STATUS revision c95a8116bde20ab75f2e54d0e867bdf2e13643c3
48c0c81cd6fabac9d3386406d97633780365b839coarAPACHE 2.0 STATUS: -*-text-*-
b865b179e150aae40ff75e580dce6ec4b5294ebdfieldingLast modified at [$Date: 2002/11/21 17:03:40 $]
d8028365066fca602bf35d014530a1802114378crbb 2.0.44 : in development
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.43 : released October 3, 2002 as GA.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.42 : released September 24, 2002 as GA.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.41 : rolled September 16, 2002. not released.
d89c116f82699294ca744125723651c554bc5925wrowe 2.0.40 : released August 9, 2002 as GA.
4214e98fc9045e5010e66f9a967bd6d68f40d342aaron 2.0.39 : released June 17, 2002 as GA.
8721697e2aece27b0e738519329f7976c72b27bfjerenkrantz 2.0.38 : rolled June 16, 2002. not released.
c25203fdca093d4504c51b4cd974ff60d5aa4fb1wrowe 2.0.37 : rolled June 11, 2002. not released.
91cacb801f6c0215b38322f6d2fc58cbfedfecfbjerenkrantz 2.0.36 : released May 6, 2002 as GA.
91cacb801f6c0215b38322f6d2fc58cbfedfecfbjerenkrantz 2.0.35 : released April 5, 2002 as GA.
df14f0d3a5191cdd7c4bb5b03acd135d43a6f51brbb 2.0.34 : tagged March 26, 2002.
df14f0d3a5191cdd7c4bb5b03acd135d43a6f51brbb 2.0.33 : tagged March 6, 2002. not released.
ab71b233b3a36489e44a7b061c48293be0b17788jwoolley 2.0.32 : released Feburary 16, 2002 as beta.
571760de5e60c0b459cb11be45507b923cd023eejwoolley 2.0.31 : rolled Feburary 1, 2002. not released.
571760de5e60c0b459cb11be45507b923cd023eejwoolley 2.0.30 : tagged January 8, 2002. not rolled.
9180a5933673ffb1af633c255ceee029340f3b1erbb 2.0.29 : tagged November 27, 2001. not rolled.
bcb6e1be6041dfeb549c8ea8d37f97ad4e90a0c3rbb 2.0.28 : released November 13, 2001 as beta.
9bd71e35f5d26d26d23fe3a677401828e842ed72wrowe 2.0.27 : rolled November 6, 2001
2900ab946a2d76b73a14cebfe2985d253f01c967stoddard 2.0.26 : tagged October 16, 2001. not rolled.
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.25 : rolled August 29, 2001
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.24 : rolled August 18, 2001
a548c09e6a8ca1b059d0e93b5256c6ccb2b3c3cdrbb 2.0.23 : rolled August 9, 2001
b876b7bcf0ce3d232da723246d709e8dbbfe8762rbb 2.0.22 : rolled July 29, 2001
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein 2.0.21 : rolled July 20, 2001
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick 2.0.20 : rolled July 8, 2001
6f6f4a4bca281779d196acbdd5c017bb90858305trawick 2.0.19 : rolled June 27, 2001
8dd4618c4709236b4ea297d7250d282e463ce2d8rbb 2.0.18 : rolled May 18, 2001
09bd86d0db1114ee23eda0a6eb76ca055877a1cftrawick 2.0.17 : rolled April 17, 2001
2deb319e6b3de239f45c16a3e9e836d44f1f7108rbb 2.0.16 : rolled April 4, 2001
bd929c73ef04789b7183b840d8db6e01d03a4d86rbb 2.0.15 : rolled March 21, 2001
70f6f32765cfaadd6da8de6f0fea97ddd72d8fadmanoj 2.0.14 : rolled March 7, 2001
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj 2.0a9 : released December 12, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a8 : released November 20, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a7 : released October 8, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a6 : released August 18, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a5 : released August 4, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a4 : released June 7, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a3 : released April 28, 2000
af4c982a7cf4515f124935f99a329744035fc699slive 2.0a2 : released March 31, 2000
10270f6f94b2069d0d357805c140a9897449b9ccianh 2.0a1 : released March 10, 2000
5ca8e11fadb6f7a8d9d0367c1800205c99d4bcd6jerenkrantzPlease consult the following STATUS files for information
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddardon related projects:
4b62424416882687387923b3130b96241503cbe0jerenkrantzContributors looking for a mission:
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding * just do an egrep on "TODO" and see what's there
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewroweCURRENT RELEASE NOTES:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantzRELEASE SHOWSTOPPERS:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantzCURRENT VOTES:
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz * Adopt backwards compatibility for future Apache 2.0 releases
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz such that MMN major number changes and eliminating non-experimental
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz modules are deferred for the next minor version bump (e.g. 2.1, 2.2
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz +1: wrowe, jerenkrantz, aaron, brianp, trawick, stoddard, jwoolley,
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz rbowen, rederpj, jim, striker
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * Defer the Auth module overhaul to the next minor version bump
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz (e.g. 2.1, 2.2, 3.0) on the condition that forward compatibility
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz resolution is adopted.
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz +1: wrowe, aaron, trawick, stoddard, jwoolley, rbowen, gregames,
f4cb04eb78da02a38fcdd87489dc7b660107d55fjerenkrantz rederpj, jim
bcca8071772ad81c16009aea3a7da3ef9da41173trawick 0: jerenkrantz
1b3f48fd6b1ccb8745f908e40156c5a85ca3c347jerenkrantz * Adopt an even/odd release paradigm (see VERSIONING) such that
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard even numbered releases are stable, and odd numbered releases
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard are development efforts, keeping in the tradition of Linux,
f9b8e29cfca92cf0a996e8ab17fa1a1f447cecc7stoddard Perl, etc. In pratical terms, this implies C-T-R-T-C, where
a23b1c5a74208b03884c09a6f9dd5d6c97fa6415trawick patches are (generally) first applied to the development branch,
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe tested, and then (after vote) applied to the stable branch.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe +1: wrowe, jerenkrantz, aaron, trawick, stoddard, jwoolley, rbowen,
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe gregames, rederpj, jim, striker
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * Branch APACHE_2_0_BRANCH today, changing the version in CVS HEAD
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe to 2.1.0-dev.
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe +1 [from APACHE_2_0_43]: wrowe, aaron, trawick, stoddard, jwoolley,
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe gregames, rederpj, jim
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe +1 [from HEAD]: striker
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe 0: jerenkrantz
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe * httpd-std.conf and friends
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe a) httpd-std.conf should be tailored by install (from src or
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe binbuild) even if user has existing httpd.conf
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley, jim
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe wrowe - prefer httpd.default.conf to avoid ambiguity with cvs
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe b) tailored httpd-std.conf should be copied by install to
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard -0: striker
638a9edaf48cf003cd40ac25ee8c25f572107414stoddard c) tailored httpd-std.conf should be installed to
83d91d60d00dc345bfbcbc48ff206db4a6b23b2eaaron +1: slive, trawick, Ken
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb d) Installing a set of default config files when upgrading a server
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb doesn't make ANY sense at all.
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb +1: ianh - medium/big sites don't use 'standard config' anyway, as it
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb usually needs major customizations
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb -1: Ken, wrowe, jwoolley, jim
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb wrowe - diff is wonderful when comparing old/new default configs,
db2d668e6233d8949b35ee7f9f42f444758f9ce9rbb even for customized sites that ianh mentions
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron jim - ... assuming that the default configs have been updated
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron with the required inline docs to explain the
a12f07383f9c286519fe88f559187148d5bd1c16aaron * If the parent process dies, should the remaining child processes
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron "gracefully" self-terminate. Or maybe we should make it a runtime
1ea5221b240a8b41a07c6fb04aab5a73adcddabfaaron option, or have a concept of 2 parent processes (one being a
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz "hot spare").
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Self-destruct: Ken, Martin
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Not self-destruct: BrianP, Ian, Cliff, BillS
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz /* The below was a concept on *how* to handle the problem */
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz Have 2 parents: +1: jim
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz -1: Justin, wrowe, rederpj
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz +0: Martin (while standing by, could it do
5d12baef135b5d3cb94745e007a1575398469724jerenkrantz something useful?)
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * Make the worker MPM the default MPM for threaded Unix boxes.
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz +1: Justin, Ian, Cliff, BillS, striker, wrowe
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz +0: BrianP, Aaron (mutex contention is looking better with the
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz latest code, let's continue tuning and testing), rederpj, jim
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantzRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz * There is a bug in how we sort some hooks, at least the pre-config
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz hook. The first time we call the hooks, they are in the correct
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz order, but the second time, we don't sort them correctly. Currently,
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz the modules/http/config.m4 file has been renamed to
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz modules/http/config2.m4 to work around this problem, it should moved
b865daaa4ef731a7066ee6d97e2aae36c7743939jerenkrantz back when this is fixed.
dc098c7ce5d36179c504d09fc722d190683d0262aaron OtherBill offers that this is a SERIOUS problem. We do not sort
dc098c7ce5d36179c504d09fc722d190683d0262aaron correctly by the ordering arguments passed to the register hook
dc098c7ce5d36179c504d09fc722d190683d0262aaron functions. This was proven when I reordered the open_logs hook
dc098c7ce5d36179c504d09fc722d190683d0262aaron to attempt to open the error logs prior to the access logs. Possibly
dc098c7ce5d36179c504d09fc722d190683d0262aaron the entire sorting code needs to be refactored.
364dfd4527e6ce37b828a42e2c0bbdf9ba19a9b8gregames * pipes deadlock on all platforms with limited pipe buffers (e.g. both
364dfd4527e6ce37b828a42e2c0bbdf9ba19a9b8gregames Linux and Win32, as opposed to only Win32 on 1.3). The right solution
dc098c7ce5d36179c504d09fc722d190683d0262aaron is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron for "Poll Buckets" for "Polling Filter Chains".
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron * All handlers should always send content down even if r->header_only
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron is set. If not, it means that the HEAD requests don't generate the
0bcb1fe39dfaacf9745b6633f5cc9ebc8e2596caaaron same headers as a GET which is wrong.
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz * HP/UX 10.20: compile breakage in APR. Looks like it should be easy
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz to fix, probably just some extraneous #include's that are fouling
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz Jeff: See my reply and patch in the PR (and previous commit to
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz stop using "pipe" as a field name). If patch is committed, we
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick should be okay. I'll wait to see if the user tests the patch.
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick Update by Jeff 20020722: I got an account on HP 10.20. It looks
ff42f83cbf31893bcde9712332a8e5ee970f6a74trawick like some of the APR thread detection is screwed up. If we find
33f5961d34a8b5390cebad0543b3ebe67830e5d7jerenkrantz pthread.h but we can't compile the pthread test program we still
54e1babd5a5a56c576eeeace54110150769cc916coar think we can use threads. For that reason, the patch I posted
54e1babd5a5a56c576eeeace54110150769cc916coar to the PR won't work as-is since a failed compile of the test
54e1babd5a5a56c576eeeace54110150769cc916coar program means nothing.
54e1babd5a5a56c576eeeace54110150769cc916coar * exec cmd and suexec arg-passing enhancements
54e1babd5a5a56c576eeeace54110150769cc916coar Status: Patches proposed
54e1babd5a5a56c576eeeace54110150769cc916coar Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
54e1babd5a5a56c576eeeace54110150769cc916coar (see the "proc.patch" and "suexec-shell.patch" links in this message)
54e1babd5a5a56c576eeeace54110150769cc916coar * The 2.0.36 worker MPM graceless shutdown changes work but are
54e1babd5a5a56c576eeeace54110150769cc916coar a bit clunky on some platforms; eg, on Linux, the loop to
54e1babd5a5a56c576eeeace54110150769cc916coar join each worker thread seems to hang, and the parent ends up
54e1babd5a5a56c576eeeace54110150769cc916coar killing off the child with SIGKILL. But at least it shuts down.
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz * We do not properly substitute the prefix-variables in the configuration
949aa7bba7f804faa8e6b08cad42a98fc0255d85jerenkrantz scripts or generated-configs. (i.e. if sysconfdir is etc,
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar httpd-std.conf points to conf.)
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz * If any request gets through ap_process_request_internal() and is
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz scheduled to be served by the core handler, without a flag that this
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz r->filename was tested by dir/file_walk, we need to 500 at the very
07021d9f405849228b859d9fb4b877f20e4fbba3jerenkrantz end of the ap_process_request_internal() processing so sub_req-esters
f126ee03179eb54308118f1ec3de5a7b461685d8aaron know this request cannot be run. This provides authors of older
f126ee03179eb54308118f1ec3de5a7b461685d8aaron modules better compatibility, while still improving the security and
f126ee03179eb54308118f1ec3de5a7b461685d8aaron robustness of 2.0.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Status: still need to decide where this goes, OtherBill comments...
f126ee03179eb54308118f1ec3de5a7b461685d8aaron Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
f126ee03179eb54308118f1ec3de5a7b461685d8aaron [Deleted comments regarding the ap_run_handler phase, as irrelevant
f126ee03179eb54308118f1ec3de5a7b461685d8aaron as BillS points out that "common case will be caught in
f126ee03179eb54308118f1ec3de5a7b461685d8aaron default_handler already (with the r->finfo.filetype == 0 check)"
f126ee03179eb54308118f1ec3de5a7b461685d8aaron and the issue is detecting this -before- we try to run the req.]
f126ee03179eb54308118f1ec3de5a7b461685d8aaron gregames says: can this happen somehow without a broken module
f126ee03179eb54308118f1ec3de5a7b461685d8aaron being involved? If not, why waste cycles trying to defend against
f126ee03179eb54308118f1ec3de5a7b461685d8aaron potential broken modules? It seems futile.
f126ee03179eb54308118f1ec3de5a7b461685d8aaron wrowe counters: no, it shouldn't happen unless the module is broken.
109faf633e12ab0bbdd602c7addc795cce59e8addreid But the right answer is to fail the request up-front in dir/file
109faf633e12ab0bbdd602c7addc795cce59e8addreid walk if the path was entirely invalid; and we can't do that either
109faf633e12ab0bbdd602c7addc795cce59e8addreid UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
109faf633e12ab0bbdd602c7addc795cce59e8addreid * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
109faf633e12ab0bbdd602c7addc795cce59e8addreid how the Perchild MPM should be re-written. It hasn't worked
109faf633e12ab0bbdd602c7addc795cce59e8addreid correctly since filters were added because it wasn't possible to
109faf633e12ab0bbdd602c7addc795cce59e8addreid get the content that had already been written and the socket at
109faf633e12ab0bbdd602c7addc795cce59e8addreid the same time. This mode lets us do that, so the MPM can be
109faf633e12ab0bbdd602c7addc795cce59e8addreid * htpasswd blindly processes the file you give it, and does no
109faf633e12ab0bbdd602c7addc795cce59e8addreid sanity checking before totally corrupting whatever file it was
109faf633e12ab0bbdd602c7addc795cce59e8addreid you thought you had. It should check the input file and bail
4ca13a5e126946272f02637e268a8e09193c553ecoar if it finds non-comment lines that do not contain exactly 1
4ca13a5e126946272f02637e268a8e09193c553ecoar ':' character.
4ca13a5e126946272f02637e268a8e09193c553ecoar Message-ID: <20020217150457.A31632@clove.org>
4ca13a5e126946272f02637e268a8e09193c553ecoar * Can a static httpd be built reliably?
48c0c81cd6fabac9d3386406d97633780365b839coar Message-ID: <20020207142751.T31582@clove.org>
48c0c81cd6fabac9d3386406d97633780365b839coar * [Ken] Test suite failures:
48c0c81cd6fabac9d3386406d97633780365b839coar o worker is also failing some of the 'cgi' subtests
48c0c81cd6fabac9d3386406d97633780365b839coar Justin says: "Worker should be fine and passes httpd-test here.
48c0c81cd6fabac9d3386406d97633780365b839coar I think it's a perl or a httpd-test problem."
4ca13a5e126946272f02637e268a8e09193c553ecoar * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
b84f66c93f820824b1d5455181f55598b766319cwrowe removed if possible.
b84f66c93f820824b1d5455181f55598b766319cwrowe Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
b84f66c93f820824b1d5455181f55598b766319cwrowe Jeff wonders if we still care about this. It is no longer an
b84f66c93f820824b1d5455181f55598b766319cwrowe API issue but simply an extra trip through the brigade.
7fe18c15b669db9d191859695901dc4fcf3829dawrowe * The Add...Filter and Set...Filter directives do not allow the
7fe18c15b669db9d191859695901dc4fcf3829dawrowe administrator to order filters, beyond the order of filename (mime)
7fe18c15b669db9d191859695901dc4fcf3829dawrowe extensions. It isn't clear if Set...Filter(s) should be inserted
b84f66c93f820824b1d5455181f55598b766319cwrowe before or after the Add...Filter(s) which are ordered by sequence of
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe filename extensions. At minimum, some sort of +-[0-10] syntax seems
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe like a nice solution. See ROADMAP.
d24a92b8a8315e9a266ba84cc2a996d49dd546c1stoddard * Get perchild to work on platforms other than Linux. This
48c0c81cd6fabac9d3386406d97633780365b839coar will require a portable mechanism to pass data and file/socket
48c0c81cd6fabac9d3386406d97633780365b839coar descriptors between vhost child groups. An API was proposed
48c0c81cd6fabac9d3386406d97633780365b839coar on dev@apr:
2fb49a1d25f38421a68d31b4cbb5d9293fdeafbewrowe Message-ID: <20020111115006.K1529@clove.org>
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Try to get libtool inter-library dependency code working on AIX.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe Justin says: If we get it working on AIX, we can enable this
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe on all platforms and clean up our build system
d180ec1b29106f4fec480ef7fcdb04df078010cerse Jeff says: I thought I tested a patch for you sometime in
d180ec1b29106f4fec480ef7fcdb04df078010cerse January that you were going to commit within a few
3913a3b7e7c72ea11d05da36275db39c2dc39b68jwoolley * Handling of %2f in URIs. Currently both 1.3 and 2.0
57710387e669ee41fb211458efe09c4c73194a66jwoolley completely disallow %2f in the request URI path (see
57710387e669ee41fb211458efe09c4c73194a66jwoolley ap_unescape_url() in util.c). It's permitted and passed
3913a3b7e7c72ea11d05da36275db39c2dc39b68jwoolley through in the query string, however. Roy says the
3913a3b7e7c72ea11d05da36275db39c2dc39b68jwoolley original reason for disallowing it, from five years ago,
d180ec1b29106f4fec480ef7fcdb04df078010cerse was to protect CGI scripts that applied PATH_INFO to
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard a filesystem location and which might be tricked by
19cbe4d7b7c931723e7249de6829bf965a1fee72stoddard ..%2f..%2f(...). We *should* allow path-info of the
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard form 'http://foo.com/index.cgi/path/to/path%2finfo'.
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard Since we've revamped a lot of our processing of path
b187d568e1507d75139ebc13ca945b38fc05d55cstoddard segments, it would be nice to allow this, or at least
1c6fb1e726ce22694de0e9a957adb67b929e5d4fstoddard allow it conditionally with a directive.
a5ed555df952c85bc1b179f5981e8a6c54ba16e6stoddard OtherBill adds that %2f as the SECOND character of a multibyte
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb sequence causes the request to fail! This happens notably in
d2f8b010487ffa990a9c268df5a25579e7291bcdrbb the ja-jis encoding.
0bff2f28ef945280c17099c142126178a78e1e54manoj * FreeBSD, threads, and worker MPM. All seems to work fine
0bff2f28ef945280c17099c142126178a78e1e54manoj if you only have one worker process with many threads. Add
0bff2f28ef945280c17099c142126178a78e1e54manoj a second worker process and the accept lock seems to be
1e585ba09ea32272e63c4c39c35491e975d21d98stoddard lost. This might be an APR issue with how it deals with
0bff2f28ef945280c17099c142126178a78e1e54manoj the child_init hook (i.e. the fcntl lock needs to be resynced).
35330e0d79ceb8027223bbb8330a381b1f989d6etrawick More examination and analysis is required.
0bff2f28ef945280c17099c142126178a78e1e54manoj Status: This has also been reported on Cygwin.
9c09943bad734ebd5c7cc10bd6d63b75c4c6e056stoddard FreeBSD 4.7 was reputed to have 'fixed' threads. Not.
ff849e4163ed879288f0df15f78b6c9d278ec804fanf Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
447c6ce3ff08073c44f6785d5256271fcb877512wrowe Aaron says: I spent some time disecting this and have come to
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar the conclusion that it is not a problem in the worker MPM
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar (or at least, it is not isolated to a problem in worker).
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar I'll list some of the problems I'm seeing in case someone
e0427bf8e52a8fb920cb8b6adb5cdb3b6535b7fecoar else wants to pick up where I've left off:
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe - Delivery of just about any signal to one of the child
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe processes will send it into an infinite loop as well.
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe - Even though the parent is spinning out of control,
7fe18c15b669db9d191859695901dc4fcf3829dawrowe at first the child or children will appear to work
db3ccce11afac4fc1d4f51a65424412f7480c46cgstein properly. At times it is possible to get it into a state,
dd4713dc5b186f4d1be7b88f86608fdb84cbe5d5gstein however, where a request will hang until another concurrent
48c0c81cd6fabac9d3386406d97633780365b839coar request "kicks" the first, at which point the second will
48c0c81cd6fabac9d3386406d97633780365b839coar hang. My theory is that this has to do with the
48c0c81cd6fabac9d3386406d97633780365b839coar pthread_cond_*() implementation in FreeBSD, but it's still
48c0c81cd6fabac9d3386406d97633780365b839coar possible that it is in APR.
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick Justin adds: Oh, FreeBSD threads are implemented entirely with
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick select()/poll()/longjmp(). Welcome to the nightmare.
79d5106a9b65b956d646f5daae4b94bc79e315b8trawick So, that means a ktrace output also has the thread
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein scheduling internals in it (since it is all the same to
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein the kernel). Which makes it hard to distinguish between
cf6bf6c34c936e6a6fe731dbce4a5c3c8bf8e9a3gstein our select() calls and their select() calls.
6fa71a1bd8c61518b05f5798a7a1594c270e78afrbb *bangs head on wall repeatedly* But, some of the libc_r
93c5cba06b623ebe8e4372e886eece12d9a80c3egstein files have a DBG_MSG #define. This is moderately helpful
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein when used with -DNO_DETACH. The kernel scheduler isn't
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein waking up the threads on a select(). Yum. And, I bet
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein those decrementing select calls have to do with the
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein scheduler. Time to brush up on our OS fundamentals.
14cccaddba3a9263cf0d0ddc311e18f3e3dc9b0fgstein * There is increasing demand from module writers for an API
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein that will allow them to control the server � la apachectl.
823c303d33c9e637a83d82208bcbafaf5f532d7bgstein Reasons include sole-function servers that need to die if
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj an external dependency (e.g., a database) fails, et cetera.
e636eba7474e0010b5c7198af1c2fe5ad8652dbbmanoj Perhaps something in the (ever more abused) scoreboard?
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein On the other hand, we already have a pipe that goes between parent
281da4c02cf40c663298ded7e4e5b913a8f8b814gstein and child for graceful shutdown events, along with an API that
2f728b2e8555fee1b7cc11e886488692f2575fbddougm can be used to send a message down that pipe. In threaded MPMs,
2f728b2e8555fee1b7cc11e886488692f2575fbddougm it is easy enough to make that one pipe be used for graceful
2f728b2e8555fee1b7cc11e886488692f2575fbddougm and graceless events, and it is also easy to open that pipe
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe to both parent and child for writing. Then we just need to
48c0c81cd6fabac9d3386406d97633780365b839coar figure out how to do graceless on non-threaded MPMs.
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe * Allow the DocumentRoot directive within <Location > scopes? This
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe by a <Directory /somepath/foo> to become simply
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
60d567a0c2aae815ee6fc20c0d65032bea52c92cwrowe and in-your-face.) DocumentRoot unset would be accepted [and would
fdff4ace2701177219fe1c444f69242372423354aaron not permit content to be served, only virtual resources such as
fdff4ace2701177219fe1c444f69242372423354aaron server-info or server-status.
fdff4ace2701177219fe1c444f69242372423354aaron This proposed change would _not_ depricate Alias.
fdff4ace2701177219fe1c444f69242372423354aaron striker: See the thread starting with Message-ID:
fdff4ace2701177219fe1c444f69242372423354aaron JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
fdff4ace2701177219fe1c444f69242372423354aaron * Win32: Rotatelogs sometimes is not terminated when Apache
fdff4ace2701177219fe1c444f69242372423354aaron goes down hard. FirstBill was looking at possibly tracking the
27757f6699a924d4b493a1b6cceb27df27a43287dreid child's-child processes in the parent process.
27757f6699a924d4b493a1b6cceb27df27a43287dreid stoddard: Shared scoreboard might offer a good way for the parent
27757f6699a924d4b493a1b6cceb27df27a43287dreid to keep track of 'other child' processes and whack them if the child
7169eebe7cef1a6bbd082f28b1906f91b6fc6621stoddard Other thoughts on walking the process chain using the NT kernel
7169eebe7cef1a6bbd082f28b1906f91b6fc6621stoddard have also been proposed on APR.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Eliminate unnecessary creation of pipes in mod_cgid
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Combine log_child and piped_log_spawn. Clean up http_log.c.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick Common logging API.
21e01f13f717faeca3e498d7d9c9b4d3af98ae27trawick * Document mod_file_cache.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Platforms that do not support fork (primarily Win32 and AS/400)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Architect start-up code that avoids initializing all the modules
64ad864fa0f4493eebb181e393b40a8a90beccb9coar in the parent process on platforms that do not support fork.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Win32: Migrate the MPM over to use APR thread/process calls. This
48c0c81cd6fabac9d3386406d97633780365b839coar would eliminate some code in the Win32 branch that essentially
64ad864fa0f4493eebb181e393b40a8a90beccb9coar duplicates what is in APR.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * There are still a number of places in the code where we are
48c0c81cd6fabac9d3386406d97633780365b839coar losing error status (i.e. throwing away the error returned by a
64ad864fa0f4493eebb181e393b40a8a90beccb9coar system call and replacing it with a generic error code)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Mass vhosting version of suEXEC.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * All DBMs suffer from confusion in support/dbmmanage (perl script) since
64ad864fa0f4493eebb181e393b40a8a90beccb9coar the dbmmanage employs the first-matched dbm format. This is not
64ad864fa0f4493eebb181e393b40a8a90beccb9coar necessarily the library that Apache was built with. Aught to
64ad864fa0f4493eebb181e393b40a8a90beccb9coar rewrite dbmmanage upon installation to bin/ with the proper library
48c0c81cd6fabac9d3386406d97633780365b839coar for predictable mod_auth_dbm administration.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Questions; htdbm exists, time to kill dbmmanage, or does it remain
64ad864fa0f4493eebb181e393b40a8a90beccb9coar useful as a perl dbm management example? If we keep it,
64ad864fa0f4493eebb181e393b40a8a90beccb9coar do we address the issue above?
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Integrate mod_dav.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Some additional items remaining:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar - case_preserved_filename stuff
48c0c81cd6fabac9d3386406d97633780365b839coar (use the new canonical name stuff?)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar - find a new home for ap_text(_header)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar - is it possible to remove the DAV: namespace stuff from util_xml?
48c0c81cd6fabac9d3386406d97633780365b839coar * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
64ad864fa0f4493eebb181e393b40a8a90beccb9coar are a bit wonky. The function should probably be exposed as a utility
64ad864fa0f4493eebb181e393b40a8a90beccb9coar function (such as ap_translate_url2fs() or ap_validate_fs_url() or
64ad864fa0f4493eebb181e393b40a8a90beccb9coar something). Another approach would be a new hook phase after
64ad864fa0f4493eebb181e393b40a8a90beccb9coar "translate" which would allow the module to munge what the
48c0c81cd6fabac9d3386406d97633780365b839coar translation has decided to do.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Status: Greg +1 (volunteers)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Explore use of a post-config hook for the code in http_main.c which
48c0c81cd6fabac9d3386406d97633780365b839coar calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
64ad864fa0f4493eebb181e393b40a8a90beccb9coar ap_sort_hooks() [to reduce the logic in main()]
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * read the config tree just once, and process N times (as necessary)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
48c0c81cd6fabac9d3386406d97633780365b839coar into a VirtualHost container) to 2.0.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * shift stuff to mod_core.h
48c0c81cd6fabac9d3386406d97633780365b839coar * callers of ap_run_create_request() should check the return value
64ad864fa0f4493eebb181e393b40a8a90beccb9coar for failure (Doug volunteers)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Win32: Get Apache working on Windows 95/98. The following work
48c0c81cd6fabac9d3386406d97633780365b839coar (at least) needs to be done:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar - Document warning that OSR2 is required (for Crypt functions, in
64ad864fa0f4493eebb181e393b40a8a90beccb9coar rand.c, at least.) This could be resolved with an SSL library, or
64ad864fa0f4493eebb181e393b40a8a90beccb9coar randomization in APR itself.
48c0c81cd6fabac9d3386406d97633780365b839coar - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
64ad864fa0f4493eebb181e393b40a8a90beccb9coar actually works) and add in a splash of Win9x service code.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Fix the worker MPM to use POD to kill child processes instead
48c0c81cd6fabac9d3386406d97633780365b839coar of ap_os_killpg, regardless of how they should die.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Scoreboard structures could be changed in the future such that
64ad864fa0f4493eebb181e393b40a8a90beccb9coar proper alignment is not maintained, leading to segfaults on
64ad864fa0f4493eebb181e393b40a8a90beccb9coar some systems. Cliff posted a patch to deal with this issue but
48c0c81cd6fabac9d3386406d97633780365b839coar later recanted. See this message to dev@apr.apache.org:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
48c0c81cd6fabac9d3386406d97633780365b839coarTODO ISSUES REMAINING IN MOD_SSL:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * In order to use a DSO version of mod_ssl we have to link with
64ad864fa0f4493eebb181e393b40a8a90beccb9coar -lssl and -lcrypto. A workaround is in place right now where the
48c0c81cd6fabac9d3386406d97633780365b839coar entire EXTRA_LIBS macro is being appended to the objects list, but
64ad864fa0f4493eebb181e393b40a8a90beccb9coar this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
64ad864fa0f4493eebb181e393b40a8a90beccb9coar autoconf function or come up with some other autoconf checks to
64ad864fa0f4493eebb181e393b40a8a90beccb9coar search for libssl and libcrypto and properly add them to mod_ssl's
48c0c81cd6fabac9d3386406d97633780365b839coar link flags.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * SSL renegotiations in combination with POST request
48c0c81cd6fabac9d3386406d97633780365b839coar * Port or dispose all code inside #if 0...#endif blocks that remain
64ad864fa0f4493eebb181e393b40a8a90beccb9coar from the porting effort.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Do we need SSL_set_read_ahead()?
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar -in ssl_expr_comp() if SSLRequire is used in .htaccess
64ad864fa0f4493eebb181e393b40a8a90beccb9coar (ssl_expr_info is global)
48c0c81cd6fabac9d3386406d97633780365b839coar -is ssl_expr_eval() if there is an error
64ad864fa0f4493eebb181e393b40a8a90beccb9coar (ssl_expr_error is global)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * SSLRequire directive (parsing of) leaks memory
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * Diffie-Hellman-Parameters for temporary keys are hardcoded in
64ad864fa0f4493eebb181e393b40a8a90beccb9coar ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar "it is suggested that keys be changed daily or every 500
48c0c81cd6fabac9d3386406d97633780365b839coar transactions, and more often if possible."
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * ssl_var_lookup could be rewritten to be MUCH faster
48c0c81cd6fabac9d3386406d97633780365b839coar * CRL callback should be pluggable
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * session cache store should be pluggable
48c0c81cd6fabac9d3386406d97633780365b839coar * init functions should return status code rather than ssl_die()
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * ssl_engine_pphrase.c needs to be reworked so it is generic enough
64ad864fa0f4493eebb181e393b40a8a90beccb9coar to also decrypt proxy keys
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * the shmcb code should just align its memory segment rather than
64ad864fa0f4493eebb181e393b40a8a90beccb9coar jumping through all the "safe" memcpy and memset hoops
64ad864fa0f4493eebb181e393b40a8a90beccb9coarEXPERIMENTAL MODULES:
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Experimental modules should eventually be be promoted to fully supported
48c0c81cd6fabac9d3386406d97633780365b839coar status or removed from the repository entirely (ie, the
64ad864fa0f4493eebb181e393b40a8a90beccb9coar 'experiment' failed). This section tracks what needs to happen to
64ad864fa0f4493eebb181e393b40a8a90beccb9coar get the modules promoted to fully supported status.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_cache: handle cache_control: no_cache "field_name" to enable
64ad864fa0f4493eebb181e393b40a8a90beccb9coar cacheing the response w/o header "field_name"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar See RFC2616 section 14.9.1
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_cache: Fix dependency on ATOMIC operators. Need
48c0c81cd6fabac9d3386406d97633780365b839coar APR_HAS_ATOMIC_* feature macros.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_disk_cache: Implement garbage collection
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_mem_cache/mod_disk_cache: Need to be able to query cache
64ad864fa0f4493eebb181e393b40a8a90beccb9coar status (num of entries, cache object properties, etc.).
64ad864fa0f4493eebb181e393b40a8a90beccb9coar mod_status could be extended to query optional hooks defined
64ad864fa0f4493eebb181e393b40a8a90beccb9coar by modules for the purpose of reporting module status.
48c0c81cd6fabac9d3386406d97633780365b839coar mod_cache (et. al.) could define optional hooks that are called
64ad864fa0f4493eebb181e393b40a8a90beccb9coar to collect status. Status should be queryable by
64ad864fa0f4493eebb181e393b40a8a90beccb9coar HTTP or SNMP?
48c0c81cd6fabac9d3386406d97633780365b839coar * Enable mod_cache/mod_mem_cache/mod_disk_cache to handle
64ad864fa0f4493eebb181e393b40a8a90beccb9coar multiviews
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_mem_cache/mod_disk_cache: Complete implementing config
48c0c81cd6fabac9d3386406d97633780365b839coar directives (mod_disk_cache: CacheExpiryCheck and GC directives
64ad864fa0f4493eebb181e393b40a8a90beccb9coar including CacheGc*, CacheSize, and, CacheTimeMargin)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar (mod_mem_cache: MCacheMaxObjectCount) and
64ad864fa0f4493eebb181e393b40a8a90beccb9coar (mod_cache: CacheForceCompletion).
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * implement cross-platform/cross-library TLS support
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * General stabilization and testing
64ad864fa0f4493eebb181e393b40a8a90beccb9coarPRs that have been suspended forever waiting for someone to
64ad864fa0f4493eebb181e393b40a8a90beccb9coarput them into 'the next release':
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * documentation and Q&A
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2221: Make online documentation search link back to my installation
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2906: Propose that Apache recommend $UNIQUE_ID for all "session id"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar algorithms
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2793: When will Apache support P3P? Any Plans?
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2113: HTTP Server Rebuild Line Needs Changing for the better
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2421: problem specifying ndbm library for build ?with autoconfigure
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#76: missing call to "setlocale();"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#628: Request of "Options SymLinksIfGroupMatch"
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#793: RLimitCPU and RLimitMEM don't apply to all children like they should
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#922: it is useful to allow specifiction that root-owned symlinks
64ad864fa0f4493eebb181e393b40a8a90beccb9coar should always be followed
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1028: DoS attacks involving memory consumption
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1191: setlogin() is not called, causing problems with e.g. identd
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1204: regerror() exists, use it
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2284: Can not POST to ErrorDocument - Apache/1.3b6
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2396: Proposal for TimeZone directive
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2446: AllowOverride FileInfo is too coarse
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2760: [PATCH] User/Group for <Directory> and <Location> i.e. not only
64ad864fa0f4493eebb181e393b40a8a90beccb9coar in global and <Virtual>.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2907: suggestion: power up your Include directive :)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#3018: cannot limit some HTTP methods
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#3677: New ErrorDocumentMatch directive
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#4244: "Files" and "FilesMatch" regexp does not recognize bang as
64ad864fa0f4493eebb181e393b40a8a90beccb9coar negation operator
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#5993: AllowOverride should have a 'CheckNone' and 'AllowNone' argument
64ad864fa0f4493eebb181e393b40a8a90beccb9coar instead of only 'None'
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_access
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#537: mod_access syntax allows hosts that should be restricted
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1287: add allow,deny/deny,allow warning to mod_access
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2512: <IfDenied> directive wanted
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_auth-any
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#557: ~UserHome directories are not honored in absolute pathname
64ad864fa0f4493eebb181e393b40a8a90beccb9coar requests (.htaccess)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1117: Using NIS passwd.byname dbm files with AuthDBMUserFile
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1809: Suggestion for improving authentication modules and core source
64ad864fa0f4493eebb181e393b40a8a90beccb9coar code, problem with 401 and ErrorDocument
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_autoindex
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1263: Add frame-safe anchor attribute to mod_autoindex links
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_cgi (and suexec)
48c0c81cd6fabac9d3386406d97633780365b839coar PR#921: suexec Uses cwd before filling it in, doesn't use syslog
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1176: Apache cannot handle continuation line in headers
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1120: suexec does not parse arguments to #exec cmd
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1268: CGI scripts running as Apache user: security (suexec etc.)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1285: Error messages could be easier to spot in cgi.log file for suexec.c
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1905: suexec - Allow modules to set user:group for execution.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#2360: suexec for general access of user content?
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2460: TimeOut applies to output of CGI scripts
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2573: CGI's for general use still have to be run as another user
64ad864fa0f4493eebb181e393b40a8a90beccb9coar with suExec
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#4241: Need to be able to override shebang line to make CGI scripts
64ad864fa0f4493eebb181e393b40a8a90beccb9coar more portable.
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#4490: mod_cgi prevents handling of OPTIONS requests
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#370: Modified PATH environemnt variable is not passed, instead
64ad864fa0f4493eebb181e393b40a8a90beccb9coar system's is used
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_headers
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1383: I make mod_headers to modify request headers as well as
64ad864fa0f4493eebb181e393b40a8a90beccb9coar response ones.
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1677: mod_headers should allow mod_log_config-style formats in
64ad864fa0f4493eebb181e393b40a8a90beccb9coar header values
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_imap
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#759: imap should read <MAP><AREA>*</MAP> too!
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_include
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#78: Additional status for XBitHack directive
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#623: A smarter "Last Modified" value for SSI documents (see PR number 600)
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1145: mod_include
64ad864fa0f4493eebb181e393b40a8a90beccb9coar Allow for Last-Modified: without resorting to XBitHack
48c0c81cd6fabac9d3386406d97633780365b839coar PR#1803: patches to mod_include to allow for file tests
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#4459: Suggestion for better handling of Last-modified headers
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_info
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2415: /server-info doesn't check for the virtual host to list the info
64ad864fa0f4493eebb181e393b40a8a90beccb9coar * mod_log-any
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1050: Logging of virtual server to error_log as well
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#1358: Selective url-encode of log fields (or maybe a pseudo
64ad864fa0f4493eebb181e393b40a8a90beccb9coar log_rewrite module?)
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#2073: pipelined connections are not logged correctly
48c0c81cd6fabac9d3386406d97633780365b839coar PR#4448: Please allow CGI env variables (QUERY_STRING, ...) to be logged
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_negotiation
64ad864fa0f4493eebb181e393b40a8a90beccb9coar PR#3191: no way to set global quality-of-source (qs) coneg values
64ad864fa0f4493eebb181e393b40a8a90beccb9coar with multiviews
48c0c81cd6fabac9d3386406d97633780365b839coar * mod_proxy
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#362: Mod_proxy doesn't allow change of error pages
b865b179e150aae40ff75e580dce6ec4b5294ebdfielding PR#440: Proxy doesn't deliver documents if not connected
d5defd5a0c5cdbaf74b85939484dc2b6c8317d19manoj PR#534: proxy converts ~name to %7Ename when name starts with a dot (.)
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#612: Proxy FTP Authentication Fails
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#700: Proxy doesn't do links right for OpenVMS files through ftp:
6758b07b4b79f898b0f56375016cea7da0bfb495wrowe PR#980: Controlling Access to Remote Proxies would be nice...
0bff2f28ef945280c17099c142126178a78e1e54manoj PR#994: Adding authentication "on the fly" through the proxy module
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein PR#1085: ProxyRemote make a dead cycle.
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein PR#1166: ``nph-'' not honored (no buffering) for ProxyRemote mapping
ec0315cdf832eac2b78e50ad636af84fe4c9118cgstein PR#1290: Need to know "hit-rate" on proxy cache
92d75991039fc1155961044d642816b4c0323687aaron PR#1532: Proxy transfer logging
92d75991039fc1155961044d642816b4c0323687aaron PR#1547: No HTTP_X_FORWARDED_FOR set...
ad7ca6367fa53c34a7897546210958f2c0f22a26rbb PR#1567: ProxyRemote proxy requests fail authentication by firewall
18fcb3eaebbdbc0c0a47e1d6b7c3a6c6819cdafajim PR#1702: mod_proxy to support persistent conns?
221bcff578860adfb42459b15e65e2962a208f8caaron PR#1878: listing of proxy cache content
7d3ea4f0d28dfd3d779bb77bd19f878b494a1171wrowe PR#2314: patterns in ProxyRemote
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#2648: Cache file names in Proxy module
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#3568: Accessing URL through proxy server corrupts data.
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#3605: Some anonymous FTP URLs ask for authentication
863ec32e13d6c9619414c48b51109f3dca99cbc6wrowe * mod_rewrite
863ec32e13d6c9619414c48b51109f3dca99cbc6wrowe PR#1582: mod_rewrite forms REQUEST_URI different than mod_cgi does
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#2074: mod_rewrite doesn't pass Proxy Throughput on internal subrequests
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj * mod_status
ae6907470ddf23ab7c6b506e6407cc5372f9c0dftrawick PR#2138: mod_status always displays 256 possible connection slots
ef7ff29d74b8684761de5758423f1cc5a49f48e3rbb PR#2343: Status module averages are for entire uptime
ef7ff29d74b8684761de5758423f1cc5a49f48e3rbb * apache-api
2a6c49cfaef5979a5a06098f3ce987cd76769409manoj PR#1004: request_config field in request_rec is moderately bogus
PR#2873: Feedback/Comment on APACI
PR#2431: A small addition to rotatelogs.c to improve program functionality.
PR#2889: Inclusion of RPM spec file in CVS/distributions
* orig_ct in the byterange/multipart handling may not be