- -*- coding: utf-8 -*-
+ -*- coding: utf-8 -*-
+
+Changes with Apache 2.3.11
+
+ *) core: new hook: ap_run_pre_read_request. [Jim Jagielski]
+
+ *) mod_cache: When a request other than GET or HEAD arrives, we must
+ invalidate existing cache entities as per RFC2616 13.10. PR 15868.
+ [Graham Leggett]
+
+ *) modules: Fix many modules that were not correctly initializing if they
+ were not active during server startup but got enabled later during a
+ graceful restart. [Stefan Fritsch]
+
+ *) core: Create new ap_state_query function that allows modules to determine
+ if the current configuration run is the initial one at server startup,
+ and if the server is started for testing/config dumping only.
+ [Stefan Fritsch]
+
+ *) mod_cache: When a bad Expires date is present, we need to behave as if
+ the Expires is in the past, not as if the Expires is missing. PR 16521.
+ [Co-Advisor <coad@measurement-factory.com>]
+
+ *) mod_cache: We must ignore quoted-string values that appear in a
+ Cache-Control header. PR 50199. [Graham Leggett]
+
+ *) mod_dav: Revert change to send 501 error if unknown Content-* header is
+ received for a PUT request. PR 42978. [Stefan Fritsch]
+
+ *) mod_cache: Respect s-maxage as described by RFC2616 14.9.3, which must
+ take precedence if present. PR 35247. [Graham Leggett]
+
+ *) mod_ssl: Fix a possible startup failure if multiple SSL vhosts
+ are configured with the same ServerName and private key file.
+ [Masahiro Matsuya <mmatsuya redhat.com>, Joe Orton]
+
+ *) mod_socache_dc: Make module compile by fixing some typos.
+ PR 50735 [Mark Montague <mark catseye.org>]
+
+ *) prefork: Update MPM state in children during a graceful stop or
+ restart. PR 41743. [Andrew Punch <andrew.punch 247realmedia.com>]
+
+ *) mod_mime: Ignore leading dots when looking for mime extensions.
+ PR 50434 [Stefan Fritsch]
+
+ *) core: Add support to set variables with the 'Define' directive. The
+ variables that can then be used in the config using the ${VAR} syntax
+ known from envvar interpolation. [Stefan Fritsch]
+
+ *) mod_proxy_http: make adding of X-Forwarded-* headers configurable.
+ ProxyAddHeaders defaults to On. [Vincent Deffontaines]
+
+ *) mod_slotmem_shm: Increase memory alignment for slotmem data.
+ [Rainer Jung]
+
+ *) mod_ssl: Add config options for OCSP: SSLOCSPResponderTimeout,
+ SSLOCSPResponseMaxAge, SSLOCSPResponseTimeSkew.
+ [Kaspar Brand <httpd-dev.2011 velox.ch>]
+
+ *) mod_ssl: Revamp output buffering to reduce network overhead for
+ output fragmented into many buckets, such as chunked HTTP responses.
+ [Joe Orton]
+
+ *) core: Apply <If> sections to all requests, not only to file base requests.
+ Allow to use <If> inside <Directory>, <Location>, and <Files> sections.
+ The merging of <If> sections now happens after the merging of <Location>
+ sections, even if an <If> section is embedded inside a <Directory> or
+ <Files> section. [Stefan Fritsch]
+
+ *) mod_proxy: Refactor usage of shared data by dropping the scoreboard
+ and using slotmem. Create foundation for dynamic growth/changes of
+ members within a balancer. Remove BalancerNonce in favor of a
+ per-balancer 'nonce' parameter. [Jim Jagielski]
+
+ *) mod_status: Don't show slots which are disabled by MaxClients as open.
+ PR: 47022 [Jordi Prats <jordi prats gmail com>, Stefan Fritsch]
+
+ *) mpm_prefork: Fix ap_mpm_query results for AP_MPMQ_MAX_DAEMONS and
+ AP_MPMQ_MAX_THREADS.
+
+ *) mod_authz_core: Fix bug in merging logic if user-based and non-user-based
+ authorization directives were mixed. [Stefan Fritsch]
+
+ *) mod_authn_socache: change directive name from AuthnCacheProvider
+ to AuthnCacheProvideFor. The term "provider" is overloaded in
+ this module, and we should avoid confusion between the provider
+ of a backend (AuthnCacheSOCache) and the authn provider(s) for
+ which this module provides cacheing (AuthnCacheProvideFor).
+ [Nick Kew]
+
+ *) mod_proxy_http: Allocate the fake backend request from a child pool
+ of the backend connection, instead of misusing the pool of the frontend
+ request. Fixes a thread safety issue where buckets set aside in the
+ backend connection leak into other threads, and then disappear when
+ the frontend request is cleaned up, in turn causing corrupted buckets
+ to make other threads spin. [Graham Leggett]
+
+ *) mod_ssl: Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables
+ to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and
+ escape other special characters with backslashes. The old format can
+ still be used with the LegacyDNStringFormat argument to SSLOptions.
+
+ *) core, mod_rewrite: Make the REQUEST_SCHEME variable available to
+ scripts and mod_rewrite. [Stefan Fritsch]
+
+ *) mod_rewrite: Allow to use arbitrary boolean expressions (ap_expr) in
+ RewriteCond. [Stefan Fritsch]
+
+ *) mod_rewrite: Allow to unset environment variables using E=!VAR.
+ PR 49512. [Mark Drayton <mark markdrayton info>, Stefan Fritsch]
+
+ *) mod_headers: Restore the 2.3.8 and earlier default for the first
+ argument of the Header directive ("onsuccess"). [Eric Covener]
+
+ *) core: Disallow the mixing of relative and absolute Options PR 33708.
+ [Sönke Tesch <st kino-fahrplan.de>]
+
+ *) core: When exporting request headers to HTTP_* environment variables,
+ drop variables whose names contain invalid characters. Describe in the
+ docs how to restore the old behaviour. [Malte S. Stretz <mss apache org>]
+
+ *) core: When selecting an IP-based virtual host, favor an exact match for
+ the port over a wildcard (or omitted) port instead of favoring the one
+ that came first in the configuration file. [Eric Covener]
+
+ *) core: Overlapping virtual host address/port combinations now implicitly
+ enable name-based virtual hosting for that address. The NameVirtualHost
+ directive has no effect, and _default_ is interpreted the same as "*".
+ [Eric Covener]
+
+ *) core: In the absence of any Options directives, the default is now
+ "FollowSymlinks" instead of "All". [Igor Galić]
+
+ *) rotatelogs: Add -e option to write logs through to stdout for optional
+ further processing. [Graham Leggett]
+
+ *) mod_ssl: Correctly read full lines in input filter when the line is
+ incomplete during first read. PR 50481. [Ruediger Pluem]
+
+ *) mod_authz_core: Add AuthzSendForbiddenOnFailure directive to allow
+ sending '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authorization
+ fails for an authenticated user. PR 40721. [Stefan Fritsch]
+
+Changes with Apache 2.3.10
+
+ *) mod_rewrite: Don't implicitly URL-escape the original query string
+ when no substitution has changed it. PR 50447. [Eric Covener]
+
+ *) core: Honor 'AcceptPathInfo OFF' during internal redirects,
+ such as per-directory mod_rewrite substitutions. PR 50349.
+ [Eric Covener]
+
+ *) mod_rewrite: Add 'RewriteOptions InheritBefore' to put the base
+ rules/conditions before the overridden rules/conditions. PR 39313.
+ [Jérôme Grandjanny <jerome.grandjanny cea.fr>]
+
+ *) mod_autoindex: add IndexIgnoreReset to reset the list of IndexIgnored
+ filenames in higher precedence configuration sections. PR 24243.
+ [Eric Covener]
+
+ *) mod_cgid: RLimit* directive support for mod_cgid. PR 42135
+ [Eric Covener]
+
+ *) core: Fail startup when the argument to ServerName looks like a glob
+ or a regular expression instead of a hostname (*?[]). PR 39863
+ [Rahul Nair <rahul.g.nair gmail.com>]
+
+ *) mod_userdir: Add merging of enable, disable, and filename arguments
+ to UserDir directive, leaving enable/disable of userlists unmerged.
+ PR 44076 [Eric Covener]
+
+ *) httpd: When no -k option is provided on the httpd command line, the server
+ was starting without checking for an existing pidfile. PR 50350
+ [Eric Covener]
+
+ *) mod_proxy: Put the worker in error state if the SSL handshake with the
+ backend fails. PR 50332.
+ [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]
+
+ *) mod_cache_disk: Fix Windows build which was broken after renaming
+ the module. [Gregg L. Smith]
Changes with Apache 2.3.9
Fix a denial of service attack against mod_reqtimeout.
[Stefan Fritsch]
+ *) mod_headers: Change default first argument of Header directive
+ from "onsuccess" to "always". [Eric Covener]
+
+ *) mod_include: Add the onerror attribute to the include element,
+ allowing an URL to be specified to include on error. [Graham
+ Leggett]
+
+ *) mod_cache_disk: mod_disk_cache renamed to mod_cache_disk, to be
+ consistent with the naming of other modules. [Graham Leggett]
+
+ *) mod_setenvif: Add SetEnvIfExpr directive to set env var depending on
+ expression. [Stefan Fritsch]
+
+ *) mod_proxy: Fix ProxyPassInterpolateEnv directive. PR 50292.
+ [Stefan Fritsch]
+
+ *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
+ binary (Suexec Off), or force startup failure if suEXEC is required
+ but not supported (Suexec On). Change SuexecUserGroup to fail
+ startup instead of just printing a warning if suEXEC is disabled.
+ [Jeff Trawick]
+
+ *) core: Add Error directive for aborting startup or htaccess processing
+ with a specified error message. [Jeff Trawick]
+
+ *) mod_rewrite: Fix the RewriteEngine directive to work within a
+ location. Previously, once RewriteEngine was switched on globally,
+ it was impossible to switch off. [Graham Leggett]
+
+ *) core, mod_include, mod_ssl: Move the expression parser derived from
+ mod_include back into mod_include. Replace ap_expr with a parser
+ derived from mod_ssl's parser. Make mod_ssl use the new parser. Rework
+ ap_expr's public interface and provide hooks for modules to add variables
+ and functions. [Stefan Fritsch]
+
+ *) core: Do the hook sorting earlier so that the hooks are properly sorted
+ for the pre_config hook and during parsing the config. [Stefan Fritsch]
+
+ *) core: In the absence of any AllowOverride directives, the default is now
+ "None" instead of "All". PR49823 [Eric Covener]
+
+ *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
+ <Directory> or <Files>. PR47765 [Eric Covener]
+
+ *) prefork/worker/event MPMS: default value (when no directive is present)
+ of MaxConnectionsPerChild/MaxRequestsPerChild is changed to 0 from 10000
+ to match default configuration and manual. PR47782 [Eric Covener]
+
+ *) proxy_connect: Don't give up in the middle of a CONNECT tunnel
+ when the child process is starting to exit. PR50220. [Eric Covener]
+
+ *) mod_autoindex: Fix inheritance of mod_autoindex directives into
+ contexts that don't have any mod_autoindex directives. PR47766.
+ [Eric Covener]
+
*) mod_rewrite: Add END flag for RewriteRule to prevent further rounds
of rewrite processing when a per-directory substitution occurs.
[Eric Covener]
and executing perl-style regexp ops (e.g s/foo/bar/i) and regexp memory
[Nick Kew]
+ *) Proxy: support setting source address. PR 29404
+ [Multiple contributors iterating through bugzilla,
+ Aron Ujvari <xanco nikhok.hu>, Aleksey Midenkov <asm uezku.kemsu.ru>,
+ <dan listening-station.net; trunk version Nick Kew]
+
+ *) HTTP protocol: return 400 not 503 if we have to abort due to malformed
+ chunked encoding. [Nick Kew]
+
Changes with Apache 2.3.8
*) suexec: Support large log files. PR 45856. [Stefan Fritsch]
*) socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
- *) mod_authn_cache: new module [Nick Kew]
+ *) mod_authn_socache: new module [Nick Kew]
*) configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]