APACHE 2.4 STATUS: -*- mode: text; coding: utf-8 -*- Last modified at [$Date$] The current version of this file can be found at: * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/STATUS Documentation status is maintained separately and can be found at: * docs/STATUS in this source tree, or * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/docs/STATUS The current development branch of this software can be found at: * http://svn.apache.org/repos/asf/httpd/httpd/trunk Consult the following STATUS files for information on related projects: * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS * http://svn.apache.org/repos/asf/apr/apr/branches/1.4.x/STATUS * http://svn.apache.org/repos/asf/apr/apr-util/branches/1.4.x/STATUS Patches considered for backport are noted in their branches' STATUS: * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/STATUS Release history: [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases, while x.{even}.z versions are Stable/GA releases.] 2.4.4 : In development. Jim and sf propose a release RSN; jim would like to see the mod_proxy and mod_slotmem in this release though. Jim volunteers to RM. 2.4.3 : Tagged on August 17, 2012. Released Aug 18, 2012 2.4.2 : Tagged on April 5, 2012. Released Apr 17, 2012. 2.4.1 : Tagged on February 13, 2012. Released Feb 21, 2012. 2.4.0 : Tagged on January 16, 2012, not released. 2.3.16 : Tagged on December 15, 2011. 2.3.15 : Tagged on November 8, 2011. Released Nov. 15, 2011. 2.3.14 : Tagged on August 1, 2011. Released Aug. 9, 2011. 2.3.13 : Tagged on June 28, 2011, not released. 2.3.12 : Tagged on May 11, 2011. Released May 23, 2011. 2.3.11 : Released as Beta on March 7, 2011. 2.3.10 : Tagged on December 13, 2010. Released Dec 21, 2010. 2.3.9 : Tagged on November 23, 2010, not released. 2.3.8 : Tagged on August 24, 2010. 2.3.7 : Tagged on August 19, 2010, not released. 2.3.6 : Released on June 21, 2010. 2.3.5 : Released on January 26, 2010. 2.3.4 : Released on December 8, 2009. 2.3.3 : Tagged on November 11, 2009, not released. 2.3.2 : Tagged on March 23, 2009, not released. 2.3.1 : Tagged on January 2, 2009, not released. 2.3.0 : Tagged on December 6, 2008, not released. Contributors looking for a mission: * Just do an egrep on "TODO" or "XXX" in the source. * Review the bug database at: http://issues.apache.org/bugzilla/ * Review the "PatchAvailable" bugs in the bug database: https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable After testing, you can append a comment saying "Reviewed and tested". * Open bugs in the bug database. * See also the STATUS file in the docs/ directory, which lists documentation-specific TODO items. CURRENT RELEASE NOTES: * Forward binary compatibility is expected of Apache 2.4.x releases, such that no MMN major number changes will occur after 2.4.1. Such changes can only be made in the trunk. * All commits to branches/2.4.x must be reflected in SVN trunk, as well, if they apply. Logical progression is commit to trunk then merge into branches/2.4.x, as applicable. RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] * mod_slotmem_*: Add in new fgrab() function which forces a grab and slot allocation on a specified slot. Allow for clearing of inuse array. trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1386880 http://svn.apache.org/viewvc?view=revision&revision=1387389 http://svn.apache.org/viewvc?view=revision&revision=1388445 http://svn.apache.org/viewvc?view=revision&revision=1394079 2.4.x patch: trunk patch works +1: jim, rjung * mod_proxy: Persist balancer and worker data across restarts and stop/start. NOTE: Assumes mod_slotmem patch which adds fgrab() trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1387110 http://svn.apache.org/viewvc?view=revision&revision=1387444 http://svn.apache.org/viewvc?view=revision&revision=1387979 http://svn.apache.org/viewvc?view=revision&revision=1387607 http://svn.apache.org/viewvc?view=revision&revision=1407085 http://svn.apache.org/viewvc?view=revision&revision=1387693 2.4.x patch: http://people.apache.org/~jim/patches/proxy-persist3.diff +1: jim rjung: - 2.4 patch also contains small parts of r1387684. Intentional? What about the rest of that revision? - ap_mmn.h: " fields" -> " field" jim: typo. Fixed in proxy-persist3.diff - ap_mmn.h: 2.4.3-dev -> 2.4.4-dev in comment jim: ditto - No merging of persist flag, intentional? jim: yes - r1387979 is also (correctly) backported here and part of the combined 2.4 patch - r1387607 is also included in the 2.4 patch, but that revision was later replaced by r1407085, so I suggest either to remove r1387607 or use r1387607 plus r1407085. jim: Updated with proxy-persist3.diff - Description of "BalancerPersist" is a bit hard to understand: "on if the balancer should persist changes on reboot/restart made via the Balancer Manager". Maybe use similar to the docs: "on if the changes made via the Balancer Manager should be persisted acros restarts". - What is meant by "restart": Directive text says "reboot/restart", docs "restart/graceful". Do changes survive a full stop and start, or only "apachectl restart"? jim: Yes, changes survive full stop and start (reboot). - Should the start/stop warning in the BalancerPersist docs of r1387110 be added back? In trunk it was removed by docs revision r1387290, which refers to the code change r1387287 which itself doesn't seem to be part of this backport. It was later changed by r1387444 which is part of the backport. Note that adding the warning note will introduce an XML validation error ;) jim: Any docco changes, imo, can be made post-commit (as well as be added to trunk). * mod_proxy: Allow balancers to be server-specific, as they should have been. Inheritance causes too many behind-the-scene interactions to be reliable in a dynamic environ. We maintain the old-default of inheritance. trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1387603 http://svn.apache.org/viewvc?view=revision&revision=1388029 http://svn.apache.org/viewvc?view=revision&revision=1420124 2.4.x patch: http://people.apache.org/~jim/patches/proxypassinherit.patch +1: jim, druggeri * mod_auth_form: Make sure that get_notes_auth() sets the user as does get_form_auth() and get_session_auth(). Makes sure that REMOTE_USER does not vanish during mod_include driven subrequests. trunk patch: http://svn.apache.org/viewvc?rev=1393152&view=rev 2.4.x patch: trunk patch works +1: minfrin, jim * mod_proxy_ftp: Fix segfaults on IPv4 requests to hosts with DNS AAAA records. PR 40841. trunk patch: http://svn.apache.org/viewvc?rev=1404625&view=rev http://svn.apache.org/viewvc?rev=1420223&view=rev 2.4.x patch: trunk patch works, or http://people.apache.org/~jorton/proxyftpepsv-24.patch +1: jorton, jim A list of further possible backports can be found at: http://people.apache.org/~rjung/patches/possible-backports-httpd-trunk-2_4.txt If you want to propose one of those, please still add them here. OTHER PROPOSALS * opinion on more complete DefaultRuntimeDir use in 2.4.x? o If a module has a config directive for the run-time file that treats the configured path as relative to server root, preserve that behavior but change the location when not configured to respect DefaultRuntimeDir. With these changes, users with no per-runtime-file configuration directives can control everything with DefaultRuntimeDir. BUT: Existing users of DefaultRuntimeDir might get a short-term scare when some unconfigured run-time file starts respecting their DefaultRuntimeDir directive after an upgrade. +1: trawick, jim, rjung rjung: applicable trunk revisions WITHOUT the compatibility tweaks described above: jim: mod_slotmem_plain lacks heartbeat r1364695 scoreboard r1369477 core/pid file r1369808 core/mutex r1370288 mod_socache_XXX r1370225, r1407385 mod_ldap r1371684 mod_cache r1407381 PATCHES/ISSUES THAT ARE STALLED * cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will be compiled by the build compiler instead of the host compiler. Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected. Trunk patches: http://svn.apache.org/viewvc?view=revision&revision=1327907 http://svn.apache.org/viewvc?view=revision&revision=1328390 http://svn.apache.org/viewvc?view=revision&revision=1328714 2.4 patch: http://people.apache.org/~fuankg/diffs/httpd-2.4.x-cross_compile.diff fuankg: on hold until we agree for a better and more simple solution ... * mod_lua: Add a new directive, LuaCodeCache, for controlling the in-memory caching of scripts trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1366890 http://svn.apache.org/viewvc?view=revision&revision=1367025 http://svn.apache.org/viewvc?view=revision&revision=1367040 http://svn.apache.org/viewvc?view=revision&revision=1367048 http://svn.apache.org/viewvc?view=revision&revision=1367042 (CHANGES) 2.4.x patch: Trunk patch works +1: humbedooh, rjung rjung: docs missing? humbedooh: It's in the 2.4 docs already, but commented out, as with a lot of other functions that were never actually made. It's a mess ;) -1: sf sf: * If you copy'n'paste code, you need to assign new APLOGNOs. See r1383013 and docs/log-message-tags/README. * The code did not compile without warning, see r1383022. * If you have a request_rec, use ap_log_rerror to get the most specific log config. ap_log_perror always uses the global server log config. * Now that you have the request pool, don't you want to use it for the apr_stat() call instead of lifecycle_pool? * Try to not introduce new coding style issues. See r1383024, r1383028, r1383037. * mod_ssl: Add support for Next Protocol Negotiation. Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1332643 2.4.x patch: Trunk patch works. +1: ben sf says: Needs r1345599, too. And wrowe's comment about the 2.2 patch is also valid for 2.4: http://svn.apache.org/viewvc?view=revision&revision=1354823 * mod_ssl: Add RFC 5878 support. This allows support of mechansisms such as Certificate Transparency. Note that new mechanisms are supported without software updates. trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1352596 2.4.x patch: http://people.apache.org/~ben/httpd-2.4-rfc5878.patch +1: ben, druggeri -1: kbrand druggeri note: Needs docs for new directive kbrand: depends on an unreleased OpenSSL version (1.0.2), and RFC 5878 is of "Category: Experimental". Seems premature to me to consider for backporting to 2.4/2.2 at this point. The API in the OpenSSL implementation from May 2012 (http://cvs.openssl.org/chngview?cn=22601) only covers the privately-defined TLSEXT_AUTHZDATAFORMAT_audit_proof, there's no support for x509_attr_cert (section 3.3.1 in RFC 5878) or saml_assertion (3.3.2). SSL_CTX_use_authz_file doesn't have any docs in OpenSSL, either, and there's no "openssl foo ..." command or similar to create/manage such files. Trunk is the right place where it can grow. Finally, httpd-2.4-rfc5878.patch includes a build-system change which is unrelated to this feature (see separate proposal from rjung below, ssl-support-uninstalled-openssl-2_4.patch). ben: not correct that it depends on OpenSSL 1.0.2, it builds with any version. Also, if you read my note to dev@ you will see why it is not premature. minfrin: once this gets docs, +1.