Het ontwikkelteam van het Apache HTTP Server Project heeft een nieuwe versie uitgegeven van hun Apache HTTP-server. Deze webserver wordt op veel platformen gebruikt en is met behulp van modules met allerlei functionaliteiten uit te rusten. Het versienummer is aangekomen bij 2.2.4 en voorzien van de volgende aankondiging en lijst met aanpassingen:
The Apache HTTP Server Project is proud to announce the release of version 2.2.4 of the Apache HTTP Server ("Apache"). This version is principally a bugfix release.
Changes with Apache 2.2.4:
- mod_isapi: Correctly present SERVER_PORT_SECURE. PR: 40573.
- Allow htcacheclean, httxt2dbm, and fcgistarter to link apr/apr-util statically like the older support programs.
- core: Fix NONBLOCK status of listening sockets on restart/graceful PR 37680.
- mod_deflate: Rework inflate output and deflate output filter to fix several issues: Incorrect handling of flush buckets, potential memory leaks, excessive memory usage in inflate output filter for large compressed content. PR 39854.
- mod_mem_cache: Memory leak fix: Unconditionally free the buffer.
- Allow mod_dumpio to log at other than DEBUG levels via the new DumpIOLogLevel directive.
- rotatelogs: Improve error message for open failures. PR 39487.
- mod_dbd: share per-request database handles across subrequests and internal redirects
- mod_dbd: key connection pools to virtual hosts correctly even when ServerName is unset/unavailable
- Better detection and clean up of ldap connection that has been terminated by the ldap server. PR 40878.
- mod_mem_cache: Convert mod_mem_cache to use APR memory pool functions by creating a root pool for object persistence across requests. This also eliminates the need for custom serialization code.
- mod_authnz_ldap: Add an AuthLDAPRemoteUserAttribute directive. If set, REMOTE_USER will be set to this attribute, rather than the username supplied by the user. Useful for example when you want users to log in using an email address, but need to supply a userid instead to the backend.
- mod_cgi and mod_cgid: Don't use apr_status_t error return from input filters as HTTP return value from the handler. PR 31579.
- mod_cache: Eliminate a bogus error in the log when a filter returns AP_FILTER_ERROR.
- core: Fix issue which could cause piped loggers to be orphaned and never terminate after a graceful restart. PR 40651.
- core: Fix address-in-use startup failure caused by corruption of the list of listen sockets in some configurations with multiple generic Listen directives.
- mod_headers: Support regexp-based editing of HTTP headers.
- mod_proxy: Add explicit flushing feature. When Servlet container sends AJP body message with size 0, this means that Servlet container has asked for an explicit flush. Create flush bucket in that case. This feature has been added to the recent Tomcat versions without breaking the AJP protocol.
- mod_proxy_balancer: Set the new environment variable BALANCER_ROUTE_CHANGED if a worker with a route different from the one supplied by the client had been chosen or if the client supplied no routing information for a balancer with sticky sessions.
- mod_proxy_balancer: Add information about the route, the sticky session and the worker used during a request as environment variables. PR 39806.
- mod_proxy: Don't try to use dead backend connection. PR 37770.
- mod_proxy_balancer: Extract stickysession routing information contained as parameter in the URL correctly. PR 40400.
- mod_proxy_ajp: Added cping/cpong support for the AJP protocol. A new worker directive ping=timeout will cause CPING packet to be send expecting CPONG packet within defined timeout. In case the backend is too busy this will fail instead sending the full header.
- mod_disk_cache: Make sure that only positive integers are accepted for the CacheMaxFileSize and CacheMinFileSize parameters in the config file. PR39380.
- mod_cache: From RFC3986 (section 6.2.3.) if a URI contains an authority component and an empty path, the empty path is to be equivalent to "/". It explicitly cites the following four URIs as equivalents:
- mod_cache: Don't cache requests with a expires date in the past; otherwise mod_cache will always try to cache the URL. This bug might lead to numerous rename() errors on win32 if the URL was previously cached.
- core: Deal with the widespread use of apr_status_t return values as HTTP status codes, as documented in PR#31759 (a bug shared by the default handler, mod_cgi, mod_cgid, mod_proxy, and probably others). PR31759.
- mod_ext_filter: Handle filter names which include capital letters. PR 40323.
- mod_isapi: Avoid double trailing slashes in HSE_REQ_MAP_URL_TO_PATH support. Also corrects the slashes for Windows. PR 15993.
- mod_isapi: Handle "HTTP/1.1 200 OK" style status lines correctly, the token parser worked while the resulting length was misinterpreted. PR 29098.
- mod_isapi: Return 0 (failure) for more of the various ap_pass_brigade attempts to stream the response at the client. Log these as well. PR 30022, 40470.
- mod_isapi: Ensure we walk through all the methods the developer may have employed to report their HTTP status result code. PR 16637 30033 28089.
- mod_echo: Fix precedence problem in if statement. PR 40658.
- mod_mime_magic: Fix precedence problem in if statement. PR 40656.
- The full server version information is now included in the error log at startup as well as server status reports, irrespective of the setting of the ServerTokens directive. ap_get_server_version() is now deprecated, and is replaced by ap_get_server_banner() and ap_get_server_description().
- mod_proxy_balancer: Workers can now be defined as part of a balancer cluster "set" in which members of a lower-numbered set are preferred over higher numbered ones.
- mod_proxy_balancer: Workers can now be defined as "hot standby" which will only be used if all other workers are unusable (eg: in error or disabled). Also, the balancer-manager displays the election count and I/O counts of all workers.
- mod_proxy_ajp: Close connection to backend if reading of request body fails. PR 40310.
- mod_proxy_balancer: Retry worker chosen by route / redirect worker if it is in error state before sending "Service Temporarily Unavailable". PR 38962.