-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_ssl: bring SNI behavior into better conformance with RFC 6066:
+ no longer send warning-level unrecognized_name(112) alerts,
+ and limit startup warnings to cases where an OpenSSL version
+ without TLS extension support is used. PR 56241. [Kaspar Brand]
+
+ *) mod_proxy_html: Do not delete the wrong data from HTML code when a
+ "http-equiv" meta tag specifies a Content-Type behind any other
+ "http-equiv" meta tag. PR 56287 [Micha Lenk <micha lenk info>]
+
+ *) mod_expires: don't add Expires header to error responses (4xx/5xx),
+ be they generated or forwarded. PR 55669. [ Yann Ylavic ]
+
+ *) mod_rewrite: Support an optional list of characters to escape in the
+ argument for the 'B' (escape backreferences) flag. [Eric Covener]
+
+ *) mod_ssl: Add SSLOCSPUseRequestNonce directive to control whether or not
+ OCSP requests should use a nonce to be checked against the responder's
+ one. PR 56233. [ Yann Ylavic ]
+
+ *) mod_reqtimeout: Resolve unexpected timeouts on keepalive requests
+ under the Event MPM. PR56216. [Frank Meier <frank meier ergon ch>]
+
+ *) mod_lua: Add r:wspeek for checking if there is any data waiting on the line
+ [Daniel Gruno]
+
+ *) mod_proxy: Do not try to parse the regular expressions passed by
+ ProxyPassMatch as URL as they do not follow their syntax.
+ PR 56074. [Ruediger Pluem]
+
+ *) mod_dir: Default to 2.2-like behavior and skip execution when method is
+ neither GET nor POST, such as for DAV requests. PR 54914. [Chris Darroch]
+
+ *) mod_rewrite: Rename the handler that does per-directory internal
+ redirects to "rewrite-redirect-handler" from "redirect-handler" so
+ it is less ambiguous and less likely to be reused. [Eric Covener]
+
+ *) mod_rewrite: Protect against looping with the [N] flag by enforcing a
+ default limit of 10000 iterations, and allowing each rule to change its
+ limit. [Eric Covener]
+
+ *) mod_ssl: Fix config merging of SSLOCSPEnable and SSLOCSPOverrideResponder.
+ [Jeff Trawick]
+
+ *) Add HttpContentLengthHeadZero and HttpExpectStrict directives.
+ [Yehuda Sadeh <yehuda inktank com>, Justin Erenkrantz]
+
*) FreeBSD: Disable IPv4-mapped listening sockets by default for versions
5+ instead of just for FreeBSD 5. PR 53824. [Jeff Trawick]
configured SSL CA certificates to stdout the same way as DUMP_CERTS does.
[Jan Kaluza]
- *) mod_cache_disk: Fix potential hangs on Windows when using mod_cache_disk.
- PR55833. [Eric Covener]
-
*) mod_headers: Allow the "value" parameter of Header and RequestHeader to
contain an ap_expr expression if prefixed with "expr=". [Eric Covener]
*) mod_ssl: Don't flush when an EOS is received. Prepares mod_ssl
to support write completion. [Graham Leggett]
- *) prefork: Fix long delays when doing a graceful restart.
- PR 54852 [Jim Jagielski, Arkadiusz Miskiewicz <arekm maven pl>]
-
*) core: Add parse_errorlog_arg callback to ap_errorlog_provider
to allow providers to check the ErrorLog argument. [Jan Kaluza]
- *) core: Detect incomplete body in HTTP input filter and return
- APR_INCOMPLETE. PR 55475 [Yann Ylavic <ylavic dev gmail com>]
-
*) mod_cgid: Use the servers Timeout for each read from a CGI script,
allow override with new CGIDRequestTimeout directive. PR43494
[Eric Covener, Toshikuni Fukaya <toshikuni-fukaya cybozu co jp>]
*) core: ensure any abnormal exit is reported to stderr if it's a tty.
PR 55670 [Nick Kew]
- *) mod_proxy: Added support for unix domain sockets as the
- backend server endpoint [Jim Jagielski, Blaise Tarr
- <blaise tarr gmail com>]
-
*) mod_auth_form: Make sure the optional functions are loaded even when
the AuthFormProvider isn't specified. [Graham Leggett]
*) core: Add ap_errorlog_provider to make ErrorLog logging modular. Move
syslog support from core to new mod_syslog. [Jan Kaluza]
- *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
- TE/CL conflicts. [Yann Ylavic <ylavic.dev gmail com>, Jim Jagielski]
-
- *) mod_proxy_fcgi: Use apr_socket_timeout_get instead of hard-coded
- 30 seconds timeout. [Jan Kaluza]
-
*) WinNT MPM: If ap_run_pre_connection() fails or sets c->aborted, don't
save the socket for reuse by the next worker as if it were an
APR_SO_DISCONNECTED socket. Restores 2.2 behavior. [Eric Covener]
- *) mod_lua: Add a logging hook for modifying/skipping logs. [Daniel Gruno]
-
*) mod_status, mod_echo: Fix the display of client addresses.
They were truncated to 31 characters which is not enough for IPv6 addresses.
PR 54848 [Bernhard Schmidt <berni birkenwald de>]
- *) mod_lua: If the first yield() of a LuaOutputFilter returns a string, it should
- be prefixed to the response as documented. [Eric Covener]
-
- *) mod_lua: Remove ETAG, Content-Length, and Content-MD5 when a LuaOutputFilter
- is configured without mod_filter. [Eric Covener]
-
- *) mod_lua: Register LuaOutputFilter scripts as changing the content and
- content-length by default, when run my mod_filter. Previously,
- growing or shrinking a response that started with Content-Length set
- would require mod_filter and FilterProtocol change=yes. [Eric Covnener]
-
- *) mod_lua: Return a 500 error if a LuaHook* script doesn't return a
- numeric return code. [Eric Covener]
-
*) mod_authnz_fcgi: New module to enable FastCGI authorizer
applications to authenticate and/or authorize clients.
[Jeff Trawick]
*) core: Correctly parse an IPv6 literal host specification in an absolute
URL in the request line. [Stefan Fritsch]
- *) mod_ssl: Add support for OpenSSL configuration commands [Stephen Henson]
-
*) EventOpt MPM
*) core: Add LogLevelOverride directive that allows to override the