RELEASE SHOWSTOPPERS:
- *) PR 60576: 2.4.21 broke PHP-FPM with the patch to strip the bogus "proxy://"
- prefix from SCRIPT_FILENAME. We need to revert to the previous behavior
- ASAP to avoid any further hurdles with FCGI implementations while we figure
- this out.
-
- *) PR 60071: Child httpd processes crash with Segmentation fault
- trunk patch: http://svn.apache.org/r1779573
- http://svn.apache.org/r1779574
- http://svn.apache.org/r1779623
- 2.4.x patch: trunk works
- +1: jim
-
- *) PR60458: Rip out this regression or fix (TBD)
-
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
+ *) core: Add %{REMOTE_PORT} to the expression parser. PR59938
+ trunk patch: http://svn.apache.org/r1776459
+ http://svn.apache.org/r1788508
+ 2.4.x patch: trunk works
+ +1: covener, ylavic, jchampion
+ jchampion: Trunk patches don't apply cleanly for me. The patch I used to
+ test is at https://home.apache.org/~jchampion/patches/2.4.x-expr-REMOTE_PORT.patch
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
http://svn.apache.org/r1740998
http://svn.apache.org/r1742697
http://svn.apache.org/r1756976
- http://svn.apache.org/r1781188
- 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-r1740928_and_co-v2.patch
+ http://svn.apache.org/r1781313
+ 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-r1740928_and_co-v3.patch
+1: ylavic
- *) event: close a race condition where we might re-enable listeners while they
- are already or about to be closed.
- trunk patch: http://svn.apache.org/r1774541
- 2.4.x patch: trunk works
+ *) mod_proxy_hcheck: Don't validate timed out responses.
+ trunk patch: http://svn.apache.org/r1779574
+ http://svn.apache.org/r1779623
+ 2.4.x patch: trunk works *after r1779573 above* (modulo CHANGES)
+1: ylavic, jim
- *) mod_proxy_fcgi: Return HTTP 504 rather than 503 in case of proxy timeout.
- trunk patch: http://svn.apache.org/r1775858
- 2.4 patch: trunk works (modulo CHANGES)
- +1: elukey
-
- *) mod_remoteip: Add PROXY protocol support
- trunk patch: http://svn.apache.org/r1776575
- http://svn.apache.org/r1776578 (doc fix)
- http://svn.apache.org/r1776627 (shortened name + doc fix)
- http://svn.apache.org/r1776674 (attribution moved to CHANGES)
- http://svn.apache.org/r1776740 (attribution updated in mod_remotip.c)
- 2.4 patch (includes CHANGES):
- http://people.apache.org/~druggeri/patches/RemoteIPProxyProtocol.2.4.x.patch
- +1: druggeri, jim
- ±0: jorton, not reviewed but please include r1781030 too
-
- *) mod_filter: AddOutputFilterByType should use underlying filters type, not just
- AP_FTYPE_CONTENT_SET. PR58856
- trunk patch: http://svn.apache.org/r1726705
+ *) mod_ssl: backport fix for PR 46037
+ trunk patch: http://svn.apache.org/r1781575
+ http://svn.apache.org/r1781577
+ http://svn.apache.org/r1781580
+ http://svn.apache.org/r1781687
+ http://svn.apache.org/r1783305
+ 2.4.x patch: http://people.apache.org/~jfclere/patches/patch.46037.txt
+ +1: jfclere, jim
+ wrowe asks: Can we capitalize Verify in SSLOCSPNoverify to keep
+ with conventions?
+ ylavic: +1 with http://svn.apache.org/r1788430, fixing the merge of
+ SSLOCSPNoverify and capitalizing as suggested above.
+
+ *) mod_proxy_hcheck: Honor checks in Vhosts
+ trunk patch: http://svn.apache.org/r1784203
+ http://svn.apache.org/r1784205
+ http://svn.apache.org/r1784227
+ http://svn.apache.org/r1784228
+ http://svn.apache.org/r1784275
+ http://svn.apache.org/r1785871
+ http://svn.apache.org/r1786009
+ 2.4.x patch: trunk works *after r1779573 above* (modulo CHANGES)
+ FULL hcheck patch: http://home.apache.org/~jim/patches/httpd2.4-hcheck.patch
+ (includes all hcheck related patches, including showstopper)
+ +1: jim
+ ylavic: 'tpsize' needs to be reset (to HC_THREADPOOL_SIZE) in pre_config,
+ otherwise if mod_proxy_hcheck is builtin/static and for example
+ ProxyHCTPsize were commented out on restart, we wouldn't use the
+ default value (as expected).
+
+ *) mod_autoindex: Add IndexOptions UseOldDateFormat to allow the date
+ format from 2.2 in the Last Modified column. PR60846.
+ trunk patch: http://svn.apache.org/r1787525
+ http://svn.apache.org/r1787553
+ http://svn.apache.org/r1788451
2.4.x patch: trunk works
- +1: covener, jim
+ +1 covener
- *) mod_watchdog: Use pconf as parent pool so mutexes get cleaned on restarts/reloads
- and fix leaking sems (https://bugzilla.redhat.com/show_bug.cgi?id=1410883)
- trunk patch: http://svn.apache.org/r1778319
- http://svn.apache.org/r1778331
+ *) mod_proxy: Allow the per-request environment variable "no-proxy" to
+ be used as an alternative to ProxyPass /path !. This is primarily
+ to set exceptions for ProxyPass specified in <Location> context.
+ trunk patch: http://svn.apache.org/r1781328
+ http://svn.apache.org/r1785907
2.4.x patch: trunk works
- +1: jim, jorton,
+ +1: covener, ylavic
+
+ *) Easy patches: synch 2.4.x and trunk
+ - cache: Use apr_pstrmemdup instead of apr_pstrndup when applicable
+ - cache: Remove a useless break + tiny style fix (missing space)
+ - vhost: save some request pool memory
+ - vhost: Fix some tiny style issues
+ - mod_dir: Save a few bytes in the request pool.
+ trunk patch: http://svn.apache.org/r1777556
+ http://svn.apache.org/r1777557
+ http://svn.apache.org/r1777593
+ http://svn.apache.org/r1777594
+ http://svn.apache.org/r1783056
+ 2.4.x patch: trunk patches work
+ +1: jailletc36, ylavic
+
+ *) core: Disallow multiple Listen on the same IP:port when listener buckets
+ are configured (ListenCoresBucketsRatio > 0), consistently with the single
+ bucket case (default), thus avoiding the leak of the corresponding socket
+ descriptors on graceful restart.
+ trunk patch: http://svn.apache.org/r1789220
+ 2.4.x patch: trunk works (modulo CHANGES)
+ +1: ylavic
+
+
+PATCHES/ISSUES THAT ARE BEING WORKED
+ [ New entried should be added at the START of the list ]
*) mod_brotli: Backport of mod_brotli filter
trunk patch: http://svn.apache.org/r1761714
http://svn.apache.org/r1762515
http://svn.apache.org/r1771791
http://svn.apache.org/r1779077
+ http://svn.apache.org/r1779091
+ http://svn.apache.org/r1779699
2.4.x patch: http://home.apache.org/~jim/patches/brotli-2.4.patch
+1: jim, jorton,
+ -1: wrowe (Premature, waiting on github.com/google/brotli 0.6 release)
+ NOTE: Awaiting next release post 0.5.2
- *) mod_auth_digest: Use anonymous shm by default, fall back on name-based
- trunk patch: http://svn.apache.org/r1684636
- 2.4.x patch: trunk works (needs CHANGES, ref PR 54622)
- +1: jorton,
-
- *) mod_ssl: work around leaks on (graceful) restart.
- trunk patch: http://svn.apache.org/r1781187
- http://svn.apache.org/r1781188
- http://svn.apache.org/r1781190
- 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-mod_ssl-restart_leaks.patch
- +1: ylavic
-
-
-PATCHES/ISSUES THAT ARE BEING WORKED
- [ New entried should be added at the START of the list ]
+ *) mod_remoteip: Add PROXY protocol support
+ trunk patch: http://svn.apache.org/r1776575
+ http://svn.apache.org/r1776578 (doc fix)
+ http://svn.apache.org/r1776627 (shortened name + doc fix)
+ http://svn.apache.org/r1776674 (attribution moved to CHANGES)
+ http://svn.apache.org/r1776740 (attribution updated in mod_remotip.c)
+ http://svn.apache.org/r1778268 (fix compiler warning)
+ http://svn.apache.org/r1780725 (set buckets aside)
+ http://svn.apache.org/r1781030 (fix strict GCC warning)
+ http://svn.apache.org/r1781031 (reference the filter by handle)
+ http://svn.apache.org/r1781701 (rework optional processing case)
+ http://svn.apache.org/r1788674 (final edge cases/ignore slave conns)
+ 2.4 convenience patch (includes CHANGES):
+ http://people.apache.org/~druggeri/patches/RemoteIPProxyProtocol.2.4.x.patch
+ +1: druggeri, jim
+ -0.5: wrowe (Still reviewing support of unwise 'optional' schema vs. other
+ possibile solves; questioning reading-but-ignoring PROXY
+ protocol input, also seems unwise)
*) mod_ssl: Return 502 instead of 500 when SSL peer check or
proxy_post_handshake hook fails.