Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.0.31 Changelog
  • Create the scoreboard (in the parent) in a global pool context, so it survives graceful restarts. This fixes a SEGV during graceful restarts. [Aaron Bannert]
  • Add a timeout option to the proxy code 'ProxyTimeout' [Ian Holsman]
  • FTP directory listings are now always retrieved in ASCII mode. The FTP proxy properly escapes URI's and HTML in the generated listing, and escapes the path components when talking to the FTP server. It is now possible to browse the root directory by using a url like: ftp://user@host/%2f/ (ported from apache_1.3.24) Also, the last path component may contain wildcard characters '*' and '?', and if they do, a directory listing is created instead of a file retrieval. Example: ftp://user@host/httpd/server/*.c [Martin Kraemer]
  • Added single-listener unserialized accept support to the worker MPM [Brian Pane]
  • New Directive for mod_proxy: 'ProxyPreserveHost'. This passes the incoming host header through to the proxied server [Geoff ]
  • New Directive Option for ProxyPass. It now can block a location from being proxied [Jukka Pihl ]
  • Don't let the default handler try to serve a raw directory. At best you get gibberish. Much worse things can happen depending on the OS. [Jeff Trawick]
  • Change the pre_config hook to return a value. Modules can now emit an error message and then cause the server to quit gracefully during startup. This required a bump to the MMN. [Aaron Bannert]
  • Fix some unix socket descriptor leaks in the handler side of mod_cgid (the part that runs in the server process). Whack a silly "close(-1)" in the handler too. [Jeff Trawick]
  • Change the pre_mpm hook to return a value, so that scoreboard init errors percolate up to code that knows how to exit cleanly. This required a bump to the MMN. [Jeff Trawick]
  • Add the socket back to the conn_rec and remove the create_connection hook. The create_connection hook had a design flaw that did not allow creating connections based on vhost info. [Bill Stoddard]
  • Fixed PATH_INFO and QUERY_STRING from mod_negotiation results. Resolves the common case of using negotation to resolve the request /script/foo for /script.cgi/foo. [William Rowe]
  • Added new functions ap_add_(input|output)_filter_handle to allow modules to bypass the usual filter name lookup when adding hard-coded filters to a request [Brian Pane]
  • caching should now work on subrequests (still very experimental) [Ian Holsman]
  • The Win32 mpm_winnt now has a shared scoreboard. [William Rowe]
  • Change ap_get_brigade prototype to use apr_off_t instead of apr_off_t*. [Justin Erenkrantz]
  • Refactor ap_rgetline so that it does not use an internal brigade. Change ap_rgetline's prototype to return errors. [Justin Erenkrantz]
  • Remove mod_auth_db. [Justin Erenkrantz]
  • Do not install unnecessary pcre headers like config.h and internal.h. [Joe Orton ]
  • Change in quick_hanlder behavior for subrequests. it now passes DONE (as it does for a normal request). quick_handled sub-requests now work in mod-include [Ian Holsman]
  • Change SUBREQ_CORE so that it is a 'HTTP_HEADER' filter instead of 'CONTENT' one, as it needs to run AFTER all content headers
  • Rename BeOS MPM directive RequestsPerThread to MaxRequestsPerThread. [Lars Eilebrecht]
  • Split out blocking from the mode in the input filters. [Justin Erenkrantz]
  • Fix a segfault in mod_include. [Justin Erenkrantz, Jeff Trawick]
  • Cause Win32 to capture all child-worker process errors in Apache to the main server error log, until the child can open its own error logs. [William Rowe]
  • HPUX 11.*: Do not kill the child process when accept() returns ENOBUFS on HPUX 11.*. (ported from th 1.3 patch) [Madhusudan Mathihalli , Bill Stoddard]
  • Fix a problem in the parsing of the directive. [Jeff Trawick]
  • rewrite of mod_ssl input filter for better performance and less memory usage [Doug MacEachern]
  • allow quick_handler to be run on subrequests. [Ian Holsman]
  • mod_dav now asks its provider to place content directly into the filter stack when handling a GET request. The mod_dav/provider API has changed, so providers need to be updated. [Greg Stein]
  • Clear the output socket descriptor in unixd_accept() to make sure we don't supply a bogus socket to the caller if the accept fails. This caused problems with the worker MPM, which tried to process the returned socket if it was non-NULL. [Brian Pane]
  • Move a check for an empty brigade to the start of core input filter to avoid segfaults. [Justin Erenkrantz, Jeff Trawick]
  • Add FileETag directive to allow configurable control of what data are used to form ETag values for file-based URIs. MMN bumped to 20020111 because of fields added to the end of the core_dir_config structure. [Ken Coar]
  • Fix a segfault in mod_rewrite's logging code caused by passing the wrong config to ap_get_remote_host(). [Jeff Trawick]
  • Allow mod_cgid to work from a binary distribution install by using 755 for the permissions on the log directory instead of 750. [Jeff Trawick]
  • Fixed a segfault that happened during graceful shutdown (or when the httpd ran out of file descriptors) with the worker MPM [Brian Pane]
  • Split all Win32 modules [excluding the core components mod_core, mod_so, mod_win32 and the winnt mpm] into individual loadable modules, so the administrator may individually disable the former compiled-in modules by simply commenting out their LoadModule directives. [William Rowe]
  • Saved Win32 module authors and porters many future headaches, by duplicating the appropriate .h files such as os.h into the include directory, including in the build tree. [William Rowe]
  • mod_ssl adjustments to help with using toolkits other than OpenSSL: Use SSL functions/macros instead of directly dereferencing SSL structures wherever possible. Add type-casts for the cases where functions return a generic pointer. Add $SSL/include to configure search path. [Madhusudan Mathihalli ]
  • Moved several pointers out of the shared Scoreboard so it is more portable, and will present the vhost name across server generation restarts. [William Rowe]
  • Fix SSLPassPhraseDialog exec: and SSLRandomSeed exec: [Doug MacEachern]