STATUS revision 415bb21f281e9b4f905d5893fede9165bdf1491b
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabeleAPACHE 2.3 STATUS: -*-text-*-
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabeleLast modified at [$Date$]
4ab980a06412fd86f52a6d054fb7e26de155c530erikabeleThe current version of this file can be found at:
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
96ad5d81ee4a2cc66a4ae19893efc8aa6d06fae7jailletcDocumentation status is maintained seperately and can be found at:
5a58787efeb02a1c3f06569d019ad81fd2efa06end * docs/STATUS in this source tree, or
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowenConsult the following STATUS files for information on related projects:
5a58787efeb02a1c3f06569d019ad81fd2efa06end * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS
3f08db06526d6901aa08c110b5bc7dde6bc39905ndPatches considered for backport are noted in their branches' STATUS:
5a58787efeb02a1c3f06569d019ad81fd2efa06end * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
5a58787efeb02a1c3f06569d019ad81fd2efa06end * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
5e740829c3448285963d3882530669f0112cf690gryzorRelease history:
aee1f193a276866212922ae5072e3014db28582frpluem [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung while x.{even}.z versions are Stable/GA releases.]
3b3b7fc78d1f5bfc2769903375050048ff41ff26nd 2.3.15 : In development.
aee1f193a276866212922ae5072e3014db28582frpluem 2.3.14 : Tagged on August 1, 2011.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele 2.3.13 : Tagged on June 28, 2011, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.12 : Tagged on May 11, 2011. Released May 23, 2011.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.11 : Released as Beta on March 7, 2011.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive 2.3.10 : Tagged on December 13, 2010. Released Dec 21, 2010.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.9 : Tagged on November 23, 2010, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.8 : Tagged on August 24, 2010.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.7 : Tagged on August 19, 2010, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.6 : Released on June 21, 2010.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.5 : Released on January 26, 2010.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.4 : Released on December 8, 2009.
df321386f1d9ed17a3e5e6468807996a12890d50gryzor 2.3.3 : Tagged on November 11, 2009, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.2 : Tagged on March 23, 2009, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.1 : Tagged on January 2, 2009, not released.
5a58787efeb02a1c3f06569d019ad81fd2efa06end 2.3.0 : Tagged on December 6, 2008, not released.
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedoohContributors looking for a mission:
5a58787efeb02a1c3f06569d019ad81fd2efa06end * Just do an egrep on "TODO" or "XXX" in the source.
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive * Review the bug database at: http://issues.apache.org/bugzilla/
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive * Review the "PatchAvailable" bugs in the bug database:
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive After testing, you can append a comment saying "Reviewed and tested".
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive * Open bugs in the bug database.
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive * See also the STATUS file in the docs/ directory, which lists documentation-specific TODO items.
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817sliveCURRENT RELEASE NOTES:
5a58787efeb02a1c3f06569d019ad81fd2efa06end Jim proposes another beta release the end of March, another in
5a58787efeb02a1c3f06569d019ad81fd2efa06end April with a goal towards GA in May (at the latest). Jim volunteers
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive to RM these.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8sliveRELEASE SHOWSTOPPERS:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive * Modules that are not ready for production use must be removed.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive The same for modules without documentation.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive Candidates:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive - MPM simple
c6f41bc69d643835804e7e831776d3d46c6f5962slive - mod_serf (which is optimal for async httpd anyways)
c6f41bc69d643835804e7e831776d3d46c6f5962slive * The mod_session* modules need to be checked that their hooks respect
c6f41bc69d643835804e7e831776d3d46c6f5962slive the returning of int (HTTP status codes) and apr_status_t as appropriate,
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem and any anomolies fixed.
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem jim sez: from what I can see, mod_session* is no worse that other
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive modules that mix these 2 types... clean up is
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive forthcoming but should not be considered a blocker, imo
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive pgollucci: +1 jim
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive wrowe asks: what's the API change required?
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive wrowe asks; why are we shipping this if it requires apr_ssl
263168fdb45221efa79580de89bdde883b7561f7sf * mod_ssl's proxy support only allows one proxy client certificate per
263168fdb45221efa79580de89bdde883b7561f7sf frontend virtual host. Lift this restriction.
263168fdb45221efa79580de89bdde883b7561f7sf jim sez: Why a blocker?, pgollucci +1 jim
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive wrowe asks: what's the API change required?
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem * INCLUDE mod_fcgid with 2.4.0, esp to help php users etc to enjoy
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem a painless event mpm experience.
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem * Decouple from apr_ldap to ease the transition to apr-2.0
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem OLD ISSUES THAT WERE THOUGHT TO BE SHOWSTOPPERS FOR 2.2 BUT OBVIOUSLY WEREN'T:
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem * Handling of non-trailing / config by non-default handler is broken
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
bf380c59be3f235bde21f1c00098e09e3cf7e7aerpluem jerenkrantz asks: Why should this block a release?
c6f41bc69d643835804e7e831776d3d46c6f5962slive wsanchez agrees: this may be a change in behavior, but isn't
aee1f193a276866212922ae5072e3014db28582frpluem clearly wrong, and even if so, it doesn't seem like a
c6f41bc69d643835804e7e831776d3d46c6f5962slive showstopper.
06d77ae37da42a6f8bbea25b7d7f8b6629245629slive * the edge connection filter cannot be removed
c6f41bc69d643835804e7e831776d3d46c6f5962slive http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
c6f41bc69d643835804e7e831776d3d46c6f5962slive jerenkrantz asks: Why should this block a release?
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive stas replies: because it requires a rewrite of the filters stack
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive implementation (you have suggested that) and once 2.2 is
c6f41bc69d643835804e7e831776d3d46c6f5962slive released you can't do that anymore.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive pgollucci: this affects mod_perl I'm pretty sure.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8sliveCURRENT VOTES:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive * Name the Server (version 2.4 or 3.0, depending on the final call)
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive Recent discussion indicates we should designate a (short name).
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive This is not yet a [Vote] - Your nominations please:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive * Apache HTTP Server (httpd)
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive +1: sctemme (why mess with it?), pgollucci
4ee3ac9c23e31f43d39414f4072f1b1456e43ff8igalicRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive * Clean up all the kruft and *extremely* outdated stuff below...
aee1f193a276866212922ae5072e3014db28582frpluem * Maybe remove Limit/LimitExcept or at least make it log warnings when
4ee3ac9c23e31f43d39414f4072f1b1456e43ff8igalic * Sort out modules selections for most/all/reallyall. Maybe rename
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive all -> most, reallyall -> all, and remove the old 'most'.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive * Patches submitted to the bug database:
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
aee1f193a276866212922ae5072e3014db28582frpluem * Filter stacks and subrequests, redirects and fast redirects.
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive There's at least one PR that suffers from the current unclean behaviour
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive (which lets the server send garbage): PR 17629
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive nd says: Every subrequest should get its own filter stack with the
aa8cf57195dfb7fa3d0baedf81f8be377946cea8slive subreq_core filter as bottom-most. That filter does two things:
5a58787efeb02a1c3f06569d019ad81fd2efa06end - swallow EOS buckets
aee1f193a276866212922ae5072e3014db28582frpluem - redirect the data stream to the upper request's (rr->main)
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele filter chain directly after the subrequest's starting
aee1f193a276866212922ae5072e3014db28582frpluem Once we have a clean solution, we can try to optimize
650ba5bfc49e73bf370f3cff32d3cdca004a2861rbowen it, so that the server won't be slow down too much.
aee1f193a276866212922ae5072e3014db28582frpluem * RFC 2616 violations.
aee1f193a276866212922ae5072e3014db28582frpluem Closed PRs: 15852, 15857, 15859, 15861, 15864, 15869, 15870, 16120,
aee1f193a276866212922ae5072e3014db28582frpluem 16125, 16135, 16136, 16137, 16138, 16139, 16140, 16518,
aee1f193a276866212922ae5072e3014db28582frpluem 16520, 49825
aee1f193a276866212922ae5072e3014db28582frpluem Open PRs: 15865, 15866, 15868, 16126, 16133, 16142, 16521, 42978
aee1f193a276866212922ae5072e3014db28582frpluem jerenkrantz says: need to decide how many we need to backport and/or
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele if these rise to showstopper status.
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele out of this list, without reviewing them individually.
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele * pipes deadlock on all platforms with limited pipe buffers (e.g. both
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele Linux and Win32, as opposed to only Win32 on 1.3). The right solution
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
aee1f193a276866212922ae5072e3014db28582frpluem * All handlers should always send content down even if r->header_only
aee1f193a276866212922ae5072e3014db28582frpluem is set. If not, it means that the HEAD requests don't generate the
aee1f193a276866212922ae5072e3014db28582frpluem same headers as a GET which is wrong.
aee1f193a276866212922ae5072e3014db28582frpluem * exec cmd and suexec arg-passing enhancements
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele Status: Patches proposed
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele (see the "proc.patch" and "suexec-shell.patch" links in this message)
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * The 2.0.36 worker MPM graceless shutdown changes work but are
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele a bit clunky on some platforms; eg, on Linux, the loop to
aee1f193a276866212922ae5072e3014db28582frpluem join each worker thread seems to hang, and the parent ends up
aee1f193a276866212922ae5072e3014db28582frpluem killing off the child with SIGKILL. But at least it shuts down.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele chrisd: Has this been fixed by the changes for PR 38737?
aee1f193a276866212922ae5072e3014db28582frpluem * We do not properly substitute the prefix-variables in the configuration
aee1f193a276866212922ae5072e3014db28582frpluem scripts or generated-configs. (i.e. if sysconfdir is etc,
9bcfc3697a91b5215893a7d0206865b13fc72148nd httpd-std.conf points to conf.)
9bcfc3697a91b5215893a7d0206865b13fc72148nd * If any request gets through ap_process_request_internal() and is
aee1f193a276866212922ae5072e3014db28582frpluem scheduled to be served by the core handler, without a flag that this
aee1f193a276866212922ae5072e3014db28582frpluem r->filename was tested by dir/file_walk, we need to 500 at the very
aee1f193a276866212922ae5072e3014db28582frpluem end of the ap_process_request_internal() processing so sub_req-esters
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele know this request cannot be run. This provides authors of older
aee1f193a276866212922ae5072e3014db28582frpluem modules better compatibility, while still improving the security and
5a58787efeb02a1c3f06569d019ad81fd2efa06end robustness of 2.0.
5a58787efeb02a1c3f06569d019ad81fd2efa06end Status: still need to decide where this goes, OtherBill comments...
aee1f193a276866212922ae5072e3014db28582frpluem Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele [Deleted comments regarding the ap_run_handler phase, as irrelevant
aee1f193a276866212922ae5072e3014db28582frpluem as BillS points out that "common case will be caught in
aee1f193a276866212922ae5072e3014db28582frpluem default_handler already (with the r->finfo.filetype == 0 check)"
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele and the issue is detecting this -before- we try to run the req.]
aee1f193a276866212922ae5072e3014db28582frpluem gregames says: can this happen somehow without a broken module
aee1f193a276866212922ae5072e3014db28582frpluem being involved? If not, why waste cycles trying to defend against
aee1f193a276866212922ae5072e3014db28582frpluem potential broken modules? It seems futile.
aee1f193a276866212922ae5072e3014db28582frpluem wrowe counters: no, it shouldn't happen unless the module is broken.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele But the right answer is to fail the request up-front in dir/file
aee1f193a276866212922ae5072e3014db28582frpluem walk if the path was entirely invalid; and we can't do that either
aee1f193a276866212922ae5072e3014db28582frpluem UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
aee1f193a276866212922ae5072e3014db28582frpluem * Can a static httpd be built reliably?
aee1f193a276866212922ae5072e3014db28582frpluem Message-ID: <20020207142751.T31582@clove.org>
aee1f193a276866212922ae5072e3014db28582frpluem * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
aee1f193a276866212922ae5072e3014db28582frpluem removed if possible.
aee1f193a276866212922ae5072e3014db28582frpluem <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
aee1f193a276866212922ae5072e3014db28582frpluem Jeff wonders if we still care about this. It is no longer an
aee1f193a276866212922ae5072e3014db28582frpluem API issue but simply an extra trip through the brigade.
aee1f193a276866212922ae5072e3014db28582frpluem * Try to get libtool inter-library dependency code working on AIX.
aee1f193a276866212922ae5072e3014db28582frpluem Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
aee1f193a276866212922ae5072e3014db28582frpluem Justin says: If we get it working on AIX, we can enable this
aee1f193a276866212922ae5072e3014db28582frpluem on all platforms and clean up our build system somewhat.
aee1f193a276866212922ae5072e3014db28582frpluem Jeff says: I thought I tested a patch for you sometime in
aee1f193a276866212922ae5072e3014db28582frpluem January that you were going to commit within a few days.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * Handling of %2f in URIs. Currently both 1.3 and 2.0
aee1f193a276866212922ae5072e3014db28582frpluem completely disallow %2f in the request URI path (see
aee1f193a276866212922ae5072e3014db28582frpluem ap_unescape_url() in util.c). It's permitted and passed
aee1f193a276866212922ae5072e3014db28582frpluem through in the query string, however. Roy says the
aee1f193a276866212922ae5072e3014db28582frpluem original reason for disallowing it, from five years ago,
5a58787efeb02a1c3f06569d019ad81fd2efa06end was to protect CGI scripts that applied PATH_INFO to
5a58787efeb02a1c3f06569d019ad81fd2efa06end a filesystem location and which might be tricked by
5a58787efeb02a1c3f06569d019ad81fd2efa06end ..%2f..%2f(...). We *should* allow path-info of the
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele Since we've revamped a lot of our processing of path
aee1f193a276866212922ae5072e3014db28582frpluem segments, it would be nice to allow this, or at least
aee1f193a276866212922ae5072e3014db28582frpluem allow it conditionally with a directive.
aee1f193a276866212922ae5072e3014db28582frpluem OtherBill adds that %2f as the SECOND character of a multibyte
aee1f193a276866212922ae5072e3014db28582frpluem sequence causes the request to fail! This happens notably in
aee1f193a276866212922ae5072e3014db28582frpluem the ja-jis encoding.
aee1f193a276866212922ae5072e3014db28582frpluem * There is increasing demand from module writers for an API
aee1f193a276866212922ae5072e3014db28582frpluem that will allow them to control the server à la apachectl.
aee1f193a276866212922ae5072e3014db28582frpluem Reasons include sole-function servers that need to die if
aee1f193a276866212922ae5072e3014db28582frpluem an external dependency (e.g., a database) fails, et cetera.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele Perhaps something in the (ever more abused) scoreboard?
aee1f193a276866212922ae5072e3014db28582frpluem On the other hand, we already have a pipe that goes between parent
aee1f193a276866212922ae5072e3014db28582frpluem and child for graceful shutdown events, along with an API that
8ba6e8ba8d8ad4d8228872d5526fa7295ff43149poirier can be used to send a message down that pipe. In threaded MPMs,
aee1f193a276866212922ae5072e3014db28582frpluem it is easy enough to make that one pipe be used for graceful
5a58787efeb02a1c3f06569d019ad81fd2efa06end and graceless events, and it is also easy to open that pipe
5a58787efeb02a1c3f06569d019ad81fd2efa06end to both parent and child for writing. Then we just need to
5a58787efeb02a1c3f06569d019ad81fd2efa06end figure out how to do graceless on non-threaded MPMs.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * Allow the DocumentRoot directive within <Location > scopes? This
aee1f193a276866212922ae5072e3014db28582frpluem allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
aee1f193a276866212922ae5072e3014db28582frpluem by a <Directory /somepath/foo> to become simply
5d7e5de2da57434c8e68c8fa49cbf6d70ee0f817slive <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
aee1f193a276866212922ae5072e3014db28582frpluem and in-your-face.) DocumentRoot unset would be accepted [and would
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele not permit content to be served, only virtual resources such as
aee1f193a276866212922ae5072e3014db28582frpluem server-info or server-status.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele This proposed change would _not_ depricate Alias.
aee1f193a276866212922ae5072e3014db28582frpluem striker: See the thread starting with Message-ID:
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * Win32: Rotatelogs sometimes is not terminated when Apache
aee1f193a276866212922ae5072e3014db28582frpluem goes down hard. FirstBill was looking at possibly tracking the
5a58787efeb02a1c3f06569d019ad81fd2efa06end child's-child processes in the parent process.
5a58787efeb02a1c3f06569d019ad81fd2efa06end stoddard: Shared scoreboard might offer a good way for the parent
5a58787efeb02a1c3f06569d019ad81fd2efa06end to keep track of 'other child' processes and whack them if the child
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele Other thoughts on walking the process chain using the NT kernel
aee1f193a276866212922ae5072e3014db28582frpluem have also been proposed on APR.
aee1f193a276866212922ae5072e3014db28582frpluem * Eliminate unnecessary creation of pipes in mod_cgid
aee1f193a276866212922ae5072e3014db28582frpluem * Combine log_child and piped_log_spawn. Clean up http_log.c.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele Common logging API.
aee1f193a276866212922ae5072e3014db28582frpluem * Platforms that do not support fork (primarily Win32 and AS/400)
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele Architect start-up code that avoids initializing all the modules
aee1f193a276866212922ae5072e3014db28582frpluem in the parent process on platforms that do not support fork.
5a58787efeb02a1c3f06569d019ad81fd2efa06end * There are still a number of places in the code where we are
5a58787efeb02a1c3f06569d019ad81fd2efa06end losing error status (i.e. throwing away the error returned by a
a3388213b2b4d46b356be205e38204e67b4304d8rbowen system call and replacing it with a generic error code)
a3388213b2b4d46b356be205e38204e67b4304d8rbowen * Mass vhosting version of suEXEC.
aee1f193a276866212922ae5072e3014db28582frpluem * All DBMs suffer from confusion in support/dbmmanage (perl script) since
aee1f193a276866212922ae5072e3014db28582frpluem the dbmmanage employs the first-matched dbm format. This is not
650ba5bfc49e73bf370f3cff32d3cdca004a2861rbowen necessarily the library that Apache was built with. Aught to
aee1f193a276866212922ae5072e3014db28582frpluem rewrite dbmmanage upon installation to bin/ with the proper library
aee1f193a276866212922ae5072e3014db28582frpluem for predictable mod_auth_dbm administration.
a3388213b2b4d46b356be205e38204e67b4304d8rbowen Questions; htdbm exists, time to kill dbmmanage, or does it remain
a3388213b2b4d46b356be205e38204e67b4304d8rbowen useful as a perl dbm management example? If we keep it,
5a58787efeb02a1c3f06569d019ad81fd2efa06end do we address the issue above?
df321386f1d9ed17a3e5e6468807996a12890d50gryzor * Integrate mod_dav.
df321386f1d9ed17a3e5e6468807996a12890d50gryzor Some additional items remaining:
df321386f1d9ed17a3e5e6468807996a12890d50gryzor - case_preserved_filename stuff
df321386f1d9ed17a3e5e6468807996a12890d50gryzor (use the new canonical name stuff?)
df321386f1d9ed17a3e5e6468807996a12890d50gryzor - find a new home for ap_text(_header)
df321386f1d9ed17a3e5e6468807996a12890d50gryzor - is it possible to remove the DAV: namespace stuff from util_xml?
df321386f1d9ed17a3e5e6468807996a12890d50gryzor * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
df321386f1d9ed17a3e5e6468807996a12890d50gryzor are a bit wonky. The function should probably be exposed as a utility
df321386f1d9ed17a3e5e6468807996a12890d50gryzor function (such as ap_translate_url2fs() or ap_validate_fs_url() or
df321386f1d9ed17a3e5e6468807996a12890d50gryzor something). Another approach would be a new hook phase after
df321386f1d9ed17a3e5e6468807996a12890d50gryzor "translate" which would allow the module to munge what the
df321386f1d9ed17a3e5e6468807996a12890d50gryzor translation has decided to do.
df321386f1d9ed17a3e5e6468807996a12890d50gryzor Status: Greg +1 (volunteers)
df321386f1d9ed17a3e5e6468807996a12890d50gryzor * Explore use of a post-config hook for the code in http_main.c which
df321386f1d9ed17a3e5e6468807996a12890d50gryzor calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
df321386f1d9ed17a3e5e6468807996a12890d50gryzor ap_sort_hooks() [to reduce the logic in main()]
aee1f193a276866212922ae5072e3014db28582frpluem * read the config tree just once, and process N times (as necessary)
aee1f193a276866212922ae5072e3014db28582frpluem * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
aee1f193a276866212922ae5072e3014db28582frpluem * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele into a VirtualHost container) to 2.0.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * shift stuff to mod_core.h
4aa603e6448b99f9371397d439795c91a93637eand * callers of ap_run_create_request() should check the return value
c3c006c28c5b03892ccaef6e4d2cbb15a13a2072rbowen for failure (Doug volunteers)
b3c1e4e5b0fc67887a85bc388c16949a21e66f51humbedooh * Fix the worker MPM to use POD to kill child processes instead
aee1f193a276866212922ae5072e3014db28582frpluem of ap_os_killpg, regardless of how they should die.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele chrisd: Is this done, by any chance? See r92598 and r93358.
5a58787efeb02a1c3f06569d019ad81fd2efa06end * Scoreboard structures could be changed in the future such that
5a58787efeb02a1c3f06569d019ad81fd2efa06end proper alignment is not maintained, leading to segfaults on
5a58787efeb02a1c3f06569d019ad81fd2efa06end some systems. Cliff posted a patch to deal with this issue but
aee1f193a276866212922ae5072e3014db28582frpluem later recanted. See this message to dev@apr.apache.org:
aee1f193a276866212922ae5072e3014db28582frpluem <Pine.LNX.4.44.0203011354090.16457-200000@deepthought.cs.virginia.edu>
aee1f193a276866212922ae5072e3014db28582frpluem * APXS either needs to be fixed completely for use when apr is out of tree,
aee1f193a276866212922ae5072e3014db28582frpluem or it should drop query mode altogether, and we just grow an
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele httpd-config or similar arrangement.
aee1f193a276866212922ae5072e3014db28582frpluem To quote a discussion in STATUS earlier:
aee1f193a276866212922ae5072e3014db28582frpluem thommay: this doesn't fix all the problems with apxs and out of
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele tree apr/apr-util, but it's a good start. There's still the
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele query cases; but I'm beginning to think that in these cases
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele the app should be querying ap{r,u}-config directly
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele deprecate -q: add htpd-config: gstein, pquerna, minfrin, pgollucci
aee1f193a276866212922ae5072e3014db28582frpluemTODO ISSUES REMAINING IN MOD_SSL:
aee1f193a276866212922ae5072e3014db28582frpluem * Do we need SSL_set_read_ahead()?
8d0e4e42e6712806f61f5c099a498b2e5e09d7d7humbedooh * SSLRequire directive (parsing of) leaks memory
b3c1e4e5b0fc67887a85bc388c16949a21e66f51humbedooh * Diffie-Hellman-Parameters for temporary keys are hardcoded in
aee1f193a276866212922ae5072e3014db28582frpluem ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
aee1f193a276866212922ae5072e3014db28582frpluem "it is suggested that keys be changed daily or every 500
aee1f193a276866212922ae5072e3014db28582frpluem transactions, and more often if possible."
aee1f193a276866212922ae5072e3014db28582frpluem * ssl_var_lookup could be rewritten to be MUCH faster
8d0e4e42e6712806f61f5c099a498b2e5e09d7d7humbedooh * CRL callback should be pluggable
c3c006c28c5b03892ccaef6e4d2cbb15a13a2072rbowen * session cache store should be pluggable
4aa603e6448b99f9371397d439795c91a93637eand * init functions should return status code rather than ssl_die()
aee1f193a276866212922ae5072e3014db28582frpluem * ssl_engine_pphrase.c needs to be reworked so it is generic enough
aee1f193a276866212922ae5072e3014db28582frpluem to also decrypt proxy keys
10a304fc5348d394375b98ae10ca9b137fd10cafkess * output warning when allowing SSL v2.0 ? its so old
aee1f193a276866212922ae5072e3014db28582frpluem * mod_proxy: Ability to run SSL over proxy gateway connections,
13dd6a45ad3051c84a03bfbc88f0e314a5322ed6rbowen encrypting (or reencrypting) at the proxy.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * mod_cache: Handle ESI tags.
b3c1e4e5b0fc67887a85bc388c16949a21e66f51humbedooh * mod_cache: Resolve issue of how to cache page fragments (or perhaps
b3c1e4e5b0fc67887a85bc388c16949a21e66f51humbedooh -if- we want to cache page fragments). Today, mod_cache/mod_mem_cache
aee1f193a276866212922ae5072e3014db28582frpluem will cache #include 'virtual' requests (but not #include 'file'
5a58787efeb02a1c3f06569d019ad81fd2efa06end requests). This was accomplished by making CACHE_IN a
5a58787efeb02a1c3f06569d019ad81fd2efa06end CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
5a58787efeb02a1c3f06569d019ad81fd2efa06end filter. But now responses cannot be cached that include the
aee1f193a276866212922ae5072e3014db28582frpluem effects of having been run through CONTENT_SET filters
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele (mod_deflate, mod_expires, etc). We could rerun all the
aee1f193a276866212922ae5072e3014db28582frpluem CONTENT_SET filters on the cached response, but this will not
aee1f193a276866212922ae5072e3014db28582frpluem work in all cases. For example, mod_expires relies on installing
aee1f193a276866212922ae5072e3014db28582frpluem the EXPIRATION filter during fixups. Contents served out of
aee1f193a276866212922ae5072e3014db28582frpluem mod_cache (out of the quick_handler) bypass -all- the request
aee1f193a276866212922ae5072e3014db28582frpluem line server hooks (Ryan really hated this. It is great for
22cebd88e14c30aedd5dd95323ba66e4887dc94bkess performance, but bad because of the complications listed above).
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele * mod_mem_cache: Consider adding a RevalidateTimeout directive to
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele specify time at which local cached content is to be revalidated
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele (ie, underlying file stat'ed to see if it has changed).
aee1f193a276866212922ae5072e3014db28582frpluem * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele jerenkrantz says: Too slow. Get regexs away from speedy caches by
aee1f193a276866212922ae5072e3014db28582frpluem default. Introduce a new CacheEnableRegex if you want.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * mod_mem_cache/mod_cache_disk: Need to be able to query cache
aee1f193a276866212922ae5072e3014db28582frpluem status (num of entries, cache object properties, etc.).
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele mod_status could be extended to query optional hooks defined
aee1f193a276866212922ae5072e3014db28582frpluem by modules for the purpose of reporting module status.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele mod_cache (et. al.) could define optional hooks that are called
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele to collect status. Status should be queryable by
aee1f193a276866212922ae5072e3014db28582frpluem HTTP or SNMP?
aee1f193a276866212922ae5072e3014db28582frpluem jerenkrantz says: Yawn. Who cares.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * Regex containers don't work in an intutive way
aee1f193a276866212922ae5072e3014db28582frpluem Status: No one has come up with an efficient way to fix this
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele behavior. Dean has suggested getting rid of regex containers
82178a3043043b8813c0d7288a06ca1b7d110d4atakashi completely.
ea49840bfe8467a7d7bd4db27b1d4880a85511aberikabele OtherBill suggests: We at least seem to agree on eliminating
aee1f193a276866212922ae5072e3014db28582frpluem the <Container ~ foo> forms, and using only
aee1f193a276866212922ae5072e3014db28582frpluem <ContainerMatch foo> semantics.
4ab980a06412fd86f52a6d054fb7e26de155c530erikabele * orig_ct in the byterange/multipart handling may not be
aee1f193a276866212922ae5072e3014db28582frpluem needed. Apache 1.3 just never stashed "multipart" into
4aa603e6448b99f9371397d439795c91a93637eand r->content_type. We should probably follow suit since the
8d0e4e42e6712806f61f5c099a498b2e5e09d7d7humbedooh byterange stuff doesn't want the rest of the code to see the
4aa603e6448b99f9371397d439795c91a93637eand multipart content-type; the other code should still think it is
b3c1e4e5b0fc67887a85bc388c16949a21e66f51humbedooh dealing with the <orig_ct> stuff.
aee1f193a276866212922ae5072e3014db28582frpluem Status: Greg volunteers to investigate (esp. since he was most
bd43fc31993cfc191e744a9490481f4294894099covener likely the one to break it :-)
bd43fc31993cfc191e744a9490481f4294894099covenerEXPERIMENTAL MODULES:
bd43fc31993cfc191e744a9490481f4294894099covener Experimental modules should eventually be be promoted to fully supported
bd43fc31993cfc191e744a9490481f4294894099covener status or removed from the repository entirely (ie, the
bd43fc31993cfc191e744a9490481f4294894099covener 'experiment' failed). This section tracks what needs to happen to
bd43fc31993cfc191e744a9490481f4294894099covener get the modules promoted to fully supported status.