APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2001/10/24 17:20:44 $]
+Last modified at [$Date: 2002/01/02 08:05:15 $]
Release:
- 2.0.26 : tagged October 16th, 2001.
+ 2.0.30 : In development
+ 2.0.29 : tagged November 27, 2001
+ 2.0.28 : released November 13, 2001
+ 2.0.27 : rolled November 6, 2001
+ 2.0.26 : tagged October 16, 2001. not rolled.
2.0.25 : rolled August 29, 2001
2.0.24 : rolled August 18, 2001
2.0.23 : rolled August 9, 2001
RELEASE SHOWSTOPPERS:
+ * ap_directory_walk skips some per-dir config merge functions
+ if there is no "<Directory />" block in the configuration
+ Message-ID: <m3itbdiijq.fsf@rdu163-40-092.nc.rr.com>
+
+ * Test suite failures:
+ o perchild doesn't even build
+ o both worker and prefork are failing some of the 'chunked' subtests
+ o worker is also failing some of the 'cgi' subtests
+ (see <URL:http://Source-Zone.Org/Apache/regression/>):
+
* If any request gets to the core handler, without a flag that this
r->filename was tested by dir/file_walk, we need to 500 at the very
end of the ap_process_request_internal() processing. This provides
administrator to order filters, beyond the order of filename (mime)
extensions. It isn't clear if Set...Filter(s) should be inserted
before or after the Add...Filter(s) which are ordered by sequence of
- filename extensions. Add...FilterByType will add to this quandry.
- Some sort of resolution needs to be proposed,
-
- * mod_dir should normally redirect ALL directory requests which do
- not include a trailing slash on the URI. However, if a "notes"
- flag is set (say, via BrowserMatch), this behavior will be
- disabled for non-GET requests.
- Status: Greg volunteers
- MsgId: <20010227104646.E2297@lyra.org>
- MsgId: <3A9C0097.9C83F07C@Golux.Com>
+ filename extensions. At minimum, some sort of +-[0-10] syntax seems
+ like the quickest fix for a 2.0 gold release.
* mod_negotiation needs a new option or directive, something like
ForceLanguagePriority, to fall back to the LanguagePriority
Status: Bill has some code in his tree that accomplishes
this, and will commit it Friday after it's tested.
- * Usability: Sanitize the MPM config directives. MaxClients in
- the threaded MPM is totally misleading now as it has little to
- do with limiting the number of clients (it limits the number
- of child processes). Bill proposed nomenclature change to
- something like "StartWorkers, MaxWorkers, etc." that could
- apply to most all the MPMs (with some notable exceptions).
- Bill would be happy with changing MaxClients to MaxServers
- to make it agree with the operation of the StartServers
- directive.
-
- * revamp the input filter semantics, per discussions since
+ * Fold mod_auth_db features back into mod_auth_dbm, and depricate it.
+ This can't wait until we have a 2.0-gold release, if folks need
+ to move over to auth_dbm, we can't do that to them after 2.0 gold.
+ Status: Ian says.. auth_dbm can now handle multiple DBM types,
+ is this still an issue?
+ Vote: Remove mod_auth_db
+ +1: Justin
+
+ * Convert all instances of the old apr_lock_t type to the new
+ types (once they are fully supported in APR).
+ Status: Aaron is working on converting INTRAPROCESS
+ to apr_thread_mutex_t types. Full replacements for
+ LOCKALL and CROSS_PROCESS are not yet complete on all
+ platforms, and should only be used in MPMs like worker
+ with limited OS exposure.
+
+ * ap_create_scoreboard() can exit the process, leaving stuff like
+ mod_cgid's daemon process stranded. Either ap_create_scoreboard()
+ needs to be called at a different time or the pre-mpm hook needs
+ to be able to return an error code.
+
+RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
+
+ * Handling of %2f in URIs. Currently both 1.3 and 2.0
+ completely disallow %2f in the request URI path (see
+ ap_unescape_url() in util.c). It's permitted and passed
+ through in the query string, however. Roy says the
+ original reason for disallowing it, from five years ago,
+ was to protect CGI scripts that applied PATH_INFO to
+ a filesystem location and which might be tricked by
+ ..%2f..%2f(...). We *should* allow path-info of the
+ form 'http://foo.com/index.cgi/path/to/path%2finfo'.
+ Since we've revamped a lot of our processing of path
+ segments, it would be nice to allow this, or at least
+ allow it conditionally with a directive.
+
+ * FreeBSD, threads, and worker MPM. All seems to work fine
+ if you only have one worker process with many threads. Add
+ a second worker process and the accept lock seems to be
+ lost. This might be an APR issue with how it deals with
+ the child_init hook (i.e. the fcntl lock needs to be resynced).
+ More examination and analysis is required.
+
+ * There is increasing demand from module writers for an API
+ that will allow them to control the server à la apachectl.
+ Reasons include sole-function servers that need to die if
+ an external dependency (e.g., a database) fails, et cetera.
+ Perhaps something in the (ever more abused) scoreboard?
+ rbb: I don't believe the scoreboard is the correct mechanism
+ for this. We already have a pipe that goes between parent
+ and child for graceful shutdown events, along with an API that
+ can be used to send a message down that pipe. In threaded MPMs,
+ it is easy enough to make that one pipe be used for graceful
+ and graceless events, and it is also easy to open that pipe
+ to both parent and child for writing. Then we just need to figure
+ out how to do graceless on non-threaded MPMs.
+
+ * revamp the input filter behavior, per discussions since
February (and especially at the hackathon last
April). Specifically, ap_get_brigade will return a brigade with
*up to* a specific number of bytes, or a "line" of data. The
Status: Justin is working on this as fast as he can.
The core input filters, HTTP-related filters, mod_ssl, and
mod_proxy are switched to the new logic.
+ However, ap_getline() still needs to be refactored out. But,
+ there's a problem there: ap_getline() peeks ahead for MIME
+ continuation (first character on line is space or \t) and
+ stores unused data in core_request_config which violates the
+ abstraction. That's cheating. So, we may not be able to
+ implement this without setting some data aside (yuck!).
+ I believe this is OtherBill's main complaint with the current
+ filtering.
+ AIUI (correct me if I'm wrong!), OtherBill believes we
+ should have a pushback option so that we can return unread
+ data - this would solve this case. However, my question to
+ him is how do we handle stuff like mod_ssl - we can't "unread"
+ data. So, do we have two brigades for each filter? An in
+ brigade and a returned brigade? That seems messy. To
+ everyone else, can we refactor ap_getline() without pushback
+ and how?
- socket bucket and core input filter changes. see end of
message ID (Feb 27): <20010227075326.S2297@lyra.org>
- thoughts on filter modes:
Message-ID: <021b01c14dee$09782af0$93c0b0d0@roweclan.net>
- * Fold mod_auth_db features back into mod_auth_dbm, and depricate it.
- This can't wait until we have a 2.0-gold release, if folks need
- to move over to auth_dbm, we can't do that to them after 2.0 gold.
-
-RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:
-
* Allow the DocumentRoot directive within <Location > scopes? This
allows the beloved (crusty) Alias /foo/ /somepath/foo/ followed
by a <Directory /somepath/foo> to become simply
server-info or server-status.
This proposed change would _not_ depricate Alias.
- * add mod_gz to httpd-2.0 (in modules/experimental/)
- +1: Greg, Justin, ben, Ken, Jeff, Bill
- 0: Cliff (there's now another candidate to be evaluated)
- 0: Jim (premature decision at present, IMO)
- -0: Doug, Ryan
-
- non-binding: Ian (+1)
-
- * daedalus: mod_cgid and suexec have a problem co-existing. suexec
- sees a null command string sometimes. The problem happens when
- you access bugs.apache.org, then click on the "search the bug db"
- button.
-
* Win32: Rotatelogs sometimes is not terminated when Apache
goes down hard. FirstBill was looking at possibly tracking the
child's-child processes in the parent process.
(4) Trying to seperate the https filter logic from mod_ssl -
This is to facilitate other modules that wish to use the https
filter or the mod_ssl logic or both as required.
+ Justin: mod_ssl filter logic is redone, so that should be fine.
+ Madhu has submitted a patch for SSL caching - however, I
+ am -0 on that patch as I *think* we could implement the
+ shared memory another way that is much cleaner (i.e.
+ treat shmem directly as a dbm via APR routines). Justin
+ also thinks that the https filter logic may be sufficiently
+ decoupled now, but isn't really sure.
* Performance: Get the SINGLE_LISTEN_UNSERIALIZED_ACCEPT
- optimization working in threaded. prefork's new design for how
+ optimization working in worker. prefork's new design for how
to notice data on the pod should be sufficient.
* Performance & Debug: Eliminate most (and perhaps all) of the
prefer htpasswd:
prefer seperate: OtherBill
-
* use apu_dbm in mod_auth_dbm
Status: Greg +1 (low-priority volunteer)
Justin says: "Seems like this is already there, so should we just
a userlist via dbm, which has to remain readable between
builds/machines, etc. The use-multiple database schema
for apr-util would let us do this with just apr, though."
+ Ian says: "multi-dbm is in, but it still has ndbm support hardcoded
+ is this still required? isn't ndbm supported via gdbm?"
+
* Integrate mod_dav.
Some additional items remaining:
* shift stuff to mod_core.h
- * APR-ize resolver stuff in mod_unique_id (Jeff volunteers)
-
* callers of ap_run_create_request() should check the return value
for failure (Doug volunteers)
- * when prefork bails out due to an initialization error in the detached
- process (e.g., mutex init failure), other children (cgid, at least)
- are left hanging around
-
* Win32: Get Apache working on Windows 95/98. The following work
(at least) needs to be done:
- winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT
- Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
actually works) and add in a splash of Win9x service code.
- * When --enable-modules=most or --enable-mods-shared=most is passed
- to the configure script it is still possible to enable many of the
- modules while mod_so itself is not buildable (for whatever reason,
- like not having APR_HAS_DSO). We need to emit an error message
- and fail the configure script at this point.
+ * In order to use a DSO version of mod_ssl we have to link with
+ -lssl and -lcrypto. A workaround is in place right now where the
+ entire EXTRA_LIBS macro is being appended to the objects list, but
+ this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
+ autoconf function or come up with some other autoconf checks to
+ search for libssl and libcrypto and properly add them to mod_ssl's
+ link flags.
+
+ * Make the worker MPM the default MPM for threaded Unix boxes.
+ +1: Justin, Jeff, Ian
+ -0: Aaron (premature decision, needs more discussion)
+ -0: Cliff (I think the default config should be the safest possible)
+
+ * Fix the worker MPM to use POD to kill child processes instead
+ of ap_os_killpg, regardless of how they should die. (Ryan Bloom)
PRs that have been suspended forever waiting for someone to
put them into 'the next release':