Changes with Apache 1.3.41 *) SECURITY: CVE-2007-6388 (cve.mitre.org) mod_status: Ensure refresh parameter is numeric to prevent a possible XSS attack caused by redirecting to other URLs. Reported by SecurityReason. [Mark Cox] Changes with Apache 1.3.40 (not released) *) SECURITY: CVE-2007-5000 (cve.mitre.org) mod_imap: Fix cross-site scripting issue. Reported by JPCERT. [Joe Orton] *) SECURITY: CVE-2007-3847 (cve.mitre.org) mod_proxy: Prevent reading past the end of a buffer when parsing date-related headers. PR 41144. With Apache 1.3, the denial of service vulnerability applies only to the Windows and NetWare platforms. [Jeff Trawick] *) More efficient implementation of the CVE-2007-3304 PID table patch. This fixes issues with excessive memory usage by the parent process if long-running and with a high number of child process forks during that timeframe. Also fixes bogus "Bad pid" errors. [Jim Jagielski, Jeff Trawick] Changes with Apache 1.3.39 *) SECURITY: CVE-2006-5752 (cve.mitre.org) mod_status: Fix a possible XSS attack against a site with a public server-status page and ExtendedStatus enabled, for browsers which perform charset "detection". Reported by Stefan Esser. [Joe Orton] *) SECURITY: CVE-2007-3304 (cve.mitre.org) Ensure that the parent process cannot be forced to kill non-child processes by checking scoreboard PID data with parent process privately stored PID data. [Jim Jagielski] *) mime.types: Many updates to sync with IANA registry and common unregistered types that the owners refuse to register. Admins are encouraged to update their installed mime.types file. PR: 35550, 37798, 39317, 31483 [Roy T. Fielding] There was no Apache 1.3.38 Changes with Apache 1.3.37 *) SECURITY: CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox] Changes with Apache 1.3.36 *) Reverted SVN rev #396294 due to unwanted regression. The new feature introduced in 1.3.35 (Allow usage of the "Include" configuration directive within previously "Include"d files) has been removed in the meantime. (http://svn.apache.org/viewcvs?rev=396294&view=rev) Changes with Apache 1.3.35 *) SECURITY: CVE-2005-3352 (cve.mitre.org) mod_imap: Escape untrusted referer header before outputting in HTML to avoid potential cross-site scripting. Change also made to ap_escape_html so we escape quotes. Reported by JPCERT. [Mark Cox] *) core: Allow usage of the "Include" configuration directive within previously "Include"d files. [Colm MacCarthaigh] *) SECURITY: CVE-2006-3918 (cve.mitre.org) HTML-escape the Expect error message. Only a security issue if an attacker can influence the Expect header a victim will send to a target site (it's known that some versions of Flash can do this) Reported by Thiago Zaninotti . [Mark Cox] *) mod_cgi: Remove block on OPTIONS method so that scripts can respond to OPTIONS directly rather than via server default. [Roy Fielding] PR 15242 Changes with Apache 1.3.34 *) hsregex: fix potential core dumping on 64 bit machines, such as AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>] *) SECURITY: core: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. This has no impact on mod_proxy_http, yet affects any module which supports chunked encoding yet fails to prefer T-E: chunked over the Content-Length purported value. [Paul Querna, Joe Orton] *) Added TraceEnable [on|off|extended] per-server directive to alter the behavior of the TRACE method. This addresses a flaw in proxy conformance to RFC 2616 - previously the proxy server would accept a TRACE request body although the RFC prohibited it. The default remains 'TraceEnable on'. [William Rowe] *) mod_digest: Fix another nonce string calculation issue. [Eric Covener] Changes with Apache 1.3.33 *) SECURITY: CVE-2004-0940 (cve.mitre.org) mod_include: Fix potential buffer overflow with escaped characters in SSI tag string. [Martin Kraemer, Jim Jagielski] Changes with Apache 1.3.32 *) mod_rewrite: Fix query string handling for proxied URLs. PR 14518. [michael teitler , Jan Kratochvil ] *) mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. [André Malo] *) mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton] *) Trigger an error when a LoadModule directive attempts to load a module which is built-in. This is a common error when switching from a DSO build to a static build. [Jeff Trawick, Geoffrey Young] *) Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. [Will Slater ] *) Fix memory leak in the cache handling of mod_rewrite. PR 27862. [chunyan sheng , André Malo] *) mod_rewrite no longer confuses the RewriteMap caches if different maps defined in different virtual hosts use the same map name. PR 26462. [André Malo] *) mod_setenvif: Remove "support" for Remote_User variable which never worked at all. PR 25725. [André Malo] *) mod_usertrack: Escape the cookie name before pasting into the regexp. [André Malo] *) Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. [Jeff Trawick] *) SECURITY: CVE-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. [Mark Cox] *) Fix a bunch of cases where the return code of the regex compiler was not checked properly. This affects mod_usertrack and core. PR 28218. [André Malo] *) No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. [Jim Jagielski, Rasmus Lerdorf] *) COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. [Jim Jagielski] Changes with Apache 1.3.31 *) SECURITY: CVE-2003-0987 (cve.mitre.org) Verification as to whether the nonce returned in the client response is one we issued ourselves by means of a AuthDigestRealmSeed secret exposed as an md5(). See mod_digest documentation for more details. The experimental mod_auth_digest.c does not have this issue. [Dirk-Willem van Gulik, Jeff Trawick, Jim Jagielski] Changes with Apache 1.3.30 *) Fix memory corruption problem with ap_custom_response() function. The core per-dir config would later point to request pool data that would be reused for different purposes on different requests. [Will Lowe, Jeff Trawick] *) Reinit socket to allow mod_proxy to continue to try connections when invalid IPs are accessed. PR 27542. [Alexander Prohorenko ] *) SECURITY: CVE-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. Enabled for some platforms known to have the issue (accept() blocking after select() returns readable). Define NONBLOCK_WHEN_MULTI_LISTEN if needed for your platform and not already defined. [Jeff Trawick, Brad Nicholes, Joe Orton] *) SECURITY: CVE-2003-0993 (cve.mitre.org) Fix parsing of Allow/Deny rules using IP addresses without a netmask; issue is only known to affect big-endian 64-bit platforms; on affected platforms such rules would never produce matches. PR 23850. [Henning Brauer ] *) Fix mod_include's expression parser to recognize strings correctly even if they start with an escaped token. [André Malo] *) The whole codebase was relicensed and is now available under the Apache License, Version 2.0 (http://www.apache.org/licenses). [Apache Software Foundation] *) Add mod_whatkilledus and mod_backtrace (experimental) for reporting diagnostic information after a child process crash. See source code for documentation. [Jeff Trawick, with help from mod_log_forensic] *) mod_usertrack no longer inspects the Cookie2 header for the cookie name. PR 11475. [Chris Darrochi ] *) mod_usertrack no longer overwrites other cookies. PR 26002. [Scott Moore ] *) Add fatal exception hook for running diagnostic code after a crash. [Jeff Trawick] *) Make REMOTE_PORT variable available in mod_rewrite. PR 25772. [André Malo] *) Forensic logging shouldn't log internal redirects. [Ivan Ristic ] *) Some syntax errors in mod_mime_magic's magic file can result in a 500 error, which previously was unlogged. Now we log the error. [Jeff Trawick] *) Linux 2.4+: If Apache is started as root and you code CoreDumpDirectory, coredumps are enabled via the prctl() syscall. Backport of a 2.x feature by Greg Ames. [Jeff Trawick] *) Fix bug causing core dump when using CookieTracking without specifying a CookieName directly. Bugz# 24483. [Manni Wood , Jim Jagielski (backport)] *) Fix RewriteBase directive to not add double slashes. [André Malo] *) mod_rewrite: In external rewrite maps lookup keys containing a newline now cause a lookup failure. PR 14453. [Cedric Gavage , André Malo] *) Forensic logging module added (mod_log_forensic). [Ben Laurie] *) SECURITY: CVE-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo] *) '%X' is now accepted as an alias for '%c' in the LogFormat directive. This allows you to configure logging to still log the connection status even with mod_ssl (which changes what '%c' means). [Jim Jagielski] *) UseCanonicalName off was ignoring the client provided port information. [Jim Jagielski] Changes with Apache 1.3.29 *) SECURITY: CVE-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. [André Malo] *) Within ap_bclose(), ap_pclosesocket() is now called consistently for sockets and ap_pclosef() for files. Also, closesocket() is used consistenly to close socket fd's. The previous confusion between socket and file fd's would cause problems with some applications now that we proactively close fd's to prevent leakage. PR 22805 [Radu Greab , Jim Jagielski] *) If a request fails and the client will be redirected to another URL due to ErrorDocument, see if we need to drop the connection after sending the 302 response. This fixes a problem where Apache treated the body of the failed request as the next request on a keepalive connection. The subsequent 501 error sent to the browser prevented some browsers from fetching the error document. [Jeff Trawick] *) Fixed mod_usertrack to not get false positive matches on the user-tracking cookie's name. PR 16661. [Manni Wood ] *) Enabled RFC1413 ident functionality for both Win32 and NetWare platforms. This also included an alternate thread safe implementation of the socket timout functionality when querying the identd daemon. [Brad Nicholes, William Rowe] *) Prevent creation of subprocess Zombies when using CGI wrappers such as suExec and cgiwrap. PR 21737. [Numerous] *) ab: Overlong credentials given via command line no longer clobber the buffer. [André Malo] *) Fix ProxyPass for ftp requests - the original code was segfaulting since many of the values were not being filled out in the request_rec. [Tollef Fog Heen , Thom May] Changes with Apache 1.3.28 *) SECURITY: CVE-2003-0460 (cve.mitre.org) Fix the rotatelogs support program on Win32 and OS/2 to ignore special control characters received over the pipe. Previously such characters could cause rotatelogs to quit logging and exit. [André Malo] *) Prevent the server from crashing when entering infinite loops. The new LimitInternalRecursion directive configures limits of subsequent internal redirects and nested subrequests, after which the request will be aborted. PR 19753 (and probably others). [William Rowe, Jeff Trawick, Jim Jagielski, André Malo] *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP response. PR 21085. [Glenn Nielsen , André Malo] *) Removed BIND_NOSTART from HP/UX shl_load() logic for loadable Apache modules, so that statics are initialized when the module is loaded (especially critical for c++ modules on HPUX.) [William Rowe, Noah Arliss ] *) Win32 build system changes; always recompile buildmark.c (used for Apache -v 'server built' messages) even when Apache is built from within the IDE; build test_char.h and uri_delims.h from within the ApacheCore.dsp project. PR 12706. [William Rowe] *) Introduce Win32 .pdb diagnostic symbols into the Apache 1.3 build (as created in Apache 2.0.45 and later.) Makes debugging and analysis of crash dumps and Dr. Watson logs trivial. Requires the Win32 binary builder to set aside the exact .pdb files that match the released binaries (.exe/.so files) for reference by users and developers. [William Rowe] *) Make sure the accept mutex is released before calling child exit hooks and cleanups. Otherwise, modules can segfault in such code and, with pthread mutexes, leave the server deadlocked. Even if the module doesn't segfault, if it performs extensive processing it can temporarily prevent the server from accepting new connections. [Jeff Trawick] *) Fix mod_rewrite's handling of absolute URIs. The escaping routines now work scheme dependent and the query string will only be appended if supported by the particular scheme. [André Malo] *) Use appropriate language codes for Czech (cs) and Traditional Chinese (zh-tw) in default config files. PR 9427. [André Malo] *) Don't block synchronous signals (e.g., SIGSEGV) while waiting for and holding a pthread accept mutex. [Jeff Trawick] *) AIX: Change the default accept mechanism from pthread back to fcntl. Idle child cleanup doesn't work when the child selected for termination by the parent is waiting on a pthread mutex, and because the AIX kernel's notion of hot process is apparently the same as Apache's, it is common for the Apache parent to continually select a child for termination that the kernel will leave waiting on the mutex for extended periods of time. There are other concerns with pthread mutexes as well, such as the ability to deadlock the server if a child process segfaults while holding the mutex. [Jeff Trawick] *) Fix a pair of potential buffer overflows in htdigest [Martin Schulze , Thom May] *) A newly created child now has a start_time of 0, to prevent mod_status from displaying a bogus value for the "time to process most recent request" column for freshly-started children in a previously-used scoreboard slot. [Martin Kraemer] *) When using Redirect in directory context, append requested query string if there's no one supplied by configuration. PR 10961. [André Malo] *) Fix path handling of mod_rewrite, especially on non-unix systems. There was some confusion between local paths and URL paths. PR 12902. [André Malo] *) backport from 2.x series: Prevent endless loops of internal redirects in mod_rewrite by aborting after exceeding a limit of internal redirects. The limit defaults to 10 and can be changed using the RewriteOptions directive. PR 17462. [André Malo] *) Use the correct locations of srm.conf and access.conf when tailoring the httpd.conf during the install process. PR 9446. [Stanislav Brabec ] *) suexec: Be more pedantic when cleaning environment. Clean it immediately after startup. PR 2790, 10449. [Jeff Stewart , André Malo] *) Fix apxs to insert LoadModule/AddModule directives only outside of sections. PR 8712, 9012. [André Malo] *) Fix suexec compile error under SUNOS4, where strerror() doesn't exist. PR 5913, 9977. [Jonathan W Miner ] *) Unix build: Add support for environment variable EXTRA_LDFLAGS_SHLIB, which allows the user to add to the hard-coded ld flags specified for DSOs. Compare with the existing LDFLAGS_SHLIB environment variable, which allows the user to completely replace the hard-coded ld flags specified for DSOs. [Jeff Trawick] *) mod_auth_digest no longer tries to guess AuthDigestDomain, if it's not specified. Now it assumes "/" as already documented. PR 16937. [André Malo] *) In configure always assume suexec-umask to be an octal value by prepending a "0". PR 16984. [André Malo] *) Fix typo in suexec -V output. PR 9034. [Youichirou Koga ] *) Fix bug where 'Satisfy Any' without an AuthType resulted in an "Internal Server Error" response. PR 9076. [André Malo] *) mod_rewrite: Allow "RewriteEngine Off" even if no "Options FollowSymlinks" (or SymlinksIfOwnermatch) is set. PR 12395. [André Malo] *) Change the log messages for setsockopt(TCP_NODELAY) and getsockname() failures to log the client IP address and to change the log level to debug. [Jeff Trawick] *) Correction to mod_negotation for Win32, OS2, Netware etc, where case insensitive requests such as the HEADER or README search from autoindex would fail to match HEADER.html (because the system internally looked for the case-sensitive header.* pattern.) PR 7300 [William Rowe] *) Correction to mod_autoindex so that only text/* files (prefering /html, then /plain, then some other flavor) can be recovered from a multiview-based HEADER or README subrequest. [William Rowe] *) Improvements to mod_usertrack that allows for a regular (verbose) as well as "compact" version of the tracking cookie (the new 'CookieFormat' directive), and the ability to prepend a string to the cookie via the 'CookiePrefix' directive. [Pål Løberg , with cleanup by Jim Jagielski] *) Certain 3rd party modules would bypass the Apache API and not invoke ap_cleanup_for_exec() before creating sub-processes. To such a child process, Apache's file descriptors (lock fd's, log files, sockets) were accessible, allowing them direct access to Apache log file etc. Where the OS allows, we now add proactive close functions to prevent these file descriptors from leaking to the child processes. [Jim Jagielski, Martin Kraemer] *) Prevent obscenely large values of precision in ap_vformatter from clobbering a buffer. [Sander Striker, Jim Jagielski] *) NetWare: implemented ap_os_default_port() to resolve the correct default port based on the request method. This fixes a URL reconstruction problem on a redirect. [Pavel Novy ] *) Added new ap_register_cleanup_ex() API function which allows for a "magic" cleanup function to be run at register time rather than at cleanup time. Also added the ap_note_cleanups_for_(socket|fd|file)_ex() API functions which allows for control over whether that magic cleanup should be called or not. This does not change the default behavior of the non-"ex" function (eg: ap_register_cleanup). [Jim Jagielski, concept by Ben Laurie] *) PORT: Take advantage of OpenBSD's arc4random() function for the initial secret [Henning Brauer ] *) If Listen directive is not a port, but just an IP, emit an error condition as this case is ambiguous. [Rich Bowen, Justin Erenkrantz, Cliff Woolley] *) Update timeout algorithm in free_proc_chain. If a subprocess did not exit immediately, the thread would sleep for 3 seconds before checking the subprocess exit status again. In a very common case when the subprocess was an HTTP server CGI script, the CGI script actually exited a fraction of a second into the 3 second sleep, which effectively limited the server to serving one CGI request every 3 seconds across a persistent connection. PRs 6961, 8664 [Bill Stoddard] *) mod_setenvif: Add SERVER_ADDR special keyword to allow envariable setting according to the server IP address which received the request. [Ken Coar] *) PORT: Enable SINGLE_LISTEN_UNSERIALIZED_ACCEPT for AIX 4.3.2 and above. Update AIX configure logic to allow higher AIX release numbers without having to change Apache. [Jeff Trawick] Changes with Apache 1.3.27 *) SECURITY: CVE-2002-0840 (cve.mitre.org) Prevent a cross-site scripting vulnerability in the default error page. The issue could only be exploited if the directive UseCanonicalName is set to Off and a server is being run at a domain that allows wildcard DNS. [Matthew Murphy] *) SECURITY: CVE-2002-0843 (cve.mitre.org) Fix some possible overflows in ab.c that could be exploited by a malicious server. Reported by David Wagner. [Jim Jagielski] *) Included a patch submitted by Sander van Zoest (#9181) and written by Michael Radwin whichs is essentially a work around for the adding headers to error responses. As apache does not go through the proper chain for non 2xx responses. This patch adds an ErrorHeader directive; which is for non 2xx replies the direct analog of the existing Header directive. This is usefull during 3xx redirects or more complex 4xx auth schemes. [Dirk- Willem van Gulik] *) Included the patch submitted by Sander van Zoest (#12712) which prevents just 'anything' being sucked in when doing gobbeling in complete directories - such as editor backup files and other cruft. This patch allows us to tailor/control this properly by allowing simple wildcards such as *.conf. [Dirk-Willem van Gulik] *) SECURITY: CVE-2002-0839 (cve.mitre.org) Add the new directive 'ShmemUIDisUser'. By default, Apache will no longer set the uid/gid of SysV shared memory scoreboard to User/Group, and it will therefore stay the uid/gid of the parent Apache process. This is actually the way it should be, however, some implementations may still require this, which can be enabled by 'ShmemUIDisUser On'. Reported by iDefense. [Jim Jagielski] *) Fix a problem with the definition of union semun which broke System V semaphores on systems where sizeof(int) != sizeof(long). PR 12072 [] *) The protocol version (eg: HTTP/1.1) in the request line parsing is now case insensitive. This closes a few PRs and implies that ProtocolReqCheck will trigger on *true* invalid protocols. [Jim Jagielski] *) Relaxed mod_digest its parsing in order to make it work with iCal's "WebDAVFS/1.2 (01208000) Darwin/6.0 (Power Macintosh)" User-Agent. Apache (incorrectly) insisted on a quoted URI's in the uri field of the Authorization client header. Not yet done for EBCDIC plaforms. [Dirk-Willem van Gulik] *) Back out an older patch for PR 9932, which had some incorrect behavior. Instead, use a backport of the APR fix. This has the nice effect that ap_snprintf() can now distinguish between an output which was truncated, and an output which exactly filled the buffer. [Jim Jagielski] *) The cache in mod_proxy was incorrectly updating the Content-Length value (to 0) from 304 responses when doing validation. Bugz#10128 [Paul Terry , , Jim Jagielski] *) Added support for Berkeley-DB/4.x to mod_auth_db. [Martin Kraemer] *) PR 10993: add image/x-icon to default httpd.conf files [Ian Holsman, Peter Bieringer *) Fix a problem in proxy where headers from other modules were added to the response headers when this was already done in the core already. This resulted in header (and therefore cookie) duplication. [Martijn Schoemaker ] *) Fix FileETags none operation. PR 12202. [Justin Erenkrantz, Andrew Ho ] *) Win32: Fix one byte buffer overflow in ap_get_win32_interpreter when a CGI script's #! line does not contain a \r or \n (i.e. a line feed character) in the first 1023 bytes. The overflow is always a '\0' (string termination) character. *) Add new "suppress-error-charset" environment variable to allow a BrowserMatch workaround for clients that incorrectly use the charset of a redirect as the charset of the target. [Ken Coar] *) Support Caldera OpenUNIX 8. [Larry Rosenman ] *) Use SysV semaphores by default on OpenBSD. [Henning Brauer ] *) httpd -V will now also print out the compile time defined HARD_SERVER_LIMIT value. [Dirk-Willem van Gulik]. *) In 1.3.26, a null or all blank Content-Length field would be triggered as an error; previous versions would silently ignore this and assume 0. As a special case, we now allow this and behave as we previously did. HOWEVER, previous versions would also silently accept bogus C-L values; We do NOT do that. That *is* an invalid value and we treat it as such. [Jim Jagielski] *) Add ProtocolReqCheck directive, which determines if Apache will check for a valid protocol string in the request (eg: HTTP/1.1) and return HTTP_BAD_REQUEST if not valid. Versions of Apache prior to 1.3.26 would silently ignore bad protocol strings, but 1.3.26 included a more strict check. This makes it runtime configurable. The default is On. This also removes the requirement on an ANSI sscanf() implementation. [Jim Jagielski] *) NetWare: implemented file locking in mod_rewrite for the NetWare CLib platform. This fixes a bug that prevented rewrite logging from working. [Brad Nicholes] Changes with Apache 1.3.26 *) Potential NULL referencing fixed in the CGI module. It had been there for 5 years. [Justin Erenkrantz] *) Ensure that we set the result value in ap_strtol before we return it. [Justin Erenkrantz, Jim Jagielski] Changes with Apache 1.3.25 *) SECURITY: CVE-2002-0392 (cve.mitre.org) [CERT VU#944335] Code changes required to address and close chunked encoding security issues. To support this, we utilize the ANSI functionality of strtol, and provide ap_strtol for completeness. [Aaron Bannert, Justin Erenkrantz, Jim Jagielski, Brian Pane, William Rowe, Cliff Woolley] *) PORT: With OpenBSD 3.1 and up, allow modules to work on their ELF-based architectures. [Brad ] *) Add X-Forwarded-Host and X-Forwarded-Server to X-Forwarded-For to the proxy. [Thomas Eibner ] *) Fix a problem in mod_proxy: it would not set the number of bytes transferred, so other modules could not access the value from the request_rec->bytes_sent field. [Anthony Howe ] PR#6841 *) Fix a problem in mod_rewrite which would lead to 400 Bad Request responses for rewriting rules which resulted in a local path. Note: This will also reject invalid requests like "HEAD /roaming/martin/IMAP localhost HTTP/1.0" as issued by Netscape-4.x Roaming Profiles (on a DAV-enabled server) [Martin Kraemer] *) SECURITY: CVE-2003-0083 (cve.mitre.org) Disallow anything but whitespace on the request line after the HTTP/x.y protocol string. That prevents arbitrary user input from ending up in the access_log and error_log. Also, special characters (especially control characters) are escaped in the log file now, to make a clear distinction between client-supplied strings (with special characters) and server-side strings. [Martin Kraemer] *) Get rid of DEFAULT_XFERLOG as it is not used anywhere. It was preserved by the build system, printed with "httpd -V", but apart from that completely ignored: the default transfer log is to not produce any transfer log. [Martin Kraemer] *) Fixed sending of binary files under Cygwin. PR 9185. [Cliff Woolley] *) Added Cygwin directory layout to config.layout file. [Stipe Tolj, ] *) Added a '-F' flag; which causes the mother/supervisor process to no longer fork down and detach. But instead stays attached to the tty - thus making live for automatic restart and exit checking code easier. [ Contributed by Michael Handler , Jos Backus [ Dirk-Willem van Gulik ]]. *) Make apxs.pl more flexible (file extensions like .so or .dll are no longer hardcoded). [Stipe Tolj ] *) Add an intelligent error message should no proxy submodules be valid to handle a request. PR 8407 [Graham Leggett] *) Allow child processes sufficient time for cleanups but making ap_select in reclaim_child_processes more "resistant" to signal interupts. Bugz# 8176 [David Winterbourne , Jim Jagielski] *) Recognize platform specific root directories (other than leading slash) in mod_rewrite for filename rewrite rules. Bugz# 7492 [William Rowe] *) For supported versions of Darwin, place dynamically loaded Apache extensions' public symbols into the global symbol table. This allows dynamically loaded PHP extensions. [Marko Karppinen ] *) Correct proxy to be able to handle the unexpected 100-continue reponses sent during PUT or POST requests. [Graham Leggett] *) Correct a timeout problem within proxy which would force long or slow POST requests to close after 300 seconds. [Martin Lichtin , Brian Bothwell ] *) Add support for dechunking chunked responses in proxy. [Graham Leggett] *) Made AB's use of the Host: header rfc2616 compliant by Taisuke Yamada [Dirl-Willem van Gulik]. *) Update the Red Hat Layout to match Red Hat Linux version 7. PR BZ-7422 [Joe Orton] *) Add some popular types to the mime magic file. PR 7730. [Linus Walleij , Justin Erenkrantz] *) Tighten up the overridden-Server-header bugfix in the proxy, by only overriding if the request is a proxy request. It has been pointed out that the previous fix allows CGIs and modules to override the Server header, which is change to previous behavior. [Graham Leggett, Joshua Slive] *) Another fix for the multiple-cookie header bug in proxy. With some luck this bug is actually now dead. [Graham Leggett] Changes with Apache 1.3.24 *) Fixed a segfault in mod_include when #if, #elif, #else, or #endif directives were improperly terminated. [Cliff Woolley] *) Win32 SECURITY: CVE-2002-0061 (cve.mitre.org) Introduce proper escaping of command.com and cmd.exe for Win32. These patches close vulnerability CVE-2002-0061, identified and reported by Ory Segal , by which any CGI invocation of .bat or .cmd files could compromise the system when the .bat or .cmd was parsed the query args as an argument to either cmd.exe /c or command.com /c. [William Rowe] *) Add % and \r [C/R] to the dangerous Win32 shell character list. Retain the Unix sh escapes list for compatibility. [William Rowe] *) Pass the command line to the cmd.exe /c interpreter double quoted. This fixes a bug that CGI args ending in a double-quote would cause invocation to fail. Also, treat command.com as a 16-bit executable. [William Rowe] *) Win32; Never invoke cmd or bat scripts based on the registry, even for 'ScriptInterpreterSource Registry' enabled. [William Rowe] *) Provide Win32 users a log of the cgi command invoked, to assist in debugging scripts at LogLevel info. Also provide env vars at LogLevel debug for additional help to admins troubleshooting the ever mysterious "Premature end of script headers" error. [Aaron Bannert] *) Added the 'CGICommandArgs off' directive, to allow admins to disable the query argument passing mechanism in Apache, if future CGI argument vulnerabilities should be discovered. This defaults to 'on', meaning isindex-style query arguments are enabled. [Aaron Bannert] *) When a proxied site was being served, Apache was replacing the original site Server header with it's own, which is not allowed by RFC2616. Fixed. [Graham Leggett] *) Fixed the previous multiple-cookie fix in the proxy. Cookies are broken in that they contain dates which in turn contain commas - so merging and then unmerging them breaks Set-Cookie headers. Sigh. [Graham Leggett] *) Add ap_uuencode to the httpd.exp exports file used by the AIX linker. [Bill Stoddard] *) Win32: Ignore AcceptMutex directive if it is present [Bill Stoddard] *) mod_rewrite: restored rnd behavior that was broken in 1.3.23. PR 10090, 10185 [Jeroen Boomgaardt ] *) NetWare: Added the command line directive -e that forces all fatal configuration error messages to the logger screen rather than the Apache screen before Apache is unloaded. [Brad Nicholes ] *) Add the ProxyIOBufferSize option. Previously the size of the buffer used while reading from the remote server in proxy was taken from ProxyReceiveBufferSize. [Graham Leggett] *) Fix a NULL variable check in proxy where we were checking the wrong variable. [Geff Hanoian ] *) Fix typo in default config files related to Swedish language documents. PR: 9906, 10040 [Tomas Ögren , Dennis Lundberg ] *) apxs didn't get rebuilt when options were changed. This must have caused much puzzlement in the past. Fixed. [Ben Laurie] *) No idea why an HTTP/1.1 proxy would send an HTTP/1.0 request to a remote server by default. Fixed. [Graham Leggett, Gabriel Russell ] *) NetWare: Added the module mod_log_nw to handle log rotation. This module adds LogRotateDaily and LogRotateInterval to allow all of the custom logs to be either rotated on a daily basis or on a specific interval. Based on a patch by Bertrand Demiddelaer. [Brad Nicholes ] *) Fix typo in rotatelogs.8. [Will Lowe ] *) Clean up warnings in mod_proxy [Chuck Murcko ] *) TPF: Use the correct subpool when opening the error log. This prevents a possible SIGPIPE in standalone_main. [David McCreedy ] *) When proxy enabled a slow frontend client to read from an expensive backend server, it would wait until it had delivered the response to the slow frontend client completely before closing the backend connection. The backend connection is now closed as soon as the last byte is read from it, freeing up resources that would have been tied up unnecessarily. [Graham Leggett, Igor Sysoev ] *) The proxy code read chunks from the backend server in a hardcoded amount of 8k. The existing ProxyReceiveBufferSize parameter has been overloaded to specify the size of this buffer. [Graham Leggett, Igor Sysoev ] *) [Security] Prevent invalid client hostnames from appearing in the log file. If a double-reverse lookup was performed (e.g., for an "Allow from .my.domain" directive) but failed, then a spoofed dns-reverse-address could appear in the logs. Now the numeric address is logged instead. Note that reverse-address-spoofing did NOT actually allow access to any protected resource! [Martin Kraemer] *) Some browsers ignore cookies that have been merged into a single Set-Cookie header. Set-Cookie and Set-Cookie2 headers are now unmerged in the http proxy before being sent to the client. [Graham Leggett] *) Fix a problem with proxy where each entry of a duplicated header such as Set-Cookie would overwrite and obliterate the previous value of the header, resulting in multiple header values (like cookies) going missing. [Graham Leggett, Joshua Slive] *) Fix a problem with proxy where X-Cache headers were overwriting and then obliterating upstream X-Cache headers from other proxies. [Graham Leggett, Jacob Rief ] *) Win32: Work around a bug in Windows XP that caused data corruption on writes to the network. The WinXP bug is tickled by the combined use of WSADuplicateSocket and blocking send() calls. [Bill Stoddard, Bill Rowe, Allan Edwards, Szabolcs Szakacsits] *) Add 'IgnoreCase' keyword to the IndexOptions directive; if active, upper- and lower-case letters are insignificant in ordering. In other words, all A* and a* files will be listed together, rather than the a* ones after all the [A-Z]* ones. [Tullio Andreatta ] *) NetWare: Implemented the real ap_os_case_canonical_filename() function that retrieves the accurately cased path and file name from the file system. [Brad Nicholes ] *) Fix the longstanding bug that errors (returned by src/Configure) would not be noticed by the top level configure script. That was bad for automated configurations. [Martin Kraemer] *) Link with -lpthread on Solaris since we reference pthread functions for the accept mutex. Previously, the link step would succeed but we would link to bogus versions of the pthread functions in libc, apparently breaking accept mutex serialization when "AcceptMutex pthread" was used and apparently breaking some third-party modules whether or not "AcceptMutex pthread" was used. [Jeff Trawick] *) The Location: response header field, used for external redirect, *must* be an absoluteURI. The Redirect directive tested for that, but RedirectMatch didn't -- it would allow almost anything through. Now it will try to turn an abs_path into an absoluteURI, but it will correctly varf like Redirect if the final redirection target isn't an absoluteURI. [Ken Coar] *) apxs: fix bug that prevented -S option from containing quotes. [Ben Laurie] *) ftp proxy: various cosmetic and functional improvements - Allow for /%2f hack (to access the root directory / ) - properly escape generated links in dir listing - do directory listings in ASCII, to avoid problems with EBCDIC servers - close data & control channels to server properly [Martin Kraemer] *) NetWare: Added mod_auth_dbm to the project file. [Brad Nicholes ] Changes with Apache 1.3.23 *) Changed the symbol mapping of the following from API_EXPORT to API_EXPORT_NONSTD: ap_snprintf(), ap_table_do(), ap_bvputs(), ap_log_error(), ap_log_rerror(), ap_log_printf(), ap_rprintf() [William Rowe] *) Fixed a number of mismatched int sizes and signedness problems. Still remains, MSVC's 'interesting' declaration of FD_SET still emits (impotent) warnings. [William Rowe] *) mod_proxy changes: *) Bug fix for ap_proxy_cache_conditional(), unititialized wetag [Zvi Har'El ] *) Add persistent connection handling The patch changes mod_proxy to write the reply-headers using ap_send_http_header() instead of directly using ap_bvputs(). This not only simplifies mod_proxy, in my opinion at least, but enables it to make use of the features of Apache's normal header and persistent connection machinery. [Christian von Roques ] *) Graham Leggett's original 1.3.12 patch, updated for 1.3.19+ Original comments: HTTP/1.1 support for mod_proxy: - support for Cache-Control - conditional support If-Match, If-None-Match, If-Unmodified-Since, Etag - support for content negotiation using Vary - storing of request headers (for Vary support) in cache file - storing of updated response headers (with 304 Not Modified) in cache file - support for 64 bit dates and content-lengths in cache file Fixes: - ProxyPassReverse applied to Content-Location - entity headers no longer stripped from response after cache revalidation - annotation of mod_proxy cache code [Graham Leggett ] changes to preserve binary compatibility with httpd core, clean up [Chuck Murcko ] *) HPUX 11.*: Do not kill the child process when accept() returns ENOBUFS on HPUX 11.*. [] *) PORT: Numerous additions to Cygwin, including: defaulting to Posix thread accept mutex, excluding the call to pthread_mutexattr_setpshared(), better proxy and DBM support, and allowing the use of native Win32 socket ops instead of Cygwin's Posix wrapper (for better performance). The last item required the addition of a new Configure Rule: CYGWIN_WINSOCK. [Stipe Tolj ] *) Use "httpready" accept filter rather than "dataready" on FreeBSD after 4.1.1-RELEASE where it works correctly. [Tony Finch] *) Fix incorrect "Content-Length" header in the 416 "range not satisfiable" response. [Joe Orton ] *) Add FileETag directive to control fields used when constructing an ETag for a file-based resource. Historically the inode, size, and mtimehave been used, but the inode factor broke caching for systems with content fan-out across multiple back-end servers. Now the fields used in the construction can be controlled by configuration directives. Minor MMN bumped; MMN went from 19990320.10 to 19990320.11. [Ken Coar, from a patch by Phil Dietz] *) NetWare: Fixed the access forbidden problem when requesting an empty directory rather than showing the empty listing. [Charles Goldman, Guenter Knauf ] *) Cause Win32 to capture all child-worker process errors in Apache to the main server error log, until the child can open it's own error logs. [William Rowe] *) Revert mod_negotation's handling of path_info and query_args to the 1.3.20 behavior. PR: 8628, 8582, 8538 [William Rowe] *) Modify buff.h and buff.c to enable modules to intercept the output byte stream for dynamic page caching. A pointer to a 'filter callback' function is added to the end of buff.h. This function, if registered by a module, is called at the top of buff_write() and writev_it_all(). [Kevin Mallory ] *) When the default of 'Group #-1' was changed to 'Group "#-1"', the Makefile wasn't updated to recognise the quotation marks. [Owen Boyle ] *) Win32: Do not allow threads to continue handling keepalive requests after a shutdown or restart has ben signaled. [Bill Stoddard] *) Win32: Accept OPTIONS * requests. [Keith Wannamaker] *) Unixware 7.0 and later did not have a default locking mechanism defined. This bug was introduced in apache 1.3.4. [Dean Gaudet] *) Prevent an Apache module from being loaded or added twice due to duplicate LoadModule or AddModule directives (or a missing ClearModuleList directive). [William Rowe, Brian Pane ] *) Add checkgid app to do run-time validation of Group directive values which might cause the server to fall over, but which are syntactically correct. [Ken Coar] *) NetWare: Added mod_unique_id to the project file. [Brad Nicholes ] *) NetWare: Fixed a link problem with mod_vhost_alias so that it exports the correct MODULE structure. PR 8598 [Brad Nicholes ] *) Unix: The generated install script for binary distributions, install-bindist.sh, now makes DSO files executable, like make install. This allows a binary distribution to work on HP-UX without any manual intervention. PR 7428 [Jeff Trawick] *) Win32: The Apache Win32 developers generally recommend that MaxRequestsPerChild be set to 0 to prevent the child process from ever recycling. However, for those that do require a non-zero setting, this patch fixes a serious bug that can cause an apparent 'server-hang' condition where the server stops responding to requests for a period of time. Prior to this fix, when the child process handled MaxRequestsPerChild connnections, the child process would stop accepting new connections and begin allowing inactive threads to exit. The problem was that a new process would not be created to begin handling requests until the old process fully exited. The old process can take an indeterminate amount of time to exit because it may be sending large responses to clients connected over slow links, or it may have threads blocked in read awaiting requests (eg, one attack mode of the Nimda worm is to establish a connection to the server but not send an HTTP request. This connection will be timed out according to the setting of the Timeout directive, 300 seconds). This fix allows the new process to be immediately started and begin accepting requests when the old child process reaches MaxRequestsPerChild. [Bill Stoddard] *) Win32: Emit error message when the server bumps up against the ThreadsPerChild configuration limit. This will be useful for admins to detect when their server is running out of threads to handle requests. [Bill Stoddard] *) Test all directories listed with the UserDir directive for validity. Also resolves the Win32/Netware bug of unparsable quoted paths. PR 8238 [William Rowe] Changes with Apache 1.3.22 *) Recognize AIX 5.1. [Jeff Trawick] *) PORT: Support AtheOS (see www.atheos.cx) [Rodrigo Parra Novo ] *) The manual directory is still configurable (as enabled by the 1.3.21 change), but its default setting was reverted to the pre-1.3.21 default as a subdirectory of the DocumentRoot. You can adapt your path in config.layout or with the "configure --manualdir=" switch. [Martin Kraemer] *) Additional correction for the mutex changes on the TPF platform. [David McCreedy ] *) mod_proxy - remove Explain*; replace with ap_log_* [Chuck Murcko ] Changes with Apache 1.3.21 *) Enable mod_mime_magic (experimental) for Win32. [William Rowe] *) Use an installed Expat library rather than the bundled Expat. This fixes a problem where multiple copies of Expat could be loaded into the process space, thus conflicting and causing strange segfaults. Most notably with mod_perl and XML::Parsers::Expat. [Greg Stein] *) Handle user modification of WinNT/2K service display names. Prior versions of Apache only accepted identical internal and display names (where internal service names were space-stripped.) [William Rowe] *) Introduce Win32 -W option for -k install/config to set up service dependencies on the workstation, snmp and other services that given modules or configurations might depend upon. [William Rowe] *) Update the mime.types file to map video/vnd.mpegurl to mxu and add commonly used audio/x-mpegurl for m3u extensions. [Heiko Recktenwald , Lars Eilebrecht] *) Modified mod_mime and mod_negotiation to prevent mod_negotiation from serving any multiview variant containing one or more 'unknown' filename extensions. In PR #8130, mod_negotiation was incorrectly serving index.html.zh.Big5 when better variants were available. The httpd.conf file on the failing server did not have an AddLanguage directive for .zh, which caused mod_mime to loose the file_type information it gleened from parsing the .html extension. The absence of any language preferences, either in the browser or configured on the server, caused mod_negotiation to consider all the variants equivalent. When that occurs, mod_negotiation picks the 'smallest' variant available, which just happened to be index.html.zh.Big5. [Bill Stoddard, Bill Rowe] PR #8130 *) SECURITY: CVE-2001-0731 (cve.mitre.org) Close autoindex /?M=D directory listing hole reported in bugtraq id 3009. In some configurations where multiviews and indexes are enabled for a directory, requesting URI /?M=D could result in a directory listing being returned to the client rather than the negotiated index.html variant that was configured and expected. The work around for this problem (for pre 1.3.21 releases) is to disable Indexes or Multiviews in the affected directories. [Bill Stoddard, Bill Rowe] *) Enabled Win32/OS2/Netware file paths (not / rooted, but c:/ rooted) as arguments for mod_vhost_alias'es directives. [William Rowe] *) Changes for Win32 to assure mod_unique_id's UNIQUE_ID strings really are unique between threads. [William Rowe] *) mod_proxy - fix for Pragma: nocache (HTTP/1.0 only) [Kim Bisgaard ] PR #5668 *) PORT: Some Cygwin changes, esp. improvements for dynamic loading, and cleanups. [Stipe Tolj ] *) Win32 SECURITY: CVE-2001-0729 (cve.mitre.org) The default installation could lead to mod_negotiation and mod_dir/mod_autoindex displaying a directory listing instead of the index.html.* files, if a very long path was created artificially by using many slashes. Now a 403 FORBIDDEN is returned. This problem was similar to and in the same area as the problem reported and fixed by Martin Kraemer in 1.3.18, only the scope is much narrower and is specific to Windows. [Bill Stoddard] *) Update the mime.types file to the registered media types as of 2001-09-25, and add xsl, so, dll extensions [Mark Cox] *) Resolved the build failure on Win32 using MSVC 5.0 (without the current SDK.) PRs 7790, 7948. [William Rowe] *) mod_proxy - fix reverse proxy cookie passthrough [Brian Eidelman ] PR#6055 *) mod_proxy - fix CacheForceCompletion directive [Alexey Panchenko ] PR#8090 *) mod_proxy - close origin server connection when client aborts [Alexey Panchenko ] PR#8067,7383,6585 *) ErrorDocument 404 pointing to a parsed html file with a with a request URI containing %2f would result in a segfault (NULL pointer deref, not a security problem). [Jeff Moe , Dean Gaudet] PR#8362 *) UnsetEnv from main body of httpd.conf file didn't work; backport of bugfix from 2.0 codebase. [Gary Benson ] PR#8254 *) Win32 - add mod_unique_id.so and mod_vhost_alias.so to the build. [William Rowe] *) Enhancement of mod_auth to handle 'Require file-owner' and 'Require file-group'. This allows access IFF the authenticated username (from the appropriate AuthUserFile database) matches the username of the UID that owns the document (and equivalent checking for file GID and user's membership in AuthGroupFile). See the mod_auth documentation for examples. (Not supported on Windows.) [Ken Coar] *) Addition of the AcceptMutex runtime directive. The accept mutex method is now runtime controllable. The suite of available methods per platform is defined at compile time (with HAVE_FOO_SERIALIZED_ACCEPT noting that the method is available and works, and USE_FOO_SERIALIZED_ACCEPT noting that it should be the default method in absense of any AcceptMutex line, or via AcceptMutex default) and selectable at runtime. The full (current) suite is uslock, pthread, sysvsem, fcntl, flock, os2sem, tpfcore and none, but not all platforms accept all methods. [Jim Jagielski] *) Parallel to a change in Apache-2.0, the manual directory was moved out of the DocumentRoot tree to simplify the separation of private content&configuration from server's on-line documentation. An "Alias /manual/ ..." projects the manual/ directory (which resides now side-by-side with the icons/ directory) into the logical DocumentRoot. Note that a request to http://server/manual (without the trailing slash) will now behave different than before (it used to redirect to http://server/manual/ but no longer does). [Martin Kraemer] *) Fixed ap_os_canonical_filename() so that it wouldn't try to canonicalize an invalid file name. Also fixed ap_os_is_path_absolute() so that it wouldn't recognize names such as proxy:http://blah as a NetWare volume:pathname. Both of these fixes were necessary to fix mod_proxy problems on NetWare. [Brad Nicholes ] *) Fix a storage leak (a strdup() call) in mod_mime_magic. [Jeff Trawick] *) We have always used the obsolete/deprecated Netscape syntax for our tracking cookies; now the CookieStyle directive allows the Webmaster to choose the Netscape, RFC2109, or RFC2965 format. The new CookieDomain directive allows the setting of the cookie's Domain= attribute, too. PR #s 5006, 5023, 5920, 6140 [Ken Coar] *) The Win32 Makefile.win build script failed if INSTDIR="c:\path\with spaces" was given, this is now fixed. PR 8184 [Jack Tan ] *) EBCDIC: The proxy, when used in a proxy chain, "forgot" to convert the "CONNECT host:port HTTP/1.0" request line to ASCII before contacting the next proxy, and was thus unusable for SSL proxying. [Martin Kraemer] *) SECURITY: CVE-2001-0730 (cve.mitre.org) Make support/split-logfile use the default log file if "/" or "\" are present in the virtual host name. This prevents the possible use of specially crafted virtual host names in some configurations to allow writing to any .log file on the system. [Daniel Matuschek , Marc Slemko] PR#7848 *) Added a directive: "AcceptFilter ". To control BSD acccept filters when at compile time SO_ACCEPT_FILTER is detected. The default is still 'on' except when, at compile time, AP_ACCEPT_FILTER_OFF is defined. Also downgraded the fatal exit to a warning when the associated setsocketopt(2) fails for any reason but for ENOPROTOOPT. The latter - which implies that the kernel does not support the filters - now rates only an info level message. All in all this should make it easier to move httpd binaries and config files across BSD machines with varying acceptfilter support. [Dirk-Willem van Gulik ] *) Fix the container to *really* deny all access. Without the Satisfy All, .ht* files could still be fetched if they were within the scope of a Satisfy Any directive. [Ken Coar] *) Print a warning when an attempt is made to use line-end comments. Apparently they are not detected/handled gracefully by all directives. [Martin Kraemer] *) (TPF only) Take advantage of improvements to select(), fork(), and exec() in the TPF operating system. [David McCreedy ] *) (Cygwin only) Fix problems with signals sent to child processes; Improve auto-configuration for Cygwin. [Stipe Tolj ] *) Added Mod_Vhost_Alias to the project file so that it builds as an external module (VHOST.NLM). [Brad Nicholes ] *) Fix problem with lingering_close() on Windows. Issuing read() on the socket descriptor on Windows always fails. Should be calling recv() instead of read() on Windows. [Bill Stoddard, Bill Rowe] *) Added an abnormal exit clean up routine to make sure that ApacheC NLM is always unloaded cleanly. This fixes the "Ouch! out of memory" problem when restarting Apache for NetWare after an abnormal exit due to configuration errors. [Brad Nicholes ] *) Change the compile switches for ReliantUNIX SVR4 not to use SYSV semaphores, because upon reaching the system limit of semaphores, the whole server exits (not just one child). Apache could be improved to use NO_SEM_UNDO flag (see test/time-sem.c) which is currently implemented only in the time-sem program, but not in apache. Until then, revert to using fcntl() locks. [Martin Kraemer] *) Changes to 'ab': fixed int overruns, added statistics, output in csv/gnuplot format, rudimentary SSL support and various other tweaks to make results more true to what is measured. The upshot of this it turns out that 'ab' has often underreported the true performance of apache. Often by a order of magnitude :-) See talk/paper of Sander Temme at April ApacheCon 2001 for details. [Dirk-Willem van Gulik] Changes with Apache 1.3.20 *) Autodetect if platforms have isnan() and/or isinf() for use in ap_snprintf.c. [Jim Jagielski] *) SECURITY DoS: CVE-2001-1342 (cve.mitre.org) Correct a vulnerability in the Win32 and OS2 ports, by which a client submitting a carefully constructed URI could cause a GP (segment) fault in the child process, which would have to be cleared by the operator to resume operation. This vulnerability introduced no identified means of compromising the server's data. Reported by Auriemma Luigi . [William Rowe, Brian Havard] *) Resolve the Win32 SSI exec cmd bug, where cmd was not executed appropriately against the shell. [William Rowe] *) Added NOESCAPE (NS) flag to RewriteRule and enabled use of '\' to allow escaping of special characters. Previously there was no way to embed either '$' or '%' in the output of a RewriteRule; now 'foo\$1' will result in a literal 'foo$1' appearing in the result rather than 'foo\'. Note that [NS] disables *all* normal URI escaping, so incautious use can give unexpected results. [Ken Coar] *) Add support for Win32 apxs. Note that cygwin builders must use a cygwin perl to avoid the MSWin32 handling. [William Rowe] *) Changed the initial screen handling for NetWare so that the -s parameter will properly destroy the Apache console screen and switch to the system console screen. Also removed the call to clrscr() for NetWare so that any warning messages produced during startup are visible. [Brad Nicholes ] *) Integrate support for the Cygwin 1.x platform (a POSIX emulation layer for Win32 systems, see http://www.cygwin.com) [Stipe Tolj ] *) Hooked calls to opendir() and readdir() so that we could add '.' and '..' to the entry list. By default NetWare does not return these entries which caused mod_autoindex not to display the parent directory entry. [Brad Nicholes ] *) Solved a very serious threading problem with WinNT/2K Services. The moment master_main told that the shutdown was complete, the parent control thread exited Apache, leaving mod_jserv's Java process running and alternately invoking mod_perl's cleanups from the correct thread or the service control thread. [William Rowe] *) Populate the Win32 HKLM\System\CurrentControlSet\Services\[apachesvc] key with the Description value of the running server across all Win32 platforms, including NT, ME and 9x. This value is the server_version string including loaded modules. [William Rowe] *) Fix ndbm.h include problems with various Linux distributions and brain-dead glibc >= 2.1, which sometimes have ndbm.h in a non-standard db1/ subdir. PR#6929 [Victor J. Orlikowski] *) Empty headers are allowed by RFC2068 section 4.2. The presence or absence of an empty header can be significant. The current mod_proxy of httpd 1.3.x removes empty headers. Change mod_proxy to preserve empty headers. [Christian von Roques ] *) Enhance rotatelogs so that a UTC offset can be specified, and the logfile name can be formatted using strftime(3). [Ken Coar] *) Fix a possible NULL pointer dereference in the detection of the default ServerName or IP string (introduced in 1.3.18). [Ignasi Roca, ] *) Make EBCDIC conversion fully configurable. Until now, apache relied on some (incomplete) heuristics, and would fail to correctly serve text files when they had a MIME type of application/anything, like application/x-javascript. The new conversion directives allow defining the conversion based on MIME type or file suffix. [Martin Kraemer] *) Add a -V flag to suexec, which causes it to display the compile-time settings with which it was built. (Only usable by root or the HTTPD_USER username.) [Ken Coar] *) Set the Win32 service description in the Services control panel to the server_version string from Apache and the loaded modules. [William Rowe] *) Added a new API for NetWare, ap_os_dso_unsym(), to allow Apache the chance to unimport module symbols before it shuts down. This is necessary so that Apache on NetWare can shutdown cleanly in an error condition such as a failure while reading the httpd.conf file. [Brad Nicholes ] *) Introduce NUL device pipes for stdin and stdout for the parent Win32 service process. This solves bugs such as PR7198 that report "dup2(stdin) failed" when trying to use piped logs. [William Rowe] Changes with Apache 1.3.19 *) Rewrite ap_unparse_uri_components() to make it safer and more readable ["Jeffrey W. Baker" ] *) Under certain circumstances, Apache did not supply the right response headers when requiring authentication. [Gertjan van Wingerde ] PR#7114 *) Clean up some end-of-loop not reached warnings [Jim Jagielski, Aris Stathakis ] *) Add the correct language tag for interoperation with the Taiwanese versions of MSIE and Netscape. [Clive Lin ] PR#7142 *) Fixed system shutdown on Windows 2000 to assure that the modules have an opportunity to clean up. Note there is a _very_ limited amount of time in which to execute all cleanups [see MSKB Q146092] so all of the modules may still not be given an opportunity to complete their cleanups if they require more than 20 seconds total. [William Rowe] Changes with Apache 1.3.18 [not released] *) Workaround enabled for a core dump which appeared in broken NameVirtualHost configurations. [Martin Kraemer] *) Sporadic core dump in ap_default_port_for_scheme() with internal requests fixed by [Jeffrey W. Baker ] *) PORT: Allow for build under latest dev. version of NonStopUX on Compaq. [Tom Bates ] *) mod_user on Win32 bug introduced in 1.3.17 is corrected. The parsing is completely rewritten so all platforms share the same file/redirect logic interpreting UserDir directives. Specifying a Win32 or Netware relative path or a relative path on any platform using an '*' now emits an error when httpd.conf is first parsed. [William Rowe] *) Apache/Win32 no longer holds open the console on error, unless invoked by a shortcut with the new -w option. [William Rowe] *) The Win32 -t test config now holds the console open on "SYNTAX OK". [William Rowe] *) Apache on Win9x now ensures the service is stopped before removal. [William Rowe] *) SECURITY: CVE-2001-0925 (cve.mitre.org) The default installation could lead to mod_negotiation and mod_dir/mod_autoindex displaying a directory listing instead of the index.html.* files, if a very long path was created artificially by using many slashes. Now a 403 FORBIDDEN is returned. [Martin Kraemer] *) Trailing slashes (if they exist) are now removed from ServerRoot, because there were known problems with them. ["William A. Rowe, Jr." ] *) Changed ap_os_is_filename_valid on NetWare to accept SERVER/VOLUME:/PATH/FILE as a valid filename pattern. [Brad Nicholes ] *) Win32/Netware: correct relative paths and eliminate trailing slash in the -d serverroot argument. -d Serverroot may be relative to the path of the Apache.exe file. [William Rowe] *) Win32; fix the ServerRoot as the path of the Apache.exe file. Eliminates the requirement of a 'backup' registry key to locate the server root. [William Rowe] *) NetWare MOD_TLS fixes to disable nagles properly when making an SSL connection, and properly detect an SSL connection based on the port and work around the r->server->port 80 bug. [Brad Nicholes ] *) TPF startup/shutdown fixes. [David McCreedy ] *) Correct a typo in httpd.conf. [Kunihiro Tanaka ] PR#7154 *) Get the correct IP address if ServerName isn't set and we can't find a fully-qualified domain name at startup. [Danek Duvall ] PR#7170 *) Fix pointer arithmetic in mod_rewrite map expansion. [Christopher A. Bongaarts ] PR#7157, 7158 *) Fixed a problem with file extensions being truncated during the call to ap_os_canonical_filename(). [Brad Nicholes ] Changes with Apache 1.3.17 *) Normalize the Netware path names to close a potential security hole in comparing paths when the adminstrator specifies both sys:foo and sys:/foo formats in the same httpd.conf file. [Brad Nicholes] *) Fix an unlikely segfault provided a zero length string in the translate_userdir() call on win32/os2, and accept backslashes in the UserDir directive on those platforms [William Rowe] *) Fixed translate_userdir() in MOD_USERDIR.C so that it correctly recognizes NetWare absolute paths. This fixes the problem where MOD_USERDIR was trying to redirect to an absolute NetWare path rather than opening the file at the specified location. This patch fixes PR5826 & 6283. [Brad Nicholes ] *) Fixed ap_os_is_path_absolute() in OS.H so that it can tell the between a NetWare path (SYS:/path) and a URL (HTTP://path). [Brad Nicholes ] *) Fixed the sdbm.h bundled in Apache for Win32, bringing it in sync with Perl. Because it didn't have the same geometry as Perl, users reported the first user added with dbmmanage was not recognized. [William Rowe] *) Fixed ap_os_canonical_filename to append a the default volume name if the the path is a full path and does not include the volume name. Since NetWare's current working directory always defaults to the SYS: volume regardless of where the executible started, the default volume will be the volume that is specified in ap_server_root. [Brad Nicholes ] *) Handle port numbers in Host headers properly again after the code was broken in 1.3.15. [Tony Finch] Changes with Apache 1.3.16 [not released] *) None from 1.3.15 [repository tags were the issue, no code altered] Changes with Apache 1.3.15 [not released] *) Fix a new problem introduced with the -k config syntax, that the service installed with the -i flag would attempt to re-install itself when starting the server. [William Rowe, Andrew Braund] *) Fix the declaration of the module structure in mod_example. [Gururaj Upadhye ] PR#7095 *) Fix the handling of variable expansion look-ahead in mod_rewrite, i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of more complicated nested RewriteMap lookups. [Tony Finch] PR#7087 *) Fix the RFC number mentioned when complaining about a missing Host: header. [Alexey Toptygin ] PR#7079 *) Fix Range header processing to properly parse the syntax specified in RFC 2616, and properly handle unsatisfiable requests by returning a 416 error. [Tony Finch, William Rowe] PR#6973 *) Remove some human-readable fluff from the machine-readable mod_status display. [Youichirou Koga ] PR#7025 *) The new Win32 command line option, -k config, replaces the default options for the existing, named service with the options given on the -k config command line. Apache -n servicename -t now displays the default options before it tests the httpd.conf. Use the syntax apache -k config -n servicename -f conffile to upgrade an existing 1.3.x service to the new 1.3.15 default arguments. [William Rowe] *) All Win32 services now support default command line options when starting an Apache service. The command line options given with the apache -k install command, including -d, -f, -D, -C and -c, are all saved in the registry. This change superceeds the old ConfPath entry, so existing services must be reconfigured when upgrading to 1.3.15. [William Rowe] *) The Win32 build is overhauled to use mod_foo.so for all dynamic Apache modules. [William Rowe] *) The Win32 build scripts (makefile.win, Apache.dsw) now build all the usual targets, including the directories htdocs, include, lib, libexec, and cgi-bin. [William Rowe] *) WinNT/2K service can be started from the command line with any desired args (e.g. Apache -k start -n apache-1.3 -D FOO will start the service with the -D FOO option.) This extends what Apache on Win9x already does, even running as a service. [William Rowe] *) WinNT/2K can be started from the Services control panel adding whatever args are desired (e.g. -D ARG) in the 'Start Parameters' box of the start service dialog. These will be passed on and recognized by the service as it starts. [William Rowe] *) Support -k install/-k uninstall on Win32 for compatibility with Apache 2.0. [William Rowe] *) mod_cgi on Win32 and Netware now does a more effective job of capturing all stderr output from user's scripts. PR6161 [Hardy Braunsdorf , Will Rowe] *) mod_status now respects ?refresh=n of 1 or greater. If the given refresh value is not a number, ?refresh is set to 1 second. [William Rowe, Dirk Ahlers PR5067] *) Restore child process consoles to correct 16-bit CGI execution on Windows. Relies on Win9xConHook.dll for Win9x. This patch also assures the Apache window remains titled 'Apache', rather than flickering to the cgi app titles. [William Rowe] *) Added Win9xConHook.dll, which uses hidden console spy windows to handle the shutdown, logoff and Close button events, and dispatch them to Apache just as SetConsoleCtrlHandler does on Win NT/2K. The close button on Win9x now works, and the Win9x service support code moved into this module. [William Rowe] *) Fix messages from the -k start/stop/restart command options on Windows. [William Rowe] *) Allow Win32 users to build mod_isapi, regardless of the age of their Win32 SDK headers. Warning provided if features must be disabled due to old headers. [William Rowe] *) The ScriptInterpreterSource Registry source will now handle any post-scriptname arguments (e.g. cmd script -q), substitute any environment variables (e.g. "%windir%\sysapp.exe") and use the short or long path name as appropriate (e.g. "doit %1" uses the short form, no spaces, while "doit "%1"" uses the long form of the script name, in quotes.) Also, passes all script names in backslash delimited format (instead of slashes). [William Rowe] *) Accomodate an out-of-space condition in the piped logs and the rotatelogs.c code, and no longer churn log processes for this condition. [Victor J. Orlikowski] *) Make cgi-bin work as a regular directory when using mod_vhost_alias with no VirtualScriptAlias directives. [Tony Finch] PR#6829 *) Move the check of the Expect request header field after the hook for ap_post_read_request, since that is the only opportunity for modules to handle Expect extensions. [Justin Erenkrantz ] *) Add default CacheGcInterval of one hour [ Chuck Murcko ] *) Each Netware thread is created in its own thread group to ensure that any context change applies only to the thread in which the change was made. [Brad Nicholes ] *) Relax the syntax checking of Host: headers in order to support iDNS. [Tony Finch] PR#6635 *) Fix Content-Length calculation when doing Range header processing. This makes PDF byteserving work again. [Tony Finch] PR#6711 *) Link with libresolv on UnixWare 7 so that PHP works. [Larry Rosenman ] PR#6780 *) Linux 2.2.x and later do not need a serialised single listener, and sysv semaphores scale better than fcntl. Updated GuessOS to distinguish 2.0.x from 2.2.x -- 2.0.x will still use fcntl. [Andrew Morton , Dean Gaudet] *) Eliminate caching problems of mod_autoindex results, so the last modified date of the directory is returned as the Last-Modified and ETag HTTP header tags are sent if IndexOptions TrackModified directive/option is used. [William Rowe] *) Corrected file path arguments from server conf directives to their canonical form (excluding OS2 - which uses alternate logic.) Resolves a long list of PRs reporting that Win32 paths of the syntax x:\foo were mis-concatinated to the server root as of release 1.3.14. [William Rowe] *) Correct an issue with Alias and ScriptAlias directives that file path arguments were not normalized in canonical form. This correction makes no attempt to normalize regular expression forms of Alias or ScriptAlias. [William Rowe] *) Add a new LogFormat directive, %c, that will log connection status at the end of the response as follows: 'X' - connection aborted before the response completed. '+' - connection may be kept-alive by the server. '-' - connection will be closed by the server. [Bill Stoddard ] *) Normalize all NetWare config directive paths and filespecs to their canonical names. [Brad Nicholes ] *) Update the mime.types file to the registered media types as of 2000-10-19. [Carsten Klapp , Tony Finch] PR#6613 *) Restore functionality broken by the mod_rewrite security fix: rewrite map lookup keys and default values are now expanded so that the lookup can depend on the requested URI etc. [Tony Finch] PR #6671 Changes with Apache 1.3.14 *) Fixes to allow compilation on NetWare [Brad Nicholes ] Changes with Apache 1.3.13 [not released] *) NOTE: A number of Win32 symbols were exported without explicit declaration in the ApacheCore.def file. These are now exported with the same ordinal export values from 1.3.12, but are now named consistent with Apache's conventions. [William Rowe] *) Add support for a "conf directory" which operates similar to /etc/rc.d/init. Basically, if a config file is actually a directory, all the files in that directory will be parsed as conf files. PR #6397 [Jim Jagielski, Lionel Clark ] *) Initial support added for mod_proxy under MPE/iX. [Mark Bixby ] *) Refined UID/GID management and permissions on MPE/iX to deal with some limitations. [Mark Bixby ] *) Updated the MPE DSO code to be compatible with an OS patch that fixed an earlier DSO problem, #include tweakage required for using apxs to build modules without access to the full source tree, and other minor MPE tweaks. [Mark Bixby ] *) SECURITY: Tighten up the syntax checking of Host: headers to fix a security bug in some mass virtual hosting configurations that can allow a remote attacker to retrieve some files on the system that should be inaccessible. [Tony Finch] *) Add support for /, //, //servername and //server/sharename parsing of blocks under Win32 and OS2. [Tim Costello, William Rowe, Brian Havard] *) Expand dbmmanage to allow -d -m -s -p options for Crypt, MD5, SHA1 and plaintext password encodings. Make feature tests a bit more flexible. [William Rowe] *) SECURITY: CVE-2000-0913 (cve.mitre.org) Fix a security problem that affects some configurations of mod_rewrite. If the result of a RewriteRule is a filename that contains expansion specifiers, especially regexp backreferences $0..$9 and %0..%9, then it may have been possible for an attacker to access any file on the web server. [Tony Finch] *) Add mod_auth_dbm (sdbm flavor) binary build for Win32. [William Rowe] *) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2) as well as a comment arg to the add, adduser and update cmds. update allows the user to clear or preserve pw/groups/comment. Fixed a bug in dbmmanage that prevented the check option from parsing a password followed by :group... text. Corrected the seed calcualation for Win32 systems, and added -lsdbm support. [William Rowe] *) Radical surgery to improve mod_isapi support under Win32. Includes a number of newer ServerSupportFunction calls, support for ReadClient (in order to retrieve POSTs greater than 48KB), and general bug fixes to more reliably load ISAPI .dll's and prevent leaking handle resources. Note: There are still discrepancies between IIS's and Apache's ServerVariables, and async calls are still not supported. Additional warnings are logged to facilitate debugging of unsupported ISAPI calls. [William Rowe] *) Update Configure script to allow building Apache on IBM's IA64 version of AIX. [Paul Reder] *) NameVirtualHost can now take "*" as an argument instead of an IP address. This allows you to create a purely name-based virtual hosting server that does not have any IP addresses in the configuration file and which ignores the local address of any connections. PR #5595, PR #4455 [Tony Finch] *) Fix processing/merging of Remove* MIME directives. PR #5597 [Sander van Zoest ] *) Fix merging of AddDefaultCharset directive. PR #5872 [Jun Kuriyama ] *) Win32: Work around bug in Win32 select on network reads. Select can indicate a socket has data to read, but the subsequent read can return WSAEWOULDBLOCK. This problem has been observed when running with SSL enabled Apache, specifically, browsers sometimes cannot complete the SSL handshake when an SGC certificate is used, receiving a network error message. [Richard Scholz ] *) Use "accept filtering" on recent versions of FreeBSD iff the kernel is configured to support them. This allows Apache to avoid having to handle new connections until the request has arrived. [Tony Finch] *) Fix error handling in make_sock. [Tony Finch] *) The htdocs/ tree has been moved out of the CVS source tree into a separate area for easier development. This has NO EFFECT on end-users or Apache installations. [Ken Coar] *) Fix problem matching Configure guessos on HP-UX 10. [Victor J. Orlikowski] PR#6015 *) Correct the problem where the only local host name that the IP stack can discover are 'undotted' private names. If no fully qualified domain name can be identified, the default ServerName will be set to the machine's IP address string. A warning is provided if Apache has to assume the IP dotted address string or the localhost/loopback address as the ServerName. The default ServerName is removed from the default Win32 httpd.conf file. [William Rowe] *) Add new directives RemoveType and RemoveEncoding to accompany the RemoveHandler directive added in 1.3.4. AddType, AddEncoding, and AddHandler now all have corresponding 'undo' directives. This allows things like marking foo.tar.gz.asc as *not* being gzipped, so it will be correctly interpreted as an unzipped signature of a gzipped file. [Ken Coar] *) Win32 NT and 2000 services now capture stderr messages that occur before Apache's logs are opened to the Application Event Log. Console and Win9x services now hold the console open for 30 seconds (and may be dismissed with the key) if they exit with an error. [William Rowe] *) Expand Win32 protection for pathname length, to provide protection from future potential bugs such as that which caused directory index to be displayed rather than returning an error. [William Rowe, Allan Edwards ] *) USE_SYSVSEM_SERIALIZED_ACCEPT locking on OS/390 [Ovies Brabson] *) Change Win32 the isProcessService() routine to compensate for other helper apps that invoke Apache.exe without a console. Recognize that we are running NT, and use the STARTF_FORCEOFFFEEDBACK flag to be sure that the SCM has invoked the process. [William Rowe, Jim Patterson , Kevin Kiley ] *) Export from Win32 the ap_start_shutdown and ap_start_restart symbols for modules and executables dynamically linked to the core. [William Rowe; Jim Patterson ] *) SECURITY: CVE-2000-1204 (cve.mitre.org) Prevent the source code for CGIs from being revealed when using mod_vhost_alias and the CGI directory is under the document root and a user makes a request like http://www.example.com//cgi-bin/cgi as reported in [Tony Finch] *) Under Win32, The console input mode is fixed to ignore mouse events and always listen for a Ctrl+C interrupt, even if the console window defaults to another mode. [William Rowe] *) All Win32 services will now perform a graceful restart when given the -n servicename -k restart signal. No equivilant control exists in the service control panel applet or through the NET command. There is no useful acknowledgement on Windows 95/98, however. [William Rowe] *) Significant overhaul of the Win32 port documentation contained in the README-WIN.TXT, as well as the htdocs/manual pages windows.html, win_compiling.html, and the new win_service.html. [Andrew Braund , William Rowe] *) Add 'services' for Windows 95 and 98, including install/uninstall options. The Apache server therefore can start when the OS loads, and will not stop between logoffs. This implementation remains -HIGHLY EXPERIMENTAL-. Additional changes provide for clean shutdown of Win95/98 when Apache is running as a 'service' or a console. [William Rowe, Jan Just Keijser ] *) USE_PTHREAD_SERIALIZED_ACCEPT on AIX 4.3 and above. This change provides a substantial performance improvement on multi-CPU machines serving large numbers of concurrent clients. [Victor J. Orlikowski ] *) Brought httpd.conf-dist-win into sync with httpd.conf-dist, and added explicit documentation of many Win32 specific features. [William Rowe] *) Convert Win32 build files (.dsp) to MSVC 6.0 format, and add perl scripts cvstodsp5.pl and dsp5tocvs.pl for portability to version 5.0. [William Rowe] *) Fix mod_expires to merge its settings for Cache-Control into any existing value for the field. It was unconditionally setting it, wiping out anything from, say, a 'Header Append Cache-Control'. [Ken Coar] PR#5769 *) Add Win32 option -k stop as an alias of -k shutdown, to correspond to the NET START/NET STOP syntax. [William Rowe] *) Force Apache to test the Win32 config prior to any operation, except the [-k shutdown -n service] and [-u -n service] combinations. [William Rowe] *) Add Win32 Ctrl+C/Ctrl+Break/Close/Logoff/Shutdown handler. [William Rowe, Jan Just Keijser ] *) Expand mod_setenvif so its directives can be used in and containers, and in .htaccess files when FileInfo overriding is allowed. [Ken Coar] PR#3000 *) SECURITY: CVE-2000-0505 (cve.mitre.org) Fix Win32 bug when pathname length exactly equals MAX_PATH. This bug caused directory index to be displayed rather than returning an error. [Allan Edwards ] *) Correct mod_proxy Win95 dynamic link __declspec(thread) bug. David Whitmarsh PR: 1462, 2216, 3645 *) Changed Apache for NetWare build to link with XDC data which marks the NLMs as being able to run on any processor. [Mike Gardiner ] *) Ported expat-lite to NetWare and integrated project files into the ApacheNW.mcp. [Mike Gardiner ] *) Switched thread storage data mechanism on NetWare to use updated system calls. [Mike Gardiner ] *) Fixed problem with multilanguage support that prevented Apache on NetWare from displaying the correct language page. [Mike Gardiner ] *) Fixed memory leaks on NetWare port. When unloading Apache with the developer option turned on NetWare would spew messages complaining about unreleased resources. [Mike Gardiner ] *) Fixed a problem that prevented Apache on NetWare from shutting down correctly when loading multiple instances in individual address spaces. [Mike Gardiner ] *) Changed threading primitives to use faster more scalable calls. [Mike Gardiner ] *) Added -s option for NetWare port to allow Apache to run without a screen. [Mike Gardiner ] *) Added code for NetWare port to display the listening ports and loaded DSO modules to the console screen. [Mike Gardiner ] *) Removed ugly NetWare specific code from the modules and added libpre.c and libprews.c instead. These files implement the NLM startup code for shared NLMs (DSOs). The result of using these files is less obtrusive code, faster load times, and a smaller executable size. libprews.c contains WSAStartup and WSACleanup WinSock calls needed for initialization and termination of DSO modules. [Mike Gardiner ] *) Moved htpasswd and htdigest projects files for NetWare into the main ApacheNW.mcp project file. [Mike Gardiner ] *) Added mod_tls (SSL/TLS) module for NetWare SSL/TLS support. [Mike Gardiner ] *) Updated httpd.conf-dist-nw with directives around standard DSO modules. [Mike Gardiner ] *) Correct mod_proxy Win32 garbage collection bug (clean failing due to stat() against directory). PR: 1891, 3278, 3640, 4139, 5997 [Michael Friedel ] *) Add '-n' option to htpasswd to make it print its user:pw record on stdout rather than having to frob a text file. [Ken Coar] *) Set default ServerName setting to 127.0.0.1 for the Windows config file (httpd.conf-dist-win) PR: 5509, 5783, 5953, 5903, 5983, 5259, 5515, 5858 [Oliver Wendemuth ] *) [EBCDIC] Update mod_mmap_static so that an ebcdic box can use MMapFile for files that shouldn't be converted from ebcdic->ascii. [Greg Ames] *) Revamp the Win32 make environment. Apache.dsw created to bring together all the pieces. Create new file os/win32/BaseAddr.ref to define module base addresses (to prevent dll relocation at start-up). Extraneous compiler files were removed (precompiled headers, incremental link images), and .map files were added for consistent diagnostics of gpfaults of the binary release. [William Rowe, Greg Marr, Tim Costello, Bill Stoddard] *) Resolved Win32 mod_info (ApacheModuleInfo.dll) errors. PR1442, PR2472, PR4125, PR1643 and PR2208 Jim Patterson, Jan Just Keijser *) Add some more error reporting to htpasswd in the case of problems generating or accessing the temporary file. Also, pass in a buffer if the implementation knows how to use it (i.e., if L_tmpnam is defined). [Ken Coar] PR#3945, 5253, 5383, 5558 *) PORT: Add recognition of the GNU/Hurd platform. [Adam Farrell ] *) More FAQs and answers from comp.infosystems.www.servers.unix. [Joshua Slive ] *) Win32: Add dependency checking to the CreateService call to ensure TCPIP and AFP (winsock) are started before Apache. [William Rowe ] *) FAQ changes related to tidying up historical documents on the web site. [Joshua Slive ] *) Various fixes to mod_auth_digest: - Reworked MD5-sess stuff. The semantics of userpw_hash() have been changed for it to return MD5(MD5(username ":" realm ":" password) ":" nonce ":" cnonce) instead of just MD5(username ":" realm ":" password) because one of the points of MD5-sess is to allow the info to be retrieved from login servers so that the server itself never has the full auth info (after all, MD5(u/r/p) is equivalent to the password for auth purposes). - In order to allow for servers to share a realm the server-name and port have been removed from the nonce-hash. Even so, sharing the realm has problems - see the new comments at the beginning. - Fixed uri-comparison when request-uri isn't identical to uri in Authorization header (some fields were not being initialized). - Handle non-FQDN's (i.e. simple hostnames) in uri parameter in the Authorization header. Thanks to Joe Orton for pointing out the problem. [Ronald Tschalär] *) Add case_preserved_filename field to the request_rec structure. On systems with case insensitive file systems (Windows, OS/2, etc.), r->filename is case canonicalized (folded to either lower or upper case, depending on the specific system) to accomodate file access checking. case_preserved_filename is the same as r->filename except case is preserved. There is at least one instance where Apache needs access to the case preserved filename: Java class files published with WebDAV need to preserve filename case to make the Java compiler happy. [Bill Stoddard] *) Put in Korean and Norwegian index.html pages (2.0 and 1.3) which where donated by Lee Kuk Hyun and Lorant Czaran [dirkx]. *) Modules which load third-party DLLs (ala mod_dav) expect them to be in the path or cwd. Tweak the service startup code to not only change to correct drive but also correct directory. [Keith Wannamaker ] *) WinNT: Do a better job at handling spaces in service names. Add the util function ap_remove_spaces and export it on all platforms. Change some Win32 service and registry functions to make use of this new function. [Keith Wannamaker ] *) use send/recv instead of write/read in proxy_connect -- fixes https through proxy on NT. [] PR 5963, 5899, 5823, 5107, 4990?, 4885, 4680, 4468, 3801, 2014 *) [EBCDIC] Make chunked encoding work again; it was broken by the recent CRLF macro changes. An oversight. [Martin Kraemer] *) Work around a popular restriction of some sed(1)'s in APACI where "1,//" commands start searching for at line 2 only. [Ralf S. Engelschall] *) Merged in a small subset of SGI's latest `10x' patchkit for Apache 1.3.11. The extracted and merged in parts are entirely cleanup and non-performance related changes only. SGI's remaining changes are not taken over, because they are either cluttering the Apache 1.3 sources too much (e.g. the lint(1) related changes) or cause too much internal changes (e.g. the ap_int32 types, etc.) which are not reasonable to do any longer for Apache 1.3 (they should be done for Apache 2.0 instead). [Mike Abbott , Ralf S. Engelschall] *) Fixes to mod_proxy for BeOS support. [David Reid ] *) Fix return value calculation in APXS' error messages. This should avoid the confusion on APXS errors. [Ralf S. Engelschall] *) Make ApacheBench (ab) compile again stand-alone under -DNO_APACHE_INCLUDES. [Ralf S. Engelschall] *) The ServerTokens directive now accepts the 'ProductOnly' keyword, which results in the display of just 'Apache' with no version information. Additional product tokens are still only visible with ServerTokens Full. In addition, ServerTokens now complains about bogus keywords (which it used to silently treat as 'Full'). [Ken Coar] Changes with Apache 1.3.12 *) Only OS/2 requires the addition "t" flag for ap_pfopen() (as therefore fopen() as well). This is handled by the FOPEN_REQUIRES_T macro. [Ian Turner , Jim Jagielski] PR#5760 *) The default charset is only added, when enabled, for those Content-types which require it (text/plain, text/html). [Jim Jagielski] PR#5766 *) Fix handling of multiple queries in APXS commands (e.g. "apxs -q CC CFLAGS") and make sure Perl-related command line options (which can contain the "::" constructs) do no longer cause an incorrect internal parsing of the query result. [Ralf S. Engelschall, Steve Robb ] *) Avoid infinite looping in APACI's configure script inside Ultrix' /bin/sh5 upgrade step. [Jan Gallo , Ralf S. Engelschall] PR#4940 *) PORT: Add support for Amdahl UTS 4.3 and later. [Dave Dykstra ] PR#5654 *) Make implementation/descriptions of the FLAG directives AuthAuthoritative, MetaFiles and ExtendedStatus consistent with documentation and the standard way of implementation those directives. [David MacKenzie , Ralf S. Engelschall] PR#5642 *) Cast integer ap_wait_t values in http_main.c to get rid of compile time errors on platforms where "ap_wait_t" is not defined as "int" (currently only the NEXT and UTS21 platforms). [Gary Bickford , Ralf S. Engelschall] PR#5053 *) The default suexec path was HTTPD_ROOT/sbin/suexec if not configured via APACI. Changed to HTTPD_ROOT/bin/suexec. [Lars Eilebrecht] *) Add an explicit charset=iso-8859-1 to pages generated by ap_send_error_response(), such as the default 404 page. [Marc Slemko] *) Add the AddDefaultCharset directive. This allows you to specify the given character set on any document that does not have one explicitly specified in the headers. [Marc Slemko, Jim Jagielski] *) SECURITY: CVE-2000-1205 (cve.mitre.org) Properly escape various messages output to the client from a number of modules and places in the core code. [Marc Slemko] *) SECURITY: CVE-2000-1205 (cve.mitre.org) Change mod_actions, mod_autoindex, mod_expires, and mod_log_config to not consider any parameters such as charset when making decisions based on content type. This does remove some functionality for some users, but means that when these modules are configured to do particular things with particular MIME types, the charset should not be included. A better way of addressing this for users who want to set things on a per charset basis is necessary in the future. [Marc Slemko] *) SECURITY: CVE-2000-1205 (cve.mitre.org) mod_include now entity encodes output from "printenv" and "echo var" by default. The encoding for "echo var" can be set to URL encoding or no encoding using the new "encoding" attribute to the echo tag. [Marc Slemko] Changes with Apache 1.3.11 *) MPE builds are no longer stripped, which caused the executable to not work. [Mark Bixby] Changes with Apache 1.3.10 *) Fixed parsing of TAKE13-based configuration directives. [Steffen Roller ] PR#5550 *) rename the lookup() function to hashTableLookup() (in expat-lite) to prevent name clashes with modules / third-party software. [Ralf S. Engelschall, Greg Stein] *) Reduce the time that a parent waits for its children to die after SIGKILL has been sent, since there isn't much point in waiting another 16 seconds beyond the initial SIGTERM waiting period. [Ed Korthof] *) Add --suexec-umask option to configure, and severity levels to suexec log messages. Also clarify a couple of those messages, which were perhaps a bit too cryptic. [Ken Coar] PR#4178 *) The end_chunk() code forgot to convert the trailing CRLF pair from EBCDIC to ASCII. Fixed. [Martin Kraemer] *) An Action set for a Location that didn't correspond to a file didn't work. Fixed. [Manoj Kasichainula, Ben Laurie] *) ProxyPass and mod_rewrite's proxy mode erroneously converted authentication requests to proxy authentication requests. [Ben Laurie] *) Reverse a patch which broke HPUX shared builds. Basically we comment out the SHLIB_SUFFIX_NAME=sl line in Configure. [Ryan Bloom] *) Added the mod_rewrite `URL Rewriting Guide' to the online documentation (htdocs/manual/misc/rewriteguide.html). This paper provides a large collection of practical solutions to URL based problems a webmaster is often confronted with. [Ralf S. Engelschall] *) Add a suexec status report to the '-l' (compiled-in modules) output. [Ken Coar] *) Changes to enable server-parsed mod_autoindex Header and Readme files. [Raymond S Brand ] *) Add back support for UseCanonicalName in containers [Manoj Kasichainula] *) SECURITY: CVE-2000-1206 (cve.mitre.org) More rigorous checking of Host: headers to fix security problems with mass name-based virtual hosting (whether using mod_rewrite or mod_vhost_alias). [Ben Hyde, Tony Finch] *) Updated README.config to reflect current APACI state. [Brian Slesinsky ] PR#5397 *) Added SuSE and BSDI layouts to config.layout for convinience reasons. [Sebastian Helms , Timur Bakeyev ] PR#5112 PR#5154 *) Consistency cleanup of the complete APXS tool and corresponding manpage. [Ralf S. Engelschall] *) Add %q logging format directive (logs "?" and the query string part of a query, or the empty string if no query). Can be used in combination with %m, %U and %H: "%m %U%q %H" is the same as "%r". [Peter Watkins ] *) Improve OS390 port to work on older system releases [Paul Gilmartin ] *) Enhance mod_mime with an AddCharset directive to properly handle that negotiation dimension. [Youichirou Koga ] *) OS: Added first cut at support for IBM's OS/390. [Ovies Brabson ] *) Replace all occurrences of "\012\015" by a macro CRLF. This makes the code (somewhat) more readable, and improves the portability to character sets other than ASCII (e.g., EBCDIC). This patch results in no functional change whatsoever on ASCII machines, but allows EBCDIC platforms to live without the ebcdic2ascii_strictly() kludge. [Paul Gilmartin , slightly modified by Martin Kraemer] *) more fixes to mod_auth_digest: - better comparing of request-uri with uri parameter in Authorization header - added a check for a MUST condition in the spec - fixed SEGV [Ronald Tschalär] *) mod_proxy now works on TPF. [Joe Moenich ] *) Enhance mod_actions' Script handling to be able to deal with arbitrary methods and not just the well-known ones. This allows experimental or organisation-private methods to be used without waiting for Apache to catch up. [Ken Coar] *) Fix various compile time warnings in hashbang_emul code which prevent successful compilation on OS/390 [Ovies Brabson , Paul Gilmartin ] *) EBCDIC: Fixed binary upload capability (plain and chunked) for all methods using the ap_*_client_block() functions, most notably POST and PUT. The functionality to switch input between protocol parts (chunks) and (possibly binary) data had been missing all the time, making chunked PUT impossible until now. [Martin Kraemer] *) Fixed a recently introduced off-by-one-character bug in mod_rewrite's expansion of expression back-references. [Cliff Woolley ] PR#4766 PR#5389 *) Add IndexOptions DescriptionWidth so that the width of the description field in fancy-indexed directory listings can be specified. [Ken Coar] PR#2324, plus lots that are closed unsatisfied *) EBCDIC: Escaped characters were encoding the ebcdic representation of the special characters, not the latin1 representation. This would result in invalid URI's for, e.g., filenames (with special chars) in mod_autoindex.c [Martin Kraemer] *) EBCDIC: Fix Byte Ranges for EBCDIC platforms. The necessary switch between implied conversion for protocol parts and configured conversion for document data was missing. The effect of this was that PDF files could not be read by Acrobat Reader (which sends long lists of byte ranges in each request) when the server was apache on ebcdic machines. [Noted by Oliver Reh , solved by Martin Kraemer, warnings fixed by Ovies Brabson ] *) Add IndexOptions FoldersFirst to allow fancy-indexed directory listings to have the subdirectories always listed at the top. [Ken Coar] *) BS2000: Use send() instead of write() in the core buff routines for better performance and fewer restrictions (max. transfer size) [Martin Kraemer] *) If the compiler sanity check fails, force the verbose output for TestCompile so people can have a clue what the problem is. [Jim Jagielski] *) Add --iconsdir, --htdocsdir, and --cgidir option to top-level configure script to allow one to override the corresponding variables from config.layout. [Ralf S. Engelschall] *) Fixed `quad integer' (aka `long long') handling in ap_snprintf.c [Jim Jagielski, Ralf S. Engelschall] *) Fixed error handling in dbmmanage script. [Andrew McRae ] PR#4973 *) Fixed NEXT/OpenStep building by adding an fallback typedef for rlim_t to ap_config.h. [Mark Miller ] PR#4906 *) Fix SHARED_CORE feature for HPUX by backing-out a change (comitted between 1.3.7 and 1.3.9) which changed the DSO extension from `sl' to `so'. This worked only for modules (where we load the DSO manually), but horribly fails under HPUX for DSO-based/shared libraries (where our $SHLIB_SUFFIX_NAME is used, too). [Gary Silverman ] PR#4974 *) Added support for Berkeley-DB/3.x to mod_auth_db. [Steve Atkins , Ralf S. Engelschall] PR#5382 *) Fixed mod_auth_digest.c: result of an open() call was being checked against the wrong failure value. [Rick Ohnemus ] PR#5292 *) Removed the variable name "template" from a prototype for SunOS4 in ap_config.h to make C++ compiler happy, too. [SAKAI Kiyotaka ] PR#5363 *) Added missing links to htdocs/manual/mod/directives.html for AllowCONNECT and ProxyDomain. [Patrik Grip-Jansson , Ralf S. Engelschall] PR#5319 *) Fixed typo in htdocs/manual/install.html. [Chris Pepper ] PR#5360 *) Fix $AWK/awk usage in top-level configure script: We confused ourself and replaced the wrong "$AWK" with a plain "awk" in the last releases. So we now both fix this and move the comment which already tried to explain it more closer to the location to which it applies. [Paul Gilmartin , Ralf S. Engelschall] PR#5304 *) Replaced pipes with commas in GuessOS' fallback output (displayed for not explicitly recognized platforms) to avoid side-effects with APACI's --shadow feature and similar uses where GuessOS' output is used directly on the filesystem (where pipes are meta-characters!). [Paul Gilmartin ] PR#5303 *) Made stripping of a trailing slash in directory names in top-level configure script more robust and this way support also a plain `/' as the argument without resulting in an empty name. [Matthias Lohmann , Ralf S. Engelschall] PR#5291 *) Made `tr' usage in top-level configure script more portable by always using square brackets consistently. [Masashi Kizaki ] PR#5230 *) Fixed ap_config_auto.h generation in src/Configure: there for the ``quad integer'' stuff ``#ifndef+#undef+#endif'' pairs were generated instead of ``#ifdef+#undef+#endif'' pairs. [Greg Siebers ] PR#5231 *) EBCDIC: fix the hsregex package to correctly deal with [a-zA-Z] type character ranges (the alphabet is non-contiguous in EBCDIC) and with the special [:cntrl:] range (the control character class is determined dynamically at run time). [Martin Kraemer] *) Add --with-port option to APACI. [Ian Kallen ] *) Fixed QUERY_STRING handling for `RewriteRule ... [P]' in per-directory context. [Martin Zeh ] PR#5073 *) Overhauled mod_rewrite's general substitution function (expand_backref_inbuffer): 1. The `$0' backreference is now officially allowed and documented and references the while pattern space; 2. the ampersamp (&) backreference (which is equal to $0) is no longer expanded, because it was never documented and only leads to confusion with QUERY_STRINGS; 3. backslashes (\) are honored correctly, that is `\$N' now really forces the dollar to be an ordinary character and $N is not expanded. [Ralf S. Engelschall] PR#4766 PR#4161 *) Make sure mod_rewrite escapes QUERY_STRINGS on redirects. [Klaus Johannes Rusch ] PR#4734 *) Make sure mod_rewrite matches URL schemes case-insensitive and also allow additional (commonly used) URL schemes ldap:, news: and mailto:. [Ralf S. Engelschall, Klaus Johannes Rusch ] PR#3140 *) Overhauled ApacheBench (ab) manpage ab.8. [Simon Baldwin ] PR#5139 *) Made sure ApacheBench (ab) performs no more requests than specified on command line (option -n). [Jim Cox ] PR#4839 *) Support DSOs properly on 32-bit HP-UX 11.0 [Dilip Khandekar ] *) Fix problem with proxy configuration where globally set configuration options were overridden inside virtual hosts. [Graham Leggett ] *) Fix ProxyReceiveBufferSize where default value was left uninitialised. [Graham Leggett ] *) Added a CLF '-' respecting %B to the log format. Suggested by Ragnar Kjørstad [dirkx] *) Added protocol(%H)/method(%m) logging to the log format. Suggested by Peter W [dirkx] *) Added a HEAD method to 'ab'. [dirkx] *) When generating the Location: header, mod_speling forgot to escape the spelling-fixed uri. [Martin Kraemer] *) Update for the next release of the TPF OS (PUT11) [David McCreedy ] *) Add some compile-time flags to the output when -V is used for TPF [David McCreedy ] *) mod_auth_digest fixes: - Use unix-io instead of stdio to read /dev/random (fixes problems on FreeBSD) [Kano ] PR#4967 - Correctly unescape all parts of the request uri and the uri attribute of the Authorization header before doing comparison [Joe Orton , Ronald Tschalär] - Fixes for MD5-sess [Joe Orton ] - Don't send a domain attribute in Proxy-Authenticate [Ronald Tschalär] *) ap_base64decode_binary does not null-terminate the output anymore [Bill Stoddard, Ronald Tschalär] *) WIN32: The following bugs introduced in Apache 1.3.9 have been fixed - CGIs broken if script calls other programs which deliver on stdout (Search this file for "DETACHED") - 16 bit CGIs should work now - Server will not start if passed the -d option with spaces in the argument. [Bill Stoddard] *) WIN32: GetExtensionVersion() comparison in mod_isapi fails when using some non-MS compilers [Bill Stoddard] PR#3597, PR#3782, PR#3781, PR#4887 *) Allow BeOS to use its native closesocket() call [David Reid ] *) More TPF changes. Code reorganization for cleanliness, regex changes for testing, as well as doc and build updates. [David McCreedy and others at IBM] *) Add TPF processing for the socket read to the rfc1413 code. [David McCreedy and others at IBM] *) Require the batch (-b) option and default to MD5 on TPF in htpasswd. [David McCreedy and others at IBM] *) Move "handler not found" warning message to below the check for a wildcard handler. [Dirk , Roy Fielding] PR#2584, PR#2751, PR#3349, PR#3436, PR#3548, PR#4384, PR#4795, PR#4807 *) Build errors in src/support stop with an error, just like all the other recursive make calls. [David Harris ] Changes with Apache 1.3.9 *) Remove bogus error message when a redirect doesn't set Location. Instead, use an empty string to avoid coredump if the error message was supposed to include a location. [Roy Fielding] *) Don't allow configure to include mod_auth_digest unless it is explicitly requested, even if the user asked for all modules. [Roy Fielding] *) Translate module names to dll names for OS/2 so that they are no more than 8 characters long and have an extension of "dll" instead of "so". [Brian Havard] *) Print out pointer to Rule DEV_RANDOM when truerand lib not found. Fix test-compile check to check for randbyte instead of trand32. Use ap_base64encode_binary/decode instead of copy in mod_auth_digest.c and tweak to make Amaya happier. [Ronald Tschalär] *) Ensure that the installed expat include files are world readable, just like the other header files. [Martin Kraemer] *) Fixed generated AddModule adjustments in APACI's `configure' script in order to allow (new) modules like mod_vhost_alias to be handled correctly (which was touched by the adjustments for mod_alias). [Ralf S. Engelschall] *) For binary builds, add -R flag to apachectl to work around the lack of an absolute path to the ./libexec directory where the libhttp.ep file is needed for SHARED_CORE architectures. [Randy Terbush] *) WIN32: Create the CGI script process as DETACHED. This may solve the problem observed by some Win95/98 users where they get CGI script output sent to the console. [Bill Stoddard] *) Fix (re)naming in the uuencode/decode section. The ap/ap_ routines are now called ap_base64* and are 'plain' (i.e., no pool access or anything clever). Inside util.c the routines acting like pstrdup are called ap_pbase64encode() and ap_pbase64decode(). The oddly named ap_uuencode(), ap_uudecode() are kept around for now but deprecated. [dirkx] *) Clean up the base64 and SHA1 additions and make sure they are represented in the ApacheCore.def, ApacheCoreOS2.def, and httpd.exp files. [Roy Fielding] *) WIN32: Migrate to InstallShield 5.5 and provide a bit more error checking. Allow compiling on VS 6.0. [Randy Terbush] *) Fixed assumption of absolute paths in binbuild.sh. [Tony Finch] *) Use TestCompile to search for the truerand library (rather than blindly assuming its existence). If it is not found, complain (but do not exit - yet). [Martin Kraemer] *) We forgot to add the new exported function names to src/support/httpd.exp. [Bill Stoddard, Randy Terbush] *) Add description of -T command-line option to usage(). [Ralf S. Engelschall] *) For "some" platforms (notably, EBCDIC based ones), libos needs to be searched only AFTER libap has been searched, because libap needs some symbols from libos. [Martin Kraemer] *) Fix conflict with original mod_digest related to the symbol of the module dispatch list (which has to be unique for DSO and follow the usual conventions for the installation procedure). [Ralf S. Engelschall] *) Add a dbm-library check for the "usual places" (-ldbm, -lndbm, -ldb) for other platforms as well. [Martin Kraemer] *) Make ap_sha1.c compile for EBCDIC platforms: replace remaining LONG types by AP_LONG and replace reference to renamed variable 'ubuf' by 'buffer'. [Martin Kraemer] Changes with Apache 1.3.8 [not released] *) Flush the output buffer immediately after sending an error or redirect response, since the result may be needed by the client to abort a long data transfer or restart a series of pipelined requests. [Tom Vaughan , Roy Fielding] *) PORT: Improved compilation and DSO support on Sequent DYNIX/ptx. [Ian Turner ] PR#4735 *) Local struct mmap in http_core.c conflicted with system structure name on DYNIX -- changed to mmap_rec. [Roy Fielding] PR#4735 *) Added updated mod_digest as modules/experimental/mod_auth_digest. [Ronald Tschalär ] *) Fix a memory leak where the module counts were getting messed up across restarts. [David Harris ] *) CIDR addresses such as a.b.c.d/24 where d != 0 weren't handled properly in mod_access. ["Paul J. Reder" ] PR#4770 *) RewriteLock/RewriteMap didn't work properly with virtual hosts. [Dmitry Khrustalev ] PR#3874 *) PORT: Support for compaq/tandem/com. [Michael Ottati , dirkx] *) Added SHA1 password encryption support to easy migration from Netscape servers. See support/SHA1 for more information. Caused the separation of ap_md5.c into md5, sha1 and a general ap_checkpass.c with just a validate_passwd routine. Added a couple of flags to support/htpasswd. Some reuse of the to64() function; hence renamed to ap_to64(). [Dirk-Willem van Gulik, Clinton Wong ] *) Change for EBCDIC platforms (TPF and BS2000) to correctly deal with ASCII/EBCDIC conversions in "ident" query. [David McCreedy ] *) Get rid of redefinition warning on MAC_OS_X_SERVER platform. Change "Power Macintosh" to Power* so if uname prints "Power Book" we're still happy on Rhapsody platforms. [Wilfredo Sanchez] *) Fix SIGSEGV on some systems because the Vary fix below included a call to table_do with a variable argument list that was not NULL terminated. Replaced with better implementation. [Roy Fielding] Changes with Apache 1.3.7 [not released] *) The "Vary" response header field is now sanitised right before the header is sent back to the client. Multiple "Vary" fields are combined, and duplicate tokens (e.g., "Vary: host, host" or "Vary: host, negotiate, host, accept-language") are reduced to single instances. This is a better solution than the force-no-vary one (which is still valid for clients that can't cope with Vary at all). [Dean Gaudet, Roy Fielding, Ken Coar] PR#3118 *) Portability changes for BeOS. [David Reid ] *) Link DSO's with "gcc -shared" instead of "ld -Bshareable" at least on Linux and FreeBSD for now. [Rasmus Lerdorf] *) Win32: More apache -k restart work. Restarts are now honored immediately and connections in the listen queue are -not- lost. This is made possible by the use of the WSADuplicateSocket() call. The listeners are opened in the parent, duplicated, then the duplicates are passed to the child. The original listen sockets are not closed by the parent across a restart, thus the listen queue is preserved. [Bill Stoddard ] *) Fix handling of case when a client has sent "Expect: 100-continue" and we are going to respond with an error, but get stuck waiting to discard the body in the pointless hope of preserving the connection. [Roy Fielding, Joe Orton ] PR#4499, PR#3806 *) Fix 'configure' to work correctly with SysV-based versions of 'tr' (consistent with Configure's use as well). [Jim Jagielski] *) apxs: Add "-S var=val" option which allows for override of CFG_* built-in values. Add "-e" option which works like -i but doesn't install the DSO; useful for editing httpd.conf with apxs. Fix editing code so that multiple invocations of apxs -a will not create duplicate LoadModule/AddModule entries; apxs can now be used to re- enable/disable a module. [Wilfredo Sanchez] *) Win32: Update the server to use Winsock 2. Specifically, link with ws2_32.lib rather than wsock32.lib. This gives us access to WSADuplcateSocket() in addition to some other enhanced comm APIs. Win 95 users may need to update their TCP/IP stack to pick up Winsock 2. (See http://www.microsoft.com/windows95/downloads/) [Bill Stoddard ] *) Win32: Redirect CGI script stderr (script debug info) into the error.log when CGI scripts fail. This makes Apache on Win32 behave more like Unix. [Bill Stoddard ] *) Fixed `httpd' usage display: -D was missing. [Ralf S. Engelschall] PR#4614 *) Fix `make r' test procedure in src/regex/: ap_isprint was not found. [Ralf S. Engelschall] PR#4561, PR#4562 *) OS/2: Fix problem with accept lock semaphores where server would die with "OS2SEM: Error 105 getting accept lock. Exiting!" [Brian Havard] PR#4505 *) Add DSO support for DGUX 4.x using gcc. Tested on x86 platforms. [Randy Terbush ] *) Add the new mass-vhost module (mod_vhost_alias.c) developed and used by Demon Internet, Ltd. [Tony Finch ] *) Better GCC detection for DSO flags under Solaris 2 where the `cc' command potentially _is_ GCC. [Ralf S. Engelschall] *) Fix apxs build issues on AIX [Rasmus Lerdorf ] *) DocumentRoot Checking: Under previous versions, when Apache first started up, it used to do a stat of each DocumentRoot to see if it existed and was a directory. If not, then an error message was printed. THIS HAS BEEN DISABLED. If DocumentRoot does not exist, you will get error messages in error_log. If the '-t' command line option is used (to check the configuration) the check of DocumentRoot IS performed. An additional command line option, '-T', has been added if you want to avoid the DocumentRoot check even when checking the configuration. [Jim Jagielski] *) Win32: The query switch "apache -S" didn't exit after showing the vhost settings. That was inconsistent with the other query functions. [Bill Stoddard - Fixed by Martin on Unix in 1.3.4] *) Win32: Changed behaviour of apache -k restart. Previously, the server would drain all connections in the stack's listen queue before honoring the restart. On a busy server, this could take hours. Now, a restart is honored almost immediately. All connections in Apache's queues are handled but connections in the stack's listen queue are discarded. Restart triggered by MaxRequestPerChild is unchanged. [Bill Stoddard ] *) Win32: Eliminated unnecessary call to wait_for_multiple_objects in the accept loop. Good for a 5% performance boost. Cleaned up parent/child process management code. [Bill Stoddard ] *) Added ceiling on file size for memory mapped files. [John Giannandrea ] PR#4122 *) Fix ndbm.h include problems with brain-dead glibc >= 2.1 which has ndbm.h in a non-standard db1/ subdir. PR#4431, PR#4528 [Henri Gomez , Ralf S. Engelschall] *) Determine AP_BYTE_ORDER for ap_config_auto.h and already use this at least for Expat. [Ralf S. Engelschall] *) Allow .module files to specify libraries with Lib:. [Ben Laurie] *) Allow SetEnvIf[NoCase] to test environment variables as well as header fields and request attributes. [Ken Coar] *) Fix mod_autoindex's handling of ScanHTMLTitles when file content-types are "text/html;parameters". [Ken Coar] PR#4524 *) Remove "mxb" support from mod_negotiation -- it was a draft feature never accepted into any standard, and it opens up certain DoS attacks. [Koen Holtman ] *) TestCompile updated. We can now run programs and output the results during the Configure process. [ Jim Jagielski] *) The source is now quad (long long) aware as needed. Specifically, the Configure process determines the correct size of off_t and *void. When the OS/platform/compiler supports quads, ap_snprintf() provides for the 'q' format qualifier (if quads are not available, 'q' is silently "demoted" to long). [Jim Jagielski] *) When the username or password fed to htpasswd is too long, include the size limit in the error message. Also report illegal characters (currently only ':') in the username. Add the size restrictions to the man page. [Ken Coar] *) Fixed the configure --without-support option so it doesn't result in an infinite loop. [Marc Slemko] *) Piped error logs could cause a segfault if an error occured during configuration after a restart. [Aidan Cully ] PR#4456 *) If a "Location" field was stored in r->err_headers_out rather than r->headers_out, redirect processing wouldn't find it and the server would core dump on ap_escape_html(NULL). Check both tables and raise HTTP_INTERNAL_SERVER_ERROR with a log message if Location isn't set. [Doug MacEachern, Ken Coar] *) Add RULE_EXPAT, the src/lib/ directory structure, and a modified copy of the Expat 1.0.2 distribution. [Greg Stein] *) Replace regexec() calls with calls to a new API stub function ap_regexec(). This solves problems with DSO modules which use the regex library. [Jens-Uwe Mager , Ralf S. Engelschall] *) Add 'Request_Protocol' special keyword to mod_setenvif so that environment variables can be set according to the protocol version (e.g., HTTP/0.9 or HTTP/1.1) of the request. [Ken Coar] *) Add DSO support for OpenStep (Mach 4.2) platform. [Ralf S. Engelschall, Rex Dieter ] PR#3997 *) Fix sed regex for generating ap_config_auto.h in src/Configure. [Jan Gallo ] PR#3690, PR#4373 *) Switch to /bin/sh5 in APACI on Ultrix and friends to avoid problems with their brain-dead /bin/sh. [Ralf S. Engelschall] PR#4372 *) Better DSO flags recognition on NetBSD platforms using ELF. [Todd Vierling ] PR#4310 *) Always log months in english format for %t in mod_log_config. [Petr Lampa ] PR#4366, 679 *) Support for server-parsed and multiview-determined ReadmeName and HeaderName files in mod_autoindex. Removed the restriction on "/"s in ReadmeName and HeaderName directives since the *sub_req* routines will deal with the access issues. (It's now possible to have {site|group|project|customer|...} wide readmes and headers.) [Raymond S Brand , Ken Coar] PR#1574, 3026, 3529, 3569, 4256 *) When stat() fails, don't assume anything about the contents of the struct stat. [Ed Korthof ] *) It's OK for a semop to return EINTR, just loop around and try again. [Dean Gaudet] *) Fix configuration engine re-entrant hangups, which solve a handful of problems seen with mod_perl configuration sections [Salvador Ortiz Garcia ] *) Mac OS and Mac OS X Server now use the appropriate custom layout by default when building with APACI; allow for platform-specific variable defaults in configure. [Wilfredo Sanchez] *) Do setgid() before initgroups() in http_main; some platforms zap the grouplist when setgid() is called. This was fixed in suexec earlier, but the main httpd code missed the change. [Rob Saccoccio ] PR#2579 *) Add recognition of .tgz as a gzipped tarchive. [Bertrand de Singly ] PR#2364 *) mod_include's fsize/flastmod should allow only relative paths, just like "include file". [Jaroslav Benkovsky ] *) OS/2: Add support for building loadable modules using DLLs. [Brian Havard] *) Add iconsdir, htdocsdir, and cgidir to config.layout. [Wilfredo Sanchez] *) Fix minor but annoying bug with the test for Configuration.tmpl being newer than Configuration so that it is less likely to fail when using APACI and shadow sources. [Wilfredo Sanchez] *) PORT: Add initial support for Mac OS (versions 10.0 and greater). Use Mac OS X Server layout for now. Clean up dyld code in unix/os.c, and don't install the dyld error handlers, which are no longer needed in Mac OS. [Wilfredo Sanchez] *) Rename Rhapsody layout to "Mac OS X Server". Change install locations to appropriate ones for user-built (as opposed to system) installs. [Wilfredo Sanchez] *) Modify mod_autoindex's handling of AddDescription so that the behaviour matches the documentation. [Ke