httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <>
Subject [STATUS] (httpd-2.2) Wed Oct 31 23:48:59 2007
Date Thu, 01 Nov 2007 04:49:00 GMT
APACHE 2.2 STATUS:                                              -*-text-*-
Last modified at [$Date: 2007-10-31 19:06:46 -0500 (Wed, 31 Oct 2007) $]

The current version of this file can be found at:


Documentation status is maintained seperately and can be found at:

  * docs/STATUS in this source tree, or

Consult the following STATUS files for information on related projects:


Patches considered for backport are noted in their branches' STATUS:


Release history:
    [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
          while x.{even}.z versions are Stable/GA releases.]

    2.2.7   : In development
    2.2.6   : Released September 7, 2007.
    2.2.5   : Tagged August 10, 2007, not released.
    2.2.4   : Released on January 9, 2007 as GA.
    2.2.3   : Released on July 28, 2006 as GA.
    2.2.2   : Released on May 1, 2006 as GA.
    2.2.1   : Tagged on April 1, 2006, not released.
    2.2.0   : Released on December 1, 2005 as GA.
    2.1.10  : Tagged on November 19, 2005, not released.
    2.1.9   : Released on November 5, 2005 as beta.
    2.1.8   : Released on October 1, 2005 as beta.
    2.1.7   : Released on September 12, 2005 as beta.
    2.1.6   : Released on June 27, 2005 as alpha.
    2.1.5   : Tagged on June 17, 2005.
    2.1.4   : not released.
    2.1.3   : Released on  February 22, 2005 as alpha.
    2.1.2   : Released on December 8, 2004 as alpha.
    2.1.1   : Released on November 19, 2004 as alpha.
    2.1.0   : not released.

Contributors looking for a mission:

    * Just do an egrep on "TODO" or "XXX" in the source.

    * Review the bug database at:

    * Review the "PatchAvailable" bugs in the bug database:

      After testing, you can append a comment saying "Reviewed and tested".

    * Open bugs in the bug database.


    * Forward binary compatibility is expected of Apache 2.2.x releases, such
      that no MMN major number changes will occur.  Such changes can only be
      made in the trunk.

    * All commits to branches/2.2.x must be reflected in SVN trunk,
      as well, if they apply.  Logical progression is commit to trunk,
      get feedback and votes on list or in STATUS, then merge into
      branches/2.2.x, as applicable.


  [ start all new proposals below, under PATCHES PROPOSED. ]

  [ New proposals should be added at the end of the list ]

   * mod_authn_dbd: Export any additional columns queried in the SQL select
     into the environment with the name AUTHENTICATE_<COLUMN>. This brings
     mod_authn_dbd behaviour in line with mod_authnz_ldap.
     +1: minfrin
     rpluem says: r466865 has a conflict in modules/aaa/mod_auth.h
                  r571804 has a conflict in docs/manual/mod/mod_authnz_ldap.xml
                  Without r571838 the documentation for mod_authn_dbd fails
                  to build.
     niq says: +1 if we reconcile the conflicts and add r586765

    * multiple files,	Trivial cleanups
      PR: 39518 - Christophe JAILLET
      +1: rpluem
      niq: this isn't a straight backport (which is why I dropped it).
      +1 for core, modules/dav, modules/filters, and modules/ssl
      Not Applicable to modules/aaa

   * mod_include: Add an "if" directive syntax to test whether an URL
     is accessible, and if so, conditionally display content. This
     allows a webmaster to hide a link to a private page when the user
     has no access to that page.
     +1: minfrin, jim

    * Event MPM: Add clogging_input_filters to the conn_rec, enabling mod_ssl
      to revert to the Worker MPM IO behavoirs, rather than just hanging, when 
      using the Event MPM. (minor MMN bump)
      Trunk version of patch:
      2.2.x version of patch:
    +1: pquerna, jim

    * mod_rewrite: Also set the Vary header if a rewrite condition is true and
      uses a HTTP header, but all remaining rewrite conditions are skipped due
      to the [OR] flag.
      Trunk version of patch:
      Backport version for 2.2.x of patch:
         Trunk version of patch works
      +1: rpluem, niq
      +0: jim: I'm curious that if this would result in some
               "regressions" for some users who either depend on
               the old behavior or have worked around it...
          rpluem answers: If r574684 is backported (see below) these users can
          fix it without workarounds and a clear and promised behaviour.
          Relying on the above is relying on a buggy iundocumented behaviour,
          but yes I do this sometimes by myself :-).
      +1: jim: iff r574684 is also backported

    * mod_rewrite: Add the novary flag to RewriteCond in order to prevent
      the appending of HTTP headers used in a rewrite condition to the Vary
      header of the response.
      Trunk version of patch:
      Backport version for 2.2.x of patch:
         Trunk version of patch works
      +1: rpluem, jim

   * core log.c: Work around possible solutions rejected by apr for
     the old implementation of apr_proc_create(), and explicitly pass
     the output and error channels to all log processes created.
     This goes all the way back to piped logs failing to run on win32.
     Not in or needed at trunk/, as apr 1.3.0 has the proper fix.
     +1: wrowe
     rpluem says: Is this really the correct thing to do on UNIX? I am not sure
     if all dup2 implementation notice that both fd's are the same. Otherwise
     they close stdout/stderr first and dup a then closed fd in stdout/stderr,
     leaving us without stdout/stderr in the child.

   * mod_proxy_http: Don't mangle proxied URLs
     PR 42592
     2.2.x patch:
     2.2.x composite patch: this together with PR41798 patch
     +1: niq, rpluem
     -1: jim: Comment is wrong if not bundled with "nocanon" option
     niq: On the contrary, comment is accurate without the noncanon option.
          The comment changes in r588791, precisely because "nocanon"
          affects it.
     jim: The comment says 'so just check it for disallowed chars' which,
          at least from what I can see regarding the patch applied to
          2.2, we do not do.
     niq: Oh, I see.  You prefer an all-in-one patch for both?

   * core: backport ap_send_interim_response API
     +1: niq
     niq says: It has been suggested the function should move to http_filters.
     I'm OK with that if others feel happier that way.  The function
     declaration presumably remains in http_protocol.h, so no API change.

   * mod_proxy_http: Correctly forward unexpected interim (HTTP 1xx) responses
     PR 16518
     +1: niq, rpluem

   * mod_proxy: add "nocanon" option to ProxyPass, to suppress
     canonicalisation of reverse-proxied URLs.
     PR 41798
        mod_proxy.c patch at
        mod_proxy_http.c patch: trunk works after applying PR#42592 patch
        Other files: trunk patch works.
     2.2.x composite patch: this together with PR42592 patch
     +1: niq
     -1: jim: patch should be self-contained. If a mix and match of
              files, then please create a distinct 2.2 patch.
     niq: we NEVER do that.  When did you incorporate the CHANGES
          update in a separate 2.2 patch?  The complexity here is that
          mod_proxy_http.c relies on 42592, and a separate fix to
          that would invalidate the (very simple) patch to 42592.
    jim: The issue is that the above "use trunk but use these external
         patch" makes the backport hard to apply and test. Instead
         of being able to just merge in r588791, you must just use
         those that apply "cleanly" and handle mod_proxy.c as a
         special case. This seems ripe for a specific 2.2 patch. Yes,
         CHANGES always conflicts, but it is a documentation question,
         not a code one. 

   * server/protocol.c: Prevent 1-byte overflow on 8192 boundary in
     ap_vrprintf(). PR 43310
        Trunk version of patch works
     +1: jim, rpluem
     niq: Doesn't allocating 2^n+1 bytes risk being horribly inefficient?
          Would it make sense to reduce AP_IOBUFSIZE to 8091 so buf doesn't
          go one over a big boundary?
     jim: The issue is that we allocate an array of AP_IOBUFSIZE
          but go beyond that (note we send the end to curpos+AP_IOBUFSIZE)
          so it's not just reducing AP_IOBUFSIZE since then we would
          hit the bug at 8191 boundary instead of the 8192 one.
          The actual PR suggests simply removing the setting of '\0'
          which looks good, but there are loads of places in the related
          code where we use AP_IOBUFSIZE, so it seemed safer to me to
          simply allocate an extra byte. Note that other sections of
          code do this by setting the endpos to one less to "save"
          space for the NUL, but they don't have related sections
          which assume a set size; this does (AP_IOBUFSIZE).


    * mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
      to authorize an authenticated user via a "require ldap-group X" directive
      where the user is not in group X, but is in a subgroup contained in X.
      PR: 42891
      A version of the patch specific to the 2.2 branch (i.e. the patch that
      would be used for backport) can be found at: 
      +1: rederpj
      -0: bnicholes - Unless this is considered to be a significant deficiency in the
                       authnz_ldap 2.2 functionality, I would rather see this as new
		       functionality going forward in 2.4 rather than backported to
		       2.2. We need new functionality to push us forward rather than
		       give us an excuse to stay where we are.
      rederpj says: I'm working on a project based on Apache 2.2.x which needs this code
          and I would much prefer to use official Apache code than end up using a private
          patch. It isn't possible in the short term for us to move to trunk. It just
          happened that code I had written to add this function lined up with PR 42891.
          I was going to submit it and work to get it backported either way.
      rpluem says: I am still missing a minor bump due to the changes done
      in util_ldap.h. This is an extension of a public API.
      trawick says: The new directives should be documented in trunk,
          so that docs are available for backport at the same time.

   * beos MPM: Create pmain pool and run modules' child_init hooks when
     entering ap_mpm_run(), then destroy pmain when exiting ap_mpm_run().
     Otherwise modules' child_init hooks appear to never be executed.
     Also, destroying pmain ensures that cleanups registered in modules'
     child_init hooks are performed (e.g., mod_log_config and mod_dbd).
     Trunk version of patch:
     2.2.x version of patch:
     +0: chrisd (abstaining; unable to test)

    * PKCS#7: backport PCKS#7 patches from trunk.
      +1 ben
      jerenkrantz: What's the revision number to backport?
      wrowe asks: ditto jerenkrantz
      sctemme: svn blame suggests r424707
      rpluem: Digging through the history suggests that
              need to be added to this. See also
              and follow ups for more details.

    * mod_proxy: Support variable interpolation in reverse proxy configuration  (code)  (code)
      +1: niq, mturk
      -1: wrowe notes; modifying the existing syntax makes collaboration 
          impossible by an admin team - unexpected side effects and the rest.
          ProxyPassEnv* or ProxyPassSubstitute* directives that add this
          behavior on a pattern-by-pattern basis would win my -1 to a +1,
          and solve the performance hits noted by niq on an 80/20 basis.

View raw message