1 |
-*- coding: utf-8 -*- |
2 |
Changes with Apache 2.3.2 |
3 |
|
4 |
*) mod_negotiation: Escape pathes of filenames in 406 responses to avoid |
5 |
HTML injections and HTTP response splitting. PR 46837. |
6 |
[Geoff Keating <geoffk apple.com>] |
7 |
|
8 |
*) mod_ssl: add support for type-safe STACK constructs in OpenSSL |
9 |
development HEAD. PR 45521. [Kaspar Brand, Sander Temme] |
10 |
|
11 |
*) ab: Fix maintenance of the pollset to resolve EALREADY errors |
12 |
with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris). |
13 |
PR 44584. Use APR_POLLSET_NOCOPY for better performance with some |
14 |
pollset implementations. [Jeff Trawick] |
15 |
|
16 |
*) mod_disk_cache: The module now turns off sendfile support if |
17 |
'EnableSendfile off' is defined globally. [Lars Eilebrecht] |
18 |
|
19 |
*) mod_deflate: Adjust content metadata before bailing out on 304 |
20 |
responses so that the metadata does not differ from 200 response. |
21 |
[Roy T. Fielding] |
22 |
|
23 |
*) mod_deflate: Fix creation of invalid Etag headers. We now make sure |
24 |
that the Etag value is properly quoted when adding the gzip marker. |
25 |
PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding] |
26 |
|
27 |
*) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185. |
28 |
[Peter Harlow] |
29 |
|
30 |
*) Disabled DefaultType directive and removed ap_default_type() |
31 |
from core. We now exclude Content-Type from responses for which |
32 |
a media type has not been configured via mime.types, AddType, |
33 |
ForceType, or some other mechanism. PR 13986. [Roy T. Fielding] |
34 |
|
35 |
*) mod_rewrite: Add IPV6 variable to RewriteCond |
36 |
[Ryan Phillips <ryan-apache trolocsis.com>] |
37 |
|
38 |
*) core: Enhance KeepAliveTimeout to support a value in milliseconds. |
39 |
PR 46275. [Takashi Sato] |
40 |
|
41 |
*) rotatelogs: Allow size units B, K, M, G and combination of |
42 |
time and size based rotation. [Rainer Jung] |
43 |
|
44 |
*) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung] |
45 |
|
46 |
*) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508 |
47 |
[<tlhackque yahoo.com>] |
48 |
|
49 |
*) core: Translate the the status line to ASCII on EBCDIC platforms in |
50 |
ap_send_interim_response() and for locally generated "100 Continue" |
51 |
responses. [Eric Covener] |
52 |
|
53 |
*) prefork: Fix child process hang during graceful restart/stop in |
54 |
configurations with multiple listening sockets. PR 42829. [Joe Orton, |
55 |
Jeff Trawick] |
56 |
|
57 |
*) mod_session_crypto: Ensure that SessionCryptoDriver can only be |
58 |
set in the global scope. [Graham Leggett] |
59 |
|
60 |
*) mod_ext_filter: We need to detect failure to startup the filter |
61 |
program (a mangled response is not acceptable). Fix to detect |
62 |
failure, and offer configuration option either to abort or |
63 |
to remove the filter and continue. |
64 |
PR 41120 [Nick Kew] |
65 |
|
66 |
*) mod_session_crypto: Rewrite the session_crypto module against the |
67 |
apr_crypto API. [Graham Leggett] |
68 |
|
69 |
*) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest |
70 |
until the main request is cleaned up. [Graham Leggett] |
71 |
|
72 |
Changes with Apache 2.3.1 |
73 |
|
74 |
*) ap_slotmem: Add in new slot-based memory access API impl., including |
75 |
2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski, |
76 |
Jean-Frederic Clere, Brian Akins <brian.akins turner.com>] |
77 |
|
78 |
*) mod_include: support generating non-ASCII characters as entities in SSI |
79 |
PR 25202 [Nick Kew] |
80 |
|
81 |
*) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars |
82 |
PR 25202 [Nick Kew] |
83 |
|
84 |
*) mod_rewrite: fix "B" flag breakage by reverting r5589343 |
85 |
PR 45529 [Bob Ionescu <bobsiegen googlemail.com>] |
86 |
|
87 |
*) CGI: return 504 (Gateway timeout) rather than 500 when a script |
88 |
times out before returning status line/headers. |
89 |
PR 42190 [Nick Kew] |
90 |
|
91 |
*) mod_cgid: fix segfault problem on solaris. |
92 |
PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>] |
93 |
|
94 |
*) mod_proxy_scgi: Added. [André Malo] |
95 |
|
96 |
*) mod_cache: Introduce 'no-cache' per-request environment variable |
97 |
to prevent the saving of an otherwise cacheable response. |
98 |
[Eric Covener] |
99 |
|
100 |
*) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome |
101 |
way that per-directory rewrites append the previous notion of PATH_INFO |
102 |
to each substitution before evaluating subsequent rules. |
103 |
PR 38642 [Eric Covener] |
104 |
|
105 |
*) mod_cgid: Do not add an empty argument when calling the CGI script. |
106 |
PR 46380 [Ruediger Pluem] |
107 |
|
108 |
*) scoreboard: Remove unused sb_type from process_score. |
109 |
[Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch] |
110 |
|
111 |
*) mod_ssl: Add SSLRenegBufferSize directive to allow changing the |
112 |
size of the buffer used for the request-body where necessary |
113 |
during a per-dir renegotiation. PR 39243. [Joe Orton] |
114 |
|
115 |
*) mod_proxy_fdpass: New module to pass a client connection over to a separate |
116 |
process that is reading from a unix daemon socket. |
117 |
|
118 |
*) mod_ssl: Improve environment variable extraction to be more |
119 |
efficient and to correctly handle DNs with duplicate tags. |
120 |
PR 45975. [Joe Orton] |
121 |
|
122 |
*) Remove the obsolete serial attribute from the RPM spec file. Compile |
123 |
against the external pcre. Add missing binaries fcgistarter, and |
124 |
mod_socache* and mod_session*. [Graham Leggett] |
125 |
|
126 |
Changes with Apache 2.3.0 |
127 |
|
128 |
*) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna] |
129 |
|
130 |
*) Remove X-Pad header which was added as a work around to a bug in |
131 |
Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>] |
132 |
|
133 |
*) Add DTrace Statically Defined Tracing (SDT) probes. |
134 |
[Theo Schlossnagle <jesus omniti.com>, Paul Querna] |
135 |
|
136 |
*) mod_proxy_balancer: Move all load balancing implementations |
137 |
as individual, self-contained mod_proxy submodules under |
138 |
modules/proxy/balancers [Jim Jagielski] |
139 |
|
140 |
*) Rename APIs to include ap_ prefix: |
141 |
find_child_by_pid -> ap_find_child_by_pid |
142 |
suck_in_APR -> ap_suck_in_APR |
143 |
sys_privileges_handlers -> ap_sys_privileges_handlers |
144 |
unixd_accept -> ap_unixd_accept |
145 |
unixd_config -> ap_unixd_config |
146 |
unixd_killpg -> ap_unixd_killpg |
147 |
unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms |
148 |
unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms |
149 |
unixd_set_rlimit -> ap_unixd_set_rlimit |
150 |
[Paul Querna] |
151 |
|
152 |
*) core: When the ap_http_header_filter processes an error bucket, cleanup |
153 |
the passed brigade before returning AP_FILTER_ERROR down the filter |
154 |
chain. This unambiguously ensures the same error bucket isn't revisited |
155 |
[Ruediger Pluem] |
156 |
|
157 |
*) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers |
158 |
based on heartbeats. [Paul Querna] |
159 |
|
160 |
*) mod_heartmonitor: New module to collect heartbeats, and write out a file |
161 |
so that other modules can load balance traffic as needed. [Paul Querna] |
162 |
|
163 |
*) mod_heartbeat: New module to generate multicast heartbeats to know if a |
164 |
server is online. [Paul Querna] |
165 |
|
166 |
*) core: Error responses set by filters were being coerced into 500 errors, |
167 |
sometimes appended to the original error response. Log entry of: |
168 |
'Handler for (null) returned invalid result code -3' |
169 |
[Eric Covener] |
170 |
|
171 |
*) mod_buffer: Honour the flush bucket and flush the buffer in the |
172 |
input filter. Make sure that metadata buckets are written to |
173 |
the buffer, not to the final brigade. [Graham Leggett] |
174 |
|
175 |
*) mod_buffer: Optimise the buffering of heap buckets when the heap |
176 |
buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett, |
177 |
Ruediger Pluem] |
178 |
|
179 |
*) mod_buffer: Optional support for buffering of the input and output |
180 |
filter stacks. Can collapse many small buckets into fewer larger |
181 |
buckets, and prevents excessively small chunks being sent over |
182 |
the wire. [Graham Leggett] |
183 |
|
184 |
*) mod_privileges: new module to make httpd on Solaris privileges-aware |
185 |
and to enable different virtualhosts to run with different |
186 |
privileges and Unix user/group IDs [Nick Kew] |
187 |
|
188 |
*) mod_mem_cache: this module has been removed. [William Rowe] |
189 |
|
190 |
*) authn/z: Remove mod_authn_default and mod_authz_default. |
191 |
[Chris Darroch] |
192 |
|
193 |
*) authz: Fix handling of authz configurations, make default authz |
194 |
logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject, |
195 |
and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge |
196 |
directives. [Chris Darroch] |
197 |
|
198 |
*) mod_authn_core: Prevent crash when provider alias created to |
199 |
provider which is not yet registered. [Chris Darroch] |
200 |
|
201 |
*) mod_authn_core: Add AuthType of None to support disabling |
202 |
authentication. [Chris Darroch] |
203 |
|
204 |
*) core: Allow <Limit> and <LimitExcept> directives to nest, and |
205 |
constrain their use to conform with that of other access control |
206 |
and authorization directives. [Chris Darroch] |
207 |
|
208 |
*) unixd: turn existing code into a module, and turn the set user/group |
209 |
and chroot into a child_init function. [Nick Kew] |
210 |
|
211 |
*) core: Add ap_timeout_parameter_parse to public API. [Ruediger Pluem] |
212 |
|
213 |
*) mod_dir: Support "DirectoryIndex disabled" |
214 |
Suggested By André Warnier <aw ice-sa.com> [Eric Covener] |
215 |
|
216 |
*) mod_ssl: Send Content-Type application/ocsp-request for POST requests to |
217 |
OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>] |
218 |
|
219 |
*) Export and install the mod_rewrite.h header to ensure the optional |
220 |
rewrite_mapfunc_t and ap_register_rewrite_mapfunc functions are |
221 |
available to third party modules. [Graham Leggett] |
222 |
|
223 |
*) mod_authnz_ldap: don't return NULL-valued environment variables to |
224 |
other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>] |
225 |
|
226 |
*) Don't adjust case in pathname components that are not of interest |
227 |
to mod_mime. Fixes mod_negotiation's use of such components. |
228 |
PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>] |
229 |
|
230 |
*) Be tolerant in what you accept - accept slightly broken |
231 |
status lines from a backend provide they include a valid status code. |
232 |
PR 44995 [Rainer Jung <rainer.jung kippdata.de>] |
233 |
|
234 |
*) New module mod_sed: filter Request/Response bodies through sed |
235 |
[Basant Kumar Kukreja <basant.kukreja sun.com>] |
236 |
|
237 |
*) mod_auth_form: Make sure that basic authentication is correctly |
238 |
faked directly after login. [Graham Leggett] |
239 |
|
240 |
*) mod_session_cookie, mod_session_dbd: Make sure cookies are set both |
241 |
within the output headers and error output headers, so that the |
242 |
session is maintained across redirects. [Graham Leggett] |
243 |
|
244 |
*) mod_auth_form: Make sure the logged in user is populated correctly |
245 |
after a form login. Fixes a missing REMOTE_USER variable directly |
246 |
following a login. [Graham Leggett] |
247 |
|
248 |
*) mod_session_cookie: Make sure that cookie attributes are correctly |
249 |
included in the blank cookie when cookies are removed. This fixes an |
250 |
inability to log out when using mod_auth_form. [Graham Leggett] |
251 |
|
252 |
*) mod_autoindex: add configuration option to insert string |
253 |
in HTML HEAD. [Nick Kew] |
254 |
|
255 |
*) mod_session: Prevent a segfault when a CGI script sets a cookie with a |
256 |
null value. [David Shane Holden <dpejesh apache.org>] |
257 |
|
258 |
*) mod_headers: Prevent Header edit from processing only the first header |
259 |
of possibly multiple headers with the same name and deleting the |
260 |
remaining ones. PR 45333. [Ruediger Pluem] |
261 |
|
262 |
*) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247 |
263 |
[Tom Donovan] |
264 |
|
265 |
*) core, authn/z: Determine registered authn/z providers directly in |
266 |
ap_setup_auth_internal(), which allows optional functions that just |
267 |
wrapped ap_list_provider_names() to be removed from authn/z modules. |
268 |
[Chris Darroch] |
269 |
|
270 |
*) authn/z: Convert common provider version strings to macros. |
271 |
[Chris Darroch] |
272 |
|
273 |
*) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem] |
274 |
|
275 |
*) configure: Don't reject libtool 2.x |
276 |
PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>] |
277 |
|
278 |
*) core: When testing for slash-terminated configuration paths in |
279 |
ap_location_walk(), don't look past the start of an empty string |
280 |
such as that created by a <Location ""> directive. |
281 |
[Chris Darroch] |
282 |
|
283 |
*) core, mod_proxy: If a kept_body is present, it becomes safe for |
284 |
subrequests to support message bodies. Make sure that safety |
285 |
checks within the core and within the proxy are not triggered |
286 |
when kept_body is present. This makes it possible to embed |
287 |
proxied POST requests within mod_include. [Graham Leggett] |
288 |
|
289 |
*) mod_auth_form: Make sure the input filter stack is properly set |
290 |
up before reading the login form. Make sure the kept body filter |
291 |
is correctly inserted to ensure the body can be read a second |
292 |
time safely should the authn be successful. [Graham Leggett, |
293 |
Ruediger Pluem] |
294 |
|
295 |
*) mod_request: Insert the KEPT_BODY filter via the insert_filter |
296 |
hook instead of during fixups. Add a safety check to ensure the |
297 |
filters cannot be inserted more than once. [Graham Leggett, |
298 |
Ruediger Pluem] |
299 |
|
300 |
*) core: Do not allow Options ALL if not all options are allowed to be |
301 |
overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>] |
302 |
|
303 |
*) ap_cache_cacheable_headers_out() will (now) always |
304 |
merge an error headers _before_ clearing them and _before_ |
305 |
merging in the actual entity headers and doing normal |
306 |
hop-by-hop cleansing. [Dirk-Willem van Gulik]. |
307 |
|
308 |
*) cache: retire ap_cache_cacheable_hdrs_out() which was used |
309 |
for both in- and out-put headers; and replace it by a single |
310 |
ap_cache_cacheable_headers() wrapped in a in- and out-put |
311 |
specific ap_cache_cacheable_headers_in()/out(). The latter |
312 |
which will also merge error and ensure content-type. To keep |
313 |
cache modules consistent with ease. This API change bumps |
314 |
up the minor MM by one [Dirk-Willem van Gulik]. |
315 |
|
316 |
*) mod_rewrite: Allow Cookie option to set secure and HttpOnly flags. |
317 |
PR 44799 [Christian Wenz <christian wenz.org>] |
318 |
|
319 |
*) Move the KeptBodySize directive, kept_body filters and the |
320 |
ap_parse_request_body function out of the http module and into a |
321 |
new module called mod_request, reducing the size of the core. |
322 |
[Graham Leggett] |
323 |
|
324 |
*) mod_dbd: Handle integer configuration directive parameters with a |
325 |
dedicated function. |
326 |
|
327 |
*) Change the directives within the mod_session* modules to be valid |
328 |
both inside and outside the location/directory sections, as |
329 |
suggested by wrowe. [Graham Leggett] |
330 |
|
331 |
*) mod_auth_form: Add a module capable of allowing end users to log |
332 |
in using an HTML form, storing the credentials within mod_session. |
333 |
[Graham Leggett] |
334 |
|
335 |
*) Add a function to the http filters that is able to parse an HTML |
336 |
form request with the type of application/x-www-form-urlencoded. |
337 |
[Graham Leggett] |
338 |
|
339 |
*) mod_session_crypto: Initialise SSL in the post config hook. |
340 |
[Ruediger Pluem, Graham Leggett] |
341 |
|
342 |
*) mod_session_dbd: Add a session implementation capable of storing |
343 |
session information in a SQL database via the dbd interface. Useful |
344 |
for sites where session privacy is important. [Graham Leggett] |
345 |
|
346 |
*) mod_session_crypto: Add a session encoding implementation capable |
347 |
of encrypting and decrypting sessions wherever they may be stored. |
348 |
Introduces a level of privacy when sessions are stored on the |
349 |
browser. [Graham Leggett] |
350 |
|
351 |
*) mod_session_cookie: Add a session implementation capable of storing |
352 |
session information within cookies on the browser. Useful for high |
353 |
volume sites where server bound sessions are too resource intensive. |
354 |
[Graham Leggett] |
355 |
|
356 |
*) mod_session: Add a generic session interface to unify the different |
357 |
attempts at saving persistent sessions across requests. |
358 |
[Graham Leggett] |
359 |
|
360 |
*) core, authn/z: Avoid calling access control hooks for internal requests |
361 |
with configurations which match those of initial request. Revert to |
362 |
original behaviour (call access control hooks for internal requests |
363 |
with URIs different from initial request) if any access control hooks or |
364 |
providers are not registered as permitting this optimization. |
365 |
Introduce wrappers for access control hook and provider registration |
366 |
which can accept additional mode and flag data. [Chris Darroch] |
367 |
|
368 |
*) Introduced ap_expr API for expression evaluation. |
369 |
This is adapted from mod_include, which is the first module |
370 |
to use the new API. |
371 |
[Nick Kew] |
372 |
|
373 |
*) mod_authz_dbd: When redirecting after successful login/logout per |
374 |
AuthzDBDRedirectQuery, do not report authorization failure, and use |
375 |
first row returned by database query instead of last row. |
376 |
[Chris Darroch] |
377 |
|
378 |
*) mod_ldap: Correctly return all requested attribute values |
379 |
when some attributes have a null value. |
380 |
PR 44560 [Anders Kaseorg <anders kaseorg.com>] |
381 |
|
382 |
*) core: check symlink ownership if both FollowSymlinks and |
383 |
SymlinksIfOwnerMatch are set [Nick Kew] |
384 |
|
385 |
*) core: fix origin checking in SymlinksIfOwnerMatch |
386 |
PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>] |
387 |
|
388 |
*) Activate mod_cache, mod_file_cache and mod_disc_cache as part of the |
389 |
'most' set for '--enable-modules' and '--enable-shared-mods'. Include |
390 |
mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik] |
391 |
|
392 |
*) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these |
393 |
contain public function declarations which are useful for |
394 |
third party module authors. PR 42431 [Dirk-Willem van Gulik]. |
395 |
|
396 |
*) mod_dir, mod_negotiation: pass the output filter information |
397 |
to newly created sub requests; as these are later on used |
398 |
as true requests with an internal redirect. This allows for |
399 |
mod_cache et.al. to trap the results of the redirect. |
400 |
[Dirk-Willem van Gulik, Ruediger Pluem] |
401 |
|
402 |
*) mod_ldap: Add support (taking advantage of the new APR capability) |
403 |
for ldap rebind callback while chasing referrals. This allows direct |
404 |
searches on LDAP servers (in particular MS Active Directory 2003+) |
405 |
using referrals without the use of the global catalog. |
406 |
PRs 26538, 40268, and 42557 [Paul J. Reder] |
407 |
|
408 |
*) mod_ssl: Added server name indication support (SNI, RFC 4366). |
409 |
PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration |
410 |
can be created with test/make_sni.sh [Dirk-Willem van Gulik]. |
411 |
|
412 |
*) ApacheMonitor.exe: Introduce --kill argument for use by the |
413 |
installer. This will permit the installation tool to remove |
414 |
all running instances before attempting to remove the .exe. |
415 |
[William Rowe] |
416 |
|
417 |
*) mod_ssl: Add support for OCSP validation of client certificates. |
418 |
PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton] |
419 |
|
420 |
*) mod_serf: New module for Reverse Proxying. [Paul Querna] |
421 |
|
422 |
*) core: Add the option to keep aside a request body up to a certain |
423 |
size that would otherwise be discarded, to be consumed by filters |
424 |
such as mod_include. When enabled for a directory, POST requests |
425 |
to shtml files can be passed through to embedded scripts as POST |
426 |
requests, rather being downgraded to GET requests. [Graham Leggett] |
427 |
|
428 |
*) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton] |
429 |
|
430 |
*) scoreboard: Correctly declare ap_time_process_request. |
431 |
PR 43789 [Tom Donovan <Tom.Donovan acm.org>] |
432 |
|
433 |
*) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member |
434 |
from the connection rec, ap_get_scoreboard_worker(proc, thread) will now |
435 |
provide the unusual legacy lookup. [William Rowe] |
436 |
|
437 |
*) mpm winnt: fix null pointer dereference |
438 |
PR 42572 [Davi Arnaut] |
439 |
|
440 |
*) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn |
441 |
parameters to the environment. Improve portability to |
442 |
EBCDIC machines by using apr_toupper(). [Martin Kraemer] |
443 |
|
444 |
*) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability |
445 |
to authorize an authenticated user via a "require ldap-group X" directive |
446 |
where the user is not in group X, but is in a subgroup contained in X. |
447 |
PR 42891 [Paul J. Reder] |
448 |
|
449 |
*) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna] |
450 |
|
451 |
*) mod_ldap: Fix the search limit parameter to ldap_search_ext_s() |
452 |
for SDKs that define LDAP_NO_LIMIT to something other than -1. |
453 |
[David Jones <oscaremma gmail.com>] |
454 |
|
455 |
*) apxs: Enhance -q flag to print all known variables and their values |
456 |
when invoked without variable name(s). |
457 |
[William Rowe, Sander Temme] |
458 |
|
459 |
*) apxs: Eliminate run-time check for mod_so. PR 40653. |
460 |
[David M. Lee <dmlee crossroads.com>] |
461 |
|
462 |
*) beos MPM: Create pmain pool and run modules' child_init hooks when |
463 |
entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run(). |
464 |
[Chris Darroch] |
465 |
|
466 |
*) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that |
467 |
cleanups registered in modules' child_init hooks are performed. |
468 |
[Chris Darroch] |
469 |
|
470 |
*) mod_dbd: Stash DBD connections in request_config of initial request |
471 |
only, or else sub-requests and internal redirections may cause |
472 |
entire DBD pool to be stashed in a single HTTP request. [Chris Darroch] |
473 |
|
474 |
*) Fix issue which could cause error messages to be written to access logs |
475 |
on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>] |
476 |
|
477 |
*) The LockFile directive, which specifies the location of |
478 |
the accept() mutex lockfile, is deprecated. Instead, the |
479 |
AcceptMutex directive now takes an optional lockfile |
480 |
location parameter, ala SSLMutex. [Jim Jagielski] |
481 |
|
482 |
*) mod_authn_dbd: Export any additional columns queried in the SQL select |
483 |
into the environment with the name AUTHENTICATE_<COLUMN>. This brings |
484 |
mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett] |
485 |
|
486 |
*) mod_dbd: Key the storage of prepared statements on the hex string |
487 |
value of server_rec, rather than the server name, as the server name |
488 |
may change (eg when the server name is set) at any time, causing |
489 |
weird behaviour in modules dependent on mod_dbd. [Graham Leggett] |
490 |
|
491 |
*) mod_proxy_fcgi: Added win32 build. [Mladen Turk] |
492 |
|
493 |
*) sendfile_nonblocking() takes the _brigade_ as an argument, gets |
494 |
the first bucket from the brigade, finds it not to be a FILE |
495 |
bucket and barfs. The fix is to pass a bucket rather than a brigade. |
496 |
[Niklas Edmundsson <nikke acc.umu.se>] |
497 |
|
498 |
*) mod_rewrite: support rewritemap by SQL query [Nick Kew] |
499 |
|
500 |
*) ap_get_server_version() has been removed. Third-party modules must |
501 |
now use ap_get_server_banner() or ap_get_server_description(). |
502 |
[Jeff Trawick] |
503 |
|
504 |
*) All MPMs: Introduce a check_config phase between pre_config and |
505 |
open_logs, to allow modules to review interdependent configuration |
506 |
directive values and adjust them while messages can still be logged |
507 |
to the console. Handle relevant MPM directives during this phase |
508 |
and format messages for both the console and the error log, as |
509 |
appropriate. [Chris Darroch] |
510 |
|
511 |
*) mod_proxy: don't URLencode tilde in path component |
512 |
[Stijn Hoop <stijn sandcat.nl>] |
513 |
|
514 |
*) mpm_winnt: Fix return values from wait_for_many_objects. |
515 |
The return value is index to the signaled thread in the |
516 |
creted_threads array. We can not use WAIT_TIMEOUT because |
517 |
his value is defined as 258, thus limiting the MaxThreads |
518 |
to that value. [Mladen Turk] |
519 |
|
520 |
*) core: Do not allow internal redirects like the DirectoryIndex of mod_dir |
521 |
to circumvent the symbolic link checks imposed by FollowSymLinks and |
522 |
SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe] |
523 |
|
524 |
*) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ] |
525 |
configures the I/O Dump of SSL traffic, when LogLevel is set to Debug. |
526 |
The default is none as this is far greater debugging resolution than |
527 |
the typical administrator is prepared to untangle. [William Rowe] |
528 |
|
529 |
*) mod_disk_cache: If possible, check if the size of an object to cache is |
530 |
within the configured boundaries before actually saving data. |
531 |
[Niklas Edmundsson <nikke acc.umu.se>] |
532 |
|
533 |
*) mod_disk_cache: Delete temporary files if they cannot be renamed to their |
534 |
final name. [Davi Arnaut <davi haxent.com.br>] |
535 |
|
536 |
*) Worker and event MPMs: Remove improper scoreboard updates which were |
537 |
performed in the event of a fork() failure. [Chris Darroch] |
538 |
|
539 |
*) Add support for fcgi:// proxies to mod_rewrite. |
540 |
[Markus Schiegl <ms schiegl.com>] |
541 |
|
542 |
*) Remove incorrect comments from scoreboard.h regarding conditional |
543 |
loading of worker_score structure with mod_status, and remove unused |
544 |
definitions relating to old life_status field. |
545 |
[Chris Darroch <chrisd pearsoncmg.com>] |
546 |
|
547 |
*) Remove allocation of memory for unused array of lb_score pointers |
548 |
in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>] |
549 |
|
550 |
*) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy. |
551 |
[Garrett Rooney, Jim Jagielski, Paul Querna] |
552 |
|
553 |
*) Event MPM: Fill in the scoreboard's tid field. PR 38736. |
554 |
[Chris Darroch <chrisd pearsoncmg.com>] |
555 |
|
556 |
*) mod_charset_lite: Remove Content-Length when output filter can |
557 |
invalidate it. Warn when input filter can invalidate it. |
558 |
[Jeff Trawick] |
559 |
|
560 |
*) Authz: Add the new module mod_authn_core that will provide common |
561 |
authn directives such as 'AuthType', 'AuthName'. Move the directives |
562 |
'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias |
563 |
into mod_authn_core. [Brad Nicholes] |
564 |
|
565 |
*) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy' |
566 |
into the new module mod_access_compat which can be loaded to provide |
567 |
support for these directives. |
568 |
[Brad Nicholes] |
569 |
|
570 |
*) Authz: Move the 'Require' directive from the core module as well as |
571 |
add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>' |
572 |
and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR' |
573 |
logic into the authorization processing. [Brad Nicholes] |
574 |
|
575 |
*) Authz: Add the new module mod_authz_core which acts as the |
576 |
authorization provider vector and contains common authz |
577 |
directives. [Brad Nicholes] |
578 |
|
579 |
*) Authz: Renamed mod_authz_dbm authz providers from 'group' and |
580 |
'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes] |
581 |
|
582 |
*) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle |
583 |
host-based access control provided by mod_authz_host and invoked |
584 |
through the 'Require' directive. [Brad Nicholes] |
585 |
|
586 |
*) Authz: Convert all of the authz modules from hook based to |
587 |
provider based. [Brad Nicholes] |
588 |
|
589 |
*) mod_cache: Add CacheMinExpire directive to set the minimum time in |
590 |
seconds to cache a document. |
591 |
[Brian Akins <brian.akins turner.com>, Ruediger Pluem] |
592 |
|
593 |
*) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew] |
594 |
|
595 |
*) Fix typo in ProxyStatus syntax error message. |
596 |
[Christophe Jaillet <christophe.jaillet wanadoo.fr>] |
597 |
|
598 |
*) Asynchronous write completion for the Event MPM. [Brian Pane] |
599 |
|
600 |
*) Added an End-Of-Request bucket type. The logging of a request and |
601 |
the freeing of its pool are now done when the EOR bucket is destroyed. |
602 |
This has the effect of delaying the logging until right after the last |
603 |
of the response is sent; ap_core_output_filter() calls the access logger |
604 |
indirectly when it destroys the EOR bucket. [Brian Pane] |
605 |
|
606 |
*) Rewrite of logresolve support utility: IPv6 addresses are now supported |
607 |
and the format of statistical output has changed. [Colm MacCarthaigh] |
608 |
|
609 |
*) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane] |
610 |
|
611 |
*) Added new connection states for handler and write completion |
612 |
[Brian Pane] |
613 |
|
614 |
*) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264. |
615 |
[Justin Erenkrantz] |
616 |
|
617 |
*) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive, |
618 |
allowing string-valued client certificate attributes to be used for |
619 |
access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1") |
620 |
[Martin Kraemer, David Reid] |
621 |
|
622 |
[Apache 2.1.0-dev includes those bug fixes and changes with the |
623 |
Apache 2.2.xx tree as documented, and except as noted, below.] |
624 |
|
625 |
Changes with Apache 2.2.x and later: |
626 |
|
627 |
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup |
628 |
|
629 |
Changes with Apache 2.0.x and later: |
630 |
|
631 |
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup |
632 |
|
633 |
Changes with Apache 1.3.x and later: |
634 |
|
635 |
*) http://svn.apache.org/viewvc/httpd/httpd/branches/1.3.x/src/CHANGES?view=markup |