-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) hostname: Test and log useragent_host per-request across various modules,
+ including the scoreboard, expression and rewrite engines, setenvif,
+ authz_host, access_compat, custom logging, ssl and REMOTE_HOST variables.
+ PR55348 [William Rowe]
+
+ *) core: Track the useragent_host per-request when mod_remoteip or similar
+ modules track a per-request useragent_ip. Modules should be updated
+ to inquire for ap_get_useragent_host() in place of ap_get_remote_host().
+ [William Rowe]
+
+ *) mod_proxy: Play/restore the TLS-SNI on new backend connections which
+ had to be issued because the remote closed the previous/reusable one
+ during idle (keep-alive) time. [Yann Ylavic]
+
+ *) mod_proxy_http2: new experimental http2 proxy module for h2: and h2c: proxy
+ urls. Uses, so far, one connection per request, reuses connections.
+
+ *) event: use pre_connection hook to properly initialize connection state for
+ slave connections. use protocol_switch hook to initialize server config
+ early based on SNI selected vhost.
+ [Stefan Eissing]
+
+ *) mod_http2: allowing link header to specify multiple "rel" values,
+ space-separated inside a quoted string. Prohibiting push when Link parameter
+ "nopush" is present.
+ [Stefan Eissing]
+
+ *) core: Prevent a server crash in case of an invalid CONNECT request with
+ a custom error page for status code 400 that uses server side includes.
+ PR 58929 [Ruediger Pluem]
+
+ *) mod_ssl: Add SSLOCSPProxyURL to add the possibility to do all queries
+ to OCSP responders through a HTTP proxy. [Ruediger Pluem]
+
+ *) mod_http2: idle connections are returned to async mpms. new hook
+ "pre_close_connection" used to send GOAWAY frame when not already done.
+ Setting event mpm server config "by hand" for the main connection to
+ the correct negotiated server.
+ [Stefan Eissing]
+
+ *) core: new hook "pre_close_connection" which is run before the lingering
+ close of connections is started. This gives protocol handlers one last
+ chance to use a connection before it goes down.
+ [Stefan Eissing]
+
+ *) mod_filter: Fix AddOutputFilterByType with non-content-level filters.
+ PR58856 [Micha Lenk <micha lenk.info>]
+
+ *) mod_cache: Consider Cache-Control: s-maxage in expiration
+ calculations. [Eric Covener]
+
+ *) mod_cache: Allow caching of responses with an Expires header
+ in the past that also has Cache-Control: max-age or s-maxage.
+ PR55156. [Eric Covener]
+
+ *) ap_expr: expression support for variable HTTP2=on|off
+ [Stefan Eissing]
+
+ *) mod_status/scoreboard: showing connection protocol in new column, new
+ ap_update_child_status methods for updating server/description. mod_ssl
+ sets vhost negotiated by servername directly.
+ [Stefan Eissing]
+
+ *) mod_http2: keep-alive blocking reads are done with 1 second timeouts to
+ check for MPM stopping. Will announce early GOAWAY and finish processing
+ open streams, then close.
+ [Stefan Eissing]
+
+ *) mod_proxy_hcheck: Provide for dynamic background health
+ checks on reverse proxies associated with BalancerMember
+ workers. [Jim Jagielski]
+
+ *) mod_ssl: handle TIMEOUT on empty SSL input as non-fatal, returning
+ APR_TIMEUP and preserving connection state for later retry.
+ [Stefan Eissing]
+
+ *) mod_http2: bytes read/written on slave connections are reported via the
+ optional mod_logio functions. Fixes PR 58871.
+
+ *) Added many log numbers to log statements that had none.
+
+ *) core: Add expression support to SetHandler.
+ [Eric Covener]
+
+ *) mod_proxy_fcgi: Suppress HTTP error 503 and message 01075,
+ "Error dispatching request", when the cause appears to be
+ due to the client closing the connection.
+ PR58118. [Tobias Adolph <adolph lrz.de>]
+
+ *) mod_cgid: Message 02550, failure to flush a response to the client,
+ is now logged at TRACE1 level to match the underlying core output filter
+ severity. [Eric Covener]
+
+ *) mod_rewrite: Avoid looping on relative substitutions that
+ result in the same filename we started with. PR 58854.
+ [Eric Covener]
+
+ *) mime.types: add common extension "m4a" for MPEG 4 Audio.
+ PR 57895 [Dylan Millikin <dylan.millikin gmail.com>]
+
+ *) mod_ssl: Save some TLS record (application data) fragmentations by
+ including the last and subsequent suitable buckets when coalescing.
+ [Yann Ylavic]
+
+ *) mod_cache_socache: Fix a possible cached entity body corruption when it
+ is received from an origin server in multiple batches and forwarded by
+ mod_proxy. [Yann Ylavic]
+
+ *) mod_proxy_fdpass: Fix AH01153 error when using the default configuration.
+ In earlier version of httpd, you can explicitelly set the 'flusher' parameter
+ to 'flush' as a workaround. (i.e. flusher=flush)
+ Add documentation for the 'flusher' parameter when defining a proxy worker.
+ [Christophe Jaillet]
+
+ *) mod_ssl: For the "SSLStaplingReturnResponderErrors off" case, make sure
+ to only staple responses with certificate status "good". [Kaspar Brand]
+
+ *) core: Limit to ten the number of tolerated empty lines between request,
+ and consume them before the pipelining check to avoid possible response
+ delay when reading the next request without flushing. [Yann Ylavic]
+
+ *) mod_session: Introduce SessionExpiryUpdateInterval which allows to
+ configure the session/cookie expiry's update interval. PR 57300.
+ [Paul Spangler <paul.spangler ni.com>]
+
*) core: Extend support for asynchronous write completion from the
network filter to any connection or request filter. [Graham Leggett]
unadulterated in 64 bit versions of Windows. PR 46751.
[John <john leineweb de>]
- *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on
- an SSL connection. PR 58454.
- [Konstantin J. Chernov <k.j.chernov gmail.com>]
-
- *) mod_proxy: Fix ProxySourceAddress binding failure with AH00938.
- PR 56687. [Arne de Bruijn <apache arbruijn.dds.nl>
-
- *) mod_proxy: don't recyle backend announced "Connection: close" connections
- to avoid reusing it should the close be effective after some new request
- is ready to be sent. [Yann Ylavic]
-
*) mod_auth_digest: remove AuthDigestEnableQueryStringHack which is no
more documented since dec 2012 (r1415960). [Christophe Jaillet]
- *) mod_slotmem_shm: Fix slots/SHM files names on restart for systems that
- can't create new (clear) slots while previous children gracefully stopping
- still use the old ones (e.g. Windows, OS2). mod_proxy_balancer failed to
- restart whenever the number of configured balancers/members changed during
- restart. PR 58024. [Yann Ylavic]
-
- *) mod_autoindex: Allow autoindexes when neither mod_dir nor mod_mime are
- loaded. [Eric Covener]
-
*) mod_charset_lite: On EBCDIC platforms, make sure mod_charset_lite runs
after other resource-level filters. [Eric Covener]
*) mod_dir: Responses that go through "FallbackResource" might appear to
hang due to unterminated chunked encoding. PR58292. [Eric Covener]
- *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how
- long to keep idle connections with the memcache server(s).
- Change default value from 600 usec (!) to 15 sec. PR 58091
- [Christophe Jaillet]
-
- *) mod_rewrite: Allow cookies set by mod_rewrite to contain ':' by accepting
- ';' as an alternate separator. PR47241.
- [<bugzilla schermesser com>, Eric Covener]
-
- *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with
- apxs -q. PR58202. [Daniel Shahaf <danielsh apache.org>]
-
- *) mod_h2: added donated http/2 implementation to build system. Similar
- configuration options to mod_ssl. [Stefan Eissing]
-
- *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.
- PR 57868. [Jose Kahan <jose w3.org>, Yann Ylavic]
-
*) mod_alias: Limit Redirect expressions to directory (Location) context
and redirect statuses (implicit or explicit).
[Yann Ylavic, Ruediger Pluem]
*) mod_ssl: When SSLVerify is disabled (NONE), don't force a renegotiation if
the SSLVerifyDepth applied with the default/handshaken vhost differs from
the one applicable with the finally selected vhost. [Yann Ylavic]
-
- *) mod_ssl: add ALPN support by allowing other modules to register callbacks
- for negotiation of the application layer protocol. PR 52210.
- [Matthew Steele <mdsteele google com>, Joe Orton, Jim Jagielski,
- Stefan Eissing <stefan eissing org>, Rainer Jung, Ruediger Pluem,
- Kaspar Brand]
*) http: Don't remove the Content-Length of zero from a HEAD response if
it comes from an origin server, module or script. [Yann Ylavic]
- *) core/util_script: make REDIRECT_URL a full URL. PR 57785. [Nick Kew]
-
*) http: Add support for RFC2324/RFC7168. [Graham Leggett]
- *) mod_proxy: Fix a race condition that caused a failed worker to be retried
- before the retry period is over. [Ruediger Pluem]
-
*) mod_rewrite: Add support for starting External Rewriting Programs
as non-root user on UNIX systems by specifying username and group name
as third argument of RewriteMap directive. [Jan Kaluza]
*) ap_expr: Add filemod function for checking file modification dates
[Daniel Gruno]
-
+
*) mod_authnz_ldap: Resolve crashes with LDAP authz and non-LDAP authn since
r1608202. [Eric Covener]
-
+
*) core: Ensure that httpd exits with an error status when the MPM fails
to run. [Yann Ylavic]
*) apreq: Content-Length header should be always interpreted as a decimal.
Leading 0 could be erroneously considered as an octal value. PR 56598.
[Chris Card <ctcard hotmail com>]
-
+
*) mod_proxy: Now allow for 191 character worker names, with non-fatal
errors if name is truncated. PR53218. [Jim Jagielski]
*) core, mod_info: Add compiled and loaded PCRE versions to version
number display. [Rainer Jung]
- *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for
- internationalization. [William Rowe]
-
- *) mpm_winnt: Normalize the error and status messages emitted by service.c,
- the service control interface for Windows. [William Rowe]
-
*) mod_authnz_ldap: Return LDAP connections to the pool before the handler
is run, instead of waiting until the end of the request. [Eric Covener]
be inherited by virtual hosts that define a CustomLog.
[Edward Lu <Chaosed0 gmail.com>]
- *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
- records for scalability. [Yingqi Lu <yingqi.lu@intel.com>,
- Jeff Trawick, Jim Jagielski]
-
*) mod_proxy_html: support automatic detection of doctype and processing
of FPIs. PR56285 [Micha Lenk <micha lenk info>, Nick Kew]
*) mod_proxy_wstunnel: Avoid sending error responses down an upgraded
websockets connection as it is being close down. [Eric Covener]
-
+
*) mod_proxy_wstunnel: Allow the administrator to cap the amount
of time a synchronous websockets connection stays idle with
ProxyWebsocketIdleTimeout. [Eric Covener]
*) mod_rewrite: Add 'BNF' (backreferences-no-plus) flag to RewriteRule to
allow spaces in backreferences to be encoded as %20 instead of '+'.
[Eric Covener]
-
+
*) mod_rewrite: Support an optional list of characters to escape in the
argument for the 'B' (escape backreferences) flag. [Eric Covener]
They were truncated to 31 characters which is not enough for IPv6 addresses.
PR 54848 [Bernhard Schmidt <berni birkenwald de>]
- *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
- [Jeff Trawick]
-
*) mod_unique_id: Use output of the PRNG rather than IP address and
pid, avoiding sleep() call and possible DNS issues at startup,
plus improving randomness for IPv6-only hosts.
[Jan Kaluza <jkaluza redhat.com>]
- *) mod_authnz_ldap: Support primitive LDAP servers that do not accept
- filters, such as "SDBM-backed LDAP" on z/OS, by allowing a special
- filter "none" to be specified in AuthLDAPURL. [Eric Covener]
-
*) mod_file_cache: mod_file_cache should be able to serve files that
haven't had a Content-Type set via e.g. mod_mime. [Eric Covener]
*) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
- APIs: ap_log_pid(), ap_remove_pid, ap_read_pid()
- - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
- mutexes (Mutex)
- mod_cache: thundering herd lock directory
- mod_lbmethod_heartbeat, mod_heartmonitor: heartbeat storage file
- mod_ldap: shared memory cache