| APACHE 2.2 STATUS: -*-text-*- |
| Last modified at [$Date$] |
| |
| The current version of this file can be found at: |
| |
| * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS |
| |
| Documentation status is maintained separately and can be found at: |
| |
| * docs/STATUS in this source tree, or |
| * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS |
| |
| The current development branch of this software can be found at: |
| |
| * http://svn.apache.org/repos/asf/httpd/httpd/trunk |
| |
| Patches considered for backport are noted in their branches' STATUS: |
| |
| * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS |
| * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS |
| |
| |
| Release history: |
| [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases, |
| while x.{even}.z versions are Stable/GA releases.] |
| 2.2.25 : Tagged June 28, 2013 |
| 2.2.24 : Released February 25, 2012 |
| 2.2.23 : Released September 13, 2012 |
| 2.2.22 : Released January 31, 2012. |
| 2.2.21 : Released September 13, 2011. |
| 2.2.20 : Released August 30, 2011. |
| 2.2.19 : Released May 21, 2011. ABI restored. |
| 2.2.18 : Released May 11, 2011. ABI broken. |
| 2.2.17 : Released October 19, 2010. |
| 2.2.16 : Released July 25, 2010. |
| 2.2.15 : Released March 6, 2010. |
| 2.2.14 : Released October 3, 2009. |
| 2.2.13 : Released August 8, 2009. |
| 2.2.12 : Released July 28, 2009. |
| 2.2.11 : Released December 14, 2008. |
| 2.2.10 : Released October 14, 2008. |
| 2.2.9 : Released June 14, 2008. |
| 2.2.8 : Released January 19, 2008. |
| 2.2.7 : Tagged January 4, 2008. Not released. |
| 2.2.6 : Released September 7, 2007. |
| 2.2.5 : Tagged August 10, 2007, not released. |
| 2.2.4 : Released on January 9, 2007 as GA. |
| 2.2.3 : Released on July 28, 2006 as GA. |
| 2.2.2 : Released on May 1, 2006 as GA. |
| 2.2.1 : Tagged on April 1, 2006, not released. |
| 2.2.0 : Released on December 1, 2005 as GA. |
| 2.1.10 : Tagged on November 19, 2005, not released. |
| 2.1.9 : Released on November 5, 2005 as beta. |
| 2.1.8 : Released on October 1, 2005 as beta. |
| 2.1.7 : Released on September 12, 2005 as beta. |
| 2.1.6 : Released on June 27, 2005 as alpha. |
| 2.1.5 : Tagged on June 17, 2005. |
| 2.1.4 : not released. |
| 2.1.3 : Released on February 22, 2005 as alpha. |
| 2.1.2 : Released on December 8, 2004 as alpha. |
| 2.1.1 : Released on November 19, 2004 as alpha. |
| 2.1.0 : not released. |
| |
| |
| Contributors looking for a mission: |
| |
| * Just do an egrep on "TODO" or "XXX" in the source. |
| |
| * Review the bug database at: http://issues.apache.org/bugzilla/ |
| |
| * Review the "PatchAvailable" bugs in the bug database: |
| |
| https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable |
| |
| After testing, you can append a comment saying "Reviewed and tested". |
| |
| * Open bugs in the bug database. |
| |
| |
| CURRENT RELEASE NOTES: |
| |
| * Forward binary compatibility is expected of Apache 2.2.x releases, such |
| that no MMN major number changes will occur. Such changes can only be |
| made in the trunk. Note 2.2.18 contained an incompatible ABI change, |
| subsequently corrected, and should not be referenced. |
| |
| * All commits to branches/2.2.x must be reflected in SVN trunk, |
| as well, if they apply. Logical progression is commit to trunk, |
| get feedback and votes on list or in STATUS, then merge into |
| branches/2.2.x, as applicable. |
| |
| |
| RELEASE SHOWSTOPPERS: |
| |
| |
| PATCHES ACCEPTED TO BACKPORT FROM TRUNK: |
| [ start all new proposals below, under PATCHES PROPOSED. ] |
| |
| |
| PATCHES PROPOSED TO BACKPORT FROM TRUNK: |
| [ New proposals should be added at the end of the list ] |
| |
| * core: speed up (for common cases) and reduce memory usage of ap_escape_logitem |
| This should save 70-100 bytes in the request pool for a default config. |
| trunk patch: http://svn.apache.org/r1485409 |
| 2.4.x patch: http://svn.apache.org/r1485723 |
| 2.2.x patch: trunk works |
| +1: minfrin, rjung |
| wrowe wonders why we copy and don't simply return the identity on no-change |
| rjung: From an API point of view the function - as well as the html escape functions |
| - takes a const char* and returns a plain char *. So a consumer would be free |
| to write to the returned string. There's no such place in httpd code I can |
| find but we can't rule it out for foreign modules. We could fix the signature |
| (returning const char *) in trunk but not for 2.2 ad 2.4. |
| |
| |
| PATCHES/ISSUES THAT ARE STALLED |
| |
| * mod_cache: Realign the cache_quick_handler() to behave identically |
| to the default_handler() when reacting to errors when writing to the |
| filter stack. Stops APR errors appearing in access_log as result codes. |
| Trunk patches: http://svn.apache.org/viewvc?view=revision&revision=1003913 |
| 2.2.x patch: http://people.apache.org/~minfrin/httpd-mod_cache-errorfix-22.patch |
| +1: minfrin |
| trawick: any reason it shouldn't be completely aligned with default_handler's |
| choice to return OK vs. 500? |
| rpluem: Agreed with trawick. They should behave the same. |
| |
| * mod_ssl: Add support for Next Protocol Negotiation. |
| Trunk patch: |
| http://svn.apache.org/viewvc?view=revision&revision=1332643 |
| 2.2.x patch: |
| http://www.links.org/files/npn-patch-2.2.patch |
| +1: benl |
| sf notes: needs the buffer overflow fix from r1345599, too |
| wrowe notes: also needs correction to |
| ssl_engine_kernel.c: In function 'ssl_callback_AdvertiseNextProtos': |
| ssl_engine_kernel.c:2140:5: warning: implicit declaration of function |
| 'modssl_run_npn_advertise_protos_hook' |
| Including mod_ssl.h after ssl_private.h seems to suffice. |
| The change introduces hard linkages from modules into |
| mod_ssl.so (distinct from httpd), AP is the incorrect |
| namespace, see mod_dav main hooks as an example. |
| Prior to this patch all calls to mod_ssl were by way of |
| registered functions through apr bindings. Seems there |
| aught to be a way to add an npn cooperating module when |
| mod_ssl is not loaded, but right now it would fail. |
| An mmn minor bump would also be required for API addition. |
| |
| * modules/ldap/util_ldap.c: Correct erroneous messages |
| PR: 53402 |
| trunk and 2.4.x: Erroneous message about LDAPSharedCacheSize |
| http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1096577 |
| trunk and 2.4.x: Erroneous order for the parameters |
| http://svn.apache.org/viewvc?view=revision&sortby=date&revision=627637 |
| 2.2.x patch: attached in PR 53402 (https://issues.apache.org/bugzilla/attachment.cgi?id=29502) |
| +1: jailletc36 |
| -1: rjung |
| rjung: the proposed 2.2 patch also changes LDAPTrustedClientCert to OR_AUTHCFG. |
| This change seems to come from PR46541 which needs a bigger backport (r915660) |
| Note: covener commented it in the PR as "I don't think LDAPTrustedClientCert can |
| really be made usable in 2.2.". |
| rjung: I don't understand what was voted on, the backport of both revisions |
| or only the PR attachment. The latter is only about r627637. |
| covener: withdrawing my vote, I reviewed the attachment but missed the OR_AUTHCFG change. |
| |
| * core: Support wildcards in both the directory and file components of |
| the path specified by the Include directive. |
| Trunk patch: http://svn.apache.org/viewvc?rev=909878&view=rev |
| http://svn.apache.org/viewvc?rev=917735&view=rev |
| http://svn.apache.org/viewvc?rev=917759&view=rev |
| 2.2.x patch: http://people.apache.org/~minfrin/httpd-wildcard+docs2.patch |
| Submitted by: minfrin, poirier |
| +1: minfrin, jim, poirier |
| -1: wrowe [This introduces new invalid paths which do not resolve to any |
| configuration file paths, increasing the probability of unreported |
| syntax errors to further confuse the administrator.] |
| |
| * srclib/pcre and vendor/pcre |
| http://www.vuxml.org/freebsd/pkg-pcre.html |
| |
| update to pcre-7.8 |
| outcome: remove from trunk, leave alone in branches/2.2.x and branches/2.0.x |
| |
| * core, authn/z: Avoid calling access control hooks for internal requests |
| with configurations which match those of initial request. Revert to |
| original behaviour (call access control hooks for internal requests |
| with URIs different from initial request) if any access control hooks or |
| providers are not registered as permitting this optimization. |
| Introduce wrappers for access control hook and provider registration |
| which can accept additional mode and flag data. Convert common |
| provider version strings to macros. |
| The core purpose of this pile of patches is to avoid unnecessary |
| authn/z hooks when a single request spawns large numbers of internal |
| requests to which an identical set of httpd configurations apply. |
| This permits modules such as mod_authn_dbd and mod_dav to work together |
| acceptably. |
| Because certain external modules such as mod_authz_svn rely on the old |
| behaviour, this optimization can be made only when all authn/z hooks and |
| providers are registered with the appropriate flag. |
| It would be excellent if Windows and NetWare people could ensure this |
| builds correctly. |
| In particular, mod_auth.h must be included into request.c and I've left |
| mod_auth.h under modules/aaa rather than try to replicate wrowe's work |
| in trunk moving all the include files around. |
| I'm open to suggestions that this remain in trunk only, but in that case, |
| it would be very helpful to know whether most people expect a 2.4 branch |
| or just a 3.0 branch to be next. If 3.0, some of the backwards |
| compatibility work could potentially be ditched. |
| Trunk version of patches: |
| http://svn.apache.org/viewvc?view=rev&revision=644525 |
| http://svn.apache.org/viewvc?view=rev&revision=644562 (trunk MMN bump) |
| http://svn.apache.org/viewvc?view=rev&revision=645395 |
| http://svn.apache.org/viewvc?view=rev&revision=645472 |
| http://svn.apache.org/viewvc?view=rev&revision=645540 |
| http://svn.apache.org/viewvc?view=rev&revision=646445 (reverted by r659160) |
| http://svn.apache.org/viewvc?view=rev&revision=658046 |
| http://svn.apache.org/viewvc?view=rev&revision=659160 |
| Backport version for 2.2.x of patch: |
| http://people.apache.org/~chrisd/patches/walk_cache/walk_cache-2.2.x.patch |
| +1: chrisd |
| -0: jim (would prefer to see in 2.4, and to push 2.4 out) |
| |
| * beos MPM: Create pmain pool and run modules' child_init hooks when |
| entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run(). |
| Otherwise modules' child_init hooks appear to never be executed. |
| Also, destroying pmain ensures that cleanups registered in modules' |
| child_init hooks are performed (e.g., mod_log_config and mod_dbd). |
| Trunk version of patch: |
| http://svn.apache.org/viewvc?view=rev&revision=491922 |
| 2.2.x version of patch: |
| http://people.apache.org/~chrisd/patches/mod_dbd_pools_groups/mpm_child_init-beos-2.2.x.patch |
| +0: chrisd (abstaining; unable to test) |
| |
| * PKCS#7: backport PCKS#7 patches from trunk. |
| +1 ben |
| jerenkrantz: What's the revision number to backport? |
| wrowe asks: ditto jerenkrantz |
| sctemme: svn blame suggests r424707 |
| rpluem: Digging through the history suggests that |
| r424735 |
| r424821 |
| r424823 |
| need to be added to this. See also |
| http://mail-archives.apache.org/mod_mbox/httpd-dev/200607.mbox/%3c20060723093125.GA19423@redhat.com%3e |
| and follow ups for more details. |
| needs r930063 to avoid a memory leak, +1 with r930063. |
| |
| * prefork MPM: simple patch to enable mod_privileges. |
| trunk: N/A (this patch substitutes for the availability of |
| drop_privileges hook). |
| 2.2.x patch: |
| http://people.apache.org/~niq/patches/2.2mod_privileges-core-patch |
| +1: niq, igalic |
| |
| * unixd: set suexec_enabled correctly when httpd is run by non-root |
| PR 42175 |
| Trunk Patch: http://cvs.apache.org/viewvc?view=rev&revision=791337 |
| 2.2.x Patch: https://issues.apache.org/bugzilla/attachment.cgi?id=20004 |
| +1: niq |
| -0: wrowe; Please refer to man 'access' BUGS section about linux 2.4 |
| vs 2.6 kernels, potentially a suspect test for root. |
| sf: Couldn't the linux 2.4 bug be worked around by calling access |
| twice? Once with R_OK and once with X_OK. |
| wrowe: It would seem we only need to test for X_OK? |
| |
| * mod_disk_cache: Decline the opportunity to cache if the response is |
| a 206 Partial Content. This stops a reverse proxied partial response |
| from becoming cached, and then being served in subsequent responses. |
| Trunk patch: http://svn.apache.org/viewvc?rev=951222&view=rev |
| 2.2.x patch: http://people.apache.org/~minfrin/httpd-cache-partial-2.2.patch |
| +1: minfrin |
| niq asks: I can see the logic of not cacheing partial responses, |
| but why should mod_disk_cache worry about them if mod_cache allows |
| them, as in the following proposal? |
| rpluem says: As poirier correctly mentions, the same must be done for mod_mem_cache |
| as well. |
| |
| *) mod_cache: Explicitly allow cache implementations to cache a 206 Partial |
| Response if they so choose to do so. Previously an attempt to cache a 206 |
| was arbitrarily allowed if the response contained an Expires or |
| Cache-Control header, and arbitrarily denied if both headers were missing. |
| Trunk patch: http://svn.apache.org/viewvc?rev=952823&view=rev |
| 2.2.x Patch: http://people.apache.org/~minfrin/httpd-cache-partial2-2.2.patch |
| +1: minfrin |
| -1: rpluem: Until the patch proposal above for mod_disk_cache is backported |
| and a similar patch for mod_mem_cache is proposed (no backport |
| possible since mod_mem_cache is no longer in trunk) and |
| committed. |
| |
| * mod_proxy: Release the backend connection as soon as EOS is detected, |
| so the backend isn't forced to wait for the client to eventually |
| acknowledge the data. |
| Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1026665 |
| http://svn.apache.org/viewvc?view=revision&revision=1030850 |
| http://svn.apache.org/viewvc?view=revision&revision=1030855 |
| http://svn.apache.org/viewvc?view=revision&revision=1035605 |
| 2.2.x patch: http://people.apache.org/~minfrin/httpd-mod_proxy-closeearly22-4.patch |
| +1: minfrin |
| +1: jim (requires mmn bump due to proxy_conn_rec) |
| rpluem says: r1052224 r1052314 need to be added as well as the patch above |
| has a thread safety issue. |
| minfrin: r1055246 needs to be added to r1052314 to ensure the cleanup |
| isn't attempted twice. |
| rpluem says: Mind to update the 2.2.x version of the patch with r1052224, |
| r1052314, r1055246 and r1055570 (Comment fix by Jim)? |
| |
| * cross-compile: allow to provide CC_FOR_BUILD so that gen_test_char will be |
| compiled by the build compiler instead of the host compiler. |
| Also set CC_FOR_BUILD to 'cc' when cross-compilation is detected. |
| Since PCRE is included with 2.2.x this patch also takes care for dftables. |
| Trunk patches: http://svn.apache.org/viewvc?view=revision&revision=1327907 |
| http://svn.apache.org/viewvc?view=revision&revision=1328390 |
| http://svn.apache.org/viewvc?view=revision&revision=1328714 |
| 2.4 patch: http://people.apache.org/~fuankg/diffs/httpd-2.4.x-cross_compile.diff |
| 2.2 patch: http://people.apache.org/~fuankg/diffs/httpd-2.2.x-cross_compile.diff |
| fuankg: on hold until we agree for a better and more simple solution ... |
| |
| * mod_ssl: Add RFC 5878 support. This allows support of mechanisms |
| such as Certificate Transparency. Note that new |
| mechanisms are supported without software updates. |
| trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1352596 |
| 2.2.x patch: http://people.apache.org/~ben/httpd-2.2-rfc5878.patch |
| +1: ben, druggeri |
| -1: kbrand |
| druggeri note: Needs docs for new directive |
| kbrand: depends on an unreleased OpenSSL version (1.0.2), and |
| RFC 5878 is of "Category: Experimental". |
| The API in the OpenSSL implementation from May 2012 |
| (http://cvs.openssl.org/chngview?cn=22601) only covers the |
| privately-defined TLSEXT_AUTHZDATAFORMAT_audit_proof, there's |
| no support for x509_attr_cert (section 3.3.1 in RFC 5878) or |
| saml_assertion (3.3.2). SSL_CTX_use_authz_file doesn't have |
| any docs in OpenSSL, either, and there's no "openssl foo ..." |
| command or similar to create/manage such files. |
| Note: as of 2013-04-15, r1352596 has been reverted in trunk, |
| (with r1468131), for the reasons explained in the message with id |
| <515FED7C.5010009@velox.ch> sent to the dev list on 2013-04-06. |
| ben: not correct that it depends on OpenSSL 1.0.2, it builds with |
| any version. Also, if you read my note to dev@ you will see |
| why it is not premature. |