- apr_os_proc_mutex_get() on Unix: Avoid segfault for cross-
process pthread mutexes. [Yann Ylavic <ylavic.dev gmail.com>]
- When using shmget-based shared memory, the ID used for ftok is
now an APR hash of the filename instead of the constant '1'.
We do this to help avoid collisions. Bug 53996 [Jim Jagielski]
- apr_socket_atreadeof(): Fix breakage on OS X. [Jim Jagielski]
- Fix POSIX shared memory (shm_open) use for named shared memory.
Includes adding '--enable-posix-shm' to force POSIX shm if
available, and OS X compatibility. Bug 55928.
[Jozef Hatala <jh-asf skrt org>, Jim Jagielski]
- Fix apr_escape.c compilation errors on EBCDIC platforms.
[Eric Covener]
- FreeBSD 10: Correct a regression in 1.5.0 which affected non-
blocking sockets in some applications, including httpd. [Jeff
Trawick]
- apr_skiplist: Add compatibility with C++ applications.
[Jeff Trawick]
- Correct a regression in 1.5.0 which affected out-of-tree
builds on Unix. [Rainer Jung]
- Improve platform detection for bundled expat by updating
config.guess and config.sub. [Rainer Jung]
* BUILDLINK_{API,ABI}_DEPENDS.apr are bumped
Changelog:
Changes for APR 1.5.0
*) Fix Linux kernel version check to recognize more versions,
including versions 3.10 and later. Bug 55690. [Joe Orton,
Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>]
*) Add apr_sockaddr_is_wildcard() to check if a socket address
refers to the wildcard address for the protocol family (e.g.,
0.0.0.0/INADDR_ANY for IPv4). [Jeff Trawick]
*) apr_file_dup2() on Windows: Fix debug RTL assertion in when
attempting to _commit(stdout) or _commit(stderr). [Mike Rumph
<mike.rumph oracle.com>]
*) apr_socket_connect() on Windows: Handle WSAEISCONN. Bug 48736.
[<inoue ariel-networks.com>, Jeff Trawick]
*) z/OS: threadsafe apr_pollset_poll support for sockets [Greg Ames]
*) Windows: Don't obtain a mutex for buffered file I/O unless the
file was opened with the APR_FOPEN_XTHREAD flag. [Ivan Zhakov
<ivan visualsvn.com>]
*) Windows: Create named shared memory segments under the "Local"
namespace if the caller is unprivileged, fixing an inability of
unprivileged callers to use apr_shm_create() with named shared
memory segments under recent Windows. As before, shared memory
segments are created under the "Global" namespace for privileged
callers. Add apr_shm_create_ex() and apr_shm_attach_ex(), which
provide the ability to override the normal namespace selection.
[Jeff Trawick]
*) Update compile settings for MINT OS. Bug 47181. [Alan Hourihane
<alanh fairlite.co.uk>]
*) Files and pipes on Windows: Don't create an unused pollset when
files and pipes are opened. [Mladen Turk]
*) apr_socket_timeout_set() on Windows: If the socket was in a non-
blocking state before, disable that setting so that timeouts work.
[Jeff Trawick]
*) File info APIs: Fix calculation of atime and mtime on AIX. Bug 51146.
[Ruediger Pluem]
*) Add the apr_escape interface. [Graham Leggett]
*) Cygwin build fixes. Bugs 51016 and 55586. [Carlo Bramini
<carlo.bramix libero.it>]
*) Add apr_skiplist family. [Jim Jagielski]
*) Add experimental cmake-based build system for Windows. Refer to
README.cmake for more information. [Jeff Trawick, Tom Donovan]
*) Add the apr_table_getm() call, which transparently handles the
merging of keys with multiple values. [Graham Leggett]
*) Add apr_hash_this_key(), apr_hash_this_key_len(), and
apr_hash_this_val() for easier access to those attributes from
a hash iterator. [Hyrum K. Wright <hyrum_wright mail.utexas.edu>]
*) MinGW/MSYS: Support shared builds of APR, other general improvements
to support of this toolchain. Bug 46175. [Carlo Bramini
<carlo.bramix libero.it>]
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
*) apr_socket_opt_set: Add support for APR_SO_BROADCAST. PR 46389.
[Armin Müller <mueller itestra com>]
*) Enable platform specific support for the opening of a file or
pipe in non-blocking mode through the APR_FOPEN_NONBLOCK flag.
[Graham Leggett]
Changes for APR 1.4.8
*) Fix compiltation with FreeBSD on ARM. [Olli Hauer <ohauer gmx.de>]
*) Fix 1.4.7 regression in apr_mcast_hops() and apr_mcast_loopback()
for AF_INET (IPv4) sockets on most Unix platforms. [Joe Orton]
*) Fix the return value of apr_threadattr_detach_get() on some
platforms like OS X and Solaris. [Rainer Jung, <dusanv gmail com>]
Changes for APR 1.4.7
*) Fix apr_sockaddr_info_get() not returning an error in some cases.
PR 54779. [Jan Kaluža <jkaluza redhat com>]
*) Fix amd64 assembler version of apr_atomic_xchgptr(). PR 51851. [Mattias
Engdegård <mattiase acm org>]
*) Fix PPC atomics to work with gcc 4.0. PR 54840. [Mattias Engdegård
<mattiase acm org>]
*) configure: Fix detection of O_NONBLOCK inheritance on busy
systems. [Rainer Jung]
*) Remove unused code, fix strict C compliance bug in SHA-256
implementation. [Jan Kaluza <jkaluza redhat.com>]
*) Fix apr_ipsubnet_test() false positives when comparing IPv4
subnet representation against an IPv6 address. PR 54047. [Joe Orton]
*) apr_socket_accept_filter: Return success when trying to again set
the filter to the same value as before, avoiding an unhelpful
APR_EINVAL. PR 37863. [Jeff Trawick]
*) configure: Fix Linux 3.x detection. PR 54001. [Gilles Espinasse
<g esp free fr>]
*) apr_time_exp_*() on Windows: Fix error in the tm_yday field of
apr_time_exp_t for times within leap years. PR 53175.
[Jeff Trawick]
*) Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
*) Add support for OSX Mountain Lion (10.8) [Jim Jagielski]
*) Add various gcc function attributes. [Stefan Fritsch]
*) Fix some problems in apr_sockaddr_info_get() when trying to resolve
the loopback addresses of a protocol family that is not otherwise
configured on the system. PR 52709. [Nirgal Vourgère
<jmv_deb nirgal com>, Stefan Fritsch]
*) Fix file not being unlocked if truncate call on a file fails.
[Mladen Turk]
*) apr_mcast_hops: Fix EINVAL for IPv6 sockets caused by using byte
instead integer for setsockopt. [Mladen Turk]
*) Windows: Fix compile-time checks for 64-bit builds, resolving a
crash in httpd's mod_rewrite. PR 49155. [<anindyabaruah gmail.com>]
- Security: CVE-2011-1928
apr_fnmatch(): Fix high CPU loop. [William Rowe]
- Fix top_builddir in installed apr_rules.mk. [Bojan Smojver]
Please note the fix for CVE-2011-1928 was previously already integrated
as a patch.
- Reimplement apr_fnmatch() from scratch using a non-recursive
algorithm; now has improved compliance with the fnmatch() spec.
[William Rowe]
- Fix environment-related crash using some non-standard builds on
Windows 7/Server 2008. [Steve Hay <SteveHay planit.com>]
- poll, pollset, pollcb on Windows: Handle calls with no file/socket
descriptors. Bug 49882. [Stefan Ruppert <sr myarm.com>, Jeff Trawick]
- Fix APR_IPV6_V6ONLY issues on Windows related to run-time behavior
on Windows older than Vista and SDK/MinGW levels without IPV6_V6ONLY.
Bug 45321. [Sob <sob hisoftware.cz>]
- Fix address handling when accepting an AF_INET socket from a socket
bound as AF_INET6. Bug 49678. [Joe Orton]
- Fix error return values from apr_sockaddr_info_get() on Windows for
IPv6 builds. [Ivan Zhakov <ivan visualsvn.com>]
- Add new experimental configure option --enable-allocator-uses-mmap to
use mmap instead of malloc in apr_allocator_alloc(). This greatly reduces
memory fragmentation with malloc implementations (e.g. glibc) that
don't handle allocationss of a page-size-multiples in an efficient way.
It also makes apr_allocator_max_free_set() actually have some effect
on such platforms. [Stefan Fritsch]
- configure: Support 64 and 32 bit universal builds for Darwin/
OS X 10.6+. [Jim Jagielski]
- apr_sockaddr_info_get() on AIX: Fix a problem which could set
the port field in the native socket address to 1 when 0 was
specified. Bug 46964. [Jeff Trawick]
- configure: Make definition of apr_ino_t independent of
_FILE_OFFSET_BITS even on platforms where ino_t is 'unsigned int'.
[Stefan Fritsch]
- apr_ring: Workaround for aliasing problem that causes gcc 4.5 to
miscompile some brigade related code. Bug 50190. [Stefan Fritsch]
- apr_file_flush_locked(): Handle short writes. [Stefan Fritsch]
- apr_pollset_create_ex(): Trap errors from pollset providers.
Bug 49094. [Sami Tolvanen <sami.tolvanen mywot.com>]
- apr_pollset_create*(): Fix memory lifetime problem with the wakeup
pipe when the pollset was created with APR_POLLSET_NOCOPY.
[Neil Conway <nrc cs.berkeley.edu>]
- Fix detection of some Linux variants when configure is built with
recent GNU tools. [Eric Covener]
- Avoid a redundant fcntl() call in apr_file_open() where O_CLOEXEC
is supported. Bug 46297. [Joe Orton]
- Improve platform detection by updating config.guess and config.sub.
[Rainer Jung]
* Undo a crash-bug introduced in 1.3.9 affecting some applications of
the apr hash and table structures, reported to affect Subversion
Changes 1.4.1:
* Win32: Properly handle the ERROR_DIRECTORY system error code.
Changes 1.4.0:
* Add apr_global_mutex_lockfile() for retrieving the file, if any,
associated with the mutex. Add apr_global_mutex_name() for retrieving
the name of the lock mechanism used by the underlying proc mutex.
* Add apr_socket_atreadeof to determine whether the receive part of the
socket has been closed by the peer.
* Make apr_pollset and apr_pollcb implementations using providers.
Added apr_pollset_create_ex and apr_pollcb_create_ex that allows
choosing non-default providers.
* apr_temp_dir_get() now checks the TMPDIR environment variable first,
instead of third.
* Add apr_file_sync() and apr_file_datasync() calls.
* apr_pollset_wakeup() on Windows: Fix core caused by closing the
file_socket_pipe with standard file_close.
* Introduce apr_hash_do() for iterating over a hash table.
* Make sure WIN32 behaves the same as posix for file-backed shared memory
by removing the file on cleanup/remove.
* Introduce apr_pollset_wakeup() for interrupting the blocking
apr_pollset_poll() call.
* Add apr_file_link() function.
Changes for APR 1.3.9
*) SECURITY: CVE-2009-2699 (cve.mitre.org)
Faulty error handling in the Solaris pollset support
(Event Port backend) which could trigger hangs in the prefork
and event MPMs on that platform. PR 47645. [Jeff Trawick]
Changes for APR 1.3.8
*) SECURITY: CVE-2009-2412 (cve.mitre.org)
Fix overflow in pools and rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
*) Make sure that "make check" is used in the RPM spec file, consistent
with apr-util. [Graham Leggett]
*) Pass default environment to testflock, testoc and testpipe children,
so that tests run when APR is compiled with Intel C Compiler.
[Bojan Smojver]
Changes since 1.3.5:
- On Linux/hppa flock() returns EAGAIN instead of EWOULDBLOCK. This
causes proc mutex failures.
- Set CLOEXEC flags where appropriate. Either use new O_CLOEXEC flag and
associated functions, such as dup3(), accept4(), epoll_create1() etc.,
or simply set CLOEXEC flag using fcntl().
- More elaborate detection for dup3(), accept4() and epoll_create1().
- Dropped kqueue and apr_poll detection from Mac OS/X 10.5/Darwin 9
due to various reported problems.
- apr_strerror() on OS/2: Fix problem with calculating buffer size.
Bug 45689.
- Prefer glibtool1/glibtoolize1.
- Fix buildconf with libtool 2.2.
- Fix a bug with the APR_DELONCLOSE flag. Child processes were (also)
unlinking the file.
- Fix compilation error on systems that do not have IPV6.
Bug 46601
- apr_socket_sendfile() on Solaris: Fix handling of files truncated
after the sender determines the length. (This fixes a busy loop in
httpd when a file being served is truncated.)
- Fix documentation for apr_temp_dir_get().
Bug 46303
- Add AC_MSG_RESULT after AC_MSG_CHECKING.
Bug 46427
- Reset errno to zero in apr_strtoi64 to prevent returning an errno not
equal zero in cases where the operation worked fine.
- Win32: Do not error out on apr_pollset_poll() when there are no sockets.
- Fix apr_tokenize_to_argv parsing. Bug 46128
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
Changes for APR 1.3.3
*) Rename apr_pool_create_core to apr_pool_create_unmanaged and
deprecate the old API name. It better reflects the scope and usage
of this function. [Mladen Turk]
*) Use proper return code for fcntl-based apr_proc_mutex_trylock()
on platforms that return EACCES instead of EAGAIN when the lock
is already held (AIX, HP-UX).
[Eric Covener]
*) Fix APR_PID_T_FMT detection on Solaris. PR 45513
[Rainer Jung <rainer.jung kippdata.de>]
Changes for APR 1.3.2
*) Fix getservbyname_r() detection. [Ruediger Pluem]
Changes for APR 1.3.1
*) Fix win32 apr.hw to pick up XP/2003 TCP/IP multicast constants and
revert to IPV6 disabled-by-default (a change present only in 1.3.0).
[William Rowe]
*) Fix autoconf cached detection of atomic builtins. [Jim Jagielski]
*) Use thread safe versions of getservbyname(). [Bojan Smojver]
*) Use thread safe getpass_r on Netware. [Guenter Knauf]
Changes for APR 1.3.0
*) Fix Solaris poll failure. PR 43000
[Henry Jen <henryjen ztune.net>]
*) apr_getservbyname(): Use proper method for converting port
to host byte order. PR 44903.
[Chris Taylor <ctaylor wadeford.plus.com>]
*) Use /dev/urandom in preference to /dev/random as entropy source
for apr_generate_random_bytes. PR 44881. [Bojan Smojver]
*) Implement apr_proc_wait_all_procs for windows.
The implementation uses tool help library present
on Windows 2000 and later. APR_ENOTIMPL is returned
on platforms missing tool help from kernel32.dll.
[Mladen Turk]
*) Introduce apr_pool_pre_cleanup_register() for registering
a cleanup that is called before any subpool is destroyed
within apr_pool_clear or apr_pool_destroy.
This allows to register a cleanup that will notify subpools
about its inevitable destruction.
[Mladen Turk]
*) Introduce apr_pool_create_core_ex() for creation of standalone
pools without parent. This function should be used for short
living pools, usually ones that are created and destroyed
either in a loop or inside function call. Since the pools
created with this function doesn't have a parent they must
be explicitly destroyed when done.
[Mladen Turk]
*) Fix return value when apr_pollset_poll interrupted.
PR 42580 [Basant Kumar Kukreja <basant.kukreja sun.com>]
*) Add missing semi-colon in Win9x code path of apr_file_open that breaks
Win9X Debug builds. PR 44329. [Curt Arnold]
*) z/OS: return standard apr_status_t codes from apr_dso_load()
and apr_dso_sym(). [David Jones <oscaremma gmail.com>]
*) Fix the make test target in the spec file. [Graham Leggett]
*) Fix DSO-related crash on z/OS caused by incorrect memory
allocation. [David Jones <oscaremma gmail.com>]
*) Implement Darwin-semantic (9.0.0 and later) sendfile support.
Use writev in lieu of hdtr vecs since how Darwin counts the
data is undocumented. [Geoff Greer <angryparsley mipsisrisc.com>,
William Rowe, Jim Jagielski]
*) Implemented the APR_FOPEN_SPARSE flag, permits win32 to create
sparse data files. Also bestow apr_fileinfo_t csize field for
Windows versions 2000 and later, which helps in the detection
that a sparse file is truly in use (see test/testlfs.c for an
example, because different filesystems can vary in behavior
even on an OS supporting sparse files). [William Rowe]
*) Corrected for Darwin and others to toggle APR_HAS_LARGE_FILES
where large off_t's are enabled without any extra defines, hints
or additional functions. This is binary compatible, but apps
may need to be recompiled to take full advantage depending on how
they detect this feature. [William Rowe]
*) Implement apr_atomic_casptr() and apr_atomic_xchgptr() for z/OS.
[David Jones <oscaremma gmail.com>]
*) Introduce apr_file_pipe_create_ex() to portably permit one pipe
end or another to be entirely blocking for non-APR applications
(e.g. stdio streams) and the other (or both ends) non blocking,
with a timeout of 0 by default.
[William Rowe]
*) apr_procattr_io_set() on Windows: Set non-blocking pipe handles
to a default timeout of 0, following the Unix default. No effect
on pipe handles configured to block. PR 43522.
[Eric Covener <covener gmail.com>]
*) apr_file_write() on Windows: Fix return code when writing to a non-
blocking pipe would have blocked. PR 43563.
[Eric Covener <covener gmail.com>]
*) Introduce APR_NO_FILE as an option to apr_procattr_io_set() for any
of the three stdio streams to cause the corresponding streams to be
closed to the child process. This becomes effective in 1.3.0 across
platforms (equivilant to APR_NO_PIPE in 1.2.x except on Win32.)
[William Rowe]
*) Solve WinNT inherited pipe leaks by mutexing apr_proc_create calls,
on WinNT (not WinCE, nor 9x) so that we toggle the inherited state
of the stdin/out/err pipes. All other file handles are treated as
not-inherited until apr_file_dup2'ed a std handle of this process,
or while they are used by apr_proc_create. [William Rowe]
*) Define the Mac OS/X filesystem_encoding as utf-8 (in previous
releases the interpretation would vary). [Branko Čibej]
*) Add table cloning (deep copy) convenience function.
[Davi Arnaut]
*) Rework the WIN32 CV code to signal the condition only if one or
more threads are blocked on the condition variable. If no threads
are waiting on the condition variable, nothing happens. The change
also eliminates the thundering-herd problem of the manual-reset
event, which (theoretically) wakes up all threads waiting on. Now
the behavior of the CV's should be the same on Unix and win32
platforms. PR 42305. [Davi Arnaut]
*) Define SEM_FAILED if it isn't already defined, as the proc mutex
code already does it. Also search for the sem_open function in
the realtime library. (This fixes HP-UX sem_open detection).
[Davi Arnaut]
*) Define the _HPUX_SOURCE feature test macro to obtain maximum
functionality.
PR 42261. [Davi Arnaut]
*) Stop invoking the testshm* helpers upon 'make test' invocation.
[Kurt Miller <kurt intricatesoftware.com>]
*) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
apr_file_mktemp. [Brian J. France <list firehawksystems.com>]
*) Numerous build fixes for non-GCC builds and GCC builds on Win32,
as well as WinCE builds. [Davi Arnaut <davi haxent.com.br>,
Curt Arnold <carnold apache.org>, John Mark Vandenberg,
Kouhei Sutou <kou cozmixng.org>, William Rowe]
*) Discard file buffers when running cleanups for exec.
PR 41119. [Davi Arnaut <davi haxent.com.br>, Bojan Smojver]
*) Improve thread safety of assorted file_io functions.
PR 42400. [Davi Arnaut <davi haxent.com.br>]
*) Add the apr_pollcb API as an alternative more efficient method
of polling sockets, compared to apr_pollset. [Paul Querna]
*) Fix possible crash in apr_pool_initialize() when built with
verbose pool debugging. PR 41063.
[Peter Steiner <peter.steiner+apache hugwi.ch>]
*) Fix --disable-ipv6 build on platforms with getifaddrs().
PR 39199. [Joe Orton]
*) Correctly retrieve 'empty' environment values with apr_env_get
on Win32 (e.g. "VAR="), and added validation to testall suite.
PR 40764. [Issac Goldstand <margol beamartyr.net>]
*) Portably check for EEXIST in mktemp code. PR 40818
[Kenneth Golomb <KGolomb TradeCard.com>]
*) Fix apr_socket_recvfrom() to ensure the peer's address is returned
through the "from" parameter. [Joe Orton]
*) Fix error checking in kqueue, epoll and event port versions of
apr_pollset_create. PR 40660, 40661, 40662
[Larry Cipriani <lvc lucent.com>]
*) Add some documentation on the format matched by apr_fnmatch.
[David Glasser <glasser mit.edu>]
*) Add apr_hash_clear. [Daniel L. Rall <dlr apache.org>]
*) Don't try to build apr_app.c on MinGW.
[Matthias Miller <Blog outofhanwell.com>]
*) Fix the timeout converstion in apr_pollset with the KQueue
backend. [Marco Molteni <mmolteni cisco.com>]
*) Support MinGW. [John Vandenberg, Justin Erenkrantz]
*) Implement apr_thread_yield on Unix in terms of pthread_yield or
sched_yield. [Keisuke Nishida <keisuke.nishida gmail.com>]
*) Provide folding in autogenerated .manifest files for Win32 builders
using VisualStudio 2005 [William Rowe]
*) Utilise Solaris' native atomic_* functions for apr_atomics
where appropriate. [Colm MacCárthaigh]
*) Make apr_socket_recvfrom initialize the port field in the from
sockaddr. PR 39325 [Anthony Minessale <anthmct yahoo.com>]
*) NetBSD: Avoid leaving zombie process when using apr_signal()
to ignore SIGCHLD. PR 36750. [Todd Vierling <tv pobox.com>]
*) Implement support for apr_proc_mutex_trylock() on Unix platforms.
PR 38785. [Chris Darroch <chrisd pearsoncmg.com>]
*) APR_FIND_APR macro now supports customisable detailed checks on
each installed apr. [Justin Erenkrantz, Colm MacCárthaigh]
*) APR_FIND_APR macro no longer checks /usr/local/apache2/
[Colm MacCárthaigh]
*) Add APR_POLLSET_NOCOPY option to apr_pollset API to eliminate
O(n)-time lookup in apr_pollset_remove() (currently implemented
only for epoll). [Brian Pane]
*) Add apr_file_buffer_set() and apr_file_buffer_size_get() functions
to support variable buffer sizes with APR file handles.
[Colm MacCárthaigh]
*) Add apr_file_open_flags_std[err|out|in]() functions.
[Colm MacCárthaigh]
*) stdio: apr_file_open_std[err|out|in]() functions now set the APR_WRITE
or APR_READ flag as appropriate. [Colm MacCárthaigh]
*) multicast: apr_mcast_*() no longer return APR_ENOTIMPL when invoked
for non-UDP/RAW sockets. The caller is expected to ensure that the
socket-type is suitable for multicast. [Colm MacCárthaigh]
*) Add apr_sockaddr_ip_getbuf() function. [Joe Orton]
*) Fix handling of %pI in apr_psprintf. [Joe Orton]
*) Provide APR_VERSION_AT_LEAST() macro for applications which
want to enable features based on a required level of APR.
[Jeff Trawick]
*) jlibtool: Teach to use static libraries with -static.
[Justin Erenkrantz]
*) Fix checks for alloca() support in configure. PR 13037.
[Noah Misch <noah cs.caltech.edu>]
*) Add %pm support to apr_snprintf() for printing the error string
corresponding to an apr_status_t value. [Joe Orton]
*) Add APR_ARRAY_IDX() and APR_ARRAY_PUSH() convenience macros to
apr_tables.h. [Garrett Rooney]
- Win32 apr_file_read; Correctly handle completion-based read-to-EOF.
- Fixed Win32 regression of stdout inheritance in apr_proc_create.
- Solve winNT inherited pipe leaks by mutexing apr_proc_create calls,
on WinNT (not WinCE, nor 9x) so that we toggle the inherited state
of the stdin/out/err pipes. All other file handles are treated as
not-inherited until apr_file_dup2'ed a std handle of this process,
or while they are used by apr_proc_create.
- Define the Mac OS/X filesystem_encoding as utf-8 (in previous
releases the interpretation would vary).
- Fix day of year (tm_day) calculation for July. The bug only affects
Windows builds. Apache Bug #42953.
- Fix LFS detection when building over NFS. The mode must be
specified when O_CREAT is in the flags to open().
Apache Bug #42821.
- Avoid overwriting the hash_mutex table for applications that
incorrectly calls apr_atomic_init(). Apache Bug #42760.
- Allow IPv6 connectivity test to fail, avoiding a potentially fatal
error.
- The MinGW Windows headers effectively redefines WINADVAPI from
__stdcall to empty which results in a link failure when wincrypt.h
is placed after an include to apr_private.h.
Apache Bug #42293.
- Define SEM_FAILED if it isn't already defined, as the proc mutex
code already does it. Also search for the sem_open function in
the realtime library. (This fixes HP-UX sem_open detection).
- Define the _HPUX_SOURCE feature test macro to obtain maximum
functionality. Fixes broken sendfile with LFS support on HP-UX.
Apache Bug #42261.
*) Stop invoking the testshm* helpers upon 'make test' invocation.
[Kurt Miller <kurt intricatesoftware.com>]
*) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
apr_file_mktemp. [Brian J. France <list firehawksystems.com>]
*) Numerous build fixes for non-GCC builds and GCC builds on Win32,
as well as WinCE builds.
*) Discard file buffers when running cleanups for exec.
*) If apr_proc_create() fails to exec in the fork()ed child, call
_exit() not exit() to avoid running atexit()-registered functions
in the child. [Joe Orton]
*) Improve thread safety of assorted file_io functions.
[Davi Arnaut <davi haxent.com.br>]
*) Fix file pointer position calculation in apr_file_writev() on
buffered file. [Davi Arnaut <davi haxent.com.br>]
*) Fix formatting of unsigned integers larger than 2^63 in the
vformatter/apr_*printf.
[Wynn Wilkes <wynn bungeelabs.com>]
*) Fix possible EFAULT failures in apr_socket_sendfile() on 32-bit
Solaris with LFS enabled.
*) Fix deadlock in apr_file_gets() for a file opened with both the
APR_BUFFERED and APR_XTHREAD flags.
Update to 1.2.8 (formerly in devel/apr1), no longer build from the
httpd distfile.
devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
Use devel/apr0.
www/apache22:
Use devel/apr and devel/apr-util.
apr_xlate_*() functions support non-ASCII characters properly.
This should allow the "ap2-subversion" package to deal with filenames
including non-ASCII characters and therefore fix PR pkg/26056.
to version 2.0.59. Changes since *2.0.58:
- SECURITY: CVE-2006-3747 (cve.mitre.org)
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
run on Unix.
- HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
This provides a working mod_echo on all platforms, and ensures any
custom protocol module is at least given an initial timeout value
based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
respond to OPTIONS directly rather than via server default.
Apache#15242
- Added new module mod_version, which provides version dependent
configuration containers.
- Add core version query function (ap_get_server_revision) and
accompanying ap_version_t structure (minor MMN bump).