STATUS revision dc287e6d736b5998068addfb712936f51818cc0f
ac4e70ff8955669341f435bc0a734a17c01af124Mark AndrewsAPACHE 2.3 STATUS: -*-text-*-
885f47576842cf3c569315b9a48bd9f0ca03f203Automatic UpdaterLast modified at [$Date$]
59528addd704f8d5757b54e540520f74e588a7c7Automatic UpdaterThe current version of this file can be found at:
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
75b70a68aefaa17ac4e768d5ed85d2f50d471490Automatic UpdaterDocumentation status is maintained seperately and can be found at:
bb93c8542756719b53096b9939e4041d0966026fAutomatic Updater * docs/STATUS in this source tree, or
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
ac4e70ff8955669341f435bc0a734a17c01af124Mark AndrewsConsult the following STATUS files for information on related projects:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS
56874aef380a64a2c183b7c282c3e7a361d67fa1Automatic UpdaterPatches considered for backport are noted in their branches' STATUS:
96713299d08c0735c18ebe8772dd2cc1ecd4356aAutomatic Updater * http://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x/STATUS
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
80faf1588895fd26490f82f95a7a1b771df1c324Automatic UpdaterRelease history:
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews while x.{even}.z versions are Stable/GA releases.]
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews 2.3.9 : In Development.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson 2.3.8 : Tagged on August 24, 2010.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews 2.3.7 : Tagged on August 19, 2010, not released.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews 2.3.6 : Released on June 21, 2010.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson 2.3.5 : Released on January 26, 2010.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews 2.3.4 : Released on December 8, 2009.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington 2.3.3 : Tagged on November 11, 2009, not released.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater 2.3.2 : Tagged on March 23, 2009, not released.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews 2.3.1 : Tagged on January 2, 2009, not released.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater 2.3.0 : Tagged on December 6, 2008, not released.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsContributors looking for a mission:
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews * Just do an egrep on "TODO" or "XXX" in the source.
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater * Review the bug database at: http://issues.apache.org/bugzilla/
ca904804e43f663f08eb1ac9d6d617930b9a3cd3Automatic Updater * Review the "PatchAvailable" bugs in the bug database:
c0b771f68361b073388b85a689c12cbe502880eeAutomatic Updater https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews After testing, you can append a comment saying "Reviewed and tested".
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson * Open bugs in the bug database.
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews * See also the STATUS file in the docs/ directory, which lists documentation-specific TODO items.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonCURRENT RELEASE NOTES:
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonRELEASE SHOWSTOPPERS:
723bfc0fc28c486c805de016c4475a35328eb8abAutomatic Updater * Modules that are not ready for production use should be marked as
55e03fc54708d97917bf26639b987f759bdc1f44Automatic Updater experimental. Candidates:
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont * Review the example configuration. It should be based on current best
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont practices and not use deprecated features.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater * Modules without documentation need to be moved to experimental or be
885f47576842cf3c569315b9a48bd9f0ca03f203Automatic Updater * Not all MPMs are updated to set conn_rec::current_thread correctly.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater (Prefork, Worker, Event, Simple are updated).
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews jim sez: Then we just ship with those... mark any others as
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews FOR NEXT ALPHA:
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater * The mod_session* modules need to be checked that their hooks respect
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater the returning of int (HTTP status codes) and apr_status_t as appropriate,
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater and any anomolies fixed.
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater OLD ISSUES THAT WERE THOUGHT TO BE SHOWSTOPPERS FOR 2.2 BUT OBVIOUSLY WEREN'T:
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson * Handling of non-trailing / config by non-default handler is broken
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews jerenkrantz asks: Why should this block a release?
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson wsanchez agrees: this may be a change in behavior, but isn't
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews clearly wrong, and even if so, it doesn't seem like a
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater * the edge connection filter cannot be removed
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater jerenkrantz asks: Why should this block a release?
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater stas replies: because it requires a rewrite of the filters stack
2bb3422dc683c013db7042f5736240de6b86f182Automatic Updater implementation (you have suggested that) and once 2.2 is
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater released you can't do that anymore.
3098364bcdd7a719fbafa5fc8d2cc9e90e5a5989Automatic Updater pgollucci: this affects mod_perl I'm pretty sure.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater * Name the Server (version 2.4 or 3.0, depending on the final call)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Recent discussion indicates we should designate a (short name).
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater This is not yet a [Vote] - Your nominations please:
0df8ead472f207020f8da22a185fe4b945248ab8Automatic Updater * Apache HTTP Server (httpd)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater +1: sctemme (why mess with it?)
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic UpdaterRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Add mod_allow_method or some other (usable) functionality to replace
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Sort out modules selections for most/all/reallyall. Maybe rename
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater all -> most, reallyall -> all, and remove the old 'most'.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Add mod_define.
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater * Patches submitted to the bug database:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Filter stacks and subrequests, redirects and fast redirects.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater There's at least one PR that suffers from the current unclean behaviour
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater (which lets the server send garbage): PR 17629
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater nd says: Every subrequest should get its own filter stack with the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater subreq_core filter as bottom-most. That filter does two things:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater - swallow EOS buckets
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater - redirect the data stream to the upper request's (rr->main)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater filter chain directly after the subrequest's starting
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Once we have a clean solution, we can try to optimize
7262eb86f2b465822206122921e2f357218f0cfdAutomatic Updater it, so that the server won't be slow down too much.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * RFC 2616 violations.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Closed PRs: 15852, 15857, 15859, 15861, 15864, 15869, 15870, 16120,
bbb069be941f649228760edcc241122933c066d2Automatic Updater 16125, 16135, 16136, 16137, 16138, 16139, 16140, 16518,
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic Updater Open PRs: 15865, 15866, 15868, 16126, 16133, 16142, 16521
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews jerenkrantz says: need to decide how many we need to backport and/or
b0d566a2ce0f5a67f537ee7f8233f82f2584cc61Automatic Updater if these rise to showstopper status.
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews out of this list, without reviewing them individually.
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater * There is a bug in how we sort some hooks, at least the pre-config
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews hook. The first time we call the hooks, they are in the correct
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews order, but the second time, we don't sort them correctly. Currently,
5ae0e2c8b72fa44237edeb37d1945b1c3535ca39Automatic Updater the modules/http/config.m4 file has been renamed to
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews modules/http/config2.m4 to work around this problem, it should moved
c5a53da13bb2126dcbbd5b45ca4904eccafe6621Automatic Updater back when this is fixed.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater OtherBill offers that this is a SERIOUS problem. We do not sort
bc0a53583d92309bebcf93c408e2f3247ebd3d3cAutomatic Updater correctly by the ordering arguments passed to the register hook
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater functions. This was proven when I reordered the open_logs hook
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater to attempt to open the error logs prior to the access logs. Possibly
7f94d9a8162c9a96b56e66176702b66e79d8e1a2Automatic Updater the entire sorting code needs to be refactored.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * pipes deadlock on all platforms with limited pipe buffers (e.g. both
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Linux and Win32, as opposed to only Win32 on 1.3). The right solution
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
7eda3642eea03f1181e41540c7c8791a57759383Automatic Updater for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater * All handlers should always send content down even if r->header_only
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater is set. If not, it means that the HEAD requests don't generate the
7eda3642eea03f1181e41540c7c8791a57759383Automatic Updater same headers as a GET which is wrong.
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson * exec cmd and suexec arg-passing enhancements
00be0f9f61d4c6bf197d000bfa1a6b7e70ea0866Automatic Updater Status: Patches proposed
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
5c0fc20d6e59216d9a142409e5fdb498153aeaa5Automatic Updater (see the "proc.patch" and "suexec-shell.patch" links in this message)
0ce87e5749aabb8eef1e0a37e4bd6e6ffa1d7196Automatic Updater * The 2.0.36 worker MPM graceless shutdown changes work but are
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington a bit clunky on some platforms; eg, on Linux, the loop to
f0ecd0e64ffa2a8afef95d81275d46a845f15402Automatic Updater join each worker thread seems to hang, and the parent ends up
3857cb6fcabeb79d85de4b3e3e4ab99912b701f8Mark Andrews killing off the child with SIGKILL. But at least it shuts down.
80faf1588895fd26490f82f95a7a1b771df1c324Automatic Updater chrisd: Has this been fixed by the changes for PR 38737?
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews * We do not properly substitute the prefix-variables in the configuration
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson scripts or generated-configs. (i.e. if sysconfdir is etc,
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews httpd-std.conf points to conf.)
8ae412a86ed138263796195eed82a4716e7effcbMark Andrews * If any request gets through ap_process_request_internal() and is
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater scheduled to be served by the core handler, without a flag that this
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews r->filename was tested by dir/file_walk, we need to 500 at the very
3c5dffc581c882235485cf5eaf7cd6a5e07548bfAutomatic Updater end of the ap_process_request_internal() processing so sub_req-esters
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews know this request cannot be run. This provides authors of older
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews modules better compatibility, while still improving the security and
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews robustness of 2.0.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Status: still need to decide where this goes, OtherBill comments...
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews [Deleted comments regarding the ap_run_handler phase, as irrelevant
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews as BillS points out that "common case will be caught in
4b2cb1422c7c600fbc13b1cb06a8b4693bc11af8Mark Andrews default_handler already (with the r->finfo.filetype == 0 check)"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews and the issue is detecting this -before- we try to run the req.]
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater gregames says: can this happen somehow without a broken module
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater being involved? If not, why waste cycles trying to defend against
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater potential broken modules? It seems futile.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater wrowe counters: no, it shouldn't happen unless the module is broken.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews But the right answer is to fail the request up-front in dir/file
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson walk if the path was entirely invalid; and we can't do that either
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews * Can a static httpd be built reliably?
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Message-ID: <20020207142751.T31582@clove.org>
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews removed if possible.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Jeff wonders if we still care about this. It is no longer an
b4cebdb6ccde66a8f3e397a1b90b0cf788519d69Automatic Updater API issue but simply an extra trip through the brigade.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Try to get libtool inter-library dependency code working on AIX.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Justin says: If we get it working on AIX, we can enable this
6c6a121295b30772cbf3dd75a51fb9d883051a0eAutomatic Updater on all platforms and clean up our build system somewhat.
bc0a4c01beede169df81a3ee5b614ed9e82339dbAutomatic Updater Jeff says: I thought I tested a patch for you sometime in
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington January that you were going to commit within a few days.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Handling of %2f in URIs. Currently both 1.3 and 2.0
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington completely disallow %2f in the request URI path (see
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ap_unescape_url() in util.c). It's permitted and passed
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington through in the query string, however. Roy says the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington original reason for disallowing it, from five years ago,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington was to protect CGI scripts that applied PATH_INFO to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington a filesystem location and which might be tricked by
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ..%2f..%2f(...). We *should* allow path-info of the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington form 'http://foo.com/index.cgi/path/to/path%2finfo'.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Since we've revamped a lot of our processing of path
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington segments, it would be nice to allow this, or at least
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington allow it conditionally with a directive.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington OtherBill adds that %2f as the SECOND character of a multibyte
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington sequence causes the request to fail! This happens notably in
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington the ja-jis encoding.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * There is increasing demand from module writers for an API
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington that will allow them to control the server à la apachectl.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Reasons include sole-function servers that need to die if
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington an external dependency (e.g., a database) fails, et cetera.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Perhaps something in the (ever more abused) scoreboard?
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington On the other hand, we already have a pipe that goes between parent
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and child for graceful shutdown events, along with an API that
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington can be used to send a message down that pipe. In threaded MPMs,
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington it is easy enough to make that one pipe be used for graceful
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and graceless events, and it is also easy to open that pipe
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to both parent and child for writing. Then we just need to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington figure out how to do graceless on non-threaded MPMs.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Allow the DocumentRoot directive within <Location > scopes? This
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington by a <Directory /somepath/foo> to become simply
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington and in-your-face.) DocumentRoot unset would be accepted [and would
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington not permit content to be served, only virtual resources such as
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington server-info or server-status.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington This proposed change would _not_ depricate Alias.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington striker: See the thread starting with Message-ID:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Win32: Rotatelogs sometimes is not terminated when Apache
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington goes down hard. FirstBill was looking at possibly tracking the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington child's-child processes in the parent process.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington stoddard: Shared scoreboard might offer a good way for the parent
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to keep track of 'other child' processes and whack them if the child
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Other thoughts on walking the process chain using the NT kernel
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington have also been proposed on APR.
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater * Eliminate unnecessary creation of pipes in mod_cgid
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * Combine log_child and piped_log_spawn. Clean up http_log.c.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington Common logging API.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington * Platforms that do not support fork (primarily Win32 and AS/400)
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews Architect start-up code that avoids initializing all the modules
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews in the parent process on platforms that do not support fork.
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews * There are still a number of places in the code where we are
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington losing error status (i.e. throwing away the error returned by a
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews system call and replacing it with a generic error code)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Mass vhosting version of suEXEC.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * All DBMs suffer from confusion in support/dbmmanage (perl script) since
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington the dbmmanage employs the first-matched dbm format. This is not
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington necessarily the library that Apache was built with. Aught to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington rewrite dbmmanage upon installation to bin/ with the proper library
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington for predictable mod_auth_dbm administration.
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater Questions; htdbm exists, time to kill dbmmanage, or does it remain
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater useful as a perl dbm management example? If we keep it,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater do we address the issue above?
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Integrate mod_dav.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Some additional items remaining:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater - case_preserved_filename stuff
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater (use the new canonical name stuff?)
c01dec514a81ecf8c17ca3ef8c3ba95e437295ebAutomatic Updater - find a new home for ap_text(_header)
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater - is it possible to remove the DAV: namespace stuff from util_xml?
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater are a bit wonky. The function should probably be exposed as a utility
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater function (such as ap_translate_url2fs() or ap_validate_fs_url() or
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater something). Another approach would be a new hook phase after
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington "translate" which would allow the module to munge what the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater translation has decided to do.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington Status: Greg +1 (volunteers)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Explore use of a post-config hook for the code in http_main.c which
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ap_sort_hooks() [to reduce the logic in main()]
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * read the config tree just once, and process N times (as necessary)
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington into a VirtualHost container) to 2.0.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * shift stuff to mod_core.h
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * callers of ap_run_create_request() should check the return value
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington for failure (Doug volunteers)
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews * Fix the worker MPM to use POD to kill child processes instead
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews of ap_os_killpg, regardless of how they should die.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington chrisd: Is this done, by any chance? See r92598 and r93358.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Scoreboard structures could be changed in the future such that
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington proper alignment is not maintained, leading to segfaults on
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater some systems. Cliff posted a patch to deal with this issue but
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater later recanted. See this message to dev@apr.apache.org:
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater <Pine.LNX.4.44.0203011354090.16457-200000@deepthought.cs.virginia.edu>
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * APXS either needs to be fixed completely for use when apr is out of tree,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater or it should drop query mode altogether, and we just grow an
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington httpd-config or similar arrangement.
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews To quote a discussion in STATUS earlier:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington thommay: this doesn't fix all the problems with apxs and out of
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington tree apr/apr-util, but it's a good start. There's still the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington query cases; but I'm beginning to think that in these cases
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington the app should be querying ap{r,u}-config directly
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington deprecate -q: add htpd-config: gstein, pquerna, minfrin, pgollucci
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonTODO ISSUES REMAINING IN MOD_SSL:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * Do we need SSL_set_read_ahead()?
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * SSLRequire directive (parsing of) leaks memory
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews * Diffie-Hellman-Parameters for temporary keys are hardcoded in
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington "it is suggested that keys be changed daily or every 500
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews transactions, and more often if possible."
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * ssl_var_lookup could be rewritten to be MUCH faster
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater * CRL callback should be pluggable
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * session cache store should be pluggable
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * init functions should return status code rather than ssl_die()
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * ssl_engine_pphrase.c needs to be reworked so it is generic enough
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington to also decrypt proxy keys
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * output warning when allowing SSL v2.0 ? its so old
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * mod_proxy: Ability to run SSL over proxy gateway connections,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater encrypting (or reencrypting) at the proxy.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * mod_cache: Handle ESI tags.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * mod_cache: Resolve issue of how to cache page fragments (or perhaps
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater -if- we want to cache page fragments). Today, mod_cache/mod_mem_cache
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater will cache #include 'virtual' requests (but not #include 'file'
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater requests). This was accomplished by making CACHE_IN a
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater filter. But now responses cannot be cached that include the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington effects of having been run through CONTENT_SET filters
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater (mod_deflate, mod_expires, etc). We could rerun all the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington CONTENT_SET filters on the cached response, but this will not
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews work in all cases. For example, mod_expires relies on installing
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington the EXPIRATION filter during fixups. Contents served out of
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews mod_cache (out of the quick_handler) bypass -all- the request
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington line server hooks (Ryan really hated this. It is great for
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews performance, but bad because of the complications listed above).
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews * mod_mem_cache: Consider adding a RevalidateTimeout directive to
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington specify time at which local cached content is to be revalidated
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington (ie, underlying file stat'ed to see if it has changed).
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington jerenkrantz says: Too slow. Get regexs away from speedy caches by
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington default. Introduce a new CacheEnableRegex if you want.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington * mod_mem_cache/mod_disk_cache: Need to be able to query cache
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington status (num of entries, cache object properties, etc.).
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_status could be extended to query optional hooks defined
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington by modules for the purpose of reporting module status.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington mod_cache (et. al.) could define optional hooks that are called
a26b22914b7bf25f065afb8cdef983766dcd672bAutomatic Updater to collect status. Status should be queryable by
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington jerenkrantz says: Yawn. Who cares.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater * Regex containers don't work in an intutive way
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater Status: No one has come up with an efficient way to fix this
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater behavior. Dean has suggested getting rid of regex containers
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater OtherBill suggests: We at least seem to agree on eliminating
b0d566a2ce0f5a67f537ee7f8233f82f2584cc61Automatic Updater the <Container ~ foo> forms, and using only
b0d566a2ce0f5a67f537ee7f8233f82f2584cc61Automatic Updater <ContainerMatch foo> semantics.
b4cebdb6ccde66a8f3e397a1b90b0cf788519d69Automatic Updater * orig_ct in the byterange/multipart handling may not be
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater needed. Apache 1.3 just never stashed "multipart" into
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater r->content_type. We should probably follow suit since the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington byterange stuff doesn't want the rest of the code to see the
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic Updater multipart content-type; the other code should still think it is
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews dealing with the <orig_ct> stuff.
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater Status: Greg volunteers to investigate (esp. since he was most
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater likely the one to break it :-)
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic UpdaterEXPERIMENTAL MODULES:
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater Experimental modules should eventually be be promoted to fully supported
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater status or removed from the repository entirely (ie, the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater 'experiment' failed). This section tracks what needs to happen to
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington get the modules promoted to fully supported status.