1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
|
APACHE 2.2 STATUS: -*-text-*-
Last modified at [$Date$]
The current version of this file can be found at:
* http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
Documentation status is maintained separately and can be found at:
* docs/STATUS in this source tree, or
* http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS
The current development branch of this software can be found at:
* http://svn.apache.org/repos/asf/httpd/httpd/trunk
Patches considered for backport are noted in their branches' STATUS:
* http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
* http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS
Release history:
[NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
while x.{even}.z versions are Stable/GA releases.]
2.2.18 : In maintenance
2.2.17 : Released October 19, 2010.
2.2.16 : Released July 25, 2010.
2.2.15 : Released March 6, 2010.
2.2.14 : Released October 3, 2009.
2.2.13 : Released August 8, 2009.
2.2.12 : Released July 28, 2009.
2.2.11 : Released December 14, 2008.
2.2.10 : Released October 14, 2008.
2.2.9 : Released June 14, 2008.
2.2.8 : Released January 19, 2008.
2.2.7 : Tagged January 4, 2008. Not released.
2.2.6 : Released September 7, 2007.
2.2.5 : Tagged August 10, 2007, not released.
2.2.4 : Released on January 9, 2007 as GA.
2.2.3 : Released on July 28, 2006 as GA.
2.2.2 : Released on May 1, 2006 as GA.
2.2.1 : Tagged on April 1, 2006, not released.
2.2.0 : Released on December 1, 2005 as GA.
2.1.10 : Tagged on November 19, 2005, not released.
2.1.9 : Released on November 5, 2005 as beta.
2.1.8 : Released on October 1, 2005 as beta.
2.1.7 : Released on September 12, 2005 as beta.
2.1.6 : Released on June 27, 2005 as alpha.
2.1.5 : Tagged on June 17, 2005.
2.1.4 : not released.
2.1.3 : Released on February 22, 2005 as alpha.
2.1.2 : Released on December 8, 2004 as alpha.
2.1.1 : Released on November 19, 2004 as alpha.
2.1.0 : not released.
Contributors looking for a mission:
* Just do an egrep on "TODO" or "XXX" in the source.
* Review the bug database at: http://issues.apache.org/bugzilla/
* Review the "PatchAvailable" bugs in the bug database:
https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Apache+httpd-2&keywords=PatchAvailable
After testing, you can append a comment saying "Reviewed and tested".
* Open bugs in the bug database.
CURRENT RELEASE NOTES:
* Forward binary compatibility is expected of Apache 2.2.x releases, such
that no MMN major number changes will occur. Such changes can only be
made in the trunk.
* All commits to branches/2.2.x must be reflected in SVN trunk,
as well, if they apply. Logical progression is commit to trunk,
get feedback and votes on list or in STATUS, then merge into
branches/2.2.x, as applicable.
RELEASE SHOWSTOPPERS:
* Wait for a release of APR-UTIL 1.3.11 as 1.3.10 contains a regression within
the bundled expat make files (https://issues.apache.org/bugzilla/show_bug.cgi?id=50162)
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
* mod_win32: Add shebang check so that .vbs scripts can work as CGI.
Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1054347
2.2.x patch: Trunk version of patch works with offset
+1 fuankg, wrowe, trawick
wrowe notes: CHANGES needs to be clearer than the text above.
Trunk/CHANGES and 2.2.x/CHANGES need an update.
* htpasswd.c: Syncronize with trunk version. This includes a couple of fixes:
r826805, r826822, r829162, r829355, r829431. The patch below covers only
the C code - we also need to apply the docs and CHANGES parts of r826805.
2.2.x patch: http://people.apache.org/~fuankg/diffs/htpasswd.c.diff
sf: this will change the default algorithm from crypt to md5 (I am not
against it)
FWIW, htdbm in 2.2.x already defaults to MD5
+1 fuankg, wrowe, trawick
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
* mpm worker/mpm event: Revert an old (~10yr) change to the fd Q; move back to
FIFO rather than LIFO, for more consistent performance
so that older requests don't suffer
Trunk patch (applies for worker): http://svn.apache.org/viewvc?view=revision&revision=1064269
2.2.x patch (for event): http://people.apache.org/~igalic/patches/event-mpm-fdqueue.patch
* HTTP Protocol: Fix handling of extra request data sent with Expect: 100
PR 47087
Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=888310
2.2.x: Trunk works with offset
+1: niq, wrowe
* Fixes for gcc -Wall warnings in Windows code
Trunk patch: revisions/descriptions at
http://people.apache.org/~trawick/mingw_patch_revisions.txt
2.2.x patch: http://people.apache.org/~trawick/mingw_fix_warnings.txt
(It is worth pointing out that DWORD = unsigned long for 16-,
32-, and 64-bit builds.)
2.2.x warnings without patch:
http://people.apache.org/~trawick/mingw_r1092398_warnings.txt
2.2.x warnings with patch:
http://people.apache.org/~trawick/mingw_patch_warnings.txt
+1: trawick, wrowe
* WinNT MPM: don't try to shut down child if it wasn't created
Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1090634
2.2.x patch: Trunk patch applies with offset
+1: trawick
PATCHES/ISSUES THAT ARE STALLED
* mod_dav: If an unknown Content-* header is received for a PUT request, we
must not ignore it but reply with 501 per RFC 2616 9.6.
PR: 42978
Trunk version of patch:
http://svn.apache.org/viewvc?rev=1026746&view=rev
Backport version for 2.2.x of patch:
Trunk version of patch works
+1: rpluem, covener, poirier
-1: roy:
This requirement will
be (or has already been) removed from httpbis because it hinders
extensibility and breaks content management systems, just as the
change below causes content-language to be broken. That is why
we never implemented this requirement when it was added (without
consensus) to RFC 2616.
* core: Support wildcards in both the directory and file components of
the path specified by the Include directive.
Trunk patch: http://svn.apache.org/viewvc?rev=909878&view=rev
http://svn.apache.org/viewvc?rev=917735&view=rev
http://svn.apache.org/viewvc?rev=917759&view=rev
2.2.x patch: http://people.apache.org/~minfrin/httpd-wildcard+docs2.patch
Submitted by: minfrin, poirier
+1: minfrin, jim, poirier
-1: wrowe [This introduces new invalid paths which do not resolve to any
configuration file paths, increasing the probability of unreported
syntax errors to further confuse the administrator.]
* srclib/pcre and vendor/pcre
http://www.vuxml.org/freebsd/pkg-pcre.html
update to pcre-7.8
outcome: remove from trunk, leave alone in branches/2.2.x and branches/2.0.x
* core, authn/z: Avoid calling access control hooks for internal requests
with configurations which match those of initial request. Revert to
original behaviour (call access control hooks for internal requests
with URIs different from initial request) if any access control hooks or
providers are not registered as permitting this optimization.
Introduce wrappers for access control hook and provider registration
which can accept additional mode and flag data. Convert common
provider version strings to macros.
The core purpose of this pile of patches is to avoid unnecessary
authn/z hooks when a single request spawns large numbers of internal
requests to which an identical set of httpd configurations apply.
This permits modules such as mod_authn_dbd and mod_dav to work together
acceptably.
Because certain external modules such as mod_authz_svn rely on the old
behaviour, this optimization can be made only when all authn/z hooks and
providers are registered with the appropriate flag.
It would be excellent if Windows and NetWare people could ensure this
builds correctly.
In particular, mod_auth.h must be included into request.c and I've left
mod_auth.h under modules/aaa rather than try to replicate wrowe's work
in trunk moving all the include files around.
I'm open to suggestions that this remain in trunk only, but in that case,
it would be very helpful to know whether most people expect a 2.4 branch
or just a 3.0 branch to be next. If 3.0, some of the backwards
compatibility work could potentially be ditched.
Trunk version of patches:
http://svn.apache.org/viewvc?view=rev&revision=644525
http://svn.apache.org/viewvc?view=rev&revision=644562 (trunk MMN bump)
http://svn.apache.org/viewvc?view=rev&revision=645395
http://svn.apache.org/viewvc?view=rev&revision=645472
http://svn.apache.org/viewvc?view=rev&revision=645540
http://svn.apache.org/viewvc?view=rev&revision=646445 (reverted by r659160)
http://svn.apache.org/viewvc?view=rev&revision=658046
http://svn.apache.org/viewvc?view=rev&revision=659160
Backport version for 2.2.x of patch:
http://people.apache.org/~chrisd/patches/walk_cache/walk_cache-2.2.x.patch
+1: chrisd
-0: jim (would prefer to see in 2.4, and to push 2.4 out)
* beos MPM: Create pmain pool and run modules' child_init hooks when
entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
Otherwise modules' child_init hooks appear to never be executed.
Also, destroying pmain ensures that cleanups registered in modules'
child_init hooks are performed (e.g., mod_log_config and mod_dbd).
Trunk version of patch:
http://svn.apache.org/viewvc?view=rev&revision=491922
2.2.x version of patch:
http://people.apache.org/~chrisd/patches/mod_dbd_pools_groups/mpm_child_init-beos-2.2.x.patch
+0: chrisd (abstaining; unable to test)
* PKCS#7: backport PCKS#7 patches from trunk.
+1 ben
jerenkrantz: What's the revision number to backport?
wrowe asks: ditto jerenkrantz
sctemme: svn blame suggests r424707
rpluem: Digging through the history suggests that
r424735
r424821
r424823
need to be added to this. See also
http://mail-archives.apache.org/mod_mbox/httpd-dev/200607.mbox/%3c20060723093125.GA19423@redhat.com%3e
and follow ups for more details.
needs r930063 to avoid a memory leak, +1 with r930063.
* prefork MPM: simple patch to enable mod_privileges.
trunk: N/A (this patch substitutes for the availability of
drop_privileges hook).
2.2.x patch:
http://people.apache.org/~niq/patches/2.2mod_privileges-core-patch
+1: niq, igalic
* unixd: set suexec_enabled correctly when httpd is run by non-root
PR 42175
Trunk Patch: http://cvs.apache.org/viewvc?view=rev&revision=791337
2.2.x Patch: https://issues.apache.org/bugzilla/attachment.cgi?id=20004
+1: niq
-0: wrowe; Please refer to man 'access' BUGS section about linux 2.4
vs 2.6 kernels, potentially a suspect test for root.
sf: Couldn't the linux 2.4 bug be worked around by calling access
twice? Once with R_OK and once with X_OK.
wrowe: It would seem we only need to test for X_OK?
* mod_disk_cache: Decline the opportunity to cache if the response is
a 206 Partial Content. This stops a reverse proxied partial response
from becoming cached, and then being served in subsequent responses.
Trunk patch: http://svn.apache.org/viewvc?rev=951222&view=rev
2.2.x patch: http://people.apache.org/~minfrin/httpd-cache-partial-2.2.patch
+1: minfrin
niq asks: I can see the logic of not cacheing partial responses,
but why should mod_disk_cache worry about them if mod_cache allows
them, as in the following proposal?
rpluem says: As poirier correctly mentions, the same must be done for mod_mem_cache
as well.
*) mod_cache: Explicitly allow cache implementations to cache a 206 Partial
Response if they so choose to do so. Previously an attempt to cache a 206
was arbitrarily allowed if the response contained an Expires or
Cache-Control header, and arbitrarily denied if both headers were missing.
Trunk patch: http://svn.apache.org/viewvc?rev=952823&view=rev
2.2.x Patch: http://people.apache.org/~minfrin/httpd-cache-partial2-2.2.patch
+1: minfrin
-1: rpluem: Until the patch proposal above for mod_disk_cache is backported
and a similar patch for mod_mem_cache is proposed (no backport
possible since mod_mem_cache is no longer in trunk) and
committed.
* config: fix/optimize SSL connections for IE6 browsers
PR 49484
Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=966055
2.2 patch: should apply cleanly
+1: gstein
-0: sf: If we change it, then change it to something that will be OK for
MSIE 10, too. Also, some people recommend keeping ssl-unclean-shutdown
for newer versions of MSIE.
See http://marc.info/?l=apache-httpd-dev&m=127970632901262&w=2 and
the links therein.
* mod_proxy: Release the backend connection as soon as EOS is detected,
so the backend isn't forced to wait for the client to eventually
acknowledge the data.
Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1026665
http://svn.apache.org/viewvc?view=revision&revision=1030850
http://svn.apache.org/viewvc?view=revision&revision=1030855
http://svn.apache.org/viewvc?view=revision&revision=1035605
2.2.x patch: http://people.apache.org/~minfrin/httpd-mod_proxy-closeearly22-4.patch
+1: minfrin
+1: jim (requires mmn bump due to proxy_conn_rec)
rpluem says: r1052224 r1052314 need to be added as well as the patch above
has a thread safety issue.
minfrin: r1055246 needs to be added to r1052314 to ensure the cleanup
isn't attempted twice.
rpluem says: Mind to update the 2.2.x version of the patch with r1052224,
r1052314, r1055246 and r1055570 (Comment fix by Jim)?
|
