You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by pq...@apache.org on 2009/10/03 22:45:44 UTC
svn commit: r17 [9/18] - in /release/httpd: ./ binaries/ binaries/netware/
binaries/os2/ binaries/reliantunix/ binaries/rpm/ binaries/rpm/SRPMS/
binaries/rpm/i386/ binaries/rpm/x86_64/ binaries/solaris/ binaries/win32/
binaries/win32/patches_applied/ b...
Added: release/httpd/CHANGES_2.3
==============================================================================
--- release/httpd/CHANGES_2.3 (added)
+++ release/httpd/CHANGES_2.3 Sat Oct 3 16:45:15 2009
@@ -0,0 +1,638 @@
+ -*- coding: utf-8 -*-
+
+Changes with Apache 2.3.2
+
+ *) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
+
+ *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
+ HTML injections and HTTP response splitting. PR 46837.
+ [Geoff Keating <geoffk apple.com>]
+
+ *) mod_ssl: add support for type-safe STACK constructs in OpenSSL
+ development HEAD. PR 45521. [Kaspar Brand, Sander Temme]
+
+ *) ab: Fix maintenance of the pollset to resolve EALREADY errors
+ with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
+ PR 44584. Use APR_POLLSET_NOCOPY for better performance with some
+ pollset implementations. [Jeff Trawick]
+
+ *) mod_disk_cache: The module now turns off sendfile support if
+ 'EnableSendfile off' is defined globally. [Lars Eilebrecht]
+
+ *) mod_deflate: Adjust content metadata before bailing out on 304
+ responses so that the metadata does not differ from 200 response.
+ [Roy T. Fielding]
+
+ *) mod_deflate: Fix creation of invalid Etag headers. We now make sure
+ that the Etag value is properly quoted when adding the gzip marker.
+ PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding]
+
+ *) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185.
+ [Peter Harlow]
+
+ *) Disabled DefaultType directive and removed ap_default_type()
+ from core. We now exclude Content-Type from responses for which
+ a media type has not been configured via mime.types, AddType,
+ ForceType, or some other mechanism. PR 13986. [Roy T. Fielding]
+
+ *) mod_rewrite: Add IPV6 variable to RewriteCond
+ [Ryan Phillips <ryan-apache trolocsis.com>]
+
+ *) core: Enhance KeepAliveTimeout to support a value in milliseconds.
+ PR 46275. [Takashi Sato]
+
+ *) rotatelogs: Allow size units B, K, M, G and combination of
+ time and size based rotation. [Rainer Jung]
+
+ *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
+
+ *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
+ [<tlhackque yahoo.com>]
+
+ *) core: Translate the the status line to ASCII on EBCDIC platforms in
+ ap_send_interim_response() and for locally generated "100 Continue"
+ responses. [Eric Covener]
+
+ *) prefork: Fix child process hang during graceful restart/stop in
+ configurations with multiple listening sockets. PR 42829. [Joe Orton,
+ Jeff Trawick]
+
+ *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
+ set in the global scope. [Graham Leggett]
+
+ *) mod_ext_filter: We need to detect failure to startup the filter
+ program (a mangled response is not acceptable). Fix to detect
+ failure, and offer configuration option either to abort or
+ to remove the filter and continue.
+ PR 41120 [Nick Kew]
+
+ *) mod_session_crypto: Rewrite the session_crypto module against the
+ apr_crypto API. [Graham Leggett]
+
+ *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
+ until the main request is cleaned up. [Graham Leggett]
+
+Changes with Apache 2.3.1
+
+ *) ap_slotmem: Add in new slot-based memory access API impl., including
+ 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
+ Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
+
+ *) mod_include: support generating non-ASCII characters as entities in SSI
+ PR 25202 [Nick Kew]
+
+ *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
+ PR 25202 [Nick Kew]
+
+ *) mod_rewrite: fix "B" flag breakage by reverting r5589343
+ PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
+
+ *) CGI: return 504 (Gateway timeout) rather than 500 when a script
+ times out before returning status line/headers.
+ PR 42190 [Nick Kew]
+
+ *) mod_cgid: fix segfault problem on solaris.
+ PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
+
+ *) mod_proxy_scgi: Added. [André Malo]
+
+ *) mod_cache: Introduce 'no-cache' per-request environment variable
+ to prevent the saving of an otherwise cacheable response.
+ [Eric Covener]
+
+ *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
+ way that per-directory rewrites append the previous notion of PATH_INFO
+ to each substitution before evaluating subsequent rules.
+ PR 38642 [Eric Covener]
+
+ *) mod_cgid: Do not add an empty argument when calling the CGI script.
+ PR 46380 [Ruediger Pluem]
+
+ *) scoreboard: Remove unused sb_type from process_score.
+ [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
+
+ *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
+ size of the buffer used for the request-body where necessary
+ during a per-dir renegotiation. PR 39243. [Joe Orton]
+
+ *) mod_proxy_fdpass: New module to pass a client connection over to a separate
+ process that is reading from a unix daemon socket.
+
+ *) mod_ssl: Improve environment variable extraction to be more
+ efficient and to correctly handle DNs with duplicate tags.
+ PR 45975. [Joe Orton]
+
+ *) Remove the obsolete serial attribute from the RPM spec file. Compile
+ against the external pcre. Add missing binaries fcgistarter, and
+ mod_socache* and mod_session*. [Graham Leggett]
+
+Changes with Apache 2.3.0
+
+ *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
+
+ *) Remove X-Pad header which was added as a work around to a bug in
+ Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
+
+ *) Add DTrace Statically Defined Tracing (SDT) probes.
+ [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
+
+ *) mod_proxy_balancer: Move all load balancing implementations
+ as individual, self-contained mod_proxy submodules under
+ modules/proxy/balancers [Jim Jagielski]
+
+ *) Rename APIs to include ap_ prefix:
+ find_child_by_pid -> ap_find_child_by_pid
+ suck_in_APR -> ap_suck_in_APR
+ sys_privileges_handlers -> ap_sys_privileges_handlers
+ unixd_accept -> ap_unixd_accept
+ unixd_config -> ap_unixd_config
+ unixd_killpg -> ap_unixd_killpg
+ unixd_set_global_mutex_perms -> ap_unixd_set_global_mutex_perms
+ unixd_set_proc_mutex_perms -> ap_unixd_set_proc_mutex_perms
+ unixd_set_rlimit -> ap_unixd_set_rlimit
+ [Paul Querna]
+
+ *) core: When the ap_http_header_filter processes an error bucket, cleanup
+ the passed brigade before returning AP_FILTER_ERROR down the filter
+ chain. This unambiguously ensures the same error bucket isn't revisited
+ [Ruediger Pluem]
+
+ *) mod_lbmethod_heartbeat: New module to load balance mod_proxy workers
+ based on heartbeats. [Paul Querna]
+
+ *) mod_heartmonitor: New module to collect heartbeats, and write out a file
+ so that other modules can load balance traffic as needed. [Paul Querna]
+
+ *) mod_heartbeat: New module to generate multicast heartbeats to know if a
+ server is online. [Paul Querna]
+
+ *) core: Error responses set by filters were being coerced into 500 errors,
+ sometimes appended to the original error response. Log entry of:
+ 'Handler for (null) returned invalid result code -3'
+ [Eric Covener]
+
+ *) mod_buffer: Honour the flush bucket and flush the buffer in the
+ input filter. Make sure that metadata buckets are written to
+ the buffer, not to the final brigade. [Graham Leggett]
+
+ *) mod_buffer: Optimise the buffering of heap buckets when the heap
+ buckets stay exactly APR_BUCKET_BUFF_SIZE long. [Graham Leggett,
+ Ruediger Pluem]
+
+ *) mod_buffer: Optional support for buffering of the input and output
+ filter stacks. Can collapse many small buckets into fewer larger
+ buckets, and prevents excessively small chunks being sent over
+ the wire. [Graham Leggett]
+
+ *) mod_privileges: new module to make httpd on Solaris privileges-aware
+ and to enable different virtualhosts to run with different
+ privileges and Unix user/group IDs [Nick Kew]
+
+ *) mod_mem_cache: this module has been removed. [William Rowe]
+
+ *) authn/z: Remove mod_authn_default and mod_authz_default.
+ [Chris Darroch]
+
+ *) authz: Fix handling of authz configurations, make default authz
+ logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
+ and AuthzMergeRules directives with Match, <Match*>, and AuthzMerge
+ directives. [Chris Darroch]
+
+ *) mod_authn_core: Prevent crash when provider alias created to
+ provider which is not yet registered. [Chris Darroch]
+
+ *) mod_authn_core: Add AuthType of None to support disabling
+ authentication. [Chris Darroch]
+
+ *) core: Allow <Limit> and <LimitExcept> directives to nest, and
+ constrain their use to conform with that of other access control
+ and authorization directives. [Chris Darroch]
+
+ *) unixd: turn existing code into a module, and turn the set user/group
+ and chroot into a child_init function. [Nick Kew]
+
+ *) core: Add ap_timeout_parameter_parse to public API. [Ruediger Pluem]
+
+ *) mod_dir: Support "DirectoryIndex disabled"
+ Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
+
+ *) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
+ OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
+
+ *) Export and install the mod_rewrite.h header to ensure the optional
+ rewrite_mapfunc_t and ap_register_rewrite_mapfunc functions are
+ available to third party modules. [Graham Leggett]
+
+ *) mod_authnz_ldap: don't return NULL-valued environment variables to
+ other modules. PR 39045 [Francois Pesce <francois.pesce gmail.com>]
+
+ *) Don't adjust case in pathname components that are not of interest
+ to mod_mime. Fixes mod_negotiation's use of such components.
+ PR 43250 [Basant Kumar Kukreja <basant.kukreja sun.com>]
+
+ *) Be tolerant in what you accept - accept slightly broken
+ status lines from a backend provide they include a valid status code.
+ PR 44995 [Rainer Jung <rainer.jung kippdata.de>]
+
+ *) New module mod_sed: filter Request/Response bodies through sed
+ [Basant Kumar Kukreja <basant.kukreja sun.com>]
+
+ *) mod_auth_form: Make sure that basic authentication is correctly
+ faked directly after login. [Graham Leggett]
+
+ *) mod_session_cookie, mod_session_dbd: Make sure cookies are set both
+ within the output headers and error output headers, so that the
+ session is maintained across redirects. [Graham Leggett]
+
+ *) mod_auth_form: Make sure the logged in user is populated correctly
+ after a form login. Fixes a missing REMOTE_USER variable directly
+ following a login. [Graham Leggett]
+
+ *) mod_session_cookie: Make sure that cookie attributes are correctly
+ included in the blank cookie when cookies are removed. This fixes an
+ inability to log out when using mod_auth_form. [Graham Leggett]
+
+ *) mod_autoindex: add configuration option to insert string
+ in HTML HEAD. [Nick Kew]
+
+ *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
+ null value. [David Shane Holden <dpejesh apache.org>]
+
+ *) mod_headers: Prevent Header edit from processing only the first header
+ of possibly multiple headers with the same name and deleting the
+ remaining ones. PR 45333. [Ruediger Pluem]
+
+ *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
+ [Tom Donovan]
+
+ *) core, authn/z: Determine registered authn/z providers directly in
+ ap_setup_auth_internal(), which allows optional functions that just
+ wrapped ap_list_provider_names() to be removed from authn/z modules.
+ [Chris Darroch]
+
+ *) authn/z: Convert common provider version strings to macros.
+ [Chris Darroch]
+
+ *) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
+
+ *) configure: Don't reject libtool 2.x
+ PR 44817 [Arfrever Frehtes Taifersar Arahesis <Arfrever.FTA gmail.com>]
+
+ *) core: When testing for slash-terminated configuration paths in
+ ap_location_walk(), don't look past the start of an empty string
+ such as that created by a <Location ""> directive.
+ [Chris Darroch]
+
+ *) core, mod_proxy: If a kept_body is present, it becomes safe for
+ subrequests to support message bodies. Make sure that safety
+ checks within the core and within the proxy are not triggered
+ when kept_body is present. This makes it possible to embed
+ proxied POST requests within mod_include. [Graham Leggett]
+
+ *) mod_auth_form: Make sure the input filter stack is properly set
+ up before reading the login form. Make sure the kept body filter
+ is correctly inserted to ensure the body can be read a second
+ time safely should the authn be successful. [Graham Leggett,
+ Ruediger Pluem]
+
+ *) mod_request: Insert the KEPT_BODY filter via the insert_filter
+ hook instead of during fixups. Add a safety check to ensure the
+ filters cannot be inserted more than once. [Graham Leggett,
+ Ruediger Pluem]
+
+ *) core: Do not allow Options ALL if not all options are allowed to be
+ overwritten. PR 44262 [MichaÅ GrzÄdzicki <lazy iq.pl>]
+
+ *) ap_cache_cacheable_headers_out() will (now) always
+ merge an error headers _before_ clearing them and _before_
+ merging in the actual entity headers and doing normal
+ hop-by-hop cleansing. [Dirk-Willem van Gulik].
+
+ *) cache: retire ap_cache_cacheable_hdrs_out() which was used
+ for both in- and out-put headers; and replace it by a single
+ ap_cache_cacheable_headers() wrapped in a in- and out-put
+ specific ap_cache_cacheable_headers_in()/out(). The latter
+ which will also merge error and ensure content-type. To keep
+ cache modules consistent with ease. This API change bumps
+ up the minor MM by one [Dirk-Willem van Gulik].
+
+ *) mod_rewrite: Allow Cookie option to set secure and HttpOnly flags.
+ PR 44799 [Christian Wenz <christian wenz.org>]
+
+ *) Move the KeptBodySize directive, kept_body filters and the
+ ap_parse_request_body function out of the http module and into a
+ new module called mod_request, reducing the size of the core.
+ [Graham Leggett]
+
+ *) mod_dbd: Handle integer configuration directive parameters with a
+ dedicated function.
+
+ *) Change the directives within the mod_session* modules to be valid
+ both inside and outside the location/directory sections, as
+ suggested by wrowe. [Graham Leggett]
+
+ *) mod_auth_form: Add a module capable of allowing end users to log
+ in using an HTML form, storing the credentials within mod_session.
+ [Graham Leggett]
+
+ *) Add a function to the http filters that is able to parse an HTML
+ form request with the type of application/x-www-form-urlencoded.
+ [Graham Leggett]
+
+ *) mod_session_crypto: Initialise SSL in the post config hook.
+ [Ruediger Pluem, Graham Leggett]
+
+ *) mod_session_dbd: Add a session implementation capable of storing
+ session information in a SQL database via the dbd interface. Useful
+ for sites where session privacy is important. [Graham Leggett]
+
+ *) mod_session_crypto: Add a session encoding implementation capable
+ of encrypting and decrypting sessions wherever they may be stored.
+ Introduces a level of privacy when sessions are stored on the
+ browser. [Graham Leggett]
+
+ *) mod_session_cookie: Add a session implementation capable of storing
+ session information within cookies on the browser. Useful for high
+ volume sites where server bound sessions are too resource intensive.
+ [Graham Leggett]
+
+ *) mod_session: Add a generic session interface to unify the different
+ attempts at saving persistent sessions across requests.
+ [Graham Leggett]
+
+ *) core, authn/z: Avoid calling access control hooks for internal requests
+ with configurations which match those of initial request. Revert to
+ original behaviour (call access control hooks for internal requests
+ with URIs different from initial request) if any access control hooks or
+ providers are not registered as permitting this optimization.
+ Introduce wrappers for access control hook and provider registration
+ which can accept additional mode and flag data. [Chris Darroch]
+
+ *) Introduced ap_expr API for expression evaluation.
+ This is adapted from mod_include, which is the first module
+ to use the new API.
+ [Nick Kew]
+
+ *) mod_authz_dbd: When redirecting after successful login/logout per
+ AuthzDBDRedirectQuery, do not report authorization failure, and use
+ first row returned by database query instead of last row.
+ [Chris Darroch]
+
+ *) mod_ldap: Correctly return all requested attribute values
+ when some attributes have a null value.
+ PR 44560 [Anders Kaseorg <anders kaseorg.com>]
+
+ *) core: check symlink ownership if both FollowSymlinks and
+ SymlinksIfOwnerMatch are set [Nick Kew]
+
+ *) core: fix origin checking in SymlinksIfOwnerMatch
+ PR 36783 [Robert L Mathews <rob-apache.org.bugs tigertech.net>]
+
+ *) Activate mod_cache, mod_file_cache and mod_disc_cache as part of the
+ 'most' set for '--enable-modules' and '--enable-shared-mods'. Include
+ mod_mem_cache in 'all' as well. [Dirk-Willem van Gulik]
+
+ *) Also install mod_so.h, mod_rewrite.h and mod_cache.h; as these
+ contain public function declarations which are useful for
+ third party module authors. PR 42431 [Dirk-Willem van Gulik].
+
+ *) mod_dir, mod_negotiation: pass the output filter information
+ to newly created sub requests; as these are later on used
+ as true requests with an internal redirect. This allows for
+ mod_cache et.al. to trap the results of the redirect.
+ [Dirk-Willem van Gulik, Ruediger Pluem]
+
+ *) mod_ldap: Add support (taking advantage of the new APR capability)
+ for ldap rebind callback while chasing referrals. This allows direct
+ searches on LDAP servers (in particular MS Active Directory 2003+)
+ using referrals without the use of the global catalog.
+ PRs 26538, 40268, and 42557 [Paul J. Reder]
+
+ *) mod_ssl: Added server name indication support (SNI, RFC 4366).
+ PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
+ can be created with test/make_sni.sh [Dirk-Willem van Gulik].
+
+ *) ApacheMonitor.exe: Introduce --kill argument for use by the
+ installer. This will permit the installation tool to remove
+ all running instances before attempting to remove the .exe.
+ [William Rowe]
+
+ *) mod_ssl: Add support for OCSP validation of client certificates.
+ PR 41123. [Marc Stern <marc.stern approach.be>, Joe Orton]
+
+ *) mod_serf: New module for Reverse Proxying. [Paul Querna]
+
+ *) core: Add the option to keep aside a request body up to a certain
+ size that would otherwise be discarded, to be consumed by filters
+ such as mod_include. When enabled for a directory, POST requests
+ to shtml files can be passed through to embedded scripts as POST
+ requests, rather being downgraded to GET requests. [Graham Leggett]
+
+ *) mod_ssl: Fix TLS upgrade (RFC 2817) support. PR 41231. [Joe Orton]
+
+ *) scoreboard: Correctly declare ap_time_process_request.
+ PR 43789 [Tom Donovan <Tom.Donovan acm.org>]
+
+ *) core; scoreboard: ap_get_scoreboard_worker(sbh) now takes the sbh member
+ from the connection rec, ap_get_scoreboard_worker(proc, thread) will now
+ provide the unusual legacy lookup. [William Rowe]
+
+ *) mpm winnt: fix null pointer dereference
+ PR 42572 [Davi Arnaut]
+
+ *) mod_authnz_ldap, mod_authn_dbd: Tidy up the code to expose authn
+ parameters to the environment. Improve portability to
+ EBCDIC machines by using apr_toupper(). [Martin Kraemer]
+
+ *) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
+ to authorize an authenticated user via a "require ldap-group X" directive
+ where the user is not in group X, but is in a subgroup contained in X.
+ PR 42891 [Paul J. Reder]
+
+ *) mod_ssl: Add support for caching SSL Sessions in memcached. [Paul Querna]
+
+ *) mod_ldap: Fix the search limit parameter to ldap_search_ext_s()
+ for SDKs that define LDAP_NO_LIMIT to something other than -1.
+ [David Jones <oscaremma gmail.com>]
+
+ *) apxs: Enhance -q flag to print all known variables and their values
+ when invoked without variable name(s).
+ [William Rowe, Sander Temme]
+
+ *) apxs: Eliminate run-time check for mod_so. PR 40653.
+ [David M. Lee <dmlee crossroads.com>]
+
+ *) beos MPM: Create pmain pool and run modules' child_init hooks when
+ entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
+ [Chris Darroch]
+
+ *) netware MPM: Destroy pmain pool when exiting ap_mpm_run() so that
+ cleanups registered in modules' child_init hooks are performed.
+ [Chris Darroch]
+
+ *) mod_dbd: Stash DBD connections in request_config of initial request
+ only, or else sub-requests and internal redirections may cause
+ entire DBD pool to be stashed in a single HTTP request. [Chris Darroch]
+
+ *) Fix issue which could cause error messages to be written to access logs
+ on Win32. PR 40476. [Tom Donovan <Tom.Donovan acm.org>]
+
+ *) The LockFile directive, which specifies the location of
+ the accept() mutex lockfile, is deprecated. Instead, the
+ AcceptMutex directive now takes an optional lockfile
+ location parameter, ala SSLMutex. [Jim Jagielski]
+
+ *) mod_authn_dbd: Export any additional columns queried in the SQL select
+ into the environment with the name AUTHENTICATE_<COLUMN>. This brings
+ mod_authn_dbd behaviour in line with mod_authnz_ldap. [Graham Leggett]
+
+ *) mod_dbd: Key the storage of prepared statements on the hex string
+ value of server_rec, rather than the server name, as the server name
+ may change (eg when the server name is set) at any time, causing
+ weird behaviour in modules dependent on mod_dbd. [Graham Leggett]
+
+ *) mod_proxy_fcgi: Added win32 build. [Mladen Turk]
+
+ *) sendfile_nonblocking() takes the _brigade_ as an argument, gets
+ the first bucket from the brigade, finds it not to be a FILE
+ bucket and barfs. The fix is to pass a bucket rather than a brigade.
+ [Niklas Edmundsson <nikke acc.umu.se>]
+
+ *) mod_rewrite: support rewritemap by SQL query [Nick Kew]
+
+ *) ap_get_server_version() has been removed. Third-party modules must
+ now use ap_get_server_banner() or ap_get_server_description().
+ [Jeff Trawick]
+
+ *) All MPMs: Introduce a check_config phase between pre_config and
+ open_logs, to allow modules to review interdependent configuration
+ directive values and adjust them while messages can still be logged
+ to the console. Handle relevant MPM directives during this phase
+ and format messages for both the console and the error log, as
+ appropriate. [Chris Darroch]
+
+ *) mod_proxy: don't URLencode tilde in path component
+ [Stijn Hoop <stijn sandcat.nl>]
+
+ *) mpm_winnt: Fix return values from wait_for_many_objects.
+ The return value is index to the signaled thread in the
+ creted_threads array. We can not use WAIT_TIMEOUT because
+ his value is defined as 258, thus limiting the MaxThreads
+ to that value. [Mladen Turk]
+
+ *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
+ to circumvent the symbolic link checks imposed by FollowSymLinks and
+ SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]
+
+ *) New SSLLogLevelDebugDump [ None (default) | IO (not bytes) | Bytes ]
+ configures the I/O Dump of SSL traffic, when LogLevel is set to Debug.
+ The default is none as this is far greater debugging resolution than
+ the typical administrator is prepared to untangle. [William Rowe]
+
+ *) mod_disk_cache: If possible, check if the size of an object to cache is
+ within the configured boundaries before actually saving data.
+ [Niklas Edmundsson <nikke acc.umu.se>]
+
+ *) mod_disk_cache: Delete temporary files if they cannot be renamed to their
+ final name. [Davi Arnaut <davi haxent.com.br>]
+
+ *) Worker and event MPMs: Remove improper scoreboard updates which were
+ performed in the event of a fork() failure. [Chris Darroch]
+
+ *) Add support for fcgi:// proxies to mod_rewrite.
+ [Markus Schiegl <ms schiegl.com>]
+
+ *) Remove incorrect comments from scoreboard.h regarding conditional
+ loading of worker_score structure with mod_status, and remove unused
+ definitions relating to old life_status field.
+ [Chris Darroch <chrisd pearsoncmg.com>]
+
+ *) Remove allocation of memory for unused array of lb_score pointers
+ in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
+
+ *) Add mod_proxy_fcgi, a FastCGI back end for mod_proxy.
+ [Garrett Rooney, Jim Jagielski, Paul Querna]
+
+ *) Event MPM: Fill in the scoreboard's tid field. PR 38736.
+ [Chris Darroch <chrisd pearsoncmg.com>]
+
+ *) mod_charset_lite: Remove Content-Length when output filter can
+ invalidate it. Warn when input filter can invalidate it.
+ [Jeff Trawick]
+
+ *) Authz: Add the new module mod_authn_core that will provide common
+ authn directives such as 'AuthType', 'AuthName'. Move the directives
+ 'AuthType' and 'AuthName' out of the core module and merge mod_authz_alias
+ into mod_authn_core. [Brad Nicholes]
+
+ *) Authz: Move the directives 'Order', 'Allow', 'Deny' and 'Satisfy'
+ into the new module mod_access_compat which can be loaded to provide
+ support for these directives.
+ [Brad Nicholes]
+
+ *) Authz: Move the 'Require' directive from the core module as well as
+ add the directives '<SatisfyAll>', '<SatisfyOne>', '<RequireAlias>'
+ and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
+ logic into the authorization processing. [Brad Nicholes]
+
+ *) Authz: Add the new module mod_authz_core which acts as the
+ authorization provider vector and contains common authz
+ directives. [Brad Nicholes]
+
+ *) Authz: Renamed mod_authz_dbm authz providers from 'group' and
+ 'file-group' to 'dbm-group' and 'dbm-file-group'. [Brad Nicholes]
+
+ *) Authz: Added the new authz providers 'env', 'ip', 'host', 'all' to handle
+ host-based access control provided by mod_authz_host and invoked
+ through the 'Require' directive. [Brad Nicholes]
+
+ *) Authz: Convert all of the authz modules from hook based to
+ provider based. [Brad Nicholes]
+
+ *) mod_cache: Add CacheMinExpire directive to set the minimum time in
+ seconds to cache a document.
+ [Brian Akins <brian.akins turner.com>, Ruediger Pluem]
+
+ *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
+
+ *) Fix typo in ProxyStatus syntax error message.
+ [Christophe Jaillet <christophe.jaillet wanadoo.fr>]
+
+ *) Asynchronous write completion for the Event MPM. [Brian Pane]
+
+ *) Added an End-Of-Request bucket type. The logging of a request and
+ the freeing of its pool are now done when the EOR bucket is destroyed.
+ This has the effect of delaying the logging until right after the last
+ of the response is sent; ap_core_output_filter() calls the access logger
+ indirectly when it destroys the EOR bucket. [Brian Pane]
+
+ *) Rewrite of logresolve support utility: IPv6 addresses are now supported
+ and the format of statistical output has changed. [Colm MacCarthaigh]
+
+ *) Rewrite of ap_coreoutput_filter to do nonblocking writes [Brian Pane]
+
+ *) Added new connection states for handler and write completion
+ [Brian Pane]
+
+ *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264.
+ [Justin Erenkrantz]
+
+ *) Teach mod_ssl to use arbitrary OIDs in an SSLRequire directive,
+ allowing string-valued client certificate attributes to be used for
+ access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
+ [Martin Kraemer, David Reid]
+
+ [Apache 2.1.0-dev includes those bug fixes and changes with the
+ Apache 2.2.xx tree as documented, and except as noted, below.]
+
+Changes with Apache 2.2.x and later:
+
+ *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup
+
+Changes with Apache 2.0.x and later:
+
+ *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup
+
+Changes with Apache 1.3.x and later:
+
+ *) http://svn.apache.org/viewvc/httpd/httpd/branches/1.3.x/src/CHANGES?view=markup
Added: release/httpd/CURRENT-IS-2.2.14
==============================================================================
(empty)
Added: release/httpd/HEADER.html
==============================================================================
--- release/httpd/HEADER.html (added)
+++ release/httpd/HEADER.html Sat Oct 3 16:45:15 2009
@@ -0,0 +1,20 @@
+<h1>Index of /dist/httpd</h1>
+
+<h2>Apache HTTP Server <u>Source Code</u> Distributions</h2>
+
+<p>This download page includes <strong>only the sources</strong> to compile
+ and build Apache yourself with the proper tools. Download
+ the precompiled distribution for your platform from
+ <a href="binaries/">binaries/</a>.</p>
+
+<h2>Important Notices</h2>
+
+<ul>
+<li><a href="#mirrors">Download from your nearest mirror site!</a></li>
+<li><a href="#binaries">Binary Releases</a></li>
+<li><a href="#releases">Current Releases</a></li>
+<li><a href="#archive">Older Releases</a></li>
+<li><a href="#sig">PGP Signatures</a></li>
+<li><a href="#patches">Official Patches</a></li>
+</ul>
+
Propchange: release/httpd/HEADER.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: release/httpd/HEADER.html
------------------------------------------------------------------------------
svn:keywords = Date Revision Author HeadURL Id
Propchange: release/httpd/HEADER.html
------------------------------------------------------------------------------
svn:mime-type = text/html