Apache

1.3b2 (there is no 1.3b1)

Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 1.3b2 (there is no 1.3b1) Changelog
  • TestCompile was not passing $LIBS [Dean Gaudet]
  • Makefile.tmpl was not using $CFLAGS in the link phase. [Martin Kraemer]
  • Add debugging code to alloc.c. Defining ALLOC_DEBUG provides a rudimentary memory debugger which can be used on live servers with low impact -- it sets all allocated and freed memory bytes to 0xa5. Defining ALLOC_USE_MALLOC will cause the alloc code to use malloc() and free() for each object. This is far more expensive and should only be used for testing with tools such as Electric Fence and Purify. See main/alloc.c for more details. [Dean Gaudet]
  • Configure uses a sh trap and didn't set its exitcode properly. [Dean Gaudet] PR#1159
  • Yet another vhost revamp. Add the NameVirtualHost directive which explicitly lists the ip:port pairs that are to be used for name-vhosts. From a given ip:port, regardless what the Host: header is, you can only reach the vhosts defined on that ip:port. The precedence of vhosts was reversed to match other precedences in the config -- the earlier vhosts override the later vhosts. All vhost matching was moved into http_vhost.[ch]. [Dean Gaudet]
  • ap_inline can be used to force inlining. GNUC __attribute__() can be used for whatever reason is appropriate (i.e. format() warnings for printf style functions). Both are enabled only with gcc >= 2.7.x (so that we have fewer support issues with older versions). [Dean Gaudet]
  • Fix support for Proxy Authentication (we were testing the response status too early). [Marc Slemko]
  • CoreDumpDirectory directive directs where the core file is written when a SIGSEGV, SIGBUS, SIGABORT or SIGABRT are received. [Marc Slemko, Dean Gaudet]
  • PORT: Support for Atari MINT. [Jan Paul Schmidt ]
  • When booting, apache will now detach itself from stdin, stdout, and stderr. stderr will not be detached until after the config files have been read so you will be able to see initial error messages. After that all errors are logged in the error_log. This makes it more convenient to start apache via rsh, ssh, or crontabs. [Dean Gaudet] PR#523
  • mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake. Also removed the auto-generated link to www.apache.org that was the source of so many misdirected bug reports. [Roy Fielding, Marc Slemko]
  • send_fb would not detect aborted connections in some situations. [Dean Gaudet]
  • mod_include would use uninitialized data when parsing certain expressions involving && and ||. [Brian Slesinsky] PR#1139
  • mod_imap should only handle GET methods. [Jay Bloodworth]
  • suexec.c wouldn't build without -DLOG_EXEC. [Jason A. Dour]
  • mod_autoindex improperly counted &escapes; as more than one character in the description. It also improperly truncated descriptions that were exactly the maximum length. [Martin Kraemer]
  • RedirectMatch was not properly escaping the result (PR#1155). Also "RedirectMatch /advertiser/(. $1" is now permitted. [Dean Gaudet]
  • mod_include now uses symbolic names to check for request success and return HTTP errors, and correctly handles all types of redirections (previously it only did temporary redirect correctly). [Ken Coar, Roy Fielding]
  • mod_userdir was modifying r->finfo in cases where it wasn't setting r->filename. Since those two are meant to be in sync with each other this is a bug. ["Paul B. Henson" ]
  • PORT: Support Unisys SVR4, whose uname returns mostly useless data. ["Kaufman, Steven E" ]
  • Inetd mode (which is buggy) uses timeouts without having setup the jmpbuffer. [Dean Gaudet] PR#1064
  • Work around problem under Linux where a child will start looping reporting a select error over and over. [Rick Franchuk ] PR#1107, 987, 588
  • Fixed error in proxy_util.c when looping through multiple host IP addresses. [Lars Eilebrecht] PR#974
  • If BUFFERED_LOGS is defined then mod_log_config will do atomic buffered writes -- that is, it will buffer up to PIPE_BUF (i.e. 4k) bytes before writing, but it will never split a log entry across a buffer boundary. [Dean Gaudet]
  • API: the short_score record has been split into two pieces, one which the parent writes on, and one which the child writes on. As part of this change the get_scoreboard_info() function was removed, and scoreboard_image was exported. This change fixes a race condition in file based scoreboard systems, and speeds up changes involving the scoreboard in earlier 1.3 development. [Dean Gaudet]
  • API: New register_other_child() API (see http_main.h) which allows modules to register children with the parent for maintenance. It is disabled by defining NO_OTHER_CHILD. [Dean Gaudet]
  • API: New piped_log API (see http_log.h) which implements piped logs, and will use register_other_child to implement reliable piped logs when it is available. The reliable piped logs part can be disabled by defining NO_RELIABLE_PIPED_LOGS. At the moment reliable piped logs is only available on Unix. [Dean Gaudet]
  • API: set_last_modified() broken into set_last_modified(), set_etag(), and meets_conditions(). This allows conditional HTTP selection to be handled separately from the storing of the header fields, and provides the ability for CGIs to set their own ETags for conditional checking. [Ken Coar, Roy Fielding] PR#895
  • Changes to mod_log_config to allow naming of format strings. Format nicknames are defined with "LogFormat fmt nickname", and can be used with "LogFormat nickname" and "CustomLog logtarget nickname". [Ken Coar]
  • New module, "mod_speling", which can help find files even when the URL is slightly misspelled. [Martin Kraemer, Alexei Kosut]
  • API: New function child_terminate() triggers the child process to exit, while allowing the child finish what it needs to for the current request first. [Doug MacEachern, Alexei Kosut]
  • Windows now defaults to using full status reports with mod_status. [Alexei Kosut] PR #1094
  • *Really* disable all mod_rewrite operations if the engine is off. Some things (like RewriteMaps) were checked/performed even if they weren't supposed to be. [Ken Coar] PR #991
  • Implement a new timer scheme which eliminates the need to call alarm() all the time. Instead a counter in the scoreboard for each child is used to show when the child has made forward progress. The parent samples this counter every scoreboard maintenance cycle, and issues SIGALRM if no progress has been made in the timeout period. This reduces the static request best-case syscall count to 22 from 29. This scheme is only used by systems with memory-based scoreboards. [Dean Gaudet]
  • The proxy now properly handles CONNECT requests which are sent to proxy servers when using ProxyRemote. [Marc Slemko] PR#1024
  • A script called apachectl has been added to the support directory. This script allows you to do things such as "apachectl start" and "apachectl restart" from the command line. [Marc Slemko]
  • Modules and core routines are now put into libraries, which simplifies the link line tremendously (among other advantages). [Paul Sutton]
  • Some of the MD5 names defined in Apache have been renamed to have an `ap_' prefix to avoid conflicts with routines supplied by external libraries. [Ken Coar]
  • Removal of mod_auth_msql.c from the distribution. There are many other options for databases today. Rather than offer one option, offer none at this time. mod_auth_msql and other SQL database authentication modules can be found at the Apache Module Registry. http://modules.apache.org/ It would be nice to offer a generic mod_auth_sql option in the near future.
  • PORT: BeOS support added [Alexei Kosut]
  • Configure no longer accepts the -make option, since it creates Makefile on the fly based on Makefile.tmpl and Configuration.
  • Apache now gracefully shuts down when it receives a SIGTERM, instead of forcibly killing off all its processes and exiting without cleaning up. [Alexei Kosut]
  • API: A new field in the request_rec, r->mtime, has been added to avoid gratuitous parsing of date strings. It is intended to hold the last-modified date of the resource (if applicable). An update_mtime() routine has also been added to advance it if appropriate. [Roy Fielding, Ken Coar]
  • SECURITY: If a htaccess file can not be read due to bad permissions, deny access to the directory with a HTTP_FORBIDDEN. The previous behavior was to ignore the htaccess file if it could not be read. This change may make some setups with unreadable htaccess files stop working. [Marc Slemko] PR#817
  • Add aplog_error() providing a mechanism to define levels of verbosity to the server error logging. This addition also provides the ability to log errors using syslogd. Error logging is configurable on a per-server basis using the LogLevel directive. Conversion of log_*() in progress. [Randy Terbush]
  • Further enhance aplog_error() to not log filename, line number, and errno information when it isn't applicable. [Ken Coar, Dean Gaudet]
  • WIN32: Canonicalise filenames under Win32. Short filenames are converted to long ones. Backslashes are converted to forward slashes. Case is converted to lower. Parts of URLs that do not correspond to files are left completely alone. [Ben Laurie]
  • PORT: 2 new OSs added to the list of ports: Encore's UMAX V: Arieh Markel Acorn RISCiX: Stephen Borrill
  • Add the server version (SERVER_VERSION macro) to the "server configured and running" entry in the error_log. Also build an object file at link-time that contains the current time (SERVER_BUILT global const char[]), and include that in the message. [Ken Coar]
  • Set r->headers_out when sending responses from the proxy. This fixes things such as the logging of headers sent from the proxy. [Marc Slemko] PR#659
  • support/httpd_monitor is no longer distributed because the scoreboard should not be file based if at all possible. Use mod_status to see current server snapshot.
  • (set_file_slot): New function, allowing auth directives to be independent of the server root, so the server documents can be moved to a different directory or machine more easily. [David J. MacKenzie]
  • If no TransferLog is given explicitly, decline to log. This supports coexistence with other logging modules, such as the custom one that UUNET uses. [David J. MacKenzie]
  • Check for titles in server-parsed HTML files. Ignore leading newlines and returns in titles. The old behavior of replacing a newline after with a space causes the title to be misaligned in the listing. [David J. MacKenzie]</li><li>Change mod_cern_meta to be configurable on a per-directory basis. [David J. MacKenzie]</li><li>Add 'Include' directive to allow inclusion of configuration files within configuration files. [Randy Terbush]</li><li>Proxy errors on connect() are logged to the error_log (nothing new); now they include the IP address and port that failed (*that's* new). [Ken Coar, Marc Slemko] PR#352</li><li>Various architectures now define USE_MMAP_FILES which causes the server to use mmap() for static files. There are two compile-time tunables MMAP_THRESHOLD (minimum number of bytes required to use mmap(), default is 0), and MMAP_SEGMENT_SIZE (maximum number of bytes written in one cycle from a single mmap()d object, default 32768). [Dean Gaudet]</li><li>API: Added post_read_request API phase which is run right after reading the request from a client, or right after an internal redirect. It is useful for modules setting environment variables that depend only on the headers/contents of the request. It does not run during subrequests because subrequests inherit pretty much everything from the main request. [Dean Gaudet]</li><li>Added mod_unique_id which is used to generate a unique identifier for each hit, available in the environment variable UNIQUE_ID. [Dean Gaudet]</li><li>init_modules is now called after the error logs have been opened. This allows modules to emit information messages into the error logs. [Dean Gaudet]</li><li>Fixed proxy-pass-through feature of mod_rewrite; Added error logging information for case where proxy module is not available. [Marc Slemko]</li><li>PORT: Apache has need for mutexes to serialize its children around accept. In prior versions either fcntl file locking or flock file locking were used. The method is chosen by the definition of USE_xxx_SERIALIZED_ACCEPT in conf.h. xxx is FCNTL for fcntl(), and FLOCK for flock(). New options have been added: - SYSVSEM to use System V style semaphores - PTHREAD to use POSIX threads (appears to work on Solaris only) - USLOCK to use IRIX uslock Based on timing various techniques, the following changes were made to the defaults: - Linux 2.x uses flock instead of fcntl - Solaris 2.x uses pthreads - IRIX uses SysV semaphores -- however multiprocessor IRIX boxes work far faster if you -DUSE_USLOCK_SERIALIZED_ACCEPT [Dean Gaudet, Pierre-Yves Kerembellec <Pierre-Yves.Kerembellec vtcom.fr>, Martijn Koster <m.koster pobox.com>]</li><li>PORT: The semantics of accept/select make it very desirable to use mutexes to serialize accept when multiple Listens are in use. But in the case where only a single socket is open it is sometimes redundant to serialize accept(). Not all unixes do a good job with potentially dozens of children blocked on accept() on the same socket. It's now possible to define SINGLE_LISTEN_UNSERIALIZED_ACCEPT and the server will avoid serialization when listening on only one socket, and use serialization when listening on multiple sockets. [Dean Gaudet] PR#467</li><li>Configure changes: TestLib replaced by TestCompile, which has some additional capability (such as doing a sanity check of the compiler and flags selected); the version of Solaris is now available via the #define value of SOLARIS2; IRIX n32bit libs now supported and selectable by new Configuration Rule: IRIXN32; We no longer default to -O2 optimization. [Jim Jagielski]</li><li>Updated Configure: Configuration now uses AddModule to specify module source or binary file location, relative to src directory. Modules can be dropped into modules/extra, or in their own directory, and modules can come with a Makefile or Configure can create one. Modules can add compiler or library information to generated Makefiles. [Paul Sutton]</li><li>Source core re-organisation: distributed modules are now in modules/standard. All other source code is in main. OS-specific code is in os/{unix,emx,win32} directories. [Paul Sutton]</li><li>mod_browser has been removed, since it's replaced by mod_setenvif. [Ken Coar]</li><li>Fix another long-standing bug in sub_req_lookup_file where it would happily skip past access checks on subdirectories looked up with relative paths. (It's used by mod_dir, mod_negotiation, and mod_include.) [Dean Gaudet]</li><li>directory_walk optimization to reduce an O(N*M) loop to O(N+M) where N is the number of <Directory> sections, and M is the number of components in the filename of an object.</li><li>To achieve this optimization the following config changes were made: - Wildcards (* and ?, not the regex forms) in <Directory>s, <Files>s, and <Location>s now treat a slash as a special character. For example "/home/*/public_html" previously would match "/home/a/andrew/public_html", now it only matches things like "/home/bob/public_html". This mimics /bin/sh behaviour. - It's possible now to use [] wildcarding in <Directory>, <Files> or <Location>. - Regex <Directory>s are applied after all non-regex <Directory>s.</li><li>[Dean Gaudet]</li><li>Fix a bug introduced in 1.3a1 directory_walk regarding .htaccess files and corrupted paths. [Dean Gaudet]</li><li>Enhanced and cleaned up the URL rewriting engine of mod_rewrite: First the grouped parts of RewriteRule pattern matches (parenthesis!) can be accessed now via backreferences $1..$9 in RewriteConds test-against strings in addition to RewriteRules subst string. Second the grouped parts of RewriteCond pattern matches (parenthesis!) can be accessed now via backreferences %1..%9 both in following RewriteCond test-against strings and RewriteRules subst string. This provides maximum flexibility through the use of backreferences. Additionally the rewriting engine was cleaned up by putting common code to the new expand_backrefs_inbuffer() function. [Ralf S. Engelschall]</li><li>When merging the main server's <Directory> and <Location> sections into a vhost, put the main server's first and the vhost's second. Otherwise the vhost can't override the main server. [Dean Gaudet] PR#717</li><li>The <Directory> code would merge and re-merge the same section after a match was found, possibly causing problems with some modules. [Dean Gaudet]</li><li>ip-based vhosts are stored and queried using a hashing function, which has been shown to improve performance on servers with many ip-vhosts. Some other changes had to be made to accommodate this: - the * address for vhosts now behaves like _default_ - the matching process now is: - match an ip-vhost directly via hash (possibly matches main server) - if that fails, just pretend it matched the main server - if so far only the main server has been matched, perform name-based lookups (ServerName, ServerAlias, ServerPath) *only on name-based vhosts* - if they fail, look for _default_ vhosts [Dean Gaudet, Dave Hankins <dhankins sugarat.net>]</li><li>dbmmanage overhaul: - merge dbmmanage and dbmmanage.new functionality, remove dbmmanage.new - tie() to AnyDBM_File which will use one of DB_File, NDBM_File or GDBM_File (-ldb, -lndbm, -lgdbm) (trying each in that order) - provide better seed for rand - prompt for password as per getpass(3) (turn off echo, read from /dev/tty, etc.) - use "newstyle" crypt based on $Config{osname} ($^O) - will not add a user if already in database, use new `update' command instead - added `check' command to check a users' password - added `import' command to convert existing password text-files or dbm files exported with `view' - more descriptive usage, general cleanup, 'use strict' clean, etc. [Doug MacEachern]</li><li>Added psocket() which is a pool form of socket(), various places within the proxy weren't properly blocking alarms while registering the cleanup for its sockets. bclose() now uses pclose() and pclosesocket(). There was a bug where the client socket was being close()d twice due a still registered cleanup. [Dean Gaudet]</li><li>A few cleanups were made to reduce time(), getpid(), and signal() calls. [Dean Gaudet]</li><li>PORT: AIX >= 4.2 requires -lm due to libc changes. [Jason Venner <jason idiom.com>] PR#667</li><li>Enable ``=""'' for RewriteCond directives to match against the empty string. This is the preferred way instead of ``^$''. [Ralf S. Engelschall]</li><li>Fixed an infinite loop in mod_imap for references above the server root [Dean Gaudet] PR#748</li><li>mod_proxy now has a ReceiveBufferSize directive, similar to SendBufferSize, so that the TCP window can be set appropriately for LFNs. [Phillip A. Prindeville]</li><li>mod_browser has been replaced by the more general mod_setenvif (courtesy of Paul Sutton). BrowserMatch* directives are still available, but are now joined by SetEnvIf*, UnSetEnvIf*, and UnSetEnvIfZero directives. [Ken Coar]</li><li>"HostnameLookups double" forces double-reverse DNS to succeed in order for remote_host to be set (for logging, or for the env var REMOTE_HOST). The old define MAXIMUM_DNS has been deprecated. [Dean Gaudet]</li><li>mod_access overhaul: - Now understands network/netmask syntax (i.e. 10.1.0.0/255.255.0.0) and cidr syntax (i.e. 10.1.0.0/16). PR#762 - Critical path was sped up by pre-computing a few things at config time. - The undocumented syntax "allow user-agents" was removed, the replacement is "allow from env=foobar" combined with mod_browser. - When used with hostnames it now forces a double-reverse lookup no matter what the directory settings are. This double-reverse doesn't affect any of the other routines that use the remote hostname. In particular it's still passed to CGIs and the log without the double-reverse check. Related PR#860. [Dean Gaudet]</li><li>When a large bwrite() occurs (larger than the internal buffer size), while there is already something in the buffer, apache will combine the large write and the buffer into a single writev(). (This is in anticipation of using mmap() for reading files.) [Dean Gaudet]</li><li>In obscure cases where a partial socket write occurred while chunking, Apache would omit the chunk header/footer on the next block. Cleaned up other bugs/inconsistencies in error conditions in buff.c. Fixed a bug where a long pause in DNS lookups could cause the last packet of a response to be unduly delayed. [Roy Fielding, Dean Gaudet]</li><li>API: Added child_exit function to module structure. This is called once per "heavy-weight process" just before a server child exit()'s e.g. when max_requests_per_child is reached, etc. [Doug MacEachern, Dean Gaudet]</li><li>mod_include cleanup showed that handle_else was being used to handle endif. It didn't cause problems, but it was cleaned up too. [Howard Fear]</li><li>mod_cern_meta would attempt to find meta files for the directory itself in some cases, but not in others. It now avoids it in all cases. [Dean Gaudet]</li><li>mod_mime_magic would core dump if there was a decompression error. [Martin Kraemer <Martin.Kraemer mch.sni.de>] PR#904</li><li>PORT: some variants of DGUX require -lsocket -lnsl [Alexander L Jones <alex systems-options.co.uk>] PR#732</li><li>mod_autoindex now allows sorting of FancyIndexed directory listings by the various fields (name, size, et cetera), either in ascending or descending order. Just click on the column header. [Ken Coar]</li><li>PORT: Various tweaks to eliminate pointer-int casting warnings on 64-bit CPUs like the Alpha. Apache still stores ints in pointers, but that's the relatively safe direction. [Dean Gaudet] PR#344</li><li>PORT: QNX mmap() support for faster/more reliable scoreboard handling. [Igor N Kovalenko <infoh mail.wplus.net>] PR#683</li><li>child_main avoids an unneeded call to select() when there is only one listening socket. [Dean Gaudet]</li><li>In the event that the server is starved for idle servers it will spawn 1, then 2, then 4, ..., then 32 servers each second, doubling each second. It'll also give a warning in the errorlog since the most common reason for this is a poor StartServers setting. The define MAX_SPAWN_RATE can be used to raise/lower the maximum. [Dean Gaudet]</li><li>Apache now provides an effectively unbuffered connection for CGI scripts. This means that data will be sent to the client as soon as the CGI pauses or stops output; previously, Apache would buffer the output up to a fixed buffer size before sending, which could result in the user viewing an empty page until the CGI finished or output a complete buffer. It is no longer necessary to use an "nph-" CGI to get unbuffered output. Given that most CGIs are written in a language that by default does buffering (e.g. perl) this shouldn't have a detrimental effect on performance.</li><li>"nph-" CGIs, which formerly provided a direct socket to the client without any server post-processing, were not fully compatible with HTTP/1.1 or SSL support. As such they would have had to implement the transport details, such as encryption or chunking, in order to work properly in certain situations. Now, the only difference between nph and non-nph scripts is "non-parsed headers". [Dean Gaudet, Sameer Parekh, Roy Fielding]</li><li>If a BUFF is switched from buffered to unbuffered reading the first bread() will return whatever remained in the buffer prior to the switch. [Dean Gaudet]</li></ul> </div> </div> </div> </div> </div> </div> <!-- /#wrapper --> <!-- jQuery --> <script src="/js/jquery.js"></script> <!-- Bootstrap Core JavaScript --> <script src="/js/bootstrap.min.js"></script> <!-- Morris Charts JavaScript --> <script src="/js/plugins/morris/raphael.min.js"></script> </body> </html>