| Changes with Apache 1.3.42 |
| |
| *) SECURITY: CVE-2010-0010 (cve.mitre.org) |
| mod_proxy: Prevent chunk-size integer overflow on platforms |
| where sizeof(int) < sizeof(long). Reported by Adam Zabrocki. |
| [Colm MacCárthaigh] |
| |
| *) IMPORTANT: This is the final release of Apache httpd 1.3. |
| Apache httpd 1.3 has reached end of life, as of January 2010. |
| No further releases of this software will be made, although critical |
| security updates may be made available as patches from the following |
| website: |
| |
| http://www.apache.org/dist/httpd/patches/ |
| |
| Apache 1.3.x users who wish to avail of security releases, |
| bug-fixes and community support are advised to use Apache 2.2 |
| or higher. |
| |
| Information on upgrading is available from the following website: |
| |
| http://httpd.apache.org/docs/2.2/upgrading.html |
| |
| Thank you to everyone who helped make Apache 1.3.x the most |
| successful, and most used, webserver software on the planet! |
| [Apache httpd group] |
| |
| *) Protect logresolve from mismanaged DNS records that return |
| blank/null hostnames. [Jim Jagielski] |
| |
| Changes with Apache 1.3.41 |
| |
| *) SECURITY: CVE-2007-6388 (cve.mitre.org) |
| mod_status: Ensure refresh parameter is numeric to prevent |
| a possible XSS attack caused by redirecting to other URLs. |
| Reported by SecurityReason. [Mark Cox] |
| |
| Changes with Apache 1.3.40 (not released) |
| |
| *) SECURITY: CVE-2007-5000 (cve.mitre.org) |
| mod_imap: Fix cross-site scripting issue. Reported by JPCERT. |
| [Joe Orton] |
| |
| *) SECURITY: CVE-2007-3847 (cve.mitre.org) |
| mod_proxy: Prevent reading past the end of a buffer when parsing |
| date-related headers. PR 41144. |
| With Apache 1.3, the denial of service vulnerability applies only |
| to the Windows and NetWare platforms. |
| [Jeff Trawick] |
| |
| *) More efficient implementation of the CVE-2007-3304 PID table |
| patch. This fixes issues with excessive memory usage by the |
| parent process if long-running and with a high number of child |
| process forks during that timeframe. Also fixes bogus "Bad pid" |
| errors. [Jim Jagielski, Jeff Trawick] |
| |
| Changes with Apache 1.3.39 |
| |
| *) SECURITY: CVE-2006-5752 (cve.mitre.org) |
| mod_status: Fix a possible XSS attack against a site with a public |
| server-status page and ExtendedStatus enabled, for browsers which |
| perform charset "detection". Reported by Stefan Esser. [Joe Orton] |
| |
| *) SECURITY: CVE-2007-3304 (cve.mitre.org) |
| Ensure that the parent process cannot be forced to kill non-child |
| processes by checking scoreboard PID data with parent process |
| privately stored PID data. [Jim Jagielski] |
| |
| *) mime.types: Many updates to sync with IANA registry and common |
| unregistered types that the owners refuse to register. Admins |
| are encouraged to update their installed mime.types file. |
| PR: 35550, 37798, 39317, 31483 [Roy T. Fielding] |
| |
| There was no Apache 1.3.38 |
| |
| Changes with Apache 1.3.37 |
| |
| *) SECURITY: CVE-2006-3747 (cve.mitre.org) |
| mod_rewrite: Fix an off-by-one security problem in the ldap scheme |
| handling. For some RewriteRules this could lead to a pointer being |
| written out of bounds. Reported by Mark Dowd of McAfee. |
| [Mark Cox] |
| |
| Changes with Apache 1.3.36 |
| |
| *) Reverted SVN rev #396294 due to unwanted regression. |
| The new feature introduced in 1.3.35 (Allow usage of the |
| "Include" configuration directive within previously "Include"d |
| files) has been removed in the meantime. |
| (http://svn.apache.org/viewcvs?rev=396294&view=rev) |
| |
| Changes with Apache 1.3.35 |
| |
| *) SECURITY: CVE-2005-3352 (cve.mitre.org) |
| mod_imap: Escape untrusted referer header before outputting in HTML |
| to avoid potential cross-site scripting. Change also made to |
| ap_escape_html so we escape quotes. Reported by JPCERT. |
| [Mark Cox] |
| |
| *) core: Allow usage of the "Include" configuration directive within |
| previously "Include"d files. [Colm MacCarthaigh] |
| |
| *) SECURITY: CVE-2006-3918 (cve.mitre.org) |
| HTML-escape the Expect error message. Only a security issue if |
| an attacker can influence the Expect header a victim will send to a |
| target site (it's known that some versions of Flash can do this) |
| Reported by Thiago Zaninotti <thiango nstalker.com>. [Mark Cox] |
| |
| *) mod_cgi: Remove block on OPTIONS method so that scripts can |
| respond to OPTIONS directly rather than via server default. |
| [Roy Fielding] PR 15242 |
| |
| Changes with Apache 1.3.34 |
| |
| *) hsregex: fix potential core dumping on 64 bit machines, such as |
| AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>] |
| |
| *) SECURITY: core: If a request contains both Transfer-Encoding and |
| Content-Length headers, remove the Content-Length, mitigating some |
| HTTP Request Splitting/Spoofing attacks. This has no impact on |
| mod_proxy_http, yet affects any module which supports chunked |
| encoding yet fails to prefer T-E: chunked over the Content-Length |
| purported value. [Paul Querna, Joe Orton] |
| |
| *) Added TraceEnable [on|off|extended] per-server directive to alter |
| the behavior of the TRACE method. This addresses a flaw in proxy |
| conformance to RFC 2616 - previously the proxy server would accept |
| a TRACE request body although the RFC prohibited it. The default |
| remains 'TraceEnable on'. |
| [William Rowe] |
| |
| *) mod_digest: Fix another nonce string calculation issue. |
| [Eric Covener] |
| |
| Changes with Apache 1.3.33 |
| |
| *) SECURITY: CVE-2004-0940 (cve.mitre.org) |
| mod_include: Fix potential buffer overflow with escaped characters |
| in SSI tag string. [Martin Kraemer, Jim Jagielski] |
| |
| Changes with Apache 1.3.32 |
| |
| *) mod_rewrite: Fix query string handling for proxied URLs. PR 14518. |
| [michael teitler <michael.teitler cetelem.fr>, |
| Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>] |
| |
| *) mod_rewrite: Fix 0 bytes write into random memory position. |
| PR 31036. [André Malo] |
| |
| *) mod_digest: Fix nonce string calculation since 1.3.31 which |
| would force re-authentication for every connection if |
| AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton] |
| |
| *) Trigger an error when a LoadModule directive attempts to |
| load a module which is built-in. This is a common error when |
| switching from a DSO build to a static build. |
| [Jeff Trawick, Geoffrey Young] |
| |
| *) Fix trivial bug in mod_log_forensic that caused the child |
| to seg fault when certain invalid requests were fired at it with |
| forensic logging is enabled. PR 29313. |
| [Will Slater <Will Slater orbisuk.com>] |
| |
| *) Fix memory leak in the cache handling of mod_rewrite. PR 27862. |
| [chunyan sheng <shengperson yahoo.com>, André Malo] |
| |
| *) mod_rewrite no longer confuses the RewriteMap caches if |
| different maps defined in different virtual hosts use the |
| same map name. PR 26462. [André Malo] |
| |
| *) mod_setenvif: Remove "support" for Remote_User variable which |
| never worked at all. PR 25725. [André Malo] |
| |
| *) mod_usertrack: Escape the cookie name before pasting into the |
| regexp. [André Malo] |
| |
| *) Win32: Improve error reporting after a failed attempt to spawn a |
| piped log process or rewrite map process. [Jeff Trawick] |
| |
| *) SECURITY: CVE-2004-0492 (cve.mitre.org) |
| Reject responses from a remote server if sent an invalid (negative) |
| Content-Length. [Mark Cox] |
| |
| *) Fix a bunch of cases where the return code of the regex compiler |
| was not checked properly. This affects mod_usertrack and |
| core. PR 28218. [André Malo] |
| |
| *) No longer breaks mod_dav, frontpage and others. Repair a patch |
| in 1.3.31 which prevented discarding the request body for requests |
| that will be keptalive but are not currently keptalive. PR 29237. |
| [Jim Jagielski, Rasmus Lerdorf] |
| |
| *) COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. |
| It controls how UseCanonicalName Off determines the port value if |
| the client doesn't provide one in the Host header. If defined during |
| compilation, UseCanonicalName Off will use the physical port number to |
| generate the canonical name. If not defined, it tries the current Port |
| value followed by the default port for the current scheme. |
| [Jim Jagielski] |
| |
| Changes with Apache 1.3.31 |
| |
| *) SECURITY: CVE-2003-0987 (cve.mitre.org) |
| Verification as to whether the nonce returned in the client response |
| is one we issued ourselves by means of a AuthDigestRealmSeed secret |
| exposed as an md5(). See mod_digest documentation for more details. |
| The experimental mod_auth_digest.c does not have this issue. |
| [Dirk-Willem van Gulik, Jeff Trawick, Jim Jagielski] |
| |
| Changes with Apache 1.3.30 |
| |
| *) Fix memory corruption problem with ap_custom_response() function. |
| The core per-dir config would later point to request pool data |
| that would be reused for different purposes on different requests. |
| [Will Lowe, Jeff Trawick] |
| |
| *) Reinit socket to allow mod_proxy to continue to try |
| connections when invalid IPs are accessed. PR 27542. |
| [Alexander Prohorenko <white extrasy.net>] |
| |
| *) SECURITY: CVE-2004-0174 (cve.mitre.org) |
| Fix starvation issue on listening sockets where a short-lived |
| connection on a rarely-accessed listening socket will cause a |
| child to hold the accept mutex and block out new connections until |
| another connection arrives on that rarely-accessed listening socket. |
| Enabled for some platforms known to have the issue (accept() |
| blocking after select() returns readable). Define |
| NONBLOCK_WHEN_MULTI_LISTEN if needed for your platform and not |
| already defined. [Jeff Trawick, Brad Nicholes, Joe Orton] |
| |
| *) SECURITY: CVE-2003-0993 (cve.mitre.org) |
| Fix parsing of Allow/Deny rules using IP addresses without a |
| netmask; issue is only known to affect big-endian 64-bit |
| platforms; on affected platforms such rules would never produce |
| matches. PR 23850. [Henning Brauer <henning openbsd.org>] |
| |
| *) Fix mod_include's expression parser to recognize strings correctly |
| even if they start with an escaped token. [André Malo] |
| |
| *) The whole codebase was relicensed and is now available under |
| the Apache License, Version 2.0 (http://www.apache.org/licenses). |
| [Apache Software Foundation] |
| |
| *) Add mod_whatkilledus and mod_backtrace (experimental) for |
| reporting diagnostic information after a child process crash. |
| See source code for documentation. |
| [Jeff Trawick, with help from mod_log_forensic] |
| |
| *) mod_usertrack no longer inspects the Cookie2 header for |
| the cookie name. PR 11475. [Chris Darrochi <chrisd pearsoncmg.com>] |
| |
| *) mod_usertrack no longer overwrites other cookies. |
| PR 26002. [Scott Moore <apache nopdesign.com>] |
| |
| *) Add fatal exception hook for running diagnostic code after a |
| crash. [Jeff Trawick] |
| |
| *) Make REMOTE_PORT variable available in mod_rewrite. |
| PR 25772. [André Malo] |
| |
| *) Forensic logging shouldn't log internal redirects. |
| [Ivan Ristic <ivanr webkreator.com>] |
| |
| *) Some syntax errors in mod_mime_magic's magic file can result |
| in a 500 error, which previously was unlogged. Now we log the |
| error. PR 8329. [Jeff Trawick] |
| |
| *) Linux 2.4+: If Apache is started as root and you code |
| CoreDumpDirectory, coredumps are enabled via the prctl() syscall. |
| Backport of a 2.x feature by Greg Ames. [Jeff Trawick] |
| |
| *) Fix bug causing core dump when using CookieTracking without |
| specifying a CookieName directly. Bugz# 24483. |
| [Manni Wood <manniwood planet-save.com>, Jim Jagielski (backport)] |
| |
| *) Fix RewriteBase directive to not add double slashes. [André Malo] |
| |
| *) mod_rewrite: In external rewrite maps lookup keys containing |
| a newline now cause a lookup failure. PR 14453. |
| [Cedric Gavage <cedric.gavage unixtech.be>, André Malo] |
| |
| *) Forensic logging module added (mod_log_forensic). |
| [Ben Laurie] |
| |
| *) SECURITY: CVE-2003-0020 (cve.mitre.org) |
| Escape arbitrary data before writing into the errorlog. Unescaped |
| errorlogs are still possible using the compile time switch |
| "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo] |
| |
| *) '%X' is now accepted as an alias for '%c' in the |
| LogFormat directive. This allows you to configure logging |
| to still log the connection status even with mod_ssl |
| (which changes what '%c' means). [Jim Jagielski] |
| |
| *) UseCanonicalName off was ignoring the client provided |
| port information. [Jim Jagielski] |
| |
| Changes with Apache 1.3.29 |
| |
| *) SECURITY: CVE-2003-0542 (cve.mitre.org) |
| Fix buffer overflows in mod_alias and mod_rewrite which occurred if |
| one configured a regular expression with more than 9 captures. |
| [André Malo] |
| |
| *) Within ap_bclose(), ap_pclosesocket() is now called consistently |
| for sockets and ap_pclosef() for files. Also, closesocket() |
| is used consistenly to close socket fd's. The previous |
| confusion between socket and file fd's would cause problems |
| with some applications now that we proactively close fd's to |
| prevent leakage. PR 22805 |
| [Radu Greab <rgreab fx.ro>, Jim Jagielski] |
| |
| *) If a request fails and the client will be redirected to another URL |
| due to ErrorDocument, see if we need to drop the connection after |
| sending the 302 response. This fixes a problem where Apache treated |
| the body of the failed request as the next request on a keepalive |
| connection. The subsequent 501 error sent to the browser prevented |
| some browsers from fetching the error document. [Jeff Trawick] |
| |
| *) Fixed mod_usertrack to not get false positive matches on the |
| user-tracking cookie's name. PR 16661. |
| [Manni Wood <manniwood planet-save.com>] |
| |
| *) Enabled RFC1413 ident functionality for both Win32 and |
| NetWare platforms. This also included an alternate thread safe |
| implementation of the socket timout functionality when querying |
| the identd daemon. |
| [Brad Nicholes, William Rowe] |
| |
| *) Prevent creation of subprocess Zombies when using CGI wrappers |
| such as suExec and cgiwrap. PR 21737. [Numerous] |
| |
| *) ab: Overlong credentials given via command line no longer clobber |
| the buffer. [André Malo] |
| |
| *) Fix ProxyPass for ftp requests - the original code was segfaulting since |
| many of the values were not being filled out in the request_rec. |
| [Tollef Fog Heen <tfheen debian.org>, Thom May] |
| |
| Changes with Apache 1.3.28 |
| |
| *) SECURITY: CVE-2003-0460 (cve.mitre.org) |
| Fix the rotatelogs support program on Win32 and OS/2 to ignore |
| special control characters received over the pipe. Previously |
| such characters could cause rotatelogs to quit logging and exit. |
| [André Malo] |
| |
| *) Prevent the server from crashing when entering infinite loops. The |
| new LimitInternalRecursion directive configures limits of subsequent |
| internal redirects and nested subrequests, after which the request |
| will be aborted. PR 19753 (and probably others). |
| [William Rowe, Jeff Trawick, Jim Jagielski, André Malo] |
| |
| *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP |
| response. PR 21085. [Glenn Nielsen <glenn apache.org>, André Malo] |
| |
| *) Removed BIND_NOSTART from HP/UX shl_load() logic for loadable |
| Apache modules, so that statics are initialized when the module |
| is loaded (especially critical for c++ modules on HPUX.) |
| [William Rowe, Noah Arliss <narliss netegrity.com>] |
| |
| *) Win32 build system changes; always recompile buildmark.c (used for |
| Apache -v 'server built' messages) even when Apache is built from |
| within the IDE; build test_char.h and uri_delims.h from within the |
| ApacheCore.dsp project. PR 12706. [William Rowe] |
| |
| *) Introduce Win32 .pdb diagnostic symbols into the Apache 1.3 build |
| (as created in Apache 2.0.45 and later.) Makes debugging and |
| analysis of crash dumps and Dr. Watson logs trivial. Requires the |
| Win32 binary builder to set aside the exact .pdb files that match |
| the released binaries (.exe/.so files) for reference by users and |
| developers. [William Rowe] |
| |
| *) Make sure the accept mutex is released before calling child exit |
| hooks and cleanups. Otherwise, modules can segfault in such code |
| and, with pthread mutexes, leave the server deadlocked. Even if |
| the module doesn't segfault, if it performs extensive processing |
| it can temporarily prevent the server from accepting new |
| connections. [Jeff Trawick] |
| |
| *) Fix mod_rewrite's handling of absolute URIs. The escaping routines |
| now work scheme dependent and the query string will only be |
| appended if supported by the particular scheme. [André Malo] |
| |
| *) Use appropriate language codes for Czech (cs) and Traditional Chinese |
| (zh-tw) in default config files. PR 9427. [André Malo] |
| |
| *) Don't block synchronous signals (e.g., SIGSEGV) while waiting for |
| and holding a pthread accept mutex. [Jeff Trawick] |
| |
| *) AIX: Change the default accept mechanism from pthread back to |
| fcntl. Idle child cleanup doesn't work when the child selected |
| for termination by the parent is waiting on a pthread mutex, and |
| because the AIX kernel's notion of hot process is apparently the |
| same as Apache's, it is common for the Apache parent to continually |
| select a child for termination that the kernel will leave waiting |
| on the mutex for extended periods of time. There are other |
| concerns with pthread mutexes as well, such as the ability to |
| deadlock the server if a child process segfaults while holding the |
| mutex. [Jeff Trawick] |
| |
| *) Fix a pair of potential buffer overflows in htdigest |
| [Martin Schulze <joey infodrom.org>, Thom May] |
| |
| *) A newly created child now has a start_time of 0, to prevent |
| mod_status from displaying a bogus value for the "time to |
| process most recent request" column for freshly-started children |
| in a previously-used scoreboard slot. [Martin Kraemer] |
| |
| *) When using Redirect in directory context, append requested query |
| string if there's no one supplied by configuration. PR 10961. |
| [André Malo] |
| |
| *) Fix path handling of mod_rewrite, especially on non-unix systems. |
| There was some confusion between local paths and URL paths. |
| PR 12902. [André Malo] |
| |
| *) backport from 2.x series: Prevent endless loops of internal redirects |
| in mod_rewrite by aborting after exceeding a limit of internal redirects. |
| The limit defaults to 10 and can be changed using the RewriteOptions |
| directive. PR 17462. [André Malo] |
| |
| *) Use the correct locations of srm.conf and access.conf when tailoring |
| the httpd.conf during the install process. PR 9446. |
| [Stanislav Brabec <utx penguin.cz>] |
| |
| *) suexec: Be more pedantic when cleaning environment. Clean it |
| immediately after startup. PR 2790, 10449. |
| [Jeff Stewart <jws purdue.edu>, André Malo] |
| |
| *) Fix apxs to insert LoadModule/AddModule directives only outside of |
| sections. PR 8712, 9012. [André Malo] |
| |
| *) Fix suexec compile error under SUNOS4, where strerror() doesn't |
| exist. PR 5913, 9977. |
| [Jonathan W Miner <Jonathan.W.Miner lmco.com>] |
| |
| *) Unix build: Add support for environment variable |
| EXTRA_LDFLAGS_SHLIB, which allows the user to add to the hard-coded |
| ld flags specified for DSOs. Compare with the existing LDFLAGS_SHLIB |
| environment variable, which allows the user to completely replace the |
| hard-coded ld flags specified for DSOs. [Jeff Trawick] |
| |
| *) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's |
| not specified. Now it assumes "/" as already documented. PR 16937. |
| [André Malo] |
| |
| *) In configure always assume suexec-umask to be an octal value by |
| prepending a "0". PR 16984. [André Malo] |
| |
| *) Fix typo in suexec -V output. PR 9034. |
| [Youichirou Koga <y-koga apache.or.jp>] |
| |
| *) Fix bug where 'Satisfy Any' without an AuthType resulted in an |
| "Internal Server Error" response. PR 9076. [André Malo] |
| |
| *) mod_rewrite: Allow "RewriteEngine Off" even if no |
| "Options FollowSymlinks" (or SymlinksIfOwnermatch) is set. |
| PR 12395. [André Malo] |
| |
| *) Change the log messages for setsockopt(TCP_NODELAY) and |
| getsockname() failures to log the client IP address and to |
| change the log level to debug. [Jeff Trawick] |
| |
| *) Correction to mod_negotation for Win32, OS2, Netware etc, where |
| case insensitive requests such as the HEADER or README search |
| from autoindex would fail to match HEADER.html (because the |
| system internally looked for the case-sensitive header.* pattern.) |
| PR 7300 [William Rowe] |
| |
| *) Correction to mod_autoindex so that only text/* files (prefering |
| /html, then /plain, then some other flavor) can be recovered |
| from a multiview-based HEADER or README subrequest. |
| [William Rowe] |
| |
| *) Improvements to mod_usertrack that allows for a regular (verbose) |
| as well as "compact" version of the tracking cookie (the new |
| 'CookieFormat' directive), and the ability to prepend a string |
| to the cookie via the 'CookiePrefix' directive. |
| [Pål Løberg <pallo initio.no>, with cleanup by Jim Jagielski] |
| |
| *) Certain 3rd party modules would bypass the Apache API and not |
| invoke ap_cleanup_for_exec() before creating sub-processes. |
| To such a child process, Apache's file descriptors (lock |
| fd's, log files, sockets) were accessible, allowing them |
| direct access to Apache log file etc. Where the OS allows, |
| we now add proactive close functions to prevent these file |
| descriptors from leaking to the child processes. |
| [Jim Jagielski, Martin Kraemer] |
| |
| *) Prevent obscenely large values of precision in ap_vformatter |
| from clobbering a buffer. [Sander Striker, Jim Jagielski] |
| |
| *) NetWare: implemented ap_os_default_port() to resolve the |
| correct default port based on the request method. This fixes |
| a URL reconstruction problem on a redirect. |
| [Pavel Novy <novy feld.cvut.cz>] |
| |
| *) Added new ap_register_cleanup_ex() API function which allows |
| for a "magic" cleanup function to be run at register time |
| rather than at cleanup time. Also added the |
| ap_note_cleanups_for_(socket|fd|file)_ex() API functions |
| which allows for control over whether that magic cleanup |
| should be called or not. This does not change the default |
| behavior of the non-"ex" function (eg: ap_register_cleanup). |
| [Jim Jagielski, concept by Ben Laurie] |
| |
| *) PORT: Take advantage of OpenBSD's arc4random() function for the |
| initial secret [Henning Brauer <hb-apache-dev at bsws.de>] |
| |
| *) If Listen directive is not a port, but just an IP, emit an |
| error condition as this case is ambiguous. |
| [Rich Bowen, Justin Erenkrantz, Cliff Woolley] |
| |
| *) Update timeout algorithm in free_proc_chain. If a subprocess |
| did not exit immediately, the thread would sleep for 3 seconds |
| before checking the subprocess exit status again. In a very |
| common case when the subprocess was an HTTP server CGI script, |
| the CGI script actually exited a fraction of a second into the 3 |
| second sleep, which effectively limited the server to serving one |
| CGI request every 3 seconds across a persistent connection. |
| PRs 6961, 8664 [Bill Stoddard] |
| |
| *) mod_setenvif: Add SERVER_ADDR special keyword to allow |
| envariable setting according to the server IP address |
| which received the request. [Ken Coar] |
| |
| *) PORT: Enable SINGLE_LISTEN_UNSERIALIZED_ACCEPT for AIX 4.3.2 |
| and above. Update AIX configure logic to allow higher AIX |
| release numbers without having to change Apache. |
| [Jeff Trawick] |
| |
| Changes with Apache 1.3.27 |
| |
| *) SECURITY: CVE-2002-0840 (cve.mitre.org) |
| Prevent a cross-site scripting vulnerability in the default |
| error page. The issue could only be exploited if the directive |
| UseCanonicalName is set to Off and a server is being run at |
| a domain that allows wildcard DNS. [Matthew Murphy] |
| |
| *) SECURITY: CVE-2002-0843 (cve.mitre.org) |
| Fix some possible overflows in ab.c that could be exploited by |
| a malicious server. Reported by David Wagner. [Jim Jagielski] |
| |
| *) Included a patch submitted by Sander van Zoest (#9181) and |
| written by Michael Radwin whichs is essentially a work around |
| for the adding headers to error responses. As apache does not |
| go through the proper chain for non 2xx responses. This patch |
| adds an ErrorHeader directive; which is for non 2xx replies the |
| direct analog of the existing Header directive. This is usefull |
| during 3xx redirects or more complex 4xx auth schemes. [Dirk- |
| Willem van Gulik] |
| |
| *) Included the patch submitted by Sander van Zoest (#12712) which |
| prevents just 'anything' being sucked in when doing gobbeling in |
| complete directories - such as editor backup files and other |
| cruft. This patch allows us to tailor/control this properly by |
| allowing simple wildcards such as *.conf. [Dirk-Willem van Gulik] |
| |
| *) SECURITY: CVE-2002-0839 (cve.mitre.org) |
| Add the new directive 'ShmemUIDisUser'. By default, Apache |
| will no longer set the uid/gid of SysV shared memory scoreboard |
| to User/Group, and it will therefore stay the uid/gid of |
| the parent Apache process. This is actually the way it should |
| be, however, some implementations may still require this, which |
| can be enabled by 'ShmemUIDisUser On'. Reported by iDefense. |
| [Jim Jagielski] |
| |
| *) Fix a problem with the definition of union semun which broke |
| System V semaphores on systems where sizeof(int) != sizeof(long). |
| PR 12072 [<winterling de.ibm.com>] |
| |
| *) The protocol version (eg: HTTP/1.1) in the request line parsing |
| is now case insensitive. This closes a few PRs and implies that |
| ProtocolReqCheck will trigger on *true* invalid protocols. |
| [Jim Jagielski] |
| |
| *) Relaxed mod_digest its parsing in order to make it work |
| with iCal's "WebDAVFS/1.2 (01208000) Darwin/6.0 (Power Macintosh)" |
| User-Agent. Apache (incorrectly) insisted on a quoted URI's |
| in the uri field of the Authorization client header. Not |
| yet done for EBCDIC plaforms. |
| [Dirk-Willem van Gulik] |
| |
| *) Back out an older patch for PR 9932, which had some incorrect |
| behavior. Instead, use a backport of the APR fix. This has |
| the nice effect that ap_snprintf() can now distinguish between |
| an output which was truncated, and an output which exactly |
| filled the buffer. [Jim Jagielski] |
| |
| *) The cache in mod_proxy was incorrectly updating the Content-Length |
| value (to 0) from 304 responses when doing validation. Bugz#10128 |
| [Paul Terry <paul.terry gmx.net>, <ast domdv.de>, Jim Jagielski] |
| |
| *) Added support for Berkeley-DB/4.x to mod_auth_db. |
| [Martin Kraemer] |
| |
| *) PR 10993: add image/x-icon to default httpd.conf files |
| [Ian Holsman, Peter Bieringer <pb bieringer.de> |
| |
| *) Fix a problem in proxy where headers from other modules were |
| added to the response headers when this was already done in the |
| core already. This resulted in header (and therefore cookie) |
| duplication. [Martijn Schoemaker <martijn osp.nl>] |
| |
| *) Fix FileETags none operation. PR 12202. |
| [Justin Erenkrantz, Andrew Ho <andrew tellme.com>] |
| |
| *) Win32: Fix one byte buffer overflow in ap_get_win32_interpreter |
| when a CGI script's #! line does not contain a \r or \n (i.e. |
| a line feed character) in the first 1023 bytes. The overflow |
| is always a '\0' (string termination) character. |
| |
| *) Add new "suppress-error-charset" environment variable to |
| allow a BrowserMatch workaround for clients that incorrectly |
| use the charset of a redirect as the charset of the target. |
| [Ken Coar] |
| |
| *) Support Caldera OpenUNIX 8. [Larry Rosenman <ler lerctr.org>] |
| |
| *) Use SysV semaphores by default on OpenBSD. [Henning Brauer |
| <hb-apache-dev bsws.de>] |
| |
| *) httpd -V will now also print out the compile time defined |
| HARD_SERVER_LIMIT value. [Dirk-Willem van Gulik]. |
| |
| *) In 1.3.26, a null or all blank Content-Length field would be |
| triggered as an error; previous versions would silently ignore |
| this and assume 0. As a special case, we now allow this and |
| behave as we previously did. HOWEVER, previous versions would |
| also silently accept bogus C-L values; We do NOT do that. That |
| *is* an invalid value and we treat it as such. |
| [Jim Jagielski] |
| |
| *) Add ProtocolReqCheck directive, which determines if Apache will |
| check for a valid protocol string in the request (eg: HTTP/1.1) |
| and return HTTP_BAD_REQUEST if not valid. Versions of Apache |
| prior to 1.3.26 would silently ignore bad protocol strings, but |
| 1.3.26 included a more strict check. This makes it runtime |
| configurable. The default is On. This also removes the requirement |
| on an ANSI sscanf() implementation. [Jim Jagielski] |
| |
| *) NetWare: implemented file locking in mod_rewrite for the NetWare |
| CLib platform. This fixes a bug that prevented rewrite logging |
| from working. [Brad Nicholes] |
| |
| Changes with Apache 1.3.26 |
| |
| *) Potential NULL referencing fixed in the CGI module. It had |
| been there for 5 years. [Justin Erenkrantz] |
| |
| *) Ensure that we set the result value in ap_strtol before |
| we return it. [Justin Erenkrantz, Jim Jagielski] |
| |
| Changes with Apache 1.3.25 |
| |
| *) SECURITY: CVE-2002-0392 (cve.mitre.org) [CERT VU#944335] |
| Code changes required to address and close chunked |
| encoding security issues. To support this, we utilize the ANSI |
| functionality of strtol, and provide ap_strtol for completeness. |
| [Aaron Bannert, Justin Erenkrantz, Jim Jagielski, Brian Pane, |
| William Rowe, Cliff Woolley] |
| |
| *) PORT: With OpenBSD 3.1 and up, allow modules to work on their |
| ELF-based architectures. [Brad <brad openbsd.org>] |
| |
| *) Add X-Forwarded-Host and X-Forwarded-Server to X-Forwarded-For |
| to the proxy. [Thomas Eibner <thomas stderr.net>] |
| |
| *) Fix a problem in mod_proxy: it would not set the number of bytes |
| transferred, so other modules could not access the value from |
| the request_rec->bytes_sent field. |
| [Anthony Howe <achowe at snert.com>] PR#6841 |
| |
| *) Fix a problem in mod_rewrite which would lead to 400 Bad Request |
| responses for rewriting rules which resulted in a local path. |
| Note: This will also reject invalid requests like |
| "HEAD /roaming/martin/IMAP localhost HTTP/1.0" as issued by |
| Netscape-4.x Roaming Profiles (on a DAV-enabled server) |
| [Martin Kraemer] |
| |
| *) SECURITY: CVE-2003-0083 (cve.mitre.org) |
| Disallow anything but whitespace on the request line after the |
| HTTP/x.y protocol string. That prevents arbitrary user input |
| from ending up in the access_log and error_log. Also, special |
| characters (especially control characters) are escaped in the |
| log file now, to make a clear distinction between client-supplied |
| strings (with special characters) and server-side strings. |
| [Martin Kraemer] |
| |
| *) Get rid of DEFAULT_XFERLOG as it is not used anywhere. It was |
| preserved by the build system, printed with "httpd -V", but |
| apart from that completely ignored: the default transfer log |
| is to not produce any transfer log. |
| [Martin Kraemer] |
| |
| *) Fixed sending of binary files under Cygwin. PR 9185. |
| [Cliff Woolley] |
| |
| *) Added Cygwin directory layout to config.layout file. |
| [Stipe Tolj, <tolj wapme-systems.de>] |
| |
| *) Added a '-F' flag; which causes the mother/supervisor process to |
| no longer fork down and detach. But instead stays attached to |
| the tty - thus making live for automatic restart and exit checking |
| code easier. [ Contributed by Michael Handler <handler grendel.net>, |
| Jos Backus <jos catnook.com> [ Dirk-Willem van Gulik ]]. |
| |
| *) Make apxs.pl more flexible (file extensions like .so or .dll are |
| no longer hardcoded). [Stipe Tolj <tolj wapme-systems.de>] |
| |
| *) Add an intelligent error message should no proxy submodules be |
| valid to handle a request. PR 8407 [Graham Leggett] |
| |
| *) Allow child processes sufficient time for cleanups but making |
| ap_select in reclaim_child_processes more "resistant" to |
| signal interupts. Bugz# 8176 |
| [David Winterbourne <davidw financenter.com>, Jim Jagielski] |
| |
| *) Recognize platform specific root directories (other than |
| leading slash) in mod_rewrite for filename rewrite rules. |
| Bugz# 7492 [William Rowe] |
| |
| *) For supported versions of Darwin, place dynamically loaded |
| Apache extensions' public symbols into the global symbol |
| table. This allows dynamically loaded PHP extensions. |
| [Marko Karppinen <markonen php.net>] |
| |
| *) Correct proxy to be able to handle the unexpected 100-continue |
| reponses sent during PUT or POST requests. [Graham Leggett] |
| |
| *) Correct a timeout problem within proxy which would force long |
| or slow POST requests to close after 300 seconds. |
| [Martin Lichtin <martin lichtin.net>, Brian Bothwell |
| <brian.bothwell wisdomtools.com>] |
| |
| *) Add support for dechunking chunked responses in proxy. |
| [Graham Leggett] |
| |
| *) Made AB's use of the Host: header rfc2616 compliant |
| by Taisuke Yamada <tai iij.ad.jp> [Dirl-Willem van Gulik]. |
| |
| *) Update the Red Hat Layout to match Red Hat Linux version 7. |
| PR BZ-7422 [Joe Orton] |
| |
| *) Add some popular types to the mime magic file. PR 7730. |
| [Linus Walleij <triad df.lth.se>, Justin Erenkrantz] |
| |
| *) Tighten up the overridden-Server-header bugfix in the proxy, by |
| only overriding if the request is a proxy request. It has been |
| pointed out that the previous fix allows CGIs and modules to |
| override the Server header, which is change to previous behavior. |
| [Graham Leggett, Joshua Slive] |
| |
| *) Another fix for the multiple-cookie header bug in proxy. With some |
| luck this bug is actually now dead. [Graham Leggett] |
| |
| Changes with Apache 1.3.24 |
| |
| *) Fixed a segfault in mod_include when #if, #elif, #else, or #endif |
| directives were improperly terminated. [Cliff Woolley] |
| |
| *) Win32 SECURITY: CVE-2002-0061 (cve.mitre.org) |
| Introduce proper escaping of command.com and cmd.exe for Win32. |
| These patches close vulnerability CVE-2002-0061, identified and |
| reported by Ory Segal <ory.segal sanctuminc>, by which any CGI |
| invocation of .bat or .cmd files could compromise the system |
| when the .bat or .cmd was parsed the query args as an argument |
| to either cmd.exe /c or command.com /c. [William Rowe] |
| |
| *) Add % and \r [C/R] to the dangerous Win32 shell character list. |
| Retain the Unix sh escapes list for compatibility. |
| [William Rowe] |
| |
| *) Pass the command line to the cmd.exe /c interpreter double quoted. |
| This fixes a bug that CGI args ending in a double-quote would |
| cause invocation to fail. Also, treat command.com as a 16-bit |
| executable. [William Rowe] |
| |
| *) Win32; Never invoke cmd or bat scripts based on the registry, even |
| for 'ScriptInterpreterSource Registry' enabled. [William Rowe] |
| |
| *) Provide Win32 users a log of the cgi command invoked, to assist |
| in debugging scripts at LogLevel info. Also provide env vars |
| at LogLevel debug for additional help to admins troubleshooting |
| the ever mysterious "Premature end of script headers" error. |
| [Aaron Bannert] |
| |
| *) Added the 'CGICommandArgs off' directive, to allow admins |
| to disable the query argument passing mechanism in Apache, |
| if future CGI argument vulnerabilities should be discovered. |
| This defaults to 'on', meaning isindex-style query arguments |
| are enabled. [Aaron Bannert] |
| |
| *) When a proxied site was being served, Apache was replacing |
| the original site Server header with it's own, which is not |
| allowed by RFC2616. Fixed. [Graham Leggett] |
| |
| *) Fixed the previous multiple-cookie fix in the proxy. Cookies |
| are broken in that they contain dates which in turn contain |
| commas - so merging and then unmerging them breaks Set-Cookie |
| headers. Sigh. [Graham Leggett] |
| |
| *) Add ap_uuencode to the httpd.exp exports file used by |
| the AIX linker. [Bill Stoddard] |
| |
| *) Win32: Ignore AcceptMutex directive if it is present |
| [Bill Stoddard] |
| |
| *) mod_rewrite: restored rnd behavior that was broken in 1.3.23. |
| PR 10090, 10185 [Jeroen Boomgaardt <jeroen swissclue.com>] |
| |
| *) NetWare: Added the command line directive -e that forces all |
| fatal configuration error messages to the logger screen rather |
| than the Apache screen before Apache is unloaded. |
| [Brad Nicholes <bnicholes novell.com>] |
| |
| *) Add the ProxyIOBufferSize option. Previously the size of the |
| buffer used while reading from the remote server in proxy was |
| taken from ProxyReceiveBufferSize. [Graham Leggett] |
| |
| *) Fix a NULL variable check in proxy where we were checking the |
| wrong variable. [Geff Hanoian <geff pier64.com>] |
| |
| *) Fix typo in default config files related to Swedish language |
| documents. PR: 9906, 10040 [Tomas Ögren <stric ing.umu.se>, |
| Dennis Lundberg <dennis.lundberg mdh.se>] |
| |
| *) apxs didn't get rebuilt when options were changed. This must have |
| caused much puzzlement in the past. Fixed. |
| [Ben Laurie] |
| |
| *) No idea why an HTTP/1.1 proxy would send an HTTP/1.0 request |
| to a remote server by default. Fixed. |
| [Graham Leggett, Gabriel Russell <g.russell ieee.org>] |
| |
| *) NetWare: Added the module mod_log_nw to handle log rotation. |
| This module adds LogRotateDaily and LogRotateInterval to allow |
| all of the custom logs to be either rotated on a daily basis or |
| on a specific interval. Based on a patch by Bertrand Demiddelaer. |
| [Brad Nicholes <bnicholes novell.com>] |
| |
| *) Fix typo in rotatelogs.8. [Will Lowe <harpo thebackrow.net>] |
| |
| *) Clean up warnings in mod_proxy [Chuck Murcko <chuck topsail.org>] |
| |
| *) TPF: Use the correct subpool when opening the error log. |
| This prevents a possible SIGPIPE in standalone_main. |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) When proxy enabled a slow frontend client to read from an |
| expensive backend server, it would wait until it had delivered |
| the response to the slow frontend client completely before |
| closing the backend connection. The backend connection is now |
| closed as soon as the last byte is read from it, freeing up |
| resources that would have been tied up unnecessarily. |
| [Graham Leggett, Igor Sysoev <is rambler-co.ru>] |
| |
| *) The proxy code read chunks from the backend server in a |
| hardcoded amount of 8k. The existing ProxyReceiveBufferSize |
| parameter has been overloaded to specify the size of this buffer. |
| [Graham Leggett, Igor Sysoev <is rambler-co.ru>] |
| |
| *) [Security] Prevent invalid client hostnames from appearing in |
| the log file. If a double-reverse lookup was performed (e.g., |
| for an "Allow from .my.domain" directive) but failed, then |
| a spoofed dns-reverse-address could appear in the logs. Now |
| the numeric address is logged instead. Note that |
| reverse-address-spoofing did NOT actually allow access |
| to any protected resource! [Martin Kraemer] |
| |
| *) Some browsers ignore cookies that have been merged into a |
| single Set-Cookie header. Set-Cookie and Set-Cookie2 headers |
| are now unmerged in the http proxy before being sent to the |
| client. [Graham Leggett] |
| |
| *) Fix a problem with proxy where each entry of a duplicated |
| header such as Set-Cookie would overwrite and obliterate the |
| previous value of the header, resulting in multiple header |
| values (like cookies) going missing. |
| [Graham Leggett, Joshua Slive] |
| |
| *) Fix a problem with proxy where X-Cache headers were |
| overwriting and then obliterating upstream X-Cache headers |
| from other proxies. |
| [Graham Leggett, Jacob Rief <jacob.rief tiscover.com>] |
| |
| *) Win32: Work around a bug in Windows XP that caused data |
| corruption on writes to the network. The WinXP bug |
| is tickled by the combined use of WSADuplicateSocket |
| and blocking send() calls. |
| [Bill Stoddard, Bill Rowe, Allan Edwards, Szabolcs Szakacsits] |
| |
| *) Add 'IgnoreCase' keyword to the IndexOptions directive; |
| if active, upper- and lower-case letters are insignificant |
| in ordering. In other words, all A* and a* files will be |
| listed together, rather than the a* ones after all the [A-Z]* |
| ones. [Tullio Andreatta <tullio logicom.it>] |
| |
| *) NetWare: Implemented the real ap_os_case_canonical_filename() |
| function that retrieves the accurately cased path and file |
| name from the file system. [Brad Nicholes <bnicholes novell.com>] |
| |
| *) Fix the longstanding bug that errors (returned by src/Configure) |
| would not be noticed by the top level configure script. |
| That was bad for automated configurations. [Martin Kraemer] |
| |
| *) Link with -lpthread on Solaris since we reference pthread |
| functions for the accept mutex. Previously, the link step |
| would succeed but we would link to bogus versions of the |
| pthread functions in libc, apparently breaking accept mutex |
| serialization when "AcceptMutex pthread" was used and |
| apparently breaking some third-party modules whether |
| or not "AcceptMutex pthread" was used. [Jeff Trawick] |
| |
| *) The Location: response header field, used for external |
| redirect, *must* be an absoluteURI. The Redirect directive |
| tested for that, but RedirectMatch didn't -- it would allow |
| almost anything through. Now it will try to turn an abs_path |
| into an absoluteURI, but it will correctly varf like Redirect |
| if the final redirection target isn't an absoluteURI. [Ken Coar] |
| |
| *) apxs: fix bug that prevented -S option from containing quotes. |
| [Ben Laurie] |
| |
| *) ftp proxy: various cosmetic and functional improvements |
| - Allow for /%2f hack (to access the root directory / ) |
| - properly escape generated links in dir listing |
| - do directory listings in ASCII, to avoid problems with EBCDIC |
| servers |
| - close data & control channels to server properly |
| [Martin Kraemer] |
| |
| *) NetWare: Added mod_auth_dbm to the project file. |
| [Brad Nicholes <bnicholes novell.com>] |
| |
| |
| Changes with Apache 1.3.23 |
| |
| *) Changed the symbol mapping of the following from API_EXPORT |
| to API_EXPORT_NONSTD: |
| ap_snprintf(), ap_table_do(), ap_bvputs(), ap_log_error(), |
| ap_log_rerror(), ap_log_printf(), ap_rprintf() |
| [William Rowe] |
| |
| *) Fixed a number of mismatched int sizes and signedness problems. |
| Still remains, MSVC's 'interesting' declaration of FD_SET still emits |
| (impotent) warnings. [William Rowe] |
| |
| *) mod_proxy changes: |
| |
| *) Bug fix for ap_proxy_cache_conditional(), unititialized wetag |
| [Zvi Har'El <rl math.technion.ac.il>] |
| |
| *) Add persistent connection handling |
| The patch changes mod_proxy to write the reply-headers using |
| ap_send_http_header() instead of directly using ap_bvputs(). This not |
| only simplifies mod_proxy, in my opinion at least, but enables it to |
| make use of the features of Apache's normal header and persistent |
| connection machinery. |
| [Christian von Roques <roques mti.ag>] |
| |
| *) Graham Leggett's original 1.3.12 patch, updated for 1.3.19+ |
| Original comments: |
| |
| HTTP/1.1 support for mod_proxy: |
| - support for Cache-Control |
| - conditional support If-Match, If-None-Match, |
| If-Unmodified-Since, Etag |
| - support for content negotiation using Vary |
| - storing of request headers (for Vary support) in cache file |
| - storing of updated response headers (with 304 Not Modified) in |
| cache file |
| - support for 64 bit dates and content-lengths in cache file |
| Fixes: |
| - ProxyPassReverse applied to Content-Location |
| - entity headers no longer stripped from response after cache |
| revalidation |
| - annotation of mod_proxy cache code |
| [Graham Leggett <minfrin sharp.fm>] |
| |
| changes to preserve binary compatibility with httpd core, clean up |
| [Chuck Murcko <chuck topsail.org>] |
| |
| *) HPUX 11.*: Do not kill the child process when accept() |
| returns ENOBUFS on HPUX 11.*. |
| [<madhusudan_mathihalli hp.com>] |
| |
| *) PORT: Numerous additions to Cygwin, including: defaulting |
| to Posix thread accept mutex, excluding the call to |
| pthread_mutexattr_setpshared(), better proxy and DBM support, and |
| allowing the use of native Win32 socket ops instead of |
| Cygwin's Posix wrapper (for better performance). The last |
| item required the addition of a new Configure Rule: CYGWIN_WINSOCK. |
| [Stipe Tolj <tolj wapme-systems.de>] |
| |
| *) Use "httpready" accept filter rather than "dataready" on |
| FreeBSD after 4.1.1-RELEASE where it works correctly. |
| [Tony Finch] |
| |
| *) Fix incorrect "Content-Length" header in the 416 "range not |
| satisfiable" response. [Joe Orton <joe manyfish.co.uk>] |
| |
| *) Add FileETag directive to control fields used when constructing |
| an ETag for a file-based resource. Historically the inode, |
| size, and mtimehave been used, but the inode factor broke |
| caching for systems with content fan-out across multiple |
| back-end servers. Now the fields used in the construction |
| can be controlled by configuration directives. Minor MMN |
| bumped; MMN went from 19990320.10 to 19990320.11. |
| [Ken Coar, from a patch by Phil Dietz] |
| |
| *) NetWare: Fixed the access forbidden problem when requesting an |
| empty directory rather than showing the empty listing. |
| [Charles Goldman, Guenter Knauf <gk gknw.de>] |
| |
| *) Cause Win32 to capture all child-worker process errors in |
| Apache to the main server error log, until the child can |
| open it's own error logs. [William Rowe] |
| |
| *) Revert mod_negotation's handling of path_info and query_args |
| to the 1.3.20 behavior. PR: 8628, 8582, 8538 [William Rowe] |
| |
| *) Modify buff.h and buff.c to enable modules to intercept the |
| output byte stream for dynamic page caching. A pointer to a |
| 'filter callback' function is added to the end of buff.h. |
| This function, if registered by a module, is called |
| at the top of buff_write() and writev_it_all(). |
| [Kevin Mallory <kmallory spidercache.com>] |
| |
| *) When the default of 'Group #-1' was changed to 'Group "#-1"', |
| the Makefile wasn't updated to recognise the quotation marks. |
| [Owen Boyle <obo bourse.ch>] |
| |
| *) Win32: Do not allow threads to continue handling keepalive |
| requests after a shutdown or restart has ben signaled. |
| [Bill Stoddard] |
| |
| *) Win32: Accept OPTIONS * requests. [Keith Wannamaker] |
| |
| *) Unixware 7.0 and later did not have a default locking |
| mechanism defined. This bug was introduced in apache 1.3.4. |
| [Dean Gaudet] |
| |
| *) Prevent an Apache module from being loaded or added twice due |
| to duplicate LoadModule or AddModule directives (or a missing |
| ClearModuleList directive). |
| [William Rowe, Brian Pane <bpane pacbell.net>] |
| |
| *) Add checkgid app to do run-time validation of Group directive |
| values which might cause the server to fall over, but which |
| are syntactically correct. [Ken Coar] |
| |
| *) NetWare: Added mod_unique_id to the project file. |
| [Brad Nicholes <bnicholes novell.com>] |
| |
| *) NetWare: Fixed a link problem with mod_vhost_alias so that it |
| exports the correct MODULE structure. PR 8598 |
| [Brad Nicholes <bnicholes novell.com>] |
| |
| *) Unix: The generated install script for binary distributions, |
| install-bindist.sh, now makes DSO files executable, like |
| make install. This allows a binary distribution to work on |
| HP-UX without any manual intervention. PR 7428 |
| [Jeff Trawick] |
| |
| *) Win32: The Apache Win32 developers generally recommend that |
| MaxRequestsPerChild be set to 0 to prevent the child process |
| from ever recycling. However, for those that do require a |
| non-zero setting, this patch fixes a serious bug that can cause |
| an apparent 'server-hang' condition where the server stops |
| responding to requests for a period of time. Prior to this |
| fix, when the child process handled MaxRequestsPerChild |
| connnections, the child process would stop accepting new |
| connections and begin allowing inactive threads to exit. The |
| problem was that a new process would not be created to begin |
| handling requests until the old process fully exited. The old |
| process can take an indeterminate amount of time to exit because |
| it may be sending large responses to clients connected over slow |
| links, or it may have threads blocked in read awaiting requests |
| (eg, one attack mode of the Nimda worm is to establish a |
| connection to the server but not send an HTTP request. This |
| connection will be timed out according to the setting of the |
| Timeout directive, 300 seconds). This fix allows the new process |
| to be immediately started and begin accepting requests when the |
| old child process reaches MaxRequestsPerChild. |
| [Bill Stoddard] |
| |
| *) Win32: Emit error message when the server bumps up against the |
| ThreadsPerChild configuration limit. This will be useful for |
| admins to detect when their server is running out of threads |
| to handle requests. [Bill Stoddard] |
| |
| *) Test all directories listed with the UserDir directive for validity. |
| Also resolves the Win32/Netware bug of unparsable quoted paths. |
| PR 8238 [William Rowe] |
| |
| Changes with Apache 1.3.22 |
| |
| *) Recognize AIX 5.1. [Jeff Trawick] |
| |
| *) PORT: Support AtheOS (see www.atheos.cx) |
| [Rodrigo Parra Novo <rodarvus terra.com.br>] |
| |
| *) The manual directory is still configurable (as enabled by |
| the 1.3.21 change), but its default setting was reverted to |
| the pre-1.3.21 default as a subdirectory of the DocumentRoot. |
| You can adapt your path in config.layout or with the |
| "configure --manualdir=" switch. [Martin Kraemer] |
| |
| *) Additional correction for the mutex changes on the TPF platform. |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) mod_proxy - remove Explain*; replace with ap_log_* |
| [Chuck Murcko <chuck topsail.org>] |
| |
| Changes with Apache 1.3.21 |
| |
| *) Enable mod_mime_magic (experimental) for Win32. [William Rowe] |
| |
| *) Use an installed Expat library rather than the bundled Expat. This |
| fixes a problem where multiple copies of Expat could be loaded |
| into the process space, thus conflicting and causing strange |
| segfaults. Most notably with mod_perl and XML::Parsers::Expat. |
| [Greg Stein] |
| |
| *) Handle user modification of WinNT/2K service display names. Prior |
| versions of Apache only accepted identical internal and display names |
| (where internal service names were space-stripped.) [William Rowe] |
| |
| *) Introduce Win32 -W option for -k install/config to set up service |
| dependencies on the workstation, snmp and other services that given |
| modules or configurations might depend upon. [William Rowe] |
| |
| *) Update the mime.types file to map video/vnd.mpegurl to mxu |
| and add commonly used audio/x-mpegurl for m3u extensions. |
| [Heiko Recktenwald <uzs106 uni-bonn.de>, Lars Eilebrecht] |
| |
| *) Modified mod_mime and mod_negotiation to prevent mod_negotiation |
| from serving any multiview variant containing one or more |
| 'unknown' filename extensions. In PR #8130, mod_negotiation was |
| incorrectly serving index.html.zh.Big5 when better variants were |
| available. The httpd.conf file on the failing server did not have |
| an AddLanguage directive for .zh, which caused mod_mime to loose |
| the file_type information it gleened from parsing the .html |
| extension. The absence of any language preferences, either in |
| the browser or configured on the server, caused mod_negotiation |
| to consider all the variants equivalent. When that occurs, |
| mod_negotiation picks the 'smallest' variant available, which |
| just happened to be index.html.zh.Big5. |
| [Bill Stoddard, Bill Rowe] PR #8130 |
| |
| *) SECURITY: CVE-2001-0731 (cve.mitre.org) |
| Close autoindex /?M=D directory listing hole reported |
| in bugtraq id 3009. In some configurations where multiviews and |
| indexes are enabled for a directory, requesting URI /?M=D could |
| result in a directory listing being returned to the client rather |
| than the negotiated index.html variant that was configured and |
| expected. The work around for this problem (for pre 1.3.21 |
| releases) is to disable Indexes or Multiviews in the affected |
| directories. [Bill Stoddard, Bill Rowe] |
| |
| *) Enabled Win32/OS2/Netware file paths (not / rooted, but c:/ rooted) |
| as arguments for mod_vhost_alias'es directives. [William Rowe] |
| |
| *) Changes for Win32 to assure mod_unique_id's UNIQUE_ID strings really |
| are unique between threads. [William Rowe] |
| |
| *) mod_proxy - fix for Pragma: nocache (HTTP/1.0 only) |
| [Kim Bisgaard <kib dmi.dk>] PR #5668 |
| |
| *) PORT: Some Cygwin changes, esp. improvements for dynamic loading, |
| and cleanups. [Stipe Tolj <tolj wapme-systems.de>] |
| |
| *) Win32 SECURITY: CVE-2001-0729 (cve.mitre.org) |
| The default installation could lead to mod_negotiation |
| and mod_dir/mod_autoindex displaying a directory listing instead of |
| the index.html.* files, if a very long path was created artificially |
| by using many slashes. Now a 403 FORBIDDEN is returned. This |
| problem was similar to and in the same area as the problem |
| reported and fixed by Martin Kraemer in 1.3.18, only the scope |
| is much narrower and is specific to Windows. [Bill Stoddard] |
| |
| *) Update the mime.types file to the registered media types as |
| of 2001-09-25, and add xsl, so, dll extensions [Mark Cox] |
| |
| *) Resolved the build failure on Win32 using MSVC 5.0 (without the |
| current SDK.) PRs 7790, 7948. [William Rowe] |
| |
| *) mod_proxy - fix reverse proxy cookie passthrough |
| [Brian Eidelman <beidelman netegrity.com>] PR#6055 |
| |
| *) mod_proxy - fix CacheForceCompletion directive |
| [Alexey Panchenko <panchenko liwest.ru>] PR#8090 |
| |
| *) mod_proxy - close origin server connection when client aborts |
| [Alexey Panchenko <panchenko liwest.ru>] PR#8067,7383,6585 |
| |
| *) ErrorDocument 404 pointing to a parsed html file with a |
| <!--#include virtual="file" --> with a request URI containing |
| %2f would result in a segfault (NULL pointer deref, not a |
| security problem). [Jeff Moe <tux themoes.org>, Dean Gaudet] PR#8362 |
| |
| *) UnsetEnv from main body of httpd.conf file didn't work; backport |
| of bugfix from 2.0 codebase. [Gary Benson <gbenson redhat.com>] PR#8254 |
| |
| *) Win32 - add mod_unique_id.so and mod_vhost_alias.so to the build. |
| [William Rowe] |
| |
| *) Enhancement of mod_auth to handle 'Require file-owner' and |
| 'Require file-group'. This allows access IFF the authenticated |
| username (from the appropriate AuthUserFile database) matches |
| the username of the UID that owns the document (and equivalent |
| checking for file GID and user's membership in AuthGroupFile). |
| See the mod_auth documentation for examples. (Not supported |
| on Windows.) [Ken Coar] |
| |
| *) Addition of the AcceptMutex runtime directive. The accept mutex |
| method is now runtime controllable. The suite of available methods |
| per platform is defined at compile time (with HAVE_FOO_SERIALIZED_ACCEPT |
| noting that the method is available and works, and |
| USE_FOO_SERIALIZED_ACCEPT noting that it should be the default |
| method in absense of any AcceptMutex line, or via AcceptMutex default) |
| and selectable at runtime. The full (current) suite is uslock, |
| pthread, sysvsem, fcntl, flock, os2sem, tpfcore and none, but |
| not all platforms accept all methods. [Jim Jagielski] |
| |
| *) Parallel to a change in Apache-2.0, the manual directory was |
| moved out of the DocumentRoot tree to simplify the separation |
| of private content&configuration from server's on-line |
| documentation. An "Alias /manual/ ..." projects the manual/ |
| directory (which resides now side-by-side with the icons/ |
| directory) into the logical DocumentRoot. Note that a request |
| to http://server/manual (without the trailing slash) will now |
| behave different than before (it used to redirect to |
| http://server/manual/ but no longer does). |
| [Martin Kraemer] |
| |
| *) Fixed ap_os_canonical_filename() so that it wouldn't try to |
| canonicalize an invalid file name. Also fixed |
| ap_os_is_path_absolute() so that it wouldn't recognize names |
| such as proxy:http://blah as a NetWare volume:pathname. Both of |
| these fixes were necessary to fix mod_proxy problems on NetWare. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Fix a storage leak (a strdup() call) in mod_mime_magic. |
| [Jeff Trawick] |
| |
| *) We have always used the obsolete/deprecated Netscape syntax |
| for our tracking cookies; now the CookieStyle directive |
| allows the Webmaster to choose the Netscape, RFC2109, or |
| RFC2965 format. The new CookieDomain directive allows the |
| setting of the cookie's Domain= attribute, too. PR #s 5006, |
| 5023, 5920, 6140 [Ken Coar] |
| |
| *) The Win32 Makefile.win build script failed if |
| INSTDIR="c:\path\with spaces" was given, this is now fixed. PR 8184 |
| [Jack Tan <jack_s_tan yahoo.com>] |
| |
| *) EBCDIC: The proxy, when used in a proxy chain, "forgot" to |
| convert the "CONNECT host:port HTTP/1.0" request line to ASCII |
| before contacting the next proxy, and was thus unusable for |
| SSL proxying. [Martin Kraemer] |
| |
| *) SECURITY: CVE-2001-0730 (cve.mitre.org) |
| Make support/split-logfile use the default log file if |
| "/" or "\" are present in the virtual host name. This prevents |
| the possible use of specially crafted virtual host names in |
| some configurations to allow writing to any .log file on the |
| system. [Daniel Matuschek <daniel.matuschek swisscom.com>, |
| Marc Slemko] PR#7848 |
| |
| *) Added a directive: "AcceptFilter <on|off>". To control BSD |
| acccept filters when at compile time SO_ACCEPT_FILTER is |
| detected. The default is still 'on' except when, at compile |
| time, AP_ACCEPT_FILTER_OFF is defined. |
| |
| Also downgraded the fatal exit to a warning when the |
| associated setsocketopt(2) fails for any reason but |
| for ENOPROTOOPT. The latter - which implies that the |
| kernel does not support the filters - now rates only an |
| info level message. All in all this should make it easier |
| to move httpd binaries and config files across BSD machines |
| with varying acceptfilter support. |
| [Dirk-Willem van Gulik <dirkx covalent.net>] |
| |
| *) Fix the <Files ~ "^\.ht"> container to *really* deny all access. |
| Without the Satisfy All, .ht* files could still be fetched if |
| they were within the scope of a Satisfy Any directive. |
| [Ken Coar] |
| |
| *) Print a warning when an attempt is made to use line-end comments. |
| Apparently they are not detected/handled gracefully by all directives. |
| [Martin Kraemer] |
| |
| *) (TPF only) Take advantage of improvements to select(), fork(), and |
| exec() in the TPF operating system. |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) (Cygwin only) Fix problems with signals sent to child processes; |
| Improve auto-configuration for Cygwin. |
| [Stipe Tolj <tolj wapme-systems.de>] |
| |
| *) Added Mod_Vhost_Alias to the project file so that it builds as an |
| external module (VHOST.NLM). |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Fix problem with lingering_close() on Windows. Issuing read() on the |
| socket descriptor on Windows always fails. Should be calling |
| recv() instead of read() on Windows. |
| [Bill Stoddard, Bill Rowe] |
| |
| *) Added an abnormal exit clean up routine to make sure that ApacheC NLM |
| is always unloaded cleanly. This fixes the "Ouch! out of memory" |
| problem when restarting Apache for NetWare after an abnormal exit |
| due to configuration errors. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Change the compile switches for ReliantUNIX SVR4 not to use |
| SYSV semaphores, because upon reaching the system limit of |
| semaphores, the whole server exits (not just one child). |
| Apache could be improved to use NO_SEM_UNDO flag (see test/time-sem.c) |
| which is currently implemented only in the time-sem program, but not in |
| apache. Until then, revert to using fcntl() locks. |
| [Martin Kraemer] |
| |
| *) Changes to 'ab': fixed int overruns, added statistics, output in |
| csv/gnuplot format, rudimentary SSL support and various other tweaks |
| to make results more true to what is measured. The upshot of this it |
| turns out that 'ab' has often underreported the true performance of |
| apache. Often by a order of magnitude :-) See talk/paper of Sander |
| Temme at April ApacheCon 2001 for details. |
| [Dirk-Willem van Gulik] |
| |
| Changes with Apache 1.3.20 |
| |
| *) Autodetect if platforms have isnan() and/or isinf() for use in |
| ap_snprintf.c. [Jim Jagielski] |
| |
| *) SECURITY DoS: CVE-2001-1342 (cve.mitre.org) |
| Correct a vulnerability in the Win32 and OS2 ports, by which a |
| client submitting a carefully constructed URI could cause a GP |
| (segment) fault in the child process, which would have to be |
| cleared by the operator to resume operation. This vulnerability |
| introduced no identified means of compromising the server's data. |
| Reported by Auriemma Luigi <kaino3 genie.it>. |
| [William Rowe, Brian Havard] |
| |
| *) Resolve the Win32 SSI exec cmd bug, where cmd was not executed |
| appropriately against the shell. [William Rowe] |
| |
| *) Added NOESCAPE (NS) flag to RewriteRule and enabled use of |
| '\' to allow escaping of special characters. Previously |
| there was no way to embed either '$' or '%' in the output |
| of a RewriteRule; now 'foo\$1' will result in a literal |
| 'foo$1' appearing in the result rather than 'foo\<value of $1>'. |
| Note that [NS] disables *all* normal URI escaping, so incautious |
| use can give unexpected results. [Ken Coar] |
| |
| *) Add support for Win32 apxs. Note that cygwin builders must use a |
| cygwin perl to avoid the MSWin32 handling. [William Rowe] |
| |
| *) Changed the initial screen handling for NetWare so that the -s |
| parameter will properly destroy the Apache console screen and switch |
| to the system console screen. Also removed the call to clrscr() for |
| NetWare so that any warning messages produced during startup are visible. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Integrate support for the Cygwin 1.x platform (a POSIX emulation layer |
| for Win32 systems, see http://www.cygwin.com) |
| [Stipe Tolj <tolj wapme-systems.de>] |
| |
| *) Hooked calls to opendir() and readdir() so that we could add '.' and |
| '..' to the entry list. By default NetWare does not return these |
| entries which caused mod_autoindex not to display the parent directory |
| entry. [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Solved a very serious threading problem with WinNT/2K Services. The |
| moment master_main told that the shutdown was complete, the parent |
| control thread exited Apache, leaving mod_jserv's Java process running |
| and alternately invoking mod_perl's cleanups from the correct thread |
| or the service control thread. [William Rowe] |
| |
| *) Populate the Win32 HKLM\System\CurrentControlSet\Services\[apachesvc] |
| key with the Description value of the running server across all Win32 |
| platforms, including NT, ME and 9x. This value is the server_version |
| string including loaded modules. [William Rowe] |
| |
| *) Fix ndbm.h include problems with various Linux distributions and |
| brain-dead glibc >= 2.1, which sometimes have ndbm.h in a |
| non-standard db1/ subdir. PR#6929 |
| [Victor J. Orlikowski] |
| |
| *) Empty headers are allowed by RFC2068 section 4.2. The presence or |
| absence of an empty header can be significant. The current mod_proxy |
| of httpd 1.3.x removes empty headers. Change mod_proxy to preserve |
| empty headers. [Christian von Roques <roques mti.ag>] |
| |
| *) Enhance rotatelogs so that a UTC offset can be specified, and |
| the logfile name can be formatted using strftime(3). [Ken Coar] |
| |
| *) Fix a possible NULL pointer dereference in the detection of the |
| default ServerName or IP string (introduced in 1.3.18). |
| [Ignasi Roca, <Ignasi.Roca fujitsu-siemens.com>] |
| |
| *) Make EBCDIC conversion fully configurable. Until now, apache relied |
| on some (incomplete) heuristics, and would fail to correctly serve |
| text files when they had a MIME type of application/anything, like |
| application/x-javascript. The new conversion directives allow |
| defining the conversion based on MIME type or file suffix. |
| [Martin Kraemer] |
| |
| *) Add a -V flag to suexec, which causes it to display the |
| compile-time settings with which it was built. (Only |
| usable by root or the HTTPD_USER username.) [Ken Coar] |
| |
| *) Set the Win32 service description in the Services control panel to |
| the server_version string from Apache and the loaded modules. |
| [William Rowe] |
| |
| *) Added a new API for NetWare, ap_os_dso_unsym(), to allow Apache the |
| chance to unimport module symbols before it shuts down. This is |
| necessary so that Apache on NetWare can shutdown cleanly in an error |
| condition such as a failure while reading the httpd.conf file. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Introduce NUL device pipes for stdin and stdout for the parent Win32 |
| service process. This solves bugs such as PR7198 that report |
| "dup2(stdin) failed" when trying to use piped logs. [William Rowe] |
| |
| Changes with Apache 1.3.19 |
| |
| *) Rewrite ap_unparse_uri_components() to make it safer and more readable |
| ["Jeffrey W. Baker" <jwbaker acm.org>] |
| |
| *) Under certain circumstances, Apache did not supply the |
| right response headers when requiring authentication. |
| [Gertjan van Wingerde <Gertjan.van.Wingerde cmg.nl>] PR#7114 |
| |
| *) Clean up some end-of-loop not reached warnings [Jim Jagielski, |
| Aris Stathakis <aris sco.COM>] |
| |
| *) Add the correct language tag for interoperation with the Taiwanese |
| versions of MSIE and Netscape. [Clive Lin <clive CirX.ORG>] PR#7142 |
| |
| *) Fixed system shutdown on Windows 2000 to assure that the modules have |
| an opportunity to clean up. Note there is a _very_ limited amount of |
| time in which to execute all cleanups [see MSKB Q146092] so all of |
| the modules may still not be given an opportunity to complete their |
| cleanups if they require more than 20 seconds total. [William Rowe] |
| |
| Changes with Apache 1.3.18 [not released] |
| |
| *) Workaround enabled for a core dump which appeared in broken |
| NameVirtualHost configurations. [Martin Kraemer] |
| |
| *) Sporadic core dump in ap_default_port_for_scheme() with |
| internal requests fixed by [Jeffrey W. Baker <jwbaker acm.org>] |
| |
| *) PORT: Allow for build under latest dev. version of NonStopUX |
| on Compaq. [Tom Bates <tom.bates compaq.com>] |
| |
| *) mod_user on Win32 bug introduced in 1.3.17 is corrected. The parsing |
| is completely rewritten so all platforms share the same file/redirect |
| logic interpreting UserDir directives. Specifying a Win32 or Netware |
| relative path or a relative path on any platform using an '*' now |
| emits an error when httpd.conf is first parsed. [William Rowe] |
| |
| *) Apache/Win32 no longer holds open the console on error, unless invoked |
| by a shortcut with the new -w option. [William Rowe] |
| |
| *) The Win32 -t test config now holds the console open on "SYNTAX OK". |
| [William Rowe] |
| |
| *) Apache on Win9x now ensures the service is stopped before removal. |
| [William Rowe] |
| |
| *) SECURITY: CVE-2001-0925 (cve.mitre.org) |
| The default installation could lead to mod_negotiation |
| and mod_dir/mod_autoindex displaying a directory listing instead of |
| the index.html.* files, if a very long path was created artificially |
| by using many slashes. Now a 403 FORBIDDEN is returned. |
| [Martin Kraemer] |
| |
| *) Trailing slashes (if they exist) are now removed from ServerRoot, |
| because there were known problems with them. |
| ["William A. Rowe, Jr." <wrowe rowe-clan.net>] |
| |
| *) Changed ap_os_is_filename_valid on NetWare to accept |
| SERVER/VOLUME:/PATH/FILE as a valid filename pattern. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Win32/Netware: correct relative paths and eliminate trailing slash |
| in the -d serverroot argument. -d Serverroot may be relative to |
| the path of the Apache.exe file. [William Rowe] |
| |
| *) Win32; fix the ServerRoot as the path of the Apache.exe file. |
| Eliminates the requirement of a 'backup' registry key to locate |
| the server root. [William Rowe] |
| |
| *) NetWare MOD_TLS fixes to disable nagles properly when making an SSL |
| connection, and properly detect an SSL connection based on the port |
| and work around the r->server->port 80 bug. |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) TPF startup/shutdown fixes. [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) Correct a typo in httpd.conf. |
| [Kunihiro Tanaka <tanaka apache.or.jp>] PR#7154 |
| |
| *) Get the correct IP address if ServerName isn't set and we can't |
| find a fully-qualified domain name at startup. |
| [Danek Duvall <dduvall eng.sun.com>] PR#7170 |
| |
| *) Fix pointer arithmetic in mod_rewrite map expansion. |
| [Christopher A. Bongaarts <cab tc.umn.edu>] PR#7157, 7158 |
| |
| *) Fixed a problem with file extensions being truncated during |
| the call to ap_os_canonical_filename(). |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| Changes with Apache 1.3.17 |
| |
| *) Normalize the Netware path names to close a potential security |
| hole in comparing paths when the adminstrator specifies both |
| sys:foo and sys:/foo formats in the same httpd.conf file. |
| [Brad Nicholes] |
| |
| *) Fix an unlikely segfault provided a zero length string in the |
| translate_userdir() call on win32/os2, and accept backslashes |
| in the UserDir directive on those platforms [William Rowe] |
| |
| *) Fixed translate_userdir() in MOD_USERDIR.C so that it correctly |
| recognizes NetWare absolute paths. This fixes the problem where |
| MOD_USERDIR was trying to redirect to an absolute NetWare path |
| rather than opening the file at the specified location. This |
| patch fixes PR5826 & 6283. [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Fixed ap_os_is_path_absolute() in OS.H so that it can tell the |
| between a NetWare path (SYS:/path) and a URL (HTTP://path). |
| [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Fixed the sdbm.h bundled in Apache for Win32, bringing it in sync |
| with Perl. Because it didn't have the same geometry as Perl, |
| users reported the first user added with dbmmanage was not |
| recognized. [William Rowe] |
| |
| *) Fixed ap_os_canonical_filename to append a the default volume |
| name if the the path is a full path and does not include the |
| volume name. Since NetWare's current working directory always |
| defaults to the SYS: volume regardless of where the executible |
| started, the default volume will be the volume that is specified |
| in ap_server_root. [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Handle port numbers in Host headers properly again after |
| the code was broken in 1.3.15. [Tony Finch] |
| |
| Changes with Apache 1.3.16 [not released] |
| |
| *) None from 1.3.15 [repository tags were the issue, no code altered] |
| |
| Changes with Apache 1.3.15 [not released] |
| |
| *) Fix a new problem introduced with the -k config syntax, that the |
| service installed with the -i flag would attempt to re-install |
| itself when starting the server. [William Rowe, Andrew Braund] |
| |
| *) Fix the declaration of the module structure in mod_example. |
| [Gururaj Upadhye <gururaj enertec.com>] PR#7095 |
| |
| *) Fix the handling of variable expansion look-ahead in mod_rewrite, |
| i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of |
| more complicated nested RewriteMap lookups. [Tony Finch] PR#7087 |
| |
| *) Fix the RFC number mentioned when complaining about a missing |
| Host: header. [Alexey Toptygin <alexeyt wam.umd.edu>] PR#7079 |
| |
| *) Fix Range header processing to properly parse the syntax specified |
| in RFC 2616, and properly handle unsatisfiable requests by returning |
| a 416 error. [Tony Finch, William Rowe] PR#6973 |
| |
| *) Remove some human-readable fluff from the machine-readable mod_status |
| display. [Youichirou Koga <y-koga apache.or.jp>] PR#7025 |
| |
| *) The new Win32 command line option, -k config, replaces the default |
| options for the existing, named service with the options given on |
| the -k config command line. Apache -n servicename -t now displays |
| the default options before it tests the httpd.conf. Use the syntax |
| apache -k config -n servicename -f conffile to upgrade an existing |
| 1.3.x service to the new 1.3.15 default arguments. [William Rowe] |
| |
| *) All Win32 services now support default command line options when |
| starting an Apache service. The command line options given with |
| the apache -k install command, including -d, -f, -D, -C and -c, |
| are all saved in the registry. This change superceeds the old |
| ConfPath entry, so existing services must be reconfigured when |
| upgrading to 1.3.15. [William Rowe] |
| |
| *) The Win32 build is overhauled to use mod_foo.so for all dynamic |
| Apache modules. [William Rowe] |
| |
| *) The Win32 build scripts (makefile.win, Apache.dsw) now build |
| all the usual targets, including the directories htdocs, include, |
| lib, libexec, and cgi-bin. [William Rowe] |
| |
| *) WinNT/2K service can be started from the command line with any |
| desired args (e.g. Apache -k start -n apache-1.3 -D FOO will |
| start the service with the -D FOO option.) This extends what |
| Apache on Win9x already does, even running as a service. |
| [William Rowe] |
| |
| *) WinNT/2K can be started from the Services control panel adding |
| whatever args are desired (e.g. -D ARG) in the 'Start Parameters' |
| box of the start service dialog. These will be passed on and |
| recognized by the service as it starts. [William Rowe] |
| |
| *) Support -k install/-k uninstall on Win32 for compatibility with |
| Apache 2.0. [William Rowe] |
| |
| *) mod_cgi on Win32 and Netware now does a more effective job of |
| capturing all stderr output from user's scripts. PR6161 |
| [Hardy Braunsdorf <hardy.braunsdorf metechnology.com>, Will Rowe] |
| |
| *) mod_status now respects ?refresh=n of 1 or greater. If the given |
| refresh value is not a number, ?refresh is set to 1 second. |
| [William Rowe, Dirk Ahlers <there darkride.net> PR5067] |
| |
| *) Restore child process consoles to correct 16-bit CGI execution |
| on Windows. Relies on Win9xConHook.dll for Win9x. This patch |
| also assures the Apache window remains titled 'Apache', rather |
| than flickering to the cgi app titles. [William Rowe] |
| |
| *) Added Win9xConHook.dll, which uses hidden console spy windows to |
| handle the shutdown, logoff and Close button events, and dispatch |
| them to Apache just as SetConsoleCtrlHandler does on Win NT/2K. |
| The close button on Win9x now works, and the Win9x service support |
| code moved into this module. [William Rowe] |
| |
| *) Fix messages from the -k start/stop/restart command options on |
| Windows. [William Rowe] |
| |
| *) Allow Win32 users to build mod_isapi, regardless of the age of |
| their Win32 SDK headers. Warning provided if features must be |
| disabled due to old headers. [William Rowe] |
| |
| *) The ScriptInterpreterSource Registry source will now handle any |
| post-scriptname arguments (e.g. cmd script -q), substitute any |
| environment variables (e.g. "%windir%\sysapp.exe") and use the |
| short or long path name as appropriate (e.g. "doit %1" uses the |
| short form, no spaces, while "doit "%1"" uses the long form of |
| the script name, in quotes.) Also, passes all script names in |
| backslash delimited format (instead of slashes). [William Rowe] |
| |
| *) Accomodate an out-of-space condition in the piped logs and the |
| rotatelogs.c code, and no longer churn log processes for this |
| condition. [Victor J. Orlikowski] |
| |
| *) Make cgi-bin work as a regular directory when using mod_vhost_alias |
| with no VirtualScriptAlias directives. [Tony Finch] PR#6829 |
| |
| *) Move the check of the Expect request header field after the hook |
| for ap_post_read_request, since that is the only opportunity for |
| modules to handle Expect extensions. |
| [Justin Erenkrantz <jerenkrantz eBuilt.com>] |
| |
| *) Add default CacheGcInterval of one hour [ Chuck Murcko ] |
| |
| *) Each Netware thread is created in its own thread group to ensure |
| that any context change applies only to the thread in which the |
| change was made. [Brad Nicholes <BNICHOLES novell.com>] |
| |
| *) Relax the syntax checking of Host: headers in order to support |
| iDNS. [Tony Finch] PR#6635 |
| |
| *) Fix Content-Length calculation when doing Range header processing. |
| This makes PDF byteserving work again. [Tony Finch] PR#6711 |
| |
| *) Link with libresolv on UnixWare 7 so that PHP works. |
| [Larry Rosenman <ler lerctr.org>] PR#6780 |
| |
| *) Linux 2.2.x and later do not need a serialised single listener, |
| and sysv semaphores scale better than fcntl. Updated GuessOS |
| to distinguish 2.0.x from 2.2.x -- 2.0.x will still use fcntl. |
| [Andrew Morton <andrewm uow.edu.au>, Dean Gaudet] |
| |
| *) Eliminate caching problems of mod_autoindex results, so the last |
| modified date of the directory is returned as the Last-Modified |
| and ETag HTTP header tags are sent if IndexOptions TrackModified |
| directive/option is used. [William Rowe] |
| |
| *) Corrected file path arguments from server conf directives to |
| their canonical form (excluding OS2 - which uses alternate |
| logic.) Resolves a long list of PRs reporting that Win32 paths |
| of the syntax x:\foo were mis-concatinated to the server root |
| as of release 1.3.14. [William Rowe] |
| |
| *) Correct an issue with Alias and ScriptAlias directives that |
| file path arguments were not normalized in canonical form. |
| This correction makes no attempt to normalize regular expression |
| forms of Alias or ScriptAlias. [William Rowe] |
| |
| *) Add a new LogFormat directive, %c, that will log connection |
| status at the end of the response as follows: |
| 'X' - connection aborted before the response completed. |
| '+' - connection may be kept-alive by the server. |
| '-' - connection will be closed by the server. |
| [Bill Stoddard <stoddard apache.org>] |
| |
| *) Normalize all NetWare config directive paths and filespecs to |
| their canonical names. [Brad Nicholes <bnicholes novell.com>] |
| |
| *) Update the mime.types file to the registered media types as |
| of 2000-10-19. [Carsten Klapp <carsten.klapp home.net>, |
| Tony Finch] PR#6613 |
| |
| *) Restore functionality broken by the mod_rewrite security fix: |
| rewrite map lookup keys and default values are now expanded |
| so that the lookup can depend on the requested URI etc. |
| [Tony Finch] PR #6671 |
| |
| Changes with Apache 1.3.14 |
| |
| *) Fixes to allow compilation on NetWare [Brad Nicholes |
| <bnicholes novell.com>] |
| |
| Changes with Apache 1.3.13 [not released] |
| |
| *) NOTE: A number of Win32 symbols were exported without explicit |
| declaration in the ApacheCore.def file. These are now exported |
| with the same ordinal export values from 1.3.12, but are now |
| named consistent with Apache's conventions. [William Rowe] |
| |
| *) Add support for a "conf directory" which operates similar to |
| /etc/rc.d/init. Basically, if a config file is actually a |
| directory, all the files in that directory will be parsed |
| as conf files. PR #6397 [Jim Jagielski, Lionel Clark |
| <bishop platypus.bc.ca>] |
| |
| *) Initial support added for mod_proxy under MPE/iX. |
| [Mark Bixby <mark_bixby hp.com>] |
| |
| *) Refined UID/GID management and permissions on MPE/iX to deal |
| with some limitations. [Mark Bixby <mark_bixby hp.com>] |
| |
| *) Updated the MPE DSO code to be compatible with an OS patch that |
| fixed an earlier DSO problem, #include tweakage required for |
| using apxs to build modules without access to the full source |
| tree, and other minor MPE tweaks. |
| [Mark Bixby <mark_bixby hp.com>] |
| |
| *) SECURITY: Tighten up the syntax checking of Host: headers to fix a |
| security bug in some mass virtual hosting configurations |
| that can allow a remote attacker to retrieve some files |
| on the system that should be inaccessible. [Tony Finch] |
| |
| *) Add support for /, //, //servername and //server/sharename |
| parsing of <Directory > blocks under Win32 and OS2. |
| [Tim Costello, William Rowe, Brian Havard] |
| |
| *) Expand dbmmanage to allow -d -m -s -p options for Crypt, MD5, |
| SHA1 and plaintext password encodings. Make feature tests a |
| bit more flexible. [William Rowe] |
| |
| *) SECURITY: CVE-2000-0913 (cve.mitre.org) |
| Fix a security problem that affects some configurations of |
| mod_rewrite. If the result of a RewriteRule is a filename that |
| contains expansion specifiers, especially regexp backreferences |
| $0..$9 and %0..%9, then it may have been possible for an attacker |
| to access any file on the web server. [Tony Finch] |
| |
| *) Add mod_auth_dbm (sdbm flavor) binary build for Win32. |
| [William Rowe] |
| |
| *) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2) |
| as well as a comment arg to the add, adduser and update cmds. |
| update allows the user to clear or preserve pw/groups/comment. |
| Fixed a bug in dbmmanage that prevented the check option from |
| parsing a password followed by :group... text. Corrected the |
| seed calcualation for Win32 systems, and added -lsdbm support. |
| [William Rowe] |
| |
| *) Radical surgery to improve mod_isapi support under Win32. |
| Includes a number of newer ServerSupportFunction calls, support |
| for ReadClient (in order to retrieve POSTs greater than 48KB), |
| and general bug fixes to more reliably load ISAPI .dll's and |
| prevent leaking handle resources. Note: There are still |
| discrepancies between IIS's and Apache's ServerVariables, and |
| async calls are still not supported. Additional warnings are |
| logged to facilitate debugging of unsupported ISAPI calls. |
| [William Rowe] |
| |
| *) Update Configure script to allow building Apache on IBM's |
| IA64 version of AIX. [Paul Reder] |
| |
| *) NameVirtualHost can now take "*" as an argument instead of |
| an IP address. This allows you to create a purely name-based |
| virtual hosting server that does not have any IP addresses in |
| the configuration file and which ignores the local address |
| of any connections. PR #5595, PR #4455 [Tony Finch] |
| |
| *) Fix processing/merging of Remove* MIME directives. |
| PR #5597 [Sander van Zoest <sander covalent.net>] |
| |
| *) Fix merging of AddDefaultCharset directive. |
| PR #5872 [Jun Kuriyama <kuriyama imgsrc.co.jp>] |
| |
| *) Win32: Work around bug in Win32 select on network reads. Select |
| can indicate a socket has data to read, but the subsequent read |
| can return WSAEWOULDBLOCK. This problem has been observed |
| when running with SSL enabled Apache, specifically, browsers |
| sometimes cannot complete the SSL handshake when an SGC |
| certificate is used, receiving a network error message. |
| [Richard Scholz <richard.scholz subito.de>] |
| |
| *) Use "accept filtering" on recent versions of FreeBSD iff the |
| kernel is configured to support them. This allows Apache to avoid |
| having to handle new connections until the request has arrived. |
| [Tony Finch] |
| |
| *) Fix error handling in make_sock. [Tony Finch] |
| |
| *) The htdocs/ tree has been moved out of the CVS source tree into |
| a separate area for easier development. This has NO EFFECT on |
| end-users or Apache installations. [Ken Coar] |
| |
| *) Fix problem matching Configure guessos on HP-UX 10. |
| [Victor J. Orlikowski] PR#6015 |
| |
| *) Correct the problem where the only local host name that the IP stack |
| can discover are 'undotted' private names. If no fully qualified |
| domain name can be identified, the default ServerName will be set to |
| the machine's IP address string. A warning is provided if Apache has |
| to assume the IP dotted address string or the localhost/loopback |
| address as the ServerName. The default ServerName is removed from |
| the default Win32 httpd.conf file. [William Rowe] |
| |
| *) Add new directives RemoveType and RemoveEncoding to accompany the |
| RemoveHandler directive added in 1.3.4. AddType, AddEncoding, and |
| AddHandler now all have corresponding 'undo' directives. This allows |
| things like marking foo.tar.gz.asc as *not* being gzipped, so it will be |
| correctly interpreted as an unzipped signature of a gzipped file. |
| [Ken Coar] |
| |
| *) Win32 NT and 2000 services now capture stderr messages that occur |
| before Apache's logs are opened to the Application Event Log. |
| Console and Win9x services now hold the console open for 30 seconds |
| (and may be dismissed with the <ESC> key) if they exit with an error. |
| [William Rowe] |
| |
| *) Expand Win32 protection for pathname length, to provide protection |
| from future potential bugs such as that which caused directory index |
| to be displayed rather than returning an error. |
| [William Rowe, Allan Edwards <ake raleigh.ibm.com>] |
| |
| *) USE_SYSVSEM_SERIALIZED_ACCEPT locking on OS/390 |
| [Ovies Brabson] |
| |
| *) Change Win32 the isProcessService() routine to compensate for other |
| helper apps that invoke Apache.exe without a console. Recognize that |
| we are running NT, and use the STARTF_FORCEOFFFEEDBACK flag to be |
| sure that the SCM has invoked the process. [William Rowe, |
| Jim Patterson <jim-patterson ncf.ca>, Kevin Kiley <TOKILEY aol.com>] |
| |
| *) Export from Win32 the ap_start_shutdown and ap_start_restart symbols |
| for modules and executables dynamically linked to the core. |
| [William Rowe; Jim Patterson <jim-patterson ncf.ca>] |
| |
| *) SECURITY: CVE-2000-1204 (cve.mitre.org) |
| Prevent the source code for CGIs from being revealed when |
| using mod_vhost_alias and the CGI directory is under the document root |
| and a user makes a request like http://www.example.com//cgi-bin/cgi |
| as reported in <news:960999105.344321 ernani.logica.co.uk> |
| [Tony Finch] |
| |
| *) Under Win32, The console input mode is fixed to ignore mouse events |
| and always listen for a Ctrl+C interrupt, even if the console window |
| defaults to another mode. [William Rowe] |
| |
| *) All Win32 services will now perform a graceful restart when given |
| the -n servicename -k restart signal. No equivilant control exists |
| in the service control panel applet or through the NET command. |
| There is no useful acknowledgement on Windows 95/98, however. |
| [William Rowe] |
| |
| *) Significant overhaul of the Win32 port documentation contained in |
| the README-WIN.TXT, as well as the htdocs/manual pages windows.html, |
| win_compiling.html, and the new win_service.html. |
| [Andrew Braund <abraund dingoblue.net.au>, William Rowe] |
| |
| *) Add 'services' for Windows 95 and 98, including install/uninstall |
| options. The Apache server therefore can start when the OS loads, |
| and will not stop between logoffs. This implementation remains |
| -HIGHLY EXPERIMENTAL-. Additional changes provide for clean shutdown |
| of Win95/98 when Apache is running as a 'service' or a console. |
| [William Rowe, Jan Just Keijser <KEIJSERJJ logica.com>] |
| |
| *) USE_PTHREAD_SERIALIZED_ACCEPT on AIX 4.3 and above. This change |
| provides a substantial performance improvement on multi-CPU |
| machines serving large numbers of concurrent clients. |
| [Victor J. Orlikowski <vjo raleigh.ibm.com>] |
| |
| *) Brought httpd.conf-dist-win into sync with httpd.conf-dist, and added |
| explicit documentation of many Win32 specific features. [William Rowe] |
| |
| *) Convert Win32 build files (.dsp) to MSVC 6.0 format, and add perl |
| scripts cvstodsp5.pl and dsp5tocvs.pl for portability to version 5.0. |
| [William Rowe] |
| |
| *) Fix mod_expires to merge its settings for Cache-Control into any |
| existing value for the field. It was unconditionally setting it, |
| wiping out anything from, say, a 'Header Append Cache-Control'. |
| [Ken Coar] PR#5769 |
| |
| *) Add Win32 option -k stop as an alias of -k shutdown, to correspond to |
| the NET START/NET STOP syntax. [William Rowe] |
| |
| *) Force Apache to test the Win32 config prior to any operation, |
| except the [-k shutdown -n service] and [-u -n service] combinations. |
| [William Rowe] |
| |
| *) Add Win32 Ctrl+C/Ctrl+Break/Close/Logoff/Shutdown handler. |
| [William Rowe, Jan Just Keijser <KEIJSERJJ logica.com>] |
| |
| *) Expand mod_setenvif so its directives can be used in <Files> and |
| <Directory> containers, and in .htaccess files when FileInfo |
| overriding is allowed. [Ken Coar] PR#3000 |
| |
| *) SECURITY: CVE-2000-0505 (cve.mitre.org) |
| Fix Win32 bug when pathname length exactly equals MAX_PATH. |
| This bug caused directory index to be displayed rather than |
| returning an error. [Allan Edwards <ake raleigh.ibm.com>] |
| |
| *) Correct mod_proxy Win95 dynamic link __declspec(thread) bug. |
| David Whitmarsh <david.whitmarsh dial.pipex.com> |
| PR: 1462, 2216, 3645 |
| |
| *) Changed Apache for NetWare build to link with XDC data which |
| marks the NLMs as being able to run on any processor. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Ported expat-lite to NetWare and integrated project files into the |
| ApacheNW.mcp. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Switched thread storage data mechanism on NetWare to use updated |
| system calls. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Fixed problem with multilanguage support that prevented Apache on |
| NetWare from displaying the correct language page. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Fixed memory leaks on NetWare port. When unloading Apache with |
| the developer option turned on NetWare would spew messages |
| complaining about unreleased resources. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Fixed a problem that prevented Apache on NetWare from shutting down |
| correctly when loading multiple instances in individual address |
| spaces. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Changed threading primitives to use faster more scalable calls. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Added -s option for NetWare port to allow Apache to run without a |
| screen. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Added code for NetWare port to display the listening ports and loaded |
| DSO modules to the console screen. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Removed ugly NetWare specific code from the modules and added libpre.c |
| and libprews.c instead. These files implement the NLM startup code |
| for shared NLMs (DSOs). The result of using these files is less |
| obtrusive code, faster load times, and a smaller executable size. |
| libprews.c contains WSAStartup and WSACleanup WinSock calls needed for |
| initialization and termination of DSO modules. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Moved htpasswd and htdigest projects files for NetWare into the main |
| ApacheNW.mcp project file. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Added mod_tls (SSL/TLS) module for NetWare SSL/TLS support. |
| [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Updated httpd.conf-dist-nw with <IfModule> directives around |
| standard DSO modules. [Mike Gardiner <mgardiner novell.com>] |
| |
| *) Correct mod_proxy Win32 garbage collection bug (clean failing |
| due to stat() against directory). |
| PR: 1891, 3278, 3640, 4139, 5997 |
| [Michael Friedel <mfriedel lbell.slctnet.com>] |
| |
| *) Add '-n' option to htpasswd to make it print its user:pw record |
| on stdout rather than having to frob a text file. [Ken Coar] |
| |
| *) Set default ServerName setting to 127.0.0.1 for the Windows |
| config file (httpd.conf-dist-win) |
| PR: 5509, 5783, 5953, 5903, 5983, 5259, 5515, 5858 |
| [Oliver Wendemuth <owendemuth ko.hbv.de>] |
| |
| *) [EBCDIC] Update mod_mmap_static so that an ebcdic box can use |
| MMapFile for files that shouldn't be converted from ebcdic->ascii. |
| [Greg Ames] |
| |
| *) Revamp the Win32 make environment. Apache.dsw created to bring |
| together all the pieces. Create new file os/win32/BaseAddr.ref |
| to define module base addresses (to prevent dll relocation at |
| start-up). Extraneous compiler files were removed (precompiled |
| headers, incremental link images), and .map files were added |
| for consistent diagnostics of gpfaults of the binary release. |
| [William Rowe, Greg Marr, Tim Costello, Bill Stoddard] |
| |
| *) Resolved Win32 mod_info (ApacheModuleInfo.dll) errors. |
| PR1442, PR2472, PR4125, PR1643 and PR2208 |
| Jim Patterson, Jan Just Keijser <KEIJSERJJ logica.com> |
| |
| *) Add some more error reporting to htpasswd in the case of problems |
| generating or accessing the temporary file. Also, pass in a |
| buffer if the implementation knows how to use it (i.e., if L_tmpnam |
| is defined). [Ken Coar] PR#3945, 5253, 5383, 5558 |
| |
| *) PORT: Add recognition of the GNU/Hurd platform. |
| [Adam Farrell <skate111 stampede.org>] |
| |
| *) More FAQs and answers from comp.infosystems.www.servers.unix. |
| [Joshua Slive <slive finance.commerce.ubc.ca>] |
| |
| *) Win32: Add dependency checking to the CreateService call to ensure |
| TCPIP and AFP (winsock) are started before Apache. |
| [William Rowe <wrowe lnd.com>] |
| |
| *) FAQ changes related to tidying up historical documents on the web site. |
| [Joshua Slive <slive finance.commerce.ubc.ca>] |
| |
| *) Various fixes to mod_auth_digest: |
| - Reworked MD5-sess stuff. The semantics of userpw_hash() have been |
| changed for it to return |
| MD5(MD5(username ":" realm ":" password) ":" nonce ":" cnonce) |
| instead of just |
| MD5(username ":" realm ":" password) |
| because one of the points of MD5-sess is to allow the info to be |
| retrieved from login servers so that the server itself never has |
| the full auth info (after all, MD5(u/r/p) is equivalent to the |
| password for auth purposes). |
| - In order to allow for servers to share a realm the server-name |
| and port have been removed from the nonce-hash. Even so, sharing |
| the realm has problems - see the new comments at the beginning. |
| - Fixed uri-comparison when request-uri isn't identical to uri in |
| Authorization header (some fields were not being initialized). |
| - Handle non-FQDN's (i.e. simple hostnames) in uri parameter in |
| the Authorization header. Thanks to Joe Orton |
| <joe orton.demon.co.uk> for pointing out the problem. |
| [Ronald Tschalär] |
| |
| *) Add case_preserved_filename field to the request_rec structure. |
| On systems with case insensitive file systems (Windows, OS/2, etc.), |
| r->filename is case canonicalized (folded to either lower or upper |
| case, depending on the specific system) to accomodate file access |
| checking. case_preserved_filename is the same as r->filename |
| except case is preserved. There is at least one instance where Apache |
| needs access to the case preserved filename: Java class files published |
| with WebDAV need to preserve filename case to make the Java compiler |
| happy. [Bill Stoddard] |
| |
| *) Put in Korean and Norwegian index.html pages (2.0 and 1.3) |
| which where donated by Lee Kuk Hyun and Lorant Czaran [dirkx]. |
| |
| *) Modules which load third-party DLLs (ala mod_dav) |
| expect them to be in the path or cwd. Tweak the |
| service startup code to not only change to correct |
| drive but also correct directory. |
| [Keith Wannamaker <wannamaker us.ibm.com>] |
| |
| *) WinNT: Do a better job at handling spaces in service names. |
| Add the util function ap_remove_spaces and export it on all |
| platforms. Change some Win32 service and registry functions to |
| make use of this new function. |
| [Keith Wannamaker <wannamaker us.ibm.com>] |
| |
| *) use send/recv instead of write/read in proxy_connect -- fixes |
| https through proxy on NT. [<willem.vanpelt philips.com>] |
| PR 5963, 5899, 5823, 5107, 4990?, 4885, 4680, 4468, 3801, 2014 |
| |
| *) [EBCDIC] Make chunked encoding work again; it was broken by the |
| recent CRLF macro changes. An oversight. [Martin Kraemer] |
| |
| *) Work around a popular restriction of some sed(1)'s in APACI where |
| "1,/<pattern>/" commands start searching for <pattern> at line 2 only. |
| [Ralf S. Engelschall] |
| |
| *) Merged in a small subset of SGI's latest `10x' patchkit for Apache |
| 1.3.11. The extracted and merged in parts are entirely cleanup and |
| non-performance related changes only. SGI's remaining changes are |
| not taken over, because they are either cluttering the Apache 1.3 |
| sources too much (e.g. the lint(1) related changes) or cause too |
| much internal changes (e.g. the ap_int32 types, etc.) which are not |
| reasonable to do any longer for Apache 1.3 (they should be done for |
| Apache 2.0 instead). |
| [Mike Abbott <mja sgi.com>, Ralf S. Engelschall] |
| |
| *) Fixes to mod_proxy for BeOS support. |
| [David Reid <dreid jetnet.co.uk>] |
| |
| *) Fix return value calculation in APXS' error messages. |
| This should avoid the confusion on APXS errors. |
| [Ralf S. Engelschall] |
| |
| *) Make ApacheBench (ab) compile again stand-alone under |
| -DNO_APACHE_INCLUDES. |
| [Ralf S. Engelschall] |
| |
| *) The ServerTokens directive now accepts the 'ProductOnly' keyword, |
| which results in the display of just 'Apache' with no version |
| information. Additional product tokens are still only visible |
| with ServerTokens Full. In addition, ServerTokens now complains |
| about bogus keywords (which it used to silently treat as 'Full'). |
| [Ken Coar] |
| |
| Changes with Apache 1.3.12 |
| |
| *) Only OS/2 requires the addition "t" flag for ap_pfopen() |
| (as therefore fopen() as well). This is handled by the |
| FOPEN_REQUIRES_T macro. [Ian Turner <iant sequent.com>, |
| Jim Jagielski] PR#5760 |
| |
| *) The default charset is only added, when enabled, for those |
| Content-types which require it (text/plain, text/html). |
| [Jim Jagielski] PR#5766 |
| |
| *) Fix handling of multiple queries in APXS commands (e.g. "apxs -q |
| CC CFLAGS") and make sure Perl-related command line options (which |
| can contain the "::" constructs) do no longer cause an incorrect |
| internal parsing of the query result. |
| [Ralf S. Engelschall, Steve Robb <steve eu.c2.net>] |
| |
| *) Avoid infinite looping in APACI's configure script |
| inside Ultrix' /bin/sh5 upgrade step. |
| [Jan Gallo <gallo viapvt.sk>, Ralf S. Engelschall] PR#4940 |
| |
| *) PORT: Add support for Amdahl UTS 4.3 and later. |
| [Dave Dykstra <dwd bell-labs.com>] PR#5654 |
| |
| *) Make implementation/descriptions of the FLAG directives |
| AuthAuthoritative, MetaFiles and ExtendedStatus consistent with |
| documentation and the standard way of implementation those directives. |
| [David MacKenzie <djm web.us.uu.net>, Ralf S. Engelschall] PR#5642 |
| |
| *) Cast integer ap_wait_t values in http_main.c to get rid of compile |
| time errors on platforms where "ap_wait_t" is not defined as "int" |
| (currently only the NEXT and UTS21 platforms). |
| [Gary Bickford <garyb fxt.com>, Ralf S. Engelschall] PR#5053 |
| |
| *) The default suexec path was HTTPD_ROOT/sbin/suexec if not |
| configured via APACI. Changed to HTTPD_ROOT/bin/suexec. |
| [Lars Eilebrecht] |
| |
| *) Add an explicit charset=iso-8859-1 to pages generated by |
| ap_send_error_response(), such as the default 404 page. |
| [Marc Slemko] |
| |
| *) Add the AddDefaultCharset directive. This allows you to specify |
| the given character set on any document that does not have one |
| explicitly specified in the headers. [Marc Slemko, Jim Jagielski] |
| |
| *) SECURITY: CVE-2000-1205 (cve.mitre.org) |
| Properly escape various messages output to the client from a number |
| of modules and places in the core code. [Marc Slemko] |
| |
| *) SECURITY: CVE-2000-1205 (cve.mitre.org) |
| Change mod_actions, mod_autoindex, mod_expires, and mod_log_config to |
| not consider any parameters such as charset when making decisions |
| based on content type. This does remove some functionality for |
| some users, but means that when these modules are configured to do |
| particular things with particular MIME types, the charset should |
| not be included. A better way of addressing this for users who |
| want to set things on a per charset basis is necessary in the future. |
| [Marc Slemko] |
| |
| *) SECURITY: CVE-2000-1205 (cve.mitre.org) |
| mod_include now entity encodes output from "printenv" and "echo var" |
| by default. The encoding for "echo var" can be set to URL encoding |
| or no encoding using the new "encoding" attribute to the echo tag. |
| [Marc Slemko] |
| |
| Changes with Apache 1.3.11 |
| |
| *) MPE builds are no longer stripped, which caused the executable |
| to not work. [Mark Bixby] |
| |
| Changes with Apache 1.3.10 |
| |
| *) Fixed parsing of TAKE13-based configuration directives. |
| [Steffen Roller <sr daa.de>] PR#5550 |
| |
| *) rename the lookup() function to hashTableLookup() (in expat-lite) |
| to prevent name clashes with modules / third-party software. |
| [Ralf S. Engelschall, Greg Stein] |
| |
| *) Reduce the time that a parent waits for its children to die |
| after SIGKILL has been sent, since there isn't much point in waiting |
| another 16 seconds beyond the initial SIGTERM waiting period. |
| [Ed Korthof] |
| |
| *) Add --suexec-umask option to configure, and severity levels |
| to suexec log messages. Also clarify a couple of those messages, |
| which were perhaps a bit too cryptic. [Ken Coar] PR#4178 |
| |
| *) The end_chunk() code forgot to convert the trailing CRLF pair |
| from EBCDIC to ASCII. Fixed. [Martin Kraemer] |
| |
| *) An Action set for a Location that didn't correspond to a file didn't |
| work. Fixed. |
| [Manoj Kasichainula, Ben Laurie] |
| |
| *) ProxyPass and mod_rewrite's proxy mode erroneously converted |
| authentication requests to proxy authentication requests. |
| [Ben Laurie] |
| |
| *) Reverse a patch which broke HPUX shared builds. Basically |
| we comment out the SHLIB_SUFFIX_NAME=sl line in Configure. |
| [Ryan Bloom] |
| |
| *) Added the mod_rewrite `URL Rewriting Guide' to the online |
| documentation (htdocs/manual/misc/rewriteguide.html). This paper |
| provides a large collection of practical solutions to URL based |
| problems a webmaster is often confronted with. |
| [Ralf S. Engelschall] |
| |
| *) Add a suexec status report to the '-l' (compiled-in modules) |
| output. [Ken Coar] |
| |
| *) Changes to enable server-parsed mod_autoindex Header and |
| Readme files. [Raymond S Brand <rsbx rsbx.net>] |
| |
| *) Add back support for UseCanonicalName in <Directory> containers |
| [Manoj Kasichainula] |
| |
| *) SECURITY: CVE-2000-1206 (cve.mitre.org) |
| More rigorous checking of Host: headers to fix security |
| problems with mass name-based virtual hosting (whether using mod_rewrite |
| or mod_vhost_alias). |
| [Ben Hyde, Tony Finch] |
| |
| *) Updated README.config to reflect current APACI state. |
| [Brian Slesinsky <bslesins best.com>] PR#5397 |
| |
| *) Added SuSE and BSDI layouts to config.layout for convinience reasons. |
| [Sebastian Helms <sebastian.helms gmx.de>, Timur Bakeyev |
| <timur com.bat.ru>] PR#5112 PR#5154 |
| |
| *) Consistency cleanup of the complete APXS tool and corresponding manpage. |
| [Ralf S. Engelschall] |
| |
| *) Add %q logging format directive (logs "?" and the query string part |
| of a query, or the empty string if no query). |
| Can be used in combination with %m, %U and %H: "%m %U%q %H" is the |
| same as "%r". [Peter Watkins <peterw usa.net>] |
| |
| *) Improve OS390 port to work on older system releases |
| [Paul Gilmartin <pg sweng.stortek.com>] |
| |
| *) Enhance mod_mime with an AddCharset directive to properly handle |
| that negotiation dimension. |
| [Youichirou Koga <y-koga isoternet.org>] |
| |
| *) OS: Added first cut at support for IBM's OS/390. |
| [Ovies Brabson <oviesb us.ibm.com>] |
| |
| *) Replace all occurrences of "\012\015" by a macro CRLF. This makes |
| the code (somewhat) more readable, and improves the portability |
| to character sets other than ASCII (e.g., EBCDIC). |
| This patch results in no functional change whatsoever on ASCII |
| machines, but allows EBCDIC platforms to live without the |
| ebcdic2ascii_strictly() kludge. |
| [Paul Gilmartin <pg sweng.stortek.com>, slightly modified |
| by Martin Kraemer] |
| |
| *) more fixes to mod_auth_digest: |
| - better comparing of request-uri with uri parameter in Authorization |
| header |
| - added a check for a MUST condition in the spec |
| - fixed SEGV |
| [Ronald Tschalär] |
| |
| *) mod_proxy now works on TPF. |
| [Joe Moenich <moenich us.ibm.com>] |
| |
| *) Enhance mod_actions' Script handling to be able to deal with |
| arbitrary methods and not just the well-known ones. This allows |
| experimental or organisation-private methods to be used without |
| waiting for Apache to catch up. |
| [Ken Coar] |
| |
| *) Fix various compile time warnings in hashbang_emul code which |
| prevent successful compilation on OS/390 [Ovies Brabson |
| <oviesb us.ibm.com>, Paul Gilmartin <pg sweng.stortek.com>] |
| |
| *) EBCDIC: Fixed binary upload capability (plain and chunked) for |
| all methods using the ap_*_client_block() functions, most notably |
| POST and PUT. The functionality to switch input between protocol |
| parts (chunks) and (possibly binary) data had been missing all |
| the time, making chunked PUT impossible until now. |
| [Martin Kraemer] |
| |
| *) Fixed a recently introduced off-by-one-character bug in |
| mod_rewrite's expansion of expression back-references. |
| [Cliff Woolley <jwoolley wlu.edu>] PR#4766 PR#5389 |
| |
| *) Add IndexOptions DescriptionWidth so that the width of the |
| description field in fancy-indexed directory listings can |
| be specified. |
| [Ken Coar] PR#2324, plus lots that are closed unsatisfied |
| |
| *) EBCDIC: Escaped characters were encoding the ebcdic representation |
| of the special characters, not the latin1 representation. This |
| would result in invalid URI's for, e.g., filenames (with special chars) |
| in mod_autoindex.c [Martin Kraemer] |
| |
| *) EBCDIC: Fix Byte Ranges for EBCDIC platforms. The necessary switch |
| between implied conversion for protocol parts and configured |
| conversion for document data was missing. The effect of this was that |
| PDF files could not be read by Acrobat Reader (which sends long |
| lists of byte ranges in each request) when the server was apache |
| on ebcdic machines. |
| [Noted by Oliver Reh <Oliver.Reh FAEDV-N.Bayern.de>, solved by Martin |
| Kraemer, warnings fixed by Ovies Brabson <oviesb us.ibm.com>] |
| |
| *) Add IndexOptions FoldersFirst to allow fancy-indexed directory |
| listings to have the subdirectories always listed at the top. |
| [Ken Coar] |
| |
| *) BS2000: Use send() instead of write() in the core buff routines |
| for better performance and fewer restrictions (max. transfer size) |
| [Martin Kraemer] |
| |
| *) If the compiler sanity check fails, force the verbose output |
| for TestCompile so people can have a clue what the problem |
| is. [Jim Jagielski] |
| |
| *) Add --iconsdir, --htdocsdir, and --cgidir option to top-level |
| configure script to allow one to override the corresponding |
| variables from config.layout. |
| [Ralf S. Engelschall] |
| |
| *) Fixed `quad integer' (aka `long long') handling in ap_snprintf.c |
| [Jim Jagielski, Ralf S. Engelschall] |
| |
| *) Fixed error handling in dbmmanage script. |
| [Andrew McRae <andrew liquid.com>] PR#4973 |
| |
| *) Fixed NEXT/OpenStep building by adding an fallback typedef for |
| rlim_t to ap_config.h. |
| [Mark Miller <markm swoon.net>] PR#4906 |
| |
| *) Fix SHARED_CORE feature for HPUX by backing-out a change (comitted |
| between 1.3.7 and 1.3.9) which changed the DSO extension from `sl' to |
| `so'. This worked only for modules (where we load the DSO manually), but |
| horribly fails under HPUX for DSO-based/shared libraries (where our |
| $SHLIB_SUFFIX_NAME is used, too). |
| [Gary Silverman <gary.silverman abnamro.com>] PR#4974 |
| |
| *) Added support for Berkeley-DB/3.x to mod_auth_db. |
| [Steve Atkins <steve blighty.com>, Ralf S. Engelschall] PR#5382 |
| |
| *) Fixed mod_auth_digest.c: result of an open() call was being |
| checked against the wrong failure value. |
| [Rick Ohnemus <rjohnemus systemware-inc.com>] PR#5292 |
| |
| *) Removed the variable name "template" from a prototype for SunOS4 |
| in ap_config.h to make C++ compiler happy, too. |
| [SAKAI Kiyotaka <ksakai netwk.ntt-at.co.jp>] PR#5363 |
| |
| *) Added missing links to htdocs/manual/mod/directives.html |
| for AllowCONNECT and ProxyDomain. [Patrik Grip-Jansson |
| <patrikj gnulix.org>, Ralf S. Engelschall] PR#5319 |
| |
| *) Fixed typo in htdocs/manual/install.html. |
| [Chris Pepper <pepper tgg.com>] PR#5360 |
| |
| *) Fix $AWK/awk usage in top-level configure script: We confused ourself and |
| replaced the wrong "$AWK" with a plain "awk" in the last releases. So we |
| now both fix this and move the comment which already tried to explain it |
| more closer to the location to which it applies. |
| [Paul Gilmartin <pg sweng.stortek.com>, Ralf S. Engelschall] PR#5304 |
| |
| *) Replaced pipes with commas in GuessOS' fallback output (displayed for not |
| explicitly recognized platforms) to avoid side-effects with APACI's |
| --shadow feature and similar uses where GuessOS' output is used directly |
| on the filesystem (where pipes are meta-characters!). |
| [Paul Gilmartin <pg sweng.stortek.com>] PR#5303 |
| |
| *) Made stripping of a trailing slash in directory names in top-level |
| configure script more robust and this way support also a plain `/' |
| as the argument without resulting in an empty name. |
| [Matthias Lohmann <lohm lynet.de>, Ralf S. Engelschall] PR#5291 |
| |
| *) Made `tr' usage in top-level configure script more portable |
| by always using square brackets consistently. |
| [Masashi Kizaki <kizaki cpo.dnp.co.jp>] PR#5230 |
| |
| *) Fixed ap_config_auto.h generation in src/Configure: there for the ``quad |
| integer'' stuff ``#ifndef+#undef+#endif'' pairs were generated instead of |
| ``#ifdef+#undef+#endif'' pairs. |
| [Greg Siebers <gsiebers vignette.com>] PR#5231 |
| |
| *) EBCDIC: fix the hsregex package to correctly deal with [a-zA-Z] type |
| character ranges (the alphabet is non-contiguous in EBCDIC) and with |
| the special [:cntrl:] range (the control character class is determined |
| dynamically at run time). [Martin Kraemer] |
| |
| *) Add --with-port option to APACI. [Ian Kallen <spidaman salon.com>] |
| |
| *) Fixed QUERY_STRING handling for `RewriteRule ... [P]' |
| in per-directory context. |
| [Martin Zeh <martin.zeh sat1.de>] PR#5073 |
| |
| *) Overhauled mod_rewrite's general substitution function |
| (expand_backref_inbuffer): 1. The `$0' backreference is now officially |
| allowed and documented and references the while pattern space; 2. the |
| ampersamp (&) backreference (which is equal to $0) is no longer expanded, |
| because it was never documented and only leads to confusion with |
| QUERY_STRINGS; 3. backslashes (\) are honored correctly, that is `\$N' |
| now really forces the dollar to be an ordinary character and $N is |
| not expanded. |
| [Ralf S. Engelschall] PR#4766 PR#4161 |
| |
| *) Make sure mod_rewrite escapes QUERY_STRINGS on redirects. |
| [Klaus Johannes Rusch <KlausRusch atmedia.net>] PR#4734 |
| |
| *) Make sure mod_rewrite matches URL schemes case-insensitive and also allow |
| additional (commonly used) URL schemes ldap:, news: and mailto:. |
| [Ralf S. Engelschall, Klaus Johannes Rusch <KlausRusch atmedia.net>] PR#3140 |
| |
| *) Overhauled ApacheBench (ab) manpage ab.8. |
| [Simon Baldwin <simonb sco.com>] PR#5139 |
| |
| *) Made sure ApacheBench (ab) performs no more requests than |
| specified on command line (option -n). |
| [Jim Cox <jc superlink.net>] PR#4839 |
| |
| *) Support DSOs properly on 32-bit HP-UX 11.0 |
| [Dilip Khandekar <dilip cup.hp.com>] |
| |
| *) Fix problem with proxy configuration where globally set configuration |
| options were overridden inside virtual hosts. |
| [Graham Leggett <minfrin sharp.fm>] |
| |
| *) Fix ProxyReceiveBufferSize where default value was left uninitialised. |
| [Graham Leggett <minfrin sharp.fm>] |
| |
| *) Added a CLF '-' respecting %B to the log format. |
| Suggested by Ragnar Kjørstad [dirkx] |
| |
| *) Added protocol(%H)/method(%m) logging to the log format. |
| Suggested by Peter W <peterw usa.net> [dirkx] |
| |
| *) Added a HEAD method to 'ab'. [dirkx] |
| |
| *) When generating the Location: header, mod_speling forgot |
| to escape the spelling-fixed uri. [Martin Kraemer] |
| |
| *) Update for the next release of the TPF OS (PUT11) |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) Add some compile-time flags to the output when -V is used for TPF |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) mod_auth_digest fixes: |
| - Use unix-io instead of stdio to read /dev/random (fixes problems |
| on FreeBSD) |
| [Kano <tomo crane-inc.co.jp>] PR#4967 |
| - Correctly unescape all parts of the request uri and the uri |
| attribute of the Authorization header before doing comparison |
| [Joe Orton <joe orton.demon.co.uk>, Ronald Tschalär] |
| - Fixes for MD5-sess |
| [Joe Orton <joe orton.demon.co.uk>] |
| - Don't send a domain attribute in Proxy-Authenticate |
| [Ronald Tschalär] |
| |
| *) ap_base64decode_binary does not null-terminate the output anymore |
| [Bill Stoddard, Ronald Tschalär] |
| |
| *) WIN32: The following bugs introduced in Apache 1.3.9 have been fixed |
| - CGIs broken if script calls other programs which deliver on stdout |
| (Search this file for "DETACHED") |
| - 16 bit CGIs should work now |
| - Server will not start if passed the -d option with spaces in the |
| argument. [Bill Stoddard] |
| |
| *) WIN32: GetExtensionVersion() comparison in mod_isapi fails when |
| using some non-MS compilers [Bill Stoddard] |
| PR#3597, PR#3782, PR#3781, PR#4887 |
| |
| *) Allow BeOS to use its native closesocket() call |
| [David Reid <abb37 dial.pipex.com>] |
| |
| *) More TPF changes. Code reorganization for cleanliness, regex |
| changes for testing, as well as doc and build updates. |
| [David McCreedy <McCreedy us.ibm.com> and others at IBM] |
| |
| *) Add TPF processing for the socket read to the rfc1413 code. |
| [David McCreedy <McCreedy us.ibm.com> and others at IBM] |
| |
| *) Require the batch (-b) option and default to MD5 on TPF in htpasswd. |
| [David McCreedy <McCreedy us.ibm.com> and others at IBM] |
| |
| *) Move "handler not found" warning message to below the check |
| for a wildcard handler. [Dirk <dirkm teleport.com>, Roy Fielding] |
| PR#2584, PR#2751, PR#3349, PR#3436, PR#3548, PR#4384, PR#4795, PR#4807 |
| |
| *) Build errors in src/support stop with an error, just like all the |
| other recursive make calls. [David Harris <dharris drh.net>] |
| |
| |
| Changes with Apache 1.3.9 |
| |
| *) Remove bogus error message when a redirect doesn't set Location. |
| Instead, use an empty string to avoid coredump if the error message |
| was supposed to include a location. [Roy Fielding] |
| |
| *) Don't allow configure to include mod_auth_digest unless it is |
| explicitly requested, even if the user asked for all modules. |
| [Roy Fielding] |
| |
| *) Translate module names to dll names for OS/2 so that they are no more |
| than 8 characters long and have an extension of "dll" instead of "so". |
| [Brian Havard] |
| |
| *) Print out pointer to Rule DEV_RANDOM when truerand lib not found. |
| Fix test-compile check to check for randbyte instead of trand32. |
| Use ap_base64encode_binary/decode instead of copy in mod_auth_digest.c |
| and tweak to make Amaya happier. [Ronald Tschalär] |
| |
| *) Ensure that the installed expat include files are world readable, |
| just like the other header files. [Martin Kraemer] |
| |
| *) Fixed generated AddModule adjustments in APACI's `configure' script |
| in order to allow (new) modules like mod_vhost_alias to be handled |
| correctly (which was touched by the adjustments for mod_alias). |
| [Ralf S. Engelschall] |
| |
| *) For binary builds, add -R flag to apachectl to work around the lack of |
| an absolute path to the ./libexec directory where the libhttp.ep file |
| is needed for SHARED_CORE architectures. [Randy Terbush] |
| |
| *) WIN32: Create the CGI script process as DETACHED. This may solve the |
| problem observed by some Win95/98 users where they get CGI script |
| output sent to the console. [Bill Stoddard] |
| |
| *) Fix (re)naming in the uuencode/decode section. The ap/ap_ |
| routines are now called ap_base64* and are 'plain' (i.e., no |
| pool access or anything clever). Inside util.c the routines acting |
| like pstrdup are called ap_pbase64encode() and ap_pbase64decode(). |
| The oddly named ap_uuencode(), ap_uudecode() are kept around for |
| now but deprecated. [dirkx] |
| |
| *) Clean up the base64 and SHA1 additions and make sure they are |
| represented in the ApacheCore.def, ApacheCoreOS2.def, and httpd.exp |
| files. [Roy Fielding] |
| |
| *) WIN32: Migrate to InstallShield 5.5 and provide a bit more error |
| checking. Allow compiling on VS 6.0. [Randy Terbush] |
| |
| *) Fixed assumption of absolute paths in binbuild.sh. [Tony Finch] |
| |
| *) Use TestCompile to search for the truerand library (rather than blindly |
| assuming its existence). If it is not found, complain (but do not |
| exit - yet). [Martin Kraemer] |
| |
| *) We forgot to add the new exported function names to |
| src/support/httpd.exp. [Bill Stoddard, Randy Terbush] |
| |
| *) Add description of -T command-line option to usage(). |
| [Ralf S. Engelschall] |
| |
| *) For "some" platforms (notably, EBCDIC based ones), libos needs to be |
| searched only AFTER libap has been searched, because libap needs |
| some symbols from libos. [Martin Kraemer] |
| |
| *) Fix conflict with original mod_digest related to the symbol of the |
| module dispatch list (which has to be unique for DSO and follow the |
| usual conventions for the installation procedure). |
| [Ralf S. Engelschall] |
| |
| *) Add a dbm-library check for the "usual places" (-ldbm, -lndbm, -ldb) |
| for other platforms as well. [Martin Kraemer] |
| |
| *) Make ap_sha1.c compile for EBCDIC platforms: replace remaining LONG |
| types by AP_LONG and replace reference to renamed variable 'ubuf' |
| by 'buffer'. [Martin Kraemer] |
| |
| Changes with Apache 1.3.8 [not released] |
| |
| *) Flush the output buffer immediately after sending an error or redirect |
| response, since the result may be needed by the client to abort a |
| long data transfer or restart a series of pipelined requests. |
| [Tom Vaughan <tvaughan aventail.com>, Roy Fielding] |
| |
| *) PORT: Improved compilation and DSO support on Sequent DYNIX/ptx. |
| [Ian Turner <iant sequent.com>] PR#4735 |
| |
| *) Local struct mmap in http_core.c conflicted with system structure |
| name on DYNIX -- changed to mmap_rec. [Roy Fielding] PR#4735 |
| |
| *) Added updated mod_digest as modules/experimental/mod_auth_digest. |
| [Ronald Tschalär <ronald innovation.ch>] |
| |
| *) Fix a memory leak where the module counts were getting messed |
| up across restarts. [David Harris <dharris drh.net>] |
| |
| *) CIDR addresses such as a.b.c.d/24 where d != 0 weren't handled |
| properly in mod_access. |
| ["Paul J. Reder" <rederpj raleigh.ibm.com>] PR#4770 |
| |
| *) RewriteLock/RewriteMap didn't work properly with virtual hosts. |
| [Dmitry Khrustalev <dima bog.msu.su>] PR#3874 |
| |
| *) PORT: Support for compaq/tandem/com. |
| [Michael Ottati <michael.ottati compaq.com>, dirkx] |
| |
| *) Added SHA1 password encryption support to easy migration from |
| Netscape servers. See support/SHA1 for more information. |
| Caused the separation of ap_md5.c into md5, sha1 and a general |
| ap_checkpass.c with just a validate_passwd routine. Added a |
| couple of flags to support/htpasswd. Some reuse of the to64() |
| function; hence renamed to ap_to64(). |
| [Dirk-Willem van Gulik, Clinton Wong <clintdw netcom.com>] |
| |
| *) Change for EBCDIC platforms (TPF and BS2000) to correctly deal |
| with ASCII/EBCDIC conversions in "ident" query. |
| [David McCreedy <McCreedy us.ibm.com>] |
| |
| *) Get rid of redefinition warning on MAC_OS_X_SERVER platform. |
| Change "Power Macintosh" to Power* so if uname prints "Power Book" |
| we're still happy on Rhapsody platforms. [Wilfredo Sanchez] |
| |
| *) Fix SIGSEGV on some systems because the Vary fix below included |
| a call to table_do with a variable argument list that was not |
| NULL terminated. Replaced with better implementation. [Roy Fielding] |
| |
| Changes with Apache 1.3.7 [not released] |
| |
| *) The "Vary" response header field is now sanitised right before |
| the header is sent back to the client. Multiple "Vary" fields |
| are combined, and duplicate tokens (e.g., "Vary: host, host" or |
| "Vary: host, negotiate, host, accept-language") are reduced to |
| single instances. This is a better solution than the force-no-vary |
| one (which is still valid for clients that can't cope with Vary |
| at all). [Dean Gaudet, Roy Fielding, Ken Coar] PR#3118 |
| |
| *) Portability changes for BeOS. [David Reid <abb37 dial.pipex.com>] |
| |
| *) Link DSO's with "gcc -shared" instead of "ld -Bshareable" at |
| least on Linux and FreeBSD for now. |
| [Rasmus Lerdorf] |
| |
| *) Win32: More apache -k restart work. Restarts are now honored |
| immediately and connections in the listen queue are -not- lost. |
| This is made possible by the use of the WSADuplicateSocket() |
| call. The listeners are opened in the parent, duplicated, then |
| the duplicates are passed to the child. The original listen sockets |
| are not closed by the parent across a restart, thus the listen queue |
| is preserved. |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Fix handling of case when a client has sent "Expect: 100-continue" |
| and we are going to respond with an error, but get stuck waiting to |
| discard the body in the pointless hope of preserving the connection. |
| [Roy Fielding, Joe Orton <jeo101 york.ac.uk>] PR#4499, PR#3806 |
| |
| *) Fix 'configure' to work correctly with SysV-based versions of |
| 'tr' (consistent with Configure's use as well). [Jim Jagielski] |
| |
| *) apxs: Add "-S var=val" option which allows for override of CFG_* |
| built-in values. Add "-e" option which works like -i but doesn't |
| install the DSO; useful for editing httpd.conf with apxs. Fix |
| editing code so that multiple invocations of apxs -a will not |
| create duplicate LoadModule/AddModule entries; apxs can now be |
| used to re- enable/disable a module. [Wilfredo Sanchez] |
| |
| *) Win32: Update the server to use Winsock 2. Specifically, link with |
| ws2_32.lib rather than wsock32.lib. This gives us access to |
| WSADuplcateSocket() in addition to some other enhanced comm APIs. |
| Win 95 users may need to update their TCP/IP stack to pick up |
| Winsock 2. (See http://www.microsoft.com/windows95/downloads/) |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Win32: Redirect CGI script stderr (script debug info) into the |
| error.log when CGI scripts fail. This makes Apache on Win32 |
| behave more like Unix. |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Fixed `httpd' usage display: -D was missing. |
| [Ralf S. Engelschall] PR#4614 |
| |
| *) Fix `make r' test procedure in src/regex/: ap_isprint was not found. |
| [Ralf S. Engelschall] PR#4561, PR#4562 |
| |
| *) OS/2: Fix problem with accept lock semaphores where server would die with |
| "OS2SEM: Error 105 getting accept lock. Exiting!" |
| [Brian Havard] PR#4505 |
| |
| *) Add DSO support for DGUX 4.x using gcc. Tested on x86 platforms. |
| [Randy Terbush <randy covalent.net>] |
| |
| *) Add the new mass-vhost module (mod_vhost_alias.c) developed and |
| used by Demon Internet, Ltd. [Tony Finch <fanf demon.net>] |
| |
| *) Better GCC detection for DSO flags under Solaris 2 where the `cc' |
| command potentially _is_ GCC. [Ralf S. Engelschall] |
| |
| *) Fix apxs build issues on AIX |
| [Rasmus Lerdorf <rasmus raleigh.ibm.com>] |
| |
| *) DocumentRoot Checking: Under previous versions, when Apache |
| first started up, it used to do a stat of each DocumentRoot to |
| see if it existed and was a directory. If not, then an error |
| message was printed. THIS HAS BEEN DISABLED. If DocumentRoot |
| does not exist, you will get error messages in error_log. If |
| the '-t' command line option is used (to check the configuration) |
| the check of DocumentRoot IS performed. An additional command |
| line option, '-T', has been added if you want to avoid the |
| DocumentRoot check even when checking the configuration. |
| [Jim Jagielski] |
| |
| *) Win32: The query switch "apache -S" didn't exit after showing the |
| vhost settings. That was inconsistent with the other query functions. |
| [Bill Stoddard - Fixed by Martin on Unix in 1.3.4] |
| |
| *) Win32: Changed behaviour of apache -k restart. |
| Previously, the server would drain all connections in the stack's |
| listen queue before honoring the restart. On a busy server, this |
| could take hours. Now, a restart is honored almost immediately. |
| All connections in Apache's queues are handled but connections in |
| the stack's listen queue are discarded. Restart triggered by |
| MaxRequestPerChild is unchanged. |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Win32: Eliminated unnecessary call to wait_for_multiple_objects in |
| the accept loop. Good for a 5% performance boost. Cleaned up |
| parent/child process management code. |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Added ceiling on file size for memory mapped files. |
| [John Giannandrea <jg meer.net>] PR#4122 |
| |
| *) Fix ndbm.h include problems with brain-dead glibc >= 2.1 which |
| has ndbm.h in a non-standard db1/ subdir. PR#4431, PR#4528 |
| [Henri Gomez <gomez slib.fr>, Ralf S. Engelschall] |
| |
| *) Determine AP_BYTE_ORDER for ap_config_auto.h and already |
| use this at least for Expat. [Ralf S. Engelschall] |
| |
| *) Allow .module files to specify libraries with Lib:. |
| [Ben Laurie] |
| |
| *) Allow SetEnvIf[NoCase] to test environment variables as well |
| as header fields and request attributes. [Ken Coar] |
| |
| *) Fix mod_autoindex's handling of ScanHTMLTitles when file |
| content-types are "text/html;parameters". [Ken Coar] PR#4524 |
| |
| *) Remove "mxb" support from mod_negotiation -- it was a draft feature |
| never accepted into any standard, and it opens up certain DoS |
| attacks. [Koen Holtman <Koen.Holtman cern.ch>] |
| |
| *) TestCompile updated. We can now run programs and output the |
| results during the Configure process. [ Jim Jagielski] |
| |
| *) The source is now quad (long long) aware as needed. Specifically, |
| the Configure process determines the correct size of off_t and |
| *void. When the OS/platform/compiler supports quads, ap_snprintf() |
| provides for the 'q' format qualifier (if quads are not available, |
| 'q' is silently "demoted" to long). [Jim Jagielski] |
| |
| *) When the username or password fed to htpasswd is too long, include the |
| size limit in the error message. Also report illegal characters |
| (currently only ':') in the username. Add the size restrictions |
| to the man page. [Ken Coar] |
| |
| *) Fixed the configure --without-support option so it doesn't result in |
| an infinite loop. [Marc Slemko] |
| |
| *) Piped error logs could cause a segfault if an error occured |
| during configuration after a restart. |
| [Aidan Cully <aidan panix.com>] PR#4456 |
| |
| *) If a "Location" field was stored in r->err_headers_out rather |
| than r->headers_out, redirect processing wouldn't find it and |
| the server would core dump on ap_escape_html(NULL). Check both |
| tables and raise HTTP_INTERNAL_SERVER_ERROR with a log message |
| if Location isn't set. [Doug MacEachern, Ken Coar] |
| |
| *) Add RULE_EXPAT, the src/lib/ directory structure, and a modified copy |
| of the Expat 1.0.2 distribution. [Greg Stein] |
| |
| *) Replace regexec() calls with calls to a new API stub function |
| ap_regexec(). This solves problems with DSO modules which use the regex |
| library. [Jens-Uwe Mager <jum helios.de>, Ralf S. Engelschall] |
| |
| *) Add 'Request_Protocol' special keyword to mod_setenvif so that |
| environment variables can be set according to the protocol version |
| (e.g., HTTP/0.9 or HTTP/1.1) of the request. [Ken Coar] |
| |
| *) Add DSO support for OpenStep (Mach 4.2) platform. |
| [Ralf S. Engelschall, Rex Dieter <rdieter math.unl.edu>] PR#3997 |
| |
| *) Fix sed regex for generating ap_config_auto.h in src/Configure. |
| [Jan Gallo <gallo pvt.sk>] PR#3690, PR#4373 |
| |
| *) Switch to /bin/sh5 in APACI on Ultrix and friends to avoid problems with |
| their brain-dead /bin/sh. [Ralf S. Engelschall] PR#4372 |
| |
| *) Better DSO flags recognition on NetBSD platforms using ELF. |
| [Todd Vierling <tv pobox.com>] PR#4310 |
| |
| *) Always log months in english format for %t in mod_log_config. |
| [Petr Lampa <lampa fee.vutbr.cz>] PR#4366, 679 |
| |
| *) Support for server-parsed and multiview-determined ReadmeName and |
| HeaderName files in mod_autoindex. Removed the restriction on |
| "/"s in ReadmeName and HeaderName directives since the *sub_req* |
| routines will deal with the access issues. (It's now possible to |
| have {site|group|project|customer|...} wide readmes and headers.) |
| [Raymond S Brand <rsbx rsbx.net>, Ken Coar] PR#1574, 3026, 3529, |
| 3569, 4256 |
| |
| *) When stat() fails, don't assume anything about the contents of |
| the struct stat. [Ed Korthof <ed bitmechanic.com>] |
| |
| *) It's OK for a semop to return EINTR, just loop around and try |
| again. [Dean Gaudet] |
| |
| *) Fix configuration engine re-entrant hangups, which solve a |
| handful of problems seen with mod_perl <Perl> configuration sections |
| [Salvador Ortiz Garcia <sog msg.com.mx>] |
| |
| *) Mac OS and Mac OS X Server now use the appropriate custom layout |
| by default when building with APACI; allow for platform-specific |
| variable defaults in configure. [Wilfredo Sanchez] |
| |
| *) Do setgid() before initgroups() in http_main; some platforms |
| zap the grouplist when setgid() is called. This was fixed in |
| suexec earlier, but the main httpd code missed the change. |
| [Rob Saccoccio <robs InfiniteTechnology.com>] PR#2579 |
| |
| *) Add recognition of .tgz as a gzipped tarchive. |
| [Bertrand de Singly <bertrand.de-singly polytechnique.fr>] PR#2364 |
| |
| *) mod_include's fsize/flastmod should allow only relative paths, just |
| like "include file". [Jaroslav Benkovsky <benkovsk pha.pvt.cz>] |
| |
| *) OS/2: Add support for building loadable modules using DLLs. |
| [Brian Havard] |
| |
| *) Add iconsdir, htdocsdir, and cgidir to config.layout. |
| [Wilfredo Sanchez] |
| |
| *) Fix minor but annoying bug with the test for Configuration.tmpl |
| being newer than Configuration so that it is less likely to fail |
| when using APACI and shadow sources. [Wilfredo Sanchez] |
| |
| *) PORT: Add initial support for Mac OS (versions 10.0 and |
| greater). Use Mac OS X Server layout for now. Clean up dyld code |
| in unix/os.c, and don't install the dyld error handlers, which |
| are no longer needed in Mac OS. [Wilfredo Sanchez] |
| |
| *) Rename Rhapsody layout to "Mac OS X Server". Change install |
| locations to appropriate ones for user-built (as opposed to |
| system) installs. [Wilfredo Sanchez] |
| |
| *) Modify mod_autoindex's handling of AddDescription so that the |
| behaviour matches the documentation. [Ken Coar] PR#1898, 3072. |
| |
| *) Add functionality to the install-bindist.sh script created by |
| binbuild.sh to use tar when copying distribution files to the |
| serverroot. This allows upgrading an existing installation |
| without nesting the new distribution in the old. |
| |
| install-bindist.sh now detects the local perl5 path to install |
| apxs and dbmmanage with proper path to perl interpreter. |
| |
| Add an install-binsupport target which copies the source files |
| for apxs and dbmmanage to bindist to allow these scripts to |
| be properly installed relative to the destination serverroot. |
| [Randy Terbush, Covalent Technologies, <randy covalent.net>] |
| |
| *) Fix intermittent SEGV in ap_proxy_cache_error() in |
| src/modules/proxy_util.c where a NULL filepointer and |
| temporary filename were closed and unlinked. |
| [Graham Leggett <minfrin sharp.fm>, |
| Tim Costello <tjcostel socs.uts.edu.au>] PR#3178 |
| |
| *) Fix inconsistent error messages reported by mod_proxy. |
| [Graham Leggett <minfrin sharp.fm>] |
| |
| *) OS/2: Fix terminating CGIs that aren't compiled by EMX GCC when a |
| connection is aborted. [Brian Havard] |
| |
| *) Force the LANG envariable to the known state of "C" so that we |
| have assurance about how string manipulators (e.g., tr) will |
| function. [Ken Coar] PR#1630 |
| |
| *) Add a directive to allow customising of the tracking cookie name. |
| [Ken Coar] PR#2921, 4303 |
| |
| *) Add "force-no-vary" envariable to allow servers to work around |
| clients that choke on "Vary" fields in the response header. |
| [Ken Coar, Dmitry Khrustalev <dima zippy.machaon.ru>] PR#4118 |
| |
| *) Fixed a bug in mod_dir that causes a child process will infinitely |
| recurse when it attemps to handle a request for a directory wnd the |
| value of the DirectoryIndex directive is a single dot. Also likely |
| to happen for anyother values of DirectoryIndex that will map back |
| to the same directory. The handler now only considers regular files |
| as being index candidates. No PR#s found. |
| [Raymond S Brand <rsbx rsbx.net>] |
| |
| *) Ease configuration debugging by making TestCompile fall back to |
| using "make" if the $MAKE variable is unset [Martin Kraemer] |
| |
| *) Fixed the ServerSignature directive to work as documented. |
| [Raymond S Brand <rsbx rsbx.net>] PR#4248 |
| |
| *) Add "opt" (SysV-style) layout to config.layout. [Raymond S Brand |
| <rsbx rsbx.net>] |
| |
| *) Add APACI --without-execstrip option which can be used to disable the |
| stripping of executables on installation. This is very important for DSO |
| and debugging situations. [Ralf S. Engelschall] |
| |
| *) Add support for OS/2 (case insenstive filesystem, .exe suffix, etc) |
| to APACI files and related scripts. |
| [Yitzchak Scott-Thoennes <sthoenna efn.org>, Ralf S. Engelschall] PR#4269 |
| |
| *) Add support for standalone mode in TPF |
| [Joe Moenich <moenich us.ibm.com>] |
| |
| *) Fix number of bytes copied by read_connection() in src/support/ab.c |
| [Jim Cox <jc superlink.net>] PR#4271 |
| |
| *) Fix special RewriteCond "-s" pattern matching. |
| [Bob Finch <bob nas.com>] |
| |
| *) Fix value quoting in src/Configure script for ap_config_auto.h |
| [Paul Sutton <paul awe.com>] |
| |
| *) Make sure RewriteLock can be used only in the global context, (i.e. |
| outside of any <VirtualHost> sections) because it's a global facility of |
| the rewrite engine. [Ralf S. Engelschall] |
| |
| *) Fix the ownership delegation for proxy directory under `make install'. |
| [Ralf S. Engelschall] |
| |
| *) APACI would not correctly build suexec. [Maria Verina |
| <mariav icgeb.trieste.it>] PR#4260 |
| |
| *) mod_mime_magic passed only the first 4k of a file to |
| uncompress/gzip, but those tools sometimes do not produce |
| any output unless a sufficient portion of the compressed |
| file is input. Change to pass the entire file -- but |
| only read 4k of output. |
| [Marcin Cieslak <saper system.pl>] PR#4097 |
| |
| *) "IndexOptions None" generated extra spaces at the end of each |
| line. [<inkling firstnethou.com>] PR#3770 |
| |
| *) The "100 Continue" response wasn't being sent after internal |
| redirects. [Jose KAHAN <kahan w3.org>] PR#3910, 3806, 3575 |
| |
| *) When padding the name with spaces for display, mod_autoindex would |
| count &, <, and > in their escaped width, messing up the display. |
| [Dean Gaudet] PR#4075, 3758 |
| |
| *) PORT: fixed a compilation problem on NEXT. |
| [Jacques Distler <distler golem.ph.utexas.edu>] PR#4130 |
| |
| *) r->request_time wasn't being set properly in certain error conditions. |
| [Dean Gaudet] PR#4156 |
| |
| *) PORT: deal with UTS compiler error in http_protocol.c |
| [Dave Dykstra <dwd bell-labs.com>] PR#4189 |
| |
| *) Add ap_vrprintf() function. [John Tobey <jtobey banta-im.com>] PR#4246 |
| |
| *) Fix the mod_mime hash table to work properly with locales other |
| than C. [Dean Gaudet] PR#3427 |
| |
| *) Fix a memory leak which is exacerbated by certain configurations. |
| [Dean Gaudet] PR#4225 |
| |
| *) Prevent clobbering saved IFS values in APACI. [Jim Jagielski] |
| |
| *) Fix buffer overflows in ap_uuencode and ap_uudecode pointed out |
| by "Peter 'Luna' Altberg <peter altberg.nu>" and PR#3422 |
| [Peter 'Luna' Altberg <peter altberg.nu>, Ronald Tschalär] |
| |
| *) Make {Set,Unset,Pass}Env per-directory instead of per-server. |
| [Ben Laurie] |
| |
| *) Correct an apparent typo: on the Windows and MPE platforms, the |
| htpasswd utility was limiting passwords to only 8 characters. |
| [Ken Coar] |
| |
| *) EBCDIC platforms: David submitted patches for two bugs in the |
| MD5 digest port for EBCDIC machines: |
| a) the htdigest utility overwrote the old contents of the digest file |
| b) the Content-MD5 header value (ContentDigest directive) was wrong |
| when the returned file was not converted from EBCDIC, but was a |
| binary (e.g., image file) in the first place. |
| [David McCreedy at IBM] |
| |
| *) support/htpasswd now permits the password to be specified on the |
| command line with the '-b' switch. This is useful when passwords |
| need to be maintained by scripts -- particularly in the Win32 |
| environment. [Ken Coar] |
| |
| *) Win32: Win32 multiple services patch. Added capability to install and |
| run multiple copies of apache as individual services. |
| |
| Example 1: |
| apache -n apache1 -i -f c:/httpd.conf |
| Installs apache as service 'apache1' and associates c:/httpd.conf |
| with that service. |
| net start apache1 |
| Starts apache1 service. |
| net stop apache1 |
| Stops apache1 service |
| |
| Example 2: |
| apache -n apache2 -i |
| Installs apache as service 'apache2'. httpd.conf is located under |
| the default server root (/apache/conf/httpd.conf). |
| net start apache2 |
| Starts apache2 service. |
| |
| Example 3: |
| apache -n apache3 -i -d c:/program files/apache |
| Install apache as service 'apache3' and sets server root to |
| c:/program files/apache. |
| |
| Example 4: |
| apache -n apache2 -k restart |
| Restart apache2 service |
| |
| [Keith Wannamaker, Ken Parzygnat, Bill Stoddard] |
| |
| *) Correct the signed/unsigned character handling for the MD5 routines; |
| mismatches were causing compilation problems with gcc -pedantic and |
| in the TPF cross-compilation. [Ken Coar] |
| |
| *) OS/2: Rework CGI handling to use spawn*() instead of fork/exec, achieving |
| a roughly 5 fold speed up. [Brian Havard] |
| |
| *) proxy ftp: instead of using the hardwired string "text/plain" as |
| a fallback type for files served by the ftp proxy, use the |
| ap_default_type() function to determine the configured type. |
| This allows for special configurations like |
| <Directory proxy:ftp://some.host> |
| DefaultType gargle/blurb |
| </Directory> |
| Additionally, add the Content-Encoding: header to FTP proxy replies |
| when the encoding is defined (by the AddEncoding directive). |
| Because it was missing, it was almost impossible to browse compressed |
| files using the FTP proxy (works now perfectly in Communicator). |
| The ftp proxy now also returns the Date: and Server: header lines (if not |
| much else... This code is "somewhat" broken) like normal requests do. |
| [Martin Kraemer] |
| |
| *) Be more smart in APACI's configure script when determining the UID/GID |
| for User/Group directives and use the determined UID/GID to initialize |
| the permissions on the proxycachedir. |
| [Dirk-Willem van Gulik, Ralf S. Engelschall] |
| |
| *) Changed the forking-prior-to-cleanup in the proxy module to first |
| check wether it actually needs to collect garbage. This reduces |
| the number of fork()s from one/request to just the odd one an hour. |
| [Dirk-Willem van Gulik] |
| |
| *) Added proxy, auth and header support to src/support/ab.c. Added a |
| README file to src/support/ |
| [Dirk-Willem van Gulik] |
| |
| *) Don't hard-code the path to AWK in --shadow bootstrapping Makefile. |
| [Ralf S. Engelschall] PR#4050 |
| |
| *) Add support for DSO module compilation on BSD/OS 3.x. |
| [Randy Terbush, Covalent Technologies] |
| |
| *) Fix sed-substitutions in `make install': path elements like `httpd/conf' |
| (for instance from an APACI configure --sysconfdir=/etc/httpd/conf |
| option) were substituted with $(TARGET).conf, etc. Same for other strings |
| with dots where the dot wasn't matched as plain text. |
| [Ralf S. Engelschall] |
| |
| *) PORT: Add support for FreeBSD 4.x [Ralf S. Engelschall] |
| |
| *) Fix verbose output of APACI configure (option -v) |
| [Martin Kraemer, Ralf S. Engelschall] |
| |
| Changes with Apache 1.3.6 |
| |
| *) Removed new PassAllEnv code due to DSO problems. [Lars Eilebrecht] |
| |
| Changes with Apache 1.3.5 [not released] |
| |
| *) M_INVALID needed a value within the scope of METHODS so that unknown |
| methods can be access controlled. [Roy Fielding] PR#3821 |
| |
| *) Added PassAllEnv; makes server's entire environment available |
| to CGIs and SSIs executed within directive's scope. [Ken Coar] |
| |
| *) ap_uuencode() always added two trailing '='s and encoding of |
| 8 bit characters on a machine with signed char may produced |
| incorrect results. Additionally ap_uuencode() should now |
| work correctly on EBCDIC platforms. |
| [Ronald Tschalär <ronald innovation.ch>] PR#3411 |
| |
| *) WIN32: Binary installer now runs the configuration DLL before |
| the reboot prompt (which is only given if MSVCRT.DLL system |
| DLL is new or updated). This should avoid the configuration |
| directory being empty after installation. [Paul Sutton] |
| PR#3767, 3800, 3827, 3850, 3900, 3953, 3988 |
| |
| *) WIN32: Binary installer now creates Start menu options to start |
| and stop Apache as a console application and to uninstall |
| the Apache service on NT. [Paul Sutton] PR#3741 |
| |
| *) WIN32: Apache.exe now contains an icon. [Paul Sutton] |
| |
| *) PORT: Switch back to using fcntl() locking on Linux -- instabilities |
| have been reported with flock() locking (probably related to kernel |
| version). [Dean Gaudet] PR#2723, 3531 |
| |
| *) Using APACI, the main config file (usually httpd.conf) was |
| not being adjusted as $(TARGET).conf. [Wilfredo Sanchez |
| <wsanchez apple.com>] |
| |
| *) PORT: AIX does not require the SHARED_CODE "hack" |
| [Ryan Bloom <rbb raleigh.ibm.com>] |
| |
| *) Set-Cookie headers were being doubled up for some CGIs by the O(n^2) |
| avoidance code added in 1.3.3. |
| [Dean Gaudet, Jeff Lewis <lewis stanford.edu>] PR#3872 |
| |
| *) ap_isxdigit was somehow neglected when adding the ap_isfoo() macros |
| for 8-bit safeness. [Dean Gaudet] |
| |
| *) PORT: Use -fPIC instead of -fpic on Solaris and SunOS for compiling DSOs |
| because SPARCs have a small machine-specific maximum size for the Global |
| Offset Table which is often exceeded when compiling one of the larger |
| third-party modules with Apache. [Peter Urban <Peter.Urban epfl.ch>] PR#3977 |
| |
| *) Move the directive `ExtendedStatus' in httpd.conf-dist-win _after_ the |
| DSO/DLL section because it's a directive from mod_status and isn't |
| available before the DLL of mod_status is loaded. |
| [Martin POESCHL <mpoeschl gmx.net>] PR#3936 |
| |
| *) SECURITY: Fix a bug in the calculation of the buffer size for the line |
| continuation facility in Apache's configuration files which could |
| lead to a buffer overflow situation. |
| [Thomas Devanneaux <Thomas.Devanneaux enst.fr>] PR#3617 |
| |
| *) Make documentation and error messages of APACI's --activate-module=FILE |
| option more clear. [Jan Wolter <janc wwnet.net>] PR#3995 |
| |
| *) Fix the gcc version check (for enabling the `inline' facility) to |
| really support all future gcc versions >= 2.7 until we know more. |
| [John Tobey <jtobey banta-im.com>] PR#3983 |
| |
| *) Let APACI's configure script correctly complain for unknown --enable-XXX |
| and --disable-XXX options. [Ralf S. Engelschall] PR#3958 |
| |
| *) Link the shared core bootstrap program (``Rule SHARED_CORE=yes'') also |
| against libap.a and use its ap_snprintf() instead of sprintf() to avoid |
| possible buffer overflows. [Ralf S. Engelschall] |
| |
| *) Remove no longer used non-API function ap_single_module_init(). |
| [Ralf S. Engelschall] |
| |
| *) Add Apple's Mac OS X Server Layout "Rhapsody" to config.layout. |
| [Wilfredo Sanchez] |
| |
| *) Add cgidir, htdocsdir, iconsdir variables to Makefile.tmpl in order |
| to make platform installations easier. [Wilfredo Sanchez] |
| |
| *) In configure, do not append the target name to the directory path if |
| the path already contains "apache". [Ralf S. Engelschall] |
| |
| *) SIGPIPE is now ignored by the server core. The request write routines |
| (ap_rputc, ap_rputs, ap_rvputs, ap_rwrite, ap_rprintf, ap_rflush) now |
| correctly check for output errors and mark the connection as aborted. |
| Replaced many direct (unchecked) calls to ap_b* routines with the |
| analogous ap_r* calls. [Roy Fielding] |
| |
| *) Enhanced mod_rewrite's mapfile handling: The in-core cache for text and |
| DBM format mapfiles now uses a 4-way hash table with LRU functionality. |
| Furthermore map lookups for non-existent keys are now cached as well. |
| Additionally "txt" maps are now parsed with simple string functions |
| instead of using ap_pregcomp(). As a side effect a bug that prevented |
| the usage of keys containing the "," character was fixed. |
| The changes drastically improve the performance when large rewrite maps |
| are in use. |
| [Michael van Elst <mlelstv serpens.swb.de>, Lars Eilebrecht] PR#3160 |
| |
| *) Added ap_sub_req_method_uri() for doing a subrequest with a method |
| other than GET, and const'd the definition of method in request_rec. |
| [Greg Stein] |
| |
| *) Use proper pid_t type for saving PIDs in alloc.c. [John Bley] |
| |
| *) Replaced use of WIN32 define with HAVE_DRIVE_LETTERS to indicate |
| when the OS allows a DOS drive letter within pathnames. [Brian Havard] |
| |
| *) Add %V to mod_log_config, this logs the hostname according to the |
| UseCanonicalName setting (this is the pre-1.3.4 behaviour of |
| %v). Useful for mass vhosting. [Tony Finch <dot dotat.at>] |
| |
| *) Add support for \n and \t to mod_log_config, can be used to produce |
| more reliable logs with multiline entries. [Tony Finch <dot dotat.at>] |
| |
| *) Fixed a few compiler nits. [John Bley <jbb6 acpub.duke.edu>] |
| |
| *) Added informative error messages for failed munmap() and fseek() calls |
| in http_core.c. [John Bley, Roy Fielding] |
| |
| *) Added some informative error messages for some failed malloc() |
| calls. [John Bley <jbb6 acpub.duke.edu>, Jim Jagielski] |
| |
| *) OS/2 ap_os_canonical_filename()'s behaviour is improved: ap_assert() |
| is removed. This allows <Directory proxy:*> directives to work and |
| prevents invalid requests from killing the process. |
| [Brian Havard <brianh kheldar.apana.org.au>] |
| |
| *) Reorganised FAQ document. |
| [Joshua Slive <slive finance.commerce.ubc.ca>] PR#2497 |
| |
| *) src/support/: The ApacheBench benchmark program was overhauled by |
| David N. Welton: you can now have it generate an HTML TABLE, presumably |
| for integration into other HTML sources. David updated the ab man page |
| as well and added some missing descriptions. Thanks! |
| [David N. Welton <davidw prosa.it>] |
| |
| *) Win32: The filename validity checker now allows filenames containing |
| characters in the range 0x80 to 0xff (for example accented characters). |
| [Paul Sutton] PR#3890 |
| |
| *) Added conditional logging based upon environment variables to |
| mod_log_config. mod_log_referer and mod_log_agent |
| are now deprecated. [Ken Coar] |
| |
| *) Allow apache acting as a proxy server to relay the real |
| reason of a failure to a client rather than the "internal |
| server error" it does currently. The general exposure mechanism |
| can be triggered by any module by setting the "verbose-error-to" |
| note to "*"; this allows more than just proxy errors to be exposed. |
| [Cliff Skolnick, Roy Fielding, Martin Kraemer] Related to PR#3455, 4086 |
| |
| *) Moved man pages for ab and apachectrl to section 8. |
| [Wilfredo Sanchez, Roy Fielding] |
| |
| *) Added -S option to install.sh so that options can be passed to |
| strip on some platforms. [Ralf S. Engelschall, Wilfredo Sanchez] |
| |
| *) Tweak modules Makefile generated by Configure so that it handles |
| the test case of no modules being selected. [<chaz reliant.com>] |
| |
| *) Added a <LimitExcept method ...> sectioning directive that allows |
| the user to assign authentication control to any HTTP method that |
| is *not* given in the argument list; i.e., the logical negation |
| of the <Limit> directive. This is particularly useful for controlling |
| access on methods unknown to the Apache core, but perhaps known by |
| some module or CGI script. [Roy Fielding, Tony Finch] |
| |
| *) Prevent apachectl from complaining if the PIDFILE exists but |
| does not contain a process id, as might occur if the server is |
| being rapidly restarted. [Wilfredo Sanchez] |
| |
| *) Win32: Add global symbols missing from ApacheCore.def. [Carl Olsen] |
| |
| *) Entity tag comparisons for If-Match and If-None-Match were not being |
| performed correctly -- weak tags might cause false positives. Also, |
| strong comparison wasn't properly enforced in all cases. |
| [Roy Fielding, Ken Coar, Dean Gaudet] PR#2065, 3657 |
| |
| *) OS/2: Supply OS/2 error code instead of errno on semaphore errors. |
| [Brian Havard] |
| |
| *) Work around a bug in Lynx regarding its sending "Negotiate: trans" |
| even though it doesn't understand TCN. [Koen Holtman, Roy Fielding] |
| |
| *) Added ap_size_list_item(), ap_get_list_item(), and ap_find_list_item() |
| to util.c for parsing an HTTP header field value to extract the next |
| list item, taking into account the possible presence of nested comments, |
| quoted-pairs, and quoted-strings. ap_get_list_item() also removes |
| insignificant whitespace and lowercases non-quoted tokens. |
| [Roy Fielding] PR#2065 |
| |
| *) proxy: The various calls to ap_proxyerror() can return HTTP/1.1 status |
| code different from 500. This allows the proxy to, e.g., return |
| "403 Forbidden" for ProxyBlock'ed URL's. [Martin Kraemer] Related to PR#3455 |
| |
| *) Fix ordering of language variants for the case where the traditional |
| negotiation algorithm is being used with multiple language variants |
| and no Accept-Language. [James Treacy <treacy debian.org>] PR#3299, 3688 |
| |
| *) Do not round the TCN quality calculation to 5 decimal places, |
| unlike RFC 2296, because the calculation might need 12 decimal places |
| to get the right result. [Roy Fielding] |
| |
| *) Remove unused code to disable transparent negotiation when |
| negotiating on encoding only, as we now handle encoding too |
| (though this is nonstandard for TCN), remove charset=ISO-8859-1 |
| fiddle from the fiddle-averse RVSA comparison, and fix bugs in |
| some debugging statements within mod_negotiation. [Koen Holtman] |
| |
| *) Fixed a rare memory corruption possibility in mod_dir if the index |
| file is negotiable and no acceptable variant can be found. |
| [Dean Gaudet, Roy Fielding, Martin Kraemer] |
| |
| *) Win32: Add new config directive, ScriptInterpreterSource, to enable |
| searching the Win32 registry for script interpreters. |
| [Bill Stoddard] |
| |
| *) Win32: The compiled-in default filename for the error log is now |
| error.log, which matches the default in the distributed httpd.conf. |
| [Paul Sutton] |
| |
| *) Win32: Any error messages from -i or -u command line options are now |
| displayed on the console output rather than sent to the error log. |
| Also the "Running Apache..." message is not output unless Apache is |
| going to serve requests. [Paul Sutton] |
| |
| *) Rework the MD5 authentication scheme to use FreeBSD's algorithm, |
| and use a private significator ('$apr1$') to mark passwords as |
| being smashed with our own algorithm. Also abstract the password |
| checking into a new ap_validate_password() routine. [Ken Coar] |
| |
| *) Win32: The filename validity checker now allows "COM" but refuses |
| access to "COM1" through "COM4". This allows filenames such |
| as "com.name" to be served. [Paul Sutton] PR#3769. |
| |
| *) BS2000: Adapt to the new ufork() system call interface which will |
| make subtasking easier on the OSD/POSIX mainframe environment. |
| [Martin Kraemer] |
| |
| *) Add a compatibility define for escape_uri() -> ap_escape_uri() to |
| ap_compat.h. [David White <david persimmon.com>] PR#3725 |
| |
| *) Make NDBM file suffix determination for mod_rewrite more accurate, i.e. |
| use `.db' instead of `.pag' not only for FreeBSD, but also when |
| the NDBM library looks like Berkeley-DB based. |
| [Ralf S. Engelschall] PR#3773 |
| |
| *) Add ability to handle DES or MD5 authentication passwords. |
| [Ryan Bloom <rbb Raleigh.IBM.Com>] |
| |
| *) Fix O(n^2) memory consumption in mod_speling. [Dean Gaudet] |
| |
| *) SECURITY: Avoid some buffer overflow problems when escaping |
| quoted strings. (This overflow was on the heap and we believe |
| impossible to exploit.) [Rick Perry <perry ece.vill.edu>] |
| |
| *) Let src/Configure be aware of CFLAGS options starting with plus |
| signs as it's the case for the HP/UX compiler. |
| [Doug Yatcilla <yatcilda umdnj.edu>] PR#3681 |
| |
| *) Remove the hard-wire of TAR=tar (we now check for gtar and gnutar first) |
| and check to see if the tar we wind up with supports '-h'. |
| [Jim Jagielski] PR#3671 |
| |
| *) A consistent and conservative style for all shell scripts has been |
| implemented. Basically, all shell string tests use the traditional |
| hack of 'if [ "x$var" != "x" ]' or 'if [ "x$var" = "xstring" ]' |
| to protect against bare null variable strings (ie: wrapping both |
| sides with double quotes and prepending 'x'). 'x' was chosen |
| because it's more universal and hopefully easier for old shell |
| prgrammers, as well as being easier to search for in 'vi' (/x\$) :) |
| [Jim Jagielski] |
| |
| *) The status module now prints out both the main server generation as |
| well as the generation of each process. Also, the vhost info is |
| printed with '?notable'. [Jim Jagielski] |
| |
| *) Move src/main/md5c.c to src/ap/ap_md5c.c; it's httpd-neutral |
| and this makes its functions available to things in src/support. |
| [Ken Coar] |
| |
| Changes with Apache 1.3.4 |
| |
| *) Renamed macros status_drops_connection to ap_status_drops_connection |
| and vestigial scan_script_header to ap_scan_script_header_err, |
| mostly for aesthetic reasons. [Roy Fielding] |
| |
| *) The query switch "httpd -S" didn't exit after showing the |
| vhost settings. That was inconsistent with the other query functions. |
| [Martin Kraemer] |
| |
| *) Moved the MODULE_MAGIC_COOKIE from before the versions and |
| filename to the end of the STANDARD_MODULE_STUFF. Its |
| presence at the beginning prevented reporting of the filename |
| for modules compiled before 1 January 1999. [Ken Coar] |
| |
| *) SECURITY: ap_os_is_filename_valid() has been added to Win32 |
| to detect and prevent access to special DOS device file names. |
| [Paul Sutton, Ken Parzygnat] |
| |
| *) WIN32: Created new makefiles Makefile_win32.txt (normal build) |
| and Makefile_win32_debug.txt (debug build) that work on Win95. |
| Run each of the following from the src directory: |
| nmake /f Makefile_win32.txt # compiles normal build |
| nmake /f Makefile_win32.txt install # compiles and installs |
| nmake /f Makefile_win32.txt clean # removes compiled junk |
| nmake /f Makefile_win32_debug.txt # compiles debug build |
| nmake /f Makefile_win32_debug.txt install |
| nmake /f Makefile_win32_debug.txt clean |
| [Roy Fielding] |
| |
| *) Added binbuild.sh and findprg.sh helpers to make it easier for us |
| to build binary distributions. [Lars Eilebrecht] |
| |
| *) IndexOptions SuppressColumnSorting only turned off making |
| the column headers anchors; you could still change the display |
| order by manually adding a '?N=A' or similar query string to the |
| URL. Now SuppressColumnSorting locks in the sort order so |
| it can't be overridden this way. [Ken Coar] |
| |
| *) Added IndexOrderDefault directive to supply a default sort order |
| for FancyIndexed directory listings. [Ken Coar] PR#1699 |
| |
| *) Change the ap_assert macro to a variant that works on all platforms. |
| [Richard Prinz <richard.prinz cso.net>] PR#2575 |
| |
| *) Make sure under ELF-based NetBSD (now) and OpenBSD (future) we don't |
| search for an underscore on dlsym() (as it's already the case |
| for FreeBSD 3.0). [Todd Vierling <tv pobox.com>] PR#2462 |
| |
| *) Small fix for mod_env.html: The module was documented as to be _not_ |
| compiled into Apache per default, although it _IS_ compiled into |
| Apache per default. [Sim Harbert <sim mindspring.com>] PR#3572 |
| |
| *) Instead of fixing a bug in the generation procedure for config.status (a |
| backslash was missing) we remove the bug together with it's complete |
| context because the special cases of the past can now no longer occur |
| because of the recent magic for the --with-layout default. |
| [Ralf S. Engelschall] PR#3590 |
| |
| *) Make top-level Makefile aware of a parallel build procedures (make -j) by |
| making sure the src/support/ tools are _forced_ to be build last (they |
| depend on other libraries). |
| [Markus Theissinger <markus.theissinger gmx.de>] |
| |
| *) Fix installation procedure: Now that os-inline.c is actually used (a |
| recently fixed bug prevented this) we need to also install os-include.c |
| in addition to os.h into the PREFIX/include/ location or building of |
| module DSOs with APXS fails. [Ralf S. Engelschall] PR#3527 |
| |
| *) Added MODULE_MAGIC_COOKIE as the first field in a module structure to |
| allow us to distinguish between a garbled DSO (or even a file which isn't |
| an Apache module DSO at all) and a DSO which doesn't match the current |
| Apache API. [Ralf S. Engelschall] PR#3152 |
| |
| *) Two minor enhancements to mod_rewrite: First RewriteRule now also |
| supports the ``nocase|NC'' flag (as RewriteCond already does for ages) to |
| match case insensitive (this especially avoids nasty patterns like |
| `[tT][eE][sS][tT]'). Second two additional internal map functions |
| `escape' and `unescape' were added which can be used to escape/unescape |
| to/from hex-encodings in URLs parts (this is especially useful in |
| combination with map lookups). |
| [Magnus Bodin, Ian Kallen, Ralf S. Engelschall] |
| |
| *) Renamed the macro escape_uri() to ap_escape_uri() which was |
| forgotten (because it was a macro) in the symbol renaming process. |
| [Ralf S. Engelschall] |
| |
| *) Fix some inconsistencies related to the scopes of directives. The only |
| user visible change is that the directives `UseCanonicalName' and |
| `ContentDigest' now use the (more correct) `Options' scope instead of |
| (less correct) `AuthConfig' scope. [Ralf S. Engelschall] |
| |
| *) Using DSO, the Server token was being mangled. Specifically, the |
| module's token was being added first before the Apache token. This |
| has been fixed. [Jim Jagielski] |
| |
| *) Major overhaul of mod_negotiation.c, part 2. |
| - properly handle "identity" within Accept-Encoding. |
| - allow encoded variants in RVSA negotiation and let them appear in |
| the Alternates field using the non-standard "encoding" tag-list. |
| - fixed both negotiation algorithms so that an explicitly accepted |
| encoding is preferred over no encoding if "identity" is not |
| included within Accept-Encoding. |
| - added ap_array_pstrcat() to alloc.c for efficient concatenation |
| of large substring sequences. |
| - replaced O(n^2) memory hogs in mod_negotiation with ap_array_pstrcat. |
| [Roy Fielding] |
| |
| *) Major overhaul of mod_negotiation.c, part 1. |
| - cleanups to mod_negotiation comments and code structure |
| - made compliant with HTTP/1.1 proposed standard (rfc2068) and added |
| support for everything in the upcoming HTTP/1.1 |
| revision (draft-ietf-http-v11-spec-rev-06.txt). |
| - language tag matching also handles tags with more than 2 |
| levels like x-y-z |
| - empty Accept, Accept-Language, Accept-Charset headers are |
| processed correctly; previously an empty header would make all |
| values acceptable instead of unacceptable. |
| - allowed for q values in Accept-Encoding |
| - added support for transparent content negotiation (rfc2295 and |
| rfc2296) (though we do not implement all features in these drafts, |
| e.g. no feature negotiation). Removed old experimental version. |
| - implemented 'structured entity tags' for better cache correctness |
| (structured entity tags ensure that caches which can deal with Vary |
| will (eventually) be updated if the set of variants on the server |
| is changed) |
| - this involved adding a vlist_validator element to request_rec |
| - this involved adding the ap_make_etag() function to the global API |
| - modified guessing of charsets used by Apache negotiation algorithm |
| to guess 'no charset' if the variant is not a text/* type |
| - added code to sort multiviews variants into a canonical order so that |
| negotiation results are consistent across backup/restores and mirrors |
| - removed possibility of a type map file resolving to another type map |
| file as its best variant |
| [Koen Holtman, Roy Fielding, Lars Eilebrecht] PR#3451, 3299, 1987 |
| |
| *) RFC2396 allows the syntax http://host:/path (with no port number) |
| but the proxy disallowed it (ap_proxy_canon_netloc()). |
| [David Kristol <dmk bell-labs.com>] PR#3530 |
| |
| *) When modules update/modify the file name in the configfile_t structure, |
| syntax errors will report the updated name, not the original one. |
| [Fabien Coelho <coelho cri.ensmp.fr>] PR#3573 |
| |
| *) Correct some filename case assumptions from WIN32 to |
| CASE_BLIND_FILESYSTEM. [Brian Havard <brianh kheldar.apana.org.au>] |
| |
| *) For %v log ServerName regardless of the UseCanonicalName |
| setting (similarly for %p). [Dean Gaudet] |
| |
| *) Configure was initializing the variables $OSDIR, $INCDIR and $SHELL |
| rather late (too late for some invocations of TestCompile). |
| This improves the make environment available to TestCompile and |
| the *.module scripts. [Martin Kraemer] |
| |
| *) The hashbang emulation code in ap_execve.c would interpret |
| #!/hashbang/scripts correctly, but failed to fall back to a |
| standard shell for scripts which did NOT start with #! |
| Now SHELL_PATH is started in these cases. [Martin Kraemer] |
| |
| *) PORT: Added the Cyberguard V2 port [Richard Stagg <stagg lentil.org>] |
| PR#3336 |
| |
| *) Update APXS manual page: some -q option arguments were missing |
| and another was incorrect. [Mark Anderson <mda discerning.com>] PR#3553 |
| |
| *) Cleanup the command line options: `-?' was documented to show |
| the usage list but does it with an error because `?' is not a valid |
| command. OTOH a lot of users expect `-h' to print such a usage list and |
| instead are annoyed for ages by our huge unreadable list of directives. |
| So we now changed the command line options this way: |
| 1. `-L' => `-R' |
| Intent: we need `-L' to be free, and `-R' for the DSO run-time path is |
| very similar to the popular linker option. |
| 2. `-h' => `-L' |
| Intent: while -l gives the small list of modules, -L now gives the |
| large list of directives implemented by these modules. This is also |
| consistent with -v (short version info) and -V (large version info). |
| 3. `-?' => `-h' |
| Intent: it's now the expected option ;-) |
| The manual page was adjusted accordingly. |
| [Ralf S. Engelschall] PR#2714 |
| |
| *) Fixed problem of fclose() on an unopened file in suexec if LOG_EXEC |
| wasn't defined. [Rick Franchuk <rickf transpect.net>] |
| |
| *) Removed recently introduced bugs and disfigurements in APACI: |
| o fixed argument line processing: using $args was broken: It was not |
| initialized and using args="$args $apc_option" and even args="$args |
| \"$apc_option\"" fails in the second processing round for any arguments |
| containing whitespaces. The only correct way is to use the construct |
| "$@" (but not possible here) or iterate _both_ times over the implicit |
| argument line (no argument to for-loop) which is what we now use. |
| o make --with-layout=Apache the default without creating |
| redundancy (copying the --with-layout block in the argument parsing |
| loop). We achieve this by using the "$@" construct together with the |
| `set' command to prepend --with-layout=Apache to the command line in |
| case --with-layout is not used. |
| o fixed auto-suffix handling now that config.layout exists. |
| Paths which are auto-suffixed are marked with a trailing plus sign in |
| config.layout and every path now can be marked this way (not only the |
| four paths for which we do it currently). Additionally the suffix is |
| no longer a static one. Instead it's now `/<target>' where <target> is |
| the argument of the --target option or per default `httpd'. |
| o allow also tabs (and only spaces) where we match whitespaces |
| o various fixes and cleanups related to used shell coding style |
| o made Jim happy by replacing `Written by' with `Initially written by' ;-) |
| o trimmed output of --help to fit into 80 columns |
| [Ralf S. Engelschall] |
| |
| *) Added two new core API functions, ap_single_module_configure() and |
| ap_single_module_init(), which are now used by mod_so to configure a module |
| after loading. [Ralf S. Engelschall] |
| |
| *) PORT: Add defines for USE_FLOCK_SERIALIZED_ACCEPT and |
| SINGLE_LISTEN_UNSERIALIZED_ACCEPT to NetBSD/OpenBSD section |
| of ap_config.h to allow serialized accept for multiport listens. |
| [Roy Fielding, Curt Sampson] PR#3120 |
| |
| *) PORT: Fixed a misplaced #endif for NetBSD/OpenBSD section |
| of ap_config.h that would skip several defines if DEFAULT_GROUP |
| was overridden. [Roy Fielding] |
| |
| *) PORT: The I86 version of DGUX has support for strncasecmp and |
| strcasecmp, so allow it in ap_config.h. [Amiel Lee Yee] PR#3247 |
| |
| *) Fix ordering of definitions in ap_config.h so that ap_inline is |
| defined before it might be used. [Victor Khimenko] |
| |
| *) PORT: Add Dynamic Shared Object (DSO) support for BSDI (v4.0). |
| [Tom Serkowski <tks bsdi.com>] PR#3453 |
| |
| *) Make generation of src/Configuration.apaci more robust: It failed to |
| differenciate between modules when one module name was a postfix of |
| another (e.g. cgi vs. fastcgi). We now check for mod_XXX, libXXX and even |
| just XXX (think about totally non-standard names like "apache_ssl", too). |
| [Ralf S. Engelschall] PR#3380 |
| |
| *) In src/Configure remove the SERVER_SUBVERSION support (already deprecated |
| since 1.3b7) and make whitespace handling more robust (it failed horrible |
| when whitespaces were present in the arguments of -D options). |
| [Ralf S. Engelschall] PR#3240 |
| |
| *) Add APACI --shadow=DIR variant (in addition to --shadow). This now first |
| creates an external package shadow tree in DIR before the local build |
| shadow tree is generated under DIR. This way one can have the extracted |
| Apache distribution tree read-only on NFS or CDROM and still build Apache |
| from these sources. An automatically triggered VPATH-like mechanism is |
| provided through the TOP variable, too. |
| [Ralf S. Engelschall, Wilfredo Sanchez <wsanchez apple.com>] |
| |
| *) Fix negotiation so that a Vary response header is correctly |
| generated when, for a particular dimension, variants only vary |
| in having or not having a value for that dimension. [Paul Sutton] |
| |
| *) Fix negotiation so that we prefer an encoded variant over an |
| unencoded variant if the user-agent explicitly says it can |
| accept that encoding. Previously we always preferred the unencoded |
| variant. |
| [Paul Ausbeck <paula alumni.cse.ucsc.edu>, Paul Sutton] PR#3447 |
| |
| *) Fix APXS tool: query variables LIBS_SHLIB and TARGET were not recognized |
| and the usage page was inconsistent with the functionality and manpage. |
| [Ralf S. Engelschall] |
| |
| *) Allow special options -Wc,xxx and -Wl,xxx on APXS compile/link command. |
| They can occur multiple times and their arguments (`xxx') are passed AS |
| IS to the compiler/linker command. [Ralf S. Engelschall] |
| |
| *) Fixed possible (but harmless in practice) bug in the DBM lookup |
| procedure of mod_rewrite: very long keys were truncated. |
| [Ralf S. Engelschall] |
| |
| *) Added a generic --with-layout=[FILE:]ID option. ID here is a layout |
| identifier, currently "Apache" and "GNU" are pre-defined in the file |
| config.layout. Custom layouts are possible by using FILE:ID as the |
| argument where the layout ID is taken from FILE. |
| |
| The config.layout file consists of <Layout ID>..</Layout> sections |
| where inside those sections "path_variable: path_value" pairs can be |
| specified. These lines are converted to path_variable='path_value'. |
| |
| *) Add a DefaultLanguage directive so that files missing a language |
| extension (e.g., .fr, .de) can be labelled as being some other |
| default language. DefaultLanguage can appear in <Directory> and |
| <Files> containers as well as .htaccess files. [Paul Sutton] |
| PR#1180 |
| |
| *) Fix TARGET configuration when configuring and installing using |
| APACI configure. TARGET now defines the basename of the configuration |
| file, startup script, manual page, etc. log_error_core() now reports |
| the server binary name given by argv[0]. TARGET can now also be defined |
| with --target=TARGET parameter passed to APACI configure. |
| [Ralf Engelschall, Randy Terbush] |
| |
| *) mod_include.c:handle_perl() now properly tests for OPT_INCNOEXEC |
| rather than OPT_INCLUDES [Rainer Schoepf <schoepf uni-mainz.de>] |
| |
| *) ap_md5_binary() was using sprintf() rather than a table lookup |
| to convert binary bytes to hex digits. |
| [Ronald Tschalär <ronald innovation.ch>] PR#3409 |
| |
| *) Fix SEGV in TCN negotiation if no variants are acceptable. |
| [Martin Plechsmid <plechsmi karlin.mff.cuni.cz>] PR#1987 |
| |
| *) API: ap_exists_config_define() function is now "public" [Doug MacEachern] |
| |
| *) Fix documentation of `Action' directive: It can activate a CGI script |
| when either a handler or a MIME content type is triggered by the request. |
| [Andrew Pimlott <pimlott math.harvard.edu>] PR#3340 |
| |
| *) Document the `add' command of `dbmmanage' in `dbmmanage.1' manpage. |
| [David MacKenzie <djm uu.net>] PR#3394 |
| |
| *) Ignore a "ErrorDocument 401" directive with a full URL and write a |
| notice to the error log. It is not possible to send a 401 response |
| and a redirect at the same time. [Lars Eilebrecht] |
| |
| *) Fallback to native compilers for IRIX-32 platform. It seems that |
| a gcc 2.8.1 compiled apache is logging client addresses with all |
| bits set (255.255.255.255). This is the second such problem caused |
| by gcc 2.8.1 compiler. The first being broken semaphore locking. |
| [Randy Terbush] |
| |
| *) Updated mime.types to reflect current Internet media types |
| and include a URL to the registry. |
| [Manoj Kasichainula, Roy Fielding] PR#2380, 2286, 2246 |
| |
| *) SECURITY: Do a more complete check in mod_include to avoid |
| an infinite loop of recursive SSI includes. [Marc Slemko] PR#3323 |
| |
| *) Add APACI --suexec-docroot and --suexec-logfile options which can be |
| used to set the document root directory (DOC_ROOT) and the suexec |
| logfile (LOG_EXEC), respectively. Additionally the --layout option |
| was changed to show more information about the suEXEC setup. |
| [Lars Eilebrecht] PR#3316, 3357, 3361 |
| |
| *) Added the last two WebDAV status codes of 424 (Failed Dependency) |
| and 507 (Insufficient Storage) for use by third-party modules. |
| [Roy Fielding] |
| |
| *) Enabled all of the WebDAV method names for use by third-party |
| modules, Limit, and Script directives. That includes PATCH, |
| PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK. |
| Improved mod_actions.c so that it can use any of the methods |
| defined in httpd.h. Added ap_method_number_of(method) for |
| getting the internal method number. [Roy Fielding] |
| |
| *) PORT: Add a port to the TPF OS. [Joe Moenich <moenich us.ibm.com> and |
| others at IBM] |
| |
| *) Fix problems with handling of UNC names (e.g., \\host\path) |
| on Win32. [Ken Parzygnat <kparz us.ibm.com>] |
| |
| *) Rework os_canonical_*() on Win32 so it's simpler, more |
| robust, and works. [Ken Parzygnat <kparz us.ibm.com>] |
| PR#2555, 2915, 3064, 3232 |
| |
| *) Work around incomplete implementation of strftime on Win32. |
| [Manoj Kasichainula, Ken Parzygnat <kparz us.ibm.com>] |
| |
| *) Move a typedef to fix compile problems on Linux with 1.x kernels. |
| [Manoj Kasichainula] PR#3177 |
| |
| *) PORT: Add a port to the Concurrent PowerMAX OS. [Tom Horsley |
| <Tom.Horsley mail.ccur.com>] |
| |
| *) WIN32: Log more explicit error messages if spawning an interpreted |
| script failed, including the command line used to attempt to execute |
| the interpreter and the Win32 error code returned. [Marc Slemko] |
| |
| *) Disable sending of error-notes on a 500 (Internal Server Error) response |
| since it often includes file path info. Enable sending of error-notes |
| on a 501 (Method Not Implemented). [Roy Fielding] PR#3173 |
| |
| *) http_config.c would respond with 501 (Method Not Implemented) if a |
| content type handler was specified but could not be found, which |
| should have been a 500 response. Likewise, mod_proxy.c would responsd |
| with a 501 if the URI scheme is unrecognized instead of the correct |
| response of 403 (Forbidden). [Roy Fielding] |
| |
| *) SECURITY: Eliminate DoS attack when a bad URI path contains what |
| looks like a printf format escape. [Marc Slemko, Studenten Net Twente] |
| |
| *) Fix in mod_autoindex: for files where the last modified time stamp was |
| unavailable, an empty string was printed which was 2 bytes short. |
| The size and description columns were therefore not aligned correctly. |
| [Martin Kraemer] (no PR#) |
| |
| *) Update BS2000 OS code to work with recent versions. Starting with |
| release A17, the child fork() must be replaced by a _rfork(). |
| (BS2000 only) [Martin Kraemer] |
| |
| *) Add the actual server_rec structure of the specific Vhost to the |
| scoreboard file and avoid a string copy (as well as allow some |
| further future enhancements). [Harrie Hazewinkel |
| <harrie.hazewinkel jrc.it>] |
| |
| *) Add APACI --permute-module=foo:bar option which can be used to |
| on-the-fly/batch permute the order of two modules (mod_foo and mod_bar) |
| in the Configuration[.apaci] file. Two special and important variants are |
| supported for the option argument: first BEGIN:foo which permutes module |
| mod_foo with the begin of the module list, i.e. it `moves' the module to |
| the begin of the list (gives it lowest priority). And second foo:END |
| which permutes mod_foo with the end of the module list, i.e. it `moves' |
| the module to the end of the list (gives it highest priority). |
| [Ralf S. Engelschall] |
| |
| *) Fix problem with 'apache -k shutdown' and startup event |
| synchronisation (Win32). [Ken Parzygnat <kparz raleigh.ibm.com>] |
| PR#3255 |
| |
| *) The config parser wasn't correctly noticing a missing '>' |
| on container start lines (e.g., it wouldn't spot |
| "<Directory /" as a syntax error). [Ryan Bloom <rbbloom us.ibm.com>] |
| PR#3279 |
| |
| *) Add a 'RemoveHandler' directive which will selectively remove |
| all handler associations for the specified file extensions. |
| [Ryan Bloom <rbbloom us.ibm.com>] PR#1799. |
| |
| *) Properly handle & allow "nul" and ".*/null" in AccessConfig and |
| ResourceConfig directives on Win32. Also add a note to the effect |
| of 'useless User directive ignored on Win32' to the errorlog if |
| a User directive is encountered on Win32. |
| [Ken Parzygnat <kparz raleigh.ibm.com>] PR#2078, 2303. |
| |
| *) Fix multiple whitespace handling in imagemaps for mod_imap which was |
| broken since Apache 1.3.1 where we took out compressing of multiple |
| spaces in ap_cfg_getline(). |
| [Ivan Richwalski <ivan seppuku.net>] PR#3249 |
| |
| *) Fix Berkeley-DB/2.x support in mod_auth_db: The data structures were not |
| initialized correctly and the db_open() call used an invalid mode |
| parameter. [Ron Klatchko <ron ckm.ucsf.edu>] PR#3171 |
| |
| *) PORT: DSO support for UnixWare 7 |
| [Ralf S. Engelschall, Ron Record <rr sco.com>] |
| |
| *) Merge the contents of the {srm,access}.conf-dist* files into the |
| httpd.conf-dist* files. The srm and access files now contain |
| only comments, and httpd.conf has all the combined contents in |
| a rational order. [Ken Coar] |
| |
| *) PORT: DSO/ELF support for FreeBSD 3.0. |
| [Ralf S. Engelschall, Dirk Froemberg <ibex physik.TU-Berlin.DE>] |
| |
| *) Add a "default-handler" handler that calls the default_hander() |
| function which is normally called for static content. This allows |
| you to override a specific handler. [Marc Slemko] |
| |
| *) Further simplify checking for absolute paths by replacing an |
| hard-coded syntax check with a call to a routine we already created to |
| do this. [Ken Parzygnat <kparz raleigh.ibm.com>] PR#2976, 3074 |
| |
| *) Log an error if we encounter a malformed "require" directive |
| in mod_auth if we know that we know that no other module can |
| deal with it. [Marc Slemko] |
| |
| *) Remove ap_private_extern method of hiding conflicting symbols |
| on the NEXT platform because it is not correct for all versions, |
| and the versions for which it is correct are unknown. |
| [Wilfredo Sanchez <wsanchez apple.com>] |
| |
| *) Fix inheritance of IndexOptions NameWidth and remove unintended |
| restriction on +NameWidth, +IconHeight, and +IconWidth. [Ken Coar] |
| |
| *) Fix per-directory config merging for cases in which a 500 error |
| is encountered in an .htaccess file somewhere down the tree. |
| [Ken Coar] PR#2409 |
| |
| *) Minor performance improvement to ap_escape_html(). [Roy Fielding] |
| |
| *) Fixed a segmentation violation in mod_proxy when a response is |
| non-cachable. [Roy Fielding, traced by Doug Bloebaum]. PR#2950, 3056 |
| |
| Changes with Apache 1.3.3 |
| |
| *) Added a complete implementation of the Expect header field as |
| specified in rev-05 of HTTP/1.1. Disabled the 100 Continue |
| response when we already know the final status, which is mighty |
| useful for PUT responses that result in 302 or 401. [Roy Fielding] |
| |
| *) Remove extra trailing whitespace from the getline results as part |
| of the protocol processing, which is extra nice because it works |
| between continuation lines, is almost no cost in the normal case |
| of no extra whitespace, and saves memory. [Roy Fielding] |
| |
| *) Added new HTTP status codes and default response bodies from the |
| revised HTTP/1.1 (307, 416, 417), WebDAV (102, 207, 422, 423), and |
| HTTP Extension Framework (510) specifications. Did not add the |
| WebDAV 424 and 425 codes because they are bogus. We don't use any |
| of these codes yet, but they are now available to 3rd-party modules. |
| [Roy Fielding] |
| |
| *) Fix a possible race condition between timed-out requests and the |
| ap_bhalfduplex select that might result in an infinite loop on |
| platforms that do not validate the descriptor. [Roy Fielding] |
| |
| *) WIN32: Add "-k shutdown" and "-k restart" options to signal a |
| running Apache server [Paul Sutton] |
| |
| *) Fix mod_autoindex bug where directories got a size of "0k" instead |
| of "-". [Martin Plechsmid <plechsmi karlin.mff.cuni.cz>, Marc Slemko] |
| PR#3130 |
| |
| *) PORT: DRS 6000 machine. [Paul Debleecker <pdebleecker jetair.be>] |
| |
| *) Add the server signature text (from the core ServerSignature directive) |
| to the list of envariables available to scripts, SSI, and the like. |
| [Ken Coar] |
| |
| *) PORT: Fix sys/resource.h handling for SCO 3.x platform. |
| [M. Laak <maert proinv.ee>] PR#3108 |
| |
| *) Fallback from sysconf-based to plain HZ-based `ticks per second' |
| calculation in mod_status for all systems which don't have POSIX |
| sysconf() (like UTS 2.1) and not only for the NEXT platform. |
| [Dave Dykstra <dwd bell-labs.com>] PR#3055 |
| |
| *) Fix `require ...' directive parsing in mod_auth, mod_auth_dbm and |
| mod_auth_db by using ap_getword_white() (which uses ap_isspace()) |
| instead of ap_getword(..., ' ') (which parses only according to spaces |
| but not tabs). [James Morris <jmorris intercode.com.au>, |
| Ralf S. Engelschall] PR#3105 |
| |
| *) Fix the SERVER_NAME variable under sub-request situations (where |
| `UseCanonicalName off' is used) like CGI's called from SSI pages or |
| RewriteCond variables by adopting r->hostname to sub-requests. |
| [James Grinter <jrg blodwen.demon.co.uk>] PR#3111 |
| |
| *) Fix stderr redirection under syslog-based error logging situation. |
| [Youichirou Koga <y-koga jp.FreeBSD.org>] PR#3095 |
| |
| *) Document `ErrorLog syslog:facility' variant of error logging. |
| [Youichirou Koga <y-koga jp.FreeBSD.org>] PR#3096 |
| |
| *) Fix http://localhost/ hints in top-level INSTALL document. |
| [Rob Jenson <robjen spotch.com>, Ralf S. Engelschall] PR#3088 |
| |
| *) Quote paths in default configuration files. [Wilfredo Sanchez] |
| |
| *) PORT: Remove extra HAVE_SYS_RESOURCE_H define for RHAPSODY since |
| it is now taken care of properly by the header file tests. |
| [Wilfredo Sanchez <wsanchez apple.com>] |
| |
| *) Fix problem with scripts and filehandle inheritance on Win32. |
| [Ken Parzygnat <kparz raleigh.ibm.com>] PR#2884, 2910 |
| |
| *) Win32 name canonicalisation could end up using the server's |
| working directory to fill in some blanks. [Ken Parzygnat |
| <kparz raleigh.ibm.com>] PR#3001 |
| |
| *) Correct invalid assumption by ap_sub_req_lookup_file() that all |
| absolute paths begin with "/" -- because they don't on Win32. |
| [Ken Parzygnat <kparz raleigh.ibm.com>] PR#2976, 3074 |
| |
| *) Add [REDIRECT_]VARIANTS environment variable to mod_speling |
| so that ErrorDocument 300 processors can reformat the list |
| if desired. [Ken Coar] PR#2859 |
| |
| *) Add +/- incremental prefixes to IndexOptions keywords, and |
| enable merging of multiple IndexOptions directives. [Ken Coar] |
| |
| *) PORT: Allow GuessOS to recognize Unixware 7.0.1 [Steve Cameron |
| <steve.cameron compaq.com>] |
| |
| *) Reconstructed the loop through multiple htaccess file names so |
| that missing files are not confused with unreadable files. |
| [Roy Fielding] |
| |
| *) The ap_pfopen and ap_pfdopen routines were failing to protect the |
| errno on an error, which leads to one error being mistaken for |
| another when reading non-existent .htaccess files. |
| [Jim Jagielski] |
| |
| *) OS/2: The new header tests get things right, need to update |
| ap_config.h. [Brian Havard] |
| |
| *) The Perl %ENV hash will now be setup by default when using the |
| mod_include `perl' command [Doug MacEachern] |
| |
| *) PORT: Add Pyramid DC/OSx support to configuration mechanism. |
| [Earle Ake <akee wpdiss1.wpafb.af.mil>] |
| |
| *) PORT: Fix sys/resource.h handling for Amdahl's UTS 2.1 |
| [Dave Dykstra <dwd bell-labs.com>] PR#3054 |
| |
| *) Correct comment in mod_log_config.c about its internals. |
| [Elf Sternberg <elf halcyon.com>] |
| |
| *) Avoid possible line overflow in Configure: Use an awkfile to |
| handle the creation of modules.c [Jim Jagielski] |
| |
| Changes with Apache 1.3.2 |
| |
| *) Fix bug in ap_remove_module(), which caused problems for dso's |
| who were the top_module. [Doug MacEachern] |
| |
| *) Add support for Berkeley-DB/2.x (in addition to Berkeley-DB/1.x) to |
| mod_auth_db to both be friendly to users who wants to use this version |
| and to avoid problems under platforms where only version 2.x is present. |
| [Dan Jacobowitz <drow false.org>, Ralf S. Engelschall] |
| |
| *) When using ap_log_rerror(), make the error message available to the |
| *ERROR_NOTES envariables by default. [Ken Coar] |
| |
| *) BS2000 platform only: get rid of the nasty BS2000AuthFile. |
| You now must define a BS2000Account name for the server User. |
| This has fewer security implications than the old approach. |
| [Martin Kraemer] |
| |
| *) Fix SHARED_CORE feature for HPUX platform: We now use extension `.sl' |
| instead of `.so' and `SHLIB_PATH' instead of `LD_LIBRARY_PATH' on this |
| platform to make the braindead HPUX linker happy. Notice, for the module |
| DSOs we don't have to use this, because these are loaded manually (and |
| not via HPUX' dld). [Ralf S. Engelschall] PR#2905, PR#2968 |
| |
| *) Remove 64 thread limit on Win32. |
| [Bill Stoddard <stoddard raleigh.ibm.com>] |
| |
| *) Remove redundant substitutions in top-level Makefile.tmpl. |
| [Ralf S. Engelschall] |
| |
| *) Fix APACI's `Group' configuration adjustment - especially for Linux |
| platforms where `nogroup' exists in /etc/group. [Ralf S. Engelschall] |
| |
| *) Make PrintPath work generically instead of having one version |
| strictly for OS/2. [Jim Jagielski, Brian Havard] |
| |
| *) Fix the recently introduced C header file checking: We now use the C |
| pre-processor pass only (and no longer the complete compiler pass) to |
| determine whether a C header file exists or not. Because only this way |
| we're safe against inter-header dependencies (which caused horrible |
| portability problems). The only drawback is that we now have a CPP |
| configuration variable which has to be determined first (we do a similar |
| approach as GNU Autoconf does here). When all fails the user still has |
| the possibility to override it manually via APACI or src/Configuration. |
| As a fallback for the header check itself we can directly check the |
| existance of the file under /usr/include, too. |
| [Ralf S. Engelschall] PR#2777 |
| |
| *) PORT: Added RHAPSODY (Mac OS X Server) support. MAP_TMPFILE defined |
| as an alternate mechanism for mmap'd shared memory for RHAPSODY. |
| ap_private_extern defined to hide symbols that conflict with loaded |
| dynamic libraries on the NEXT and RHAPSODY platforms. |
| [Wilfredo Sanchez <wsanchez apple.com>] |
| |
| *) Delete PID file on clean shutdowns. |
| [Charles Randall <crandall matchlogic.com>] PR#2947 |
| |
| *) Fix mod_auth_*.html documents: NSCA -> NCSA |
| [Youichirou Koga <y-koga jp.FreeBSD.org>] PR#2991 |
| |
| *) Fix INSTALL document: www.gnu.ai.mit.edu -> www.gnu.org |
| [Karl Berry <karl gnu.org>] PR#2994 |
| |
| *) Fix dbmmanage.1 manual page. |
| [Youichirou Koga <y-koga jp.FreeBSD.org>] PR#2992 |
| |
| *) Fix possible buffer overflow situation in suexec.c. |
| [Jeff Stewart <jws purdue.edu>] PR#2790 |
| |
| *) Add some more LIBS for the SCO5 platform which are needed for the already |
| used -lprot. It's actually a bug in SCO5, of course. |
| [Ronald Record <rr sco.com>] PR#2533 |
| |
| *) Fix documentation of ProxyPass/ProxyPassReverse according to the |
| trailing slash problem. [Jon Drukman <jsd gamespot.com>] PR#2933 |
| |
| *) Remove `-msym' option from LDFLAGS_SHLIB for the Digital UNIX (OSF/1) |
| platform, because it's only supported under version 4.0 and higher. But |
| because our GuessOS is still unaware of Digital UNIX versions and the |
| -msym is just to optimize the DSO statup time a little bit it's safe and |
| best when we leave it out now. [Ralf S. Engelschall] PR#2969 |
| |
| *) Fix the ap_log_error_old(), ap_log_unixerr() and ap_log_printf() |
| functions: First all three functions no longer fail on strings containing |
| "%" chars and second ap_log_printf() no longer does a double-formatting |
| (instead it directly passes through the message to be formatted to the |
| real internal formatting function). [Ralf S. Engelschall] PR#2941 |
| |
| *) Allow "Include" directives anywhere in the server config |
| files (but not .htaccess files). [Ken Coar] PR#2727 |
| |
| *) The proxy was refusing to serve CONNECT requests except to |
| port 443 (https://) and 563 (snews://). The new AllowCONNECT |
| directive allows the configuration of the ports to which a |
| CONNECT is allowed. [Sameer Parekh, Martin Kraemer] |
| |
| *) mod_expires will now act on content that is not sent from a file |
| on disk. Previously it would never add an Expires: header to |
| any response that did not come from a file on disk; the only |
| case where it still doesn't (and can't) add one for that type of |
| content is if you are using a modification date based setting. |
| [Marc Slemko, Paul Phillips <paulp go2net.com>] |
| |
| *) Problems encountered during .htaccess parsing or CGI execution |
| that lead to a "500 Server Error" condition now provide explanatory |
| text (in the *ERROR_NOTES envariable) to ErrorDocument 500 scripts. |
| [Ken Coar] PR#1291 |
| |
| *) Add NameWidth keyword to IndexOptions directive so that the |
| width of the filename column is customisable. [Ken Coar, Dean Gaudet] |
| PR#1949, 2324. |
| |
| *) Recognize lowercase _and_ uppercase `uname' results under |
| SCO OpenServer. [David Coelho <drc ppt.com>] |
| |
| *) As duplicate "HTTP/1.0 200 OK" lines within the header seem to be |
| a common problem of (mis-administrated?) IIS servers, make the apache |
| proxy immune to these errors (and ignore the duplicates, but log |
| the fact to error_log). [Martin Kraemer], after the proposal in PR#2914 |
| |
| *) The <IfModule and <IfDefine block starting directives now only |
| allow exactly one argument. Previously, the optional negation |
| character '!' could be separated by whitespace without a syntax |
| error being reported, albeit defeating the IfModule functionality |
| (enclosed directives would ALWAYS be executed). By using the |
| stricter syntax, these hard-to-track errors can be avoided. |
| [Martin Kraemer] |
| |
| *) Simplify handling of IndexOptions in mod_autoindex -- and BTW |
| cause the standalone FancyIndexing directive to logically OR |
| into any existing IndexOptions settings rather than wiping |
| them out. [Ken Coar] |
| |
| *) Changes in ftp proxy: make URL parsing simpler by using the |
| parsed_uri stuff. |
| + Add display of the "current directory" in cases where it's |
| different from the supplied path (e.g., ftp://user@host/ lives |
| in /home/user, not in /, therefore clicking on "../" in the |
| starting directory might send us to /home/). |
| + When ftp login fails, (esp. when a user name was part of the |
| URL already), we now return [401 Unauthorized ] to allow the |
| browser to pop up an authorization dialog. This makes passwords |
| slightly less visible (they don't appear in the regular log files) |
| and implements a functionality that other www proxy servers |
| already offered. |
| [Martin Kraemer] |
| |
| *) Triggered by the recent "Via:" header changes, the proxy module would |
| dump core for replies with invalid headers (e.g., duplicate |
| "HTTP/1.0 200 OK" lines). These errors are now logged and the |
| core dump is avoided. Also, broken replies are not cached. |
| [Martin Kraemer] PR#2914 |
| |
| *) new `GprofDir' directive when compiled with -DGPROF, where gprof can |
| plop gmon.out profile data for each child [Doug MacEachern] |
| |
| *) Use the construct ``"$@"'' instead of ``$*'' in the generated |
| config.status script to be immune against arguments with whitespaces. |
| [Yves Arrouye <yves apple.com>] PR#2866 |
| |
| *) Replace the inlined information grabbing stuff for the configuration |
| adjustment feature (no --without-confadjust) with calls to a new helper |
| script `buildinfo.sh' which is both more flexible and already proofed to |
| be more robust against platform differences. This mainly fixes the |
| recently occured ``sed: command garbled: ...'' problems. |
| [Ralf S. Engelschall] PR#2776, PR#2848 |
| |
| *) Make ab.c again pass ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align |
| -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline'' |
| without complains after we recently added the POST feature. |
| [Ralf S. Engelschall] |
| |
| *) Renamed is_HTTP_xxx() macros to ap_is_HTTP_xxx() name. They are used inside |
| modules as API functions and we forgot them at the big symbol renaming. |
| [Ralf S. Engelschall] |
| |
| *) Remove bad reference to non-existing SERVER_VERSION in mod_rewrite.html |
| [Youichirou Koga <y-koga jp.FreeBSD.ORG>] PR#2895 |
| |
| *) Dynamically size the filename column of mod_autoindex output. |
| [Dean Gaudet] |
| |
| *) Add the ability to do POST requests to the ab benchmarking tool. |
| [Kurt Sussman <kls best.com>] PR#2871 |
| |
| *) Bump up MAX_ENV_FLAGS in mod_rewrite.h from the too conservatice limit of |
| 5 to 10 because there are some users out there who always have 5 to 8 |
| variables in one RewriteRule and had to patch mod_rewrite.h for every |
| release. So 15 should be now more than enough, even for them. (I never |
| needed more than 4 in my RewriteRules ;-) |
| [Ralf S. Engelschall] |
| |
| *) Make the proxy generate and understand Via: headers |
| [Martin Kraemer] |
| |
| *) Change the proxy to use tables instead of array_headers for |
| the header lines. [Martin Kraemer] |
| |
| *) Make sure the config.status file is not overridden when just |
| ``configure --help'' is used. [Ralf S. Engelschall] PR#2844 |
| |
| *) Split MODULE_MAGIC_NUMBER into _MAJOR/_MINOR numbers. This should |
| provide a way to trace API changes that add functionality but do |
| not create a compatibility issue for precompiled modules, etc. |
| See include/ap_mmn.h for more details. [Randy Terbush] |
| |
| *) Fix suexec installation under `make install root=xxx' situation. |
| [Ralf S. Engelschall] |
| |
| *) Extend the output of the -V switch to include the paths of all |
| compiled-in configuration files, if they were overridden at |
| compile time, for least astonishment of the user. |
| [Martin Kraemer] |
| |
| *) When READing a request in ExtendedStatus mode, the "old" |
| vhost, request and client information is not displayed. |
| [Jim Jagielski] |
| |
| *) STATUS is no longer available. Full status information now |
| run-time configurable using the ExtendedStatus directive. |
| [Jim Jagielski] |
| |
| *) SECURITY: CVE-1999-1199 (cve.mitre.org) |
| Eliminate O(n^2) space DoS attacks (and other O(n^2) |
| cpu time attacks) in header parsing. Add ap_overlap_tables(), |
| a function which can be used to perform bulk update operations |
| on tables in a more efficient manner. [Dean Gaudet] |
| |
| *) SECURITY: Added compile-time and configurable limits for |
| various aspects of reading a client request to avoid some simple |
| denial of service attacks, including limits on maximum request-line |
| size (LimitRequestLine), number of header fields (LimitRequestFields), |
| and size of any one header field (LimitRequestFieldsize). Also added |
| a configurable directive LimitRequestBody for limiting the size of the |
| request message body. [Roy Fielding] |
| |
| *) Make status module aware of DNS and logging states, even if |
| STATUS not defined. [Jim Jagielski] |
| |
| *) Fix a problem with the new OS/2 mutexes. [Brian Havard] |
| |
| *) Enhance mod_speling so that CheckSpelling can be used in |
| <Directory> containers and .htaccess files. [Ken Coar] |
| |
| *) API: new ap_custom_response() function for hooking into the |
| ErrorDocument mechanism at runtime [Doug MacEachern] |
| |
| *) API: new ap_uuencode() function [Doug MacEachern] |
| |
| *) API: scan_script_header_err_core() now "public" and renamed |
| ap_scan_script_header_err_core() [Doug MacEachern] |
| |
| *) The 'status' module will now show the process pid's and their |
| state even without full STATUS accounting. [Jim Jagielski] |
| |
| *) Restore the client IP address to the error log messages, this |
| was lost during the transition from 1.2 to 1.3. Add a new |
| function ap_log_rerror() which takes a request_rec * and |
| formats it appropriately. [Dean Gaudet] PR#2661 |
| |
| *) Cure ap_cfg_getline() of its nasty habit of compressing internal |
| whitespace in input lines -- including within quoted strings. |
| [Ken Coar] |
| but leading and trailing whitespace should continue to be |
| stripped [Martin Kraemer] |
| |
| *) Cleanup of the PrintPath/PrintPathOS2 helper functions. Avoid |
| the ugly use of an env. variable and use command-line args for |
| alternate $PATH. Make more like advanced 'type's as well. |
| [Jim Jagielski] |
| |
| *) The IRIXN32 Rule was being ignored. Configure now correctly adds |
| -n32 only if IRIXN32 says to. [Jim Jagielski, Alain St-Denis |
| <alain.st-denis ec.gc.ca>] PR#2736 |
| |
| *) Clean up a warning in mod_proxy. [Ralf S. Engelschall] |
| |
| *) Renamed __EMX__ (internal define of the gcc port under OS/2) to OS2 |
| following the same idea as "MSVC vs WIN32". Additionally the src/os/emx/ |
| directory was renamed to src/os/os2/ for consistency. |
| [Brian Havard, Ralf S. Engelschall] |
| |
| *) Add new Rule SHARED_CHAIN which can be used to enable linking of DSO |
| files (here modules) against other DSO files (here shared libraries). |
| This is done by determining a subset of LIBS which can be safely used for |
| linking the DSOs, i.e. PIC libs and shared libs. Currently the rule is |
| disabled for all platforms to avoid problems with this (experimental) |
| rule. But we provide it now for those people how ran into problems and |
| want to came out by forcing linking against DSOs. |
| [Ralf S. Engelschall] PR#2587 |
| |
| *) Fix suEXEC start message: Has to be of `notice' level to really get |
| printed together with the standard startup message because the `notice' |
| level is handled special inside ap_log_error() for startup messages. |
| [Ralf S. Engelschall] PR#2761 PR#2761 PR#2765 |
| |
| *) Add correct `model' MIME types from RFC2077 to mime.types file. |
| [Ralf S. Engelschall] PR#2732 |
| |
| *) Fixed examples in mod_rewrite.html document. |
| [Youichirou Koga <y-koga jp.FreeBSD.org>, Ralf S. Engelschall] PR#2756 |
| |
| *) Allow ap_read_request errors to propagate through the normal request |
| handling loop so that the connection can be properly closed with |
| lingering_close, thus avoiding a potential TCP reset that would |
| cause the client to miss the HTTP error response. [Roy Fielding] |
| |
| *) One more portability fix for APACI shadow tree support: Swap order of awk |
| and sed in top-level configure script to avoid sed fails on some |
| platforms (for instance SunOS 4.1.3 and NCR SysV) because of the |
| non-newline-termined output of Awk. [Ralf S. Engelschall] PR#2729 |
| |
| *) PORT: NEC EWS4800 support. |
| [MATSUURA Takanori <t-matsuu protein.osaka-u.ac.jp>] |
| |
| *) Fix a segfault in the proxy on OS/2. [Brian Havard] |
| |
| *) Fix Win32 part of ap_spawn_child() by providing a reasonable child_info |
| structure instead of just NULL. This fixes at least the RewriteMap |
| programs under Win32. [Marco De Michele <mdemichele tin.it>] PR#2483 |
| |
| *) Add workaround to top-level `configure' script for brain dead |
| `echo' commands which interpet escape sequences per default. |
| [Ralf S. Engelschall] PR#2654 |
| |
| *) Make sure that the path to the Perl interpreter is correctly |
| adjusted under `make install' also for the printenv CGI script. |
| [Ralf S. Engelschall] PR#2595 |
| |
| *) Update the mod_rewrite.html document to correctly reflect the situation |
| of the `proxy' (`[P]') feature. [Ralf S. Engelschall] PR#2679 |
| |
| *) Fix `install-includes' sub-target of `install' target in top-level |
| Makefile.tmpl: The umask+cp approach didn't work as expected (especially |
| for users which extracted the distribution under 'umask 077'), so replace |
| it by an explicit cp+chmod approach. |
| [Richard Lloyd, Curt Sampson, Ralf S. Engelschall] PR#2656 PR#2626 |
| |
| *) Fix `distclean' and `clean' targets in src/Makefile.tmpl to have same |
| behavior and to cleanup correctly even under enabled SHARED_CORE rule. |
| [Ralf S. Engelschall] |
| |
| *) Use a more straight forward and thus less problematic Sed command in |
| src/helper/mkdir.sh script. [Ralf S. Engelschall] |
| |
| *) Make sure the `configure' scripts doesn't fail when trying to guess the |
| domainname of the machine and there are multiple `domainname' and |
| `search' entries in /etc/resolv.conf. |
| [Ralf S. Engelschall] PR#2710 |
| |
| *) Add note about the SHARED_CORE requirement on some platforms also to the |
| INSTALL file because a lot of users don't read htdocs/manual/dso.html |
| first. [Ralf S. Engelschall] PR#2701 |
| |
| *) Fix document "hyperlink" for dso.html in src/Configuration.tmpl |
| [Knut A.Syed <Knut.Syed nhh.no>] PR#2674 |
| |
| *) Modify mod_rewrite to update the Vary response field if the URL rewriting |
| engine does any manipulations or decisions based upon request fields. |
| [Ken Coar] PR#1644 |
| |
| *) Document the special APACI behavior for installation paths where |
| ``/apache'' is appended to paths under some (well defined, of course) |
| situations to prevent pollution of system locations with Apache files. |
| [Ralf S. Engelschall] PR#2660 |
| |
| *) Fixed problem with buffered response message not being sent for |
| the read_request error conditions of URI-too-long (414) and |
| malformed header fields (400). [Roy Fielding] PR#2646 |
| |
| *) Add support for the Max-Forwards: header line required by RFC2068 for |
| the TRACE method. This allows apache to TRACE along a chain of proxies |
| up to a predetermined depth. [Martin Kraemer] |
| |
| *) Fix SHARED_CORE rule: The CFLAGS_SHLIB variable is no longer doubled |
| (compilers complained) and the .so.V.R.P filename extension was adjusted |
| to correctly reflect the 1.3.2 version. |
| [Ralf S. Engelschall] PR#2644 |
| |
| *) SECURITY: Plug "..." and other canonicalization holes under OS/2. |
| [Brian Havard] |
| |
| *) PORT: implement serialized accepts for OS/2. [Brian Havard] |
| |
| *) mod_include had problems with the fsize and flastmod directives |
| under WIN32. Fix also avoids the minor security hole of using |
| ".." paths for fsize and flastmod. |
| [Manoj Kasichainula <manojk raleigh.ibm.com>] PR#2355 |
| |
| *) Fixed some Makefile dependency problems. [Dean Gaudet] |
| |
| Changes with Apache 1.3.1 |
| |
| *) Disable the incorrect entry for application/msword in the |
| mod_mime_magic "magic" file because it also matches other Office |
| documents. [Ralf S. Engelschall] PR#2608 |
| |
| *) Fix broken RANLIB handling in src/Configure (the entry from |
| src/Configuration.tmpl was ignored) and additionally force RANLIB to |
| /bin/true under HP/UX where ranlib exists but is deprecated. |
| [Ralf S. Engelschall] PR#2627 |
| |
| *) 'apachectl status' failed on some systems. |
| [Steve VanDevender <stevev darkwing.uoregon.edu>, Lars Eilebrecht] PR#2613 |
| |
| *) Add new flags for ap_unparse_uri_components() to make it generate |
| the scheme://sitepart string only, or to omit the query string. |
| [Martin Kraemer] |
| |
| *) WIN32: Canonicalize ServerRoot before checking to see if it |
| is a valid directory. The failure to do this caused certain |
| ServerRoot settings (eg. "ServerRoot /apache") to be improperly |
| rejected. [Marc Slemko] |
| |
| *) Global renaming of C header files to both get rid of conflicts with third |
| party packages and to again reach consistency: |
| 1. conf.h -> ap_config.h |
| 2. conf_auto.h -> ap_config_auto.h \ these are now merged |
| 3. ap_config.h -> ap_config_auto.h / in the config process |
| 4. compat.h -> ap_compat.h |
| 5. apctype.h -> ap_ctype.h |
| Backward compatibility files for conf.h and compat.h were created. |
| |
| *) mod_mmap_static will no longer take action on requests unless at |
| least one "mmapfile" directive is present in the configuration. |
| This experimental module has to do some black magic to operate |
| inside the current API and thus creates side-effects for other |
| modules under some circumstances. |
| [Ralf S. Engelschall] |
| |
| *) Add conservative ticks around more egrep arguments in top-level configure |
| to avoid problems under brain-dead platforms like Digital UNIX (OSF1). |
| [Ralf S. Engelschall] PR#2596 |
| |
| *) mod_rewrite created RewriteLock files under the UID of the parent |
| process, thus the child processes had no write access to the files. |
| Now a chown() is done on the file to the uid of the children, |
| if applicable. [Lars Eilebrecht, Ralf S. Engelschall] PR#2341 |
| |
| *) Autogenerate some HAVE_XXXXX_H defines in conf_auto.h (determined via |
| TestCompile) instead of defining them manually in conf.h based on less |
| accurate platform definitions. This way we no longer have to fiddle with |
| OS-type and/or OS-version identifiers to discover whether a system header |
| file exists or not. Instead we now directly check for the existence of |
| those esoteric ones. |
| [Ralf S. Engelschall] PR#2093, PR#2361, PR#2377, PR#2434, |
| PR#2524, PR#2525, PR#2533, PR#2569 |
| |
| *) mod_setenvif (BrowserMatch* and friends) will now match a missing |
| field with "^$". [Ken Coar] |
| |
| *) Set the RTLD_GLOBAL dlopen mode parameter to allow dynamically loaded |
| modules to load their own modules dynamically. This improves mod_perl |
| and mod_php3 when these modules are loaded dynamically into Apache. |
| [Rasmus Lerdorf] |
| |
| *) Cache a proxied request in the event that the client cancels the |
| transfer, provided that the configured percentage of the file has |
| already been transferred. It works for HTTP transfers only. The |
| new configuration directive is called CacheForceCompletion. |
| [Glen Parker <glenebob nwlink.com>] PR#2277 |
| |
| *) Add the "<!DOCTYPE HTML" magic cookie used by modern documents (and |
| required by HTML 3.2 and later) to mod_mime_magic's conf/magic. |
| [Anna Shergold <anna inext.co.uk>] |
| |
| *) Fix yet another signal-based race condition involving nested timers. |
| Signals suck. [Dean Gaudet] |
| |
| *) suexec's error messages have been clarified a little bit. [Ken Coar] |
| |
| *) Clean up some, but perhaps not all, 8-bit character set problems |
| with config file parsing, and URL parsing. We now define |
| ap_isdigit(), ap_isupper(), ... which cast to an (unsigned char). |
| This should work on most modern unixes. |
| [Dean Gaudet] PR#800, 2282, 2553 (and others) |
| |
| *) The "handler not found" error was issued in cases where the handler |
| really did exist, but was just declining to serve the request. |
| [John Van Essen <jve gamers.org>] PR#2529 |
| |
| *) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x). |
| [Ronald Record <rr sco.com>] PR#2533 |
| |
| *) The APACI libexecdir was not extended with an "apache/" subdir |
| if the installation prefix didn't already contain "apache", but |
| it should be because the DSO files are Apache-specific. Now |
| libexecdir is treated the same way sysconfdir, datadir, localstatedir |
| and includedir are already treated. |
| [Charles Levert <charles comm.polymtl.ca>] PR#2551 |
| |
| *) The <Limit> parsing routine was incorrectly treating methods as |
| case-insensitive. [Ken Coar] |
| |
| *) The ap_bprintf() code neglected to test if there was an error on |
| the connection. ap_bflush() misdiagnosed a failure as a success. |
| [Dean Gaudet] |
| |
| *) add support for #perl arg interpolation in mod_include |
| [Doug MacEachern] |
| |
| *) API: Name changes of table_elts to ap_table_elts, is_table_empty |
| to ap_is_table_empty and bgetflag to ap_bgetflag. [Ben Laurie] |
| |
| *) PORT: Add UnixWare 7 support |
| [Vadim Kostoglodoff <vadim olly.ru>] PR#2463 |
| |
| *) Fix the Guess-DSO-flags-from-Perl stuff in src/Configure: "perl" was |
| used instead of "$PERL" which contains the correctly determined Perl |
| interpreter (important for instance on systems where "perl" and "perl5" |
| exists, like BSDI or FreeBSD, etc). |
| [Ralf S. Engelschall] PR#2505 |
| |
| *) Move the initial suEXEC-related startup message from plain |
| fprintf()/stderr to a delayed ap_log_error()-based one to avoid problems |
| when Apache is started from inetd (instead of standalone). Under this |
| situation startup messages on stderr lead to problems (the line is sent |
| to the client in front of the requested document). |
| [Ralf S. Engelschall] PR#871, PR#1318 |
| |
| *) Add a flag so ap_fnmatch() can be used for case-blind pattern matching. |
| [Ken Coar, Dean Gaudet] |
| |
| *) WIN32: Don't collapse multiple slashes in PATH_INFO. |
| [Ben Laurie, Bill Stoddard <wgstodda us.ibm.com>] PR#2274 |
| |
| *) WIN32 SECURITY: Eliminate trailing "."s in path components. These are |
| ignored by the Windows filesystem, and so can be used to bypass security. |
| [Ben Laurie, Alexei Kosut]. |
| |
| *) We now attempt to dump core when we get SIGILL. [Jim Jagielski] |
| |
| *) PORT: remove broken test for MAP_FILE in http_main.c. |
| [Wilfredo Sanchez <wsanchez apple.com>] |
| |
| *) PORT: Change support/apachectl to use "kill -0 $pid" to test if the |
| httpd is running. This should be more portable than figuring out |
| which of three dozen different versions of "ps" are installed. |
| [a cast of dozens] |
| |
| *) WIN32: If we can't figure out how to execute a file in a script |
| directory, bail out of the request with an error message. [W G Stoddard] |
| |
| *) WIN32 SECURITY: Eliminate directories consisting of three or more dots; |
| these are treated by Win32 as if they are ".." but are not detected by |
| other machinery within Apache. This is something of a kludge but |
| eliminates a security hole. [Manoj Kasichainula, Ben Laurie] |
| |
| *) Move ap_escape_quotes() from src/ap to src/main/util.c; it uses |
| pools and thus pollutes libap (until the pool stuff is moved there). |
| [Ken Coar] |
| |
| *) IndexIgnore should be case-blind on Win32 (and any other case-aware |
| but case-insensitive platforms). New #define for this added to conf.h |
| (CASE_BLIND_FILESYSTEM). [Ken Coar] PR#2455 |
| |
| *) Enable DSO support for OpenBSD in general, not only for 2.x, because it |
| also works for OpenBSD 1.x. [Ralf S. Engelschall] |
| |
| *) PORT: Fix compilation problem on ARM Linux. |
| [Sam Kington <sam illuminated.co.uk>] PR#2443 |
| |
| *) Let APACI's configure script determine some configuration parameters |
| (Group, Port, ServerAdmin, ServerName) via some intelligent tests to |
| remove some of the classical hurdles for new users when setting up |
| Apache. This is done per default because it is useful for the average |
| user. Package authors can use the --without-confadjust option to disable |
| these configuration adjustments. |
| [Ralf S. Engelschall] |
| |
| *) Added an EXTRA_DEPS configuration parameter which can be used |
| to add an extra Makefile dependency for the httpd target, for instance |
| to external third-party libraries, etc. |
| [Ralf S. Engelschall] |
| |
| *) Add <IfDefine>..</IfDefine> sections to the core module (with same spirit |
| as <IfModule>..</IfModule> sections) which can be used to skip or process |
| contained commands dependend of ``-D PARAMETER'' options on the command |
| line. This can be used to achieve logical conditions like <IfDefine |
| ReverseProxy> instead of physically ones (e.g. <IfModule mod_proxy.c>) |
| and thus especially can be used for conditionally loading DSO-based |
| modules via LoadModule, etc. [Ralf S. Engelschall] |
| |
| *) PORT: clean up a warning in mod_status for OS/2. [Brian Havard] |
| |
| *) Make table elements const. This may prevent obscure errors. [Ben Laurie] |
| |
| *) Fix parsing of FTP `SIZE' responses in proxy module: The newline was not |
| truncated which forced following HTTP headers to be data in the HTTP |
| reponse. [Ralf S. Engelschall, Charles Fu <ccwf bacchus.com>] |
| PR#2412, 2367 |
| |
| *) Portability fix for APACI shadow tree support: Swap order of awk and sed |
| in top-level configure script to avoid sed fails on some platforms (for |
| instance SunOS 4.1.3 and NCR SysV) because of the non-newline-termined |
| output of Awk. [Bill Houle <bhoule sandiegoca.ncr.com>] PR#2435 |
| |
| *) Improve performance of directory listings (mod_autoindex) by comparing |
| integer keys (last-modified and size) as integers rather than converting |
| them to strings first. Also use a set of explicit byte tests rather |
| than strcmp() to check for parent directory-ness of an entry. Oh, and |
| make sure the parent directory (if displayed) is *always* listed first |
| regardless of the sort key. Overall performance winnage should be good |
| in CPU time, instruction cache, and memory usage, particularly for large |
| directories. [Ken Coar] |
| |
| *) Add a tiny but useful goody to APACI's configure script: The generation |
| of a config.status script (as GNU Autoconf does) which remembers the used |
| configure command and hence can be used to restore the configuration by |
| just re-running this script or for remembering the configuration between |
| releases. |
| [Ralf S. Engelschall] |
| |
| *) Add httpd -t (test) option for running configuration syntax tests only. |
| If something is broken it complains and exits with a return code |
| non-equal to 0. This can be used manually by the user to check the Apache |
| configuration after editing and is also automatically used by apachectl |
| on (graceful) restart command to make sure Apache doesn't die on restarts |
| because of a configuration which is now broken since the last (re)start. |
| This way `apachectl restart' can be used inside cronjobs without having |
| to expect Apache to be falling down. Additionally the httpd -t can be run |
| via `apachectl configtest'. |
| [Ralf S. Engelschall] PR#2393 |
| |
| *) Minor display fix for "install" target of top-level Makefile: |
| the displayed installation command was incorrect although the |
| executed command was correct. Now they are in sync. |
| [Ralf S. Engelschall] PR#2402 |
| |
| *) Correct initialization of variable `allowed_globals' in http_main.c |
| [Justin Bradford <justin ukans.edu>] PR#2400 |
| |
| *) Apache would incorrectly downcase the entire Content-Type passed from |
| CGIs. This affected server-push scripts and such which use |
| multipart/x-mixed-replace;boundary=ThisRandomString. |
| [Dean Gaudet] PR#2394 |
| |
| *) PORT: QNX update to properly guess 32-bit systems. |
| [Sean Boudreau <seanb qnx.com>] PR#2390 |
| |
| *) Make sure the DSO emulation code for HPUX finds the proprietary shl_xxx() |
| functions which are in libdld under HPUX 9/10. |
| [Ralf S. Engelschall] PR#2378 |
| |
| *) Make sure the "install" target of the top-level Makefile doesn't break |
| because of a return code of 1 from an "if" (for instance under braindead |
| Ultrix the result code of an "if" construct is 1 if the "then" clause |
| didn't match). [Ralf S. Engelschall] |
| |
| *) Add an additional "dummy" target to the "$(LIB)" target in generated |
| modules/xxx/Makefile's to avoid problems with SVR4 Make under "full-DSO" |
| situation (no libxxx.a built, only mod_xxx.so's) where LIB and OBJS are |
| empty. [Ralf S. Engelschall, Dean Gaudet, Martin Kraemer] |
| |
| *) Replace two bad sprintf() calls with ap_snprintf() variants in |
| mod_rewrite. [Ralf S. Engelschall] |
| |
| *) Fix missing usage description for MetaFiles directive. |
| [David MacKenzie <djm va.pubnix.com>] PR#2384 |
| |
| *) mod_log_config wouldn't let vhosts use log formats defined in the |
| main server. [Christof Damian <damian mediaconsult.com>] PR#2090 |
| |
| *) mod_usertrack was corrupting the client hostname. As part of the |
| fix, the cookie values were slightly extended to include the |
| fully qualified hostname of the client. |
| [Dean Gaudet] PR#2190, 2229, 2366 |
| |
| *) Fix a typo in pool debugging code. [Alvaro Martinez Echevarria] |
| |
| *) mod_unique_id did not work on alpha linux (in general on any |
| architecture that has 64-bit time_t). |
| [Alvaro Martinez Echevarria] |
| |
| *) PORT: Make SCO 5 (and probably 3) compile again. [Ben Laurie] |
| |
| *) PORT: NCR MPRAS systems have the same bug with SIGHUP restart that |
| Solaris systems experience. So define WORKAROUND_SOLARIS_BUG. |
| [Klaus Weber <kweber chephren.germany.ncr.com>] PR#1973 |
| |
| *) Change "Options None" to "Options FollowSymLinks" in the |
| <Directory /> section of the default access.conf-dist |
| (and -win even though it doesn't matter there). This has better |
| performance, and more intuitive semantics. [Dean Gaudet] |
| |
| *) PORT: Updated support for UTS 2.1.2. |
| [Dave Dykstra <dwd bell-labs.com>] PR#2320 |
| |
| *) Fix symbol export list (src/support/httpd.exp) after recent |
| API changes in the child spawning area. |
| [Jens-Uwe Mager <jum helios.de>] |
| |
| *) Workaround for configure script and old `test' commands which do not |
| support the -x flag (for instance under platforms like Ultrix). This is |
| solved by another helper script findprg.sh which searches for Perl and |
| Awk like PrintPath but _via different names_. |
| [Ralf S. Engelschall] |
| |
| *) Remove the system() call from htpasswd.c, which eliminates a system |
| dependancy. ["M.D.Parker" <mdpc netcom.com>] PR#2332 |
| |
| *) PORT: Fix compilation failures on NEXTSTEP. |
| [Rex Dieter <rdieter math.unl.edu>] PR#2293, 2316 |
| |
| *) PORT: F_NDELAY is a typo, should have been FNDELAY. There's also |
| O_NDELAY on various systems. [Dave Dykstra <dwd bell-labs.com>] PR#2313 |
| |
| *) PORT: helpers/GuessOS updates for various versions for NCR SVR4. |
| [juerg schreiner <j.schreiner zh.ch>, |
| Bill Houle <Bill.Houle SanDiegoCA.NCR.COM>] PR#2310 |
| |
| *) Fix recently introduced Win32 child spawning code in mod_rewrite.c which |
| was broken because of invalid ap_pstrcat() -> strcat() transformation. |
| [Ralf S. Engelschall] |
| |
| *) Proxy Cache Fixes: account for directory sizes, fork off garbage collection |
| to continue in background, use predefined types (off_t, size_t, time_t), |
| log the current cache usage percentage at LogLevel debug |
| [Martin Kraemer, based on discussion between Dean Gaudet & Dirk vanGulik] |
| |
| Changes with Apache 1.3.0 |
| |
| *) Using a type map file as a custom error document was not possible. |
| [Lars Eilebrecht] PR#1031 |
| |
| *) Avoid problems with braindead Awks by additionally searching for gawk |
| and nawk in APACI's configure script. |
| [Dave Dykstra <dwd bell-labs.com>, Ralf S. Engelschall] PR#2319 |
| |
| *) Rename md5.h to ap_md5.h to avoid conflicts with native MD5 on |
| some systems. [Randy Terbush] |
| |
| *) Change usage of perror()+fprintf(stderr,...) in mod_rewrite to |
| more proper ap_log_error() variants. |
| [Ralf S. Engelschall] |
| |
| *) Make sure the argument for the --add-module option to APACI's configure |
| script is of type [path/to/]mod_xxx.c because all calculations inside |
| configure and src/Configure depend on this. |
| [Ralf S. Engelschall] PR#2307 |
| |
| *) Changes usage of perror/fprintf to stderr to more proper ap_log_error |
| in mod_mime, mod_log_referer, mod_log_agent, and mod_log_config. |
| [Brian Behlendorf] |
| |
| *) Various OS/2 cleanups ["Brian Havard" <brianh kheldar.apana.org.au>] |
| |
| *) PORT: QNX needed a #include <sys/mman.h>; and now it uses flock |
| serialized accept to handle multiple sockets. |
| [Rob Saccoccio <robs InfiniteTechnology.com>] PR#2295, 2296 |
| |
| *) Have NT properly set the directory for CGI scripts |
| (& other spawned children) |
| [W G Stoddard <wgstodda us.ibm.com>] |
| |
| *) Propagate environment to CGI scripts correctly in Win32. |
| [W G Stoddard <wgstodda us.ibm.com>] PR#2294 |
| |
| *) Some symbol renaming: |
| ap_spawn_child_err became ap_spawn_child |
| ap_spawn_child_err_buff became ap_bspawn_child |
| spawn_child was obsoleted and moved to compat.h |
| [Brian Behlendorf] |
| |
| *) Upgrade the child spawning code in mod_rewrite for the RewriteMap |
| programs: ap_spawn_child_err() is used and the Win32 case now uses |
| CreateProcess() instead of a low-level execl() (which caused problems in |
| the past under Win32). |
| [Ralf S. Engelschall] |
| |
| *) A few cosmetics and trivial enhancements to APXS to make the |
| generated Makefile more user friendly. [Ralf S. Engelschall] |
| |
| *) Proxy Fix: The proxy special failure routine ap_proxyerror() |
| was updated to use the normal apache error processing, thereby allowing |
| proxy errors to be treated by ErrorDocument's as well. For this |
| purpose, a new module-to-core communication variable "error-notes" |
| was introduced; the proxy (and possibly other modules) communicates |
| its error text using this variable. Its content is copied to a new |
| cgi-env-var REDIRECT_ERROR_NOTES for use by ErrorDocuments. |
| The old proxy special error routine ap_proxy_log_uerror() |
| was replaced by regular ap_log_error() calls, many messages were made |
| more informative. |
| [Martin Kraemer] PR#494, 1259 |
| |
| *) SECURITY: A possible buffer overflow in the ftp proxy was fixed. |
| [Martin Kraemer] |
| |
| *) Transform the configure message "You need root privileges for suEXEC" |
| from a fatal error into a (more friendly) warning because the building |
| ("make") of Apache we can allow, of course. Root privileges are needed |
| only for the installation step ("make install"). So make sure the |
| user is aware of this fact but let him proceed as long as he can. |
| [Ralf S. Engelschall] PR#2288 |
| |
| *) Renamed three more functions to common ap_ prefix which we missed at the |
| Big Symbol Renaming because they're #defines and not real C functions: |
| is_default_port(), default_port(), http_method(). |
| [Ralf S. Engelschall] |
| |
| *) A zero-length name after a $ in an SSI document should cause |
| just the $ to be in the expansion. This was broken during the |
| security fixes in 1.2.5. [Dean Gaudet] PR#1921, 2249 |
| |
| *) Call ap_destroy_sub_req() in ap_add_cgi_vars() to reclaim some |
| memory. [Rob Saccoccio <robs InfiniteTechnology.com>] PR#2252 |
| |
| *) Fix src/support/httpd.exp (DSO export file which is currently only |
| used under AIX) because of recent changes to function names. |
| [Ralf S. Engelschall] |
| |
| Changes with Apache 1.3b7 |
| |
| *) Make sure a MIME-type can be forced via a RewriteRule even when no |
| substitution takes place, for instance via the following rule: |
| ``RewriteRule ^myscript$ - [T=application/x-httpd-cgi]'' This was often |
| requested by users in the past to force a single script without a .cgi |
| extension and outside any cgi-bin dirs to be executed as a CGI program. |
| [Ralf S. Engelschall] PR#2254 |
| |
| *) A fix for protocol issues surrounding 400, 408, and |
| 414 responses. [Ed Korthof] |
| |
| *) Ignore MaxRequestsPerChild on WIN32. [Brian Behlendorf] |
| |
| *) Fix discrepancy in proxy_ftp.c which was causing failures when |
| trying to connect to certain ftpd's, such as anonftpd. |
| [Rick Ohnemus <rick ecompcon.com>] |
| |
| *) Make mod_rewrite use ap_open_piped_log() for RewriteLog directive's |
| logfile instead of fiddling around itself with child spawning stuff. |
| [Ralf S. Engelschall] |
| |
| *) Made RefererIgnore case-insensitive. |
| |
| *) Mod_log_agent, mod_log_referer now use ap_open_piped_log for piped logs. |
| [Brian Behlendorf] |
| |
| *) Replace use of spawn_child with ap_spawn_child_err_buff, to make everything |
| "safe" under Win32. In: mod_include.c, mod_mime_magic.c |
| [Brian Behlendorf] |
| |
| *) Improve RFC1413 support. [Bob Beck <beck bofh.ucs.ualberta.ca>] |
| |
| *) Fix support script `dbmmanage': It was unable to handle some sort |
| of passwords, especially passwords with "0" chars. |
| [Ralf S. Engelschall] PR#2242 |
| |
| *) WIN32: Clicking on "Last Modified" in a fancy index caused a crash. Fixed. |
| [Ben Laurie] PR#2238 |
| |
| *) WIN32: CGIs could cause a hang (because of a deadlock in the standard C |
| library), so CGI handling has been changed to use Win32 native handles |
| instead of C file descriptors. |
| [Ben Laurie and Bill Stoddard <wgstodda us.ibm.com>] PR#1129, 1607 |
| |
| *) The proxy cache would store an incorrect content-length in the cached |
| file copy after a cache update. That resulted in repeated fetching |
| of the original copy instead of using the cached copy. |
| [Ernst Kloppenburg <kloppen isr.uni-stuttgart.de>] PR#2094 |
| |
| *) The Makefiles assumed that DSO files are build via $(LD). This |
| is broken for two reasons: First we never defined at least LD=ld |
| somewhere to make sure this works (it was silently assumed that most Make |
| provide a built-in LD definition - ARGL!) and second using the generic LD |
| variable is not the truth. Instead a special variable named LD_SHLIB is |
| reasonable because although "ld" is usually the default, the command for |
| building DSO files can be "libtool" or even "cc" on some systems. |
| [Ralf S. Engelschall] |
| |
| *) Replace the AddVersionPlatform directive with ServerTokens which |
| provides for more control over the format of the Server: |
| header line. SERVER_SUBVERSION is no longer supported; |
| all module should use the ap_add_version_component() |
| API function instead. [Jim Jagielski] |
| |
| *) Support for the NCR MP/RAS 3.0 |
| [John Withers <withers semi.kcsc.mwr.irs.gov>] |
| |
| *) The LDFLAGS_SHLIB_EXPORT variable of src/Configuration[.tmpl] was |
| not retrieved in src/Configure and thus was not useable. |
| [Ralf S. Engelschall] |
| |
| *) Various Makefile consistency cleanups: |
| - make OSDIR also automatically be relative to src/ like INCDIR |
| - SUBDIRS is now generated in src/Makefile only and not in |
| Makefile.config because it is a local define for this location. |
| - remove BROKEN_BPRINTF_FLAGS because is it no longer used inside |
| any Makefile but make sure that at least the "-K inline" is kept in |
| CFLAGS for SCO 5. |
| - update the "depend" targets in Makefile.tmpl files to use $(OSDIR), too. |
| - updated the dependencies theirself |
| - removed not existing SHLIB variable from "clean" targets |
| - replaced SHLIB_OBJS/SHLIBS_OBJ consistently with OBJS_PIC because OBJS |
| already exists and OBJS_PIC are also just plain objects and have not |
| directly to do with "shared" things. The only difference is that they |
| contain PIC. So OBJS_PIC is the more canonical name. |
| - Updated the Makefile-dependency lines for OBJS_PIC |
| - Removed the Makefile-dependency line in Configure to avoid double |
| definitions |
| - replaced ugly xx-so.o/xx.so-o hack with a clean and consistent usage |
| of xxx.lo as GNU libtool does with its PIC objects |
| - reduce local complexity in modules Makefile.tmpl by moving the last |
| existing target "depend" to the generation section in Configure, too. |
| - removed the historical $(SPACER) which was used in the past together |
| with BROKEN_BPRINTF_FLAGS to avoid zig-zags in the build process. This |
| is no longer needed. |
| - force the build and run of the gen_xxx programs under main/ as the |
| first step before building the objects because it looks cleaner |
| [Ralf S. Engelschall] |
| |
| *) WIN32: Make Win32 work again after the /dev/null DoS fix. |
| [Ben Laurie] |
| |
| *) WIN32: Check for buffer overflows in ap_os_canonical_filename. |
| [Ben Laurie] |
| |
| *) WIN32: Don't force ISAPI headers to finish with \n. |
| [Jim Patterson <Jim.Patterson Cognos.COM>, Ben Laurie] PR#2060 |
| |
| *) When opening "configuration" files (like httpd.conf, htaccess |
| and htpasswd), Apache will not allow them to be non-/dev/null |
| device files. This closes a DoS hole. At the same time, |
| we use ap_pfopen to open these files to handle timeouts. |
| [Jim Jagielski, Martin Kraemer] |
| |
| *) Apache will now log the reason its httpd children exit if they exit |
| due to an unexpected signal. (It requires a new porting define, |
| SYS_SIGLIST, which if defined should point to a list of text |
| descriptions of the signals available. See PORTING.) [Dean Gaudet] |
| |
| *) WIN32: chdir() doesn't make sense in a multithreaded environment |
| like WIN32. Before, Win32 CGI's could have had sporadic failures |
| if a chdir call from one thread was made between another chdir call |
| and a spawn in another thread. So, for now don't chdir for CGI scripts |
| in WIN32. The current CGI "spec" is unclear as to whether it's |
| necessary. Long-term fix is to either serialize the chdir/spawn combo |
| or use WIN32 native calls to spawn a process. This temp fix was |
| necessary to remove this as a showstopper for 1.3's release. |
| [Brian Behlendorf] |
| |
| *) Cleanup the suEXEC support in APACI and make it more safe: |
| 1. Add big fat hint in INSTALL about risks and to read the |
| htdocs/manual/suexec.html document before using the suexec-related |
| configure options. |
| 2. Make sure the user has at least provided one --suexec-xxxx option |
| (specifies suEXEC parameters) in addition to --enable-suexec option. |
| If only --enable-suexec is given APACI stops with a hint to INSTALL |
| and htdocs/manual/suexec.html documents. |
| 3. Provide two additional --suexec-xxxx options to make the suEXEC |
| configuration complete (especially for package maintainers who else |
| had to patch the source tree) by providing ways to configure minimal |
| UID/GID and safe PATH, too. |
| [Ralf S. Engelschall] |
| |
| *) Cleanup of the `configure --shadow' process: |
| - make sure the configure script creates its temporary files in the |
| shadow tree to avoid conflicts with parallel configure runs |
| - removed unnecessary option "-r" from "rm" call for Makefiles |
| - make sure the configure scripts creates the shadow-wrapper Makefile |
| only when no shadow trees already exists |
| - make sure "make distclean" removes the shadow-wrapper Makefile but only |
| when no more shadow trees exists |
| - overhauled mkshadow.sh script: now its more IFS-safe and approx. twice |
| as fast (in the past it needed 70sec, now it runs just 38sec) |
| - make sure CVS does not complain about the created files |
| Makefille.<gnutriple> and directories src.<gnutriple> |
| [Ralf S. Engelschall] |
| |
| *) Added the ap_add_version_component() API routine and the |
| AddVersionPlatform core directive. The first allows modules to |
| declare themselves in the Server response header field value, |
| augmenting the SERVER_SUBVERSION define in the Configuration file |
| with run-time settings (more useful in a loadable-module environment). |
| AddVersionPlatform inserts a comment such as "(UNIX)" or "(Win32)" |
| into the server version string. [Ken Coar] PR#2056 |
| |
| *) Minor stability tweaks to avoid core dumps in ap_snprintf. |
| [Martin Kraemer] |
| |
| *) Emit the "Accept-Range" header for the default handler. |
| [Brian Behlendorf] PR#1464 |
| |
| *) Add a note to httpd.conf-dist that apache will on some systems fail |
| to start when the Group # is set to a negative or large positive value. |
| [Martin Kraemer] |
| |
| *) Make sure the module execution order is correct even when some modules |
| are loaded under runtime (`LoadModule') via the DSO mechanism: |
| 1. The list of loaded modules is now a dynamically allocated one |
| and not the original statically list from modules.c |
| 2. The loaded modules are now correctly setup by LoadModule for |
| later use by the AddModule command. |
| 3. When the DSO mechanism for modules is used APACI's `install' |
| target now enables all created `LoadModule' lines per default because |
| this is both already expected by the user _and_ needed to avoid |
| confusion with the next point and reduces the Makefile.tmpl complexity |
| 4. When the DSO mechanism for modules is used, APACI's `install' |
| target now additionally makes sure the module list is reconstructed |
| via a complete `ClearModuleList+AddModule...' entry. |
| 5. The support tool `apxs' now also makes sure an AddModule command |
| is added in addition to the LoadModule command. |
| 6. The modules.c generation was extended to now contain two |
| comments to make sure no one is confused by the confusing terminology |
| of loading/linking (we use load=link+load & link=activate instead of |
| the obvious load=activate & link=link :-( ) |
| This way now there is no longer a difference under execution time between |
| statically and dynamically linked modules. |
| [Ralf S. Engelschall] |
| |
| *) Fix the generated mod_xxx.c from "apxs -g -f xxx" after the |
| Big Symbol Renaming. [Ralf S. Engelschall] |
| |
| *) Add a comment to mod_example.c showing the format of a FLAG command |
| handler. [Ken Coar] |
| |
| *) Standardized the time format in mod_status to match that of other |
| places in the code (e.g. DATE_GMT). PR#1551 |
| |
| *) Fix handling of %Z in timefmt strings for those platforms with no time |
| zone information in their tm struct. [Paul Eggert <eggert twinsun.com>] |
| PR#754 |
| |
| *) Makes mod_rewrite, mod_log_config, mod_status and the ServerSignature |
| feature compatible with 'UseCanonicalName off' by changing |
| r->server->server_hostname to ap_get_server_name(). And I changed some |
| functions which use r->server->port to use ap_get_server_port() instead, |
| because if there's no Port directive in the config r->server->port is 0. |
| [Lars Eilebrecht] |
| |
| *) get/set_module_config are trivial enough to be better off inline. Worth |
| 1.5% performance boost. [Dean Gaudet] |
| |
| *) Fix off-by-one error in ap_proxy_date_canon() in proxy_util.c |
| when ensuring 'x' is at least 30-chars big. [Jim Jagielski, |
| Brian Behlendorf] |
| |
| *) [BS2000 security] BS2000 needs an extra authentication to initialize |
| the task environment to the unprivileged User id. Otherwise CGI scripts |
| would have a way to gain super user access. [Martin Kraemer] |
| |
| *) Fix debug log messages for BS2000/OSD: instead of logging the whole |
| absolute path, only log base name of logging source as is done |
| in unix. [Martin Kraemer] |
| |
| *) Ronald Tschalaer's Accept-Encoding patch - preserve the "x-" in |
| the encoding type from the Accept-Encoding header (if it's there) |
| and use it in the response, as that's probably what it'll be expecting. |
| [<Ronald.Tschalaer psi.ch>] |
| |
| *) Fix to mod_alias: translate_alias_redir is dealing with |
| a URI, not a filename, so the check for drive letters for win32 |
| and emx is not necessary. [Dean Gaudet] |
| |
| *) WIN32: Allow .cmd as an executable extension. |
| [Kari Likovuori <Kari.Likovuori mol.fi>] PR#2146 |
| |
| *) Make Apache header files, and some variables, C++ friendly. |
| [Michael Anderson's <mka redes.int.com.mx>] |
| |
| *) Child processes can now "signal" (by exiting with a status |
| of APEXIT_CHILDFATAL) the parent process to abort and |
| shutdown the server if the error in the child process was |
| fatal enough. [Jim Jagielski] |
| |
| *) mod_autoindex's find_itme() was sensitive to MIME type case. |
| [Jim Jagielski] PR#2112 |
| |
| *) Make sure the referer_log and agent_log entries in the default httpd.conf |
| file are also adjusted for the actual relative installation paths. |
| [Ralf S. Engelschall] PR#2175 |
| |
| *) WIN32: Extensive overhaul of the way UNCs are handled. [Ben Laurie] |
| |
| *) WIN32: Make roots of filesystems (e.g. c:/) work. [Ben Laurie] |
| PR#1558 |
| |
| *) PORT: Various porting changes to support AIX 3.2, 4.1.5, 4.2 and 4.3. |
| Additionally the checks for finding the vendor DSO library were moved |
| from mod_so.c to Configure because first it needs $PLAT etc. and second |
| mod_so already uses an abstraction layer and does not fiddle with the |
| vendor functions itself. |
| [Jens-Uwe Mager, Ralf S. Engelschall] |
| |
| *) PORT: Some optimization defines for NetBSD |
| [Jaromir Dolecek <dolecek ics.muni.cz>] PR#2165 |
| |
| *) PORT: Dynamic Shared Object (DSO) support for NetBSD. |
| [Jaromir Dolecek <dolecek ics.muni.cz>, Ralf S. Engelschall] PR#2158 |
| |
| *) Add Dynamic Shared Object (DSO) support for AIX (at least 4.2 but older |
| AIX variants should work fine, too. Even AIX 3.x should work). This is |
| accomplished by using the free DSO emulation code from Jens-Uwe Mager |
| which we put into a os/unix/os-dso-aix.c file. |
| [Ralf S. Engelschall] |
| |
| *) PORT: Fix compiler warnings under AIX >= 4.2 where the manual pages imply |
| that we should use NET_SIZE_T == int but the include files force size_t. |
| [Ralf S. Engelschall] |
| |
| *) Fix two bugs in select() handling in http_main.c. |
| [Roy Fielding] |
| |
| *) Suppress "error(0)" messages for ap_log_error() when the APLOG_NOERRNO |
| is unset (as it is in situations like timeouts) where it is unclear |
| whether errno is set or not. [Martin Kraemer] |
| |
| *) Just having APACI's localstatedir is too general and not enough for most |
| of the systems. 1.3b6 again required manual APACI patches by package |
| maintainers from Red Hat and FreeBSD because for their filesystem layout a |
| little bit more flexibility in configuring the paths is needed. Hence we |
| provide three additional configure options (--runtimedir, --logfiledir, |
| --proxycachedir) which now can be used for more granular adjustments if |
| --localstatedir is not enough to fit the particular needs. As a nice |
| side-effect this reduces some subdir fiddling in configure+Makefile.tmpl. |
| [Ralf S. Engelschall] |
| |
| *) Make the install root for "make install" in APACI's Makefile overrideable |
| by package authors. This way we are even more friendly to package |
| maintainers (especially Debian and Red Hat) who build for the real prefix |
| via "configure --prefix=/<real>" but use a different local prefix via |
| "make root=/tmp/apache install" for rolling the package without bristling |
| the target location on their system. |
| [Ralf S. Engelschall] |
| |
| *) Workaround sed limitations in APACI's configure script by now |
| substituting in chunks of 50 commands (because for instance HPUX's vendor |
| sed has a limit of max. 98 commands) |
| [Ralf S. Engelschall] PR#2136 |
| |
| *) Adding SOCKS5 support and fixing existing SOCKS4 support. |
| [Ralf S. Engelschall] PR#2140 |
| |
| *) Manually fix some symbols which were not renamed to prefix ap_ in the BIG |
| RENAMING process because they are defined as pre-processor macros instead |
| of real functions: bputc, bgetc, piped_log_write_fd, piped_log_read_fd |
| [Ralf S. Engelschall] |
| |
| *) Workaround braindead AWK's when generating ap_config.h: The split() and |
| substr() functions cannot be nested under vendor AWK from Solaris 2.6. |
| [Ralf S. Engelschall] PR#2139 |
| |
| *) Various bugfixes and cleanups for the APACI configure script: |
| o fix IFS handling for _nested_ situation |
| o fix Perl interpreter search: take first one found instead of last one |
| o fix DSO consistency check |
| o print error messages to stderr instead of stdout |
| o add install-quiet for --shadow situation to Makefile stub |
| o reduce complexity by avoiding sed-hacks for rule and module list loops |
| [Ralf S. Engelschall] |
| |
| *) Fix DEBUG_CGI situation in mod_cgi.c [David MacKenzie] PR#2114 |
| |
| *) Make sure the input field separator (IFS) shell variable is explicitly |
| initialized correctly before _every_ `for' loop and also restored after |
| the loops. [Ralf S. Engelschall] |
| |
| *) Make sure that "make install" doesn't overwrite the `mime.types' and |
| `magic' files from an existing Apache installation. Because people often |
| customize these for own MIME and content types. |
| [Ralf S. Engelschall] |
| |
| *) PORT: Dynamic Shared Object (DSO) support for OpenBSD 2.x |
| [Peter Galbavy, Ralf S. Engelschall] PR#2109 |
| |
| *) Fix the path to the ScoreBoardFile in the install-config target, too. |
| [Ralf S. Engelschall] PR#2105 |
| |
| *) Let "configure" clear out the users parameters (provided as shell |
| variables) to avoid side-effects in "src/Configure" when the user |
| exported them (which is not needed, but some users do it). |
| [Ralf S. Engelschall] PR#2101 |
| |
| *) Provide backward compatibility from some old src/Configuration.tmpl |
| parameter names to the canonical Autoconf-style shell variable names. For |
| instance CFLAGS vs. EXTRA_CFLAGS. The EXTRA_xxx variants are accepted now |
| but a hint message is displayed. [Ralf S. Engelschall] |
| |
| *) Make sure that "make install" doesn't overwrite the DocumentRoot and |
| CGI scripts from an existing Apache installation. |
| [Ralf S. Engelschall, Jim Jagielski] PR#2084 |
| |
| *) Make `configure --compat' more "compatible" by first |
| let the libexecdir default to EPREFIX/libexec instead of EPREFIX/bin and |
| second by making sure the "avoid-bristling-suffix" /apache is not |
| appended to sysconfdir, datadir, localstatedir and includedir when |
| --compat is used. [Ralf S. Engelschall, Lars Eilebrecht] |
| |
| *) NeXT required strdup() in support/logresolve.c |
| [Francisco Tomei <fatomei sandburg.unm.edu>] PR#2082 |
| |
| *) AIX required sys/select.h in support/ab.c |
| [Jens Schleusener <Jens.Schleusener dlr.de>] PR#2081 |
| |
| *) Fix the path to the MimeMagicFile in the install-config target, too. |
| [Ralf S. Engelschall] PR#2089 |
| |
| *) PORT: Added HP-UX 11 patches [Jeff Earickson <jaearick colby.edu>] |
| |
| *) If you start apache with the -S command line option it will dump |
| out the parsed vhost settings. This is useful for folks trying |
| to figure out what is wrong with their vhost configuration. |
| (Other dumps may be added in the future.) [Dean Gaudet] |
| |
| *) Add %pA, %pI, and %pp codes to ap_vformatter (and hence ap_bprintf, |
| ap_snprintf, and ap_psprintf). See include/ap.h for docs. |
| [Dean Gaudet] |
| |
| *) Because /usr/local/apache is the default prefix the ``configure |
| --compat'' option no longer has to set prefix, again. This way the |
| --compat option honors a leading --prefix option. [Lars Eilebrecht] |
| |
| *) PORT: Cast the first argument of dlopen() in ap_os_dso_load() |
| to `char *' under OSF1 and FreeBSD 2.x where it is defined this way |
| to avoid "discard const" warnings. [Ralf S. Engelschall] |
| |
| *) If a specific handler is set for a file yet the request still |
| ends up being handled by the default handler, log an error |
| message before handling it. This catches things such as trying |
| to use SSIs without mod_include enabled. [Marc Slemko] |
| |
| *) Fix error logging for the startup case where ap_log_error() still uses |
| stderr as the target. Now the default log level is honored here, too. |
| [Ralf S. Engelschall] |
| |
| *) PORT: Make sure some AWK's don't fail in src/Configure with "string too |
| long" errors when generating the MODULES entry for src/Makefile |
| [Ben Hyde, Ralf S. Engelschall] |
| |
| *) Make sure src/Configure doesn't complain about the old directory |
| /usr/local/etc/httpd/ when APACI is used. [Lars Eilebrecht] |
| |
| Changes with Apache 1.3b6 |
| |
| *) PORT: Clean up warnings on Ultrix and HPUX. [Ben Hyde] |
| |
| *) Adding DSO support for the HP/UX platform by emulating the dlopen-style |
| interface via the similar but proprietary HP/UX shl_xxx-style system |
| calls. [Ralf S. Engelschall] |
| |
| *) PORT: Updated UnixWare 2.0.x and 2.1.x entries for DSO support and made |
| APACI Makefile.tmpl "install" target more robust for sensible UnixWare |
| Make. [Ralf S. Engelschall] |
| |
| *) ++++ THE BIG SYMBOL RENAMING ++++ |
| To avoid symbol clashes with third-party code compiled into the server, |
| we globally applied the prefix "ap_" to the following classes of |
| functions: |
| - Apache provided general functions (e.g., ap_cpystrn) |
| - Public API functions (e.g., palloc, bgets) |
| - Private functions which we can't make static (because of |
| cross-object usage) but should be (e.g., new_connection) |
| For backward source compatibility a new header file named compat.h was |
| created which provides defines for the old symbol names and can be used |
| by third-party module authors. |
| [The Apache Group] |
| |
| *) Added dynamic shared object (DSO) support for SVR4-derivates: The |
| problem under SVR4 is that there is no command flag to force the linker |
| to export the global symbols of the httpd executable therewith they are |
| available to the DSO's. Instead of problematic hacks like creating a |
| dummy.so file (containing dummy references to all global symbols) the |
| httpd binary is linked against, we use a clean trick stolen from Perl 5: |
| Placing the Apache core code itself into a DSO library named libhttpd.so. |
| This way the global symbols _HAVE_ to be exported and thus are available |
| to any manually loaded DSO's under runtime. To reduce the impact to the |
| user to null we go even further and create a stub httpd executable which |
| automatically keeps track of the DSO library loading itself and thus |
| hides the complete mechanism from the user. Although the generation of |
| this DSO library is automatically triggered for platforms which |
| essentially need it (mostly all SVR4-derivates) it can be also enabled |
| manually via the Rule SHARED_CORE. This can be interesting in the future |
| where we perhaps exploit this libhttpd.so mechanism for providing nifty |
| features like graceful upgrades, or whatever. |
| [Ralf S. Engelschall, Martin Kraemer] |
| |
| *) Build the libraries before building the rest of the tools. [Ben Hyde] |
| |
| *) Add "distclean" target to src/-Makefiles to provide "make distclean" also |
| inside the src subtree (i.e. for non-APACI users). Following GNU Makefile |
| conventions while "clean" removes only stuff created by "all" targets, |
| "distclean" additionally removes the stuff from the configuration |
| process. This way "make distclean" (hence the name) provides a fresh |
| source tree as it was for distribution. |
| [Ralf S. Engelschall] |
| |
| *) Allow top-level (APACI) Makefile to break on build errors |
| the same way the src/ subtree Makefiles breaks on them by replacing the |
| initial APACI sed-subdir-display-kludge with a more clean |
| variable-passing-solution: variable SDP can optionally hold the subdir |
| prefix which is consistently used for displaying the subdir movement. |
| This way even the top-level Makefile can stop correctly on errors as the |
| user expects. [Ralf S. Engelschall] |
| |
| *) Fixed ordering of argument checks for RewriteBase directive. |
| [Todd Eigenschink <eigenstr mixi.net>] PR#2045 |
| |
| *) Change Win32 IS_MODULE to SHARED_MODULE to match Unix' method of |
| indicating that a module is being compiled for dynamic loading. Also |
| remove #define IS_MODULE from modules and add SHARED_MODULE define |
| to the mak/dsp files. [Alexei Kosut] |
| |
| *) Reduce logging level of "normal" warning messages to APLOG_INFO, |
| since we are now logging APLOG_WARNING by default. [Roy Fielding] |
| |
| *) PORT: OS/2 tweak to deal with multiple .exe targets. [Brian Havard] |
| |
| *) Add documentation file and src/Configuration.tmpl entry for the |
| experimental mod_mmap_static module. Because although it is and marked as |
| an experimental one it is distributed and thus should be documented and |
| prepared for configuration the same way as all others modules. |
| [Ralf S. Engelschall] |
| |
| *) Add query (-q) option to apxs support tool to be able to manually query |
| specific settings from apxs. This is needed for instance when you |
| manually want to access Apache's header files and you need to assemble |
| the -I option. Now you can do -I`apxs -q INCLUDEDIR`. |
| [Ralf S. Engelschall] |
| |
| *) Now src/Configure uses a fallback strategy for the shared object support |
| on platforms where no explicit information is available: If a Perl |
| installation exists we ask it about its shared object support and if it's |
| the dlopen-style one we shamelessly guess the compiler and linker flags |
| for creating shared objects from Perls knowledge. Of course, the user is |
| warning about what we are doing and informed that he should send us |
| the guessed flags when they work. [Ralf S. Engelschall] |
| |
| *) Provide APACI --without-support option to be able to disable the build |
| and installation of the support tools from the src/support/ area. |
| Although its useful to have these installed per default we should provide |
| a way to compile and install without them for backward-compatibility. |
| [Ralf S. Engelschall] |
| |
| *) Add of the new APache eXtenSion (apxs) support tool for building and |
| installing modules into an _already installed_ Apache package through the |
| dynamic shared object (DSO) mechanism [mod_so.c]. The trick here is that |
| this approach actually doesn't need the Apache source tree. The |
| (APACI-installed) server package is enough, because this now includes the |
| Apache C header files (PREFIX/include) and the new APXS tool |
| (SBINDIR/apxs). The intend is to provide a handy tool for third-party |
| module authors to build their Apache modules _OUTSIDE_ the Apache source |
| tree while avoiding them to fiddle around with the totally platform |
| dependend way of compiling DSO files. The tool supports all ranges of |
| modules, from trivial ones (single mod_foo.c) to complex ones (like PHP3 |
| which has a mod_php3.c plus a pre-built libmodphp3-so.a) and even can |
| on-the-fly generate a minimalistic Makefile and sample module for the |
| first step to provide both a quick success event and to demonstrate the |
| APXS mechanism to module authors. [Ralf S. Engelschall] |
| |
| *) Fix core dumps in use of CONNECT in proxy. |
| [<Rainer.Scherg rexroth.de>] PR#1326, #1573, #1942 |
| |
| *) Modify the log directives in httpd.conf-dist files to use CustomLog |
| so that users have examples of how CustomLog can be used. |
| [Lars Eilebrecht] |
| |
| *) Add the new Apache Autoconf-style Interface (APACI) for the top-level of |
| the Apache distribution tree. Until Apache 1.3 there was no real |
| out-of-the-box batch-capable build and installation procedure for the |
| complete Apache package. This is now provided by a top-level "configure" |
| script and a corresponding top-level "Makefile.tmpl" file. The goal is |
| to provide a GNU Autoconf-style frontend which is capable to both drive |
| the old src/Configure stuff in batch and additionally installs the |
| package with a GNU-conforming directory layout. Any options from the old |
| configuration scheme are available plus a lot of new options for flexibly |
| customizing Apache. [Ralf S. Engelschall] |
| |
| *) The floating point ap_snprintf code wasn't threadsafe. |
| Had to remove the HAVE_CVT macro in order to do threadsafe |
| calling of the ?cvt() floating point routines. [Dean Gaudet] |
| |
| *) PORT: Add the SCO_SV port. [Jim Jagielski] PR#1962 |
| |
| *) PORT: IRIX needs the -n32 flag iff using the 'cc' compiler |
| [Jim Jagielski] PR#1901 |
| |
| *) BUG: Configure was using TCC and CC inconsistently. Make sure |
| Configure knows which CC we are using. [Jim Jagielski] |
| |
| *) "Options +Includes" wasn't correctly merged if "+IncludesNoExec" |
| was defined in a parent directory. [Lars Eilebrecht] |
| |
| *) API: ap_snprintf() code mutated into ap_vformatter(), which is |
| a generic printf-style routine that can call arbitrary output |
| routines. Use this to replace http_bprintf.c. Add new routines |
| psprintf(), pvsprintf() which allocate the exact amount of memory |
| required for a string from a pool. Use psprintf() to clean up |
| various bits of code which used ap_snprintf()/pstrdup(). |
| [Dean Gaudet] |
| |
| *) PORT: HAVE_SNPRINTF doesn't do anything any longer. This is because |
| ap_snprintf() has different semantics and formatting codes than |
| snprintf(). [Dean Gaudet] |
| |
| *) SIGXCPU and SIGXFSZ are now reset to SIG_DFL at boot-time. This |
| is necessary on at least Solaris where the /etc/rc?.d scripts |
| are run with these signals ignored, and "SIG_IGN" settings are |
| maintained across exec(). |
| [Rein Tollevik <reint sys.sol.no>] PR#2009 |
| |
| *) Fix the check for symbolic links in ``RewriteCond ... -l'': stat() was |
| used instead of lstat() and thus this flag didn't work as expected. |
| [Rein Tollevik <reint sys.sol.no>] PR#2010 |
| |
| *) Fix the proxy pass-through feature of mod_rewrite for the case of |
| existing QUERY_STRING now that mod_proxy was recently changed because of |
| the new URL parsing stuff. [Ralf S. Engelschall] |
| |
| *) A few changes to scoreboard definitions which helps gcc generate |
| better code. [Dean Gaudet] |
| |
| *) ANSI C doesn't guarantee that "int foo : 2" in a structure will |
| be a signed bitfield. So mark a few bitfields as signed to |
| ensure correct code. [Dean Gaudet] |
| |
| *) The default for HostnameLookups was changed to Off, but there |
| was a problem and it wasn't taking effect. [Dean Gaudet] |
| |
| *) PORT: Clean up undefined signals on some platforms (SCO, BeOS). |
| [Dean Gaudet] |
| |
| *) After a SIGHUP the listening sockets in the parent weren't |
| properly marked for closure on fork(). |
| [Jürgen Keil <jk tools.de>] PR#2000 |
| |
| *) Allow %2F in two situations: 1) it is in the query part of the URI, |
| therefore not exposed to %2F -> '/' translations and 2) the request |
| is a proxy request, so we're not dealing with a local resource anyway. |
| Without this, the proxy would fail to work for any URL's with |
| %2f in them (occurs quite often in |
| http://.../cgi-bin/...?http%3A%2F%2F... references) [Martin Kraemer] |
| |
| *) Protect against FD_SETSIZE mismatches. [Dean Gaudet] |
| |
| *) Make the shared object compilation command more portable by avoiding |
| the direct combination of `-c' & `-o' which is not honored by some |
| compilers like UnixWare's cc. [Ralf S. Engelschall] |
| |
| *) WIN32: the proxy was creating filenames missing the last four |
| characters. While this normally doesn't stop anything from |
| working, it can result in extra collisions. |
| [Tim Costello <tjcostel socs.uts.edu.au>] PR#1890 |
| |
| *) Now mod_proxy uses the response string (in addition to the response status |
| code) from the already used FTP SIZE command to setup the Content-Length |
| header if available. [Ralf S. Engelschall] PR#1183 |
| |
| *) Reanimated the (still undocumented) proxy receive buffer size directive: |
| Renamed from ReceiveBufferSize to ProxyReceiveBufferSize because the old |
| name was really too generic, added documentation for this directive to |
| the mod_proxy.html and corrected the hyperlink to it in the |
| new_features_1.3.html document. [Ralf S. Engelschall] PR#1348 |
| |
| *) Fix a bug in the src/helpers/fp2rp script and make it a little bit |
| faster [Martin Kraemer] |
| |
| *) Make Configure die when you give it an unknown command switch. |
| [Ben Hyde] |
| |
| *) Add five new and fresh manpages for the support programs: dbmmanage.1, |
| suexec.8, htdigest.1, rotatelogs.8 and logresolve.8. Now all up-to-date |
| and per default compiled support programs have manual pages - just to |
| document our stuff a little bit more and to be able to do really |
| Unix-like installations ;-) [Ralf S. Engelschall] |
| |
| *) Major cleanups to the Configure script to make it and its generated |
| Makefiles again readable and maintainable: add SRCDIR option, removed |
| INCLUDES_DEPTH[0-2] kludge, cleanup of TARGET option, cleanup of |
| generated sections, consequently added Makefile headers with inheritance |
| information, added subdir movement messages for easier following where |
| the build process currently stays (more verbose then standard Make, less |
| verbose than GNU make), same style to comments in the Configure script, |
| added Apache license header, fixed a few bugs, etc. [Ralf S. Engelschall] |
| |
| *) Add the new ApacheBench program "ab" to src/support/: This is derived |
| from the ZeusBench benchmarking program and can be used to determine the |
| response performance of an Apache installation. This version is |
| officially licensed with Zeus Technology, Ltd. See the license agreement |
| statements in <199803171224.NAA24547 en1.engelschall.com> in apache-core. |
| [Ralf S. Engelschall] |
| |
| *) API: Various core functions that are definately not part of the API |
| have been made static, and a few have been marked API_EXPORT. Still |
| more have been marked CORE_EXPORT and are not intended for general |
| use by modules. [Doug MacEachern, Dean Gaudet] |
| |
| *) mod_proxy was not clearing the Proxy-Connection header from |
| requests; now it does. This did not violate any spec, however |
| causes poor interactions when you are talking to remote proxies. |
| [Marc Slemko] PR#1741 |
| |
| *) Various cleanups to the command line interface and manual pages. |
| [Ralf S. Engelschall] |
| |
| *) cfg_getline() was not properly handling lines that did not end |
| with a line termination character. [Marc Slemko] PR#1869, 1909 |
| |
| *) Performance tweak to mod_log_config. [Dmitry Khrustalev] |
| |
| *) Clean up some undocumented behavior of mod_setenvif related to |
| "merging" two SetEnvIf directives when they match the same header |
| and regex. Document that mod_setenvif will perform comparisons in |
| the order they appear in the config file. Optimize mod_setenvif by |
| doing more work at config time rather than at runtime. |
| [Dean Gaudet] |
| |
| *) src/include/ap_config.h now wraps it's #define's with #ifndef/#endif's |
| to allow for modules to overrule them and to reduce redefinition |
| warnings [Jim Jagielski] |
| |
| *) [PORT] For A/UX change the OS-#define for -DAUX to -DAUX3. |
| [Jim Jagielski] |
| |
| *) Making the hard-coded cross-module function call mime_find_ct() (from |
| mod_proxy to mod_mime) obsolete by making sure the API hook for MIME type |
| checking is really called even for proxy requests except for URLs with |
| HTTP schemes (because there we can optimize by not running the type |
| checking hooks due to the fact that the proxy gets the MIME Content-type |
| from the remote host later). This change cleans up mod_mime by removing |
| the ugly export kludge, makes the one-liner file mod_mime.h obsolete, and |
| especially unbundles mod_proxy and mod_mime. This way they both now can |
| be compiled as shared objects and are no longer tied together. |
| [Ralf S. Engelschall] |
| |
| *) util.c cleanup and speedup. [Dean Gaudet] |
| |
| *) API: Clarification, pstrndup() will always copy n bytes of the source |
| and NUL terminate at the (n+1)st byte. [Dean Gaudet] |
| |
| *) Mark module command_rec and handler_rec structures const so that they |
| end up in the read-only data section (and are friendlier to systems |
| that don't do optimistic memory allocation on fork()). [Dean Gaudet] |
| |
| *) Add check to the "Port" directive to make sure the specified |
| port is in the appropriate range. [Ben Hyde] |
| |
| *) Performance improvements to invoke_handler(). |
| [Dmitry Khrustalev <dima bog.msu.su>] |
| |
| *) Added support for building shared objects even for library-style modules |
| (which are built from more than one object file). This now provides the |
| ability to build mod_proxy as a shared object module. Additionally |
| modules like mod_example are now also supported for shared object |
| building because the generated Makefiles now no longer assume there is at |
| least one statically linked module. [Ralf S. Engelschall] |
| |
| *) API: Clarify usage of content_type, handler, content_encoding, |
| content_language and content_languages fields in request_rec. They |
| must always be lowercased; and the strings pointed to shouldn't |
| be modified (you must copy them to modify them). Fix a few bugs |
| related to this. [Dean Gaudet] |
| |
| *) API: Clarification: except for RAW_ARGS, all command handlers can |
| treat the char * parameters as permanent, and modifiable. There |
| is no need to pstrdup() them. Clean up some needless pstrdup(). |
| [Dean Gaudet] |
| |
| *) Now mod_so keeps track of which module shared objects with which names |
| are loaded and thus avoids multiple loading and unloading and irritating |
| error_log messages. [Ralf S. Engelschall] |
| |
| *) Prior to the existence of mod_setenv it was necessary to tweak the TZ |
| environment variable in the apache core. But that tweaking interferes |
| with mod_setenv. So don't tweak if the user has specified an explicit |
| TZ variable. [Jay Soffian <jay cimedia.com>] PR#1888 |
| |
| *) rputs() did not calculate r->sent_bodyct properly. |
| [Siegmund Stirnweiss <siegst kat.ina.de>] PR#1900 |
| |
| *) The CGI spec says that REMOTE_HOST should be set to the remote hosts's |
| name, or left unset if this value is unavailable. Apache was setting |
| it to the IP address when unavailable. |
| [Tony Finch <fanf demon.net>] PR#1925 |
| |
| *) Various improvements to the configuration and build support for compiling |
| modules as shared objects. Especially Solaris 2.x, SunOS 4.1, IRIX and |
| OSF1 support with GCC and vendor compilers was added. This way shared |
| object support is now provided out-of-the-box for FreeBSD, Linux, |
| Solaris, SunOS, IRIX and OSF1. In short: On all major platforms! |
| [Ralf S. Engelschall] |
| |
| *) Minor cleanup in http_main -- split QNX and OS2 specific "mmap" |
| scoreboard code into separate #defines -- USE_POSIX_SCOREBOARD |
| and USE_OS2_SCOREBOARD. [Dean Gaudet] |
| |
| *) Fix one more special locking problem for RewriteMap programs in |
| mod_rewrite: According to the documentation of flock(), "Locks are on |
| files, not file descriptors. That is, file descriptors duplicated |
| through dup(2) or fork(2) do not result in multiple instances of a lock, |
| but rather multiple references to a single lock. If a process holding a |
| lock on a file forks and the child explicitly unlocks the file, the |
| parent will lose its lock.". To overcome this we have to make sure the |
| RewriteLock file is opened _AFTER_ the childs were spawned which is now |
| the case by opening it in the child_init instead of the module_init API |
| hook. [Ralf S. Engelschall] PR#1029 |
| |
| *) Change to Location and LocationMatch semantics. LocationMatch no |
| longer lets a single slash match multiple adjacent slashes in the |
| URL. This change is for consistency with RewriteRule and |
| AliasMatch. Multiple slashes have meaning in URLs that they do |
| not have in (some) filesystems. Location on the other hand can |
| be considered a shorthand for a more complicated regex, and it |
| does match multiple slashes with a single slash -- which is |
| also consistent with the Alias directive. |
| [Dean Gaudet] related PR#1440 |
| |
| *) Fix bug with mod_mime_magic causing certain files, including files |
| of length 0, to result in no response from the server. |
| [Dean Gaudet] |
| |
| *) The Configure script now generates src/include/ap_config.h which |
| contains the set of defines used when Apache is compiled on a platform. |
| This file can then be included by external modules before including |
| any Apache header files in case they are being built separately from |
| Apache. Along with this change, a couple of minor changes were |
| made to make Apache's #defines coexist peacefully with any autoconf |
| defines an external module might have. [Rasmus Lerdorf] |
| |
| *) Fix mod_rewrite for the ugly API case where <VirtualHost> sections exist |
| but without any RewriteXXXXX directives. Here mod_rewrite is given no |
| chance by the API to initialize its per-server configuration and thus |
| receives the wrong one from the main server. This is now avoided by |
| remembering the server together with the config structure while |
| configuring and later assuming there is no config when we see a |
| difference between the remembered server and the one calling us. |
| [Ralf S. Engelschall] PR#1790 |
| |
| *) Fixed the DBM RewriteMap support for mod_rewrite: First the support now |
| is automatically disabled under configure time when the dbm_xxx functions |
| are not available. Second, two heavy source code errors in the DBM |
| support code were fixed. This makes DBM RewriteMap's usable again after |
| a long time of brokenness. [Ralf S. Engelschall] PR#1696 |
| |
| *) Now all configuration files support Unix-style line-continuation via |
| the trailing backslash ("\") character. This enables us to write down |
| complex or just very long directives in a more readable way. The |
| backslash character has to be really the last character before the |
| newline and it has not been prefixed by another (escaping) backslash. |
| [Ralf S. Engelschall] |
| |
| *) When using ProxyPass the ?querystring was not passed correctly. |
| [Joel Truher <truher wired.com>] |
| |
| *) To deal with modules being compiled and [dynamically] linked |
| at a different time from the core, the SERVER_VERSION and |
| SERVER_BUILT symbols have been abstracted through the new |
| API routines apapi_get_server_version() and apapi_get_server_built(). |
| [Ken Coar] PR#1448 |
| |
| *) WIN32: Preserve trailing slash in canonical path (and hence |
| in PATH_INFO). [Paul Sutton, Ben Laurie] |
| |
| *) PORT: USE_PTHREAD_SERIALIZED_ACCEPT has proven unreliable |
| depending on the rev of Solaris and what mixture of modules |
| are in use. So it has been disabled, and Solaris is back to |
| using USE_FCNTL_SERIALIZED_ACCEPT. Users may experiment with |
| USE_PTHREAD_SERIALIZED_ACCEPT at their own risk, it may speed |
| up static content only servers. Or it may fail unpredictably. |
| [Dean Gaudet] PR#1779, 1854, 1904 |
| |
| *) mod_test_util_uri.c created which tests the logic in util_uri.c. |
| [Dean Gaudet] |
| |
| *) API: Rewrite of absoluteURI handling, and in particular how |
| absoluteURIs match vhosts. Unless a request is a proxy request, a |
| "http://host" url is treated as if a similar "Host:" header had been |
| supplied. This change was made to support future HTTP/1.x protocols |
| which may require clients to send absoluteURIs for all requests. |
| |
| In order to achieve this change subtle changes were made to the API. In a |
| request_rec, r->hostlen has been removed. r->unparsed_uri now exists so |
| that the unmodified uri can be retrieved easily. r->proxyreq is not set |
| by the core, modules must set it during the post_read_request or |
| translate_names phase. |
| |
| Plus changes to the virtualhost test suite for absoluteURI testing. |
| |
| This fixes several bugs with the proxy proxying requests to vhosts |
| managed by the same httpd. |
| [Dean Gaudet] |
| |
| *) API: Cleanup of code in http_vhost.c, and remove vhost matching |
| code from mod_rewrite. The vhost matching is now performed by a |
| globally available function matches_request_vhost(). [Dean Gaudet] |
| |
| *) Reduce memory usage, and speed up ServerAlias support. As a |
| side-effect users can list multiple ServerAlias directives |
| and they're all considered. |
| [Chia-liang Kao <clkao cirx.org>] PR#1531 |
| |
| *) The "poly" directive in image maps did not include the borders of the |
| polygon, whereas the "rect" directive does. Fix this inconsistency. |
| [Konstantin Morshnev <moko design.ru>] PR#1771 |
| |
| *) Make \\ behave as expected. [<Ronald.Tschalaer psi.ch>] |
| |
| *) Add the `%a' construct to LogFormat and CustomLog to log the client IP |
| address. [Todd Eigenschink <eigenstr mixi.net>] PR#1885 |
| |
| *) API: A new source module main/util_uri.c; It contains a routine |
| parse_uri_components() and friends which breaks a URI into its component |
| parts. These parts are stored in a uri_components structure called |
| parsed_uri within each request_rec, and are available to all modules. |
| Additionally, an unparse routine is supplied which re-assembles the URI |
| components back to an URI, optionally hiding the username:password@ part |
| from ftp proxy requests, and other useful routines. Within the structure, |
| you find on a ready-for-use basis: |
| scheme; /* scheme ("http"/"ftp"/...) */ |
| hostinfo; /* combined [user[:password]@]host[:port] */ |
| user; /* user name, as in http://user:passwd@host:port/ */ |
| password; /* password, as in http://user:passwd@host:port/ */ |
| hostname; /* hostname from URI (or from Host: header) */ |
| port_str; /* port string (integer representation is in "port") */ |
| path; /* the request path (or "/" if only scheme://host was given) */ |
| query; /* Everything after a '?' in the path, if present */ |
| fragment; /* Trailing "#fragment" string, if present */ |
| This is meant to serve as the platform for *BIG* savings in |
| code complexity for the proxy module (and maybe the vhost logic). |
| [Martin Kraemer] |
| |
| *) Make all possible meta-construct expansions ($N, %N, %{NAME} and |
| ${map:key}) available for all location where a string is created in |
| mod_rewrite rewriting rulesets: 1st arg of RewriteCond, 2nd arg of |
| RewriteRule and for the [E=NAME:STRING] flag of RewriteRule. This way the |
| possible expansions are consequently usable at all string creation |
| locations. [Ralf S. Engelschall] |
| |
| *) Fix initialization of RewriteLogLevel (default now is 0 as documented |
| and not 1) and the per-virtual-server merging of directives. Now all |
| directives except `RewriteEngine' and `RewriteOption' are either |
| completely overridden (default) or completely inherited (when |
| `RewriteOptions inherit') is used. [Ralf S. Engelschall] PR#1325 |
| |
| *) Fix `RewriteMap' program lookup in situations where such maps are |
| defined but disabled (`RewriteEngine off') in per-server context. |
| [Ralf S. Engelschall] PR#1431 |
| |
| *) Fix bug introduced in 1.3b4-dev, config with no Port setting would cause |
| server to bind to port 0 rather than 80. [Dean Gaudet] |
| |
| *) Fix long-standing problem with RewriteMap _programs_ under Unix derivates |
| (like SunOS and FreeBSD) which don't accept the locking of pipes |
| directly. A new directive RewriteLock is introduced which can be used to |
| setup a separate locking file which then is used for synchronization. |
| [Ralf S. Engelschall] PR#1029 |
| |
| *) WIN32: The server root is obtained from the registry key |
| HKLM\SOFTWARE\Apache Group\Apache\<version> (version is currently |
| "1.3 beta"), unless overridden by the -d command line flag. The |
| value is stored by running "apache -i -d serverroot". [Paul Sutton] |
| |
| *) Merged os/win32/mod_dll.c into modules/standard/mod_so.c to support |
| dynamic loading on Win32 and Unix via the same module. [Paul Sutton] |
| |
| *) Now mod_rewrite no longer makes problematic assumptions on the characters |
| a username can contain when trying to expand it via /etc/passwd. |
| [Ralf S. Engelschall] |
| |
| *) The mod_setenvif BrowserMatch backwards compatibility command did not |
| work properly with spaces in the regex. [Ronald Tschalaer] PR#1825 |
| |
| *) Add new RewriteMap types: First, `rnd' which is equivalent to the `txt' |
| type but with a special post-processing for the looked-up value: It |
| parses it into alternatives according to `|' chars and then only one |
| particular alternative is chosen randomly (this is an essential |
| functionality needed for balancing between backend-servers when using |
| Apache as a Reverse Proxy. The looked up value here is a list of |
| servers). Second, `int' with the built-in maps named `tolower' and |
| `toupper' which can be used to map URL parts to a fixed case (this is an |
| essential feature to fix the case of server names when doing mass |
| virtual-hosting with the help of mod_rewrite instead of using |
| <VirtualHost> sections). [Ralf S. Engelschall, parts based on code from |
| Jay Soffian <jay cimedia.com>] PR#1631 |
| |
| *) Add a new directive to mod_proxy similar to ProxyPass: `ProxyPassReverse'. |
| This directive lets Apache adjust the URL in Location-headers on HTTP |
| redirect responses sent by the remote server. This way the virtually |
| mapped area is no longer left on redirects and thus by-passed which is |
| especially essential when running Apache as a reverse proxy. |
| [Ralf S. Engelschall] |
| |
| *) Hide Proxy-Authorization from CGI/SSI/etc just like Authorization is |
| hidden. [Alvaro Martinez Echevarria] |
| |
| *) Apache will, when started with the -X (single process) debugging flag, |
| honor the SIGINT or SIGQUIT signals again now. This capability got lost |
| a while ago during OS/2 signal handling changes. |
| |
| *) [PORT] Work around the fact that NeXT runs on more than the |
| m68k chips in mod_status [Scott Anguish and Timothy Luoma |
| <luomat peak.org>] |
| |
| *) [PORT] Recognize FreeBSD versions so we can use the OS regex as well |
| as handling unsigned-chars for FreeBSD v3 and v2 [Andrey Chernov |
| <ache nagual.pp.ru> and Jim] PR#1450 |
| |
| *) Use SA_RESETHAND or SA_ONESHOT when installing the coredump handlers. |
| In particular the handlers could trigger themselves into an infinite |
| loop if RLimitMem was used with a small amount of memory -- too small |
| for the signal stack frame to be set up. [Dean Gaudet] |
| |
| *) Fix problems with absoluteURIs introduced during 1.3b4. [Dean Gaudet, |
| Alvaro Martinez Echevarria <alvaro lander.es>] |
| |
| *) Fix multiple UserDir problem introduced during 1.3b4-dev. |
| [Dean Gaudet] PR#1850 |
| |
| *) ap_cpystrn() had an off-by-1 error. |
| [Charles Fu <ccwf klab.caltech.edu>] PR#1847 |
| |
| *) API: As Ken suggested the check_cmd_context() function and related |
| defines are non-static now so modules can use 'em. [Martin Kraemer] |
| |
| *) mod_info would occasionally produce an unpaired <tt> in its |
| output. Fixed. [Martin Kraemer] |
| |
| *) By default AIX binds a process (and it's children) to a single |
| processor. httpd children now unbind themselves from that cpu |
| and re-bind to one selected at random via bindprocessor() |
| [Doug MacEachern] |
| |
| *) Linux 2.0 and above implement RLIMIT_AS, RLIMIT_DATA has almost no |
| effect. Work around it by using RLIMIT_AS for the RLimitMEM |
| directive. [Enrik Berkhan <enrik inka.de>] PR#1816 |
| |
| *) mod_mime_magic error message should indicate the filename when |
| reads fail. ["M.D.Parker" <mdpc netcom.com>] PR#1827 |
| |
| *) Previously Apache would permit </Files> to end <FilesMatch> (and |
| similary for Location and Directory), now this is diagnosed as an |
| error. Improve error messages for mismatched sections (<Files>, |
| <FilesMatch>, <Directory>, <DirectoryMatch>, ...). |
| [Dean Gaudet, Martin Kraemer] |
| |
| *) <Files> is not permitted within <Location> (because of the |
| semantic ordering). [Dean Gaudet] PR#379 |
| |
| *) <Files> with wildcards was broken by the change in wildcard |
| semantics (* does not match /). To fix this, <Files> now |
| apply only to the basename of the request filename. This |
| fixes some other inconsistencies in <Files> semantics |
| (such as <Files a*b> not working). [Dean Gaudet] PR#1817 |
| |
| *) Removed bogus "dist.tar" target from Makefile.tmpl and make sure |
| backup files are removed on "clean" target [Ralf S. Engelschall] |
| |
| *) PORT: Add -lm to LIBS for HPUX. [Dean Gaudet] PR#1639 |
| |
| *) Various errors from select() and accept() in child_main() would |
| result in an infinite loop. It seems these two tickle kernel |
| or library bugs occasionally, and result in log spammage and |
| a generally bad scene. Now the child exits immediately, |
| which seems to be a good workaround. |
| [Dean Gaudet] PR#1747, 1107, 588, 1787, 987, 588 |
| |
| *) Cleaned up some race conditions in unix child_main during |
| initialization. [Dean Gaudet] |
| |
| *) SECURITY: "UserDir /abspath" without a * in the path would allow |
| remote users to access "/~.." and bypass access restrictions |
| (but note /~../.. was handled properly). |
| [Lauri Jesmin <jesmin ut.ee>] PR#1701 |
| |
| *) API: os_is_path_absolute() now takes a const char * instead of a char *. |
| [Dean Gaudet] |
| |
| Changes with Apache 1.3b5 |
| |
| *) Source file dependencies in Makefile.tmpl files throughout the |
| source tree were updated to accurately reflect reality. |
| [Dean Gaudet] |
| |
| *) Preserve the content encoding given by the AddEncoding directive |
| when the client doesn't otherwise specify an encoding. |
| [Ronald Tschalaer <Ronald.Tschalaer psi.ch>] |
| |
| *) Sort out problems with canonical filename handling happening too late. |
| [Dean Gaudet, Ben Laurie] |
| |
| Changes with Apache 1.3b4 |
| |
| *) The module structure was modified to include a *dynamic_load_handle |
| in the STANDARD_MODULE_STUFF portion, and the MODULE_MAGIC_NUMBER |
| has been bumped accordingly. [Paul Sutton] |
| |
| *) All BrowserMatch directives mentioned in |
| htdocs/manual/known_client_problems.html are in the default |
| configuration files. [Lars Eilebrecht] |
| |
| *) MiNT port update. [Jan Paul Schmidt] |
| |
| *) HTTP/1.1 requires x-gzip and gzip encodings be treated |
| equivalent, similarly for x-compress and compress. Apache |
| now ignores a leading x- when comparing encodings. It also |
| preserves the encoding the client requests (for example if |
| it requests x-gzip, then Apache will respond with x-gzip |
| in the Content-Encoding header). |
| [Ronald Tschalaer <Ronald.Tschalaer psi.ch>] PR#1772 |
| |
| *) Fix a memory leak on keep-alive connections. [Igor Tatarinov] |
| |
| *) Added mod_so module to support dynamic loading of modules on Unix |
| (like mod_dld for Win32). This replaces mod_dld.c. Use SharedModule |
| instead of AddModule in Configuration to build shared modules |
| [Sameer Parekh, Paul Sutton] |
| |
| *) Minor cleanups to r->finfo handling in some modules. |
| [Dean Gaudet] |
| |
| *) Abstract read()/write() to ap_read()/ap_write(). |
| Makes it easier to add other types of IO code such as SFIO. |
| [Randy Terbush] |
| |
| *) API: Generalize default_port manipulations to make support of |
| different protocols easier. [Ben Laurie, Randy Terbush] |
| |
| *) There are many cases where users do not want Apache to form |
| self-referential urls using the "canonical" ServerName and Port. |
| The new UseCanonicalName directive (default on), if set to off |
| will cause Apache to use the client-supplied hostname and port. |
| API: Part of this change required a change to the construct_url() |
| prototype; and the addition of get_server_name() and |
| get_server_port(). |
| [Michael Douglass <mikedoug texas.net>, Dean Gaudet] |
| PR#315, 459, 485, 1433 |
| |
| *) Yet another rearrangement of the source tree.. now all the common |
| header files are in the src/include directory. The -Imain -Iap |
| references in Makefiles have been changed to the simpler -Iinclude |
| instead. In addition to simplifying the build a little bit, this |
| also makes it clear when a module is referencing something in a |
| other than kosher manner (e.g., the proxy including mod_mime.h). |
| Module-private header files (the proxy, mod_mime, the regex library, |
| and mod_rewrite) have not been moved to src/include; nor have |
| the OS-abstraction files. [Ken Coar] |
| |
| *) Fix a bug where r->hostname didn't have the :port stripped |
| from it. [Dean Gaudet] |
| |
| *) Tweaked the headers_out table size, and the subprocess_env |
| table size guess in rename_original_environment(). Added |
| MAKE_TABLE_PROFILE which can help discover make_table() |
| calls that use too small an initial guess, see alloc.c. |
| [Dean Gaudet] |
| |
| *) Options and AllowOverride weren't properly merging in the main |
| server setting inside vhosts (only an issue when you have no |
| <Directory> or other section containing an Options that affects |
| a request). Options +foo or -foo in the main_server wouldn't |
| affect the main_server's lookup defaults. [Dean Gaudet] |
| |
| *) Variable 'cwd' was being used pointlessly before being set. |
| [Ken Coar] PR#1738 |
| |
| *) r->allowed handling cleaned up in the standard modules. |
| [Dean Gaudet] |
| |
| *) Some case-sensitivity issues cleaned up to be consistent with |
| RFC2068. [Dean Gaudet] |
| |
| *) SIGURG doesn't exist everywhere. |
| [Mark Andrew Heinrich <heinrich tinderbox.Stanford.EDU>] |
| |
| *) mod_unique_id was erroneously generating a second unique id when |
| an internal redirect occured. Such redirects occur, for example, |
| when processing a DirectoryIndex match. [Dean Gaudet] |
| |
| *) API: table_add, table_merge, and table_set include implicit pstrdup() |
| of the key and value. But in many cases this is not required |
| because the key/value is a constant, or the value has been built |
| by pstrcat() or other similar means. New routines table_addn, |
| table_mergen, and table_setn have been added to the API, these |
| routines do not pstrdup() their arguments. The core code and |
| standard modules were changed to take advantage of these routines. |
| The resulting server is up to 20% faster in some situations. |
| |
| Note that it is easy to get code subtly wrong if you pass a key/value |
| which is in a pool other than the pool of the table. The only |
| safe thing to do is to pass key/values which are in the pool of |
| the table, or in one of the ancestors of the pool of the table. |
| i.e. if the table is part of a subrequest, a value from the main |
| request's pool is OK since the subrequest pool is a sub_pool of the |
| main request's pool (and therefore has a lifespan at most as long as |
| the main pool). There is debugging code which can detect improper |
| usage, enabled by defining POOL_DEBUG. See alloc.c for more details. |
| [Dmitry Khrustalev <dima bog.msu.su>, Dean Gaudet] |
| |
| *) More mod_mime_magic cleanup: fewer syscalls; should handle "files" |
| which don't exist on disk more gracefully; handles vhosts properly. |
| Update documentation to reflect the code -- if there's no |
| MimeMagicFile directive then the module is not enabled. |
| [Dean Gaudet] |
| |
| *) PORT: Some older *nix dialects cannot automatically start scripts |
| which begin with a #! interpreter line (the shell starts the scripts |
| appropriately on these platforms). Apache now supports starting of |
| "hashbang-scripts" when the NEED_HASHBANG_EMUL define is set. |
| [Martin Kraemer, with code from Peter Wemm <peter zeus.dialix.oz.au> |
| taken from tcsh] |
| |
| *) API: "typedef array_header table" removed from alloc.h, folks should |
| have been writing to use table as if it were an opaque type, but even |
| some standard modules got this wrong. By changing the definition |
| to "typedef struct table table" module authors will receive compile |
| time warnings that they're doing the wrong thing. This change |
| facilitates future changes with more sophisticated table |
| structures. Specifically, module authors should be using table_elts() |
| to get access to an array_header * for the table. [Dean Gaudet] |
| |
| *) API: Renamed new_connection() to avoid namespace collision with LDAP |
| library routines. [Ken Coar, Rasmus Lerdorf] |
| |
| *) WIN32: mod_speling is now available on the Win32 platform. |
| [Marc Slemko] |
| |
| *) For clarity the following compile time definition was changed: |
| |
| SAFE_UNSERIALIZED_ACCEPT -> SINGLE_LISTEN_UNSERIALIZED_ACCEPT |
| |
| Also, for example, HAVE_MMAP would mean to use mmap() scoreboards |
| and not be a general notice that the OS has mmap(). Now the |
| HAVE_MMAP/SHMGET #defines strictly are informational that the |
| OS has that method of shared memory; the type to use for |
| the scoreboard is a seperate #define (USE_MMAP_SCOREBOARD |
| and USE_SHMGET_SCOREBOARD). This allows outside modules to |
| determine if shared memory is available and allows Apache |
| to determine the best method to use for the scoreboard. |
| [Jim Jagielski] |
| |
| *) PORT: UnixWare 2.1.2 SMP appears to require USE_FCNTL_SERIALIZED_ACCEPT, |
| as do various earlier versions. It should be safe on all versions. |
| Unixware 1.x appears to have the same SIGHUP bug as solaris does with |
| the slack code. A few other cleanups for Unixware. |
| [Tom Hughes <thh cyberscience.com>] PR#1082, PR#1282, PR#1499, PR#1553 |
| |
| *) PORT: A/UX can handle single-listen accepts without mutex |
| locking, so we add SINGLE_LISTEN_UNSERIALIZED_ACCEPT. [Jim Jagielski] |
| |
| *) When die() happens we need to eat any request body if one exists. |
| Otherwise we can't continue with a keepalive session. This shows up |
| as a POST problem with MSIE 4.0, typically against pages which are |
| authenticated. [Roy Fielding] PR#1399 |
| |
| *) If you define SECURITY_HOLE_PASS_AUTHORIZATION then the Authorization |
| header will be passed to CGIs. This is generally a security hole, so |
| it's not a default. [Marc Slemko] PR#549 |
| |
| *) Fix Y2K problem with date printing in suexec log. |
| [Paul Eggert <eggert twinsun.com>] PR#1343 |
| |
| *) WIN32 deserves a pid file. [Ben Hyde] |
| |
| *) suexec errors now include the errno/description. [Marc Slemko] PR#1543 |
| |
| *) PORT: OSF/1 now uses USE_FLOCK_SERIALIZED_ACCEPT to solve PR#467. |
| The choice of flock vs. fcntl was made based on timings which showed that |
| even on non-NFS, non-exported filesystems fcntl() was an order of |
| magnitude slower. It also uses SINGLE_LISTEN_UNSERIALIZED_ACCEPT so |
| that single socket users will see no difference. [Dean Gaudet] PR#467 |
| |
| *) "File does not exist" error message was erroneously including the |
| errno. [Marc Slemko] |
| |
| *) Improve the warning message generated when a client drops the |
| connection (hits stop button, etc.) during a send. [Roy Fielding] |
| |
| *) Defining GPROF will disable profiling in the parent and enable it |
| in the children. If you're profiling under Linux this is pretty much |
| necessary because SIGPROF is lost across a fork(). [Dean Gaudet] |
| |
| *) htdigest and htpasswd needed slight tweaks to work on OS/2 and WIN32. |
| [Brian Havard] |
| |
| *) The NeXT cc (which is gcc hacked up) doesn't appear to support some |
| gcc functionality. Work around it. |
| [Keith Severson <keith sssd.navy.mil>] PR#1613 |
| |
| *) Some linkers complain when .o files contain no functions. |
| [Keith Severson <keith sssd.navy.mil>] PR#1614 |
| |
| *) Some const declarations in mod_imap.c that were added for debugging |
| purposes caused some compilers heartburn without adding any |
| significant value, so they've been removed. [Ken Coar] |
| |
| *) The src/main/*.h header files have had #ifndef wrappers added to |
| insulate them against duplicate calls if they get included through |
| multiple paths (e.g., in .c files as well as other .h files). |
| [Ken Coar] |
| |
| *) The libap routines now have a header file for their prototypes, |
| src/ap/ap.h, to ease their use in non-httpd applications. [Ken Coar] |
| |
| *) mod_autoindex with a plaintext header file would emit the <PRE> |
| start-tag before the HTML preamble, rather than after the preamble |
| but before the header file contents. [John Van Essen <jve gamers.org>] |
| PR#1667 |
| |
| *) SECURITY: Fix a possible buffer overflow in logresolve. This is |
| only an issue on systems without a MAXDNAME define or where |
| the resolver returns domain names longer than MAXDNAME. [Marc Slemko] |
| |
| *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which |
| is used to read various types of files such as htaccess and |
| htpasswd files. [Marc Slemko] |
| |
| *) SECURITY: Ensure that the buffer returned by ht_time is always |
| properly null terminated. [Marc Slemko] |
| |
| *) The "Connection" header could be sent back with multiple "close" |
| tokens. Not an error, but a waste. |
| [<Ronald.Tschalaer psi.ch>] PR#1683 |
| |
| *) mod_rewrite's RewriteLog should behave like mod_log_config, it |
| shouldn't force hostname lookups. [Dean Gaudet] PR#1684 |
| |
| *) "basic" auth needs a case-insensitive comparison. |
| [<Ronald.Tschalaer psi.ch>] PR#1666 |
| |
| *) For maximum portability, the environment passed to CGIs should |
| only contain variables whose names match the regex |
| /[a-zA-Z][a-zA-Z0-9_]*/. This is now enforced by stamping |
| underscores over any character outside the regex. This |
| affects HTTP_* variables, in a way that should be backward |
| compatible for all the standard headers; and affects variables |
| set with SetEnv/BrowserMatch and similar directives. |
| [Dean Gaudet] |
| |
| *) mod_speling returned incorrect HREF's when an ambigous match |
| was found. Noticed by <robinton amtrash.comlink.de> (Soeren Ziehe) |
| [Soeren Ziehe <robinton amtrash.comlink.de>, Martin Kraemer] |
| |
| *) PORT: Apache now compiles & runs on an EBCDIC mainframe |
| (the Siemens BS2000/OSD family) in the POSIX subsystem |
| [Martin Kraemer] |
| |
| *) PORT: Fix problem killing children when terminating. Allow ^C |
| to shut down the server. [Brian Havard] |
| |
| *) pstrdup() is implicit in calls to table_* functions, so there's |
| no need to do it before calling. Clean up a few cases. |
| [Marc Slemko, Dean Gaudet] |
| |
| *) new -C and -c command line arguments |
| usage: |
| -C "directive" : process directive before reading config files |
| -c "directive" : process directive after reading config files |
| example: |
| httpd -C "PerlModule Apache::httpd_conf" |
| [Doug MacEachern, Martin Kraemer] |
| |
| *) WIN32: Fix the execution of CGIs that are scripts and called |
| with path info that does not have an '=' in. |
| (eg. http://server/cgi-bin/printenv?foobar) |
| [Marc Slemko] PR#1591 |
| |
| *) WIN32: Fix a call to os_canonical_filename so it doesn't try to |
| mess with fake filenames. This fixes proxy caching on |
| win32. PR#1265 |
| |
| *) SECURITY: General mod_include cleanup, including fixing several |
| possible buffer overflows and a possible infinite loop. |
| [Dean Gaudet, Marc Slemko] |
| |
| *) SECURITY: Numerous changes to mod_imap in a general cleanup |
| including fixing a possible buffer overflow. [Dean Gaudet] |
| |
| *) WIN32: overhaul of multithreading code. Shutdowns are now graceful |
| (connections are not dropped). Code can handle graceful restarts |
| (but there is as yet no way to signal this to Apache). Various |
| other cleanups. [Paul Sutton] |
| |
| *) The aplog_error changes specific to 1.3 introduced a buffer |
| overrun in the (now legacy) log_printf function. Fixed. |
| [Dean Gaudet] |
| |
| *) mod_digest didn't properly deal with proxy authentication. It |
| also lacked a case-insensitive comparision of the "Digest" |
| token. [Ronald Tschalaer <Ronald.Tschalaer psi.ch>] PR#1599 |
| |
| *) A few cleanups in mod_status for efficiency. [Dean Gaudet] |
| |
| *) A few cleanups in mod_info to make it thread-safe, and remove an |
| off-by-5 bug that could hammer \0 on the stack. [Dean Gaudet] |
| |
| *) no2slash() was O(n^2) in the length of the input. Make it O(n). |
| [Dean Gaudet] |
| |
| *) API: migration from strncpy() to our "enhanced" version called |
| ap_cpystrn() for performance and functionality reasons. |
| Located in libap.a. [Jim Jagielski] |
| |
| *) table_set() and table_unset() did not deal correctly with |
| multiple occurrences of the same key. [Stephen Scheck |
| <sscheck infonex.net>, Ben Laurie] PR#1604 |
| |
| *) The AuthName must now be enclosed in quotes if it is to contain |
| spaces. [Ken Coar] PR#1195 |
| |
| *) API: new function: ap_escape_quotes(). [Ken Coar] PR#1195 |
| |
| *) WIN32: Work around optimiser bug that killed ISAPI in release |
| versions. [Ben Laurie] PR#1533 |
| |
| *) PORT: Update the MPE port [Mark Bixby, Jim Jagielski] |
| |
| *) Interim (slow) fix for p->sub_pool critical sections in |
| alloc.c (affects win32 only). [Ben Hyde] |
| |
| *) non-WIN32 was missing destroy_mutex definition. [Ben Hyde] |
| |
| *) send_fd_length() did not calculate total_bytes_sent properly. |
| [Ben Reser <breser regnow.com>] PR#1366 |
| |
| *) The bputc() macro was not properly integrated with the chunking |
| code; in many cases modules using bputc() could cause completely |
| bogus chunked output. (Typically this will show up as problems |
| with Internet Explorer 4.0 reading a page, but other browsers |
| having no problem.) [Dean Gaudet] |
| |
| *) Create LARGE_WRITE_THRESHOLD define which determines how many |
| bytes have to be supplied to bwrite() before it will consider |
| doing a writev() to assemble multiple buffers in one system |
| call. This is critical for modules such as mod_include, |
| mod_autoindex, mod_php3 which all use bputc()/bputs() of smaller |
| strings in some cases. The result would be extra effort |
| setting up writev(), and in many cases extra effort building |
| chunks. The default is 31, it can be overriden at compile |
| time. [Dean Gaudet] |
| |
| *) Move the gid switching code into the child so that log files |
| and pid files are opened with the root gid. |
| [Gregory A Lundberg <lundberg vr.net>] |
| |
| *) WIN32: Check for binaries by looking for the executable header |
| instead of counting control characters. |
| [Jim Patterson <Jim.Patterson Cognos.COM>] PR#1340 |
| |
| *) ap_snprintf() moved from main/util_snprintf.c to ap/ap_snprintf.c |
| so the functionality is available to applications other than the |
| server itself (like the src/support tools). [Ken Coar] |
| |
| *) ap_slack() moved out of main/util.c into ap/ap_slack.c as part of |
| the libap consolidation work. [Ken Coar] |
| |
| *) ap_snprintf() with a len of 0 behaved like sprintf(). This is not |
| useful, and isn't what the standards require. Now it returns 0 |
| and writes nothing. [Dean Gaudet] |
| |
| *) When an error occurs in fcntl() locking suggest the user look up |
| the docs for LockFile. [Dean Gaudet] |
| |
| *) Eliminate some dead code from writev_it_all(). |
| [Igor Tatarinov <tatarino prairie.NoDak.edu>] |
| |
| *) mod_autoindex had an fread() without checking the result code. |
| It also wouldn't handle "AddIconByType (TXT,/icons/text.gif text/*" |
| (note the missing closing paren) properly. [Dean Gaudet] |
| |
| *) It appears the "257th byte" bug (see |
| htdocs/manual/misc/known_client_problems.html#257th-byte) can happen |
| at the 256th byte as well. Fixed. [Dean Gaudet] |
| |
| *) PORT: Fix mod_mime_magic under OS/2, no support for block devices. |
| [Brian Havard] |
| |
| *) Fix memory corruption caused by allocating auth usernames in the |
| wrong pool. [Dean Gaudet] PR#1500 |
| |
| *) Fix an off-by-1, and an unterminated string error in |
| mod_mime_magic. [Dean Gaudet] |
| |
| *) Fix a potential SEGV problem in mod_negotiation when dealing |
| with type-maps. [Dean Gaudet] |
| |
| *) Better glibc support under Linux. [Dean Gaudet] PR#1542 |
| |
| *) "RedirectMatch gone /" would cause a SIGSEGV. [Dean Gaudet] PR#1319 |
| |
| *) WIN32: avoid overflows during file canonicalisations. |
| [<malcolm mgdev.demon.co.uk>] PR#1378 |
| |
| *) WIN32: set_file_slot() didn't detect absolute paths. [Ben Laurie] |
| PR#1511, 1508 |
| |
| *) WIN32: mod_status display header didn't match fields. [Ben Laurie] |
| |
| *) The pthread_mutex_* functions return an error code, and don't |
| set errno. [Igor Tatarinov <tatarino prairie.NoDak.edu>] |
| |
| *) WIN32: Allow spaces to prefix the interpreter in #! lines. |
| [Ben Laurie] PR#1101 |
| |
| *) WIN32: Cure file leak in CGIs. [Peter Tillemans <pti net4all.be>] PR#1523 |
| |
| *) proxy_ftp: the directory listings generated by the proxy ftp module |
| now have a title in which the path components are clickable and allow |
| quick navigation to the clicked-on directory on the currently listed |
| ftp server. This also fixes a bug where the ".." directory links would |
| sometimes refer to the wrong directory. [Martin Kraemer] |
| |
| *) WIN32: Allocate the correct amount of memory for the scoreboard. |
| [Ben Hyde] PR#1387 |
| |
| *) WIN32: Only lowercase the part of the path that is real. [Ben Laurie] |
| PR#1505 |
| |
| *) Fix problems with timeouts in inetd mode and -X mode. [Dean Gaudet] |
| |
| *) Fix the spurious "(0)unknown error: mmap_handler: mmap failed" |
| error messages. [Ben Hyde] |
| |
| Changes with Apache 1.3b3 |
| |
| *) WIN32: Work around brain-damaged spawn calls that can't deal |
| with spaces and slashes. [Ben Laurie] |
| |
| *) WIN32: Fix the code so CGIs can use socket calls on Windows. |
| The problem was that certain undocumented environment variables |
| needed for sockets to work under Win32 were not being passed. |
| [Frank Faubert <frank sane.com>] |
| |
| *) Add a "-V" command line flag to the httpd binary. This |
| flag shows some of the defines that Apache was compiled with. |
| It is useful for debugging purposes. [Martin Kraemer] |
| |
| *) Start separating the ap_*() routines into their own library, so they |
| can be used by items in src/support among other things. |
| [Ken Coar] PR#512, 905, 1252, 1308 |
| |
| *) Give a more informative error when no AuthType is set. |
| [Lars Eilebrecht] |
| |
| *) Remove strtoul() use from mod_proxy because it isn't available |
| on all platforms. [Marc Slemko] PR#1214 |
| |
| *) WIN32: Some Win32 systems terminated all responses after 16 kB. |
| This turns out to be a bug in Winsock - select() doesn't always |
| return the correct status. [Ben Laurie] |
| |
| *) Directives owned by http_core can now use the new check_cmd_context() |
| routine to ensure that they're not being used within a container |
| (e.g., <Directory>) where they're invalid. [Martin Kraemer] |
| |
| *) PORT: Recent changes made it necessary to add explicit prototype |
| for fgetc() and fgets() on SunOS 4.x. [Martin Kraemer, Ben Hyde] |
| |
| *) It was necessary to distinguish between resources which are |
| allocated in the parent, for cleanup in the parent, and resources |
| which are allocated in each child, for cleanup in each child. |
| A new pool was created which is passed to the module child_init |
| and child_exit functions; modules are free to register per-child |
| cleanups there. This fixes a bug with reliable piped logs. |
| [Dean Gaudet] |
| |
| *) mod_autoindex wasn't displaying the ReadmeName file at the bottom |
| unless it was also doing FancyIndexes, but it displayed the |
| HeaderName file at the top under all circumstances. It now shows |
| the ReadmeName file for simple indices, too, as it should. |
| [Ken Coar] PR#1373 |
| |
| *) http_core was mmap()ing even in cases where it wasn't going to |
| read the file. [Ben Hyde <bhyde gensym.com>] |
| |
| *) Complete rewrite ;-) of mod_rewrite's URL rewriting engine: |
| Now the rewriting engine (the heart of mod_rewrite) is organized more |
| straight-forward, first time well documented and reduced to the really |
| essential parts. All redundant cases were stripped off and processing now |
| is the same for both per-server and per-directory context with only a |
| minimum difference (the prefix stripping in per-dir context). As a |
| side-effect some subtle restrictions and two recently discovered problems |
| are gone: Wrong escaping of QUERY_STRING on redirects in per-directory |
| context and restrictions on the substitution URL on redirects. |
| Additionally some minor source cleanups were done. |
| [Ralf S. Engelschall] |
| |
| *) Lars Eilebrecht wrote a whole new set of Apache Vhost Internals |
| documentation, examples, explanations and caveats. They live in a new |
| subdirectory htdocs/manual/vhost/. [Lars Eilebrecht <sfx unix-ag.org>] |
| |
| *) If ap_slack fails to allocate above the low slack line it's a good |
| indication that further problems will occur; it's a better indication |
| than many external libraries give us when we actually run out of |
| descriptors. So report it to the user once per restart. |
| [Dean Gaudet] PR#1181 |
| |
| *) Change mod_include and mod_autoindex to use Y2K-safe date formats |
| by default. [Ken Coar] |
| |
| *) Add a "SuppressColumnSorting" option to the IndexOptions list, |
| which will keep the column heading from being links for sorting |
| the display. [Ken Coar, suggested by Brian Tiemann <btman pacific.net>] |
| PR #1261 |
| |
| *) PORT: Update the LynxOS port. [Marius Groeger <mag sysgo.de>] |
| |
| *) Fix logic error when issuing a mmap() failed message |
| with a non-zero MMAP_THRESHOLD. |
| [David Chambers <davidc flosun.salk.edu>] PR#1294 |
| |
| *) Preserve handler value on ProxyPass'ed requests by not |
| calling find_types on a proxy'd request; fixes problems |
| where some ProxyPass'ed URLs weren't actually passed |
| to the proxy. |
| [Lars Eilebrecht] PR#870 |
| |
| *) Fix a byte ordering problem in mod_access which prevented |
| the old-style syntax (i.e. "a.b.c." to match a class C) |
| from working properly. [Dean Gaudet] PR#1248, 1328, 1384 |
| |
| *) Fix problem with USE_FLOCK_SERIALIZED_ACCEPT not working |
| properly. Each child needs to open the lockfile instead |
| of using the passed file-descriptor from the parent. |
| [Jim Jagielski] PR#1056 |
| |
| *) Fix the error logging in mod_cgi; the recent error log changes |
| introduced a bug that prevented it from working correctly. |
| [M.D.Parker] PR#1352 |
| |
| *) Default to USE_FCNTL_SERIALIZED_ACCEPT on HPUX to properly |
| handle multiple Listen directives. [Marc Slemko] PR#872 |
| |
| *) Inherit a bugfix to fnmatch.c from FreeBSD sources. |
| ["[KOI8-R] áÎÄÒÅÊ þÅÒÎÏ×" <ache nagual.pp.ru>] PR#1311 |
| |
| *) When a configuration parse complained about a bad directive, |
| the logger would use whatever (unrelated) value was in errno. |
| errno is now forced to EINVAL first in this case. [Ken Coar] |
| |
| *) A sed command in the Configure script pushed the edge of POSIXness, |
| breaking on some systems. [Bhaba R.Misra <system vt.edu>] PR#1368 |
| |
| *) Solaris >= 2.5 was totally broken due to a mess up using pthread |
| mutexes. [Roy Fielding, Dean Gaudet] |
| |
| *) OS/2 Port updated; it should be possible to build OS/2 from the same |
| sources as Unix now. [Brian Havard <brianh kheldar.apana.org.au>] |
| |
| *) Fix a year formatting bug in mod_usertrack. |
| [Paul Eggert <eggert twinsun.com>] PR#1342 |
| |
| *) A mild SIGTERM/SIGALRM race condition was eliminated. |
| [Dean Gaudet] PR#1211 |
| |
| *) Warn user that default path has changed if /usr/local/etc/httpd |
| is found on the system. [Lars Eilebrecht] |
| |
| *) Various mod_mime_magic bug fixes and cleanups: Uncompression |
| should work, it should work on WIN32, and a few resource |
| leaks and abort conditions are fixed. |
| [Dean Gaudet] PR#1205 |
| |
| *) PORT: On AIX 1.x files can't be named '@', fix the proxy cache |
| to use '%' instead of '@' in its encodings. |
| [David Schuler <schuld btv.ibm.com>] PR#1317 |
| |
| *) Improve the warning message generated when the "server is busy". |
| [Dean Gaudet] PR#1293 |
| |
| *) PORT: All ports which don't otherwise define DEF_WANTHSREGEX will |
| get Spencer regex by default. This is to avoid having to |
| discover bugs in operating system libraries. [Dean Gaudet] |
| |
| *) PORT: "Fix" PR#467 by generating warnings on systems which we have |
| not been able to get working USE_*_SERIALIZED_ACCEPT settings for. |
| Document this a bit more in src/PORTING. [Dean Gaudet] PR#467 |
| |
| *) Ensure that one copy of config warnings makes it to the |
| error_log. [Dean Gaudet] |
| |
| *) Invent new structure and associated methods to handle config file |
| reading. Add "custom" hook to use config file cfg_getline() on |
| something which is not a FILE* [Martin Kraemer] |
| |
| *) Make single-exe Windows install. [Ben Laurie and Eric Esselink] |
| |
| *) WIN32: Make CGI work under Win95. [Ben Laurie and Paul Sutton] |
| |
| *) WIN32: Make index.html and friends work under Win95. [Ben Laurie] |
| |
| *) PORT: Solaris 2.4 needs Spencer regex, the system regex is broken. |
| [John Line <jml4 cam.ac.uk>] PR#1321 |
| |
| *) Default pathname has been changed everywhere to /usr/local/apache |
| [Sameer <sameer c2.net>] |
| |
| *) PORT: AIX now uses USE_FCNTL_SERIALIZED_ACCEPT. |
| [David Bronder <David-Bronder uiowa.edu>] PR#849 |
| |
| *) PORT: i386 AIX does not have memmove. |
| [David Schuler <schuld btv.ibm.com>] PR#1267 |
| |
| *) PORT: HPUX now defaults to using Spencer regex. |
| [Philippe Vanhaesendonck <pvanhaes be.oracle.com>, |
| Omar Del Rio <al112263 academ01.lag.itesm.mx>] PR#482, 1246 |
| |
| *) PORT: Some versions of NetBSD don't automatically define |
| __NetBSD__. Workaround by defining NETBSD. |
| [Chris Craft <ccraft cncc.cc.co.us>] PR#977 |
| |
| *) PORT: UnixWare 2.x requires -lgen for syslog. |
| [Hans Snijder <hs meganet.nl>] PR#1249 |
| |
| *) PORT: ULTRIX appears to not have syslog. |
| [Lars Eilebrecht <Lars.Eilebrecht unix-ag.org>] |
| |
| *) PORT: Basic Gemini port (treat it like unixware212). |
| ["Pavel Yakovlev (Paul McHacker)" <hac tomcat.olly.ru>] |
| |
| *) PORT: All SVR4 systems now use NET_SIZE_T = size_t, and |
| use USE_SHMGET_SCOREBOARD. |
| [Martin Kraemer] |
| |
| *) Various improvements in detecting config file errors (missing closing |
| directives for <Directory>, <Files> etc. blocks, prohibiting global |
| server settings in <VirtualHost> blocks, flagging unhandled multiple |
| arguments to <Directory>, <Files> etc.) |
| [Martin Kraemer] |
| |
| *) Add support to suexec wrapper program for mod_unique_id's UNIQUE_ID |
| variable to provide this one to suexec'd CGIs, too. |
| [M.D.Parker <mdpc netcom.com>] PR#1284 |
| |
| *) New support tool: src/support/split-logfile, a sample Perl script which |
| splits up a combined access log into separate files based on the |
| name of the virtual host (listed first in the log records by "%v"). |
| [Ken Coar] |
| |
| Changes with Apache 1.3b2 (there is no 1.3b1) |
| |
| *) TestCompile was not passing $LIBS [Dean Gaudet] |
| |
| *) Makefile.tmpl was not using $CFLAGS in the link phase. |
| [Martin Kraemer] |
| |
| *) Add debugging code to alloc.c. Defining ALLOC_DEBUG provides a |
| rudimentary memory debugger which can be used on live servers with |
| low impact -- it sets all allocated and freed memory bytes to 0xa5. |
| Defining ALLOC_USE_MALLOC will cause the alloc code to use malloc() |
| and free() for each object. This is far more expensive and should |
| only be used for testing with tools such as Electric Fence and |
| Purify. See main/alloc.c for more details. [Dean Gaudet] |
| |
| *) Configure uses a sh trap and didn't set its exitcode properly. |
| [Dean Gaudet] PR#1159 |
| |
| *) Yet another vhost revamp. Add the NameVirtualHost directive which |
| explicitly lists the ip:port pairs that are to be used for name-vhosts. |
| From a given ip:port, regardless what the Host: header is, you can |
| only reach the vhosts defined on that ip:port. The precedence of |
| vhosts was reversed to match other precedences in the config -- |
| the earlier vhosts override the later vhosts. All vhost matching was |
| moved into http_vhost.[ch]. [Dean Gaudet] |
| |
| *) ap_inline can be used to force inlining. GNUC __attribute__() can |
| be used for whatever reason is appropriate (i.e. format() warnings |
| for printf style functions). Both are enabled only with |
| gcc >= 2.7.x (so that we have fewer support issues with older |
| versions). [Dean Gaudet] |
| |
| *) Fix support for Proxy Authentication (we were testing the response |
| status too early). [Marc Slemko] |
| |
| *) CoreDumpDirectory directive directs where the core file is |
| written when a SIGSEGV, SIGBUS, SIGABORT or SIGABRT are |
| received. [Marc Slemko, Dean Gaudet] |
| |
| *) PORT: Support for Atari MINT. |
| [Jan Paul Schmidt <Jan.P.Schmidt mni.fh-giessen.de>] |
| |
| *) When booting, apache will now detach itself from stdin, stdout, |
| and stderr. stderr will not be detached until after the config |
| files have been read so you will be able to see initial error |
| messages. After that all errors are logged in the error_log. |
| This makes it more convenient to start apache via rsh, ssh, |
| or crontabs. [Dean Gaudet] PR#523 |
| |
| *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake. |
| Also removed the auto-generated link to www.apache.org that was the |
| source of so many misdirected bug reports. [Roy Fielding, Marc Slemko] |
| |
| *) send_fb would not detect aborted connections in some situations. |
| [Dean Gaudet] |
| |
| *) mod_include would use uninitialized data when parsing certain |
| expressions involving && and ||. [Brian Slesinsky] PR#1139 |
| |
| *) mod_imap should only handle GET methods. [Jay Bloodworth] |
| |
| *) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour] |
| |
| *) mod_autoindex improperly counted &escapes; as more than one |
| character in the description. It also improperly truncated |
| descriptions that were exactly the maximum length. |
| [Martin Kraemer] |
| |
| *) RedirectMatch was not properly escaping the result (PR#1155). Also |
| "RedirectMatch /advertiser/(.*) $1" is now permitted. |
| [Dean Gaudet] |
| |
| *) mod_include now uses symbolic names to check for request success |
| and return HTTP errors, and correctly handles all types of |
| redirections (previously it only did temporary redirect correctly). |
| [Ken Coar, Roy Fielding] |
| |
| *) mod_userdir was modifying r->finfo in cases where it wasn't setting |
| r->filename. Since those two are meant to be in sync with each other |
| this is a bug. ["Paul B. Henson" <henson intranet.csupomona.edu>] |
| |
| *) PORT: Support Unisys SVR4, whose uname returns mostly useless data. |
| ["Kaufman, Steven E" <Steven.Kaufman unisys.com>] |
| |
| *) Inetd mode (which is buggy) uses timeouts without having setup the |
| jmpbuffer. [Dean Gaudet] PR#1064 |
| |
| *) Work around problem under Linux where a child will start looping |
| reporting a select error over and over. |
| [Rick Franchuk <rickf transpect.net>] PR#1107, 987, 588 |
| |
| *) Fixed error in proxy_util.c when looping through multiple host IP |
| addresses. [Lars Eilebrecht] PR#974 |
| |
| *) If BUFFERED_LOGS is defined then mod_log_config will do atomic |
| buffered writes -- that is, it will buffer up to PIPE_BUF (i.e. 4k) |
| bytes before writing, but it will never split a log entry across a |
| buffer boundary. [Dean Gaudet] |
| |
| *) API: the short_score record has been split into two pieces, one which |
| the parent writes on, and one which the child writes on. As part of |
| this change the get_scoreboard_info() function was removed, and |
| scoreboard_image was exported. This change fixes a race condition |
| in file based scoreboard systems, and speeds up changes involving the |
| scoreboard in earlier 1.3 development. [Dean Gaudet] |
| |
| *) API: New register_other_child() API (see http_main.h) which allows |
| modules to register children with the parent for maintenance. It |
| is disabled by defining NO_OTHER_CHILD. [Dean Gaudet] |
| |
| *) API: New piped_log API (see http_log.h) which implements piped logs, |
| and will use register_other_child to implement reliable piped logs |
| when it is available. The reliable piped logs part can be disabled |
| by defining NO_RELIABLE_PIPED_LOGS. At the moment reliable piped |
| logs is only available on Unix. [Dean Gaudet] |
| |
| *) API: set_last_modified() broken into set_last_modified(), set_etag(), and |
| meets_conditions(). This allows conditional HTTP selection to be |
| handled separately from the storing of the header fields, and provides |
| the ability for CGIs to set their own ETags for conditional checking. |
| [Ken Coar, Roy Fielding] PR#895 |
| |
| *) Changes to mod_log_config to allow naming of format strings. |
| Format nicknames are defined with "LogFormat fmt nickname", and can |
| be used with "LogFormat nickname" and "CustomLog logtarget nickname". |
| [Ken Coar] |
| |
| *) New module, "mod_speling", which can help find files even when |
| the URL is slightly misspelled. [Martin Kraemer, Alexei Kosut] |
| |
| *) API: New function child_terminate() triggers the child process to |
| exit, while allowing the child finish what it needs to for the |
| current request first. |
| [Doug MacEachern, Alexei Kosut] |
| |
| *) Windows now defaults to using full status reports with mod_status. |
| [Alexei Kosut] PR #1094 |
| |
| *) *Really* disable all mod_rewrite operations if the engine is off. |
| Some things (like RewriteMaps) were checked/performed even if they |
| weren't supposed to be. [Ken Coar] PR #991 |
| |
| *) Implement a new timer scheme which eliminates the need to call alarm() all |
| the time. Instead a counter in the scoreboard for each child is used to |
| show when the child has made forward progress. The parent samples this |
| counter every scoreboard maintenance cycle, and issues SIGALRM if no |
| progress has been made in the timeout period. This reduces the static |
| request best-case syscall count to 22 from 29. This scheme is only |
| used by systems with memory-based scoreboards. [Dean Gaudet] |
| |
| *) The proxy now properly handles CONNECT requests which are sent |
| to proxy servers when using ProxyRemote. [Marc Slemko] PR#1024 |
| |
| *) A script called apachectl has been added to the support |
| directory. This script allows you to do things such as |
| "apachectl start" and "apachectl restart" from the command |
| line. [Marc Slemko] |
| |
| *) Modules and core routines are now put into libraries, which |
| simplifies the link line tremendously (among other advantages). |
| [Paul Sutton] |
| |
| *) Some of the MD5 names defined in Apache have been renamed to have |
| an `ap_' prefix to avoid conflicts with routines supplied by |
| external libraries. [Ken Coar] |
| |
| *) Removal of mod_auth_msql.c from the distribution. There are many |
| other options for databases today. Rather than offer one option, |
| offer none at this time. mod_auth_msql and other SQL database |
| authentication modules can be found at the Apache Module Registry. |
| http://modules.apache.org/ It would be nice to offer a generic |
| mod_auth_sql option in the near future. |
| |
| *) PORT: BeOS support added [Alexei Kosut] |
| |
| *) Configure no longer accepts the -make option, since it creates |
| Makefile on the fly based on Makefile.tmpl and Configuration. |
| |
| *) Apache now gracefully shuts down when it receives a SIGTERM, instead |
| of forcibly killing off all its processes and exiting without |
| cleaning up. [Alexei Kosut] |
| |
| *) API: A new field in the request_rec, r->mtime, has been added to |
| avoid gratuitous parsing of date strings. It is intended to hold |
| the last-modified date of the resource (if applicable). An |
| update_mtime() routine has also been added to advance it if |
| appropriate. [Roy Fielding, Ken Coar] |
| |
| *) SECURITY: If a htaccess file can not be read due to bad permissions, |
| deny access to the directory with a HTTP_FORBIDDEN. The previous |
| behavior was to ignore the htaccess file if it could not be read. |
| This change may make some setups with unreadable htaccess files |
| stop working. [Marc Slemko] PR#817 |
| |
| *) Add aplog_error() providing a mechanism to define levels of |
| verbosity to the server error logging. This addition also provides |
| the ability to log errors using syslogd. Error logging is configurable |
| on a per-server basis using the LogLevel directive. Conversion |
| of log_*() in progress. [Randy Terbush] |
| |
| *) Further enhance aplog_error() to not log filename, line number, and |
| errno information when it isn't applicable. [Ken Coar, Dean Gaudet] |
| |
| *) WIN32: Canonicalise filenames under Win32. Short filenames are |
| converted to long ones. Backslashes are converted to forward |
| slashes. Case is converted to lower. Parts of URLs that do not |
| correspond to files are left completely alone. [Ben Laurie] |
| |
| *) PORT: 2 new OSs added to the list of ports: |
| Encore's UMAX V: Arieh Markel <amarkel encore.com> |
| Acorn RISCiX: Stephen Borrill <sborrill xemplar.co.uk> |
| |
| *) Add the server version (SERVER_VERSION macro) to the "server |
| configured and running" entry in the error_log. Also build an |
| object file at link-time that contains the current time |
| (SERVER_BUILT global const char[]), and include that in the |
| message. [Ken Coar] |
| |
| *) Set r->headers_out when sending responses from the proxy. |
| This fixes things such as the logging of headers sent from |
| the proxy. [Marc Slemko] PR#659 |
| |
| *) support/httpd_monitor is no longer distributed because the |
| scoreboard should not be file based if at all possible. Use |
| mod_status to see current server snapshot. |
| |
| *) (set_file_slot): New function, allowing auth directives to be |
| independent of the server root, so the server documents can be |
| moved to a different directory or machine more easily. |
| [David J. MacKenzie] |
| |
| *) If no TransferLog is given explicitly, decline |
| to log. This supports coexistence with other logging modules, |
| such as the custom one that UUNET uses. [David J. MacKenzie] |
| |
| *) Check for titles in server-parsed HTML files. |
| Ignore leading newlines and returns in titles. The old behavior |
| of replacing a newline after <title> with a space causes the |
| title to be misaligned in the listing. [David J. MacKenzie] |
| |
| *) Change mod_cern_meta to be configurable on a per-directory basis. |
| [David J. MacKenzie] |
| |
| *) Add 'Include' directive to allow inclusion of configuration |
| files within configuration files. [Randy Terbush] |
| |
| *) Proxy errors on connect() are logged to the error_log (nothing |
| new); now they include the IP address and port that failed |
| (*that's* new). [Ken Coar, Marc Slemko] PR#352 |
| |
| *) Various architectures now define USE_MMAP_FILES which causes |
| the server to use mmap() for static files. There are two |
| compile-time tunables MMAP_THRESHOLD (minimum number of bytes |
| required to use mmap(), default is 0), and MMAP_SEGMENT_SIZE (maximum |
| number of bytes written in one cycle from a single mmap()d object, |
| default 32768). [Dean Gaudet] |
| |
| *) API: Added post_read_request API phase which is run right after reading |
| the request from a client, or right after an internal redirect. It is |
| useful for modules setting environment variables that depend only on |
| the headers/contents of the request. It does not run during subrequests |
| because subrequests inherit pretty much everything from the main |
| request. [Dean Gaudet] |
| |
| *) Added mod_unique_id which is used to generate a unique identifier for |
| each hit, available in the environment variable UNIQUE_ID. |
| [Dean Gaudet] |
| |
| *) init_modules is now called after the error logs have been opened. This |
| allows modules to emit information messages into the error logs. |
| [Dean Gaudet] |
| |
| *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging |
| information for case where proxy module is not available. [Marc Slemko] |
| |
| *) PORT: Apache has need for mutexes to serialize its children around |
| accept. In prior versions either fcntl file locking or flock file |
| locking were used. The method is chosen by the definition of |
| USE_xxx_SERIALIZED_ACCEPT in conf.h. xxx is FCNTL for fcntl(), |
| and FLOCK for flock(). New options have been added: |
| - SYSVSEM to use System V style semaphores |
| - PTHREAD to use POSIX threads (appears to work on Solaris only) |
| - USLOCK to use IRIX uslock |
| Based on timing various techniques, the following changes were made |
| to the defaults: |
| - Linux 2.x uses flock instead of fcntl |
| - Solaris 2.x uses pthreads |
| - IRIX uses SysV semaphores -- however multiprocessor IRIX boxes |
| work far faster if you -DUSE_USLOCK_SERIALIZED_ACCEPT |
| [Dean Gaudet, Pierre-Yves Kerembellec <Pierre-Yves.Kerembellec vtcom.fr>, |
| Martijn Koster <m.koster pobox.com>] |
| |
| *) PORT: The semantics of accept/select make it very desirable to use |
| mutexes to serialize accept when multiple Listens are in use. But |
| in the case where only a single socket is open it is sometimes |
| redundant to serialize accept(). Not all unixes do a good job with |
| potentially dozens of children blocked on accept() on the same |
| socket. It's now possible to define SINGLE_LISTEN_UNSERIALIZED_ACCEPT and |
| the server will avoid serialization when listening on only one socket, |
| and use serialization when listening on multiple sockets. |
| [Dean Gaudet] PR#467 |
| |
| *) Configure changes: TestLib replaced by TestCompile, which has |
| some additional capability (such as doing a sanity check of |
| the compiler and flags selected); the version of Solaris is now |
| available via the #define value of SOLARIS2; IRIX n32bit libs |
| now supported and selectable by new Configuration Rule: IRIXN32; |
| We no longer default to -O2 optimization. [Jim Jagielski] |
| |
| *) Updated Configure: Configuration now uses AddModule to specify |
| module source or binary file location, relative to src directory. |
| Modules can be dropped into modules/extra, or in their own |
| directory, and modules can come with a Makefile or Configure can |
| create one. Modules can add compiler or library information to |
| generated Makefiles. [Paul Sutton] |
| |
| *) Source core re-organisation: distributed modules are now in |
| modules/standard. All other source code is in main. OS-specific |
| code is in os/{unix,emx,win32} directories. [Paul Sutton] |
| |
| *) mod_browser has been removed, since it's replaced by mod_setenvif. |
| [Ken Coar] |
| |
| *) Fix another long-standing bug in sub_req_lookup_file where it would |
| happily skip past access checks on subdirectories looked up with |
| relative paths. (It's used by mod_dir, mod_negotiation, |
| and mod_include.) [Dean Gaudet] |
| |
| *) directory_walk optimization to reduce an O(N*M) loop to O(N+M) where |
| N is the number of <Directory> sections, and M is the number of |
| components in the filename of an object. |
| |
| To achieve this optimization the following config changes were made: |
| - Wildcards (* and ?, not the regex forms) in <Directory>s, |
| <Files>s, and <Location>s now treat a slash as a special |
| character. For example "/home/*/public_html" previously would |
| match "/home/a/andrew/public_html", now it only matches things |
| like "/home/bob/public_html". This mimics /bin/sh behaviour. |
| - It's possible now to use [] wildcarding in <Directory>, <Files> |
| or <Location>. |
| - Regex <Directory>s are applied after all non-regex <Directory>s. |
| |
| [Dean Gaudet] |
| |
| *) Fix a bug introduced in 1.3a1 directory_walk regarding .htaccess files |
| and corrupted paths. [Dean Gaudet] |
| |
| *) Enhanced and cleaned up the URL rewriting engine of mod_rewrite: |
| First the grouped parts of RewriteRule pattern matches (parenthesis!) can |
| be accessed now via backreferences $1..$9 in RewriteConds test-against |
| strings in addition to RewriteRules subst string. Second the grouped |
| parts of RewriteCond pattern matches (parenthesis!) can be accessed now |
| via backreferences %1..%9 both in following RewriteCond test-against |
| strings and RewriteRules subst string. This provides maximum flexibility |
| through the use of backreferences. |
| Additionally the rewriting engine was cleaned up by putting common |
| code to the new expand_backrefs_inbuffer() function. |
| [Ralf S. Engelschall] |
| |
| *) When merging the main server's <Directory> and <Location> sections into |
| a vhost, put the main server's first and the vhost's second. Otherwise |
| the vhost can't override the main server. [Dean Gaudet] PR#717 |
| |
| *) The <Directory> code would merge and re-merge the same section after |
| a match was found, possibly causing problems with some modules. |
| [Dean Gaudet] |
| |
| *) ip-based vhosts are stored and queried using a hashing function, which |
| has been shown to improve performance on servers with many ip-vhosts. |
| Some other changes had to be made to accommodate this: |
| - the * address for vhosts now behaves like _default_ |
| - the matching process now is: |
| - match an ip-vhost directly via hash (possibly matches main |
| server) |
| - if that fails, just pretend it matched the main server |
| - if so far only the main server has been matched, perform |
| name-based lookups (ServerName, ServerAlias, ServerPath) |
| *only on name-based vhosts* |
| - if they fail, look for _default_ vhosts |
| [Dean Gaudet, Dave Hankins <dhankins sugarat.net>] |
| |
| *) dbmmanage overhaul: |
| - merge dbmmanage and dbmmanage.new functionality, remove dbmmanage.new |
| - tie() to AnyDBM_File which will use one of DB_File, NDBM_File or |
| GDBM_File (-ldb, -lndbm, -lgdbm) (trying each in that order) |
| - provide better seed for rand |
| - prompt for password as per getpass(3) (turn off echo, read from |
| /dev/tty, etc.) |
| - use "newstyle" crypt based on $Config{osname} ($^O) |
| - will not add a user if already in database, use new `update' command |
| instead |
| - added `check' command to check a users' password |
| - added `import' command to convert existing password text-files or |
| dbm files exported with `view' |
| - more descriptive usage, general cleanup, 'use strict' clean, etc. |
| [Doug MacEachern] |
| |
| *) Added psocket() which is a pool form of socket(), various places within |
| the proxy weren't properly blocking alarms while registering the cleanup |
| for its sockets. bclose() now uses pclose() and pclosesocket(). There |
| was a bug where the client socket was being close()d twice due a still |
| registered cleanup. [Dean Gaudet] |
| |
| *) A few cleanups were made to reduce time(), getpid(), and signal() calls. |
| [Dean Gaudet] |
| |
| *) PORT: AIX >= 4.2 requires -lm due to libc changes. |
| [Jason Venner <jason idiom.com>] PR#667 |
| |
| *) Enable ``=""'' for RewriteCond directives to match against |
| the empty string. This is the preferred way instead of ``^$''. |
| [Ralf S. Engelschall] |
| |
| *) Fixed an infinite loop in mod_imap for references above the server root |
| [Dean Gaudet] PR#748 |
| |
| *) mod_proxy now has a ReceiveBufferSize directive, similar to |
| SendBufferSize, so that the TCP window can be set appropriately |
| for LFNs. [Phillip A. Prindeville] |
| |
| *) mod_browser has been replaced by the more general mod_setenvif |
| (courtesy of Paul Sutton). BrowserMatch* directives are still |
| available, but are now joined by SetEnvIf*, UnSetEnvIf*, and |
| UnSetEnvIfZero directives. [Ken Coar] |
| |
| *) "HostnameLookups double" forces double-reverse DNS to succeed in |
| order for remote_host to be set (for logging, or for the env var |
| REMOTE_HOST). The old define MAXIMUM_DNS has been deprecated. |
| [Dean Gaudet] |
| |
| *) mod_access overhaul: |
| - Now understands network/netmask syntax (i.e. 10.1.0.0/255.255.0.0) |
| and cidr syntax (i.e. 10.1.0.0/16). PR#762 |
| - Critical path was sped up by pre-computing a few things at config |
| time. |
| - The undocumented syntax "allow user-agents" was removed, |
| the replacement is "allow from env=foobar" combined with mod_browser. |
| - When used with hostnames it now forces a double-reverse lookup |
| no matter what the directory settings are. This double-reverse |
| doesn't affect any of the other routines that use the remote |
| hostname. In particular it's still passed to CGIs and the log |
| without the double-reverse check. Related PR#860. |
| [Dean Gaudet] |
| |
| *) When a large bwrite() occurs (larger than the internal buffer size), |
| while there is already something in the buffer, apache will combine |
| the large write and the buffer into a single writev(). (This is |
| in anticipation of using mmap() for reading files.) |
| [Dean Gaudet] |
| |
| *) In obscure cases where a partial socket write occurred while chunking, |
| Apache would omit the chunk header/footer on the next block. Cleaned |
| up other bugs/inconsistencies in error conditions in buff.c. Fixed |
| a bug where a long pause in DNS lookups could cause the last packet |
| of a response to be unduly delayed. [Roy Fielding, Dean Gaudet] |
| |
| *) API: Added child_exit function to module structure. This is called |
| once per "heavy-weight process" just before a server child exit()'s |
| e.g. when max_requests_per_child is reached, etc. |
| [Doug MacEachern, Dean Gaudet] |
| |
| *) mod_include cleanup showed that handle_else was being used to handle |
| endif. It didn't cause problems, but it was cleaned up too. |
| [Howard Fear] |
| |
| *) mod_cern_meta would attempt to find meta files for the directory itself |
| in some cases, but not in others. It now avoids it in all cases. |
| [Dean Gaudet] |
| |
| *) mod_mime_magic would core dump if there was a decompression error. |
| [Martin Kraemer <Martin.Kraemer mch.sni.de>] PR#904 |
| |
| *) PORT: some variants of DGUX require -lsocket -lnsl |
| [Alexander L Jones <alex systems-options.co.uk>] PR#732 |
| |
| *) mod_autoindex now allows sorting of FancyIndexed directory listings |
| by the various fields (name, size, et cetera), either in ascending |
| or descending order. Just click on the column header. [Ken Coar] |
| |
| *) PORT: Various tweaks to eliminate pointer-int casting warnings on 64-bit |
| CPUs like the Alpha. Apache still stores ints in pointers, but that's |
| the relatively safe direction. [Dean Gaudet] PR#344 |
| |
| *) PORT: QNX mmap() support for faster/more reliable scoreboard handling. |
| [Igor N Kovalenko <infoh mail.wplus.net>] PR#683 |
| |
| *) child_main avoids an unneeded call to select() when there is only one |
| listening socket. [Dean Gaudet] |
| |
| *) In the event that the server is starved for idle servers it will |
| spawn 1, then 2, then 4, ..., then 32 servers each second, |
| doubling each second. It'll also give a warning in the errorlog |
| since the most common reason for this is a poor StartServers |
| setting. The define MAX_SPAWN_RATE can be used to raise/lower |
| the maximum. [Dean Gaudet] |
| |
| *) Apache now provides an effectively unbuffered connection for |
| CGI scripts. This means that data will be sent to the client |
| as soon as the CGI pauses or stops output; previously, Apache would |
| buffer the output up to a fixed buffer size before sending, which |
| could result in the user viewing an empty page until the CGI finished |
| or output a complete buffer. It is no longer necessary to use an |
| "nph-" CGI to get unbuffered output. Given that most CGIs are written |
| in a language that by default does buffering (e.g. perl) this |
| shouldn't have a detrimental effect on performance. |
| |
| "nph-" CGIs, which formerly provided a direct socket to the client |
| without any server post-processing, were not fully compatible with |
| HTTP/1.1 or SSL support. As such they would have had to implement |
| the transport details, such as encryption or chunking, in order |
| to work properly in certain situations. Now, the only difference |
| between nph and non-nph scripts is "non-parsed headers". |
| [Dean Gaudet, Sameer Parekh, Roy Fielding] |
| |
| *) If a BUFF is switched from buffered to unbuffered reading the first |
| bread() will return whatever remained in the buffer prior to the |
| switch. [Dean Gaudet] |
| |
| Changes with Apache 1.3a1 |
| |
| *) Added another Configure helper script: TestLib. It determines |
| if a specified library exists. [Jim Jagielski] |
| |
| *) PORT: Allow for use of n32bit libraries under IRIX 6.x |
| [derived from patch from Jeff Hayes <jhayes aw.sgi.com>] |
| PR#721 |
| |
| *) PORT: Some architectures use size_t for various lengths in network |
| functions such as accept(), and getsockname(). The definition |
| NET_SIZE_T is used to control this. [Dean Gaudet] |
| |
| *) PORT: Linux: Attempt to detect glibc based systems and include crypt.h |
| and -lcrypt. Test for various db libraries (dbm, ndbm, db) when |
| mod_auth_dbm or mod_auth_db are included. [Dean Gaudet] |
| |
| *) PORT: QNX doesn't have initgroups() which support/suexec.c uses. |
| [Igor N Kovalenko <infoh mail.wplus.net>] |
| |
| *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to |
| begin with. "nokeepalive" now works for HTTP/1.1 clients. Added |
| "downgrade-1.0" which causes Apache to pretend it received a 1.0. |
| [Dean Gaudet] related PR#875 |
| |
| *) API: Correct child_init() slot declaration from int to void, to |
| match the init() declaration. Update mod_example to use the new |
| hook. [Ken Coar] |
| |
| *) added transport handle slot (t_handle) to the BUFF structure |
| [Doug MacEachern] |
| |
| *) get_client_block() returns wrong length if policy is |
| REQUEST_CHUNKED_DECHUNK. |
| [Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#815 |
| |
| *) Support the image map format of FrontPage. For example: |
| rect /url.hrm 10 20 30 40 |
| ["Chris O'Byrne" <obyrne iol.ie>] PR#807 |
| |
| *) PORT: -lresolv and -lsocks were in the wrong order for Solaris. |
| ["Darren O'Shaughnessy" <darren aaii.oz.au>] PR#846 |
| |
| *) AddModuleInfo directive for mod_info which allows you to annotate |
| the output of mod_info. ["Lou D. Langholtz" <ldl usi.utah.edu>] |
| |
| *) Added NoProxy directive to avoid using ProxyRemote for selected |
| addresses. Added ProxyDomain directive to cause unqualified |
| names to be qualified by redirection. |
| [Martin Kraemer <Martin.Kraemer mch.sni.de>] |
| |
| *) Support Proxy Authentication, and don't pass the Proxy-Authorize |
| header to the remote host in the proxy. [Sameer Parekh and |
| Wallace] |
| |
| *) Upgraded mod_rewrite from 3.0.6+ to latest officially available version |
| 3.0.9. This upgrade includes: fixed deadlooping on rewriting to same |
| URLs, fixed rewritelog(), fixed forced response code handling on |
| redirects from within .htaccess files, disabled pipe locking under |
| braindead SunOS 4.1.x, allow env variables to be set even on rules with |
| no substitution, bugfixed situations where HostnameLookups is off, made |
| mod_rewrite more thread-safe for NT port and fixed problem when creating |
| an empty query string via "xxx?". |
| This update also removes the copyright of Ralf S. Engelschall, |
| i.e. now mod_rewrite no longer has a shared copyright. Instead is is |
| exclusively copyrighted by the Apache Group now. This happened because |
| the author now has gifted mod_rewrite exclusively to the Apache Group and |
| no longer maintains an external version. |
| [Ralf S. Engelschall] |
| |
| *) API: Added child_init function to module structure. This is called |
| once per "heavy-weight process" before any requests are handled. |
| See http_config.h for more details. [Dean Gaudet] |
| |
| *) Anonymous_LogEmail was logging on each subrequest. |
| [Dean Gaudet] PR#421, 868 |
| |
| *) API: Added is_initial_req() which tests if the request being |
| processed is the initial request, or a subrequest. |
| [Doug MacEachern] |
| |
| *) Extended SSI (mod_include) now handles additional relops for |
| string comparisons (<, >, <=, and >=). [Bruno Wolff III] PR#41 |
| |
| *) Configure fixed to correctly propagate user-selected options and |
| settings (such as CC and OPTIM) to Makefiles other than |
| src/Makefile (notably support/Makefile). [Ken Coar] PR#666, #834 |
| |
| *) IndexOptions SuppressHTMLPreamble now causes the actual HTML of |
| directory indices to start with the contents of the HeaderName file |
| if there is one. If there isn't one, the behaviour is unchanged. |
| [Ken Coar, Roy Fielding, Andrey A. Chernov] |
| |
| *) WIN32: Modules can now be dynamically loaded DLLs using the |
| LoadModule/LoadFile directives. Note that module DLLs must be |
| compiled with the multithreaded DLL version of the runtime library. |
| [Alexei Kosut and Ben Laurie] |
| |
| *) Automatic indexing removed from mod_dir and placed into mod_autoindex. |
| This allows the admin to completely remove automatic indexing |
| from the server, while still supporting the basic functions of |
| trailing-slash redirects and DirectoryIndex files. Note that if |
| you're carrying over an old Configuration file and you use directory |
| indexing then you'll want to add: |
| |
| Module autoindex_module mod_autoindex.o |
| |
| before mod_dir in your Configuration. [Dean Gaudet] |
| |
| *) popendir/pclosedir created to properly protect directory scanning. |
| [Dean Gaudet] PR#525 |
| |
| *) AliasMatch, ScriptAliasMatch and RedirectMatch directives added, |
| giving regex support to mod_alias. <DirectoryMatch>, <LocationMatch> |
| and <FilesMatch> sections added to succeed <DirectoryMatch ~>, etc... |
| [Alexei Kosut] |
| |
| *) The AccessFileName directive can now take more than one filename. |
| ["Lou D. Langholtz" <ldl usi.utah.edu>] |
| |
| *) The new mod_mime_magic can be used to "magically" determine the type |
| of a file if the extension is unknown. Based on the unix file(1) |
| command. [Ian Kluft <ikluft cisco.com>] |
| |
| *) We now determine and display the time spent processing a |
| request if desired. [Jim Jagielski] |
| |
| *) mod_status: PID field of "dead" child slots no longer displays |
| main httpd process's PID. [Jim Jagielski] |
| |
| *) Makefile.nt added - to build all the bits from the command line: |
| nmake -f Makefile.nt |
| Doesn't yet work properly. [Ben Laurie] |
| |
| *) Default text of 404 error is now "Not Found" rather than the |
| potentially misleading "File Not Found". [Ken Coar] |
| |
| *) CONFIG: "HostnameLookups" now defaults to off because it is far better |
| for the net if we require people that actually need this data to |
| enable it. [Linus Torvalds] |
| |
| *) directory_walk() is an expensive function, keep a little more state to |
| avoid needless string counting. Add two new functions make_dirstr_parent |
| and make_dirstr_prefix which replace all existing uses of make_dirstr. |
| The new functions are a little less general than make_dirstr, but |
| work more efficiently (less memory, less string counting). |
| [Dean Gaudet] |
| |
| *) EXTRA_LFLAGS was changed to EXTRA_LDFLAGS (and LFLAGS was changed |
| to LDFLAGS) to avoid complications with lex rules in make files. |
| [Dean Gaudet] PR#372 |
| |
| *) run_method optimized to avoid needless scanning over NULLs in the |
| module list. [Dean Gaudet] |
| |
| *) Revamp of (unix) scoreboard management code such that it avoids |
| unnecessary traversals of the scoreboard on each hit. This is |
| particularly important for high volume sites with a large |
| HARD_SERVER_LIMIT. Some of the previous operations were O(n^2), |
| and are now O(n). See also SCOREBOARD_MAINTENANCE_INTERVAL in |
| httpd.h. [Dean Gaudet] |
| |
| *) In configurations using multiple Listen statements it was possible for |
| busy sockets to starve other sockets of service. [Dean Gaudet] |
| |
| *) Added hook so standalone_main can be replaced at compile time |
| (define STANDALONE_MAIN) |
| [Doug MacEachern] |
| |
| *) Lowest-level read/write functions in buff.c will be replaced with |
| the SFIO library calls sfread/sfwrite if B_SFIO is defined at |
| compile time. The default sfio discipline will behave as apache |
| would without sfio compiled in. |
| [Doug MacEachern] |
| |
| *) Enhance UserDir directive (mod_userdir) to accept a list of |
| usernames for the 'disable' keyword, and add 'enable user...' to |
| selectively *en*able userdirs if they're globally disabled. |
| [Ken Coar] |
| |
| *) If NETSCAPE_DBM_COMPAT is defined in EXTRA_CFLAGS then Apache |
| will work with Netscape dbm files. (dbmmanage will probably not |
| work however.) [Alexander Spohr <aspohr netmatic.com>] PR#444 |
| |
| *) Add a ListenBacklog directive to control the backlog parameter |
| passed to listen(). Also change the default to 511 from 512. |
| [Marc Slemko] |
| |
| *) API: A new handler response DONE which informs apache that the |
| request has been handled and it can finish off quickly, similar to |
| how it handles errors. [Rob Hartill] |
| |
| *) Turn off chunked encoding after sending terminating chunk/footer |
| so that we can't do it twice by accident. [Roy Fielding] |
| |
| *) mod_expire also issues Cache-Control: max-age headers. |
| [Rob Hartill] |
| |
| *) API: Added kill_only_once option for free_proc_chain so that it won't |
| aggressively try to kill off specific children. For fastcgi. |
| [Stanley Gambarin <gambarin OpenMarket.com>] |
| |
| *) mod_auth deals with extra ':' delimited fields. [Marc Slemko] |
| |
| *) Added IconHeight and IconWidth to mod_dir's IndexOptions directive. |
| When used together, these cause mod_dir to emit HEIGHT and WIDTH |
| attributes in the FancyIndexing IMG tags. [Ken Coar] |
| |
| *) PORT: Sequent and SONY NEWS-OS support added. [Jim Jagielski] |
| |
| *) PORT: Added Windows NT support |
| [Ben Laurie and Ambarish Malpani <ambarish valicert.com>] |
| |
| Changes with Apache 1.2.6 |
| |
| *) mod_include when using XBitHack Full would send ETags in addition to |
| sending Last-Modifieds. This is incorrect HTTP/1.1 behaviour. |
| [Dean Gaudet] PR#1133 |
| |
| *) SECURITY: When a client connects to a particular port/addr, and |
| gives a Host: header ensure that the virtual host requested can |
| actually be reached via that port/addr. [Ed Korthof <ed organic.com>] |
| |
| *) Support virtual hosts with wildcard port and/or multiple ports |
| properly. [Ed Korthof <ed organic.com>] |
| |
| *) Fixed some case-sensitivity issues according to RFC2068. |
| [Dean Gaudet] |
| |
| *) Set r->allowed properly in mod_asis.c, mod_dir.c, mod_info.c, |
| and mod_include.c. [Dean Gaudet] |
| |
| *) Variable 'cwd' was being used pointlessly before being set. |
| [Ken Coar] PR#1738 |
| |
| *) SIGURG doesn't exist on all platforms. |
| [Mark Andrew Heinrich <heinrich tinderbox.Stanford.EDU>] |
| |
| *) When an error occurs during a POST, or other operation with a |
| request body, the body has to be read from the net before allowing |
| a keepalive session to continue. [Roy Fielding] PR#1399 |
| |
| *) When an error occurs in fcntl() locking suggest the user look up |
| the docs for LockFile. [Dean Gaudet] |
| |
| *) table_set() and table_unset() did not deal correctly with |
| multiple occurrences of the same key. [Stephen Scheck |
| <sscheck infonex.net>, Ben Laurie] PR#1604 |
| |
| *) send_fd_length() did not calculate total_bytes_sent properly in error |
| cases. [Ben Reser <breser regnow.com>] PR#1366 |
| |
| *) r->connection->user was allocated in the wrong pool causing corruption |
| in some cases when used with mod_cern_meta. [Dean Gaudet] PR#1500 |
| |
| *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake. |
| Also removed the auto-generated link to www.apache.org that was the |
| source of so many misdirected bug reports. [Roy Fielding, Marc Slemko] |
| |
| *) Multiple "close" tokens may have been set in the "Connection" |
| header, not an error, but a waste. |
| [<Ronald.Tschalaer psi.ch>] PR#1683 |
| |
| *) "basic" and "digest" auth tokens should be tested case-insensitive. |
| [<Ronald.Tschalaer psi.ch>] PR#1599, PR#1666 |
| |
| *) It appears the "257th byte" bug (see |
| htdocs/manual/misc/known_client_problems.html#257th-byte) can happen |
| at the 256th byte as well. Fixed. [Dean Gaudet] |
| |
| *) mod_rewrite would not handle %3f properly in some situations. |
| [Ralf Engelschall] |
| |
| *) Apache could generate improperly chunked HTTP/1.1 responses when |
| the bputc() or rputc() functions were used by modules (such as |
| mod_include). [Dean Gaudet] |
| |
| *) #ifdef wrap a few #defines in httpd.h to make life easier on |
| some ports. [Ralf Engelschall] |
| |
| *) Fix MPE compilation error in mod_usertrack.c. [Mark Bixby] |
| |
| *) Quote CC='$(CC)' to improve recurse make calls. [Martin Kraemer] |
| |
| *) Avoid B_ERROR redeclaration on sysvr4 systems. [Martin Kraemer] |
| |
| Changes with Apache 1.2.5 |
| |
| *) SECURITY: Fix a possible buffer overflow in logresolve. This is |
| only an issue on systems without a MAXDNAME define or where |
| the resolver returns domain names longer than MAXDNAME. [Marc Slemko] |
| |
| *) Fix an improper length in an ap_snprintf call in proxy_date_canon(). |
| [Marc Slemko] |
| |
| *) Fix core dump in the ftp proxy when reading incorrectly formatted |
| directory listings. [Marc Slemko] |
| |
| *) SECURITY: Fix possible minor buffer overflow in the proxy cache. |
| [Marc Slemko] |
| |
| *) SECURITY: Eliminate possible buffer overflow in cfg_getline, which |
| is used to read various types of files such as htaccess and |
| htpasswd files. [Marc Slemko] |
| |
| *) SECURITY: Ensure that the buffer returned by ht_time is always |
| properly null terminated. [Marc Slemko] |
| |
| *) SECURITY: General mod_include cleanup, including fixing several |
| possible buffer overflows and a possible infinite loop. This cleanup |
| was done against 1.3 code and then backported to 1.2, the result |
| is a large difference (due to indentation cleanup in 1.3 code). |
| Users interested in seeing a smaller set of relevant differences |
| should consider comparing against src/modules/standard/mod_include.c |
| from the 1.3b3 release. Non-indentation changes to mod_include |
| between 1.2 and 1.3 were minimal. [Dean Gaudet, Marc Slemko] |
| |
| *) SECURITY: Numerous changes to mod_imap in a general cleanup |
| including fixing a possible buffer overflow. This cleanup also |
| was done with 1.3 code as a basis, see the the previous note |
| about mod_include. [Dean Gaudet] |
| |
| *) SECURITY: If a htaccess file can not be read due to bad |
| permissions, deny access to the directory with a HTTP_FORBIDDEN. |
| The previous behavior was to ignore the htaccess file if it could not |
| be read. This change may make some setups with unreadable |
| htaccess files stop working. [Marc Slemko] PR#817 |
| |
| *) SECURITY: no2slash() was O(n^2) in the length of the input. |
| Make it O(n). This inefficiency could be used to mount a denial |
| of service attack against the Apache server. Thanks to |
| Michal Zalewski <lcamtuf boss.staszic.waw.pl> for reporting |
| this. [Dean Gaudet] |
| |
| *) mod_include used uninitialized data for some uses of && and ||. |
| [Brian Slesinsky <bslesins wired.com>] PR#1139 |
| |
| *) mod_imap should decline all non-GET methods. |
| [Jay Bloodworth <jay pathways.sde.state.sc.us>] |
| |
| *) suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour] |
| |
| *) mod_userdir was modifying r->finfo in cases where it wasn't setting |
| r->filename. Since those two are meant to be in sync with each other |
| this is a bug. ["Paul B. Henson" <henson intranet.csupomona.edu>] |
| |
| *) mod_include did not properly handle all possible redirects from sub- |
| requests. [Ken Coar] |
| |
| *) Inetd mode (which is buggy) uses timeouts without having setup the |
| jmpbuffer. [Dean Gaudet] PR#1064 |
| |
| *) Work around problem under Linux where a child will start looping |
| reporting a select error over and over. |
| [Rick Franchuk <rickf transpect.net>] PR#1107 |
| |
| Changes with Apache 1.2.4 |
| |
| *) The ProxyRemote change in 1.2.3 introduced a bug resulting in the proxy |
| always making requests with the full-URI instead of just the URI path. |
| [Marc Slemko, Roy Fielding] |
| |
| *) Add -lm for AIX versions >= 4.2 to allow Apache to link properly |
| on this platform. [Marc Slemko] |
| |
| Changes with Apache 1.2.3 |
| |
| *) The request to a remote proxy was mangled if it was generated as the |
| result of a ProxyPass directive. URL schemes other than http:// were not |
| supported when ProxyRemote was used. [Lars Eilebrecht] PR#260, PR#656, |
| PR#699, PR#713, PR#812 |
| |
| *) Fixed proxy-pass-through feature of mod_rewrite; Added error logging |
| information for case where proxy module is not available. [Marc Slemko] |
| |
| *) Force proxy to always respond as HTTP/1.0, which it was failing to |
| do for errors and cached responses. [Roy Fielding] |
| |
| *) PORT: Improved support for ConvexOS 11. [Jeff Venters] |
| |
| Changes with Apache 1.2.2 [not released] |
| |
| *) Fixed another long-standing bug in sub_req_lookup_file where it would |
| happily skip past access checks on subdirectories looked up with relative |
| paths. (It's used by mod_dir, mod_negotiation, and mod_include.) |
| [Dean Gaudet] |
| |
| *) Add lockfile name to error message printed out when |
| USE_FLOCK_SERIALIZED_ACCEPT is defined. |
| [Marc Slemko] |
| |
| *) Enhanced the chunking and error handling inside the buffer functions. |
| [Dean Gaudet, Roy Fielding] |
| |
| *) When merging the main server's <Directory> and <Location> sections into |
| a vhost, put the main server's first and the vhost's second. Otherwise |
| the vhost can't override the main server. [Dean Gaudet] PR#717 |
| |
| *) The <Directory> code would merge and re-merge the same section after |
| a match was found, possibly causing problems with some modules. |
| [Dean Gaudet] |
| |
| *) Fixed an infinite loop in mod_imap for references above the server root. |
| [Dean Gaudet] PR#748 |
| |
| *) mod_include cleanup showed that handle_else was being used to handle |
| endif. It didn't cause problems, but it was cleaned up too. |
| [Howard Fear] |
| |
| *) Last official synchronization of mod_rewrite with author version (because |
| mod_rewrite is now directly developed by the author at the Apache Group): |
| o added diff between mod_rewrite 3.0.6+ and 3.0.9 |
| minus WIN32/NT stuff, but plus copyright removement. |
| In detail: |
| - workaround for detecting infinite rewriting loops |
| - fixed setting of env vars when "-" is used as subst string |
| - fixed forced response code on redirects (PR#777) |
| - fixed cases where r->args is "" |
| - kludge to disable locking on pipes under braindead SunOS |
| - fix for rewritelog in cases where remote hostname is unknown |
| - fixed totally damaged request_rec walk-back loop |
| o remove static from local data and add static to global ones. |
| o replaced ugly proxy finding stuff by simple |
| find_linked_module("mod_proxy") call. |
| o added missing negation char on rewritelog() |
| o fixed a few comment typos |
| [Ralf S. Engelschall] |
| |
| *) Anonymous_LogEmail was logging on each subrequest. |
| [Dean Gaudet] PR#421, PR#868 |
| |
| *) "force-response-1.0" now only applies to requests which are HTTP/1.0 to |
| begin with. "nokeepalive" now works for HTTP/1.1 clients. Added |
| "downgrade-1.0" which causes Apache to pretend it received a 1.0. |
| Additionally mod_browser now triggers during translate_name to workaround |
| a deficiency in the header_parse phase. |
| [Dean Gaudet] PR#875 |
| |
| *) get_client_block() returns wrong length if policy is |
| REQUEST_CHUNKED_DECHUNK. |
| [Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#815 |
| |
| *) Properly treat <files> container like other containers in mod_info. |
| [Marc Slemko] PR#848 |
| |
| *) The proxy didn't treat the "Host:" keyword of the host header as case- |
| insensitive. The proxy would corrupt the first line of a response from |
| an HTTP/0.9 server. [Kenichi Hori <ken d2.bs1.fc.nec.co.jp>] PR#813,814 |
| |
| *) mod_include would log some bogus values occasionally. |
| [Skip Montanaro <skip calendar.com>, Marc Slemko] PR#797 |
| |
| *) PORT: The slack fd changes in 1.2.1 introduced a problem with SIGHUP |
| under Solaris 2.x (up through 2.5.1). It has been fixed. |
| [Dean Gaudet] PR#832 |
| |
| *) API: In HTTP/1.1, whether or not a request message contains a body |
| is independent of the request method and based solely on the presence |
| of a Content-Length or Transfer-Encoding. Therefore, our default |
| handlers need to be prepared to read a body even if they don't know |
| what to do with it; otherwise, the body would be mistaken for the |
| next request on a persistent connection. discard_request_body() |
| has been added to take care of that. [Roy Fielding] PR#378 |
| |
| *) API: Symbol APACHE_RELEASE provides a numeric form of the Apache |
| release version number, such that it always increases along the |
| same lines as our source code branching. [Roy Fielding] |
| |
| *) Minor oversight on multiple variants fixed. [Paul Sutton] PR#94 |
| |
| Changes with Apache 1.2.1 |
| |
| *) SECURITY: Don't serve file system objects unless they are plain files, |
| symlinks, or directories. This prevents local users from using pipes |
| or named sockets to invoke programs for an extremely crude form of |
| CGI. [Dean Gaudet] |
| |
| *) SECURITY: HeaderName and ReadmeName were settable in .htaccess and |
| could contain "../" allowing a local user to "publish" any file on |
| the system. No slashes are allowed now. [Dean Gaudet] |
| |
| *) SECURITY: It was possible to violate the symlink Options using mod_dir |
| (headers, readmes, titles), mod_negotiation (type maps), or |
| mod_cern_meta (meta files). [Dean Gaudet] |
| |
| *) SECURITY: Apache will refuse to run as "User root" unless |
| BIG_SECURITY_HOLE is defined at compile time. [Dean Gaudet] |
| |
| *) CONFIG: If a symlink pointed to a directory then it would be disallowed |
| if it contained a .htaccess disallowing symlinks. This is contrary |
| to the rule that symlink permissions are tested with the symlink |
| options of the parent directory. [Dean Gaudet] PR#353 |
| |
| *) CONFIG: The LockFile directive can be used to place the serializing |
| lockfile in any location. It previously defaulted to /usr/tmp/htlock. |
| [Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet, |
| Marc Slemko] |
| |
| *) Request processing now retains state of whether or not the request |
| body has been read, so that internal redirects and subrequests will |
| not try to read it twice (and block). [Roy Fielding] |
| |
| *) Add a placeholder in modules/Makefile to avoid errors with certain |
| makes. [Marc Slemko] |
| |
| *) QUERY_STRING was unescaped in mod_include, it shouldn't be. |
| [Dean Gaudet] PR#644 |
| |
| *) mod_include was not properly changing the current directory. |
| [Marc Slemko] PR#742 |
| |
| *) Attempt to work around problems with third party libraries that do not |
| handle high numbered descriptors (examples include bind, and |
| solaris libc). On all systems apache attempts to keep all permanent |
| descriptors above 15 (called the low slack line). Solaris users |
| can also benefit from adding -DHIGH_SLACK_LINE=256 to EXTRA_CFLAGS |
| which keeps all non-FILE * descriptors above 255. On all systems |
| this should make supporting large numbers of vhosts with many open |
| log files more feasible. If this causes trouble please report it, |
| you can disable this workaround by adding -DNO_SLACK to EXTRA_CFLAGS. |
| [Dean Gaudet] various PRs |
| |
| *) Related to the last entry, network sockets are now opened before |
| log files are opened. The only known case where this can cause |
| problems is under Solaris with many virtualhosts and many Listen |
| directives. But using -DHIGH_SLACK_LINE=256 described above will |
| work around this problem. [Dean Gaudet] |
| |
| *) USE_FLOCK_SERIALIZED_ACCEPT is now default for FreeBSD, A/UX, and |
| SunOS 4. |
| |
| *) Improved unix error response logging. [Marc Slemko] |
| |
| *) Update mod_rewrite from 3.0.5 to 3.0.6. New ruleflag |
| QSA=query_string_append. Also fixed a nasty bug in per-dir context: |
| when a URL http://... was used in conjunction with a special |
| redirect flag, e.g. R=permanent, the permanent status was lost. |
| [Ronald Tschalaer <Ronald.Tschalaer psi.ch>, Ralf S. Engelschall] |
| |
| *) If an object has multiple variants that are otherwise equal Apache |
| would prefer the last listed variant rather than the first. |
| [Paul Sutton] PR#94 |
| |
| *) "make clean" at the top level now removes *.o. [Dean Gaudet] PR#752 |
| |
| *) mod_status dumps core in inetd mode. [Marc Slemko and Roy Fielding] |
| PR#566 |
| |
| *) pregsub had an off-by-1 in its error checking code. [Alexei Kosut] |
| |
| *) PORT: fix rlim_t problems with AIX 4.2. [Marc Slemko] PR#333 |
| |
| *) PORT: Update UnixWare support for 2.1.2. |
| [Lawrence Rosenman <ler lerctr.org>] PR#511 |
| |
| *) PORT: NonStop-UX [Joachim Schmitz <schmitz_joachim tandem.com>] PR#327 |
| |
| *) PORT: Update ConvexOS support for 11.5. |
| [David DeSimone <fox convex.com>] PR#399 |
| |
| *) PORT: Support for DEC cc compiler under ULTRIX. |
| ["P. Alejandro Lopez-Valencia" <alejolo ideam.gov.co>] PR#388 |
| |
| *) PORT: Support for Maxion/OS SVR4.2 Real Time Unix. [no name given] PR#383 |
| |
| *) PORT: Workaround for AIX 3.x compiler bug in http_bprintf.c. |
| [Marc Slemko] PR#725 |
| |
| *) PORT: fix problem compiling http_bprintf.c with gcc under SCO |
| [Marc Slemko] PR#695 |
| |
| Changes with Apache 1.2 |
| |
| Changes with Apache 1.2b11 |
| |
| *) Fixed open timestamp fd in proxy_cache.c [Chuck Murcko] |
| |
| *) Added undocumented perl SSI mechanism for -DUSE_PERL_SSI and mod_perl. |
| [Doug MacEachern, Rob Hartill] |
| |
| *) Proxy needs to use hard_timeout instead of soft_timeout when it is |
| reading from one buffer and writing to another, at least until it has |
| a custom timeout handler. [Roy Fielding and Petr Lampa] |
| |
| *) Fixed problem on IRIX with servers hanging in IdentityCheck, |
| apparently due to a mismatch between sigaction and setjmp. |
| [Roy Fielding] PR#502 |
| |
| *) Log correct status code if we timeout before receiving a request (408) |
| or if we received a request-line that was too long to process (414). |
| [Ed Korthof and Roy Fielding] PR#601 |
| |
| *) Virtual hosts with the same ServerName, but on different ports, were |
| not being selected properly. [Ed Korthof] |
| |
| *) Added code to return the requested IP address from proxy_host2addr() |
| if gethostbyaddr() fails due to reverse DNS lookup problems. Original |
| change submitted by Jozsef Hollosi <hollosi sbcm.com>. |
| [Chuck Murcko] PR#614 |
| |
| *) If multiple requests on a single connection are used to retrieve |
| data from different virtual hosts, the virtual host list would be |
| scanned starting with the most recently used VH instead of the first, |
| causing most virtual hosts to be ignored. |
| [Paul Sutton and Martin Mares] PR#610 |
| |
| *) The OS/2 handling of process group was broken by a porting patch for |
| MPE, so restored prior code for OS/2. [Roy Fielding and Garey Smiley] |
| |
| *) Inherit virtual server port from main server if none (or "*") is |
| given for VirtualHost. [Dean Gaudet] PR#576 |
| |
| *) If the lookup for a DirectoryIndex name with content negotiation |
| has found matching variants, but none are acceptable, return the |
| negotiation result if there are no more DirectoryIndex names to lookup. |
| [Petr Lampa and Roy Fielding] |
| |
| *) If a soft_timeout occurs after keepalive is set, then the main child |
| loop would try to read another request even though the connection |
| has been aborted. [Roy Fielding] |
| |
| *) Configure changes: Allow for whitespace at the start of a |
| Module declaration. Also, be more understanding about the |
| CC=/OPTIM= format in Configuration. Finally, fix compiler |
| flags if using HP-UX's cc compiler. [Jim Jagielski] |
| |
| *) Subrequests and internal redirects now inherit the_request from the |
| original request-line. [Roy Fielding] |
| |
| *) Test for error conditions before creating output header fields, since |
| we don't want the error message to include those fields. Likewise, |
| reset the content_language(s) and content_encoding of the response |
| before generating or redirecting to an error message, since the new |
| message will have its own Content-* definitions. [Dean Gaudet] |
| |
| *) Restored the semantics of headers_out (headers sent only with 200..299 |
| and 304 responses) and err_headers_out (headers sent with all responses). |
| Avoid the overhead of copying tables if err_headers_out is empty |
| (the usual case). [Roy Fielding] |
| |
| *) Fixed a couple places where a check for the default Content-Type was |
| not properly checking both the value configured by the DefaultType |
| directive and the DEFAULT_TYPE symbol in httpd.h. Changed the value |
| of DEFAULT_TYPE to match the documented default (text/plain). |
| [Dean Gaudet] PR#506 |
| |
| *) Escape the HTML-sensitive characters in the Request-URI that is |
| output for each child by mod_status. [Dean Gaudet and Ken Coar] PR#501 |
| |
| *) Properly initialize the flock structures used by the mutex locking |
| around accept() when USE_FCNTL_SERIALIZED_ACCEPT is defined. |
| [Marc Slemko] |
| |
| *) The method for determining PATH_INFO has been restored to the pre-1.2b |
| (and NCSA httpd) definition wherein it was the extra path info beyond |
| the CGI script filename. The environment variable FILEPATH_INFO has |
| been removed, and instead we supply the original REQUEST_URI to any |
| script that wants to be Apache-specific and needs the real URI path. |
| This solves a problem with existing scripts that use extra path info |
| in the ScriptAlias directive to pass options to the CGI script. |
| [Roy Fielding] |
| |
| *) The _default_ change in 1.2b10 will change the behaviour on configs |
| that use multiple Listen statements for listening on multiple ports. |
| But that change is necessary to make _default_ consistent with other |
| forms of <VirtualHost>. It requires such configs to be modified |
| to use <VirtualHost _default_:*>. The documentation has been |
| updated. [Dean Gaudet] PR#530 |
| |
| *) If an ErrorDocument CGI script is used to respond to an error |
| generated by another CGI script which has already read the message |
| body of the request, the server would block trying to read the |
| message body again. [Rob Hartill] |
| |
| *) signal() replacement conflicted with a define on QNX (and potentially |
| other platforms). Fixed. [Ben Laurie] PR#512 |
| |
| Changes with Apache 1.2b10 |
| |
| *) Allow HTTPD_ROOT, SERVER_CONFIG_FILE, DEFAULT_PATH, and SHELL_PATH |
| to be configured via -D in Configuration. [Dean Gaudet] PR#449 |
| |
| *) <VirtualHost _default_:portnum> didn't work properly. [Dean Gaudet] |
| |
| *) Added prototype for mktemp() for SUNOS4 [Marc Slemko] |
| |
| *) In mod_proxy.c, check return values for proxy_host2addr() when reading |
| config, in case the hostent struct returned is trash. |
| [Chuck Murcko] PR #491 |
| |
| *) Fixed the fix in 1.2b9 for parsing URL query info into args for CGI |
| scripts. [Dean Gaudet, Roy Fielding, Marc Slemko] |
| |
| Changes with Apache 1.2b9 [never announced] |
| |
| *) Reset the MODULE_MAGIC_NUMBER to account for the unsigned port |
| changes and in anticipation of 1.2 final release. [Roy Fielding] |
| |
| *) Fix problem with scripts not receiving a SIGPIPE when client drops |
| the connection (e.g., when user presses Stop). Apache will now stop |
| trying to send a message body immediately after an error from write. |
| [Roy Fielding and Nathan Kurz] PR#335 |
| |
| *) Rearrange Configuration.tmpl so that mod_rewrite has higher priority |
| than mod_alias, and mod_alias has higher priority than mod_proxy; |
| rearranged other modules to enhance understanding of their purpose |
| and relative order (and maybe even reduce some overhead). |
| [Roy Fielding and Sameer Parekh] |
| |
| *) Fix graceful restart. Eliminate many signal-related race |
| conditions in both forms of restart, and in SIGTERM. See |
| htdocs/manual/stopping.html for details on stopping and |
| restarting the parent. [Dean Gaudet] |
| |
| *) Fix memory leaks in mod_rewrite, mod_browser, mod_include. Tune |
| memory allocator to avoid a behaviour that required extra blocks to |
| be allocated. [Dean Gaudet] |
| |
| *) Allow suexec to access files relative to current directory but not |
| above. (Excluding leading / or any .. directory.) [Ken Coar] |
| PR#269, 319, 395 |
| |
| *) Fix suexec segfault when group doesn't exist. [Gregory Neil Shapiro] |
| PR#367, 368, 354, 453 |
| |
| *) Fix the above fix: if suexec is enabled, avoid destroying r->url |
| while obtaining the /~user and save the username in a separate data |
| area so that it won't be overwritten by the call to getgrgid(), and |
| fix some misuse of the pool string allocation functions. Also fixes |
| a general problem with parsing URL query info into args for CGI scripts. |
| [Roy Fielding] PR#339, 367, 354, 453 |
| |
| *) Fix IRIX warning about bzero undefined. [Marc Slemko] |
| |
| *) Fix problem with <Directory proxy:...>. [Martin Kraemer] PR#271 |
| |
| *) Corrected spelling of "authoritative". AuthDBAuthoratative became |
| AuthDBAuthoritative. [Marc Slemko] PR#420 |
| |
| *) MaxClients should be at least 1. [Lars Eilebrecht] PR#375 |
| |
| *) The default handler now logs invalid methods or URIs (i.e. PUT on an |
| object that can't be PUT, or FOOBAR for some method FOOBAR that |
| apache doesn't know about at all). Log 404s that occur in mod_include. |
| [Paul Sutton, John Van Essen] |
| |
| *) If a soft timeout (or lingerout) occurs while trying to flush a |
| buffer or write inside buff.c or fread'ing from a CGI's output, |
| then the timeout would be ignored. [Roy Fielding] PR#373 |
| |
| *) Work around a bug in Netscape Navigator versions 2.x, 3.x and 4.0b2's |
| parsing of headers. If the terminating empty-line CRLF occurs starting |
| at the 256th or 257th byte of output, then Navigator will think a normal |
| image is invalid. We are guessing that this is because their initial |
| read of a new request uses a 256 byte buffer. We check the bytes written |
| so far and, if we are about to tickle the bug, we instead insert a |
| padding header of eminent bogosity. [Roy Fielding and Dean Gaudet] PR#232 |
| |
| *) Fixed SIGSEGV problem when a DirectoryIndex file is also the source |
| of an external redirection. [Roy Fielding and Paul Sutton] |
| |
| *) Configure would create a broken Makefile if the configuration file |
| contained a commented-out Rule. [Roy Fielding] |
| |
| *) Promote per_dir_config and subprocess_env from the subrequest to the |
| main request in mod_negotiation. In particular this fixes a bug |
| where <Files> sections wouldn't properly apply to negotiated content. |
| [Dean Gaudet] |
| |
| *) Fix a potential deadlock in mod_cgi script_err handling. |
| [Ralf S. Engelschall] |
| |
| *) rotatelogs zero-pads the logfile names to improve alphabetic sorting. |
| [Mitchell Blank Jr] |
| |
| *) Updated mod_rewrite to 3.0.4: Fixes HTTP redirects from within |
| .htaccess files because the RewriteBase was not replaced correctly. |
| Updated mod_rewrite to 3.0.5: Fixes problem with rewriting inside |
| <Directory> sections missing a trailing /. [Ralf S. Engelschall] |
| |
| *) Clean up Linux settings in conf.h by detecting 2.x versus 1.x. For |
| 1.x the settings are those of pre-1.2b8. For 2.x we include |
| USE_SHMGET_SCOREBOARD (scoreboard in shared memory rather than file) and |
| HAVE_SYS_RESOURCE_H (enable the RLimit commands). |
| [Dean Gaudet] PR#336, PR#340 |
| |
| *) Redirect did not preserve ?query_strings when present in the client's |
| request. [Dean Gaudet] |
| |
| *) Configure was finding non-modules on EXTRA_LIBS. [Frank Cringle] PR#380 |
| |
| *) Use /bin/sh5 on ULTRIX. [P. Alejandro Lopez-Valencia] PR#369 |
| |
| *) Add UnixWare compile/install instructions. [Chuck Murcko] |
| |
| *) Add mod_example (illustration of API techniques). [Ken Coar] |
| |
| *) Add macro for memmove to conf.h for SUNOS4. [Marc Slemko] |
| |
| *) Improve handling of directories when filenames have spaces in them. |
| [Chuck Murcko] |
| |
| *) For hosts with multiple IP addresses, try all additional addresses if |
| necessary to get a connect. Fail only if hostent address list is |
| exhausted. [Chuck Murcko] |
| |
| *) More signed/unsigned port fixes. [Dean Gaudet] |
| |
| *) HARD_SERVER_LIMIT can be defined in the Configuration file now. |
| [Dean Gaudet] |
| |
| Changes with Apache 1.2b8 |
| |
| *) suexec.c doesn't close the log file, allowing CGIs to continue writing |
| to it. [Marc Slemko] |
| |
| *) The addition of <Location> and <File> directives made the |
| sub_req_lookup_simple() function bogus, so we now handle |
| the special cases directly. [Dean Gaudet] |
| |
| *) We now try to log where the server is dumping core when a fatal |
| signal is received. [Ken Coar] |
| |
| *) Improved lingering_close by adding a special timeout, removing the |
| spurious log messages, removing the nonblocking settings (they |
| are not needed with the better timeout), and adding commentary |
| about the NO_LINGCLOSE and USE_SO_LINGER issues. NO_LINGCLOSE is |
| now the default for SunOS4, UnixWare, NeXT, and IRIX. [Roy Fielding] |
| |
| *) Send error messages about setsockopt failures to the server error |
| log instead of stderr. [Roy Fielding] |
| |
| *) Fix loopholes in proxy cache expiry vis a vis alarms. [Brian Moore] |
| |
| *) Stopgap solution for CGI 3-second delay with server-side includes: if |
| processing a subrequest, allocate memory from r->main->pool instead |
| of r->pool so that we can avoid waiting for free_proc_chain to cleanup |
| in the middle of an SSI request. [Dean Gaudet] PR #122 |
| |
| *) Fixed status of response when POST is received for a nonexistent URL |
| (was sending 405, now 404) and when any method is sent with a |
| full-URI that doesn't match the server and the server is not acting |
| as a proxy (was sending 501, now 403). [Roy Fielding] |
| |
| *) Host port changed to unsigned short. [Ken Coar] PR #276 |
| |
| *) Fix typo in command definition of AuthAuthoritative. [Ken Coar] PR #246 |
| |
| *) Defined USE_SHMGET_SCOREBOARD for shared memory on Linux. [Dean Gaudet] |
| |
| *) Report extra info from errno with many errors that cause httpd to exit. |
| spawn_child, popenf, and pclosef now have valid errno returns in the |
| event of an error. Correct problems where errno was stomped on |
| before being reported. [Dean Gaudet] |
| |
| *) In the proxy, if the cache filesystem was full, garbage_coll() was |
| never called, and thus the filesystem would remain full indefinitely. |
| We now also remove incomplete cache files left if the origin server |
| didn't send a Content-Length header and either the client has aborted |
| transfer or bwrite() to client has failed. [Petr Lampa] |
| |
| *) Fixed the handling of module and script-added header fields. |
| Improved the interface for sending header fields and reduced |
| the duplication of code between sending okay responses and errors. |
| We now always send both headers_out and err_headers_out, and |
| ensure that the server-reserved fields are not being overridden, |
| while not overriding those that are not reserved. [Roy Fielding] |
| |
| *) Moved transparent content negotiation fields to err_headers_out |
| to reflect above changes. [Petr Lampa] |
| |
| *) Fixed the determination of whether or not we should make the |
| connection persistent for all of the cases where some other part |
| of the server has already indicated that we should not. Also |
| improved the ordering of the test so that chunked encoding will |
| be set whenever it is desired instead of only when KeepAlive |
| is enabled. Added persistent connection capability for most error |
| responses (those that do not indicate a bad input stream) when |
| accessed by an HTTP/1.1 client. [Roy Fielding] |
| |
| *) Added missing timeouts for sending header fields, error responses, |
| and the last chunk of chunked encoding, each of which could have |
| resulted in a process being stuck in write forever. Using soft_timeout |
| requires that the sender check for an aborted connection rather than |
| continuing after an EINTR. Timeouts that used to be initiated before |
| send_http_header (and never killed) are now initiated only within or |
| around the routines that actually do the sending, and not allowed to |
| propagate above the caller. [Roy Fielding] |
| |
| *) mod_auth_anon required an @ or a . in the email address, not both. |
| [Dirk vanGulik] |
| |
| *) per_dir_defaults weren't set correctly until directory_walk for |
| name-based vhosts. This fixes an obscure bug with the wrong config |
| info being used for vhosts that share the same ip as the server. |
| [Dean Gaudet] |
| |
| *) Improved generation of modules/Makefile to be more generic for |
| new module directories. [Ken Coar, Chuck Murcko, Roy Fielding] |
| |
| *) Generate makefile dependency for Configuration based on the actual |
| name given when running the Configure process. [Dean Gaudet] |
| |
| *) Fixed problem with vhost error log not being set prior to |
| initializing virtual hosts. [Dean Gaudet] |
| |
| *) Fixed infinite loop when a trailing slash is included after a type map |
| file URL (extra path info). [Petr Lampa] |
| |
| *) Fixed server status updating of per-connection counters. [Roy Fielding] |
| |
| *) Add documentation for DNS issues (reliability and security), and try |
| to explain the virtual host matching process. [Dean Gaudet] |
| |
| *) Try to continue gracefully by disabling the vhost if a DNS lookup |
| fails while parsing the configuration file. [Dean Gaudet] |
| |
| *) Improved calls to setsockopt. [Roy Fielding] |
| |
| *) Negotiation changes: Don't output empty content-type in variant list; |
| Output charset in variant list; Return sooner from handle_multi() if |
| no variants found; Add handling of '*' wildcard in Accept-Charset. |
| [Petr Lampa and Paul Sutton] |
| |
| *) Fixed overlaying of request/sub-request notes and headers in |
| mod_negotiation. [Dean Gaudet] |
| |
| *) If two variants' charset quality are equal and one is the default |
| charset (iso-8859-1), then prefer the variant that was specifically |
| listed in Accept-Charset instead of the default. [Petr Lampa] |
| |
| *) Memory allocation problem in push_array() -- it would corrupt memory |
| when nalloc==0. [Kai Risku <krisku tf.hut.fi> and Roy Fielding] |
| |
| *) invoke_handler() doesn't handle mime arguments in content-type |
| [Petr Lampa] PR#160 |
| |
| *) Reduced IdentityCheck timeout to 30 seconds, as per RFC 1413 minimum. |
| [Ken Coar] |
| |
| *) Fixed problem with ErrorDocument not working for virtual hosts |
| due to one of the performance changes in 1.2b7. [Dean Gaudet] |
| |
| *) Log an error message if we get a request header that is too long, |
| since it may indicate a buffer overflow attack. [Marc Slemko] |
| |
| *) Made is_url() allow "[-.+a-zA-Z0-9]+:" as a valid scheme and |
| not reject URLs without a double-slash, as per RFC2068 section 3.2. |
| [Ken Coar] PR #146, #187 |
| |
| *) Added table entry placeholder for new header_parser callback |
| in all of the distributed modules. [Ken Coar] PR #191 |
| |
| *) Allow for cgi files without the .EXE extension on them under OS/2. |
| [Garey Smiley] PR #59 |
| |
| *) Fixed error message when resource is not found and URL contains |
| path info. [Petr Lampa and Dean Gaudet] PR #40 |
| |
| *) Fixed user and server confusion over what should be a virtual host |
| and what is the main server, resulting in access to something |
| other than the name defined in the virtualhost directive (but |
| with the same IP address) failing. [Dean Gaudet] |
| |
| *) Updated mod_rewrite to version 3.0.2, which: fixes compile error on |
| AIX; improves the redirection stuff to enable the users to generally |
| redirect to http, https, gopher and ftp; added TIME variable for |
| RewriteCond which expands to YYYYMMDDHHMMSS strings and added the |
| special patterns >STRING, <STRING and =STRING to RewriteCond, which |
| can be used in conjunction with %{TIME} or other variables to create |
| time-dependent rewriting rules. [Ralf S. Engelschall] |
| |
| *) bpushfd() no longer notes cleanups for the file descriptors it is handed. |
| Module authors may need to adjust their code for proper cleanup to take |
| place (that is, call note_cleanups_for_fd()). This change fixes problems |
| with file descriptors being erroneously closed when the proxy module was |
| in use. [Ben Laurie] |
| |
| *) Fix bug in suexec reintroduced by changes in 1.2b7 which allows |
| initgroups() to hose the group information needed for later |
| comparisons. [Randy Terbush] |
| |
| *) Remove unnecessary call to va_end() in create_argv() which |
| caused a SEGV on some systems. |
| |
| *) Use proper MAXHOSTNAMELEN symbol for limiting length of server name. |
| [Dean Gaudet] |
| |
| *) Clear memory allocated for listeners. [Randy Terbush] |
| |
| *) Improved handling of IP address as a virtualhost address and |
| introduced "_default_" as a synonym for the default vhost config. |
| [Dean Gaudet] PR #212 |
| |
| Changes with Apache 1.2b7 |
| |
| *) Port to UXP/DS(V20) [Toshiaki Nomura <nom yk.fujitsu.co.jp>] |
| |
| *) unset Content-Length if chunked (RFC-2068) [Petr Lampa] |
| |
| *) mod_negotiation fixes [Petr Lampa] PR#157, PR#158, PR#159 |
| - replace protocol response numbers with symbols |
| - save variant-list into main request notes |
| - free allocated memory from subrequests |
| - merge notes, headers_out and err_headers_out |
| |
| *) changed status check mask in proxy_http.c from "HTTP/#.# ### *" to |
| "HTTP/#.# ###*" to be more lenient about what we accept. |
| [Chuck Murcko] |
| |
| *) more proxy FTP bug fixes: |
| - Changed send_dir() to remove user/passwd from displayed URL. |
| - Changed login error messages to be more descriptive. |
| - remove setting of SO_DEBUG socket option |
| - Make ftp_getrc() more lenient about multiline responses, |
| specifically, 230 responses which don't have continuation 230- |
| on each line). These seem to be all NT FTP servers, and while |
| perhaps questionable, they appear to be legal by RFC 959. |
| - Add missing kill_timeout() after transfer to user completes. |
| [Chuck Murcko] |
| |
| *) Fixed problem where a busy server could hang when restarting |
| after being sent a SIGHUP due to child processes not exiting. |
| [Marc Slemko] |
| |
| *) Modify mod_include escaping so a '\' only signifies an escaped |
| character if the next character is one that needs |
| escaping. [Ben Laurie] |
| |
| *) Eliminated possible infinite loop in mod_imap when relative URLs are |
| used with a 'base' directive that does not have a '/' in it. |
| [Marc Slemko, reported by Onno Witvliet <onno tc.hsa.nl>] |
| |
| *) Reduced the default timeout from 1200 seconds to 300, and the |
| one in the sample configfile from 400 to 300. [Marc Slemko] |
| |
| *) Stop vbprintf from crashing if given a NULL string pointer; |
| print (null) instead. [Ken Coar] |
| |
| *) Don't disable Nagle algorithm if system doesn't have TCP_NODELAY. |
| [Marc Slemko and Roy Fielding] |
| |
| *) Fixed problem with mod_cgi-generated internal redirects trying to |
| read the request message-body twice. [Archie Cobbs and Roy Fielding] |
| |
| *) Reduced timeout on lingering close, removed possibility of a blocked |
| read causing the child to hang, and stopped logging of errors if |
| the socket is not connected (reset by client). [Roy Fielding] |
| |
| *) Rearranged main child loop to remove duplication of code in |
| select/accept and keep-alive requests, fixed several bugs regarding |
| checking scoreboard_image for exit indication and failure to |
| account for all success conditions and trap all error conditions, |
| prevented multiple flushes before closing the socket; close the entire |
| socket buffer instead of just one descriptor, prevent logging of |
| EPROTO and ECONNABORTED on platforms where supported, and generally |
| improved readability. [Roy Fielding] |
| |
| *) Extensive performance improvements. Cleaned up inefficient use of |
| auto initializers, multiple is_matchexp calls on a static string, |
| and excessive merging of response_code_strings. [Dean Gaudet] |
| |
| *) Added double-buffering to mod_include to improve performance on |
| server-side includes. [Marc Slemko] |
| |
| *) Several fixes for suexec wrapper. [Randy Terbush] |
| - Make wrapper work for files on NFS filesystem. |
| - Fix portability problem of MAXPATHLEN. |
| - Fix array overrun problem in clean_env(). |
| - Fix allocation of PATH environment variable |
| |
| *) Removed extraneous blank line is description of mod_status chars. |
| [Kurt Kohler] |
| |
| *) Logging of errors from the call_exec routine simply went nowhere, |
| since the logfile fd has been closed, so now we send them to stderr. |
| [Harald T. Alvestrand] |
| |
| *) Fixed core dump when DocumentRoot is a CGI. |
| [Ben Laurie, reported by <geddis tesserae.com>] |
| |
| *) Fixed potential file descriptor leak in mod_asis; updated it and |
| http_core to use pfopen/pfclose instead of fopen/fclose. |
| [Randy Terbush and Roy Fielding] |
| |
| *) Fixed handling of unsigned ints in ap_snprintf() on some chips such |
| as the DEC Alpha which is 64-bit but uses 32-bit ints. |
| [Dean Gaudet and Ken Coar] |
| |
| *) Return a 302 response code to the client when sending a redirect |
| due to a missing trailing '/' on a directory instead of a 301; now |
| it is cacheable. [Markus Gyger] |
| |
| *) Fix condition where, if a bad directive occurs in .htaccess, and |
| sub_request() goes first to this directory, then log_reason() will |
| SIGSEGV because it doesn't have initialized r->per_dir_config. |
| [PR#162 from Petr Lampa, fix by Marc Slemko and Dean Gaudet] |
| |
| *) Fix handling of lang_index in is_variant_better(). This was |
| causing problems which resulted in the server sending the |
| wrong language document in some cases. [Petr Lampa] |
| |
| *) Remove free() from clean_env() in suexec wrapper. This was nuking |
| the clean environment on some systems. |
| |
| *) Tweak byteserving code (e.g. serving PDF files) to work around |
| bugs in Netscape Navigator and Microsoft Internet Explorer. |
| Emit Content-Length header when sending multipart/byteranges. |
| [Alexei Kosut] |
| |
| *) Port to HI-UX/WE2. [Nick Maclaren] |
| |
| *) Port to HP MPE operating system for HP 3000 machines |
| [Mark Bixby <markb cccd.edu>] |
| |
| *) Fixed bug which caused a segmentation fault if only one argument |
| given to RLimit* directives. [Ed Korthof] |
| |
| *) Continue persistent connection after 204 or 304 response. [Dean Gaudet] |
| |
| *) Improved buffered output to the client by delaying the flush decision |
| until the BUFF code is actually about to read the next request. |
| This fixes a problem introduced in 1.2b5 with clients that send |
| an extra CRLF after a POST request. Also improved chunked output |
| performance by combining writes using writev() and removing as |
| many bflush() calls as possible. NOTE: Platforms without writev() |
| must add -DNO_WRITEV to the compiler CFLAGS, either in Configuration |
| or Configure, unless we have already done so. [Dean Gaudet] |
| |
| *) Fixed mod_rewrite bug which truncated the rewritten URL [Marc Slemko] |
| |
| *) Fixed mod_info output corruption bug introduced by buffer overflow |
| fixes. [Dean Gaudet] |
| |
| *) Fixed http_protocol to correctly output all HTTP/1.1 headers, including |
| for the special case of a 304 response. [Paul Sutton] |
| |
| *) Improved handling of TRACE method by bypassing normal method handling |
| and header parsing routines; fixed Allow response to always allow TRACE. |
| [Dean Gaudet] |
| |
| *) Fixed compiler warnings in the regex library. [Dean Gaudet] |
| |
| *) Cleaned-up some of the generated HTML. [Ken Coar] |
| |
| Changes with Apache 1.2b6 |
| |
| *) Allow whitespace in imagemap mapfile coordinates. [Marc Slemko] |
| |
| *) Fix typo introduced in fix for potential infinite loop around |
| accept() in child_main(). This change caused the rev to 1.2b6. |
| 1.2b5 was never a public beta. |
| |
| Changes with Apache 1.2b5 |
| |
| *) Change KeepAlive semantics (On|Off instead of a number), add |
| MaxKeepAliveRequests directive. [Alexei Kosut] |
| |
| *) Various NeXT compilation patches, as well as a change in |
| regex/regcomp.c since that file also used a NEXT define. |
| [Andreas Koenig] |
| |
| *) Allow * to terminate the end of a directory match in mod_dir. |
| Allows /~* to match for both /~joe and /~joe/. [David Bronder] |
| |
| *) Don't call can_exec() if suexec_enabled. Calling this requires |
| scripts executed by the suexec wrapper to be world executable, which |
| defeats one of the advantages of running the wrapper. [Randy Terbush] |
| |
| *) Portability Fix: IRIX complained with 'make clean' about *pure* (removed) |
| [Jim Jagielski] |
| |
| *) Migration from sprintf() to snprintf() to avoid buffer |
| overflows. [Marc Slemko] |
| |
| *) Provide portable snprintf() implementation (ap_snprintf) |
| as well as *cvt family. [Jim Jagielski] |
| |
| *) Portability Fix: NeXT lacks unistd.h so we wrap it's inclusion |
| [Jim Jagielski] |
| |
| *) Remove mod_fastcgi.c from the distribution. This module appears |
| to be maintained more through the Open Market channels and should |
| continue to be easily available at http://www.fastcgi.com/ |
| |
| *) Fixed bug in modules/Makefile that wouldn't allow building in more |
| than one subdirectory (or cleaning, either). [Jeremy Laidman] |
| |
| *) mod_info assumed that the config files were relative to ServerRoot. |
| [Ken the Rodent] |
| |
| *) CGI scripts called as an error document resulting from failed |
| CGI execution would hang waiting for POST'ed data. [Rob Hartill] |
| |
| *) Log reason when mod_dir returns access HTTP_FORBIDDEN |
| [Ken the Rodent] |
| |
| *) Properly check errno to prevent display of a directory index |
| when server receives a long enough URL to confuse stat(). |
| [Marc Slemko] |
| |
| *) Several security enhancements to suexec wrapper. It is _highly_ |
| recommended that previously installed versions of the wrapper |
| be replaced with this version. [Randy Terbush, Jason Dour] |
| |
| - ~user execution now properly restricted to ~user's home |
| directory and below. |
| - execution restricted to UID/GID > 100 |
| - restrict passed environment to known variables |
| - call setgid() before initgroups() (portability fix) |
| - remove use of setenv() (portability fix) |
| |
| *) Add HTTP/1.0 response forcing. [Ben Laurie] |
| |
| *) Add access control via environment variables. [Ben Laurie] |
| |
| *) Add rflush() function. [Alexei Kosut] |
| |
| *) remove duplicate pcalloc() call in new_connection(). |
| |
| *) Fix incorrect comparison which could allow number of children = |
| MaxClients + 1 if less than HARD_SERVER_LIMIT. Also fix potential |
| problem if StartServers > HARD_SERVER_LIMIT. [Ed Korthof] |
| |
| *) Updated support for OSes (MachTen, ULTRIX, Paragon, ISC, OpenBSD |
| AIX PS/2, CONVEXOS. [Jim Jagielski] |
| |
| *) Replace instances of inet_ntoa() with inet_addr() for ProxyBlock. |
| It's more portable. [Martin Kraemer] |
| |
| *) Replace references to make in Makefile.tmpl with $(MAKE). |
| [Chuck Murcko] |
| |
| *) Add ProxyBlock directive w/IP address caching. Add IP address |
| caching to NoCache directive as well. ProxyBlock works with all |
| handlers; NoCache now also works with FTP for anonymous logins. |
| Still more code cleanup. [Chuck Murcko] |
| |
| *) Add "header parse" API hook [Ben Laurie] |
| |
| *) Fix byte ordering problems for REMOTE_PORT [Chuck Murcko] |
| |
| *) suEXEC wrapper was freeing memory that had not been malloc'ed. |
| |
| *) Correctly allow access and auth directives in <Files> sections in |
| server config files. [Alexei Kosut] |
| |
| *) Fix bug with ServerPath that could cause certain files to be not |
| found by the server. [Alexei Kosut] |
| |
| *) Fix handling of ErrorDocument so that it doesn't remove a trailing |
| double-quote from text and so that it properly checks for unsupported |
| status codes using the new index_of_response interface. [Roy Fielding] |
| |
| *) Multiple fixes to the lingering_close code in order to avoid being |
| interrupted by a stray timeout, to avoid lingering on a connection |
| that has already been aborted or never really existed, to ensure that |
| we stop lingering as soon as any error condition is received, and to |
| prevent being stuck indefinitely if the read blocks. Also improves |
| reporting of error conditions. [Marc Slemko and Roy Fielding] |
| |
| *) Fixed initialization of parameter structure for sigaction. |
| [<mgyger itr.ch>, Adrian Filipi-Martin] |
| |
| *) Fixed reinitializing the parameters before each call to accept and |
| select, and removed potential for infinite loop in accept. |
| [Roy Fielding, after useful PR from <adrian virginia.edu>] |
| |
| *) Fixed condition where, if a child fails to fork, the scoreboard would |
| continue to say SERVER_STARTING forever. Eventually, the main process |
| would refuse to start new children because count_idle_servers() will |
| count those SERVER_STARTING entries and will always report that there |
| are enough idle servers. [Phillip Vandry] |
| |
| *) Fixed bug in bcwrite regarding failure to account for partial writes. |
| Avoided calling bflush() when the client is pipelining requests. |
| Removed unnecessary flushes from http_protocol. [Dean Gaudet] |
| |
| *) Added description of "." mode in server-status [Jim Jagielski] |
| |
| Changes with Apache 1.2b4 |
| |
| *) Fix possible race condition in accept_mutex_init() that |
| could leave a small security hole open allowing files to be |
| overwritten in cases where the server UID has write permissions. |
| [Marc Slemko] |
| |
| *) Fix awk compatibilty problem in Configure. [Jim Jagielski] |
| |
| *) Fix portablity problem in util_script where ARG_MAX may not be |
| defined for some systems. |
| |
| *) Add changes to allow compilation on Machten 4.0.3 for PowerPC. |
| [Randal Schwartz] |
| |
| *) OS/2 changes to support an MMAP style scoreboard file and UNIX |
| style magic #! token for better script portability. [Garey Smiley] |
| |
| *) Fix bug in suexec wrapper introduced in b3 that would cause failed |
| execution for ~userdir CGI. [Jason Dour] |
| |
| *) Fix initgroups() business in suexec wrapper. [Jason Dour] |
| |
| *) Fix month off by one in suexec wrapper logging. |
| |
| Changes with Apache 1.2b3: |
| |
| *) Fix error in mod_cgi which could cause resources not to be properly |
| freed, or worse. [Dean Gaudet] |
| |
| *) Fix find_string() NULL pointer dereference. [Howard Fear] |
| |
| *) Add set_flag_slot() at the request of Dirk and others. |
| [Dirk vanGulik] |
| |
| *) Sync mod_rewrite with patch level 10. [Ralf Engelschall] |
| |
| *) Add changes to improve the error message given for invalid |
| ServerName parameters. [Dirk vanGulik] |
| |
| *) Add "Authoritative" directive for Auth modules that don't |
| currently have it. This gives admin control to assign authoritative |
| control to an authentication scheme and allow "fall through" for |
| those authentication modules that aren't "Authoritative" thereby |
| allowing multiple authentication mechanisms to be chained. |
| [Dirk vanGulik] |
| |
| *) Remove requirement for ResourceConfig/AccessConfig if not using |
| the three config file layout. [Randy Terbush] |
| |
| *) Add PASV mode to mod_proxy FTP handler. [Chuck Murcko] |
| |
| *) Changes to suexec wrapper to fix the following problems: |
| 1. symlinked homedirs will kill ~userdirs. |
| 2. initgroups() on Linux 2.0.x clobbers gr->grid. |
| 3. CGI command lines paramters problems |
| 4. pw-pwdir for "docroot check" still the httpd user's pw record. |
| [Randy Terbush, Jason Dour] |
| |
| *) Change create_argv() to accept variable arguments. This fixes |
| a problem where arguments were not getting passed to the CGI via |
| argv[] when the suexec wrapper was active. [Randy Terbush, Jake Buchholz] |
| |
| *) Collapse multiple slashes in path URLs to properly apply |
| handlers defined by <Location>. [Alexei Kosut] |
| |
| *) Define a sane set of DEFAULT_USER and DEFAULT_GROUP values for AIX. |
| |
| *) Improve the accuracy of request duration timings by setting |
| r->request_time in read_request_line() instead of read_request(). |
| [Dean Gaudet] |
| |
| *) Reset timeout while reading via get_client_block() in mod_cgi.c |
| Fixes problem with timed out transfers of large files. [Rasmus Lerdorf] |
| |
| *) Add the ability to pass different Makefile.tmpl files to Configure |
| using the -make flag. [Rob Hartill] |
| |
| *) Fix coredump triggered when sending a SIGHUP to the server caused |
| by an assertion failure, in turn caused by an uninitialised field in a |
| listen_rec. |
| [Ben Laurie] |
| |
| *) Add FILEPATH_INFO variable to CGI environment, which is equal to |
| PATH_INFO from previous versions of Apache (in certain situations, |
| Apache 1.2's PATH_INFO will be different than 1.1's). [Alexei Kosut] |
| [later removed in 1.2b11] |
| |
| *) Add rwrite() function to API to allow for sending strings of |
| arbitrary length. [Doug MacEachern] |
| |
| *) Remove rlim_t typedef for NetBSD. Do older versions need this? |
| |
| *) Defined rlim_t and WANTHSREGEX=yes and fixed waitpid() substitute for |
| NeXT. [Jim Jagielski] |
| |
| *) Removed recent modification to promote the status code on internal |
| redirects, since the correct fix was to change the default log format |
| in mod_log_config so that it outputs the original status. [Rob Hartill] |
| |
| Changes with Apache 1.2b2: |
| |
| *) Update set_signals() to use sigaction() for setting handlers. |
| This appears to fix a re-entrant problem in the seg_fault() |
| bus_error() handlers. [Randy Terbush] |
| |
| *) Changes to allow mod_status compile for OS/2 [Garey Smiley] |
| |
| *) changes for DEC AXP running OSF/1 v3.0. [Marc Evans] |
| |
| *) proxy_http.c bugfixes: [Chuck Murcko] |
| 1) fixes possible NULL pointer reference w/NoCache |
| 2) fixes NoCache behavior when using ProxyRemote (ProxyRemote |
| host would cache nothing if it was in the local domain, |
| and the local domain was in the NoCache list) |
| 3) Adds Host: header when not available |
| 4) Some code cleanup and clarification |
| |
| *) mod_include.c bugfixes: |
| 1) Fixed an ommission that caused include variables to not |
| be parsed in config errmsg directives [Howard Fear] |
| 2) Remove HAVE_POSIX_REGEX cruft [Alexei Kosut] |
| 3) Patch to fix compiler warnings [<perrot lal.in2p3.fr>] |
| 4) Allow backslash-escaping to all quoted text |
| [Ben Yoshino <ben wiliki.eng.hawaii.edu>] |
| 5) Pass variable to command line if not set in XSSI's env |
| [Howard Fear] |
| |
| *) Fix infinite loop when processing Content-language lines in |
| type-map files. [Alexei Kosut] |
| |
| *) Closed file-globbing hole in test-cgi script. [Brian Behlendorf] |
| |
| *) Fixed problem in set_[user|group] that prevented CGI execution |
| for non-virtualhosts when suEXEC was enabled. [Randy Terbush] |
| |
| *) Added PORTING information file. [Jim Jagielski] |
| |
| *) Added definitions for S_IWGRP and S_IWOTH to conf.h [Ben Laurie] |
| |
| *) Changed default group to "nogroup" instead of "nobody" [Randy Terbush] |
| |
| *) Fixed define typo of FCNTL_SERIALIZED_ACCEPT where |
| USE_FCNTL_SERIALIZED_ACCEPT was intended. |
| |
| *) Fixed additional uses of 0xffffffff where INADDR_NONE was intended, |
| which caused problems of systems where socket s_addr is >32bits. |
| |
| *) Added comment to explain (r->chunked = 1) side-effect in |
| http_protocol.c [Roy Fielding] |
| |
| *) Replaced use of index() in mod_expires.c with more appropriate |
| and portable isdigit() test. [Ben Laurie] |
| |
| *) Updated Configure for ... |
| OS/2 (DEF_WANTHSREGEX=yes, other code changes) |
| *-dg-dgux* (bad pattern match) |
| QNX (DEF_WANTHSREGEX=yes) |
| *-sunos4* (DEF_WANTHSREGEX=yes, -DUSEBCOPY) |
| *-ultrix (new) |
| *-unixware211 (new) |
| and added some user diagnostic info. [Ben Laurie] |
| |
| *) In helpers/CutRule, replaced "cut" invocation with "awk" invocation |
| for better portability. [Jim Jagielski] |
| |
| *) Updated helpers/GuessOS for ... |
| SCO 5 (recognize minor releases) |
| SCO UnixWare (braindamaged uname, whatever-whatever-unixware2) |
| SCO UnixWare 2.1.1 (requires a separate set of #defines in conf.h) |
| IRIX64 (-sgi-irix64) |
| ULTRIX (-unknown-ultrix) |
| SINIX (-whatever-sysv4) |
| NCR Unix (-ncr-sysv4) |
| and fixed something in helpers/PrintPath [Ben Laurie] |
| |
| Changes with Apache 1.2b1 |
| |
| *) Not listed. See <http://www.apache.org/docs/new_features_1_2.html> |
| |
| Changes with Apache 1.1.1 |
| |
| *) Fixed bug where Cookie module would make two entries in the |
| logfile for each access [Mark Cox] |
| |
| *) Fixed bug where Redirect in .htaccess files would cause memory |
| leak. [Nathan Neulinger] |
| |
| *) MultiViews now works correctly with AddHandler [Alexei Kosut] |
| |
| *) Problems with mod_auth_msql fixed [Dirk vanGulik] |
| |
| *) Fix misspelling of "Anonymous_Authorative" directive in mod_auth_anon. |
| |
| Changes with Apache 1.1.0 |
| |
| *) Bring NeXT support up to date. [Takaaki Matsumoto] |
| |
| *) Bring QNX support up to date. [Ben Laurie] |
| |
| *) Make virtual hosts default to main server keepalive parameters. |
| [Alexei Kosut, Ben Laurie] |
| |
| *) Allow ScanHTMLTitles to work with lowercase <title> tags. [Alexei Kosut] |
| |
| *) Fix missing address family for connect, also remove unreachable statement |
| in mod_proxy. [Ben Laurie] |
| |
| *) mod_env now turned on by default in Configuration.tmpl. |
| |
| *) Bugs which were fixed: |
| a) yet more mod_proxy bugs [Ben Laurie] |
| b) CGI works again with inetd [Alexei Kosut] |
| c) Leading colons were stripped from passwords [<osm interguide.com>] |
| d) Another fix to multi-method Limit problem [<jk tools.de>] |
| |
| Changes with Apache 1.1b4 |
| |
| *) r->bytes_sent variable restored. [Robert Thau] |
| |
| *) Previously broken multi-method <Limit> parsing fixed. [Robert Thau] |
| |
| *) More possibly unsecure programs removed from the support directory. |
| |
| *) More mod_auth_msql authentication improvements. |
| |
| *) VirtualHosts based on Host: headers no longer conflict with the |
| Listen directive. |
| |
| *) OS/2 compatibility enhancements. [Gary Smiley] |
| |
| *) POST now allowed to directory index CGI scripts. |
| |
| *) Actions now work with files of the default type. |
| |
| *) Bugs which were fixed: |
| a) more mod_proxy bugs |
| b) early termination of inetd requests |
| c) compile warnings on several systems |
| d) problems when scripts stop reading output early |
| |
| Changes with Apache 1.1b3 |
| |
| *) Much of cgi-bin and all of cgi-src has been removed, due to |
| various security holes found and that we could no longer support |
| them. |
| |
| *) The "Set-Cookie" header is now special-cased to not merge multiple |
| instances, since certain popular browsers can not handle multiple |
| Set-Cookie instructions in a single header. [Paul Sutton] |
| |
| *) rprintf() added to buffer code, occurrences of sprintf removed. |
| [Ben Laurie] |
| |
| *) CONNECT method for proxy module, which means tunneling SSL should work. |
| (No crypto needed) Also a NoCache config directive. |
| |
| *) Several API additions: pstrndup(), table_unset() and get_token() |
| functions now available to modules. |
| |
| *) mod_imap fixups, in particular Location: headers are now complete |
| URL's. |
| |
| *) New "info" module which reports on installed module set through a |
| special URL, a la mod_status. |
| |
| *) "ServerPath" directive added - allows for graceful transition |
| for Host:-header-based virtual hosts. |
| |
| *) Anonymous authentication module improvements. |
| |
| *) MSQL authentication module improvements. |
| |
| *) Status module design improved - output now table-based. [Ben Laurie] |
| |
| *) htdigest utility included for use with digest authentication |
| module. |
| |
| *) mod_negotiation: Accept values with wildcards to be treated with |
| less priority than those without wildcards at the same quality |
| value. [Alexei Kosut] |
| |
| *) Bugs which were fixed: |
| a) numerous mod_proxy bugs |
| b) CGI early-termination bug [Ben Laurie] |
| c) Keepalives not working with virtual hosts |
| d) RefererIgnore problems |
| e) closing fd's twice in mod_include (causing core dumps on |
| Linux and elsewhere). |
| |
| Changes with Apache 1.1b2 |
| |
| *) Bugfixes: |
| a) core dumps in mod_digest |
| b) truncated hostnames/ip address in the logs |
| c) relative URL's in mod_imap map files |
| |
| Changes with Apache 1.1b1 |
| |
| *) Not listed. See <http://www.apache.org/docs/new_features_1_1.html> |
| |
| Changes with Apache 1.0.3 |
| |
| *) Internal redirects which occur in mod_dir.c now preserve the |
| query portion of a request (the bit after the question mark). |
| [Adam Sussman] |
| |
| *) Escape active characters '<', '>' and '&' in html output in |
| directory listings, error messages and redirection links. |
| [David Robinson] |
| |
| *) Apache will now work with LynxOS 2.3 and later [Steven Watt] |
| |
| *) Fix for POSIX compliance in waiting for processes in alloc.c. |
| [Nick Williams] |
| |
| *) setsockopt no longer takes a const declared argument [Martijn Koster] |
| |
| *) Reset timeout timer after each successful fwrite() to the network. |
| This patch adds a reset_timeout() procedure that is called by |
| send_fd() to reset the timeout ever time data is written to the net. |
| [Nathan Schrenk] |
| |
| *) timeout() signal handler now checks for SIGPIPE and reports |
| lost connections in a more user friendly way. [Rob Hartill] |
| |
| *) Location of the "scoreboard" file which used to live in /tmp is |
| now configurable (for OSes that can't use mmap) via ScoreBoardFile |
| which works similar to PidFile (in httpd.conf) [Rob Hartill] |
| |
| *) Include sys/resource.h in the correct place for SunOS4 [Sameer Parekh] |
| |
| *) the pstrcat call in mod_cookies.c didn't have an ending NULL, |
| which caused a SEGV with cookies enabled |
| |
| *) Output warning when MinSpareServers is set to <= 0 and change it to 1 |
| [Rob Hartill] |
| |
| *) Log the UNIX textual error returned by some system calls, in |
| particular errors from accept() [David Robinson] |
| |
| *) Add strerror function to util.c for SunOS4 [Randy Terbush] |
| |
| Changes with Apache 1.0.2 |
| |
| *) patch to get Apache compiled on UnixWare 2.x, recommended as |
| a temporary measure, pending rewrite of rfc931.c. [Chuck Murcko] |
| |
| *) Fix get_basic_auth_pw() to set the auth_type of the request. |
| [David Robinson] |
| |
| *) past changes to http_config.c to only use the |
| setrlimit function on systems defining RLIMIT_NOFILE |
| broke the feature on SUNOS4. Now defines HAVE_RESOURCE |
| for SUNOS and prototypes the needed functions. |
| |
| *) Remove uses of MAX_STRING_LEN/HUGE_STRING_LEN from several routines. |
| [David Robinson] |
| |
| *) Fix use of pointer to scratch memory. [Cliff Skolnick] |
| |
| *) Merge multiple headers from CGI scripts instead of taking last |
| one. [David Robinson] |
| |
| *) Add support for SCO 5. [Ben Laurie] |
| |
| Changes with Apache 1.0.1 |
| |
| *) Silence mod_log_referer and mod_log_agent if not configured |
| [Randy Terbush] |
| |
| *) Recursive includes can occur if the client supplies PATH_INFO data |
| and the server provider uses relative links; as file.html |
| relative to /doc.shtml/pathinfo is /doc.shtml/file.html. [David Robinson] |
| |
| *) The replacement for initgroups() did not call {set,end}grent(). This |
| had two implications: if anything else used getgrent(), then |
| initgroups() would fail, and it was consuming a file descriptor. |
| [Ben Laurie] |
| |
| *) On heavily loaded servers it was possible for the scoreboard to get |
| out of sync with reality, as a result of a race condition. |
| The observed symptoms are far more Apaches running than should |
| be, and heavy system loads, generally followed by catastrophic |
| system failure. [Ben Laurie] |
| |
| *) Fix typo in license. [David Robinson] |
| |
| Changes with Apache 1.0.0 23 Nov 1995 |
| |
| *) Not listed. See <http://www.apache.org/docs/new_features_1_0.html> |
| |
| Changes with Apache 0.8.16 05 Nov 1995 |
| |
| *) New man page for 'httpd' added to support directory [David Robinson] |
| |
| *) .htgroup files can have more than one line giving members for a |
| given group (each must have the group name in front), for NCSA |
| back-compatibility [Robert Thau] |
| |
| *) Mutual exclusion around accept() is on by default for SVR4 systems |
| generally, since they generally can't handle multiple processes in |
| accept() on the same socket. This should cure flaky behavior on |
| a lot of those systems. [David Robinson] |
| |
| *) AddType, AddEncoding, and AddLanguage directives take multiple |
| extensions on a single command line [David Robinson] |
| |
| *) UserDir can be disabled for a given virtual host by saying |
| "UserDir disabled" in the <VirtualHost> section --- it was a bug |
| that this didn't work. [David Robinson] |
| |
| *) Compiles on QNX [Ben Laurie] |
| |
| *) Corrected parsing of ctime time format [David Robinson] |
| |
| *) httpd does a perror() before exiting if it can't log its pid |
| to the PidFile, to make diagnosing the error a bit easier. |
| [David Robinson] |
| |
| *) <!--#include file="..."--> can no longer include files in the |
| parent directory, for NCSA back-compatibility. [David Robinson] |
| |
| *) '~' is *not* escaped in URIs generated for directory listings |
| [Roy Fielding] |
| |
| *) Eliminated compiler warning in the imagemap module [Randy Terbush] |
| |
| *) Fixed bug involving handling URIs with escaped %-characters |
| in redirects [David Robinson] |
| |
| Changes with Apache 0.8.15 14 Oct 1995 |
| |
| *) Switched to new, simpler license |
| |
| *) Eliminated core dumps with improperly formatted DBM group files [Mark Cox] |
| |
| *) Don't allow requests for ordinary files to have PATH_INFO [Ben Laurie] |
| |
| *) Reject paths containing %-escaped '%' or null characters [David Robinson] |
| |
| *) Correctly handles internal redirects to files with names containing '%' |
| [David Robinson] |
| |
| *) Repunctuated some error messages [Aram Mirzadeh, Andrew Wilson] |
| |
| *) Use geteuid() rather than getuid() to see if we have root privilege, |
| so that server correctly resets privilege if run setuid root. [Andrew |
| Wilson] |
| |
| *) Handle ftp: and telnet: URLs correctly in imagemaps (built-in module) |
| [Randy Terbush] |
| |
| *) Fix relative URLs in imagemap files [Randy Terbush] |
| |
| *) Somewhat better fix for the old "Alias /foo/ /bar/" business |
| [David Robinson] |
| |
| *) Don't repeatedly open the ErrorLog if a bunch of <VirtualHost> |
| entries all name the same one. [David Robinson] |
| |
| *) Fix directory listings with filenames containing unusual characters |
| [David Robinson] |
| |
| *) Better URI-escaping for generated URIs in directories with filenames |
| containing unusual characters [Ben Laurie] |
| |
| *) Fixed potential FILE* leak in http_main.c [Ben Laurie] |
| |
| *) Unblock alarms on error return from spawn_child() [David Robinson] |
| |
| *) Sample Config files have extra note for SCO users [Ben Laurie] |
| |
| *) Configuration has note for HP-UX users [Rob Hartill] |
| |
| *) Eliminated some bogus Linux-only #defines in conf.h [Aram Mirzadeh] |
| |
| *) Nuked bogus #define in httpd.h [David Robinson] |
| |
| *) Better test for whether a system has setrlimit() [David Robinson] |
| |
| *) Calls update_child_status() after reopen_scoreboard() [David Robinson] |
| |
| *) Doesn't send itself SIGHUP on startup when run in the -X debug-only mode |
| [Ben Laurie] |
| |
| Changes with Apache 0.8.14 19 Sep 1995 |
| |
| *) Compiles on SCO ODT 3.0 [Ben Laurie] |
| |
| *) AddDescription works (better) [Ben Laurie] |
| |
| *) Leaves an intelligible error diagnostic when it can't set group |
| privileges on standalone startup [Andrew Wilson] |
| |
| *) Compiles on NeXT again --- the 0.8.13 RLIMIT patch was failing on |
| that machine, which claims to be BSD but does not support RLIMIT. |
| [Randy Terbush] |
| |
| *) gcc -Wall no longer complains about an unused variable when util.c |
| is compiled with -DMINIMAL_DNS [Andrew Wilson] |
| |
| *) Nuked another compiler warning for -Wall on Linux [Aram Mirzadeh] |
| |
| Changes with Apache 0.8.13 07 Sep 1995 |
| |
| *) Make IndexIgnore *work* (ooops) [Jarkko Torppa] |
| |
| *) Have built-in imagemap code recognize & honor Point directive [James |
| Cloos] |
| |
| *) Generate cleaner directory listings in directories with a mix of |
| long and short filenames [Rob Hartill] |
| |
| *) Properly initialize dynamically loaded modules [Royston Shufflebotham] |
| |
| *) Properly default ServerName for virtual servers [Robert Thau] |
| |
| *) Rationalize handling of BSD in conf.h and elsewhere [Randy Terbush, |
| Paul Richards and a cast of thousands...] |
| |
| *) On self-identified BSD systems (we don't try to guess any more), |
| allocate a few extra file descriptors per virtual host with setrlimit, |
| if we can, to avoid running out. [Randy Terbush] |
| |
| *) Write 22-character lock file name into buffer with enough space |
| on startup [Konstantin Olchanski] |
| |
| *) Use archaic setpgrp() interface on NeXT, which requires it [Brian |
| Pinkerton] |
| |
| *) Suppress -Wall warning by casting const away in util.c [Aram Mirzadeh] |
| |
| *) Suppress -Wall warning by initializing variable in negotiation code |
| [Tobias Weingartner] |
| |
| Changes with Apache 0.8.12 31 Aug 1995 |
| |
| *) Doesn't pause three seconds after including a CGI script which is |
| too slow to die off (this is done by not even trying to kill off |
| subprocesses, including the SIGTERM/pause/SIGKILL routine, until |
| after the entire document has been processed). [Robert Thau] |
| |
| *) Doesn't do SSI if Options Includes is off. (Ooops). [David Robinson] |
| |
| *) Options IncludesNoExec allows inclusion of at least text/* [Roy Fielding] |
| |
| *) Allows .htaccess files to override <Directory> sections naming the |
| same directory [David Robinson] |
| |
| *) Removed an efficiency hack in sub_req_lookup_uri which was |
| causing certain extremely marginal cases (e.g., ScriptAlias of a |
| *particular* index.html file) to fail. [David Robinson] |
| |
| *) Doesn't log an error when the requested URI requires |
| authentication, but no auth header line was supplied by the |
| client; this is a normal condition (the client doesn't no auth is |
| needed here yet). [Robert Thau] |
| |
| *) Behaves more sanely when the name server loses its mind [Sean Welch] |
| |
| *) RFC931 code compiles cleanly on old BSDI releases [Randy Terbush] |
| |
| *) RFC931 code no longer passes out name of prior clients on current |
| requests if the current request came from a server that doesn't |
| do RFC931. [David Robinson] |
| |
| *) Configuration script accepts "Module" lines with trailing whitespace. |
| [Robert Thau] |
| |
| *) Cleaned up compiler warning from mod_access.c [Robert Thau] |
| |
| *) Cleaned up comments in mod_cgi.c [Robert Thau] |
| |
| Changes with Apache 0.8.11 24 Aug 1995 |
| |
| *) Wildcard <Directory> specifications work. [Robert Thau] |
| |
| *) Doesn't loop for buggy CGI on Solaris [Cliff Skolnick] |
| |
| *) Symlink checks (FollowSymLinks off, or SymLinkIfOwnerMatch) always check |
| the file being requested itself, in addition to the directories leading |
| up to it. [Robert Thau] |
| |
| *) Logs access failures due to symlink checks or invalid client address |
| in the error log [Roy Fielding, Robert Thau] |
| |
| *) Symlink checks deal correctly with systems where lstat of |
| "/path/to/some/link/" follows the link. [Thau, Fielding] |
| |
| *) Doesn't reset DirectoryIndex to 'index.html' when |
| other directory options are set in a .htaccess file. [Robert Thau] |
| |
| *) Clarified init code and nuked bogus warning in mod_access.c |
| [Florent Guillaume] |
| |
| *) Corrected several directives in sample srm.conf |
| --- includes corrections to directory indexing icon-related directives |
| (using unknown.gif rather than unknown.xbm as the DefaultIcon, doing |
| icons for encodings right, and turning on AddEncoding by default). |
| [Roy Fielding] |
| |
| *) Corrected descriptions of args to AddIcon and AddAlt in command table |
| [James Cloos] |
| |
| *) INSTALL & README mention "contributed modules" directory [Brian |
| Behlendorf] |
| |
| *) Fixed English in the license language... "for for" --> "for". |
| [Roy Fielding] |
| |
| *) Fixed ScriptAlias/Alias interaction by moving ScriptAlias handling to |
| mod_alias.c, merging it almost completely with handling of Alias, and |
| adding a 'notes' field to the request_rec which allows the CGI module |
| to discover whether the Alias module has put this request through |
| ScriptAlias (which it needs to know for back-compatibility, as the old |
| NCSA code did not check Options ExecCGI in ScriptAlias directories). |
| [Robert Thau] |
| |
| Changes with Apache 0.8.10 18 Aug 1995 |
| |
| *) AllowOverride applies to the named directory, and not just |
| subdirectories. [David Robinson] |
| |
| *) Do locking for accept() exclusion (on systems that need it) |
| using a special file created for the purpose in /usr/tmp, and |
| not the error log; using the error log causes real problems |
| if it's NFS-mounted; this is known to be the cause of a whole |
| lot of "server hang" problems with Solaris. [David Robinson; |
| thanks to Merten Schumann for help diagnosing the problem]. |
| |
| Changes with Apache 0.8.9 12 Aug 1995 |
| |
| *) Compiles with -DMAXIMUM_DNS ---- ooops! [Henrik Mortensen] |
| |
| *) Nested includes see environment variables of the including document, |
| for NCSA bug-compatibility (some sites have standard footer includes |
| which try to print out the last-modified date). [Eric Hagberg/Robert |
| Thau] |
| |
| *) <!--exec cgi="/some/uri/here"--> always treats the item named by the |
| URI as a CGI script, even if it would have been treated as something |
| else if requested directly, for NCSA back-compatibility. (Note that |
| this means that people who know the name of the script can see the |
| code just by asking for it). [Robert Thau] |
| |
| *) New version of dbmmanage script included in support directory as |
| dbmmanage.new. |
| |
| *) Check if scoreboard file couldn't be opened, and say so, rather |
| then going insane [David Robinson] |
| |
| *) POST to CGI works on A/UX [Jim Jagielski] |
| |
| *) AddIcon and AddAlt commands work properly [Rob Hartill] |
| |
| *) NCSA server push works properly --- the Arena bug compatibility |
| workaround, which broke it, is gone (use -DARENA_BUG_WORKAROUND |
| if you still want the workaround). [Rob Hartill] |
| |
| *) If client didn't submit any Accept-encodings, ignore encodings in |
| content negotiation. (NB this will all have to be reworked anyway |
| for the new HTTP draft). [Florent Guillaume] |
| |
| *) Don't dump core when trying to log timed-out requests [Jim Jagielski] |
| |
| *) Really honor CacheNegotiatedDocs [Florent Guillaume] |
| |
| *) Give Redirect priority over Alias, for NCSA bug compatibility |
| [David Robinson] |
| |
| *) Correctly set PATH_TRANSLATED in all cases from <!--#exec cmd=""-->, |
| paralleling earlier bug fix for CGI [David Robinson] |
| |
| *) If DBM auth is improperly configured, report a server error and don't |
| dump core. |
| |
| *) Deleted FCNTL_SERIALIZED_ACCEPTS from conf.h entry for A/UX; |
| it seems to work well enough without it (even in a 10 hits/sec |
| workout), and the overhead for the locking under A/UX is |
| alarmingly high (though it is very low on other systems). |
| [Eric Hagberg, Jim Jagielski] |
| |
| *) Fixed portability problems with mod_cookies.c [Cliff Skolnick] |
| |
| *) Further de-Berklize mod_cookies.c; change the bogus #include. [Brian |
| Behlendorf/Eric Hagberg] |
| |
| *) More improvements to default Configuration for A/UX [Jim Jagielski] |
| |
| *) Compiles clean on NEXT [Rob Hartill] |
| |
| *) Compiles clean on SGI [Robert Thau] |
| |
| Changes with Apache 0.8.8 08 Aug 1995 |
| |
| *) SunOS library prototypes now never included unless explicitly |
| requested in the configuration (via -DSUNOS_LIB_PROTOTYPES); |
| people using GNU libc on SunOS are screwed by prototypes for the |
| standard library. |
| |
| (Those who wish to compile clean with gcc -Wall on a standard |
| SunOS setup need the prototypes, and may obtain them using |
| -DSUNOS_LIB_PROTOTYPES. Those wishing to use -Wall on a system |
| with nonstandard libraries are presumably competent to make their |
| own arrangements). |
| |
| *) Strips trailing '/' characters off both args to the Alias command, |
| to make 'Alias /foo/ /bar/' work. |
| |
| Changes with Apache 0.8.7 03 Aug 1995 |
| |
| *) Don't hang when restarting with a child from 'TransferLog "|..."' running |
| [reported by David Robinson] |
| |
| *) Compiles clean on OSF/1 [David Robinson] |
| |
| *) Added some of the more recent significant changes (AddLanguage stuff, |
| experimental LogFormat support) to CHANGES file in distribution root |
| directory |
| |
| Changes with Apache 0.8.6 02 Aug 1995 |
| |
| *) Deleted Netscape reload workaround --- it's in violation of HTTP specs. |
| (If you actually wanted a conditional GET which bypassed the cache, you |
| couldn't get it). [Reported by Roy Fielding] |
| |
| *) Properly terminate headers on '304 Not Modified' replies to conditional |
| GETs --- no browser we can find cares much, but the CERN proxy chokes. |
| [Reported by Cliff Skolnick; fix discovered independently by Rob Hartill] |
| |
| *) httpd -v doesn't call itself "Shambhala". [Reported by Chuck Murcko] |
| |
| *) SunOS lib-function prototypes in conf.h conditionalized on __GNUC__, |
| not __SUNPRO_C (they're needed to quiet gcc -Wall, but acc chokes on 'em, |
| and older versions don't set the __SUNPRO_C preprocessor variable). On |
| all other systems, these are never used anyway. [Reported by Mark Cox]. |
| |
| *) Scoreboard file (/tmp/htstatus.*) no longer publically writable. |
| |
| Changes with Apache 0.8.5 01 Aug 1995 |
| |
| *) Added last-minute configurable log experiment, as optional module |
| |
| *) Correctly set r->bytes_sent for HTTP/0.9 requests, so they get logged |
| properly. (One-line fix to http_protocol.c). |
| |
| *) Work around bogus behavior when reloading from Netscape. |
| It's Netscape's bug --- for some reason they expect a request with |
| If-modified-since: to not function as a conditional GET if it also |
| comes with Pragma: no-cache, which is way out of line with the HTTP |
| spec (according to Roy Fielding, the redactor). |
| |
| *) Added parameter to set maximum number of server processes. |
| |
| *) Added patches to make it work on A/UX. A/UX is *weird*. [Eric Hagberg, |
| Jim Jagielski] |
| |
| *) IdentityCheck bugfix [Chuck Murcko]. |
| |
| *) Corrected cgi-src/Makefile entry for new imagemap script. [Alexei Kosut] |
| |
| *) More sample config file corrections; add extension to AddType for |
| *.asis, move AddType generic description to its proper place, and |
| fix miscellaneous typos. [ Alexei Kosut ] |
| |
| *) Deleted the *other* reference to the regents from the Berkeley |
| legal disclaimer (everyplace). |
| |
| *) Nuked Shambhala name from src/README; had already cleaned it out |
| of everywhere else. |
| |
| Changes with Apache 0.8.4 |
| |
| *) Changes to server-pool management parms --- renamed current |
| StartServers to MinSpareServers, created separate StartServers |
| parameter which means what it says, and renamed MaxServers to |
| MaxSpareServers (though the old name still works, for NCSA 1.4 |
| back-compatibility). The old names were generally regarded as |
| too confusing. Also altered "docs" in sample config files. |
| |
| *) More improvements to default config files --- |
| sample directives (commented out) for XBitHack, BindAddress, |
| CacheNegotiatedDocs, VirtualHost; decent set of AddLanguage |
| defaults, AddTypes for send-as-is and imagemap magic types, and |
| improvements to samples for DirectoryIndex [Alexei Kosut] |
| |
| *) Yet more improvements to default config files --- changes to |
| Alexei's sample AddLanguage directives, and sample LanguagePriority |
| [ Florent Guillaume ] |
| |
| *) Set config file locations properly if not set in httpd.conf |
| [ David Robinson ] |
| |
| *) Don't escape URIs in internal redirects multiple times; don't |
| do that when translating PATH_INFO to PATH_TRANSLATED either. |
| [ David Robinson ] |
| |
| *) Corrected spelling of "Required" in 401 error reports [Andrew Wilson] |
| |
| Changes with Apache 0.8.3 |
| |
| *) Edited distribution README to *briefly* summarize installation |
| procedures, and give a pointer to the INSTALL file in the src/ |
| directory. |
| |
| *) Upgraded imagemap script in cgi-bin to 1.8 version from more |
| recent NCSA distributions. |
| |
| *) Bug fix to previous bug fix --- if .htaccess file and <Directory> |
| exist for the same directory, use both and don't segfault. [Reported |
| by David Robinson] |
| |
| *) Proper makefile dependencies [David Robinson] |
| |
| *) Note (re)starts in error log --- reported by Rob Hartill. |
| |
| *) Only call no2slash() after get_path_info() has been done, to |
| preserve multiple slashes in the PATH_INFO [NCSA compatibility, |
| reported by Andrew Wilson, though this one is probably a real bug] |
| |
| *) Fixed mod_imap.c --- relative paths with base_uri referer don't |
| dump core when Referer is not supplied. [Randy Terbush] |
| |
| *) Lightly edited sample config files to refer people to our documentation |
| instead of NCSA's, and to list Rob McCool as *original* author (also |
| deleted his old, and no doubt non-functional email address). Would be |
| nice to have examples of new features... |
| |
| Changes with Apache 0.8.2 19 Jul 1995 |
| |
| *) Added AddLanuage code [Florent Guillaume] |
| |
| *) Don't say "access forbidden" when a CGI script is not found. [Mark Cox] |
| |
| *) All sorts of problems when MultiViews finds a directory. It would |
| be nice if mod_dir.c was robust enough to handle that, but for now, |
| just punt. [reported by Brian Behlendorf] |
| |
| *) Wait for all children on restart, to make sure that the old socket |
| is gone and we can reopen it. [reported by Randy Terbush] |
| |
| *) Imagemap module is enabled in default Configuration |
| |
| *) RefererLog and UserAgentLog modules properly default the logfile |
| [Randy Terbush] |
| |
| *) Mark Cox's mod_cookies added to the distribution as an optional |
| module (commented out in the default Configuration, and noted as |
| an experiment, along with mod_dld). [Mark Cox] |
| |
| *) Compiles on ULTRIX (a continuing battle...). [Robert Thau] |
| |
| *) Fixed nasty bug in SIGTERM handling [reported by Randy Terbush] |
| |
| *) Changed "Shambhala" to "Apache" in API docs. [Robert Thau] |
| |
| *) Added new, toothier legal disclaimer. [Robert Thau; copied from BSD |
| license] |
| |
| Changes with Apache 0.8.1 |
| |
| *) New imagemap module [Randy Terbush] |
| |
| *) Replacement referer log module with NCSA-compatible RefererIgnore |
| [Matthew Gray again] |
| |
| *) Don't mung directory listings with very long filenames. |
| [Florent Guillaume] |
| |
| Changes with Apache 0.8.0 (nee Shambhala 0.6.2) 16 Jul 1995 |
| |
| *) New config script. See INSTALL for info. [Robert Thau] |
| |
| *) Scoreboard mechanism for regulating the number of extant server |
| processes. MaxServers and StartServers defaults are the same as |
| for NCSA, but the meanings are slightly different. (Actually, |
| I should probably lower the MaxServers default to 10). |
| |
| Before asking for a new connection, each server process checks |
| the number of other servers which are also waiting for a |
| connection. If there are more than MaxServers, it quietly dies |
| off. Conversely, every second, the root, or caretaker, process |
| looks to see how many servers are waiting for a new connection; |
| if there are fewer than StartServers, it starts a new one. This |
| does not depend on the number of server processes already extant. |
| The accounting is arranged through a "scoreboard" file, named |
| /tmp/htstatus.*, on which each process has an independent file |
| descriptor (they need to seek without interference). |
| |
| The end effect is that MaxServers is the maximum number of |
| servers on an *inactive* server machine, but more will be forked |
| off to handle unusually heavy loads (or unusually slow clients); |
| these will die off when they are no longer needed --- without |
| reverting to the overhead of full forking operation. There is a |
| hard maximum of 150 server processes compiled in, largely to |
| avoid forking out of control and dragging the machine down. |
| (This is arguably too high). |
| |
| In my server endurance tests, this mechanism did not appear to |
| impose any significant overhead, even after I forced it to put the |
| scoreboard file on a normal filesystem (which might have more |
| overhead than tmpfs). [Robert Thau] |
| |
| *) Set HTTP_FOO variables for SSI <!--#exec cmd-->s, not just CGI scripts. |
| [Cliff Skolnick] |
| |
| *) Read .htaccess files even in directory with <Directory> section. |
| (Former incompatibility noted on mailing list, now fixed). [Robert |
| Thau] |
| |
| *) "HEAD /" gives the client a "Bad Request" error message, rather |
| than trying to send no body *and* no headers. [Cliff Skolnick]. |
| |
| *) Don't produce double error reports for some very obscure cases |
| mainly involving auth configuration (the "all modules decline to |
| handle" case which is a sure sign of a server bug in most cases, |
| but also happens when authentication is badly misconfigured). |
| [Robert Thau] |
| |
| *) Moved FCNTL_SERIALIZED_ACCEPT defines into conf.h (that's what |
| it's *for*, and this sort of thing really shouldn't be cluttering |
| up the Makefile). [Robert Thau] |
| |
| *) Incidental code cleanups in http_main.c --- stop dragging |
| sa_client around; just declare it where used. [Robert Thau] |
| |
| *) Another acc-related fix. (It doesn't like const char |
| in some places...). [Mark Cox] |
| |
| Changes with Shambhala 0.6.1 13 Jul 1995 |
| |
| *) Fixed auth_name-related typos in http_core.c [Brian Behlendorf] |
| Also, fixed auth typo in http_protocol.c unmasked by this fix. |
| |
| *) Compiles clean with acc on SunOS [Paul Sutton] |
| |
| *) Reordered modules in modules.c so that Redirect takes priority |
| over ScriptAlias, for NCSA bug-compatibility [Rob Hartill] --- |
| believe it or not, he has an actual site with a ScriptAlias and |
| a Redirect declared for the *exact same directory*. Even *my* |
| compatibility fetish wouldn't motivate me to fix this if the fix |
| required any effort, but it doesn't, so what the hey. |
| |
| *) Fixed to properly default several server_rec fields for virtual |
| servers from the corresponding fields in the main server_rec. |
| [Cliff Skolnick --- 'port' was a particular irritant]. |
| |
| *) No longer kills off nph- child processes before they are |
| finished sending output. [Matthew Gray] |
| |
| Changes with Shambhala 0.6.0 10 Jul 1995 |
| |
| *) Two styles of timeout --- hard and soft. soft_timeout()s just put |
| the connection to the client in an "aborted" state, but otherwise |
| allow whatever handlers are running to clean up. hard_timeout()s |
| abort the request in progress completely; anything not tied to some |
| resource pool cleanup will leak. They're still around because I |
| haven't yet come up with a more elegant way of handling |
| timeouts when talking to something that isn't the client. The |
| default_handler and the dir_handler now use soft timeouts, largely |
| so I can test the feature. [Robert Thau] |
| |
| *) TransferLog "| my_postprocessor ..." seems to be there. Note that |
| the case of log handlers dying prematurely is probably handled VERY |
| gracelessly at this point, and if the logger stops reading input, |
| the server will hang. (It is known to correctly restart the |
| logging process on server restart; this is (should be!) going through |
| the same SIGTERM/pause/SIGKILL routine used to ding an errant CGI |
| script). [Robert Thau] |
| |
| *) asis files supported (new module). [Robert Thau] |
| |
| *) IdentityCheck code is compiled in, but has not been tested. (I |
| don't know anyone who runs identd). [Robert Thau] |
| |
| *) PATH_INFO and PATH_TRANSLATED are not set unless some real PATH_INFO |
| came in with the request, for NCSA bug-compatibility. [Robert Thau] |
| |
| *) Don't leak the DIR * on HEAD request for a directory. [Robert Thau] |
| |
| *) Deleted the block_alarms() stuff from dbm_auth; no longer necessary, |
| as timeouts are not in scope. [Robert Thau] |
| |
| *) quoted-string args in config files now handled correctly (doesn't drop |
| the last character). [Robert Thau; reported by Randy Terbush] |
| |
| *) Fixed silly typo in http_main.c which was suddenly fatal in HP-UX. |
| How the hell did it ever work? [Robert Thau; reported by Rob Hartill] |
| |
| *) mod_core.c --- default_type returns DEFAULT_TYPE (the compile-time |
| default default type); the former default default behavior when all |
| type-checkers defaulted had been a core dump. [Paul Sutton] |
| |
| *) Copy filenames out of the struct dirent when indexing |
| directories. (On Linux, readdir() returns a pointer to the same |
| memory area every time). Fix is in mod_dir.c. [Paul Sutton] |
| |
| Changes with Shambhala 0.5.3 [not released] |
| |
| *) Default response handler notes "file not found" in the error log, |
| if the file was not found. [Cliff Skolnick]. |
| |
| *) Another Cliff bug --- "GET /~user" now properly redirects (the userdir |
| code no longer sets up bogus PATH_INFO which fakes out the directory |
| handler). [Cliff Skolnick] |
| |
| Changes with Shambhala 0.5.2 06 Jul 1995 |
| |
| *) Changes to http_main.c --- root server no longer plays silly |
| games with SIGCHLD, and so now detects and replaces dying |
| children. Child processes just die on SIGTERM, without taking |
| the whole process group with them. Potential problem --- if any |
| child process refuses to die, we hang in restart. |
| MaxRequestsPerChild may still not work, but it certainly works |
| better than it did before this! [Robert Thau] |
| |
| *) mod_dir.c bug fixes: ReadmeName and HeaderName |
| work (or work better, at least); over-long description lines |
| properly terminated. [Mark Cox] |
| |
| *) http_request.c now calls unescape_url() more places where it |
| should [Paul Sutton]. |
| |
| *) More directory handling bugs (reported by Cox) |
| Parent Directory link is now set correctly. [Robert Thau] |
| |
| Changes with Shambhala 0.5.1 04 Jul 1995 |
| |
| *) Generalized cleanup interface in alloc.c --- any function can be |
| registered with alloc.c as a cleanup for a resource pool; |
| tracking of files and file descriptors has been reimplemented in |
| terms of this interface, so I can give it some sort of a test. |
| [Robert Thau] |
| |
| *) More changes in alloc.c --- new cleanup_for_exec() function, |
| which tracks down and closes all file descriptors which have been |
| registered with the alloc.c machinery before the server exec()s a |
| child process for CGI or <!--#exec-->. CGI children now get |
| started with exactly three file descriptors open. Hopefully, |
| this cures the problem Rob H. was having with overly persistent |
| CGI connections. [Robert Thau] |
| |
| *) Mutual exclusion around the accept() in child_main() --- this is |
| required on at least SGI, Solaris and Linux, and is #ifdef'ed in |
| by default on those systems only (-DFCNTL_SERIALIZED_ACCEPT). |
| This uses fcntl(F_SETLK,...) on the error log descriptor because |
| flock() on that descriptor won't work on systems which have BSD |
| flock() semantics, including (I think) Linux 1.3 and Solaris. |
| |
| This does work on SunOS (when the server is idle, only one |
| process in the pool is waiting on accept()); it *ought* to work |
| on the other systems. [Robert Thau] |
| |
| *) FreeBSD and BSDI portability tweaks [Chuck Murcko] |
| |
| *) sizeof(*sa_client) bugfix from [Rob Hartill] |
| |
| *) pstrdup(..., NULL) returns NULL, [Randy Terbush] |
| |
| *) block_alarms() to avoid leaking the DBM* in dbm auth (this should |
| be unnecessary if I go to the revised timeout-handling scheme). |
| [Robert Thau] |
| |
| *) For NCSA bug-compatibility, set QUERY_STRING env var (to a null |
| string) even if none came in with the request. [Robert Thau] |
| |
| *) CHANGES file added to distribution ;-). |
| |
| Changes with Shambhala 0.4.5 |
| |
| *) mod_dld --- early dynamic loading support [rst] |
| *) Add wildcard content handlers for XBITHACK; default_hander now |
| invoked with that mechanism (as a handler hanging off mod_core) [rst] |
| *) XBITHACK supported as a wildcard content-handler, and |
| configurable at run-time (not just at compile time, as in the |
| "patchy server" releases) [rst] |
| |
| Changes with Shambhala 0.4.4 30 Jun 1995 |
| |
| *) Fixed basic thinkos in mod_dbm_auth.c [rst, reported by Mark Cox] |
| *) Handle Addtype x/y .z [rst, reported by Cox] |
| |
| Changes with Shambhala 0.4.3 |
| |
| *) Fixed very dumb bug in mod_alias; "Alias" and "Redirect" are not |
| synonymous [rst, terbush] |
| |
| Changes with Shambhala 0.4.1 28 Jun 1995 |
| |
| *) First-cut virtual host implementation; some refit in the config |
| reading code, and log management, was necessary to support this [rst] |
| *) Sub-pool machinery, originally added to avoid excessive storage |
| allocation on listings of large directories (which turned out to |
| be the problem that the 0.3 storage accounting was added to |
| find). Subrequests and mod_dir changed to use subpools. [rst] |
| *) More memory debugging --- free list consistency checks. [rst] |
| *) Added err_headers to request_rec, with support elsewhere [rst] |
| *) Other fixes to minor bugs in mod_dir and mod_includes [rst, terbush] |
| |
| Changes with Shambhala 0.3 19 Jun 1995 |
| |
| *) Switch ONE_PROCESS to a runtime command-line option (-X) |
| *) Don't compile in mod_ai_backcompat by default |
| *) Switch name of server from Apache to Shambhala in Makefile |
| *) Add some accounting routines to track memory usage in the pools, |
| for debugging |
| |
| Changes with Shambhala 0.2 |
| |
| *) Set DOCUMENT_ROOT CGI variable |
| *) Add single-process debugging, as a compile-time option (ONE_PROCESS) |
| *) Add critical section protection to handling of cleanup structures |
| in alloc.c [rst] |
| *) Significant code reorg within the server core to group related |
| functions together [rst] |
| *) Correctly handle clients that hang up before sending any request |
| [rst] |
| *) Replace dying child processes. [rst] |
| |
| Changes with Shambhala 0.1 12 Jun 1995 |
| |
| Major rewrite of the pre-existing "patchy server" codebase, by |
| Robert Thau (rst). Significant portions of the server code, such |
| as configuration-file handling and HTTP authentication support, |
| were ripped out and rewritten from scratch. Code that was not |
| completely rewritten was significantly altered. |
| |
| Major changes with this release include: |
| |
| *) Introduction of the module API; in request handling, the central |
| machinery just dispatches to various modules, which actually do |
| most of the work. Configuration handling is similar --- modules |
| declare their own commands, and the central machinery just |
| dispatches to them. |
| |
| API features from shambhala/0.1 were substantially unchanged in |
| Apache 1.0 and 1.1. (1.0 API features not yet present in this |
| release, such as wildcard handlers and subpools, were added in |
| subsequent Shambhala releases, and were also generally rst's |
| work). |
| |
| *) This release included the following modules: |
| |
| mod_access (access control --- allow and deny directives), |
| mod_alias (Alias and Redirect commands), |
| mod_auth (straight HTTP authentication, based on flat-files) |
| mod_auth_dbm (same, with dbm files) |
| mod_cgi (CGI scripts and, in this release, ScriptAlias) |
| mod_common_log (CLF access logs; later renamed mod_log_common) |
| mod_dir (directory indexing) |
| mod_include (server-side includes) |
| mod_mime (AddType directives) |
| mod_negotiation (content negotiation) |
| mod_userdir (support for users' public_html directories) |
| |
| It also included a mod_ai_backcompat, which was a private hack |
| for back-compatibility with rst's own AI-lab servers. |
| |
| All of these modules were substantially complete, and functional |
| or nearly so (a few, which implemented features not in use at |
| Thau's site, required patches of a few lines). |
| |
| *) sub-request machinery, to allow modules to determine how other |
| modules would assign MIME types to a given file, or optionally |
| serve its content (this is heavily used by mod_dir, mod_include |
| and mod_negotiation). |
| |
| *) Resource pool system for keeping track of memory allocated and |
| files opened in service of a particular request. Much of the |
| code in the modules (when they weren't rewrites) was adjusted to |
| replace a pervasive convention of using fixed-size buffers on |
| the stack with an equally pervasive convention of using memory |
| allocated with palloc(). |
| |
| *) Reorganization of data structures associated with a given |
| request to eliminate use of global variables and the troublesome |
| unmunge_name function (used in NCSA and early Apache releases to |
| attempt to determine the URI which mapped to a given filename |
| --- a difficult proposition, given that it is easy to produce |
| setups in which multiple URIs map to the same file). |
| |
| *) Source files renamed and rearranged |
| |
| *) Very simple pre-forking behavior --- parent process forked off a |
| fixed number of children, and then just waited for SIGHUP. |
| |
| *) Other more minor changes too numerous to list. |
| |
| This release included modified versions of a lot of code from the |
| Apache 0.6.4 public release, plus an early pre-forking patch |
| codeveloped by Robert Thau and Rob Hartill. |
| |
| Changes with Apache 0.7.3 20 Jun 1995 |
| |
| *) There were a bunch of changes between Apache 0.6.4 and 0.7.3 that |
| were incorporated by Rob Hartill on the main branch while Robert Thau |
| worked on the Shambhala rewrite above. Most were merged into the |
| Shambala architecture after Apache 0.8.0. |
| |
| Changes with Apache 0.6.4 13 May 1995 |
| |
| *) Patches by Rob Hartill, Cliff Skolnick, Randy Terbush, Robert Thau, |
| and others. |
| |
| Changes with Apache 0.5.1 10 Apr 1995 |
| |
| Changes with Apache 0.4 02 Apr 1995 |
| |
| *) Patches by Brian Behlendorf, Andrew Wilson, Robert Thau, |
| and Rob Hartill. |
| |
| Changes with Apache 0.3 24 Mar 1995 |
| |
| *) Patches by Robert Thau, David Robinson, Rob Hartill, and |
| Carlos Varela. |
| |
| Changes with Apache 0.2 18 Mar 1995 |
| |
| *) Based on NCSA httpd 1.3 by Rob McCool and patches by CERT, |
| Roy Fielding, Robert Thau, Nicolas Pioch, David Robinson, |
| Brian Behlendorf, Rob Hartill, and Cliff Skolnick. |