0N/AAPACHE 2.0 STATUS: -*-text-*-
0N/ALast modified at [$Date: 2001/03/25 19:19:44 $]
0N/A 2.0.14 : rolled March 7, 2000
0N/A scheduled for release March 10, 2000
0N/A 2.0a9 : released December 12, 2000
0N/A 2.0a8 : released November 20, 2000
0N/A 2.0a7 : released October 8, 2000
0N/A 2.0a6 : released August 18, 2000
0N/A 2.0a5 : released August 4, 2000
0N/A 2.0a4 : released June 7, 2000
0N/A 2.0a3 : released April 28, 2000
0N/A 2.0a2 : released March 31, 2000
0N/A 2.0a1 : released March 10, 2000
0N/ADAEDALUS 2.0 PROBLEMS:
0N/A * access log entries are sometimes split (multiple lines)
0N/A seems to be related to FrontPage
and/or WebDAV enabled clients
0N/A Status: Jeff and Greg have an assert trap ready which checks
0N/A for multiple \n's in a log record
0N/A * mod_cgid and suexec have a problem co-existing. suexec sees a null
0N/A command string sometimes.
0N/ARELEASE SHOWSTOPPERS:
0N/A * Generic Hooks are absolutely wrong in linkage, they are declared as
0N/A exported from APU, but actually exported from modules. This needs
0N/A heavy fixup, which Bill will do on the plane tommorow. The actual
0N/A 'Apache' declaration is in Apache's files, with the 'explicit linkage'
0N/A flavor in apr-util. (Unless you folks will finally buckle and accept
0N/A the linkspec in hook declarations. I'm not holding my breath.)
0N/A Status: patch brought forward from 1.3.14
0N/A WIN32 and OS2 need review [William Rowe, Brian Harvard]
0N/A * Win32: Enable the Windows MPM to honor max_requests_per_child
0N/A Status: FirstBill will fix this?
0N/A * Win32: Get Apache working on Windows 95/98. The following work
0N/A (at least) needs to be done:
0N/A - winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT
0N/A specific code that is still not in NT only code paths
0N/A - IOL binds to APR sendfile, implemented with TransmitFile, which
0N/A is not available on 95/98.
0N/A - Document warning that OSR2 is required (for Crypt functions, in
0N/A * Win32: Test access logging with multiple threads. Will the
0N/A native file I/O calls serialize automagically like the
0N/A CRT calls or do we need to add region locking each time
0N/A * Win32: Complete the revamp the service environment and relocation
0N/A into the WinNT MPM. Changes ServerRoot service registry
0N/A parameter into ConfigArgs for multiple service startup parameters.
0N/A signals are not being acknowledged. Close window and shutdown
0N/A also seem out of sorts.
0N/A OtherBill is working on this and will finish over the weekend.
0N/A * We need a thread-safe resolver, at least on Unix.
0N/A Status: The best known candidate would be something from
0N/A Status: Greg asks, "why? doesn't gethostbyname_r() handle this?"
0N/A * The AddInputFilter and AddOutputFilter directives do not allow the
0N/A administrator to remove or reorder filters. Once a filter is added
0N/A in a container, it is present in any subcontainers. It can only be
0N/A added to the filter chain after any filters specified in enclosing
0N/A * remove the --disable-shared from the subdir config of APR(UTIL)
0N/A before the final release. (in fact, it might even be nice to
0N/A Note: we need to do a "make install" for APR(UTIL) so the shared
0N/A libraries can be installed properly. We could also use that
0N/A point to install include files (rather than have Apache
0N/A know everything that needs to be installed from the
0N/A sub-packages). The original impetus for doing the
0N/A disable-shared was because the shared lib wasn't getting
0N/A installed and a "make clean" in aprutil would make Apache
0N/A * users who want to install third-party modules into the Apache
0N/A source tree (for static linking) need to have autoconf and
0N/A libtool installed. This is because the module needs to have its
0N/A config.m4 incorporated into ./configure, which means "buildconf"
0N/A Note: This is in part because we have removed the "extra" directory.
0N/A In the Apache-2.0 repository, this directory had a
config.m4 0N/A file that allowed people to add external modules by
0N/A specifying --with-module on the configure line.
0N/A * ap_vrprintf() needs to handle more than 4K
0N/A Status: Greg volunteers
0N/A * mod_dir should normally redirect ALL directory requests which do
0N/A not include a trailing slash on the URI. However, if a "notes"
0N/A flag is set (say, via BrowserMatch), this behavior will be
0N/A disabled for non-GET requests.
0N/A Status: Greg volunteers
0N/A MsgId: <20010227104646.E2297@lyra.org>
0N/A MsgId: <3A9C0097.9C83F07C@Golux.Com>
0N/ARELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
0N/A * mod_status ExtendedStatus SS (seconds since last request) is
0N/A bogus because of an uninitialized field in the scoreboard.
0N/A Status: Cliff is working on this
0N/A will allow us to error out if a threaded MPM is chosen on a
0N/A platform that doesn't support threads.
0N/A * Document mod_file_cache.
0N/A * OS/2: Get loadable modules working again. Requires shared core support
0N/A which doesn't appear to be catered for in the current build system.
0N/A * OS/2: Make mod_status work for spmt_os2 MPM.
0N/A * Win32: Enable the winnt MPM to use the new scoreboard API
0N/A * Win32: Win9x console window still won't play nice with the
0N/A close window, logoff and shutdown scenarios.
0N/A Status: OtherBill will move the patch forward from 1.3.15, once we
0N/A get our other Win9x issues solved.
0N/A * Win32: Add a simple hold console open patch (wait for close or
0N/A the ESC key, with a nice message) if the server died a bad
0N/A death (non-zero exit code) in console mode.
0N/A Status: OtherBill is bringing forward same ugly hack from 1.3.13
0N/A * Platforms that do not support fork (primarily Win32 and AS/400)
0N/A Architect start-up code that avoids initializing all the modules
0N/A in the parent process on platforms that do not support fork.
0N/A would eliminate some code in the Win32 branch that essentially
0N/A duplicates what is in APR.
0N/A * There are still a number of places in the code where we are
0N/A losing error status (
i.e. throwing away the error returned by a
0N/A system call and replacing it with a generic error code)
0N/A * Win32: Implement reliable piped logs on Windows
0N/A * Mass vhosting version of suEXEC.
0N/A the dbmmanage employs the first-matched dbm format. This is not
0N/A necessarily the library that Apache was built with. Aught to
0N/A rewrite dbmmanage upon installation to bin/ with the proper library
0N/A * use apu_dbm in mod_auth_dbm
0N/A Status: Greg +1 (low-priority volunteer)
0N/A * Integrate mod_dav.
0N/A Some additional items remaining:
0N/A - case_preserved_filename stuff
0N/A (use the new canonical name stuff?)
0N/A - find a new home for ap_text(_header)
0N/A - is it possible to remove the DAV: namespace stuff from util_xml?
0N/A * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
0N/A are a bit wonky. The function should probably be exposed as a utility
0N/A function (such as ap_translate_url2fs() or ap_validate_fs_url() or
0N/A something). Another approach would be a new hook phase after
0N/A "translate" which would allow the module to munge what the
0N/A translation has decided to do.
0N/A Status: Greg +1 (volunteers), Ryan +1
0N/A calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
0N/A ap_sort_hooks() [to reduce the logic in main()]
0N/A * read the config tree just once, and process N times (as necessary)
0N/A * (possibly) use UUIDs in mod_unique_id
and/or mod_usertrack
0N/A * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
0N/A into a VirtualHost container) to 2.0.
0N/A * the LTFLAGS = -export-dynamic in the
config.m4 is wrong. it is getting
0N/A added multiple times during the config process. The -export-dynamic
0N/A building Apache modules).
0N/A * APR-ize resolver stuff in mod_unique_id (Jeff volunteers)
0N/A * callers of ap_run_create_request() should check the return value
0N/A for failure (Doug volunteers)
0N/APRs that have been suspended forever waiting for someone to
0N/Aput them into 'the next release':
0N/A missing call to "setlocale();"
0N/A * PR#78: mod_include
0N/A Additional status for XBitHack directive
0N/A Questionable performace of mod_dir() with negotiation
0N/A Mod_proxy doesn't allow change of error pages
0N/A Modified PATH environemnt variable is not passed, instead
0N/A Proxy doesn't deliver documents if not connected
0N/A proxy converts ~name to %7Ename when name starts with a dot (.)
0N/A * PR#537: mod_access
0N/A mod_access syntax allows hosts that should be restricted
0N/A * PR#557: mod_auth-any
0N/A ~UserHome directories are not honored in absolute pathname
0N/A requests (.htaccess)
0N/A * PR#573: mod_log-any
0N/A More LogFormat directives
0N/A Proxy FTP Authentication Fails
0N/A * PR#623: mod_include
0N/A A smarter "Last Modified" value for SSI documents (see PR number 600)
0N/A Request of "Options SymLinksIfGroupMatch"
0N/A * PR#697: mod_include
0N/A A security tweak I've been using for a few years for SSI
0N/A Proxy doesn't do links right for OpenVMS files through ftp:
0N/A imap should read <MAP><AREA>*</MAP> too!
0N/A RLimitCPU and RLimitMEM don't apply to all children like they should
0N/A Uses cwd before filling it in, doesn't use syslog
0N/A it is useful to allow specifiction that root-owned symlinks
0N/A should always be followed
0N/A Controlling Access to Remote Proxies would be nice...
0N/A Adding authentication "on the fly" through the proxy module
0N/A * PR#1004: apache-api
0N/A request_config field in request_rec is moderately bogus
0N/A DoS attacks involving memory consumption
0N/A * PR#1050: mod_log-any
0N/A Logging of virtual server to error_log as well
0N/A * PR#1085: mod_proxy
0N/A ProxyRemote make a dead cycle.
0N/A * PR#1117: mod_auth-any
0N/A suexec does not parse arguments to #exec cmd
0N/A * PR#1145: mod_include
0N/A Allow for Last-Modified: without resorting to XBitHack
0N/A insufficent AllowOverrides granularity for autoindexing
0N/A * PR#1158: apache-api
0N/A improvements to child spawning API
0N/A * PR#1166: mod_proxy
0N/A ``nph-'' not honored (no buffering) for ProxyRemote mapping
0N/A Apache cannot handle continuation line in headers
0N/A setlogin() is not called, causing problems with
e.g. identd
0N/A regerror() exists, use it
0N/A * PR#1233: apache-api
0N/A there is no way to keep per-connection per-module state
0N/A Add frame-safe anchor attribute to mod_autoindex links
0N/A CGI scripts running as Apache user: security (suexec etc.)
0N/A * PR#1287: mod_access
0N/A * PR#1290: mod_proxy
0N/A Need to know "hit-rate" on proxy cache
0N/A * PR#1358: mod_log-any
0N/A Selective url-encode of log fields (or maybe a pseudo
0N/A log_rewrite module?)
0N/A * PR#1383: mod_headers
0N/A I make mod_headers to modify request headers as well as
0N/A * PR#1532: mod_proxy
0N/A Proxy transfer logging
0N/A * PR#1547: mod_proxy
0N/A No HTTP_X_FORWARDED_FOR set...
0N/A * PR#1567: mod_proxy
0N/A ProxyRemote proxy requests fail authentication by firewall
0N/A * PR#1574: mod_autoindex
0N/A ReadmeName and HeaderName don't allow for server-parsed html.
0N/A * PR#1582: mod_rewrite
0N/A mod_rewrite forms REQUEST_URI different than mod_cgi does
0N/A * PR#1677: mod_headers
0N/A mod_headers should allow mod_log_config-style formats in
0N/A * PR#1702: mod_proxy
0N/A mod_proxy to support persistent conns?
0N/A * PR#1803: mod_include
0N/A patches to mod_include to allow for file tests
0N/A * PR#1809: mod_auth-any
0N/A Suggestion for improving authentication modules and core source
0N/A code, problem with 401 and ErrorDocument
0N/A * PR#1855: mod_autoindex
0N/A More Control over autoindex layout
0N/A * PR#1878: mod_proxy
0N/A listing of proxy cache content
0N/A Allow modules to set user:group for execution.
0N/A * PR#2024: apache-api
0N/A adding auth_why to conn_rec
0N/A * PR#2073: mod_log-any
0N/A pipelined connections are not logged correctly
0N/A * PR#2074: mod_rewrite
0N/A mod_rewrite doesn't pass Proxy Throughput on internal subrequests
0N/A HTTP Server Rebuild Line Needs Changing for the better
0N/A * PR#2138: mod_status
0N/A mod_status always displays 256 possible connection slots
0N/A * PR#2221: documentation
0N/A Make online documentation search link back to my installation
0N/A Can not POST to ErrorDocument - Apache/1.3b6
0N/A * PR#2314: mod_proxy
0N/A patterns in ProxyRemote
0N/A * PR#2343: mod_status
0N/A Status module averages are for entire uptime
0N/A suexec for general access of user content?
0N/A Proposal for TimeZone directive
0N/A /server-info doesn't check for the virtual host to list the info
0N/A problem specifying ndbm library for build ?with autoconfigure
0N/A AllowOverride FileInfo is too coarse
0N/A TimeOut applies to output of CGI scripts
0N/A * PR#2512: mod_access
0N/A <IfDenied> directive wanted
0N/A CGI's for general use still have to be run as another user
0N/A Cache file names in Proxy module
0N/A in global and <Virtual>.
0N/A mailto tags and bundling bug report script
0N/A * PR#2772: mod_log-any
0N/A Support for System Resource Controller
0N/A When will Apache support P3P? Any Plans?
0N/A Propose that Apache recommend $UNIQUE_ID for all "session id"
0N/A suggestion: power up your Include directive :)
0N/A cannot limit some HTTP methods
0N/A * PR#3026: mod_autoindex
0N/A * PR#3143: apache-api
0N/A No module specific data hook for per-connection data
0N/A Configuration file in Japanese
0N/A * PR#3191: mod_negotiation
0N/A no way to set global quality-of-source (qs) coneg values
0N/A * PR#3430: mod_negotiation
0N/A Enhancement: MultiViews, Multi-Language Documents
0N/A * PR#3568: mod_proxy
0N/A Accessing URL through proxy server corrupts data.
0N/A * PR#3594: os-windows
0N/A Please add an Apache icon to the systray instead of a DOS window
0N/A * PR#3605: mod_proxy
0N/A Some anonymous FTP URLs ask for authentication
0N/A * PR#3654: mod_autoindex
0N/A BORDER=0 makes Icons look nicer (FancyIndexing)
0N/A New ErrorDocumentMatch directive
0N/A * PR#4180: os-windows
0N/A Alternative for win95 users
0N/A Need to be able to override shebang line to make CGI scripts
0N/A "Files" and "FilesMatch" regexp does not recognize bang as
0N/A * PR#4448: mod_log-any
0N/A Please allow CGI env variables (QUERY_STRING, ...) to be logged
0N/A * PR#4459: mod_include
0N/A Suggestion for better handling of Last-modified headers
0N/A mod_cgi prevents handling of OPTIONS requests
0N/A * PR#4520: mod_autoindex
0N/A mod_autoindex does not generate Last-Modified response headers
0N/A * PR#4658: os-windows
0N/A The output of CGI scripts appears in the window that apache
0N/A * PR#5713: os-windows
0N/A [PATCH] install as service with domain account
0N/A AllowOverride should have a 'CheckNone' and 'AllowNone' argument
0N/A instead of only 'None'
0N/A Status: Waiting for IANA types to be defined
0N/AOther bugs that need fixing:
0N/A * MaxRequestsPerChild measures connections, not requests.
0N/A Until someone has a better way, we'll probably just rename it
0N/A "MaxConnectionsPerChild".
0N/A * Regex containers don't work in an intutive way
0N/A Status: No one has come up with an efficient way to fix this
0N/A behavior. Dean has suggested getting rid of regex containers
0N/A * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
0N/A sigwaiting thread. We need to work around this, perhaps unless
0N/A there is hope soon for a fixed glibc.
0N/A needed. Apache 1.3 just never stashed "multipart" into
0N/A r->content_type. We should probably follow suit since the
0N/A byterange stuff doesn't want the rest of the code to see the
0N/A multipart content-type; the other code should still think it is
0N/A dealing with the <orig_ct> stuff.
0N/A Status: Greg volunteers to investigate (esp. since he was most
0N/A likely the one to break it :-)
0N/AOther features that need writing:
0N/A * Finish infrastructure in core for async MPMs
0N/A * TODO in source -- just do an egrep on "TODO" and see what's there
0N/ADocumentation that needs writing:
0N/A * Mod_status docs are needed.
0N/A * The concept of MPMs, especially if we ship more than one MPM for a
0N/A * New directives in the various MPMs and appropriate links from
0N/A Status: Ben Laurie has written some hooks documentation
0N/A * Changes since 1.3.9 can be more easily seen in the commitlog file
0N/A which includes some of Roy's comments when the changes were
0N/A committed in rough change-sets by purpose. Note that the commitlog
0N/A does not show the contents of new files until later.
0N/A * Jon Travis's <jtravis@covalent.net> patch to deal with thread-safe
0N/A issues with inet_ntoa. See message <20001201163220.A12827@covalent.net>
0N/A Status: This is being set aside until the IPv6 work is finished
0N/A so that we know exactly what is required.
0N/A * Martin Sojka <msojka@gmx.de>'s patch to add error reporting for failed
0N/A htpasswd actions due to a full /tmp volume (other programs may have
0N/A * Mike Abbott's <mja@trudge.engr.sgi.com> patches to improve
0N/A Status: These were written for 1.3, and are awaiting a port to
0N/A * Jim Winstead's <jimw@trainedmonkey.com> patch to add CookieDomain and
0N/A other small mod_usertrack features
0N/A * Dan Rench's <drench@xnet.com> patch to add allow the errmsg and timefmt
0N/A of SSI's to be modified in the config file. Patch is available in
0N/A * What do we do about mod_proxy?
0N/A * Which MPMs will be included with Apache 2.0?