Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 1.2b5 Changelog
  • Change KeepAlive semantics (On|Off instead of a number), add MaxKeepAliveRequests directive. [Alexei Kosut]
  • Various NeXT compilation patches, as well as a change in regex/regcomp.c since that file also used a NEXT define. [Andreas Koenig]
  • Allow * to terminate the end of a directory match in mod_dir. Allows /~* to match for both /~joe and /~joe/. [David Bronder]
  • Don't call can_exec() if suexec_enabled. Calling this requires scripts executed by the suexec wrapper to be world executable, which defeats one of the advantages of running the wrapper. [Randy Terbush]
  • Portability Fix: IRIX complained with 'make clean' about *pure* (removed) [Jim Jagielski]
  • Migration from sprintf() to snprintf() to avoid buffer overflows. [Marc Slemko]
  • Provide portable snprintf() implementation (ap_snprintf) as well as *cvt family. [Jim Jagielski]
  • Portability Fix: NeXT lacks unistd.h so we wrap it's inclusion [Jim Jagielski]
  • Remove mod_fastcgi.c from the distribution. This module appears to be maintained more through the Open Market channels and should continue to be easily available at http://www.fastcgi.com/
  • Fixed bug in modules/Makefile that wouldn't allow building in more than one subdirectory (or cleaning, either). [Jeremy Laidman]
  • mod_info assumed that the config files were relative to ServerRoot. [Ken the Rodent]
  • CGI scripts called as an error document resulting from failed CGI execution would hang waiting for POST'ed data. [Rob Hartill]
  • Log reason when mod_dir returns access HTTP_FORBIDDEN [Ken the Rodent]
  • Properly check errno to prevent display of a directory index when server receives a long enough URL to confuse stat(). [Marc Slemko]
  • Several security enhancements to suexec wrapper. It is _highly_ recommended that previously installed versions of the wrapper be replaced with this version. [Randy Terbush, Jason Dour]
  • - ~user execution now properly restricted to ~user's home directory and below. - execution restricted to UID/GID > 100 - restrict passed environment to known variables - call setgid() before initgroups() (portability fix) - remove use of setenv() (portability fix)
  • Add HTTP/1.0 response forcing. [Ben Laurie]
  • Add access control via environment variables. [Ben Laurie]
  • Add rflush() function. [Alexei Kosut]
  • remove duplicate pcalloc() call in new_connection().
  • Fix incorrect comparison which could allow number of children = MaxClients + 1 if less than HARD_SERVER_LIMIT. Also fix potential problem if StartServers > HARD_SERVER_LIMIT. [Ed Korthof]
  • Updated support for OSes (MachTen, ULTRIX, Paragon, ISC, OpenBSD AIX PS/2, CONVEXOS. [Jim Jagielski]
  • Replace instances of inet_ntoa() with inet_addr() for ProxyBlock. It's more portable. [Martin Kraemer]
  • Replace references to make in Makefile.tmpl with $(MAKE). [Chuck Murcko]
  • Add ProxyBlock directive w/IP address caching. Add IP address caching to NoCache directive as well. ProxyBlock works with all handlers; NoCache now also works with FTP for anonymous logins. Still more code cleanup. [Chuck Murcko]
  • Add "header parse" API hook [Ben Laurie]
  • Fix byte ordering problems for REMOTE_PORT [Chuck Murcko]
  • suEXEC wrapper was freeing memory that had not been malloc'ed.
  • Correctly allow access and auth directives in sections in server config files. [Alexei Kosut]
  • Fix bug with ServerPath that could cause certain files to be not found by the server. [Alexei Kosut]
  • Fix handling of ErrorDocument so that it doesn't remove a trailing double-quote from text and so that it properly checks for unsupported status codes using the new index_of_response interface. [Roy Fielding]
  • Multiple fixes to the lingering_close code in order to avoid being interrupted by a stray timeout, to avoid lingering on a connection that has already been aborted or never really existed, to ensure that we stop lingering as soon as any error condition is received, and to prevent being stuck indefinitely if the read blocks. Also improves reporting of error conditions. [Marc Slemko and Roy Fielding]
  • Fixed initialization of parameter structure for sigaction. [, Adrian Filipi-Martin]
  • Fixed reinitializing the parameters before each call to accept and select, and removed potential for infinite loop in accept. [Roy Fielding, after useful PR from ]
  • Fixed condition where, if a child fails to fork, the scoreboard would continue to say SERVER_STARTING forever. Eventually, the main process would refuse to start new children because count_idle_servers() will count those SERVER_STARTING entries and will always report that there are enough idle servers. [Phillip Vandry]
  • Fixed bug in bcwrite regarding failure to account for partial writes. Avoided calling bflush() when the client is pipelining requests. Removed unnecessary flushes from http_protocol. [Dean Gaudet]
  • Added description of "." mode in server-status [Jim Jagielski]