You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jw...@apache.org on 2001/11/14 04:15:23 UTC
cvs commit: httpd-dist Announcement2.html Announcement2.txt
jwoolley 01/11/13 19:15:23
Modified: . Announcement2.html Announcement2.txt
Log:
Update for 2.0.28
Revision Changes Path
1.3 +992 -85 httpd-dist/Announcement2.html
Index: Announcement2.html
===================================================================
RCS file: /home/cvs/httpd-dist/Announcement2.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -u -r1.2 -r1.3
--- Announcement2.html 2001/04/04 19:49:10 1.2
+++ Announcement2.html 2001/11/14 03:15:23 1.3
@@ -1,95 +1,1002 @@
-<PRE>
-Apache 2.0.16 Released as beta
--------------------------------
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+<HEAD>
+<TITLE>Apache HTTP Server Project</TITLE>
+</HEAD>
-The Apache Group is proud to announce the release the sixteenth release
-of Apache 2.0. This is the first public beta of Apache 2.0. This release
-has been tested thoroughly, and has been running the apache.org web site for
-the last few weeks.
+<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
+<BODY
+ BGCOLOR="#FFFFFF"
+ TEXT="#000000"
+ LINK="#0000FF"
+ VLINK="#000080"
+ ALINK="#FF0000"
+>
+<IMG SRC="../images/apache_sub.gif" ALT="">
-Apache 2.0 offers numerous enhancements, improvements and performance
-boosts over the 1.3 codebase. The most visible and noteworthy addition
+<H1 ALIGN="CENTER">Apache 2.0.28 Released as Beta</H1>
+
+<P>The Apache Group is proud to announce the release the twenty-eighth
+release of Apache 2.0. This is the second public beta of Apache 2.0.
+This release has been tested thoroughly, and has been running the
+apache.org web site for the last week.</P>
+
+
+<P>Apache 2.0 offers numerous enhancements, improvements and performance
+boosts over the 1.3 codebase. The most visible and noteworthy addition
is the ability to run Apache in a hybrid thread/process mode on any
-platform that supports both threads and processes. This has shown to
-improve the scalability of the Apache HTTPD server significantly in
-our early testing, on some versions of Unix. Apache 2.0 also includes
-support for filtered I/O. This allows modules to modify
-the output of other modules before it is sent to the client. Finally, we
-have included support for IPv6 on any platform that supports IPv6.
+platform that supports both threads and processes. This has been shown
+to improve the scalability of the Apache HTTPD server significantly on
+some versions of Unix in our testing. Apache 2.0 also includes support
+for filtered I/O. This allows modules to modify the output of other
+modules before it is sent to the client. Finally, we have included
+support for IPv6 on any platform that supports IPv6.</P>
-This version of Apache is known to work on many versions of Unix, BeOS,
+<P>This version of Apache is known to work on many versions of Unix, BeOS,
OS/2, and Windows. Because of many of the advancements in Apache 2.0,
-the initial release of Apache is expected to perform equally well on all
-supported platforms.
+this release of Apache is expected to perform equally well on all
+supported platforms.</P>
-There are new snapshots of the Apache httpd source available every 6
-hours from http://dev.apache.org/from-cvs/apache-2.0/ - please
-download and test if you feel brave. We don't guarantee anything
+<P>There are new snapshots of the Apache httpd source available every
+six hours from <a href="http://cvs.apache.org/snapshots/httpd-2.0/">http://cvs.apache.org/snapshots/httpd-2.0/</a> - please
+download and test if you feel brave. We don't guarantee anything
except that it will take up disk space, but if you have the time and
-skills, please give it a spin on your platforms.
+skills, please give it a spin on your platforms.</P>
-Apache has been the most popular web server on the Internet since
-April of 1996. The May 2000 WWW server site survey by Netcraft (see:
-http://www.netcraft.co.uk/Survey/) found that more web servers were
-using Apache than any other software running on more than 60% of the
-Internet web servers.
+<P>Apache has been the most popular web server on the Internet since
+April of 1996. The October 2001 WWW server site survey by Netcraft
+(<a href="http://www.netcraft.com/survey/">http://www.netcraft.com/survey/</a>) found that more web servers were
+using Apache than any other software running on more than 56% of the
+Internet web servers.</P>
-For more information, please check out http://www.apache.org/httpd.html
+<P>For more information, please check out <a href="http://httpd.apache.org/">http://httpd.apache.org/</a>.</P>
-Changes with Apache 2.0.16
-
- *) Change the default installation directory to /usr/local/apache2,
- as now defined by the "Apache" layout in config.layout. [Marc Slemko]
-
- *) OS/2: Added support for building loadable modules as OS/2 DLLs.
- [Brian Havard]
-
- *) Get MaxRequestsPerChild working with the Windows MPM.
+<H3>Known issues with this release</H3>
+
+<PRE>
+ *) There is a bug which can cause the response headers to be
+ omitted when sending a negotiated ErrorDocument because
+ the required filters were attached to the wrong request_rec.
+ This can affect installations which enable authentication
+ on / or /error, among others. A workaround is to comment out
+ the ErrorDocument 401 directive in the default config file.
+ A patch for this problem has already been committed to CVS
+ and is available at:
+ <a href="http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/http/http_request.c.diff?r1=1.119&r2=1.120">http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/http/http_request.c.diff?r1=1.119&r2=1.120</a>
+
+ *) MacOSX users must use the darwin-specific tarball, which was built
+ with a version of libtool that is compatible with that platform.
+
+ *) The MacOSX/Darwin port currently does not support DSOs. This issue
+ will be addressed in a future release.
+
+ *) There is a known problem when ProxyPass is used in combination with
+ mod_include; including a remote file from another remote file does
+ not currently work. This issue will be addressed in a future release.
+
+</PRE>
+
+
+<H3>Changes since the last public release</H3>
+
+<PRE>
+
+Changes with Apache 2.0.28
+
+ *) Fix infinite loop in mod_cgid.c.
+ [Dale Ghent <daleg@elemental.org>, Brian Pane <bpane@pacbell.net>]
+
+ *) When no port is given in a "ServerName host" directive, the
+ server_rec->port is now set to zero, not 80. That allows for
+ run-time deduction of the correct server port (depending on
+ SSL/plain, and depending also on the current setting of
+ UseCanonicalName). This change makes redirections
+ work, even with https:// connections. As in Apache-1.3, the
+ connection's actual port number is never used, only the ServerName
+ setting or the client's Host: setting. Documentation updated
+ to reflect the change. [Martin Kraemer]
+
+ *) Add a '%{note-name}e' argument to mod-headers, which works in
+ the same way as mod_log_confg. [Ian Holsman]
+
+ *) Fix the spelling of the AP_MPMQ_MIN_SPARE_DAEMONS and
+ AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
+ MPMs. [Cliff Woolley]
+
+ *) Introduce htdbm, a user management utility for db/dbm authorization
+ databases. [Mladen Turk <mturk@mappingsoft.com>]
+
+ *) Optimize usage of strlen and strcat in ap_directory_walk.
+ [Brian Pane <bpane@pacbell.net>]
+
+Changes with Apache 2.0.27
+
+ *) Introduce an Apache mod_ssl initial configuration template
+ (ssl.conf, generated from ssl-std.conf). [Ralf S. Engelschall]
+
+ *) Fixed a memory leak in the getline parsing code that could
+ be triggered by arbitrarily large header lines. Requests
+ from the core input filter for single lines are now limited
+ to HUGE_STRING_LEN (8192 bytes). [Aaron Bannert]
+
+ *) Fix a truncation bug in how we print the port on the Via: header.
+ The routine that prints the Via: header now takes a length for
+ the port string. [Zvi Har'El <rl@math.technion.ac.il>]
+
+ *) Some syntax errors in mod_mime_magic's magic file can result
+ in a 500 error, which previously was unlogged. Now we log the
+ error. [Jeff Trawick]
+
+ *) Add the support/checkgid helper app, which checks the run-time
+ validity of group identifiers usable in the Group directive.
+ [Ken Coar]
+
+ *) Various --enable-so options have been fixed: --enable-so is
+ treated as "static"; explicit --enable-so=shared issues an error;
+ and explicit --enable-so fails with error on systems without
+ APR_HAS_DSO. [Aaron Bannert]
+
+ *) Fix a segfault in the core input filter when the client socket
+ gets disconnected unexpectedly. [Cliff Woolley]
+
+ *) Fix the reporting for child processes that die. This removes
+ all of the non-portable W* macros from Apache.
+ [Jeff Trawick and Ryan Bloom]
+
+ *) Win32: Track and display "Parent Server Generation:" in
+ mod_status output. The generation will be bumped at
+ server graceful restart, when the child process exits
+ by hitting MaxRequestsPerChild or if the child
+ process exits abnormally. [Bill Stoddard]
+
+ *) Win32: Fix problem where MaxRequestsPerChild directive was
+ not being picked up in favor of the default. Enable
+ the parent to start up a new child process immediately upon
+ the old child starting shutdown.
[Bill Stoddard]
-
- *) Make generic hooks to work, with mod_generic_hook_import/export
- experimental modules. [Ben Laurie, Will Rowe]
-
- *) Fix segfaults for configuration file syntax errors such as
- "<Directory>" followed by "</Directory" and
- "<Directory>" followed by "</Directoryz>". [Jeff Trawick]
-
- *) Cleanup the --enable-layout option of configure. This makes
- us use a consistent location for the config.layout file, and it
- makes configure more portable.
- [jun-ichiro hagino <it...@iijlab.net>]
-
- *) Changes to 'ab'; fixed int overrun's, added statistics, output in
- csv/gnuplot format, rudimentary ssl support and various other tweaks
- to make results more true to what is measured. The upshot of this it
- turns out that 'ab' has often underreported the true performance of
- apache. Often by a order of magnitude :-) See talk/paper of Sander
- Temme <sc...@covalent.net> at April ApacheCon 2001 for details.
- [Dirk-Willem van Gulik]
-
- *) Clean up mod_cgid's temporary request pool. Besides fixing a
- storage leak this ensures that some unnecessary pipes are closed.
+
+ *) Fix some bungling of the remote port in rfc1413.c so that
+ IdentityCheck retrieves the proper user id instead of failing
+ and thus always returning "nobody."
+ [Dick Streefland <Dick.Streefland@xs4all.nl>]
+
+ *) Introduced thread saftey for mod_rewrite's internal cache.
+ [Brian Pane <bpane@pacbell.net>]
+
+ *) Simplified mod_env's directives to behave as most directives are
+ expected, in that UnsetEnv will not unset a SetEnv and PassEnv
+ directive following that UnsetEnv within the same container.
+ Also provides a runtime startup warning if a PassEnv configured
+ environment value is undefined. [William Rowe]
+
+ *) The worker MPM is now completely ported to APR's new lock API. It
+ uses native APR types for thread mutexes, cross-process mutexes,
+ and condition variables. [Aaron Bannert]
+
+ *) Sync up documentation to remove all references to the now deprecated
+ Port directive. [Justin Erenkrantz]
+
+ *) Moved all ldap modules from the core to httpd-ldap sub-project
+ [Ryan Bloom]
+
+ *) Exit when we can't listen on any of the configured ports. This
+ is the same behavior as 1.3, and it avoids having the MPMs to
+ deal with bogus ap_listen_rec structures. [Jeff Trawick]
+
+ *) Cleanup the proxy code that creates a request to the origin
+ server. This change adds an optional hook, which allows modules
+ to gain control while the request is created if the proxy module
+ is loaded. The purpose of this hook is to allow modules to add
+ input and/or output filters to the request to the origin. While
+ I was at it, I made the core use this hook, so that proxy request
+ creation uses some of the code from the core. This can still be
+ greatly improved, but this is a good start. [Ryan Bloom]
+
+Changes with Apache 2.0.26
+
+ *) Port the MaxClients changes from the worker MPM to the threaded
+ MPM. [Ryan Bloom]
+
+ *) Fix mod_proxy so that it handles chunked transfer-encoding and works
+ with the new input filtering system. [Justin Erenkrantz]
+
+ *) Introduce the MultiviewsMatch directive, to allow the operator
+ to be flexible in recognizing Handlers and Filters filename
+ extensions as part of the Multiviews matching logic, strict with
+ MultiviewsMatch NegotiatedOnly to accept only filename extentions
+ that designate negotiated parameters, (content type, charset, etc.)
+ or MultiviewsAll for the 1.3 behavior of matching any files, even
+ if they have unregistered extensions. [William Rowe]
+
+ *) Fixed the configure script to add a LoadModule directive to
+ the default httpd.conf for any module that was compiled
+ as a DSO. [Aaron Bannert <aaron@clove.org>]
+
+ *) rewrite mod_ssl input filtering to work with the new input filtering
+ system. [Justin Erenkrantz]
+
+ *) prefork: Don't segfault when we are able to listen on some but
+ not all of the configured ports. [Jeff Trawick]
+
+ *) Build mod_so even if no core modules are built shared.
+ [Aaron Bannert <aaron@clove.org>]
+
+ *) Introduce ap_directory_walk rewrite (with further optimizations
+ required) to adapt to the ap_process_request_internal() changes.
+ Optimized so subrequests and redirects now reuse previous section
+ merges, until we mismatch with the original directory_walk, and
+ precomputed r->finfo results will cause directory_walk to skip
+ the most expensive phases of the function. [William Rowe]
+
+ *) Allow ApacheMonitor to connect to and control Apache on other
+ WinNT/2K machines. [Mladen Turk <mturk@mappingsoft.com>]
+
+ *) Remove the Port directive. In it's place, the Listen directive
+ is now a required directive, which tells Apache what port to
+ listen on. The ServerName directive has also been extended
+ to accept an optional port. If the port is specified to the
+ ServerName, the server will report that port whenever it
+ reports the port that it is listening on. This change was
+ made to ease configuration errors that stem from having a Port
+ directive, and a Listen directive. In that situation, the server
+ would only listen to the port specified by the Listen command,
+ which caused a lot of confusion to users. [Ryan Bloom]
+
+ *) Added mod_mime_magic, mod_unique_id and mod_vhost_alias to the Win32
+ build, as loadable modules. [William Rowe]
+
+ *) Fix --enable-mods-shared processing. If most is specified,
+ then all modules that can be compiled as shared modules are.
+ [Aaron Bannert <aaron@clove.org>]
+
+ *) Update the mime.types file to map video/vnd.mpegurl to mxu
+ and add commonly used audio/x-mpegurl for m3u extensions.
+ [Heiko Recktenwald <uzs106@uni-bonn.de>, Lars Eilebrecht]
+
+ *) Eliminate the depreciated r->content_language, in favor of the array
+ r->content_languages introduced many years ago. Module authors must
+ substantially overhaul their modules, so this needs to be upgraded
+ if the module still relied on backwards-brokeness. [William Rowe]
+
+ *) Allow configure help strings to work with autoconf 2.50+ and 2.13.
+ [Justin Erenkrantz]
+
+ *) Rewrite the input filtering mechanisms to consolidate and reorganize
+ code. In short, core_input_filter does something now and
+ ap_http_filter is now only concerned with HTTP. [Justin Erenkrantz]
+
+ *) Update the Win32 build to re-absorb mod_proxy and family.
+ [William Rowe]
+
+ *) Resolved the build failure on Win32 using MSVC 5.0 (without the
+ current SDK.) [William Rowe]
+
+ *) Some style changes to the code that does ProxyErrorOverride. Fixed
+ config merge behaviour. [Graham Leggett]
+
+ *) Allow support programs to be compiled against a static version
+ of libapr. This allows the smaller support programs to be
+ relocated. [Aaron Bannert <aaron@clove.org>]
+
+ *) Update the mime.types file to the registered media types as
+ of 2001-09-25, and add mapping for xsl extension [Mark Cox]
+
+ *) Fix MaxClients in the Worker MPM, so that it specifies the maximum
+ number of clients that can connect at the same time, instead of
+ specifying the maximum number of child processes.
+ [Aaron Bannert <aaron@clove.org>]
+
+ *) Switch proc_pthread AcceptMutex configuration directive to pthread to
+ be consistent with 1.3. [Justin Erenkrantz]
+
+ *) Cache apr_explode_localtime() value for 15 seconds.
+ [Brian Pane <bpane@pacbell.net>]
+
+ *) Fix mod_include to not return ETag or Last-Modified headers.
+ [Ian Holsman <ianh@cnet.com>]
+
+ *) Fix worker MPM's scoreboard logic. [Aaron Bannert <aaron@clove.org>]
+
+ *) Eliminate the wasteful run-time conversion of method names from strings
+ to numbers in places where the methods are known at compile time.
+ [Brian Pane <bpane@pacbell.net>]
+
+ *) Turn the worker MPM's queue into a LIFO. This may
+ improve cache-hit performance under some conditions.
+ [Aaron Bannert <aaron@clove.org>]
+
+ *) Switch back to SIGUSR1 for graceful restarts on all platforms that
+ support it. [Justin Erenkrantz]
+
+ *) Cleanup the worker MPM. We no longer re-use transaction
+ pools. This incurs less overhead than shuffling the pools
+ around so that they can be re-used. Remove one of the
+ queue's condition variables. We just redefined the API to
+ state that you can't try to add more stuff than you allocated
+ segments for. [Aaron Bannert <aaron@clove.org>]
+
+ *) Fix SSL VPATH builds [Cody Sherr <csherr@covalent.net>]
+
+ *) Fixed persistent connections when a request contains a body.
+ [Greg Stein]
+
+ *) mod_dav uses a new API to speak to the backend provider for dead
+ property management. [Greg Stein]
+
+ *) Remove the Win32 script-processing exception from mod_cgi, and
+ roll build_command_line/build_argv_list into a unified, overrideable
+ ap_cgi_build_command optional function. [William Rowe]
+
+ *) Rewrite find_start_sequence to use a better search algorithm
+ to find the start tag. [Justin Erenkrantz]
+
+ *) Fix a seg fault in mod_include. When we are generating an
+ internal redirect, we must set r->uri to "", not a bogus
+ string, and not NULL. [Ryan Bloom]
+
+ *) Optimized location_walk, so subrequests, redirects and second passes
+ now reuse previous section merges on a <Location > by <Location >
+ basis, until we mismatch with the original location_walk.
+ [William Rowe]
+
+ *) Back out the 1.45 change to util_script.c. This change made
+ us set the environment variable REQUEST_URI to the redirected
+ URI, instead of the originally requested URI.
+ [Taketo Kabe <kabe@sra-tohoku.co.jp>]
+
+ *) Make mod_include do lazy evaluation of potentially expensive to
+ compute variables. [Brian Pane <bpane@pacbell.net>]
+
+ *) Fix logging of bytes sent for HEAD requests. %b and %B should
+ log either - or 0, before this patch, they were both logging
+ the file size. [Taketo Kabe <kabe@sra-tohoku.co.jp>]
+
+ *) Make mod_include check for BYTE_CHECK_THRESHOLD per bucket rather
+ than per character. [Brian Pane <bpane@pacbell.net>]
+
+ *) Normalize the primary request, redirects and sub-requests to
+ run the same ap_process_request_internal for consistency in
+ robustness, behavior and security. [William Rowe]
+
+ *) Fix a segfault with mod_include when r->path_info is not set
+ (which is the case with mod_proxy). [Ian Holsman <ianh@cnet.com>]
+
+ *) Add -X functionality back. This indicates to all MPMs and any other
+ part of Apache that it should run in "debug" mode. [Justin Erenkrantz]
+
+ *) Some initial support for the cygwin platform [prefork only].
+ This is not to be confused with support for the WinNT/Win32
+ platform, which is the recommended configuration for native
+ Win32 users. The cygwin platform support is recommended for
+ cygwin platform users. [Stipe Tolj <tolj@wapme-systems.de>]
+
+ *) Changed syntax of Set{Input|Output}Filter. The list of filters
+ must be semicolon delimited (if more than one filter is given.)
+ The Set{Input|Output}Filter directive now overrides a parent
+ container's directive (e.g. SetInputFilter in <Directory /web/foo>
+ will override any SetInputFilter directive in <Directory /web>.)
+ This new syntax is more consistent with Add{Input|Output}Filter
+ directives defined in mod_mime. Also cures a bug in prior releases
+ where the Set{Input|Output}Filter directive would corrupt the
+ global configuration if the multiple directives were nested.
+ [William Rowe]
+
+ *) Cured what's ailed mime for quite some time. If an AddSomething
+ was given in the configuration (Language, Charset, Handler or
+ Encoding) Apache would set the content type as given by AddType,
+ but refused to check the mime.types file if AddType wasn't given
+ for that specific extension. Setting the AddHandler for .html
+ without setting the AddType text/html html would cause Apache to
+ use the default content type. [William Rowe]
+
+ *) Added some bulletproofing to memory allocation in the LDAP cache
+ code. [Graham Leggett]
+
+Changes with Apache 2.0.25
+
+ *) Move the installed /manual directory out of the /htdocs/ tree, so
+ that it can be kept more independently from the remaining document
+ root. The "Alias /manual ..." already allowed for easy projection
+ into existing private document trees. [Martin Kraemer]
+
+ *) Add specified user attributes to the environment when using
+ mod_auth_ldap. This allows you to use mod_include to embed specified
+ user attributes in a page like so:
+ Hello <!--#echo var="AUTHENTICATE_CN"-->, how are you?
+ [Graham Leggett]
+
+ *) Fix a performance problem with the worker MPM. We now create
+ transaction pools once, and re-use them for each connection.
+ [Aaron Bannert <aaron@clove.org>]
+
+ *) Modfied mod_mime to prevent mod_negotation from serving a multiview
+ of a 'handler' or 'filter', so that any filename extension that does
+ not contribute to the negotiated metadata can't be served without
+ an explicit request. E.g., if the .Z extension is associated with
+ an unzip filter, the user request somefile.Z.html, mod_negotiation
+ won't serve it. It can serve somefile.Z.html when somefile.Z is
+ requested, since the .Z extension is explictly requested, if the
+ .html extension is associated with ContentType text/html.
+ [William Rowe]
+
+ *) Introduce the AddInputFilter filter[;filter...] ext [ext...]
+ and corresponding AddOutputFilter syntax, to insert one or more
+ filters by mod_mime filename extension processing.
+ [William Rowe]
+
+ *) Fix a growing connection pool in core_output_filter() for
+ keepalive requests. [Jeff Trawick]
+
+ *) Moved split_and_pass_pretag_buckets back to being a
+ macro at Ryans's request. Removed the return from it
+ by setting and returning a return code instead. Updated
+ the code to check the return code from the macro and
+ do the right thing. [Paul J. Reder]
+
+ *) Fix a segfault when a numeric value was received for Host:.
[Jeff Trawick]
-
- *) Performance: Add quick_handler hook. This hook is called at the
- very beginning of the request processing before location_walk,
- translate_name, etc. This hook is useful for URI keyed content
- caches like Mike Abbott's Quick Shortcut Cache.
+
+ *) Add a function ap_remove_input_filter. This is to match
+ up with ap_remove_output_filter. [Ryan Bloom]
+
+ *) Clean up location_walk, so that this step performs a minimum
+ amount of redundant effort (it must be run twice, but it will no
+ longer reparse all <Location > blocks when the request uri
+ hadn't changed.) [William Rowe]
+
+ *) Eliminate proxy: (and all other 'special') processing from the
+ ap_directory_walk() phase. Modules that want to use special
+ walk logic should refer to the mod_proxy map_to_location example,
+ with it's proxy_walk and proxysection implementation. This makes
+ either directory_walk flavor much more legible, since that phase
+ only runs against real <Directory > blocks.
+ [William Rowe]
+
+ *) Fix a security problem in mod_include which would allow
+ an SSI document to be passed to the client unparsed.
+ [Cliff Woolley, Brian Pane]
+
+ *) Introduce the map_to_storage hook, which allows modules to bypass
+ the directory_walk and file_walk for non-file requests. TRACE
+ shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
+ directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.
+ [William Rowe]
+
+ *) Add the ability for mod_include to add the INCLUDES filter
+ if the file is configured for the server-parsed handler.
+ This makes the configuration for .shtml files much easier
+ to understand, and allows mod_include to honor Apache 1.3
+ config files. Based on Doug MacEachern's patch to PHP
+ to do the same thing. [Ryan Bloom]
+
+ *) force OpenSSL to ignore process local-caching and to always
+ get/set/delete sessions using mod_ssl's callbacks
+ [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>,
+ Geoff Thorpe <geoff@geoffthorpe.net>]
+
+ *) Make the worker MPM shutdown and restart cleanly. This also
+ cleans up some race conditions, and gets the worker using
+ pools more cleanly. [Aaron Bannert <aaron@clove.org>]
+
+ *) Implement CRYPTO_set_locking_callback() in terms of apr_lock
+ for mod_ssl
+ [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]
+
+ *) Fix for mod_include. Ryan's patch to check error
+ codes put a return in the wrong place. Also, the
+ include handler return code wasn't being checked.
+ I don't like macros with returns, so I converted
+ SPLIT_AND_PASS_PRETAG_BUCKETS into a function.
+ [Paul J. Reder <rederpj@raleigh.ibm.com>]
+
+ *) fix segv in mod_mime if no AddTypes are configured
+ [John Sterling <sterling@covalent.net>]
+
+ *) Enable ssl client authentication at SSL_accept time
+ [Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>]
+
+ *) Fix a segfault in mod_include when the original request has no
+ associated filename (e.g., we're filtering the error document for
+ a bad URI). [Jeff Trawick]
+
+ *) Fix a storage leak (a strdup() call) in mod_mime_magic. [Jeff Trawick]
+
+ *) The prefork and OS/2 MPMs are overwriting the pid file when a second copy
+ of httpd is started and shuts down due to socket conflict. Moving the
+ call to ap_log_pid solves the problem.
+
+ *) Changed the late-1.3 log_config substitution %c to %X, to log the
+ status of the closed connection, as it conflicts with the far more
+ common, historical ssl logging directive %...{var}c. [William Rowe]
+
+ *) Added the common error/ tree to the build/install targets
+ (similar to the common icons/ tree) for the multi-language error
+ messages that Lars committed earlier. [William Rowe]
+
+ *) Added a multi process, multi threaded OS/2 MPM mpmt_os2. [Brian Havard]
+
+ *) Added a default commented-out mod_ldap and mod_auth_ldap
+ configuration to httpd-std.conf and httpd-win.conf
+ [Graham Leggett]
+
+ *) Added documentation for mod_ldap and mod_auth_ldap.
+ [Graham Leggett]
+
+ *) Enabled negative caching on attribute comparisons in the LDAP cache.
+ Fixed a problem where the default cache TTL was set in milliseconds
+ not microseconds causing the cache to time out almost immediately.
+ [Graham Leggett]
+
+ *) Fixed all the #if APR_HAS_SHARED_MEMORY checks within the LDAP
+ module code to follow APR. [Graham Leggett]
+
+ *) Fixed LDAP cleanup on graceful restarts. LDAP connections are now
+ cleaned up when the connection pool pool is cleaned up.
+ [Graham Leggett]
+
+ *) Fix a minor issue with Jeff Trawick's mod_include
+ patch. Without this patch, the code will just allocate
+ more bytes in get_combined_directive than are needed.
+ [Paul Reder]
+
+ *) Added the LDAP authentication module mod_auth_ldap.
+ [Dave Carrigan <dave@rudedog.org>, Graham Leggett]
+
+ *) Added the LDAP cache and connection pooling module mod_ldap.
+ [Dave Carrigan <dave@rudedog.org>, Graham Leggett]
+
+ *) Fix --enable-modules=all breakage with mod_auth_db and mod_auth_digest
+ by allowing a module to disable itself if its prerequisites are not
+ met. [Justin Erenkrantz]
+
+Changes with Apache 2.0.24
+
+ *) Fix a couple of issues in mod_include when the tag appeared at
+ offsets near 8192 in the file being parsed. [Jeff Trawick]
+
+ *) Fix an assertion failure in mod_ssl when the keepalive timeout is
+ reached. [Jeff Trawick]
+
+ *) Numerous improvements to the Win32 build system. Introduced command line
+ builds without requiring .mak files for MSVC 6.0 and later versions.
+ Improved .dsp file compatibility for both Visual Studio 5.0 and 6.0 users.
+ [William Rowe]
+
+ *) Assorted corrections and improvements to the winnt_mpm startup code.
+ Better reporting of uninstalled services and other error conditions,
+ and changed the default service name to Apache2. [William Rowe]
+
+ *) Numerous improvements to the Win32 ApacheMonitor utility, including
+ winnt_mpm compatibility with existing Apache 1.3 Win32 Apache management
+ utilites. [Mladen Turk <mturk@mappingsoft.com>, William Rowe]
+
+ *) Fixed the segfaults in mod_mime introduced by hash tables in 2.0.20.
+ [William Rowe, Greg Ames]
+
+ *) Rounded out the mod_mime Add/Remove pairs by adding RemoveLanguage
+ and RemoveCharset directives. [William Rowe]
+
+ *) The Unix MPMs other than perchild now allow child server
+ processes to use the accept mutex when starting as root and
+ using SysV sems for the accept mutex. Previously, this
+ combination would lead to fatal errors in the child server
+ processes. perchild can't use SysV sems because of security
+ issues. [Jeff Trawick, Greg Ames]
+
+ *) Added Win32 revision stamp resources to all http binaries
+ (including modules/ and support/ tools.) PR7322 [William Rowe]
+
+ *) Fix ap_rvprintf to support more than 4K of data at one time.
+ [Cody Sherr <csherr@covalent.net>]
+
+ *) We have always used the obsolete/deprecated Netscape syntax
+ for our tracking cookies; now the CookieStyle directive
+ allows the Webmaster to choose the Netscape, RFC2109, or
+ RFC2965 format. The new CookieDomain directive allows the
+ setting of the cookie's Domain= attribute, too. PR #s 5006,
+ 5023, 5920, 6140 [Ken Coar]
+
+ *) Tweak server/Makefile so that the rules for generating exports.c
+ are compatible with make utilities which don't expand wildcards
+ in a dependency list (e.g., OS/390 make, certain levels of GNU
+ make). [Jeff Trawick]
+
+ *) Install the SSL headers. [John Sterling <sterling@covalent.net>]
+
+ *) Begin to sanitize the MPM configuration directives. Now, all
+ MPMs use the same functions for all common MPM directives. This
+ should make it easier to catch all bugs in these directives once.
+ [Cody Sherr <csherr@covalent.net>]
+
+ *) Close a major resource leak. Every time we had issued a
+ graceful restart, we leaked a socket descriptor.
+ [Ryan Bloom]
+
+ *) Fix a problem with the new method code. We need to cast
+ the 1 to an apr_int64_t or it will be treated as a 32-bit
+ integer, and it will wrap after being shifted 32 times.
+ [Cody Sherr <csherr@covalent.net> and Ryan Morgan <rmorgan@covalent.net>]
+
+ *) Fix a bug in mod_expires. Previous to this patch, if you
+ told mod_expires to add 604800 seconds to the last-modified
+ time, it actually added 604800 usec's to the last-modified time,
+ so that when looking at the response it looked like nothing
+ had been done. The root of the problem was that we always compute
+ time in usec's, but we ask users to input sec's. This means we
+ need to convert to usec's before using those values.
+ [Ryan Bloom]
+
+ *) The worker MPM now handles shutdown and restart requests. It
+ definitely isn't perfect, but we do stop the servers correctly.
+ The biggest problem right now is that SIGHUP causes the server to
+ just die. [Ryan Bloom]
+
+Changes with Apache 2.0.23
+
+ *) Use the prefork MPM by default on Unix. [various]
+
+ *) Added a systray icon monitor application for Win32.
+ [Mladen Turk <mturk@mappingsoft.com>]
+
+ *) mod_rewrite: Fix the line ending on some non-Unix systems for
+ messages written to the rewrite log.
+ [Richard Labennett <rlabenn@us.ibm.com>]
+
+ *) All mod_autoindex query parsing is now quietly quashed with the
+ IndexOption IgnoreClient. The IndexOption SuppressColumnSorting
+ still drops the column sort <a href>'s for the column headers, but
+ IgnoreClient is required to ignore these Query options entirely.
+ [William Rowe]
+
+ *) Introduced new mod_autoindex query argument parsing for F=[0|1|2]
+ to allow the client to select plain, FancyIndexing or HTMLTable
+ formatting, V=[0|1] to inhibit or enable version sorting, and
+ P=pattern to return only specific files. The old Query Arguments
+ were reorganized as C=f for sorting column 'f' (same N, D, S, or M
+ as before), and O=A|D for ordering ascending or descending.
+ [William Rowe]
+
+ *) Fixed an error in mod_include's directive parsing routines which
+ caused #if, #elif, and #else expressions containing backslashes
+ to be improperly evaluated. [Cliff Woolley]
+
+ *) Introduced new mod_autoindex IndexOptions flags: SuppressIcon to
+ drop the icon column, SuppressRules to drop the <hr> elements,
+ and HTMLTable to create rudimentary HTML table listings (implies
+ FancyIndexing). [William Rowe]
+
+ *) Re-introduced the mod_autoindex IndexOptions flag TrackModified
+ from Apache 1.3.15. This is needed for two reasons, first, given
+ multiple machines within a server farm, ETags and Last-Modified
+ stamps won't correspond from machine to machine, and second, many
+ Unixes don't capture changes to the date or time stamp of existing
+ files, since these don't modify the dirent itself. [William Rowe]
+
+ *) Re-introduced the mod_autoindex IndexOptions flag FoldersFirst
+ and DirectoryWidth options from Apache 1.3.10.
+ [William Rowe, Ken Coar]
+
+ *) Eliminated FancyIndexing directive, deprecated early in Apache
+ 1.3 by the IndexOptions FancyIndexing syntax. [William Rowe]
+
+ *) mod_autoindex now excludes any file names that would result in
+ an error, other than a success or redirect. Also optimized
+ the parent directory, always included except in the URI '/'.
+ [William Rowe]
+
+ *) Refactored mod_negotiation and mod_mime to help mod_dir accept
+ negotiated index pages, and prevent the server from defaulting
+ to an autoindex of the directory. mod_negotiation will now die
+ with a 500 Internal Error if it could match some filenames
+ (e.g. for mod_dir) but none can be served. mod_negotation now
+ refuses to serve any file with an extention that mod_mime doesn't
+ recognize, and wasn't part of the request. [William Rowe]
+
+ *) Eliminate mod_cgi's handling of .exe files without the .exe file
+ extension. This is already handled by multiviews, if the admin
+ wishes to AddHandler .exe or define a content type handler and
+ associate .exe files with that content type. Multiviews must be
+ enabled to allow these to be served. [William Rowe]
+
+ *) Speed up the server's response to a spike in incoming workload
+ or restarts by assigning empty scoreboard slots to new processes
+ when they are available. [Greg Ames]
+
+ *) Add a handler to mod_includes.c. This handler is designed to
+ implement the XbitHack directive. This can't be done with a
+ fixup, because we need to check the content-type, which is
+ only available in the handler phase. [Ryan Bloom]
+
+ *) Make the includes filter check return codes from filters lower in
+ the filter chain. If a lower level filter returns an error, then
+ the request needs to stop immediately. This allows mod_include to
+ stop parsing data once a lower filter recognizes an error.
+ [Ryan Bloom]
+
+ *) Add the ability to extend the methods that Apache understands
+ and have those methods <limit>able in the httpd.conf. It uses
+ the same bit mask/shifted offset as the original HTTP methods
+ such as M_GET or M_POST, but expands the total bits from an int to
+ an ap_int64_t to handle more bits for new request methods than
+ an int provides. [Cody Sherr <csherr@covalent.net>]
+
+ *) Fix broken mod_mime behavior in merging its arguments. Possible
+ cause of unexplicable crashes introduced in 2.0.20. [William Rowe]
+
+ *) Solve many mod_ssl porting issues (too many to detail) with
+ help from the whole team, but most notably [Ralf S. Engelschall,
+ Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>,
+ Doug MacEachern, William Rowe, Cliff Woolley]
+
+ *) More stall fixes for the threaded & worker mpm's.
+ Make mod_status output more accurate. Don't
+ count workers in processes which aren't actively
+ serving requests. [Greg Ames]
+
+ *) Win32: Get SSI exec cgi tag working. [Bill Stoddard]
+
+ *) Add a single listener/multiple worker MPM. This MPM is
+ definately not fully correct, but it allows us to solve many
+ of the problems that exist in the threaded MPM. This is a
+ modified version of the threaded MPM. [Ryan Bloom]
+
+ *) Improve content generation throughout Apache, providing closer
+ compliance with HTML 3.2, HTML 4.01 Transitional and XHTML 1.0
+ Transitional specifications. [William Rowe]
+
+Changes with Apache 2.0.22
+
+ *) Fix a problem where the threaded MPM stalls after restarts or
+ segfaults. Also prevent multiple active processes from using
+ the same scoreboard slot. [Greg Ames]
+
+ *) Apache/Win32 now fills in the service description with Apache's
+ server version string, including loaded and advertised modules.
+ [William Rowe]
+
+ *) Improved support for the Win32 build, to recover gracefully from
+ missing apr or apr-util directories or the awk interpreter,
+ create the proper cgi-bin examples, including a test-cgi.bat, and
+ fix the perl shebang line for printenv.pl, when installing from
+ the build environment. [William Rowe]
+
+ *) Fix a segfault in threaded.c caused by passing uninitialized
+ apr_thread_t * to apr_thread_join(). [Jeff Trawick]
+
+ *) Use new APR number conversion functions to reduce CPU consumption
+ when setting the content length, and in mod_log_config.
+ [Brian Pane]
+
+ *) Fix problem reported by Taketo Kabe <kabe@sra-tohoku.co.jp>
+ where HEAD response headers were being repeated twice for
+ files greater than 32K bytes (4*AP_MIN_BYTES_TO_WRITE). This
+ problem in the http_header filter was exposed by the recent rewrite
+ of the content_length filter. [Taketo Kabe, Bill Stoddard]
+
+ *) Fix seg faults in mod_status with ExtendedStatus enabled, after
+ restarts. A garbage pointer to a vhost's server_rec from the
+ previous generation was being left around under certain
+ conditions. [Greg Ames]
+
+ *) Fix a cosmetic problem with mod_include. Non-existant SSI vars
+ used to appear as '(none', without the closing paren.
+ [G�nter Knauf <eflash@gmx.net>]
+
+ *) Improve the exports generating awk script. In the past, we had
+ work around problems in the awk script by avoiding some #if and
+ #ifdefs. This has bitten us many times in generating the exports.c
+ file. This improvement allows corrects the header file parsing.
+ [Sander Striker <striker@apache.org>]
+
+Changes with Apache 2.0.21
+
+ *) Resolve the Win32 htpasswd bug, where a file that existed would be
+ overwritten, regardless of the -c flag.
+ [William Rowe, Mladen Turk <mladen.turk@mail.inet.hr>]
+
+ *) Introduce connection sub-pools into ab. Truncating the lifetime
+ of these allocations means that ab no longer perpetually grows
+ its working set, running out of memory on large request attempts.
+ [William Rowe]
+
+ *) Make scoreboard creation a hook. This allows management
+ modules to have access to the scoreboard at the time that it is
+ created, and at every restart request.
+ [Cody Sherr <csherr@covalent.net>]
+
+ *) Changed AP_MPMQ_MAX_DAEMONS to refer to MaxClients and
+ added an AP_MPMQ_MAX_DAEMON_USED to refer to the highest
+ daemon index actually used in the scoreboard. I also
+ updated the pertinent calls. [Paul J. Reder]
+
+ *) Win32: Prevent listening sockets from being inherited by
+ the Apache child process, CGI scripts, rotatelog process
+ etc. If the Apache child process segfaults, any processes
+ that the child started are not reaped. Prior to this fix,
+ these processes inherited the listening sockets which sometimes
+ prevented the restarted Apache child process from accepting
+ connections (ie, the server would hang).
[Bill Stoddard]
-
- *) top_module global variable renamed to ap_top_module [Perl]
-
- *) Move ap_set_last_modified to the core. This is a potentially
- controversial change, because this is kind of HTTP specific. However
- many protocols should be able to take advantage of this kind of
- information. I expect that headers will need one more layer of
- indirection for multi-protocol work, but this is a small step in
- the right direction. [Ryan Bloom]
-
- *) Enable mod_status by default. This matches what Apache 1.3 does.
- [Ed Korthof]
-
- *) Add a ScriptSock directive to the default config file. This is
- only enabled when mod_cgid is used.
- [Taketo Kabe <ka...@sra-tohoku.co.jp>]
+
+ *) Provide vhost and request strings when ExtendedStatus is on.
+ [Greg Ames]
+
+ *) Fix some issues with the pod and prefork: check the pod *after*
+ processing a connection so that a server processing a time-
+ consuming request bails out as soon as practical; when the
+ parent process wakes up a server process via connect(), use an
+ APR timeout on the connect() so that we don't hang for a long
+ time if there aren't server processes around to do accept().
+ [Jeff Trawick, Greg Ames]
+
+ *) Performance improvement to mod_mime.c. find_ct() in mod_mime,
+ spends a lot of time in apr_table_get calls. Using the default
+ httpd.conf, the tables for languages and charsets are somewhat
+ large, so the time spent scanning them on each request is
+ significant. Replacing the tables with hash tables provides
+ a nice speedup. [Brian Pane <bpane@pacbell.net>]
+
+ *) Add two functions to allow modules to access random parts of the
+ scoreboard. This allows modules compiled for one MPM to access the
+ scoreboard, even if it the server was compiled for another MPM.
+ [Harrie Hazewinkel <harrie@covalent.net>]
+
+Changes with Apache 2.0.20
+
+ *) Fix problem in content-length filter where the filter would
+ buffer all the output from a CGI before sending any bytes
+ down the filter stack to the network. This problem would cause
+ significant memory consumption if the CGIs generated
+ lots of bytes. [Bill Stoddard]
+
+ *) Get non-blocking CGI pipe reads working with the bucket brigades.
+ [Bill Stoddard]
+
+ *) Fix seg fault on Windows when serving files cached with mod_file_cache.
+ [Bill Stoddard]
+
+ *) Fix a bug in the threaded MPM that would cause it to kill off all
+ workers immediately after starting if the number of workers started
+ was above a certain threshold. [Ryan Bloom, Bill Stoddard]
+
+Changes with Apache 2.0.19
+
+ *) Fix problem with threaded MPM. The problem was that if each child
+ process was busy serving a single long-lived request and the server
+ was sent a graceful restart signal, the server would stop serving
+ requests. This would happen because each child process would wait to
+ die until the last thread was done, and the parent wouldn't spawn any
+ new children until a process died. Now, the parent looks at the fact
+ that the children are dying gracefully, and starts new children.
+ Those new children only start enough threads to compliment the number
+ of threads in the other child process that shares the same spot in
+ the scoreboard. In this way, we make sure to never go over
+ MaxClients. [Ryan Bloom]
+
+ *) modified mod_negotiation and mod_autoindex to speed up by almost a
+ factor of two on apr_dir_read()-enhanced platforms, such as Win32
+ and OS2, by calling ap_sub_request_lookup_dirent() with the results
+ already provided by apr_dir_read(). [William Rowe]
+
+ *) mod_file_cache is now more robust to filtering and serves requests
+ slightly more efficiently. [Cliff Woolley]
+
+ *) Fix problem handling FLUSH bucket in the chunked encoding filter.
+ Module was calling ap_rwrite() followed by ap_rflush() but the
+ served content was not being displayed in the browser. Inspection
+ of the output stream revealed that the first data chunk was
+ missing the trailing CRLF required by the RFC. [Bill Stoddard]
+
+ *) apxs no longer generates ap_send_http_header() in the example handler
+
+ *) Fix an ab problem which could cause a divide-by-zero exception
+ with certain invocations (e.g., ab -k -c 6 -n 100 localhost/).
+ [Ian Holsman <ianh@cnet.com>]
+
+ *) Solve case-insensitive platforms' confusion about negotiated
+ filenames, allowing files of differnt case to match in choosing
+ the document to serve. [William Rowe]
+
+ *) Fix brokenness when ThreadsPerChild is higher than the built-in
+ limit. We left ap_threads_per_child at the higher value which
+ led to segfaults when doing certain scoreboard operations.
+ [Jeff Trawick]
+
+ *) Fix seg faults and/or missing output from mod_include. The
+ default_handler was using the subrequest pool for files and
+ MMAPs, even though the associated APR structures typically
+ live longer than the subrequest. [Greg Ames]
+
+ *) Extend mod_setenvif to support specifying regular expressions
+ on the SetEnvIf (and SetEnvIfNoCase) directive attribute field.
+ Example: SetEnvIf ^TS* [a-z].* HAVE_TS
+ will cause HAVE_TS to be set if any of the request headers begins
+ with "TS" and has a value that begins with any character in the
+ set [a-z]. [Bill Stoddard]
+
+ *) httpd children now re-bind themselves to a random CPU on
+ multiprocessor systems on AIX via bindprocessor() in 2.0.
+ [Victor J. Orlikowski]
+
+ *) Fix htdigest. It would go into a loop in getline when adding
+ a second user. [Bill Stoddard]
+
+ *) Win32 platforms now fully support mod_userdir options. [Will Rowe]
+
+ *) Automatically generate httpd.exp for AIX.
+ DSOs now work again on AIX in 2.0
+ [Victor J. Orlikowski]
+
+ *) Add a new request hook, error_log. This phase allows modules
+ to act on the error log string _after_ it has been written
+ to the error log. The goal for this hook is to allow monitoring
+ modules to send the error string to the monitoring agent.
+ [Ryan Bloom]
+
+ *) Modify mod_echo to make it use filters for input and output.
+ [Ryan Morgan <rmorgan@covalent.net>]
+
+ *) Extend mod_headers to support conditional driven Header
+ add, append and set. Use SetEnvIf to set an envar and conditionally
+ add/append/set headers based on this envar thusly:
+
+ SetEnvIf TSMyHeader value HAVE_TSMyHeader
+ Header add MyHeader "%t %D" env=HAVE_TSMyHeader
+
+ If the request contains header "TSMyHeader: value" then header
+ MyHeader: "t=xxxxxxxxxx D=yyyy" will be sent on the response.
+ [Bill Stoddard]
+
+ *) Extend mod_headers to support using format specifiers on Header
+ add, append and set header values. Two format specifiers are supported:
+
+ %t - reports, in UTC microseconds since the epoch, when the
+ request was received.
+
+ %D - reports the time, in microseconds, between when the request was
+ received and the response sent.
+
+ Examples:
+ Header add MyHeader "This request served in %D microseconds. %t"
+
+ results in a header being added to the response that looks like this:
+
+ MyHeader: This request served in D=5438 microseconds. t=991424704447256
+
+ [Bill Stoddard]
+
+ *) Fix reset_filter(). We need to be careful how we remove filters.
+ If we set r->output_filters to NULL, we also have to reset the
+ connection's filters. [John Sterling]
+
+ *) Optimise reset_filter() in http_protocol.c. [Greg Stein]
+
+ *) Add a check to ap_die() to make sure the filter stack is sane and
+ contains the correct basic filters when an error occurs. This fixes
+ a problem where headers are not being sent on error. [John Sterling]
+
+ *) New Header directive 'echo' option. "Header echo regex" will
+ cause any headers received on the request that match regex to be
+ echoed to (included in) the response headers.
+ [Bill Stoddard]
+
+ *) include/ap_compat.h tested and set APR_COMPAT_H instead of AP_COMPAT_H.
+ This prevented the inclusion of apr_compat.h. PR #7773
+ [Oleg Broytmann <phd@phd.pp.ru>]
+
+ *) Moved util_uri to the apr-util library. This required a bunch of
+ apr_name changes for the uri utility functions. [Justin Erenkrantz]
+
+ *) Move the addition of default AP_HTTP_HTTP_HEADER filters to the
+ insert_filter phase so that other filters are not bypassed by default.
+ [Graham Leggett]
+
+ *) Reimplement mod_headers as an output filter. mod_headers can now
+ add custom headers to inbound requests using the RequestHeader directive
+ and to responses using the same old Header directive. [Graham Leggett]
+
</PRE>
+
+</BODY>
+</HTML>
+
1.3 +961 -76 httpd-dist/Announcement2.txt
Index: Announcement2.txt
===================================================================
RCS file: /home/cvs/httpd-dist/Announcement2.txt,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -u -r1.2 -r1.3
--- Announcement2.txt 2001/04/04 19:49:11 1.2
+++ Announcement2.txt 2001/11/14 03:15:23 1.3
@@ -1,94 +1,979 @@
+Apache 2.0.28 Released as Beta
+------------------------------
-Apache 2.0.16 Released as beta
--------------------------------
+The Apache Group is proud to announce the release the twenty-eighth
+release of Apache 2.0. This is the second public beta of Apache 2.0.
+This release has been tested thoroughly, and has been running the
+apache.org web site for the last week.
-The Apache Group is proud to announce the release the sixteenth release
-of Apache 2.0. This is the first public beta of Apache 2.0. This release
-has been tested thoroughly, and has been running the apache.org web site for
-the last few weeks.
Apache 2.0 offers numerous enhancements, improvements and performance
-boosts over the 1.3 codebase. The most visible and noteworthy addition
+boosts over the 1.3 codebase. The most visible and noteworthy addition
is the ability to run Apache in a hybrid thread/process mode on any
-platform that supports both threads and processes. This has shown to
-improve the scalability of the Apache HTTPD server significantly in
-our early testing, on some versions of Unix. Apache 2.0 also includes
-support for filtered I/O. This allows modules to modify
-the output of other modules before it is sent to the client. Finally, we
-have included support for IPv6 on any platform that supports IPv6.
+platform that supports both threads and processes. This has been shown
+to improve the scalability of the Apache HTTPD server significantly on
+some versions of Unix in our testing. Apache 2.0 also includes support
+for filtered I/O. This allows modules to modify the output of other
+modules before it is sent to the client. Finally, we have included
+support for IPv6 on any platform that supports IPv6.
This version of Apache is known to work on many versions of Unix, BeOS,
OS/2, and Windows. Because of many of the advancements in Apache 2.0,
-the initial release of Apache is expected to perform equally well on all
+this release of Apache is expected to perform equally well on all
supported platforms.
-There are new snapshots of the Apache httpd source available every 6
-hours from http://dev.apache.org/from-cvs/apache-2.0/ - please
-download and test if you feel brave. We don't guarantee anything
+There are new snapshots of the Apache httpd source available every
+six hours from http://cvs.apache.org/snapshots/httpd-2.0/ - please
+download and test if you feel brave. We don't guarantee anything
except that it will take up disk space, but if you have the time and
skills, please give it a spin on your platforms.
Apache has been the most popular web server on the Internet since
-April of 1996. The May 2000 WWW server site survey by Netcraft (see:
-http://www.netcraft.co.uk/Survey/) found that more web servers were
-using Apache than any other software running on more than 60% of the
+April of 1996. The October 2001 WWW server site survey by Netcraft
+(http://www.netcraft.com/survey/) found that more web servers were
+using Apache than any other software running on more than 56% of the
Internet web servers.
-For more information, please check out http://www.apache.org/httpd.html
+For more information, please check out http://httpd.apache.org/.
-Changes with Apache 2.0.16
-
- *) Change the default installation directory to /usr/local/apache2,
- as now defined by the "Apache" layout in config.layout. [Marc Slemko]
-
- *) OS/2: Added support for building loadable modules as OS/2 DLLs.
- [Brian Havard]
-
- *) Get MaxRequestsPerChild working with the Windows MPM.
+
+Known issues with this release
+------------------------------
+
+ *) There is a bug which can cause the response headers to be
+ omitted when sending a negotiated ErrorDocument because
+ the required filters were attached to the wrong request_rec.
+ This can affect installations which enable authentication
+ on / or /error, among others. A workaround is to comment out
+ the ErrorDocument 401 directive in the default config file.
+ A patch for this problem has already been committed to CVS
+ and is available at:
+ http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/http/http_request.c.diff?r1=1.119&r2=1.120
+
+ *) MacOSX users must use the darwin-specific tarball, which was built
+ with a version of libtool that is compatible with that platform.
+
+ *) The MacOSX/Darwin port currently does not support DSOs. This issue
+ will be addressed in a future release.
+
+ *) There is a known problem when ProxyPass is used in combination with
+ mod_include; including a remote file from another remote file does
+ not currently work. This issue will be addressed in a future release.
+
+
+Changes since the last public release
+-------------------------------------
+
+Changes with Apache 2.0.28
+
+ *) Fix infinite loop in mod_cgid.c.
+ [Dale Ghent <da...@elemental.org>, Brian Pane <bp...@pacbell.net>]
+
+ *) When no port is given in a "ServerName host" directive, the
+ server_rec->port is now set to zero, not 80. That allows for
+ run-time deduction of the correct server port (depending on
+ SSL/plain, and depending also on the current setting of
+ UseCanonicalName). This change makes redirections
+ work, even with https:// connections. As in Apache-1.3, the
+ connection's actual port number is never used, only the ServerName
+ setting or the client's Host: setting. Documentation updated
+ to reflect the change. [Martin Kraemer]
+
+ *) Add a '%{note-name}e' argument to mod-headers, which works in
+ the same way as mod_log_confg. [Ian Holsman]
+
+ *) Fix the spelling of the AP_MPMQ_MIN_SPARE_DAEMONS and
+ AP_MPMQ_MAX_REQUESTS_DAEMON macros in ap_mpm.h and all standard
+ MPMs. [Cliff Woolley]
+
+ *) Introduce htdbm, a user management utility for db/dbm authorization
+ databases. [Mladen Turk <mt...@mappingsoft.com>]
+
+ *) Optimize usage of strlen and strcat in ap_directory_walk.
+ [Brian Pane <bp...@pacbell.net>]
+
+Changes with Apache 2.0.27
+
+ *) Introduce an Apache mod_ssl initial configuration template
+ (ssl.conf, generated from ssl-std.conf). [Ralf S. Engelschall]
+
+ *) Fixed a memory leak in the getline parsing code that could
+ be triggered by arbitrarily large header lines. Requests
+ from the core input filter for single lines are now limited
+ to HUGE_STRING_LEN (8192 bytes). [Aaron Bannert]
+
+ *) Fix a truncation bug in how we print the port on the Via: header.
+ The routine that prints the Via: header now takes a length for
+ the port string. [Zvi Har'El <rl...@math.technion.ac.il>]
+
+ *) Some syntax errors in mod_mime_magic's magic file can result
+ in a 500 error, which previously was unlogged. Now we log the
+ error. [Jeff Trawick]
+
+ *) Add the support/checkgid helper app, which checks the run-time
+ validity of group identifiers usable in the Group directive.
+ [Ken Coar]
+
+ *) Various --enable-so options have been fixed: --enable-so is
+ treated as "static"; explicit --enable-so=shared issues an error;
+ and explicit --enable-so fails with error on systems without
+ APR_HAS_DSO. [Aaron Bannert]
+
+ *) Fix a segfault in the core input filter when the client socket
+ gets disconnected unexpectedly. [Cliff Woolley]
+
+ *) Fix the reporting for child processes that die. This removes
+ all of the non-portable W* macros from Apache.
+ [Jeff Trawick and Ryan Bloom]
+
+ *) Win32: Track and display "Parent Server Generation:" in
+ mod_status output. The generation will be bumped at
+ server graceful restart, when the child process exits
+ by hitting MaxRequestsPerChild or if the child
+ process exits abnormally. [Bill Stoddard]
+
+ *) Win32: Fix problem where MaxRequestsPerChild directive was
+ not being picked up in favor of the default. Enable
+ the parent to start up a new child process immediately upon
+ the old child starting shutdown.
[Bill Stoddard]
-
- *) Make generic hooks to work, with mod_generic_hook_import/export
- experimental modules. [Ben Laurie, Will Rowe]
-
- *) Fix segfaults for configuration file syntax errors such as
- "<Directory>" followed by "</Directory" and
- "<Directory>" followed by "</Directoryz>". [Jeff Trawick]
-
- *) Cleanup the --enable-layout option of configure. This makes
- us use a consistent location for the config.layout file, and it
- makes configure more portable.
- [jun-ichiro hagino <it...@iijlab.net>]
-
- *) Changes to 'ab'; fixed int overrun's, added statistics, output in
- csv/gnuplot format, rudimentary ssl support and various other tweaks
- to make results more true to what is measured. The upshot of this it
- turns out that 'ab' has often underreported the true performance of
- apache. Often by a order of magnitude :-) See talk/paper of Sander
- Temme <sc...@covalent.net> at April ApacheCon 2001 for details.
- [Dirk-Willem van Gulik]
-
- *) Clean up mod_cgid's temporary request pool. Besides fixing a
- storage leak this ensures that some unnecessary pipes are closed.
+
+ *) Fix some bungling of the remote port in rfc1413.c so that
+ IdentityCheck retrieves the proper user id instead of failing
+ and thus always returning "nobody."
+ [Dick Streefland <Di...@xs4all.nl>]
+
+ *) Introduced thread saftey for mod_rewrite's internal cache.
+ [Brian Pane <bp...@pacbell.net>]
+
+ *) Simplified mod_env's directives to behave as most directives are
+ expected, in that UnsetEnv will not unset a SetEnv and PassEnv
+ directive following that UnsetEnv within the same container.
+ Also provides a runtime startup warning if a PassEnv configured
+ environment value is undefined. [William Rowe]
+
+ *) The worker MPM is now completely ported to APR's new lock API. It
+ uses native APR types for thread mutexes, cross-process mutexes,
+ and condition variables. [Aaron Bannert]
+
+ *) Sync up documentation to remove all references to the now deprecated
+ Port directive. [Justin Erenkrantz]
+
+ *) Moved all ldap modules from the core to httpd-ldap sub-project
+ [Ryan Bloom]
+
+ *) Exit when we can't listen on any of the configured ports. This
+ is the same behavior as 1.3, and it avoids having the MPMs to
+ deal with bogus ap_listen_rec structures. [Jeff Trawick]
+
+ *) Cleanup the proxy code that creates a request to the origin
+ server. This change adds an optional hook, which allows modules
+ to gain control while the request is created if the proxy module
+ is loaded. The purpose of this hook is to allow modules to add
+ input and/or output filters to the request to the origin. While
+ I was at it, I made the core use this hook, so that proxy request
+ creation uses some of the code from the core. This can still be
+ greatly improved, but this is a good start. [Ryan Bloom]
+
+Changes with Apache 2.0.26
+
+ *) Port the MaxClients changes from the worker MPM to the threaded
+ MPM. [Ryan Bloom]
+
+ *) Fix mod_proxy so that it handles chunked transfer-encoding and works
+ with the new input filtering system. [Justin Erenkrantz]
+
+ *) Introduce the MultiviewsMatch directive, to allow the operator
+ to be flexible in recognizing Handlers and Filters filename
+ extensions as part of the Multiviews matching logic, strict with
+ MultiviewsMatch NegotiatedOnly to accept only filename extentions
+ that designate negotiated parameters, (content type, charset, etc.)
+ or MultiviewsAll for the 1.3 behavior of matching any files, even
+ if they have unregistered extensions. [William Rowe]
+
+ *) Fixed the configure script to add a LoadModule directive to
+ the default httpd.conf for any module that was compiled
+ as a DSO. [Aaron Bannert <aa...@clove.org>]
+
+ *) rewrite mod_ssl input filtering to work with the new input filtering
+ system. [Justin Erenkrantz]
+
+ *) prefork: Don't segfault when we are able to listen on some but
+ not all of the configured ports. [Jeff Trawick]
+
+ *) Build mod_so even if no core modules are built shared.
+ [Aaron Bannert <aa...@clove.org>]
+
+ *) Introduce ap_directory_walk rewrite (with further optimizations
+ required) to adapt to the ap_process_request_internal() changes.
+ Optimized so subrequests and redirects now reuse previous section
+ merges, until we mismatch with the original directory_walk, and
+ precomputed r->finfo results will cause directory_walk to skip
+ the most expensive phases of the function. [William Rowe]
+
+ *) Allow ApacheMonitor to connect to and control Apache on other
+ WinNT/2K machines. [Mladen Turk <mt...@mappingsoft.com>]
+
+ *) Remove the Port directive. In it's place, the Listen directive
+ is now a required directive, which tells Apache what port to
+ listen on. The ServerName directive has also been extended
+ to accept an optional port. If the port is specified to the
+ ServerName, the server will report that port whenever it
+ reports the port that it is listening on. This change was
+ made to ease configuration errors that stem from having a Port
+ directive, and a Listen directive. In that situation, the server
+ would only listen to the port specified by the Listen command,
+ which caused a lot of confusion to users. [Ryan Bloom]
+
+ *) Added mod_mime_magic, mod_unique_id and mod_vhost_alias to the Win32
+ build, as loadable modules. [William Rowe]
+
+ *) Fix --enable-mods-shared processing. If most is specified,
+ then all modules that can be compiled as shared modules are.
+ [Aaron Bannert <aa...@clove.org>]
+
+ *) Update the mime.types file to map video/vnd.mpegurl to mxu
+ and add commonly used audio/x-mpegurl for m3u extensions.
+ [Heiko Recktenwald <uz...@uni-bonn.de>, Lars Eilebrecht]
+
+ *) Eliminate the depreciated r->content_language, in favor of the array
+ r->content_languages introduced many years ago. Module authors must
+ substantially overhaul their modules, so this needs to be upgraded
+ if the module still relied on backwards-brokeness. [William Rowe]
+
+ *) Allow configure help strings to work with autoconf 2.50+ and 2.13.
+ [Justin Erenkrantz]
+
+ *) Rewrite the input filtering mechanisms to consolidate and reorganize
+ code. In short, core_input_filter does something now and
+ ap_http_filter is now only concerned with HTTP. [Justin Erenkrantz]
+
+ *) Update the Win32 build to re-absorb mod_proxy and family.
+ [William Rowe]
+
+ *) Resolved the build failure on Win32 using MSVC 5.0 (without the
+ current SDK.) [William Rowe]
+
+ *) Some style changes to the code that does ProxyErrorOverride. Fixed
+ config merge behaviour. [Graham Leggett]
+
+ *) Allow support programs to be compiled against a static version
+ of libapr. This allows the smaller support programs to be
+ relocated. [Aaron Bannert <aa...@clove.org>]
+
+ *) Update the mime.types file to the registered media types as
+ of 2001-09-25, and add mapping for xsl extension [Mark Cox]
+
+ *) Fix MaxClients in the Worker MPM, so that it specifies the maximum
+ number of clients that can connect at the same time, instead of
+ specifying the maximum number of child processes.
+ [Aaron Bannert <aa...@clove.org>]
+
+ *) Switch proc_pthread AcceptMutex configuration directive to pthread to
+ be consistent with 1.3. [Justin Erenkrantz]
+
+ *) Cache apr_explode_localtime() value for 15 seconds.
+ [Brian Pane <bp...@pacbell.net>]
+
+ *) Fix mod_include to not return ETag or Last-Modified headers.
+ [Ian Holsman <ia...@cnet.com>]
+
+ *) Fix worker MPM's scoreboard logic. [Aaron Bannert <aa...@clove.org>]
+
+ *) Eliminate the wasteful run-time conversion of method names from strings
+ to numbers in places where the methods are known at compile time.
+ [Brian Pane <bp...@pacbell.net>]
+
+ *) Turn the worker MPM's queue into a LIFO. This may
+ improve cache-hit performance under some conditions.
+ [Aaron Bannert <aa...@clove.org>]
+
+ *) Switch back to SIGUSR1 for graceful restarts on all platforms that
+ support it. [Justin Erenkrantz]
+
+ *) Cleanup the worker MPM. We no longer re-use transaction
+ pools. This incurs less overhead than shuffling the pools
+ around so that they can be re-used. Remove one of the
+ queue's condition variables. We just redefined the API to
+ state that you can't try to add more stuff than you allocated
+ segments for. [Aaron Bannert <aa...@clove.org>]
+
+ *) Fix SSL VPATH builds [Cody Sherr <cs...@covalent.net>]
+
+ *) Fixed persistent connections when a request contains a body.
+ [Greg Stein]
+
+ *) mod_dav uses a new API to speak to the backend provider for dead
+ property management. [Greg Stein]
+
+ *) Remove the Win32 script-processing exception from mod_cgi, and
+ roll build_command_line/build_argv_list into a unified, overrideable
+ ap_cgi_build_command optional function. [William Rowe]
+
+ *) Rewrite find_start_sequence to use a better search algorithm
+ to find the start tag. [Justin Erenkrantz]
+
+ *) Fix a seg fault in mod_include. When we are generating an
+ internal redirect, we must set r->uri to "", not a bogus
+ string, and not NULL. [Ryan Bloom]
+
+ *) Optimized location_walk, so subrequests, redirects and second passes
+ now reuse previous section merges on a <Location > by <Location >
+ basis, until we mismatch with the original location_walk.
+ [William Rowe]
+
+ *) Back out the 1.45 change to util_script.c. This change made
+ us set the environment variable REQUEST_URI to the redirected
+ URI, instead of the originally requested URI.
+ [Taketo Kabe <ka...@sra-tohoku.co.jp>]
+
+ *) Make mod_include do lazy evaluation of potentially expensive to
+ compute variables. [Brian Pane <bp...@pacbell.net>]
+
+ *) Fix logging of bytes sent for HEAD requests. %b and %B should
+ log either - or 0, before this patch, they were both logging
+ the file size. [Taketo Kabe <ka...@sra-tohoku.co.jp>]
+
+ *) Make mod_include check for BYTE_CHECK_THRESHOLD per bucket rather
+ than per character. [Brian Pane <bp...@pacbell.net>]
+
+ *) Normalize the primary request, redirects and sub-requests to
+ run the same ap_process_request_internal for consistency in
+ robustness, behavior and security. [William Rowe]
+
+ *) Fix a segfault with mod_include when r->path_info is not set
+ (which is the case with mod_proxy). [Ian Holsman <ia...@cnet.com>]
+
+ *) Add -X functionality back. This indicates to all MPMs and any other
+ part of Apache that it should run in "debug" mode. [Justin Erenkrantz]
+
+ *) Some initial support for the cygwin platform [prefork only].
+ This is not to be confused with support for the WinNT/Win32
+ platform, which is the recommended configuration for native
+ Win32 users. The cygwin platform support is recommended for
+ cygwin platform users. [Stipe Tolj <to...@wapme-systems.de>]
+
+ *) Changed syntax of Set{Input|Output}Filter. The list of filters
+ must be semicolon delimited (if more than one filter is given.)
+ The Set{Input|Output}Filter directive now overrides a parent
+ container's directive (e.g. SetInputFilter in <Directory /web/foo>
+ will override any SetInputFilter directive in <Directory /web>.)
+ This new syntax is more consistent with Add{Input|Output}Filter
+ directives defined in mod_mime. Also cures a bug in prior releases
+ where the Set{Input|Output}Filter directive would corrupt the
+ global configuration if the multiple directives were nested.
+ [William Rowe]
+
+ *) Cured what's ailed mime for quite some time. If an AddSomething
+ was given in the configuration (Language, Charset, Handler or
+ Encoding) Apache would set the content type as given by AddType,
+ but refused to check the mime.types file if AddType wasn't given
+ for that specific extension. Setting the AddHandler for .html
+ without setting the AddType text/html html would cause Apache to
+ use the default content type. [William Rowe]
+
+ *) Added some bulletproofing to memory allocation in the LDAP cache
+ code. [Graham Leggett]
+
+Changes with Apache 2.0.25
+
+ *) Move the installed /manual directory out of the /htdocs/ tree, so
+ that it can be kept more independently from the remaining document
+ root. The "Alias /manual ..." already allowed for easy projection
+ into existing private document trees. [Martin Kraemer]
+
+ *) Add specified user attributes to the environment when using
+ mod_auth_ldap. This allows you to use mod_include to embed specified
+ user attributes in a page like so:
+ Hello <!--#echo var="AUTHENTICATE_CN"-->, how are you?
+ [Graham Leggett]
+
+ *) Fix a performance problem with the worker MPM. We now create
+ transaction pools once, and re-use them for each connection.
+ [Aaron Bannert <aa...@clove.org>]
+
+ *) Modfied mod_mime to prevent mod_negotation from serving a multiview
+ of a 'handler' or 'filter', so that any filename extension that does
+ not contribute to the negotiated metadata can't be served without
+ an explicit request. E.g., if the .Z extension is associated with
+ an unzip filter, the user request somefile.Z.html, mod_negotiation
+ won't serve it. It can serve somefile.Z.html when somefile.Z is
+ requested, since the .Z extension is explictly requested, if the
+ .html extension is associated with ContentType text/html.
+ [William Rowe]
+
+ *) Introduce the AddInputFilter filter[;filter...] ext [ext...]
+ and corresponding AddOutputFilter syntax, to insert one or more
+ filters by mod_mime filename extension processing.
+ [William Rowe]
+
+ *) Fix a growing connection pool in core_output_filter() for
+ keepalive requests. [Jeff Trawick]
+
+ *) Moved split_and_pass_pretag_buckets back to being a
+ macro at Ryans's request. Removed the return from it
+ by setting and returning a return code instead. Updated
+ the code to check the return code from the macro and
+ do the right thing. [Paul J. Reder]
+
+ *) Fix a segfault when a numeric value was received for Host:.
[Jeff Trawick]
-
- *) Performance: Add quick_handler hook. This hook is called at the
- very beginning of the request processing before location_walk,
- translate_name, etc. This hook is useful for URI keyed content
- caches like Mike Abbott's Quick Shortcut Cache.
+
+ *) Add a function ap_remove_input_filter. This is to match
+ up with ap_remove_output_filter. [Ryan Bloom]
+
+ *) Clean up location_walk, so that this step performs a minimum
+ amount of redundant effort (it must be run twice, but it will no
+ longer reparse all <Location > blocks when the request uri
+ hadn't changed.) [William Rowe]
+
+ *) Eliminate proxy: (and all other 'special') processing from the
+ ap_directory_walk() phase. Modules that want to use special
+ walk logic should refer to the mod_proxy map_to_location example,
+ with it's proxy_walk and proxysection implementation. This makes
+ either directory_walk flavor much more legible, since that phase
+ only runs against real <Directory > blocks.
+ [William Rowe]
+
+ *) Fix a security problem in mod_include which would allow
+ an SSI document to be passed to the client unparsed.
+ [Cliff Woolley, Brian Pane]
+
+ *) Introduce the map_to_storage hook, which allows modules to bypass
+ the directory_walk and file_walk for non-file requests. TRACE
+ shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
+ directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.
+ [William Rowe]
+
+ *) Add the ability for mod_include to add the INCLUDES filter
+ if the file is configured for the server-parsed handler.
+ This makes the configuration for .shtml files much easier
+ to understand, and allows mod_include to honor Apache 1.3
+ config files. Based on Doug MacEachern's patch to PHP
+ to do the same thing. [Ryan Bloom]
+
+ *) force OpenSSL to ignore process local-caching and to always
+ get/set/delete sessions using mod_ssl's callbacks
+ [Madhusudan Mathihalli <ma...@hp.com>,
+ Geoff Thorpe <ge...@geoffthorpe.net>]
+
+ *) Make the worker MPM shutdown and restart cleanly. This also
+ cleans up some race conditions, and gets the worker using
+ pools more cleanly. [Aaron Bannert <aa...@clove.org>]
+
+ *) Implement CRYPTO_set_locking_callback() in terms of apr_lock
+ for mod_ssl
+ [Madhusudan Mathihalli <ma...@hp.com>]
+
+ *) Fix for mod_include. Ryan's patch to check error
+ codes put a return in the wrong place. Also, the
+ include handler return code wasn't being checked.
+ I don't like macros with returns, so I converted
+ SPLIT_AND_PASS_PRETAG_BUCKETS into a function.
+ [Paul J. Reder <re...@raleigh.ibm.com>]
+
+ *) fix segv in mod_mime if no AddTypes are configured
+ [John Sterling <st...@covalent.net>]
+
+ *) Enable ssl client authentication at SSL_accept time
+ [Madhusudan Mathihalli <ma...@hp.com>]
+
+ *) Fix a segfault in mod_include when the original request has no
+ associated filename (e.g., we're filtering the error document for
+ a bad URI). [Jeff Trawick]
+
+ *) Fix a storage leak (a strdup() call) in mod_mime_magic. [Jeff Trawick]
+
+ *) The prefork and OS/2 MPMs are overwriting the pid file when a second copy
+ of httpd is started and shuts down due to socket conflict. Moving the
+ call to ap_log_pid solves the problem.
+
+ *) Changed the late-1.3 log_config substitution %c to %X, to log the
+ status of the closed connection, as it conflicts with the far more
+ common, historical ssl logging directive %...{var}c. [William Rowe]
+
+ *) Added the common error/ tree to the build/install targets
+ (similar to the common icons/ tree) for the multi-language error
+ messages that Lars committed earlier. [William Rowe]
+
+ *) Added a multi process, multi threaded OS/2 MPM mpmt_os2. [Brian Havard]
+
+ *) Added a default commented-out mod_ldap and mod_auth_ldap
+ configuration to httpd-std.conf and httpd-win.conf
+ [Graham Leggett]
+
+ *) Added documentation for mod_ldap and mod_auth_ldap.
+ [Graham Leggett]
+
+ *) Enabled negative caching on attribute comparisons in the LDAP cache.
+ Fixed a problem where the default cache TTL was set in milliseconds
+ not microseconds causing the cache to time out almost immediately.
+ [Graham Leggett]
+
+ *) Fixed all the #if APR_HAS_SHARED_MEMORY checks within the LDAP
+ module code to follow APR. [Graham Leggett]
+
+ *) Fixed LDAP cleanup on graceful restarts. LDAP connections are now
+ cleaned up when the connection pool pool is cleaned up.
+ [Graham Leggett]
+
+ *) Fix a minor issue with Jeff Trawick's mod_include
+ patch. Without this patch, the code will just allocate
+ more bytes in get_combined_directive than are needed.
+ [Paul Reder]
+
+ *) Added the LDAP authentication module mod_auth_ldap.
+ [Dave Carrigan <da...@rudedog.org>, Graham Leggett]
+
+ *) Added the LDAP cache and connection pooling module mod_ldap.
+ [Dave Carrigan <da...@rudedog.org>, Graham Leggett]
+
+ *) Fix --enable-modules=all breakage with mod_auth_db and mod_auth_digest
+ by allowing a module to disable itself if its prerequisites are not
+ met. [Justin Erenkrantz]
+
+Changes with Apache 2.0.24
+
+ *) Fix a couple of issues in mod_include when the tag appeared at
+ offsets near 8192 in the file being parsed. [Jeff Trawick]
+
+ *) Fix an assertion failure in mod_ssl when the keepalive timeout is
+ reached. [Jeff Trawick]
+
+ *) Numerous improvements to the Win32 build system. Introduced command line
+ builds without requiring .mak files for MSVC 6.0 and later versions.
+ Improved .dsp file compatibility for both Visual Studio 5.0 and 6.0 users.
+ [William Rowe]
+
+ *) Assorted corrections and improvements to the winnt_mpm startup code.
+ Better reporting of uninstalled services and other error conditions,
+ and changed the default service name to Apache2. [William Rowe]
+
+ *) Numerous improvements to the Win32 ApacheMonitor utility, including
+ winnt_mpm compatibility with existing Apache 1.3 Win32 Apache management
+ utilites. [Mladen Turk <mt...@mappingsoft.com>, William Rowe]
+
+ *) Fixed the segfaults in mod_mime introduced by hash tables in 2.0.20.
+ [William Rowe, Greg Ames]
+
+ *) Rounded out the mod_mime Add/Remove pairs by adding RemoveLanguage
+ and RemoveCharset directives. [William Rowe]
+
+ *) The Unix MPMs other than perchild now allow child server
+ processes to use the accept mutex when starting as root and
+ using SysV sems for the accept mutex. Previously, this
+ combination would lead to fatal errors in the child server
+ processes. perchild can't use SysV sems because of security
+ issues. [Jeff Trawick, Greg Ames]
+
+ *) Added Win32 revision stamp resources to all http binaries
+ (including modules/ and support/ tools.) PR7322 [William Rowe]
+
+ *) Fix ap_rvprintf to support more than 4K of data at one time.
+ [Cody Sherr <cs...@covalent.net>]
+
+ *) We have always used the obsolete/deprecated Netscape syntax
+ for our tracking cookies; now the CookieStyle directive
+ allows the Webmaster to choose the Netscape, RFC2109, or
+ RFC2965 format. The new CookieDomain directive allows the
+ setting of the cookie's Domain= attribute, too. PR #s 5006,
+ 5023, 5920, 6140 [Ken Coar]
+
+ *) Tweak server/Makefile so that the rules for generating exports.c
+ are compatible with make utilities which don't expand wildcards
+ in a dependency list (e.g., OS/390 make, certain levels of GNU
+ make). [Jeff Trawick]
+
+ *) Install the SSL headers. [John Sterling <st...@covalent.net>]
+
+ *) Begin to sanitize the MPM configuration directives. Now, all
+ MPMs use the same functions for all common MPM directives. This
+ should make it easier to catch all bugs in these directives once.
+ [Cody Sherr <cs...@covalent.net>]
+
+ *) Close a major resource leak. Every time we had issued a
+ graceful restart, we leaked a socket descriptor.
+ [Ryan Bloom]
+
+ *) Fix a problem with the new method code. We need to cast
+ the 1 to an apr_int64_t or it will be treated as a 32-bit
+ integer, and it will wrap after being shifted 32 times.
+ [Cody Sherr <cs...@covalent.net> and Ryan Morgan <rm...@covalent.net>]
+
+ *) Fix a bug in mod_expires. Previous to this patch, if you
+ told mod_expires to add 604800 seconds to the last-modified
+ time, it actually added 604800 usec's to the last-modified time,
+ so that when looking at the response it looked like nothing
+ had been done. The root of the problem was that we always compute
+ time in usec's, but we ask users to input sec's. This means we
+ need to convert to usec's before using those values.
+ [Ryan Bloom]
+
+ *) The worker MPM now handles shutdown and restart requests. It
+ definitely isn't perfect, but we do stop the servers correctly.
+ The biggest problem right now is that SIGHUP causes the server to
+ just die. [Ryan Bloom]
+
+Changes with Apache 2.0.23
+
+ *) Use the prefork MPM by default on Unix. [various]
+
+ *) Added a systray icon monitor application for Win32.
+ [Mladen Turk <mt...@mappingsoft.com>]
+
+ *) mod_rewrite: Fix the line ending on some non-Unix systems for
+ messages written to the rewrite log.
+ [Richard Labennett <rl...@us.ibm.com>]
+
+ *) All mod_autoindex query parsing is now quietly quashed with the
+ IndexOption IgnoreClient. The IndexOption SuppressColumnSorting
+ still drops the column sort <a href>'s for the column headers, but
+ IgnoreClient is required to ignore these Query options entirely.
+ [William Rowe]
+
+ *) Introduced new mod_autoindex query argument parsing for F=[0|1|2]
+ to allow the client to select plain, FancyIndexing or HTMLTable
+ formatting, V=[0|1] to inhibit or enable version sorting, and
+ P=pattern to return only specific files. The old Query Arguments
+ were reorganized as C=f for sorting column 'f' (same N, D, S, or M
+ as before), and O=A|D for ordering ascending or descending.
+ [William Rowe]
+
+ *) Fixed an error in mod_include's directive parsing routines which
+ caused #if, #elif, and #else expressions containing backslashes
+ to be improperly evaluated. [Cliff Woolley]
+
+ *) Introduced new mod_autoindex IndexOptions flags: SuppressIcon to
+ drop the icon column, SuppressRules to drop the <hr> elements,
+ and HTMLTable to create rudimentary HTML table listings (implies
+ FancyIndexing). [William Rowe]
+
+ *) Re-introduced the mod_autoindex IndexOptions flag TrackModified
+ from Apache 1.3.15. This is needed for two reasons, first, given
+ multiple machines within a server farm, ETags and Last-Modified
+ stamps won't correspond from machine to machine, and second, many
+ Unixes don't capture changes to the date or time stamp of existing
+ files, since these don't modify the dirent itself. [William Rowe]
+
+ *) Re-introduced the mod_autoindex IndexOptions flag FoldersFirst
+ and DirectoryWidth options from Apache 1.3.10.
+ [William Rowe, Ken Coar]
+
+ *) Eliminated FancyIndexing directive, deprecated early in Apache
+ 1.3 by the IndexOptions FancyIndexing syntax. [William Rowe]
+
+ *) mod_autoindex now excludes any file names that would result in
+ an error, other than a success or redirect. Also optimized
+ the parent directory, always included except in the URI '/'.
+ [William Rowe]
+
+ *) Refactored mod_negotiation and mod_mime to help mod_dir accept
+ negotiated index pages, and prevent the server from defaulting
+ to an autoindex of the directory. mod_negotiation will now die
+ with a 500 Internal Error if it could match some filenames
+ (e.g. for mod_dir) but none can be served. mod_negotation now
+ refuses to serve any file with an extention that mod_mime doesn't
+ recognize, and wasn't part of the request. [William Rowe]
+
+ *) Eliminate mod_cgi's handling of .exe files without the .exe file
+ extension. This is already handled by multiviews, if the admin
+ wishes to AddHandler .exe or define a content type handler and
+ associate .exe files with that content type. Multiviews must be
+ enabled to allow these to be served. [William Rowe]
+
+ *) Speed up the server's response to a spike in incoming workload
+ or restarts by assigning empty scoreboard slots to new processes
+ when they are available. [Greg Ames]
+
+ *) Add a handler to mod_includes.c. This handler is designed to
+ implement the XbitHack directive. This can't be done with a
+ fixup, because we need to check the content-type, which is
+ only available in the handler phase. [Ryan Bloom]
+
+ *) Make the includes filter check return codes from filters lower in
+ the filter chain. If a lower level filter returns an error, then
+ the request needs to stop immediately. This allows mod_include to
+ stop parsing data once a lower filter recognizes an error.
+ [Ryan Bloom]
+
+ *) Add the ability to extend the methods that Apache understands
+ and have those methods <limit>able in the httpd.conf. It uses
+ the same bit mask/shifted offset as the original HTTP methods
+ such as M_GET or M_POST, but expands the total bits from an int to
+ an ap_int64_t to handle more bits for new request methods than
+ an int provides. [Cody Sherr <cs...@covalent.net>]
+
+ *) Fix broken mod_mime behavior in merging its arguments. Possible
+ cause of unexplicable crashes introduced in 2.0.20. [William Rowe]
+
+ *) Solve many mod_ssl porting issues (too many to detail) with
+ help from the whole team, but most notably [Ralf S. Engelschall,
+ Madhusudan Mathihalli <ma...@hp.com>,
+ Doug MacEachern, William Rowe, Cliff Woolley]
+
+ *) More stall fixes for the threaded & worker mpm's.
+ Make mod_status output more accurate. Don't
+ count workers in processes which aren't actively
+ serving requests. [Greg Ames]
+
+ *) Win32: Get SSI exec cgi tag working. [Bill Stoddard]
+
+ *) Add a single listener/multiple worker MPM. This MPM is
+ definately not fully correct, but it allows us to solve many
+ of the problems that exist in the threaded MPM. This is a
+ modified version of the threaded MPM. [Ryan Bloom]
+
+ *) Improve content generation throughout Apache, providing closer
+ compliance with HTML 3.2, HTML 4.01 Transitional and XHTML 1.0
+ Transitional specifications. [William Rowe]
+
+Changes with Apache 2.0.22
+
+ *) Fix a problem where the threaded MPM stalls after restarts or
+ segfaults. Also prevent multiple active processes from using
+ the same scoreboard slot. [Greg Ames]
+
+ *) Apache/Win32 now fills in the service description with Apache's
+ server version string, including loaded and advertised modules.
+ [William Rowe]
+
+ *) Improved support for the Win32 build, to recover gracefully from
+ missing apr or apr-util directories or the awk interpreter,
+ create the proper cgi-bin examples, including a test-cgi.bat, and
+ fix the perl shebang line for printenv.pl, when installing from
+ the build environment. [William Rowe]
+
+ *) Fix a segfault in threaded.c caused by passing uninitialized
+ apr_thread_t * to apr_thread_join(). [Jeff Trawick]
+
+ *) Use new APR number conversion functions to reduce CPU consumption
+ when setting the content length, and in mod_log_config.
+ [Brian Pane]
+
+ *) Fix problem reported by Taketo Kabe <ka...@sra-tohoku.co.jp>
+ where HEAD response headers were being repeated twice for
+ files greater than 32K bytes (4*AP_MIN_BYTES_TO_WRITE). This
+ problem in the http_header filter was exposed by the recent rewrite
+ of the content_length filter. [Taketo Kabe, Bill Stoddard]
+
+ *) Fix seg faults in mod_status with ExtendedStatus enabled, after
+ restarts. A garbage pointer to a vhost's server_rec from the
+ previous generation was being left around under certain
+ conditions. [Greg Ames]
+
+ *) Fix a cosmetic problem with mod_include. Non-existant SSI vars
+ used to appear as '(none', without the closing paren.
+ [G�nter Knauf <ef...@gmx.net>]
+
+ *) Improve the exports generating awk script. In the past, we had
+ work around problems in the awk script by avoiding some #if and
+ #ifdefs. This has bitten us many times in generating the exports.c
+ file. This improvement allows corrects the header file parsing.
+ [Sander Striker <st...@apache.org>]
+
+Changes with Apache 2.0.21
+
+ *) Resolve the Win32 htpasswd bug, where a file that existed would be
+ overwritten, regardless of the -c flag.
+ [William Rowe, Mladen Turk <ml...@mail.inet.hr>]
+
+ *) Introduce connection sub-pools into ab. Truncating the lifetime
+ of these allocations means that ab no longer perpetually grows
+ its working set, running out of memory on large request attempts.
+ [William Rowe]
+
+ *) Make scoreboard creation a hook. This allows management
+ modules to have access to the scoreboard at the time that it is
+ created, and at every restart request.
+ [Cody Sherr <cs...@covalent.net>]
+
+ *) Changed AP_MPMQ_MAX_DAEMONS to refer to MaxClients and
+ added an AP_MPMQ_MAX_DAEMON_USED to refer to the highest
+ daemon index actually used in the scoreboard. I also
+ updated the pertinent calls. [Paul J. Reder]
+
+ *) Win32: Prevent listening sockets from being inherited by
+ the Apache child process, CGI scripts, rotatelog process
+ etc. If the Apache child process segfaults, any processes
+ that the child started are not reaped. Prior to this fix,
+ these processes inherited the listening sockets which sometimes
+ prevented the restarted Apache child process from accepting
+ connections (ie, the server would hang).
[Bill Stoddard]
-
- *) top_module global variable renamed to ap_top_module [Perl]
-
- *) Move ap_set_last_modified to the core. This is a potentially
- controversial change, because this is kind of HTTP specific. However
- many protocols should be able to take advantage of this kind of
- information. I expect that headers will need one more layer of
- indirection for multi-protocol work, but this is a small step in
- the right direction. [Ryan Bloom]
-
- *) Enable mod_status by default. This matches what Apache 1.3 does.
- [Ed Korthof]
-
- *) Add a ScriptSock directive to the default config file. This is
- only enabled when mod_cgid is used.
- [Taketo Kabe <ka...@sra-tohoku.co.jp>]
+
+ *) Provide vhost and request strings when ExtendedStatus is on.
+ [Greg Ames]
+
+ *) Fix some issues with the pod and prefork: check the pod *after*
+ processing a connection so that a server processing a time-
+ consuming request bails out as soon as practical; when the
+ parent process wakes up a server process via connect(), use an
+ APR timeout on the connect() so that we don't hang for a long
+ time if there aren't server processes around to do accept().
+ [Jeff Trawick, Greg Ames]
+
+ *) Performance improvement to mod_mime.c. find_ct() in mod_mime,
+ spends a lot of time in apr_table_get calls. Using the default
+ httpd.conf, the tables for languages and charsets are somewhat
+ large, so the time spent scanning them on each request is
+ significant. Replacing the tables with hash tables provides
+ a nice speedup. [Brian Pane <bp...@pacbell.net>]
+
+ *) Add two functions to allow modules to access random parts of the
+ scoreboard. This allows modules compiled for one MPM to access the
+ scoreboard, even if it the server was compiled for another MPM.
+ [Harrie Hazewinkel <ha...@covalent.net>]
+
+Changes with Apache 2.0.20
+
+ *) Fix problem in content-length filter where the filter would
+ buffer all the output from a CGI before sending any bytes
+ down the filter stack to the network. This problem would cause
+ significant memory consumption if the CGIs generated
+ lots of bytes. [Bill Stoddard]
+
+ *) Get non-blocking CGI pipe reads working with the bucket brigades.
+ [Bill Stoddard]
+
+ *) Fix seg fault on Windows when serving files cached with mod_file_cache.
+ [Bill Stoddard]
+
+ *) Fix a bug in the threaded MPM that would cause it to kill off all
+ workers immediately after starting if the number of workers started
+ was above a certain threshold. [Ryan Bloom, Bill Stoddard]
+
+Changes with Apache 2.0.19
+
+ *) Fix problem with threaded MPM. The problem was that if each child
+ process was busy serving a single long-lived request and the server
+ was sent a graceful restart signal, the server would stop serving
+ requests. This would happen because each child process would wait to
+ die until the last thread was done, and the parent wouldn't spawn any
+ new children until a process died. Now, the parent looks at the fact
+ that the children are dying gracefully, and starts new children.
+ Those new children only start enough threads to compliment the number
+ of threads in the other child process that shares the same spot in
+ the scoreboard. In this way, we make sure to never go over
+ MaxClients. [Ryan Bloom]
+
+ *) modified mod_negotiation and mod_autoindex to speed up by almost a
+ factor of two on apr_dir_read()-enhanced platforms, such as Win32
+ and OS2, by calling ap_sub_request_lookup_dirent() with the results
+ already provided by apr_dir_read(). [William Rowe]
+
+ *) mod_file_cache is now more robust to filtering and serves requests
+ slightly more efficiently. [Cliff Woolley]
+
+ *) Fix problem handling FLUSH bucket in the chunked encoding filter.
+ Module was calling ap_rwrite() followed by ap_rflush() but the
+ served content was not being displayed in the browser. Inspection
+ of the output stream revealed that the first data chunk was
+ missing the trailing CRLF required by the RFC. [Bill Stoddard]
+
+ *) apxs no longer generates ap_send_http_header() in the example handler
+
+ *) Fix an ab problem which could cause a divide-by-zero exception
+ with certain invocations (e.g., ab -k -c 6 -n 100 localhost/).
+ [Ian Holsman <ia...@cnet.com>]
+
+ *) Solve case-insensitive platforms' confusion about negotiated
+ filenames, allowing files of differnt case to match in choosing
+ the document to serve. [William Rowe]
+
+ *) Fix brokenness when ThreadsPerChild is higher than the built-in
+ limit. We left ap_threads_per_child at the higher value which
+ led to segfaults when doing certain scoreboard operations.
+ [Jeff Trawick]
+
+ *) Fix seg faults and/or missing output from mod_include. The
+ default_handler was using the subrequest pool for files and
+ MMAPs, even though the associated APR structures typically
+ live longer than the subrequest. [Greg Ames]
+
+ *) Extend mod_setenvif to support specifying regular expressions
+ on the SetEnvIf (and SetEnvIfNoCase) directive attribute field.
+ Example: SetEnvIf ^TS* [a-z].* HAVE_TS
+ will cause HAVE_TS to be set if any of the request headers begins
+ with "TS" and has a value that begins with any character in the
+ set [a-z]. [Bill Stoddard]
+
+ *) httpd children now re-bind themselves to a random CPU on
+ multiprocessor systems on AIX via bindprocessor() in 2.0.
+ [Victor J. Orlikowski]
+
+ *) Fix htdigest. It would go into a loop in getline when adding
+ a second user. [Bill Stoddard]
+
+ *) Win32 platforms now fully support mod_userdir options. [Will Rowe]
+
+ *) Automatically generate httpd.exp for AIX.
+ DSOs now work again on AIX in 2.0
+ [Victor J. Orlikowski]
+
+ *) Add a new request hook, error_log. This phase allows modules
+ to act on the error log string _after_ it has been written
+ to the error log. The goal for this hook is to allow monitoring
+ modules to send the error string to the monitoring agent.
+ [Ryan Bloom]
+
+ *) Modify mod_echo to make it use filters for input and output.
+ [Ryan Morgan <rm...@covalent.net>]
+
+ *) Extend mod_headers to support conditional driven Header
+ add, append and set. Use SetEnvIf to set an envar and conditionally
+ add/append/set headers based on this envar thusly:
+
+ SetEnvIf TSMyHeader value HAVE_TSMyHeader
+ Header add MyHeader "%t %D" env=HAVE_TSMyHeader
+
+ If the request contains header "TSMyHeader: value" then header
+ MyHeader: "t=xxxxxxxxxx D=yyyy" will be sent on the response.
+ [Bill Stoddard]
+
+ *) Extend mod_headers to support using format specifiers on Header
+ add, append and set header values. Two format specifiers are supported:
+
+ %t - reports, in UTC microseconds since the epoch, when the
+ request was received.
+
+ %D - reports the time, in microseconds, between when the request was
+ received and the response sent.
+
+ Examples:
+ Header add MyHeader "This request served in %D microseconds. %t"
+
+ results in a header being added to the response that looks like this:
+
+ MyHeader: This request served in D=5438 microseconds. t=991424704447256
+
+ [Bill Stoddard]
+
+ *) Fix reset_filter(). We need to be careful how we remove filters.
+ If we set r->output_filters to NULL, we also have to reset the
+ connection's filters. [John Sterling]
+
+ *) Optimise reset_filter() in http_protocol.c. [Greg Stein]
+
+ *) Add a check to ap_die() to make sure the filter stack is sane and
+ contains the correct basic filters when an error occurs. This fixes
+ a problem where headers are not being sent on error. [John Sterling]
+
+ *) New Header directive 'echo' option. "Header echo regex" will
+ cause any headers received on the request that match regex to be
+ echoed to (included in) the response headers.
+ [Bill Stoddard]
+
+ *) include/ap_compat.h tested and set APR_COMPAT_H instead of AP_COMPAT_H.
+ This prevented the inclusion of apr_compat.h. PR #7773
+ [Oleg Broytmann <ph...@phd.pp.ru>]
+
+ *) Moved util_uri to the apr-util library. This required a bunch of
+ apr_name changes for the uri utility functions. [Justin Erenkrantz]
+
+ *) Move the addition of default AP_HTTP_HTTP_HEADER filters to the
+ insert_filter phase so that other filters are not bypassed by default.
+ [Graham Leggett]
+
+ *) Reimplement mod_headers as an output filter. mod_headers can now
+ add custom headers to inbound requests using the RequestHeader directive
+ and to responses using the same old Header directive. [Graham Leggett]