APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2002/02/15 05:22:16 $]
+Last modified at [$Date: 2002/03/26 20:35:50 $]
Release:
- 2.0.33 : in development
- 2.0.32 : rolled Feburary 14, 2002.
+ 2.0.34 : tagged March 26, 2002.
+ 2.0.33 : tagged March 6, 2002. not released.
+ 2.0.32 : released Feburary 16, 2002 as beta.
2.0.31 : rolled Feburary 1, 2002. not released.
2.0.30 : tagged January 8, 2002. not rolled.
2.0.29 : tagged November 27, 2001. not rolled.
- 2.0.28 : released November 13, 2001
+ 2.0.28 : released November 13, 2001 as beta.
2.0.27 : rolled November 6, 2001
2.0.26 : tagged October 16, 2001. not rolled.
2.0.25 : rolled August 29, 2001
CURRENT RELEASE NOTES:
- * 32 status:
- Rolled.
- http://www.apache.org/dist/httpd/httpd-2.0.32-alpha.tar.gz
- Tested on: Linux 2.4, Win2K, FreeBSD 3.4, AIX
- Release .32 as beta:
- +1: trawick, Justin, FirstBill, Ian
+ * 34 status: Let's get all API changes and showstoppers in this one.
+ Please.
FINAL RELEASE SHOWSTOPPERS:
- * ap_directory_walk skips some per-dir config merge functions
- if there is no "<Directory />" block in the configuration
- Message-ID: <m3itbdiijq.fsf@rdu163-40-092.nc.rr.com>
- * That is very unlikely, merges are additive. Much more likely,
- the default SetOutputFilter default or merge is borked.
- Unless it's the code that permits 'null' merges, per module.
- Still, it's probably in SetOutputFilter's behavior.
- * BrianP notes: directory_walk's handling of trailing slashes
- appears to be the cause: <3C1CF721.1090300@pacbell.net>
-
- * If any request gets to the core handler, without a flag that this
- r->filename was tested by dir/file_walk, we need to 500 at the very
- end of the ap_process_request_internal() processing. This provides
- authors of older modules better compatibility, while still improving
- the security and robustness of 2.0.
- Status: still need to decide where this goes, OtherBill comments...
- Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
- we need to look at halting this in the 'default handler' case,
- and that implies pushing the 'handler election' into the request
- internal processing phase from the run request phase.
+ * API changes planned for 2.0 that should happen before the
+ GA release:
+ * Free lists for bucket allocation
- * Convert all instances of the old apr_lock_t type to the new
- types (once they are fully supported in APR).
- Status: Aaron is working on converting INTRAPROCESS
- to apr_thread_mutex_t types. Full replacements for
- LOCKALL and CROSS_PROCESS are not yet complete on all
- platforms, and should only be used in MPMs like worker
- with limited OS exposure.
- BrianP asks: "Is this really a showstopper?"
- IanH says: "If we don't do it before we go live we will have 2
- different API's to support in APR"
-
- * [Ken] Test suite failures:
- o worker is also failing some of the 'cgi' subtests
- (see <URL:http://Source-Zone.Org/Apache/regression/>):
- Justin says: "Worker should be fine and passes httpd-test here.
- If you can provide evidence that it can be reproduced
- outside of httpd-test, then it's a showstopper. I
- think it's a perl or a httpd-test problem."
- Not a showstopper: Justin
-
- * [Ken] A binbuild installation picks up the right libraries when
- running apachectl because we set the appropriate environment
- variable, but ab, htpasswd, etc. don't know how to pick up apr,
- apr-util, etc.
- Message-ID: <20020116000226.GA15991@ebuilt.com>
- gregames says: what about httpd? yeah, it works at the moment
- if you use apachectl. But I've already heard
- complaints about not being able to execute
- httpd directly.
- Status: Aaron has committed this for all the support binaries,
- but is hesitant to do the same for the httpd binary.
- Message-ID: <20020207142751.T31582@clove.org>
+ * We do not properly substitute the prefix-variables in the configuration
+ scripts or generated-configs. (i.e. if sysconfdir is etc,
+ httpd-std.conf points to conf.)
+ Aaron says: This is not a showstopper, these problems have existed
+ for as long as I can remember. It would be nice to fix
+ them but they are not new.
+ Not a showstopper: Jeff, Aaron, BillS, gregames
CURRENT VOTES:
- * Should we always build binaries statically unless otherwise
+ * Should we always build [support*] binaries statically unless otherwise
indicated?
Message-ID: <20020129210006.B23512@Lithium.MeepZor.Com>
- +1: Ken
+ +1: Ken, *wrowe [they are PITAs on OSX]
-1: Justin, Ian
* If the parent process dies, should the remaining child processes
Not self-destruct: BrianP, Ian, Cliff, BillS
Make it runtime configurable: Aaron, Jim, Justin
Have 2 parents: +1: Jim
- -1: Justin
+ -1: Justin, wrowe [for 2.0]
+0: Martin (while standing by, could it do
something useful?)
RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
- * When we start httpd with the -DNO_DETACH flag on Unix, we
- should still create a new session (and possibly also still close
- stdin/stdout/stderr and redirect from /dev/null), so that
- process management tools like 'daemontools' or AIX's System
- Resource Controller can manage apache.
- Message-ID: <20011228014444.GA40283@lizzy.bugworks.com>
- Status: Aaron volunteers.
+ * If any request gets through ap_process_request_internal() and is
+ scheduled to be served by the core handler, without a flag that this
+ r->filename was tested by dir/file_walk, we need to 500 at the very
+ end of the ap_process_request_internal() processing so sub_req-esters
+ know this request cannot be run. This provides authors of older
+ modules better compatibility, while still improving the security and
+ robustness of 2.0.
+
+ Status: still need to decide where this goes, OtherBill comments...
+ Message-ID: <065701c14526$495203b0$96c0b0d0@roweclan.net>
+ [Deleted comments regarding the ap_run_handler phase, as irrelevant
+ as BillS points out that "common case will be caught in
+ default_handler already (with the r->finfo.filetype == 0 check)"
+ and the issue is detecting this -before- we try to run the req.]
+
+ gregames says: can this happen somehow without a broken module
+ being involved? If not, why waste cycles trying to defend against
+ potential broken modules? It seems futile.
+ wrowe counters: no, it shouldn't happen unless the module is broken.
+ But the right answer is to fail the request up-front in dir/file
+ walk if the path was entirely invalid; and we can't do that either
+ or we break modules that are unwilling to hook map_to_storage.
+
+ * Rewrite core_output_filter. It is nearly impossible to support
+ it with predictable results as it is implemented now.
+
+ * Convert all instances of the old apr_lock_t type to the new
+ types.
+ Status: Aaron has converted all but the perchild MPM to
+ use the new lock API. Since perchild has been put
+ on the back burner, this is no longer a showstopper.
+ Aaron will patch perchild as soon as it becomes
+ buildable again.
+
+ * With AP_MODE_EXHAUSTIVE in the core, it is finally clear to me
+ how the Perchild MPM should be re-written. It hasn't worked
+ correctly since filters were added because it wasn't possible to
+ get the content that had already been written and the socket at
+ the same time. This mode lets us do that, so the MPM can be
+ fixed.
+
+ * htpasswd blindly processes the file you give it, and does no
+ sanity checking before totally corrupting whatever file it was
+ you thought you had. It should check the input file and bail
+ if it finds non-comment lines that do not contain exactly 1
+ ':' character.
+ Message-ID: <20020217150457.A31632@clove.org>
+
+ * Can a static httpd be built reliably?
+ Message-ID: <20020207142751.T31582@clove.org>
+
+ * [Ken] Test suite failures:
+ o worker is also failing some of the 'cgi' subtests
+ (see <URL:http://Source-Zone.Org/Apache/regression/>):
+ Justin says: "Worker should be fine and passes httpd-test here.
+ If you can provide evidence that it can be reproduced
+ outside of httpd-test, then it's a showstopper. I
+ think it's a perl or a httpd-test problem."
+ Not a showstopper: Justin
* Usage of APR_BRIGADE_NORMALIZE in core_input_filter should be
removed if possible.
Not a showstopper: justin, wrowe, trawick, stoddard, Jim, Ian, Aaron,
gregames
- * Make some modifications to the scoreboard creation routines,
- prefer anonymous shared memory, and allow a configuration
- directive to override the defaults.
- Message-ID: <20020130080804.C16977@clove.org>
- Status: Aaron volunteers
-
* Get perchild to work on platforms other than Linux. This
will require a portable mechanism to pass data and file/socket
descriptors between vhost child groups. An API was proposed
on dev@apr:
Message-ID: <20020111115006.K1529@clove.org>
- * Recent changes to ap_rgetline may have broken EBCDIC boxes.
- Message-ID: <20020122072605.GF28051@ebuilt.com>
- Justin says: "I don't have an EBCDIC box to test on. A potential
- solution is to split out ap_rgetline into two
- functions as described in this message."
- gregames says: I see the breakage now, and volunteer to fix it
- when things calm down a little. It looks OK when
- there are complete lines and no mime continuations.
-
* CGI single-byte reads
BrianP suggests that this is caused by the ap_scan_script_header_err()
routine, which will do single-byte reads until it finds the end
to read from.
Proposed solution in:
Message-ID: <3C36ADAF.60601@cnet.com>
+ Update 3/23/2002: solution implemented for mod_cgi, mod_cgid remains
+ to be fixed
* Try to get libtool inter-library dependency code working on AIX.
Message-ID: <cm3n10lx555.fsf@rdu163-40-092.nc.rr.com>
stoddard: Not fixed. Shared scoreboard might offer a good
way for the parent to keep track of 'other child' processes
and whack them if the child goes down.
+ Other thoughts on walking the process chain using the NT kernel
+ have also been proposed on APR.
* Win32: Add a simple hold console open patch (wait for close or
the ESC key, with a nice message) if the server died a bad
The current porting state is summarized in modules/ssl/README. The
remaining work includes:
(1) stablizing/optimizing the SSL filter logic
- (2) Enabling the various SSL caching mechanisms (shmcb, shmht)
- (3) Enabling SSL extentions
- (4) Trying to seperate the https filter logic from mod_ssl -
+ (2) Enabling SSL extentions
+ (3) Trying to seperate the https filter logic from mod_ssl -
This is to facilitate other modules that wish to use the https
filter or the mod_ssl logic or both as required.
- Justin: mod_ssl filter logic is redone, so that should be fine.
- Madhu has submitted a patch for SSL caching - however, I
- am -0 on that patch as I *think* we could implement the
- shared memory another way that is much cleaner (i.e.
- treat shmem directly as a dbm via APR routines). Justin
- also thinks that the https filter logic may be sufficiently
- decoupled now, but isn't really sure.
* Performance & Debug: Eliminate most (and perhaps all) of the
malloc/free calls in the bucket brigade code. Need some
have something to look at/compare with.
* Eliminate unnecessary creation of pipes in mod_cgid
- Status: Ken asks, didn't Jeff fix this when he fixed the queue
- overrun?
-
- * the autoconf setup should be fixed to default to using the
- "Apache" layout from config.layout, and each variable settable
- in a layout should be overridable on the command line. Plus,
- what we do right now just doesn't seem to fully fit into how autoconf
- works, eg. AC_PREFIX_DEFAULT issues.
- Message-ID: <Pine.BSF.4.20.0104031557420.20876-100000@alive.znep.com>
* Combine log_child and piped_log_spawn. Clean up http_log.c.
Common logging API.
* Win32: Get Apache working on Windows 95/98. The following work
(at least) needs to be done:
- - winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT
- specific code that is still not in NT only code paths
- - IOL binds to APR sendfile, implemented with TransmitFile, which
- is not available on 95/98.
- Document warning that OSR2 is required (for Crypt functions, in
rand.c, at least.) This could be resolved with an SSL library, or
randomization in APR itself.
* Fix the worker MPM to use POD to kill child processes instead
of ap_os_killpg, regardless of how they should die. (Ryan Bloom)
+ * mod_cache: handle cache_control: no_cache "field_name" to enable
+ cacheing the response w/o header "field_name"
+ See RFC2616 section 14.9.1
+
+ * Scoreboard structures could be changed in the future such that
+ proper alignment is not maintained, leading to segfaults on
+ some systems. Cliff posted a patch to deal with this issue but
+ later recanted. See this message to dev@apr.apache.org:
+ Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
+ .cs.virginia.edu>
+
PRs that have been suspended forever waiting for someone to
put them into 'the next release':