1
1
-*- coding: utf-8 -*-
2
Changes with Apache 2.2.20
4
*) SECURITY: CVE-2011-3192 (cve.mitre.org)
5
core: Fix handling of byte-range requests to use less memory, to avoid
6
denial of service. If the sum of all ranges in a request is larger than
7
the original file, ignore the ranges and send the complete file.
8
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
10
*) mod_authnz_ldap: If the LDAP server returns constraint violation,
11
don't treat this as an error but as "auth denied". [Stefan Fritsch]
13
*) mod_filter: Fix FilterProvider conditions of type "resp=" (response
14
headers) for CGI. [Joe Orton, Rainer Jung]
16
*) mod_reqtimeout: Fix a timed out connection going into the keep-alive
17
state after a timeout when discarding a request body. PR 51103.
20
*) core: Do the hook sorting earlier so that the hooks are properly sorted
21
for the pre_config hook and during parsing the config. [Stefan Fritsch]
2
23
Changes with Apache 2.2.19
4
25
*) Revert ABI breakage in 2.2.18 caused by the function signature change
5
26
of ap_unescape_url_keep2f(). This release restores the signature from
6
27
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
9
30
Changes with Apache 2.2.18
11
32
*) Log an error for failures to read a chunk-size, and return 408 instead
12
413 when this is due to a read timeout. This change also fixes some cases
13
of two error documents being sent in the response for the same scenario.
33
413 when this is due to a read timeout. This change also fixes some cases
34
of two error documents being sent in the response for the same scenario.
14
35
[Eric Covener] PR49167
16
37
*) core: Only log a 408 if it is no keepalive timeout. PR 39785
39
60
*) configure: Fix htpasswd/htdbm libcrypt link errors with some newer
40
61
linkers. [Stefan Fritsch]
42
*) MinGW build improvements. PR 49535. [John Vandenberg
63
*) MinGW build improvements. PR 49535. [John Vandenberg
43
64
<jayvdb gmail.com>, Jeff Trawick]
45
66
*) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
61
82
[Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
63
84
*) prefork: Update MPM state in children during a graceful restart.
64
Allow the HTTP connection handling loop to terminate early
85
Allow the HTTP connection handling loop to terminate early
65
86
during a graceful restart. PR 41743.
66
87
[Andrew Punch <andrew.punch 247realmedia.com>]
172
193
across multiple vhosts. PR 39915. [Joe Orton]
174
195
*) mod_proxy_http: Log the port of the remote server in various messages.
175
PR 48812. [Igor Galić <i galic brainsware org>]
196
PR 48812. [Igor Galić <i galic brainsware org>]
177
198
*) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
178
199
[Philip M. Gollucci]
274
295
PR 45875. [Joe Orton, Peter Sylvester <peter.sylvester edelweb.fr>]
276
297
*) mod_authnz_ldap: Failures to map a username to a DN, or to check a user
277
password now result in an informational level log entry instead of
298
password now result in an informational level log entry instead of
278
299
warning level. [Eric Covener]
280
301
*) core: Preserve Port information over internal redirects
394
415
Changes with Apache 2.2.12
396
417
*) SECURITY: CVE-2009-1891 (cve.mitre.org)
397
Fix a potential Denial-of-Service attack against mod_deflate or other
398
modules, by forcing the server to consume CPU time in compressing a
418
Fix a potential Denial-of-Service attack against mod_deflate or other
419
modules, by forcing the server to consume CPU time in compressing a
399
420
large file after a client disconnects. PR 39605.
400
421
[Joe Orton, Ruediger Pluem]
402
423
*) SECURITY: CVE-2009-1195 (cve.mitre.org)
403
Prevent the "Includes" Option from being enabled in an .htaccess
424
Prevent the "Includes" Option from being enabled in an .htaccess
404
425
file if the AllowOverride restrictions do not permit it.
405
426
[Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton,
406
427
Ruediger Pluem, Jeff Trawick]
408
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
429
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
409
430
Fix a potential Denial-of-Service attack against mod_proxy in a
410
431
reverse proxy configuration, where a remote attacker can force a
411
432
proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
508
529
*) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
509
530
way that per-directory rewrites append the previous notion of PATH_INFO
510
to each substitution before evaluating subsequent rules.
531
to each substitution before evaluating subsequent rules.
511
532
PR38642 [Eric Covener]
513
534
*) mod_authnz_ldap: Reduce number of initialization debug messages and make
566
587
Changes with Apache 2.2.11
568
589
*) core: When the ap_http_header_filter processes an error bucket, cleanup
569
the passed brigade before returning AP_FILTER_ERROR down the filter
590
the passed brigade before returning AP_FILTER_ERROR down the filter
570
591
chain. This unambiguously ensures the same error bucket isn't revisited
629
650
them and thus preventing an overflow of the worker queue which causes
630
651
a SegFault. PR 45605 [Denis Ustimenko <denusk gmail.com>]
632
*) Windows: Always build the odbc dbd driver on windows, to be consistent
653
*) Windows: Always build the odbc dbd driver on windows, to be consistent
633
654
with the apr-util default. [Tom Donovan]
635
656
Changes with Apache 2.2.10
891
912
*) mod_proxy_ftp: Fix base for directory listings.
892
913
PR 27834 [Nick Kew]
894
*) mod_logio: Provide optional function to allow modules to adjust the
915
*) mod_logio: Provide optional function to allow modules to adjust the
895
916
bytes_in count [Eric Covener]
897
918
*) http_filters: Don't return 100-continue on client error
1066
1087
PR 43786 [Eric Covener]
1068
1089
*) mod_ldap: Stop passing a reference to pconf around for
1069
(limited) use during request processing, avoiding possible
1090
(limited) use during request processing, avoiding possible
1070
1091
memory corruption and crashes. [Eric Covener]
1072
1093
*) Event MPM: Add support for running under mod_ssl, by reverting to the
1085
1106
*) mod_rewrite: Add option to suppress URL unescaping
1086
1107
PR 34602 [Guenther Gsenger <guenther.gsenger gmail.com>]
1088
*) mpm_winnt: Eliminate wait_for_many_objects. Allows the clean
1109
*) mpm_winnt: Eliminate wait_for_many_objects. Allows the clean
1089
1110
shutdown of the server when the MaxClients is higher then 257,
1090
1111
in a more responsive manner [Mladen Turk, William Rowe]
1158
1179
[Davi Arnaut, Nick Kew]
1160
1181
*) SECURITY: CVE-2007-1863 (cve.mitre.org)
1161
mod_cache: Prevent a segmentation fault if attributes are listed in a
1162
Cache-Control header without any value.
1182
mod_cache: Prevent a segmentation fault if attributes are listed in a
1183
Cache-Control header without any value.
1163
1184
[Niklas Edmundsson <nikke acc.umu.se>]
1165
1186
*) SECURITY: CVE-2007-3304 (cve.mitre.org)
1166
1187
prefork, worker, event MPMs: Ensure that the parent process cannot
1167
be forced to kill processes outside its process group.
1188
be forced to kill processes outside its process group.
1168
1189
[Joe Orton, Jim Jagielski]
1170
1191
*) SECURITY: CVE-2006-5752 (cve.mitre.org)
1218
1239
responding. PR 41644 [Stuart Children <stuart terminus.co.uk>]
1220
1241
*) mod_authnz_ldap: Don't return HTTP_UNAUTHORIZED during authorization when
1221
LDAP authentication is configured but we haven't seen any
1222
'Require ldap-*' directives, allowing authorization to be passed to lower
1223
level modules (e.g. Require valid-user)
1242
LDAP authentication is configured but we haven't seen any
1243
'Require ldap-*' directives, allowing authorization to be passed to lower
1244
level modules (e.g. Require valid-user)
1224
1245
PR 43281 [Eric Covener]
1226
1247
*) mod_proxy: don't URLencode tilde in path component
1241
1262
garbled log output. [Martin Kraemer]
1243
1264
*) mod_autoindex: Add in Type and Charset options to IndexOptions
1244
directive. This allows the admin to explicitly set the
1265
directive. This allows the admin to explicitly set the
1245
1266
content-type and charset of the generated page and is therefore
1246
1267
a viable workaround for buggy browsers affected by CVE-2007-4465
1247
1268
(cve.mitre.org). [Jim Jagielski]
1297
1318
or apr_pool_create() (when apr-based error reporting is not ready).
1298
1319
[William Rowe, Jeff Trawick]
1300
*) log core: fix the new piped logger case where we couldn't connect
1301
the replacement stderr logger's stderr to the NULL stdout stream.
1302
Continue in this case, since the previous alternative of no error
1321
*) log core: fix the new piped logger case where we couldn't connect
1322
the replacement stderr logger's stderr to the NULL stdout stream.
1323
Continue in this case, since the previous alternative of no error
1303
1324
logging at all (/dev/null) is far worse. [William Rowe]
1305
1326
*) mpm_winnt: Prevent the parent-child pipe from leaking into other
1401
1422
[Takashi Sato <serai lans-tv.com>]
1403
1424
*) mod_ldap: Remove the hardcoded size limit parameter for
1404
ldap_search_ext_s and replace it with an APR_ defined value that
1425
ldap_search_ext_s and replace it with an APR_ defined value that
1405
1426
is set according to the LDAP SDK being used, resolving a problem
1406
1427
with SDKs that define LDAP_NO_LIMIT to something other than -1.
1407
1428
[David Jones <oscaremma gmail com>]
1409
*) core: Correct a regression since 2.0.x in the handling of AllowOverride
1430
*) core: Correct a regression since 2.0.x in the handling of AllowOverride
1410
1431
Options. PR 41829. [Torsten Förtsch <torsten.foertsch gmx.net>]
1412
1433
*) mod_proxy_http: Handle request bodies larger than 2 GB by converting
1456
1477
*) mod_dbd: share per-request database handles across subrequests
1457
1478
and internal redirects [Chris Darroch]
1459
*) mod_dbd: key connection pools to virtual hosts correctly even when
1480
*) mod_dbd: key connection pools to virtual hosts correctly even when
1460
1481
ServerName is unset/unavailable [Graham Leggett]
1462
1483
*) Better detection and clean up of ldap connection that has been
1508
1529
[Brian <brectanu gmail.com>]
1510
1531
*) mod_proxy: Don't try to use dead backend connection. PR 37770.
1511
[Olivier BOEL <ob dorrboel.com>]
1532
[Olivier BOEL <ob dorrboel.com>]
1513
1534
*) mod_proxy_balancer: Extract stickysession routing information contained
1514
1535
as parameter in the URL correctly. PR 40400.
1517
1538
*) mod_proxy_ajp: Added cping/cpong support for the AJP protocol.
1518
1539
A new worker directive ping=timeout will cause CPING packet
1519
to be send expecting CPONG packet within defined timeout.
1540
to be send expecting CPONG packet within defined timeout.
1520
1541
In case the backend is too busy this will fail instead
1521
1542
sending the full header. [Mladen Turk]
1634
1655
each worker thread to wake them up if they're polling on a
1635
1656
Keep-Alive connection. PR 38737. [Chris Darroch]
1637
*) worker and event MPMs: fix excessive forking if fork() or child_init
1658
*) worker and event MPMs: fix excessive forking if fork() or child_init
1638
1659
take a long time. PR 39275.
1639
1660
[Greg Ames, Jeff Trawick, Chris Darroch <chrisd pearsoncmg.com> ]
1697
1718
*) SECURITY: CVE-2005-3357 (cve.mitre.org)
1698
1719
mod_ssl: Fix a possible crash during access control checks if a
1699
1720
non-SSL request is processed for an SSL vhost (such as the
1700
"HTTP request received on SSL port" error message when an 400
1721
"HTTP request received on SSL port" error message when an 400
1701
1722
ErrorDocument is configured, or if using "SSLEngine optional").
1702
1723
PR 37791. [Rüdiger Plüm, Joe Orton]
1721
1742
connection: keep-alive and do not close backend connection if the client
1722
1743
sent connection: close. PR 38524. [Ruediger Pluem, Joe Orton]
1724
*) mod_disk_cache: Return the correct error codes from bucket read
1745
*) mod_disk_cache: Return the correct error codes from bucket read
1725
1746
failures, instead of APR_EGENERAL.
1726
1747
[Brian Akins <brian.akins turner.com>]
1728
1749
*) Add APR/APR-Util Compiled and Runtime Version numbers to the
1729
1750
output of 'httpd -V'. [William Rowe]
1731
*) http: If a connection is aborted while waiting for a chunked line,
1752
*) http: If a connection is aborted while waiting for a chunked line,
1732
1753
flag the connection as errored out. [Justin Erenkrantz]
1734
1755
*) core: Reject invalid Expect header immediately. PR 38123.
1763
1784
client. [Ruediger Pluem]
1765
1786
*) Ensure that the proper status line is written to the client, fixing
1766
incorrect status lines caused by filters which modify r->status without
1787
incorrect status lines caused by filters which modify r->status without
1767
1788
resetting r->status_line, such as the built-in byterange filter.
1778
1799
when srclib/apr[-util] are symlinks rather than directories proper.
1781
*) Avoid Server-driven negotiation when a script has emitted an
1802
*) Avoid Server-driven negotiation when a script has emitted an
1782
1803
explicit Status: header. PR 38070. [Nick Kew]
1784
1805
*) Fix to avoid feeding C99 to C++ compilers. [Joe Orton]
1789
1810
*) Fix syntax error in httpd.h with strict compilers. PR 37840.
1790
1811
[Per Olausson <pao darkheim.freeserve.co.uk>]
1792
*) Fix recursive ErrorDocument handling. PR 36090.
1813
*) Fix recursive ErrorDocument handling. PR 36090.
1793
1814
[Chris Darroch <chrisd pearsoncmg.com>]
1795
1816
*) Don't hang on error return from post_read_request. PR 37790.
1819
1840
match for scheme and host, but case sensitive for the rest of
1820
1841
the path. [Jim Jagielski, Ruediger Pluem]
1822
*) Require use of APR >= 1.2.0 and APR-util >= 1.2.0 when configured
1823
to use external copies of the libraries. [Joe Orton]
1843
*) Require use of APR >= 1.2.0 and APR-util >= 1.2.0 when configured
1844
to use external copies of the libraries. [Joe Orton]
1825
1846
*) Fix DESTDIR=... installation when using bundled copy of APR.
1826
1847
[Torsten Foertsch <torsten.foertsch gmx.net>]
1872
1893
*) Fix use of pools in mod_dbd. [Brian J France, Nick Kew]
1874
*) Promote modules from "experimental": mod_dbd, mod_filter,
1895
*) Promote modules from "experimental": mod_dbd, mod_filter,
1875
1896
mod_charset_lite. [Nick Kew]
1877
1898
*) mod_proxy_ajp: mod_proxy_ajp sends empty SSL attributes for non SSL
1902
1923
*) Doxygen fixups. [Neale Ranns <neale ranns.org>, Ian Holsman]
1904
1925
*) mod_cache/mod_dir: Correct a subrequest lookup bug which was preventing
1905
mod_dir from serving indexes correctly with mod_cache enabled.
1926
mod_dir from serving indexes correctly with mod_cache enabled.
1906
1927
[Colm MacCarthaigh]
1908
1929
Changes with Apache 2.1.8
1910
1931
*) Fix lingering close implementation to match 1.3.x behaviour.
1911
1932
PR 35292. [Joe Orton]
1913
*) mod_ssl: Support limited buffering of request bodies to allow
1934
*) mod_ssl: Support limited buffering of request bodies to allow
1914
1935
per-location renegotiation to proceed. PR 12355. [Joe Orton]
1916
*) Fix regression since 2.0.x in AllowOverride Options handling.
1937
*) Fix regression since 2.0.x in AllowOverride Options handling.
1917
1938
PR 35330. [kabe <kabe sra-tohoku.co.jp>]
1919
1940
*) mod_ssl: Fix memory leak in ssl_util_algotypeof().
1920
1941
PR 25659. [David Blake <dblake hp com>, Martin Kraemer]
1922
1943
*) prefork, worker and event MPMs: Support a graceful-stop procedure:
1923
Server will wait until existing requests are finished or until
1924
"GracefulShutdownTimeout" number of seconds before exiting.
1944
Server will wait until existing requests are finished or until
1945
"GracefulShutdownTimeout" number of seconds before exiting.
1925
1946
[Colm MacCarthaigh, Ken Coar, Bill Stoddard]
1927
*) prefork, worker and event MPMs: Prevent children from holding open
1928
listening ports upon graceful restart or stop. PR 28167.
1948
*) prefork, worker and event MPMs: Prevent children from holding open
1949
listening ports upon graceful restart or stop. PR 28167.
1929
1950
[Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]
1931
1952
*) SECURITY: CVE-2005-2700 (cve.mitre.org)
1953
1974
*) mod_cgid: Append .PID to the script socket filename and remove the
1954
1975
script socket on exit. [Colm MacCarthaigh, Jim Jagielski]
1956
*) mod_cgid: run the get_suexec_identity hook within the request-handler
1977
*) mod_cgid: run the get_suexec_identity hook within the request-handler
1957
1978
instead of within cgid. PR 36410. [Colm MacCarthaigh]
1959
1980
*) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
1962
1983
Changes with Apache 2.1.7
1964
*) SECURITY: CVE-2005-2491 (cve.mitre.org):
1985
*) SECURITY: CVE-2005-2491 (cve.mitre.org):
1965
1986
Fix integer overflows in PCRE in quantifier parsing which could
1966
be triggered by a local user through use of a carefully-crafted
1987
be triggered by a local user through use of a carefully-crafted
1967
1988
regex in an .htaccess file. [Philip Hazel]
1969
1990
*) mod_proxy/mod_proxy_balancer: Provide a simple, functional
2004
2025
*) mod_negotiation: Correctly report 404 instead of 403 for missing files.
2007
*) new hook (request_status) that gets ran in proxy_handler just before
2008
the final return. This gives modules an opportunity to do something
2028
*) new hook (request_status) that gets ran in proxy_handler just before
2029
the final return. This gives modules an opportunity to do something
2009
2030
based on the proxy status. (minor MMN bump)
2010
2031
[Brian Akins <bakins turner.com>, Ian Holsman]
2022
2043
*) Fixed complaints about unpackaged files within the RPM build
2023
2044
after changes to the config files. [Graham Leggett]
2025
*) Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of
2026
just closing the socket, a HTTP request is made, to make sure the child is
2046
*) Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of
2047
just closing the socket, a HTTP request is made, to make sure the child is
2027
2048
always awakened. [Paul Querna]
2029
2050
Changes with Apache 2.1.6
2037
2058
Changes with Apache 2.1.5
2039
*) mod_ssl: Setting the Protocol to 'https' can replace the use of the
2060
*) mod_ssl: Setting the Protocol to 'https' can replace the use of the
2040
2061
'SSLEngine on' command. [Paul Querna]
2042
*) core: Refactor the mapping of Accept Filters to Sockets. Add the
2063
*) core: Refactor the mapping of Accept Filters to Sockets. Add the
2043
2064
AcceptFilter and Protocol directives to aid in mapping filter types.
2044
2065
Extend the Listen directive to optionally take a protocol name.
2050
2071
*) mod_disk_cache: Atomically create the header data file. [Paul Querna]
2052
*) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125.
2073
*) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125.
2055
*) mod_cache: Rename 'generate_name' to 'ap_cache_generate_name'.
2076
*) mod_cache: Rename 'generate_name' to 'ap_cache_generate_name'.
2058
2079
*) mod_mime_magic: Handle CRLF-format magic files so that it works with
2059
2080
the default installation on Windows. [Jeff Trawick]
2061
*) core: Allow multiple modules to register interest in a single
2082
*) core: Allow multiple modules to register interest in a single
2062
2083
configuration command. [Paul Querna]
2064
2085
*) authn_provider_alias: Adds the configuration block tag
2069
2090
the per_dir configuration just before the base provider is called.
2070
2091
[Brad Nicholes]
2072
*) ap_getword_conf: Fix backslashes at the end of configuration directives.
2093
*) ap_getword_conf: Fix backslashes at the end of configuration directives.
2073
2094
PR 34834. [Timo Viipuri <viipuri dlc.fi>]
2075
2096
*) mod_dbd: New additions: mod_dbd.c, mod_dbd.h, mod_dbd.xml
2083
2104
*) mod_info: Show the Quick Handler [Paul Querna]
2085
*) mod_ldap: Add the directive LDAPVerifyServerCert to specify
2106
*) mod_ldap: Add the directive LDAPVerifyServerCert to specify
2086
2107
whether to force verification of the server certificate when
2087
establishing an SSL connection to the LDAP server.
2108
establishing an SSL connection to the LDAP server.
2088
2109
[Brad Nicholes]
2090
2111
*) mod_proxy: Run mod_rewrite before mod_proxy in the translate_name
2091
2112
hook. [Paul Querna]
2093
*) Add AP_INIT_TAKE_ARGV for configuration commands. (minor MMN bump)
2114
*) Add AP_INIT_TAKE_ARGV for configuration commands. (minor MMN bump)
2096
2117
*) ap_get_local_host() rewritten for APR. [Jim Jagielski]
2102
2123
*) Remove the never working ap_method_list_do and ap_method_list_vdo.
2105
*) Added makefile and doc for building mod_ssl on the NetWare
2126
*) Added makefile and doc for building mod_ssl on the NetWare
2106
2127
platform. [Guenter Knauf, Brad Nicholes]
2108
2129
*) mod_deflate: Merge the Vary header, isntead of Setting it. Fixes
2109
applications that send the Vary Header themselves, and also apply
2130
applications that send the Vary Header themselves, and also apply
2110
2131
mod_deflate as an output filter. [Paul Querna]
2112
2133
*) Change the default (when not present in the config file) setting
2126
2147
[Joshua Slive, Justin Erenkrantz]
2128
2149
*) NetWare: Reposition mod_asis, mod_actions, mod_cgi, mod_imagemap,
2129
mod_userdir and mod_autoindex as shared modules rather than
2150
mod_userdir and mod_autoindex as shared modules rather than
2130
2151
built-in modules within the NetWare build.
2131
2152
[Brad Nicholes]
2152
2173
end of the request body to work with really old HTTP servers.
2153
2174
[Justin Erenkrantz]
2155
*) util_ldap: Keep track of the number of attributes retrieved from
2156
LDAP so that all the values can be properly cached even if the
2176
*) util_ldap: Keep track of the number of attributes retrieved from
2177
LDAP so that all the values can be properly cached even if the
2157
2178
value is NULL. PR 33901 [Brad Nicholes]
2159
2180
*) mod_cache: Fix error where incoming Cache-Control would be ignored.
2242
2263
*) mod_ssl: Add SSLCADNRequestFile and SSLCADNRequestPath directives
2243
2264
which can be used to configure a specific list of CA names to send
2244
in a client certificate request. PR 32848.
2265
in a client certificate request. PR 32848.
2245
2266
[Tim Taylor <tim.taylor dfas.mil>]
2247
2268
*) --with-module can now take more than one module to be statically
2327
2348
*) mod_usertrack: Run the fixups hook before other modules.
2328
2349
PR 29755. [Paul Querna]
2330
*) Allow mod_authnz_ldap authorization functionality to be used
2331
without requiring the user to also be authenticated through
2332
mod_authnz_ldap. This allows other authentication modules to
2351
*) Allow mod_authnz_ldap authorization functionality to be used
2352
without requiring the user to also be authenticated through
2353
mod_authnz_ldap. This allows other authentication modules to
2333
2354
take advantage of LDAP authorization only [PR 28253]
2334
2355
[Jari Ahonen jah progress.com, Brad Nicholes]
2336
2357
*) Log the client IP address when an error occurs disabling nagle on a
2337
connection, but log at a severity of debug since this error
2358
connection, but log at a severity of debug since this error
2338
2359
generally means that the connection was dropped before data was
2339
2360
sent. Log the client IP address when reporting errors in the core
2340
2361
output filter. [Jeff Trawick]
2345
2366
*) mod_rewrite: Removed the MaxRedirects option in favor of the
2346
2367
core LimitInternalRecursion directive. [André Malo]
2348
*) mod_info: Added listing of the Request Hooks and added more build
2349
information like 'httpd -V' contains. Changed output to XHTML.
2369
*) mod_info: Added listing of the Request Hooks and added more build
2370
information like 'httpd -V' contains. Changed output to XHTML.
2352
2373
*) mod_info: Rewrote config tree walk using a recursive function.
2369
2390
The module is now called authnz_ldap and has been moved out of
2370
2391
the modules/experimental area and into modules/aaa with the other
2371
2392
auth modules. Both the authn_ldap provider and the authz_ldap
2372
handler are contained within the authnz_ldap module. The
2393
handler are contained within the authnz_ldap module. The
2373
2394
authz_ldap handler introduces 3 new "requires" values for handling
2374
authorization. These handlers are ldap-user, ldap-group and
2395
authorization. These handlers are ldap-user, ldap-group and
2375
2396
ldap-dn. [Brad Nicholes]
2377
2398
*) Fix some compiler warnings in proxy
2386
2407
*) Improve error handling for corrupted pid files. [Jeff Trawick]
2388
*) mod_proxy.c and proxy_util.c: Enable compiling on 2.0-HEAD
2409
*) mod_proxy.c and proxy_util.c: Enable compiling on 2.0-HEAD
2389
2410
(for backwards compatibility):
2390
2411
Avoids mod_ssl.h (not included in 2.0-HEAD) and
2391
use apr_socket_create_ex for 0.9.x
2412
use apr_socket_create_ex for 0.9.x
2394
2415
*) Added proxy_ajp.c module for proxy support to ajp:// backends.
2409
2430
*) Add load balancer support to the scoreboard in preparation for
2410
2431
load balancing support in mod_proxy. [Mladen Turk]
2412
*) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to
2433
*) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to
2413
2434
allow a non-secure connection to be upgraded to secure connections
2414
2435
[Brad Nicholes]
2416
2437
*) core: Add Options= syntax to AllowOverride to specify which options
2417
2438
may be overridden in .htaccess files. PR 29310.
2418
2439
[Tom Alsberg <alsbergt cs.huji.ac.il>, Paul Querna]
2421
2442
PR 28204. [Erik Weide <erik.weidel mplus-technologies.de>, Paul Querna]
2423
2444
*) mod_so, core: Add new command line options to print all loaded
2424
modules. '-t -D DUMP_MODULES' and '-M' will show all static
2445
modules. '-t -D DUMP_MODULES' and '-M' will show all static
2425
2446
and shared modules as loaded from the configuration file.
2428
2449
*) mod_autoindex: Add ShowForbidden to IndexOptions to list files
2429
that are not shown because the subrequest returned 401 or 403.
2450
that are not shown because the subrequest returned 401 or 403.
2430
2451
PR 10575. [Paul Querna]
2432
2453
*) mod_headers: implement "Early" processing option in post_read_request
2445
2466
('always'), which keeps the former ErrorHeader functionality.
2448
*) mod_deflate: Don't deflate responses with zero length
2469
*) mod_deflate: Don't deflate responses with zero length
2449
2470
e.g. proxied 304's [Allan Edwards]
2451
2472
*) <IfModule> now recognizes the module identifier in addition to the
2509
2530
"ProxyErrorOverride On" is configured. PR 20183.
2510
2531
[Marcus Janson <marcus.janson tre.se>, Joe Orton]
2512
*) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize
2513
directive (previously NetWare-only) to override default thread
2514
stack size for threads which handle client connections. Required
2515
for some third-party modules on platforms with small default
2533
*) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize
2534
directive (previously NetWare-only) to override default thread
2535
stack size for threads which handle client connections. Required
2536
for some third-party modules on platforms with small default
2516
2537
thread stack size. [Jeff Trawick]
2518
2539
*) minor mod_auth_basic and mod_auth_digest sync. mod_auth_basic
2525
2546
the Apache License, Version 2.0 (http://www.apache.org/licenses).
2526
2547
[Apache Software Foundation]
2528
*) Delete some make-generated files in the server directory during
2549
*) Delete some make-generated files in the server directory during
2529
2550
"make clean" processing. PR 26552. [Jeff Trawick]
2531
2552
*) Add core version query function (ap_get_server_revision) and
2567
2588
header fields can be set for return even on errors or external
2568
2589
redirects. [Ken Coar]
2570
*) Fix <Limit> and <LimitExcept> parsing to require a closing '>'
2571
in the initial container. PR 25414.
2591
*) Fix <Limit> and <LimitExcept> parsing to require a closing '>'
2592
in the initial container. PR 25414.
2572
2593
[Geoffrey Young <geoff apache.org>]
2574
2595
*) Clean up httpd -V output: Instead of displaying the MPM source
2584
2605
*) mod_logio: Account for some bytes handed to the network layer prior to
2585
2606
dropped connections. [Jeff Trawick]
2587
*) mod_autoindex: new directive IndexStyleSheet
2608
*) mod_autoindex: new directive IndexStyleSheet
2588
2609
[Tyler Riddle <triddle_1999 yahoo.com>, Paul Querna <chip force-elite.com>]
2590
2611
*) Fix uninitialized gprof directory name in prefork MPM. PR 24450.
2591
2612
[Chris Knight <Christopher.D.Knight nasa.gov>]
2593
*) Log an error when requests for URIs which fail to map to a valid
2614
*) Log an error when requests for URIs which fail to map to a valid
2594
2615
filesystem name are rejected with 403. [Jeff Trawick]
2596
2617
*) Switch to APR 1.0 API.
2641
2662
*) mod_ext_filter: Add the ability to filter request bodies.
2642
2663
[Philipp Reisner <philipp.reisner linbit.com>]
2644
*) Fix some broken log messages in WinNT MPM.
2665
*) Fix some broken log messages in WinNT MPM.
2645
2666
[Juan Rivera <Juan.Rivera citrix.com>]
2647
*) prefork MPM: Use the right permissions for the directory created
2668
*) prefork MPM: Use the right permissions for the directory created
2648
2669
for gprof support. [Jim Carlson <jcarlson jnous.com>]
2650
2671
*) Fix a compile failure with recent OpenSSL and picky compilers
2657
2678
*) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
2659
2680
*) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
2660
autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
2681
autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).
2661
2682
[Geoff Thorpe <geoff geoffthorpe.net>]
2663
2684
*) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
2721
2742
*) Allow 'make depend' to work with non-GCC compilers.
2722
2743
[Justin Erenkrantz]
2724
*) If an httpd.conf has commented out AddModule directives,
2725
apxs -i -a will add an un-commented AddModule directive for
2745
*) If an httpd.conf has commented out AddModule directives,
2746
apxs -i -a will add an un-commented AddModule directive for
2726
2747
the new module, which breaks the config.
2727
2748
PR: 11212 [Joe Orton]