Apache 2.0.15 released as an alpha

by ServerWatch Staff

This release is the first release to use the new release process. This process allows the Apache developers to more easily determine the quality of any release. Instead of tagging any release as an alpha or beta from now on, all releases will be available as numbered releases, and the release status will only be available in the tarball name.

Apache 2.0.15 Released as alpha

The Apache Group is proud to announce the release the fifteenth release
of Apache 2.0.  This release is the first release to use our new release
process.  This process allows the Apache developers to more easily
determine the quality of any release.  Instead of tagging any release
as an alpha or beta from now on, all releases will be available as
numbered releases, and the release status will only be available in the
tarball name.  More information is available on this process in the
Apache development archives.

Apache 2.0 offers numerous enhancements, improvements and performance
boosts over the 1.3 codebase. The most visible and noteworthy addition
is the ability to run Apache in a hybrid thread/process mode on any
platform that supports both threads and processes.  This has shown to
improve the scalability of the Apache HTTPD server significantly in
our early testing, on some versions of Unix.  With this version of Apache,
we have also added support for filtered I/O.  This allows modules to modify
the output of other modules before it is sent to the client.  This release also
greatly improves the performance and robustness of Apache on the
Microsoft Windows Operating Systems.  This alpha includes support for IPv6
on all platforms that support IPv6.

This version of Apache is known to work on many versions of Unix, BeOS,
OS/2, and Windows.  Because of many of the advancements in Apache 2.0,
the initial release of Apache is expected to perform equally well on all 
supported platforms.

There are new snapshots of the Apache httpd source available every 6
hours from http://dev.apache.org/from-cvs/apache-2.0/ - please
download and test if you feel brave. We don't guarantee anything
except that it will take up disk space, but if you have the time and
skills, please give it a spin on your platforms.

Apache has been the most popular web server on the Internet since

April of 1996. The May 2000 WWW server site survey by Netcraft (see:
http://www.netcraft.co.uk/Survey/) found that more web servers were
using Apache than any other software running on more than 60% of the
Internet web servers.

For more information, please check out http://www.apache.org/httpd.html

Changes with Apache 2.0.15
  *) Untangled the buildconf script and eliminated the need for build's
     aclocal.m4, generated_lists, build.mk, build2.mk, and a host of other
     libtool muck that is now under srclib/apr/build.  [Roy Fielding]
  *) Win32: Don't accept more connections than we have worker threads
     to handle.
     [Bill Stoddard]
  *) Fix bug in the Unix threaded.c MPM that allowed child processes
     to fork() new child processes.
     [Bill Stoddard]
  *) Fix a major security problem with double-reverse lookup checking.
     Previously, a client connecting over IPv4 would not be matched
     properly when the server had an IPv6 listening socket.  PR #7407
     [Taketo Kabe ]
  *) Change the way the beos MPM handles polling to allow it to stop and
     restart.  Problem was the sockets being polled were being reset by
     the select call, so once it had accepted a connection it was no
     longer listening on the UDP socket we use for shutdown instructions.
     APR needs to be altered, patch on it's way. [David Reid]
  *) Empty out the brigade shared by ap_getline()/ap_get_client_block()
     on error exit from ap_getline().  Some other code got upset because
     the wrong data was in the brigade.  [Greg Ames, Jeff Trawick]
  *) Handle ap_discard_request_body() being called more than once.
     [Greg Ames, Jeff Trawick]
  *) Get rid of an inadvertent close of file descriptor 2 in
     mod_mime_magic.  [Greg Ames, Jeff Trawick]
  *) Add a hook, create_request.  This hook allows modules to modify
     a request while it is being created.  This hook is called for all

     request_rec's, main request, sub request, and internal redirect.
     When this hook is called, the the r->main, r->prev, r->next
     pointers have been set, so modules can determine what kind of
     request this is.  [Ryan Bloom]
  *) Cleanup the build process a bit more.  The Apache configure
     script no longer creates its own helper scripts, it just
     uses APR's.
     [jean-frederic clere ]
  *) Stop the forced downgrade of the connection to HTTP/1.0 for
     proxy requests.  [Graham Leggett]
  *) Avoid using sscanf to determine the HTTP protocol number in
     the common case because sscanf is a performance hog. From
     Mike Abbot's Accelerating Apache patch number 6.
     [Mike Abbot , Bill Stoddard]
  *) Fix a security exposure in mod_access.  Previously when IPv6
     listening sockets were used, allow/deny-from-IPv4-address rules
     were not evaluated properly (PR #7407).  Also, add the ability to
     specify IPv6 address strings with optional prefix length on Allow
     and Deny.  [Jeff Trawick]
  *) Enhance rotatelogs so that a UTC offset can be specified, and
     the logfile name can be formatted using strftime(3).  (Brought
     forward from 1.3.)  [Ken Coar]
  *) Reimplement the Windows MPM (mpm_winnt.c) to eliminate calling
     DuplicateHandle on an IOCompletionPort (a practice which
     MS "discourages"). The new model does not rely on associating
     the completion port with the listening sockets, thus the
     completion port can be completely managed within the child
     process.  A dedicated thread accepts connections off the network,
     then calls PostQueuedCompletionStatus() to wake up worker
     threads blocked on the completion port.
     [Bill Stoddard]
  *) Bring forward the --suexec-umask option which allows the
     builder to preset the umask for suexec processes.  [Ken Coar]
  *) Add a -V flag to suexec, which causes it to display the

     compile-time settings with which it was built.  (Only
     usable by root or the AP_HTTPD_USER username.)  [Ken Coar]
  *) Mod_include should always unset the content-length if the file is
     going to be passed through send_parsed_content.  There is no to
     determine if the content will change before actually scanning the
     entire content.  It is far safer to just remove the C-L as long
     as we are scanning it.  [Ryan Bloom]
  *) Make sure Apache sends WWW-Authenticate during a reverse proxy
     request and not Proxy-Authenticate.
     [Graham Leggett ]

This article was originally published on Wednesday Mar 28th 2001
Mobile Site | Full Site