[Remove entries to the current 2.0 section below, when backported]
+ *) initialize server arrays prior to calling ap_setup_prelinked_modules
+ so that static modules can push Defines values when registering
+ hooks just like DSO modules can ["Philippe M. Chiasson" <gozer cpan.org>]
+
+ *) Add -l option to rotatelogs to let it use local time rather than
+ UTC. PR 24417. [Ken Coar, Uli Zappe <uli ritual.org>]
+
+ *) Drop the ErrorHeader directive which turned out to be a misnomer.
+ Instead there's a new optional flag for the Header directive
+ ('always'), which keeps the former ErrorHeader functionality.
+ [André Malo]
+
+ *) mod_deflate: Don't deflate responses with zero length
+ e.g. proxied 304's [Allan Edwards]
+
+ *) <IfModule> now recognizes the module identifier in addition to the
+ file name. PR 29003. [Edward Rudd <eddie omegaware.com>, André Malo]
+
+ *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
+ chosen SSL environment variable. PR 20957.
+ [Martin v. Loewis <martin v.loewis.de>]
+
+ *) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
+ OpenSSL 0.9.7 flag which uses the server's cipher order rather
+ than the client's. PR 28665.
+ [Jim Schneider <jschneid netilla.com>]
+
+ *) mod_ssl: Drop support for the CompatEnvVars argument to
+ SSLOptions, which was never actually implemented in 2.0.
+ [Joe Orton]
+
+ *) Fix bug in mod_deflate that unconditionally sent deflate'd output
+ even when Accept-Encoding is not present. [Justin Erenkrantz]
+
+ *) Pass environment variables through to piped loggers, resolving
+ a regression since 1.3. [Ken Coar, Jeff Trawick]
+
+ *) Enable the option to support anonymous shared memory in mod_ldap.
+ This makes the cache work on Linux again. [Graham Leggett]
+
+ *) Small fix to allow reverse proxying to an ftp server. Previously
+ an attempt to do this would try and connect to 0.0.0.0, regardless
+ of the server specified. PR 24922
+ [Pascal Terjan <pterjan@linuxfr.org>]
+
+ *) RPM spec file changes: changed default dependancy to link to db4
+ instead of db3. Fixed complaints about unpackaged files.
+ [Graham Leggett]
+
+ *) External rewrite map responses are no longer limited to 2048
+ bytes. [André Malo]
+
+ *) Proxy server was deleting cookies that Apache had already
+ assigned if the origin server had set any cookies. PR 27023.
+ [Jim Jagielski]
+
+ *) Prevent Win32 pool corruption at startup [Allan Edwards]
+
*) Removed old and unmaintained ap_add_named_module API and changed
the following APIs to return an error instead of hard exiting:
ap_add_module, ap_add_loaded_module, ap_setup_prelinked_modules,
and ap_process_resource_config. [André Malo]
- *) htpasswd no longer refuses to process files that contain empty
- lines. [André Malo]
-
- *) Restore the ability to disable the use of AcceptEx on Win9x systems
- automatically. PR 28529. [André Malo]
-
- *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
- exported on Win32 as well. PR 28523.
- [Edward Rudd <eddie omegaware.com>, André Malo]
-
*) Include directives no longer refuse to process symlinks on
directories. Instead there's now a maximum nesting level
of included directories (128 as distributed). This is configurable
*) mod_cgi: Handle output on stderr during script execution on Unix
platforms; preventing deadlock when stderr output fills pipe buffer.
- PR 22030. [Joe Orton, Jeff Trawick]
+ Also fixes case where stderr from nph- scripts could be lost.
+ PR 22030, 18348. [Joe Orton, Jeff Trawick]
*) mod_deflate: New option for DEFLATE output file (force-gzip),
new output filter 'INFLATE' for uncompressing responses.
*) mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
format is used. PR 27787. [André Malo]
- *) Fix a bunch of cases where the return code of the regex compiler
- was not checked properly. This affects: mod_setenvif, mod_usertrack,
- mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
-
*) mod_usertrack: Escape the cookie name before pasting into the
regexp. [André Malo]
status and terminate the provider chain prior to checking the password.
[Geoffrey Young]
- *) Allow RequestHeader directives to be conditional. PR 27951.
- [Vincent Deffontaines <vincent gryzor.com>, André Malo]
-
- *) mod_logio no longer removes the EOS bucket. PR 27928.
- [Bojan Smojver <bojan rexursive.com>]
-
- *) mod_rewrite no longer turns forward proxy requests into reverse proxy
- requests. PR 28125 [ast domdv.de, André Malo]
-
*) mod_rewrite now officially supports RewriteRules in <Proxy> sections.
PR 27985. [André Malo]
AUTH_GENERAL_ERROR.
[Geoffrey Young]
- *) mod_isapi: send_response_header() failed to copy status string's
- last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
-
*) The whole codebase was relicensed and is now available under
the Apache License, Version 2.0 (http://www.apache.org/licenses).
[Apache Software Foundation]
*) Delete some make-generated files in the server directory during
"make clean" processing. PR 26552. [Jeff Trawick]
- *) Unix MPMs: Stop dropping connections when the file descriptor
- is at least FD_SETSIZE. [Jeff Trawick]
-
*) Add core version query function (ap_get_server_revision) and
accompanying ap_version_t structure (minor MMN bump).
[André Malo]
*) mod_dav: Disallow requests with an unescaped hash character in
the Request-URI. PR 21779. [Amit Athavale <amit_athavale lycos.com>]
- *) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration attaches
- a body to the 302 response and a wrong Content-Length header.
+ *) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration
+ attaches a body to the 302 response and a wrong Content-Length header.
PR: 22951 [Ermanno Scaglione scaglione ..at.. starnetone.de]
*) Bring ErrorHeader concept forward from 1.3, so that response
Changes with Apache 2.0.50
+ *) mod_alias now emits a warning if it detects overlapping *Alias*
+ directives. [André Malo]
+
+ *) mod_rewrite no longer turns forward proxy requests into reverse proxy
+ requests. PR 28125 [ast domdv.de, André Malo]
+
+ *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
+ exported on Win32 and Netware as well (minor MMN bump). PR 28523.
+ [Edward Rudd <eddie omegaware.com>, André Malo]
+
+ *) Restore the ability to disable the use of AcceptEx on Win9x systems
+ automatically (broken in2.0.49). PR 28529. [André Malo]
+
+ *) <VirtualHost myhost> now applies to all IP addresses for myhost
+ instead of just the first one reported by the resolver. This
+ corrects a regression since 1.3. [Jeff Trawick]
+
+ *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
+ against ServerRoot PR#26602 [Brad Nicholes]
+
+ *) SECURITY: CAN-2004-0488 (cve.mitre.org)
+ mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
+ (trusted) client certificate subject DN which exceeds 6K in length.
+ [Joe Orton]
+
+ *) mod_dav_fs: Fix MKCOL response for missing parent collections, which
+ caused issues for the Eclipse WebDAV extension.
+ PR 29034. [Joe Orton]
+
+ *) mod_deflate: Fix memory consumption (which was proportional to the
+ response size). PR 29318. [Joe Orton]
+
+ *) mod_ssl: Log the errors returned on failure to load or initialize
+ a crypto accelerator engine. [Joe Orton]
+
+ *) Allow RequestHeader directives to be conditional. PR 27951.
+ [Vincent Deffontaines <vincent gryzor.com>, André Malo]
+
+ *) Allow LimitRequestBody to be reset to unlimited. PR 29106
+ [André Malo]
+
+ *) Fix a bunch of cases where the return code of the regex compiler
+ was not checked properly. This affects: mod_setenvif, mod_usertrack,
+ mod_proxy, mod_proxy_ftp and core. PR 28218. [André Malo]
+
+ *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
+ small cache sizes. PR 27751. [Geoff Thorpe <geoff geoffthorpe.net>]
+
+ *) Remove 2Gb log file size restriction on some 32-bit platforms.
+ PR 13511. [Joe Orton]
+
+ *) mod_logio no longer removes the EOS bucket. PR 27928.
+ [Bojan Smojver <bojan rexursive.com>]
+
+ *) htpasswd no longer refuses to process files that contain empty
+ lines. [André Malo]
+
+ *) Regression from 1.3: At startup, suexec now will be checked for
+ availability, the setuid bit and user root. The works only if
+ httpd is compiled with the shipped APR version (0.9.5).
+ PR 28287. [André Malo]
+
+ *) Unix MPMs: Stop dropping connections when the file descriptor
+ is at least FD_SETSIZE. [Jeff Trawick]
+
+ *) Fix handling of IPv6 numeric strings in mod_proxy. [Jeff Trawick]
+
+ *) mod_isapi: send_response_header() failed to copy status string's
+ last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
+
+ *) Fix a segfault when requests for shared memory fails and returns
+ NULL. Fix a segfault caused by a lack of bounds checking on the
+ cache. PR 24801. [Graham Leggett]
+
+ *) Throw an error message if an attempt is made to use the LDAPTrustedCA
+ or LDAPTrustedCAType directives in a VirtualHost. PR 26390
+ [Brad Nicholes]
+
+ *) Fix a potential segfault if the bind password in the LDAP cache
+ is NULL. PR 28250. [Jari Ahonen <jah progress.com>]
+
+ *) Quotes cannot be used around require group and require dn
+ directives, update the documentation to reflect this. Also add
+ quotes around the dn and group within debug messages, to make it
+ more obvious why authentication is failing if quotes are used in
+ error. PR 19304. [Graham Leggett]
+
+ *) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
+ from escaping filters twice when the backslash character is used.
+ PR 24437. [Jess Holle <jessh ptc.com>]
+
+ *) Overhaul handling of LDAP error conditions, so that the util_ldap_*
+ functions leave the connections in a sane state after errors have
+ occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
+ 27271 [Graham Leggett]
+
+ *) mod_ldap calls ldap_simple_bind_s() to validate the user
+ credentials. If the bind fails, the connection is left
+ in an unbound state. Make sure that the ldap connection
+ record is updated to show that the connection is no longer
+ bound. [Brad Nicholes]
+
+ *) Ensure that lines in the request which are too long are
+ properly terminated before logging.
+ [Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
+
+ *) Update the bind credentials for the cached LDAP connection to
+ reflect the last bind. This prevents util_ldap from creating
+ unnecessary connections rather than reusing cached connections.
+ [Brad Nicholes]
+
*) mod_isapi: GetServerVariable returned improperly terminated header
fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
[Jesse Pelton <jsp pkc.com>]