387c3dougm and any anomolies fixed.
a601a32cec653022741d22b5d692b6afd6c4dc55trawick OLD ISSUES THAT WERE THOUGHT TO BE SHOWSTOPPERS FOR 2.2 BUT OBVIOUSLY WEREN'T:
a601a32cec653022741d22b5d692b6afd6c4dc55trawick * Handling of non-trailing / config by non-default handler is broken
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb jerenkrantz asks: Why should this block a release?
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb wsanchez agrees: this may be a change in behavior, but isn't
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb clearly wrong, and even if so, it doesn't seem like a
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb showstopper.
73579c435f9f6c2670c4391114368a2eedaf8ebfrbb * the edge connection filter cannot be removed
decf1efd1558ed0d2562e2f4f2dd741dcc0c392crbb http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
6202bc12656548c624a235bf43d6c866719b2b06rbb jerenkrantz asks: Why should this block a release?
6202bc12656548c624a235bf43d6c866719b2b06rbb stas replies: because it requires a rewrite of the filters stack
6202bc12656548c624a235bf43d6c866719b2b06rbb implementation (you have suggested that) and once 2.2 is
6202bc12656548c624a235bf43d6c866719b2b06rbb released you can't do that anymore.
bf6fc76bb2af745a68396e793d5d51a135a35f54rederpj pgollucci: this affects mod_perl I'm pretty sure.
bf6fc76bb2af745a68396e793d5d51a135a35f54rederpjCURRENT VOTES:
bf6fc76bb2af745a68396e793d5d51a135a35f54rederpj * Name the Server (version 2.4 or 3.0, depending on the final call)
bf6fc76bb2af745a68396e793d5d51a135a35f54rederpj Recent discussion indicates we should designate a (short name).
4f110a6b1eb8b6a88a2a0c804cf699062f67f708rbb This is not yet a [Vote] - Your nominations please:
4f110a6b1eb8b6a88a2a0c804cf699062f67f708rbb * Apache HTTP Server (httpd)
4f110a6b1eb8b6a88a2a0c804cf699062f67f708rbb +1: sctemme (why mess with it?)
4f110a6b1eb8b6a88a2a0c804cf699062f67f708rbbRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
7aae0c3ef8e7f18f57e2712815c7b48358e5ff68rbb * Maybe remove Limit/LimitExcept or at least make it log warnings when
d353d275978f11f5221110e8f954d09d03ec5e3arbb * Sort out modules selections for most/all/reallyall. Maybe rename
d353d275978f11f5221110e8f954d09d03ec5e3arbb all -> most, reallyall -> all, and remove the old 'most'.
20fb0ba160cf0ca91b3f0f0d552cbe60d92b0449fielding * Add mod_define.
20fb0ba160cf0ca91b3f0f0d552cbe60d92b0449fielding * Patches submitted to the bug database:
66f62d70d05d9011c6ac59d5cd10a24e452fa1b3rbb http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
66f62d70d05d9011c6ac59d5cd10a24e452fa1b3rbb * Filter stacks and subrequests, redirects and fast redirects.
66f62d70d05d9011c6ac59d5cd10a24e452fa1b3rbb There's at least one PR that suffers from the current unclean behaviour
9832ee60b23ca2a3faa403bbe88720815969a9fefielding (which lets the server send garbage): PR 17629
9832ee60b23ca2a3faa403bbe88720815969a9fefielding nd says: Every subrequest should get its own filter stack with the
9832ee60b23ca2a3faa403bbe88720815969a9fefielding subreq_core filter as bottom-most. That filter does two things:
dd6d55810261b3c26c4a2ec2e089c031beb1d44dgregames - swallow EOS buckets
dd6d55810261b3c26c4a2ec2e089c031beb1d44dgregames - redirect the data stream to the upper request's (rr->main)
dd6d55810261b3c26c4a2ec2e089c031beb1d44dgregames filter chain directly after the subrequest's starting
ee25ccdf4aa79a7a7f2dfc13fc118f0a343422fcwrowe Once we have a clean solution, we can try to optimize
ee25ccdf4aa79a7a7f2dfc13fc118f0a343422fcwrowe it, so that the server won't be slow down too much.
90a8cab05f4d949dd1317df7e19a2f787c46a5f6rbb * RFC 2616 violations.
90a8cab05f4d949dd1317df7e19a2f787c46a5f6rbb Closed PRs: 15852, 15857, 15859, 15861, 15864, 15869, 15870, 16120,
90a8cab05f4d949dd1317df7e19a2f787c46a5f6rbb 16125, 16135, 16136, 16137, 16138, 16139, 16140, 16518,
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb 16520, 42978, 49825
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb Open PRs: 15865, 15866, 15868, 16126, 16133, 16142, 16521
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb jerenkrantz says: need to decide how many we need to backport and/or
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb if these rise to showstopper status.
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
6c3ee5153fd311a5fc6dd718dcc704487ac7d2a3rbb out of this list, without reviewing them individually.
da3e32612f06d3082e41ba709919c996c89b8c06rederpj * pipes deadlock on all platforms with limited pipe buffers (e.g. both
da3e32612f06d3082e41ba709919c996c89b8c06rederpj Linux and Win32, as opposed to only Win32 on 1.3). The right solution
da3e32612f06d3082e41ba709919c996c89b8c06rederpj is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
da3e32612f06d3082e41ba709919c996c89b8c06rederpj for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
da3e32612f06d3082e41ba709919c996c89b8c06rederpj * All handlers should always send content down even if r->header_only
da3e32612f06d3082e41ba709919c996c89b8c06rederpj is set. If not, it means that the HEAD requests don't generate the
da3e32612f06d3082e41ba709919c996c89b8c06rederpj same headers as a GET which is wrong.
0d9c389e9c63d02edb068917d49af2fa8012af91marc * exec cmd and suexec arg-passing enhancements
0d9c389e9c63d02edb068917d49af2fa8012af91marc Status: Patches proposed
0d9c389e9c63d02edb068917d49af2fa8012af91marc Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
0d9c389e9c63d02edb068917d49af2fa8012af91marc (see the "proc.patch" and "suexec-shell.patch" links in this message)
ae416a3cdff7a12665838a2184183299dcee6ec9bjh * The 2.0.36 worker MPM graceless shutdown changes work but are
ae416a3cdff7a12665838a2184183299dcee6ec9bjh a bit clunky on some platforms; eg, on Linux, the loop to
b0bb6f215e43a79342c422bc9b0c258add88ca51stoddard join each worker thread seems to hang, and the parent ends up
b0bb6f215e43a79342c422bc9b0c258add88ca51stoddard killing off the child with SIGKILL. But at least it shuts down.
99cec2acb38d6a2fb2d4a9d437db7b50ef5b208awrowe chrisd: Has this been fixed by the changes for PR 38737?
99cec2acb38d6a2fb2d4a9d437db7b50ef5b208awrowe * We do not properly substitute the prefix-variables in the configuration
4d83a32b74579903e90aa1cb8574b5b97404d0c4trawick scripts or generated-configs. (i.e. if sysconfdir is etc,
4d83a32b74579903e90aa1cb8574b5b97404d0c4trawick httpd-std.conf points to conf.)
4d83a32b74579903e90aa1cb8574b5b97404d0c4trawick * If any request gets through ap_process_request_internal() and is
7c2d1ecc95b2213a3fd449b2549999ed6f19f6berbb scheduled to be served by the core handler, without a flag that this
7c2d1ecc95b2213a3fd449b2549999ed6f19f6berbb r->filename was tested by dir/file_walk, we need to 500 at the very
7c2d1ecc95b2213a3fd449b2549999ed6f19f6berbb end of the ap_process_request_internal() processing so sub_req-esters
7c2d1ecc95b2213a3fd449b2549999ed6f19f6berbb know this request cannot be run. This provides authors of older
7c2d1ecc95b2213a3fd449b2549999ed6f19f6berbb modules better compatibility, while still improving the security and
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx robustness of 2.0.
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx Status: still need to decide where this goes, OtherBill comments...
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx [Deleted comments regarding the ap_run_handler phase, as irrelevant
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx as BillS points out that "common case will be caught in
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx default_handler already (with the r->finfo.filetype == 0 check)"
51469a0d2057aa24107b6f5a04e145824e10da1fdirkx and the issue is detecting this -before- we try to run the req.]
6d8d0dd6604f823aadbe3a18c3cff4eca584bda8trawick gregames says: can this happen somehow without a broken module
6d8d0dd6604f823aadbe3a18c3cff4eca584bda8trawick being involved? If not, why waste cycles trying to defend against
6d8d0dd6604f823aadbe3a18c3cff4eca584bda8trawick potential broken modules? It seems futile.
73cd9876e07c696a3e3563277a1d4e3173861af6stoddard wrowe counters: no, it shouldn't happen unless the module is broken.
73cd9876e07c696a3e3563277a1d4e3173861af6stoddard But the right answer is to fail the request up-front in dir/file
73cd9876e07c696a3e3563277a1d4e3173861af6stoddard walk if the path was entirely invalid; and we can't do that either
73cd9876e07c696a3e3563277a1d4e3173861af6stoddard UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
15ecbdb46249bbd3ac51fdacaff3b3ac4d179ffarbb * Can a static httpd be built reliably?
f0484231f96a9d95f5044c1c8cb33b322d6f9bcbdougm Message-ID: <20020207142751.T31582@clove.org>
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb removed if possible.
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb Message-ID:
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb Jeff wonders if we still care about this. It is no longer an
2281907b9a2a509aa0eabdc0b1d21424018dbbdfrbb API issue but simply an extra trip through the brigade.
2ca377182c951f9895cd5e7a350b442a39c8eb23rbb * Try to get libtool inter-library dependency code working on AIX.
2ca377182c951f9895cd5e7a350b442a39c8eb23rbb Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
1217c8c05f7e3ac0cac8c8dc0c6e7979326c977arbb Justin says: If we get it working on AIX, we can enable this
1217c8c05f7e3ac0cac8c8dc0c6e7979326c977arbb on all platforms and clean up our build system somewhat.
1217c8c05f7e3ac0cac8c8dc0c6e7979326c977arbb Jeff says: I thought I tested a patch for you sometime in
1217c8c05f7e3ac0cac8c8dc0c6e7979326c977arbb January that you were going to commit within a few days.
893328ef6ff86d0ca27774778d84410353789fb0fielding * Handling of %2f in URIs. Currently both 1.3 and 2.0
893328ef6ff86d0ca27774778d84410353789fb0fielding completely disallow %2f in the request URI path (see
893328ef6ff86d0ca27774778d84410353789fb0fielding ap_unescape_url() in util.c). It's permitted and passed
893328ef6ff86d0ca27774778d84410353789fb0fielding through in the query string, however. Roy says the
893328ef6ff86d0ca27774778d84410353789fb0fielding original reason for disallowing it, from five years ago,
274de94b0b59f4ee126dca1726624980828d0cd0stoddard was to protect CGI scripts that applied PATH_INFO to
274de94b0b59f4ee126dca1726624980828d0cd0stoddard a filesystem location and which might be tricked by
274de94b0b59f4ee126dca1726624980828d0cd0stoddard ..%2f..%2f(...). We *should* allow path-info of the
274de94b0b59f4ee126dca1726624980828d0cd0stoddard form 'http://foo.com/index.cgi/path/to/path%2finfo'.
85d733e70c94a57c9ff893ed05d8b9cfcd0f083fstoddard Since we've revamped a lot of our processing of path
85d733e70c94a57c9ff893ed05d8b9cfcd0f083fstoddard segments, it would be nice to allow this, or at least
85d733e70c94a57c9ff893ed05d8b9cfcd0f083fstoddard allow it conditionally with a directive.
3f0dd56fa6b79fe389f20738369b290e2f3e9201trawick OtherBill adds that %2f as the SECOND character of a multibyte
3f0dd56fa6b79fe389f20738369b290e2f3e9201trawick sequence causes the request to fail! This happens notably in
3f0dd56fa6b79fe389f20738369b290e2f3e9201trawick the ja-jis encoding.
3f0dd56fa6b79fe389f20738369b290e2f3e9201trawick * There is increasing demand from module writers for an API
70b83609159f247f5920421a890dc27a0718d63adreid that will allow them to control the server à la apachectl.
70b83609159f247f5920421a890dc27a0718d63adreid Reasons include sole-function servers that need to die if
70b83609159f247f5920421a890dc27a0718d63adreid an external dependency (e.g., a database) fails, et cetera.
70b83609159f247f5920421a890dc27a0718d63adreid Perhaps something in the (ever more abused) scoreboard?
70b83609159f247f5920421a890dc27a0718d63adreid On the other hand, we already have a pipe that goes between parent
a1033a770bfee276def7d4cb9759856f69293e48trawick and child for graceful shutdown events, along with an API that
a1033a770bfee276def7d4cb9759856f69293e48trawick can be used to send a message down that pipe. In threaded MPMs,
a1033a770bfee276def7d4cb9759856f69293e48trawick it is easy enough to make that one pipe be used for graceful
a1033a770bfee276def7d4cb9759856f69293e48trawick and graceless events, and it is also easy to open that pipe
bd2d582e0f0708b6e8e258a9a5f9a15445752087trawick to both parent and child for writing. Then we just need to
bd2d582e0f0708b6e8e258a9a5f9a15445752087trawick figure out how to do graceless on non-threaded MPMs.
adb8ad10ffc20ed06ec6cfab6cd7933ab429ea7dtrawick * Allow the DocumentRoot directive within <Location > scopes? This
adb8ad10ffc20ed06ec6cfab6cd7933ab429ea7dtrawick allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
adb8ad10ffc20ed06ec6cfab6cd7933ab429ea7dtrawick by a <Directory /somepath/foo> to become simply
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb and in-your-face.) DocumentRoot unset would be accepted [and would
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb not permit content to be served, only virtual resources such as
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb server-info or server-status.
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb This proposed change would _not_ depricate Alias.
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb striker: See the thread starting with Message-ID:
b45c1c292ff1fa635004ae81fa691f8cb3cdda85rbb JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
86f191e8221867df8c9cd22271e7d54204f39186rbb * Win32: Rotatelogs sometimes is not terminated when Apache
86f191e8221867df8c9cd22271e7d54204f39186rbb goes down hard. FirstBill was looking at possibly tracking the
86f191e8221867df8c9cd22271e7d54204f39186rbb child's-child processes in the parent process.
86f191e8221867df8c9cd22271e7d54204f39186rbb stoddard: Shared scoreboard might offer a good way for the parent
962f339c5f0f61adde79936f610fb05ce0854d6echuck to keep track of 'other child' processes and whack them if the child
962f339c5f0f61adde79936f610fb05ce0854d6echuck Other thoughts on walking the process chain using the NT kernel
157e6980a24a44e4719173b1c555133caecbc172stoddard have also been proposed on APR.
157e6980a24a44e4719173b1c555133caecbc172stoddard * Eliminate unnecessary creation of pipes in mod_cgid
faa6e5d8b210456ae4dad0398dfa40a19fd89d59coar * Combine log_child and piped_log_spawn. Clean up http_log.c.
171f8c636ff1374e3a3dfff333211becda355b98trawick Common logging API.
171f8c636ff1374e3a3dfff333211becda355b98trawick * Platforms that do not support fork (primarily Win32 and AS/400)
171f8c636ff1374e3a3dfff333211becda355b98trawick Architect start-up code that avoids initializing all the modules
171f8c636ff1374e3a3dfff333211becda355b98trawick in the parent process on platforms that do not support fork.
faa6e5d8b210456ae4dad0398dfa40a19fd89d59coar * There are still a number of places in the code where we are
faa6e5d8b210456ae4dad0398dfa40a19fd89d59coar losing error status (i.e. throwing away the error returned by a
faa6e5d8b210456ae4dad0398dfa40a19fd89d59coar system call and replacing it with a generic error code)
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard * Mass vhosting version of suEXEC.
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard * All DBMs suffer from confusion in support/dbmmanage (perl script) since
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard the dbmmanage employs the first-matched dbm format. This is not
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard necessarily the library that Apache was built with. Aught to
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard rewrite dbmmanage upon installation to bin/ with the proper library
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard for predictable mod_auth_dbm administration.
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard Questions; htdbm exists, time to kill dbmmanage, or does it remain
ed105ee460bbaf479f0aa0f59d3951da85066e27stoddard useful as a perl dbm management example? If we keep it,
21b8c3cb46cea2b31a585a95ce9f93f4f6abc35brbb do we address the issue above?
bae64a3e5bf7b96d8379e24f13273f26b3b29e16coar * Integrate mod_dav.
bae64a3e5bf7b96d8379e24f13273f26b3b29e16coar Some additional items remaining:
c7fe488773cf6f50a1b2d9211c2f30a2ace8b67ccoar - case_preserved_filename stuff
c7fe488773cf6f50a1b2d9211c2f30a2ace8b67ccoar (use the new canonical name stuff?)
c7fe488773cf6f50a1b2d9211c2f30a2ace8b67ccoar - find a new home for ap_text(_header)
c7fe488773cf6f50a1b2d9211c2f30a2ace8b67ccoar - is it possible to remove the DAV: namespace stuff from util_xml?
27338fc39af80f2f0e4a8dbdc90c8a8179a5b2e4rbb * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
27338fc39af80f2f0e4a8dbdc90c8a8179a5b2e4rbb are a bit wonky. The function should probably be exposed as a utility
27338fc39af80f2f0e4a8dbdc90c8a8179a5b2e4rbb function (such as ap_translate_url2fs() or ap_validate_fs_url() or
27338fc39af80f2f0e4a8dbdc90c8a8179a5b2e4rbb something). Another approach would be a new hook phase after
27338fc39af80f2f0e4a8dbdc90c8a8179a5b2e4rbb "translate" which would allow the module to munge what the
853a0c44563b056e40e9cffe911190f554e63ec3chuck translation has decided to do.
853a0c44563b056e40e9cffe911190f554e63ec3chuck Status: Greg +1 (volunteers)
853a0c44563b056e40e9cffe911190f554e63ec3chuck * Explore use of a post-config hook for the code in http_main.c which
330c042543440d0987244c94c65d14eeb7af0868rbb calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
330c042543440d0987244c94c65d14eeb7af0868rbb ap_sort_hooks() [to reduce the logic in main()]
f1fa5e69040a3a72054d185f6087a7d1592b83e8rbb * read the config tree just once, and process N times (as necessary)
f1fa5e69040a3a72054d185f6087a7d1592b83e8rbb * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
30e3e9b782c701f885583b7d13d8e46c37d7e1ddtrawick * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
30e3e9b782c701f885583b7d13d8e46c37d7e1ddtrawick into a VirtualHost container) to 2.0.
30e3e9b782c701f885583b7d13d8e46c37d7e1ddtrawick * shift stuff to mod_core.h
27faa3af8a50c1dc2dc6cb3049722378f85e5517rbb * callers of ap_run_create_request() should check the return value
27faa3af8a50c1dc2dc6cb3049722378f85e5517rbb for failure (Doug volunteers)
141b1a93f508248cbc0e9a124cc38041eb3e2562rbb * Fix the worker MPM to use POD to kill child processes instead
141b1a93f508248cbc0e9a124cc38041eb3e2562rbb of ap_os_killpg, regardless of how they should die.
141b1a93f508248cbc0e9a124cc38041eb3e2562rbb chrisd: Is this done, by any chance? See r92598 and r93358.
141b1a93f508248cbc0e9a124cc38041eb3e2562rbb * Scoreboard structures could be changed in the future such that
865980dc9aeb61741e586502440f0c0fea4835c6trawick proper alignment is not maintained, leading to segfaults on
865980dc9aeb61741e586502440f0c0fea4835c6trawick some systems. Cliff posted a patch to deal with this issue but
865980dc9aeb61741e586502440f0c0fea4835c6trawick later recanted. See this message to dev@apr.apache.org:
865980dc9aeb61741e586502440f0c0fea4835c6trawick Message-ID:
865980dc9aeb61741e586502440f0c0fea4835c6trawick <Pine.LNX.4.44.0203011354090.16457-200000@deepthought.cs.virginia.edu>
865980dc9aeb61741e586502440f0c0fea4835c6trawick * APXS either needs to be fixed completely for use when apr is out of tree,
865980dc9aeb61741e586502440f0c0fea4835c6trawick or it should drop query mode altogether, and we just grow an
9a0d076511763b559a755133f6a182e6c24ef643rbb httpd-config or similar arrangement.
9a0d076511763b559a755133f6a182e6c24ef643rbb To quote a discussion in STATUS earlier:
9a0d076511763b559a755133f6a182e6c24ef643rbb thommay: this doesn't fix all the problems with apxs and out of
9a0d076511763b559a755133f6a182e6c24ef643rbb tree apr/apr-util, but it's a good start. There's still the
b42a7e46e4f80282bd27e96d43c9510b14ccb9aarbb query cases; but I'm beginning to think that in these cases
b42a7e46e4f80282bd27e96d43c9510b14ccb9aarbb the app should be querying ap{r,u}-config directly
b42a7e46e4f80282bd27e96d43c9510b14ccb9aarbb deprecate -q: add htpd-config: gstein, pquerna, minfrin, pgollucci
6501b757f710f75d47c950300d8110aca67dc0b0rbbTODO ISSUES REMAINING IN MOD_SSL:
6501b757f710f75d47c950300d8110aca67dc0b0rbb * Do we need SSL_set_read_ahead()?
dfd4950edac888e671b96f62ff5382b7cb350d48rbb * SSLRequire directive (parsing of) leaks memory
dfd4950edac888e671b96f62ff5382b7cb350d48rbb * Diffie-Hellman-Parameters for temporary keys are hardcoded in
dfd4950edac888e671b96f62ff5382b7cb350d48rbb ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
a6d4b3f8d54aaf14d8ee5dda3a09bf8b6370dfa4wrowe "it is suggested that keys be changed daily or every 500
a6d4b3f8d54aaf14d8ee5dda3a09bf8b6370dfa4wrowe transactions, and more often if possible."
c9a95767fbf0f5fb0976a06b97a256033925e433rbb * ssl_var_lookup could be rewritten to be MUCH faster
c9a95767fbf0f5fb0976a06b97a256033925e433rbb * CRL callback should be pluggable
d8d839738b1e80b0f9c54e83677b3f2c46c22705rbb * session cache store should be pluggable
d8d839738b1e80b0f9c54e83677b3f2c46c22705rbb * init functions should return status code rather than ssl_die()
adaea88da2d103e4302e361c932b98cee86fb1c5rbb * ssl_engine_pphrase.c needs to be reworked so it is generic enough
9635d7ffbd8ca441f85051f9a3adba17142d0b20rbb to also decrypt proxy keys
9635d7ffbd8ca441f85051f9a3adba17142d0b20rbb * output warning when allowing SSL v2.0 ? its so old
d8d839738b1e80b0f9c54e83677b3f2c46c22705rbb * mod_proxy: Ability to run SSL over proxy gateway connections,
0415e5e1b9b6eba6899a2e5ef18f8facb8db0cfbstoddard encrypting (or reencrypting) at the proxy.
0415e5e1b9b6eba6899a2e5ef18f8facb8db0cfbstoddard * mod_cache: Handle ESI tags.
1374444b4fab1475091e12a81663f379b73005efrbb * mod_cache: Resolve issue of how to cache page fragments (or perhaps
1374444b4fab1475091e12a81663f379b73005efrbb -if- we want to cache page fragments). Today, mod_cache/mod_mem_cache
1374444b4fab1475091e12a81663f379b73005efrbb will cache #include 'virtual' requests (but not #include 'file'
3233d057ad276d823bded5c24c3fd6729ed1a736rbb requests). This was accomplished by making CACHE_IN a
3233d057ad276d823bded5c24c3fd6729ed1a736rbb CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
3233d057ad276d823bded5c24c3fd6729ed1a736rbb filter. But now responses cannot be cached that include the
9927a2a72d50103f32323b53f5fc4577c1801327rbb effects of having been run through CONTENT_SET filters
9927a2a72d50103f32323b53f5fc4577c1801327rbb (mod_deflate, mod_expires, etc). We could rerun all the
9927a2a72d50103f32323b53f5fc4577c1801327rbb CONTENT_SET filters on the cached response, but this will not
9927a2a72d50103f32323b53f5fc4577c1801327rbb work in all cases. For example, mod_expires relies on installing
9927a2a72d50103f32323b53f5fc4577c1801327rbb the EXPIRATION filter during fixups. Contents served out of
82d2eed8f2152aff3f7554951c133a9d404ebbc5rbb mod_cache (out of the quick_handler) bypass -all- the request
82d2eed8f2152aff3f7554951c133a9d404ebbc5rbb line server hooks (Ryan really hated this. It is great for
82d2eed8f2152aff3f7554951c133a9d404ebbc5rbb performance, but bad because of the complications listed above).
a5a7ecb732cfe89bb1f8e3c61b316c2075cefe52rbb * mod_mem_cache: Consider adding a RevalidateTimeout directive to
a5a7ecb732cfe89bb1f8e3c61b316c2075cefe52rbb specify time at which local cached content is to be revalidated
a5a7ecb732cfe89bb1f8e3c61b316c2075cefe52rbb (ie, underlying file stat'ed to see if it has changed).
364701a102725758f2e3a511924381e2faa93e27rbb * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
364701a102725758f2e3a511924381e2faa93e27rbb jerenkrantz says: Too slow. Get regexs away from speedy caches by
364701a102725758f2e3a511924381e2faa93e27rbb default. Introduce a new CacheEnableRegex if you want.
364701a102725758f2e3a511924381e2faa93e27rbb * mod_mem_cache/mod_disk_cache: Need to be able to query cache
0811e8a41d152f0016a385ce1dfa44f475425b70rbb status (num of entries, cache object properties, etc.).
0811e8a41d152f0016a385ce1dfa44f475425b70rbb mod_status could be extended to query optional hooks defined
0811e8a41d152f0016a385ce1dfa44f475425b70rbb by modules for the purpose of reporting module status.
0811e8a41d152f0016a385ce1dfa44f475425b70rbb mod_cache (et. al.) could define optional hooks that are called
957b9b3f5e47c6cc7c2d8d9e2224c7364e966c70rbb to collect status. Status should be queryable by
957b9b3f5e47c6cc7c2d8d9e2224c7364e966c70rbb HTTP or SNMP?
957b9b3f5e47c6cc7c2d8d9e2224c7364e966c70rbb jerenkrantz says: Yawn. Who cares.
957b9b3f5e47c6cc7c2d8d9e2224c7364e966c70rbb * Regex containers don't work in an intutive way
957b9b3f5e47c6cc7c2d8d9e2224c7364e966c70rbb Status: No one has come up with an efficient way to fix this
e91c80d53d8ffa738283d923638fa3efd8aa6bf7rbb behavior. Dean has suggested getting rid of regex containers
e91c80d53d8ffa738283d923638fa3efd8aa6bf7rbb completely.
e91c80d53d8ffa738283d923638fa3efd8aa6bf7rbb OtherBill suggests: We at least seem to agree on eliminating
9359bd100badb53fd8a465cb3a0a90b218b30c4cben the <Container ~ foo> forms, and using only
9359bd100badb53fd8a465cb3a0a90b218b30c4cben <ContainerMatch foo> semantics.
d0211374a981173d4537e3f919c708b5f64040fcgstein * orig_ct in the byterange/multipart handling may not be
d0211374a981173d4537e3f919c708b5f64040fcgstein needed. Apache 1.3 just never stashed "multipart" into
d0211374a981173d4537e3f919c708b5f64040fcgstein r->content_type. We should probably follow suit since the
37d15e1062df9dcdd39ebee5bd2fdc75d4a6aa4arbb byterange stuff doesn't want the rest of the code to see the
37d15e1062df9dcdd39ebee5bd2fdc75d4a6aa4arbb multipart content-type; the other code should still think it is
37d15e1062df9dcdd39ebee5bd2fdc75d4a6aa4arbb dealing with the <orig_ct> stuff.
e3ec3193b69b45923c14915fa3ee3bc1f0215bafrbb Status: Greg volunteers to investigate (esp. since he was most
e3ec3193b69b45923c14915fa3ee3bc1f0215bafrbb likely the one to break it :-)
e3ec3193b69b45923c14915fa3ee3bc1f0215bafrbbEXPERIMENTAL MODULES:
138c8f7cb8254e035c6f45288e3909cd9c21be5cmartin Experimental modules should eventually be be promoted to fully supported
138c8f7cb8254e035c6f45288e3909cd9c21be5cmartin status or removed from the repository entirely (ie, the
138c8f7cb8254e035c6f45288e3909cd9c21be5cmartin 'experiment' failed). This section tracks what needs to happen to
138c8f7cb8254e035c6f45288e3909cd9c21be5cmartin get the modules promoted to fully supported status.