1 Changes with Apache 2.0b1
3 *) Fix an endless loop in ab which occurred when ab was posting
4 and the server dropped the connection unexpectedly.
7 *) Fix a segfault in ap_http_filter(). I hit the segfault while
8 discarding the body of a request, but it could affect other paths.
11 *) Some adjustment on the handling and automatic setting (via
12 hints.m4) of various compilation flags (eg: CFLAGS). Also,
13 add the capability to specify flags (NOTEST_CFLAGS and
14 NOTEST_LDFLAGS) which are used to compile Apache, but
15 not used during the configuration process. Useful for
16 flags like "-Werror". [Jim Jagielski]
18 *) Stop using environment variables to force debug mode or
19 no detach. We now use the -D command line argument to
20 specify the correct mode. -DONE_PROCESS and -DNO_DETACH.
21 [Greg Stein, Ryan Bloom]
23 *) Change handlers to use hooks. [Ben Laurie]
25 *) Stop returning copies of filenames from both apr_file_t and
26 apr_dir_t. We pstrdup the filenames that we store in the
27 actual structures, so we don't need to pstrdup the strings again.
30 *) mod_cgi: Fix some problems where the wrong error value was being
31 traced. [Jeff Trawick]
33 *) EBCDIC: Fix some missing ASCII conversion on some protocol data.
36 *) Add generic hooks. [Ben Laurie]
38 *) Use a real pool to dup the error log descriptor. [Ryan Bloom]
40 *) Fix a segfault caused by mod_ext_filter when the external filter
41 program does not exist. [Jeff Trawick]
43 *) Fix an output truncation error when on an HTTP >= 1.0 request an
44 object of size between DEFAULT_BUCKET_SIZE and AP_MIN_BYTES_TO_WRITE
45 was served through mod_charset_lite (or anything else that would
46 create a transient bucket in this size range). ap_bucket_make_heap()
47 silently failed (fixed), transient_setaside() discovered it, but
48 ap_save_brigade() ignored it (fixed). [Jeff Trawick]
50 *) Ignore \r\n or \n when using PEEK mode for input filters. The problem
51 is that some browsers send extra lines at the end of POST requests, and
52 we don't want to delay sending data back to the user just because the
53 browser isn't well behaved. [Ryan Bloom]
55 *) Get SuEXEC working again. We can't send absolute paths to suExec
56 because it refuses to execute those programs. SuEXEC also wasn't
57 always recognizing configuration changes made using the autoconf
60 *) Allow the buildconf process to find the config.m4 files in the correct
61 order. Basically, we can now name config.m4 files as config\d\d.m4,
62 and we will sort them correctly when inserting them into the build
65 *) Get mod_cgid to use apr calls for creating the actual CGI process.
66 This also allows mod_cgid to use ap_os_create_priviledged_process,
67 thus allowing for SuExec execution from mod_cgid. Currently, we do
68 not support everything that standard SuExec supports, but at least
69 it works minimally now. [Ryan Bloom]
71 *) Allow SuExec to be configured from the ./configure command line.
74 *) Update some of the docs in README and INSTALL to reflect some of
75 the changes in Apache 2.0 [Cliff Woolley <cliffwoolley@yahoo.com>]
77 *) If we get EAGAIN returned from the call to apr_sendfile, then we
78 need to call sendfile again. This gets us serving large files
79 such as apache_2.0a9.tar.gz on FreeBSD again. [Ryan Bloom]
81 *) Get the support programs building cleanly again.
82 [Cliff Woolley <cliffwoolley@yahoo.com>]
84 *) The Apache/Win32 Apache.exe and dll's now live in bin. The
85 current directory logic now backs up over bin/ to determine the
86 server root from the Apache.exe path.
88 *) Apache/Win32 now follows the standard conventions of mod_foo.so
89 loadable modules, dynamic libs are all named libfoo.dll, and the
90 makefile.win populates the include, lib and libexec directories.
92 *) Apache is now IPv6-capable. On systems where APR supports IPv6,
93 Apache gets IPv6 listening sockets by default. Additionally, the
94 Listen, NameVirtualHost, and <VirtualHost> directives support IPv6
95 numeric address strings (e.g., "Listen [fe80::1]:8080").
98 *) Modify the install directory layout. Modules are now installed in
99 modules/. Shared libraries should be installed in libraries/, but
100 we don't have any of those on Unix yet. All install directories
101 are modifyable at configure time. [Ryan Bloom]
103 *) Install all header files in the same directory on Unix. [Ryan Bloom]
105 *) Get the functions in server/linked into the server, regardless of
106 which modules linked into the server. This uses the same hack
107 for Apache that we use for APR and apr-util to ensure all of the
108 necessary functions are linked. As a part of thise, the CHARSET_EBCDIC
109 was renamed to AP_CHARSET_EBCDIC for namespace protection, and to make
110 the scripts a bit easier.
113 *) Rework the RFC1413 handling to make it thread-safe, use a timeout
114 on the query, and remove IPv4 dependencies. [Jeff Trawick]
116 *) Get all of the auth modules to the point that they will install and
117 be loadable into the server. Our new build/install mechanism expects
118 that all modules will have a common name format. The auth modules
119 didn't use that format, so we didn't install them properly.
122 *) API routines ap_pgethostbyname() and ap_pduphostent() are no longer
123 available. Use apr_getaddrinfo() instead. [Jeff Trawick]
125 *) Get "NameVirtualHost *" working in 2.0. [Ryan Bloom]
127 *) Return HTTP_RANGE_NOT_SATISFIABLE if the every range requested starts
128 after the end of the response. [Ryan Bloom]
130 *) Get byterange requests working with responses that do not have a
131 content-length. Because of the way byterange requests work, we have to
132 have all of the data before we can actually do the byterange, so we
133 can compute the content-length in the byterange filter.
136 *) Get exe CGI's working again on Windows.
139 *) Get mod_cgid and mod_rewrite to work as DSOs by changing the way
140 they keep track of whether or not their post config hook has been
141 called before. Instead of a static variable (which is replaced when
142 the DSO is loaded a second time), use userdata in the process pool.
145 Changes with Apache 2.0a9
147 *) Win32 now requires perl to complete the final install step for users
148 to build + install on Win32. Makefile.win now rewrites @@ServerRoot@
149 and installs the conf, htdocs and htdocs/manual directories.
152 *) Make mod_include use a hash table to associate directive tags with
153 functions. This allows modules to implement their own SSI tags easily.
154 The idea is simple enough, a module can insert it's own tag and function
155 combination into a hash table provided by mod_include. While mod_include
156 parses an SSI file, when it encounters a tag in the file, it does a
157 hash lookup to find the function that implements that tag, and passes
158 all of the relevant data to the function. That function is then
159 responsible for processing the tag and handing the remaining data back
160 to mod_include for further processing.
161 [Paul J. Reder <rederpj@raleigh.ibm.com>]
163 *) Get rid of ap_new_apr_connection(). ap_new_connection() now has
164 fewer parameters: the local and remote socket addresses were removed
165 from the parameter list because all required information is available
166 via the APR socket. [Jeff Trawick]
168 *) Distribution directory structure reorganized to reflect a
169 normal source distribution with external install targets.
172 *) The MPMs that need multiple segments of shared memory now create
173 two apr_shmem_t variables, one for each shared memory allocation.
174 the problem is that we can't determine how much memory will be required
175 for shared memory allocations once we try to allocate more than one
176 variable. The MM code automatically aligns the shared memory allocations,
177 so we end up needing to pad the amount of shared memory we want based
178 on how many variables will be allocated out of the shared memory segment.
179 It is just easier to create a second apr_shmem_t variable, and two
183 *) Cleanup the export list a bit. This creates a single unified list of
184 functions exported by APR. The export list is generated at configure
185 time, and that list is then used to generate the exports.c file.
186 Because of the way the export list is generated, we only export those
187 functions that are valid on the platform we are building on.
190 *) Enable logging the cookie with mod_log_config
191 [Sander van Zoest <sander@covalent.net>]
193 *) Fix a segfault in mod_info when it reaches the end of the configuration.
196 *) Added lib/aputil/ as a placeholder for utility functions which are not
197 specific to the Apache HTTP Server (but do not make sense with APR).
198 The first utility is "apu_dbm": a set of functions to work with DBM
199 files. This first version can be compiled for SDBM or GDBM databases.
202 *) Complete re-write of mod_include. This makes mod_include a filter that
203 uses buckets directly. This has now served the FAQ correctly.
204 [Paul Reder <rederpj@raleigh.ibm.com>]
206 *) Allow modules to specify the first filter in a sub_request when
207 making the sub_request. This keeps modules from having to change the
208 output_filter immediately after creating the sub-request, and therefore
209 skip the sub_req_output_filter. [Ryan Bloom]
211 *) Update ab to accept URLs with IPv6 literal address strings (in the
212 format described in RFC 2732), and to build Host header fields in
213 the same format. This allows IPv6 literal address strings to be
214 used with ab. This support has been tested against Apache 1.3 with
215 the KAME patch, but Apache 2.0 does not yet work with this format
216 of the Host header field. [Jeff Trawick]
218 *) Accomodate an out-of-space condition in the piped logs and the
219 rotatelogs.c code, and no longer churn log processes for this
220 condition. [Victor J. Orlikowski]
222 *) Add support for partial writes with apr_sendfile() to core_output_filter.
225 Changes with Apache 2.0a8
227 *) Add a directive to mod_mime so that filters can be associated with
231 *) Get multi-views working again. We were setting the path_info
232 field incorrectly if we couldn't find the specified file.
235 *) Fix 304 processing. The core should never try to send the headers
236 down the filter stack. Always, just setup the table in the request
237 record, and let the header filter convert it to data that is ready
241 *) More fixes for the proxy. There are still bugs in the proxy code,
242 but this has now proxied www.yahoo.com and www.ntrnet.net (my ISP)
246 *) Fix params for apr_getaddrinfo() call in connect proxy handler.
249 *) APR: Add new apr_getopt_long function to handle long options.
250 [B. W. Fitzpatrick <fitz@red-bean.com>]
252 *) APR: Change apr_connect() to take apr_sockaddr_t instead of hostname.
253 Add generic apr_create_socket(). Add apr_getaddrinfo() for doing
254 hostname resolution/address string parsing and building
255 apr_sockaddr_t. Add apr_get_sockaddr() for getting the address
256 of one of the apr_sockaddr_t structures for a socket. Change
257 apr_bind() to take apr_sockaddr_t. [David Reid and Jeff Trawick]
259 *) Remove the BUFF from the HTTP proxy. This is still a bit ugly, but
260 I have proxied pages with it, cleanup will commence soon.
263 *) Make the proxy work with filters. This isn't perfect, because we
264 aren't dealing with the headers properly. [Ryan Bloom]
266 *) Do not send a content-length iff the C-L is 0 and this is a head
267 request. [Ryan Bloom]
269 *) Make cgi-bin work as a regular directory when using mod_vhost_alias
270 with no VirtualScriptAlias directives. PR#6829 [Tony Finch]
272 *) Remove BUFF from the PROXY connect handling. [Ryan Bloom]
274 *) Get the default_handler to stop trying to deal with HEAD requests.
275 The idea is to let the content-length filter compute the C-L before
276 we try to send the data. If we can get the C-L correctly, then we
277 should send it in the HEAD response.
280 *) The Header filter can now determine if a body should be sent based
281 on r->header_only. The general idea of this is that if we delay
282 deciding to send the body, then we might be able to compute the
283 content-length correctly, which will help caching proxies to cache
284 our data better. Any handler that doesn't want to try to compute
285 the content-length can just send an EOS bucket without data and
286 everything will just work.
289 *) Add the referer to the error log if one is available.
290 [Markus Gyger <mgyger@itr.ch>]
292 *) Mod_info.c has now been ported to Apache 2.0. As a part of this
293 change, the root of the configuration tree has been exposed to modules
295 [Ryan Morgan <rmorgan@covalent.net>]
297 *) Get the core_output_filter to use the bucket interface directly.
298 This keeps us from calling the content-length filter multiple times
299 for a simple static request.
302 *) We are sending the content-type correctly now.
303 [Ryan Bloom and Will Rowe]
305 *) APR on FreeBSD: Fix a bug in apr_sendfile() which caused us to report
306 a bogus bytes-sent value when the only thing being sent was trailers
307 and writev() returned an error (or EAGAIN). [Jeff Trawick]
309 *) Get SINGLE_LISTEN_UNSERIALIZED_ACCEPT working again. This uses the
310 hints file to determine which platforms define
311 SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
314 *) APR: add apr_get_home_directory() [Jeff Trawick]
316 *) Initial import of 1.3-current mod_proxy. [Chuck Murcko]
318 *) Not all platforms have INADDR_NONE defined by default. Apache
319 used to make this check and define INADDR_NONE if appropriate,
320 but APR needs the check too, and I suspect other applications will
321 as well. APR now defines APR_INADDR_NONE, which is always a valid
322 value on all platforms.
323 [Branko Èibej <brane@xbc.nu>]
325 *) Destroy the pthread mutex in lock_intra_cleanup() for PR#6824.
326 [Shuichi Kitaguchi <ki@hh.iij4u.or.jp>]
328 *) Relax the syntax checking of Host: headers in order to support
329 iDNS. PR#6635 [Tony Finch]
331 *) When reading from file buckets we convert to an MMAP if it makes
332 sense. This also simplifies the default handler because the
333 default handler no longer needs to try to create MMAPs.
336 *) BUFF has been removed from the main server. The BUFF code will remain
337 in the code until it has been purged from the proxy module as well.
340 *) Byteranges have been completely re-written to be a filter. This
341 has been tested, and I believe it is working correctly, but it could
342 doesn't work for the Adobe Acrobat plug-in. The output almost matches
343 the output from 1.3, the only difference being that 1.3 includes
344 a content-length in the response, and this does not.
347 *) APR read/write functions and bucket read functions now operate
348 on unsigned integers, instead of signed ones. It doesn't make
349 any sense to use signed ints, because we return the error codes,
350 so if we have an error we should report 0 bytes read or written.
353 *) Always compute the content length, whether it is sent or not.
354 The reason for this, is that it allows us to correctly report
355 the bytes_sent when logging the request. This also simplifies
356 content-length filter a bit, and fixes the actual byte-reporing
357 code in mod_log_config.c
360 *) Remove AP_END_OF_BRIGADE definition. This does not signify what
361 it says, because it was only used by EOS and FLUSH buckets. Since
362 neither of those are required at the end of a brigade, this was
363 really signifying FLUSH_THE_DATA, but that can be determined better
364 by checking AP_BUCKET_IS_EOS() or AP_BUCKET_IS_FLUSH. EOS and FLUSH
365 buckets now return a length of 0, which is actually the amount of data
366 read, so they make more sense.
369 *) Allow the core_output_filter to save some data past the end of a
370 request. If we get an EOS bucket, we only send the data if it
371 makes sense to send it. This allows us to pipeline request
372 responses. As a part of this, we also need to allocate mmap
373 buckets out of the connection pool, not the request pool. This
374 allows the mmap to outlive the request.
377 *) Make blocking and non-blocking bucket reads work correctly for
378 sockets and pipes. These are the only bucket types that should
379 have non-blocking reads, because the other bucket types should
380 ALWAYS be able to return something immediately.
383 *) In the Apache/Win32 console window, accept Ctrl+C to stop the
384 server, but use Ctrl+Break to initiate a graceful restart
385 instead of duplicating behavior. [John Sterling]
387 *) Patch mod_autoindex to set the Last-Modified header based on
388 the directory's mtime, and add the ETag header. [William Rowe]
390 *) Merge the 1.3 patch to add support for logging query string in
391 such a way that "%m %U%q %H" is the same as "%r".
394 *) Port three log methods from mod_log_config 1.3 to 2.0:
395 CLF compliant '-' byte count, method and protocol.
398 *) Add a new LogFormat directive, %c, that will log connection
399 status at the end of the response as follows:
400 'X' - connection aborted before the response completed.
401 '+' - connection may be kept-alive by the server.
402 '-' - connection will be closed by the server.
405 *) Expand APR for WinNT to fully accept and return utf-8 encoded
406 Unicode file names and paths for Win32, and tag the Content-Type
407 from mod_autoindex to reflect that charset if the the feature
408 macro APR_HAS_UNICODE_FS is true. [William Rowe]
410 *) Compute the content length (and add appropriate header field) for
411 the response when no content length is available and we can't use
412 chunked encoding. [Jeff Trawick]
414 *) Changed ap_discard_request_body() to use REQUEST_CHUNKED_DECHUNK,
415 so that content input filters get dechunked data when using
416 the default handler. Also removed REQUEST_CHUNKED_PASS.
419 *) Add mod_ext_filter as an experimental module. This module allows
420 the administrator to use external programs as filters. Currently,
421 only filtering of output is supported. [Jeff Trawick]
423 *) Most Apache functions work on EBCDIC machines again, as protocol
424 data is now translated (again). [Jeff Trawick]
426 *) Introduce ap_xlate_proto_{to|from}_ascii() to clean up some of
427 the EBCDIC support. They are noops on ASCII machines, so this
428 type of translation doesn't have to be surrounded by #ifdef
429 CHARSET_EBCDIC. [Jeff Trawick]
431 *) Fix mod_include. tag commands work again, and the server will
432 send the FAQ again. This also allows mod_include to set aside
433 buckets that include partial buckets.
434 [Ryan Bloom and David Reid]
436 *) Add suexec support back. [Manoj Kasichainula]
438 *) Lingering close now uses the socket directly instead of using
439 BUFF. This has been tested, but since all we can tell is that it
440 doesn't fail, this needs to be really hacked on.
443 *) Allow filters to modify headers and have those headers be sent to
444 the client. The idea is that we have an http_header filter that
445 actually sends the headers to the network. This removes the need
446 for the BUFF to send headers.
449 *) Charset translation: mod_charset_lite handles translation of
450 request bodies. Get rid of the xlate version of ap_md5_digest()
451 since we don't compute digests of filtered (e.g., translated)
452 response bodies this way anymore. (Note that we don't do it at
453 all at the present; somebody needs to write a filter to do so.)
456 *) Input filters and ap_get_brigade() now have a input mode parameter
457 (blocking, non-blocking, peek) instead of a length parameter.
460 *) Update the mime.types file to the registered media types as
461 of 2000-10-19. PR#6613 [Carsten Klapp <carsten.klapp@home.net>,
464 *) Namespace protect some macros declared in ap_config.h
467 *) Support HTTP header line folding with input filtering.
470 *) Mod_include works again. This should still be re-written, but at
471 least now we can serve an SHTML page again.
474 *) Begin to remove BUFF from the core. Currently, we keep a pointer
475 to both the BUFF and the socket in the conn_rec. Functions that
476 want to use the BUFF can, functions that want to use the socket,
477 can. They point to the same place.
480 *) apr_psprintf doesn't understand %lld as a format. Make it %ld.
481 [Tomas "Ögren" <stric@ing.umu.se>]
483 *) APR pipes on Unix and Win32 are now cleaned up automatically when the
484 associated pool goes away. (APR pipes on OS/2 were already had this
485 logic.) This resolvs a fatal file descriptor leak with CGIs.
488 *) The final line of the config file was not being read if there was
489 no \n at the end of it. This was caused by apr_fgets returning
490 APR_EOF even though we had read valid data. This is solved by
491 making cfg_getline check the buff that was returned from apr_fgets.
492 If apr_fgets return APR_EOF, but there was data in the buf, then we
493 return the buf, otherwise we return NULL.
496 *) Piped logs work again in the 2.0 series.
499 *) Restore functionality broken by the mod_rewrite security fix:
500 rewrite map lookup keys and default values are now expanded
501 so that the lookup can depend on the requested URI etc.
502 PR #6671 [Tony Finch]
504 *) Tighten up the syntax checking of Host: headers to fix a
505 security bug in some mass virtual hosting configurations
506 that can allow a remote attacker to retrieve some files
507 on the system that should be inaccessible. [Tony Finch]
509 *) Add a pool bucket type. This bucket is used for data allocated out
510 of a pool. If the pool is cleaned before the bucket is destroyed, then
511 the data is converted to a heap bucket, allowing it to survive the
515 *) Add a flush bucket. This allows modules to signal that the filters
516 should all flush whatever data they currently have. There is no way
517 to actually force them to do this, so if a filter ignores this bucket,
518 that's life, but at least we can try with this.
521 *) Add an output filter for sub-requests. This filter just strips the
522 EOS bucket so that we don't confuse the main request's core output
523 filter by sending multiple EOS buckets. This change also makes sub
524 requests start to send EOS buckets when they are finished.
527 *) Make ap_bucket_(read|destroy|split|setaside) into macros. Also
528 makes ap_bucket_destroy a return void, which is okay because it
529 used to always return APR_SUCCESS, and nobody ever checked its
531 [Cliff Woolley <cliffwoolley@yahoo.com>]
533 *) Remove the index into the bucket-type table from the buckets
534 structure. This has now been replaced with a pointer to the
535 bucket_type. Also add some macros to test the bucket-type.
538 *) Renamed all MODULE_EXPORT symbols to AP_MODULE_DECLARE and all symbols
539 for CORE_EXPORT to AP_CORE_DECLARE (namespace protecting the wrapper)
540 and retitled API_EXPORT as AP_DECLARE and APR_EXPORT as APR_DECLARE.
541 All _VAR_ flavors changes to _DATA to be absolutely clear.
544 *) Add support for /, //, //servername and //server/sharename
545 parsing of <Directory> blocks under Win32 and OS2.
546 [Tim Costello, William Rowe, Brian Harvard]
548 *) Remove the function pointers from the ap_bucket type. They have been
549 replaced with a global table. Modules are allowed to register bucket
550 types and use then use those buckets.
553 *) mod_cgid: In the handler, shut down the Unix socket (only for write)
554 once we finish writing the request body to the cgi child process;
555 otherwise, the client doesn't hit EOF on stdin. Small request bodies
556 worked without this change (for reasons I don't understand), but large
557 ones didn't. [Jeff Trawick]
559 *) Remove file bucket specific information from the ap_bucket type.
560 This has been moved to a file_bucket specific type that hangs off
561 the data pointer in the ap_bucket type.
564 *) Input filtering now has a third argument. This is the amount of data
565 to read from lower filters. This argument can be -1, 0, or a positive
566 number. -1 means give me all the data you have, I'll deal with it and
567 let you know if I need more. 0 means give me one line and one line
568 only. A positive number means I want no more than this much data.
570 Currently, only 0 and a positive number are implemented. This allows
571 us to remove the remaining field from the conn_rec structure, which
575 *) Big cleanup of the input filtering. The goal is that http_filter
576 understands two conditions, headers and body. It knows where it is
577 based on c->remaining. If c->remaining is 0, then we are in headers,
578 and http_filter returns a line at a time. If it is not 0, then we are
579 in body, and http_filter returns raw data, but only up to c->remaining
580 bytes. It can return less, but never more.
581 [Greg Ames, Ryan Bloom, Jeff Trawick]
583 *) mod_cgi: Write all of the request body to the child, not just what
584 the kernel would accept on the first write. [Jeff Trawick]
586 *) Back out the change that moved the brigade from the core_output_filters
587 ctx to the conn_rec. Since all requests over a given connection
588 go through the same core_output_filter, the ctx pointer has the
592 *) Fix another bug in the send_the_file() read/write loop. A partial
593 send by apr_send would cause unsent data in the read buffer to
594 get clobbered. Complete making send_the_file handle partial
595 writes to the network.
598 *) Fix a couple of type fixes to allow compilation on AIX again
599 [Victor J. Orlikowski <v.j.orlikowski@gte.net>]
601 *) Fix bug in send_the_file() which causes offset to be ignored
602 if there are no headers to send.
605 *) Handle APR_ENOTIMPL returned from apr_sendfile in the core
606 filter. Useful for supporting Windows 9* with a binary
607 compiled on Windows NT.
610 Changes with Apache 2.0a7
612 *) Reimplement core_output_filter to buffer/save bucket brigades
613 across multiple calls to the core_filter. The brigade will be
614 sent when either MIN_BYTES_TO_SEND or MAX_IOVEC_TO_WRITE
615 thresholds are hit or the EOS bucket is received.
618 *) Create experimental filter (buffer_filter) that coalesces bytes
619 into one large buffer before invoking the next filter in the
620 chain. This filter is particularly useful with the current
621 implementation of mod_autoindex when it inserted above the
622 chunk_filter. mod_autoindex generates a lot of brigades that
623 containing buckets holding just a few bytes each. The
624 buffer_filter coalesces these buckets into a single large bucket.
627 *) Add apr_sendfile() support into the core_output_filter.
630 *) Add apr_sendv() support into the core_output_filter.
633 *) Fix mod_log_config so that it compiles cleanly with BUFFERED_LOGS
634 [Mike Abbott <mja@sgi.com>]
636 *) Remove ap_send_fb. This is no longer used in Apache, and it doesn't
637 make much sense, because Apache uses buckets instead of BUFFs now.
640 *) send_the_file now falls back to a read/write loop on platforms that
641 do not have sendfile.
642 [Ryan Bloom and Brian Havard]
644 *) Install apachectl correctly, and substitute the proper values so
645 that it works again. [Ryan Bloom]
647 *) Better(??) handle platforms that lack sendfile().
650 *) APR now has UUID generation/formatting/parsing support.
653 *) Begin the http_filter. This is an input filter that understands
654 the absolute basic amount required to parse an HTTP Request. The
655 goal is to be able to split headers from request body before passing
656 the data back to the other filters.
659 *) Bring forward from 1.3.13 the config directory implementation
662 *) install apxs if it is created
665 *) Added APR_IS_STATUS_condition test macros to eliminate canonical error
666 conversions. [William Rowe]
668 *) Now that we have ap_add_input_filter(), rename ap_add_filter() to
669 ap_add_output_filter(). [Jeff Trawick]
671 *) Multiple build and configuration fixes
674 -add datadir and localstatedir substitutions
676 -fix logfilename misspelling
677 -fix evaluation of installation dir variables and
678 -replace $foobar by $(foobar) to be usefull in the makefile
682 -add rules for cross-compiling in rules.mk. Okay, rule to check for
683 $CC_FOR_BUILD is still missing
684 -use CHECK_TOOL instead of CHECK_PROG for ranlib
685 -add missing "AR=@AR@" to severaly Makefile.in's
686 -cache result for "struct rlimit"
687 -compile all helper programs with native and cross compiler
688 and use the native version to generate header file
689 ["Rüdiger" Kuhlmann <Tadu@gmx.de>]
691 *) Prepare our autoconf setup for autoconf 2.14a and for cross-
693 ["Rüdiger" Kuhlmann <Tadu@gmx.de>]
695 *) Fix a bug where a client which only sends \n to delimit header
696 lines (netcat) gets a strange looking HTTP_NOT_IMPLEMENTED
697 message. Start working on ebcdic co-existance with input
699 [William Rowe, Greg Ames]
701 *) If mod_so is enabled in the server always create libexec, even
702 if there are no modules installed in this directory. This is a
703 requirement for APXS to work correctly.
706 *) Connection oriented output filters are now stored in the
707 conn_rec instead of the request_rec. This allows us to add the
708 output filter in the pre-connection phase instead of the
709 post_read_request phase, which keeps us from trying to write an
710 error page before we have a filter to write to the network.
711 [Ryan Bloom, Jeff Trawick, and Greg Ames]
713 *) Cleaning up an mmap bucket no longer deletes the mmap. An
714 mmap can be used across multiple buckets (default_handler with
715 byte ranges, mod_file_cache, mod_mmap_static), so cleanup of
716 the mmap itself can't be associated with the bucket.
719 *) Add .dll caching directive ISAPICacheFile to mod_isapi.
722 *) Radical surgery to improve mod_isapi support under Win32.
723 Includes a number of newer ServerSupportFunction calls, support
724 for ReadClient (in order to retrieve POSTs greater than 48KB),
725 and general bug fixes to more reliably load ISAPI .dll's and
726 prevent leaking handle resources. Note: There are still
727 discrepancies between IIS's and Apache's ServerVariables, and
728 async calls are still not supported. Additional warnings are
729 logged to facilitate debugging of unsupported ISAPI calls.
732 *) Add input filtering to Apache. The basic idea for the input
733 filters is the same as the ideas for output filters. The biggest
734 difference is that instead of calling ap_pass_brigade, ap_get_brigade
735 should be called, and the order of execution for the filter itself is
736 different. When writing an output filter, a brigade is passed in,
737 and filters operate directly on that brigade, when done, they call
738 ap_pass_brigade. Input filters are the exact opposite. Because input
739 is not a push operation, filters first call ap_get_brigade. When this
740 function returns, the input filter will be left with a valid brigade.
741 The input filter should then operate on the brigade, and return.
744 *) Fix building on BSD/OS using its native make. The build system
745 falls back to the BSD .include directive on that host platform.
748 *) Expand dbmmanage to allow -d -m -s -p options for Crypt, MD5,
749 SHA1 and plaintext password encodings. Make feature tests a
750 bit more flexible. [William Rowe]
752 *) Charset translation: mod_charset_lite handles output content
753 translation in a filter. mod_charset_lite no longer ignores
754 subrequests. A bunch of cruft related to BUFF's support for
755 translating request and response bodies was removed.
758 *) Move the addition of the CORE filter to the post_read_request
759 hook in http_core.c. This removes the need to add the filter in
760 multiple places and allows for an SSL module to be added much
761 simpler. [Ryan Bloom]
763 *) Fix a security problem that affects certain configurations of
764 mod_rewrite. If the result of a RewriteRule is a filename that
765 contains expansion specifiers, especially regexp backreferences
766 $0..$9 and %0..%9, then it may be possible for an attacker to
767 access any file on the web server. [Tony Finch]
769 *) Fix a bug where errors that are detected during early request parsing
770 don't produce visible HTTP error messages at the browser, because
771 the core_filter wasn't present. [Greg Ames]
773 *) Provide apr_socklen_t as a portability aid.
774 [Victor J. Orlikowski]
776 *) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2)
777 as well as a comment arg to the add, adduser and update cmds.
778 update allows the user to clear or preserve pw/groups/comment.
779 Fixed a bug in dbmmanage that prevented the check option from
780 parsing a password followed by :group... text. Corrected the
781 seed calcualation for Win32 systems, and added -lsdbm support.
784 *) Configured mod_auth_dbm to compile with sdbmlib under Win32.
787 *) Avoid a segfault when parsing .htaccess files. An
788 uninitialized tree pointer was passed to ap_build_config().
791 *) Change the way that inet_addr & inet_network are checked for
792 in APR's configure process to allow BeOS BONE to correctly
793 find them. With this change BeOS BONE now builds from source
794 with no problems. [David Reid]
796 *) Fix a bug in apr_create_process() for Unix. The NULL signifying
797 the end of the parameters to execve() was stored in the wrong
798 location, overlaying the storage beyond the newargs[] array and
799 also passing uninitialized storage to execve(), which would
800 sometimes fail with EFAULT. [Jeff Trawick]
802 *) Fix a bug parsing configuration file containers. With a sequence
803 like this in the config file
805 <IfModule mod_kilroy.c>
808 <IfModule mod_lovejoy.c>
813 the second container would be terminated at the blank line due to
814 sediment in the buffer from reading the prior </IfModule> and an
815 error message would be generated for the real </IfModule> for the
816 second container. Also due to this problem, any two characters
817 could be used for "</" in the close of a container.
820 *) ap_add_filter prototype changed to remove the ctx pointer. The
821 pointer still remains in the filter structure, but it can not be
822 a part of the ap_add_filter prototype. The reason is that when
823 the core uses AddFilter to add a filter to the stack it doesn't
824 know how to allocate the ctx pointer, or even how much memory should
825 be allocated. The filters will have to be responsible for allocating
826 the ctx memory when they need it.
829 *) Add an AddFilter directive. This directive takes a list of filters
830 that should be activated for the requested resource.
833 *) apr_snprintf(): Get quad format strings working on OS/390 (and perhaps
834 some other platforms). [Jeff Trawick]
836 *) Modify mod_include to be a filter. Currently, it has only been tested
837 on actual files, but it should work for CGI scripts too.
840 *) apr_putc(), apr_puts() for Unix: handle buffered files and interrupted
841 writes. apr_flush() for Unix: handle interrupted writes.
844 *) NameVirtualHost can now take "*" as an argument instead of
845 an IP address. This allows you to create a purely name-based
846 virtual hosting server that does not have any IP addresses in
847 the configuration file and which ignores the local address
848 of any connections. PR #5595, PR #4455 [Tony Finch]
850 *) Fix some compile warnings in mod_mmap_static.c
851 [Mike Abbott <mja@sgi.com>]
853 *) Fix chunking problem with CGI scripts. The general problem was that
854 the CGI modules were adding an EOS bucket and then the core added an
855 EOS bucket. The chunking filter finalizes the chunked response when it
856 encounters an EOS bucket. Because two EOS buckets were sent, we
857 finalized the response twice. The fix is to make sure we only send one
858 EOS, by utilizing a flag in the request_rec.
861 *) apr_put_os_file() now sets up the unget byte appropriately on Unix
862 and Win32. Previously, the first read from an apr_file_t set up via
863 apr_put_os_file() would return a '\0'. [Jeff Trawick]
865 *) Mod_cgid now creates a single element bucket brigade, with a pipe
866 bucket, instead of using BUFF's and ap_r*.
869 *) APRVARS.in no longer overwrites the EXTRA_LIBS variable.
870 [Mike Abbott <mja@sgi.com>]
872 *) Remove ap_bopenf from buff code. This required modifying the file_cache
873 code to use APR file's directly instead of going through BUFFs.
876 *) Fix compile break on some platforms for mod_mime_magic.c
877 [John K. Sterling <sterling@covalent.net>]
879 *) Fix merging of AddDefaultCharset directive.
880 PR #5872 (1.3) [Jun Kuriyama <kuriyama@imgsrc.co.jp>]
882 *) Minor revamp of the rlimit sections of code. We now test
883 explicitly for setrlimit and getrlimit. Also, unixd_set_rlimit()
884 is now "available" even if the platform doesn't support
885 the rlimit family (it's just a noop though). [Jim Jagielski]
887 *) Migrate the pre-selection of which MPM to use for specific
888 platforms to hints.m4, which contains (or should contain)
889 all platform specific "hints". [Jim Jagielski]
891 *) Remove IOLs from Apache. With filtering, IOLs are no longer necessary
894 *) Add tables with non-string/binary values to APR.
897 *) Fix some bad calls to ap_log_rerror() in mod_rewrite.
900 *) Update PCRE to version 3.2. [Ryan Bloom]
902 *) Change the way buckets' destroy functions are called so that
903 they can be more directly used when changing the type of a
904 bucket in place. [Tony Finch]
906 *) Add generic support for reference-counting the resources used by
907 buckets, and alter the HEAP and MMAP buckets to use it. Change
908 the way buckets are initialised to support changing the type of
909 buckets in place, and use it when setting aside TRANSIENT buckets.
910 Change the implementation of TRANSIENT buckets so that it can be
911 mostly shared with IMMORTAL buckets, which are now implemented.
914 Changes with Apache 2.0a6
916 *) Add support to Apache and APR for dsos on OS/390. [Greg Ames]
918 *) Add a chunking filter to Apache. This brings us one step closer
919 to removing BUFF. [Ryan Bloom]
921 *) ap_add_filter now adds filters in a LIFO fashion. The first filter
922 added to the stack is the last filter to be called. [Ryan Bloom]
924 *) Apache 2.0 has been completely documented using Scandoc. The
925 docs can be generated by running 'make docs'. [Ryan Bloom]
927 *) Add filtered I/O to Apache. This is based on bucket brigades,
928 Currently the buckets still use BUFF under the covers, but that
929 should change quickly. The only currently written filter is the
930 core filter which just calls ap_bwrite. [The Apache Group]
932 *) APR locks on Unix: Let APR_LOCKALL locks work when APR isn't
933 built with thread support. [Jeff Trawick]
935 *) Abort configuration if --with-layout was specified and there's
936 no layout definition file. [Ken Coar]
938 *) Add support for '--with-port=n' option to configure. [Ken Coar]
940 *) Add support for extension methods for the Allow response header
941 field, and an API routine for accessing r->allowed and the
942 list of extension methods in a unified manner. [Ken Coar]
944 *) mod_cern_meta: fix broken file reading loop in scan_meta_file().
945 [Rob Simonson <simo@us.ibm.com>]
947 *) Get xlate builds working again. The apr renaming in 2.0a5 broke
948 APACHE_XLATE builds. [Jeff Trawick]
950 *) A configuration file parsing problem was fixed. When the
951 configuration file started with an IfModule/IfDefine container,
952 only the last statement in the container would be retained.
955 Changes with Apache 2.0a5
957 *) Perchild is serving pages after passing them to different child
958 processes. There are still a lot of bugs, but this does work. I
959 have made requests against the same installation of Apache, and had
960 different servers use different user IDs to serve the responses.
961 This change moves to using socketpair instead of an AF_UNIX socket.
964 *) Perchild MPM still doesn't work perfectly, but it is serving pages.
965 It can't seem to pass between child processes yet, but I think we
966 are closer now than before. This moves us back to using Unix
967 Domain Sockets. [Ryan Bloom]
969 *) libapr functions and types renamed with apr_ prefix.
970 #include "apr_compat.h" for 1.3.x backwards compat
973 *) Fix problems with APR sockaddr handling on Win32. It didn't always
974 return the right information on the local socket address.
975 [Gregory Nicholls <gnicholls@level8.com>]
977 *) ap_recv() on Win32: Set bytes-read to 0 on error.
978 [Gregory Nicholls <gnicholls@level8.com>]
980 *) Add an option to not detach from the controlling terminal without
981 going into single process mode. This allows for much easier
982 debugging of the process startup code. [Ryan Bloom]
984 *) ab: don't use perror() to report the failure of an APR function.
987 *) Make dexter, mpmt_pthread, and perchild MPMs not destroy the
988 scoreboard on graceful restarts.
991 *) Fix segfault/SIGSEGV when running gzip from mod_mime_magic.c.
992 An invalid ap_proc_t was passed to ap_create_process().
995 *) Allow modules to register filters. Those filters are still
996 never called, but this is a step in the right direction.
997 [Ryan Bloom and Greg Stein]
999 *) Register the mod_cgid daemon process for cleanup so that it is
1000 killed at termination if it does not die when the parent gets
1001 SIGTERM. This change is to fix occasional problems where the
1002 process stays around. Bugs in similar logic in mod_rewrite and
1003 mod_include were also fixed. [Jeff Trawick]
1005 *) Fix a bug in the time handling. Basically, we were imploding a time
1006 in ap_parseHTTPdate, but it had bogus data in the exploded time format.
1007 Namely, tm_usec and tm_gmtoff were not filled out. ap_implode_time
1008 uses those two fields to adjust the time value. Because of the HTTP
1009 spec, both of those values can be zero'ed out safely. This fixes
1010 the bug correctly. [Ryan Bloom]
1012 *) Fix a couple of place in the Windows code where the wrong error
1013 code was being returned. [Gregory Nicholls <gnicholls@level8.com>]
1015 *) Fix POOL_DEBUG (at least for prefork mpm). [Dean Gaudet]
1017 *) Added the APR_EOL_STR macro for platform dependent differences in
1018 logfiles and other raw text (such as all APR files). Fixes logfiles
1019 not terminated with cr/lf sequences in Win32. [William Rowe]
1021 *) Move all strings functions in APR to src/lib/apr/strings and create
1022 apr_strings.h for the prototypes. [Ryan Bloom]
1024 *) APR lock fixes: when using SysV sems, flock(), or fcntl(), be sure
1025 to repeat the syscall until we stop getting EINTR. I noticed a
1026 related problem at termination (SIGTERM) on FreeBSD when using
1027 fcntl(). Apache 1.3 had these new loops too. Also, make the flock()
1028 implementation work properly with child init. Previously, ap_lock()
1029 was essentially a no-op because all children were using different
1030 locks and thus nobody ever blocked. [Jeff Trawick]
1032 *) The htdocs/ tree has been moved out of the CVS source tree into
1033 a separate area for easier development. This has NO EFFECT on
1034 end-users or Apache installations. [Ken Coar]
1036 *) Integrate the mod_dav module for WebDAV protocol handling. This
1037 adds the dav and dav_fs modules, the SDBM library, and additional
1038 XML handling utilities. [Greg Stein]
1040 *) Clean out obsolete names (from httpd.h) for the HTTP Status Codes
1043 *) Update the lib/expat-lite/ library (bring forward changes from
1044 the Apache 1.3 repository). [Greg Stein]
1046 *) If sizeof(long long) == sizeof(long), then prefer long in APR
1047 configure.in. [Dave Hill <ddhill@zk3.dec.com>]
1049 *) Add ap_sendfile for Tru64 Unix. Also, add an error message for
1050 machines where sendfile is detected, but nobody has written ap_sendfile.
1051 [Dave Hill <ddhill@zk3.dec.com>]
1053 *) Compile fixes in mod_mmap_static. [Victor J. Orlikowski]
1055 *) ab would start up more connections than needed, then quit when the
1056 desired number were finished. Also fixed a logic error involving
1057 ab keepalives. [Victor J. Orlikowski]
1059 *) WinNT: Implement non-blocking pipes with timeouts to communicate
1060 with CGIs. Apache 2.0a4 had non-blocking pipes but without
1061 timeouts (i.e, if a timeout was specified, the pipe reverted to
1062 a full blocking pipe). Now the behaviour is more in line with
1063 Unix non-blocking pipes.
1066 *) WinNT: Implement accept socket reuse. Using mod_file_cache to
1067 cache open file handles along with accept socket reuse enables
1068 Apache 2.0 to serve non-keepalive requests for static files at
1069 3x the rate of Apache 1.3.(e.g, Apache 1.3 will serve 400 rps
1070 and Apache 2.0 will serve almost 1200 rps on my system).
1073 *) Merge mod_mmap_static function into mod_file_cache. mod_file_cache
1074 supports two config directives, mmapfile (same behavious as
1075 mod_mmap_static) and cachefile. Use the cachefile directive
1076 to cache open file handles. This directive only works on systems
1077 that have implemented the ap_sendfile API. cachefile works today
1078 on Windows NT, but has not been tested on any flavors of Unix.
1081 *) Cleanup the configuration. With the last few changes the
1082 configuration process automatically:
1083 inherits information about how to build from APR. Allowing
1084 APR to inform Apache that it should or should not use -ldl
1086 Detects which mod_cgi should be used mod_cgi or mod_cgid,
1087 based on the threading model
1089 Apache calls APR's configure process before finishing it's
1090 configuration processing, allowing for more information flow
1095 *) Change Unix and Win32 ap_setsockopt() so that APR_SO_NONBLOCK
1096 with non-zero argument makes the socket non-blocking. BeOS and
1097 OS/2 already worked this way. [Jeff Trawick]
1099 *) ap_close() now calls ap_flush() for buffered files, so write
1100 operations work a whole lot better on buffered files.
1103 *) Fix error messages issued from MPMs which explain where to change
1104 compiled-in limits (e.g., ThreadsPerChild, MaxClients, StartTreads).
1107 *) ap_create_pipe() now leaves pipes in blocking state. (This helps
1108 reduce the number of syscalls on Unix.) ap_set_pipe_timeout() is
1109 now the way that the blocking state of a pipe is manipulated.
1110 ap_block_pipe() is gone. [Jeff Trawick]
1112 *) Correct the problem where the only local host name that the IP stack
1113 can discover are 'undotted' private names. If no fully qualified
1114 domain name can be identified, the default ServerName will be set to
1115 the machine's IP address string. A warning is always provided if the
1116 ServerName not specified, but assumed. Solves PR6215 [William Rowe]
1118 *) Repair problems with config file processing which caused segfault
1119 at init when virtual hosts were defined and which caused ServerName to
1120 be ignored when there was no valid DNS setup. [Jeff Trawick]
1122 *) Removed pointless ap_is_aborted macro function. [Roy Fielding]
1124 *) Add ap_sendfile implementation for AIX
1125 [Victor J. Orlikowski]
1127 *) Repair C++ compatibility in ap_config.h, apr_file_io.h,
1128 apr_network_io.h, and apr_thread_proc.h.
1129 [Tyler J. Brooks <tylerjbrooks@home.com>, Jeff Trawick]
1131 *) Bring the allocation and pool debugging code back into a working
1132 state. This will need to be tested as so far it's only been used on
1135 *) Change configuration command setup to be properly typesafe when in
1136 maintainer mode. Note that this requires a compiler that can initialise
1137 unions. [Ben Laurie]
1139 *) Turn on buffering for config file reads. Part of this was to
1140 repair buffered I/O support in Unix and implement buffered
1141 ap_fgets() for all platforms. [Brian Havard, Jeff Trawick]
1143 *) Win32: Fix problem where UTC offset was not being set correctly
1144 in the access log. Problem reported on news group by Jerry Baker.
1147 *) Fix segfault when reporting this type of syntax error:
1148 "</container> without matching <container> section", where
1149 container is VirtualHost or Directory or whatever.
1152 *) Prevent the source code for CGIs from being revealed when using
1153 mod_vhost_alias and the CGI directory is under the document root
1154 and a user makes a request like http://www.example.com//cgi-bin/cgi
1155 as reported in <news:960999105.344321@ernani.logica.co.uk>
1158 *) Add support for the new Beos NetwOrking Environment (BONE)
1161 *) xlate: ap_xlate_conv_buffer() now tells the caller when the
1162 final input char is incomplete; ap_bwrite_xlate() now handles
1163 incomplete final input chars. [Jeff Trawick]
1165 *) Yet another update to saferead/halfduplex stuff -- need to ensure
1166 that a bhalfduplex call occurs before logging or else DNS and
1167 such can delay the last packet of the response. [Dean Gaudet]
1169 *) Some syscall reduction in APR on unix -- don't seek when setting
1170 up an mmap; and don't fcntl() more than once per socket.
1173 *) When mod_cgid is started as root, the cgi daemon now switches
1174 to the configured User/Group (like other httpd processes)
1175 instead of continuing as root. [Jeff Trawick]
1177 *) The prefork MPM now uses an APR lock for the accept() mutex.
1178 It has not been getting a lock at all recently. httpd -V now
1179 displays APR's selection of the lock mechanism instead of the
1180 symbols previously respected by prefork. [Jeff Trawick]
1182 *) Change the mmap() feature test to check only for existence.
1183 The previous check required features not used by Apache.
1186 *) Fix a couple of bugs in mod_cgid: The cgi arguments were
1187 sometimes mangled. The len parm to accept() was not
1188 initialized, leading sometimes to an endless loop of failed
1189 accept() calls on OS/390 and anywhere else that failed the call
1190 if the len was negative. Use <sys/un.h> for struct sockaddr_un
1191 instead of declaring it ourselves to fix a compilation problem
1192 on Solaris. [Jeff Trawick]
1194 *) Add Resource limiting code back into Apache 2.0. [Ryan Bloom]
1196 *) Fix zombie process problem with mod_cgi. [Jeff Trawick]
1198 *) Port mod_mmap_static to 2.0. Make it go faster. [Greg Ames]
1200 *) Fix storage overlay when loading dsos. Symptom: Apache dies at
1201 initialization if ALLOC_DEBUG is defined; no known symptom
1202 otherwise. [Jeff Trawick]
1204 *) Fix typo in configure script when checking for mod_so. bash
1205 doesn't seem to have a problem but /bin/sh on Solaris does.
1206 Symptom: "./configure: test: unknown operator =="
1209 *) Rebind the Win32 NT and 9x services control into the MPM.
1210 All console, WinNT SCM and Win9x pseudo-service control code is
1211 now wrapped within the WinNT MPM.
1214 *) Make a copy of getenv("PATH") before storing for later use. Some
1215 getenv() implementations use the same storage for successive calls.
1216 CGIs on OS/390 had a bad PATH due to this. [Jeff Trawick]
1218 *) Server Tokens work in 2.0 again. This also propogates the change
1219 to allow just the product name in the server string using
1223 Changes with Apache 2.0a4
1225 *) EBCDIC: Rearrange calls to ap_checkconv() so that most handlers
1226 won't need to call it. [Greg Ames, Jeff Trawick]
1228 *) Move pre_config hook call to between configuration read and config
1229 tree walk. This allows all modules to implement pre_config hooks
1230 and know that they will be called at an appropriate time.
1233 *) mod_cgi, mod_cgid: Make ScriptLog directive work again.
1236 *) Add pre-config hooks back to all modules.
1239 *) Fix a SIGSEGV in ap_md5digest(), which is used when you have
1240 ContentDigest enabled and we can't/don't mmap the file.
1243 *) We now report the correct line number for syntax errors in config
1244 files. [Ryan Bloom, Greg Stein, Jeff Trawick]
1246 *) Brought mod_auth_digest up to synch with 1.3, fixed ap_time_t-
1247 related bugs, and changed shmem/locking to use apr API. Shared-mem
1248 is currently disabled, however, because of problems with graceful
1249 restarts. [Ronald Tschalär]
1251 *) Fix corruption of IFS variable in --with-module= handling.
1252 Depending on the user's shell or customization thereof, there
1253 would be errors generating ap_config_auto.h later in the configure
1254 procedure. [Jeff Trawick]
1256 *) mod_cgi: Restore logging of stderr from child process when ScriptLog
1257 isn't used (as in 1.3), except that on Unix it is now logged via
1258 ap_log_rerror() instead of by the child having STDERR_FILENO refer
1259 to the error log. [Greg Ames, Jeff Trawick]
1261 *) Add '-D' argument processing for run time configuration defines.
1264 *) Organize http_main.c as independent code, such that no code or
1265 global data is exported from it. WIN32 will dynamically link it
1266 to the server core, so this will prevent mutual dependency.
1269 *) Add separate dynamic linkage tags APR_EXPORT(), APR_EXPORT_NONSTD()
1270 and APR_VAR_EXPORT to correctly resolve apr functions and globals.
1273 *) Add Win9x service execution and Ctrl+C/Ctrl+Break/Shutdown handlers.
1274 [William Rowe, Jan Just Keijser <KEIJSERJJ@logica.com>]
1276 *) Add mod_charset_lite for configuring character set translation.
1279 *) Add '-n' option to htpasswd to make it print its user:pw record
1280 on stdout rather than having to frob a text file. [Ken Coar]
1282 *) Fix saferead. Basically, we flush the output buffer if a read on the
1286 *) APR: Add ap_xlate_get_sb() so that an app can find out whether or not
1287 a conversion is single-byte only. [Jeff Trawick]
1289 *) BEOS: ap_shutdown should return APR_SUCCESS or errno. Note that
1290 the BeOS 5.0 documentation says that shutdown doesn't work yet.
1293 *) Fix some minor errors where pid was being manipulated as an int
1294 instead of the portable pid_t. [Roy Fielding]
1296 *) Fix some error log prints that were printing the pointer to a
1297 structure rather than the pid within the structure.
1298 [Jeff Trawick, Roy Fielding]
1300 *) ab: Fix a command-line processing bug; track bad headers in
1301 err_response; support reading headers up to 2K.
1302 [Ask Bjoern Hansen <ask@valueclick.com>]
1304 *) Fix ap_resolve_env() so that it handles new function added in a prior
1305 alpha (see "Added the capability to do ${ENVVAR} constructs in the
1306 config file.") as well as the constructs used by mod_rewrite.
1307 [Paul Reder <rederpj@raleigh.ibm.com>]
1309 *) Apache 2.0 builds and runs on OS/390. [Jeff Trawick, Greg Ames]
1311 *) Change the EBCDIC support in functions for MD5, SHA1, and base 64 to use
1312 APR to perform translation, instead of accessing the hard-coded tables
1313 in 1.3's ebcdic.c. [Jeff Trawick]
1315 *) Fix some bugs (mostly lost 1.3 code) in ab's command-line processing.
1318 *) Add the ability to hook into the config file reading phase. Basically
1319 if a directive is specified EXEC_ON_READ, then when that directive is
1320 read from the config file, the assocaited function is executed. This
1321 should only be used for those directives that must muck with HOW the
1322 server INTERPRETS the config. This should not be used for directives
1323 that re-order or replace items in the config tree. Those changes should
1324 be made in the pre-config step.
1327 *) Add mod_example to the build system.
1330 *) APR: Add ap_xlate_conv_byte() to convert one char between single-
1331 byte character sets. [Jeff Trawick]
1333 *) Pick up various EBCDIC fixes from 1.3 (from Martin
1334 Kraemer and Oliver Reh originally according to the change log).
1337 *) Fix a couple of problems in RFC1413 support (controlled by the
1338 IdentityCheck directive). Apache did not build the request string
1339 properly and more importantly Apache would loop forever if the
1340 would-be ident server dropped the connection before sending a
1341 properly terminated response. [Jeff Trawick]
1343 *) apxs works in 2.0.
1346 *) Reliable piped logs work in 2.0.
1349 *) Introduce a hash table implementation into APR to be used for
1350 replacing tables and other random data structures in Apache.
1353 *) Add some more error reporting to htpasswd in the case of problems
1354 generating or accessing the temporary file. Also, pass in a
1355 buffer if the implementation knows how to use it (i.e., if L_tmpnam
1356 is defined). [Ken Coar]
1358 *) Configure creates config.nice now containing your configure
1359 options. Syntax: ./config.nice [--more-options]
1362 *) Fix various return code problems in APR on Win32. For most of
1363 these, APR was returning APR_EEXIST instead of GetLastError()/
1364 WSAGetLastError(). [Jeff Trawick]
1366 *) Make piped logs work again in version 2.0
1369 *) Add VPATH support to UNIX build system of Apache and APR.
1372 *) Fix ap_tokenize_to_argv to respect the const arguments that are
1376 *) Fix mm's memcpy/memset macros, pointer arithmetic was broken.
1377 Patch submitted to author.
1380 *) Fix mm configuration on Solaris 8 x86 and OS/390. Don't require
1381 /sbin in PATH on FreeBSD (all submitted to rse previously)
1384 *) Fix building Pthread-based MPMs on OpenBSD
1385 [Sascha Schumann] PR#26
1387 *) Fix ap_readdir() problem on systems where d_name[] field in
1388 struct dirent is declared with only one byte. (This problem only
1389 affected multithreaded builds.) This caused a segfault during
1390 pool cleanup with mod_autoindex on Solaris (Solaris 8 x86, at
1391 least). [Jeff Trawick]
1393 *) Fix some make-portability problems on at least Tru64, Irix
1395 [Sascha Schumann] PR#18, PR#39
1397 *) Add ap_sigwait() to support old-style sigwait() on systems
1398 like OS/390 and UnixWare.
1401 *) Add POSIX-thread flags for more platforms.
1404 *) Fix some minor bugs in ap_strerror(). Teach ap_strerror()
1405 (on Unix, at least) to handle resolver errors. Fix a bug in
1406 the definition of APR_ENOMEM so that ap_strerror() can spit
1407 out the correct error message for it.
1410 Changes with Apache 2.0a3
1412 *) mod_so reports ap_os_dso_error() if ap_dso_load() fails
1415 *) API: *HOOK* macros now have an AP_ prefix
1418 *) Win32: Eliminate redundant calls to initialize winsock.
1419 [Tim Costello <timcostello@ozemail.com.au>]
1421 *) Fix bugs initializing ungetchar for pipes.
1422 [Chia-liang Kao <clkao@CirX.ORG>]
1424 *) The ab program in the src/support directory is now portable using
1428 *) Support directory is being compiled when the server is built
1431 *) The configure option --with-program-name has been added to allow
1432 developers to rename the executable at configure time. This also
1433 changes the name of the config files to match the executable's name.
1436 *) mod_autoindex: Add `IndexOptions +VersionSort', to nicely sort filenames
1437 containing version numbers. [Martin Pool]
1439 *) ap_open(..,APR_OS_DEFAULT,..) uses perms 0666 instead of 0777 on
1440 Unix; access_log and error_log now created with these perms; non-
1441 Unix is unaffected [Jeff Trawick]
1443 *) Finished move of ap_md5 routines to apr_md5. Removed ap_md5.h.
1444 Replaced more magic numbers with MD5_DIGESTSIZE.
1445 [William Rowe, Roy Fielding]
1447 *) Win32: Get mod_auth_digest compiling and added to the Windows
1448 build environment. Not tested and I'd be suprised if it
1449 actually works. [Bill Stoddard]
1451 *) Revamp the Win32 make environment. Makefiles have been removed and
1452 Apache.dsw created to bring together all the pieces. Create new file
1453 os/win32/BaseAddr.ref to define module base addresses (to prevent
1454 dll relocation at start-up).
1455 [William Rowe, Greg Marr, Tim Costello, Bill Stoddard]
1457 *) [EBCDIC] Port Paul Gilmartin's CRLF patch from 1.3. This replaces most
1458 of the \015, \012, and \015\012 constants with macros.
1459 [Greg Ames <gregames@us.ibm.com>]
1461 *) Add ap_xlate_open() et al for translation of text between different
1462 character sets. The initial implementation requires iconv().
1465 *) More FAQs and answers from comp.infosystems.www.servers.unix.
1466 [Joshua Slive <slive@finance.commerce.ubc.ca>]
1468 *) CGI output is being timed out now.
1471 *) Fix the problem with dieing quietly. dupfile now takes a pool which
1472 is used by the new apr file. There is no reason to create a new file
1473 with the same lifetime as the original file.
1476 *) Win32: Attempt to eliminate dll relocation at start-up by specifying
1477 module base addresses. This will help shooting seg faults
1478 in the field. [William Rowe <wrowe@lnd.com>]
1480 *) Update Apache on Windows documentation. Add new document
1481 describing how to compile Apache on Windows.
1482 [William Rowe <wrowe@lnd.com>]
1484 *) ap_set_pipe_timeout(), ap_poll(), and APR_SO_TIMEOUT now take
1485 microseconds instead of seconds. Some storage leaks and other
1486 minor bugs in related code were fixed. [Jeff Trawick]
1488 *) Win32: First cut at getting mod_isapi working under 2.0
1489 [William Rowe <wrowe@lnd.com>]
1491 *) First stab at getting mod_auth_digest working under 2.0
1492 quick change summary:
1493 - moved the random byte generation (ap_generate_random_bytes) into APR
1494 - now uses ap_time_t
1495 - compiles and runs on linux
1497 [Brian Martin <bmartin@penguincomputing.com>]
1499 *) Win32: Move the space stripping of physical service names
1500 fix up from Apache 1.3. #include'ing "ap_mpm.h" fixes up an
1501 unresolved symbol. Add dependency checking to the
1502 CreateService call to ensure TCPIP and AFP (winsock) is started
1504 [William Rowe <wrowe@lnd.com>]
1506 *) Win32: Add code to perform latebinding on functions that may
1507 not exist on all levels of Windows where Apache runs. This
1508 is needed to allow Apache to start-up on Win95/98. All calls
1509 to non portable functions should be protected with
1510 ap_oslevel checks to prevent runtime segfaults.
1511 [William Rowe <wrowe@lnd.com>]
1513 *) Fix fallback default values for SHM_R and SHM_W [Martin Kraemer]
1515 *) Get lingering_close() working again. [Dean Gaudet, Jeff Trawick]
1517 *) Win32: Get non-blocking CGI pipe reads working under Windows NT.
1518 This addresses PR 1623. Still need to address timing out runaway
1519 CGI scripts. [Bill Stoddard]
1521 *) Win32: Make ap_stat Windows 95/98 friendly
1522 [William Rowe <wrowe@lnd.com>]
1524 *) Win32: Fix a bug in ap_get_oslevel which causes GetVersionEx() to
1525 always fail. Need to initialise the dwOSVersionInfoSize member of the
1526 OSVERSIONINFO struct before calling GetVersionEx, so GetVersionEx
1529 The patch also enhances ap_get_oslevel (and the associated enum) to
1530 handle selected service packs for NT4, and adds recognition for
1531 Windows 2000. This is useful, eg. if we can recognise NT4 SP2 then
1532 we can use ReadFileScatter and WriteFileGather in readwrite.c.
1533 [Tim Costello <Tim.Costello@BTFinancialgroup.com>]
1535 *) Get mod_rewrite building and running, and mod_status building for Win NT
1536 [Allan Edwards <ake@raleigh.ibm.com>]
1538 *) Patch to port mod_auth_db to the 2.0 api and also to support
1539 Berlekey DB 3.0. It works for me with both Berkeley DB 3.0.55 and
1540 2.7.7. It should work with version 1 as well but I haven't tested it.
1541 [Brian Martin <bmartin@penguincomputing.com>]
1543 *) Get APR DSO code working under Windows. Includes cross platform
1545 [Tim.Costello@BTFinancialgroup.com]
1547 *) Fix some of the Windows APR time functions.
1550 *) FAQ changes related to tidying up historical documents on the web site.
1551 [Joshua Slive <slive@finance.commerce.ubc.ca>]
1553 *) Move Windows DSO code into APR.
1556 *) Eliminate apr_win.h and apr_winconfig.h (and the ugly #ifdefs they cause).
1557 Now, apr.h and apr_config.h are generated from apr.hw and apr_config.hw
1558 at build time. At this point, the server will not compile on Windows because
1559 of the recent DSO commits. Fixing those next.
1560 [Bill Rowe & Bill Stoddard]
1562 *) Added error checking for file I/O APR routines.
1563 [Jon Travis <jtravis@covalent.net>]
1565 *) APR: Don't use the values of resolver error codes for the
1566 corresponding APR error codes. On Unix and Win32, return the
1567 proper APR error code after a resolver error. [Jeff Trawick]
1569 Changes with Apache 2.0a2
1571 *) Renamed the executable back to httpd on all platforms other
1575 *) Allow BeOS to survive restarts, log properly and a few
1576 small things it had problems with due to the way it setup
1577 users and groups. [David Reid]
1579 *) Get mod_rewrite working with APR locks
1580 [Paul Reder <rederpj@raleigh.ibm.com>]
1582 *) Actually remove the sempahore when the lock cleanup routine
1583 is called on BeOS. [David Reid]
1585 *) Clear hook registrations between reads of the config file.
1586 When DSOs are unloaded and re-loaded the old hook pointers may
1587 no longer be valid. This fix eliminates potential segfaults.
1588 [Allan Edwards <ake@raleigh.ibm.com>]
1590 *) Fix a problem with Sigfunc not being defined or bypassed
1591 if sigaction() wasn't found. [Jim Jagielski]
1593 *) Fix the locking mechanism on BSD variants. They now use fcntl
1594 locks. This allows the server to start and serve pages.
1597 *) First cut at getting the Win32 installer to work
1598 [William Rowe <wrowe@lnd.com>]
1600 *) Get htpasswd compiling under Windows
1601 [William Rowe <wrowe@lnd.com>]
1603 *) Change the log message for a bind() failure to show the
1604 interface and port number. [Jeff Trawick]
1606 *) Import the documentation from 1.3.12 and bring parts of it
1607 up-to-date with respect to the changes that have occurred
1611 *) BeOS MPM updated. CGI bug on BeOS fixed. IP addresses
1612 now logged correctly on BeOS.
1615 *) Create one makefile for all Win32 distributions (NT/2000/95/98).
1616 Makefile.win includes the same user interface as the old
1618 [William Rowe <wrowe@lnd.com>, Jeff Trawick <trawick@us.ibm.com>]
1620 *) Win32 exec now uses COMSPEC environment string for command
1621 shell path resolution.
1622 [William Rowe <wrowe@lnd.com>] PR#3715
1624 *) Win32: ap_connect() was not returning correct error condition
1626 [Allen Prescott <allen@clanprescott.com>]
1628 *) Win32: ap_open() was broken on Win9x because an NT-specific
1629 flag was passed to CreateFile. ap_puts() added an unnecessary
1631 [Jeff Trawick <trawick@us.ibm.com>]
1633 *) Put in Korean and Norwegian index.html pages (2.0 and 1.3)
1634 which where donated by Lee Kuk Hyun and Lorant Czaran. 'Fixed'
1635 confusing ee/et name and made all extensions language/dialect
1636 rather than country reflecting. Changed example files to
1637 explicit reflect the ISO charset and added a few common
1638 ones to the example config [dirkx]
1640 *) Extend external module capability. To use this, you call
1641 configure with --with-module=path/to/mod1,path/to/mod2,etc.
1644 *) Backported the various "default charset" fixes from 1.3.12,
1645 including the AddDefaultCharset directive. [Jim Jagielski]
1647 *) Added the capability to do ${ENVVAR} constructs in the
1648 config file. E.g. 'ServerAdmin ${POSTMASTER}'. As commited
1649 it does this on a line by line basis; i.e. if the envvar
1650 expands to something with spaces you have to protect it
1651 by adding quotes around it (Unless of course you expect it
1652 to contains more than one argument. Alternatively you
1653 can compile it on a per token basis; which is what people
1654 usually expect by setting RESOLVE_ENV_PER_TOKEN. But this
1655 hampers fancier hacks.
1656 [Dirk-Willem van Gulik]
1658 *) Changed the 'ErrorDocument' syntax in that it NO longer
1659 supports the asymetric
1661 ErrorDocument 301 "Some message
1663 Note the opening " quote, without a closing quote. It now
1664 has either the following syntaxes
1666 ErrorDocument XXX /local/uri
1667 ErrorDocument XXX http://valid/url
1668 ErrorDocument XXX "Some Message"
1670 The recognition heuristic is: if it has a space it
1671 is a message. If it has no spaces and starts with a /
1672 or is a valid URL then treat it that way. Otherwise it
1673 is assumed to be a message.
1675 This breaks backward compatibility but makes live a hell
1676 of a lot easier for GUI's and config file parsers.
1677 [Dirk-Willem van Gulik]
1679 *) Changed 'CacheNegotiatedDocs' from its present/not-present
1680 syntax into a 'on' or 'off' syntax. As it currently is the
1681 only non nesting token which uses NO_ARGS and thus is an
1682 absolute pain for any config interface automation. This
1683 breaks backward compatibility. [Dirk-Willem van Gulik]
1685 *) Add ability to add external modules to the build process. This is
1686 done with --with-module=/path/to/module. Modules can only be added
1687 as static modules at this point.
1690 Changes with Apache 2.0a1
1692 *) Fix FreeBSD 3.3 core dump.
1693 Basically, ap_initialize() needs to get called before
1694 create_process(), since create_process() passes op_on structure
1695 to semop() to get a lock, but op_on isn't initialized until
1696 ap_initialize() calls setup_lock(). Here is a slight
1697 rearrangement to main() which calls ap_initialize() earlier...
1698 [Jeff Trawick <trawick@us.ibm.com>]
1700 *) Enable Apache to use sendfile/TransmitFile API
1701 [Bill Stoddard, David Reid, Paul Reder]
1703 *) Re-Implement Win32 APR network I/O APIs and most of the file I/O
1707 *) Make file I/O and network I/O writev/sendv APIs consistent.
1708 Eliminate use of ap_iovec_t and use Posix struct iovec.
1709 Use seperate variable on ap_writev to set the number of iovecs
1710 passed in and number of bytes written.
1713 *) Adapt file iol to use APR functions. Replaced ap_open_file()
1714 with ap_create_file_iol(). ap_create_file_iol() requires that
1715 the file be opened prior to the call using ap_open().
1718 *) Port mod_include and mod_cgi to 2.0
1719 [Paul Reder, Bill Stoddard]
1721 *) ap_send{,v}, ap_recv, ap_sendfile API clarification --
1722 bytes_read/bytes_written is always valid (never -1). Plus
1723 some fixes to buff.c to correct problems introduced by the
1724 errno => ap_status_t changes a while back. Plus a fix to
1725 chunked encoding introduced right at the beginning of 2.0.
1728 *) Revamped UNIX build system to use autoconf and libtool.
1729 [Manoj Kasichainula, Sascha Schumann]
1731 *) port mod_rewrite to 2.0. [Paul J. Reder <rederpj@raleigh.ibm.com>]
1733 *) More rigorous checking of Host: headers to fix security problems
1734 with mass name-based virtual hosting (whether using mod_rewrite
1735 or mod_vhost_alias).
1736 [Ben Hyde, Tony Finch]
1738 *) Add back support for UseCanonicalName in <Directory> containers.
1739 [Manoj Kasichainula]
1741 *) Added APLOG_STARTUP log type. This allows us to write an error
1742 message without any of the date and time information. As a part
1743 of this change, I also removed all of the calls to fprintf(stderr
1744 and replaced them with calls to ap_log_error using APLOG_STARTUP
1745 writing to stderr is no longer portable, because we don't direct
1746 stderr to the error log on all platforms.
1749 *) Convert error logging functions to take errno as an argument.
1750 This makes our error logs more portable, because some Windows API's
1751 don't set errno. This change allows us to still output a valid
1752 message on all of our platforms.
1755 *) mod_mime_magic runs in 2.0-dev now.
1756 [Paul Reder <rederpj@raleigh.ibm.com>]
1758 *) sendfile has been added to APR.
1759 [John Zedlewski <zedlwski@Princeton.EDU>]
1761 *) buff.c has been converted to no longer use errno.
1762 [Manoj Kasichainula]
1764 *) mod_speling runs in 2.0-dev now: a bug in readdir_r handling and
1765 interface adaption to APR functions did it. [Martin Kraemer]
1767 *) Support DSOs properly on 32-bit HP-UX 11.0
1768 [Dilip Khandekar <dilip@cup.hp.com>]
1770 *) Updated MM in APR source tree from version 1.0.8 to 1.0.11
1771 [Ralf S. Engelschall]
1773 *) Cleaned APR build environment integration and bootstrap APR
1774 automatically for developers from src/Configure.
1775 [Ralf S. Engelschall]
1777 *) Fixed building of src/support/htpasswd.c
1778 [Ralf S. Engelschall]
1780 *) When generating the Location: header, mod_speling forgot
1781 to escape the spelling-fixed uri. (Forw-Port from 1.3)
1784 *) Moved mod_auth_digest.c from experimental to standard. [Roy Fielding]
1786 *) Change all pools to APR contexts. This is the first step to
1787 incorporating APR into Apache. [Ryan Bloom]
1789 *) Move "handler not found" warning message to below the check
1790 for a wildcard handler. [Dirk <dirkm@teleport.com>, Roy Fielding]
1791 PR#2584, PR#2751, PR#3349, PR#3436, PR#3548, PR#4384, PR#4795, PR#4807
1793 *) Support line-continuation feature in config.option file and
1794 allow the loading of multiple option sections at once via
1795 ``--with-option=<section1>,<section2>,...''
1796 [Ralf S. Engelschall]
1798 *) Rebuilt CVS repository with Apache 1.3.9 as basis. [Roy Fielding]
1800 Changes with Apache MPM
1802 *) Use asynchronous AcceptEx() and a completion port to accept and
1803 dispatch connections to threads in Windows NT/2000.
1806 *) Implement WINNT Win32 MPM from original Win32 code in http_main.c
1809 *) Implement the APACI --with-option facility
1810 (per default used the config.option file).
1811 [Ralf S. Engelschall]
1813 *) MPM BEOS port. [David Reid <abb37@dial.pipex.com>]
1815 *) Start to implement module-defined hooks that are a) fast and b) typesafe.
1816 Replace pre_connection module call with a register_hook call and
1817 implement pre_connection as a hook. The intent is that these hooks will
1818 be extended to allow Apache to be multi-protocol, and also to allow the
1819 calling order to be specified on a per-hook/per-module basis.
1822 *) Implement mpm_* methods as "modules". Each method gets its own
1823 subdir in src/modules (eg: src/modules/prefork). Selection
1824 of method uses Rule MPM_METHOD. [Jim Jagielski]
1826 *) Port the hybrid server from the apache-apr repository as
1827 mpm_mpmt_pthread. [Manoj Kasichainula]
1829 *) os/unix/unixd.[ch]: detach, setuid, setgid, stuff which will be common
1830 amongst the unix MPMs.
1832 *) mpm_prefork: throw away all the alarm/timeout crud; and clean up the
1833 signal handling for the new world order. [Dean Gaudet]
1835 *) Crude ap_thread_mutex abstraction so that we get the pthread stuff out
1836 of alloc.c for now. [Dean Gaudet]
1838 *) Handle partial large writes correctly. [Ben Laurie]
1840 *) Eliminate conn_rec's pointer to server. All it knows is the base server
1841 based on IP/port. [Ben Laurie]
1843 *) Port a bunch of modules to the new module structure.
1844 ["Michael H. Voase" <mvoase@midcoast.com.au>]
1846 *) I/O layering and BUFF revamp. See docs/buff.txt. [Dean Gaudet]
1848 *) Basic restructuring to introduce the MPM concept; includes various
1849 changes to the module API... better described by
1850 docs/initial_blurb.txt. [Dean Gaudet]
1852 Changes with Apache pthreads
1854 *) New buff option added: BO_TIMEOUT. It describes the timeout for
1855 buff operations (generally over a network).
1856 [Dean Gaudet, Ryan Bloom, Manoj Kasichainula]
1858 *) Created http_accept abstraction. Added 4 new functions (not exported):
1859 init_accept(), begin_accepting_requests(), get_request(),
1860 stop_accepting_requests() [Bill Stoddard]
1862 *) Fix to ap_rprintf call that allows mod_info to work properly.
1863 [James Morris <jmorris@intercode.com.au>]
1865 *) user and ap_auth_type fields were moved from connection_rec to
1866 request_rec. [Ryan Bloom]
1868 *) Removed the ap_block_alarms and ap_unblock_alarm calls. These aren't
1869 needed in a threaded server.
1871 *) Initial pthread implementation from from Dean's apache-nspr code.
1872 [Bill Stoddard, Ryan Bloom]
1875 Changes with Apache 1.3.9
1877 *) Remove bogus error message when a redirect doesn't set Location.
1878 Instead, use an empty string to avoid coredump if the error message
1879 was supposed to include a location. [Roy Fielding]
1881 *) Don't allow configure to include mod_auth_digest unless it is
1882 explicitly requested, even if the user asked for all modules.
1885 *) Translate module names to dll names for OS/2 so that they are no more
1886 than 8 characters long and have an extension of "dll" instead of "so".
1889 *) Print out pointer to Rule DEV_RANDOM when truerand lib not found.
1890 Fix test-compile check to check for randbyte instead of trand32.
1891 Use ap_base64encode_binary/decode instead of copy in mod_auth_digest.c
1892 and tweak to make Amaya happier. [Ronald Tschalär]
1894 *) Ensure that the installed expat include files are world readable,
1895 just like the other header files. [Martin Kraemer]
1897 *) Fixed generated AddModule adjustments in APACI's `configure' script
1898 in order to allow (new) modules like mod_vhost_alias to be handled
1899 correctly (which was touched by the adjustments for mod_alias).
1900 [Ralf S. Engelschall]
1902 *) For binary builds, add -R flag to apachectl to work around the lack of
1903 an absolute path to the ./libexec directory where the libhttp.ep file
1904 is needed for SHARED_CORE architectures. [Randy Terbush]
1906 *) WIN32: Create the CGI script process as DETACHED. This may solve the
1907 problem observed by some Win95/98 users where they get CGI script
1908 output sent to the console. [Bill Stoddard]
1910 *) Fix (re)naming in the uuencode/decode section. The ap/ap_
1911 routines are now called ap_base64* and are 'plain' (i.e., no
1912 pool access or anything clever). Inside util.c the routines acting
1913 like pstrdup are called ap_pbase64encode() and ap_pbase64decode().
1914 The oddly named ap_uuencode(), ap_uudecode() are kept around for
1915 now but deprecated. [dirkx]
1917 *) Clean up the base64 and SHA1 additions and make sure they are
1918 represented in the ApacheCore.def, ApacheCoreOS2.def, and httpd.exp
1919 files. [Roy Fielding]
1921 *) WIN32: Migrate to InstallShield 5.5 and provide a bit more error
1922 checking. Allow compiling on VS 6.0. [Randy Terbush]
1924 *) Fixed assumption of absolute paths in binbuild.sh. [Tony Finch]
1926 *) Use TestCompile to search for the truerand library (rather than blindly
1927 assuming its existence). If it is not found, complain (but do not
1928 exit - yet). [Martin Kraemer]
1930 *) We forgot to add the new exported function names to
1931 src/support/httpd.exp. [Bill Stoddard, Randy Terbush]
1933 *) Add description of -T command-line option to usage().
1934 [Ralf S. Engelschall]
1936 *) For "some" platforms (notably, EBCDIC based ones), libos needs to be
1937 searched only AFTER libap has been searched, because libap needs
1938 some symbols from libos. [Martin Kraemer]
1940 *) Fix conflict with original mod_digest related to the symbol of the
1941 module dispatch list (which has to be unique for DSO and follow the
1942 usual conventions for the installation procedure).
1943 [Ralf S. Engelschall]
1945 *) Add a dbm-library check for the "usual places" (-ldbm, -lndbm, -ldb)
1946 for other platforms as well. [Martin Kraemer]
1948 *) Make ap_sha1.c compile for EBCDIC platforms: replace remaining LONG
1949 types by AP_LONG and replace reference to renamed variable 'ubuf'
1950 by 'buffer'. [Martin Kraemer]
1952 Changes with Apache 1.3.8 [not released]
1954 *) Flush the output buffer immediately after sending an error or redirect
1955 response, since the result may be needed by the client to abort a
1956 long data transfer or restart a series of pipelined requests.
1957 [Tom Vaughan <tvaughan@aventail.com>, Roy Fielding]
1959 *) PORT: Improved compilation and DSO support on Sequent DYNIX/ptx.
1960 [Ian Turner <iant@sequent.com>] PR#4735
1962 *) Local struct mmap in http_core.c conflicted with system structure
1963 name on DYNIX -- changed to mmap_rec. [Roy Fielding] PR#4735
1965 *) Added updated mod_digest as modules/experimental/mod_auth_digest.
1966 [Ronald Tschalär <ronald@innovation.ch>]
1968 *) Fix a memory leak where the module counts were getting messed
1969 up across restarts. [David Harris <dharris@drh.net>]
1971 *) CIDR addresses such as a.b.c.d/24 where d != 0 weren't handled
1972 properly in mod_access.
1973 ["Paul J. Reder" <rederpj@raleigh.ibm.com>] PR#4770
1975 *) RewriteLock/RewriteMap didn't work properly with virtual hosts.
1976 [Dmitry Khrustalev <dima@bog.msu.su>] PR#3874
1978 *) PORT: Support for compaq/tandem/com.
1979 [Michael Ottati <michael.ottati@compaq.com>, dirkx]
1981 *) Added SHA1 password encryption support to easy migration from
1982 Netscape servers. See support/SHA1 for more information.
1983 Caused the separation of ap_md5.c into md5, sha1 and a general
1984 ap_checkpass.c with just a validate_passwd routine. Added a
1985 couple of flags to support/htpasswd. Some reuse of the to64()
1986 function; hence renamed to ap_to64().
1987 [Dirk-Willem van Gulik, Clinton Wong <clintdw@netcom.com>]
1989 *) Change for EBCDIC platforms (TPF and BS2000) to correctly deal
1990 with ASCII/EBCDIC conversions in "ident" query.
1991 [David McCreedy <McCreedy@us.ibm.com>]
1993 *) Get rid of redefinition warning on MAC_OS_X_SERVER platform.
1994 Change "Power Macintosh" to Power* so if uname prints "Power Book"
1995 we're still happy on Rhapsody platforms. [Wilfredo Sanchez]
1997 *) Fix SIGSEGV on some systems because the Vary fix below included
1998 a call to table_do with a variable argument list that was not
1999 NULL terminated. Replaced with better implementation. [Roy Fielding]
2001 Changes with Apache 1.3.7 [not released]
2003 *) The "Vary" response header field is now sanitised right before
2004 the header is sent back to the client. Multiple "Vary" fields
2005 are combined, and duplicate tokens (e.g., "Vary: host, host" or
2006 "Vary: host, negotiate, host, accept-language") are reduced to
2007 single instances. This is a better solution than the force-no-vary
2008 one (which is still valid for clients that can't cope with Vary
2009 at all). PR#3118 [Dean Gaudet, Roy Fielding, Ken Coar]
2011 *) Portability changes for BeOS. [David Reid abb37@dial.pipex.com]
2013 *) Link DSO's with "gcc -shared" instead of "ld -Bshareable" at
2014 least on Linux and FreeBSD for now.
2017 *) Win32: More apache -k restart work. Restarts are now honored
2018 immediately and connections in the listen queue are -not- lost.
2019 This is made possible by the use of the WSADuplicateSocket()
2020 call. The listeners are opened in the parent, duplicated, then
2021 the duplicates are passed to the child. The original listen sockets
2022 are not closed by the parent across a restart, thus the listen queue
2024 [Bill Stoddard <stoddard@raleigh.ibm.com>]
2026 *) Fix handling of case when a client has sent "Expect: 100-continue"
2027 and we are going to respond with an error, but get stuck waiting to
2028 discard the body in the pointless hope of preserving the connection.
2029 [Roy Fielding, Joe Orton <jeo101@york.ac.uk>] PR#4499, PR#3806
2031 *) Fix 'configure' to work correctly with SysV-based versions of
2032 'tr' (consistent with Configure's use as well). [Jim Jagielski]
2034 *) apxs: Add "-S var=val" option which allows for override of CFG_*
2035 built-in values. Add "-e" option which works like -i but doesn't
2036 install the DSO; useful for editing httpd.conf with apxs. Fix
2037 editing code so that multiple invocations of apxs -a will not
2038 create duplicate LoadModule/AddModule entries; apxs can now be
2039 used to re- enable/disable a module. [Wilfredo Sanchez]
2041 *) Win32: Update the server to use Winsock 2. Specifically, link with
2042 ws2_32.lib rather than wsock32.lib. This gives us access to
2043 WSADuplcateSocket() in addition to some other enhanced comm APIs.
2044 Win 95 users may need to update their TCP/IP stack to pick up
2045 Winsock 2. (See http://www.microsoft.com/windows95/downloads/)
2046 [Bill Stoddard stoddard@raleigh.ibm.com]
2048 *) Win32: Redirect CGI script stderr (script debug info) into the
2049 error.log when CGI scripts fail. This makes Apache on Win32
2050 behave more like Unix.
2051 [Bill Stoddard stoddard@raleigh.ibm.com]
2053 *) Fixed `httpd' usage display: -D was missing.
2054 [Ralf S. Engelschall] PR#4614
2056 *) Fix `make r' test procedure in src/regex/: ap_isprint was not found.
2057 [Ralf S. Engelschall] PR#4561, PR#4562
2059 *) OS/2: Fix problem with accept lock semaphores where server would die with
2060 "OS2SEM: Error 105 getting accept lock. Exiting!"
2061 [Brian Havard] PR#4505
2063 *) Add DSO support for DGUX 4.x using gcc. Tested on x86 platforms.
2064 [Randy Terbush <randy@covalent.net>]
2066 *) Add the new mass-vhost module (mod_vhost_alias.c) developed and
2067 used by Demon Internet, Ltd. [Tony Finch <fanf@demon.net>]
2069 *) Better GCC detection for DSO flags under Solaris 2 where the `cc'
2070 command potentially _is_ GCC. [Ralf S. Engelschall]
2072 *) Fix apxs build issues on AIX
2073 [Rasmus Lerdorf <rasmus@raleigh.ibm.com>]
2075 *) DocumentRoot Checking: Under previous versions, when Apache
2076 first started up, it used to do a stat of each DocumentRoot to
2077 see if it existed and was a directory. If not, then an error
2078 message was printed. THIS HAS BEEN DISABLED. If DocumentRoot
2079 does not exist, you will get error messages in error_log. If
2080 the '-t' command line option is used (to check the configuration)
2081 the check of DocumentRoot IS performed. An additional command
2082 line option, '-T', has been added if you want to avoid the
2083 DocumentRoot check even when checking the configuration.
2086 *) Win32: The query switch "apache -S" didn't exit after showing the
2087 vhost settings. That was inconsistent with the other query functions.
2088 [Bill Stoddard - Fixed by Martin on Unix in 1.3.4]
2090 *) Win32: Changed behaviour of apache -k restart.
2091 Previously, the server would drain all connections in the stack's
2092 listen queue before honoring the restart. On a busy server, this
2093 could take hours. Now, a restart is honored almost immediately.
2094 All connections in Apache's queues are handled but connections in
2095 the stack's listen queue are discarded. Restart triggered by
2096 MaxRequestPerChild is unchanged.
2097 [Bill Stoddard <stoddard@raleigh.ibm.com>]
2099 *) Win32: Eliminated unnecessary call to wait_for_multiple_objects in
2100 the accept loop. Good for a 5% performance boost. Cleaned up
2101 parent/child process management code.
2102 [Bill Stoddard <stoddard@raleigh.ibm.com>]
2104 *) Added ceiling on file size for memory mapped files.
2105 [John Giannandrea <jg@meer.net>] PR#4122
2107 *) Fix ndbm.h include problems with brain-dead glibc >= 2.1 which
2108 has ndbm.h in a non-standard db1/ subdir. PR#4431, PR#4528
2109 [Henri Gomez <gomez@slib.fr>, Ralf S. Engelschall]
2111 *) Determine AP_BYTE_ORDER for ap_config_auto.h and already
2112 use this at least for Expat. [Ralf S. Engelschall]
2114 *) Allow .module files to specify libraries with Lib:.
2117 *) Allow SetEnvIf[NoCase] to test environment variables as well
2118 as header fields and request attributes. [Ken Coar]
2120 *) Fix mod_autoindex's handling of ScanHTMLTitles when file
2121 content-types are "text/html;parameters". PR#4524 [Ken Coar]
2123 *) Remove "mxb" support from mod_negotiation -- it was a draft feature
2124 never accepted into any standard, and it opens up certain DoS
2125 attacks. [Koen Holtman <Koen.Holtman@cern.ch>]
2127 *) TestCompile updated. We can now run programs and output the
2128 results during the Configure process. [ Jim Jagielski]
2130 *) The source is now quad (long long) aware as needed. Specifically,
2131 the Configure process determines the correct size of off_t and
2132 *void. When the OS/platform/compiler supports quads, ap_snprintf()
2133 provides for the 'q' format qualifier (if quads are not available,
2134 'q' is silently "demoted" to long). [Jim Jagielski]
2136 *) When the username or password fed to htpasswd is too long, include the
2137 size limit in the error message. Also report illegal characters
2138 (currently only ':') in the username. Add the size restrictions
2139 to the man page. [Ken Coar]
2141 *) Fixed the configure --without-support option so it doesn't result in
2142 an infinite loop. [Marc Slemko]
2144 *) Piped error logs could cause a segfault if an error occured
2145 during configuration after a restart.
2146 [Aidan Cully <aidan@panix.com>] PR#4456
2148 *) If a "Location" field was stored in r->err_headers_out rather
2149 than r->headers_out, redirect processing wouldn't find it and
2150 the server would core dump on ap_escape_html(NULL). Check both
2151 tables and raise HTTP_INTERNAL_SERVER_ERROR with a log message
2152 if Location isn't set. [Doug MacEachern, Ken Coar]
2154 *) Add RULE_EXPAT, the src/lib/ directory structure, and a modified copy
2155 of the Expat 1.0.2 distribution. [Greg Stein]
2157 *) Replace regexec() calls with calls to a new API stub function
2158 ap_regexec(). This solves problems with DSO modules which use the regex
2159 library. [Jens-Uwe Mager <jum@helios.de>, Ralf S. Engelschall]
2161 *) Add 'Request_Protocol' special keyword to mod_setenvif so that
2162 environment variables can be set according to the protocol version
2163 (e.g., HTTP/0.9 or HTTP/1.1) of the request. [Ken Coar]
2165 *) Add DSO support for OpenStep (Mach 4.2) platform.
2166 [Ralf S. Engelschall, Rex Dieter <rdieter@math.unl.edu>] PR#3997
2168 *) Fix sed regex for generating ap_config_auto.h in src/Configure.
2169 [Jan Gallo <gallo@pvt.sk>] PR#3690, PR#4373
2171 *) Switch to /bin/sh5 in APACI on Ultrix and friends to avoid problems with
2172 their brain-dead /bin/sh. [Ralf S. Engelschall] PR#4372
2174 *) Better DSO flags recognition on NetBSD platforms using ELF.
2175 [Todd Vierling <tv@pobox.com>] PR#4310
2177 *) Always log months in english format for %t in mod_log_config.
2178 [Petr Lampa <lampa@fee.vutbr.cz>] PR#4366, 679
2180 *) Support for server-parsed and multiview-determined ReadmeName and
2181 HeaderName files in mod_autoindex. Removed the restriction on
2182 "/"s in ReadmeName and HeaderName directives since the *sub_req*
2183 routines will deal with the access issues. (It's now possible to
2184 have {site|group|project|customer|...} wide readmes and headers.)
2185 [Raymond S Brand <rsbx@rsbx.net>, Ken Coar] PR#1574, 3026, 3529,
2188 *) When stat() fails, don't assume anything about the contents of
2189 the struct stat. [Ed Korthof <ed@bitmechanic.com>]
2191 *) It's OK for a semop to return EINTR, just loop around and try
2192 again. [Dean Gaudet]
2194 *) Fix configuration engine re-entrant hangups, which solve a
2195 handful of problems seen with mod_perl <Perl> configuration sections
2196 [Salvador Ortiz Garcia <sog@msg.com.mx>]
2198 *) Mac OS and Mac OS X Server now use the appropriate custom layout
2199 by default when building with APACI; allow for platform-specific
2200 variable defaults in configure. [Wilfredo Sanchez]
2202 *) Do setgid() before initgroups() in http_main; some platforms
2203 zap the grouplist when setgid() is called. This was fixed in
2204 suexec earlier, but the main httpd code missed the change.
2205 [Rob Saccoccio <robs@InfiniteTechnology.com>] PR#2579
2207 *) Add recognition of .tgz as a gzipped tarchive.
2208 [Bertrand de Singly <bertrand.de-singly@polytechnique.fr>] PR#2364
2210 *) mod_include's fsize/flastmod should allow only relative paths, just
2211 like "include file". [Jaroslav Benkovsky <benkovsk@pha.pvt.cz>]
2213 *) OS/2: Add support for building loadable modules using DLLs.
2216 *) Add iconsdir, htdocsdir, and cgidir to config.layout.
2219 *) Fix minor but annoying bug with the test for Configuration.tmpl
2220 being newer than Configuration so that it is less likely to fail
2221 when using APACI and shadow sources. [Wilfredo Sanchez]
2223 *) PORT: Add initial support for Mac OS (versions 10.0 and
2224 greater). Use Mac OS X Server layout for now. Clean up dyld code
2225 in unix/os.c, and don't install the dyld error handlers, which
2226 are no longer needed in Mac OS. [Wilfredo Sanchez]
2228 *) Rename Rhapsody layout to "Mac OS X Server". Change install
2229 locations to appropriate ones for user-built (as opposed to
2230 system) installs. [Wilfredo Sanchez]
2232 *) Modify mod_autoindex's handling of AddDescription so that the
2233 behaviour matches the documentation. [Ken Coar] PR#1898, 3072.
2235 *) Add functionality to the install-bindist.sh script created by
2236 binbuild.sh to use tar when copying distribution files to the
2237 serverroot. This allows upgrading an existing installation
2238 without nesting the new distribution in the old.
2240 install-bindist.sh now detects the local perl5 path to install
2241 apxs and dbmmanage with proper path to perl interpreter.
2243 Add an install-binsupport target which copies the source files
2244 for apxs and dbmmanage to bindist to allow these scripts to
2245 be properly installed relative to the destination serverroot.
2246 [Randy Terbush, Covalent Technologies, randy@covalent.net]
2248 *) Fix intermittent SEGV in ap_proxy_cache_error() in
2249 src/modules/proxy_util.c where a NULL filepointer and
2250 temporary filename were closed and unlinked.
2251 [Graham Leggett <minfrin@sharp.fm>,
2252 Tim Costello <tjcostel@socs.uts.edu.au>] PR#3178
2254 *) Fix inconsistent error messages reported by mod_proxy.
2255 [Graham Leggett <minfrin@sharp.fm>]
2257 *) OS/2: Fix terminating CGIs that aren't compiled by EMX GCC when a
2258 connection is aborted. [Brian Havard]
2260 *) Force the LANG envariable to the known state of "C" so that we
2261 have assurance about how string manipulators (e.g., tr) will
2262 function. [Ken Coar] PR#1630
2264 *) Add a directive to allow customising of the tracking cookie name.
2265 [Ken Coar] PR#2921, 4303
2267 *) Add "force-no-vary" envariable to allow servers to work around
2268 clients that choke on "Vary" fields in the response header.
2269 [Ken Coar, Dmitry Khrustalev <dima@zippy.machaon.ru>] PR#4118
2271 *) Fixed a bug in mod_dir that causes a child process will infinitely
2272 recurse when it attemps to handle a request for a directory wnd the
2273 value of the DirectoryIndex directive is a single dot. Also likely
2274 to happen for anyother values of DirectoryIndex that will map back
2275 to the same directory. The handler now only considers regular files
2276 as being index candidates. No PR#s found.
2277 [Raymond S Brand <rsbx@rsbx.net>]
2279 *) Ease configuration debugging by making TestCompile fall back to
2280 using "make" if the $MAKE variable is unset [Martin Kraemer]
2282 *) Fixed the ServerSignature directive to work as documented.
2283 [Raymond S Brand <rsbx@rsbx.net>] PR#4248
2285 *) Add "opt" (SysV-style) layout to config.layout. [Raymond S Brand
2288 *) Add APACI --without-execstrip option which can be used to disable the
2289 stripping of executables on installation. This is very important for DSO
2290 and debugging situations. [Ralf S. Engelschall]
2292 *) Add support for OS/2 (case insenstive filesystem, .exe suffix, etc)
2293 to APACI files and related scripts.
2294 [Yitzchak Scott-Thoennes <sthoenna@efn.org>, Ralf S. Engelschall] PR#4269
2296 *) Add support for standalone mode in TPF
2297 [Joe Moenich <moenich@us.ibm.com>]
2299 *) Fix number of bytes copied by read_connection() in src/support/ab.c
2300 [Jim Cox <jc@superlink.net>] PR#4271
2302 *) Fix special RewriteCond "-s" pattern matching.
2303 [Bob Finch <bob@nas.com>]
2305 *) Fix value quoting in src/Configure script for ap_config_auto.h
2306 [Paul Sutton <paul@awe.com>]
2308 *) Make sure RewriteLock can be used only in the global context, (i.e.
2309 outside of any <VirtualHost> sections) because it's a global facility of
2310 the rewrite engine. [Ralf S. Engelschall]
2312 *) Fix the ownership delegation for proxy directory under `make install'.
2313 [Ralf S. Engelschall]
2315 *) APACI would not correctly build suexec. [Maria Verina
2316 <mariav@icgeb.trieste.it>] PR#4260
2318 *) mod_mime_magic passed only the first 4k of a file to
2319 uncompress/gzip, but those tools sometimes do not produce
2320 any output unless a sufficient portion of the compressed
2321 file is input. Change to pass the entire file -- but
2322 only read 4k of output.
2323 [Marcin Cieslak <saper@system.pl>] PR#4097
2325 *) "IndexOptions None" generated extra spaces at the end of each
2326 line. [inkling@firstnethou.com] PR#3770
2328 *) The "100 Continue" response wasn't being sent after internal
2329 redirects. [Jose KAHAN <kahan@w3.org>] PR#3910, 3806, 3575
2331 *) When padding the name with spaces for display, mod_autoindex would
2332 count &, <, and > in their escaped width, messing up the display.
2333 [Dean Gaudet] PR#4075, 3758
2335 *) PORT: fixed a compilation problem on NEXT.
2336 [Jacques Distler <distler@golem.ph.utexas.edu>] PR#4130
2338 *) r->request_time wasn't being set properly in certain error conditions.
2339 [Dean Gaudet] PR#4156
2341 *) PORT: deal with UTS compiler error in http_protocol.c
2342 [Dave Dykstra <dwd@bell-labs.com>] PR#4189
2344 *) Add ap_vrprintf() function. [John Tobey <jtobey@banta-im.com>] PR#4246
2346 *) Fix the mod_mime hash table to work properly with locales other
2347 than C. [Dean Gaudet] PR#3427
2349 *) Fix a memory leak which is exacerbated by certain configurations.
2350 [Dean Gaudet] PR#4225
2352 *) Prevent clobbering saved IFS values in APACI. [Jim Jagielski]
2354 *) Fix buffer overflows in ap_uuencode and ap_uudecode pointed out
2355 by "Peter 'Luna' Altberg <peter@altberg.nu>" and PR#3422
2356 [Peter 'Luna' Altberg <peter@altberg.nu>, Ronald Tschalär]
2358 *) Make {Set,Unset,Pass}Env per-directory instead of per-server.
2361 *) Correct an apparent typo: on the Windows and MPE platforms, the
2362 htpasswd utility was limiting passwords to only 8 characters.
2365 *) EBCDIC platforms: David submitted patches for two bugs in the
2366 MD5 digest port for EBCDIC machines:
2367 a) the htdigest utility overwrote the old contents of the digest file
2368 b) the Content-MD5 header value (ContentDigest directive) was wrong
2369 when the returned file was not converted from EBCDIC, but was a
2370 binary (e.g., image file) in the first place.
2371 [David McCreedy <mccreedy@us.ibm.com>]
2373 *) support/htpasswd now permits the password to be specified on the
2374 command line with the '-b' switch. This is useful when passwords
2375 need to be maintained by scripts -- particularly in the Win32
2376 environment. [Ken Coar]
2378 *) Win32: Win32 multiple services patch. Added capability to install and
2379 run multiple copies of apache as individual services.
2382 apache -n apache1 -i -f c:/httpd.conf
2383 Installs apache as service 'apache1' and associates c:/httpd.conf
2386 Starts apache1 service.
2388 Stops apache1 service
2391 apache -n apache2 -i
2392 Installs apache as service 'apache2'. httpd.conf is located under
2393 the default server root (/apache/conf/httpd.conf).
2395 Starts apache2 service.
2398 apache -n apache3 -i -d c:/program files/apache
2399 Install apache as service 'apache3' and sets server root to
2400 c:/program files/apache.
2403 apache -n apache2 -k restart
2404 Restart apache2 service
2406 [Keith Wannamaker, Ken Parzygnat, Bill Stoddard]
2408 *) Correct the signed/unsigned character handling for the MD5 routines;
2409 mismatches were causing compilation problems with gcc -pedantic and
2410 in the TPF cross-compilation. [Ken Coar]
2412 *) OS/2: Rework CGI handling to use spawn*() instead of fork/exec, achieving
2413 a roughly 5 fold speed up. [Brian Havard]
2415 *) proxy ftp: instead of using the hardwired string "text/plain" as
2416 a fallback type for files served by the ftp proxy, use the
2417 ap_default_type() function to determine the configured type.
2418 This allows for special configurations like
2419 <Directory proxy:ftp://some.host>
2420 DefaultType gargle/blurb
2422 Additionally, add the Content-Encoding: header to FTP proxy replies
2423 when the encoding is defined (by the AddEncoding directive).
2424 Because it was missing, it was almost impossible to browse compressed
2425 files using the FTP proxy (works now perfectly in Communicator).
2426 The ftp proxy now also returns the Date: and Server: header lines (if not
2427 much else... This code is "somewhat" broken) like normal requests do.
2430 *) Be more smart in APACI's configure script when determining the UID/GID
2431 for User/Group directives and use the determined UID/GID to initialize
2432 the permissions on the proxycachedir.
2433 [Dirk-Willem van Gulik, Ralf S. Engelschall]
2435 *) Changed the forking-prior-to-cleanup in the proxy module to first
2436 check wether it actually needs to collect garbage. This reduces
2437 the number of fork()s from one/request to just the odd one an hour.
2438 [Dirk-Willem van Gulik]
2440 *) Added proxy, auth and header support to src/support/ab.c. Added a
2441 README file to src/support/
2442 [Dirk-Willem van Gulik]
2444 *) Don't hard-code the path to AWK in --shadow bootstrapping Makefile.
2445 [Ralf S. Engelschall] PR#4050
2447 *) Add support for DSO module compilation on BSD/OS 3.x.
2448 [Randy Terbush, Covalent Technologies]
2450 *) Fix sed-substitutions in `make install': path elements like `httpd/conf'
2451 (for instance from an APACI configure --sysconfdir=/etc/httpd/conf
2452 option) were substituted with $(TARGET).conf, etc. Same for other strings
2453 with dots where the dot wasn't matched as plain text.
2454 [Ralf S. Engelschall]
2456 *) PORT: Add support for FreeBSD 4.x [Ralf S. Engelschall]
2458 *) Fix verbose output of APACI configure (option -v)
2459 [Martin Kraemer, Ralf S. Engelschall]
2461 Changes with Apache 1.3.6
2463 *) Removed new PassAllEnv code due to DSO problems. [Lars Eilebrecht]
2465 Changes with Apache 1.3.5 [not released]
2467 *) M_INVALID needed a value within the scope of METHODS so that unknown
2468 methods can be access controlled. [Roy Fielding] PR#3821
2470 *) Added PassAllEnv; makes server's entire environment available
2471 to CGIs and SSIs executed within directive's scope. [Ken Coar]
2473 *) ap_uuencode() always added two trailing '='s and encoding of
2474 8 bit characters on a machine with signed char may produced
2475 incorrect results. Additionally ap_uuencode() should now
2476 work correctly on EBCDIC platforms.
2477 [Ronald Tschalär <ronald@innovation.ch>] PR#3411
2479 *) WIN32: Binary installer now runs the configuration DLL before
2480 the reboot prompt (which is only given if MSVCRT.DLL system
2481 DLL is new or updated). This should avoid the configuration
2482 directory being empty after installation. [Paul Sutton]
2483 PR#3767, 3800, 3827, 3850, 3900, 3953, 3988
2485 *) WIN32: Binary installer now creates Start menu options to start
2486 and stop Apache as a console application and to uninstall
2487 the Apache service on NT. [Paul Sutton] PR#3741
2489 *) WIN32: Apache.exe now contains an icon. [Paul Sutton]
2491 *) PORT: Switch back to using fcntl() locking on Linux -- instabilities
2492 have been reported with flock() locking (probably related to kernel
2493 version). [Dean Gaudet] PR#2723, 3531
2495 *) Using APACI, the main config file (usually httpd.conf) was
2496 not being adjusted as $(TARGET).conf. [Wilfredo Sanchez
2497 <wsanchez@apple.com>]
2499 *) PORT: AIX does not require the SHARED_CODE "hack"
2500 [Ryan Bloom <rbb@raleigh.ibm.com>]
2502 *) Set-Cookie headers were being doubled up for some CGIs by the O(n^2)
2503 avoidance code added in 1.3.3.
2504 [Dean Gaudet, Jeff Lewis <lewis@stanford.edu>] PR#3872
2506 *) ap_isxdigit was somehow neglected when adding the ap_isfoo() macros
2507 for 8-bit safeness. [Dean Gaudet]
2509 *) PORT: Use -fPIC instead of -fpic on Solaris and SunOS for compiling DSOs
2510 because SPARCs have a small machine-specific maximum size for the Global
2511 Offset Table which is often exceeded when compiling one of the larger
2512 third-party modules with Apache. [Peter Urban <Peter.Urban@epfl.ch>] PR#3977
2514 *) Move the directive `ExtendedStatus' in httpd.conf-dist-win _after_ the
2515 DSO/DLL section because it's a directive from mod_status and isn't
2516 available before the DLL of mod_status is loaded.
2517 [Martin POESCHL <mpoeschl@gmx.net>] PR#3936
2519 *) SECURITY: Fix a bug in the calculation of the buffer size for the line
2520 continuation facility in Apache's configuration files which could
2521 lead to a buffer overflow situation.
2522 [Thomas Devanneaux <Thomas.Devanneaux@enst.fr>] PR#3617
2524 *) Make documentation and error messages of APACI's --activate-module=FILE
2525 option more clear. [Jan Wolter <janc@wwnet.net>] PR#3995
2527 *) Fix the gcc version check (for enabling the `inline' facility) to
2528 really support all future gcc versions >= 2.7 until we know more.
2529 [John Tobey <jtobey@banta-im.com>] PR#3983
2531 *) Let APACI's configure script correctly complain for unknown --enable-XXX
2532 and --disable-XXX options. [Ralf S. Engelschall] PR#3958
2534 *) Link the shared core bootstrap program (``Rule SHARED_CORE=yes'') also
2535 against libap.a and use its ap_snprintf() instead of sprintf() to avoid
2536 possible buffer overflows. [Ralf S. Engelschall]
2538 *) Remove no longer used non-API function ap_single_module_init().
2539 [Ralf S. Engelschall]
2541 *) Add Apple's Mac OS X Server Layout "Rhapsody" to config.layout.
2544 *) Add cgidir, htdocsdir, iconsdir variables to Makefile.tmpl in order
2545 to make platform installations easier. [Wilfredo Sanchez]
2547 *) In configure, do not append the target name to the directory path if
2548 the path already contains "apache". [Ralf S. Engelschall]
2550 *) SIGPIPE is now ignored by the server core. The request write routines
2551 (ap_rputc, ap_rputs, ap_rvputs, ap_rwrite, ap_rprintf, ap_rflush) now
2552 correctly check for output errors and mark the connection as aborted.
2553 Replaced many direct (unchecked) calls to ap_b* routines with the
2554 analogous ap_r* calls. [Roy Fielding]
2556 *) Enhanced mod_rewrite's mapfile handling: The in-core cache for text and
2557 DBM format mapfiles now uses a 4-way hash table with LRU functionality.
2558 Furthermore map lookups for non-existent keys are now cached as well.
2559 Additionally "txt" maps are now parsed with simple string functions
2560 instead of using ap_pregcomp(). As a side effect a bug that prevented
2561 the usage of keys containing the "," character was fixed.
2562 The changes drastically improve the performance when large rewrite maps
2564 [Michael van Elst <mlelstv@serpens.swb.de>, Lars Eilebrecht] PR#3160
2566 *) Added ap_sub_req_method_uri() for doing a subrequest with a method
2567 other than GET, and const'd the definition of method in request_rec.
2570 *) Use proper pid_t type for saving PIDs in alloc.c. [John Bley]
2572 *) Replaced use of WIN32 define with HAVE_DRIVE_LETTERS to indicate
2573 when the OS allows a DOS drive letter within pathnames. [Brian Havard]
2575 *) Add %V to mod_log_config, this logs the hostname according to the
2576 UseCanonicalName setting (this is the pre-1.3.4 behaviour of
2577 %v). Useful for mass vhosting. [Tony Finch <dot@dotat.at>]
2579 *) Add support for \n and \t to mod_log_config, can be used to produce
2580 more reliable logs with multiline entries. [Tony Finch <dot@dotat.at>]
2582 *) Fixed a few compiler nits. [John Bley <jbb6@acpub.duke.edu>]
2584 *) Added informative error messages for failed munmap() and fseek() calls
2585 in http_core.c. [John Bley, Roy Fielding]
2587 *) Added some informative error messages for some failed malloc()
2588 calls. [John Bley <jbb6@acpub.duke.edu>, Jim Jagielski]
2590 *) OS/2 ap_os_canonical_filename()'s behaviour is improved: ap_assert()
2591 is removed. This allows <Directory proxy:*> directives to work and
2592 prevents invalid requests from killing the process.
2593 [Brian Havard <brianh@kheldar.apana.org.au>]
2595 *) Reorganised FAQ document.
2596 [Joshua Slive <slive@finance.commerce.ubc.ca>] PR#2497
2598 *) src/support/: The ApacheBench benchmark program was overhauled by
2599 David N. Welton: you can now have it generate an HTML TABLE, presumably
2600 for integration into other HTML sources. David updated the ab man page
2601 as well and added some missing descriptions. Thanks!
2602 [David N. Welton <davidw@prosa.it>]
2604 *) Win32: The filename validity checker now allows filenames containing
2605 characters in the range 0x80 to 0xff (for example accented characters).
2606 [Paul Sutton] PR#3890
2608 *) Added conditional logging based upon environment variables to
2609 mod_log_config. mod_log_referer and mod_log_agent
2610 are now deprecated. [Ken Coar]
2612 *) Allow apache acting as a proxy server to relay the real
2613 reason of a failure to a client rather than the "internal
2614 server error" it does currently. The general exposure mechanism
2615 can be triggered by any module by setting the "verbose-error-to"
2616 note to "*"; this allows more than just proxy errors to be exposed.
2617 [Cliff Skolnick, Roy Fielding, Martin Kraemer] Related to PR#3455, 4086
2619 *) Moved man pages for ab and apachectrl to section 8.
2620 [Wilfredo Sanchez, Roy Fielding]
2622 *) Added -S option to install.sh so that options can be passed to
2623 strip on some platforms. [Ralf S. Engelschall, Wilfredo Sanchez]
2625 *) Tweak modules Makefile generated by Configure so that it handles
2626 the test case of no modules being selected. [chaz@reliant.com]
2628 *) Added a <LimitExcept method ...> sectioning directive that allows
2629 the user to assign authentication control to any HTTP method that
2630 is *not* given in the argument list; i.e., the logical negation
2631 of the <Limit> directive. This is particularly useful for controlling
2632 access on methods unknown to the Apache core, but perhaps known by
2633 some module or CGI script. [Roy Fielding, Tony Finch]
2635 *) Prevent apachectl from complaining if the PIDFILE exists but
2636 does not contain a process id, as might occur if the server is
2637 being rapidly restarted. [Wilfredo Sanchez]
2639 *) Win32: Add global symbols missing from ApacheCore.def. [Carl Olsen]
2641 *) Entity tag comparisons for If-Match and If-None-Match were not being
2642 performed correctly -- weak tags might cause false positives. Also,
2643 strong comparison wasn't properly enforced in all cases.
2644 [Roy Fielding, Ken Coar, Dean Gaudet] PR#2065, 3657
2646 *) OS/2: Supply OS/2 error code instead of errno on semaphore errors.
2649 *) Work around a bug in Lynx regarding its sending "Negotiate: trans"
2650 even though it doesn't understand TCN. [Koen Holtman, Roy Fielding]
2652 *) Added ap_size_list_item(), ap_get_list_item(), and ap_find_list_item()
2653 to util.c for parsing an HTTP header field value to extract the next
2654 list item, taking into account the possible presence of nested comments,
2655 quoted-pairs, and quoted-strings. ap_get_list_item() also removes
2656 insignificant whitespace and lowercases non-quoted tokens.
2657 [Roy Fielding] PR#2065
2659 *) proxy: The various calls to ap_proxyerror() can return HTTP/1.1 status
2660 code different from 500. This allows the proxy to, e.g., return
2661 "403 Forbidden" for ProxyBlock'ed URL's. [Martin Kraemer] Related to PR#3455
2663 *) Fix ordering of language variants for the case where the traditional
2664 negotiation algorithm is being used with multiple language variants
2665 and no Accept-Language. [James Treacy <treacy@debian.org>] PR#3299, 3688
2667 *) Do not round the TCN quality calculation to 5 decimal places,
2668 unlike RFC 2296, because the calculation might need 12 decimal places
2669 to get the right result. [Roy Fielding]
2671 *) Remove unused code to disable transparent negotiation when
2672 negotiating on encoding only, as we now handle encoding too
2673 (though this is nonstandard for TCN), remove charset=ISO-8859-1
2674 fiddle from the fiddle-averse RVSA comparison, and fix bugs in
2675 some debugging statements within mod_negotiation. [Koen Holtman]
2677 *) Fixed a rare memory corruption possibility in mod_dir if the index
2678 file is negotiable and no acceptable variant can be found.
2679 [Dean Gaudet, Roy Fielding, Martin Kraemer]
2681 *) Win32: Add new config directive, ScriptInterpreterSource, to enable
2682 searching the Win32 registry for script interpreters.
2685 *) Win32: The compiled-in default filename for the error log is now
2686 error.log, which matches the default in the distributed httpd.conf.
2689 *) Win32: Any error messages from -i or -u command line options are now
2690 displayed on the console output rather than sent to the error log.
2691 Also the "Running Apache..." message is not output unless Apache is
2692 going to serve requests. [Paul Sutton]
2694 *) Rework the MD5 authentication scheme to use FreeBSD's algorithm,
2695 and use a private significator ('$apr1$') to mark passwords as
2696 being smashed with our own algorithm. Also abstract the password
2697 checking into a new ap_validate_password() routine. [Ken Coar]
2699 *) Win32: The filename validity checker now allows "COM" but refuses
2700 access to "COM1" through "COM4". This allows filenames such
2701 as "com.name" to be served. [Paul Sutton] PR#3769.
2703 *) BS2000: Adapt to the new ufork() system call interface which will
2704 make subtasking easier on the OSD/POSIX mainframe environment.
2707 *) Add a compatibility define for escape_uri() -> ap_escape_uri() to
2708 ap_compat.h. [David White <david@persimmon.com>] PR#3725
2710 *) Make NDBM file suffix determination for mod_rewrite more accurate, i.e.
2711 use `.db' instead of `.pag' not only for FreeBSD, but also when
2712 the NDBM library looks like Berkeley-DB based.
2713 [Ralf S. Engelschall] PR#3773
2715 *) Add ability to handle DES or MD5 authentication passwords.
2716 [Ryan Bloom <rbb@Raleigh.IBM.Com>]
2718 *) Fix O(n^2) memory consumption in mod_speling. [Dean Gaudet]
2720 *) SECURITY: Avoid some buffer overflow problems when escaping
2721 quoted strings. (This overflow was on the heap and we believe
2722 impossible to exploit.) [Rick Perry <perry@ece.vill.edu>]
2724 *) Let src/Configure be aware of CFLAGS options starting with plus
2725 signs as it's the case for the HP/UX compiler.
2726 [Doug Yatcilla <yatcilda@umdnj.edu>] PR#3681
2728 *) Remove the hard-wire of TAR=tar (we now check for gtar and gnutar first)
2729 and check to see if the tar we wind up with supports '-h'.
2730 [Jim Jagielski] PR#3671
2732 *) A consistent and conservative style for all shell scripts has been
2733 implemented. Basically, all shell string tests use the traditional
2734 hack of 'if [ "x$var" != "x" ]' or 'if [ "x$var" = "xstring" ]'
2735 to protect against bare null variable strings (ie: wrapping both
2736 sides with double quotes and prepending 'x'). 'x' was chosen
2737 because it's more universal and hopefully easier for old shell
2738 prgrammers, as well as being easier to search for in 'vi' (/x\$) :)
2741 *) The status module now prints out both the main server generation as
2742 well as the generation of each process. Also, the vhost info is
2743 printed with '?notable'. [Jim Jagielski]
2745 *) Move src/main/md5c.c to src/ap/ap_md5c.c; it's httpd-neutral
2746 and this makes its functions available to things in src/support.
2749 Changes with Apache 1.3.4
2751 *) Renamed macros status_drops_connection to ap_status_drops_connection
2752 and vestigial scan_script_header to ap_scan_script_header_err,
2753 mostly for aesthetic reasons. [Roy Fielding]
2755 *) The query switch "httpd -S" didn't exit after showing the
2756 vhost settings. That was inconsistent with the other query functions.
2759 *) Moved the MODULE_MAGIC_COOKIE from before the versions and
2760 filename to the end of the STANDARD_MODULE_STUFF. Its
2761 presence at the beginning prevented reporting of the filename
2762 for modules compiled before 1 January 1999. [Ken Coar]
2764 *) SECURITY: ap_os_is_filename_valid() has been added to Win32
2765 to detect and prevent access to special DOS device file names.
2766 [Paul Sutton, Ken Parzygnat]
2768 *) WIN32: Created new makefiles Makefile_win32.txt (normal build)
2769 and Makefile_win32_debug.txt (debug build) that work on Win95.
2770 Run each of the following from the src directory:
2771 nmake /f Makefile_win32.txt # compiles normal build
2772 nmake /f Makefile_win32.txt install # compiles and installs
2773 nmake /f Makefile_win32.txt clean # removes compiled junk
2774 nmake /f Makefile_win32_debug.txt # compiles debug build
2775 nmake /f Makefile_win32_debug.txt install
2776 nmake /f Makefile_win32_debug.txt clean
2779 *) Added binbuild.sh and findprg.sh helpers to make it easier for us
2780 to build binary distributions. [Lars Eilebrecht]
2782 *) IndexOptions SuppressColumnSorting only turned off making
2783 the column headers anchors; you could still change the display
2784 order by manually adding a '?N=A' or similar query string to the
2785 URL. Now SuppressColumnSorting locks in the sort order so
2786 it can't be overridden this way. [Ken Coar]
2788 *) Added IndexOrderDefault directive to supply a default sort order
2789 for FancyIndexed directory listings. [Ken Coar] PR#1699
2791 *) Change the ap_assert macro to a variant that works on all platforms.
2792 [Richard Prinz <richard.prinz@cso.net>] PR#2575
2794 *) Make sure under ELF-based NetBSD (now) and OpenBSD (future) we don't
2795 search for an underscore on dlsym() (as it's already the case
2796 for FreeBSD 3.0). [Todd Vierling <tv@pobox.com>] PR#2462
2798 *) Small fix for mod_env.html: The module was documented as to be _not_
2799 compiled into Apache per default, although it _IS_ compiled into
2800 Apache per default. [Sim Harbert <sim@mindspring.com>] PR#3572
2802 *) Instead of fixing a bug in the generation procedure for config.status (a
2803 backslash was missing) we remove the bug together with it's complete
2804 context because the special cases of the past can now no longer occur
2805 because of the recent magic for the --with-layout default.
2806 [Ralf S. Engelschall] PR#3590
2808 *) Make top-level Makefile aware of a parallel build procedures (make -j) by
2809 making sure the src/support/ tools are _forced_ to be build last (they
2810 depend on other libraries).
2811 [Markus Theissinger <markus.theissinger@gmx.de>]
2813 *) Fix installation procedure: Now that os-inline.c is actually used (a
2814 recently fixed bug prevented this) we need to also install os-include.c
2815 in addition to os.h into the PREFIX/include/ location or building of
2816 module DSOs with APXS fails. [Ralf S. Engelschall] PR#3527
2818 *) Added MODULE_MAGIC_COOKIE as the first field in a module structure to
2819 allow us to distinguish between a garbled DSO (or even a file which isn't
2820 an Apache module DSO at all) and a DSO which doesn't match the current
2821 Apache API. [Ralf S. Engelschall] PR#3152
2823 *) Two minor enhancements to mod_rewrite: First RewriteRule now also
2824 supports the ``nocase|NC'' flag (as RewriteCond already does for ages) to
2825 match case insensitive (this especially avoids nasty patterns like
2826 `[tT][eE][sS][tT]'). Second two additional internal map functions
2827 `escape' and `unescape' were added which can be used to escape/unescape
2828 to/from hex-encodings in URLs parts (this is especially useful in
2829 combination with map lookups).
2830 [Magnus Bodin, Ian Kallen, Ralf S. Engelschall]
2832 *) Renamed the macro escape_uri() to ap_escape_uri() which was
2833 forgotten (because it was a macro) in the symbol renaming process.
2834 [Ralf S. Engelschall]
2836 *) Fix some inconsistencies related to the scopes of directives. The only
2837 user visible change is that the directives `UseCanonicalName' and
2838 `ContentDigest' now use the (more correct) `Options' scope instead of
2839 (less correct) `AuthConfig' scope. [Ralf S. Engelschall]
2841 *) Using DSO, the Server token was being mangled. Specifically, the
2842 module's token was being added first before the Apache token. This
2843 has been fixed. [Jim Jagielski]
2845 *) Major overhaul of mod_negotiation.c, part 2.
2846 - properly handle "identity" within Accept-Encoding.
2847 - allow encoded variants in RVSA negotiation and let them appear in
2848 the Alternates field using the non-standard "encoding" tag-list.
2849 - fixed both negotiation algorithms so that an explicitly accepted
2850 encoding is preferred over no encoding if "identity" is not
2851 included within Accept-Encoding.
2852 - added ap_array_pstrcat() to alloc.c for efficient concatenation
2853 of large substring sequences.
2854 - replaced O(n^2) memory hogs in mod_negotiation with ap_array_pstrcat.
2857 *) Major overhaul of mod_negotiation.c, part 1.
2858 - cleanups to mod_negotiation comments and code structure
2859 - made compliant with HTTP/1.1 proposed standard (rfc2068) and added
2860 support for everything in the upcoming HTTP/1.1
2861 revision (draft-ietf-http-v11-spec-rev-06.txt).
2862 - language tag matching also handles tags with more than 2
2864 - empty Accept, Accept-Language, Accept-Charset headers are
2865 processed correctly; previously an empty header would make all
2866 values acceptable instead of unacceptable.
2867 - allowed for q values in Accept-Encoding
2868 - added support for transparent content negotiation (rfc2295 and
2869 rfc2296) (though we do not implement all features in these drafts,
2870 e.g. no feature negotiation). Removed old experimental version.
2871 - implemented 'structured entity tags' for better cache correctness
2872 (structured entity tags ensure that caches which can deal with Vary
2873 will (eventually) be updated if the set of variants on the server
2875 - this involved adding a vlist_validator element to request_rec
2876 - this involved adding the ap_make_etag() function to the global API
2877 - modified guessing of charsets used by Apache negotiation algorithm
2878 to guess 'no charset' if the variant is not a text/* type
2879 - added code to sort multiviews variants into a canonical order so that
2880 negotiation results are consistent across backup/restores and mirrors
2881 - removed possibility of a type map file resolving to another type map
2882 file as its best variant
2883 [Koen Holtman, Roy Fielding, Lars Eilebrecht] PR#3451, 3299, 1987
2885 *) RFC2396 allows the syntax http://host:/path (with no port number)
2886 but the proxy disallowed it (ap_proxy_canon_netloc()).
2887 [David Kristol <dmk@bell-labs.com>] PR#3530
2889 *) When modules update/modify the file name in the configfile_t structure,
2890 syntax errors will report the updated name, not the original one.
2891 [Fabien Coelho <coelho@cri.ensmp.fr>] PR#3573
2893 *) Correct some filename case assumptions from WIN32 to
2894 CASE_BLIND_FILESYSTEM. [Brian Havard <brianh@kheldar.apana.org.au>]
2896 *) For %v log ServerName regardless of the UseCanonicalName
2897 setting (similarly for %p). [Dean Gaudet]
2899 *) Configure was initializing the variables $OSDIR, $INCDIR and $SHELL
2900 rather late (too late for some invocations of TestCompile).
2901 This improves the make environment available to TestCompile and
2902 the *.module scripts. [Martin Kraemer]
2904 *) The hashbang emulation code in ap_execve.c would interpret
2905 #!/hashbang/scripts correctly, but failed to fall back to a
2906 standard shell for scripts which did NOT start with #!
2907 Now SHELL_PATH is started in these cases. [Martin Kraemer]
2909 *) PORT: Added the Cyberguard V2 port [Richard Stagg <stagg@lentil.org>]
2912 *) Update APXS manual page: some -q option arguments were missing
2913 and another was incorrect. [Mark Anderson <mda@discerning.com>] PR#3553
2915 *) Cleanup the command line options: `-?' was documented to show
2916 the usage list but does it with an error because `?' is not a valid
2917 command. OTOH a lot of users expect `-h' to print such a usage list and
2918 instead are annoyed for ages by our huge unreadable list of directives.
2919 So we now changed the command line options this way:
2921 Intent: we need `-L' to be free, and `-R' for the DSO run-time path is
2922 very similar to the popular linker option.
2924 Intent: while -l gives the small list of modules, -L now gives the
2925 large list of directives implemented by these modules. This is also
2926 consistent with -v (short version info) and -V (large version info).
2928 Intent: it's now the expected option ;-)
2929 The manual page was adjusted accordingly.
2930 [Ralf S. Engelschall] PR#2714
2932 *) Fixed problem of fclose() on an unopened file in suexec if LOG_EXEC
2933 wasn't defined. [Rick Franchuk <rickf@transpect.net>]
2935 *) Removed recently introduced bugs and disfigurements in APACI:
2936 o fixed argument line processing: using $args was broken: It was not
2937 initialized and using args="$args $apc_option" and even args="$args
2938 \"$apc_option\"" fails in the second processing round for any arguments
2939 containing whitespaces. The only correct way is to use the construct
2940 "$@" (but not possible here) or iterate _both_ times over the implicit
2941 argument line (no argument to for-loop) which is what we now use.
2942 o make --with-layout=Apache the default without creating
2943 redundancy (copying the --with-layout block in the argument parsing
2944 loop). We achieve this by using the "$@" construct together with the
2945 `set' command to prepend --with-layout=Apache to the command line in
2946 case --with-layout is not used.
2947 o fixed auto-suffix handling now that config.layout exists.
2948 Paths which are auto-suffixed are marked with a trailing plus sign in
2949 config.layout and every path now can be marked this way (not only the
2950 four paths for which we do it currently). Additionally the suffix is
2951 no longer a static one. Instead it's now `/<target>' where <target> is
2952 the argument of the --target option or per default `httpd'.
2953 o allow also tabs (and only spaces) where we match whitespaces
2954 o various fixes and cleanups related to used shell coding style
2955 o made Jim happy by replacing `Written by' with `Initially written by' ;-)
2956 o trimmed output of --help to fit into 80 columns
2957 [Ralf S. Engelschall]
2959 *) Added two new core API functions, ap_single_module_configure() and
2960 ap_single_module_init(), which are now used by mod_so to configure a module
2961 after loading. [Ralf S. Engelschall]
2963 *) PORT: Add defines for USE_FLOCK_SERIALIZED_ACCEPT and
2964 SINGLE_LISTEN_UNSERIALIZED_ACCEPT to NetBSD/OpenBSD section
2965 of ap_config.h to allow serialized accept for multiport listens.
2966 [Roy Fielding, Curt Sampson] PR#3120
2968 *) PORT: Fixed a misplaced #endif for NetBSD/OpenBSD section
2969 of ap_config.h that would skip several defines if DEFAULT_GROUP
2970 was overridden. [Roy Fielding]
2972 *) PORT: The I86 version of DGUX has support for strncasecmp and
2973 strcasecmp, so allow it in ap_config.h. [Amiel Lee Yee] PR#3247
2975 *) Fix ordering of definitions in ap_config.h so that ap_inline is
2976 defined before it might be used. [Victor Khimenko]
2978 *) PORT: Add Dynamic Shared Object (DSO) support for BSDI (v4.0).
2979 [Tom Serkowski <tks@bsdi.com>] PR#3453
2981 *) Make generation of src/Configuration.apaci more robust: It failed to
2982 differenciate between modules when one module name was a postfix of
2983 another (e.g. cgi vs. fastcgi). We now check for mod_XXX, libXXX and even
2984 just XXX (think about totally non-standard names like "apache_ssl", too).
2985 [Ralf S. Engelschall] PR#3380
2987 *) In src/Configure remove the SERVER_SUBVERSION support (already deprecated
2988 since 1.3b7) and make whitespace handling more robust (it failed horrible
2989 when whitespaces were present in the arguments of -D options).
2990 [Ralf S. Engelschall] PR#3240
2992 *) Add APACI --shadow=DIR variant (in addition to --shadow). This now first
2993 creates an external package shadow tree in DIR before the local build
2994 shadow tree is generated under DIR. This way one can have the extracted
2995 Apache distribution tree read-only on NFS or CDROM and still build Apache
2996 from these sources. An automatically triggered VPATH-like mechanism is
2997 provided through the TOP variable, too.
2998 [Ralf S. Engelschall, Wilfredo Sanchez <wsanchez@apple.com>]
3000 *) Fix negotiation so that a Vary response header is correctly
3001 generated when, for a particular dimension, variants only vary
3002 in having or not having a value for that dimension. [Paul Sutton]
3004 *) Fix negotiation so that we prefer an encoded variant over an
3005 unencoded variant if the user-agent explicitly says it can
3006 accept that encoding. Previously we always preferred the unencoded
3008 [Paul Ausbeck <paula@alumni.cse.ucsc.edu>, Paul Sutton] PR#3447
3010 *) Fix APXS tool: query variables LIBS_SHLIB and TARGET were not recognized
3011 and the usage page was inconsistent with the functionality and manpage.
3012 [Ralf S. Engelschall]
3014 *) Allow special options -Wc,xxx and -Wl,xxx on APXS compile/link command.
3015 They can occur multiple times and their arguments (`xxx') are passed AS
3016 IS to the compiler/linker command. [Ralf S. Engelschall]
3018 *) Fixed possible (but harmless in practice) bug in the DBM lookup
3019 procedure of mod_rewrite: very long keys were truncated.
3020 [Ralf S. Engelschall]
3022 *) Added a generic --with-layout=[FILE:]ID option. ID here is a layout
3023 identifier, currently "Apache" and "GNU" are pre-defined in the file
3024 config.layout. Custom layouts are possible by using FILE:ID as the
3025 argument where the layout ID is taken from FILE.
3027 The config.layout file consists of <Layout ID>..</Layout> sections
3028 where inside those sections "path_variable: path_value" pairs can be
3029 specified. These lines are converted to path_variable='path_value'.
3031 *) Add a DefaultLanguage directive so that files missing a language
3032 extension (e.g., .fr, .de) can be labelled as being some other
3033 default language. DefaultLanguage can appear in <Directory> and
3034 <Files> containers as well as .htaccess files. [Paul Sutton]
3037 *) Fix TARGET configuration when configuring and installing using
3038 APACI configure. TARGET now defines the basename of the configuration
3039 file, startup script, manual page, etc. log_error_core() now reports
3040 the server binary name given by argv[0]. TARGET can now also be defined
3041 with --target=TARGET parameter passed to APACI configure.
3042 [Ralf Engelschall, Randy Terbush]
3044 *) mod_include.c:handle_perl() now properly tests for OPT_INCNOEXEC
3045 rather than OPT_INCLUDES [Rainer Schoepf <schoepf@uni-mainz.de>]
3047 *) ap_md5_binary() was using sprintf() rather than a table lookup
3048 to convert binary bytes to hex digits.
3049 [Ronald Tschalär <ronald@innovation.ch>] PR#3409
3051 *) Fix SEGV in TCN negotiation if no variants are acceptable.
3052 [Martin Plechsmid <plechsmi@karlin.mff.cuni.cz>] PR#1987
3054 *) API: ap_exists_config_define() function is now "public" [Doug MacEachern]
3056 *) Fix documentation of `Action' directive: It can activate a CGI script
3057 when either a handler or a MIME content type is triggered by the request.
3058 [Andrew Pimlott <pimlott@math.harvard.edu>] PR#3340
3060 *) Document the `add' command of `dbmmanage' in `dbmmanage.1' manpage.
3061 [David MacKenzie <djm@uu.net>] PR#3394
3063 *) Ignore a "ErrorDocument 401" directive with a full URL and write a
3064 notice to the error log. It is not possible to send a 401 response
3065 and a redirect at the same time. [Lars Eilebrecht]
3067 *) Fallback to native compilers for IRIX-32 platform. It seems that
3068 a gcc 2.8.1 compiled apache is logging client addresses with all
3069 bits set (255.255.255.255). This is the second such problem caused
3070 by gcc 2.8.1 compiler. The first being broken semaphore locking.
3073 *) Updated mime.types to reflect current Internet media types
3074 and include a URL to the registry.
3075 [Manoj Kasichainula, Roy Fielding] PR#2380, 2286, 2246
3077 *) SECURITY: Do a more complete check in mod_include to avoid
3078 an infinite loop of recursive SSI includes. [Marc Slemko] PR#3323
3080 *) Add APACI --suexec-docroot and --suexec-logfile options which can be
3081 used to set the document root directory (DOC_ROOT) and the suexec
3082 logfile (LOG_EXEC), respectively. Additionally the --layout option
3083 was changed to show more information about the suEXEC setup.
3084 [Lars Eilebrecht] PR#3316, 3357, 3361
3086 *) Added the last two WebDAV status codes of 424 (Failed Dependency)
3087 and 507 (Insufficient Storage) for use by third-party modules.
3090 *) Enabled all of the WebDAV method names for use by third-party
3091 modules, Limit, and Script directives. That includes PATCH,
3092 PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK.
3093 Improved mod_actions.c so that it can use any of the methods
3094 defined in httpd.h. Added ap_method_number_of(method) for
3095 getting the internal method number. [Roy Fielding]
3097 *) PORT: Add a port to the TPF OS. [Joe Moenich <moenich@us.ibm.com> and
3100 *) Fix problems with handling of UNC names (e.g., \\host\path)
3101 on Win32. [Ken Parzygnat <kparz@us.ibm.com>]
3103 *) Rework os_canonical_*() on Win32 so it's simpler, more
3104 robust, and works. [Ken Parzygnat <kparz@us.ibm.com>]
3105 PR#2555, 2915, 3064, 3232
3107 *) Work around incomplete implementation of strftime on Win32.
3108 [Manoj Kasichainula, Ken Parzygnat <kparz@us.ibm.com>]
3110 *) Move a typedef to fix compile problems on Linux with 1.x kernels.
3111 [Manoj Kasichainula] PR#3177
3113 *) PORT: Add a port to the Concurrent PowerMAX OS. [Tom Horsley
3114 <Tom.Horsley@mail.ccur.com>]
3116 *) WIN32: Log more explicit error messages if spawning an interpreted
3117 script failed, including the command line used to attempt to execute
3118 the interpreter and the Win32 error code returned. [Marc Slemko]
3120 *) Disable sending of error-notes on a 500 (Internal Server Error) response
3121 since it often includes file path info. Enable sending of error-notes
3122 on a 501 (Method Not Implemented). [Roy Fielding] PR#3173
3124 *) http_config.c would respond with 501 (Method Not Implemented) if a
3125 content type handler was specified but could not be found, which
3126 should have been a 500 response. Likewise, mod_proxy.c would responsd
3127 with a 501 if the URI scheme is unrecognized instead of the correct
3128 response of 403 (Forbidden). [Roy Fielding]
3130 *) SECURITY: Eliminate DoS attack when a bad URI path contains what
3131 looks like a printf format escape. [Marc Slemko, Studenten Net Twente]
3133 *) Fix in mod_autoindex: for files where the last modified time stamp was
3134 unavailable, an empty string was printed which was 2 bytes short.
3135 The size and description columns were therefore not aligned correctly.
3136 [Martin Kraemer] (no PR#)
3138 *) Update BS2000 OS code to work with recent versions. Starting with
3139 release A17, the child fork() must be replaced by a _rfork().
3140 (BS2000 only) [Martin Kraemer]
3142 *) Add the actual server_rec structure of the specific Vhost to the
3143 scoreboard file and avoid a string copy (as well as allow some
3144 further future enhancements). [Harrie Hazewinkel
3145 <harrie.hazewinkel@jrc.it>]
3147 *) Add APACI --permute-module=foo:bar option which can be used to
3148 on-the-fly/batch permute the order of two modules (mod_foo and mod_bar)
3149 in the Configuration[.apaci] file. Two special and important variants are
3150 supported for the option argument: first BEGIN:foo which permutes module
3151 mod_foo with the begin of the module list, i.e. it `moves' the module to
3152 the begin of the list (gives it lowest priority). And second foo:END
3153 which permutes mod_foo with the end of the module list, i.e. it `moves'
3154 the module to the end of the list (gives it highest priority).
3155 [Ralf S. Engelschall]
3157 *) Fix problem with 'apache -k shutdown' and startup event
3158 synchronisation (Win32). [Ken Parzygnat <kparz@raleigh.ibm.com>]
3161 *) The config parser wasn't correctly noticing a missing '>'
3162 on container start lines (e.g., it wouldn't spot
3163 "<Directory /" as a syntax error). [Ryan Bloom <rbbloom@us.ibm.com>]
3166 *) Add a 'RemoveHandler' directive which will selectively remove
3167 all handler associations for the specified file extensions.
3168 [Ryan Bloom <rbbloom@us.ibm.com>] PR#1799.
3170 *) Properly handle & allow "nul" and ".*/null" in AccessConfig and
3171 ResourceConfig directives on Win32. Also add a note to the effect
3172 of 'useless User directive ignored on Win32' to the errorlog if
3173 a User directive is encountered on Win32.
3174 [Ken Parzygnat <kparz@raleigh.ibm.com>] PR#2078, 2303.
3176 *) Fix multiple whitespace handling in imagemaps for mod_imap which was
3177 broken since Apache 1.3.1 where we took out compressing of multiple
3178 spaces in ap_cfg_getline().
3179 [Ivan Richwalski <ivan@seppuku.net>] PR#3249
3181 *) Fix Berkeley-DB/2.x support in mod_auth_db: The data structures were not
3182 initialized correctly and the db_open() call used an invalid mode
3183 parameter. [Ron Klatchko <ron@ckm.ucsf.edu>] PR#3171
3185 *) PORT: DSO support for UnixWare 7
3186 [Ralf S. Engelschall, Ron Record <rr@sco.com>]
3188 *) Merge the contents of the {srm,access}.conf-dist* files into the
3189 httpd.conf-dist* files. The srm and access files now contain
3190 only comments, and httpd.conf has all the combined contents in
3191 a rational order. [Ken Coar]
3193 *) PORT: DSO/ELF support for FreeBSD 3.0.
3194 [Ralf S. Engelschall, Dirk Froemberg <ibex@physik.TU-Berlin.DE>]
3196 *) Add a "default-handler" handler that calls the default_hander()
3197 function which is normally called for static content. This allows
3198 you to override a specific handler. [Marc Slemko]
3200 *) Further simplify checking for absolute paths by replacing an
3201 hard-coded syntax check with a call to a routine we already created to
3202 do this. [Ken Parzygnat <kparz@raleigh.ibm.com>] PR#2976, 3074
3204 *) Log an error if we encounter a malformed "require" directive
3205 in mod_auth if we know that we know that no other module can
3206 deal with it. [Marc Slemko]
3208 *) Remove ap_private_extern method of hiding conflicting symbols
3209 on the NEXT platform because it is not correct for all versions,
3210 and the versions for which it is correct are unknown.
3211 [Wilfredo Sanchez <wsanchez@apple.com>]
3213 *) Fix inheritance of IndexOptions NameWidth and remove unintended
3214 restriction on +NameWidth, +IconHeight, and +IconWidth. [Ken Coar]
3216 *) Fix per-directory config merging for cases in which a 500 error
3217 is encountered in an .htaccess file somewhere down the tree.
3220 *) Minor performance improvement to ap_escape_html(). [Roy Fielding]
3222 *) Fixed a segmentation violation in mod_proxy when a response is
3223 non-cachable. [Roy Fielding, traced by Doug Bloebaum]. PR#2950, 3056
3225 Changes with Apache 1.3.3
3227 *) Added a complete implementation of the Expect header field as
3228 specified in rev-05 of HTTP/1.1. Disabled the 100 Continue
3229 response when we already know the final status, which is mighty
3230 useful for PUT responses that result in 302 or 401. [Roy Fielding]
3232 *) Remove extra trailing whitespace from the getline results as part
3233 of the protocol processing, which is extra nice because it works
3234 between continuation lines, is almost no cost in the normal case
3235 of no extra whitespace, and saves memory. [Roy Fielding]
3237 *) Added new HTTP status codes and default response bodies from the
3238 revised HTTP/1.1 (307, 416, 417), WebDAV (102, 207, 422, 423), and
3239 HTTP Extension Framework (510) specifications. Did not add the
3240 WebDAV 424 and 425 codes because they are bogus. We don't use any
3241 of these codes yet, but they are now available to 3rd-party modules.
3244 *) Fix a possible race condition between timed-out requests and the
3245 ap_bhalfduplex select that might result in an infinite loop on
3246 platforms that do not validate the descriptor. [Roy Fielding]
3248 *) WIN32: Add "-k shutdown" and "-k restart" options to signal a
3249 running Apache server [Paul Sutton]
3251 *) Fix mod_autoindex bug where directories got a size of "0k" instead
3252 of "-". [Martin Plechsmid <plechsmi@karlin.mff.cuni.cz>, Marc Slemko]
3255 *) PORT: DRS 6000 machine. [Paul Debleecker <pdebleecker@jetair.be>]
3257 *) Add the server signature text (from the core ServerSignature directive)
3258 to the list of envariables available to scripts, SSI, and the like.
3261 *) PORT: Fix sys/resource.h handling for SCO 3.x platform.
3262 [M. Laak <maert@proinv.ee>] PR#3108
3264 *) Fallback from sysconf-based to plain HZ-based `ticks per second'
3265 calculation in mod_status for all systems which don't have POSIX
3266 sysconf() (like UTS 2.1) and not only for the NEXT platform.
3267 [Dave Dykstra <dwd@bell-labs.com>] PR#3055
3269 *) Fix `require ...' directive parsing in mod_auth, mod_auth_dbm and
3270 mod_auth_db by using ap_getword_white() (which uses ap_isspace())
3271 instead of ap_getword(..., ' ') (which parses only according to spaces
3272 but not tabs). [James Morris <jmorris@intercode.com.au>,
3273 Ralf S. Engelschall] PR#3105
3275 *) Fix the SERVER_NAME variable under sub-request situations (where
3276 `UseCanonicalName off' is used) like CGI's called from SSI pages or
3277 RewriteCond variables by adopting r->hostname to sub-requests.
3278 [James Grinter <jrg@blodwen.demon.co.uk>] PR#3111
3280 *) Fix stderr redirection under syslog-based error logging situation.
3281 [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#3095
3283 *) Document `ErrorLog syslog:facility' variant of error logging.
3284 [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#3096
3286 *) Fix http://localhost/ hints in top-level INSTALL document.
3287 [Rob Jenson <robjen@spotch.com>, Ralf S. Engelschall] PR#3088
3289 *) Quote paths in default configuration files. [Wilfredo Sanchez]
3291 *) PORT: Remove extra HAVE_SYS_RESOURCE_H define for RHAPSODY since
3292 it is now taken care of properly by the header file tests.
3293 [Wilfredo Sanchez <wsanchez@apple.com>]
3295 *) Fix problem with scripts and filehandle inheritance on Win32.
3296 [Ken Parzygnat <kparz@raleigh.ibm.com>] PR#2884, 2910
3298 *) Win32 name canonicalisation could end up using the server's
3299 working directory to fill in some blanks. [Ken Parzygnat
3300 <kparz@raleigh.ibm.com>] PR#3001
3302 *) Correct invalid assumption by ap_sub_req_lookup_file() that all
3303 absolute paths begin with "/" -- because they don't on Win32.
3304 [Ken Parzygnat <kparz@raleigh.ibm.com>] PR#2976, 3074
3306 *) Add [REDIRECT_]VARIANTS environment variable to mod_speling
3307 so that ErrorDocument 300 processors can reformat the list
3308 if desired. [Ken Coar] PR#2859
3310 *) Add +/- incremental prefixes to IndexOptions keywords, and
3311 enable merging of multiple IndexOptions directives. [Ken Coar]
3313 *) PORT: Allow GuessOS to recognize Unixware 7.0.1 [Steve Cameron
3314 <steve.cameron@compaq.com>]
3316 *) Reconstructed the loop through multiple htaccess file names so
3317 that missing files are not confused with unreadable files.
3320 *) The ap_pfopen and ap_pfdopen routines were failing to protect the
3321 errno on an error, which leads to one error being mistaken for
3322 another when reading non-existent .htaccess files.
3325 *) OS/2: The new header tests get things right, need to update
3326 ap_config.h. [Brian Havard]
3328 *) The Perl %ENV hash will now be setup by default when using the
3329 mod_include `perl' command [Doug MacEachern]
3331 *) PORT: Add Pyramid DC/OSx support to configuration mechanism.
3332 [Earle Ake <akee@wpdiss1.wpafb.af.mil>]
3334 *) PORT: Fix sys/resource.h handling for Amdahl's UTS 2.1
3335 [Dave Dykstra <dwd@bell-labs.com>] PR#3054
3337 *) Correct comment in mod_log_config.c about its internals.
3338 [Elf Sternberg <elf@halcyon.com>]
3340 *) Avoid possible line overflow in Configure: Use an awkfile to
3341 handle the creation of modules.c [Jim Jagielski]
3343 Changes with Apache 1.3.2
3345 *) Fix bug in ap_remove_module(), which caused problems for dso's
3346 who were the top_module. [Doug MacEachern]
3348 *) Add support for Berkeley-DB/2.x (in addition to Berkeley-DB/1.x) to
3349 mod_auth_db to both be friendly to users who wants to use this version
3350 and to avoid problems under platforms where only version 2.x is present.
3351 [Dan Jacobowitz <drow@false.org>, Ralf S. Engelschall]
3353 *) When using ap_log_rerror(), make the error message available to the
3354 *ERROR_NOTES envariables by default. [Ken Coar]
3356 *) BS2000 platform only: get rid of the nasty BS2000AuthFile.
3357 You now must define a BS2000Account name for the server User.
3358 This has fewer security implications than the old approach.
3361 *) Fix SHARED_CORE feature for HPUX platform: We now use extension `.sl'
3362 instead of `.so' and `SHLIB_PATH' instead of `LD_LIBRARY_PATH' on this
3363 platform to make the braindead HPUX linker happy. Notice, for the module
3364 DSOs we don't have to use this, because these are loaded manually (and
3365 not via HPUX' dld). [Ralf S. Engelschall] PR#2905, PR#2968
3367 *) Remove 64 thread limit on Win32.
3368 [Bill Stoddard <stoddard@raleigh.ibm.com>]
3370 *) Remove redundant substitutions in top-level Makefile.tmpl.
3371 [Ralf S. Engelschall]
3373 *) Fix APACI's `Group' configuration adjustment - especially for Linux
3374 platforms where `nogroup' exists in /etc/group. [Ralf S. Engelschall]
3376 *) Make PrintPath work generically instead of having one version
3377 strictly for OS/2. [Jim Jagielski, Brian Havard]
3379 *) Fix the recently introduced C header file checking: We now use the C
3380 pre-processor pass only (and no longer the complete compiler pass) to
3381 determine whether a C header file exists or not. Because only this way
3382 we're safe against inter-header dependencies (which caused horrible
3383 portability problems). The only drawback is that we now have a CPP
3384 configuration variable which has to be determined first (we do a similar
3385 approach as GNU Autoconf does here). When all fails the user still has
3386 the possibility to override it manually via APACI or src/Configuration.
3387 As a fallback for the header check itself we can directly check the
3388 existance of the file under /usr/include, too.
3389 [Ralf S. Engelschall] PR#2777
3391 *) PORT: Added RHAPSODY (Mac OS X Server) support. MAP_TMPFILE defined
3392 as an alternate mechanism for mmap'd shared memory for RHAPSODY.
3393 ap_private_extern defined to hide symbols that conflict with loaded
3394 dynamic libraries on the NEXT and RHAPSODY platforms.
3395 [Wilfredo Sanchez <wsanchez@apple.com>]
3397 *) Delete PID file on clean shutdowns.
3398 [Charles Randall <crandall@matchlogic.com>] PR#2947
3400 *) Fix mod_auth_*.html documents: NSCA -> NCSA
3401 [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#2991
3403 *) Fix INSTALL document: www.gnu.ai.mit.edu -> www.gnu.org
3404 [Karl Berry <karl@gnu.org>] PR#2994
3406 *) Fix dbmmanage.1 manual page.
3407 [Youichirou Koga <y-koga@jp.FreeBSD.org>] PR#2992
3409 *) Fix possible buffer overflow situation in suexec.c.
3410 [Jeff Stewart <jws@purdue.edu>] PR#2790
3412 *) Add some more LIBS for the SCO5 platform which are needed for the already
3413 used -lprot. It's actually a bug in SCO5, of course.
3414 [Ronald Record <rr@sco.com>] PR#2533
3416 *) Fix documentation of ProxyPass/ProxyPassReverse according to the
3417 trailing slash problem. [Jon Drukman <jsd@gamespot.com>] PR#2933
3419 *) Remove `-msym' option from LDFLAGS_SHLIB for the Digital UNIX (OSF/1)
3420 platform, because it's only supported under version 4.0 and higher. But
3421 because our GuessOS is still unaware of Digital UNIX versions and the
3422 -msym is just to optimize the DSO statup time a little bit it's safe and
3423 best when we leave it out now. [Ralf S. Engelschall] PR#2969
3425 *) Fix the ap_log_error_old(), ap_log_unixerr() and ap_log_printf()
3426 functions: First all three functions no longer fail on strings containing
3427 "%" chars and second ap_log_printf() no longer does a double-formatting
3428 (instead it directly passes through the message to be formatted to the
3429 real internal formatting function). [Ralf S. Engelschall] PR#2941
3431 *) Allow "Include" directives anywhere in the server config
3432 files (but not .htaccess files). [Ken Coar] PR#2727
3434 *) The proxy was refusing to serve CONNECT requests except to
3435 port 443 (https://) and 563 (snews://). The new AllowCONNECT
3436 directive allows the configuration of the ports to which a
3437 CONNECT is allowed. [Sameer Parekh, Martin Kraemer]
3439 *) mod_expires will now act on content that is not sent from a file
3440 on disk. Previously it would never add an Expires: header to
3441 any response that did not come from a file on disk; the only
3442 case where it still doesn't (and can't) add one for that type of
3443 content is if you are using a modification date based setting.
3444 [Marc Slemko, Paul Phillips <paulp@go2net.com>]
3446 *) Problems encountered during .htaccess parsing or CGI execution
3447 that lead to a "500 Server Error" condition now provide explanatory
3448 text (in the *ERROR_NOTES envariable) to ErrorDocument 500 scripts.
3451 *) Add NameWidth keyword to IndexOptions directive so that the
3452 width of the filename column is customisable. [Ken Coar, Dean Gaudet]
3455 *) Recognize lowercase _and_ uppercase `uname' results under
3456 SCO OpenServer. [David Coelho <drc@ppt.com>]
3458 *) As duplicate "HTTP/1.0 200 OK" lines within the header seem to be
3459 a common problem of (mis-administrated?) IIS servers, make the apache
3460 proxy immune to these errors (and ignore the duplicates, but log
3461 the fact to error_log). [Martin Kraemer], after the proposal in PR#2914
3463 *) The <IfModule and <IfDefine block starting directives now only
3464 allow exactly one argument. Previously, the optional negation
3465 character '!' could be separated by whitespace without a syntax
3466 error being reported, albeit defeating the IfModule functionality
3467 (enclosed directives would ALWAYS be executed). By using the
3468 stricter syntax, these hard-to-track errors can be avoided.
3471 *) Simplify handling of IndexOptions in mod_autoindex -- and BTW
3472 cause the standalone FancyIndexing directive to logically OR
3473 into any existing IndexOptions settings rather than wiping
3474 them out. [Ken Coar]
3476 *) Changes in ftp proxy: make URL parsing simpler by using the
3478 + Add display of the "current directory" in cases where it's
3479 different from the supplied path (e.g., ftp://user@host/ lives
3480 in /home/user, not in /, therefore clicking on "../" in the
3481 starting directory might send us to /home/).
3482 + When ftp login fails, (esp. when a user name was part of the
3483 URL already), we now return [401 Unauthorized ] to allow the
3484 browser to pop up an authorization dialog. This makes passwords
3485 slightly less visible (they don't appear in the regular log files)
3486 and implements a functionality that other www proxy servers
3490 *) Triggered by the recent "Via:" header changes, the proxy module would
3491 dump core for replies with invalid headers (e.g., duplicate
3492 "HTTP/1.0 200 OK" lines). These errors are now logged and the
3493 core dump is avoided. Also, broken replies are not cached.
3494 [Martin Kraemer] PR#2914
3496 *) new `GprofDir' directive when compiled with -DGPROF, where gprof can
3497 plop gmon.out profile data for each child [Doug MacEachern]
3499 *) Use the construct ``"$@"'' instead of ``$*'' in the generated
3500 config.status script to be immune against arguments with whitespaces.
3501 [Yves Arrouye <yves@apple.com>] PR#2866
3503 *) Replace the inlined information grabbing stuff for the configuration
3504 adjustment feature (no --without-confadjust) with calls to a new helper
3505 script `buildinfo.sh' which is both more flexible and already proofed to
3506 be more robust against platform differences. This mainly fixes the
3507 recently occured ``sed: command garbled: ...'' problems.
3508 [Ralf S. Engelschall] PR#2776, PR#2848
3510 *) Make ab.c again pass ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align
3511 -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''
3512 without complains after we recently added the POST feature.
3513 [Ralf S. Engelschall]
3515 *) Renamed is_HTTP_xxx() macros to ap_is_HTTP_xxx() name. They are used inside
3516 modules as API functions and we forgot them at the big symbol renaming.
3517 [Ralf S. Engelschall]
3519 *) Remove bad reference to non-existing SERVER_VERSION in mod_rewrite.html
3520 [Youichirou Koga <y-koga@jp.FreeBSD.ORG>] PR#2895
3522 *) Dynamically size the filename column of mod_autoindex output.
3525 *) Add the ability to do POST requests to the ab benchmarking tool.
3526 [Kurt Sussman <kls@best.com>] PR#2871
3528 *) Bump up MAX_ENV_FLAGS in mod_rewrite.h from the too conservatice limit of
3529 5 to 10 because there are some users out there who always have 5 to 8
3530 variables in one RewriteRule and had to patch mod_rewrite.h for every
3531 release. So 15 should be now more than enough, even for them. (I never
3532 needed more than 4 in my RewriteRules ;-)
3533 [Ralf S. Engelschall]
3535 *) Make the proxy generate and understand Via: headers
3538 *) Change the proxy to use tables instead of array_headers for
3539 the header lines. [Martin Kraemer]
3541 *) Make sure the config.status file is not overridden when just
3542 ``configure --help'' is used. [Ralf S. Engelschall] PR#2844
3544 *) Split MODULE_MAGIC_NUMBER into _MAJOR/_MINOR numbers. This should
3545 provide a way to trace API changes that add functionality but do
3546 not create a compatibility issue for precompiled modules, etc.
3547 See include/ap_mmn.h for more details. [Randy Terbush]
3549 *) Fix suexec installation under `make install root=xxx' situation.
3550 [Ralf S. Engelschall]
3552 *) Extend the output of the -V switch to include the paths of all
3553 compiled-in configuration files, if they were overridden at
3554 compile time, for least astonishment of the user.
3557 *) When READing a request in ExtendedStatus mode, the "old"
3558 vhost, request and client information is not displayed.
3561 *) STATUS is no longer available. Full status information now
3562 run-time configurable using the ExtendedStatus directive.
3565 *) SECURITY: Eliminate O(n^2) space DoS attacks (and other O(n^2)
3566 cpu time attacks) in header parsing. Add ap_overlap_tables(),
3567 a function which can be used to perform bulk update operations
3568 on tables in a more efficient manner. [Dean Gaudet]
3570 *) SECURITY: Added compile-time and configurable limits for
3571 various aspects of reading a client request to avoid some simple
3572 denial of service attacks, including limits on maximum request-line
3573 size (LimitRequestLine), number of header fields (LimitRequestFields),
3574 and size of any one header field (LimitRequestFieldsize). Also added
3575 a configurable directive LimitRequestBody for limiting the size of the
3576 request message body. [Roy Fielding]
3578 *) Make status module aware of DNS and logging states, even if
3579 STATUS not defined. [Jim Jagielski]
3581 *) Fix a problem with the new OS/2 mutexes. [Brian Havard]
3583 *) Enhance mod_speling so that CheckSpelling can be used in
3584 <Directory> containers and .htaccess files. [Ken Coar]
3586 *) API: new ap_custom_response() function for hooking into the
3587 ErrorDocument mechanism at runtime [Doug MacEachern]
3589 *) API: new ap_uuencode() function [Doug MacEachern]
3591 *) API: scan_script_header_err_core() now "public" and renamed
3592 ap_scan_script_header_err_core() [Doug MacEachern]
3594 *) The 'status' module will now show the process pid's and their
3595 state even without full STATUS accounting. [Jim Jagielski]
3597 *) Restore the client IP address to the error log messages, this
3598 was lost during the transition from 1.2 to 1.3. Add a new
3599 function ap_log_rerror() which takes a request_rec * and
3600 formats it appropriately. [Dean Gaudet] PR#2661
3602 *) Cure ap_cfg_getline() of its nasty habit of compressing internal
3603 whitespace in input lines -- including within quoted strings.
3605 but leading and trailing whitespace should continue to be
3606 stripped [Martin Kraemer]
3608 *) Cleanup of the PrintPath/PrintPathOS2 helper functions. Avoid
3609 the ugly use of an env. variable and use command-line args for
3610 alternate $PATH. Make more like advanced 'type's as well.
3613 *) The IRIXN32 Rule was being ignored. Configure now correctly adds
3614 -n32 only if IRIXN32 says to. [Jim Jagielski, Alain St-Denis
3615 <alain.st-denis@ec.gc.ca>] PR#2736
3617 *) Clean up a warning in mod_proxy. [Ralf S. Engelschall]
3619 *) Renamed __EMX__ (internal define of the gcc port under OS/2) to OS2
3620 following the same idea as "MSVC vs WIN32". Additionally the src/os/emx/
3621 directory was renamed to src/os/os2/ for consistency.
3622 [Brian Havard, Ralf S. Engelschall]
3624 *) Add new Rule SHARED_CHAIN which can be used to enable linking of DSO
3625 files (here modules) against other DSO files (here shared libraries).
3626 This is done by determining a subset of LIBS which can be safely used for
3627 linking the DSOs, i.e. PIC libs and shared libs. Currently the rule is
3628 disabled for all platforms to avoid problems with this (experimental)
3629 rule. But we provide it now for those people how ran into problems and
3630 want to came out by forcing linking against DSOs.
3631 [Ralf S. Engelschall] PR#2587
3633 *) Fix suEXEC start message: Has to be of `notice' level to really get
3634 printed together with the standard startup message because the `notice'
3635 level is handled special inside ap_log_error() for startup messages.
3636 [Ralf S. Engelschall] PR#2761 PR#2761 PR#2765
3638 *) Add correct `model' MIME types from RFC2077 to mime.types file.
3639 [Ralf S. Engelschall] PR#2732
3641 *) Fixed examples in mod_rewrite.html document.
3642 [Youichirou Koga <y-koga@jp.FreeBSD.org>, Ralf S. Engelschall] PR#2756
3644 *) Allow ap_read_request errors to propagate through the normal request
3645 handling loop so that the connection can be properly closed with
3646 lingering_close, thus avoiding a potential TCP reset that would
3647 cause the client to miss the HTTP error response. [Roy Fielding]
3649 *) One more portability fix for APACI shadow tree support: Swap order of awk
3650 and sed in top-level configure script to avoid sed fails on some
3651 platforms (for instance SunOS 4.1.3 and NCR SysV) because of the
3652 non-newline-termined output of Awk. [Ralf S. Engelschall] PR#2729
3654 *) PORT: NEC EWS4800 support.
3655 [MATSUURA Takanori <t-matsuu@protein.osaka-u.ac.jp>]
3657 *) Fix a segfault in the proxy on OS/2. [Brian Havard]
3659 *) Fix Win32 part of ap_spawn_child() by providing a reasonable child_info
3660 structure instead of just NULL. This fixes at least the RewriteMap
3661 programs under Win32. [Marco De Michele <mdemichele@tin.it>] PR#2483
3663 *) Add workaround to top-level `configure' script for brain dead
3664 `echo' commands which interpet escape sequences per default.
3665 [Ralf S. Engelschall] PR#2654
3667 *) Make sure that the path to the Perl interpreter is correctly
3668 adjusted under `make install' also for the printenv CGI script.
3669 [Ralf S. Engelschall] PR#2595
3671 *) Update the mod_rewrite.html document to correctly reflect the situation
3672 of the `proxy' (`[P]') feature. [Ralf S. Engelschall] PR#2679
3674 *) Fix `install-includes' sub-target of `install' target in top-level
3675 Makefile.tmpl: The umask+cp approach didn't work as expected (especially
3676 for users which extracted the distribution under 'umask 077'), so replace
3677 it by an explicit cp+chmod approach.
3678 [Richard Lloyd, Curt Sampson, Ralf S. Engelschall] PR#2656 PR#2626
3680 *) Fix `distclean' and `clean' targets in src/Makefile.tmpl to have same
3681 behavior and to cleanup correctly even under enabled SHARED_CORE rule.
3682 [Ralf S. Engelschall]
3684 *) Use a more straight forward and thus less problematic Sed command in
3685 src/helper/mkdir.sh script. [Ralf S. Engelschall]
3687 *) Make sure the `configure' scripts doesn't fail when trying to guess the
3688 domainname of the machine and there are multiple `domainname' and
3689 `search' entries in /etc/resolv.conf.
3690 [Ralf S. Engelschall] PR#2710
3692 *) Add note about the SHARED_CORE requirement on some platforms also to the
3693 INSTALL file because a lot of users don't read htdocs/manual/dso.html
3694 first. [Ralf S. Engelschall] PR#2701
3696 *) Fix document "hyperlink" for dso.html in src/Configuration.tmpl
3697 [Knut A.Syed <Knut.Syed@nhh.no>] PR#2674
3699 *) Modify mod_rewrite to update the Vary response field if the URL rewriting
3700 engine does any manipulations or decisions based upon request fields.
3703 *) Document the special APACI behavior for installation paths where
3704 ``/apache'' is appended to paths under some (well defined, of course)
3705 situations to prevent pollution of system locations with Apache files.
3706 [Ralf S. Engelschall] PR#2660
3708 *) Fixed problem with buffered response message not being sent for
3709 the read_request error conditions of URI-too-long (414) and
3710 malformed header fields (400). [Roy Fielding] PR#2646
3712 *) Add support for the Max-Forwards: header line required by RFC2068 for
3713 the TRACE method. This allows apache to TRACE along a chain of proxies
3714 up to a predetermined depth. [Martin Kraemer]
3716 *) Fix SHARED_CORE rule: The CFLAGS_SHLIB variable is no longer doubled
3717 (compilers complained) and the .so.V.R.P filename extension was adjusted
3718 to correctly reflect the 1.3.2 version.
3719 [Ralf S. Engelschall] PR#2644
3721 *) SECURITY: Plug "..." and other canonicalization holes under OS/2.
3724 *) PORT: implement serialized accepts for OS/2. [Brian Havard]
3726 *) mod_include had problems with the fsize and flastmod directives
3727 under WIN32. Fix also avoids the minor security hole of using
3728 ".." paths for fsize and flastmod.
3729 [Manoj Kasichainula <manojk@raleigh.ibm.com>] PR#2355
3731 *) Fixed some Makefile dependency problems. [Dean Gaudet]
3733 Changes with Apache 1.3.1
3735 *) Disable the incorrect entry for application/msword in the
3736 mod_mime_magic "magic" file because it also matches other Office
3737 documents. [Ralf S. Engelschall] PR#2608
3739 *) Fix broken RANLIB handling in src/Configure (the entry from
3740 src/Configuration.tmpl was ignored) and additionally force RANLIB to
3741 /bin/true under HP/UX where ranlib exists but is deprecated.
3742 [Ralf S. Engelschall] PR#2627
3744 *) 'apachectl status' failed on some systems.
3745 [Steve VanDevender <stevev@darkwing.uoregon.edu>, Lars Eilebrecht] PR#2613
3747 *) Add new flags for ap_unparse_uri_components() to make it generate
3748 the scheme://sitepart string only, or to omit the query string.
3751 *) WIN32: Canonicalize ServerRoot before checking to see if it
3752 is a valid directory. The failure to do this caused certain
3753 ServerRoot settings (eg. "ServerRoot /apache") to be improperly
3754 rejected. [Marc Slemko]
3756 *) Global renaming of C header files to both get rid of conflicts with third
3757 party packages and to again reach consistency:
3758 1. conf.h -> ap_config.h
3759 2. conf_auto.h -> ap_config_auto.h \ these are now merged
3760 3. ap_config.h -> ap_config_auto.h / in the config process
3761 4. compat.h -> ap_compat.h
3762 5. apctype.h -> ap_ctype.h
3763 Backward compatibility files for conf.h and compat.h were created.
3765 *) mod_mmap_static will no longer take action on requests unless at
3766 least one "mmapfile" directive is present in the configuration.
3767 This experimental module has to do some black magic to operate
3768 inside the current API and thus creates side-effects for other
3769 modules under some circumstances.
3770 [Ralf S. Engelschall]
3772 *) Add conservative ticks around more egrep arguments in top-level configure
3773 to avoid problems under brain-dead platforms like Digital UNIX (OSF1).
3774 [Ralf S. Engelschall] PR#2596
3776 *) mod_rewrite created RewriteLock files under the UID of the parent
3777 process, thus the child processes had no write access to the files.
3778 Now a chown() is done on the file to the uid of the children,
3779 if applicable. [Lars Eilebrecht, Ralf S. Engelschall] PR#2341
3781 *) Autogenerate some HAVE_XXXXX_H defines in conf_auto.h (determined via
3782 TestCompile) instead of defining them manually in conf.h based on less
3783 accurate platform definitions. This way we no longer have to fiddle with
3784 OS-type and/or OS-version identifiers to discover whether a system header
3785 file exists or not. Instead we now directly check for the existence of
3786 those esoteric ones.
3787 [Ralf S. Engelschall] PR#2093, PR#2361, PR#2377, PR#2434,
3788 PR#2524, PR#2525, PR#2533, PR#2569
3790 *) mod_setenvif (BrowserMatch* and friends) will now match a missing
3791 field with "^$". [Ken Coar]
3793 *) Set the RTLD_GLOBAL dlopen mode parameter to allow dynamically loaded
3794 modules to load their own modules dynamically. This improves mod_perl
3795 and mod_php3 when these modules are loaded dynamically into Apache.
3798 *) Cache a proxied request in the event that the client cancels the
3799 transfer, provided that the configured percentage of the file has
3800 already been transfered. It works for HTTP transfers only. The
3801 new configuration directive is called CacheForceCompletion.
3802 [Glen Parker <glenebob@nwlink.com>] PR#2277
3804 *) Add the "<!DOCTYPE HTML" magic cookie used by modern documents (and
3805 required by HTML 3.2 and later) to mod_mime_magic's conf/magic.
3806 [Anna Shergold <anna@inext.co.uk>]
3808 *) Fix yet another signal-based race condition involving nested timers.
3809 Signals suck. [Dean Gaudet]
3811 *) suexec's error messages have been clarified a little bit. [Ken Coar]
3813 *) Clean up some, but perhaps not all, 8-bit character set problems
3814 with config file parsing, and URL parsing. We now define
3815 ap_isdigit(), ap_isupper(), ... which cast to an (unsigned char).
3816 This should work on most modern unixes.
3817 [Dean Gaudet] PR#800, 2282, 2553 (and others)
3819 *) The "handler not found" error was issued in cases where the handler
3820 really did exist, but was just declining to serve the request.
3821 [John Van Essen <jve@gamers.org>] PR#2529
3823 *) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x).
3824 [Ronald Record <rr@sco.com>] PR#2533
3826 *) The APACI libexecdir was not extended with an "apache/" subdir
3827 if the installation prefix didn't already contain "apache", but
3828 it should be because the DSO files are Apache-specific. Now
3829 libexecdir is treated the same way sysconfdir, datadir, localstatedir
3830 and includedir are already treated.
3831 [Charles Levert <charles@comm.polymtl.ca>] PR#2551
3833 *) The <Limit> parsing routine was incorrectly treating methods as
3834 case-insensitive. [Ken Coar]
3836 *) The ap_bprintf() code neglected to test if there was an error on
3837 the connection. ap_bflush() misdiagnosed a failure as a success.
3840 *) add support for #perl arg interpolation in mod_include
3843 *) API: Name changes of table_elts to ap_table_elts, is_table_empty
3844 to ap_is_table_empty and bgetflag to ap_bgetflag. [Ben Laurie]
3846 *) PORT: Add UnixWare 7 support
3847 [Vadim Kostoglodoff <vadim@olly.ru>] PR#2463
3849 *) Fix the Guess-DSO-flags-from-Perl stuff in src/Configure: "perl" was
3850 used instead of "$PERL" which contains the correctly determined Perl
3851 interpreter (important for instance on systems where "perl" and "perl5"
3852 exists, like BSDI or FreeBSD, etc).
3853 [Ralf S. Engelschall] PR#2505
3855 *) Move the initial suEXEC-related startup message from plain
3856 fprintf()/stderr to a delayed ap_log_error()-based one to avoid problems
3857 when Apache is started from inetd (instead of standalone). Under this
3858 situation startup messages on stderr lead to problems (the line is sent
3859 to the client in front of the requested document).
3860 [Ralf S. Engelschall] PR#871, PR#1318
3862 *) Add a flag so ap_fnmatch() can be used for case-blind pattern matching.
3863 [Ken Coar, Dean Gaudet]
3865 *) WIN32: Don't collapse multiple slashes in PATH_INFO.
3866 [Ben Laurie, Bill Stoddard <wgstodda@us.ibm.com>] PR#2274
3868 *) WIN32 SECURITY: Eliminate trailing "."s in path components. These are
3869 ignored by the Windows filesystem, and so can be used to bypass security.
3870 [Ben Laurie, Alexei Kosut].
3872 *) We now attempt to dump core when we get SIGILL. [Jim Jagielski]
3874 *) PORT: remove broken test for MAP_FILE in http_main.c.
3875 [Wilfredo Sanchez <wsanchez@apple.com>]
3877 *) PORT: Change support/apachectl to use "kill -0 $pid" to test if the
3878 httpd is running. This should be more portable than figuring out
3879 which of three dozen different versions of "ps" are installed.
3882 *) WIN32: If we can't figure out how to execute a file in a script
3883 directory, bail out of the request with an error message. [W G Stoddard]
3885 *) WIN32 SECURITY: Eliminate directories consisting of three or more dots;
3886 these are treated by Win32 as if they are ".." but are not detected by
3887 other machinery within Apache. This is something of a kludge but
3888 eliminates a security hole. [Manoj Kasichainula, Ben Laurie]
3890 *) Move ap_escape_quotes() from src/ap to src/main/util.c; it uses
3891 pools and thus pollutes libap (until the pool stuff is moved there).
3894 *) IndexIgnore should be case-blind on Win32 (and any other case-aware
3895 but case-insensitive platforms). New #define for this added to conf.h
3896 (CASE_BLIND_FILESYSTEM). [Ken Coar] PR#2455
3898 *) Enable DSO support for OpenBSD in general, not only for 2.x, because it
3899 also works for OpenBSD 1.x. [Ralf S. Engelschall]
3901 *) PORT: Fix compilation problem on ARM Linux.
3902 [Sam Kington <sam@illuminated.co.uk>] PR#2443
3904 *) Let APACI's configure script determine some configuration parameters
3905 (Group, Port, ServerAdmin, ServerName) via some intelligent tests to
3906 remove some of the classical hurdles for new users when setting up
3907 Apache. This is done per default because it is useful for the average
3908 user. Package authors can use the --without-confadjust option to disable
3909 these configuration adjustments.
3910 [Ralf S. Engelschall]
3912 *) Added an EXTRA_DEPS configuration parameter which can be used
3913 to add an extra Makefile dependency for the httpd target, for instance
3914 to external third-party libraries, etc.
3915 [Ralf S. Engelschall]
3917 *) Add <IfDefine>..</IfDefine> sections to the core module (with same spirit
3918 as <IfModule>..</IfModule> sections) which can be used to skip or process
3919 contained commands dependend of ``-D PARAMETER'' options on the command
3920 line. This can be used to achieve logical conditions like <IfDefine
3921 ReverseProxy> instead of physically ones (e.g. <IfModule mod_proxy.c>)
3922 and thus especially can be used for conditionally loading DSO-based
3923 modules via LoadModule, etc. [Ralf S. Engelschall]
3925 *) PORT: clean up a warning in mod_status for OS/2. [Brian Havard]
3927 *) Make table elements const. This may prevent obscure errors. [Ben Laurie]
3929 *) Fix parsing of FTP `SIZE' responses in proxy module: The newline was not
3930 truncated which forced following HTTP headers to be data in the HTTP
3931 reponse. [Ralf S. Engelschall, Charles Fu <ccwf@bacchus.com>]
3934 *) Portability fix for APACI shadow tree support: Swap order of awk and sed
3935 in top-level configure script to avoid sed fails on some platforms (for
3936 instance SunOS 4.1.3 and NCR SysV) because of the non-newline-termined
3937 output of Awk. [Bill Houle <bhoule@sandiegoca.ncr.com>] PR#2435
3939 *) Improve performance of directory listings (mod_autoindex) by comparing
3940 integer keys (last-modified and size) as integers rather than converting
3941 them to strings first. Also use a set of explicit byte tests rather
3942 than strcmp() to check for parent directory-ness of an entry. Oh, and
3943 make sure the parent directory (if displayed) is *always* listed first
3944 regardless of the sort key. Overall performance winnage should be good
3945 in CPU time, instruction cache, and memory usage, particularly for large
3946 directories. [Ken Coar]
3948 *) Add a tiny but useful goody to APACI's configure script: The generation
3949 of a config.status script (as GNU Autoconf does) which remembers the used
3950 configure command and hence can be used to restore the configuration by
3951 just re-running this script or for remembering the configuration between
3953 [Ralf S. Engelschall]
3955 *) Add httpd -t (test) option for running configuration syntax tests only.
3956 If something is broken it complains and exits with a return code
3957 non-equal to 0. This can be used manually by the user to check the Apache
3958 configuration after editing and is also automatically used by apachectl
3959 on (graceful) restart command to make sure Apache doesn't die on restarts
3960 because of a configuration which is now broken since the last (re)start.
3961 This way `apachectl restart' can be used inside cronjobs without having
3962 to expect Apache to be falling down. Additionally the httpd -t can be run
3963 via `apachectl configtest'.
3964 [Ralf S. Engelschall] PR#2393
3966 *) Minor display fix for "install" target of top-level Makefile:
3967 the displayed installation command was incorrect although the
3968 executed command was correct. Now they are in sync.
3969 [Ralf S. Engelschall] PR#2402
3971 *) Correct initialization of variable `allowed_globals' in http_main.c
3972 [Justin Bradford <justin@ukans.edu>] PR#2400
3974 *) Apache would incorrectly downcase the entire Content-Type passed from
3975 CGIs. This affected server-push scripts and such which use
3976 multipart/x-mixed-replace;boundary=ThisRandomString.
3977 [Dean Gaudet] PR#2394
3979 *) PORT: QNX update to properly guess 32-bit systems.
3980 [Sean Boudreau <seanb@qnx.com>] PR#2390
3982 *) Make sure the DSO emulation code for HPUX finds the proprietary shl_xxx()
3983 functions which are in libdld under HPUX 9/10.
3984 [Ralf S. Engelschall] PR#2378
3986 *) Make sure the "install" target of the top-level Makefile doesn't break
3987 because of a return code of 1 from an "if" (for instance under braindead
3988 Ultrix the result code of an "if" construct is 1 if the "then" clause
3989 didn't match). [Ralf S. Engelschall]
3991 *) Add an additional "dummy" target to the "$(LIB)" target in generated
3992 modules/xxx/Makefile's to avoid problems with SVR4 Make under "full-DSO"
3993 situation (no libxxx.a built, only mod_xxx.so's) where LIB and OBJS are
3994 empty. [Ralf S. Engelschall, Dean Gaudet, Martin Kraemer]
3996 *) Replace two bad sprintf() calls with ap_snprintf() variants in
3997 mod_rewrite. [Ralf S. Engelschall]
3999 *) Fix missing usage description for MetaFiles directive.
4000 [David MacKenzie <djm@va.pubnix.com>] PR#2384
4002 *) mod_log_config wouldn't let vhosts use log formats defined in the
4003 main server. [Christof Damian <damian@mediaconsult.com>] PR#2090
4005 *) mod_usertrack was corrupting the client hostname. As part of the
4006 fix, the cookie values were slightly extended to include the
4007 fully qualified hostname of the client.
4008 [Dean Gaudet] PR#2190, 2229, 2366
4010 *) Fix a typo in pool debugging code. [Alvaro Martinez Echevarria]
4012 *) mod_unique_id did not work on alpha linux (in general on any
4013 architecture that has 64-bit time_t).
4014 [Alvaro Martinez Echevarria]
4016 *) PORT: Make SCO 5 (and probably 3) compile again. [Ben Laurie]
4018 *) PORT: NCR MPRAS systems have the same bug with SIGHUP restart that
4019 Solaris systems experience. So define WORKAROUND_SOLARIS_BUG.
4020 [Klaus Weber <kweber@chephren.germany.ncr.com>] PR#1973
4022 *) Change "Options None" to "Options FollowSymLinks" in the
4023 <Directory /> section of the default access.conf-dist
4024 (and -win even though it doesn't matter there). This has better
4025 performance, and more intuitive semantics. [Dean Gaudet]
4027 *) PORT: Updated support for UTS 2.1.2.
4028 [Dave Dykstra <dwd@bell-labs.com>] PR#2320
4030 *) Fix symbol export list (src/support/httpd.exp) after recent
4031 API changes in the child spawning area.
4032 [Jens-Uwe Mager <jum@helios.de>]
4034 *) Workaround for configure script and old `test' commands which do not
4035 support the -x flag (for instance under platforms like Ultrix). This is
4036 solved by another helper script findprg.sh which searches for Perl and
4037 Awk like PrintPath but _via different names_.
4038 [Ralf S. Engelschall]
4040 *) Remove the system() call from htpasswd.c, which eliminates a system
4041 dependancy. ["M.D.Parker" <mdpc@netcom.com>] PR#2332
4043 *) PORT: Fix compilation failures on NEXTSTEP.
4044 [Rex Dieter <rdieter@math.unl.edu>] PR#2293, 2316
4046 *) PORT: F_NDELAY is a typo, should have been FNDELAY. There's also
4047 O_NDELAY on various systems. [Dave Dykstra <dwd@bell-labs.com>] PR#2313
4049 *) PORT: helpers/GuessOS updates for various versions for NCR SVR4.
4050 [juerg schreiner <j.schreiner@zh.ch>,
4051 Bill Houle <Bill.Houle@SanDiegoCA.NCR.COM>] PR#2310
4053 *) Fix recently introduced Win32 child spawning code in mod_rewrite.c which
4054 was broken because of invalid ap_pstrcat() -> strcat() transformation.
4055 [Ralf S. Engelschall]
4057 *) Proxy Cache Fixes: account for directory sizes, fork off garbage collection
4058 to continue in background, use predefined types (off_t, size_t, time_t),
4059 log the current cache usage percentage at LogLevel debug
4060 [Martin Kraemer, based on discussion between Dean Gaudet & Dirk vanGulik]
4062 Changes with Apache 1.3.0
4064 *) Using a type map file as a custom error document was not possible.
4065 [Lars Eilebrecht] PR#1031
4067 *) Avoid problems with braindead Awks by additionally searching for gawk
4068 and nawk in APACI's configure script.
4069 [Dave Dykstra <dwd@bell-labs.com>, Ralf S. Engelschall] PR#2319
4071 *) Rename md5.h to ap_md5.h to avoid conflicts with native MD5 on
4072 some systems. [Randy Terbush]
4074 *) Change usage of perror()+fprintf(stderr,...) in mod_rewrite to
4075 more proper ap_log_error() variants.
4076 [Ralf S. Engelschall]
4078 *) Make sure the argument for the --add-module option to APACI's configure
4079 script is of type [path/to/]mod_xxx.c because all calculations inside
4080 configure and src/Configure depend on this.
4081 [Ralf S. Engelschall] PR#2307
4083 *) Changes usage of perror/fprintf to stderr to more proper ap_log_error
4084 in mod_mime, mod_log_referer, mod_log_agent, and mod_log_config.
4087 *) Various OS/2 cleanups ["Brian Havard" <brianh@kheldar.apana.org.au>]
4089 *) PORT: QNX needed a #include <sys/mman.h>; and now it uses flock
4090 serialized accept to handle multiple sockets.
4091 [Rob Saccoccio <robs@InfiniteTechnology.com>] PR#2295, 2296
4093 *) Have NT properly set the directory for CGI scripts
4094 (& other spawned children)
4095 [W G Stoddard <wgstodda@us.ibm.com>]
4097 *) Propagate environment to CGI scripts correctly in Win32.
4098 [W G Stoddard <wgstodda@us.ibm.com>] PR#2294
4100 *) Some symbol renaming:
4101 ap_spawn_child_err became ap_spawn_child
4102 ap_spawn_child_err_buff became ap_bspawn_child
4103 spawn_child was obsoleted and moved to compat.h
4106 *) Upgrade the child spawning code in mod_rewrite for the RewriteMap
4107 programs: ap_spawn_child_err() is used and the Win32 case now uses
4108 CreateProcess() instead of a low-level execl() (which caused problems in
4109 the past under Win32).
4110 [Ralf S. Engelschall]
4112 *) A few cosmetics and trivial enhancements to APXS to make the
4113 generated Makefile more user friendly. [Ralf S. Engelschall]
4115 *) Proxy Fix: The proxy special failure routine ap_proxyerror()
4116 was updated to use the normal apache error processing, thereby allowing
4117 proxy errors to be treated by ErrorDocument's as well. For this
4118 purpose, a new module-to-core communication variable "error-notes"
4119 was introduced; the proxy (and possibly other modules) communicates
4120 its error text using this variable. Its content is copied to a new
4121 cgi-env-var REDIRECT_ERROR_NOTES for use by ErrorDocuments.
4122 The old proxy special error routine ap_proxy_log_uerror()
4123 was replaced by regular ap_log_error() calls, many messages were made
4125 [Martin Kraemer] PR#494, 1259
4127 *) SECURITY: A possible buffer overflow in the ftp proxy was fixed.
4130 *) Transform the configure message "You need root privileges for suEXEC"
4131 from a fatal error into a (more friendly) warning because the building
4132 ("make") of Apache we can allow, of course. Root privileges are needed
4133 only for the installation step ("make install"). So make sure the
4134 user is aware of this fact but let him proceed as long as he can.
4135 [Ralf S. Engelschall] PR#2288
4137 *) Renamed three more functions to common ap_ prefix which we missed at the
4138 Big Symbol Renaming because they're #defines and not real C functions:
4139 is_default_port(), default_port(), http_method().
4140 [Ralf S. Engelschall]
4142 *) A zero-length name after a $ in an SSI document should cause
4143 just the $ to be in the expansion. This was broken during the
4144 security fixes in 1.2.5. [Dean Gaudet] PR#1921, 2249
4146 *) Call ap_destroy_sub_req() in ap_add_cgi_vars() to reclaim some
4147 memory. [Rob Saccoccio <robs@InfiniteTechnology.com>] PR#2252
4149 *) Fix src/support/httpd.exp (DSO export file which is currently only
4150 used under AIX) because of recent changes to function names.
4151 [Ralf S. Engelschall]
4153 Changes with Apache 1.3b7
4155 *) Make sure a MIME-type can be forced via a RewriteRule even when no
4156 substitution takes place, for instance via the following rule:
4157 ``RewriteRule ^myscript$ - [T=application/x-httpd-cgi]'' This was often
4158 requested by users in the past to force a single script without a .cgi
4159 extension and outside any cgi-bin dirs to be executed as a CGI program.
4160 [Ralf S. Engelschall] PR#2254
4162 *) A fix for protocol issues surrounding 400, 408, and
4163 414 responses. [Ed Korthof]
4165 *) Ignore MaxRequestsPerChild on WIN32. [Brian Behlendorf]
4167 *) Fix discrepancy in proxy_ftp.c which was causing failures when
4168 trying to connect to certain ftpd's, such as anonftpd.
4169 [Rick Ohnemus <rick@ecompcon.com>]
4171 *) Make mod_rewrite use ap_open_piped_log() for RewriteLog directive's
4172 logfile instead of fiddling around itself with child spawning stuff.
4173 [Ralf S. Engelschall]
4175 *) Made RefererIgnore case-insensitive.
4177 *) Mod_log_agent, mod_log_referer now use ap_open_piped_log for piped logs.
4180 *) Replace use of spawn_child with ap_spawn_child_err_buff, to make everything
4181 "safe" under Win32. In: mod_include.c, mod_mime_magic.c
4184 *) Improve RFC1413 support. [Bob Beck <beck@bofh.ucs.ualberta.ca>]
4186 *) Fix support script `dbmmanage': It was unable to handle some sort
4187 of passwords, especially passwords with "0" chars.
4188 [Ralf S. Engelschall] PR#2242
4190 *) WIN32: Clicking on "Last Modified" in a fancy index caused a crash. Fixed.
4191 [Ben Laurie] PR#2238
4193 *) WIN32: CGIs could cause a hang (because of a deadlock in the standard C
4194 library), so CGI handling has been changed to use Win32 native handles
4195 instead of C file descriptors.
4196 [Ben Laurie and Bill Stoddard <wgstodda@us.ibm.com>] PR#1129, 1607
4198 *) The proxy cache would store an incorrect content-length in the cached
4199 file copy after a cache update. That resulted in repeated fetching
4200 of the original copy instead of using the cached copy.
4201 [Ernst Kloppenburg <kloppen@isr.uni-stuttgart.de>] PR#2094
4203 *) The Makefiles assumed that DSO files are build via $(LD). This
4204 is broken for two reasons: First we never defined at least LD=ld
4205 somewhere to make sure this works (it was silently assumed that most Make
4206 provide a built-in LD definition - ARGL!) and second using the generic LD
4207 variable is not the truth. Instead a special variable named LD_SHLIB is
4208 reasonable because although "ld" is usually the default, the command for
4209 building DSO files can be "libtool" or even "cc" on some systems.
4210 [Ralf S. Engelschall]
4212 *) Replace the AddVersionPlatform directive with ServerTokens which
4213 provides for more control over the format of the Server:
4214 header line. SERVER_SUBVERSION is no longer supported;
4215 all module should use the ap_add_version_component()
4216 API function instead. [Jim Jagielski]
4218 *) Support for the NCR MP/RAS 3.0
4219 [John Withers <withers@semi.kcsc.mwr.irs.gov>]
4221 *) The LDFLAGS_SHLIB_EXPORT variable of src/Configuration[.tmpl] was
4222 not retrieved in src/Configure and thus was not useable.
4223 [Ralf S. Engelschall]
4225 *) Various Makefile consistency cleanups:
4226 - make OSDIR also automatically be relative to src/ like INCDIR
4227 - SUBDIRS is now generated in src/Makefile only and not in
4228 Makefile.config because it is a local define for this location.
4229 - remove BROKEN_BPRINTF_FLAGS because is it no longer used inside
4230 any Makefile but make sure that at least the "-K inline" is kept in
4232 - update the "depend" targets in Makefile.tmpl files to use $(OSDIR), too.
4233 - updated the dependencies theirself
4234 - removed not existing SHLIB variable from "clean" targets
4235 - replaced SHLIB_OBJS/SHLIBS_OBJ consistently with OBJS_PIC because OBJS
4236 already exists and OBJS_PIC are also just plain objects and have not
4237 directly to do with "shared" things. The only difference is that they
4238 contain PIC. So OBJS_PIC is the more canonical name.
4239 - Updated the Makefile-dependency lines for OBJS_PIC
4240 - Removed the Makefile-dependency line in Configure to avoid double
4242 - replaced ugly xx-so.o/xx.so-o hack with a clean and consistent usage
4243 of xxx.lo as GNU libtool does with its PIC objects
4244 - reduce local complexity in modules Makefile.tmpl by moving the last
4245 existing target "depend" to the generation section in Configure, too.
4246 - removed the historical $(SPACER) which was used in the past together
4247 with BROKEN_BPRINTF_FLAGS to avoid zig-zags in the build process. This
4248 is no longer needed.
4249 - force the build and run of the gen_xxx programs under main/ as the
4250 first step before building the objects because it looks cleaner
4251 [Ralf S. Engelschall]
4253 *) WIN32: Make Win32 work again after the /dev/null DoS fix.
4256 *) WIN32: Check for buffer overflows in ap_os_canonical_filename.
4259 *) WIN32: Don't force ISAPI headers to finish with \n.
4260 [Jim Patterson <Jim.Patterson@Cognos.COM>, Ben Laurie] PR#2060
4262 *) When opening "configuration" files (like httpd.conf, htaccess
4263 and htpasswd), Apache will not allow them to be non-/dev/null
4264 device files. This closes a DoS hole. At the same time,
4265 we use ap_pfopen to open these files to handle timeouts.
4266 [Jim Jagielski, Martin Kraemer]
4268 *) Apache will now log the reason its httpd children exit if they exit
4269 due to an unexpected signal. (It requires a new porting define,
4270 SYS_SIGLIST, which if defined should point to a list of text
4271 descriptions of the signals available. See PORTING.) [Dean Gaudet]
4273 *) WIN32: chdir() doesn't make sense in a multithreaded environment
4274 like WIN32. Before, Win32 CGI's could have had sporadic failures
4275 if a chdir call from one thread was made between another chdir call
4276 and a spawn in another thread. So, for now don't chdir for CGI scripts
4277 in WIN32. The current CGI "spec" is unclear as to whether it's
4278 necessary. Long-term fix is to either serialize the chdir/spawn combo
4279 or use WIN32 native calls to spawn a process. This temp fix was
4280 necessary to remove this as a showstopper for 1.3's release.
4283 *) Cleanup the suEXEC support in APACI and make it more safe:
4284 1. Add big fat hint in INSTALL about risks and to read the
4285 htdocs/manual/suexec.html document before using the suexec-related
4287 2. Make sure the user has at least provided one --suexec-xxxx option
4288 (specifies suEXEC parameters) in addition to --enable-suexec option.
4289 If only --enable-suexec is given APACI stops with a hint to INSTALL
4290 and htdocs/manual/suexec.html documents.
4291 3. Provide two additional --suexec-xxxx options to make the suEXEC
4292 configuration complete (especially for package maintainers who else
4293 had to patch the source tree) by providing ways to configure minimal
4294 UID/GID and safe PATH, too.
4295 [Ralf S. Engelschall]
4297 *) Cleanup of the `configure --shadow' process:
4298 - make sure the configure script creates its temporary files in the
4299 shadow tree to avoid conflicts with parallel configure runs
4300 - removed unnecessary option "-r" from "rm" call for Makefiles
4301 - make sure the configure scripts creates the shadow-wrapper Makefile
4302 only when no shadow trees already exists
4303 - make sure "make distclean" removes the shadow-wrapper Makefile but only
4304 when no more shadow trees exists
4305 - overhauled mkshadow.sh script: now its more IFS-safe and approx. twice
4306 as fast (in the past it needed 70sec, now it runs just 38sec)
4307 - make sure CVS does not complain about the created files
4308 Makefille.<gnutriple> and directories src.<gnutriple>
4309 [Ralf S. Engelschall]
4311 *) Added the ap_add_version_component() API routine and the
4312 AddVersionPlatform core directive. The first allows modules to
4313 declare themselves in the Server response header field value,
4314 augmenting the SERVER_SUBVERSION define in the Configuration file
4315 with run-time settings (more useful in a loadable-module environment).
4316 AddVersionPlatform inserts a comment such as "(UNIX)" or "(Win32)"
4317 into the server version string. [Ken Coar] PR#2056
4319 *) Minor stability tweaks to avoid core dumps in ap_snprintf.
4322 *) Emit the "Accept-Range" header for the default handler.
4323 [Brian Behlendorf] PR#1464
4325 *) Add a note to httpd.conf-dist that apache will on some systems fail
4326 to start when the Group # is set to a negative or large positive value.
4329 *) Make sure the module execution order is correct even when some modules
4330 are loaded under runtime (`LoadModule') via the DSO mechanism:
4331 1. The list of loaded modules is now a dynamically allocated one
4332 and not the original statically list from modules.c
4333 2. The loaded modules are now correctly setup by LoadModule for
4334 later use by the AddModule command.
4335 3. When the DSO mechanism for modules is used APACI's `install'
4336 target now enables all created `LoadModule' lines per default because
4337 this is both already expected by the user _and_ needed to avoid
4338 confusion with the next point and reduces the Makefile.tmpl complexity
4339 4. When the DSO mechanism for modules is used, APACI's `install'
4340 target now additionally makes sure the module list is reconstructed
4341 via a complete `ClearModuleList+AddModule...' entry.
4342 5. The support tool `apxs' now also makes sure an AddModule command
4343 is added in addition to the LoadModule command.
4344 6. The modules.c generation was extended to now contain two
4345 comments to make sure no one is confused by the confusing terminology
4346 of loading/linking (we use load=link+load & link=activate instead of
4347 the obvious load=activate & link=link :-( )
4348 This way now there is no longer a difference under execution time between
4349 statically and dynamically linked modules.
4350 [Ralf S. Engelschall]
4352 *) Fix the generated mod_xxx.c from "apxs -g -f xxx" after the
4353 Big Symbol Renaming. [Ralf S. Engelschall]
4355 *) Add a comment to mod_example.c showing the format of a FLAG command
4358 *) Standardized the time format in mod_status to match that of other
4359 places in the code (e.g. DATE_GMT). PR#1551
4361 *) Fix handling of %Z in timefmt strings for those platforms with no time
4362 zone information in their tm struct. [Paul Eggert <eggert@twinsun.com>]
4365 *) Makes mod_rewrite, mod_log_config, mod_status and the ServerSignature
4366 feature compatible with 'UseCanonicalName off' by changing
4367 r->server->server_hostname to ap_get_server_name(). And I changed some
4368 functions which use r->server->port to use ap_get_server_port() instead,
4369 because if there's no Port directive in the config r->server->port is 0.
4372 *) get/set_module_config are trivial enough to be better off inline. Worth
4373 1.5% performance boost. [Dean Gaudet]
4375 *) Fix off-by-one error in ap_proxy_date_canon() in proxy_util.c
4376 when ensuring 'x' is at least 30-chars big. [Jim Jagielski,
4379 *) [BS2000 security] BS2000 needs an extra authentication to initialize
4380 the task environment to the unprivileged User id. Otherwise CGI scripts
4381 would have a way to gain super user access. [Martin Kraemer]
4383 *) Fix debug log messages for BS2000/OSD: instead of logging the whole
4384 absolute path, only log base name of logging source as is done
4385 in unix. [Martin Kraemer]
4387 *) Ronald Tschalaer's Accept-Encoding patch - preserve the "x-" in
4388 the encoding type from the Accept-Encoding header (if it's there)
4389 and use it in the response, as that's probably what it'll be expecting.
4390 [Ronald.Tschalaer@psi.ch]
4392 *) Fix to mod_alias: translate_alias_redir is dealing with
4393 a URI, not a filename, so the check for drive letters for win32
4394 and emx is not necessary. [Dean Gaudet]
4396 *) WIN32: Allow .cmd as an executable extension.
4397 [Kari Likovuori <Kari.Likovuori@mol.fi>] PR#2146
4399 *) Make Apache header files, and some variables, C++ friendly.
4400 [Michael Anderson's <mka@redes.int.com.mx>]
4402 *) Child processes can now "signal" (by exiting with a status
4403 of APEXIT_CHILDFATAL) the parent process to abort and
4404 shutdown the server if the error in the child process was
4405 fatal enough. [Jim Jagielski]
4407 *) mod_autoindex's find_itme() was sensitive to MIME type case.
4408 [Jim Jagielski] PR#2112
4410 *) Make sure the referer_log and agent_log entries in the default httpd.conf
4411 file are also adjusted for the actual relative installation paths.
4412 [Ralf S. Engelschall] PR#2175
4414 *) WIN32: Extensive overhaul of the way UNCs are handled. [Ben Laurie]
4416 *) WIN32: Make roots of filesystems (e.g. c:/) work. [Ben Laurie]
4419 *) PORT: Various porting changes to support AIX 3.2, 4.1.5, 4.2 and 4.3.
4420 Additionally the checks for finding the vendor DSO library were moved
4421 from mod_so.c to Configure because first it needs $PLAT etc. and second
4422 mod_so already uses an abstraction layer and does not fiddle with the
4423 vendor functions itself.
4424 [Jens-Uwe Mager, Ralf S. Engelschall]
4426 *) PORT: Some optimization defines for NetBSD
4427 [Jaromir Dolecek <dolecek@ics.muni.cz>] PR#2165
4429 *) PORT: Dynamic Shared Object (DSO) support for NetBSD.
4430 [Jaromir Dolecek <dolecek@ics.muni.cz>, Ralf S. Engelschall] PR#2158
4432 *) Add Dynamic Shared Object (DSO) support for AIX (at least 4.2 but older
4433 AIX variants should work fine, too. Even AIX 3.x should work). This is
4434 accomplished by using the free DSO emulation code from Jens-Uwe Mager
4435 which we put into a os/unix/os-dso-aix.c file.
4436 [Ralf S. Engelschall]
4438 *) PORT: Fix compiler warnings under AIX >= 4.2 where the manual pages imply
4439 that we should use NET_SIZE_T == int but the include files force size_t.
4440 [Ralf S. Engelschall]
4442 *) Fix two bugs in select() handling in http_main.c.
4445 *) Suppress "error(0)" messages for ap_log_error() when the APLOG_NOERRNO
4446 is unset (as it is in situations like timeouts) where it is unclear
4447 whether errno is set or not. [Martin Kraemer]
4449 *) Just having APACI's localstatedir is too general and not enough for most
4450 of the systems. 1.3b6 again required manual APACI patches by package
4451 maintainers from RedHat and FreeBSD because for their filesystem layout a
4452 little bit more flexibility in configuring the paths is needed. Hence we
4453 provide three additional configure options (--runtimedir, --logfiledir,
4454 --proxycachedir) which now can be used for more granular adjustments if
4455 --localstatedir is not enough to fit the particular needs. As a nice
4456 side-effect this reduces some subdir fiddling in configure+Makefile.tmpl.
4457 [Ralf S. Engelschall]
4459 *) Make the install root for "make install" in APACI's Makefile overrideable
4460 by package authors. This way we are even more friendly to package
4461 maintainers (especially Debian and RedHat) who build for the real prefix
4462 via "configure --prefix=/<real>" but use a different local prefix via
4463 "make root=/tmp/apache install" for rolling the package without bristling
4464 the target location on their system.
4465 [Ralf S. Engelschall]
4467 *) Workaround sed limitations in APACI's configure script by now
4468 substituting in chunks of 50 commands (because for instance HPUX's vendor
4469 sed has a limit of max. 98 commands)
4470 [Ralf S. Engelschall] PR#2136
4472 *) Adding SOCKS5 support and fixing existing SOCKS4 support.
4473 [Ralf S. Engelschall] PR#2140
4475 *) Manually fix some symbols which were not renamed to prefix ap_ in the BIG
4476 RENAMING process because they are defined as pre-processor macros instead
4477 of real functions: bputc, bgetc, piped_log_write_fd, piped_log_read_fd
4478 [Ralf S. Engelschall]
4480 *) Workaround braindead AWK's when generating ap_config.h: The split() and
4481 substr() functions cannot be nested under vendor AWK from Solaris 2.6.
4482 [Ralf S. Engelschall] PR#2139
4484 *) Various bugfixes and cleanups for the APACI configure script:
4485 o fix IFS handling for _nested_ situation
4486 o fix Perl interpreter search: take first one found instead of last one
4487 o fix DSO consistency check
4488 o print error messages to stderr instead of stdout
4489 o add install-quiet for --shadow situation to Makefile stub
4490 o reduce complexity by avoiding sed-hacks for rule and module list loops
4491 [Ralf S. Engelschall]
4493 *) Fix DEBUG_CGI situation in mod_cgi.c [David MacKenzie] PR#2114
4495 *) Make sure the input field separator (IFS) shell variable is explicitly
4496 initialized correctly before _every_ `for' loop and also restored after
4497 the loops. [Ralf S. Engelschall]
4499 *) Make sure that "make install" doesn't overwrite the `mime.types' and
4500 `magic' files from an existing Apache installation. Because people often
4501 customize these for own MIME and content types.
4502 [Ralf S. Engelschall]
4504 *) PORT: Dynamic Shared Object (DSO) support for OpenBSD 2.x
4505 [Peter Galbavy, Ralf S. Engelschall] PR#2109
4507 *) Fix the path to the ScoreBoardFile in the install-config target, too.
4508 [Ralf S. Engelschall] PR#2105
4510 *) Let "configure" clear out the users parameters (provided as shell
4511 variables) to avoid side-effects in "src/Configure" when the user
4512 exported them (which is not needed, but some users do it).
4513 [Ralf S. Engelschall] PR#2101
4515 *) Provide backward compatibility from some old src/Configuration.tmpl
4516 parameter names to the canonical Autoconf-style shell variable names. For
4517 instance CFLAGS vs. EXTRA_CFLAGS. The EXTRA_xxx variants are accepted now
4518 but a hint message is displayed. [Ralf S. Engelschall]
4520 *) Make sure that "make install" doesn't overwrite the DocumentRoot and
4521 CGI scripts from an existing Apache installation.
4522 [Ralf S. Engelschall, Jim Jagielski] PR#2084
4524 *) Make `configure --compat' more "compatible" by first
4525 let the libexecdir default to EPREFIX/libexec instead of EPREFIX/bin and
4526 second by making sure the "avoid-bristling-suffix" /apache is not
4527 appended to sysconfdir, datadir, localstatedir and includedir when
4528 --compat is used. [Ralf S. Engelschall, Lars Eilebrecht]
4530 *) NeXT required strdup() in support/logresolve.c
4531 [Francisco Tomei <fatomei@sandburg.unm.edu>] PR#2082
4533 *) AIX required sys/select.h in support/ab.c
4534 [Jens Schleusener <Jens.Schleusener@dlr.de>] PR#2081
4536 *) Fix the path to the MimeMagicFile in the install-config target, too.
4537 [Ralf S. Engelschall] PR#2089
4539 *) PORT: Added HP-UX 11 patches [Jeff Earickson <jaearick@colby.edu>]
4541 *) If you start apache with the -S command line option it will dump
4542 out the parsed vhost settings. This is useful for folks trying
4543 to figure out what is wrong with their vhost configuration.
4544 (Other dumps may be added in the future.) [Dean Gaudet]
4546 *) Add %pA, %pI, and %pp codes to ap_vformatter (and hence ap_bprintf,
4547 ap_snprintf, and ap_psprintf). See include/ap.h for docs.
4550 *) Because /usr/local/apache is the default prefix the ``configure
4551 --compat'' option no longer has to set prefix, again. This way the
4552 --compat option honors a leading --prefix option. [Lars Eilebrecht]
4554 *) PORT: Cast the first argument of dlopen() in ap_os_dso_load()
4555 to `char *' under OSF1 and FreeBSD 2.x where it is defined this way
4556 to avoid "discard const" warnings. [Ralf S. Engelschall]
4558 *) If a specific handler is set for a file yet the request still
4559 ends up being handled by the default handler, log an error
4560 message before handling it. This catches things such as trying
4561 to use SSIs without mod_include enabled. [Marc Slemko]
4563 *) Fix error logging for the startup case where ap_log_error() still uses
4564 stderr as the target. Now the default log level is honored here, too.
4565 [Ralf S. Engelschall]
4567 *) PORT: Make sure some AWK's don't fail in src/Configure with "string too
4568 long" errors when generating the MODULES entry for src/Makefile
4569 [Ben Hyde, Ralf S. Engelschall]
4571 *) Make sure src/Configure doesn't complain about the old directory
4572 /usr/local/etc/httpd/ when APACI is used. [Lars Eilebrecht]
4574 Changes with Apache 1.3b6
4576 *) PORT: Clean up warnings on Ultrix and HPUX. [Ben Hyde]
4578 *) Adding DSO support for the HP/UX platform by emulating the dlopen-style
4579 interface via the similar but proprietary HP/UX shl_xxx-style system
4580 calls. [Ralf S. Engelschall]
4582 *) PORT: Updated UnixWare 2.0.x and 2.1.x entries for DSO support and made
4583 APACI Makefile.tmpl "install" target more robust for sensible UnixWare
4584 Make. [Ralf S. Engelschall]
4586 *) ++++ THE BIG SYMBOL RENAMING ++++
4587 To avoid symbol clashes with third-party code compiled into the server,
4588 we globally applied the prefix "ap_" to the following classes of
4590 - Apache provided general functions (e.g., ap_cpystrn)
4591 - Public API functions (e.g., palloc, bgets)
4592 - Private functions which we can't make static (because of
4593 cross-object usage) but should be (e.g., new_connection)
4594 For backward source compatibility a new header file named compat.h was
4595 created which provides defines for the old symbol names and can be used
4596 by third-party module authors.
4599 *) Added dynamic shared object (DSO) support for SVR4-derivates: The
4600 problem under SVR4 is that there is no command flag to force the linker
4601 to export the global symbols of the httpd executable therewith they are
4602 available to the DSO's. Instead of problematic hacks like creating a
4603 dummy.so file (containing dummy references to all global symbols) the
4604 httpd binary is linked against, we use a clean trick stolen from Perl 5:
4605 Placing the Apache core code itself into a DSO library named libhttpd.so.
4606 This way the global symbols _HAVE_ to be exported and thus are available
4607 to any manually loaded DSO's under runtime. To reduce the impact to the
4608 user to null we go even further and create a stub httpd executable which
4609 automatically keeps track of the DSO library loading itself and thus
4610 hides the complete mechanism from the user. Although the generation of
4611 this DSO library is automatically triggered for platforms which
4612 essentially need it (mostly all SVR4-derivates) it can be also enabled
4613 manually via the Rule SHARED_CORE. This can be interesting in the future
4614 where we perhaps exploit this libhttpd.so mechanism for providing nifty
4615 features like graceful upgrades, or whatever.
4616 [Ralf S. Engelschall, Martin Kraemer]
4618 *) Build the libraries before building the rest of the tools. [Ben Hyde]
4620 *) Add "distclean" target to src/-Makefiles to provide "make distclean" also
4621 inside the src subtree (i.e. for non-APACI users). Following GNU Makefile
4622 conventions while "clean" removes only stuff created by "all" targets,
4623 "distclean" additionally removes the stuff from the configuration
4624 process. This way "make distclean" (hence the name) provides a fresh
4625 source tree as it was for distribution.
4626 [Ralf S. Engelschall]
4628 *) Allow top-level (APACI) Makefile to break on build errors
4629 the same way the src/ subtree Makefiles breaks on them by replacing the
4630 initial APACI sed-subdir-display-kludge with a more clean
4631 variable-passing-solution: variable SDP can optionally hold the subdir
4632 prefix which is consistently used for displaying the subdir movement.
4633 This way even the top-level Makefile can stop correctly on errors as the
4634 user expects. [Ralf S. Engelschall]
4636 *) Fixed ordering of argument checks for RewriteBase directive.
4637 [Todd Eigenschink <eigenstr@mixi.net>] PR#2045
4639 *) Change Win32 IS_MODULE to SHARED_MODULE to match Unix' method of
4640 indicating that a module is being compiled for dynamic loading. Also
4641 remove #define IS_MODULE from modules and add SHARED_MODULE define
4642 to the mak/dsp files. [Alexei Kosut]
4644 *) Reduce logging level of "normal" warning messages to APLOG_INFO,
4645 since we are now logging APLOG_WARNING by default. [Roy Fielding]
4647 *) PORT: OS/2 tweak to deal with multiple .exe targets. [Brian Havard]
4649 *) Add documentation file and src/Configuration.tmpl entry for the
4650 experimental mod_mmap_static module. Because although it is and marked as
4651 an experimental one it is distributed and thus should be documented and
4652 prepared for configuration the same way as all others modules.
4653 [Ralf S. Engelschall]
4655 *) Add query (-q) option to apxs support tool to be able to manually query
4656 specific settings from apxs. This is needed for instance when you
4657 manually want to access Apache's header files and you need to assemble
4658 the -I option. Now you can do -I`apxs -q INCLUDEDIR`.
4659 [Ralf S. Engelschall]
4661 *) Now src/Configure uses a fallback strategy for the shared object support
4662 on platforms where no explicit information is available: If a Perl
4663 installation exists we ask it about its shared object support and if it's
4664 the dlopen-style one we shamelessly guess the compiler and linker flags
4665 for creating shared objects from Perls knowledge. Of course, the user is
4666 warning about what we are doing and informed that he should send us
4667 the guessed flags when they work. [Ralf S. Engelschall]
4669 *) Provide APACI --without-support option to be able to disable the build
4670 and installation of the support tools from the src/support/ area.
4671 Although its useful to have these installed per default we should provide
4672 a way to compile and install without them for backward-compatibility.
4673 [Ralf S. Engelschall]
4675 *) Add of the new APache eXtenSion (apxs) support tool for building and
4676 installing modules into an _already installed_ Apache package through the
4677 dynamic shared object (DSO) mechanism [mod_so.c]. The trick here is that
4678 this approach actually doesn't need the Apache source tree. The
4679 (APACI-installed) server package is enough, because this now includes the
4680 Apache C header files (PREFIX/include) and the new APXS tool
4681 (SBINDIR/apxs). The intend is to provide a handy tool for third-party
4682 module authors to build their Apache modules _OUTSIDE_ the Apache source
4683 tree while avoiding them to fiddle around with the totally platform
4684 dependend way of compiling DSO files. The tool supports all ranges of
4685 modules, from trivial ones (single mod_foo.c) to complex ones (like PHP3
4686 which has a mod_php3.c plus a pre-built libmodphp3-so.a) and even can
4687 on-the-fly generate a minimalistic Makefile and sample module for the
4688 first step to provide both a quick success event and to demonstrate the
4689 APXS mechanism to module authors. [Ralf S. Engelschall]
4691 *) Fix core dumps in use of CONNECT in proxy.
4692 [Rainer.Scherg@rexroth.de] PR#1326, #1573, #1942
4694 *) Modify the log directives in httpd.conf-dist files to use CustomLog
4695 so that users have examples of how CustomLog can be used.
4698 *) Add the new Apache Autoconf-style Interface (APACI) for the top-level of
4699 the Apache distribution tree. Until Apache 1.3 there was no real
4700 out-of-the-box batch-capable build and installation procedure for the
4701 complete Apache package. This is now provided by a top-level "configure"
4702 script and a corresponding top-level "Makefile.tmpl" file. The goal is
4703 to provide a GNU Autoconf-style frontend which is capable to both drive
4704 the old src/Configure stuff in batch and additionally installs the
4705 package with a GNU-conforming directory layout. Any options from the old
4706 configuration scheme are available plus a lot of new options for flexibly
4707 customizing Apache. [Ralf S. Engelschall]
4709 *) The floating point ap_snprintf code wasn't threadsafe.
4710 Had to remove the HAVE_CVT macro in order to do threadsafe
4711 calling of the ?cvt() floating point routines. [Dean Gaudet]
4713 *) PORT: Add the SCO_SV port. [Jim Jagielski] PR#1962
4715 *) PORT: IRIX needs the -n32 flag iff using the 'cc' compiler
4716 [Jim Jagielski] PR#1901
4718 *) BUG: Configure was using TCC and CC inconsistently. Make sure
4719 Configure knows which CC we are using. [Jim Jagielski]
4721 *) "Options +Includes" wasn't correctly merged if "+IncludesNoExec"
4722 was defined in a parent directory. [Lars Eilebrecht]
4724 *) API: ap_snprintf() code mutated into ap_vformatter(), which is
4725 a generic printf-style routine that can call arbitrary output
4726 routines. Use this to replace http_bprintf.c. Add new routines
4727 psprintf(), pvsprintf() which allocate the exact amount of memory
4728 required for a string from a pool. Use psprintf() to clean up
4729 various bits of code which used ap_snprintf()/pstrdup().
4732 *) PORT: HAVE_SNPRINTF doesn't do anything any longer. This is because
4733 ap_snprintf() has different semantics and formatting codes than
4734 snprintf(). [Dean Gaudet]
4736 *) SIGXCPU and SIGXFSZ are now reset to SIG_DFL at boot-time. This
4737 is necessary on at least Solaris where the /etc/rc?.d scripts
4738 are run with these signals ignored, and "SIG_IGN" settings are
4739 maintained across exec().
4740 [Rein Tollevik <reint@sys.sol.no>] PR#2009
4742 *) Fix the check for symbolic links in ``RewriteCond ... -l'': stat() was
4743 used instead of lstat() and thus this flag didn't work as expected.
4744 [Rein Tollevik <reint@sys.sol.no>] PR#2010
4746 *) Fix the proxy pass-through feature of mod_rewrite for the case of
4747 existing QUERY_STRING now that mod_proxy was recently changed because of
4748 the new URL parsing stuff. [Ralf S. Engelschall]
4750 *) A few changes to scoreboard definitions which helps gcc generate
4751 better code. [Dean Gaudet]
4753 *) ANSI C doesn't guarantee that "int foo : 2" in a structure will
4754 be a signed bitfield. So mark a few bitfields as signed to
4755 ensure correct code. [Dean Gaudet]
4757 *) The default for HostnameLookups was changed to Off, but there
4758 was a problem and it wasn't taking effect. [Dean Gaudet]
4760 *) PORT: Clean up undefined signals on some platforms (SCO, BeOS).
4763 *) After a SIGHUP the listening sockets in the parent weren't
4764 properly marked for closure on fork().
4765 [Jürgen Keil <jk@tools.de>] PR#2000
4767 *) Allow %2F in two situations: 1) it is in the query part of the URI,
4768 therefore not exposed to %2F -> '/' translations and 2) the request
4769 is a proxy request, so we're not dealing with a local resource anyway.
4770 Without this, the proxy would fail to work for any URL's with
4771 %2f in them (occurs quite often in
4772 http://.../cgi-bin/...?http%3A%2F%2F... references) [Martin Kraemer]
4774 *) Protect against FD_SETSIZE mismatches. [Dean Gaudet]
4776 *) Make the shared object compilation command more portable by avoiding
4777 the direct combination of `-c' & `-o' which is not honored by some
4778 compilers like UnixWare's cc. [Ralf S. Engelschall]
4780 *) WIN32: the proxy was creating filenames missing the last four
4781 characters. While this normally doesn't stop anything from
4782 working, it can result in extra collisions.
4783 [Tim Costello <tjcostel@socs.uts.edu.au>] PR#1890
4785 *) Now mod_proxy uses the response string (in addition to the response status
4786 code) from the already used FTP SIZE command to setup the Content-Length
4787 header if available. [Ralf S. Engelschall] PR#1183
4789 *) Reanimated the (still undocumented) proxy receive buffer size directive:
4790 Renamed from ReceiveBufferSize to ProxyReceiveBufferSize because the old
4791 name was really too generic, added documentation for this directive to
4792 the mod_proxy.html and corrected the hyperlink to it in the
4793 new_features_1.3.html document. [Ralf S. Engelschall] PR#1348
4795 *) Fix a bug in the src/helpers/fp2rp script and make it a little bit
4796 faster [Martin Kraemer]
4798 *) Make Configure die when you give it an unknown command switch.
4801 *) Add five new and fresh manpages for the support programs: dbmmanage.1,
4802 suexec.8, htdigest.1, rotatelogs.8 and logresolve.8. Now all up-to-date
4803 and per default compiled support programs have manual pages - just to
4804 document our stuff a little bit more and to be able to do really
4805 Unix-like installations ;-) [Ralf S. Engelschall]
4807 *) Major cleanups to the Configure script to make it and its generated
4808 Makefiles again readable and maintainable: add SRCDIR option, removed
4809 INCLUDES_DEPTH[0-2] kludge, cleanup of TARGET option, cleanup of
4810 generated sections, consequently added Makefile headers with inheritance
4811 information, added subdir movement messages for easier following where
4812 the build process currently stays (more verbose then standard Make, less
4813 verbose than GNU make), same style to comments in the Configure script,
4814 added Apache license header, fixed a few bugs, etc. [Ralf S. Engelschall]
4816 *) Add the new ApacheBench program "ab" to src/support/: This is derived
4817 from the ZeusBench benchmarking program and can be used to determine the
4818 response performance of an Apache installation. This version is
4819 officially licensed with Zeus Technology, Ltd. See the license agreement
4820 statements in <199803171224.NAA24547@en1.engelschall.com> in apache-core.
4821 [Ralf S. Engelschall]
4823 *) API: Various core functions that are definately not part of the API
4824 have been made static, and a few have been marked API_EXPORT. Still
4825 more have been marked CORE_EXPORT and are not intended for general
4826 use by modules. [Doug MacEachern, Dean Gaudet]
4828 *) mod_proxy was not clearing the Proxy-Connection header from
4829 requests; now it does. This did not violate any spec, however
4830 causes poor interactions when you are talking to remote proxies.
4831 [Marc Slemko] PR#1741
4833 *) Various cleanups to the command line interface and manual pages.
4834 [Ralf S. Engelschall]
4836 *) cfg_getline() was not properly handling lines that did not end
4837 with a line termination character. [Marc Slemko] PR#1869, 1909
4839 *) Performance tweak to mod_log_config. [Dmitry Khrustalev]
4841 *) Clean up some undocumented behavior of mod_setenvif related to
4842 "merging" two SetEnvIf directives when they match the same header
4843 and regex. Document that mod_setenvif will perform comparisons in
4844 the order they appear in the config file. Optimize mod_setenvif by
4845 doing more work at config time rather than at runtime.
4848 *) src/include/ap_config.h now wraps it's #define's with #ifndef/#endif's
4849 to allow for modules to overrule them and to reduce redefinition
4850 warnings [Jim Jagielski]
4852 *) [PORT] For A/UX change the OS-#define for -DAUX to -DAUX3.
4855 *) Making the hard-coded cross-module function call mime_find_ct() (from
4856 mod_proxy to mod_mime) obsolete by making sure the API hook for MIME type
4857 checking is really called even for proxy requests except for URLs with
4858 HTTP schemes (because there we can optimize by not running the type
4859 checking hooks due to the fact that the proxy gets the MIME Content-type
4860 from the remote host later). This change cleans up mod_mime by removing
4861 the ugly export kludge, makes the one-liner file mod_mime.h obsolete, and
4862 especially unbundles mod_proxy and mod_mime. This way they both now can
4863 be compiled as shared objects and are no longer tied together.
4864 [Ralf S. Engelschall]
4866 *) util.c cleanup and speedup. [Dean Gaudet]
4868 *) API: Clarification, pstrndup() will always copy n bytes of the source
4869 and NUL terminate at the (n+1)st byte. [Dean Gaudet]
4871 *) Mark module command_rec and handler_rec structures const so that they
4872 end up in the read-only data section (and are friendlier to systems
4873 that don't do optimistic memory allocation on fork()). [Dean Gaudet]
4875 *) Add check to the "Port" directive to make sure the specified
4876 port is in the appropriate range. [Ben Hyde]
4878 *) Performance improvements to invoke_handler().
4879 [Dmitry Khrustalev <dima@bog.msu.su>]
4881 *) Added support for building shared objects even for library-style modules
4882 (which are built from more than one object file). This now provides the
4883 ability to build mod_proxy as a shared object module. Additionally
4884 modules like mod_example are now also supported for shared object
4885 building because the generated Makefiles now no longer assume there is at
4886 least one statically linked module. [Ralf S. Engelschall]
4888 *) API: Clarify usage of content_type, handler, content_encoding,
4889 content_language and content_languages fields in request_rec. They
4890 must always be lowercased; and the strings pointed to shouldn't
4891 be modified (you must copy them to modify them). Fix a few bugs
4892 related to this. [Dean Gaudet]
4894 *) API: Clarification: except for RAW_ARGS, all command handlers can
4895 treat the char * parameters as permanent, and modifiable. There
4896 is no need to pstrdup() them. Clean up some needless pstrdup().
4899 *) Now mod_so keeps track of which module shared objects with which names
4900 are loaded and thus avoids multiple loading and unloading and irritating
4901 error_log messages. [Ralf S. Engelschall]
4903 *) Prior to the existence of mod_setenv it was necessary to tweak the TZ
4904 environment variable in the apache core. But that tweaking interferes
4905 with mod_setenv. So don't tweak if the user has specified an explicit
4906 TZ variable. [Jay Soffian <jay@cimedia.com>] PR#1888
4908 *) rputs() did not calculate r->sent_bodyct properly.
4909 [Siegmund Stirnweiss <siegst@kat.ina.de>] PR#1900
4911 *) The CGI spec says that REMOTE_HOST should be set to the remote hosts's
4912 name, or left unset if this value is unavailable. Apache was setting
4913 it to the IP address when unavailable.
4914 [Tony Finch <fanf@demon.net>] PR#1925
4916 *) Various improvements to the configuration and build support for compiling
4917 modules as shared objects. Especially Solaris 2.x, SunOS 4.1, IRIX and
4918 OSF1 support with GCC and vendor compilers was added. This way shared
4919 object support is now provided out-of-the-box for FreeBSD, Linux,
4920 Solaris, SunOS, IRIX and OSF1. In short: On all major platforms!
4921 [Ralf S. Engelschall]
4923 *) Minor cleanup in http_main -- split QNX and OS2 specific "mmap"
4924 scoreboard code into separate #defines -- USE_POSIX_SCOREBOARD
4925 and USE_OS2_SCOREBOARD. [Dean Gaudet]
4927 *) Fix one more special locking problem for RewriteMap programs in
4928 mod_rewrite: According to the documentation of flock(), "Locks are on
4929 files, not file descriptors. That is, file descriptors duplicated
4930 through dup(2) or fork(2) do not result in multiple instances of a lock,
4931 but rather multiple references to a single lock. If a process holding a
4932 lock on a file forks and the child explicitly unlocks the file, the
4933 parent will lose its lock.". To overcome this we have to make sure the
4934 RewriteLock file is opened _AFTER_ the childs were spawned which is now
4935 the case by opening it in the child_init instead of the module_init API
4936 hook. [Ralf S. Engelschall] PR#1029
4938 *) Change to Location and LocationMatch semantics. LocationMatch no
4939 longer lets a single slash match multiple adjacent slashes in the
4940 URL. This change is for consistency with RewriteRule and
4941 AliasMatch. Multiple slashes have meaning in URLs that they do
4942 not have in (some) filesystems. Location on the other hand can
4943 be considered a shorthand for a more complicated regex, and it
4944 does match multiple slashes with a single slash -- which is
4945 also consistent with the Alias directive.
4946 [Dean Gaudet] related PR#1440
4948 *) Fix bug with mod_mime_magic causing certain files, including files
4949 of length 0, to result in no response from the server.
4952 *) The Configure script now generates src/include/ap_config.h which
4953 contains the set of defines used when Apache is compiled on a platform.
4954 This file can then be included by external modules before including
4955 any Apache header files in case they are being built separately from
4956 Apache. Along with this change, a couple of minor changes were
4957 made to make Apache's #defines coexist peacefully with any autoconf
4958 defines an external module might have. [Rasmus Lerdorf]
4960 *) Fix mod_rewrite for the ugly API case where <VirtualHost> sections exist
4961 but without any RewriteXXXXX directives. Here mod_rewrite is given no
4962 chance by the API to initialize its per-server configuration and thus
4963 receives the wrong one from the main server. This is now avoided by
4964 remembering the server together with the config structure while
4965 configuring and later assuming there is no config when we see a
4966 difference between the remembered server and the one calling us.
4967 [Ralf S. Engelschall] PR#1790
4969 *) Fixed the DBM RewriteMap support for mod_rewrite: First the support now
4970 is automatically disabled under configure time when the dbm_xxx functions
4971 are not available. Second, two heavy source code errors in the DBM
4972 support code were fixed. This makes DBM RewriteMap's usable again after
4973 a long time of brokenness. [Ralf S. Engelschall] PR#1696
4975 *) Now all configuration files support Unix-style line-continuation via
4976 the trailing backslash ("\") character. This enables us to write down
4977 complex or just very long directives in a more readable way. The
4978 backslash character has to be really the last character before the
4979 newline and it has not been prefixed by another (escaping) backslash.
4980 [Ralf S. Engelschall]
4982 *) When using ProxyPass the ?querystring was not passed correctly.
4983 [Joel Truher <truher@wired.com>]
4985 *) To deal with modules being compiled and [dynamically] linked
4986 at a different time from the core, the SERVER_VERSION and
4987 SERVER_BUILT symbols have been abstracted through the new
4988 API routines apapi_get_server_version() and apapi_get_server_built().
4991 *) WIN32: Preserve trailing slash in canonical path (and hence
4992 in PATH_INFO). [Paul Sutton, Ben Laurie]
4994 *) PORT: USE_PTHREAD_SERIALIZED_ACCEPT has proven unreliable
4995 depending on the rev of Solaris and what mixture of modules
4996 are in use. So it has been disabled, and Solaris is back to
4997 using USE_FCNTL_SERIALIZED_ACCEPT. Users may experiment with
4998 USE_PTHREAD_SERIALIZED_ACCEPT at their own risk, it may speed
4999 up static content only servers. Or it may fail unpredictably.
5000 [Dean Gaudet] PR#1779, 1854, 1904
5002 *) mod_test_util_uri.c created which tests the logic in util_uri.c.
5005 *) API: Rewrite of absoluteURI handling, and in particular how
5006 absoluteURIs match vhosts. Unless a request is a proxy request, a
5007 "http://host" url is treated as if a similar "Host:" header had been
5008 supplied. This change was made to support future HTTP/1.x protocols
5009 which may require clients to send absoluteURIs for all requests.
5011 In order to achieve this change subtle changes were made to the API. In a
5012 request_rec, r->hostlen has been removed. r->unparsed_uri now exists so
5013 that the unmodified uri can be retrieved easily. r->proxyreq is not set
5014 by the core, modules must set it during the post_read_request or
5015 translate_names phase.
5017 Plus changes to the virtualhost test suite for absoluteURI testing.
5019 This fixes several bugs with the proxy proxying requests to vhosts
5020 managed by the same httpd.
5023 *) API: Cleanup of code in http_vhost.c, and remove vhost matching
5024 code from mod_rewrite. The vhost matching is now performed by a
5025 globally available function matches_request_vhost(). [Dean Gaudet]
5027 *) Reduce memory usage, and speed up ServerAlias support. As a
5028 side-effect users can list multiple ServerAlias directives
5029 and they're all considered.
5030 [Chia-liang Kao <clkao@cirx.org>] PR#1531
5032 *) The "poly" directive in image maps did not include the borders of the
5033 polygon, whereas the "rect" directive does. Fix this inconsistency.
5034 [Konstantin Morshnev <moko@design.ru>] PR#1771
5036 *) Make \\ behave as expected. [Ronald.Tschalaer@psi.ch]
5038 *) Add the `%a' construct to LogFormat and CustomLog to log the client IP
5039 address. [Todd Eigenschink <eigenstr@mixi.net>] PR#1885
5041 *) API: A new source module main/util_uri.c; It contains a routine
5042 parse_uri_components() and friends which breaks a URI into its component
5043 parts. These parts are stored in a uri_components structure called
5044 parsed_uri within each request_rec, and are available to all modules.
5045 Additionally, an unparse routine is supplied which re-assembles the URI
5046 components back to an URI, optionally hiding the username:password@ part
5047 from ftp proxy requests, and other useful routines. Within the structure,
5048 you find on a ready-for-use basis:
5049 scheme; /* scheme ("http"/"ftp"/...) */
5050 hostinfo; /* combined [user[:password]@]host[:port] */
5051 user; /* user name, as in http://user:passwd@host:port/ */
5052 password; /* password, as in http://user:passwd@host:port/ */
5053 hostname; /* hostname from URI (or from Host: header) */
5054 port_str; /* port string (integer representation is in "port") */
5055 path; /* the request path (or "/" if only scheme://host was given) */
5056 query; /* Everything after a '?' in the path, if present */
5057 fragment; /* Trailing "#fragment" string, if present */
5058 This is meant to serve as the platform for *BIG* savings in
5059 code complexity for the proxy module (and maybe the vhost logic).
5062 *) Make all possible meta-construct expansions ($N, %N, %{NAME} and
5063 ${map:key}) available for all location where a string is created in
5064 mod_rewrite rewriting rulesets: 1st arg of RewriteCond, 2nd arg of
5065 RewriteRule and for the [E=NAME:STRING] flag of RewriteRule. This way the
5066 possible expansions are consequently usable at all string creation
5067 locations. [Ralf S. Engelschall]
5069 *) Fix initialization of RewriteLogLevel (default now is 0 as documented
5070 and not 1) and the per-virtual-server merging of directives. Now all
5071 directives except `RewriteEngine' and `RewriteOption' are either
5072 completely overridden (default) or completely inherited (when
5073 `RewriteOptions inherit') is used. [Ralf S. Engelschall] PR#1325
5075 *) Fix `RewriteMap' program lookup in situations where such maps are
5076 defined but disabled (`RewriteEngine off') in per-server context.
5077 [Ralf S. Engelschall] PR#1431
5079 *) Fix bug introduced in 1.3b4-dev, config with no Port setting would cause
5080 server to bind to port 0 rather than 80. [Dean Gaudet]
5082 *) Fix long-standing problem with RewriteMap _programs_ under Unix derivates
5083 (like SunOS and FreeBSD) which don't accept the locking of pipes
5084 directly. A new directive RewriteLock is introduced which can be used to
5085 setup a separate locking file which then is used for synchronization.
5086 [Ralf S. Engelschall] PR#1029
5088 *) WIN32: The server root is obtained from the registry key
5089 HKLM\SOFTWARE\Apache Group\Apache\<version> (version is currently
5090 "1.3 beta"), unless overridden by the -d command line flag. The
5091 value is stored by running "apache -i -d serverroot". [Paul Sutton]
5093 *) Merged os/win32/mod_dll.c into modules/standard/mod_so.c to support
5094 dynamic loading on Win32 and Unix via the same module. [Paul Sutton]
5096 *) Now mod_rewrite no longer makes problematic assumptions on the characters
5097 a username can contain when trying to expand it via /etc/passwd.
5098 [Ralf S. Engelschall]
5100 *) The mod_setenvif BrowserMatch backwards compatibility command did not
5101 work properly with spaces in the regex. [Ronald Tschalaer] PR#1825
5103 *) Add new RewriteMap types: First, `rnd' which is equivalent to the `txt'
5104 type but with a special post-processing for the looked-up value: It
5105 parses it into alternatives according to `|' chars and then only one
5106 particular alternative is chosen randomly (this is an essential
5107 functionality needed for balancing between backend-servers when using
5108 Apache as a Reverse Proxy. The looked up value here is a list of
5109 servers). Second, `int' with the built-in maps named `tolower' and
5110 `toupper' which can be used to map URL parts to a fixed case (this is an
5111 essential feature to fix the case of server names when doing mass
5112 virtual-hosting with the help of mod_rewrite instead of using
5113 <VirtualHost> sections). [Ralf S. Engelschall, parts based on code from
5114 Jay Soffian <jay@cimedia.com>] PR#1631
5116 *) Add a new directive to mod_proxy similar to ProxyPass: `ProxyPassReverse'.
5117 This directive lets Apache adjust the URL in Location-headers on HTTP
5118 redirect responses sent by the remote server. This way the virtually
5119 mapped area is no longer left on redirects and thus by-passed which is
5120 especially essential when running Apache as a reverse proxy.
5121 [Ralf S. Engelschall]
5123 *) Hide Proxy-Authorization from CGI/SSI/etc just like Authorization is
5124 hidden. [Alvaro Martinez Echevarria]
5126 *) Apache will, when started with the -X (single process) debugging flag,
5127 honor the SIGINT or SIGQUIT signals again now. This capability got lost
5128 a while ago during OS/2 signal handling changes.
5130 *) [PORT] Work around the fact that NeXT runs on more than the
5131 m68k chips in mod_status [Scott Anguish and Timothy Luoma
5134 *) [PORT] Recognize FreeBSD versions so we can use the OS regex as well
5135 as handling unsigned-chars for FreeBSD v3 and v2 [Andrey Chernov
5136 <ache@nagual.pp.ru> and Jim] PR#1450
5138 *) Use SA_RESETHAND or SA_ONESHOT when installing the coredump handlers.
5139 In particular the handlers could trigger themselves into an infinite
5140 loop if RLimitMem was used with a small amount of memory -- too small
5141 for the signal stack frame to be set up. [Dean Gaudet]
5143 *) Fix problems with absoluteURIs introduced during 1.3b4. [Dean Gaudet,
5144 Alvaro Martinez Echevarria <alvaro@lander.es>]
5146 *) Fix multiple UserDir problem introduced during 1.3b4-dev.
5147 [Dean Gaudet] PR#1850
5149 *) ap_cpystrn() had an off-by-1 error.
5150 [Charles Fu <ccwf@klab.caltech.edu>] PR#1847
5152 *) API: As Ken suggested the check_cmd_context() function and related
5153 defines are non-static now so modules can use 'em. [Martin Kraemer]
5155 *) mod_info would occasionally produce an unpaired <tt> in its
5156 output. Fixed. [Martin Kraemer]
5158 *) By default AIX binds a process (and it's children) to a single
5159 processor. httpd children now unbind themselves from that cpu
5160 and re-bind to one selected at random via bindprocessor()
5163 *) Linux 2.0 and above implement RLIMIT_AS, RLIMIT_DATA has almost no
5164 effect. Work around it by using RLIMIT_AS for the RLimitMEM
5165 directive. [Enrik Berkhan <enrik@inka.de>] PR#1816
5167 *) mod_mime_magic error message should indicate the filename when
5168 reads fail. ["M.D.Parker" <mdpc@netcom.com>] PR#1827
5170 *) Previously Apache would permit </Files> to end <FilesMatch> (and
5171 similary for Location and Directory), now this is diagnosed as an
5172 error. Improve error messages for mismatched sections (<Files>,
5173 <FilesMatch>, <Directory>, <DirectoryMatch>, ...).
5174 [Dean Gaudet, Martin Kraemer]
5176 *) <Files> is not permitted within <Location> (because of the
5177 semantic ordering). [Dean Gaudet] PR#379
5179 *) <Files> with wildcards was broken by the change in wildcard
5180 semantics (* does not match /). To fix this, <Files> now
5181 apply only to the basename of the request filename. This
5182 fixes some other inconsistencies in <Files> semantics
5183 (such as <Files a*b> not working). [Dean Gaudet] PR#1817
5185 *) Removed bogus "dist.tar" target from Makefile.tmpl and make sure
5186 backup files are removed on "clean" target [Ralf S. Engelschall]
5188 *) PORT: Add -lm to LIBS for HPUX. [Dean Gaudet] PR#1639
5190 *) Various errors from select() and accept() in child_main() would
5191 result in an infinite loop. It seems these two tickle kernel
5192 or library bugs occasionally, and result in log spammage and
5193 a generally bad scene. Now the child exits immediately,
5194 which seems to be a good workaround.
5195 [Dean Gaudet] PR#1747, 1107, 588, 1787, 987, 588
5197 *) Cleaned up some race conditions in unix child_main during
5198 initialization. [Dean Gaudet]
5200 *) SECURITY: "UserDir /abspath" without a * in the path would allow
5201 remote users to access "/~.." and bypass access restrictions
5202 (but note /~../.. was handled properly).
5203 [Lauri Jesmin <jesmin@ut.ee>] PR#1701
5205 *) API: os_is_path_absolute() now takes a const char * instead of a char *.
5208 Changes with Apache 1.3b5
5210 *) Source file dependencies in Makefile.tmpl files throughout the
5211 source tree were updated to accurately reflect reality.
5214 *) Preserve the content encoding given by the AddEncoding directive
5215 when the client doesn't otherwise specify an encoding.
5216 [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>]
5218 *) Sort out problems with canonical filename handling happening too late.
5219 [Dean Gaudet, Ben Laurie]
5221 Changes with Apache 1.3b4
5223 *) The module structure was modified to include a *dynamic_load_handle
5224 in the STANDARD_MODULE_STUFF portion, and the MODULE_MAGIC_NUMBER
5225 has been bumped accordingly. [Paul Sutton]
5227 *) All BrowserMatch directives mentioned in
5228 htdocs/manual/known_client_problems.html are in the default
5229 configuration files. [Lars Eilebrecht]
5231 *) MiNT port update. [Jan Paul Schmidt]
5233 *) HTTP/1.1 requires x-gzip and gzip encodings be treated
5234 equivalent, similarly for x-compress and compress. Apache
5235 now ignores a leading x- when comparing encodings. It also
5236 preserves the encoding the client requests (for example if
5237 it requests x-gzip, then Apache will respond with x-gzip
5238 in the Content-Encoding header).
5239 [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>] PR#1772
5241 *) Fix a memory leak on keep-alive connections. [Igor Tatarinov]
5243 *) Added mod_so module to support dynamic loading of modules on Unix
5244 (like mod_dld for Win32). This replaces mod_dld.c. Use SharedModule
5245 instead of AddModule in Configuration to build shared modules
5246 [Sameer Parekh, Paul Sutton]
5248 *) Minor cleanups to r->finfo handling in some modules.
5251 *) Abstract read()/write() to ap_read()/ap_write().
5252 Makes it easier to add other types of IO code such as SFIO.
5255 *) API: Generalize default_port manipulations to make support of
5256 different protocols easier. [Ben Laurie, Randy Terbush]
5258 *) There are many cases where users do not want Apache to form
5259 self-referential urls using the "canonical" ServerName and Port.
5260 The new UseCanonicalName directive (default on), if set to off
5261 will cause Apache to use the client-supplied hostname and port.
5262 API: Part of this change required a change to the construct_url()
5263 prototype; and the addition of get_server_name() and
5265 [Michael Douglass <mikedoug@texas.net>, Dean Gaudet]
5266 PR#315, 459, 485, 1433
5268 *) Yet another rearrangement of the source tree.. now all the common
5269 header files are in the src/include directory. The -Imain -Iap
5270 references in Makefiles have been changed to the simpler -Iinclude
5271 instead. In addition to simplifying the build a little bit, this
5272 also makes it clear when a module is referencing something in a
5273 other than kosher manner (e.g., the proxy including mod_mime.h).
5274 Module-private header files (the proxy, mod_mime, the regex library,
5275 and mod_rewrite) have not been moved to src/include; nor have
5276 the OS-abstraction files. [Ken Coar]
5278 *) Fix a bug where r->hostname didn't have the :port stripped
5279 from it. [Dean Gaudet]
5281 *) Tweaked the headers_out table size, and the subprocess_env
5282 table size guess in rename_original_environment(). Added
5283 MAKE_TABLE_PROFILE which can help discover make_table()
5284 calls that use too small an initial guess, see alloc.c.
5287 *) Options and AllowOverride weren't properly merging in the main
5288 server setting inside vhosts (only an issue when you have no
5289 <Directory> or other section containing an Options that affects
5290 a request). Options +foo or -foo in the main_server wouldn't
5291 affect the main_server's lookup defaults. [Dean Gaudet]
5293 *) Variable 'cwd' was being used pointlessly before being set.
5296 *) r->allowed handling cleaned up in the standard modules.
5299 *) Some case-sensitivity issues cleaned up to be consistent with
5300 RFC2068. [Dean Gaudet]
5302 *) SIGURG doesn't exist everywhere.
5303 [Mark Andrew Heinrich <heinrich@tinderbox.Stanford.EDU>]
5305 *) mod_unique_id was erroneously generating a second unique id when
5306 an internal redirect occured. Such redirects occur, for example,
5307 when processing a DirectoryIndex match. [Dean Gaudet]
5309 *) API: table_add, table_merge, and table_set include implicit pstrdup()
5310 of the key and value. But in many cases this is not required
5311 because the key/value is a constant, or the value has been built
5312 by pstrcat() or other similar means. New routines table_addn,
5313 table_mergen, and table_setn have been added to the API, these
5314 routines do not pstrdup() their arguments. The core code and
5315 standard modules were changed to take advantage of these routines.
5316 The resulting server is up to 20% faster in some situations.
5318 Note that it is easy to get code subtly wrong if you pass a key/value
5319 which is in a pool other than the pool of the table. The only
5320 safe thing to do is to pass key/values which are in the pool of
5321 the table, or in one of the ancestors of the pool of the table.
5322 i.e. if the table is part of a subrequest, a value from the main
5323 request's pool is OK since the subrequest pool is a sub_pool of the
5324 main request's pool (and therefore has a lifespan at most as long as
5325 the main pool). There is debugging code which can detect improper
5326 usage, enabled by defining POOL_DEBUG. See alloc.c for more details.
5327 [Dmitry Khrustalev <dima@bog.msu.su>, Dean Gaudet]
5329 *) More mod_mime_magic cleanup: fewer syscalls; should handle "files"
5330 which don't exist on disk more gracefully; handles vhosts properly.
5331 Update documentation to reflect the code -- if there's no
5332 MimeMagicFile directive then the module is not enabled.
5335 *) PORT: Some older *nix dialects cannot automatically start scripts
5336 which begin with a #! interpreter line (the shell starts the scripts
5337 appropriately on these platforms). Apache now supports starting of
5338 "hashbang-scripts" when the NEED_HASHBANG_EMUL define is set.
5339 [Martin Kraemer, with code from peter@zeus.dialix.oz.au (Peter Wemm)
5342 *) API: "typedef array_header table" removed from alloc.h, folks should
5343 have been writing to use table as if it were an opaque type, but even
5344 some standard modules got this wrong. By changing the definition
5345 to "typedef struct table table" module authors will receive compile
5346 time warnings that they're doing the wrong thing. This change
5347 facilitates future changes with more sophisticated table
5348 structures. Specifically, module authors should be using table_elts()
5349 to get access to an array_header * for the table. [Dean Gaudet]
5351 *) API: Renamed new_connection() to avoid namespace collision with LDAP
5352 library routines. [Ken Coar, Rasmus Lerdorf]
5354 *) WIN32: mod_speling is now available on the Win32 platform.
5357 *) For clarity the following compile time definition was changed:
5359 SAFE_UNSERIALIZED_ACCEPT -> SINGLE_LISTEN_UNSERIALIZED_ACCEPT
5361 Also, for example, HAVE_MMAP would mean to use mmap() scoreboards
5362 and not be a general notice that the OS has mmap(). Now the
5363 HAVE_MMAP/SHMGET #defines strictly are informational that the
5364 OS has that method of shared memory; the type to use for
5365 the scoreboard is a seperate #define (USE_MMAP_SCOREBOARD
5366 and USE_SHMGET_SCOREBOARD). This allows outside modules to
5367 determine if shared memory is available and allows Apache
5368 to determine the best method to use for the scoreboard.
5371 *) PORT: UnixWare 2.1.2 SMP appears to require USE_FCNTL_SERIALIZED_ACCEPT,
5372 as do various earlier versions. It should be safe on all versions.
5373 Unixware 1.x appears to have the same SIGHUP bug as solaris does with
5374 the slack code. A few other cleanups for Unixware.
5375 [Tom Hughes <thh@cyberscience.com>] PR#1082, PR#1282, PR#1499, PR#1553
5377 *) PORT: A/UX can handle single-listen accepts without mutex
5378 locking, so we add SINGLE_LISTEN_UNSERIALIZED_ACCEPT. [Jim Jagielski]
5380 *) When die() happens we need to eat any request body if one exists.
5381 Otherwise we can't continue with a keepalive session. This shows up
5382 as a POST problem with MSIE 4.0, typically against pages which are
5383 authenticated. [Roy Fielding] PR#1399
5385 *) If you define SECURITY_HOLE_PASS_AUTHORIZATION then the Authorization
5386 header will be passed to CGIs. This is generally a security hole, so
5387 it's not a default. [Marc Slemko] PR#549
5389 *) Fix Y2K problem with date printing in suexec log.
5390 [Paul Eggert <eggert@twinsun.com>] PR#1343
5392 *) WIN32 deserves a pid file. [Ben Hyde]
5394 *) suexec errors now include the errno/description. [Marc Slemko] PR#1543
5396 *) PORT: OSF/1 now uses USE_FLOCK_SERIALIZED_ACCEPT to solve PR#467.
5397 The choice of flock vs. fcntl was made based on timings which showed that
5398 even on non-NFS, non-exported filesystems fcntl() was an order of
5399 magnitude slower. It also uses SINGLE_LISTEN_UNSERIALIZED_ACCEPT so
5400 that single socket users will see no difference. [Dean Gaudet] PR#467
5402 *) "File does not exist" error message was erroneously including the
5403 errno. [Marc Slemko]
5405 *) Improve the warning message generated when a client drops the
5406 connection (hits stop button, etc.) during a send. [Roy Fielding]
5408 *) Defining GPROF will disable profiling in the parent and enable it
5409 in the children. If you're profiling under Linux this is pretty much
5410 necessary because SIGPROF is lost across a fork(). [Dean Gaudet]
5412 *) htdigest and htpasswd needed slight tweaks to work on OS/2 and WIN32.
5415 *) The NeXT cc (which is gcc hacked up) doesn't appear to support some
5416 gcc functionality. Work around it.
5417 [Keith Severson <keith@sssd.navy.mil>] PR#1613
5419 *) Some linkers complain when .o files contain no functions.
5420 [Keith Severson <keith@sssd.navy.mil>] PR#1614
5422 *) Some const declarations in mod_imap.c that were added for debugging
5423 purposes caused some compilers heartburn without adding any
5424 significant value, so they've been removed. [Ken Coar]
5426 *) The src/main/*.h header files have had #ifndef wrappers added to
5427 insulate them against duplicate calls if they get included through
5428 multiple paths (e.g., in .c files as well as other .h files).
5431 *) The libap routines now have a header file for their prototypes,
5432 src/ap/ap.h, to ease their use in non-httpd applications. [Ken Coar]
5434 *) mod_autoindex with a plaintext header file would emit the <PRE>
5435 start-tag before the HTML preamble, rather than after the preamble
5436 but before the header file contents. [John Van Essen <jve@gamers.org>]
5439 *) SECURITY: Fix a possible buffer overflow in logresolve. This is
5440 only an issue on systems without a MAXDNAME define or where
5441 the resolver returns domain names longer than MAXDNAME. [Marc Slemko]
5443 *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which
5444 is used to read various types of files such as htaccess and
5445 htpasswd files. [Marc Slemko]
5447 *) SECURITY: Ensure that the buffer returned by ht_time is always
5448 properly null terminated. [Marc Slemko]
5450 *) The "Connection" header could be sent back with multiple "close"
5451 tokens. Not an error, but a waste.
5452 [Ronald.Tschalaer@psi.ch] PR#1683
5454 *) mod_rewrite's RewriteLog should behave like mod_log_config, it
5455 shouldn't force hostname lookups. [Dean Gaudet] PR#1684
5457 *) "basic" auth needs a case-insensitive comparison.
5458 [Ronald.Tschalaer@psi.ch] PR#1666
5460 *) For maximum portability, the environment passed to CGIs should
5461 only contain variables whose names match the regex
5462 /[a-zA-Z][a-zA-Z0-9_]*/. This is now enforced by stamping
5463 underscores over any character outside the regex. This
5464 affects HTTP_* variables, in a way that should be backward
5465 compatible for all the standard headers; and affects variables
5466 set with SetEnv/BrowserMatch and similar directives.
5469 *) mod_speling returned incorrect HREF's when an ambigous match
5470 was found. Noticed by <robinton@amtrash.comlink.de> (Soeren Ziehe)
5471 [robinton@amtrash.comlink.de (Soeren Ziehe), Martin Kraemer]
5473 *) PORT: Apache now compiles & runs on an EBCDIC mainframe
5474 (the Siemens BS2000/OSD family) in the POSIX subsystem
5477 *) PORT: Fix problem killing children when terminating. Allow ^C
5478 to shut down the server. [Brian Havard]
5480 *) pstrdup() is implicit in calls to table_* functions, so there's
5481 no need to do it before calling. Clean up a few cases.
5482 [Marc Slemko, Dean Gaudet]
5484 *) new -C and -c command line arguments
5486 -C "directive" : process directive before reading config files
5487 -c "directive" : process directive after reading config files
5489 httpd -C "PerlModule Apache::httpd_conf"
5490 [Doug MacEachern, Martin Kraemer]
5492 *) WIN32: Fix the execution of CGIs that are scripts and called
5493 with path info that does not have an '=' in.
5494 (eg. http://server/cgi-bin/printenv?foobar)
5495 [Marc Slemko] PR#1591
5497 *) WIN32: Fix a call to os_canonical_filename so it doesn't try to
5498 mess with fake filenames. This fixes proxy caching on
5501 *) SECURITY: General mod_include cleanup, including fixing several
5502 possible buffer overflows and a possible infinite loop.
5503 [Dean Gaudet, Marc Slemko]
5505 *) SECURITY: Numerous changes to mod_imap in a general cleanup
5506 including fixing a possible buffer overflow. [Dean Gaudet]
5508 *) WIN32: overhaul of multithreading code. Shutdowns are now graceful
5509 (connections are not dropped). Code can handle graceful restarts
5510 (but there is as yet no way to signal this to Apache). Various
5511 other cleanups. [Paul Sutton]
5513 *) The aplog_error changes specific to 1.3 introduced a buffer
5514 overrun in the (now legacy) log_printf function. Fixed.
5517 *) mod_digest didn't properly deal with proxy authentication. It
5518 also lacked a case-insensitive comparision of the "Digest"
5519 token. [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>] PR#1599
5521 *) A few cleanups in mod_status for efficiency. [Dean Gaudet]
5523 *) A few cleanups in mod_info to make it thread-safe, and remove an
5524 off-by-5 bug that could hammer \0 on the stack. [Dean Gaudet]
5526 *) no2slash() was O(n^2) in the length of the input. Make it O(n).
5529 *) API: migration from strncpy() to our "enhanced" version called
5530 ap_cpystrn() for performance and functionality reasons.
5531 Located in libap.a. [Jim Jagielski]
5533 *) table_set() and table_unset() did not deal correctly with
5534 multiple occurrences of the same key.
5535 [Stephen Scheck <sscheck@infonex.net>, Ben Laurie] PR#1604
5537 *) The AuthName must now be enclosed in quotes if it is to contain
5538 spaces. [Ken Coar] PR#1195
5540 *) API: new function: ap_escape_quotes(). [Ken Coar] PR#1195
5542 *) WIN32: Work around optimiser bug that killed ISAPI in release
5543 versions. [Ben Laurie] PR#1533
5545 *) PORT: Update the MPE port [Mark Bixby, Jim Jagielski]
5547 *) Interim (slow) fix for p->sub_pool critical sections in
5548 alloc.c (affects win32 only). [Ben Hyde]
5550 *) non-WIN32 was missing destroy_mutex definition. [Ben Hyde]
5552 *) send_fd_length() did not calculate total_bytes_sent properly.
5553 [Ben Reser <breser@regnow.com>] PR#1366
5555 *) The bputc() macro was not properly integrated with the chunking
5556 code; in many cases modules using bputc() could cause completely
5557 bogus chunked output. (Typically this will show up as problems
5558 with Internet Explorer 4.0 reading a page, but other browsers
5559 having no problem.) [Dean Gaudet]
5561 *) Create LARGE_WRITE_THRESHOLD define which determines how many
5562 bytes have to be supplied to bwrite() before it will consider
5563 doing a writev() to assemble multiple buffers in one system
5564 call. This is critical for modules such as mod_include,
5565 mod_autoindex, mod_php3 which all use bputc()/bputs() of smaller
5566 strings in some cases. The result would be extra effort
5567 setting up writev(), and in many cases extra effort building
5568 chunks. The default is 31, it can be overriden at compile
5571 *) Move the gid switching code into the child so that log files
5572 and pid files are opened with the root gid.
5573 [Gregory A Lundberg <lundberg@vr.net>]
5575 *) WIN32: Check for binaries by looking for the executable header
5576 instead of counting control characters.
5577 [Jim Patterson <Jim.Patterson@Cognos.COM>] PR#1340
5579 *) ap_snprintf() moved from main/util_snprintf.c to ap/ap_snprintf.c
5580 so the functionality is available to applications other than the
5581 server itself (like the src/support tools). [Ken Coar]
5583 *) ap_slack() moved out of main/util.c into ap/ap_slack.c as part of
5584 the libap consolidation work. [Ken Coar]
5586 *) ap_snprintf() with a len of 0 behaved like sprintf(). This is not
5587 useful, and isn't what the standards require. Now it returns 0
5588 and writes nothing. [Dean Gaudet]
5590 *) When an error occurs in fcntl() locking suggest the user look up
5591 the docs for LockFile. [Dean Gaudet]
5593 *) Eliminate some dead code from writev_it_all().
5594 [Igor Tatarinov <tatarino@prairie.NoDak.edu>]
5596 *) mod_autoindex had an fread() without checking the result code.
5597 It also wouldn't handle "AddIconByType (TXT,/icons/text.gif text/*"
5598 (note the missing closing paren) properly. [Dean Gaudet]
5600 *) It appears the "257th byte" bug (see
5601 htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
5602 at the 256th byte as well. Fixed. [Dean Gaudet]
5604 *) PORT: Fix mod_mime_magic under OS/2, no support for block devices.
5607 *) Fix memory corruption caused by allocating auth usernames in the
5608 wrong pool. [Dean Gaudet] PR#1500
5610 *) Fix an off-by-1, and an unterminated string error in
5611 mod_mime_magic. [Dean Gaudet]
5613 *) Fix a potential SEGV problem in mod_negotiation when dealing
5614 with type-maps. [Dean Gaudet]
5616 *) Better glibc support under Linux. [Dean Gaudet] PR#1542
5618 *) "RedirectMatch gone /" would cause a SIGSEGV. [Dean Gaudet] PR#1319
5620 *) WIN32: avoid overflows during file canonicalisations.
5621 [malcolm@mgdev.demon.co.uk] PR#1378
5623 *) WIN32: set_file_slot() didn't detect absolute paths. [Ben Laurie]
5626 *) WIN32: mod_status display header didn't match fields. [Ben Laurie]
5628 *) The pthread_mutex_* functions return an error code, and don't
5629 set errno. [Igor Tatarinov <tatarino@prairie.NoDak.edu>]
5631 *) WIN32: Allow spaces to prefix the interpreter in #! lines.
5632 [Ben Laurie] PR#1101
5634 *) WIN32: Cure file leak in CGIs. [Peter Tillemans <pti@net4all.be>] PR#1523
5636 *) proxy_ftp: the directory listings generated by the proxy ftp module
5637 now have a title in which the path components are clickable and allow
5638 quick navigation to the clicked-on directory on the currently listed
5639 ftp server. This also fixes a bug where the ".." directory links would
5640 sometimes refer to the wrong directory. [Martin Kraemer]
5642 *) WIN32: Allocate the correct amount of memory for the scoreboard.
5645 *) WIN32: Only lowercase the part of the path that is real. [Ben Laurie]
5648 *) Fix problems with timeouts in inetd mode and -X mode. [Dean Gaudet]
5650 *) Fix the spurious "(0)unknown error: mmap_handler: mmap failed"
5651 error messages. [Ben Hyde]
5653 Changes with Apache 1.3b3
5655 *) WIN32: Work around brain-damaged spawn calls that can't deal
5656 with spaces and slashes. [Ben Laurie]
5658 *) WIN32: Fix the code so CGIs can use socket calls on Windows.
5659 The problem was that certain undocumented environment variables
5660 needed for sockets to work under Win32 were not being passed.
5661 [Frank Faubert <frank@sane.com>]
5663 *) Add a "-V" command line flag to the httpd binary. This
5664 flag shows some of the defines that Apache was compiled with.
5665 It is useful for debugging purposes. [Martin Kraemer]
5667 *) Start separating the ap_*() routines into their own library, so they
5668 can be used by items in src/support among other things.
5669 [Ken Coar] PR#512, 905, 1252, 1308
5671 *) Give a more informative error when no AuthType is set.
5674 *) Remove strtoul() use from mod_proxy because it isn't available
5675 on all platforms. [Marc Slemko] PR#1214
5677 *) WIN32: Some Win32 systems terminated all responses after 16 kB.
5678 This turns out to be a bug in Winsock - select() doesn't always
5679 return the correct status. [Ben Laurie]
5681 *) Directives owned by http_core can now use the new check_cmd_context()
5682 routine to ensure that they're not being used within a container
5683 (e.g., <Directory>) where they're invalid. [Martin Kraemer]
5685 *) PORT: Recent changes made it necessary to add explicit prototype
5686 for fgetc() and fgets() on SunOS 4.x. [Martin Kraemer, Ben Hyde]
5688 *) It was necessary to distinguish between resources which are
5689 allocated in the parent, for cleanup in the parent, and resources
5690 which are allocated in each child, for cleanup in each child.
5691 A new pool was created which is passed to the module child_init
5692 and child_exit functions; modules are free to register per-child
5693 cleanups there. This fixes a bug with reliable piped logs.
5696 *) mod_autoindex wasn't displaying the ReadmeName file at the bottom
5697 unless it was also doing FancyIndexes, but it displayed the
5698 HeaderName file at the top under all circumstances. It now shows
5699 the ReadmeName file for simple indices, too, as it should.
5702 *) http_core was mmap()ing even in cases where it wasn't going to
5703 read the file. [Ben Hyde <bhyde@gensym.com>]
5705 *) Complete rewrite ;-) of mod_rewrite's URL rewriting engine:
5706 Now the rewriting engine (the heart of mod_rewrite) is organized more
5707 straight-forward, first time well documented and reduced to the really
5708 essential parts. All redundant cases were stripped off and processing now
5709 is the same for both per-server and per-directory context with only a
5710 minimum difference (the prefix stripping in per-dir context). As a
5711 side-effect some subtle restrictions and two recently discovered problems
5712 are gone: Wrong escaping of QUERY_STRING on redirects in per-directory
5713 context and restrictions on the substitution URL on redirects.
5714 Additionally some minor source cleanups were done.
5715 [Ralf S. Engelschall]
5717 *) Lars Eilebrecht wrote a whole new set of Apache Vhost Internals
5718 documentation, examples, explanations and caveats. They live in a new
5719 subdirectory htdocs/manual/vhost/. [Lars Eilebrecht <sfx@unix-ag.org>]
5721 *) If ap_slack fails to allocate above the low slack line it's a good
5722 indication that further problems will occur; it's a better indication
5723 than many external libraries give us when we actually run out of
5724 descriptors. So report it to the user once per restart.
5725 [Dean Gaudet] PR#1181
5727 *) Change mod_include and mod_autoindex to use Y2K-safe date formats
5728 by default. [Ken Coar]
5730 *) Add a "SuppressColumnSorting" option to the IndexOptions list,
5731 which will keep the column heading from being links for sorting
5732 the display. [Ken Coar, suggested by Brian Tiemann <btman@pacific.net>]
5735 *) PORT: Update the LynxOS port. [Marius Groeger <mag@sysgo.de>]
5737 *) Fix logic error when issuing a mmap() failed message
5738 with a non-zero MMAP_THRESHOLD.
5739 [David Chambers <davidc@flosun.salk.edu>] PR#1294
5741 *) Preserve handler value on ProxyPass'ed requests by not
5742 calling find_types on a proxy'd request; fixes problems
5743 where some ProxyPass'ed URLs weren't actually passed
5745 [Lars Eilebrecht] PR#870
5747 *) Fix a byte ordering problem in mod_access which prevented
5748 the old-style syntax (i.e. "a.b.c." to match a class C)
5749 from working properly. [Dean Gaudet] PR#1248, 1328, 1384
5751 *) Fix problem with USE_FLOCK_SERIALIZED_ACCEPT not working
5752 properly. Each child needs to open the lockfile instead
5753 of using the passed file-descriptor from the parent.
5754 [Jim Jagielski] PR#1056
5756 *) Fix the error logging in mod_cgi; the recent error log changes
5757 introduced a bug that prevented it from working correctly.
5758 [M.D.Parker] PR#1352
5760 *) Default to USE_FCNTL_SERIALIZED_ACCEPT on HPUX to properly
5761 handle multiple Listen directives. [Marc Slemko] PR#872
5763 *) Inherit a bugfix to fnmatch.c from FreeBSD sources.
5764 ["[KOI8-R] áÎÄÒÅÊ þÅÒÎÏ×" <ache@nagual.pp.ru>] PR#1311
5766 *) When a configuration parse complained about a bad directive,
5767 the logger would use whatever (unrelated) value was in errno.
5768 errno is now forced to EINVAL first in this case. [Ken Coar]
5770 *) A sed command in the Configure script pushed the edge of POSIXness,
5771 breaking on some systems. [Bhaba R.Misra <system@vt.edu>] PR#1368
5773 *) Solaris >= 2.5 was totally broken due to a mess up using pthread
5774 mutexes. [Roy Fielding, Dean Gaudet]
5776 *) OS/2 Port updated; it should be possible to build OS/2 from the same
5777 sources as Unix now. [Brian Havard <brianh@kheldar.apana.org.au>]
5779 *) Fix a year formatting bug in mod_usertrack.
5780 [Paul Eggert <eggert@twinsun.com>] PR#1342
5782 *) A mild SIGTERM/SIGALRM race condition was eliminated.
5783 [Dean Gaudet] PR#1211
5785 *) Warn user that default path has changed if /usr/local/etc/httpd
5786 is found on the system. [Lars Eilebrecht]
5788 *) Various mod_mime_magic bug fixes and cleanups: Uncompression
5789 should work, it should work on WIN32, and a few resource
5790 leaks and abort conditions are fixed.
5791 [Dean Gaudet] PR#1205
5793 *) PORT: On AIX 1.x files can't be named '@', fix the proxy cache
5794 to use '%' instead of '@' in its encodings.
5795 [David Schuler <schuld@btv.ibm.com>] PR#1317
5797 *) Improve the warning message generated when the "server is busy".
5798 [Dean Gaudet] PR#1293
5800 *) PORT: All ports which don't otherwise define DEF_WANTHSREGEX will
5801 get Spencer regex by default. This is to avoid having to
5802 discover bugs in operating system libraries. [Dean Gaudet]
5804 *) PORT: "Fix" PR#467 by generating warnings on systems which we have
5805 not been able to get working USE_*_SERIALIZED_ACCEPT settings for.
5806 Document this a bit more in src/PORTING. [Dean Gaudet] PR#467
5808 *) Ensure that one copy of config warnings makes it to the
5809 error_log. [Dean Gaudet]
5811 *) Invent new structure and associated methods to handle config file
5812 reading. Add "custom" hook to use config file cfg_getline() on
5813 something which is not a FILE* [Martin Kraemer]
5815 *) Make single-exe Windows install. [Ben Laurie and Eric Esselink]
5817 *) WIN32: Make CGI work under Win95. [Ben Laurie and Paul Sutton]
5819 *) WIN32: Make index.html and friends work under Win95. [Ben Laurie]
5821 *) PORT: Solaris 2.4 needs Spencer regex, the system regex is broken.
5822 [John Line <jml4@cam.ac.uk>] PR#1321
5824 *) Default pathname has been changed everywhere to /usr/local/apache
5825 [Sameer <sameer@c2.net>]
5827 *) PORT: AIX now uses USE_FCNTL_SERIALIZED_ACCEPT.
5828 [David Bronder <David-Bronder@uiowa.edu>] PR#849
5830 *) PORT: i386 AIX does not have memmove.
5831 [David Schuler <schuld@btv.ibm.com>] PR#1267
5833 *) PORT: HPUX now defaults to using Spencer regex.
5834 [Philippe Vanhaesendonck <pvanhaes@be.oracle.com>,
5835 Omar Del Rio <al112263@academ01.lag.itesm.mx>] PR#482, 1246
5837 *) PORT: Some versions of NetBSD don't automatically define
5838 __NetBSD__. Workaround by defining NETBSD.
5839 [Chris Craft <ccraft@cncc.cc.co.us>] PR#977
5841 *) PORT: UnixWare 2.x requires -lgen for syslog.
5842 [Hans Snijder <hs@meganet.nl>] PR#1249
5844 *) PORT: ULTRIX appears to not have syslog.
5845 [Lars Eilebrecht <Lars.Eilebrecht@unix-ag.org>]
5847 *) PORT: Basic Gemini port (treat it like unixware212).
5848 ["Pavel Yakovlev (Paul McHacker)" <hac@tomcat.olly.ru>]
5850 *) PORT: All SVR4 systems now use NET_SIZE_T = size_t, and
5851 use USE_SHMGET_SCOREBOARD.
5854 *) Various improvements in detecting config file errors (missing closing
5855 directives for <Directory>, <Files> etc. blocks, prohibiting global
5856 server settings in <VirtualHost> blocks, flagging unhandled multiple
5857 arguments to <Directory>, <Files> etc.)
5860 *) Add support to suexec wrapper program for mod_unique_id's UNIQUE_ID
5861 variable to provide this one to suexec'd CGIs, too.
5862 [M.D.Parker <mdpc@netcom.com>] PR#1284
5864 *) New support tool: src/support/split-logfile, a sample Perl script which
5865 splits up a combined access log into separate files based on the
5866 name of the virtual host (listed first in the log records by "%v").
5869 Changes with Apache 1.3b2 (there is no 1.3b1)
5871 *) TestCompile was not passing $LIBS [Dean Gaudet]
5873 *) Makefile.tmpl was not using $CFLAGS in the link phase.
5876 *) Add debugging code to alloc.c. Defining ALLOC_DEBUG provides a
5877 rudimentary memory debugger which can be used on live servers with
5878 low impact -- it sets all allocated and freed memory bytes to 0xa5.
5879 Defining ALLOC_USE_MALLOC will cause the alloc code to use malloc()
5880 and free() for each object. This is far more expensive and should
5881 only be used for testing with tools such as Electric Fence and
5882 Purify. See main/alloc.c for more details. [Dean Gaudet]
5884 *) Configure uses a sh trap and didn't set its exitcode properly.
5885 [Dean Gaudet] PR#1159
5887 *) Yet another vhost revamp. Add the NameVirtualHost directive which
5888 explicitly lists the ip:port pairs that are to be used for name-vhosts.
5889 From a given ip:port, regardless what the Host: header is, you can
5890 only reach the vhosts defined on that ip:port. The precedence of
5891 vhosts was reversed to match other precedences in the config --
5892 the earlier vhosts override the later vhosts. All vhost matching was
5893 moved into http_vhost.[ch]. [Dean Gaudet]
5895 *) ap_inline can be used to force inlining. GNUC __attribute__() can
5896 be used for whatever reason is appropriate (i.e. format() warnings
5897 for printf style functions). Both are enabled only with
5898 gcc >= 2.7.x (so that we have fewer support issues with older
5899 versions). [Dean Gaudet]
5901 *) Fix support for Proxy Authentication (we were testing the response
5902 status too early). [Marc Slemko]
5904 *) CoreDumpDirectory directive directs where the core file is
5905 written when a SIGSEGV, SIGBUS, SIGABORT or SIGABRT are
5906 received. [Marc Slemko, Dean Gaudet]
5908 *) PORT: Support for Atari MINT.
5909 [Jan Paul Schmidt <Jan.P.Schmidt@mni.fh-giessen.de>]
5911 *) When booting, apache will now detach itself from stdin, stdout,
5912 and stderr. stderr will not be detached until after the config
5913 files have been read so you will be able to see initial error
5914 messages. After that all errors are logged in the error_log.
5915 This makes it more convenient to start apache via rsh, ssh,
5916 or crontabs. [Dean Gaudet] PR#523
5918 *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake.
5919 Also removed the auto-generated link to www.apache.org that was the
5920 source of so many misdirected bug reports. [Roy Fielding, Marc Slemko]
5922 *) send_fb would not detect aborted connections in some situations.
5925 *) mod_include would use uninitialized data when parsing certain
5926 expressions involving && and ||. [Brian Slesinsky] PR#1139
5928 *) mod_imap should only handle GET methods. [Jay Bloodworth]
5930 *) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
5932 *) mod_autoindex improperly counted &escapes; as more than one
5933 character in the description. It also improperly truncated
5934 descriptions that were exactly the maximum length.
5937 *) RedirectMatch was not properly escaping the result (PR#1155). Also
5938 "RedirectMatch /advertiser/(.*) $1" is now permitted.
5941 *) mod_include now uses symbolic names to check for request success
5942 and return HTTP errors, and correctly handles all types of
5943 redirections (previously it only did temporary redirect correctly).
5944 [Ken Coar, Roy Fielding]
5946 *) mod_userdir was modifying r->finfo in cases where it wasn't setting
5947 r->filename. Since those two are meant to be in sync with each other
5948 this is a bug. ["Paul B. Henson" <henson@intranet.csupomona.edu>]
5950 *) PORT: Support Unisys SVR4, whose uname returns mostly useless data.
5951 ["Kaufman, Steven E" <Steven.Kaufman@unisys.com>]
5953 *) Inetd mode (which is buggy) uses timeouts without having setup the
5954 jmpbuffer. [Dean Gaudet] PR#1064
5956 *) Work around problem under Linux where a child will start looping
5957 reporting a select error over and over.
5958 [Rick Franchuk <rickf@transpect.net>] PR#1107, 987, 588
5960 *) Fixed error in proxy_util.c when looping through multiple host IP
5961 addresses. [Lars Eilebrecht] PR#974
5963 *) If BUFFERED_LOGS is defined then mod_log_config will do atomic
5964 buffered writes -- that is, it will buffer up to PIPE_BUF (i.e. 4k)
5965 bytes before writing, but it will never split a log entry across a
5966 buffer boundary. [Dean Gaudet]
5968 *) API: the short_score record has been split into two pieces, one which
5969 the parent writes on, and one which the child writes on. As part of
5970 this change the get_scoreboard_info() function was removed, and
5971 scoreboard_image was exported. This change fixes a race condition
5972 in file based scoreboard systems, and speeds up changes involving the
5973 scoreboard in earlier 1.3 development. [Dean Gaudet]
5975 *) API: New register_other_child() API (see http_main.h) which allows
5976 modules to register children with the parent for maintenance. It
5977 is disabled by defining NO_OTHER_CHILD. [Dean Gaudet]
5979 *) API: New piped_log API (see http_log.h) which implements piped logs,
5980 and will use register_other_child to implement reliable piped logs
5981 when it is available. The reliable piped logs part can be disabled
5982 by defining NO_RELIABLE_PIPED_LOGS. At the moment reliable piped
5983 logs is only available on Unix. [Dean Gaudet]
5985 *) API: set_last_modified() broken into set_last_modified(), set_etag(), and
5986 meets_conditions(). This allows conditional HTTP selection to be
5987 handled separately from the storing of the header fields, and provides
5988 the ability for CGIs to set their own ETags for conditional checking.
5989 [Ken Coar, Roy Fielding] PR#895
5991 *) Changes to mod_log_config to allow naming of format strings.
5992 Format nicknames are defined with "LogFormat fmt nickname", and can
5993 be used with "LogFormat nickname" and "CustomLog logtarget nickname".
5996 *) New module, "mod_speling", which can help find files even when
5997 the URL is slightly misspelled. [Martin Kraemer, Alexei Kosut]
5999 *) API: New function child_terminate() triggers the child process to
6000 exit, while allowing the child finish what it needs to for the
6001 current request first.
6002 [Doug MacEachern, Alexei Kosut]
6004 *) Windows now defaults to using full status reports with mod_status.
6005 [Alexei Kosut] PR #1094
6007 *) *Really* disable all mod_rewrite operations if the engine is off.
6008 Some things (like RewriteMaps) were checked/performed even if they
6009 weren't supposed to be. [Ken Coar] PR #991
6011 *) Implement a new timer scheme which eliminates the need to call alarm() all
6012 the time. Instead a counter in the scoreboard for each child is used to
6013 show when the child has made forward progress. The parent samples this
6014 counter every scoreboard maintenance cycle, and issues SIGALRM if no
6015 progress has been made in the timeout period. This reduces the static
6016 request best-case syscall count to 22 from 29. This scheme is only
6017 used by systems with memory-based scoreboards. [Dean Gaudet]
6019 *) The proxy now properly handles CONNECT requests which are sent
6020 to proxy servers when using ProxyRemote. [Marc Slemko] PR#1024
6022 *) A script called apachectl has been added to the support
6023 directory. This script allows you to do things such as
6024 "apachectl start" and "apachectl restart" from the command
6027 *) Modules and core routines are now put into libraries, which
6028 simplifies the link line tremendously (among other advantages).
6031 *) Some of the MD5 names defined in Apache have been renamed to have
6032 an `ap_' prefix to avoid conflicts with routines supplied by
6033 external libraries. [Ken Coar]
6035 *) Removal of mod_auth_msql.c from the distribution. There are many
6036 other options for databases today. Rather than offer one option,
6037 offer none at this time. mod_auth_msql and other SQL database
6038 authentication modules can be found at the Apache Module Registry.
6039 http://modules.apache.org/ It would be nice to offer a generic
6040 mod_auth_sql option in the near future.
6042 *) PORT: BeOS support added [Alexei Kosut]
6044 *) Configure no longer accepts the -make option, since it creates
6045 Makefile on the fly based on Makefile.tmpl and Configuration.
6047 *) Apache now gracefully shuts down when it receives a SIGTERM, instead
6048 of forcibly killing off all its processes and exiting without
6049 cleaning up. [Alexei Kosut]
6051 *) API: A new field in the request_rec, r->mtime, has been added to
6052 avoid gratuitous parsing of date strings. It is intended to hold
6053 the last-modified date of the resource (if applicable). An
6054 update_mtime() routine has also been added to advance it if
6055 appropriate. [Roy Fielding, Ken Coar]
6057 *) SECURITY: If a htaccess file can not be read due to bad permissions,
6058 deny access to the directory with a HTTP_FORBIDDEN. The previous
6059 behavior was to ignore the htaccess file if it could not be read.
6060 This change may make some setups with unreadable htaccess files
6061 stop working. [Marc Slemko] PR#817
6063 *) Add aplog_error() providing a mechanism to define levels of
6064 verbosity to the server error logging. This addition also provides
6065 the ability to log errors using syslogd. Error logging is configurable
6066 on a per-server basis using the LogLevel directive. Conversion
6067 of log_*() in progress. [Randy Terbush]
6069 *) Further enhance aplog_error() to not log filename, line number, and
6070 errno information when it isn't applicable. [Ken Coar, Dean Gaudet]
6072 *) WIN32: Canonicalise filenames under Win32. Short filenames are
6073 converted to long ones. Backslashes are converted to forward
6074 slashes. Case is converted to lower. Parts of URLs that do not
6075 correspond to files are left completely alone. [Ben Laurie]
6077 *) PORT: 2 new OSs added to the list of ports:
6078 Encore's UMAX V: Arieh Markel <amarkel@encore.com>
6079 Acorn RISCiX: Stephen Borrill <sborrill@xemplar.co.uk>
6081 *) Add the server version (SERVER_VERSION macro) to the "server
6082 configured and running" entry in the error_log. Also build an
6083 object file at link-time that contains the current time
6084 (SERVER_BUILT global const char[]), and include that in the
6087 *) Set r->headers_out when sending responses from the proxy.
6088 This fixes things such as the logging of headers sent from
6089 the proxy. [Marc Slemko] PR#659
6091 *) support/httpd_monitor is no longer distributed because the
6092 scoreboard should not be file based if at all possible. Use
6093 mod_status to see current server snapshot.
6095 *) (set_file_slot): New function, allowing auth directives to be
6096 independent of the server root, so the server documents can be
6097 moved to a different directory or machine more easily.
6098 [David J. MacKenzie]
6100 *) If no TransferLog is given explicitly, decline
6101 to log. This supports coexistence with other logging modules,
6102 such as the custom one that UUNET uses. [David J. MacKenzie]
6104 *) Check for titles in server-parsed HTML files.
6105 Ignore leading newlines and returns in titles. The old behavior
6106 of replacing a newline after <title> with a space causes the
6107 title to be misaligned in the listing. [David J. MacKenzie]
6109 *) Change mod_cern_meta to be configurable on a per-directory basis.
6110 [David J. MacKenzie]
6112 *) Add 'Include' directive to allow inclusion of configuration
6113 files within configuration files. [Randy Terbush]
6115 *) Proxy errors on connect() are logged to the error_log (nothing
6116 new); now they include the IP address and port that failed
6117 (*that's* new). [Ken Coar, Marc Slemko] PR#352
6119 *) Various architectures now define USE_MMAP_FILES which causes
6120 the server to use mmap() for static files. There are two
6121 compile-time tunables MMAP_THRESHOLD (minimum number of bytes
6122 required to use mmap(), default is 0), and MMAP_SEGMENT_SIZE (maximum
6123 number of bytes written in one cycle from a single mmap()d object,
6124 default 32768). [Dean Gaudet]
6126 *) API: Added post_read_request API phase which is run right after reading
6127 the request from a client, or right after an internal redirect. It is
6128 useful for modules setting environment variables that depend only on
6129 the headers/contents of the request. It does not run during subrequests
6130 because subrequests inherit pretty much everything from the main
6131 request. [Dean Gaudet]
6133 *) Added mod_unique_id which is used to generate a unique identifier for
6134 each hit, available in the environment variable UNIQUE_ID.
6137 *) init_modules is now called after the error logs have been opened. This
6138 allows modules to emit information messages into the error logs.
6141 *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging
6142 information for case where proxy module is not available. [Marc Slemko]
6144 *) PORT: Apache has need for mutexes to serialize its children around
6145 accept. In prior versions either fcntl file locking or flock file
6146 locking were used. The method is chosen by the definition of
6147 USE_xxx_SERIALIZED_ACCEPT in conf.h. xxx is FCNTL for fcntl(),
6148 and FLOCK for flock(). New options have been added:
6149 - SYSVSEM to use System V style semaphores
6150 - PTHREAD to use POSIX threads (appears to work on Solaris only)
6151 - USLOCK to use IRIX uslock
6152 Based on timing various techniques, the following changes were made
6154 - Linux 2.x uses flock instead of fcntl
6155 - Solaris 2.x uses pthreads
6156 - IRIX uses SysV semaphores -- however multiprocessor IRIX boxes
6157 work far faster if you -DUSE_USLOCK_SERIALIZED_ACCEPT
6158 [Dean Gaudet, Pierre-Yves Kerembellec <Pierre-Yves.Kerembellec@vtcom.fr>,
6159 Martijn Koster <m.koster@pobox.com>]
6161 *) PORT: The semantics of accept/select make it very desirable to use
6162 mutexes to serialize accept when multiple Listens are in use. But
6163 in the case where only a single socket is open it is sometimes
6164 redundant to serialize accept(). Not all unixes do a good job with
6165 potentially dozens of children blocked on accept() on the same
6166 socket. It's now possible to define SINGLE_LISTEN_UNSERIALIZED_ACCEPT and
6167 the server will avoid serialization when listening on only one socket,
6168 and use serialization when listening on multiple sockets.
6169 [Dean Gaudet] PR#467
6171 *) Configure changes: TestLib replaced by TestCompile, which has
6172 some additional capability (such as doing a sanity check of
6173 the compiler and flags selected); the version of Solaris is now
6174 available via the #define value of SOLARIS2; IRIX n32bit libs
6175 now supported and selectable by new Configuration Rule: IRIXN32;
6176 We no longer default to -O2 optimization. [Jim Jagielski]
6178 *) Updated Configure: Configuration now uses AddModule to specify
6179 module source or binary file location, relative to src directory.
6180 Modules can be dropped into modules/extra, or in their own
6181 directory, and modules can come with a Makefile or Configure can
6182 create one. Modules can add compiler or library information to
6183 generated Makefiles. [Paul Sutton]
6185 *) Source core re-organisation: distributed modules are now in
6186 modules/standard. All other source code is in main. OS-specific
6187 code is in os/{unix,emx,win32} directories. [Paul Sutton]
6189 *) mod_browser has been removed, since it's replaced by mod_setenvif.
6192 *) Fix another long-standing bug in sub_req_lookup_file where it would
6193 happily skip past access checks on subdirectories looked up with
6194 relative paths. (It's used by mod_dir, mod_negotiation,
6195 and mod_include.) [Dean Gaudet]
6197 *) directory_walk optimization to reduce an O(N*M) loop to O(N+M) where
6198 N is the number of <Directory> sections, and M is the number of
6199 components in the filename of an object.
6201 To achieve this optimization the following config changes were made:
6202 - Wildcards (* and ?, not the regex forms) in <Directory>s,
6203 <Files>s, and <Location>s now treat a slash as a special
6204 character. For example "/home/*/public_html" previously would
6205 match "/home/a/andrew/public_html", now it only matches things
6206 like "/home/bob/public_html". This mimics /bin/sh behaviour.
6207 - It's possible now to use [] wildcarding in <Directory>, <Files>
6209 - Regex <Directory>s are applied after all non-regex <Directory>s.
6213 *) Fix a bug introduced in 1.3a1 directory_walk regarding .htaccess files
6214 and corrupted paths. [Dean Gaudet]
6216 *) Enhanced and cleaned up the URL rewriting engine of mod_rewrite:
6217 First the grouped parts of RewriteRule pattern matches (parenthesis!) can
6218 be accessed now via backreferences $1..$9 in RewriteConds test-against
6219 strings in addition to RewriteRules subst string. Second the grouped
6220 parts of RewriteCond pattern matches (parenthesis!) can be accessed now
6221 via backreferences %1..%9 both in following RewriteCond test-against
6222 strings and RewriteRules subst string. This provides maximum flexibility
6223 through the use of backreferences.
6224 Additionally the rewriting engine was cleaned up by putting common
6225 code to the new expand_backrefs_inbuffer() function.
6226 [Ralf S. Engelschall]
6228 *) When merging the main server's <Directory> and <Location> sections into
6229 a vhost, put the main server's first and the vhost's second. Otherwise
6230 the vhost can't override the main server. [Dean Gaudet] PR#717
6232 *) The <Directory> code would merge and re-merge the same section after
6233 a match was found, possibly causing problems with some modules.
6236 *) ip-based vhosts are stored and queried using a hashing function, which
6237 has been shown to improve performance on servers with many ip-vhosts.
6238 Some other changes had to be made to accommodate this:
6239 - the * address for vhosts now behaves like _default_
6240 - the matching process now is:
6241 - match an ip-vhost directly via hash (possibly matches main
6243 - if that fails, just pretend it matched the main server
6244 - if so far only the main server has been matched, perform
6245 name-based lookups (ServerName, ServerAlias, ServerPath)
6246 *only on name-based vhosts*
6247 - if they fail, look for _default_ vhosts
6248 [Dean Gaudet, Dave Hankins <dhankins@sugarat.net>]
6250 *) dbmmanage overhaul:
6251 - merge dbmmanage and dbmmanage.new functionality, remove dbmmanage.new
6252 - tie() to AnyDBM_File which will use one of DB_File, NDBM_File or
6253 GDBM_File (-ldb, -lndbm, -lgdbm) (trying each in that order)
6254 - provide better seed for rand
6255 - prompt for password as per getpass(3) (turn off echo, read from
6257 - use "newstyle" crypt based on $Config{osname} ($^O)
6258 - will not add a user if already in database, use new `update' command
6260 - added `check' command to check a users' password
6261 - added `import' command to convert existing password text-files or
6262 dbm files exported with `view'
6263 - more descriptive usage, general cleanup, 'use strict' clean, etc.
6266 *) Added psocket() which is a pool form of socket(), various places within
6267 the proxy weren't properly blocking alarms while registering the cleanup
6268 for its sockets. bclose() now uses pclose() and pclosesocket(). There
6269 was a bug where the client socket was being close()d twice due a still
6270 registered cleanup. [Dean Gaudet]
6272 *) A few cleanups were made to reduce time(), getpid(), and signal() calls.
6275 *) PORT: AIX >= 4.2 requires -lm due to libc changes.
6276 [Jason Venner <jason@idiom.com>] PR#667
6278 *) Enable ``=""'' for RewriteCond directives to match against
6279 the empty string. This is the preferred way instead of ``^$''.
6280 [Ralf S. Engelschall]
6282 *) Fixed an infinite loop in mod_imap for references above the server root
6283 [Dean Gaudet] PR#748
6285 *) mod_proxy now has a ReceiveBufferSize directive, similar to
6286 SendBufferSize, so that the TCP window can be set appropriately
6287 for LFNs. [Phillip A. Prindeville]
6289 *) mod_browser has been replaced by the more general mod_setenvif
6290 (courtesy of Paul Sutton). BrowserMatch* directives are still
6291 available, but are now joined by SetEnvIf*, UnSetEnvIf*, and
6292 UnSetEnvIfZero directives. [Ken Coar]
6294 *) "HostnameLookups double" forces double-reverse DNS to succeed in
6295 order for remote_host to be set (for logging, or for the env var
6296 REMOTE_HOST). The old define MAXIMUM_DNS has been deprecated.
6299 *) mod_access overhaul:
6300 - Now understands network/netmask syntax (i.e. 10.1.0.0/255.255.0.0)
6301 and cidr syntax (i.e. 10.1.0.0/16). PR#762
6302 - Critical path was sped up by pre-computing a few things at config time.
6303 - The undocumented syntax "allow user-agents" was removed,
6304 the replacement is "allow from env=foobar" combined with mod_browser.
6305 - When used with hostnames it now forces a double-reverse lookup
6306 no matter what the directory settings are. This double-reverse
6307 doesn't affect any of the other routines that use the remote
6308 hostname. In particular it's still passed to CGIs and the log
6309 without the double-reverse check. Related PR#860.
6312 *) When a large bwrite() occurs (larger than the internal buffer size),
6313 while there is already something in the buffer, apache will combine
6314 the large write and the buffer into a single writev(). (This is
6315 in anticipation of using mmap() for reading files.)
6318 *) In obscure cases where a partial socket write occurred while chunking,
6319 Apache would omit the chunk header/footer on the next block. Cleaned
6320 up other bugs/inconsistencies in error conditions in buff.c. Fixed
6321 a bug where a long pause in DNS lookups could cause the last packet
6322 of a response to be unduly delayed. [Roy Fielding, Dean Gaudet]
6324 *) API: Added child_exit function to module structure. This is called
6325 once per "heavy-weight process" just before a server child exit()'s
6326 e.g. when max_requests_per_child is reached, etc.
6327 [Doug MacEachern, Dean Gaudet]
6329 *) mod_include cleanup showed that handle_else was being used to handle
6330 endif. It didn't cause problems, but it was cleaned up too.
6333 *) mod_cern_meta would attempt to find meta files for the directory itself
6334 in some cases, but not in others. It now avoids it in all cases.
6337 *) mod_mime_magic would core dump if there was a decompression error.
6338 [Martin Kraemer <Martin.Kraemer@mch.sni.de>] PR#904
6340 *) PORT: some variants of DGUX require -lsocket -lnsl
6341 [Alexander L Jones <alex@systems-options.co.uk>] PR#732
6343 *) mod_autoindex now allows sorting of FancyIndexed directory listings
6344 by the various fields (name, size, et cetera), either in ascending
6345 or descending order. Just click on the column header. [Ken Coar]
6347 *) PORT: Various tweaks to eliminate pointer-int casting warnings on 64-bit
6348 CPUs like the Alpha. Apache still stores ints in pointers, but that's
6349 the relatively safe direction. [Dean Gaudet] PR#344
6351 *) PORT: QNX mmap() support for faster/more reliable scoreboard handling.
6352 [Igor N Kovalenko <infoh@mail.wplus.net>] PR#683
6354 *) child_main avoids an unneeded call to select() when there is only one
6355 listening socket. [Dean Gaudet]
6357 *) In the event that the server is starved for idle servers it will
6358 spawn 1, then 2, then 4, ..., then 32 servers each second,
6359 doubling each second. It'll also give a warning in the errorlog
6360 since the most common reason for this is a poor StartServers
6361 setting. The define MAX_SPAWN_RATE can be used to raise/lower
6362 the maximum. [Dean Gaudet]
6364 *) Apache now provides an effectively unbuffered connection for
6365 CGI scripts. This means that data will be sent to the client
6366 as soon as the CGI pauses or stops output; previously, Apache would
6367 buffer the output up to a fixed buffer size before sending, which
6368 could result in the user viewing an empty page until the CGI finished
6369 or output a complete buffer. It is no longer necessary to use an
6370 "nph-" CGI to get unbuffered output. Given that most CGIs are written
6371 in a language that by default does buffering (e.g. perl) this
6372 shouldn't have a detrimental effect on performance.
6374 "nph-" CGIs, which formerly provided a direct socket to the client
6375 without any server post-processing, were not fully compatible with
6376 HTTP/1.1 or SSL support. As such they would have had to implement
6377 the transport details, such as encryption or chunking, in order
6378 to work properly in certain situations. Now, the only difference
6379 between nph and non-nph scripts is "non-parsed headers".
6380 [Dean Gaudet, Sameer Parekh, Roy Fielding]
6382 *) If a BUFF is switched from buffered to unbuffered reading the first
6383 bread() will return whatever remained in the buffer prior to the
6384 switch. [Dean Gaudet]
6386 Changes with Apache 1.3a1
6388 *) Added another Configure helper script: TestLib. It determines
6389 if a specified library exists. [Jim Jagielski]
6391 *) PORT: Allow for use of n32bit libraries under IRIX 6.x
6392 [derived from patch from Jeff Hayes <jhayes@aw.sgi.com>]
6395 *) PORT: Some architectures use size_t for various lengths in network
6396 functions such as accept(), and getsockname(). The definition
6397 NET_SIZE_T is used to control this. [Dean Gaudet]
6399 *) PORT: Linux: Attempt to detect glibc based systems and include crypt.h
6400 and -lcrypt. Test for various db libraries (dbm, ndbm, db) when
6401 mod_auth_dbm or mod_auth_db are included. [Dean Gaudet]
6403 *) PORT: QNX doesn't have initgroups() which support/suexec.c uses.
6404 [Igor N Kovalenko <infoh@mail.wplus.net>]
6406 *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to
6407 begin with. "nokeepalive" now works for HTTP/1.1 clients. Added
6408 "downgrade-1.0" which causes Apache to pretend it received a 1.0.
6409 [Dean Gaudet] related PR#875
6411 *) API: Correct child_init() slot declaration from int to void, to
6412 match the init() declaration. Update mod_example to use the new
6415 *) added transport handle slot (t_handle) to the BUFF structure
6418 *) get_client_block() returns wrong length if policy is
6419 REQUEST_CHUNKED_DECHUNK.
6420 [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#815
6422 *) Support the image map format of FrontPage. For example:
6423 rect /url.hrm 10 20 30 40
6424 ["Chris O'Byrne" <obyrne@iol.ie>] PR#807
6426 *) PORT: -lresolv and -lsocks were in the wrong order for Solaris.
6427 ["Darren O'Shaughnessy" <darren@aaii.oz.au>] PR#846
6429 *) AddModuleInfo directive for mod_info which allows you to annotate
6430 the output of mod_info. ["Lou D. Langholtz" <ldl@usi.utah.edu>]
6432 *) Added NoProxy directive to avoid using ProxyRemote for selected
6433 addresses. Added ProxyDomain directive to cause unqualified
6434 names to be qualified by redirection.
6435 [Martin Kraemer <Martin.Kraemer@mch.sni.de>]
6437 *) Support Proxy Authentication, and don't pass the Proxy-Authorize
6438 header to the remote host in the proxy. [Sameer Parekh and
6441 *) Upgraded mod_rewrite from 3.0.6+ to latest officially available version
6442 3.0.9. This upgrade includes: fixed deadlooping on rewriting to same
6443 URLs, fixed rewritelog(), fixed forced response code handling on
6444 redirects from within .htaccess files, disabled pipe locking under
6445 braindead SunOS 4.1.x, allow env variables to be set even on rules with
6446 no substitution, bugfixed situations where HostnameLookups is off, made
6447 mod_rewrite more thread-safe for NT port and fixed problem when creating
6448 an empty query string via "xxx?".
6449 This update also removes the copyright of Ralf S. Engelschall,
6450 i.e. now mod_rewrite no longer has a shared copyright. Instead is is
6451 exclusively copyrighted by the Apache Group now. This happened because
6452 the author now has gifted mod_rewrite exclusively to the Apache Group and
6453 no longer maintains an external version.
6454 [Ralf S. Engelschall]
6456 *) API: Added child_init function to module structure. This is called
6457 once per "heavy-weight process" before any requests are handled.
6458 See http_config.h for more details. [Dean Gaudet]
6460 *) Anonymous_LogEmail was logging on each subrequest.
6461 [Dean Gaudet] PR#421, 868
6463 *) API: Added is_initial_req() which tests if the request being
6464 processed is the initial request, or a subrequest.
6467 *) Extended SSI (mod_include) now handles additional relops for
6468 string comparisons (<, >, <=, and >=). [Bruno Wolff III] PR#41
6470 *) Configure fixed to correctly propagate user-selected options and
6471 settings (such as CC and OPTIM) to Makefiles other than
6472 src/Makefile (notably support/Makefile). [Ken Coar] PR#666, #834
6474 *) IndexOptions SuppressHTMLPreamble now causes the actual HTML of
6475 directory indices to start with the contents of the HeaderName file
6476 if there is one. If there isn't one, the behaviour is unchanged.
6477 [Ken Coar, Roy Fielding, Andrey A. Chernov]
6479 *) WIN32: Modules can now be dynamically loaded DLLs using the
6480 LoadModule/LoadFile directives. Note that module DLLs must be
6481 compiled with the multithreaded DLL version of the runtime library.
6482 [Alexei Kosut and Ben Laurie]
6484 *) Automatic indexing removed from mod_dir and placed into mod_autoindex.
6485 This allows the admin to completely remove automatic indexing
6486 from the server, while still supporting the basic functions of
6487 trailing-slash redirects and DirectoryIndex files. Note that if
6488 you're carrying over an old Configuration file and you use directory
6489 indexing then you'll want to add:
6491 Module autoindex_module mod_autoindex.o
6493 before mod_dir in your Configuration. [Dean Gaudet]
6495 *) popendir/pclosedir created to properly protect directory scanning.
6496 [Dean Gaudet] PR#525
6498 *) AliasMatch, ScriptAliasMatch and RedirectMatch directives added,
6499 giving regex support to mod_alias. <DirectoryMatch>, <LocationMatch>
6500 and <FilesMatch> sections added to succeed <DirectoryMatch ~>, etc...
6503 *) The AccessFileName directive can now take more than one filename.
6504 ["Lou D. Langholtz" <ldl@usi.utah.edu>]
6506 *) The new mod_mime_magic can be used to "magically" determine the type
6507 of a file if the extension is unknown. Based on the unix file(1)
6508 command. [Ian Kluft <ikluft@cisco.com>]
6510 *) We now determine and display the time spent processing a
6511 request if desired. [Jim Jagielski]
6513 *) mod_status: PID field of "dead" child slots no longer displays
6514 main httpd process's PID. [Jim Jagielski]
6516 *) Makefile.nt added - to build all the bits from the command line:
6517 nmake -f Makefile.nt
6518 Doesn't yet work properly. [Ben Laurie]
6520 *) Default text of 404 error is now "Not Found" rather than the
6521 potentially misleading "File Not Found". [Ken Coar]
6523 *) CONFIG: "HostnameLookups" now defaults to off because it is far better
6524 for the net if we require people that actually need this data to
6525 enable it. [Linus Torvalds]
6527 *) directory_walk() is an expensive function, keep a little more state to
6528 avoid needless string counting. Add two new functions make_dirstr_parent
6529 and make_dirstr_prefix which replace all existing uses of make_dirstr.
6530 The new functions are a little less general than make_dirstr, but
6531 work more efficiently (less memory, less string counting).
6534 *) EXTRA_LFLAGS was changed to EXTRA_LDFLAGS (and LFLAGS was changed
6535 to LDFLAGS) to avoid complications with lex rules in make files.
6536 [Dean Gaudet] PR#372
6538 *) run_method optimized to avoid needless scanning over NULLs in the
6539 module list. [Dean Gaudet]
6541 *) Revamp of (unix) scoreboard management code such that it avoids
6542 unnecessary traversals of the scoreboard on each hit. This is
6543 particularly important for high volume sites with a large
6544 HARD_SERVER_LIMIT. Some of the previous operations were O(n^2),
6545 and are now O(n). See also SCOREBOARD_MAINTENANCE_INTERVAL in
6546 httpd.h. [Dean Gaudet]
6548 *) In configurations using multiple Listen statements it was possible for
6549 busy sockets to starve other sockets of service. [Dean Gaudet]
6551 *) Added hook so standalone_main can be replaced at compile time
6552 (define STANDALONE_MAIN)
6555 *) Lowest-level read/write functions in buff.c will be replaced with
6556 the SFIO library calls sfread/sfwrite if B_SFIO is defined at
6557 compile time. The default sfio discipline will behave as apache
6558 would without sfio compiled in.
6561 *) Enhance UserDir directive (mod_userdir) to accept a list of
6562 usernames for the 'disable' keyword, and add 'enable user...' to
6563 selectively *en*able userdirs if they're globally disabled.
6566 *) If NETSCAPE_DBM_COMPAT is defined in EXTRA_CFLAGS then Apache
6567 will work with Netscape dbm files. (dbmmanage will probably not
6568 work however.) [Alexander Spohr <aspohr@netmatic.com>] PR#444
6570 *) Add a ListenBacklog directive to control the backlog parameter
6571 passed to listen(). Also change the default to 511 from 512.
6574 *) API: A new handler response DONE which informs apache that the
6575 request has been handled and it can finish off quickly, similar to
6576 how it handles errors. [Rob Hartill]
6578 *) Turn off chunked encoding after sending terminating chunk/footer
6579 so that we can't do it twice by accident. [Roy Fielding]
6581 *) mod_expire also issues Cache-Control: max-age headers.
6584 *) API: Added kill_only_once option for free_proc_chain so that it won't
6585 aggressively try to kill off specific children. For fastcgi.
6586 [Stanley Gambarin <gambarin@OpenMarket.com>]
6588 *) mod_auth deals with extra ':' delimited fields. [Marc Slemko]
6590 *) Added IconHeight and IconWidth to mod_dir's IndexOptions directive.
6591 When used together, these cause mod_dir to emit HEIGHT and WIDTH
6592 attributes in the FancyIndexing IMG tags. [Ken Coar]
6594 *) PORT: Sequent and SONY NEWS-OS support added. [Jim Jagielski]
6596 *) PORT: Added Windows NT support
6597 [Ben Laurie and Ambarish Malpani <ambarish@valicert.com>]
6599 Changes with Apache 1.2.6
6601 *) mod_include when using XBitHack Full would send ETags in addition to
6602 sending Last-Modifieds. This is incorrect HTTP/1.1 behaviour.
6603 [Dean Gaudet] PR#1133
6605 *) SECURITY: When a client connects to a particular port/addr, and
6606 gives a Host: header ensure that the virtual host requested can
6607 actually be reached via that port/addr. [Ed Korthof <ed@organic.com>]
6609 *) Support virtual hosts with wildcard port and/or multiple ports
6610 properly. [Ed Korthof <ed@organic.com>]
6612 *) Fixed some case-sensitivity issues according to RFC2068.
6615 *) Set r->allowed properly in mod_asis.c, mod_dir.c, mod_info.c,
6616 and mod_include.c. [Dean Gaudet]
6618 *) Variable 'cwd' was being used pointlessly before being set.
6621 *) SIGURG doesn't exist on all platforms.
6622 [Mark Andrew Heinrich <heinrich@tinderbox.Stanford.EDU>]
6624 *) When an error occurs during a POST, or other operation with a
6625 request body, the body has to be read from the net before allowing
6626 a keepalive session to continue. [Roy Fielding] PR#1399
6628 *) When an error occurs in fcntl() locking suggest the user look up
6629 the docs for LockFile. [Dean Gaudet]
6631 *) table_set() and table_unset() did not deal correctly with
6632 multiple occurrences of the same key. [Stephen Scheck
6633 <sscheck@infonex.net>, Ben Laurie] PR#1604
6635 *) send_fd_length() did not calculate total_bytes_sent properly in error
6636 cases. [Ben Reser <breser@regnow.com>] PR#1366
6638 *) r->connection->user was allocated in the wrong pool causing corruption
6639 in some cases when used with mod_cern_meta. [Dean Gaudet] PR#1500
6641 *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake.
6642 Also removed the auto-generated link to www.apache.org that was the
6643 source of so many misdirected bug reports. [Roy Fielding, Marc Slemko]
6645 *) Multiple "close" tokens may have been set in the "Connection"
6646 header, not an error, but a waste.
6647 [Ronald.Tschalaer@psi.ch] PR#1683
6649 *) "basic" and "digest" auth tokens should be tested case-insensitive.
6650 [Ronald.Tschalaer@psi.ch] PR#1599, PR#1666
6652 *) It appears the "257th byte" bug (see
6653 htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
6654 at the 256th byte as well. Fixed. [Dean Gaudet]
6656 *) mod_rewrite would not handle %3f properly in some situations.
6659 *) Apache could generate improperly chunked HTTP/1.1 responses when
6660 the bputc() or rputc() functions were used by modules (such as
6661 mod_include). [Dean Gaudet]
6663 *) #ifdef wrap a few #defines in httpd.h to make life easier on
6664 some ports. [Ralf Engelschall]
6666 *) Fix MPE compilation error in mod_usertrack.c. [Mark Bixby]
6668 *) Quote CC='$(CC)' to improve recurse make calls. [Martin Kraemer]
6670 *) Avoid B_ERROR redeclaration on sysvr4 systems. [Martin Kraemer]
6672 Changes with Apache 1.2.5
6674 *) SECURITY: Fix a possible buffer overflow in logresolve. This is
6675 only an issue on systems without a MAXDNAME define or where
6676 the resolver returns domain names longer than MAXDNAME. [Marc Slemko]
6678 *) Fix an improper length in an ap_snprintf call in proxy_date_canon().
6681 *) Fix core dump in the ftp proxy when reading incorrectly formatted
6682 directory listings. [Marc Slemko]
6684 *) SECURITY: Fix possible minor buffer overflow in the proxy cache.
6687 *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which
6688 is used to read various types of files such as htaccess and
6689 htpasswd files. [Marc Slemko]
6691 *) SECURITY: Ensure that the buffer returned by ht_time is always
6692 properly null terminated. [Marc Slemko]
6694 *) SECURITY: General mod_include cleanup, including fixing several
6695 possible buffer overflows and a possible infinite loop. This cleanup
6696 was done against 1.3 code and then backported to 1.2, the result
6697 is a large difference (due to indentation cleanup in 1.3 code).
6698 Users interested in seeing a smaller set of relevant differences
6699 should consider comparing against src/modules/standard/mod_include.c
6700 from the 1.3b3 release. Non-indentation changes to mod_include
6701 between 1.2 and 1.3 were minimal. [Dean Gaudet, Marc Slemko]
6703 *) SECURITY: Numerous changes to mod_imap in a general cleanup
6704 including fixing a possible buffer overflow. This cleanup also
6705 was done with 1.3 code as a basis, see the the previous note
6706 about mod_include. [Dean Gaudet]
6708 *) SECURITY: If a htaccess file can not be read due to bad
6709 permissions, deny access to the directory with a HTTP_FORBIDDEN.
6710 The previous behavior was to ignore the htaccess file if it could not
6711 be read. This change may make some setups with unreadable
6712 htaccess files stop working. PR#817 [Marc Slemko]
6714 *) SECURITY: no2slash() was O(n^2) in the length of the input.
6715 Make it O(n). This inefficiency could be used to mount a denial
6716 of service attack against the Apache server. Thanks to
6717 Michal Zalewski <lcamtuf@boss.staszic.waw.pl> for reporting
6720 *) mod_include used uninitialized data for some uses of && and ||.
6721 [Brian Slesinsky <bslesins@wired.com>] PR#1139
6723 *) mod_imap should decline all non-GET methods.
6724 [Jay Bloodworth <jay@pathways.sde.state.sc.us>]
6726 *) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
6728 *) mod_userdir was modifying r->finfo in cases where it wasn't setting
6729 r->filename. Since those two are meant to be in sync with each other
6730 this is a bug. ["Paul B. Henson" <henson@intranet.csupomona.edu>]
6732 *) mod_include did not properly handle all possible redirects from sub-
6733 requests. [Ken Coar]
6735 *) Inetd mode (which is buggy) uses timeouts without having setup the
6736 jmpbuffer. [Dean Gaudet] PR#1064
6738 *) Work around problem under Linux where a child will start looping
6739 reporting a select error over and over.
6740 [Rick Franchuk <rickf@transpect.net>] PR#1107
6742 Changes with Apache 1.2.4
6744 *) The ProxyRemote change in 1.2.3 introduced a bug resulting in the proxy
6745 always making requests with the full-URI instead of just the URI path.
6746 [Marc Slemko, Roy Fielding]
6748 *) Add -lm for AIX versions >= 4.2 to allow Apache to link properly
6749 on this platform. [Marc Slemko]
6751 Changes with Apache 1.2.3
6753 *) The request to a remote proxy was mangled if it was generated as the
6754 result of a ProxyPass directive. URL schemes other than http:// were not
6755 supported when ProxyRemote was used. PR#260, PR#656, PR#699, PR#713,
6756 PR#812 [Lars Eilebrecht]
6758 *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging
6759 information for case where proxy module is not available. [Marc Slemko]
6761 *) Force proxy to always respond as HTTP/1.0, which it was failing to
6762 do for errors and cached responses. [Roy Fielding]
6764 *) PORT: Improved support for ConvexOS 11. [Jeff Venters]
6766 Changes with Apache 1.2.2 [not released]
6768 *) Fixed another long-standing bug in sub_req_lookup_file where it would
6769 happily skip past access checks on subdirectories looked up with relative
6770 paths. (It's used by mod_dir, mod_negotiation, and mod_include.)
6773 *) Add lockfile name to error message printed out when
6774 USE_FLOCK_SERIALIZED_ACCEPT is defined.
6777 *) Enhanced the chunking and error handling inside the buffer functions.
6778 [Dean Gaudet, Roy Fielding]
6780 *) When merging the main server's <Directory> and <Location> sections into
6781 a vhost, put the main server's first and the vhost's second. Otherwise
6782 the vhost can't override the main server. [Dean Gaudet] PR#717
6784 *) The <Directory> code would merge and re-merge the same section after
6785 a match was found, possibly causing problems with some modules.
6788 *) Fixed an infinite loop in mod_imap for references above the server root.
6789 [Dean Gaudet] PR#748
6791 *) mod_include cleanup showed that handle_else was being used to handle
6792 endif. It didn't cause problems, but it was cleaned up too.
6795 *) Last official synchronization of mod_rewrite with author version (because
6796 mod_rewrite is now directly developed by the author at the Apache Group):
6797 o added diff between mod_rewrite 3.0.6+ and 3.0.9
6798 minus WIN32/NT stuff, but plus copyright removement.
6800 - workaround for detecting infinite rewriting loops
6801 - fixed setting of env vars when "-" is used as subst string
6802 - fixed forced response code on redirects (PR#777)
6803 - fixed cases where r->args is ""
6804 - kludge to disable locking on pipes under braindead SunOS
6805 - fix for rewritelog in cases where remote hostname is unknown
6806 - fixed totally damaged request_rec walk-back loop
6807 o remove static from local data and add static to global ones.
6808 o replaced ugly proxy finding stuff by simple
6809 find_linked_module("mod_proxy") call.
6810 o added missing negation char on rewritelog()
6811 o fixed a few comment typos
6812 [Ralf S. Engelschall]
6814 *) Anonymous_LogEmail was logging on each subrequest.
6815 [Dean Gaudet] PR#421, PR#868
6817 *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to
6818 begin with. "nokeepalive" now works for HTTP/1.1 clients. Added
6819 "downgrade-1.0" which causes Apache to pretend it received a 1.0.
6820 Additionally mod_browser now triggers during translate_name to workaround
6821 a deficiency in the header_parse phase.
6822 [Dean Gaudet] PR#875
6824 *) get_client_block() returns wrong length if policy is
6825 REQUEST_CHUNKED_DECHUNK.
6826 [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#815
6828 *) Properly treat <files> container like other containers in mod_info.
6829 [Marc Slemko] PR#848
6831 *) The proxy didn't treat the "Host:" keyword of the host header as case-
6832 insensitive. The proxy would corrupt the first line of a response from
6833 an HTTP/0.9 server. [Kenichi Hori <ken@d2.bs1.fc.nec.co.jp>] PR#813,814
6835 *) mod_include would log some bogus values occasionally.
6836 [Skip Montanaro <skip@calendar.com>, Marc Slemko] PR#797
6838 *) PORT: The slack fd changes in 1.2.1 introduced a problem with SIGHUP
6839 under Solaris 2.x (up through 2.5.1). It has been fixed.
6840 [Dean Gaudet] PR#832
6842 *) API: In HTTP/1.1, whether or not a request message contains a body
6843 is independent of the request method and based solely on the presence
6844 of a Content-Length or Transfer-Encoding. Therefore, our default
6845 handlers need to be prepared to read a body even if they don't know
6846 what to do with it; otherwise, the body would be mistaken for the
6847 next request on a persistent connection. discard_request_body()
6848 has been added to take care of that. [Roy Fielding] PR#378
6850 *) API: Symbol APACHE_RELEASE provides a numeric form of the Apache
6851 release version number, such that it always increases along the
6852 same lines as our source code branching. [Roy Fielding]
6854 *) Minor oversight on multiple variants fixed. [Paul Sutton] PR#94
6856 Changes with Apache 1.2.1
6858 *) SECURITY: Don't serve file system objects unless they are plain files,
6859 symlinks, or directories. This prevents local users from using pipes
6860 or named sockets to invoke programs for an extremely crude form of
6863 *) SECURITY: HeaderName and ReadmeName were settable in .htaccess and
6864 could contain "../" allowing a local user to "publish" any file on
6865 the system. No slashes are allowed now. [Dean Gaudet]
6867 *) SECURITY: It was possible to violate the symlink Options using mod_dir
6868 (headers, readmes, titles), mod_negotiation (type maps), or
6869 mod_cern_meta (meta files). [Dean Gaudet]
6871 *) SECURITY: Apache will refuse to run as "User root" unless
6872 BIG_SECURITY_HOLE is defined at compile time. [Dean Gaudet]
6874 *) CONFIG: If a symlink pointed to a directory then it would be disallowed
6875 if it contained a .htaccess disallowing symlinks. This is contrary
6876 to the rule that symlink permissions are tested with the symlink
6877 options of the parent directory. [Dean Gaudet] PR#353
6879 *) CONFIG: The LockFile directive can be used to place the serializing
6880 lockfile in any location. It previously defaulted to /usr/tmp/htlock.
6881 [Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
6884 *) Request processing now retains state of whether or not the request
6885 body has been read, so that internal redirects and subrequests will
6886 not try to read it twice (and block). [Roy Fielding]
6888 *) Add a placeholder in modules/Makefile to avoid errors with certain
6889 makes. [Marc Slemko]
6891 *) QUERY_STRING was unescaped in mod_include, it shouldn't be.
6892 [Dean Gaudet] PR#644
6894 *) mod_include was not properly changing the current directory.
6895 [Marc Slemko] PR#742
6897 *) Attempt to work around problems with third party libraries that do not
6898 handle high numbered descriptors (examples include bind, and
6899 solaris libc). On all systems apache attempts to keep all permanent
6900 descriptors above 15 (called the low slack line). Solaris users
6901 can also benefit from adding -DHIGH_SLACK_LINE=256 to EXTRA_CFLAGS
6902 which keeps all non-FILE * descriptors above 255. On all systems
6903 this should make supporting large numbers of vhosts with many open
6904 log files more feasible. If this causes trouble please report it,
6905 you can disable this workaround by adding -DNO_SLACK to EXTRA_CFLAGS.
6906 [Dean Gaudet] various PRs
6908 *) Related to the last entry, network sockets are now opened before
6909 log files are opened. The only known case where this can cause
6910 problems is under Solaris with many virtualhosts and many Listen
6911 directives. But using -DHIGH_SLACK_LINE=256 described above will
6912 work around this problem. [Dean Gaudet]
6914 *) USE_FLOCK_SERIALIZED_ACCEPT is now default for FreeBSD, A/UX, and
6917 *) Improved unix error response logging. [Marc Slemko]
6919 *) Update mod_rewrite from 3.0.5 to 3.0.6. New ruleflag
6920 QSA=query_string_append. Also fixed a nasty bug in per-dir context:
6921 when a URL http://... was used in conjunction with a special
6922 redirect flag, e.g. R=permanent, the permanent status was lost.
6923 [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>, Ralf S. Engelschall]
6925 *) If an object has multiple variants that are otherwise equal Apache
6926 would prefer the last listed variant rather than the first.
6929 *) "make clean" at the top level now removes *.o. [Dean Gaudet] PR#752
6931 *) mod_status dumps core in inetd mode. [Marc Slemko and Roy Fielding]
6934 *) pregsub had an off-by-1 in its error checking code. [Alexei Kosut]
6936 *) PORT: fix rlim_t problems with AIX 4.2. [Marc Slemko] PR#333
6938 *) PORT: Update UnixWare support for 2.1.2.
6939 [Lawrence Rosenman <ler@lerctr.org>] PR#511
6941 *) PORT: NonStop-UX [Joachim Schmitz <schmitz_joachim@tandem.com>] PR#327
6943 *) PORT: Update ConvexOS support for 11.5.
6944 [David DeSimone <fox@convex.com>] PR#399
6946 *) PORT: Support for DEC cc compiler under ULTRIX.
6947 ["P. Alejandro Lopez-Valencia" <alejolo@ideam.gov.co>] PR#388
6949 *) PORT: Support for Maxion/OS SVR4.2 Real Time Unix. [no name given] PR#383
6951 *) PORT: Workaround for AIX 3.x compiler bug in http_bprintf.c.
6952 [Marc Slemko] PR#725
6954 *) PORT: fix problem compiling http_bprintf.c with gcc under SCO
6955 [Marc Slemko] PR#695
6957 Changes with Apache 1.2
6959 Changes with Apache 1.2b11
6961 *) Fixed open timestamp fd in proxy_cache.c [Chuck Murcko]
6963 *) Added undocumented perl SSI mechanism for -DUSE_PERL_SSI and mod_perl.
6964 [Doug MacEachern, Rob Hartill]
6966 *) Proxy needs to use hard_timeout instead of soft_timeout when it is
6967 reading from one buffer and writing to another, at least until it has
6968 a custom timeout handler. [Roy Fielding and Petr Lampa]
6970 *) Fixed problem on IRIX with servers hanging in IdentityCheck,
6971 apparently due to a mismatch between sigaction and setjmp.
6972 [Roy Fielding] PR#502
6974 *) Log correct status code if we timeout before receiving a request (408)
6975 or if we received a request-line that was too long to process (414).
6976 [Ed Korthof and Roy Fielding] PR#601
6978 *) Virtual hosts with the same ServerName, but on different ports, were
6979 not being selected properly. [Ed Korthof]
6981 *) Added code to return the requested IP address from proxy_host2addr()
6982 if gethostbyaddr() fails due to reverse DNS lookup problems. Original
6983 change submitted by Jozsef Hollosi <hollosi@sbcm.com>.
6984 [Chuck Murcko] PR#614
6986 *) If multiple requests on a single connection are used to retrieve
6987 data from different virtual hosts, the virtual host list would be
6988 scanned starting with the most recently used VH instead of the first,
6989 causing most virtual hosts to be ignored.
6990 [Paul Sutton and Martin Mares] PR#610
6992 *) The OS/2 handling of process group was broken by a porting patch for
6993 MPE, so restored prior code for OS/2. [Roy Fielding and Garey Smiley]
6995 *) Inherit virtual server port from main server if none (or "*") is
6996 given for VirtualHost. [Dean Gaudet] PR#576
6998 *) If the lookup for a DirectoryIndex name with content negotiation
6999 has found matching variants, but none are acceptable, return the
7000 negotiation result if there are no more DirectoryIndex names to lookup.
7001 [Petr Lampa and Roy Fielding]
7003 *) If a soft_timeout occurs after keepalive is set, then the main child
7004 loop would try to read another request even though the connection
7005 has been aborted. [Roy Fielding]
7007 *) Configure changes: Allow for whitespace at the start of a
7008 Module declaration. Also, be more understanding about the
7009 CC=/OPTIM= format in Configuration. Finally, fix compiler
7010 flags if using HP-UX's cc compiler. [Jim Jagielski]
7012 *) Subrequests and internal redirects now inherit the_request from the
7013 original request-line. [Roy Fielding]
7015 *) Test for error conditions before creating output header fields, since
7016 we don't want the error message to include those fields. Likewise,
7017 reset the content_language(s) and content_encoding of the response
7018 before generating or redirecting to an error message, since the new
7019 message will have its own Content-* definitions. [Dean Gaudet]
7021 *) Restored the semantics of headers_out (headers sent only with 200..299
7022 and 304 responses) and err_headers_out (headers sent with all responses).
7023 Avoid the overhead of copying tables if err_headers_out is empty
7024 (the usual case). [Roy Fielding]
7026 *) Fixed a couple places where a check for the default Content-Type was
7027 not properly checking both the value configured by the DefaultType
7028 directive and the DEFAULT_TYPE symbol in httpd.h. Changed the value
7029 of DEFAULT_TYPE to match the documented default (text/plain).
7030 [Dean Gaudet] PR#506
7032 *) Escape the HTML-sensitive characters in the Request-URI that is
7033 output for each child by mod_status. [Dean Gaudet and Ken Coar] PR#501
7035 *) Properly initialize the flock structures used by the mutex locking
7036 around accept() when USE_FCNTL_SERIALIZED_ACCEPT is defined.
7039 *) The method for determining PATH_INFO has been restored to the pre-1.2b
7040 (and NCSA httpd) definition wherein it was the extra path info beyond
7041 the CGI script filename. The environment variable FILEPATH_INFO has
7042 been removed, and instead we supply the original REQUEST_URI to any
7043 script that wants to be Apache-specific and needs the real URI path.
7044 This solves a problem with existing scripts that use extra path info
7045 in the ScriptAlias directive to pass options to the CGI script.
7048 *) The _default_ change in 1.2b10 will change the behaviour on configs
7049 that use multiple Listen statements for listening on multiple ports.
7050 But that change is necessary to make _default_ consistent with other
7051 forms of <VirtualHost>. It requires such configs to be modified
7052 to use <VirtualHost _default_:*>. The documentation has been
7053 updated. [Dean Gaudet] PR#530
7055 *) If an ErrorDocument CGI script is used to respond to an error
7056 generated by another CGI script which has already read the message
7057 body of the request, the server would block trying to read the
7058 message body again. [Rob Hartill]
7060 *) signal() replacement conflicted with a define on QNX (and potentially
7061 other platforms). Fixed. [Ben Laurie] PR#512
7063 Changes with Apache 1.2b10
7065 *) Allow HTTPD_ROOT, SERVER_CONFIG_FILE, DEFAULT_PATH, and SHELL_PATH
7066 to be configured via -D in Configuration. [Dean Gaudet] PR#449
7068 *) <VirtualHost _default_:portnum> didn't work properly. [Dean Gaudet]
7070 *) Added prototype for mktemp() for SUNOS4 [Marc Slemko]
7072 *) In mod_proxy.c, check return values for proxy_host2addr() when reading
7073 config, in case the hostent struct returned is trash.
7074 [Chuck Murcko] PR #491
7076 *) Fixed the fix in 1.2b9 for parsing URL query info into args for CGI
7077 scripts. [Dean Gaudet, Roy Fielding, Marc Slemko]
7079 Changes with Apache 1.2b9 [never announced]
7081 *) Reset the MODULE_MAGIC_NUMBER to account for the unsigned port
7082 changes and in anticipation of 1.2 final release. [Roy Fielding]
7084 *) Fix problem with scripts not receiving a SIGPIPE when client drops
7085 the connection (e.g., when user presses Stop). Apache will now stop
7086 trying to send a message body immediately after an error from write.
7087 [Roy Fielding and Nathan Kurz] PR#335
7089 *) Rearrange Configuration.tmpl so that mod_rewrite has higher priority
7090 than mod_alias, and mod_alias has higher priority than mod_proxy;
7091 rearranged other modules to enhance understanding of their purpose
7092 and relative order (and maybe even reduce some overhead).
7093 [Roy Fielding and Sameer Parekh]
7095 *) Fix graceful restart. Eliminate many signal-related race
7096 conditions in both forms of restart, and in SIGTERM. See
7097 htdocs/manual/stopping.html for details on stopping and
7098 restarting the parent. [Dean Gaudet]
7100 *) Fix memory leaks in mod_rewrite, mod_browser, mod_include. Tune
7101 memory allocator to avoid a behaviour that required extra blocks to
7102 be allocated. [Dean Gaudet]
7104 *) Allow suexec to access files relative to current directory but not
7105 above. (Excluding leading / or any .. directory.) [Ken Coar]
7108 *) Fix suexec segfault when group doesn't exist. [Gregory Neil Shapiro]
7109 PR#367, 368, 354, 453
7111 *) Fix the above fix: if suexec is enabled, avoid destroying r->url
7112 while obtaining the /~user and save the username in a separate data
7113 area so that it won't be overwritten by the call to getgrgid(), and
7114 fix some misuse of the pool string allocation functions. Also fixes
7115 a general problem with parsing URL query info into args for CGI scripts.
7116 [Roy Fielding] PR#339, 367, 354, 453
7118 *) Fix IRIX warning about bzero undefined. [Marc Slemko]
7120 *) Fix problem with <Directory proxy:...>. [Martin Kraemer] PR#271
7122 *) Corrected spelling of "authoritative". AuthDBAuthoratative became
7123 AuthDBAuthoritative. [Marc Slemko] PR#420
7125 *) MaxClients should be at least 1. [Lars Eilebrecht] PR#375
7127 *) The default handler now logs invalid methods or URIs (i.e. PUT on an
7128 object that can't be PUT, or FOOBAR for some method FOOBAR that
7129 apache doesn't know about at all). Log 404s that occur in mod_include.
7130 [Paul Sutton, John Van Essen]
7132 *) If a soft timeout (or lingerout) occurs while trying to flush a
7133 buffer or write inside buff.c or fread'ing from a CGI's output,
7134 then the timeout would be ignored. [Roy Fielding] PR#373
7136 *) Work around a bug in Netscape Navigator versions 2.x, 3.x and 4.0b2's
7137 parsing of headers. If the terminating empty-line CRLF occurs starting
7138 at the 256th or 257th byte of output, then Navigator will think a normal
7139 image is invalid. We are guessing that this is because their initial
7140 read of a new request uses a 256 byte buffer. We check the bytes written
7141 so far and, if we are about to tickle the bug, we instead insert a
7142 padding header of eminent bogosity. [Roy Fielding and Dean Gaudet] PR#232
7144 *) Fixed SIGSEGV problem when a DirectoryIndex file is also the source
7145 of an external redirection. [Roy Fielding and Paul Sutton]
7147 *) Configure would create a broken Makefile if the configuration file
7148 contained a commented-out Rule. [Roy Fielding]
7150 *) Promote per_dir_config and subprocess_env from the subrequest to the
7151 main request in mod_negotiation. In particular this fixes a bug
7152 where <Files> sections wouldn't properly apply to negotiated content.
7155 *) Fix a potential deadlock in mod_cgi script_err handling.
7156 [Ralf S. Engelschall]
7158 *) rotatelogs zero-pads the logfile names to improve alphabetic sorting.
7161 *) Updated mod_rewrite to 3.0.4: Fixes HTTP redirects from within
7162 .htaccess files because the RewriteBase was not replaced correctly.
7163 Updated mod_rewrite to 3.0.5: Fixes problem with rewriting inside
7164 <Directory> sections missing a trailing /. [Ralf S. Engelschall]
7166 *) Clean up Linux settings in conf.h by detecting 2.x versus 1.x. For
7167 1.x the settings are those of pre-1.2b8. For 2.x we include
7168 USE_SHMGET_SCOREBOARD (scoreboard in shared memory rather than file) and
7169 HAVE_SYS_RESOURCE_H (enable the RLimit commands).
7170 [Dean Gaudet] PR#336, PR#340
7172 *) Redirect did not preserve ?query_strings when present in the client's
7173 request. [Dean Gaudet]
7175 *) Configure was finding non-modules on EXTRA_LIBS. [Frank Cringle] PR#380
7177 *) Use /bin/sh5 on ULTRIX. [P. Alejandro Lopez-Valencia] PR#369
7179 *) Add UnixWare compile/install instructions. [Chuck Murcko]
7181 *) Add mod_example (illustration of API techniques). [Ken Coar]
7183 *) Add macro for memmove to conf.h for SUNOS4. [Marc Slemko]
7185 *) Improve handling of directories when filenames have spaces in them.
7188 *) For hosts with multiple IP addresses, try all additional addresses if
7189 necessary to get a connect. Fail only if hostent address list is
7190 exhausted. [Chuck Murcko]
7192 *) More signed/unsigned port fixes. [Dean Gaudet]
7194 *) HARD_SERVER_LIMIT can be defined in the Configuration file now.
7197 Changes with Apache 1.2b8
7199 *) suexec.c doesn't close the log file, allowing CGIs to continue writing
7200 to it. [Marc Slemko]
7202 *) The addition of <Location> and <File> directives made the
7203 sub_req_lookup_simple() function bogus, so we now handle
7204 the special cases directly. [Dean Gaudet]
7206 *) We now try to log where the server is dumping core when a fatal
7207 signal is received. [Ken Coar]
7209 *) Improved lingering_close by adding a special timeout, removing the
7210 spurious log messages, removing the nonblocking settings (they
7211 are not needed with the better timeout), and adding commentary
7212 about the NO_LINGCLOSE and USE_SO_LINGER issues. NO_LINGCLOSE is
7213 now the default for SunOS4, UnixWare, NeXT, and IRIX. [Roy Fielding]
7215 *) Send error messages about setsockopt failures to the server error
7216 log instead of stderr. [Roy Fielding]
7218 *) Fix loopholes in proxy cache expiry vis a vis alarms. [Brian Moore]
7220 *) Stopgap solution for CGI 3-second delay with server-side includes: if
7221 processing a subrequest, allocate memory from r->main->pool instead
7222 of r->pool so that we can avoid waiting for free_proc_chain to cleanup
7223 in the middle of an SSI request. [Dean Gaudet] PR #122
7225 *) Fixed status of response when POST is received for a nonexistent URL
7226 (was sending 405, now 404) and when any method is sent with a
7227 full-URI that doesn't match the server and the server is not acting
7228 as a proxy (was sending 501, now 403). [Roy Fielding]
7230 *) Host port changed to unsigned short. [Ken Coar] PR #276
7232 *) Fix typo in command definition of AuthAuthoritative. [Ken Coar] PR #246
7234 *) Defined USE_SHMGET_SCOREBOARD for shared memory on Linux. [Dean Gaudet]
7236 *) Report extra info from errno with many errors that cause httpd to exit.
7237 spawn_child, popenf, and pclosef now have valid errno returns in the
7238 event of an error. Correct problems where errno was stomped on
7239 before being reported. [Dean Gaudet]
7241 *) In the proxy, if the cache filesystem was full, garbage_coll() was
7242 never called, and thus the filesystem would remain full indefinitely.
7243 We now also remove incomplete cache files left if the origin server
7244 didn't send a Content-Length header and either the client has aborted
7245 transfer or bwrite() to client has failed. [Petr Lampa]
7247 *) Fixed the handling of module and script-added header fields.
7248 Improved the interface for sending header fields and reduced
7249 the duplication of code between sending okay responses and errors.
7250 We now always send both headers_out and err_headers_out, and
7251 ensure that the server-reserved fields are not being overridden,
7252 while not overriding those that are not reserved. [Roy Fielding]
7254 *) Moved transparent content negotiation fields to err_headers_out
7255 to reflect above changes. [Petr Lampa]
7257 *) Fixed the determination of whether or not we should make the
7258 connection persistent for all of the cases where some other part
7259 of the server has already indicated that we should not. Also
7260 improved the ordering of the test so that chunked encoding will
7261 be set whenever it is desired instead of only when KeepAlive
7262 is enabled. Added persistent connection capability for most error
7263 responses (those that do not indicate a bad input stream) when
7264 accessed by an HTTP/1.1 client. [Roy Fielding]
7266 *) Added missing timeouts for sending header fields, error responses,
7267 and the last chunk of chunked encoding, each of which could have
7268 resulted in a process being stuck in write forever. Using soft_timeout
7269 requires that the sender check for an aborted connection rather than
7270 continuing after an EINTR. Timeouts that used to be initiated before
7271 send_http_header (and never killed) are now initiated only within or
7272 around the routines that actually do the sending, and not allowed to
7273 propagate above the caller. [Roy Fielding]
7275 *) mod_auth_anon required an @ or a . in the email address, not both.
7278 *) per_dir_defaults weren't set correctly until directory_walk for
7279 name-based vhosts. This fixes an obscure bug with the wrong config
7280 info being used for vhosts that share the same ip as the server.
7283 *) Improved generation of modules/Makefile to be more generic for
7284 new module directories. [Ken Coar, Chuck Murcko, Roy Fielding]
7286 *) Generate makefile dependency for Configuration based on the actual
7287 name given when running the Configure process. [Dean Gaudet]
7289 *) Fixed problem with vhost error log not being set prior to
7290 initializing virtual hosts. [Dean Gaudet]
7292 *) Fixed infinite loop when a trailing slash is included after a type map
7293 file URL (extra path info). [Petr Lampa]
7295 *) Fixed server status updating of per-connection counters. [Roy Fielding]
7297 *) Add documentation for DNS issues (reliability and security), and try
7298 to explain the virtual host matching process. [Dean Gaudet]
7300 *) Try to continue gracefully by disabling the vhost if a DNS lookup
7301 fails while parsing the configuration file. [Dean Gaudet]
7303 *) Improved calls to setsockopt. [Roy Fielding]
7305 *) Negotiation changes: Don't output empty content-type in variant list;
7306 Output charset in variant list; Return sooner from handle_multi() if
7307 no variants found; Add handling of '*' wildcard in Accept-Charset.
7308 [Petr Lampa and Paul Sutton]
7310 *) Fixed overlaying of request/sub-request notes and headers in
7311 mod_negotiation. [Dean Gaudet]
7313 *) If two variants' charset quality are equal and one is the default
7314 charset (iso-8859-1), then prefer the variant that was specifically
7315 listed in Accept-Charset instead of the default. [Petr Lampa]
7317 *) Memory allocation problem in push_array() -- it would corrupt memory
7318 when nalloc==0. [Kai Risku <krisku@tf.hut.fi> and Roy Fielding]
7320 *) invoke_handler() doesn't handle mime arguments in content-type
7323 *) Reduced IdentityCheck timeout to 30 seconds, as per RFC 1413 minimum.
7326 *) Fixed problem with ErrorDocument not working for virtual hosts
7327 due to one of the performance changes in 1.2b7. [Dean Gaudet]
7329 *) Log an error message if we get a request header that is too long,
7330 since it may indicate a buffer overflow attack. [Marc Slemko]
7332 *) Made is_url() allow "[-.+a-zA-Z0-9]+:" as a valid scheme and
7333 not reject URLs without a double-slash, as per RFC2068 section 3.2.
7334 [Ken Coar] PR #146, #187
7336 *) Added table entry placeholder for new header_parser callback
7337 in all of the distributed modules. [Ken Coar] PR #191
7339 *) Allow for cgi files without the .EXE extension on them under OS/2.
7340 [Garey Smiley] PR #59
7342 *) Fixed error message when resource is not found and URL contains
7343 path info. [Petr Lampa and Dean Gaudet] PR #40
7345 *) Fixed user and server confusion over what should be a virtual host
7346 and what is the main server, resulting in access to something
7347 other than the name defined in the virtualhost directive (but
7348 with the same IP address) failing. [Dean Gaudet]
7350 *) Updated mod_rewrite to version 3.0.2, which: fixes compile error on
7351 AIX; improves the redirection stuff to enable the users to generally
7352 redirect to http, https, gopher and ftp; added TIME variable for
7353 RewriteCond which expands to YYYYMMDDHHMMSS strings and added the
7354 special patterns >STRING, <STRING and =STRING to RewriteCond, which
7355 can be used in conjunction with %{TIME} or other variables to create
7356 time-dependent rewriting rules. [Ralf S. Engelschall]
7358 *) bpushfd() no longer notes cleanups for the file descriptors it is handed.
7359 Module authors may need to adjust their code for proper cleanup to take
7360 place (that is, call note_cleanups_for_fd()). This change fixes problems
7361 with file descriptors being erroneously closed when the proxy module was
7362 in use. [Ben Laurie]
7364 *) Fix bug in suexec reintroduced by changes in 1.2b7 which allows
7365 initgroups() to hose the group information needed for later
7366 comparisons. [Randy Terbush]
7368 *) Remove unnecessary call to va_end() in create_argv() which
7369 caused a SEGV on some systems.
7371 *) Use proper MAXHOSTNAMELEN symbol for limiting length of server name.
7374 *) Clear memory allocated for listeners. [Randy Terbush]
7376 *) Improved handling of IP address as a virtualhost address and
7377 introduced "_default_" as a synonym for the default vhost config.
7378 [Dean Gaudet] PR #212
7380 Changes with Apache 1.2b7
7382 *) Port to UXP/DS(V20) [Toshiaki Nomura <nom@yk.fujitsu.co.jp>]
7384 *) unset Content-Length if chunked (RFC-2068) [Petr Lampa]
7386 *) mod_negotiation fixes [Petr Lampa] PR#157, PR#158, PR#159
7387 - replace protocol response numbers with symbols
7388 - save variant-list into main request notes
7389 - free allocated memory from subrequests
7390 - merge notes, headers_out and err_headers_out
7392 *) changed status check mask in proxy_http.c from "HTTP/#.# ### *" to
7393 "HTTP/#.# ###*" to be more lenient about what we accept.
7396 *) more proxy FTP bug fixes:
7397 - Changed send_dir() to remove user/passwd from displayed URL.
7398 - Changed login error messages to be more descriptive.
7399 - remove setting of SO_DEBUG socket option
7400 - Make ftp_getrc() more lenient about multiline responses,
7401 specifically, 230 responses which don't have continuation 230-
7402 on each line). These seem to be all NT FTP servers, and while
7403 perhaps questionable, they appear to be legal by RFC 959.
7404 - Add missing kill_timeout() after transfer to user completes.
7407 *) Fixed problem where a busy server could hang when restarting
7408 after being sent a SIGHUP due to child processes not exiting.
7411 *) Modify mod_include escaping so a '\' only signifies an escaped
7412 character if the next character is one that needs
7413 escaping. [Ben Laurie]
7415 *) Eliminated possible infinite loop in mod_imap when relative URLs are
7416 used with a 'base' directive that does not have a '/' in it.
7417 [Marc Slemko, reported by Onno Witvliet <onno@tc.hsa.nl>]
7419 *) Reduced the default timeout from 1200 seconds to 300, and the
7420 one in the sample configfile from 400 to 300. [Marc Slemko]
7422 *) Stop vbprintf from crashing if given a NULL string pointer;
7423 print (null) instead. [Ken Coar]
7425 *) Don't disable Nagle algorithm if system doesn't have TCP_NODELAY.
7426 [Marc Slemko and Roy Fielding]
7428 *) Fixed problem with mod_cgi-generated internal redirects trying to
7429 read the request message-body twice. [Archie Cobbs and Roy Fielding]
7431 *) Reduced timeout on lingering close, removed possibility of a blocked
7432 read causing the child to hang, and stopped logging of errors if
7433 the socket is not connected (reset by client). [Roy Fielding]
7435 *) Rearranged main child loop to remove duplication of code in
7436 select/accept and keep-alive requests, fixed several bugs regarding
7437 checking scoreboard_image for exit indication and failure to
7438 account for all success conditions and trap all error conditions,
7439 prevented multiple flushes before closing the socket; close the entire
7440 socket buffer instead of just one descriptor, prevent logging of
7441 EPROTO and ECONNABORTED on platforms where supported, and generally
7442 improved readability. [Roy Fielding]
7444 *) Extensive performance improvements. Cleaned up inefficient use of
7445 auto initializers, multiple is_matchexp calls on a static string,
7446 and excessive merging of response_code_strings. [Dean Gaudet]
7448 *) Added double-buffering to mod_include to improve performance on
7449 server-side includes. [Marc Slemko]
7451 *) Several fixes for suexec wrapper. [Randy Terbush]
7452 - Make wrapper work for files on NFS filesystem.
7453 - Fix portability problem of MAXPATHLEN.
7454 - Fix array overrun problem in clean_env().
7455 - Fix allocation of PATH environment variable
7457 *) Removed extraneous blank line is description of mod_status chars.
7460 *) Logging of errors from the call_exec routine simply went nowhere,
7461 since the logfile fd has been closed, so now we send them to stderr.
7462 [Harald T. Alvestrand]
7464 *) Fixed core dump when DocumentRoot is a CGI.
7465 [Ben Laurie, reported by geddis@tesserae.com]
7467 *) Fixed potential file descriptor leak in mod_asis; updated it and
7468 http_core to use pfopen/pfclose instead of fopen/fclose.
7469 [Randy Terbush and Roy Fielding]
7471 *) Fixed handling of unsigned ints in ap_snprintf() on some chips such
7472 as the DEC Alpha which is 64-bit but uses 32-bit ints.
7473 [Dean Gaudet and Ken Coar]
7475 *) Return a 302 response code to the client when sending a redirect
7476 due to a missing trailing '/' on a directory instead of a 301; now
7477 it is cacheable. [Markus Gyger]
7479 *) Fix condition where, if a bad directive occurs in .htaccess, and
7480 sub_request() goes first to this directory, then log_reason() will
7481 SIGSEGV because it doesn't have initialized r->per_dir_config.
7482 [PR#162 from Petr Lampa, fix by Marc Slemko and Dean Gaudet]
7484 *) Fix handling of lang_index in is_variant_better(). This was
7485 causing problems which resulted in the server sending the
7486 wrong language document in some cases. [Petr Lampa]
7488 *) Remove free() from clean_env() in suexec wrapper. This was nuking
7489 the clean environment on some systems.
7491 *) Tweak byteserving code (e.g. serving PDF files) to work around
7492 bugs in Netscape Navigator and Microsoft Internet Explorer.
7493 Emit Content-Length header when sending multipart/byteranges.
7496 *) Port to HI-UX/WE2. [Nick Maclaren]
7498 *) Port to HP MPE operating system for HP 3000 machines
7499 [Mark Bixby <markb@cccd.edu>]
7501 *) Fixed bug which caused a segmentation fault if only one argument
7502 given to RLimit* directives. [Ed Korthof]
7504 *) Continue persistent connection after 204 or 304 response. [Dean Gaudet]
7506 *) Improved buffered output to the client by delaying the flush decision
7507 until the BUFF code is actually about to read the next request.
7508 This fixes a problem introduced in 1.2b5 with clients that send
7509 an extra CRLF after a POST request. Also improved chunked output
7510 performance by combining writes using writev() and removing as
7511 many bflush() calls as possible. NOTE: Platforms without writev()
7512 must add -DNO_WRITEV to the compiler CFLAGS, either in Configuration
7513 or Configure, unless we have already done so. [Dean Gaudet]
7515 *) Fixed mod_rewrite bug which truncated the rewritten URL [Marc Slemko]
7517 *) Fixed mod_info output corruption bug introduced by buffer overflow
7518 fixes. [Dean Gaudet]
7520 *) Fixed http_protocol to correctly output all HTTP/1.1 headers, including
7521 for the special case of a 304 response. [Paul Sutton]
7523 *) Improved handling of TRACE method by bypassing normal method handling
7524 and header parsing routines; fixed Allow response to always allow TRACE.
7527 *) Fixed compiler warnings in the regex library. [Dean Gaudet]
7529 *) Cleaned-up some of the generated HTML. [Ken Coar]
7531 Changes with Apache 1.2b6
7533 *) Allow whitespace in imagemap mapfile coordinates. [Marc Slemko]
7535 *) Fix typo introduced in fix for potential infinite loop around
7536 accept() in child_main(). This change caused the rev to 1.2b6.
7537 1.2b5 was never a public beta.
7539 Changes with Apache 1.2b5
7541 *) Change KeepAlive semantics (On|Off instead of a number), add
7542 MaxKeepAliveRequests directive. [Alexei Kosut]
7544 *) Various NeXT compilation patches, as well as a change in
7545 regex/regcomp.c since that file also used a NEXT define.
7548 *) Allow * to terminate the end of a directory match in mod_dir.
7549 Allows /~* to match for both /~joe and /~joe/. [David Bronder]
7551 *) Don't call can_exec() if suexec_enabled. Calling this requires
7552 scripts executed by the suexec wrapper to be world executable, which
7553 defeats one of the advantages of running the wrapper. [Randy Terbush]
7555 *) Portability Fix: IRIX complained with 'make clean' about *pure* (removed)
7558 *) Migration from sprintf() to snprintf() to avoid buffer
7559 overflows. [Marc Slemko]
7561 *) Provide portable snprintf() implementation (ap_snprintf)
7562 as well as *cvt family. [Jim Jagielski]
7564 *) Portability Fix: NeXT lacks unistd.h so we wrap it's inclusion
7567 *) Remove mod_fastcgi.c from the distribution. This module appears
7568 to be maintained more through the Open Market channels and should
7569 continue to be easily available at http://www.fastcgi.com/
7571 *) Fixed bug in modules/Makefile that wouldn't allow building in more
7572 than one subdirectory (or cleaning, either). [Jeremy Laidman]
7574 *) mod_info assumed that the config files were relative to ServerRoot.
7577 *) CGI scripts called as an error document resulting from failed
7578 CGI execution would hang waiting for POST'ed data. [Rob Hartill]
7580 *) Log reason when mod_dir returns access HTTP_FORBIDDEN
7583 *) Properly check errno to prevent display of a directory index
7584 when server receives a long enough URL to confuse stat().
7587 *) Several security enhancements to suexec wrapper. It is _highly_
7588 recommended that previously installed versions of the wrapper
7589 be replaced with this version. [Randy Terbush, Jason Dour]
7591 - ~user execution now properly restricted to ~user's home
7592 directory and below.
7593 - execution restricted to UID/GID > 100
7594 - restrict passed environment to known variables
7595 - call setgid() before initgroups() (portability fix)
7596 - remove use of setenv() (portability fix)
7598 *) Add HTTP/1.0 response forcing. [Ben Laurie]
7600 *) Add access control via environment variables. [Ben Laurie]
7602 *) Add rflush() function. [Alexei Kosut]
7604 *) remove duplicate pcalloc() call in new_connection().
7606 *) Fix incorrect comparison which could allow number of children =
7607 MaxClients + 1 if less than HARD_SERVER_LIMIT. Also fix potential
7608 problem if StartServers > HARD_SERVER_LIMIT. [Ed Korthof]
7610 *) Updated support for OSes (MachTen, ULTRIX, Paragon, ISC, OpenBSD
7611 AIX PS/2, CONVEXOS. [Jim Jagielski]
7613 *) Replace instances of inet_ntoa() with inet_addr() for ProxyBlock.
7614 It's more portable. [Martin Kraemer]
7616 *) Replace references to make in Makefile.tmpl with $(MAKE).
7619 *) Add ProxyBlock directive w/IP address caching. Add IP address
7620 caching to NoCache directive as well. ProxyBlock works with all
7621 handlers; NoCache now also works with FTP for anonymous logins.
7622 Still more code cleanup. [Chuck Murcko]
7624 *) Add "header parse" API hook [Ben Laurie]
7626 *) Fix byte ordering problems for REMOTE_PORT [Chuck Murcko]
7628 *) suEXEC wrapper was freeing memory that had not been malloc'ed.
7630 *) Correctly allow access and auth directives in <Files> sections in
7631 server config files. [Alexei Kosut]
7633 *) Fix bug with ServerPath that could cause certain files to be not
7634 found by the server. [Alexei Kosut]
7636 *) Fix handling of ErrorDocument so that it doesn't remove a trailing
7637 double-quote from text and so that it properly checks for unsupported
7638 status codes using the new index_of_response interface. [Roy Fielding]
7640 *) Multiple fixes to the lingering_close code in order to avoid being
7641 interrupted by a stray timeout, to avoid lingering on a connection
7642 that has already been aborted or never really existed, to ensure that
7643 we stop lingering as soon as any error condition is received, and to
7644 prevent being stuck indefinitely if the read blocks. Also improves
7645 reporting of error conditions. [Marc Slemko and Roy Fielding]
7647 *) Fixed initialization of parameter structure for sigaction.
7648 [mgyger@itr.ch, Adrian Filipi-Martin]
7650 *) Fixed reinitializing the parameters before each call to accept and
7651 select, and removed potential for infinite loop in accept.
7652 [Roy Fielding, after useful PR from adrian@virginia.edu]
7654 *) Fixed condition where, if a child fails to fork, the scoreboard would
7655 continue to say SERVER_STARTING forever. Eventually, the main process
7656 would refuse to start new children because count_idle_servers() will
7657 count those SERVER_STARTING entries and will always report that there
7658 are enough idle servers. [Phillip Vandry]
7660 *) Fixed bug in bcwrite regarding failure to account for partial writes.
7661 Avoided calling bflush() when the client is pipelining requests.
7662 Removed unnecessary flushes from http_protocol. [Dean Gaudet]
7664 *) Added description of "." mode in server-status [Jim Jagielski]
7666 Changes with Apache 1.2b4
7668 *) Fix possible race condition in accept_mutex_init() that
7669 could leave a small security hole open allowing files to be
7670 overwritten in cases where the server UID has write permissions.
7673 *) Fix awk compatibilty problem in Configure. [Jim Jagielski]
7675 *) Fix portablity problem in util_script where ARG_MAX may not be
7676 defined for some systems.
7678 *) Add changes to allow compilation on Machten 4.0.3 for PowerPC.
7681 *) OS/2 changes to support an MMAP style scoreboard file and UNIX
7682 style magic #! token for better script portability. [Garey Smiley]
7684 *) Fix bug in suexec wrapper introduced in b3 that would cause failed
7685 execution for ~userdir CGI. [Jason Dour]
7687 *) Fix initgroups() business in suexec wrapper. [Jason Dour]
7689 *) Fix month off by one in suexec wrapper logging.
7691 Changes with Apache 1.2b3:
7693 *) Fix error in mod_cgi which could cause resources not to be properly
7694 freed, or worse. [Dean Gaudet]
7696 *) Fix find_string() NULL pointer dereference. [Howard Fear]
7698 *) Add set_flag_slot() at the request of Dirk and others.
7701 *) Sync mod_rewrite with patch level 10. [Ralf Engelschall]
7703 *) Add changes to improve the error message given for invalid
7704 ServerName parameters. [Dirk vanGulik]
7706 *) Add "Authoritative" directive for Auth modules that don't
7707 currently have it. This gives admin control to assign authoritative
7708 control to an authentication scheme and allow "fall through" for
7709 those authentication modules that aren't "Authoritative" thereby
7710 allowing multiple authentication mechanisms to be chained.
7713 *) Remove requirement for ResourceConfig/AccessConfig if not using
7714 the three config file layout. [Randy Terbush]
7716 *) Add PASV mode to mod_proxy FTP handler. [Chuck Murcko]
7718 *) Changes to suexec wrapper to fix the following problems:
7719 1. symlinked homedirs will kill ~userdirs.
7720 2. initgroups() on Linux 2.0.x clobbers gr->grid.
7721 3. CGI command lines paramters problems
7722 4. pw-pwdir for "docroot check" still the httpd user's pw record.
7723 [Randy Terbush, Jason Dour]
7725 *) Change create_argv() to accept variable arguments. This fixes
7726 a problem where arguments were not getting passed to the CGI via
7727 argv[] when the suexec wrapper was active. [Randy Terbush, Jake Buchholz]
7729 *) Collapse multiple slashes in path URLs to properly apply
7730 handlers defined by <Location>. [Alexei Kosut]
7732 *) Define a sane set of DEFAULT_USER and DEFAULT_GROUP values for AIX.
7734 *) Improve the accuracy of request duration timings by setting
7735 r->request_time in read_request_line() instead of read_request().
7738 *) Reset timeout while reading via get_client_block() in mod_cgi.c
7739 Fixes problem with timed out transfers of large files. [Rasmus Lerdorf]
7741 *) Add the ability to pass different Makefile.tmpl files to Configure
7742 using the -make flag. [Rob Hartill]
7744 *) Fix coredump triggered when sending a SIGHUP to the server caused
7745 by an assertion failure, in turn caused by an uninitialised field in a
7749 *) Add FILEPATH_INFO variable to CGI environment, which is equal to
7750 PATH_INFO from previous versions of Apache (in certain situations,
7751 Apache 1.2's PATH_INFO will be different than 1.1's). [Alexei Kosut]
7752 [later removed in 1.2b11]
7754 *) Add rwrite() function to API to allow for sending strings of
7755 arbitrary length. [Doug MacEachern]
7757 *) Remove rlim_t typedef for NetBSD. Do older versions need this?
7759 *) Defined rlim_t and WANTHSREGEX=yes and fixed waitpid() substitute for
7760 NeXT. [Jim Jagielski]
7762 *) Removed recent modification to promote the status code on internal
7763 redirects, since the correct fix was to change the default log format
7764 in mod_log_config so that it outputs the original status. [Rob Hartill]
7766 Changes with Apache 1.2b2:
7768 *) Update set_signals() to use sigaction() for setting handlers.
7769 This appears to fix a re-entrant problem in the seg_fault()
7770 bus_error() handlers. [Randy Terbush]
7772 *) Changes to allow mod_status compile for OS/2 [Garey Smiley]
7774 *) changes for DEC AXP running OSF/1 v3.0. [Marc Evans]
7776 *) proxy_http.c bugfixes: [Chuck Murcko]
7777 1) fixes possible NULL pointer reference w/NoCache
7778 2) fixes NoCache behavior when using ProxyRemote (ProxyRemote
7779 host would cache nothing if it was in the local domain,
7780 and the local domain was in the NoCache list)
7781 3) Adds Host: header when not available
7782 4) Some code cleanup and clarification
7784 *) mod_include.c bugfixes:
7785 1) Fixed an ommission that caused include variables to not
7786 be parsed in config errmsg directives [Howard Fear]
7787 2) Remove HAVE_POSIX_REGEX cruft [Alexei Kosut]
7788 3) Patch to fix compiler warnings [perrot@lal.in2p3.fr]
7789 4) Allow backslash-escaping to all quoted text
7790 [Ben Yoshino <ben@wiliki.eng.hawaii.edu>]
7791 5) Pass variable to command line if not set in XSSI's env
7794 *) Fix infinite loop when processing Content-language lines in
7795 type-map files. [Alexei Kosut]
7797 *) Closed file-globbing hole in test-cgi script. [Brian Behlendorf]
7799 *) Fixed problem in set_[user|group] that prevented CGI execution
7800 for non-virtualhosts when suEXEC was enabled. [Randy Terbush]
7802 *) Added PORTING information file. [Jim Jagielski]
7804 *) Added definitions for S_IWGRP and S_IWOTH to conf.h [Ben Laurie]
7806 *) Changed default group to "nogroup" instead of "nobody" [Randy Terbush]
7808 *) Fixed define typo of FCNTL_SERIALIZED_ACCEPT where
7809 USE_FCNTL_SERIALIZED_ACCEPT was intended.
7811 *) Fixed additional uses of 0xffffffff where INADDR_NONE was intended,
7812 which caused problems of systems where socket s_addr is >32bits.
7814 *) Added comment to explain (r->chunked = 1) side-effect in
7815 http_protocol.c [Roy Fielding]
7817 *) Replaced use of index() in mod_expires.c with more appropriate
7818 and portable isdigit() test. [Ben Laurie]
7820 *) Updated Configure for ...
7821 OS/2 (DEF_WANTHSREGEX=yes, other code changes)
7822 *-dg-dgux* (bad pattern match)
7823 QNX (DEF_WANTHSREGEX=yes)
7824 *-sunos4* (DEF_WANTHSREGEX=yes, -DUSEBCOPY)
7827 and added some user diagnostic info. [Ben Laurie]
7829 *) In helpers/CutRule, replaced "cut" invocation with "awk" invocation
7830 for better portability. [Jim Jagielski]
7832 *) Updated helpers/GuessOS for ...
7833 SCO 5 (recognize minor releases)
7834 SCO UnixWare (braindamaged uname, whatever-whatever-unixware2)
7835 SCO UnixWare 2.1.1 (requires a separate set of #defines in conf.h)
7836 IRIX64 (-sgi-irix64)
7837 ULTRIX (-unknown-ultrix)
7838 SINIX (-whatever-sysv4)
7839 NCR Unix (-ncr-sysv4)
7840 and fixed something in helpers/PrintPath [Ben Laurie]
7842 Changes with Apache 1.2b1
7844 *) Not listed. See <http://www.apache.org/docs/new_features_1_2.html>
7846 Changes with Apache 1.1.1
7848 *) Fixed bug where Cookie module would make two entries in the
7849 logfile for each access [Mark Cox]
7851 *) Fixed bug where Redirect in .htaccess files would cause memory
7852 leak. [Nathan Neulinger]
7854 *) MultiViews now works correctly with AddHandler [Alexei Kosut]
7856 *) Problems with mod_auth_msql fixed [Dirk vanGulik]
7858 *) Fix misspelling of "Anonymous_Authorative" directive in mod_auth_anon.
7860 Changes with Apache 1.1.0
7862 *) Bring NeXT support up to date. [Takaaki Matsumoto]
7864 *) Bring QNX support up to date. [Ben Laurie]
7866 *) Make virtual hosts default to main server keepalive parameters.
7867 [Alexei Kosut, Ben Laurie]
7869 *) Allow ScanHTMLTitles to work with lowercase <title> tags. [Alexei Kosut]
7871 *) Fix missing address family for connect, also remove unreachable statement
7872 in mod_proxy. [Ben Laurie]
7874 *) mod_env now turned on by default in Configuration.tmpl.
7876 *) Bugs which were fixed:
7877 a) yet more mod_proxy bugs [Ben Laurie]
7878 b) CGI works again with inetd [Alexei Kosut]
7879 c) Leading colons were stripped from passwords [osm@interguide.com]
7880 d) Another fix to multi-method Limit problem [jk@tools.de]
7882 Changes with Apache 1.1b4
7884 *) r->bytes_sent variable restored. [Robert Thau]
7886 *) Previously broken multi-method <Limit> parsing fixed. [Robert Thau]
7888 *) More possibly unsecure programs removed from the support directory.
7890 *) More mod_auth_msql authentication improvements.
7892 *) VirtualHosts based on Host: headers no longer conflict with the
7895 *) OS/2 compatibility enhancements. [Gary Smiley]
7897 *) POST now allowed to directory index CGI scripts.
7899 *) Actions now work with files of the default type.
7901 *) Bugs which were fixed:
7902 a) more mod_proxy bugs
7903 b) early termination of inetd requests
7904 c) compile warnings on several systems
7905 d) problems when scripts stop reading output early
7907 Changes with Apache 1.1b3
7909 *) Much of cgi-bin and all of cgi-src has been removed, due to
7910 various security holes found and that we could no longer support
7913 *) The "Set-Cookie" header is now special-cased to not merge multiple
7914 instances, since certain popular browsers can not handle multiple
7915 Set-Cookie instructions in a single header. [Paul Sutton]
7917 *) rprintf() added to buffer code, occurrences of sprintf removed.
7920 *) CONNECT method for proxy module, which means tunneling SSL should work.
7921 (No crypto needed) Also a NoCache config directive.
7923 *) Several API additions: pstrndup(), table_unset() and get_token()
7924 functions now available to modules.
7926 *) mod_imap fixups, in particular Location: headers are now complete
7929 *) New "info" module which reports on installed module set through a
7930 special URL, a la mod_status.
7932 *) "ServerPath" directive added - allows for graceful transition
7933 for Host:-header-based virtual hosts.
7935 *) Anonymous authentication module improvements.
7937 *) MSQL authentication module improvements.
7939 *) Status module design improved - output now table-based. [Ben Laurie]
7941 *) htdigest utility included for use with digest authentication
7944 *) mod_negotiation: Accept values with wildcards to be treated with
7945 less priority than those without wildcards at the same quality
7946 value. [Alexei Kosut]
7948 *) Bugs which were fixed:
7949 a) numerous mod_proxy bugs
7950 b) CGI early-termination bug [Ben Laurie]
7951 c) Keepalives not working with virtual hosts
7952 d) RefererIgnore problems
7953 e) closing fd's twice in mod_include (causing core dumps on
7954 Linux and elsewhere).
7956 Changes with Apache 1.1b2
7959 a) core dumps in mod_digest
7960 b) truncated hostnames/ip address in the logs
7961 c) relative URL's in mod_imap map files
7963 Changes with Apache 1.1b1
7965 *) Not listed. See <http://www.apache.org/docs/new_features_1_1.html>
7967 Changes with Apache 1.0.3
7969 *) Internal redirects which occur in mod_dir.c now preserve the
7970 query portion of a request (the bit after the question mark).
7973 *) Escape active characters '<', '>' and '&' in html output in
7974 directory listings, error messages and redirection links.
7977 *) Apache will now work with LynxOS 2.3 and later [Steven Watt]
7979 *) Fix for POSIX compliance in waiting for processes in alloc.c.
7982 *) setsockopt no longer takes a const declared argument [Martijn Koster]
7984 *) Reset timeout timer after each successful fwrite() to the network.
7985 This patch adds a reset_timeout() procedure that is called by
7986 send_fd() to reset the timeout ever time data is written to the net.
7989 *) timeout() signal handler now checks for SIGPIPE and reports
7990 lost connections in a more user friendly way. [Rob Hartill]
7992 *) Location of the "scoreboard" file which used to live in /tmp is
7993 now configurable (for OSes that can't use mmap) via ScoreBoardFile
7994 which works similar to PidFile (in httpd.conf) [Rob Hartill]
7996 *) Include sys/resource.h in the correct place for SunOS4 [Sameer Parekh]
7998 *) the pstrcat call in mod_cookies.c didn't have an ending NULL,
7999 which caused a SEGV with cookies enabled
8001 *) Output warning when MinSpareServers is set to <= 0 and change it to 1
8004 *) Log the UNIX textual error returned by some system calls, in
8005 particular errors from accept() [David Robinson]
8007 *) Add strerror function to util.c for SunOS4 [Randy Terbush]
8009 Changes with Apache 1.0.2
8011 *) patch to get Apache compiled on UnixWare 2.x, recommended as
8012 a temporary measure, pending rewrite of rfc931.c. [Chuck Murcko]
8014 *) Fix get_basic_auth_pw() to set the auth_type of the request.
8017 *) past changes to http_config.c to only use the
8018 setrlimit function on systems defining RLIMIT_NOFILE
8019 broke the feature on SUNOS4. Now defines HAVE_RESOURCE
8020 for SUNOS and prototypes the needed functions.
8022 *) Remove uses of MAX_STRING_LEN/HUGE_STRING_LEN from several routines.
8025 *) Fix use of pointer to scratch memory. [Cliff Skolnick]
8027 *) Merge multiple headers from CGI scripts instead of taking last
8028 one. [David Robinson]
8030 *) Add support for SCO 5. [Ben Laurie]
8032 Changes with Apache 1.0.1
8034 *) Silence mod_log_referer and mod_log_agent if not configured
8037 *) Recursive includes can occur if the client supplies PATH_INFO data
8038 and the server provider uses relative links; as file.html
8039 relative to /doc.shtml/pathinfo is /doc.shtml/file.html. [David Robinson]
8041 *) The replacement for initgroups() did not call {set,end}grent(). This
8042 had two implications: if anything else used getgrent(), then
8043 initgroups() would fail, and it was consuming a file descriptor.
8046 *) On heavily loaded servers it was possible for the scoreboard to get
8047 out of sync with reality, as a result of a race condition.
8048 The observed symptoms are far more Apaches running than should
8049 be, and heavy system loads, generally followed by catastrophic
8050 system failure. [Ben Laurie]
8052 *) Fix typo in license. [David Robinson]
8054 Changes with Apache 1.0.0 23 Nov 1995
8056 *) Not listed. See <http://www.apache.org/docs/new_features_1_0.html>
8058 Changes with Apache 0.8.16 05 Nov 1995
8060 *) New man page for 'httpd' added to support directory [David Robinson]
8062 *) .htgroup files can have more than one line giving members for a
8063 given group (each must have the group name in front), for NCSA
8064 back-compatibility [Robert Thau]
8066 *) Mutual exclusion around accept() is on by default for SVR4 systems
8067 generally, since they generally can't handle multiple processes in
8068 accept() on the same socket. This should cure flaky behavior on
8069 a lot of those systems. [David Robinson]
8071 *) AddType, AddEncoding, and AddLanguage directives take multiple
8072 extensions on a single command line [David Robinson]
8074 *) UserDir can be disabled for a given virtual host by saying
8075 "UserDir disabled" in the <VirtualHost> section --- it was a bug
8076 that this didn't work. [David Robinson]
8078 *) Compiles on QNX [Ben Laurie]
8080 *) Corrected parsing of ctime time format [David Robinson]
8082 *) httpd does a perror() before exiting if it can't log its pid
8083 to the PidFile, to make diagnosing the error a bit easier.
8086 *) <!--#include file="..."--> can no longer include files in the
8087 parent directory, for NCSA back-compatibility. [David Robinson]
8089 *) '~' is *not* escaped in URIs generated for directory listings
8092 *) Eliminated compiler warning in the imagemap module [Randy Terbush]
8094 *) Fixed bug involving handling URIs with escaped %-characters
8095 in redirects [David Robinson]
8097 Changes with Apache 0.8.15 14 Oct 1995
8099 *) Switched to new, simpler license
8101 *) Eliminated core dumps with improperly formatted DBM group files [Mark Cox]
8103 *) Don't allow requests for ordinary files to have PATH_INFO [Ben Laurie]
8105 *) Reject paths containing %-escaped '%' or null characters [David Robinson]
8107 *) Correctly handles internal redirects to files with names containing '%'
8110 *) Repunctuated some error messages [Aram Mirzadeh, Andrew Wilson]
8112 *) Use geteuid() rather than getuid() to see if we have root privilege,
8113 so that server correctly resets privilege if run setuid root. [Andrew
8116 *) Handle ftp: and telnet: URLs correctly in imagemaps (built-in module)
8119 *) Fix relative URLs in imagemap files [Randy Terbush]
8121 *) Somewhat better fix for the old "Alias /foo/ /bar/" business
8124 *) Don't repeatedly open the ErrorLog if a bunch of <VirtualHost>
8125 entries all name the same one. [David Robinson]
8127 *) Fix directory listings with filenames containing unusual characters
8130 *) Better URI-escaping for generated URIs in directories with filenames
8131 containing unusual characters [Ben Laurie]
8133 *) Fixed potential FILE* leak in http_main.c [Ben Laurie]
8135 *) Unblock alarms on error return from spawn_child() [David Robinson]
8137 *) Sample Config files have extra note for SCO users [Ben Laurie]
8139 *) Configuration has note for HP-UX users [Rob Hartill]
8141 *) Eliminated some bogus Linux-only #defines in conf.h [Aram Mirzadeh]
8143 *) Nuked bogus #define in httpd.h [David Robinson]
8145 *) Better test for whether a system has setrlimit() [David Robinson]
8147 *) Calls update_child_status() after reopen_scoreboard() [David Robinson]
8149 *) Doesn't send itself SIGHUP on startup when run in the -X debug-only mode
8152 Changes with Apache 0.8.14 19 Sep 1995
8154 *) Compiles on SCO ODT 3.0 [Ben Laurie]
8156 *) AddDescription works (better) [Ben Laurie]
8158 *) Leaves an intelligible error diagnostic when it can't set group
8159 privileges on standalone startup [Andrew Wilson]
8161 *) Compiles on NeXT again --- the 0.8.13 RLIMIT patch was failing on
8162 that machine, which claims to be BSD but does not support RLIMIT.
8165 *) gcc -Wall no longer complains about an unused variable when util.c
8166 is compiled with -DMINIMAL_DNS [Andrew Wilson]
8168 *) Nuked another compiler warning for -Wall on Linux [Aram Mirzadeh]
8170 Changes with Apache 0.8.13 07 Sep 1995
8172 *) Make IndexIgnore *work* (ooops) [Jarkko Torppa]
8174 *) Have built-in imagemap code recognize & honor Point directive [James
8177 *) Generate cleaner directory listings in directories with a mix of
8178 long and short filenames [Rob Hartill]
8180 *) Properly initialize dynamically loaded modules [Royston Shufflebotham]
8182 *) Properly default ServerName for virtual servers [Robert Thau]
8184 *) Rationalize handling of BSD in conf.h and elsewhere [Randy Terbush,
8185 Paul Richards and a cast of thousands...]
8187 *) On self-identified BSD systems (we don't try to guess any more),
8188 allocate a few extra file descriptors per virtual host with setrlimit,
8189 if we can, to avoid running out. [Randy Terbush]
8191 *) Write 22-character lock file name into buffer with enough space
8192 on startup [Konstantin Olchanski]
8194 *) Use archaic setpgrp() interface on NeXT, which requires it [Brian
8197 *) Suppress -Wall warning by casting const away in util.c [Aram Mirzadeh]
8199 *) Suppress -Wall warning by initializing variable in negotiation code
8200 [Tobias Weingartner]
8202 Changes with Apache 0.8.12 31 Aug 1995
8204 *) Doesn't pause three seconds after including a CGI script which is
8205 too slow to die off (this is done by not even trying to kill off
8206 subprocesses, including the SIGTERM/pause/SIGKILL routine, until
8207 after the entire document has been processed). [Robert Thau]
8209 *) Doesn't do SSI if Options Includes is off. (Ooops). [David Robinson]
8211 *) Options IncludesNoExec allows inclusion of at least text/* [Roy Fielding]
8213 *) Allows .htaccess files to override <Directory> sections naming the
8214 same directory [David Robinson]
8216 *) Removed an efficiency hack in sub_req_lookup_uri which was
8217 causing certain extremely marginal cases (e.g., ScriptAlias of a
8218 *particular* index.html file) to fail. [David Robinson]
8220 *) Doesn't log an error when the requested URI requires
8221 authentication, but no auth header line was supplied by the
8222 client; this is a normal condition (the client doesn't no auth is
8223 needed here yet). [Robert Thau]
8225 *) Behaves more sanely when the name server loses its mind [Sean Welch]
8227 *) RFC931 code compiles cleanly on old BSDI releases [Randy Terbush]
8229 *) RFC931 code no longer passes out name of prior clients on current
8230 requests if the current request came from a server that doesn't
8231 do RFC931. [David Robinson]
8233 *) Configuration script accepts "Module" lines with trailing whitespace.
8236 *) Cleaned up compiler warning from mod_access.c [Robert Thau]
8238 *) Cleaned up comments in mod_cgi.c [Robert Thau]
8240 Changes with Apache 0.8.11 24 Aug 1995
8242 *) Wildcard <Directory> specifications work. [Robert Thau]
8244 *) Doesn't loop for buggy CGI on Solaris [Cliff Skolnick]
8246 *) Symlink checks (FollowSymLinks off, or SymLinkIfOwnerMatch) always check
8247 the file being requested itself, in addition to the directories leading
8248 up to it. [Robert Thau]
8250 *) Logs access failures due to symlink checks or invalid client address
8251 in the error log [Roy Fielding, Robert Thau]
8253 *) Symlink checks deal correctly with systems where lstat of
8254 "/path/to/some/link/" follows the link. [Thau, Fielding]
8256 *) Doesn't reset DirectoryIndex to 'index.html' when
8257 other directory options are set in a .htaccess file. [Robert Thau]
8259 *) Clarified init code and nuked bogus warning in mod_access.c
8262 *) Corrected several directives in sample srm.conf
8263 --- includes corrections to directory indexing icon-related directives
8264 (using unknown.gif rather than unknown.xbm as the DefaultIcon, doing
8265 icons for encodings right, and turning on AddEncoding by default).
8268 *) Corrected descriptions of args to AddIcon and AddAlt in command table
8271 *) INSTALL & README mention "contributed modules" directory [Brian
8274 *) Fixed English in the license language... "for for" --> "for".
8277 *) Fixed ScriptAlias/Alias interaction by moving ScriptAlias handling to
8278 mod_alias.c, merging it almost completely with handling of Alias, and
8279 adding a 'notes' field to the request_rec which allows the CGI module
8280 to discover whether the Alias module has put this request through
8281 ScriptAlias (which it needs to know for back-compatibility, as the old
8282 NCSA code did not check Options ExecCGI in ScriptAlias directories).
8285 Changes with Apache 0.8.10 18 Aug 1995
8287 *) AllowOverride applies to the named directory, and not just
8288 subdirectories. [David Robinson]
8290 *) Do locking for accept() exclusion (on systems that need it)
8291 using a special file created for the purpose in /usr/tmp, and
8292 not the error log; using the error log causes real problems
8293 if it's NFS-mounted; this is known to be the cause of a whole
8294 lot of "server hang" problems with Solaris. [David Robinson;
8295 thanks to Merten Schumann for help diagnosing the problem].
8297 Changes with Apache 0.8.9 12 Aug 1995
8299 *) Compiles with -DMAXIMUM_DNS ---- ooops! [Henrik Mortensen]
8301 *) Nested includes see environment variables of the including document,
8302 for NCSA bug-compatibility (some sites have standard footer includes
8303 which try to print out the last-modified date). [Eric Hagberg/Robert
8306 *) <!--exec cgi="/some/uri/here"--> always treats the item named by the
8307 URI as a CGI script, even if it would have been treated as something
8308 else if requested directly, for NCSA back-compatibility. (Note that
8309 this means that people who know the name of the script can see the
8310 code just by asking for it). [Robert Thau]
8312 *) New version of dbmmanage script included in support directory as
8315 *) Check if scoreboard file couldn't be opened, and say so, rather
8316 then going insane [David Robinson]
8318 *) POST to CGI works on A/UX [Jim Jagielski]
8320 *) AddIcon and AddAlt commands work properly [Rob Hartill]
8322 *) NCSA server push works properly --- the Arena bug compatibility
8323 workaround, which broke it, is gone (use -DARENA_BUG_WORKAROUND
8324 if you still want the workaround). [Rob Hartill]
8326 *) If client didn't submit any Accept-encodings, ignore encodings in
8327 content negotiation. (NB this will all have to be reworked anyway
8328 for the new HTTP draft). [Florent Guillaume]
8330 *) Don't dump core when trying to log timed-out requests [Jim Jagielski]
8332 *) Really honor CacheNegotiatedDocs [Florent Guillaume]
8334 *) Give Redirect priority over Alias, for NCSA bug compatibility
8337 *) Correctly set PATH_TRANSLATED in all cases from <!--#exec cmd=""-->,
8338 paralleling earlier bug fix for CGI [David Robinson]
8340 *) If DBM auth is improperly configured, report a server error and don't
8343 *) Deleted FCNTL_SERIALIZED_ACCEPTS from conf.h entry for A/UX;
8344 it seems to work well enough without it (even in a 10 hits/sec
8345 workout), and the overhead for the locking under A/UX is
8346 alarmingly high (though it is very low on other systems).
8347 [Eric Hagberg, Jim Jagielski]
8349 *) Fixed portability problems with mod_cookies.c [Cliff Skolnick]
8351 *) Further de-Berklize mod_cookies.c; change the bogus #include. [Brian
8352 Behlendorf/Eric Hagberg]
8354 *) More improvements to default Configuration for A/UX [Jim Jagielski]
8356 *) Compiles clean on NEXT [Rob Hartill]
8358 *) Compiles clean on SGI [Robert Thau]
8360 Changes with Apache 0.8.8 08 Aug 1995
8362 *) SunOS library prototypes now never included unless explicitly
8363 requested in the configuration (via -DSUNOS_LIB_PROTOTYPES);
8364 people using GNU libc on SunOS are screwed by prototypes for the
8367 (Those who wish to compile clean with gcc -Wall on a standard
8368 SunOS setup need the prototypes, and may obtain them using
8369 -DSUNOS_LIB_PROTOTYPES. Those wishing to use -Wall on a system
8370 with nonstandard libraries are presumably competent to make their
8373 *) Strips trailing '/' characters off both args to the Alias command,
8374 to make 'Alias /foo/ /bar/' work.
8376 Changes with Apache 0.8.7 03 Aug 1995
8378 *) Don't hang when restarting with a child from 'TransferLog "|..."' running
8379 [reported by David Robinson]
8381 *) Compiles clean on OSF/1 [David Robinson]
8383 *) Added some of the more recent significant changes (AddLanguage stuff,
8384 experimental LogFormat support) to CHANGES file in distribution root
8387 Changes with Apache 0.8.6 02 Aug 1995
8389 *) Deleted Netscape reload workaround --- it's in violation of HTTP specs.
8390 (If you actually wanted a conditional GET which bypassed the cache, you
8391 couldn't get it). [Reported by Roy Fielding]
8393 *) Properly terminate headers on '304 Not Modified' replies to conditional
8394 GETs --- no browser we can find cares much, but the CERN proxy chokes.
8395 [Reported by Cliff Skolnick; fix discovered independently by Rob Hartill]
8397 *) httpd -v doesn't call itself "Shambhala". [Reported by Chuck Murcko]
8399 *) SunOS lib-function prototypes in conf.h conditionalized on __GNUC__,
8400 not __SUNPRO_C (they're needed to quiet gcc -Wall, but acc chokes on 'em,
8401 and older versions don't set the __SUNPRO_C preprocessor variable). On
8402 all other systems, these are never used anyway. [Reported by Mark Cox].
8404 *) Scoreboard file (/tmp/htstatus.*) no longer publically writable.
8406 Changes with Apache 0.8.5 01 Aug 1995
8408 *) Added last-minute configurable log experiment, as optional module
8410 *) Correctly set r->bytes_sent for HTTP/0.9 requests, so they get logged
8411 properly. (One-line fix to http_protocol.c).
8413 *) Work around bogus behavior when reloading from Netscape.
8414 It's Netscape's bug --- for some reason they expect a request with
8415 If-modified-since: to not function as a conditional GET if it also
8416 comes with Pragma: no-cache, which is way out of line with the HTTP
8417 spec (according to Roy Fielding, the redactor).
8419 *) Added parameter to set maximum number of server processes.
8421 *) Added patches to make it work on A/UX. A/UX is *weird*. [Eric Hagberg,
8424 *) IdentityCheck bugfix [Chuck Murcko].
8426 *) Corrected cgi-src/Makefile entry for new imagemap script. [Alexei Kosut]
8428 *) More sample config file corrections; add extension to AddType for
8429 *.asis, move AddType generic description to its proper place, and
8430 fix miscellaneous typos. [ Alexei Kosut ]
8432 *) Deleted the *other* reference to the regents from the Berkeley
8433 legal disclaimer (everyplace).
8435 *) Nuked Shambhala name from src/README; had already cleaned it out
8438 Changes with Apache 0.8.4
8440 *) Changes to server-pool management parms --- renamed current
8441 StartServers to MinSpareServers, created separate StartServers
8442 parameter which means what it says, and renamed MaxServers to
8443 MaxSpareServers (though the old name still works, for NCSA 1.4
8444 back-compatibility). The old names were generally regarded as
8445 too confusing. Also altered "docs" in sample config files.
8447 *) More improvements to default config files ---
8448 sample directives (commented out) for XBitHack, BindAddress,
8449 CacheNegotiatedDocs, VirtualHost; decent set of AddLanguage
8450 defaults, AddTypes for send-as-is and imagemap magic types, and
8451 improvements to samples for DirectoryIndex [Alexei Kosut]
8453 *) Yet more improvements to default config files --- changes to
8454 Alexei's sample AddLanguage directives, and sample LanguagePriority
8455 [ Florent Guillaume ]
8457 *) Set config file locations properly if not set in httpd.conf
8460 *) Don't escape URIs in internal redirects multiple times; don't
8461 do that when translating PATH_INFO to PATH_TRANSLATED either.
8464 *) Corrected spelling of "Required" in 401 error reports [Andrew Wilson]
8466 Changes with Apache 0.8.3
8468 *) Edited distribution README to *briefly* summarize installation
8469 procedures, and give a pointer to the INSTALL file in the src/
8472 *) Upgraded imagemap script in cgi-bin to 1.8 version from more
8473 recent NCSA distributions.
8475 *) Bug fix to previous bug fix --- if .htaccess file and <Directory>
8476 exist for the same directory, use both and don't segfault. [Reported
8479 *) Proper makefile dependencies [David Robinson]
8481 *) Note (re)starts in error log --- reported by Rob Hartill.
8483 *) Only call no2slash() after get_path_info() has been done, to
8484 preserve multiple slashes in the PATH_INFO [NCSA compatibility,
8485 reported by Andrew Wilson, though this one is probably a real bug]
8487 *) Fixed mod_imap.c --- relative paths with base_uri referer don't
8488 dump core when Referer is not supplied. [Randy Terbush]
8490 *) Lightly edited sample config files to refer people to our documentation
8491 instead of NCSA's, and to list Rob McCool as *original* author (also
8492 deleted his old, and no doubt non-functional email address). Would be
8493 nice to have examples of new features...
8495 Changes with Apache 0.8.2 19 Jul 1995
8497 *) Added AddLanuage code [Florent Guillaume]
8499 *) Don't say "access forbidden" when a CGI script is not found. [Mark Cox]
8501 *) All sorts of problems when MultiViews finds a directory. It would
8502 be nice if mod_dir.c was robust enough to handle that, but for now,
8503 just punt. [reported by Brian Behlendorf]
8505 *) Wait for all children on restart, to make sure that the old socket
8506 is gone and we can reopen it. [reported by Randy Terbush]
8508 *) Imagemap module is enabled in default Configuration
8510 *) RefererLog and UserAgentLog modules properly default the logfile
8513 *) Mark Cox's mod_cookies added to the distribution as an optional
8514 module (commented out in the default Configuration, and noted as
8515 an experiment, along with mod_dld). [Mark Cox]
8517 *) Compiles on ULTRIX (a continuing battle...). [Robert Thau]
8519 *) Fixed nasty bug in SIGTERM handling [reported by Randy Terbush]
8521 *) Changed "Shambhala" to "Apache" in API docs. [Robert Thau]
8523 *) Added new, toothier legal disclaimer. [Robert Thau; copied from BSD
8526 Changes with Apache 0.8.1
8528 *) New imagemap module [Randy Terbush]
8530 *) Replacement referer log module with NCSA-compatible RefererIgnore
8531 [Matthew Gray again]
8533 *) Don't mung directory listings with very long filenames.
8536 Changes with Apache 0.8.0 (nee Shambhala 0.6.2) 16 Jul 1995
8538 *) New config script. See INSTALL for info. [Robert Thau]
8540 *) Scoreboard mechanism for regulating the number of extant server
8541 processes. MaxServers and StartServers defaults are the same as
8542 for NCSA, but the meanings are slightly different. (Actually,
8543 I should probably lower the MaxServers default to 10).
8545 Before asking for a new connection, each server process checks
8546 the number of other servers which are also waiting for a
8547 connection. If there are more than MaxServers, it quietly dies
8548 off. Conversely, every second, the root, or caretaker, process
8549 looks to see how many servers are waiting for a new connection;
8550 if there are fewer than StartServers, it starts a new one. This
8551 does not depend on the number of server processes already extant.
8552 The accounting is arranged through a "scoreboard" file, named
8553 /tmp/htstatus.*, on which each process has an independent file
8554 descriptor (they need to seek without interference).
8556 The end effect is that MaxServers is the maximum number of
8557 servers on an *inactive* server machine, but more will be forked
8558 off to handle unusually heavy loads (or unusually slow clients);
8559 these will die off when they are no longer needed --- without
8560 reverting to the overhead of full forking operation. There is a
8561 hard maximum of 150 server processes compiled in, largely to
8562 avoid forking out of control and dragging the machine down.
8563 (This is arguably too high).
8565 In my server endurance tests, this mechanism did not appear to
8566 impose any significant overhead, even after I forced it to put the
8567 scoreboard file on a normal filesystem (which might have more
8568 overhead than tmpfs). [Robert Thau]
8570 *) Set HTTP_FOO variables for SSI <!--#exec cmd-->s, not just CGI scripts.
8573 *) Read .htaccess files even in directory with <Directory> section.
8574 (Former incompatibility noted on mailing list, now fixed). [Robert
8577 *) "HEAD /" gives the client a "Bad Request" error message, rather
8578 than trying to send no body *and* no headers. [Cliff Skolnick].
8580 *) Don't produce double error reports for some very obscure cases
8581 mainly involving auth configuration (the "all modules decline to
8582 handle" case which is a sure sign of a server bug in most cases,
8583 but also happens when authentication is badly misconfigured).
8586 *) Moved FCNTL_SERIALIZED_ACCEPT defines into conf.h (that's what
8587 it's *for*, and this sort of thing really shouldn't be cluttering
8588 up the Makefile). [Robert Thau]
8590 *) Incidental code cleanups in http_main.c --- stop dragging
8591 sa_client around; just declare it where used. [Robert Thau]
8593 *) Another acc-related fix. (It doesn't like const char
8594 in some places...). [Mark Cox]
8596 Changes with Shambhala 0.6.1 13 Jul 1995
8598 *) Fixed auth_name-related typos in http_core.c [Brian Behlendorf]
8599 Also, fixed auth typo in http_protocol.c unmasked by this fix.
8601 *) Compiles clean with acc on SunOS [Paul Sutton]
8603 *) Reordered modules in modules.c so that Redirect takes priority
8604 over ScriptAlias, for NCSA bug-compatibility [Rob Hartill] ---
8605 believe it or not, he has an actual site with a ScriptAlias and
8606 a Redirect declared for the *exact same directory*. Even *my*
8607 compatibility fetish wouldn't motivate me to fix this if the fix
8608 required any effort, but it doesn't, so what the hey.
8610 *) Fixed to properly default several server_rec fields for virtual
8611 servers from the corresponding fields in the main server_rec.
8612 [Cliff Skolnick --- 'port' was a particular irritant].
8614 *) No longer kills off nph- child processes before they are
8615 finished sending output. [Matthew Gray]
8617 Changes with Shambhala 0.6.0 10 Jul 1995
8619 *) Two styles of timeout --- hard and soft. soft_timeout()s just put
8620 the connection to the client in an "aborted" state, but otherwise
8621 allow whatever handlers are running to clean up. hard_timeout()s
8622 abort the request in progress completely; anything not tied to some
8623 resource pool cleanup will leak. They're still around because I
8624 haven't yet come up with a more elegant way of handling
8625 timeouts when talking to something that isn't the client. The
8626 default_handler and the dir_handler now use soft timeouts, largely
8627 so I can test the feature. [Robert Thau]
8629 *) TransferLog "| my_postprocessor ..." seems to be there. Note that
8630 the case of log handlers dying prematurely is probably handled VERY
8631 gracelessly at this point, and if the logger stops reading input,
8632 the server will hang. (It is known to correctly restart the
8633 logging process on server restart; this is (should be!) going through
8634 the same SIGTERM/pause/SIGKILL routine used to ding an errant CGI
8635 script). [Robert Thau]
8637 *) asis files supported (new module). [Robert Thau]
8639 *) IdentityCheck code is compiled in, but has not been tested. (I
8640 don't know anyone who runs identd). [Robert Thau]
8642 *) PATH_INFO and PATH_TRANSLATED are not set unless some real PATH_INFO
8643 came in with the request, for NCSA bug-compatibility. [Robert Thau]
8645 *) Don't leak the DIR * on HEAD request for a directory. [Robert Thau]
8647 *) Deleted the block_alarms() stuff from dbm_auth; no longer necessary,
8648 as timeouts are not in scope. [Robert Thau]
8650 *) quoted-string args in config files now handled correctly (doesn't drop
8651 the last character). [Robert Thau; reported by Randy Terbush]
8653 *) Fixed silly typo in http_main.c which was suddenly fatal in HP-UX.
8654 How the hell did it ever work? [Robert Thau; reported by Rob Hartill]
8656 *) mod_core.c --- default_type returns DEFAULT_TYPE (the compile-time
8657 default default type); the former default default behavior when all
8658 type-checkers defaulted had been a core dump. [Paul Sutton]
8660 *) Copy filenames out of the struct dirent when indexing
8661 directories. (On Linux, readdir() returns a pointer to the same
8662 memory area every time). Fix is in mod_dir.c. [Paul Sutton]
8664 Changes with Shambhala 0.5.3 [not released]
8666 *) Default response handler notes "file not found" in the error log,
8667 if the file was not found. [Cliff Skolnick].
8669 *) Another Cliff bug --- "GET /~user" now properly redirects (the userdir
8670 code no longer sets up bogus PATH_INFO which fakes out the directory
8671 handler). [Cliff Skolnick]
8673 Changes with Shambhala 0.5.2 06 Jul 1995
8675 *) Changes to http_main.c --- root server no longer plays silly
8676 games with SIGCHLD, and so now detects and replaces dying
8677 children. Child processes just die on SIGTERM, without taking
8678 the whole process group with them. Potential problem --- if any
8679 child process refuses to die, we hang in restart.
8680 MaxRequestsPerChild may still not work, but it certainly works
8681 better than it did before this! [Robert Thau]
8683 *) mod_dir.c bug fixes: ReadmeName and HeaderName
8684 work (or work better, at least); over-long description lines
8685 properly terminated. [Mark Cox]
8687 *) http_request.c now calls unescape_url() more places where it
8688 should [Paul Sutton].
8690 *) More directory handling bugs (reported by Cox)
8691 Parent Directory link is now set correctly. [Robert Thau]
8693 Changes with Shambhala 0.5.1 04 Jul 1995
8695 *) Generalized cleanup interface in alloc.c --- any function can be
8696 registered with alloc.c as a cleanup for a resource pool;
8697 tracking of files and file descriptors has been reimplemented in
8698 terms of this interface, so I can give it some sort of a test.
8701 *) More changes in alloc.c --- new cleanup_for_exec() function,
8702 which tracks down and closes all file descriptors which have been
8703 registered with the alloc.c machinery before the server exec()s a
8704 child process for CGI or <!--#exec-->. CGI children now get
8705 started with exactly three file descriptors open. Hopefully,
8706 this cures the problem Rob H. was having with overly persistent
8707 CGI connections. [Robert Thau]
8709 *) Mutual exclusion around the accept() in child_main() --- this is
8710 required on at least SGI, Solaris and Linux, and is #ifdef'ed in
8711 by default on those systems only (-DFCNTL_SERIALIZED_ACCEPT).
8712 This uses fcntl(F_SETLK,...) on the error log descriptor because
8713 flock() on that descriptor won't work on systems which have BSD
8714 flock() semantics, including (I think) Linux 1.3 and Solaris.
8716 This does work on SunOS (when the server is idle, only one
8717 process in the pool is waiting on accept()); it *ought* to work
8718 on the other systems. [Robert Thau]
8720 *) FreeBSD and BSDI portability tweaks [Chuck Murcko]
8722 *) sizeof(*sa_client) bugfix from [Rob Hartill]
8724 *) pstrdup(..., NULL) returns NULL, [Randy Terbush]
8726 *) block_alarms() to avoid leaking the DBM* in dbm auth (this should
8727 be unnecessary if I go to the revised timeout-handling scheme).
8730 *) For NCSA bug-compatibility, set QUERY_STRING env var (to a null
8731 string) even if none came in with the request. [Robert Thau]
8733 *) CHANGES file added to distribution ;-).
8735 Changes with Shambhala 0.4.5
8737 *) mod_dld --- early dynamic loading support [rst]
8738 *) Add wildcard content handlers for XBITHACK; default_hander now
8739 invoked with that mechanism (as a handler hanging off mod_core) [rst]
8740 *) XBITHACK supported as a wildcard content-handler, and
8741 configurable at run-time (not just at compile time, as in the
8742 "patchy server" releases) [rst]
8744 Changes with Shambhala 0.4.4 30 Jun 1995
8746 *) Fixed basic thinkos in mod_dbm_auth.c [rst, reported by Mark Cox]
8747 *) Handle Addtype x/y .z [rst, reported by Cox]
8749 Changes with Shambhala 0.4.3
8751 *) Fixed very dumb bug in mod_alias; "Alias" and "Redirect" are not
8752 synonymous [rst, terbush]
8754 Changes with Shambhala 0.4.1 28 Jun 1995
8756 *) First-cut virtual host implementation; some refit in the config
8757 reading code, and log management, was necessary to support this [rst]
8758 *) Sub-pool machinery, originally added to avoid excessive storage
8759 allocation on listings of large directories (which turned out to
8760 be the problem that the 0.3 storage accounting was added to
8761 find). Subrequests and mod_dir changed to use subpools. [rst]
8762 *) More memory debugging --- free list consistency checks. [rst]
8763 *) Added err_headers to request_rec, with support elsewhere [rst]
8764 *) Other fixes to minor bugs in mod_dir and mod_includes [rst, terbush]
8766 Changes with Shambhala 0.3 19 Jun 1995
8768 *) Switch ONE_PROCESS to a runtime command-line option (-X)
8769 *) Don't compile in mod_ai_backcompat by default
8770 *) Switch name of server from Apache to Shambhala in Makefile
8771 *) Add some accounting routines to track memory usage in the pools,
8774 Changes with Shambhala 0.2
8776 *) Set DOCUMENT_ROOT CGI variable
8777 *) Add single-process debugging, as a compile-time option (ONE_PROCESS)
8778 *) Add critical section protection to handling of cleanup structures
8780 *) Significant code reorg within the server core to group related
8781 functions together [rst]
8782 *) Correctly handle clients that hang up before sending any request
8784 *) Replace dying child processes. [rst]
8786 Changes with Shambhala 0.1 12 Jun 1995
8788 Major rewrite of the pre-existing "patchy server" codebase, by
8789 Robert Thau (rst). Significant portions of the server code, such
8790 as configuration-file handling and HTTP authentication support,
8791 were ripped out and rewritten from scratch. Code that was not
8792 completely rewritten was significantly altered.
8794 Major changes with this release include:
8796 *) Introduction of the module API; in request handling, the central
8797 machinery just dispatches to various modules, which actually do
8798 most of the work. Configuration handling is similar --- modules
8799 declare their own commands, and the central machinery just
8802 API features from shambhala/0.1 were substantially unchanged in
8803 Apache 1.0 and 1.1. (1.0 API features not yet present in this
8804 release, such as wildcard handlers and subpools, were added in
8805 subsequent Shambhala releases, and were also generally rst's
8808 *) This release included the following modules:
8810 mod_access (access control --- allow and deny directives),
8811 mod_alias (Alias and Redirect commands),
8812 mod_auth (straight HTTP authentication, based on flat-files)
8813 mod_auth_dbm (same, with dbm files)
8814 mod_cgi (CGI scripts and, in this release, ScriptAlias)
8815 mod_common_log (CLF access logs; later renamed mod_log_common)
8816 mod_dir (directory indexing)
8817 mod_include (server-side includes)
8818 mod_mime (AddType directives)
8819 mod_negotiation (content negotiation)
8820 mod_userdir (support for users' public_html directories)
8822 It also included a mod_ai_backcompat, which was a private hack
8823 for back-compatibility with rst's own AI-lab servers.
8825 All of these modules were substantially complete, and functional
8826 or nearly so (a few, which implemented features not in use at
8827 Thau's site, required patches of a few lines).
8829 *) sub-request machinery, to allow modules to determine how other
8830 modules would assign MIME types to a given file, or optionally
8831 serve its content (this is heavily used by mod_dir, mod_include
8832 and mod_negotiation).
8834 *) Resource pool system for keeping track of memory allocated and
8835 files opened in service of a particular request. Much of the
8836 code in the modules (when they weren't rewrites) was adjusted to
8837 replace a pervasive convention of using fixed-size buffers on
8838 the stack with an equally pervasive convention of using memory
8839 allocated with palloc().
8841 *) Reorganization of data structures associated with a given
8842 request to eliminate use of global variables and the troublesome
8843 unmunge_name function (used in NCSA and early Apache releases to
8844 attempt to determine the URI which mapped to a given filename
8845 --- a difficult proposition, given that it is easy to produce
8846 setups in which multiple URIs map to the same file).
8848 *) Source files renamed and rearranged
8850 *) Very simple pre-forking behavior --- parent process forked off a
8851 fixed number of children, and then just waited for SIGHUP.
8853 *) Other more minor changes too numerous to list.
8855 This release included modified versions of a lot of code from the
8856 Apache 0.6.4 public release, plus an early pre-forking patch
8857 codeveloped by Robert Thau and Rob Hartill.
8859 Changes with Apache 0.7.3 20 Jun 1995
8861 *) There were a bunch of changes between Apache 0.6.4 and 0.7.3 that
8862 were incorporated by Rob Hartill on the main branch while Robert Thau
8863 worked on the Shambhala rewrite above. Most were merged into the
8864 Shambala architecture after Apache 0.8.0.
8866 Changes with Apache 0.6.4 13 May 1995
8868 *) Patches by Rob Hartill, Cliff Skolnick, Randy Terbush, Robert Thau,
8871 Changes with Apache 0.5.1 10 Apr 1995
8873 Changes with Apache 0.4 02 Apr 1995
8875 *) Patches by Brian Behlendorf, Andrew Wilson, Robert Thau,
8878 Changes with Apache 0.3 24 Mar 1995
8880 *) Patches by Robert Thau, David Robinson, Rob Hartill, and
8883 Changes with Apache 0.2 18 Mar 1995
8885 *) Based on NCSA httpd 1.3 by Rob McCool and patches by CERT,
8886 Roy Fielding, Robert Thau, Nicolas Pioch, David Robinson,
8887 Brian Behlendorf, Rob Hartill, and Cliff Skolnick.