Changes
Changes
Changes
*) mod_cgid: Do not add an empty argument when calling the CGI script.
PR 46380 [Ruediger Pluem]
*) New piped log syntax: Use "||process args" to launch the given process
without invoking the shell/command interpreter. Use "|$command line"
(the default behavior of "|command line" in 2.2) to invoke using shell,
consuming an additional shell process for the lifetime of the logging
pipe program but granting additional process invocation flexibility.
[William Rowe]
*) mod_ssl: Add server name indication support (RFC 4366) and better
support for name based virtual hosts with SSL. PR 34607
[Peter Sylvester <peter.sylvester edelweb.fr>,
Kaspar Brand <asfbugz velox.ch>, Guenter Knauf, Joe Orton,
Ruediger Pluem]
*) mod_proxy_ajp: Check more strictly that the backend follows the AJP
protocol. [Mladen Turk]
*) CGI: return 504 (Gateway timeout) rather than 500 when a script
times out before returning status line/headers.
PR 42190 [Nick Kew]
*) mod_ext_filter: fix error handling when the filter prog fails to start,
and introduce an onfail configuration option to abort the request
or to remove the broken filter and continue.
PR 41120 [Nick Kew]
*) core: Error responses set by filters were being coerced into 500 errors,
sometimes appended to the original error response. Log entry of:
'Handler for (null) returned invalid result code -3'
[Eric Covener]
*) Worker MPM: Crosscheck that idle workers are still available before using
them and thus preventing an overflow of the worker queue which causes
a SegFault. PR 45605 [Denis Ustimenko <denusk gmail.com>]
*) mod_headers: Prevent Header edit from processing only the first header
of possibly multiple headers with the same name and deleting the
remaining ones. PR 45333. [Ruediger Pluem]
*) mod_proxy: Make all proxy modules nocanon aware and do not add the
query string again in this case. PR 44803.
[Jim Jagielski, Ruediger Pluem]
*) core: Add the filename of the configuration file to the warning message
about the useless use of AllowOverride. PR 39992.
[Darryl Miles <darryl darrylmiles.org>]
*) core: Do not allow Options ALL if not all options are allowed to be
overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>]
*) mod_ssl: Fix a memory leak with connections that have zlib compression
turned on. PR 44975 [Joe Orton, Amund Elstad <Amund.Elstad ist.com>,
Dr Stephen Henson <steve openssl.org>]
*) mod_proxy: Trigger a retry by the client in the case we fail to read the
response line from the backend by closing the connection to the client.
PR 37770 [Ruediger Pluem]
*) ab: Do not try to read non existing response bodies of HEAD requests.
PR 34275 [Takashi Sato <serai lans-tv.com>]
*) ab: Use a 64 bit unsigned int instead of a signed long to count the
bytes transferred to avoid integer overflows. PR 44346 [Ruediger Pluem]
*) mod_rewrite: Check all files used by DBM maps for freshness, mod_rewrite
didn't pick up on updated sdbm maps due to this.
PR41190 [Niklas Edmundsson]
*) Worker / Event MPM: Fix race condition in pool recycling that leads to
segmentation faults under load. PR 44402
[Basant Kumar Kukreja <basant.kukreja sun.com>]
*) mod_proxy_ajp: Use 64K as maximum AJP packet size. This is the maximum
length we can squeeze inside the AJP message packet.
[Mladen Turk]
*) core: Lower memory consumption in case that flush buckets are passed thru
the chunk filter as last bucket of a brigade. PR 23567.
[Stefan Fritsch <sf sfritsch.de>]
*) core: Fix broken chunk filtering that causes all non blocking reads to be
converted into blocking reads. PR 19954, 41056.
[Jean-Frederic Clere, Jim Jagielski]
*) Various code cleanups. PR 38699, 39518, 42005, 42006, 42007, 42008, 42009
[Christophe Jaillet <christophe.jaillet wanadoo.fr>]
*) Event MPM: Add support for running under mod_ssl, by reverting to the
Worker MPM behaviors, when run under an input filter that buffers
its own data. [Paul Querna]
*) mod_proxy: Don't lose bytes when a response line arrives in small chunks.
PR 40894 [Andrew Rucker Jones <arjones simultan.dyndns.org>]
*) log core: ensure we use a special pool for stderr logging, so that
the stderr channel remains valid from the time plog is destroyed,
until the time the open_logs hook is called again. [William Rowe]
*) log core: fix the new piped logger case where we couldn't connect
the replacement stderr logger's stderr to the NULL stdout stream.
Continue in this case, since the previous alternative of no error
logging at all (/dev/null) is far worse. [William Rowe]
*) mod_cache: Do not set Date or Expires when they are missing from
the original response or are invalid. [Justin Erenkrantz]
*) mod_cache: Use the same cache key throughout the whole request processing
to handle escaped URLs correctly. PR 41475. [Ruediger Pluem]
*) mod_cache: While serving a cached entity ensure that filters that have
been applied to this cached entity before saving it to the cache are not
applied again. PR 40090. [Ruediger Pluem]
*) mod_cache: Correctly cache objects whose URL query string has been
modified by mod_rewrite. PR 40805. [Ruediger Pluem]
*) HTTP proxy ProxyErrorOverride: Leave 1xx and 3xx responses alone. Only
processing of error responses (4xx, 5xx) will be altered. PR 39245.
[Jeff Trawick, Bart van der Schans <schans hippo.nl>]
*) mod_deflate: Rework inflate output and deflate output filter to fix several
issues: Incorrect handling of flush buckets, potential memory leaks,
excessive memory usage in inflate output filter for large compressed
content. PR 39854. [Ruediger Pluem, Nick Kew, Justin Erenkrantz]
*) core: Fix issue which could cause piped loggers to be orphaned and never
terminate after a graceful restart. PR 40651. [Joe Orton, Ruediger Pluem]
*) mod_proxy: Add explicit flushing feature. When Servlet container sends AJP
body message with size 0, this means that Servlet container has asked for
an explicit flush. Create flush bucket in that case. This feature has been
added to the recent Tomcat versions without breaking the AJP protocol.
[Mladen Turk]
*) mod_proxy_balancer: Set the new environment variable BALANCER_ROUTE_CHANGED
if a worker with a route different from the one supplied by the client
had been chosen or if the client supplied no routing information for
a balancer with sticky sessions. [Ruediger Pluem]
*) mod_isapi: Handle "HTTP/1.1 200 OK" style status lines correctly, the
token parser worked while the resulting length was misinterpreted.
PR 29098. [Brock Bland <bbland serena.com>]
*) mod_isapi: Ensure we walk through all the methods the developer may have
employed to report their HTTP status result code.
PR 16637 30033 28089. [Matt Lewandowsky <matt iamcode.net>, William Rowe]
*) The full server version information is now included in the error log at
startup as well as server status reports, irrespective of the setting
of the ServerTokens directive. ap_get_server_version() is now deprecated,
and is replaced by ap_get_server_banner() and ap_get_server_description().
[Jeff Trawick]
*) Win32: Minor fixes to build more cleanly under Visual Studio 2005
with command line builds. [William Rowe]
*) mod_authn_alias: Add a check to make sure that the base provider and the
alias names are different and also that the alias has not been registered
before. PR 40051. [Brad Nicholes]
*) mod_authnz_ldap: Fix a problem with invalid auth error detection for LDAP
client SDKs that don't support the LDAP_SECURITY_ERROR macro. PR 39529.
[Ray Price <dohrayme yahoo.com>, Josh Fenlason <jfenlason ptc.com>]
*) mod_proxy_ajp: Crosscheck the length of the body chunk with the length of
the ajp message to prevent mod_proxy_ajp from reading beyond the buffer
boundaries and thus revealing possibly sensitive memory contents to the
client. [Ruediger Pluem]
*) Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
[Jeff Trawick]
*) Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets. [Ruediger Pluem]
*) mod_dav: Fix a null pointer dereference in an error code path during the
handling of MKCOL.
[Ruediger Pluem, Ghassan Misherghi <ghassanm ucdavis.edu>]
*) Require use of APR >= 1.2.0 and APR-util >= 1.2.0 when configured
to use external copies of the libraries. [Joe Orton]
*) Strip out Experimental MPMs that have gone nowhere since 2.0
(perchild, threadpool, leader). [Nick Kew]
*) mod_proxy_ajp: Do not spool the entire response from AJP backend before
sending it up the filter chain. PR 37100. [Ruediger Pluem]
*) ab: Fix to ensure that only the expected number of requests are run.
PR 36966. [Joe Orton]
*) mod_proxy: Run the request_status hook also if there are no free workers
or all workers are in error state.
[Ruediger Pluem, Brian Akins <brian.akins turner.com>]
*) prefork, worker and event MPMs: Prevent children from holding open
listening ports upon graceful restart or stop. PR 28167.
[Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]
*) mod_cgid: Append .PID to the script socket filename and remove the
script socket on exit. [Colm MacCarthaigh, Jim Jagielski]
*) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
of SIGUSR1 clashing with graceful restart signal. [Colm MacCarthaigh]
*) mod_cache: Store varied contents all in the same prefix for a varied URI.
[Paul Querna]
*) mod_cache: Run the CACHE_SAVE and CACHE_OUT Filters after other content
filters. [Paul Querna]
*) Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of
just closing the socket, a HTTP request is made, to make sure the child is
always awakened. [Paul Querna]
*) mod_ssl: Setting the Protocol to 'https' can replace the use of the
'SSLEngine on' command. [Paul Querna]
*) Change the default (when not present in the config file) setting
for UseCanonicalName to Off.
[Joshua Slive]
*) Remove some compiler warnings within the LDAP modules [Graham Leggett]
*) Fix the RPM spec file so that an RPM build now works. An RPM
build now requires system installations of APR and APR-util.
[Graham Leggett]
*) Significantly simplify the load balancer scheduling algorithm
for the proxy BalancerMember weighting. loadfactors (lbfactors)
are now normalized with respect to each other. [Jim Jagielski]
*) mod_cgi: Ensure that all stderr is logged for a script which returns
a Location header to generate a non-local redirect. PR 20111.
[Joe Orton]
*) mod_info: Added listing of the Request Hooks and added more build
information like 'httpd -V' contains. Changed output to XHTML.
[Paul Querna]
*) mod_so, core: Add new command line options to print all loaded
modules. '-t -D DUMP_MODULES' and '-M' will show all static
and shared modules as loaded from the configuration file.
[Paul Querna]
*) mod_headers: Allow env clauses also for 'echo' and 'unset' actions.
[André Malo]
*) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize
directive (previously NetWare-only) to override default thread
stack size for threads which handle client connections. Required
for some third-party modules on platforms with small default
thread stack size. [Jeff Trawick]
*) mod_logio: Account for some bytes handed to the network layer prior to
dropped connections. [Jeff Trawick]
*) Log an error when requests for URIs which fail to map to a valid
filesystem name are rejected with 403. [Jeff Trawick]
*) prefork MPM: Use the right permissions for the directory created
for gprof support. [Jim Carlson <jcarlson jnous.com>]
*) Allow restart of httpd to occur even with syntax errors in the config
file. PR 16813. [Justin Erenkrantz]
*) Move RFC 1413 ident requests from core to new module mod_ident.
[André Malo]
*) Move the check of the Expect request header field after the hook
for ap_post_read_request, since that is the only opportunity for
modules to handle Expect extensions. [Justin Erenkrantz]
[Apache 2.1.0-dev includes those bug fixes and changes with the
Apache 2.0.xx tree as documented, and except as noted, below.]
Changes with Apache 2.0.x and later:
*) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
*) http://svn.apache.org/viewvc/httpd/httpd/branches/1.3.x/src/CHANGES?
view=markup