APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2004/11/05 18:56:43 $]
+Last modified at [$Date: 2004/11/09 19:25:13 $]
Release:
*) mod_rewrite: Regression since 2.0.52 in QUERY_STRING handling
for [P] rules.
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/mappers/mod_rewrite.c?r1=1.262&r2=1.263
- +1: jorton, nd
+ +1: jorton, nd, wrowe
PATCHES TO BACKPORT FROM 2.1
[ please place file names and revisions from HEAD here, so it is easy to
cache for authorization purposes only rather than authentication.
PR #31898
http://www.apache.org/~bnicholes/apache_2.0_getuserdn.patch
- +1:bnicholes
+ +1:bnicholes, wrowe
*) mod_authnz_ldap: Added the directive "Requires ldap-attribute" that
allows the module to only authorize a user if the attribute value
specified matches the value of the user object. PR 31913
modules/aaa/mod_authnz_ldap.c: r1.7
docs/manual/mod/mod_authnz_ldap.xml: r1.3
- +1: bnicholes
+ +1: bnicholes, wrowe
*) mod_ssl: Fix and prevent an SSLCipherSuite bypass by resuming a
session during a renegotiation.
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_kernel.c?r1=1.110&r2=1.111
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_init.c?r1=1.128&r2=1.129
PR: 31505
- +1: jorton, pquerna, minfrin
+ +1: jorton, pquerna, minfrin, wrowe
*) mod_ssl: Fail to configure when an SSL proxy is configured with
incomplete client cert keypair, rather than segfaulting at
runtime.
http://cvs.apache.org/viewcvs/httpd-2.0/modules/ssl/ssl_engine_init.c.diff?r1=1.118&r2=1.119
PR: 24030
- +1: jorton, minfrin, jerenkrantz
+ +1: jorton, minfrin, jerenkrantz, wrowe
*) mod_ssl: Fix an possible NULL pointer dereference in some configs.
http://nagoya.apache.org/bugzilla/showattachment.cgi?attach_id=13182
PR: 31848
- +1: jorton
+ +1: jorton, wrowe
*) Allow for the use of --with-module=foo:bar where the ./modules/foo
directory is a local addition to the ./modules directory.
simply adding them to ./modules.
modules/config5.m4: 1.4
+1: jim, jerenkrantz
+ +0: wrowe
+ (would rather see --with-module-lib=foo --enable-bar=shared syntax to
+ support multiple libs, module modules. Might need to pass the
+ --with-module-lib=foo to ./buildconf instead.)
*) several changes to improve logging of connection-oriented errors, including
ap_log_cerror() API (needs minor bump in addition to changes below)
library handles special characters.
http://issues.apache.org/bugzilla/showattachment.cgi?attach_id=12919
PR 24437
- +1: minfrin
+ +1: minfrin, wrowe
*) Fix ap_save_brigade's handling of ENOTIMPL setaside functions.
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/util_filter.c?r1=1.100&r2=1.102
-0: jerenkrantz
jerenkrantz: I don't think we can change the APR 0.9 interfaces.
They are supposed to be set in stone.
+ -1: wrowe: agrees with jerenkrantz, further realized that this major
+ change in APR 1.0 caused -every- apr-util linked app to have
+ the ldap sdk (openldap etc) linked in, and our --static-support
+ stuff is horribly broken by this change. Not that it's wrong,
+ we need to look at making it slightly more dynamic for those
+ apps that don't touch ldap.
*) Add load balancer support to the scoreboard in preparation for
load balancing support in mod_proxy.
nd: -0 as in "it should be considered as a 2.1 feature".
If the modified structures are public (are they?), I'm just -1.
jerenkrantz: Sounds like a good 2.1 feature...
+ -1: wrowe (make this a private score to the module and you would be fine;
+ we don't need to keep overloading a single scoreboard.)
*) mod_cgi: Added API call and overload of detached field in cgi_exec_info_t
structure to support loading in current or new address space for CGIs.
trawick: need changes to mod_ssl.h to remove prototypes for those removed functions
0: nd: IMHO that's a public API change then and not applicable for
2.0, just let 'em in
+ -1: wrowe (as nd suggests, leave the dead horse in peace.)
*) mod_actions: Regression from 1.3: the file referred to must exist.
Solve this by introducing the "virtual" modifier to the Action
directive. PR 28553.
modules/mappers/mod_actions.c: r1.32, r1.34
jerenkrantz: Icky side-effect of the *t == '0' check.
- +1: nd, jerenkrantz
+ +1: nd, jerenkrantz, wrowe
*) mod_log_config: Cleanup log_header_out function to allow multiple headers
like Set-Cookie to be logged properly. PR 27787 (2.0 + 1.3)
modules/ssl/ssl_engine_kernel.c: r1.83, r1.105, r1.108
modules/ssl/ssl_util.c: r1.36
modules/ssl/ssl_private.h: r1.2
- +1: bnicholes
+ +1: bnicholes, wrowe
-0: jerenkrantz (should wait for 2.2)
-0: jorton (msgid <20040305083540.GA24529@redhat.com>)
check r->connection->local_addr->port before defaulting to
server->port or ap_default_port()
server/core.c r1.247
- +1: bnicholes, jim
+ +1: bnicholes, jim, wrowe
0: nd, jerenkrantz
nd: can the local_addr->port ever be 0?
bnicholes response: I couldn't tell you for sure if local_addr->port
(if there is sufficient interest I'll pursue getting APR 0.9
fixed up as well as putting together a patch for httpd 2.0.next
which integrates the two rounds of changes)
- +1 concept: trawick, nd, stoddard
+ +1 concept: trawick, nd, stoddard, wrowe
* mod_cache: Add CacheIgnoreHeaders directive.
PR: 30399
modules/experimental/mod_disk_cache.c: 1.67
modules/experimental/mod_mem_cache.c: 1.119
+1: jerenkrantz
+ +0: sounds like a nice 'feature' v.s. rfc-required behavior, great for 2.2
CURRENT RELEASE NOTES:
* Promote mod_ldap and mod_auth_ldap from experimental to
non experimental status.
- +1: bnicholes
+ +1: bnicholes, wrowe
+0: minfrin (wait till the last cache bugs are ironed out)
* Promote mod_cache from experimental to non-experimental
status (keep issues noted below in EXPERIMENTAL MODULES as
items to be addressed as a supported module).
- +1: jim, stoddard, bnicholes, fielding
+ +1: jim, stoddard, bnicholes, fielding, wrowe
* Develop in Review-Then-Commit or Commit-Then-Review mode
on APACHE_2_0_BRANCH (no vetoes, this is a straight vote.)
projects / thirdparty / apache / httpd.git / commitdiff
