STATUS revision de2d327e43e0f17cdb64851beafecba96a0ed962
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleAPACHE 2.3 STATUS: -*-text-*-
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleLast modified at [$Date$]
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleThe current version of this file can be found at:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleDocumentation status is maintained seperately and can be found at:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * docs/STATUS in this source tree, or
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleConsult the following STATUS files for information on related projects:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabelePatches considered for backport are noted in their branches' STATUS:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleRelease history:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele while x.{even}.z versions are Stable/GA releases.]
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.13 : In development.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.12 : Tagged on May 11, 2011.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.11 : Released as Beta on March 7, 2011.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.10 : Tagged on December 13, 2010. Released Dec 21, 2010.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.9 : Tagged on November 23, 2010, not released.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.8 : Tagged on August 24, 2010.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.7 : Tagged on August 19, 2010, not released.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 2.3.6 : Released on June 21, 2010.
cbbae5f6f6dab2f4431c8609ef9aee6c00705645nd 2.3.5 : Released on January 26, 2010.
cbbae5f6f6dab2f4431c8609ef9aee6c00705645nd 2.3.4 : Released on December 8, 2009.
cbbae5f6f6dab2f4431c8609ef9aee6c00705645nd 2.3.3 : Tagged on November 11, 2009, not released.
cbbae5f6f6dab2f4431c8609ef9aee6c00705645nd 2.3.2 : Tagged on March 23, 2009, not released.
cbbae5f6f6dab2f4431c8609ef9aee6c00705645nd 2.3.1 : Tagged on January 2, 2009, not released.
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd 2.3.0 : Tagged on December 6, 2008, not released.
1fb92290c22cf761b7219074d75cde2016050ed1slive
d177004a74b061338daf7f2603197d673ed76d36kessContributors looking for a mission:
43a46e566e58e888c7889448cabd3dcf1f4b9fbend
43a46e566e58e888c7889448cabd3dcf1f4b9fbend * Just do an egrep on "TODO" or "XXX" in the source.
43a46e566e58e888c7889448cabd3dcf1f4b9fbend
9a1b062f73a4a085af8fe41fae402aaee41d33ccnd * Review the bug database at: http://issues.apache.org/bugzilla/
9a1b062f73a4a085af8fe41fae402aaee41d33ccnd
9a1b062f73a4a085af8fe41fae402aaee41d33ccnd * Review the "PatchAvailable" bugs in the bug database:
9a1b062f73a4a085af8fe41fae402aaee41d33ccnd
43a46e566e58e888c7889448cabd3dcf1f4b9fbend https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele After testing, you can append a comment saying "Reviewed and tested".
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Open bugs in the bug database.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * See also the STATUS file in the docs/ directory, which lists documentation-specific TODO items.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleCURRENT RELEASE NOTES:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleGA PLAN:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Jim proposes another beta release the end of March, another in
3726777f47ac4bba3e21b075905959bbea47e72eerikabele April with a goal towards GA in May (at the latest). Jim volunteers
3726777f47ac4bba3e21b075905959bbea47e72eerikabele to RM these.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1ndRELEASE SHOWSTOPPERS:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd FOR GA:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Modules that are not ready for production use must be removed.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele The same for modules without documentation.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Candidates:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele - MPM simple
3726777f47ac4bba3e21b075905959bbea47e72eerikabele - mod_serf (which is optimal for async httpd anyways)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Review the example configuration. It should be based on current best
3726777f47ac4bba3e21b075905959bbea47e72eerikabele practices and not use deprecated features.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele wrowe sez: be specific or this isn't a SHOWSTOPPER
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * The mod_session* modules need to be checked that their hooks respect
3726777f47ac4bba3e21b075905959bbea47e72eerikabele the returning of int (HTTP status codes) and apr_status_t as appropriate,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele and any anomolies fixed.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd jim sez: from what I can see, mod_session* is no worse that other
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd modules that mix these 2 types... clean up is
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd forthcoming but should not be considered a blocker, imo
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd pgollucci: +1 jim
eed750bc8c60b3057bf2f39a60866796260ee594slive wrowe asks: what's the API change required?
eed750bc8c60b3057bf2f39a60866796260ee594slive wrowe asks; why are we shipping this if it requires apr_ssl
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * mod_ssl's proxy support only allows one proxy client certificate per
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd frontend virtual host. Lift this restriction.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd jim sez: Why a blocker?, pgollucci +1 jim
a6d007137e5f9daa1b188752a35b2146065e69bfslive wrowe asks: what's the API change required?
d177004a74b061338daf7f2603197d673ed76d36kess
a6d007137e5f9daa1b188752a35b2146065e69bfslive * Clarify/potentially change the meaning of MaxConnections for Event MPM
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd with respect to accepting new connections and keep alive requests for
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd the docs and example config. This shouldn't change after users and
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd vendors have set up their stock config for event. This will end up
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd as a per-process thing for efficiency.
7884a25869c5f99d815f7e2e9e42562ec532275dnd
7884a25869c5f99d815f7e2e9e42562ec532275dnd * INCLUDE mod_fcgid with 2.4.0, esp to help php users etc to enjoy
7884a25869c5f99d815f7e2e9e42562ec532275dnd a painless event mpm experience.
d177004a74b061338daf7f2603197d673ed76d36kess
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Decouple from apr_ldap to ease the transition to apr-2.0
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd FOR BETA:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele OLD ISSUES THAT WERE THOUGHT TO BE SHOWSTOPPERS FOR 2.2 BUT OBVIOUSLY WEREN'T:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Handling of non-trailing / config by non-default handler is broken
3726777f47ac4bba3e21b075905959bbea47e72eerikabele http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105451701628081&w=2
3726777f47ac4bba3e21b075905959bbea47e72eerikabele jerenkrantz asks: Why should this block a release?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele wsanchez agrees: this may be a change in behavior, but isn't
3726777f47ac4bba3e21b075905959bbea47e72eerikabele clearly wrong, and even if so, it doesn't seem like a
3726777f47ac4bba3e21b075905959bbea47e72eerikabele showstopper.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * the edge connection filter cannot be removed
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd jerenkrantz asks: Why should this block a release?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele stas replies: because it requires a rewrite of the filters stack
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd implementation (you have suggested that) and once 2.2 is
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd released you can't do that anymore.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
3726777f47ac4bba3e21b075905959bbea47e72eerikabele pgollucci: this affects mod_perl I'm pretty sure.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleCURRENT VOTES:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Name the Server (version 2.4 or 3.0, depending on the final call)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Recent discussion indicates we should designate a (short name).
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd This is not yet a [Vote] - Your nominations please:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Apache HTTP Server (httpd)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele +1: sctemme (why mess with it?), pgollucci
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1ndRELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Clean up all the kruft and *extremely* outdated stuff below...
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd * Maybe remove Limit/LimitExcept or at least make it log warnings when
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd mis-used.
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd * Sort out modules selections for most/all/reallyall. Maybe rename
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd all -> most, reallyall -> all, and remove the old 'most'.
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Patches submitted to the bug database:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Filter stacks and subrequests, redirects and fast redirects.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd There's at least one PR that suffers from the current unclean behaviour
3726777f47ac4bba3e21b075905959bbea47e72eerikabele (which lets the server send garbage): PR 17629
3726777f47ac4bba3e21b075905959bbea47e72eerikabele nd says: Every subrequest should get its own filter stack with the
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd subreq_core filter as bottom-most. That filter does two things:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd - swallow EOS buckets
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd - redirect the data stream to the upper request's (rr->main)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd filter chain directly after the subrequest's starting
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd point.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Once we have a clean solution, we can try to optimize
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd it, so that the server won't be slow down too much.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * RFC 2616 violations.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Closed PRs: 15852, 15857, 15859, 15861, 15864, 15869, 15870, 16120,
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd 16125, 16135, 16136, 16137, 16138, 16139, 16140, 16518,
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd 16520, 49825
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Open PRs: 15865, 15866, 15868, 16126, 16133, 16142, 16521, 42978
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd jerenkrantz says: need to decide how many we need to backport and/or
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd if these rise to showstopper status.
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd wrowe suggests: it would be nice to see "MUST" v.s. "SHOULD" v.s. "MAY"
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd out of this list, without reviewing them individually.
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd * pipes deadlock on all platforms with limited pipe buffers (e.g. both
29fb68cf24dbdb4985cbb4734cb6074ea4bbab26nd Linux and Win32, as opposed to only Win32 on 1.3). The right solution
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd is either GStein's proposal for a "CGI Brigade", or OtherBill's proposal
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd for "Poll Buckets" for "Polling Filter Chains". Or maybe both :-)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * All handlers should always send content down even if r->header_only
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd is set. If not, it means that the HEAD requests don't generate the
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd same headers as a GET which is wrong.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * exec cmd and suexec arg-passing enhancements
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Status: Patches proposed
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Message-ID: <20020526041748.A29148@prodigy.Redbrick.DCU.IE>
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd (see the "proc.patch" and "suexec-shell.patch" links in this message)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * The 2.0.36 worker MPM graceless shutdown changes work but are
3726777f47ac4bba3e21b075905959bbea47e72eerikabele a bit clunky on some platforms; eg, on Linux, the loop to
3726777f47ac4bba3e21b075905959bbea47e72eerikabele join each worker thread seems to hang, and the parent ends up
3726777f47ac4bba3e21b075905959bbea47e72eerikabele killing off the child with SIGKILL. But at least it shuts down.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele chrisd: Has this been fixed by the changes for PR 38737?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * We do not properly substitute the prefix-variables in the configuration
3726777f47ac4bba3e21b075905959bbea47e72eerikabele scripts or generated-configs. (i.e. if sysconfdir is etc,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele httpd-std.conf points to conf.)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * If any request gets through ap_process_request_internal() and is
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd scheduled to be served by the core handler, without a flag that this
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd r->filename was tested by dir/file_walk, we need to 500 at the very
3726777f47ac4bba3e21b075905959bbea47e72eerikabele end of the ap_process_request_internal() processing so sub_req-esters
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd know this request cannot be run. This provides authors of older
3726777f47ac4bba3e21b075905959bbea47e72eerikabele modules better compatibility, while still improving the security and
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd robustness of 2.0.
480bee29abcc415b6b8c18d2ecbf2c5f88f1f05bnd
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Status: still need to decide where this goes, OtherBill comments...
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd [Deleted comments regarding the ap_run_handler phase, as irrelevant
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd as BillS points out that "common case will be caught in
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd default_handler already (with the r->finfo.filetype == 0 check)"
3726777f47ac4bba3e21b075905959bbea47e72eerikabele and the issue is detecting this -before- we try to run the req.]
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele gregames says: can this happen somehow without a broken module
3726777f47ac4bba3e21b075905959bbea47e72eerikabele being involved? If not, why waste cycles trying to defend against
3726777f47ac4bba3e21b075905959bbea47e72eerikabele potential broken modules? It seems futile.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele wrowe counters: no, it shouldn't happen unless the module is broken.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele But the right answer is to fail the request up-front in dir/file
3726777f47ac4bba3e21b075905959bbea47e72eerikabele walk if the path was entirely invalid; and we can't do that either
3726777f47ac4bba3e21b075905959bbea47e72eerikabele UNTIL 2.1 or we break modules that haven't hooked map_to_storage.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Can a static httpd be built reliably?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Message-ID: <20020207142751.T31582@clove.org>
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd removed if possible.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Message-ID:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd <Pine.LNX.4.33.0201202232430.318-100000@deepthought.cs.virginia.edu>
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Jeff wonders if we still care about this. It is no longer an
3726777f47ac4bba3e21b075905959bbea47e72eerikabele API issue but simply an extra trip through the brigade.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Try to get libtool inter-library dependency code working on AIX.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Justin says: If we get it working on AIX, we can enable this
3726777f47ac4bba3e21b075905959bbea47e72eerikabele on all platforms and clean up our build system somewhat.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Jeff says: I thought I tested a patch for you sometime in
3726777f47ac4bba3e21b075905959bbea47e72eerikabele January that you were going to commit within a few days.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Handling of %2f in URIs. Currently both 1.3 and 2.0
3726777f47ac4bba3e21b075905959bbea47e72eerikabele completely disallow %2f in the request URI path (see
3726777f47ac4bba3e21b075905959bbea47e72eerikabele ap_unescape_url() in util.c). It's permitted and passed
3726777f47ac4bba3e21b075905959bbea47e72eerikabele through in the query string, however. Roy says the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele original reason for disallowing it, from five years ago,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele was to protect CGI scripts that applied PATH_INFO to
3726777f47ac4bba3e21b075905959bbea47e72eerikabele a filesystem location and which might be tricked by
3726777f47ac4bba3e21b075905959bbea47e72eerikabele ..%2f..%2f(...). We *should* allow path-info of the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele form 'http://foo.com/index.cgi/path/to/path%2finfo'.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Since we've revamped a lot of our processing of path
3726777f47ac4bba3e21b075905959bbea47e72eerikabele segments, it would be nice to allow this, or at least
3726777f47ac4bba3e21b075905959bbea47e72eerikabele allow it conditionally with a directive.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele OtherBill adds that %2f as the SECOND character of a multibyte
3726777f47ac4bba3e21b075905959bbea47e72eerikabele sequence causes the request to fail! This happens notably in
3726777f47ac4bba3e21b075905959bbea47e72eerikabele the ja-jis encoding.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * There is increasing demand from module writers for an API
3726777f47ac4bba3e21b075905959bbea47e72eerikabele that will allow them to control the server à la apachectl.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Reasons include sole-function servers that need to die if
3726777f47ac4bba3e21b075905959bbea47e72eerikabele an external dependency (e.g., a database) fails, et cetera.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Perhaps something in the (ever more abused) scoreboard?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele On the other hand, we already have a pipe that goes between parent
3726777f47ac4bba3e21b075905959bbea47e72eerikabele and child for graceful shutdown events, along with an API that
3726777f47ac4bba3e21b075905959bbea47e72eerikabele can be used to send a message down that pipe. In threaded MPMs,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele it is easy enough to make that one pipe be used for graceful
3726777f47ac4bba3e21b075905959bbea47e72eerikabele and graceless events, and it is also easy to open that pipe
3726777f47ac4bba3e21b075905959bbea47e72eerikabele to both parent and child for writing. Then we just need to
3726777f47ac4bba3e21b075905959bbea47e72eerikabele figure out how to do graceless on non-threaded MPMs.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Allow the DocumentRoot directive within <Location > scopes? This
d177004a74b061338daf7f2603197d673ed76d36kess allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
3726777f47ac4bba3e21b075905959bbea47e72eerikabele by a <Directory /somepath/foo> to become simply
3726777f47ac4bba3e21b075905959bbea47e72eerikabele <Location /foo/> DocumentRoot /somefile/foo (IMHO a bit more legible
3726777f47ac4bba3e21b075905959bbea47e72eerikabele and in-your-face.) DocumentRoot unset would be accepted [and would
3726777f47ac4bba3e21b075905959bbea47e72eerikabele not permit content to be served, only virtual resources such as
3726777f47ac4bba3e21b075905959bbea47e72eerikabele server-info or server-status.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele This proposed change would _not_ depricate Alias.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele striker: See the thread starting with Message-ID:
65241490e40aa0c831988073eed0633dad10c6f2nd JLEGKKNELMHCJPNMOKHOGEEJFBAA.striker@apache.org.
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Win32: Rotatelogs sometimes is not terminated when Apache
65241490e40aa0c831988073eed0633dad10c6f2nd goes down hard. FirstBill was looking at possibly tracking the
65241490e40aa0c831988073eed0633dad10c6f2nd child's-child processes in the parent process.
65241490e40aa0c831988073eed0633dad10c6f2nd stoddard: Shared scoreboard might offer a good way for the parent
65241490e40aa0c831988073eed0633dad10c6f2nd to keep track of 'other child' processes and whack them if the child
65241490e40aa0c831988073eed0633dad10c6f2nd goes down.
65241490e40aa0c831988073eed0633dad10c6f2nd Other thoughts on walking the process chain using the NT kernel
65241490e40aa0c831988073eed0633dad10c6f2nd have also been proposed on APR.
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Eliminate unnecessary creation of pipes in mod_cgid
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Combine log_child and piped_log_spawn. Clean up http_log.c.
65241490e40aa0c831988073eed0633dad10c6f2nd Common logging API.
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Platforms that do not support fork (primarily Win32 and AS/400)
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd Architect start-up code that avoids initializing all the modules
65241490e40aa0c831988073eed0633dad10c6f2nd in the parent process on platforms that do not support fork.
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * There are still a number of places in the code where we are
65241490e40aa0c831988073eed0633dad10c6f2nd losing error status (i.e. throwing away the error returned by a
65241490e40aa0c831988073eed0633dad10c6f2nd system call and replacing it with a generic error code)
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Mass vhosting version of suEXEC.
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * All DBMs suffer from confusion in support/dbmmanage (perl script) since
65241490e40aa0c831988073eed0633dad10c6f2nd the dbmmanage employs the first-matched dbm format. This is not
65241490e40aa0c831988073eed0633dad10c6f2nd necessarily the library that Apache was built with. Aught to
65241490e40aa0c831988073eed0633dad10c6f2nd rewrite dbmmanage upon installation to bin/ with the proper library
65241490e40aa0c831988073eed0633dad10c6f2nd for predictable mod_auth_dbm administration.
65241490e40aa0c831988073eed0633dad10c6f2nd Questions; htdbm exists, time to kill dbmmanage, or does it remain
65241490e40aa0c831988073eed0633dad10c6f2nd useful as a perl dbm management example? If we keep it,
65241490e40aa0c831988073eed0633dad10c6f2nd do we address the issue above?
65241490e40aa0c831988073eed0633dad10c6f2nd
65241490e40aa0c831988073eed0633dad10c6f2nd * Integrate mod_dav.
65241490e40aa0c831988073eed0633dad10c6f2nd Some additional items remaining:
65241490e40aa0c831988073eed0633dad10c6f2nd - case_preserved_filename stuff
65241490e40aa0c831988073eed0633dad10c6f2nd (use the new canonical name stuff?)
65241490e40aa0c831988073eed0633dad10c6f2nd - find a new home for ap_text(_header)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele - is it possible to remove the DAV: namespace stuff from util_xml?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * ap_core_translate() and its use by mod_mmap_static and mod_file_cache
3726777f47ac4bba3e21b075905959bbea47e72eerikabele are a bit wonky. The function should probably be exposed as a utility
3726777f47ac4bba3e21b075905959bbea47e72eerikabele function (such as ap_translate_url2fs() or ap_validate_fs_url() or
3726777f47ac4bba3e21b075905959bbea47e72eerikabele something). Another approach would be a new hook phase after
3726777f47ac4bba3e21b075905959bbea47e72eerikabele "translate" which would allow the module to munge what the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele translation has decided to do.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Status: Greg +1 (volunteers)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Explore use of a post-config hook for the code in http_main.c which
3726777f47ac4bba3e21b075905959bbea47e72eerikabele calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and
3726777f47ac4bba3e21b075905959bbea47e72eerikabele ap_sort_hooks() [to reduce the logic in main()]
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * read the config tree just once, and process N times (as necessary)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * (possibly) port the bug fix for PR 6942 (segv when LoadModule is put
3726777f47ac4bba3e21b075905959bbea47e72eerikabele into a VirtualHost container) to 2.0.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * shift stuff to mod_core.h
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * callers of ap_run_create_request() should check the return value
3726777f47ac4bba3e21b075905959bbea47e72eerikabele for failure (Doug volunteers)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * Fix the worker MPM to use POD to kill child processes instead
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd of ap_os_killpg, regardless of how they should die.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd chrisd: Is this done, by any chance? See r92598 and r93358.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Scoreboard structures could be changed in the future such that
3726777f47ac4bba3e21b075905959bbea47e72eerikabele proper alignment is not maintained, leading to segfaults on
3726777f47ac4bba3e21b075905959bbea47e72eerikabele some systems. Cliff posted a patch to deal with this issue but
3726777f47ac4bba3e21b075905959bbea47e72eerikabele later recanted. See this message to dev@apr.apache.org:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Message-ID:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele <Pine.LNX.4.44.0203011354090.16457-200000@deepthought.cs.virginia.edu>
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * APXS either needs to be fixed completely for use when apr is out of tree,
3726777f47ac4bba3e21b075905959bbea47e72eerikabele or it should drop query mode altogether, and we just grow an
3726777f47ac4bba3e21b075905959bbea47e72eerikabele httpd-config or similar arrangement.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele To quote a discussion in STATUS earlier:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele thommay: this doesn't fix all the problems with apxs and out of
3726777f47ac4bba3e21b075905959bbea47e72eerikabele tree apr/apr-util, but it's a good start. There's still the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele query cases; but I'm beginning to think that in these cases
3726777f47ac4bba3e21b075905959bbea47e72eerikabele the app should be querying ap{r,u}-config directly
3726777f47ac4bba3e21b075905959bbea47e72eerikabele deprecate -q: add htpd-config: gstein, pquerna, minfrin, pgollucci
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd other:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1ndTODO ISSUES REMAINING IN MOD_SSL:
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Do we need SSL_set_read_ahead()?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * SSLRequire directive (parsing of) leaks memory
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Diffie-Hellman-Parameters for temporary keys are hardcoded in
3726777f47ac4bba3e21b075905959bbea47e72eerikabele ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele "it is suggested that keys be changed daily or every 500
3726777f47ac4bba3e21b075905959bbea47e72eerikabele transactions, and more often if possible."
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * ssl_var_lookup could be rewritten to be MUCH faster
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * CRL callback should be pluggable
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * session cache store should be pluggable
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * init functions should return status code rather than ssl_die()
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * ssl_engine_pphrase.c needs to be reworked so it is generic enough
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd to also decrypt proxy keys
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * output warning when allowing SSL v2.0 ? its so old
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1ndWISH LIST
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * mod_proxy: Ability to run SSL over proxy gateway connections,
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd encrypting (or reencrypting) at the proxy.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * mod_cache: Handle ESI tags.
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd * mod_cache: Resolve issue of how to cache page fragments (or perhaps
d3cd98e7839dd1c737c18d42a916ed20860a50e1nd -if- we want to cache page fragments). Today, mod_cache/mod_mem_cache
3726777f47ac4bba3e21b075905959bbea47e72eerikabele will cache #include 'virtual' requests (but not #include 'file'
3726777f47ac4bba3e21b075905959bbea47e72eerikabele requests). This was accomplished by making CACHE_IN a
3726777f47ac4bba3e21b075905959bbea47e72eerikabele CONTENT_SET-1 filter to force it to run before the SUBREQ_CORE
3726777f47ac4bba3e21b075905959bbea47e72eerikabele filter. But now responses cannot be cached that include the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele effects of having been run through CONTENT_SET filters
3726777f47ac4bba3e21b075905959bbea47e72eerikabele (mod_deflate, mod_expires, etc). We could rerun all the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele CONTENT_SET filters on the cached response, but this will not
3726777f47ac4bba3e21b075905959bbea47e72eerikabele work in all cases. For example, mod_expires relies on installing
3726777f47ac4bba3e21b075905959bbea47e72eerikabele the EXPIRATION filter during fixups. Contents served out of
3726777f47ac4bba3e21b075905959bbea47e72eerikabele mod_cache (out of the quick_handler) bypass -all- the request
3726777f47ac4bba3e21b075905959bbea47e72eerikabele line server hooks (Ryan really hated this. It is great for
3726777f47ac4bba3e21b075905959bbea47e72eerikabele performance, but bad because of the complications listed above).
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele mod_cache/mod_mem_cache/mod_cache_disk:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * mod_mem_cache: Consider adding a RevalidateTimeout directive to
3726777f47ac4bba3e21b075905959bbea47e72eerikabele specify time at which local cached content is to be revalidated
3726777f47ac4bba3e21b075905959bbea47e72eerikabele (ie, underlying file stat'ed to see if it has changed).
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * mod_cache: CacheEnable/CacheDisable should accept regular expressions.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele jerenkrantz says: Too slow. Get regexs away from speedy caches by
3726777f47ac4bba3e21b075905959bbea47e72eerikabele default. Introduce a new CacheEnableRegex if you want.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * mod_mem_cache/mod_cache_disk: Need to be able to query cache
3726777f47ac4bba3e21b075905959bbea47e72eerikabele status (num of entries, cache object properties, etc.).
3726777f47ac4bba3e21b075905959bbea47e72eerikabele mod_status could be extended to query optional hooks defined
3726777f47ac4bba3e21b075905959bbea47e72eerikabele by modules for the purpose of reporting module status.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele mod_cache (et. al.) could define optional hooks that are called
d177004a74b061338daf7f2603197d673ed76d36kess to collect status. Status should be queryable by
3726777f47ac4bba3e21b075905959bbea47e72eerikabele HTTP or SNMP?
3726777f47ac4bba3e21b075905959bbea47e72eerikabele jerenkrantz says: Yawn. Who cares.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * Regex containers don't work in an intutive way
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Status: No one has come up with an efficient way to fix this
3726777f47ac4bba3e21b075905959bbea47e72eerikabele behavior. Dean has suggested getting rid of regex containers
3726777f47ac4bba3e21b075905959bbea47e72eerikabele completely.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele OtherBill suggests: We at least seem to agree on eliminating
3726777f47ac4bba3e21b075905959bbea47e72eerikabele the <Container ~ foo> forms, and using only
d177004a74b061338daf7f2603197d673ed76d36kess <ContainerMatch foo> semantics.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele * orig_ct in the byterange/multipart handling may not be
3726777f47ac4bba3e21b075905959bbea47e72eerikabele needed. Apache 1.3 just never stashed "multipart" into
3726777f47ac4bba3e21b075905959bbea47e72eerikabele r->content_type. We should probably follow suit since the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele byterange stuff doesn't want the rest of the code to see the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele multipart content-type; the other code should still think it is
3726777f47ac4bba3e21b075905959bbea47e72eerikabele dealing with the <orig_ct> stuff.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Status: Greg volunteers to investigate (esp. since he was most
3726777f47ac4bba3e21b075905959bbea47e72eerikabele likely the one to break it :-)
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabeleEXPERIMENTAL MODULES:
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele Experimental modules should eventually be be promoted to fully supported
3726777f47ac4bba3e21b075905959bbea47e72eerikabele status or removed from the repository entirely (ie, the
3726777f47ac4bba3e21b075905959bbea47e72eerikabele 'experiment' failed). This section tracks what needs to happen to
d177004a74b061338daf7f2603197d673ed76d36kess get the modules promoted to fully supported status.
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele
3726777f47ac4bba3e21b075905959bbea47e72eerikabele