STATUS revision 0cba3a63e59bfa77f67955cb4e034264ed6c5523
d0cd4568592f103a454ac647f4961af293f88f4ejimAPACHE 2.1 STATUS: -*-text-*-
ec79b29695b183f794264bbb578c51e93d1f9b1emartinLast modified at [$Date$]
c05a38095129d25a4ad10aa51584c774458fb089niqRelease [NOTE that only Alpha/Beta releases occur in 2.1 development]:
c05a38095129d25a4ad10aa51584c774458fb089niq 2.1.3 : in development
c05a38095129d25a4ad10aa51584c774458fb089niq 2.1.2 : Released on 12/08/2004 as alpha.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jim 2.1.1 : Released on 11/19/2004 as alpha.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jim 2.1.0 : not released.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jimPlease consult the following STATUS files for information
5fc20796e4b0474cf8b2383945687783de1d3632jimon related projects:
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpjContributors looking for a mission:
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpj * Just do an egrep on "TODO" or "XXX" in the source.
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpj * Review the "PatchAvailable" bugs in the bug database.
f85bcbc579bb47de4d3f7d72ccaacc8ad4525238gregames Append a comment saying "Reviewed and tested".
f85bcbc579bb47de4d3f7d72ccaacc8ad4525238gregames * Open bugs in the bug database.
ee508128c414648982d1cca7801f63b01a0a4f8aminfrinCURRENT RELEASE NOTES:
5d4512d8c3a70094ff3e941667007a42925f73e2jortonRELEASE SHOWSTOPPERS:
5d4512d8c3a70094ff3e941667007a42925f73e2jorton * Handling of non-trailing / config by non-default handler is broken
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton jerenkrantz asks: Why should this block a release?
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton * the edge connection filter cannot be removed
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
135402675e89e6df0e17735e48f428a1e1d8eb16pquerna jerenkrantz asks: Why should this block a release?
135402675e89e6df0e17735e48f428a1e1d8eb16pquernaCURRENT VOTES:
4233b18553d723a4e22d6126866f05e3d842f781covener a) httpd-std.conf should be tailored by install (from src or
4233b18553d723a4e22d6126866f05e3d842f781covener binbuild) even if user has existing httpd.conf
4233b18553d723a4e22d6126866f05e3d842f781covener +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley, jim, nd,
4233b18553d723a4e22d6126866f05e3d842f781covener wrowe - prefer httpd.default.conf to avoid ambiguity with cvs
c4313e35bed51fd5525e60333eb5d64021ab5057jerenkrantz b) tailored httpd-std.conf should be copied by install to
5b4d25005978c3667f44fbd5dcbd4cc34e9c714djerenkrantz c) tailored httpd-std.conf should be installed to
236675b0526bbf82edb9a34e9b10be56cc10b9cdjim +1: slive, trawick, Ken, nd (prefer the latter), erikabele
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe d) Installing a set of default config files when upgrading a server
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe doesn't make ANY sense at all.
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe +1: ianh - medium/big sites don't use 'standard config' anyway, as it
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe usually needs major customizations
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe -1: Ken, wrowe, jwoolley, jim, nd, erikabele
e5106092b7fae78cec4898042a78a10acccb4cacwrowe wrowe - diff is wonderful when comparing old/new default configs,
e5106092b7fae78cec4898042a78a10acccb4cacwrowe even for customized sites that ianh mentions
e5106092b7fae78cec4898042a78a10acccb4cacwrowe jim - ... assuming that the default configs have been updated
e5106092b7fae78cec4898042a78a10acccb4cacwrowe with the required inline docs to explain the
e5106092b7fae78cec4898042a78a10acccb4cacwrowe * If the parent process dies, should the remaining child processes
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton "gracefully" self-terminate. Or maybe we should make it a runtime
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton option, or have a concept of 2 parent processes (one being a
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton "hot spare").
81bd9331da3bd0f53255d52b1475480ff3a4b395trawick See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
81bd9331da3bd0f53255d52b1475480ff3a4b395trawick Self-destruct: Ken, Martin, Lars
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick Not self-destruct: BrianP, Ian, Cliff, BillS
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick /* The below was a concept on *how* to handle the problem */
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd Have 2 parents: +1: jim
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd -1: Justin, wrowe, rederpj, nd
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd +0: Lars, Martin (while standing by, could it do
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd something useful?)
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd * Make the worker MPM the default MPM for threaded Unix boxes.
421e0a5d1c49de76406f61e9abef271af2336c31rpluem +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd
421e0a5d1c49de76406f61e9abef271af2336c31rpluem +0: BrianP, Aaron (mutex contention is looking better with the
421e0a5d1c49de76406f61e9abef271af2336c31rpluem latest code, let's continue tuning and testing), rederpj, jim
108ebbb87b2a46f4416ec507824471a483c39fe1sctemme pquerna: Do we want to change this for 2.2?
bed7fc979e00a75f76ed79245f003b52e91d40abchrisdRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd * Patches submitted to the bug database:
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd * Filter stacks and subrequests, redirects and fast redirects.
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd There's at least one PR that suffers from the current unclean behaviour
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd (which lets the server send garbage): PR 17629
7abe34dd5a20fc8fde09dca9116b88e6ddfd55ddjorton nd says: Every subrequest should get its own filter stack with the
7abe34dd5a20fc8fde09dca9116b88e6ddfd55ddjorton subreq_core filter as bottom-most. That filter does two things:
7abe34dd5a20fc8fde09dca9116b88e6ddfd55ddjorton - swallow EOS buckets
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd - redirect the data stream to the upper request's (rr->main)
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd filter chain directly after the subrequest's starting
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd Once we have a clean solution, we can try to optimize
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd it, so that the server won't be slow down too much.
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd * RFC 2616 violations.
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd Closed PRs: 15857.
e4edb2d4252459327f6edd834de6825873e60134chrisd Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869,
e4edb2d4252459327f6edd834de6825873e60134chrisd 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137,
e4edb2d4252459327f6edd834de6825873e60134chrisd 16138, 16139, 16140, 16142, 16518, 16520, 16521,
e4edb2d4252459327f6edd834de6825873e60134chrisd jerenkrantz says: need to decide how many we need to backport and/or
e4edb2d4252459327f6edd834de6825873e60134chrisd if these rise to showstopper status.
e4edb2d4252459327f6edd834de6825873e60134chrisd wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
e4edb2d4252459327f6edd834de6825873e60134chrisd out of this list, without reviewing them individually.
111c8f806b790a72ad0244aae35252470662e10drpluem * There is a bug in how we sort some hooks, at least the pre-config
111c8f806b790a72ad0244aae35252470662e10drpluem hook. The first time we call the hooks, they are in the correct
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem order, but the second time, we don't sort them correctly. Currently,
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem the modules/http/config.m4 file has been renamed to
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem modules/http/config2.m4 to work around this problem, it should moved
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem back when this is fixed.
37b35c7feec8216b5119c0c083990cfe4e400769rpluem OtherBill offers that this is a SERIOUS problem. We do not sort
37b35c7feec8216b5119c0c083990cfe4e400769rpluem correctly by the ordering arguments passed to the register hook
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd functions. This was proven when I reordered the open_logs hook
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd to attempt to open the error logs prior to the access logs. Possibly
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd the entire sorting code needs to be refactored.
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem * pipes deadlock on all platforms with limited pipe buffers (e.g. both
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem Linux and Win32, as opposed to only Win32 on 1.3). The right solution
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem * All handlers should always send content down even if r->header_only
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem is set. If not, it means that the HEAD requests don't generate the
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem same headers as a GET which is wrong.
ab43b4a17b2ac31ccb1cf280be8c42a8a314cecbjorton * HP/UX 10.20: compile breakage in APR. Looks like it should be easy
ab43b4a17b2ac31ccb1cf280be8c42a8a314cecbjorton to fix, probably just some extraneous #include's that are fouling
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim things up.
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim Jeff: See my reply and patch in the PR (and previous commit to
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim stop using "pipe" as a field name). If patch is committed, we
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim should be okay. I'll wait to see if the user tests the patch.
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin Update by Jeff 20020722: I got an account on HP 10.20. It looks
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin like some of the APR thread detection is screwed up. If we find
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin pthread.h but we can't compile the pthread test program we still
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin think we can use threads. For that reason, the patch I posted
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin to the PR won't work as-is since a failed compile of the test
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin program means nothing.
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin * exec cmd and suexec arg-passing enhancements
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin Status: Patches proposed
50c06405bc48121db2913925549407fd3e79bcedmturk Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
50c06405bc48121db2913925549407fd3e79bcedmturk (see the "proc.patch" and "suexec-shell.patch" links in this message)
dec02391360e503cd3437d16bed765dc653b9de5minfrin * The 2.0.36 worker MPM graceless shutdown changes work but are
dec02391360e503cd3437d16bed765dc653b9de5minfrin a bit clunky on some platforms; eg, on Linux, the loop to
dec02391360e503cd3437d16bed765dc653b9de5minfrin join each worker thread seems to hang, and the parent ends up
dec02391360e503cd3437d16bed765dc653b9de5minfrin killing off the child with SIGKILL. But at least it shuts down.
1b27a3a26f18191db7ecb4d536cb121ba9520a8eniq * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
686ce4eade942e515b1725d0c9751da36b759a6ctrawick posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
686ce4eade942e515b1725d0c9751da36b759a6ctrawick * We do not properly substitute the prefix-variables in the configuration
1ce78cf71b5baaf2c1ab48e818cb1f2397df5010trawick scripts or generated-configs. (i.e. if sysconfdir is etc,
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd httpd-std.conf points to conf.)
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd * If any request gets through ap_process_request_internal() and is
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd scheduled to be served by the core handler, without a flag that this
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd r->filename was tested by dir/file_walk, we need to 500 at the very
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd end of the ap_process_request_internal() processing so sub_req-esters
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd know this request cannot be run. This provides authors of older
27b38d4191d5f638165e2a77ec6e6f567bd7784dniq modules better compatibility, while still improving the security and
27b38d4191d5f638165e2a77ec6e6f567bd7784dniq robustness of 2.0.
a87e2a23083aa62229307482afbb3b802a0c2105mturk Status: still need to decide where this goes, OtherBill comments...
a87e2a23083aa62229307482afbb3b802a0c2105mturk Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
a87e2a23083aa62229307482afbb3b802a0c2105mturk [Deleted comments regarding the ap_run_handler phase, as irrelevant
a87e2a23083aa62229307482afbb3b802a0c2105mturk as BillS points out that "common case will be caught in
a87e2a23083aa62229307482afbb3b802a0c2105mturk default_handler already (with the r->finfo.filetype == 0 check)"
a87e2a23083aa62229307482afbb3b802a0c2105mturk and the issue is detecting this -before- we try to run the req.]
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem gregames says: can this happen somehow without a broken module
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem being involved? If not, why waste cycles trying to defend against
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem potential broken modules? It seems futile.
e99dfd55d29a7b4209b814efc7270d0b74ccee74niq wrowe counters: no, it shouldn't happen unless the module is broken.
c3c8103039e36494987aff50451896459826a361rpluem But the right answer is to fail the request up-front in dir/file
e99dfd55d29a7b4209b814efc7270d0b74ccee74niq walk if the path was entirely invalid; and we can't do that either
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem how the Perchild MPM should be re-written. It hasn't worked
79d4b708d021714647aab8b138ae671ed24765cewrowe correctly since filters were added because it wasn't possible to
79d4b708d021714647aab8b138ae671ed24765cewrowe get the content that had already been written and the socket at
79d4b708d021714647aab8b138ae671ed24765cewrowe the same time. This mode lets us do that, so the MPM can be
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem * Can a static httpd be built reliably?
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem Message-ID: <20020207142751.T31582@clove.org>
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem * [Ken] Test suite failures:
15264721069299ec26493e21d56bf8ff7faf6f0drpluem o worker is also failing some of the 'cgi' subtests
15264721069299ec26493e21d56bf8ff7faf6f0drpluem (see <URL:http://Source-Zone.Org/Apache/regression/>):
15264721069299ec26493e21d56bf8ff7faf6f0drpluem Justin says: "Worker should be fine and passes httpd-test here.
11e1b16b907afb7de0678e28fe4849d9029e2df8rpluem I think it's a perl or a httpd-test problem."
25a81ea1bca1c89cda713c4d23660e487b1488a0rpluem * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
25a81ea1bca1c89cda713c4d23660e487b1488a0rpluem removed if possible.
48fa058fe468025347930610ac2473094fa0f4e4chrisd Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
48fa058fe468025347930610ac2473094fa0f4e4chrisd Jeff wonders if we still care about this. It is no longer an
48fa058fe468025347930610ac2473094fa0f4e4chrisd API issue but simply an extra trip through the brigade.
3ec4328f079d8867cc323155e59678ad9437914frooneg * The Add...Filter and Set...Filter directives do not allow the
3ec4328f079d8867cc323155e59678ad9437914frooneg administrator to order filters, beyond the order of filename (mime)
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd extensions. It isn't clear if Set...Filter(s) should be inserted
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd before or after the Add...Filter(s) which are ordered by sequence of
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd filename extensions. At minimum, some sort of +-[0-10] syntax seems
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd like a nice solution. See ROADMAP.
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd * Get perchild to work on platforms other than Linux. This
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd will require a portable mechanism to pass data and file/socket
cd59ac5e8f739afbdcd523c649550f7dce1709ceniq descriptors between vhost child groups. An API was proposed
db78659055df54243bca678c35bd2ce7e31a9237rooneg on dev@apr:
edf6757df85878dc8ce11fb3840ee4cde6de5b2frooneg Message-ID: <20020111115006.K1529@clove.org>
95817edd05387a5276f51fcd5db79fc21b89b55brooneg * Try to get libtool inter-library dependency code working on AIX.
95817edd05387a5276f51fcd5db79fc21b89b55brooneg Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
63689d77e084e36b8194fb6df5adfc0344965e01trawick Justin says: If we get it working on AIX, we can enable this
63689d77e084e36b8194fb6df5adfc0344965e01trawick on all platforms and clean up our build system
63689d77e084e36b8194fb6df5adfc0344965e01trawick Jeff says: I thought I tested a patch for you sometime in
5714cdd83e23557d801437daa5e3ab8ba78ae595jorton January that you were going to commit within a few
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes * Handling of %2f in URIs. Currently both 1.3 and 2.0
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes completely disallow %2f in the request URI path (see
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes ap_unescape_url() in util.c). It's permitted and passed
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes through in the query string, however. Roy says the
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem original reason for disallowing it, from five years ago,
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes was to protect CGI scripts that applied PATH_INFO to
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes a filesystem location and which might be tricked by
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes ..%2f..%2f(...). We *should* allow path-info of the
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes form 'http://foo.com/index.cgi/path/to/path%2finfo'.
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem Since we've revamped a lot of our processing of path
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes segments, it would be nice to allow this, or at least
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes allow it conditionally with a directive.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes OtherBill adds that %2f as the SECOND character of a multibyte
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem sequence causes the request to fail! This happens notably in
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes the ja-jis encoding.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes * FreeBSD, threads, and worker MPM. All seems to work fine
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes if you only have one worker process with many threads. Add
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes a second worker process and the accept lock seems to be
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes lost. This might be an APR issue with how it deals with
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes the child_init hook (i.e. the fcntl lock needs to be resynced).
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes More examination and analysis is required.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes Status: This has also been reported on Cygwin.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes FreeBSD 4.7 was reputed to have 'fixed' threads. Not.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes FreeBSD 5.2-RC is a confirmed fix w/either libkse or libthr.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes [libc_r, still the default, does not serve any pages w/worker;
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes so on FreeBSD 5.2, you must use libmap.conf (see man page).]
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem Work needs to be done to get APR to try to be knowledgable that
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem libkse/libthr are acceptable. Still not recommended for the
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem default since libc_r is still broken.
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem Message-ID: <3C2CC514.8EF3BED1@wapme-systems.de> (cygnus)
edc5389f50ce4153e6192740f3c7a188c8cf8d67niq * There is increasing demand from module writers for an API
edc5389f50ce4153e6192740f3c7a188c8cf8d67niq that will allow them to control the server � la apachectl.
6c05afd314b4ddd545d63b4ff5de822cc30eec79trawick Reasons include sole-function servers that need to die if
6c05afd314b4ddd545d63b4ff5de822cc30eec79trawick an external dependency (e.g., a database) fails, et cetera.
6c05afd314b4ddd545d63b4ff5de822cc30eec79trawick Perhaps something in the (ever more abused) scoreboard?
13cd67e9c1dacbd6b9f040bda337c725cedd98f3brianp On the other hand, we already have a pipe that goes between parent
a623efbff95aab78da9e030524b0fa69b054f6d0brianp and child for graceful shutdown events, along with an API that
a623efbff95aab78da9e030524b0fa69b054f6d0brianp can be used to send a message down that pipe. In threaded MPMs,
a623efbff95aab78da9e030524b0fa69b054f6d0brianp it is easy enough to make that one pipe be used for graceful
a623efbff95aab78da9e030524b0fa69b054f6d0brianp and graceless events, and it is also easy to open that pipe
a623efbff95aab78da9e030524b0fa69b054f6d0brianp to both parent and child for writing. Then we just need to
a623efbff95aab78da9e030524b0fa69b054f6d0brianp figure out how to do graceless on non-threaded MPMs.
0b4b04d8621478ba59f0a6ba2950ddc02ab92b58colm * Allow the DocumentRoot directive within <Location > scopes? This
0b4b04d8621478ba59f0a6ba2950ddc02ab92b58colm allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
2f1bb5376c5c4022383bb729679ca751dd75a2eabrianp by a <Directory /somepath/foo> to become simply
2f1bb5376c5c4022383bb729679ca751dd75a2eabrianp <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
ad862ab5716726a2d72a292ba1dfb29566c86153brianp and in-your-face.) DocumentRoot unset would be accepted [and would
ad862ab5716726a2d72a292ba1dfb29566c86153brianp not permit content to be served, only virtual resources such as
ad862ab5716726a2d72a292ba1dfb29566c86153brianp server-info or server-status.
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz This proposed change would _not_ depricate Alias.
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz striker: See the thread starting with Message-ID:
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
b38565306421ff53e9f7499bc728d6df5cec294dpquerna * Win32: Rotatelogs sometimes is not terminated when Apache
b38565306421ff53e9f7499bc728d6df5cec294dpquerna goes down hard. FirstBill was looking at possibly tracking the
b38565306421ff53e9f7499bc728d6df5cec294dpquerna child's-child processes in the parent process.
b38565306421ff53e9f7499bc728d6df5cec294dpquerna stoddard: Shared scoreboard might offer a good way for the parent
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe to keep track of 'other child' processes and whack them if the child
bf511f47b2f272119c064c682e87f74809fed0fbjim Other thoughts on walking the process chain using the NT kernel
bf511f47b2f272119c064c682e87f74809fed0fbjim have also been proposed on APR.
bf511f47b2f272119c064c682e87f74809fed0fbjim * Eliminate unnecessary creation of pipes in mod_cgid
bf511f47b2f272119c064c682e87f74809fed0fbjim * Combine log_child and piped_log_spawn. Clean up http_log.c.
96352b5caba97685f248e83585a58558ab61746cjim Common logging API.
96352b5caba97685f248e83585a58558ab61746cjim * Platforms that do not support fork (primarily Win32 and AS/400)
96352b5caba97685f248e83585a58558ab61746cjim Architect start-up code that avoids initializing all the modules
96352b5caba97685f248e83585a58558ab61746cjim in the parent process on platforms that do not support fork.
96352b5caba97685f248e83585a58558ab61746cjim * There are still a number of places in the code where we are
96352b5caba97685f248e83585a58558ab61746cjim losing error status (i.e. throwing away the error returned by a
96352b5caba97685f248e83585a58558ab61746cjim system call and replacing it with a generic error code)
211b32adc6bb57a312e7e8d089d177501767775ajim * Mass vhosting version of suEXEC.
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * All DBMs suffer from confusion in support/dbmmanage (perl script) since
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz the dbmmanage employs the first-matched dbm format. This is not
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz necessarily the library that Apache was built with. Aught to
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz rewrite dbmmanage upon installation to bin/ with the proper library
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz for predictable mod_auth_dbm administration.
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz Questions; htdbm exists, time to kill dbmmanage, or does it remain
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz useful as a perl dbm management example? If we keep it,
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz do we address the issue above?
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * Integrate mod_dav.
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz Some additional items remaining:
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz - case_preserved_filename stuff
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz (use the new canonical name stuff?)
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz - find a new home for ap_text(_header)
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz - is it possible to remove the DAV: namespace stuff from util_xml?
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz are a bit wonky. The function should probably be exposed as a utility
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem function (such as ap_translate_url2fs() or ap_validate_fs_url() or
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem something). Another approach would be a new hook phase after
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem "translate" which would allow the module to munge what the
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem translation has decided to do.
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem Status: Greg +1 (volunteers)
f1ca07dc17883c1a894300534a144ac15018a545rpluem * Explore use of a post-config hook for the code in http_main.c which
f1ca07dc17883c1a894300534a144ac15018a545rpluem calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
f1ca07dc17883c1a894300534a144ac15018a545rpluem ap_sort_hooks() [to reduce the logic in main()]
961e5ad9f2e71ceebb585d38a2b34c98dcf5fc50rpluem * read the config tree just once, and process N times (as necessary)
961e5ad9f2e71ceebb585d38a2b34c98dcf5fc50rpluem * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
9f4f51c3c7cad19cc4b40adf6780434553bd3c2bjorton * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
9f4f51c3c7cad19cc4b40adf6780434553bd3c2bjorton into a VirtualHost container) to 2.0.
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim * shift stuff to mod_core.h
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim * callers of ap_run_create_request() should check the return value
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim for failure (Doug volunteers)
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim * Win32: Get Apache working on Windows 95/98. The following work
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim (at least) needs to be done:
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim - Document warning that OSR2 is required (for Crypt functions, in
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim rand.c, at least.) This could be resolved with an SSL library, or
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim randomization in APR itself.
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim actually works) and add in a splash of Win9x service code.
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim * Fix the worker MPM to use POD to kill child processes instead
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim of ap_os_killpg, regardless of how they should die.
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick * Scoreboard structures could be changed in the future such that
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick proper alignment is not maintained, leading to segfaults on
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick some systems. Cliff posted a patch to deal with this issue but
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick later recanted. See this message to dev@apr.apache.org:
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
6a2a19c3a70c6e8f6bdce8e1dcde95bc5a591235jim * When sufficiently tested, the AllowEncodedSlashes/%2f patch
6a2a19c3a70c6e8f6bdce8e1dcde95bc5a591235jim needs to be backported to 2.0 and 1.3.
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick * APXS either needs to be fixed completely for use when apr is out of tree,
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick or it should drop query mode altogether, and we just grow an
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick httpd-config or similar arrangement.
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick To quote a discussion in STATUS earlier:
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe thommay: this doesn't fix all the problems with apxs and out of
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe tree apr/apr-util, but it's a good start. There's still the
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe query cases; but I'm beginning to think that in these cases
2cef392e45f74260035e7449fc95d032baa88084jim the app should be querying ap{r,u}-config directly
2cef392e45f74260035e7449fc95d032baa88084jim gstein: agreed. apxs should deprecate the -q flag
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wroweTODO ISSUES REMAINING IN MOD_SSL:
414d856f21668e07bcdcb8d050481796d84bda66trawick * In order to use a DSO version of mod_ssl we have to link with
414d856f21668e07bcdcb8d050481796d84bda66trawick -lssl and -lcrypto. A workaround is in place right now where the
414d856f21668e07bcdcb8d050481796d84bda66trawick entire EXTRA_LIBS macro is being appended to the objects list, but
414d856f21668e07bcdcb8d050481796d84bda66trawick this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
e4eeafb5814b5add53efc27debb231db37d34676jim autoconf function or come up with some other autoconf checks to
e4eeafb5814b5add53efc27debb231db37d34676jim search for libssl and libcrypto and properly add them to mod_ssl's
e4eeafb5814b5add53efc27debb231db37d34676jim link flags.
29828f49377897a874aec410f90eda4977c144a7rpluem * SSL renegotiations in combination with POST request
29828f49377897a874aec410f90eda4977c144a7rpluem * Port or dispose all code inside #if 0...#endif blocks that remain
29828f49377897a874aec410f90eda4977c144a7rpluem from the porting effort.
6c7aa683421c46525e71a166a5a5b637f902e6bbjim * Do we need SSL_set_read_ahead()?
cab76376671a3b885805a232b0fca9cd09763d6ejim * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
cab76376671a3b885805a232b0fca9cd09763d6ejim -in ssl_expr_comp() if SSLRequire is used in .htaccess
cab76376671a3b885805a232b0fca9cd09763d6ejim (ssl_expr_info is global)
57047462e24c25106ed3047dfa0f0673f0d6fc80trawick -is ssl_expr_eval() if there is an error
57047462e24c25106ed3047dfa0f0673f0d6fc80trawick (ssl_expr_error is global)
6584fe5dea4c3e48c28208482694e8b64e333790jim * SSLRequire directive (parsing of) leaks memory
6584fe5dea4c3e48c28208482694e8b64e333790jim * Diffie-Hellman-Parameters for temporary keys are hardcoded in
6584fe5dea4c3e48c28208482694e8b64e333790jim ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
554d13791e00914b9a752b05c3976d50dd27124ajim "it is suggested that keys be changed daily or every 500
554d13791e00914b9a752b05c3976d50dd27124ajim transactions, and more often if possible."
554d13791e00914b9a752b05c3976d50dd27124ajim * ssl_var_lookup could be rewritten to be MUCH faster
554d13791e00914b9a752b05c3976d50dd27124ajim * CRL callback should be pluggable
554d13791e00914b9a752b05c3976d50dd27124ajim * session cache store should be pluggable
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * init functions should return status code rather than ssl_die()
d247789737dad3168ec8c0aea51fcb9b87d371aajim * ssl_engine_pphrase.c needs to be reworked so it is generic enough
d247789737dad3168ec8c0aea51fcb9b87d371aajim to also decrypt proxy keys
d247789737dad3168ec8c0aea51fcb9b87d371aajim * the shmcb code should just align its memory segment rather than
8490276a0c949567788c47c37468eda0ca339d8etrawick jumping through all the "safe" memcpy and memset hoops
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * mod_proxy performance: when mod_proxy is configured to do proxy
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem gateway (aka reverse proxy), it would be nice to be able to reuse
569ddc923f6a9d4b9338c10ddf42d464f63232c9trawick connections to the backend servers. Now, connections to the
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe backend servers are taken down when the corresponding frontend
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe connection is taken down.
b87fe8021e886342fdf61b56ee23be46641900d1trawick * mod_proxy: Ability to run SSL over proxy gateway connections,
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem encrypting (or reencrypting) at the proxy.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * mod_proxy: Add capability of mod_proxy to load balance across
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem a farm of backend servers.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * mod_cache: Handle ESI tags.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * mod_cache: Resolve issue of how to cache page fragements (or perhaps
735cd88c825038eeac04c63c70282afbf936b798jim -if- we want to cache page fragements). Today, mod_cache/mod_mem_cache
735cd88c825038eeac04c63c70282afbf936b798jim will cache #include 'virtual' requests (but not #include 'file'
735cd88c825038eeac04c63c70282afbf936b798jim requests). This was accomplished by making CACHE_IN a
735cd88c825038eeac04c63c70282afbf936b798jim CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
735cd88c825038eeac04c63c70282afbf936b798jim filter. But now responses cannot be cached that include the
735cd88c825038eeac04c63c70282afbf936b798jim effects of having been run through CONTENT_SET filters
735cd88c825038eeac04c63c70282afbf936b798jim (mod_deflate, mod_expires, etc). We could rerun all the
735cd88c825038eeac04c63c70282afbf936b798jim CONTENT_SET filters on the cached response, but this will not
735cd88c825038eeac04c63c70282afbf936b798jim work in all cases. For example, mod_expires relies on installing
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim the EXPIRATION filter during fixups. Contents served out of
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim mod_cache (out of the quick_handler) bypass -all- the request
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim line server hooks (Ryan really hated this. It is great for
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim performance, but bad because of the complications listed above).
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim * mod_mem_cache: Consider adding a RevalidateTimeout directive to
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim specify time at which local cached content is to be revalidated
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim (ie, underlying file stat'ed to see if it has changed).
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim jerenkrantz says: Too slow. Get regexs away from speedy caches by
acdf89d84940eb9ae13389097e625cb08c62d452minfrin default. Introduce a new CacheEnableRegex if you want.
acdf89d84940eb9ae13389097e625cb08c62d452minfrin * mod_cache: Fix dependency on ATOMIC operators. Need
acdf89d84940eb9ae13389097e625cb08c62d452minfrin APR_HAS_ATOMIC_* feature macros.
acdf89d84940eb9ae13389097e625cb08c62d452minfrin jerenkrantz says: APR 1.0+ has some guaranteed form of atomics.
acdf89d84940eb9ae13389097e625cb08c62d452minfrin * mod_mem_cache/mod_disk_cache: Need to be able to query cache
acdf89d84940eb9ae13389097e625cb08c62d452minfrin status (num of entries, cache object properties, etc.).
acdf89d84940eb9ae13389097e625cb08c62d452minfrin mod_status could be extended to query optional hooks defined
acdf89d84940eb9ae13389097e625cb08c62d452minfrin by modules for the purpose of reporting module status.
acdf89d84940eb9ae13389097e625cb08c62d452minfrin mod_cache (et. al.) could define optional hooks that are called
acdf89d84940eb9ae13389097e625cb08c62d452minfrin to collect status. Status should be queryable by
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem HTTP or SNMP?
acdf89d84940eb9ae13389097e625cb08c62d452minfrin jerenkrantz says: Yawn. Who cares.
acdf89d84940eb9ae13389097e625cb08c62d452minfrinEXPERIMENTAL MODULES:
acdf89d84940eb9ae13389097e625cb08c62d452minfrin Experimental modules should eventually be be promoted to fully supported
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin status or removed from the repository entirely (ie, the
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin 'experiment' failed). This section tracks what needs to happen to
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin get the modules promoted to fully supported status.
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrinPRs that have been suspended forever waiting for someone to
cd6811891c9998e52e5e325f82f519dadbc82b39minfrinput them into 'the next release':
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * documentation and Q&A
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe PR#2221: Make online documentation search link back to my installation
e114df93a5d0da6e525a51eb1a29219d94d3eb3aminfrin PR#2906: Propose that Apache recommend $UNIQUE_ID for all "session id"
e114df93a5d0da6e525a51eb1a29219d94d3eb3aminfrin PR#2793: When will Apache support P3P? Any Plans?
e114df93a5d0da6e525a51eb1a29219d94d3eb3aminfrin PR#2113: HTTP Server Rebuild Line Needs Changing for the better
e6d97c844003fd0a04cbd26eb8f68c97fd62c587rpluem PR#2421: problem specifying ndbm library for build ?with autoconfigure
e6d97c844003fd0a04cbd26eb8f68c97fd62c587rpluem PR#76: missing call to "setlocale();"
686ce4eade942e515b1725d0c9751da36b759a6ctrawick PR#628: Request of "Options SymLinksIfGroupMatch"
686ce4eade942e515b1725d0c9751da36b759a6ctrawick PR#793: RLimitCPU and RLimitMEM don't apply to all children like they should
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem PR#922: it is useful to allow specifiction that root-owned symlinks
58c97901868722bc3b7833ac725a1d5658fa2920jim should always be followed
58c97901868722bc3b7833ac725a1d5658fa2920jim PR#1028: DoS attacks involving memory consumption
2cef392e45f74260035e7449fc95d032baa88084jim PR#1191: setlogin() is not called, causing problems with e.g. identd
2cef392e45f74260035e7449fc95d032baa88084jim PR#1204: regerror() exists, use it
2cef392e45f74260035e7449fc95d032baa88084jim PR#2284: Can not POST to ErrorDocument - Apache/1.3b6
5fb3861acae76b1e62571662d32a4312229bb926rpluem PR#2396: Proposal for TimeZone directive
5fb3861acae76b1e62571662d32a4312229bb926rpluem PR#2446: AllowOverride FileInfo is too coarse
e2d680c8e2d17df28e0b9f5919e651af74e7378frpluem PR#2760: [PATCH] User/Group for <Directory> and <Location> i.e. not only
e2d680c8e2d17df28e0b9f5919e651af74e7378frpluem in global and <Virtual>.
e2d680c8e2d17df28e0b9f5919e651af74e7378frpluem PR#2907: suggestion: power up your Include directive :)
e2d680c8e2d17df28e0b9f5919e651af74e7378frpluem PR#3018: cannot limit some HTTP methods
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem PR#3677: New ErrorDocumentMatch directive
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem PR#4244: "Files" and "FilesMatch" regexp does not recognize bang as
65acd2837c0c846f8d1f7d265bbc861f04e8a9c5niq negation operator
65acd2837c0c846f8d1f7d265bbc861f04e8a9c5niq PR#5993: AllowOverride should have a 'CheckNone' and 'AllowNone' argument
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem instead of only 'None'
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem * mod_access
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem PR#537: mod_access syntax allows hosts that should be restricted
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem PR#1287: add allow,deny/deny,allow warning to mod_access
4b4d33edc11ab08e8019d2c2557fea73b2fdbdb0trawick PR#2512: <IfDenied> directive wanted
4b4d33edc11ab08e8019d2c2557fea73b2fdbdb0trawick * mod_auth-any
4b4d33edc11ab08e8019d2c2557fea73b2fdbdb0trawick PR#557: ~UserHome directories are not honored in absolute pathname
4b4d33edc11ab08e8019d2c2557fea73b2fdbdb0trawick requests (.htaccess)
b5fca7531f2de1c6710b45ed4f4b6089fa5a06c0rpluem PR#1117: Using NIS passwd.byname dbm files with AuthDBMUserFile
a9e9e4d9b1e6bb081282f75bf450b7d7d5a1f581rpluem PR#1809: Suggestion for improving authentication modules and core source
a9e9e4d9b1e6bb081282f75bf450b7d7d5a1f581rpluem code, problem with 401 and ErrorDocument
a9e9e4d9b1e6bb081282f75bf450b7d7d5a1f581rpluem * mod_autoindex
a9e9e4d9b1e6bb081282f75bf450b7d7d5a1f581rpluem PR#1263: Add frame-safe anchor attribute to mod_autoindex links
a9e9e4d9b1e6bb081282f75bf450b7d7d5a1f581rpluem * mod_cgi (and suexec)
200fd0ce73d992a43b500ddfe94487a840bd56darpluem PR#921: suexec Uses cwd before filling it in, doesn't use syslog
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#1176: Apache cannot handle continuation line in headers
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#1120: suexec does not parse arguments to #exec cmd
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#1268: CGI scripts running as Apache user: security (suexec etc.)
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#1285: Error messages could be easier to spot in cgi.log file for suexec.c
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#1905: suexec - Allow modules to set user:group for execution.
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#2360: suexec for general access of user content?
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#2460: TimeOut applies to output of CGI scripts
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#2573: CGI's for general use still have to be run as another user
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem with suExec
0c5a6a11ce72ad41b14c755f4a2254e0c7b70245rpluem PR#4241: Need to be able to override shebang line to make CGI scripts
200fd0ce73d992a43b500ddfe94487a840bd56darpluem more portable.
200fd0ce73d992a43b500ddfe94487a840bd56darpluem PR#4490: mod_cgi prevents handling of OPTIONS requests
200fd0ce73d992a43b500ddfe94487a840bd56darpluem PR#370: Modified PATH environemnt variable is not passed, instead
200fd0ce73d992a43b500ddfe94487a840bd56darpluem system's is used
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem * mod_headers
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem PR#1383: I make mod_headers to modify request headers as well as
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem response ones.
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem PR#1677: mod_headers should allow mod_log_config-style formats in
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem header values
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem PR#759: imap should read <MAP><AREA>*</MAP> too!
c9ce3d3ead2ba4ea6f5bb176745172f3538aed60rpluem * mod_include
c9ce3d3ead2ba4ea6f5bb176745172f3538aed60rpluem PR#78: Additional status for XBitHack directive
c9ce3d3ead2ba4ea6f5bb176745172f3538aed60rpluem PR#623: A smarter "Last Modified" value for SSI documents (see PR number 600)
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem PR#1145: mod_include
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem Allow for Last-Modified: without resorting to XBitHack
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem PR#1803: patches to mod_include to allow for file tests
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem PR#4459: Suggestion for better handling of Last-modified headers
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem * mod_log-any
0deb1a75b17945f30e56e81b851a2a2ab08af50drpluem PR#1050: Logging of virtual server to error_log as well
0919d062982a9c9d2f4a8933ef54ccba2dd2b8f8rpluem PR#1358: Selective url-encode of log fields (or maybe a pseudo
8e72243380282ce619a2c6bce8f8359b8d95306fjim log_rewrite module?)
98179b7bdc84db9364cb774bf2fc9c511622c3ffjim PR#2073: pipelined connections are not logged correctly
98179b7bdc84db9364cb774bf2fc9c511622c3ffjim PR#4448: Please allow CGI env variables (QUERY_STRING, ...) to be logged
317b1987e48bbdbfe8b1dcccdcf5cd6c10a26436jim * mod_negotiation
317b1987e48bbdbfe8b1dcccdcf5cd6c10a26436jim PR#3191: no way to set global quality-of-source (qs) coneg values
317b1987e48bbdbfe8b1dcccdcf5cd6c10a26436jim with multiviews
317b1987e48bbdbfe8b1dcccdcf5cd6c10a26436jim * mod_proxy
317b1987e48bbdbfe8b1dcccdcf5cd6c10a26436jim PR#362: Mod_proxy doesn't allow change of error pages
b9ebc87040e76abda075c91317cd0e1a7c9810e4trawick PR#440: Proxy doesn't deliver documents if not connected
b9ebc87040e76abda075c91317cd0e1a7c9810e4trawick PR#534: proxy converts ~name to %7Ename when name starts with a dot (.)
dc681b5cee49eb24c3ae8d6f50c4c9c9c05faa52rpluem PR#612: Proxy FTP Authentication Fails
2c3721611cc8d1ebd87b152e7d933a6dec23b3dcwrowe PR#700: Proxy doesn't do links right for OpenVMS files through ftp:
2c3721611cc8d1ebd87b152e7d933a6dec23b3dcwrowe PR#980: Controlling Access to Remote Proxies would be nice...
2c3721611cc8d1ebd87b152e7d933a6dec23b3dcwrowe PR#994: Adding authentication "on the fly" through the proxy module
cbb903af5066589fe0e73f3ecf06abdc71e38effrpluem PR#1085: ProxyRemote make a dead cycle.
cbb903af5066589fe0e73f3ecf06abdc71e38effrpluem PR#1166: ``nph-'' not honored (no buffering) for ProxyRemote mapping
cbb903af5066589fe0e73f3ecf06abdc71e38effrpluem PR#1290: Need to know "hit-rate" on proxy cache
cbb903af5066589fe0e73f3ecf06abdc71e38effrpluem PR#1532: Proxy transfer logging
cbb903af5066589fe0e73f3ecf06abdc71e38effrpluem PR#1547: No HTTP_X_FORWARDED_FOR set...
c0bcd91f17456a06ce290005aab0d1e360482ea5rpluem PR#1567: ProxyRemote proxy requests fail authentication by firewall
941fcca87a4607a388e88cff3fd0cdefc29bb81cjerenkrantz PR#1702: mod_proxy to support persistent conns?
d05d20b9ae48c6768f40277a76ed198d30aed06ajim PR#1878: listing of proxy cache content
d05d20b9ae48c6768f40277a76ed198d30aed06ajim PR#2314: patterns in ProxyRemote
f6316e220101e5d4d99d82aab75ca7d668870942rpluem PR#2648: Cache file names in Proxy module
c83edb2f6bafd5f7013cd6bad78753a1e0c5fbe6jim PR#3568: Accessing URL through proxy server corrupts data.
c83edb2f6bafd5f7013cd6bad78753a1e0c5fbe6jim PR#3605: Some anonymous FTP URLs ask for authentication
3aeb30211790fef38a8297f990b7ad3b2c46ece9colm * mod_rewrite
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim PR#1582: mod_rewrite forms REQUEST_URI different than mod_cgi does
cfa64348224b66dd1c9979b809406c4d15b1c137fielding PR#2074: mod_rewrite doesn't pass Proxy Throughput on internal subrequests
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim * mod_status
74499a117b3b2cd9666715a14f90c0e5d1a4ee8ajim PR#2138: mod_status always displays 256 possible connection slots
cfa64348224b66dd1c9979b809406c4d15b1c137fielding PR#2343: Status module averages are for entire uptime
PR#2873: Feedback/Comment on APACI
PR#2431: A small addition to rotatelogs.c to improve program functionality.
PR#2889: Inclusion of RPM spec file in CVS/distributions
* orig_ct in the byterange/multipart handling may not be