| Apache 2.0 STATUS: |
| Last modified at [$Date: 2000/10/07 19:54:21 $] |
| |
| Release: |
| |
| 2.0a7 : ??? |
| 2.0a6 : released August 18, 2000 |
| 2.0a5 : released August 4, 2000 |
| 2.0a4 : released June 7, 2000 |
| 2.0a3 : released April 28, 2000 |
| 2.0a2 : released March 31, 2000 |
| 2.0a1 : released March 10, 2000 |
| |
| RELEASE SHOWSTOPPERS: |
| |
| * All of the bucket types must be implemented. The list can be found |
| in src/include/ap_buckets.h. May need to implement a bucket type |
| to mark the end of a subrequest content stream, and one to tell |
| filters to flush any pending content. See http_protocol.c: |
| ap_finalize_sub_req_protocol() and ap_rflush() |
| rbb says: Creating a bucket to signal end of sub-request ties |
| the filters to Apache. This can be handled very cleanly |
| by just inserting a sub-request filter. That filter would |
| be responsible for stripping off the EOS bucket for the |
| sub-request, and removing all vestiges of the request. |
| |
| * Remove Buff and IOL from the code. To do this, a chunking and |
| translation filter must be written. This allows us to remove BUFF. |
| IOLs can be removed as soon as somebody gets to it. |
| |
| * suEXEC doesn't work |
| Status: Manoj has posted an patch to fix this. |
| Message-ID: <20000825024943.A17578@manojk.users.mindspring.com> |
| |
| * Win32: Enable the Windows MPM to honor max_requests_per_child |
| Status: Bill will fix this. |
| |
| * Win32: Get Apache working on Windows 95/98. The following work |
| (at least) needs to be done: |
| - winnt MPM: Fix 95/98 code paths in the winnt MPM. There is some NT |
| specific code that is still not in NT only code paths |
| - IOL binds to APR sendfile, implemented with TransmitFile, which |
| is not available on 95/98. |
| - Document warning that OSR2 is required (for Crypt functions, in |
| rand.c, at least.) |
| |
| * Win32: Test access logging with multiple threads. Will the |
| native file I/O calls serialize automagically like the |
| CRT calls or do we need to add region locking each time |
| we access the logs? |
| Status: |
| |
| * Win32: Complete the revamp the service environment and relocation |
| into the WinNT MPM. Changes ServerRoot service registry |
| parameter into ConfigArgs for multiple service startup parameters. |
| Problems to fix in the revamp: -k shutdown/restart are broken, |
| signals are not being acknowledged. Close window and shutdown |
| also seem out of sorts. |
| OtherBill is working on this |
| |
| * We need a thread-safe resolver, at least on Unix. |
| Status: The best known candidate would be something from |
| BIND v9. |
| Status: Greg asks, "why? doesn't gethostbyname_r() handle this?" |
| |
| * Modify mod_cgi and mod_cgid to deal with directories. This allows |
| a lot of directives to be removed from the core. |
| |
| RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: |
| * Combine log_child and piped_log_spawn. Clean up http_log.c. |
| Common logging API. |
| |
| * Create unified scoreboard API and implementation shared across |
| the MPMs |
| |
| * Document mod_file_cache. |
| |
| * OS/2: Get loadable modules working again. Requires shared core support |
| which doesn't appear to be catered for in the current build system. |
| |
| * OS/2: Make mod_status work for spmt_os2 MPM. |
| |
| * Build scripts do not recognise AIX 4.2.1 pthreads, so the |
| pthread MPMs will not build. |
| |
| * Win32: Enable the winnt MPM to use the new scoreboard API |
| |
| * Win32: Implement ap_shm_ functions in APR. |
| |
| * Win32: Win9x console window still won't play nice with the |
| close window, logoff and shutdown scenarios. |
| |
| * Win32: Add a simple hold console open patch (wait for close or |
| the ESC key, with a nice message) if the server died a bad |
| death (non-zero exit code) in console mode. |
| |
| * Platforms that do not support fork (primarily Win32 and AS/400) |
| Consider introducing HAVE_FORK feature macro. Architect start-up code |
| that avoids initializing all the modules in the parent process on |
| platforms that do not support fork. |
| |
| * Win32: Migrate the MPM over to use APR thread/process calls. This |
| would eliminate some code in the Win32 branch that essentially |
| duplicates what is in APR. |
| |
| Bill says we need a new procattr, APR_CREATE_SUSPENDED (or |
| something similar) to direct ap_create_process to create the |
| process suspended. We also need a call to wake up the suspended |
| process This may not be able to be implemented everywhere though. |
| |
| * There are still a number of places in the code where we are |
| loosing error status (i.e. throwing away the error returned by a |
| system call and replacing it with a generic error code) |
| |
| * Win32: Implement reliable piped logs on Windows |
| |
| * The connection status table is not very efficient. Also, very few stats |
| are exported to the connection status table (easy to fix), and mod_status |
| is ugly. |
| |
| * Mass vhosting version of suEXEC. |
| |
| * Replace tables with a proper opaque ADT that has pluggable |
| implementations (including something like the existing data type, |
| plus hash tables for speed, with options for more later). |
| Status: fanf is working on this. |
| |
| * configuration option to use *DBM |
| Status: Greg +1 (volunteers) |
| |
| * Integrate mod_dav. |
| Message-id: <20000625173247.M29590@lyra.org> |
| Status: works. passes initial regression testing. Joe Orton |
| reports success with his "cadaver" tool. |
| Some additional items remaining: |
| - case_preserved_filename stuff |
| - fix and re-enable sdbm_lock.c |
| - find a new home for ap_text(_header) |
| - is it possible to remove the DAV: namespace stuff from util_xml? |
| |
| * ap_core_translate() and its use by mod_mmap_static are a bit wonky. |
| The function should probably be exposed as a utility function (such |
| as ap_translate_url2fs() or ap_validate_fs_url() or something). |
| Another approach would be a new hook phase after "translate" which |
| would allow mod_mmap_static to munge what the translation has |
| decided to do. |
| Status: Greg +1 (volunteers), Ryan +1 |
| |
| * Go through ap_config.h and namespace-protect the symbols (e.g. USE_*). |
| Some symbols can/should move to mpm_common.h where possible. |
| |
| * Explore use of a post-config hook for the code in http_main.c which |
| calls ap_fixup_virutal_hosts(), ap_fini_vhost_config(), and |
| ap_sort_hooks() [to reduce the logic in main()] |
| |
| * read the config tree just once, and process N times (as necessary) |
| |
| * add a version number to ap_initialize() as an extra failsafe against |
| (APR) library version skew. |
| MsgID: <Pine.LNX.4.10.10005231712380.31927-100000@nebula.lyra.org> |
| Status: Greg +1 (volunteers), Jeff +1, Ryan +1, Tony -0(?) |
| |
| * mod_info to use the configuration tree |
| |
| * make apr_get_uuid() thread-safe |
| |
| * (possibly) use UUIDs in mod_unique_id and/or mod_usertrack |
| |
| |
| PRs that have been suspended forever waiting for someone to |
| put them into 'the next release': |
| |
| * PR#73: mod_log-any |
| reporting of referer in error_log |
| Status: |
| |
| * PR#76: general |
| missing call to "setlocale();" |
| Status: |
| |
| * PR#78: mod_include |
| Additional status for XBitHack directive |
| Status: |
| |
| * PR#161: mod_dir |
| Questionable performace of mod_dir() with negotiation |
| Status: |
| |
| * PR#362: mod_proxy |
| Mod_proxy doesn't allow change of error pages |
| Status: |
| |
| * PR#370: mod_env |
| Modified PATH environemnt variable is not passed, instead |
| system's is used |
| Status: |
| |
| * PR#440: mod_proxy |
| Proxy doesn't deliver documents if not connected |
| Status: |
| |
| * PR#534: mod_proxy |
| proxy converts ~name to %7Ename when name starts with a dot (.) |
| Status: |
| |
| * PR#537: mod_access |
| mod_access syntax allows hosts that should be restricted |
| Status: |
| |
| * PR#557: mod_auth-any |
| ~UserHome directories are not honored in absolute pathname |
| requests (.htaccess) |
| Status: |
| |
| * PR#573: mod_log-any |
| More LogFormat directives |
| Status: |
| |
| * PR#612: mod_proxy |
| Proxy FTP Authentication Fails |
| Status: |
| |
| * PR#623: mod_include |
| A smarter "Last Modified" value for SSI documents (see PR number 600) |
| Status: |
| |
| * PR#628: config |
| Request of "Options SymLinksIfGroupMatch" |
| Status: |
| |
| * PR#697: mod_include |
| A security tweak I've been using for a few years for SSI |
| Status: |
| |
| * PR#700: mod_proxy |
| Proxy doesn't do links right for OpenVMS files through ftp: |
| Status: |
| |
| * PR#759: mod_imap |
| imap should read <MAP><AREA>*</MAP> too! |
| Status: |
| |
| * PR#793: general |
| RLimitCPU and RLimitMEM don't apply to all children like they should |
| Status: |
| |
| * PR#921: suexec |
| Uses cwd before filling it in, doesn't use syslog |
| Status: |
| |
| * PR#922: config |
| it is useful to allow specifiction that root-owned symlinks |
| should always be followed |
| Status: |
| |
| * PR#980: mod_proxy |
| Controlling Access to Remote Proxies would be nice... |
| Status: |
| |
| * PR#994: mod_proxy |
| Adding authentication "on the fly" through the proxy module |
| Status: |
| |
| * PR#1004: apache-api |
| request_config field in request_rec is moderately bogus |
| Status: |
| |
| * PR#1028: other |
| DoS attacks involving memory consumption |
| Status: |
| |
| * PR#1050: mod_log-any |
| Logging of virtual server to error_log as well |
| Status: |
| |
| * PR#1085: mod_proxy |
| ProxyRemote make a dead cycle. |
| Status: |
| |
| * PR#1117: mod_auth-any |
| Using NIS passwd.byname dbm files with AuthDBMUserFile |
| Status: |
| |
| * PR#1120: suexec |
| suexec does not parse arguments to #exec cmd |
| Status: |
| |
| * PR#1145: mod_include |
| Allow for Last-Modified: without resorting to XBitHack |
| Status: |
| |
| * PR#1156: config |
| insufficent AllowOverrides granularity for autoindexing |
| Status: |
| |
| * PR#1158: apache-api |
| improvements to child spawning API |
| Status: |
| |
| * PR#1166: mod_proxy |
| ``nph-'' not honored (no buffering) for ProxyRemote mapping |
| Status: |
| |
| * PR#1176: mod_cgi |
| Apache cannot handle continuation line in headers |
| Status: |
| |
| * PR#1191: general |
| setlogin() is not called, causing problems with e.g. identd |
| Status: |
| |
| * PR#1204: general |
| regerror() exists, use it |
| Status: |
| |
| * PR#1233: apache-api |
| there is no way to keep per-connection per-module state |
| Status: |
| |
| * PR#1263: mod_dir |
| Add frame-safe anchor attribute to mod_autoindex links |
| Status: |
| |
| * PR#1268: suexec |
| CGI scripts running as Apache user: security (suexec etc.) |
| Status: |
| |
| * PR#1285: suexec |
| Error messages could be easier to spot in cgi.log file for suexec.c |
| Status: |
| |
| * PR#1287: mod_access |
| add allow,deny/deny,allow warning to mod_access |
| Status: |
| |
| * PR#1290: mod_proxy |
| Need to know "hit-rate" on proxy cache |
| Status: |
| |
| * PR#1358: mod_log-any |
| Selective url-encode of log fields (or maybe a pseudo |
| log_rewrite module?) |
| Status: |
| |
| * PR#1383: mod_headers |
| I make mod_headers to modify request headers as well as |
| response ones. |
| Status: |
| |
| * PR#1532: mod_proxy |
| Proxy transfer logging |
| Status: |
| |
| * PR#1547: mod_proxy |
| No HTTP_X_FORWARDED_FOR set... |
| Status: |
| |
| * PR#1567: mod_proxy |
| ProxyRemote proxy requests fail authentication by firewall |
| Status: |
| |
| * PR#1574: mod_autoindex |
| ReadmeName and HeaderName don't allow for server-parsed html. |
| Status: |
| |
| * PR#1582: mod_rewrite |
| mod_rewrite forms REQUEST_URI different than mod_cgi does |
| Status: |
| |
| * PR#1677: mod_headers |
| mod_headers should allow mod_log_config-style formats in |
| header values |
| Status: |
| |
| * PR#1702: mod_proxy |
| mod_proxy to support persistent conns? |
| Status: |
| |
| * PR#1803: mod_include |
| patches to mod_include to allow for file tests |
| Status: |
| |
| * PR#1809: mod_auth-any |
| Suggestion for improving authentication modules and core source |
| code, problem with 401 and ErrorDocument |
| Status: |
| |
| * PR#1855: mod_autoindex |
| More Control over autoindex layout |
| Status: |
| |
| * PR#1878: mod_proxy |
| listing of proxy cache content |
| Status: |
| |
| * PR#1905: suexec |
| Allow modules to set user:group for execution. |
| Status: |
| |
| * PR#2024: apache-api |
| adding auth_why to conn_rec |
| Status: |
| |
| * PR#2073: mod_log-any |
| pipelined connections are not logged correctly |
| Status: |
| |
| * PR#2074: mod_rewrite |
| mod_rewrite doesn't pass Proxy Throughput on internal subrequests |
| Status: |
| |
| * PR#2113: config |
| HTTP Server Rebuild Line Needs Changing for the better |
| Status: |
| |
| * PR#2138: mod_status |
| mod_status always displays 256 possible connection slots |
| Status: |
| |
| * PR#2221: documentation |
| Make online documentation search link back to my installation |
| Status: |
| |
| * PR#2284: general |
| Can not POST to ErrorDocument - Apache/1.3b6 |
| Status: |
| |
| * PR#2314: mod_proxy |
| patterns in ProxyRemote |
| Status: |
| |
| * PR#2343: mod_status |
| Status module averages are for entire uptime |
| Status: |
| |
| * PR#2360: suexec |
| suexec for general access of user content? |
| Status: |
| |
| * PR#2396: general |
| Proposal for TimeZone directive |
| Status: |
| |
| * PR#2415: mod_info |
| /server-info doesn't check for the virtual host to list the info |
| Status: |
| |
| * PR#2421: config |
| problem specifying ndbm library for build ?with autoconfigure |
| Status: |
| |
| * PR#2431: general |
| A small addition to rotatelogs.c to improve program functionality. |
| Status: |
| |
| * PR#2446: config |
| AllowOverride FileInfo is too coarse |
| Status: |
| |
| * PR#2460: mod_cgi |
| TimeOut applies to output of CGI scripts |
| Status: |
| |
| * PR#2512: mod_access |
| <IfDenied> directive wanted |
| Status: |
| |
| * PR#2573: suexec |
| CGI's for general use still have to be run as another user |
| with suExec |
| Status: |
| |
| * PR#2648: general |
| Cache file names in Proxy module |
| Status: |
| |
| * PR#2760: config |
| [PATCH] User/Group for <Directory> and <Location> i.e. not only |
| in global and <Virtual>. |
| Status: |
| |
| * PR#2763: general |
| mailto tags and bundling bug report script |
| Status: |
| |
| * PR#2772: mod_log-any |
| more % escapes |
| Status: |
| |
| * PR#2785: os-aix |
| Support for System Resource Controller |
| Status: |
| |
| * PR#2793: protocol |
| When will Apache support P3P? Any Plans? |
| Status: |
| |
| * PR#2873: config |
| Feedback/Comment on APACI |
| Status: |
| |
| * PR#2889: general |
| Inclusion of RPM spec file in CVS/distributions |
| Status: |
| |
| * PR#2906: general |
| Propose that Apache recommend $UNIQUE_ID for all "session id" |
| algorithms |
| Status: |
| |
| * PR#2907: config |
| suggestion: power up your Include directive :) |
| Status: |
| |
| * PR#3018: general |
| cannot limit some HTTP methods |
| Status: |
| |
| * PR#3026: mod_autoindex |
| No way to change ReadmeName/HeaderName suffixes. |
| Status: |
| |
| * PR#3143: apache-api |
| No module specific data hook for per-connection data |
| Status: |
| |
| * PR#3181: config |
| Configuration file in Japanese |
| Status: |
| |
| * PR#3191: mod_negotiation |
| no way to set global quality-of-source (qs) coneg values |
| with multiviews |
| Status: |
| |
| * PR#3430: mod_negotiation |
| Enhancement: MultiViews, Multi-Language Documents |
| Status: |
| |
| * PR#3568: mod_proxy |
| Accessing URL through proxy server corrupts data. |
| Status: |
| |
| * PR#3594: os-windows |
| Please add an Apache icon to the systray instead of a DOS window |
| Status: |
| |
| * PR#3605: mod_proxy |
| Some anonymous FTP URLs ask for authentication |
| Status: |
| |
| * PR#3654: mod_autoindex |
| BORDER=0 makes Icons look nicer (FancyIndexing) |
| Status: |
| |
| * PR#3677: general |
| New ErrorDocumentMatch directive |
| Status: |
| |
| * PR#4180: os-windows |
| Alternative for win95 users |
| Status: |
| |
| * PR#4241: config |
| Need to be able to override shebang line to make CGI scripts |
| more portable. |
| Status: |
| |
| * PR#4244: config |
| "Files" and "FilesMatch" regexp does not recognize bang as |
| negation operator |
| Status: |
| |
| * PR#4448: mod_log-any |
| Please allow CGI env variables (QUERY_STRING, ...) to be logged |
| with %{}e |
| Status: |
| |
| * PR#4455: config |
| apache provides no way to do a wildcard/global NameVirtualHost |
| Status: |
| |
| * PR#4459: mod_include |
| Suggestion for better handling of Last-modified headers |
| Status: |
| |
| * PR#4490: mod_cgi |
| mod_cgi prevents handling of OPTIONS requests |
| Status: |
| |
| * PR#4520: mod_autoindex |
| mod_autoindex does not generate Last-Modified response headers |
| Status: |
| |
| * PR#4658: os-windows |
| The output of CGI scripts appears in the window that apache |
| is running in |
| Status: |
| |
| * PR#4816: general |
| SSI in CGI |
| Status: |
| |
| * PR#5079: config |
| Apache header files should have a private name, e.g. |
| #include "apache/httpd.h" |
| Status: |
| |
| * PR#5713: os-windows |
| [PATCH] install as service with domain account |
| Status: |
| |
| * PR#5993: general |
| AllowOverride should have a 'CheckNone' and 'AllowNone' argument |
| instead of only 'None' |
| Status: |
| |
| * PR#6347: mod_mime |
| MIME types for MNG and JNG files need adding to mime.types and |
| the mime.types and magic files |
| Status: Waiting for IANA types to be defined |
| |
| Other bugs that need fixing: |
| |
| * MaxRequestsPerChild measures connections, not requests. |
| Until someone has a better way, we'll probably just rename it |
| "MaxConnectionsPerChild". |
| |
| * Regex containers don't work in an intutive way |
| Status: No one has come up with an efficient way to fix this |
| behavior. Dean has suggested getting rid of regex containers |
| completely. |
| |
| * SIGSEGV on Linux (glibc 2.1.2) isn't caught properly by a |
| sigwaiting thread. We need to work around this, perhaps unless |
| there is hope soon for a fixed glibc. |
| |
| * The MM library is built as static and shared library. This should |
| be set up to build only the required version. |
| |
| Other features that need writing: |
| |
| * Finish infrastructure in core for async MPMs |
| Status: post 2.0 |
| |
| * TODO in source -- just do an egrep on "TODO" and see what's there |
| |
| Documentation that needs writing: |
| * Mod_status docs are needed. |
| |
| * The concept of MPMs, especially if we ship more than one MPM for a |
| given platform |
| |
| * New directives in the various MPMs and appropriate links from |
| obsolete directives in core.html to the MPM documentation. |
| |
| * Revise manual/stopping.html and the last part of |
| manual/misc/perf-tuning.html to take account of the MPMs. |
| |
| * API documentation |
| Status: Ben Laurie has written some hooks documentation |
| (apache-2.0/htdocs/hooks.html) |
| |
| * Changes since 1.3.9 can be more easily seen in the commitlog file |
| dev.apache.org:/home/cvs/CVSROOT/commitlogs/apache-2.0 |
| which includes some of Roy's comments when the changes were |
| committed in rough change-sets by purpose. Note that the commitlog |
| does not show the contents of new files until later. |
| |
| Available Patches: |
| |
| * Martin Sojka <msojka@gmx.de>'s patch to add error reporting for failed |
| htpasswd actions due to a full /tmp volume (other programs may have |
| similar problems?) |
| PR: 6475 |
| Status: |
| |
| * Mike Abbott's <mja@trudge.engr.sgi.com> patches to improve |
| performance |
| Status: These were written for 1.3, and are awaiting a port to |
| 2.0 |
| |
| * Jim Winstead's <jimw@trainedmonkey.com> patch to add CookieDomain and |
| other small mod_usertrack features |
| |
| * Dan Rench's <drench@xnet.com> patch to add allow the errmsg and timefmt |
| of SSI's to be modified in the config file. Patch is available in |
| PR6193 |
| |
| Open issues: |
| |
| * What do we do about mod_proxy? |
| |
| * Which MPMs will be included with Apache 2.0? |
| |
| * Is conf/highperformance.conf-dist obsolete? It looks obsolete. |
| |
