1516N/AAPACHE 2.0 STATUS: -*-text-*-
19N/ALast modified at [$Date: 2001/11/16 19:24:27 $]
19N/A 2.0.28 : rolled November 12, 2001
19N/A 2.0.27 : rolled November 6, 2001
19N/A 2.0.26 : tagged October 16, 2001. not rolled.
19N/A 2.0.25 : rolled August 29, 2001
19N/A 2.0.24 : rolled August 18, 2001
19N/A 2.0.23 : rolled August 9, 2001
19N/A 2.0.22 : rolled July 29, 2001
19N/A 2.0.21 : rolled July 20, 2001
19N/A 2.0.20 : rolled July 8, 2001
19N/A 2.0.19 : rolled June 27, 2001
19N/A 2.0.18 : rolled May 18, 2001
19N/A 2.0.17 : rolled April 17, 2001
19N/A 2.0.16 : rolled April 4, 2001
19N/A 2.0.15 : rolled March 21, 2001
19N/A 2.0.14 : rolled March 7, 2001
19N/A 2.0a9 : released December 12, 2000
926N/A 2.0a8 : released November 20, 2000
3158N/A 2.0a7 : released October 8, 2000
926N/A 2.0a6 : released August 18, 2000
19N/A 2.0a5 : released August 4, 2000
2339N/A 2.0a4 : released June 7, 2000
1771N/A 2.0a3 : released April 28, 2000
2452N/A 2.0a2 : released March 31, 2000
2453N/A 2.0a1 : released March 10, 2000
1549N/APlease consult the following STATUS files for information
838N/A * If any request gets to the core handler, without a flag that this
45N/A end of the ap_process_request_internal() processing. This provides
479N/A authors of older modules better compatibility, while still improving
1710N/A the security and robustness of 2.0.
1431N/A Status: still need to decide where this goes, OtherBill comments...
1431N/A Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
1431N/A we need to look at halting this in the 'default handler' case,
1755N/A and that implies pushing the 'handler election' into the request
1352N/A internal processing phase from the run request phase.
2135N/A * There is a bug in how we sort some hooks, at least the pre-config
1191N/A hook. The first time we call the hooks, they are in the correct
1191N/A order, but the second time, we don't sort them correctly. Currently,
2339N/A back when this is fixed. rbb
1191N/A administrator to order filters, beyond the order of filename (mime)
2097N/A Some sort of resolution needs to be proposed,
307N/A * mod_negotiation needs a new option or directive, something like
2043N/A ForceLanguagePriority, to fall back to the LanguagePriority
1191N/A directive instead of returning a "no acceptable variant" error.
2453N/A Status: Bill has some code in his tree that accomplishes
1191N/A this, and will commit it Friday after it's tested.
2339N/A * Usability: Sanitize the MPM config directives. MaxClients in
1191N/A the threaded MPM is totally misleading now as it has little to
1352N/A do with limiting the number of clients (it limits the number
2310N/A of child processes). Bill proposed nomenclature change to
539N/A something like "StartWorkers, MaxWorkers, etc." that could
104N/A apply to most all the MPMs (with some notable exceptions).
1328N/A Bill would be happy with changing MaxClients to MaxServers
926N/A to make it agree with the operation of the StartServers
19N/A * revamp the input filter semantics, per discussions since
26N/A February (and especially at the hackathon last
30N/A April). Specifically, ap_get_brigade will return a brigade with
26N/A *up to* a specific number of bytes, or a "line" of data. The
1352N/A read may be blocking or nonblocking. ap_getline() will be
419N/A refactored into apr_brigade_getline(), and then DECHUNK can use
19N/A f->next (ap_getline will always read "top of input stack"). Also
19N/A fix the bug where request body content will end up closing the
19N/A connection (buggering up persistent conns).
19N/A Status: Justin is working on this as fast as he can.
19N/A The core input filters, HTTP-related filters, mod_ssl, and
19N/A mod_proxy are switched to the new logic.
19N/A However, ap_getline() still needs to be refactored out. But,
19N/A there's a problem there: ap_getline() peeks ahead for MIME
19N/A continuation (first character on line is space or \t) and
19N/A stores unused data in core_request_config which violates the
19N/A abstraction. That's cheating. So, we may not be able to
19N/A implement this without setting some data aside (yuck!).
19N/A I believe this is OtherBill's main complaint with the current
19N/A AIUI (correct me if I'm wrong!), OtherBill believes we
26N/A should have a pushback option so that we can return unread
19N/A data - this would solve this case. However, my question to
19N/A him is how do we handle stuff like mod_ssl - we can't "unread"
19N/A data. So, do we have two brigades for each filter? An in
19N/A brigade and a returned brigade? That seems messy. To
26N/A everyone else, can we refactor ap_getline() without pushback
2144N/A - socket bucket and core input filter changes. see end of
2144N/A message ID (Feb 27): <20010227075326.S2297@lyra.org>
26N/A - fix up ap_get_brigade() semantics, fix bug in DECHUNK /
2144N/A Message-ID: <20010402101207.J27539@lyra.org>
1352N/A Message-ID: <3AF7F921.D2EEC41A@algroup.co.uk>
1352N/A Message-ID: <20010508190029.E18404@lyra.org>
2768N/A Message-ID: <20010509115445.D1374@lyra.org>
2092N/A - thoughts on filter modes:
2158N/A Message-ID: <021b01c14dee$09782af0$93c0b0d0@roweclan.net>
2339N/A * Fold mod_auth_db features back into mod_auth_dbm, and depricate it.
1370N/A This can't wait until we have a 2.0-gold release, if folks need
1370N/A to move over to auth_dbm, we can't do that to them after 2.0 gold.
1370N/A * Convert all instances of the old apr_lock_t type to the new
1370N/A types (once they are fully supported in APR).
2144N/A Status: Aaron is working on converting INTRAPROCESS
2219N/A to apr_thread_mutex_t types. Full replacements for
2219N/A LOCKALL and CROSS_PROCESS are not yet complete on all
2219N/A platforms, and should only be used in MPMs like worker
2219N/ARELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
2339N/A * Source code should follow style guidelines.
2339N/A This shouldn't wait until we have a 2.0-gold release because
2339N/A then style corrections will conflict with bug fixes found after
2339N/A * Allow the DocumentRoot directive within <Location > scopes? This
2339N/A and in-your-face.) DocumentRoot unset would be accepted [and would
2339N/A not permit content to be served, only virtual resources such as
2339N/A server-info or server-status.
2339N/A This proposed change would _not_ depricate Alias.
2339N/A +1: Greg, Justin, ben, Ken, Jeff, Bill, Ian
2339N/A 0: Cliff (there's now another candidate to be evaluated)
2339N/A 0: Jim, Aaron (premature decision at present, IMO)
2144N/A * daedalus: mod_cgid and suexec have a problem co-existing. suexec
2144N/A sees a null command string sometimes. The problem happens when
2144N/A * Win32: Rotatelogs sometimes is not terminated when Apache
2144N/A goes down hard. FirstBill was looking at possibly tracking the
2144N/A child's-child processes in the parent process.
2488N/A OtherBill asks, wasn't this fixed?
2488N/A * Win32: Add a simple hold console open patch (wait for close or
1710N/A the ESC key, with a nice message) if the server died a bad
2097N/A death (non-zero exit code) in console mode.
1352N/A Resolution: bring forward same ugly hacks from 1.3.13-.20
1352N/A * Port of mod_ssl to Apache 2.0:
2073N/A (2) Enabling the various SSL caching mechanisms (shmcb, shmht)
2144N/A (3) Enabling SSL extentions
2073N/A (4) Trying to seperate the https filter logic from mod_ssl -
2073N/A This is to facilitate other modules that wish to use the https
2073N/A filter or the mod_ssl logic or both as required.
2073N/A Justin: mod_ssl filter logic is redone, so that should be fine.
2073N/A Madhu has submitted a patch for SSL caching - however, I
2073N/A am -0 on that patch as I *think* we could implement the
2148N/A shared memory another way that is much cleaner (
i.e. 2148N/A treat shmem directly as a dbm via APR routines). Justin
2148N/A also thinks that the https filter logic may be sufficiently
2148N/A decoupled now, but isn't really sure.
2043N/A * Performance: Get the SINGLE_LISTEN_UNSERIALIZED_ACCEPT
2026N/A optimization working in threaded. prefork's new design for how
2026N/A to notice data on the pod should be sufficient.
1370N/A * Performance & Debug: Eliminate most (and perhaps all) of the
2105N/A light weight memory management functions that allow freeing
2105N/A memory (putting it back into a memory pool) when it is no
2003N/A longer needed. Enabling simple debugging features like guard
2003N/A bands, double free detection, etc. would be cool but certainly
2003N/A Status: Cliff started to implement this using SMS as has
2003N/A been discussed at length for months, but since
2003N/A SMS is not being used anywhere else in the server,
2003N/A several people expressed the opinion that we should
2228N/A get rid of it entirely, meaning that the buckets
2228N/A need their own memory management (free list) functions.
2228N/A Cliff will implement that this weekend so we at least
2228N/A * Eliminate unnecessary creation of pipes in mod_cgid
2228N/A * the autoconf setup should be fixed to default to using the
2608N/A in a layout should be overridable on the command line. Plus,
2608N/A what we do right now just doesn't seem to fully fit into how autoconf
2608N/A works, eg. AC_PREFIX_DEFAULT issues.
2310N/A Message-ID: <Pine.BSF.4.20.0104031557420.20876-100000@alive.znep.com>
2339N/A * OS/2: Make mod_status work for spmt_os2 MPM.
1370N/A * Platforms that do not support fork (primarily Win32 and AS/400)
1370N/A Architect start-up code that avoids initializing all the modules
1370N/A in the parent process on platforms that do not support fork.
2373N/A would eliminate some code in the Win32 branch that essentially
2373N/A * There are still a number of places in the code where we are
2373N/A losing error status (
i.e. throwing away the error returned by a
2373N/A system call and replacing it with a generic error code)
2373N/A * Mass vhosting version of suEXEC.
2097N/A the dbmmanage employs the first-matched dbm format. This is not
429N/A necessarily the library that Apache was built with. Aught to
674N/A rewrite dbmmanage upon installation to bin/ with the proper library
926N/A Status: Mladen Turk has posted several patches and ideas.
674N/A Key question, part of htpasswd, or a seperate utility?
1431N/A * use apu_dbm in mod_auth_dbm
1431N/A Status: Greg +1 (low-priority volunteer)
1431N/A Justin says: "Seems like this is already there, so should we just
1431N/A remove the other DBM code in that file? If you want
1431N/A to use gdbm, or dbm, etc, you should tell apr-util."
1431N/A Will says: "bs - I may choose the fastest - most efficient native
1463N/A dbm implementation, for shared proc caches, ssl session
1463N/A caching, etc, but that has nothing to do with maintaining
1463N/A a userlist via dbm, which has to remain readable between
2144N/A for apr-util would let us do this with just apr, though."
2144N/A Some additional items remaining:
2144N/A - case_preserved_filename stuff
1463N/A (use the new canonical name stuff?)
1463N/A - find a new home for ap_text(_header)
2219N/A - is it possible to remove the DAV: namespace stuff from util_xml?
2488N/A * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
2488N/A are a bit wonky. The function should probably be exposed as a utility
2488N/A function (such as ap_translate_url2fs() or ap_validate_fs_url() or
2488N/A something). Another approach would be a new hook phase after
2488N/A "translate" which would allow the module to munge what the
2488N/A translation has decided to do.
2488N/A Status: Greg +1 (volunteers), Ryan +1
2488N/A calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
2488N/A ap_sort_hooks() [to reduce the logic in main()]
2488N/A * read the config tree just once, and process N times (as necessary)
2488N/A * (possibly) use UUIDs in mod_unique_id
and/or mod_usertrack
2488N/A * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
2488N/A into a VirtualHost container) to 2.0.
1710N/A * APR-ize resolver stuff in mod_unique_id (Jeff volunteers)
2488N/A * callers of ap_run_create_request() should check the return value
2026N/A for failure (Doug volunteers)
2026N/A * when a Unix MPM bails out due to an initialization error in the
2097N/A detached process (
e.g., mutex init failure, pthread_create failure),
2097N/A other children (cgid, at least) are left hanging around
2026N/A * Win32: Get Apache working on Windows 95/98. The following work
2026N/A (at least) needs to be done:
2026N/A - winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT
2026N/A specific code that is still not in NT only code paths
2026N/A - IOL binds to APR sendfile, implemented with TransmitFile, which
2488N/A - Document warning that OSR2 is required (for Crypt functions, in
2488N/A rand.c, at least.) This could be resolved with an SSL library, or
2488N/A randomization in APR itself.
2026N/A actually works) and add in a splash of Win9x service code.
2144N/A * In order to use a DSO version of mod_ssl we have to link with
2092N/A -lssl and -lcrypto. A workaround is in place right now where the
2097N/A entire EXTRA_LIBS macro is being appended to the objects list, but
2092N/A this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
2092N/A autoconf function or come up with some other autoconf checks to
2092N/A search for libssl and libcrypto and properly add them to mod_ssl's
2092N/A +1: Ryan, Justin, Jeff, Ian, Aaron
2073N/A * Make the worker MPM the default MPM for threaded Unix boxes.
3158N/A -0: Aaron (premature decision, needs more discussion)
3158N/APRs that have been suspended forever waiting for someone to
2026N/Aput them into 'the next release':
2092N/A missing call to "setlocale();"
2610N/A Additional status for XBitHack directive
2610N/A Mod_proxy doesn't allow change of error pages
2610N/A Modified PATH environemnt variable is not passed, instead
2092N/A Proxy doesn't deliver documents if not connected
2026N/A proxy converts ~name to %7Ename when name starts with a dot (.)
2610N/A mod_access syntax allows hosts that should be restricted
3158N/A ~UserHome directories are not honored in absolute pathname
2488N/A Proxy FTP Authentication Fails
2610N/A A smarter "Last Modified" value for SSI documents (see PR number 600)
1710N/A Request of "Options SymLinksIfGroupMatch"
2154N/A Proxy doesn't do links right for OpenVMS files through ftp:
1710N/A imap should read <MAP><AREA>*</MAP> too!
2154N/A RLimitCPU and RLimitMEM don't apply to all children like they should
1710N/A Uses cwd before filling it in, doesn't use syslog
2141N/A it is useful to allow specifiction that root-owned symlinks
1710N/A Controlling Access to Remote Proxies would be nice...
1710N/A Adding authentication "on the fly" through the proxy module
2043N/A request_config field in request_rec is moderately bogus
1710N/A DoS attacks involving memory consumption
1710N/A Logging of virtual server to error_log as well
1710N/A ProxyRemote make a dead cycle.
1710N/A suexec does not parse arguments to #exec cmd
1710N/A Allow for Last-Modified: without resorting to XBitHack
1710N/A improvements to child spawning API
2043N/A ``nph-'' not honored (no buffering) for ProxyRemote mapping
2043N/A Apache cannot handle continuation line in headers
1710N/A setlogin() is not called, causing problems with
e.g. identd
1710N/A there is no way to keep per-connection per-module state
1710N/A Add frame-safe anchor attribute to mod_autoindex links
2043N/A CGI scripts running as Apache user: security (suexec etc.)
2144N/A Need to know "hit-rate" on proxy cache
2144N/A Selective url-encode of log fields (or maybe a pseudo
2144N/A I make mod_headers to modify request headers as well as
2144N/A No HTTP_X_FORWARDED_FOR set...
2144N/A ProxyRemote proxy requests fail authentication by firewall
926N/A mod_rewrite forms REQUEST_URI different than mod_cgi does
561N/A mod_headers should allow mod_log_config-style formats in
289N/A mod_proxy to support persistent conns?
2158N/A patches to mod_include to allow for file tests
561N/A * PR#1809: mod_auth-any
2073N/A Suggestion for improving authentication modules and core source
561N/A code, problem with 401 and ErrorDocument
26N/A * PR#1878: mod_proxy
26N/A listing of proxy cache content
26N/A Allow modules to set user:group for execution.
289N/A adding auth_why to conn_rec
26N/A pipelined connections are not logged correctly
2144N/A mod_rewrite doesn't pass Proxy Throughput on internal subrequests
104N/A HTTP Server Rebuild Line Needs Changing for the better
2144N/A mod_status always displays 256 possible connection slots
2144N/A Make online documentation search link back to my installation
2144N/A Can not POST to ErrorDocument - Apache/1.3b6
2310N/A Status module averages are for entire uptime
2433N/A suexec for general access of user content?
2433N/A Proposal for TimeZone directive
2433N/A /server-info doesn't check for the virtual host to list the info
2433N/A problem specifying ndbm library for build ?with autoconfigure
2433N/A AllowOverride FileInfo is too coarse
2433N/A TimeOut applies to output of CGI scripts
2962N/A <IfDenied> directive wanted
2962N/A CGI's for general use still have to be run as another user
2433N/A Cache file names in Proxy module
2433N/A mailto tags and bundling bug report script
2433N/A Support for System Resource Controller
2433N/A When will Apache support P3P? Any Plans?
2433N/A Propose that Apache recommend $UNIQUE_ID for all "session id"
2433N/A suggestion: power up your Include directive :)
2433N/A cannot limit some HTTP methods
2433N/A No module specific data hook for per-connection data
2433N/A no way to set global quality-of-source (qs) coneg values
2433N/A Accessing URL through proxy server corrupts data.
2433N/A Some anonymous FTP URLs ask for authentication
551N/A New ErrorDocumentMatch directive
2433N/A Need to be able to override shebang line to make CGI scripts
2678N/A "Files" and "FilesMatch" regexp does not recognize bang as
2678N/A Please allow CGI env variables (QUERY_STRING, ...) to be logged
2335N/A Suggestion for better handling of Last-modified headers
2335N/A mod_cgi prevents handling of OPTIONS requests
2330N/A [PATCH] install as win32 service with domain account
2144N/A AllowOverride should have a 'CheckNone' and 'AllowNone' argument
2144N/AOther bugs that need fixing:
2144N/A * MaxRequestsPerChild measures connections, not requests.
2144N/A Until someone has a better way, we'll probably just rename it
2144N/A * Regex containers don't work in an intutive way
2144N/A Status: No one has come up with an efficient way to fix this
2144N/A behavior. Dean has suggested getting rid of regex containers
2144N/A * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a
2144N/A sigwaiting thread. We need to work around this, perhaps unless
2144N/A there is hope soon for a fixed glibc.
2183N/A needed. Apache 1.3 just never stashed "multipart" into
2144N/A r->content_type. We should probably follow suit since the
2144N/A byterange stuff doesn't want the rest of the code to see the
2144N/A multipart content-type; the other code should still think it is
2144N/A dealing with the <orig_ct> stuff.
2144N/A Status: Greg volunteers to investigate (esp. since he was most
1352N/A likely the one to break it :-)
1352N/AOther features that need writing:
29N/A * Finish infrastructure in core for async MPMs
2144N/A * TODO in source -- just do an egrep on "TODO" and see what's there
2339N/A * Jon Travis's <jtravis@covalent.net> patch to deal with thread-safe
2339N/A issues with inet_ntoa. See message <20001201163220.A12827@covalent.net>
2339N/A Status: This is being set aside until the IPv6 work is finished
2339N/A so that we know exactly what is required.
3158N/A * Martin Sojka <msojka@gmx.de>'s patch to add error reporting for failed
2339N/A htpasswd actions due to a full /tmp volume (other programs may have
22N/A * Mike Abbott's <mja@trudge.engr.sgi.com> patches to improve
993N/A Status: These were written for 1.3, and are awaiting a port to
2330N/A * Jim Winstead's <jimw@trainedmonkey.com> patch to add CookieDomain and
2330N/A other small mod_usertrack features
2339N/A * Dan Rench's <drench@xnet.com> patch to add allow the errmsg and timefmt
2488N/A of SSI's to be modified in the config file. Patch is available in
2488N/A * Which MPMs will be included with Apache 2.0?