Topic: Apache 2.2.18 around the corner (official now)

[Steffen]

Voting at the ASF is started, looks 2.2.18 is going to be released soon.

Running now at ApacheLounge here, all looks fine.

Please verify if you see any regression.

Download at the download page here.

Apache 2.2.18 with apr-1.4.4 apr-util-1.3.11 apr-iconv-1.2.1 openssl-1.0.0d+nasm zlib-1.2.5+asm


Steffen

Changes:

- Upgraded apr to 1.4.4, apr-util to 1.3.11
- Upgraded openssl to 1.0.0d

*) Log an error for failures to read a chunk-size, and return 408 instead
413 when this is due to a read timeout. This change also fixes some cases
of two error documents being sent in the response for the same scenario.
[Eric Covener] PR49167

*) core: Only log a 408 if it is no keepalive timeout. PR 39785
[Ruediger Pluem, Mark Montague <markmont umich.edu>]

*) core: Treat timeout reading request as 408 error, not 400.
Log 408 errors in access log as was done in Apache 1.3.x.
PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>, Stefan Fritsch,
Dan Poirier]

*) Core HTTP: disable keepalive when the Client has sent
Expect: 100-continue
but we respond directly with a non-100 response. Keepalive here led
to data from clients continuing being treated as a new request.
PR 47087. [Nick Kew]

*) htpasswd: Change the default algorithm for htpasswd to MD5 on all
platforms. Crypt with its 8 character limit is not useful anymore;
improve out of disk space handling (PR 30877); print a warning if
a password is truncated by crypt. [Stefan Fritsch]

*) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI.
Win32's cscript interpreter can only use a single quote as comment char.
[Guenter Knauf]

*) configure: Fix htpasswd/htdbm libcrypt link errors with some newer
linkers. [Stefan Fritsch]

*) MinGW build improvements. PR 49535. [John Vandenberg
<jayvdb gmail.com>, Jeff Trawick]

*) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support.
[Stefan Fritsch]

*) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
in request URL path info but not decode them. PR 35256,
PR 46830. [Dan Poirier]

*) mod_rewrite: Allow to unset environment variables. PR 50746.
[Rainer Jung]

*) suEXEC: Add Suexec directive to disable suEXEC without renaming the
binary (Suexec Off), or force startup failure if suEXEC is required
but not supported (Suexec On). [Jeff Trawick]

*) mod_proxy: Put the worker in error state if the SSL handshake with the
backend fails. PR 50332.
[Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem]

*) prefork: Update MPM state in children during a graceful restart.
Allow the HTTP connection handling loop to terminate early
during a graceful restart. PR 41743.
[Andrew Punch <andrew.punch 247realmedia.com>]

*) mod_ssl: Correctly read full lines in input filter when the line is
incomplete during first read. PR 50481. [Ruediger Pluem]

*) mod_autoindex: Merge IndexOptions from server to directory context when
the directory has no mod_autoindex directives. PR 47766. [Eric Covener]

*) mod_cache: Make sure that we never allow a 304 Not Modified response
that we asked for to leak to the client should the 304 response be
uncacheable. PR45341 [Graham Leggett]

*) mod_dav: Send 400 error if malformed Content-Range header is received for
a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch]

*) mod_userdir: Add merging of enable, disable, and filename arguments
to UserDir directive, leaving enable/disable of userlists unmerged.
PR 44076 [Eric Covener]

*) core: Honor 'AcceptPathInfo OFF' during internal redirects,
such as per-directory mod_rewrite substitutions. PR 50349.
[Eric Covener]

*) mod_cache: Check the request to determine whether we are allowed
to return cached content at all, and respect a "Cache-Control:
no-cache" header from a client. Previously, "no-cache" would
behave like "max-age=0". [Graham Leggett]

*) mod_mem_cache: Add a debug msg when a streaming response exceeds
MCacheMaxStreamingBuffer, since mod_cache will follow up with a scary
'memory allocation failed' debug message. PR 49604. [Eric Covener]

*) proxy_connect: Don't give up in the middle of a CONNECT tunnel
when the child process is starting to exit. PR50220. [Eric Covener]

[Steffen]

It is official, within 24 hours the ASF is announcing 2.2.18.

After the official announcement I shall update the download page.
In the meantime you can download at the above link.

Steffen

[MPGCAN]

Hi Steffen
I have just run the above and noticed in the bin folder each time server is run three additional files are created httpd.exe.xxx. Where xxx is a different number, each file contains identical content a single line as follows:
71AB0000 00000001 000009a4 LoadLibraryA() .\misc\win32\misc.c:172
Are these files test code artifacts?

[Steffen]

Known in the apr code, it does not harm.

Indeed it looks some like a left over from test code, response from the ASF dev:

Someone switched up our OPTIONAL system hooks (al la strace) into hard
wired hooks, and I suspect this was done to 1.4.4 as well. Investigating.

Steffen

[Smitty]

2.2.18 is working great here so far. Thanks Steffen.

[glsmith]

http://marc.info/?l=apache-httpd-dev&m=130514979301883&w=2

[lunter]

OpenSSL broken!

[Steffen]

Oops.. my fault.

Within 12 hours I shall make a new download available, including a apr patch for the cluttering of files in the bin.

Steffen