Changes with Apache 2.3.0
[ When backported to 2.2.x, remove entry from this file ]
- *) authn/z: Convert common provider version strings to macros.
+ *) Allow for smax to be 0 for balancer members so that all idle
+ connections are able to be dropped should they exceed ttl.
+ PR 43371 [Phil Endecott <spam_from_apache_bugzilla chezphil.org>,
+ Jim Jagielski]
- *) http_filters: Don't return 100-continue on redirects. PR 43711
- [Ruediger Pluem]
+ *) mod_proxy_ajp: Fix wrongly formatted requests where client
+ sets Content-Length header, but doesn't provide a body.
+ Servlet container always expects that next packet is
+ body whenever C-L is present in the headers. This can lead
+ to wrong interpretation of the packets. In this case
+ send the empty body packet, so container can deal with
+ that. [Mladen Turk]
- *) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
+ *) mod_authnz_ldap: don't return NULL-valued environment variables to
+ other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
- *) configure: Don't reject libtool 2.x
- PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>]
+ *) Don't adjust case in pathname components that are not of interest
+ to mod_mime. Fixes mod_negotiation's use of such components.
+ PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
+
+ *) Add new LogFormat parameter, %k, which logs the number of
+ keepalive requests on this connection for this request..
+ [Dan Poirier <poirier pobox.com>]
+
+ *) Be tolerant in what you accept - accept slightly broken
+ status lines from a backend provide they include a valid status code.
+ PR 44995 [Rainer Jung <rainer.jung kippdata.de>]
+
+ *) New module mod_sed: filter Request/Response bodies through sed
+ [Basant Kumar Kukreja <basant.kukreja sun.com>]
+
+ *) mod_auth_form: Make sure that basic authentication is correctly
+ faked directly after login. [Graham Leggett]
+
+ *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
+ within the output headers and error output headers, so that the
+ session is maintained across redirects. [Graham Leggett]
+
+ *) mod_auth_form: Make sure the logged in user is populated correctly
+ after a form login. Fixes a missing REMOTE_USER variable directly
+ following a login. [Graham Leggett]
+
+ *) mod_session_cookie: Make sure that cookie attributes are correctly
+ included in the blank cookie when cookies are removed. This fixes an
+ inability to log out when using mod_auth_form. [Graham Leggett]
+
+ *) mod_autoindex: add configuration option to insert string
+ in HTML HEAD. [Nick Kew]
+
+ *) mod_ssl: implement dynamic mutex callbacks for the benefit of
+ OpenSSL. [Sander Temme]
+
+ *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
+ null value. [David Shane Holden <dpejesh apache.org>]
+
+ *) mod_headers: Prevent Header edit from processing only the first header
+ of possibly multiple headers with the same name and deleting the
+ remaining ones. PR 45333. [Ruediger Pluem]
+
+ *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
+ [Tom Donovan]
- *) suexec: When group is given as a numeric gid, validate it by looking up
- the actual group name such that the name can be used in log entries.
- PR 7862 [<y-koga apache.or.jp>, Leif W <warp-9.9 usa.net>]
+ *) core, authn/z: Determine registered authn/z providers directly in
+ ap_setup_auth_internal(), which allows optional functions that just
+ wrapped ap_list_provider_names() to be removed from authn/z modules.
+ [Chris Darroch]
- *) ab: Improve client performance by clearing connection pool instead
- of destroying it. PR 40054 [Brad Roberts <braddr puremagic.com>]
+ *) authn/z: Convert common provider version strings to macros.
+ [Chris Darroch]
- *) ab: Don't stop sending a request if EAGAIN is returned, which
- will only happen if both the write and subsequent wait are
- returning EAGAIN, and count posted bytes correctly when the initial
- write of a request is not complete. PR 10038, 38861, 39679
- [Patrick McManus <mcmanus datapower.com>,
- Stefan Fleiter <stefan.fleiter web.de>,
- Davanum Srinivas, Roy T. Fielding]
+ *) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
- *) ab: Overhaul stats collection and reporting to avoid integer
- truncation and time divisions within the test loop, retain
- native time resolution until output, remove unused data,
- consistently round milliseconds, and generally avoid losing
- accuracy of calculation due to type casts. PR 44878, 44931.
- [Roy T. Fielding]
+ *) configure: Don't reject libtool 2.x
+ PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>]
*) core: When testing for slash-terminated configuration paths in
ap_location_walk(), don't look past the start of an empty string
Introduce wrappers for access control hook and provider registration
which can accept additional mode and flag data. [Chris Darroch]
- *) mod_dav: Return "method not allowed" if the destination URI of a WebDAV
- copy / move operation is no DAV resource. PR 44734 [Ruediger Pluem]
-
*) Introduced ap_expr API for expression evaluation.
This is adapted from mod_include, which is the first module
to use the new API.
first row returned by database query instead of last row.
[Chris Darroch]
- *) mod_rewrite: Initialize hash needed by ap_register_rewrite_mapfunc early
- enough. PR 44641 [Daniel Lescohier <daniel.lescohier cnet.com>]
-
- *) mod_cache: Handle If-Range correctly if the cached resource was stale.
- PR 44579 [Ruediger Pluem]
-
*) mod_ldap: Correctly return all requested attribute values
when some attributes have a null value.
PR 44560 [Anders Kaseorg <anders kaseorg.com>]
*) core: fix origin checking in SymlinksIfOwnerMatch
PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
- *) mod_proxy: Do not try a direct connection if the connection via a
- remote proxy failed before and the request has a request body.
- [Ruediger Pluem]
-
*) Activate mod_cache, mod_file_cache and mod_disc_cache as part of the
'most' set for '--enable-modules' and '--enable-shared-mods'. Include
mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
mod_cache et.al. to trap the results of the redirect.
[Dirk-Willem van Gulik, Ruediger Pluem]
- *) mod_proxy_ajp: Do not retry request in the case that we either failed to
- sent a part of the request body or if the request is not idempotent.
- PR 44334 [Ruediger Pluem]
-
*) mod_ldap: Add support (taking advantage of the new APR capability)
for ldap rebind callback while chasing referrals. This allows direct
searches on LDAP servers (in particular MS Active Directory 2003+)
using referrals without the use of the global catalog.
PRs 26538, 40268, and 42557 [Paul J. Reder]
- *) Support chroot on Unix-family platforms
- PR 43596 [Dimitar Pashev <mitko banksoft-bg.com>]
-
*) mod_ssl: Added server name indication support (SNI, RFC 4366).
PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
can be created with test/make_sni.sh [Dirk-Willem van Gulik].
*) mod_ssl: Add support for OCSP validation of client certificates.
PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
- *) mod_unique_id: Fix timestamp value in UNIQUE_ID.
- PR 37064 [Kobayashi <kobayashi firstserver.co.jp>]
-
*) mod_serf: New module for Reverse Proxying. [Paul Querna]
*) core: Add the option to keep aside a request body up to a certain
*) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
- *) ab: Add -r option to continue after socket receive errors.
- [Filip Hanik <devlist hanik.com>]
-
*) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
for SDKs that define LDAP_NO_LIMIT to something other than -1.
[David Jones <oscaremma gmail.com>]
to circumvent the symbolic link checks imposed by FollowSymLinks and
SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
- *) mod_proxy: Support environment variable interpolation in reverse
- proxying directives. [Nick Kew]
-
- *) core: Add the filename of the configuration file to the warning message
- about the useless use of AllowOverride. PR 39992.
- [Darryl Miles <darryl darrylmiles.org>]
-
*) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
The default is none as this is far greater debugging resolution than
projects / apache / blobdiff