STATUS revision 9b0dd9f58855f5b2c65ed8050d3c3130ab9bd50a
d0cd4568592f103a454ac647f4961af293f88f4ejimAPACHE 2.1 STATUS: -*-text-*-
ec79b29695b183f794264bbb578c51e93d1f9b1emartinLast modified at [$Date$]
c05a38095129d25a4ad10aa51584c774458fb089niqRelease [NOTE that only Alpha/Beta releases occur in 2.1 development]:
c05a38095129d25a4ad10aa51584c774458fb089niq 2.1.3 : in development
c05a38095129d25a4ad10aa51584c774458fb089niq 2.1.2 : Released on 12/08/2004 as alpha.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jim 2.1.1 : Released on 11/19/2004 as alpha.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jim 2.1.0 : not released.
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6jimPlease consult the following STATUS files for information
5fc20796e4b0474cf8b2383945687783de1d3632jimon related projects:
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpjContributors looking for a mission:
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpj * Just do an egrep on "TODO" or "XXX" in the source.
3f5585f7f4a7d74f2f94ec729ea8c1879d419e35rederpj * Review the "PatchAvailable" bugs in the bug database.
f85bcbc579bb47de4d3f7d72ccaacc8ad4525238gregames Append a comment saying "Reviewed and tested".
f85bcbc579bb47de4d3f7d72ccaacc8ad4525238gregames * Open bugs in the bug database.
ee508128c414648982d1cca7801f63b01a0a4f8aminfrinCURRENT RELEASE NOTES:
5d4512d8c3a70094ff3e941667007a42925f73e2jortonRELEASE SHOWSTOPPERS:
5d4512d8c3a70094ff3e941667007a42925f73e2jorton * Handling of non-trailing / config by non-default handler is broken
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton jerenkrantz asks: Why should this block a release?
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton * the edge connection filter cannot be removed
f2e009134c7e279f99dfca5bd421f721bf1f7840jorton http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
135402675e89e6df0e17735e48f428a1e1d8eb16pquerna jerenkrantz asks: Why should this block a release?
135402675e89e6df0e17735e48f428a1e1d8eb16pquernaCURRENT VOTES:
4233b18553d723a4e22d6126866f05e3d842f781covener a) httpd-std.conf should be tailored by install (from src or
4233b18553d723a4e22d6126866f05e3d842f781covener binbuild) even if user has existing httpd.conf
4233b18553d723a4e22d6126866f05e3d842f781covener +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley, jim, nd,
4233b18553d723a4e22d6126866f05e3d842f781covener wrowe - prefer httpd.default.conf to avoid ambiguity with cvs
c4313e35bed51fd5525e60333eb5d64021ab5057jerenkrantz b) tailored httpd-std.conf should be copied by install to
5b4d25005978c3667f44fbd5dcbd4cc34e9c714djerenkrantz c) tailored httpd-std.conf should be installed to
236675b0526bbf82edb9a34e9b10be56cc10b9cdjim +1: slive, trawick, Ken, nd (prefer the latter), erikabele
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe d) Installing a set of default config files when upgrading a server
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe doesn't make ANY sense at all.
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe +1: ianh - medium/big sites don't use 'standard config' anyway, as it
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe usually needs major customizations
7e852fc77c66ea1edb4e88808bb75ecd3603a2e5wrowe -1: Ken, wrowe, jwoolley, jim, nd, erikabele
e5106092b7fae78cec4898042a78a10acccb4cacwrowe wrowe - diff is wonderful when comparing old/new default configs,
e5106092b7fae78cec4898042a78a10acccb4cacwrowe even for customized sites that ianh mentions
e5106092b7fae78cec4898042a78a10acccb4cacwrowe jim - ... assuming that the default configs have been updated
e5106092b7fae78cec4898042a78a10acccb4cacwrowe with the required inline docs to explain the
e5106092b7fae78cec4898042a78a10acccb4cacwrowe * If the parent process dies, should the remaining child processes
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton "gracefully" self-terminate. Or maybe we should make it a runtime
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton option, or have a concept of 2 parent processes (one being a
470d223738c1dfc4e07c7fae5d186e9dfadd9643jorton "hot spare").
81bd9331da3bd0f53255d52b1475480ff3a4b395trawick See: Message-ID: <3C58232C.FE91F19F@Golux.Com>
81bd9331da3bd0f53255d52b1475480ff3a4b395trawick Self-destruct: Ken, Martin, Lars
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick Not self-destruct: BrianP, Ian, Cliff, BillS
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd
cd3bbd6d2df78d6c75e5d159a81ef8bdd5f70df9trawick /* The below was a concept on *how* to handle the problem */
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd Have 2 parents: +1: jim
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd -1: Justin, wrowe, rederpj, nd
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd +0: Lars, Martin (while standing by, could it do
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd something useful?)
c7c8dd19c90c5ee7205ccdf443585d14da3daecechrisd * Make the worker MPM the default MPM for threaded Unix boxes.
421e0a5d1c49de76406f61e9abef271af2336c31rpluem +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd
421e0a5d1c49de76406f61e9abef271af2336c31rpluem +0: BrianP, Aaron (mutex contention is looking better with the
421e0a5d1c49de76406f61e9abef271af2336c31rpluem latest code, let's continue tuning and testing), rederpj, jim
108ebbb87b2a46f4416ec507824471a483c39fe1sctemme pquerna: Do we want to change this for 2.2?
bed7fc979e00a75f76ed79245f003b52e91d40abchrisdRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd * Patches submitted to the bug database:
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2.0&keywords=PatchAvailable
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd * The Event MPM does not work on Solaris 10. Solaris 10 does support the
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd Threadsafe Pollsets required by the Event MPM, but it does not support
bed7fc979e00a75f76ed79245f003b52e91d40abchrisd multiple threads calling accept() at the same time. The current
7abe34dd5a20fc8fde09dca9116b88e6ddfd55ddjorton structure of the Event MPM makes adding accept() locking difficult.
7abe34dd5a20fc8fde09dca9116b88e6ddfd55ddjorton * Filter stacks and subrequests, redirects and fast redirects.
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd There's at least one PR that suffers from the current unclean behaviour
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd (which lets the server send garbage): PR 17629
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd nd says: Every subrequest should get its own filter stack with the
10d486b9267800c5e376c22f6c0d45dc2ae86f67chrisd subreq_core filter as bottom-most. That filter does two things:
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd - swallow EOS buckets
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd - redirect the data stream to the upper request's (rr->main)
3e155218733389e7b1ea3a9ffd0aea533fd929cechrisd filter chain directly after the subrequest's starting
e4edb2d4252459327f6edd834de6825873e60134chrisd Once we have a clean solution, we can try to optimize
e4edb2d4252459327f6edd834de6825873e60134chrisd it, so that the server won't be slow down too much.
e4edb2d4252459327f6edd834de6825873e60134chrisd * RFC 2616 violations.
e4edb2d4252459327f6edd834de6825873e60134chrisd Closed PRs: 15857.
e4edb2d4252459327f6edd834de6825873e60134chrisd Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869,
e4edb2d4252459327f6edd834de6825873e60134chrisd 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137,
111c8f806b790a72ad0244aae35252470662e10drpluem 16138, 16139, 16140, 16142, 16518, 16520, 16521,
111c8f806b790a72ad0244aae35252470662e10drpluem jerenkrantz says: need to decide how many we need to backport and/or
111c8f806b790a72ad0244aae35252470662e10drpluem if these rise to showstopper status.
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem out of this list, without reviewing them individually.
399d43256a3339482bfa6cb76eb72ce5b363ae7arpluem * There is a bug in how we sort some hooks, at least the pre-config
37b35c7feec8216b5119c0c083990cfe4e400769rpluem hook. The first time we call the hooks, they are in the correct
37b35c7feec8216b5119c0c083990cfe4e400769rpluem order, but the second time, we don't sort them correctly. Currently,
37b35c7feec8216b5119c0c083990cfe4e400769rpluem the modules/http/config.m4 file has been renamed to
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd modules/http/config2.m4 to work around this problem, it should moved
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd back when this is fixed.
dd6199828976e6c7850ca6abd7a1ceba99e9ed16chrisd OtherBill offers that this is a SERIOUS problem. We do not sort
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem correctly by the ordering arguments passed to the register hook
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem functions. This was proven when I reordered the open_logs hook
3ff68b9ee78262779dbedf791576d35fdd229f7brpluem to attempt to open the error logs prior to the access logs. Possibly
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem the entire sorting code needs to be refactored.
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem * pipes deadlock on all platforms with limited pipe buffers (e.g. both
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem Linux and Win32, as opposed to only Win32 on 1.3). The right solution
de0fed4fa6741aea09dbe28f03aa4c20e822ed5drpluem is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
ab43b4a17b2ac31ccb1cf280be8c42a8a314cecbjorton for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
ab43b4a17b2ac31ccb1cf280be8c42a8a314cecbjorton * All handlers should always send content down even if r->header_only
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim is set. If not, it means that the HEAD requests don't generate the
f3a5934ca0fb0f0f813bd9d9d06af8937e3f401fjim same headers as a GET which is wrong.
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim * exec cmd and suexec arg-passing enhancements
67139e2d50d1e11558d87f7042f61cb04bb0d1d2jim Status: Patches proposed
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin (see the "proc.patch" and "suexec-shell.patch" links in this message)
a4ab95921be8ce5de50913cd6505d41b672eb375minfrin * The 2.0.36 worker MPM graceless shutdown changes work but are
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin a bit clunky on some platforms; eg, on Linux, the loop to
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin join each worker thread seems to hang, and the parent ends up
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin killing off the child with SIGKILL. But at least it shuts down.
e605dd6afa940f799c873ffeaa5e25fa4ea9a2c8minfrin * --enable-mods-shared="foo1 foo2" is busted on Darwin. Pier
50c06405bc48121db2913925549407fd3e79bcedmturk posted a patch (Message-ID: <B8DBBE8D.575A%pier@betaversion.org>).
dec02391360e503cd3437d16bed765dc653b9de5minfrin * We do not properly substitute the prefix-variables in the configuration
dec02391360e503cd3437d16bed765dc653b9de5minfrin scripts or generated-configs. (i.e. if sysconfdir is etc,
dec02391360e503cd3437d16bed765dc653b9de5minfrin httpd-std.conf points to conf.)
dec02391360e503cd3437d16bed765dc653b9de5minfrin * If any request gets through ap_process_request_internal() and is
1b27a3a26f18191db7ecb4d536cb121ba9520a8eniq scheduled to be served by the core handler, without a flag that this
1b27a3a26f18191db7ecb4d536cb121ba9520a8eniq r->filename was tested by dir/file_walk, we need to 500 at the very
686ce4eade942e515b1725d0c9751da36b759a6ctrawick end of the ap_process_request_internal() processing so sub_req-esters
686ce4eade942e515b1725d0c9751da36b759a6ctrawick know this request cannot be run. This provides authors of older
686ce4eade942e515b1725d0c9751da36b759a6ctrawick modules better compatibility, while still improving the security and
1ce78cf71b5baaf2c1ab48e818cb1f2397df5010trawick robustness of 2.0.
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd Status: still need to decide where this goes, OtherBill comments...
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd [Deleted comments regarding the ap_run_handler phase, as irrelevant
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd as BillS points out that "common case will be caught in
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd default_handler already (with the r->finfo.filetype == 0 check)"
4bd465052c4a0c8d41e573ee7a90c312d980355fchrisd and the issue is detecting this -before- we try to run the req.]
27b38d4191d5f638165e2a77ec6e6f567bd7784dniq gregames says: can this happen somehow without a broken module
27b38d4191d5f638165e2a77ec6e6f567bd7784dniq being involved? If not, why waste cycles trying to defend against
a87e2a23083aa62229307482afbb3b802a0c2105mturk potential broken modules? It seems futile.
a87e2a23083aa62229307482afbb3b802a0c2105mturk wrowe counters: no, it shouldn't happen unless the module is broken.
a87e2a23083aa62229307482afbb3b802a0c2105mturk But the right answer is to fail the request up-front in dir/file
a87e2a23083aa62229307482afbb3b802a0c2105mturk walk if the path was entirely invalid; and we can't do that either
a87e2a23083aa62229307482afbb3b802a0c2105mturk UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
8fd638698262130d00458b2c95548f6f94875847rpluem * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem how the Perchild MPM should be re-written. It hasn't worked
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem correctly since filters were added because it wasn't possible to
534611d341a1a48b93c7a1fd5e333dbd261527d3rpluem get the content that had already been written and the socket at
e99dfd55d29a7b4209b814efc7270d0b74ccee74niq the same time. This mode lets us do that, so the MPM can be
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem * Can a static httpd be built reliably?
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem Message-ID: <20020207142751.T31582@clove.org>
127aef4ce9f7b6b32a95c5ed9a93b796d18755e6rpluem * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
79d4b708d021714647aab8b138ae671ed24765cewrowe removed if possible.
79d4b708d021714647aab8b138ae671ed24765cewrowe Message-ID: <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
79d4b708d021714647aab8b138ae671ed24765cewrowe Jeff wonders if we still care about this. It is no longer an
79d4b708d021714647aab8b138ae671ed24765cewrowe API issue but simply an extra trip through the brigade.
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem * Get perchild to work on platforms other than Linux. This
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem will require a portable mechanism to pass data and file/socket
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem descriptors between vhost child groups. An API was proposed
88d0e50f16b21d4d0af0a48da7ad28fb5991834crpluem on dev@apr:
15264721069299ec26493e21d56bf8ff7faf6f0drpluem Message-ID: <20020111115006.K1529@clove.org>
15264721069299ec26493e21d56bf8ff7faf6f0drpluem * Try to get libtool inter-library dependency code working on AIX.
11e1b16b907afb7de0678e28fe4849d9029e2df8rpluem Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
25a81ea1bca1c89cda713c4d23660e487b1488a0rpluem Justin says: If we get it working on AIX, we can enable this
25a81ea1bca1c89cda713c4d23660e487b1488a0rpluem on all platforms and clean up our build system
48fa058fe468025347930610ac2473094fa0f4e4chrisd Jeff says: I thought I tested a patch for you sometime in
48fa058fe468025347930610ac2473094fa0f4e4chrisd January that you were going to commit within a few
3ec4328f079d8867cc323155e59678ad9437914frooneg * Handling of %2f in URIs. Currently both 1.3 and 2.0
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd completely disallow %2f in the request URI path (see
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd ap_unescape_url() in util.c). It's permitted and passed
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd through in the query string, however. Roy says the
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd original reason for disallowing it, from five years ago,
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd was to protect CGI scripts that applied PATH_INFO to
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd a filesystem location and which might be tricked by
de0d0b50c96fae59c28e09fed61b0d15cfa4147bchrisd ..%2f..%2f(...). We *should* allow path-info of the
db78659055df54243bca678c35bd2ce7e31a9237rooneg Since we've revamped a lot of our processing of path
edf6757df85878dc8ce11fb3840ee4cde6de5b2frooneg segments, it would be nice to allow this, or at least
db78659055df54243bca678c35bd2ce7e31a9237rooneg allow it conditionally with a directive.
95817edd05387a5276f51fcd5db79fc21b89b55brooneg OtherBill adds that %2f as the SECOND character of a multibyte
95817edd05387a5276f51fcd5db79fc21b89b55brooneg sequence causes the request to fail! This happens notably in
63689d77e084e36b8194fb6df5adfc0344965e01trawick the ja-jis encoding.
63689d77e084e36b8194fb6df5adfc0344965e01trawick * FreeBSD, threads, and worker MPM. All seems to work fine
63689d77e084e36b8194fb6df5adfc0344965e01trawick if you only have one worker process with many threads. Add
5714cdd83e23557d801437daa5e3ab8ba78ae595jorton a second worker process and the accept lock seems to be
5714cdd83e23557d801437daa5e3ab8ba78ae595jorton lost. This might be an APR issue with how it deals with
5714cdd83e23557d801437daa5e3ab8ba78ae595jorton the child_init hook (i.e. the fcntl lock needs to be resynced).
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes More examination and analysis is required.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes Status: Works with FreeBSD 5.3. Does not work in previous versions.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes This has also been reported on Cygwin.
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem * There is increasing demand from module writers for an API
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes that will allow them to control the server � la apachectl.
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes Reasons include sole-function servers that need to die if
8b67b9d3ce40755d1b58971198a02b2749d8e13dbnicholes an external dependency (e.g., a database) fails, et cetera.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes Perhaps something in the (ever more abused) scoreboard?
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes On the other hand, we already have a pipe that goes between parent
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes and child for graceful shutdown events, along with an API that
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes can be used to send a message down that pipe. In threaded MPMs,
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes it is easy enough to make that one pipe be used for graceful
a1a615ca49b162d71d88089210395c9a9cfeb539rpluem and graceless events, and it is also easy to open that pipe
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes to both parent and child for writing. Then we just need to
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes figure out how to do graceless on non-threaded MPMs.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes * Allow the DocumentRoot directive within <Location > scopes? This
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes by a <Directory /somepath/foo> to become simply
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes and in-your-face.) DocumentRoot unset would be accepted [and would
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes not permit content to be served, only virtual resources such as
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes server-info or server-status.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes This proposed change would _not_ depricate Alias.
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes striker: See the thread starting with Message-ID:
69c36bbae91de0e99a682aaae9d6fa61fceb2771bnicholes JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem * Win32: Rotatelogs sometimes is not terminated when Apache
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem goes down hard. FirstBill was looking at possibly tracking the
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem child's-child processes in the parent process.
1b0dce86d7fc8a5aa4c89b05255be26e508c615crpluem stoddard: Shared scoreboard might offer a good way for the parent
edc5389f50ce4153e6192740f3c7a188c8cf8d67niq to keep track of 'other child' processes and whack them if the child
edc5389f50ce4153e6192740f3c7a188c8cf8d67niq goes down.
6c05afd314b4ddd545d63b4ff5de822cc30eec79trawick Other thoughts on walking the process chain using the NT kernel
6c05afd314b4ddd545d63b4ff5de822cc30eec79trawick have also been proposed on APR.
13cd67e9c1dacbd6b9f040bda337c725cedd98f3brianp * Eliminate unnecessary creation of pipes in mod_cgid
a623efbff95aab78da9e030524b0fa69b054f6d0brianp * Combine log_child and piped_log_spawn. Clean up http_log.c.
a623efbff95aab78da9e030524b0fa69b054f6d0brianp Common logging API.
a623efbff95aab78da9e030524b0fa69b054f6d0brianp * Platforms that do not support fork (primarily Win32 and AS/400)
a623efbff95aab78da9e030524b0fa69b054f6d0brianp Architect start-up code that avoids initializing all the modules
a623efbff95aab78da9e030524b0fa69b054f6d0brianp in the parent process on platforms that do not support fork.
0b4b04d8621478ba59f0a6ba2950ddc02ab92b58colm * There are still a number of places in the code where we are
0b4b04d8621478ba59f0a6ba2950ddc02ab92b58colm losing error status (i.e. throwing away the error returned by a
2f1bb5376c5c4022383bb729679ca751dd75a2eabrianp system call and replacing it with a generic error code)
ad862ab5716726a2d72a292ba1dfb29566c86153brianp * Mass vhosting version of suEXEC.
ad862ab5716726a2d72a292ba1dfb29566c86153brianp * All DBMs suffer from confusion in support/dbmmanage (perl script) since
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz the dbmmanage employs the first-matched dbm format. This is not
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz necessarily the library that Apache was built with. Aught to
17d53ea32c4968e47733f1c2c063ae07d280efd6jerenkrantz rewrite dbmmanage upon installation to bin/ with the proper library
2d5532b13110a8d85653da92e97795b09cc25cc2trawick for predictable mod_auth_dbm administration.
b38565306421ff53e9f7499bc728d6df5cec294dpquerna Questions; htdbm exists, time to kill dbmmanage, or does it remain
b38565306421ff53e9f7499bc728d6df5cec294dpquerna useful as a perl dbm management example? If we keep it,
b38565306421ff53e9f7499bc728d6df5cec294dpquerna do we address the issue above?
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe * Integrate mod_dav.
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe Some additional items remaining:
bf511f47b2f272119c064c682e87f74809fed0fbjim - case_preserved_filename stuff
bf511f47b2f272119c064c682e87f74809fed0fbjim (use the new canonical name stuff?)
bf511f47b2f272119c064c682e87f74809fed0fbjim - find a new home for ap_text(_header)
bf511f47b2f272119c064c682e87f74809fed0fbjim - is it possible to remove the DAV: namespace stuff from util_xml?
bf511f47b2f272119c064c682e87f74809fed0fbjim * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
96352b5caba97685f248e83585a58558ab61746cjim are a bit wonky. The function should probably be exposed as a utility
96352b5caba97685f248e83585a58558ab61746cjim function (such as ap_translate_url2fs() or ap_validate_fs_url() or
96352b5caba97685f248e83585a58558ab61746cjim something). Another approach would be a new hook phase after
96352b5caba97685f248e83585a58558ab61746cjim "translate" which would allow the module to munge what the
96352b5caba97685f248e83585a58558ab61746cjim translation has decided to do.
96352b5caba97685f248e83585a58558ab61746cjim Status: Greg +1 (volunteers)
96352b5caba97685f248e83585a58558ab61746cjim * Explore use of a post-config hook for the code in http_main.c which
96352b5caba97685f248e83585a58558ab61746cjim calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
211b32adc6bb57a312e7e8d089d177501767775ajim ap_sort_hooks() [to reduce the logic in main()]
211b32adc6bb57a312e7e8d089d177501767775ajim * read the config tree just once, and process N times (as necessary)
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz into a VirtualHost container) to 2.0.
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * shift stuff to mod_core.h
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * callers of ap_run_create_request() should check the return value
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz for failure (Doug volunteers)
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz * Win32: Get Apache working on Windows 95/98. The following work
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz (at least) needs to be done:
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz - Document warning that OSR2 is required (for Crypt functions, in
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz rand.c, at least.) This could be resolved with an SSL library, or
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz randomization in APR itself.
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
86cea5a879d441110ad4f5a12261c1d6f9aa3523jerenkrantz actually works) and add in a splash of Win9x service code.
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem * Fix the worker MPM to use POD to kill child processes instead
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem of ap_os_killpg, regardless of how they should die.
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem * Scoreboard structures could be changed in the future such that
8d29663ccfe9b7908257c3f6dd67829bca27da01rpluem proper alignment is not maintained, leading to segfaults on
f1ca07dc17883c1a894300534a144ac15018a545rpluem some systems. Cliff posted a patch to deal with this issue but
f1ca07dc17883c1a894300534a144ac15018a545rpluem later recanted. See this message to dev@apr.apache.org:
f1ca07dc17883c1a894300534a144ac15018a545rpluem Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
961e5ad9f2e71ceebb585d38a2b34c98dcf5fc50rpluem * When sufficiently tested, the AllowEncodedSlashes/%2f patch
961e5ad9f2e71ceebb585d38a2b34c98dcf5fc50rpluem needs to be backported to 2.0 and 1.3.
9f4f51c3c7cad19cc4b40adf6780434553bd3c2bjorton * APXS either needs to be fixed completely for use when apr is out of tree,
9f4f51c3c7cad19cc4b40adf6780434553bd3c2bjorton or it should drop query mode altogether, and we just grow an
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim httpd-config or similar arrangement.
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim To quote a discussion in STATUS earlier:
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim thommay: this doesn't fix all the problems with apxs and out of
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim tree apr/apr-util, but it's a good start. There's still the
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim query cases; but I'm beginning to think that in these cases
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim the app should be querying ap{r,u}-config directly
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim gstein: agreed. apxs should deprecate the -q flag
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jimTODO ISSUES REMAINING IN MOD_SSL:
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim * In order to use a DSO version of mod_ssl we have to link with
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim -lssl and -lcrypto. A workaround is in place right now where the
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim entire EXTRA_LIBS macro is being appended to the objects list, but
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim autoconf function or come up with some other autoconf checks to
cf271ff5f3e95ebd3fec31d7073713ab6ada8225jim search for libssl and libcrypto and properly add them to mod_ssl's
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick link flags.
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick * SSL renegotiations in combination with POST request
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick * Port or dispose all code inside #if 0...#endif blocks that remain
2d979f1a392940641629f0bbfbdc4e7ac1f52ad3trawick from the porting effort.
6a2a19c3a70c6e8f6bdce8e1dcde95bc5a591235jim * Do we need SSL_set_read_ahead()?
6a2a19c3a70c6e8f6bdce8e1dcde95bc5a591235jim * the ssl_expr api is NOT THREAD SAFE. race conditions exist:
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick -in ssl_expr_comp() if SSLRequire is used in .htaccess
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick (ssl_expr_info is global)
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick -is ssl_expr_eval() if there is an error
eed0a2641e6988b8190af0625d4a99b2d02bdde9trawick (ssl_expr_error is global)
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe * SSLRequire directive (parsing of) leaks memory
6f715f23d1ef4d412dc89cf8e483bf1154686cedwrowe * Diffie-Hellman-Parameters for temporary keys are hardcoded in
2cef392e45f74260035e7449fc95d032baa88084jim ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
2cef392e45f74260035e7449fc95d032baa88084jim "it is suggested that keys be changed daily or every 500
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe transactions, and more often if possible."
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe * ssl_var_lookup could be rewritten to be MUCH faster
414d856f21668e07bcdcb8d050481796d84bda66trawick * CRL callback should be pluggable
414d856f21668e07bcdcb8d050481796d84bda66trawick * session cache store should be pluggable
e4eeafb5814b5add53efc27debb231db37d34676jim * init functions should return status code rather than ssl_die()
29828f49377897a874aec410f90eda4977c144a7rpluem * ssl_engine_pphrase.c needs to be reworked so it is generic enough
29828f49377897a874aec410f90eda4977c144a7rpluem to also decrypt proxy keys
29828f49377897a874aec410f90eda4977c144a7rpluem * the shmcb code should just align its memory segment rather than
29828f49377897a874aec410f90eda4977c144a7rpluem jumping through all the "safe" memcpy and memset hoops
6c7aa683421c46525e71a166a5a5b637f902e6bbjim * mod_proxy: Ability to run SSL over proxy gateway connections,
cab76376671a3b885805a232b0fca9cd09763d6ejim encrypting (or reencrypting) at the proxy.
cab76376671a3b885805a232b0fca9cd09763d6ejim * mod_cache: Handle ESI tags.
57047462e24c25106ed3047dfa0f0673f0d6fc80trawick * mod_cache: Resolve issue of how to cache page fragements (or perhaps
57047462e24c25106ed3047dfa0f0673f0d6fc80trawick -if- we want to cache page fragements). Today, mod_cache/mod_mem_cache
6584fe5dea4c3e48c28208482694e8b64e333790jim will cache #include 'virtual' requests (but not #include 'file'
6584fe5dea4c3e48c28208482694e8b64e333790jim requests). This was accomplished by making CACHE_IN a
6584fe5dea4c3e48c28208482694e8b64e333790jim CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
6584fe5dea4c3e48c28208482694e8b64e333790jim filter. But now responses cannot be cached that include the
554d13791e00914b9a752b05c3976d50dd27124ajim effects of having been run through CONTENT_SET filters
554d13791e00914b9a752b05c3976d50dd27124ajim (mod_deflate, mod_expires, etc). We could rerun all the
554d13791e00914b9a752b05c3976d50dd27124ajim CONTENT_SET filters on the cached response, but this will not
554d13791e00914b9a752b05c3976d50dd27124ajim work in all cases. For example, mod_expires relies on installing
554d13791e00914b9a752b05c3976d50dd27124ajim the EXPIRATION filter during fixups. Contents served out of
554d13791e00914b9a752b05c3976d50dd27124ajim mod_cache (out of the quick_handler) bypass -all- the request
554d13791e00914b9a752b05c3976d50dd27124ajim line server hooks (Ryan really hated this. It is great for
554d13791e00914b9a752b05c3976d50dd27124ajim performance, but bad because of the complications listed above).
d247789737dad3168ec8c0aea51fcb9b87d371aajim * mod_mem_cache: Consider adding a RevalidateTimeout directive to
d247789737dad3168ec8c0aea51fcb9b87d371aajim specify time at which local cached content is to be revalidated
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem (ie, underlying file stat'ed to see if it has changed).
8490276a0c949567788c47c37468eda0ca339d8etrawick * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem jerenkrantz says: Too slow. Get regexs away from speedy caches by
8490276a0c949567788c47c37468eda0ca339d8etrawick default. Introduce a new CacheEnableRegex if you want.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem * mod_mem_cache/mod_disk_cache: Need to be able to query cache
569ddc923f6a9d4b9338c10ddf42d464f63232c9trawick status (num of entries, cache object properties, etc.).
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe mod_status could be extended to query optional hooks defined
205c204b61b6ecf592cc0ea251ae2f02fc7e19f1wrowe by modules for the purpose of reporting module status.
b87fe8021e886342fdf61b56ee23be46641900d1trawick mod_cache (et. al.) could define optional hooks that are called
b87fe8021e886342fdf61b56ee23be46641900d1trawick to collect status. Status should be queryable by
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem HTTP or SNMP?
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem jerenkrantz says: Yawn. Who cares.
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluemEXPERIMENTAL MODULES:
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem Experimental modules should eventually be be promoted to fully supported
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem status or removed from the repository entirely (ie, the
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem 'experiment' failed). This section tracks what needs to happen to
735cd88c825038eeac04c63c70282afbf936b798jim get the modules promoted to fully supported status.
735cd88c825038eeac04c63c70282afbf936b798jimOther bugs that need fixing:
735cd88c825038eeac04c63c70282afbf936b798jim * MaxRequestsPerChild measures connections, not requests.
735cd88c825038eeac04c63c70282afbf936b798jim Until someone has a better way, we'll probably just rename it
735cd88c825038eeac04c63c70282afbf936b798jim "MaxConnectionsPerChild".
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim * Regex containers don't work in an intutive way
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim Status: No one has come up with an efficient way to fix this
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim behavior. Dean has suggested getting rid of regex containers
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim completely.
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim OtherBill suggests: We at least seem to agree on eliminating
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim the <Container ~ foo> forms, and using only
ce6e6ce15f92e55178acd9b9a56745b3f33898c6jim <ContainerMatch foo> semantics.
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim * orig_ct in the byterange/multipart handling may not be
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim needed. Apache 1.3 just never stashed "multipart" into
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim r->content_type. We should probably follow suit since the
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim byterange stuff doesn't want the rest of the code to see the
dcb2819b8b9d4b86852fa3de8871d05ca4de67cajim multipart content-type; the other code should still think it is
acdf89d84940eb9ae13389097e625cb08c62d452minfrin dealing with the <orig_ct> stuff.
acdf89d84940eb9ae13389097e625cb08c62d452minfrin Status: Greg volunteers to investigate (esp. since he was most
acdf89d84940eb9ae13389097e625cb08c62d452minfrin likely the one to break it :-)
acdf89d84940eb9ae13389097e625cb08c62d452minfrinBinaries (probably not till beta):
acdf89d84940eb9ae13389097e625cb08c62d452minfrin Platform Avail. Volunteer
acdf89d84940eb9ae13389097e625cb08c62d452minfrin ------------------------------------------------------------------
acdf89d84940eb9ae13389097e625cb08c62d452minfrin AIX 4.3.3 no Bill Stoddard
acdf89d84940eb9ae13389097e625cb08c62d452minfrin Mandrake 8.1 no open
acdf89d84940eb9ae13389097e625cb08c62d452minfrin FreeBSD 4.1 no open
acdf89d84940eb9ae13389097e625cb08c62d452minfrin hppa2.0w-hp-hpux11.00 no Cliff Woolley
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem i386-pc-solaris2.8 no Aaron Bannert
acdf89d84940eb9ae13389097e625cb08c62d452minfrin i386-unknown-freebsd4.5 no
acdf89d84940eb9ae13389097e625cb08c62d452minfrin i386-unknown-freebsd4.6 no Cliff Woolley
acdf89d84940eb9ae13389097e625cb08c62d452minfrin i686-pc-linux-gnu-slackware81 no Cliff Woolley
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem i686-pc-linux-gnu-rh70 no Aaron Bannert
acdf89d84940eb9ae13389097e625cb08c62d452minfrin i686-pc-linux-gnu-rh73 no Cliff Woolley
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin ia64-hp-hpux11.20 no
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin powerpc-apple-darwin5.5 no Aaron Bannert
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin powerpc-unknown-linux-gnu no Graham Leggett
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem s390-ibm-linux no Greg Ames
2ce90d8d49fb2c464202a8a335e2cd4ea3cb5f33minfrin sparc-sun-solaris2.8 no Jim Jagielski
cd6811891c9998e52e5e325f82f519dadbc82b39minfrin NetWare no Brad Nicholes
cd6811891c9998e52e5e325f82f519dadbc82b39minfrin OS/2 no Brian Havard
2d0d8213c4df303dabe883df8fa29ac8f2b42d63rpluem OS/390 no Greg Ames
e114df93a5d0da6e525a51eb1a29219d94d3eb3aminfrin Win32-x86 no William Rowe