zhiguo zhao | 1 Oct 09:00 2011
Picon

May be a bug in mod_session based (cookie), two times Set-Cookie in response headers!

Hi all,


   I found when I enable mod_session with cookie, everytime response have tow times Set-Cookie.
  I found function session_cookie_save react to both headers_out and err_headers_out, then when send header call function ap_http_header_filter, apr_table_overlay  headers_out and err_headers_out, 

 I think this may be a bugs. Please notice that.
Stefan Fritsch | 1 Oct 18:48 2011
Picon

Re: [PATCH] Support for TLS Session Tickets

On Fri, 30 Sep 2011, Rainer Jung wrote:
> Thanks for the info. That would definitely be a nice feature. Would it
> be safe to use a statically defined key? Only as long as the config file
> is safe?

As I understand it, knowledge of the session ticket key allows to
decrypt all connections that use session tickets with this key. I
think this is true even if the tls cipher itself guarantees forward
security (like DHE). If this is correct, the option certainly needs
some warnings in the documentation.

Also, I think the config file is the wrong place for the key. Just think 
of mod_info, which would display the key in the configuration. And I am 
also against generating the key from some ASCII password that likely has 
less entropy than the 48 bytes used for the key.

What about specifying a file that contains the base64 encoded key? If
the file does not exist, httpd could create it with a random value and
the correct permissions. The admin would then just need to start httpd on 
one server and copy the created file to the other servers.

Or we could just document how to create it. Under Unix, it's a one-
liner:

(umask 077; dd if=/dev/random bs=48 count=1|
openssl base64 > filename.key)

Other nice to have things may be:

Support for storing the ticket key in encrypted form and querying the 
passphrase with SSLPassPhraseDialog.

Automatic key rollover. The first idea for this I could come up with would 
be would be the following: Store the key together with a timestamp and 
replace the key with some hash of the key at fixed intervals (like every 
day). Then the key could be used to decrypt ssl sessions of the current 
day and of the future, but it would not allow to decrypt sessions that 
used an older ticket key. Well, at least if the old key is overwritten on 
disk, too.

Paul Querna | 2 Oct 01:35 2011

Re: [PATCH] Support for TLS Session Tickets

On Sat, Oct 1, 2011 at 9:48 AM, Stefan Fritsch <sf <at> sfritsch.de> wrote:
> On Fri, 30 Sep 2011, Rainer Jung wrote:
>>
>> Thanks for the info. That would definitely be a nice feature. Would it
>> be safe to use a statically defined key? Only as long as the config file
>> is safe?
>
> As I understand it, knowledge of the session ticket key allows to
> decrypt all connections that use session tickets with this key. I
> think this is true even if the tls cipher itself guarantees forward
> security (like DHE). If this is correct, the option certainly needs
> some warnings in the documentation.
>
> Also, I think the config file is the wrong place for the key. Just think of
> mod_info, which would display the key in the configuration. And I am also
> against generating the key from some ASCII password that likely has less
> entropy than the 48 bytes used for the key.
>
> What about specifying a file that contains the base64 encoded key? If
> the file does not exist, httpd could create it with a random value and
> the correct permissions. The admin would then just need to start httpd on
> one server and copy the created file to the other servers.
>
> Or we could just document how to create it. Under Unix, it's a one-
> liner:
>
> (umask 077; dd if=/dev/random bs=48 count=1|
> openssl base64 > filename.key)

How about using the private key for the certificate as a signing key
as one way to get more (deterministic) data?

Kaspar Brand | 2 Oct 08:56 2011
Picon

Re: Improving SSL config

On 29.09.2011 16:31, Rainer Jung wrote:
>  #   SSL Cipher Suite:
>  #   List the ciphers that the client is permitted to negotiate.
>  #   See the mod_ssl documentation for a complete list.
> -SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> +SSLCipherSuite RC4-SHA:AES128-SHA:ALL:!aNULL:!EXP:!LOW:!MD5:!SSLV2:!NULL

Alternatively, it could be configured with a somewhat shorter

  SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5

(This produces the same list, but is more "whitelist based". We
still have to ban aNULL and MD5, though.)

> Furthermore I wonder whether we should activate the SSLHonorCipherOrder
> in this config by default - at least for trunk. At the moment it is
> commented out.

That mostly depends on what SSLCipherSuite is set to, IMO. If RC4-SHA
and AES128-SHA appear at the beginning, then turning on
SSLHonorCipherOrder effectively means giving up perfect forward secrecy
for many connections, as both of these cipher suites use RSA for key
exchange.

For Windows browsers which use Schannel for SSL/TLS - IE, most notably
-, this doesn't make a real difference, that's true (Schannel has
TLS_RSA_WITH_AES_128_CBC_SHA and TLS_RSA_WITH_RC4_128_SHA at the
beginning of its default list). But OTOH browsers using Mozilla NSS,
such as Firefox or Chrome, have suites with [EC]DHE key exchanges before
those with RSA. In that latter case, turning SSLHonorCipher on makes
these users lose PFS.

> For 2.2.x it is possible people use OpenSSL older than 0.9.6 and the
> directive will not work then.

SSL_OP_CIPHER_SERVER_PREFERENCE was added to OpenSSL 0.9.7, to be
precise. As ssl_cmd_SSLHonorCipherOrder() will hard fail in that case,
turning it on has the risk of shipping a default config which fails to load.

Kaspar

William A. Rowe Jr. | 2 Oct 09:07 2011
Picon

Re: Improving SSL config

On 9/29/2011 9:31 AM, Rainer Jung wrote:
> In light of the TLS 1.0 CBC attack (aka BEAST, CVE-2011-3389) I suggest
> we update our SSL configuration analogous to what's in trunk.
> 
> - Choose a better default SSLCipherSuite
> - Add SSLHonorCipherOrder
> - restrict MSIE exceptions to MSIE 2-5

-1 in this respect; faster is not more secure.  We must default to setting
the strictest cipher choices, with a commented-out "this is faster, but far
less secure" alternative for those with less targeted assets.

If someone is enabling mod_ssl, it is to secure their traffic, not to speed
up their server.

And no, MD4, although immune to *this* vector, is simply not preferable.

bugzilla | 2 Oct 09:15 2011
Picon

Bug report for Apache httpd-2 [2011/10/02]

+---------------------------------------------------------------------------+
| Bugzilla Bug ID                                                           |
|     +---------------------------------------------------------------------+
|     | Status: UNC=Unconfirmed NEW=New         ASS=Assigned                |
|     |         OPN=Reopened    VER=Verified    (Skipped Closed/Resolved)   |
|     |   +-----------------------------------------------------------------+
|     |   | Severity: BLK=Blocker CRI=Critical  REG=Regression  MAJ=Major   |
|     |   |           MIN=Minor   NOR=Normal    ENH=Enhancement TRV=Trivial |
|     |   |   +-------------------------------------------------------------+
|     |   |   | Date Posted                                                 |
|     |   |   |          +--------------------------------------------------+
|     |   |   |          | Description                                      |
|     |   |   |          |                                                  |
| 7483|Ass|Enh|2002-03-26|Add FileAction directive to assign a cgi interpret|
| 8713|Inf|Min|2002-05-01|No Errorlog on PROPFIND/Depth:Infinity            |
| 9945|New|Enh|2002-06-18|[PATCH] new funtionality for apache bench         |
|10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i|
|11294|New|Enh|2002-07-30|desired vhost_alias option                        |
|11580|Opn|Enh|2002-08-09|generate Content-Location headers                 |
|12033|Opn|Nor|2002-08-26|Graceful restart immidiately result in [warn] long|
|12680|New|Enh|2002-09-16|Digest authentication with integrity protection   |
|13029|New|Nor|2002-09-26|Win32 mod_cgi failure with non-ASCII characters in|
|13599|Inf|Nor|2002-10-14|autoindex formating broken for multibyte sequences|
|13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation  |
|14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR|
|14496|New|Enh|2002-11-13|Cannot upgrade any version on Windows. Must uninst|
|14922|Inf|Enh|2002-11-28|<target> is currently hardcoded to 'apache2'      |
|15719|Inf|Nor|2002-12-30|WebDAV MOVE to destination URI which is content-ne|
|16057|Ass|Maj|2003-01-14|module fails to init client_rmm and applies too ma|
|16126|Opn|Nor|2003-01-15|cache mishandles If-None-Match                    |
|16142|Opn|Maj|2003-01-15|MUST use strong comparison for Range requests     |
|16761|Inf|Nor|2003-02-04|CustomLog with pipe spawns process during config  |
|16802|New|Enh|2003-02-05|Additional AllowOverride directive "Restrict"     |
|16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.    |
|17107|New|Min|2003-02-16|Windows should not install printenv               |
|17114|New|Enh|2003-02-17|Please add strip and install-strip targets to Make|
|17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi|
|17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header|
|18325|New|Enh|2003-03-25|PAM support for suEXEC                            |
|18334|Inf|Cri|2003-03-25|Server crashes when authenticating users against L|
|18497|New|Min|2003-03-30|configure --help gives wrong default for sysconfdi|
|19043|New|Min|2003-04-15|Interesting interaction between cern_meta module a|
|19670|New|Enh|2003-05-05|content type header supplied upon PUT is thrown aw|
|19938|New|Enh|2003-05-15|[PATCH] local access wildcard word: "Allow from He|
|20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment |
|20414|Ass|Enh|2003-06-02|DirectoryIndex accumulation                       |
|21253|New|Nor|2003-07-01|Mime magic doesn't continue if type is specifed fo|
|21260|New|Nor|2003-07-02|CacheMaxExpire directive not enforced !           |
|21272|New|Enh|2003-07-02|Support for full fixed reverse mappings           |
|21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut|
|22005|Ver|Nor|2003-07-30|Win32: "Help I'm Stuck!" menu item leads to dead e|
|22138|Inf|Cri|2003-08-05|Webdav is not preccessing special chars right.    |
|22237|New|Enh|2003-08-08|option to disable ServerSignature on index pages  |
|22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down                |
|22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7|
|22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header                  |
|23167|Inf|Cri|2003-09-14|--enable-layout never goes to apr apr-util        |
|23181|Inf|Nor|2003-09-15|status 304 (Not modified) and chuncking leads to a|
|23238|New|Cri|2003-09-18|non-async-signal-safe operations from signal handl|
|23330|New|Enh|2003-09-22|Enhance ApacheMonitor to view and control Tomcat s|
|23567|New|Cri|2003-10-02|splitting brigades eats memory proportional to num|
|23673|Ass|Enh|2003-10-08|AllowCONNECT cannot be configured to allow connect|
|23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54    |
|24031|New|Enh|2003-10-23|Passphrase protected private key in SSLProxyMachin|
|24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32|
|24243|New|Enh|2003-10-30|mod_autoindex enhancement ('IndexIgnoreRemove' opt|
|24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g|
|25014|New|Enh|2003-11-26|A flexible interface for mod_log_config           |
|25201|New|Enh|2003-12-04|Provide Cache Purge operation                     |
|25240|Inf|Enh|2003-12-05|SSL Library Error: 336105671 logged as information|
|25435|New|Enh|2003-12-11|sethandler and directoryindex not playing nice    |
|25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files  |
|25484|Ass|Enh|2003-12-12|Non-service Apache cannot be stopped in WinXP     |
|25543|Inf|Nor|2003-12-15|mod_proxy_ajp overwrites existing response headers|
|25656|New|Min|2003-12-19|server-status reports wrong value of "Total Traffi|
|25667|New|Nor|2003-12-19|Memory leak in function ssl_scache_dbm_retrieve().|
|25863|New|Enh|2004-01-02|new per-host initialization hooks                 |
|26005|New|Nor|2004-01-08|SERVER_NAME incorrect when using IPv6 address in U|
|26052|Opn|Enh|2004-01-12|DOCUMENT_ROOT environment variable set incorrectly|
|26142|New|Maj|2004-01-14|EnableSendFile Off for Windows XP Home            |
|26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability   |
|26368|New|Min|2004-01-23|File extensions in AddDescription treated as part |
|26446|New|Nor|2004-01-26|flush buckets followed by eos bucket emit multiple|
|26478|New|Enh|2004-01-28|mod_dav does not expose a method for setting the D|
|26538|Opn|Enh|2004-01-29|windows 2003 active directory - [ldap_search_ext_s|
|26781|Inf|Maj|2004-02-08|ab (apache benchmark) does not work               |
|26835|New|Enh|2004-02-10|[PATCH] Mod_status Readability & Browser Side Tabl|
|27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid                 |
|27578|New|Enh|2004-03-10|made getlastmodified a writable property          |
|27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins|
|27791|Inf|Nor|2004-03-18|mod_cache doesn't re-cache expired content        |
|27835|New|Enh|2004-03-22|When proxying FTP, all errors turns into 404      |
|27869|New|Enh|2004-03-23|stopping and starting httpd again immediately caus|
|28391|New|Enh|2004-04-14|CO (cookie) flag does not support session-based ex|
|28854|Inf|Nor|2004-05-09|Build fails with missing library call on Solaris i|
|28903|New|Enh|2004-05-11|Hooks to add environment variables to CGI and othe|
|29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp|
|29165|New|Nor|2004-05-24|Parent directory icon not correct                 |
|29190|New|Enh|2004-05-24|Error logging per vhost consuming all available fi|
|29404|Ass|Enh|2004-06-05|Allow definition of source address of outgoing con|
|29446|New|Enh|2004-06-08|want directive for setting content negotiation qua|
|29449|New|Enh|2004-06-09|Limit length of specified fields in LogFormat     |
|29450|New|Enh|2004-06-09|Improved logging for mod_access                   |
|29510|Ass|Enh|2004-06-10|ab does not support multiple cookies              |
|29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client |
|29744|Opn|Enh|2004-06-22|CONNECT does not work over existing SSL connection|
|29755|Opn|Nor|2004-06-23|mod_usertrack should use err_headers_out          |
|29822|New|Enh|2004-06-26|implement FTP 'PUT' support in proxy_ftp.c        |
|29941|Ass|Enh|2004-07-06|log files are not tested for availability on confi|
|30195|New|Enh|2004-07-19|add proxy backend src port to r->notes for logging|
|30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do|
|30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ|
|30730|Inf|Nor|2004-08-18|[PatchAvailable] mod_actions and Server-Status    |
|31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in |
|31311|New|Enh|2004-09-20|Remote user not logged in reverse proxy scenario  |
|31332|Ass|Enh|2004-09-21|enable environment variables in LDAP require group|
|31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use|
|31366|Inf|Cri|2004-09-22|Stopping Apache2 service causes libapr.dll to cras|
|31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules        |
|31484|New|Maj|2004-09-30|Custom environment variables not passed to content|
|31490|New|Nor|2004-09-30|mod_proxy_ftp renders filenames with spaces badly |
|31565|New|Enh|2004-10-06|Won't start correctly if parent closed stdin, stdo|
|31679|New|Enh|2004-10-12|If the argument of a CGI has two or more consecuti|
|31709|Inf|Nor|2004-10-13|Raises an error on SSL name based virtualhosts (wi|
|31712|New|Enh|2004-10-14|config_file is NULL at ap_walk_config etc         |
|31822|New|Nor|2004-10-21|mod_proxy as reverse proxy brokes  images (seems t|
|31952|New|Enh|2004-10-29|mod_proxy and RealPlayer: audio content streaming |
|31956|New|Enh|2004-10-29|dump configuration data for apache                |
|32136|Inf|Blk|2004-11-09|mod_auth_ldap crashes apache server               |
|32147|Inf|Enh|2004-11-10|provide finer grained control over enabling/disabl|
|32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern|
|32346|New|Enh|2004-11-22|mod_include/include virtual checks content-type is|
|32524|New|Enh|2004-12-03|ab: add an option to specify a source address     |
|32652|New|Enh|2004-12-12|mod_ssl: match hostnames against subjectAltName DN|
|32703|Inf|Enh|2004-12-14|Cannot determine that Apache is frozen if /var fil|
|32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak    |
|32877|New|Enh|2004-12-29|wrong utf-8 encoding/escaping in a href for umlaut|
|32950|Inf|Nor|2005-01-05|mod_cache storing corrupted files.                |
|33084|New|Enh|2005-01-13|Optional certificate validity period check on SSLV|
|33089|Inf|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)|
|33207|New|Nor|2005-01-23|Results of my suexec.c code audit                 |
|33215|New|Nor|2005-01-24|Cygwin build/install.sh fix (OSTYPE => ext=.exe)  |
|33512|Inf|Maj|2005-02-11|mod_mem_cache and possibly mod_deflate            |
|33627|New|Nor|2005-02-18|Bite-sized changes making progress towards compila|
|33685|New|Maj|2005-02-22|Unable to install in the path containing non engli|
|34270|Inf|Nor|2005-04-01|Large POSTs over SSL from Internet Explorer do not|
|34375|New|Enh|2005-04-08|enhancements for mod_include                      |
|34377|New|Enh|2005-04-08|Allow the overriding of 401 Unauthorized returns f|
|34405|New|Enh|2005-04-11|adds DOCUMENT_NAME_WITHOUT_SUFFIX to mod_include  |
|34508|Inf|Nor|2005-04-19|Randomly slow graceful restart, not accepting new |
|34519|New|Enh|2005-04-19|Directory index should emit valid XHTML           |
|35049|New|Nor|2005-05-24|let AddDefaultCharset apply to text/css and applic|
|35077|New|Nor|2005-05-26|mod_dav passes incorrect paths with LocationMatch |
|35083|Inf|Enh|2005-05-26|Certificate validation problems trapping          |
|35154|New|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName |
|35245|New|Nor|2005-06-06|cache ignores max-age cache-directive in requests |
|35250|New|Enh|2005-06-07|[PatchAvailable] add logging to mod_proxy_connect |
|35280|New|Nor|2005-06-09|FTP proxy breaks RFC 2428 when trying to fall back|
|35350|Opn|Enh|2005-06-14|No directive "Define" and "Undefine"              |
|35556|Inf|Nor|2005-06-30|CRL files not re-read by HUP                      |
|35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c|
|35702|New|Nor|2005-07-12|Using with https URL, ab freezes or gets SIGSEGV o|
|35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level    |
|35781|New|Nor|2005-07-18|ap_sub_req_method_uri() bypasses Limit security co|
|35981|New|Maj|2005-08-02|mod_dav overrides dav_fs response on PUT failure  |
|36027|Ass|Reg|2005-08-04|Apache 2.0.54 Sevear Performance Degrade          |
|36286|New|Enh|2005-08-20|configtest doesn't check SSL certificates         |
|36492|New|Nor|2005-09-04|split-logfile script dies when splitting log of ma|
|36495|Inf|Nor|2005-09-05|mod_proxy_ajp: ajp_check_msg_header() got bad sign|
|36564|New|Enh|2005-09-08|make mod_ldap really universal                    |
|36636|New|Maj|2005-09-13|database write lock taken for PROPFIND operations |
|36676|New|Nor|2005-09-15|time() bug in httpd-2.0/os/win32/util_win32.c:wait|
|36710|Opn|Blk|2005-09-19|CGI output not captured                           |
|36724|New|Nor|2005-09-20|Don't install Apache Monitor by default           |
|37036|Inf|Nor|2005-10-12|ld: 0711-317 ERROR: Undefined symbol: .sqrt       |
|37110|New|Nor|2005-10-17|Build fails when source tree is read-only         |
|37194|Opn|Nor|2005-10-21|Logging *input* header values (was re: X-Forwarded|
|37196|New|Min|2005-10-21|Wrong "Parent directory" link                     |
|37201|New|Enh|2005-10-21|Add <IfInterface IP> syntax to apache configuratio|
|37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo|
|37307|New|Enh|2005-10-31|Can't suppress error messages                     |
|37355|New|Nor|2005-11-04|Allow to specify Proxy-Authorization in ProxyRemot|
|37360|New|Maj|2005-11-04|Install fails on Windows XP x64 when program files|
|37402|New|Nor|2005-11-08|mod_proxy has stopped allowing POST sub-requests  |
|37514|Inf|Nor|2005-11-15|mod_proxy buffers chunked data.                   |
|37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i|
|37587|Inf|Min|2005-11-22|mod_status Total Traffic value goes up then down? |
|37802|Inf|Cri|2005-12-05|File descriptor leak ?                            |
|37823|Inf|Nor|2005-12-07|The openssl library linked is different between ht|
|37863|New|Maj|2005-12-11|kill -1 httpd_id -> Failed to enable the 'httpread|
|37912|New|Enh|2005-12-14|[PATCH] Have ssl_engine_pphrase.c report what vhos|
|37920|Ass|Maj|2005-12-15|mod_proxy does not flush data on POST requests fro|
|38019|New|Nor|2005-12-22|SetEnv can't be used before SetEnvIf              |
|38116|New|Enh|2006-01-04|Chroot-Patch for SuExec                           |
|38148|New|Nor|2006-01-06|One Failed Request Can Possibly Overwrite Another |
|38149|New|Enh|2006-01-06|Add Filename To A Few Errors In dav_method_put    |
|38164|New|Nor|2006-01-06|wrong status code for failed COPY/MOVE            |
|38182|New|Nor|2006-01-08|COPY ignores authority in Destination header      |
|38218|New|Enh|2006-01-10|Multiline Comments for *.conf files               |
|38240|Inf|Nor|2006-01-12|apache restart segfault with mutliple Include dire|
|38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r|
|38355|Unc|Enh|2006-01-23|DSO support for mod_rewrite                       |
|38369|New|Enh|2006-01-24|mod_proxy keeps alive connections that should be b|
|38408|New|Nor|2006-01-27|SSI environment vars not set in spawned processes |
|38419|New|Nor|2006-01-27|Problems with large WebDAV properties             |
|38478|New|Maj|2006-02-01|A client starting a SSL renegotiation can crash th|
|38515|New|Cri|2006-02-05|Dynamic LDAP Group Support                        |
|38550|New|Enh|2006-02-07|Setting headers based on proxied data             |
|38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes|
|38756|Inf|Nor|2006-02-22|errors with running make                          |
|38786|New|Nor|2006-02-26|"IndexOption VersionSort" has problems with traili|
|38827|New|Reg|2006-03-02|mod_disk_cache trying to rename locked tempfile on|
|38864|Opn|Nor|2006-03-06|ProxyPassReverse fails in <Location>              |
|38903|New|Maj|2006-03-09|r->allowed does not affect Allow response header  |
|38923|New|Min|2006-03-10|mod_speling incorrectly escapes linked URLs       |
|38928|New|Min|2006-03-11|propose removing "VARIANTS" feature               |
|38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve|
|39045|Ass|Maj|2006-03-21|mod_python makes Apache crash when used with mod_a|
|39111|New|Nor|2006-03-27|Potential bug brought by mmapfile (mod_file_cache)|
|39128|Inf|Maj|2006-03-28|Apache 2.2 will not compile mod_ssl library's corr|
|39185|Inf|Nor|2006-04-03|Approximately in 1-2 weeks of work the server hang|
|39216|New|Maj|2006-04-05|mod_disk_cache trying to rename locked file, decre|
|39238|New|Nor|2006-04-07|mod_auth_dbm requires mod_auth or "no groups file?|
|39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning         |
|39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn|
|39299|New|Nor|2006-04-13|Internal Server Error (500) on COPY               |
|39311|New|Cri|2006-04-14|Apache Crashes On several Graceful Restart request|
|39313|New|Enh|2006-04-14|RewriteOption Inherit adds global rules AFTER loca|
|39329|Inf|Nor|2006-04-17|mod_dbd reconnection and prepared statements      |
|39351|New|Trv|2006-04-19|Continue early if bucket length is zero           |
|39370|New|Nor|2006-04-20|SSL session will be removed if the client is sendi|
|39380|Inf|Nor|2006-04-21|mod_disk_cache eats memory, has no LFS support, et|
|39418|New|Nor|2006-04-26|CacheMaxExpire directive not enforced             |
|39448|New|Min|2006-04-29|old-style <directory proxy:*> doesn't give any war|
|39498|New|Nor|2006-05-06|accept_filter in apr assumes if found in sys/socke|
|39517|New|Nor|2006-05-08|Corrupt chunked transfer-encoding with Content Neg|
|39658|Opn|Nor|2006-05-25|mod_proxy_ajp SSL Key Size Bug                    |
|39670|New|Nor|2006-05-27|ab -n 1 -c 2 does too many requests               |
|39673|New|Nor|2006-05-29|mod_proxy opens connections that disturb NTLM     |
|39692|New|Nor|2006-05-31|mod_proxy_balancer doesn't retry a failed request |
|39723|Inf|Enh|2006-06-05|Forward proxy does not work in tranparent mode    |
|39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content                 |
|39730|New|Nor|2006-06-06|LanguagePriority and DefaultLanguage are Case Sens|
|39737|New|Nor|2006-06-06|LogFormat "%{tid}P" reports wrong thread id on Win|
|39748|New|Enh|2006-06-07|Header and POST support for mod_include           |
|39753|New|Nor|2006-06-07|incorrect source for LOCALE Decimal Symbol in Win2|
|39807|Opn|Enh|2006-06-13|large files / filesystem corruption can cause apac|
|39815|New|Nor|2006-06-15|Atomic Creation of uploaded files in mod_dav      |
|39902|New|Nor|2006-06-27|HeaderName directive breaks mod_filter somehow    |
|39904|New|Nor|2006-06-27|graceful restart error and cpu load               |
|39913|Ass|Blk|2006-06-27|detection of static OpenSSL libraries requiring li|
|39916|New|Nor|2006-06-28|Core Filters & non-blocking Sendfile              |
|39923|New|Nor|2006-06-28|AddDescription doesn't work in server config with |
|39928|New|Nor|2006-06-28|port no detected when file name not in URL        |
|39935|New|Nor|2006-06-29|AddDescription does not do literal comparisons on |
|39944|New|Nor|2006-07-02|Wrong/Bad filename in ErrorLog when trying to acce|
|39973|Ass|Enh|2006-07-06|apache software folder should be movable          |
|40035|New|Cri|2006-07-13|Windows Server 2003 "("R2")" 64-Bit Edition no cgi|
|40060|New|Nor|2006-07-17|AuthGroupFile should accept /etc/group syntax     |
|40075|New|Enh|2006-07-19|unable to use ldap groups that contain DNs and use|
|40097|New|Nor|2006-07-23|The --with-module directive for configure doesn't |
|40102|Opn|Nor|2006-07-24|SCRIPT_NAME set incorrectly with mod_rewrite      |
|40146|New|Nor|2006-07-31|mod_ssl info in server_info is blank              |
|40174|New|Min|2006-08-03|Unable to get IndexOptionis ScanHTMLTitles to work|
|40180|Inf|Maj|2006-08-03|Mod_dav and remove folder doesn't work with Micros|
|40190|New|Nor|2006-08-05|translate file                                    |
|40196|New|Nor|2006-08-06|EILSEQ handling, NoImplicitAdd should work, and so|
|40217|Opn|Nor|2006-08-08|mod_dav PROPFIND ignores access restrictions on it|
|40243|New|Nor|2006-08-13|Patch for htpasswd to optionally read passwords fr|
|40266|Inf|Blk|2006-08-16|berkeley db support in httpd is screwed           |
|40312|New|Nor|2006-08-24|ssl_engine_init.c, ssl_init_ctx_verify contains a |
|40373|New|Nor|2006-08-31|mod_dir adds trailing slash after internal redirec|
|40408|New|Blk|2006-09-04|Apache 2.2.3 is not starting                      |
|40416|New|Maj|2006-09-05|mod_proxy_ftp cannot connect under http load in fo|
|40441|New|Enh|2006-09-08|intelligently handling dynamic subdomains         |
|40453|New|Nor|2006-09-09|lexicographic compare in RewriteCond isn't lexicog|
|40463|New|Nor|2006-09-11|piped logging causes some weird kill()ing         |
|40506|New|Cri|2006-09-14|errorlog in virtual hosts causes an 'memory cannot|
|40514|New|Nor|2006-09-14|would like GracefulShutdownTimeout to work for gra|
|40540|Inf|Nor|2006-09-19|Bad interaction between MultiViews and SetOutputFi|
|40541|New|Nor|2006-09-19|Action rewrites URI used by Location?             |
|40571|New|Nor|2006-09-21|mod_proxy_ajp don't works with mod_usertrack      |
|40586|New|Enh|2006-09-22|Add option to supress default '-' output          |
|40607|New|Nor|2006-09-26|mod_log_config dumps garbage in memory when Reques|
|40721|Opn|Nor|2006-10-11|401 vs 403 in httpd                               |
|40746|New|Enh|2006-10-12|Feature request: ProxyAllow directive             |
|40749|New|Min|2006-10-12|magic file with string and "%n" causes Apache chil|
|40781|New|Nor|2006-10-17|PATH_TRANSLATED: 'redirect:/~jablko/gallery2/main.|
|40790|New|Nor|2006-10-18|missing Listen 443 should give error when using Na|
|40808|New|Enh|2006-10-23|ProxyRemote with optional proxy authentication    |
|40841|New|Nor|2006-10-29|mod_proxy_ftp segfaults on IPv4 requests to hosts |
|40859|New|Enh|2006-11-01|[PATCH] Support -F force option to 'ab' support to|
|40917|New|Nor|2006-11-07|configure does not detect OpenSSL shared lib on HP|
|40941|New|Maj|2006-11-10|problem with memory allocation                    |
|40953|New|Min|2006-11-12|Should not send any data in 1xx/204/304 reply from|
|40984|Inf|Enh|2006-11-16|AddIcon, AddIconByType for OpenDocument format    |
|40987|Opn|Enh|2006-11-16|ProxyVia Block doesn't remove Via: header for reve|
|41000|New|Nor|2006-11-19|mod_authn_dbd have an error, in function 'authn_db|
|41025|New|Nor|2006-11-23|ROBOTS META-Tag directive needed in mod_autoindex |
|41088|New|Nor|2006-11-30|installation backcolor is wrong (white)           |
|41109|Ass|Maj|2006-12-05|connection broken when keepalive=on & maxrequestpe|
|41111|New|Enh|2006-12-05|New option for filters: run only if there are spar|
|41114|New|Blk|2006-12-06|ACL HTTP method is rejected by mod_proxy_ajp      |
|41130|New|Nor|2006-12-07|mod_mime and mod_negotiation type-map both clobber|
|41143|Opn|Nor|2006-12-10|Incorrect ap_getline assumption in mod_proxy_http |
|41194|New|Min|2006-12-17|Check the return value from ap_run_create_connecti|
|41195|New|Nor|2006-12-17|properly set the parent pid on shutdown           |
|41196|New|Nor|2006-12-17|worker mpm usage of apr's memory pools is not thre|
|41200|Inf|Maj|2006-12-18|SSI include, prevent client from receiving full ou|
|41240|Inf|Enh|2006-12-25|BRF files support                                 |
|41262|Inf|Nor|2006-12-29|Embedded pcre causes runtime segfault             |
|41270|New|Nor|2006-12-30|TCP_DEFER_ACCEPT timeout set way too low          |
|41278|New|Nor|2007-01-02|mod_proxy_ajp doesn't obey ProxyErrorOverride     |
|41362|Inf|Maj|2007-01-14|mod_disk_cache and mod_include conflict generating|
|41375|Inf|Min|2007-01-15|Using same SSL Certificate with different ServerNa|
|41391|New|Min|2007-01-17|too long period setting makes max-age overflow    |
|41408|New|Nor|2007-01-18|AddCharset rule on .html disables SSI enabled via |
|41412|New|Enh|2007-01-19|RewriteRule Skip should take negative arguments   |
|41435|New|Nor|2007-01-22|Authentication fails with 500 Server Error        |
|41450|Inf|Cri|2007-01-24|Empty page (200 OK) while max-age is empty        |
|41485|New|Nor|2007-01-28|LDAP client certificates not usable in 2.2.x/trunk|
|41529|New|Enh|2007-02-02|Accept BOM in .htaccess                           |
|41556|New|Enh|2007-02-07|Feature Request: format string for masking ip addr|
|41589|Inf|Cri|2007-02-10|Installer unable to find NT Services & displays er|
|41621|New|Maj|2007-02-15|Apache 2.2.4 backend problem with Apache 2.0.59 Re|
|41646|New|Nor|2007-02-16|wrong headers are sent for HEAD requests when Prox|
|41676|Opn|Enh|2007-02-22|Refactor mod_proxy_ftp                            |
|41685|New|Enh|2007-02-22|Implement optional HTTP Authentication in a standa|
|41712|Inf|Nor|2007-02-26|threads locked at logging state                   |
|41729|New|Maj|2007-02-28|error in error_log when using proxypass and proxyp|
|41744|Inf|Maj|2007-03-01|SSI resolves includes but removes original HTML   |
|41763|Opn|Nor|2007-03-05|mod_disk_cache ignores CacheDirLevels and CacheDir|
|41764|New|Nor|2007-03-05|error state and conf                              |
|41771|Inf|Nor|2007-03-06|Erro with mod_proxy_ajp or mod_prox_balancer      |
|41857|New|Nor|2007-03-16|[PATCH]mod_setenvif patch                         |
|41867|Ass|Nor|2007-03-16|<DirectoryMatch> Matches Files                    |
|41925|New|Nor|2007-03-21|trivial patch to add automatic crypting to 'dbmman|
|41929|New|Nor|2007-03-22|ISAPI ssl variables                               |
|41953|New|Nor|2007-03-26|pidfile remains when 2nd pass of post-config retur|
|41962|New|Min|2007-03-27|Need mod_auth_ldap to authenticate with Active Dir|
|42000|New|Nor|2007-03-30|debugging.html is badly outdated                  |
|42001|New|Cri|2007-03-30|LINUX : Could not set LDAP_OPT_X_TLS to LDAP_OPT_X|
|42027|Inf|Nor|2007-04-02|FileETag directive appears to be ignored          |
|42040|New|Nor|2007-04-03|ab doesn't consider varying length documents      |
|42054|New|Nor|2007-04-04|service name and parameter issues                 |
|42079|New|Nor|2007-04-10|SSLRequire: Additional access in sub-directoies   |
|42082|New|Nor|2007-04-10|filter_init is called multiple times after an INCL|
|42135|New|Nor|2007-04-16|RLimit... directives do not work with mod_cgid    |
|42175|New|Nor|2007-04-19|suexec_enabled set incorrectly when httpd is run b|
|42182|Inf|Nor|2007-04-22|Mime types for cached proxied content             |
|42203|New|Min|2007-04-23|Content-Length in type maps doesn't work          |
|42216|New|Enh|2007-04-24|RFE -- external overload procedure                |
|42262|Inf|Nor|2007-04-26|mod_dav /  worker fails to allocate memory and seg|
|42287|Inf|Nor|2007-04-28|chunked encoded response to POST request to cgi sc|
|42368|Inf|Nor|2007-05-09|httpd is crashing if conf/extra/httpd-manual.conf |
|42373|Inf|Maj|2007-05-09|REPORT request fails over mod_proxy               |
|42404|New|Enh|2007-05-13|Filename/info for disk-cached proxied remote URLs |
|42425|Inf|Nor|2007-05-15|Additional freshness checks in mod_cache.c cause m|
|42430|New|Nor|2007-05-15|ap_custom_response() mishandles initial double quo|
|42471|Inf|Nor|2007-05-21|clients with IE7 take 3megs per page load. httpd.e|
|42492|Inf|Nor|2007-05-22|mod_proxy_ajp with SSL front end: data corruption |
|42513|New|Enh|2007-05-24|Add possibility to choose the session id / route s|
|42548|New|Nor|2007-05-30|INCLUDE negotiating language aborts with APR_POOL_|
|42561|New|Enh|2007-05-31|[PATCH] AuthLDAPRemoteUserAttribute only applies i|
|42586|New|Nor|2007-06-05|POST Data lost sometimes sporadically             |
|42633|New|Min|2007-06-11|mod_info gives wrong information about actual conf|
|42665|New|Nor|2007-06-14|spurious attempt to open ".../file.html/.htaccess"|
|42666|New|Nor|2007-06-14|code & docs corrections for FollowSymLinks and Sym|
|42667|New|Nor|2007-06-14|mod_proxy_balancer not reporting when workers are |
|42668|Inf|Nor|2007-06-14|balancer_manager shows Ok status for the workers t|
|42687|New|Nor|2007-06-18|Fully delegate certificate & key semantics to the |
|42688|New|Enh|2007-06-18|engine managed keys: per process openssl context  |
|42690|New|Nor|2007-06-18|realm is not set for each configured directory whe|
|42695|Opn|Cri|2007-06-18|mod_proxy balancer problem                        |
|42699|New|Enh|2007-06-20|share mod_logio data with other modules           |
|42711|New|Enh|2007-06-20|format string for whole log entries not just id   |
|42732|Opn|Maj|2007-06-25|Authentication against database issue.            |
|42763|New|Nor|2007-06-28|graceful-stop/restart loops go loop too far       |
|42896|New|Maj|2007-07-14|dav_method_put deletes entire file when PUT with c|
|42923|Inf|Maj|2007-07-17|vhost certificate NOT overriding cert from the _de|
|42972|Inf|Nor|2007-07-25|Certificate list in mod_ssl module context are not|
|42977|New|Nor|2007-07-25|DAV locking is busted when apr-util is built with |
|42987|New|Nor|2007-07-27|Weak Etags in Apache are useless and violate RFC 2|
|43012|New|Nor|2007-08-02|AIX instdso.sh libphp5.so                         |
|43027|Inf|Enh|2007-08-03|Header in default language                        |
|43033|New|Nor|2007-08-04|apxs does not correctly detect module name (w/o -n|
|43039|New|Nor|2007-08-04|NUL character is valid in header lines            |
|43084|New|Nor|2007-08-10|Group line in AuthGroupFile cannot contain more th|
|43177|New|Nor|2007-08-21|child pid xxxxx exit signal Segmentation fault    |
|43218|New|Nor|2007-08-27|Wrong cert used for vhost if ServerName is same   |
|43220|Opn|Cri|2007-08-27|mod_proxy truncating ajp output                   |
|43249|Inf|Maj|2007-08-30|ldap_simple_bind_s failed when using SUN LDAP Libs|
|43250|New|Nor|2007-08-30|mod_negotiation can't match file when filename has|
|43275|New|Enh|2007-08-31|Remove avoidable network transactions in mod_proxy|
|43289|New|Nor|2007-09-02|XBitHack full g+x returns zero sized response on I|
|43308|New|Nor|2007-09-04|Persistent backend connections not supported for R|
|43317|Opn|Cri|2007-09-05|Crash/Segfault when enabling SSL + LogLevel Debug |
|43352|New|Nor|2007-09-11|Apache2: out of memory during heavy webdav files c|
|43386|Opn|Nor|2007-09-13|Default handler produces wrong content length when|
|43441|New|Nor|2007-09-20|Incorrect HTTP status for pre-commit-blocked autov|
|43465|New|Nor|2007-09-24|LOCK with missing intermediate collection returns |
|43471|New|Min|2007-09-25|no need to create a global pool on open_scoreboard|
|43481|New|Cri|2007-09-26|AuthLDAPURL must contain a final path of branch?(l|
|43494|New|Nor|2007-09-26|mod_cgid does not kill never ending scripts       |
|43502|New|Enh|2007-09-28|httpd fails to start if log directory does not exi|
|43513|New|Nor|2007-09-29|Persistent backend connections for ProxyPassMatch |
|43532|Inf|Cri|2007-10-02|Error while compiling Apache 2.2.3 on HPUX        |
|43533|Opn|Nor|2007-10-02|Frequent crashes in mod_include's bndm()          |
|43560|New|Min|2007-10-05|"[error] server reached MaxClients"  though actual|
|43561|New|Nor|2007-10-05|apxs -q anomaly                                   |
|43577|Inf|Blk|2007-10-09|mod_authnz_ldap not working under WLDAP32 (novell/|
|43589|New|Nor|2007-10-10|mod_disk_cache may store invalid body of entity   |
|43598|New|Nor|2007-10-11|The ProxyTimeout setting does not affect ReversePr|
|43607|New|Nor|2007-10-11|mod_proxy sends data on closed connections without|
|43652|New|Enh|2007-10-18|Suggest small change for big fix with SuExec & Vir|
|43664|New|Maj|2007-10-19|Rename tempfile to hdrsfile failed                |
|43666|New|Nor|2007-10-20|CGI works, but client denied error messages in err|
|43679|New|Enh|2007-10-23|Contributed tests for checking that subrequests ta|
|43696|New|Nor|2007-10-24|race condition when trying to shutdown httpd immed|
|43697|Opn|Reg|2007-10-25|relaying proxy gets DNS error                     |
|43698|New|Min|2007-10-25|Apache AllowOverride Groups Reorganize Proposal   |
|43703|New|Nor|2007-10-26|degradation of httpd - Segmentation fault         |
|43710|New|Nor|2007-10-26|mod_ssl documentation does not describe what happe|
|43723|Inf|Cri|2007-10-29|Apache 2.2.6 segfault when using mod_dbd          |
|43724|Inf|Cri|2007-10-29|Apache 2.2.6 segfault on url wich not in cache    |
|43755|New|Enh|2007-10-31|Add a SSLOptions to don't fill SSL_CLIENT_VERIFY  |
|43762|New|Enh|2007-10-31|Misleading tips in an error message about internal|
|43777|New|Nor|2007-11-01|Wrong encoding of <href> element in response      |
|43778|New|Nor|2007-11-01|Wrong responses if httpd has not access to some el|
|43785|New|Enh|2007-11-02|Tracking the per-hit impact of mod_include        |
|43792|New|Enh|2007-11-04|Feature proposal - bind phase                     |
|43818|New|Nor|2007-11-08|PROPFIND on -w- collections returns 207 MULTI-STAT|
|43838|New|Enh|2007-11-11|If-Modified-Since request and htcacheclean conflic|
|43895|New|Nor|2007-11-18|mod_mbox improvements                             |
|43897|Inf|Cri|2007-11-18|Huge memory consumption httpd 2.2.6, mod_proxy - m|
|43931|New|Enh|2007-11-21|OpenSSL autoconfig support for mod_ssl            |
|43943|New|Nor|2007-11-22|SHMCB crash due to misalignment and GCC 4 optimiza|
|43958|Inf|Maj|2007-11-26|mod_proxy_balancer not balancing correct in combin|
|43997|Opn|Min|2007-11-29|Only issue "Init: SSL server IP/Port conflict" if |
|44025|Inf|Nor|2007-12-05|Apache 2.2.6 fails to configure on OpenBSD 4.1    |
|44027|Ass|Enh|2007-12-05|Internationalized Domain Name (IDN) support       |
|44031|Opn|Maj|2007-12-06|RemoveHandler inside subdir location              |
|44034|Ass|Enh|2007-12-06|mpm_winnt doesn't call monitor hook               |
|44105|New|Nor|2007-12-19|Core dumps when using Proxy Keepalive             |
|44123|New|Maj|2007-12-21|Apache slowly consumes all system memory while run|
|44155|New|Enh|2007-12-31|smarter retry for LDAP_UNAVAILABLE, LDAP_BUSY, etc|
|44181|Opn|Enh|2008-01-07|add UnAlias                                       |
|44188|Inf|Cri|2008-01-08|Empty response for certain requests (mod_proxy as |
|44218|New|Min|2008-01-13|mod_autoindex shows the default icon for files wit|
|44221|Opn|Maj|2008-01-14|CheckCaseOnly On does not stop Multiple Choices ba|
|44250|New|Nor|2008-01-16|OSX 10.5: __THE_PROCESS_HAS_FORKED_AND_YOU_CANNOT_|
|44279|New|Enh|2008-01-22|Add "iterate" flag to apply rule in a loop while p|
|44302|New|Nor|2008-01-27|AuthLDAPURL does not accept ldapi:// urls         |
|44305|New|Nor|2008-01-28|Inconsistent configuration for suexec path        |
|44316|New|Nor|2008-01-28|httpd 2.0 does not follow ScriptAliases when invok|
|44322|New|Enh|2008-01-29|mod_proxy ProxyPassReverseCookieDomain with no dom|
|44351|New|Nor|2008-02-04|File descriptor leak when using prg RewriteMap    |
|44363|Inf|Maj|2008-02-05|Slow file transfers                               |
|44384|Ass|Nor|2008-02-09|mod_ssl on MacOS X 10.5.1 does not work because of|
|44453|New|Nor|2008-02-19|list_hooks.pl doesn't parse declarations that span|
|44476|New|Maj|2008-02-23|Apache service fails to start due to missing depen|
|44478|New|Enh|2008-02-24|Add SetEnvIfIP to set env vars depneding on ip sub|
|44503|Inf|Blk|2008-02-27|Errors during SSL handshake                       |
|44518|New|Enh|2008-03-02|Don't set expires header on HTTP redirect.        |
|44574|New|Nor|2008-03-11|Wrong behavior of the ProxyIOBufferSize directive |
|44578|New|Enh|2008-03-11|mod_authn_dbd option to let database validate pass|
|44601|New|Trv|2008-03-13|Add a lowercase value to Vary header for consisten|
|44602|New|Enh|2008-03-13|Options for modfying Content-Location (relative OR|
|44622|Inf|Nor|2008-03-17|POST fails to SSL vhost with proxy to HTTP backend|
|44631|New|Nor|2008-03-18|with-included-apr fails to work when using a separ|
|44638|New|Nor|2008-03-19|sed error in httpd.spec.in                        |
|44656|New|Nor|2008-03-22|Tries to retrive error document 404 instead of 406|
|44657|New|Enh|2008-03-22|prefer-type, -encoding, and -charset cookie? (as p|
|44670|New|Min|2008-03-25|Apache httpd 2.2.8 : Cannot ./configure when curre|
|44696|Inf|Nor|2008-03-27|mod_cache sometimes serves old content despite hav|
|44730|New|Nor|2008-04-01|duplicate query string in remote server url when u|
|44736|Opn|Cri|2008-04-01|mod_proxy_balancer looses it's mind on reloads.   |
|44752|New|Nor|2008-04-03|Suexec does not correctly check that scripts are i|
|44757|New|Enh|2008-04-04|adding stderr buckets to mod_cgi                  |
|44758|New|Enh|2008-04-04|LimitRequestBody undocumented behaviour with proxi|
|44779|New|Enh|2008-04-08|Using commas and semicolons for content negotiatio|
|44798|New|Nor|2008-04-10|Mismatch beetween online documentation and configu|
|44851|New|Enh|2008-04-21|ApacheBench: Rudamentary PUT and DELETE support   |
|44855|New|Nor|2008-04-22|irregular balancing with sticky-session after re-e|
|44865|Ass|Nor|2008-04-23|mod_dav's lock database becomes consistently corru|
|44870|Inf|Nor|2008-04-24|process spinning on 100% cpu                      |
|44923|Inf|Min|2008-05-02|consequences of multiple LDAPTrustedGlobalCert    |
|44924|New|Enh|2008-05-02|allow 'CACERTDIR' in mod_ldap                     |
|44940|New|Maj|2008-05-06|Httpd randomly breaks when verifying client certif|
|44981|New|Enh|2008-05-12|Digital Certificates (CN Based) for Authorization |
|45022|New|Nor|2008-05-16|Processing of escaped glob patterns in "Include" d|
|45049|New|Nor|2008-05-20|mod_mem_cache caches partial content when client c|
|45054|New|Nor|2008-05-21|SSLVerifyClient optional_no_ca is broken          |
|45058|New|Enh|2008-05-21|Mod_SSL does not set AUTH_TYPE with client certifi|
|45078|New|Nor|2008-05-27|mod_proxy stalls when uploading files             |
|45084|New|Min|2008-05-27|failure to check return value of apr_file_trunc   |
|45103|Ass|Min|2008-05-30|apachectl should do config test before reload/rest|
|45107|Opn|Nor|2008-05-31|Client certificate attribute UID not usable in env|
|45110|New|Enh|2008-06-01|make mod_unique_id use a random generator         |
|45111|New|Enh|2008-06-01|make mod_usertrack use mod_unique_id if available |
|45116|New|Nor|2008-06-02|fail to check return value of apr_file_dup2() in /|
|45148|New|Enh|2008-06-06|The actual host of the request will be more helpfu|
|45184|New|Enh|2008-06-11|Regular Expression in directive ServerAlias       |
|45187|New|Maj|2008-06-11|Long File name requests gives FORBIDDEN response  |
|45225|New|Nor|2008-06-17|XBitHack breaks DirectoryIndex + MultiViews conten|
|45253|New|Nor|2008-06-23|Unable to build httpd 2.2.9 on Solaris/SPARC      |
|45257|New|Enh|2008-06-23|add (en)force option for UseCanonicalName         |
|45259|New|Enh|2008-06-23|Add /home/[a-z]/* scheme to UserDir conf          |
|45275|New|Maj|2008-06-25|Locked files during expired page renew in disk cac|
|45281|New|Enh|2008-06-25|SITE CHMOD/SEARCH                                 |
|45287|Inf|Min|2008-06-26|build failure because of difference between BSD an|
|45297|New|Min|2008-06-27|mod_dir does not manage correctly the user (r->use|
|45302|New|Enh|2008-06-28|ServerRoot directive                              |
|45355|New|Nor|2008-07-07|ab text and html output jumbo unification         |
|45356|New|Nor|2008-07-07|ab: optionally reduce resource usage (qsort and me|
|45359|New|Cri|2008-07-07|Apache Spawns Unnecessary Processes (forward proxy|
|45371|New|Nor|2008-07-10|MSI installer requires uninstall of previous versi|
|45374|New|Blk|2008-07-10|Shared memory error on starting httpd with mod_lda|
|45379|Inf|Nor|2008-07-11|[Bug] svn merge, apache and trailing slashes      |
|45385|Inf|Nor|2008-07-11|unable to compile/make 2.2.9 with --enable-ldap   |
|45387|New|Min|2008-07-12|X-Forwarded-foo headers being added to initial req|
|45393|New|Nor|2008-07-14|Apache returns 500 Error when no LDAP credentials |
|45402|New|Nor|2008-07-15|mod_autoindex incorrectly fails to list files     |
|45405|New|Enh|2008-07-16|Allow binding port to be set for individual worker|
|45424|New|Min|2008-07-17|log_server_status for current server-status format|
|45438|New|Nor|2008-07-19|mod_rewrite.h inaccessible by apxs                |
|45449|New|Nor|2008-07-21|[PATCH] Add support to WebDav to MOVE/COPY to remo|
|45450|New|Nor|2008-07-22|mod_dbd: new option "reconnect" for MySQL DBD driv|
|45456|New|Nor|2008-07-22|mod_dbd don't allow more then one database pool   |
|45487|Inf|Trv|2008-07-27|broken log messages on startup in win32 version   |
|45497|New|Nor|2008-07-29|Scoreboard slot leaked using MaxRequestsPerChild a|
|45512|Ass|Maj|2008-07-31|Bad Performance of mod_proxy with SSL on Solaris 1|
|45515|New|Nor|2008-07-31|mod_session_* won't compile under current apr-util|
|45524|New|Enh|2008-08-01|Specifying multiple vhost aliases                 |
|45525|New|Enh|2008-08-01|Switch mod_autoindex to Tango icons               |
|45526|New|Enh|2008-08-02|PDF documentation is not properly searchable due t|
|45579|New|Nor|2008-08-06|unknown URI scheme in request-URI ignored         |
|45584|New|Enh|2008-08-06|No AUTHENTICATE_* environment variables from mod_a|
|45674|New|Enh|2008-08-22|Allow to change error code returned by "Require ld|
|45708|New|Cri|2008-08-28|CRL verification fails if CA have distinct AKID fo|
|45726|New|Enh|2008-09-02|Build in a maintenance functionallity             |
|45736|New|Nor|2008-09-03|mod_dav needs a directory for its locks and one sh|
|45754|New|Enh|2008-09-06|autoconf macros                                   |
|45763|New|Nor|2008-09-08|No openssl.cnf defined by default causes OpenSSL c|
|45773|New|Nor|2008-09-09|pcre build generates sources to srcdir rather than|
|45788|New|Nor|2008-09-11|mod_log_forensic output shouldn't be buffered when|
|45801|Opn|Enh|2008-09-13|SSLRequireSSL with strictrequire and satisfy any d|
|45838|New|Nor|2008-09-18|mod_authz_owner & directories                     |
|45856|New|Nor|2008-09-21|suexec hangs when suexec_log > 2147483647 bytes   |
|45868|New|Nor|2008-09-23|mod_mem_cache update of headers in cache object is|
|45900|New|Nor|2008-09-26|"make install" fails from read-only filesystem    |
|45905|New|Enh|2008-09-26|ErrorDocument and default URL                     |
|45922|New|Enh|2008-09-30|Expand the conditions under which "SSLVerifyClient|
|45923|New|Nor|2008-09-30|htpasswd tries to open(file, O_RDONLY | O_APPEND) |
|45926|New|Nor|2008-10-01|Unable to start apache 2.2.9                      |
|45986|New|Nor|2008-10-10|[info]...Invalid argument: core_output_filter: wri|
|46024|Opn|Nor|2008-10-16|--enable-static is not available in apache's confi|
|46037|New|Nor|2008-10-18|Configuration of trusted OCSP responder certificat|
|46040|New|Enh|2008-10-20|Check for existing version of Apache while install|
|46054|New|Nor|2008-10-21|Running httpd returns the error "bad user name nob|
|46070|New|Nor|2008-10-22|MSI installer does not validate custom installatio|
|46071|New|Enh|2008-10-22|Allowing space in between comma and last option in|
|46074|New|Enh|2008-10-23|Need of friendly and easy to use configuration gra|
|46076|New|Nor|2008-10-23|Return code of apr_ldap_init not checked causing s|
|46110|New|Nor|2008-10-28|maybe creates bogus rewritelog                    |
|46139|New|Nor|2008-11-02|Apache Restart option is not working              |
|46140|New|Enh|2008-11-03|Change error state in balancer manager            |
|46146|New|Nor|2008-11-04|deflate_in_filter fails to inflate if CRC/length b|
|46188|Inf|Nor|2008-11-11|Core dumps in apache 2.0.59                       |
|46195|Opn|Nor|2008-11-12|ProxyPass fails with literal IPv6 address         |
|46198|New|Nor|2008-11-13|mod_userdir is not giving the correct DOCUMENT_ROO|
|46215|New|Nor|2008-11-14|Race condition in bybusyness algorithm            |
|46219|New|Maj|2008-11-16|Httpd.conf saving error                           |
|46231|New|Maj|2008-11-18|Connection Pooling with ajp depends on syntax ?   |
|46239|New|Min|2008-11-18|SHARED_CORE dead code                             |
|46241|New|Enh|2008-11-19|mod_expires - ExpiresByPattern or ExpiresIf       |
|46267|New|Nor|2008-11-22|No shared modules build if use --with-apr and --wi|
|46270|New|Enh|2008-11-23|Add FIPS 140-2 mode for mod_ssl for FIPS 1.2 modul|
|46282|New|Nor|2008-11-24|apache2.2 reverse proxy causing full memory and sw|
|46316|New|Maj|2008-12-01|Proxied SSI ProxyTimeout render failure           |
|46317|Inf|Nor|2008-12-01|mod_authnz_ldap.c(373)  seg fault                 |
|46393|New|Nor|2008-12-14|ab segfaults in verbose mode on https sites       |
|46412|New|Nor|2008-12-17|make_child return value not checked               |
|46415|New|Nor|2008-12-18|Error "proxy: error processing end, referer..." sh|
|46417|New|Cri|2008-12-19|[notice] Parent: child process exited with status |
|46421|New|Maj|2008-12-19|module mod_authz_dbd - doesn't work when multiple |
|46442|New|Nor|2008-12-29|Semicolon in allow/deny all rules cause reverse lo|
|46449|New|Maj|2008-12-30|Output out of order from SSI include virtual      |
|46454|New|Min|2008-12-30|escaping wildcards in AddIcon filename matching   |
|46467|Opn|Cri|2009-01-02|Apache-childs segfault when number of childs reach|
|46475|New|Nor|2009-01-04|build warnings.                                   |
|46499|New|Maj|2009-01-09|httpd accept() return EAGAIN error                |
|46521|New|Nor|2009-01-13|mod_dav doesn't show symlinks                     |
|46529|Ass|Nor|2009-01-14|Child httpd processes crash with Segmentation faul|
|46534|New|Nor|2009-01-14|mod_proxy_ajp scheme and port do not follow UseCan|
|46578|New|Nor|2009-01-21|Flawed header                                     |
|46582|Ver|Min|2009-01-22|RewriteMap internal functions are not well documen|
|46604|New|Nor|2009-01-26|Error thrown when trying to rpmbuild -tb httpd sou|
|46629|New|Maj|2009-01-29|Apache hanging on system calls for php and perl   |
|46634|Ass|Nor|2009-01-30|Requests sometimes take too long, wrong time taken|
|46644|New|Enh|2009-01-31|Clean way to pass custom environment variables to |
|46646|Ass|Nor|2009-02-01|check group membership is sometimes case sensitive|
|46650|Opn|Nor|2009-02-02|CustomLog enviroment condition SCRIPT_FILENAME    |
|46656|New|Enh|2009-02-03|ProxyErrorOverride inside location                |
|46669|New|Enh|2009-02-06|rotatelogs doesn't autocreate directories         |
|46671|Opn|Cri|2009-02-07|Apache periodicaly crashes .                      |
|46678|New|Nor|2009-02-09|Fixed Content-Length using mod_ext_filter with mod|
|46679|New|Nor|2009-02-09|mod_rewrite.h not exported in makefile.win        |
|46682|New|Nor|2009-02-09|mod_proxy EAI_AGAIN DNS failure                   |
|46685|Opn|Nor|2009-02-09|401 sent without WWW-Authenticate header when requ|
|46724|Inf|Cri|2009-02-17|WinXP SP3 - Apache crashes on startup in libapr-1.|
|46743|New|Nor|2009-02-19|Inconsistent behavior of "RewriteOptions inherit" |
|46745|New|Maj|2009-02-20|ab.c error :  undefined reference to `BIO_set_call|
|46751|Inf|Nor|2009-02-21|Can passenv variables who's name contain '(' or ')|
|46762|New|Nor|2009-02-24|Error, SSL/TLS libraries were missing or unusable |
|46765|Opn|Nor|2009-02-25|doubled HTTP header leads to error (Redmine)      |
|46777|New|Nor|2009-02-27|no warnings if socket already in use              |
|46785|Inf|Nor|2009-03-02|Child process increases to 100% (CPU)             |
|46788|New|Nor|2009-03-02|Set resource limits to avoid denial of service att|
|46795|Opn|Min|2009-03-03|original error 500 pages don't get displayed      |
|46810|New|Nor|2009-03-05|apxs / apu-1-config outputting erroneous include p|
|46824|New|Nor|2009-03-09|RemoveOutputFilter will not work for Filters added|
|46845|Inf|Cri|2009-03-12|Apache crashes in Windows when using subversion(pr|
|46847|New|Nor|2009-03-13|WebDAV methods with encoding other than "identity"|
|46873|New|Nor|2009-03-18|feature request: connection count on balancer-mana|
|46884|New|Min|2009-03-20|Call to apu_dso_load Fails In apr_ldap_stub.c On O|
|46922|New|Nor|2009-03-26|Win32 source links wrong for most mirrors         |
|46946|Inf|Nor|2009-03-31|mod_mbox shows email addresses in plain text      |
|46963|New|Nor|2009-04-03|KeepAliveTimout prevents child process from exitin|
|46969|Inf|Nor|2009-04-05|CustomLog format %m always GET on errors with loca|
|46970|New|Nor|2009-04-05|CustomLog %X does not record aborted connections w|
|47011|New|Reg|2009-04-09|mod_proxy/mod_proxy_balancer hot-standby BalancerM|
|47022|New|Enh|2009-04-14|mod_status: serverlimit vs maxclients             |
|47055|New|Blk|2009-04-20|SSLVerifyClient + Directory doesn't use cache sess|
|47063|New|Nor|2009-04-21|mod_proxy doesn't call post_request handler when t|
|47066|New|Enh|2009-04-21|Header edit replacement string is not a format str|
|47134|New|Nor|2009-05-01|Last resolve handling when sending client certific|
|47138|New|Nor|2009-05-01|Reverse Proxy & Balancer generate error fault when|
|47152|New|Maj|2009-05-04|Apache is only serving the first character in the |
|47159|New|Nor|2009-05-06|2.2.x logresolve doesn't support ipv6             |
|47167|New|Nor|2009-05-07|Authenticated sessions being switched by reverse p|
|47170|New|Enh|2009-05-08|rotatelogs ring buffer option                     |
|47178|Opn|Nor|2009-05-10|ab segfaults when called with a large -n parameter|
|47180|New|Nor|2009-05-11|DBM ssl_scache setting can cause extreme performan|
|47204|New|Nor|2009-05-16|Unsuccesful MOVE can lead to data loss            |
|47219|New|Nor|2009-05-19|Apachectl configtest doesn't check if log director|
|47220|Opn|Enh|2009-05-19|Access to environment variables                   |
|47241|New|Min|2009-05-22|Error in rewriting with character ':'             |
|47256|New|Enh|2009-05-23|Enable SSL on a per-port basis                    |
|47289|New|Nor|2009-05-30|Can't build with dynamic libraries on Mac OS 10.4 |
|47295|New|Nor|2009-06-01|AuthDBDUserPWQueryFmt/AuthDBDUserRealmQueryFmt in |
|47329|New|Nor|2009-06-07|SSLCADNRequest* & SSLCACertificate* silently do no|
|47335|New|Nor|2009-06-09|An extra stderr file descriptor is leaked to forke|
|47340|New|Nor|2009-06-09|uldap_cache_comparedn() called without a lock     |
|47344|New|Enh|2009-06-10|[FEATURE REQUEST] RedirectCanonicalName           |
|47345|New|Enh|2009-06-10|rotatelogs timeout patch                          |
|47346|New|Maj|2009-06-10|mod_cache doesn't re-cache expired content when La|
|47361|New|Maj|2009-06-12|apache is logging the wrong client IP address in t|
|47387|Inf|Nor|2009-06-18|SSL_CLIENT_I_DN and SSL_CLIENT_S_DN use Email inst|
|47392|Opn|Nor|2009-06-18|<FilesMatch> is using the wrong directory         |
|47418|New|Trv|2009-06-24|Server signature show win32 as platform and not wi|
|47435|New|Nor|2009-06-26|mod_authz_host does reading of /etc/hosts on each |
|47438|Inf|Enh|2009-06-27|how to create a non-html "listing generated by the|
|47447|New|Enh|2009-06-29|Add possibility to use client IP as a value in Req|
|47449|New|Nor|2009-06-29|mod_mem_cache 2.0 memory leak                     |
|47476|New|Nor|2009-07-06|[mod_session] Cannot renew stored session         |
|47477|New|Enh|2009-07-06|[mod_auth_form] Add session auto-renew flag       |
|47484|New|Nor|2009-07-06|Spurious RewriteLock warning when using external m|
|47485|New|Enh|2009-07-06|HTML5 Websocket implementation                    |
|47514|New|Enh|2009-07-12|Personal data and restrictions based on subject di|
|47521|New|Nor|2009-07-13|mod_auth fails to continue when mod_authnz_ldap fa|
|47528|New|Maj|2009-07-14|Worker process won't restart more than once using |
|47542|New|Nor|2009-07-16|Piped logging processes killed before other proces|
|47562|Inf|Nor|2009-07-23|Apache/2.2.3 (Win32) mod_perl/2.0.3-rc1           |
|47578|New|Nor|2009-07-24|compile ERROR with ssl                            |
|47586|New|Nor|2009-07-27|httpd -k start doesn't start service when rotatelo|
|47591|New|Min|2009-07-27|show current HTTP_HOST in mod_status scoreboard   |
|47601|New|Enh|2009-07-29|Support X-Forwarded-For in forward proxy requests |
|47625|New|Nor|2009-08-02|2.2.12 win32 msi installer missing                |
|47634|New|Maj|2009-08-04|mod_ldap connection pool session keepalive not imp|
|47635|New|Nor|2009-08-04|Connections in Keep-Alive state keep accepting new|
|47643|New|Enh|2009-08-04|added meta tags to xhtml output for ease of search|
|47650|New|Trv|2009-08-05|httxt2dbm calculates value size incorrectly       |
|47657|New|Nor|2009-08-06|Make WebDAV MOVE atomic when replacing files on sa|
|47659|New|Nor|2009-08-07|makefile.win needs check for DBM_LIST, dies on bui|
|47664|New|Nor|2009-08-07|ap_proxy_canonenc: does not recode all high-byte c|
|47665|New|Blk|2009-08-09|Apache service well launched but blank Screen     |
|47691|New|Enh|2009-08-12|libtool invocations should use --tag              |
|47693|Opn|Nor|2009-08-13|GET request has race condition w.r.t. replacement |
|47706|Inf|Nor|2009-08-19|(20014)Internal error: proxy: error reading status|
|47716|New|Min|2009-08-20|LimitRequestFieldSize and friends not merged well |
|47719|Opn|Enh|2009-08-20|Broken symbolic link (symlink) causes wrong ErrorD|
|47723|New|Nor|2009-08-22|suEXEC and low RLimitMem gives "crit: invalid uid"|
|47743|Inf|Nor|2009-08-26|mod_so segfaults at server startup in ap_find_load|
|47748|New|Cri|2009-08-27|Faulting application httpd.exe                    |
|47753|New|Nor|2009-08-27|output and error channels not explicitly passed fo|
|47778|Opn|Enh|2009-09-03|wrong exit value on graceful restart              |
|47780|New|Nor|2009-09-03|Critical errors should be marked by time and level|
|47788|New|Enh|2009-09-04|ab does not support PUT requests                  |
|47807|Inf|Nor|2009-09-09|Proxy dialog error with Apache 2.2.13             |
|47808|New|Maj|2009-09-09|Child process core dumps when enabling CRL        |
|47812|New|Nor|2009-09-09|error_log hook often does not have access to the r|
|47814|Inf|Maj|2009-09-10|openssl_pkcs7_sign error                          |
|47838|New|Enh|2009-09-14|Ability to Dynamically Inject Current Time Into a |
|47874|New|Nor|2009-09-18|mod_fcgid crashes if added during restart         |
|47895|New|Maj|2009-09-24|Incorrect 413 error handling                      |
|47908|New|Min|2009-09-27|'invalid result code' in error_log                |
|47925|Inf|Nor|2009-10-01|apache redirection not working                    |
|47937|Inf|Cri|2009-10-03|Segmentation fault while starting apache          |
|47945|New|Cri|2009-10-06|SSLSessionCache directive mis-parses parens() in p|
|47951|New|Nor|2009-10-07|use libtool --mode=install install instead of cp c|
|47981|New|Nor|2009-10-12|allow language specific html-versions (index.html.|
|47982|New|Nor|2009-10-12|correctly interprete non-standard HTTP_ACCEPT_LANG|
|47988|New|Nor|2009-10-12|Segmentation fault                                |
|47989|New|Nor|2009-10-13|Junk string appended to compressed dynamic content|
|47994|New|Enh|2009-10-14|ScriptInterpreterSource apparently broken in Windo|
|48020|New|Nor|2009-10-17|KCP+ Opera support for mod_auth_digest            |
|48037|New|Nor|2009-10-21|mod_proxy_http does not handle asynchronous keepal|
|48045|New|Nor|2009-10-23|Apache 2 initgroups alert, Max OS X, abnormal exit|
|48057|New|Nor|2009-10-26|mod_fcgid creates 1 more process then allowed     |
|48094|New|Nor|2009-11-01|Avoid a race condition in close_worker_sockets()  |
|48107|New|Maj|2009-11-02|Mutual Authentication: Order in ca-bundle influenc|
|48115|New|Enh|2009-11-03|Duration to receive the request, generate response|
|48130|New|Maj|2009-11-04|DAV operations on large filesets consume all the O|
|48154|New|Nor|2009-11-06|Requests through mod_isapi are not parsed by HTTP_|
|48164|New|Enh|2009-11-09|add new parameters to rotatelogs                  |
|48215|New|Nor|2009-11-17|Renegotiation with SSLVerifyDepth 0 requires multi|
|48219|New|Nor|2009-11-17|Retrying the worker for seems to omit POST variabl|
|48228|New|Nor|2009-11-18|Renegocation requires multiple client authenticati|
|48246|New|Enh|2009-11-19|Check permissions on file/directory specified for |
|48254|New|Trv|2009-11-20|Bogus "DocumentRoot does not exist" warning when s|
|48272|New|Cri|2009-11-24|mod_proxy_fcgi crashes Apache on invalid headers  |
|48281|New|Nor|2009-11-25|Compilation issue with shared modules on AIX 6.1  |
|48283|New|Nor|2009-11-25|Proxy errors since httpd 2.2.12 with Tomcat 6.0.20|
|48291|New|Maj|2009-11-26|mod_substitute loops                              |
|48295|Opn|Nor|2009-11-27|ProxyPassReverseCookiePath: Not changing path corr|
|48301|New|Enh|2009-11-30|Feature request: improved connection status report|
|48304|New|Nor|2009-11-30|with "Rewrite" directives in .../.htaccess and ...|
|48309|New|Maj|2009-11-30|libapreq2-2.12: "make test" fails at request.t and|
|48312|Opn|Nor|2009-11-30|ProxyPassReverseCookiePath: Not changing path corr|
|48316|Inf|Nor|2009-12-01|ap_run_insert_filter doesn't work in cache_url_han|
|48340|New|Enh|2009-12-04|Binding with user-supplied credentials            |
|48349|New|Enh|2009-12-08|Allow RewriteMap in a .htaccess file              |
|48351|New|Nor|2009-12-08|Ampersand taken to mean "what is matched by the pr|
|48352|New|Enh|2009-12-08|mod_mime_magic does not detect certain important M|
|48354|New|Enh|2009-12-08|void ap_custom_response is not supporting the bina|
|48360|New|Enh|2009-12-09|provide sample configuration file for inclusion in|
|48361|New|Enh|2009-12-09|Add global server option for specifying desired DS|
|48364|Opn|Nor|2009-12-10|PHP-generated pages are not cached in spite of per|
|48369|New|Enh|2009-12-10|add option to automatically restart if a script is|
|48388|New|Maj|2009-12-14|mod proxy disabling workers after a single error  |
|48401|New|Nor|2009-12-16|CacheIgnoreURLSessionIdentifiers recognizes the wr|
|48431|New|Nor|2009-12-22|Error logging doesn't work when configured to use |
|48439|New|Cri|2009-12-23|SSI Error                                         |
|48440|Inf|Cri|2009-12-23|Segmentation Fault                                |
|48449|Inf|Nor|2009-12-28|make distclean removes core.c and core_filters.c  |
|48465|Opn|Enh|2009-12-30|Support TCP to connect to backends                |
|48499|New|Nor|2010-01-06|mod_rewrite can't redirect to files with ? in them|
|48500|New|Nor|2010-01-06|mod_mbox mishandles right-click to open msg in new|
|48508|New|Nor|2010-01-07|BalancerMember doesn't accept nocanon directive   |
|48540|Inf|Nor|2010-01-13|BalancerMember is not documented well             |
|48549|New|Enh|2010-01-14|Add Cache-Control s-maxage support                |
|48552|Opn|Nor|2010-01-15|POST parameters are lost on DirectorySlash redirec|
|48576|New|Nor|2010-01-19|MOVE or COPY in WebDAV fails with 404 when file ex|
|48585|New|Enh|2010-01-20|mod_cache no longer caches expired content        |
|48594|New|Nor|2010-01-21|Inaccurate requests per second in html output of a|
|48602|New|Enh|2010-01-23|use asynch ldap_compare so LDAPTimeout applies    |
|48623|New|Maj|2010-01-26|AuthLDAPURL syntax is not RFC-compliant, prevents |
|48639|New|Enh|2010-01-29|Add htcacheclean as a core monitored process      |
|48642|Inf|Nor|2010-01-30|LDAP_OPT_X_TLS_CACERTFILE                         |
|48652|New|Maj|2010-02-01|"AuthType form" fails if a password contains  '&' |
|48659|New|Maj|2010-02-02|Problem with accents in filename and byte serving |
|48687|New|Nor|2010-02-05|mod_rewrite ignores trailing dot in request URI on|
|48705|New|Enh|2010-02-08|flag to allow newlines in the error log as opposed|
|48712|New|Enh|2010-02-09|Add UID and GID to status page                    |
|48719|New|Nor|2010-02-09|[BUG] mod_proxy_ajp return wrong error message whe|
|48721|New|Nor|2010-02-10|[Patch] Add ProxyAllow to mod_proxy               |
|48731|New|Maj|2010-02-11|Prefork not creating processes after 10 servers ar|
|48732|New|Nor|2010-02-12|[BUG] environment variable SCRIPT_NAME output erro|
|48735|Opn|Nor|2010-02-13|bybusyness does not balance after failed worker ha|
|48752|New|Enh|2010-02-16|log command line options passed to httpd          |
|48761|New|Enh|2010-02-17|rotatelogs support for hard link to static named f|
|48769|New|Nor|2010-02-18|Processes in the busy list should not be killed du|
|48777|New|Maj|2010-02-19|proxy balancer not detecting correctly when host (|
|48780|New|Enh|2010-02-19|Enable mod_authnz_ldap to accept valid client cert|
|48792|New|Enh|2010-02-22|httpd util apachectl returns wrong status informat|
|48805|New|Nor|2010-02-23|Corrupted response for HTTPS + KEEPALIVE=ON       |
|48807|New|Nor|2010-02-24|Design policy of "aaa module" is incomplete becaus|
|48808|New|Enh|2010-02-24|mod_authz_owner support for POSIX access control l|
|48819|Inf|Nor|2010-02-25|After users login on the web page, the page does n|
|48842|Inf|Nor|2010-03-02|mod_log_config logs the full size of the file inst|
|48864|New|Nor|2010-03-05|mod_mbox: "From" name is not printed in UTF-8     |
|48880|Opn|Nor|2010-03-09|error on make                                     |
|48888|New|Nor|2010-03-10|DOCTYPE definitions nearly 11 years out-of-date   |
|48920|New|Enh|2010-03-15|Breadcrumbs on mod_autoindex path                 |
|48921|New|Nor|2010-03-16|httpd.exe, version 2.2.15.0                       |
|48930|New|Enh|2010-03-17|[patch] ab: support -B option to specify bind addr|
|48937|New|Enh|2010-03-18|Feature proposal - support sasl_bind              |
|48949|New|Cri|2010-03-20|fcgid processes never get killed after graceful re|
|48958|New|Nor|2010-03-22|mod_ldap, ldap credential cache & graceful restart|
|48987|New|Trv|2010-03-25|typo in polish translation of HTTP_UNAUTHORIZED.ht|
|49032|Inf|Nor|2010-03-31|Environment variable expansion in configuration fi|
|49034|New|Maj|2010-04-01|httpd with openssl 1.0.0                          |
|49037|New|Enh|2010-04-02|SSLVerifyClient require_no_ca                     |
|49040|New|Enh|2010-04-02|Change ErrorDocument Or Add ErrorDocumentHandler  |
|49043|New|Maj|2010-04-04|Using ssi include directive overwrites QUERY_STRIN|
|49057|New|Enh|2010-04-06|setenvif should have access to SSL environment var|
|49058|New|Nor|2010-04-06|Prefork MPM tries to accept on closed listener soc|
|49067|New|Nor|2010-04-08|FTPOptions ShowUnAuthorizedFiles does not work    |
|49068|New|Nor|2010-04-08|UTF-8 URL Encode error                            |
|49087|New|Maj|2010-04-11|MSI installation reports "interrupted installation|
|49114|New|Maj|2010-04-13|NTFS junction directories missing from directory l|
|49123|New|Nor|2010-04-14|mod_proxy_ajp does not send the client's SSL chain|
|49131|New|Nor|2010-04-15|Very long URLs cause 404 or 403 errors with SetAct|
|49133|New|Maj|2010-04-16|Windows service recovery options do not work for A|
|49155|Inf|Maj|2010-04-20|mod_rewrite logging crashes apache 64 bit builds o|
|49157|New|Nor|2010-04-20|Issues with xml interface for balancer manager    |
|49187|New|Nor|2010-04-26|Crash mod_mem_cache and mod_svn                   |
|49199|New|Enh|2010-04-27|Implement LDAP scope-aware caching in mod_ldap    |
|49220|New|Enh|2010-04-29|feature request for being able to disable FcgidWra|
|49239|New|Blk|2010-05-01|Apache mod_ssl gives coredump with openssl 0.9.8  |
|49251|New|Enh|2010-05-05|Add %M microsecond time format (complements strfti|
|49272|New|Maj|2010-05-11|Internal proxies do not work in mod_remoteip      |
|49276|New|Min|2010-05-12|mod_cgi allocates unnecessary amounts of memory   |
|49277|New|Enh|2010-05-12|Expose a variable to identify SSL Session renegoti|
|49283|New|Nor|2010-05-12|Language of dates on SSI                          |
|49285|New|Enh|2010-05-13|Relative (local to current directory) URLs do not |
|49313|New|Nor|2010-05-19|AddOutputFilterByType deprecated but given used in|
|49348|New|Enh|2010-05-27|[mod_log_config] Output log file name format capab|
|49369|New|Trv|2010-06-01|mod_deflate output filters pass empty brigades dow|
|49382|New|Nor|2010-06-03|ab says "SSL read failed"                         |
|49383|New|Min|2010-06-03|ab -v2 SSL memory leak                            |
|49385|New|Maj|2010-06-03|mod_disk_cache server side included files are inte|
|49387|Inf|Cri|2010-06-03|Unable to modify default charset setting to UTF-8 |
|49388|New|Nor|2010-06-04|The ScriptSock can't be longer than 7 characters  |
|49391|New|Nor|2010-06-05|mod_disk_cache needs to register a cleanup to kill|
|49396|New|Enh|2010-06-06|PATH_INFO normalization, especially relating to vo|
|49427|New|Nor|2010-06-11|mod_cgid and mod_cgi do not return proper value wh|
|49433|New|Enh|2010-06-13|improving info in server status                   |
|49437|New|Cri|2010-06-14|apache and mod_auth_basic segmentation fault      |
|49439|New|Nor|2010-06-14|Bug in mod_userdir which prevents suexec from runn|
|49474|New|Nor|2010-06-20|http-2 fails in processing chunked requests with l|
|49491|Opn|Nor|2010-06-22|SSL module does not do the case insensitive URI co|
|49502|New|Trv|2010-06-25|Little syntax error in shell script httpd.init    |
|49504|New|Nor|2010-06-25|Solaris 10/x64 worker graceful restart problem    |
|49512|New|Enh|2010-06-28|PATCH unset environment var with RewriteRule      |
|49532|New|Nor|2010-06-30|mod_cache: Set-Cookie headers are appended to cach|
|49553|New|Min|2010-07-05|Set QoS bits via APR2 API instead                 |
|49559|New|Enh|2010-07-06|Patch to add user-specified Diffie-Hellman paramet|
|49562|New|Nor|2010-07-06|the "Makefile" mentioned in the documentation for |
|49568|New|Maj|2010-07-07|Apache mod_authnz_ldap built with the MS LDAPSDK d|
|49623|New|Nor|2010-07-20|CVE-2003-1418 - all httpd versions seem to expose |
|49632|New|Nor|2010-07-21|mod_authnz_ldap denies users when search is perfor|
|49633|New|Enh|2010-07-21|Handle AD primary groups in mod_authnz_ldap       |
|49639|New|Min|2010-07-22|RewriteMap lookup fails silently on permission err|
|49642|New|Nor|2010-07-23|mod_rewrite mistakes encoded question mark as path|
|49643|Inf|Nor|2010-07-23|WebDav plus mod Negotiation causes directory creat|
|49671|New|Nor|2010-07-29|mod_proxy_fcgi handles client disconnects poorly  |
|49676|New|Nor|2010-07-30|directory with german umlauts are indented by one |
|49680|New|Maj|2010-07-30|Perl script are not running on Win32, Apache 2.2.1|
|49684|New|Enh|2010-08-01|enhancement for ipv6 implementation               |
|49699|New|Nor|2010-08-03|Inconsistent Keep-alive from proxy to the origin s|
|49705|New|Nor|2010-08-05|Per request DocumentRoot                          |
|49715|New|Maj|2010-08-06|ProxyPassMatch Url Encoder Problem                |
|49717|New|Enh|2010-08-06|PATCH: Enable SSL Timeout                         |
|49737|Inf|Nor|2010-08-10|order allow,deny does not work on IPv6            |
|49738|New|Min|2010-08-10|Apache silently fails if ServerRoot is given in th|
|49743|New|Maj|2010-08-12|SSI 'echo encoding="(url/none)"' bug              |
|49746|Opn|Enh|2010-08-12|mod_rewrite urlencode option                      |
|49760|New|Nor|2010-08-17|Compilation Apache 2.2.11 on linux 64 bits        |
|49766|New|Maj|2010-08-17|POST request on CGI script generating empty body c|
|49771|New|Nor|2010-08-17|After graceful restart using mod_proxy_ajp, couldn|
|49772|New|Nor|2010-08-18|mod_deflate kicks itself out on Content-Range resp|
|49782|New|Enh|2010-08-19|Please provide 64-bit builds for Windows          |
|49794|New|Trv|2010-08-21|Denied access to mod_status displays wrong directo|
|49798|Opn|Nor|2010-08-22|[mod_log_config] Piped Log scripts process cause w|
|49807|New|Enh|2010-08-23|hard to force Content-Type header for non static f|
|49810|New|Nor|2010-08-23|Mod_autoindex output of header/body/footer scrambl|
|49815|New|Enh|2010-08-24|Enable caching for HTTP Range requests / 206 respo|
|49829|New|Trv|2010-08-26|CGI index command line arguments excessively escap|
|49832|New|Enh|2010-08-26|void ap_custom_response is not supporting the bina|
|49839|New|Nor|2010-08-28|mod_remoteip: ErrorDocument causes proxy's IP to b|
|49859|Opn|Nor|2010-09-01|url with additional filepath generates bad environ|
|49902|New|Nor|2010-09-08|FcgidMaxProcessesPerClass                         |
|49921|New|Nor|2010-09-13|Trailers in chunked http requests are not handled |
|49926|New|Enh|2010-09-14|New option for mod_log_forensics or mod_log_config|
|49980|New|Nor|2010-09-22|can't use a FIFO for SSL key file; mod_ssl checks |
|49981|New|Enh|2010-09-22|Requesting SSLCertificateKeyFile Dialog functional|
|49990|New|Nor|2010-09-23|Feature request: implement ExpiresActive reset    |
|49995|New|Maj|2010-09-24|Apache2 is sending one SSL cert amongs different v|
|49996|New|Nor|2010-09-24|Proxied ErrorDocument returns 200 OK response code|
|49997|New|Nor|2010-09-24|wrowe promised me...                              |
|50002|Opn|Min|2010-09-25|Restart with many vhosts taking forever [patch]   |
|50004|New|Nor|2010-09-26|per-dir rewrite without DocumentRoot or RewriteBas|
|50010|New|Enh|2010-09-27|mod_ftp docs are blank                            |
|50011|New|Cri|2010-09-27|error running apache, and installing apache as a s|
|50012|New|Nor|2010-09-27|Please fix code in mod_session_dbd.c (dbd_remove) |
|50024|New|Min|2010-09-29|Mod_cache/mod_mem_cache and mod_security combinati|
|50038|New|Enh|2010-10-01|What Directives apply to a file/directory? Resulta|
|50041|New|Min|2010-10-04|(9)Bad file descriptor: apr_socket_accept: (client|
|50051|New|Nor|2010-10-07|Log PID in first entry logged for each request    |
|50061|New|Nor|2010-10-08|Semicolon character '%3B' seems to be decoded to '|
|50082|New|Nor|2010-10-12|apachectl status returns incorrect exit code      |
|50093|New|Enh|2010-10-14|Better error message for failed certificate valida|
|50094|New|Enh|2010-10-14|Report information about certificate when validati|
|50112|New|Nor|2010-10-18|buildconf broken in two places                    |
|50116|New|Nor|2010-10-19|Apache fragments packets unnecessarily            |
|50151|New|Nor|2010-10-25|Software caused connection abort and apache proces|
|50155|Inf|Nor|2010-10-25|httpd -s attempts to read SSL certificates        |
|50172|Inf|Nor|2010-10-28|Digest allows access bypassing secuity            |
|50195|New|Nor|2010-11-01|mod_cache violates HTTP                           |
|50227|New|Enh|2010-11-07|Option to fail SSL handshake for diverted SNI conn|
|50237|Inf|Nor|2010-11-08|webdav LOCK access with multiple threads to same f|
|50261|New|Nor|2010-11-12|graceful restart with multiple listeners using pre|
|50262|New|Nor|2010-11-12|mod_rewrite log ip address vs hostname            |
|50267|New|Nor|2010-11-13|mod_mbox: % in message id, needs escaping as %25  |
|50274|New|Nor|2010-11-15|always pass CONTENT_LENGTH to the application     |
|50278|New|Nor|2010-11-16|-DFOREGROUND and ap_unixd_killpg()/ap_os_killpg() |
|50290|Inf|Nor|2010-11-18|vanilla apache 2.2.17 installation crashes (lib-ap|
|50296|New|Nor|2010-11-18|LDAPVerifyServerCert and possibly LDAPTrustedMode |
|50309|New|Cri|2010-11-21|Apache is crashing during graceful restart        |
|50311|New|Nor|2010-11-22|CoreDumpDirectory created inside other directories|
|50317|New|Nor|2010-11-22|Possible error in mod_cache's "Avoiding the Thunde|
|50335|New|Cri|2010-11-25|Cores dumped under high load (segmentation fault s|
|50336|New|Min|2010-11-25|PUT failures do not emit Allow:                   |
|50344|New|Nor|2010-11-26|ProxyPass does not handle different protocols when|
|50345|New|Nor|2010-11-26|many minor bugs in the Module section of the MPMs |
|50357|New|Enh|2010-11-28|improve matching mechanisms for mime type and enco|
|50372|New|Enh|2010-11-29|any reason for allowing ModMimeUsePathInfo only in|
|50377|New|Maj|2010-11-29|<Files*> and <Location*> sections seem to complete|
|50389|Inf|Nor|2010-11-30|FCGID processess are restarted at gracefull reload|
|50390|New|Nor|2010-11-30|WARNING: Unrecognized options : --disable-ipv6    |
|50402|New|Nor|2010-12-02|SetEnv proxy-sendchunks is ignored for small amoun|
|50412|New|Nor|2010-12-04|if IndexOptions +XHTML, the correct MIME type shou|
|50423|Inf|Nor|2010-12-06|Apache is terminated with signal 11, Segmentation |
|50427|New|Nor|2010-12-07|Windows>=Vista+mod_auth_digest+command line=proble|
|50432|New|Enh|2010-12-08|add PCRE-mode for file based matches              |
|50434|New|Enh|2010-12-08|file name based matching should not consider files|
|50436|New|Enh|2010-12-08|VirtualHost could behave like people expect it to |
|50444|New|Enh|2010-12-09|Pre-close logging handles in cgid agent           |
|50447|New|Nor|2010-12-09|mod_rewrite re-escapes query string too liberally |
|50456|Inf|Nor|2010-12-10|Invalid Error 413 crash Apache                    |
|50464|New|Blk|2010-12-13|undefined reference to `BIO_set_callback' `BIO_set|
|50466|Inf|Maj|2010-12-13|httpd process doesn't recycle                     |
|50473|New|Maj|2010-12-14|zlib.dll Problem                                  |
|50481|New|Maj|2010-12-15|mod_proxy with SSLProxyEngine truncates files fetc|
|50521|New|Nor|2010-12-25|Comment at top of sample main config file is wrong|
|50525|New|Nor|2010-12-28|Header directive won't edit Location header from P|
|50530|New|Enh|2010-12-29|Provide rate limiting for failed authentication at|
|50532|New|Enh|2010-12-30|Mail protection                                   |
|50551|New|Nor|2011-01-06|Some proxied connections ignore ttl setting       |
|50559|New|Blk|2011-01-07|Memory leak on long lines, leading to complete sys|
|50562|Opn|Cri|2011-01-09|wrong PATH_INFO CGI environment with non-ASCII UTF|
|50584|New|Enh|2011-01-14|Add error message when triggered                  |
|50592|New|Maj|2011-01-15|httpd dumps core on an IPv6 only system           |
|50602|New|Nor|2011-01-17|non thread safe functions used in apache httpd pro|
|50619|New|Min|2011-01-19|After changing resolv.conf signaling httpd doesn't|
|50621|New|Maj|2011-01-19|Using FcgidWrapper in .htaccess causes new process|
|50628|New|Blk|2011-01-21|Core dump happens with Apache 2.2.15 using openssl|
|50630|New|Nor|2011-01-21|Apache return 500 error with authentication by LDA|
|50644|New|Enh|2011-01-24|Add support for maximum number of requests per Kee|
|50649|New|Cri|2011-01-25|disconnection between httpd and tomcat 6.0.18 via |
|50654|New|Nor|2011-01-25|[PATCH] FileETag ContentMD5 & Filename, optimisati|
|50662|New|Min|2011-01-26|wrong context in mod_ssl's SSLRequire             |
|50663|New|Maj|2011-01-26|SSLSessionCache does not document shmcb und shmht |
|50693|New|Nor|2011-01-31|AllowOverride Options=(not Foo) should permit no-o|
|50704|Inf|Nor|2011-02-01|mod_cache doesn't cache MultiViews                |
|50707|New|Blk|2011-02-02|Apache not using the ProxyRemote directive consist|
|50712|New|Maj|2011-02-02|Restart button only stops the server ...and do not|
|50727|New|Nor|2011-02-07|ISAPI EXTENSION_CONTROL_BLOCK Missing PostData wit|
|50740|New|Enh|2011-02-09|Enable OCSP Stapling by default                   |
|50765|New|Nor|2011-02-11|Runtime Backend Pinning via balancer-manager      |
|50770|New|Nor|2011-02-14|a rotatelogs issue, if time changed               |
|50773|New|Nor|2011-02-14|Dav lock database corruption                      |
|50774|New|Enh|2011-02-14|Have a way to invalidate cache without other reque|
|50777|New|Nor|2011-02-14|Back port buildconf specifies AC_PREREQ(2.13) fix |
|50782|New|Nor|2011-02-15|mod_authz_core docs use Order, Deny, Allow        |
|50796|New|Enh|2011-02-16|record time between keepalives in access log      |
|50807|New|Maj|2011-02-18|mod_proxy fails to send FIN response when a FIN is|
|50812|New|Enh|2011-02-20|mod_ssl SSLProxyMachineCertificateFile can't use a|
|50814|New|Nor|2011-02-21|SSI exec not working on Windows (Apache 2.x)      |
|50823|New|Trv|2011-02-24|Provide alternate failure modes for http on https |
|50824|New|Maj|2011-02-24|limiting and unsafe use of fixed length buffer for|
|50834|New|Cri|2011-02-26|worker mpm core dump with mod_proxy when we reboot|
|50848|New|Enh|2011-03-01|Content Negotiation type map file precedence could|
|50869|New|Enh|2011-03-04|Need directive to control use and timeout of sessi|
|50873|New|Nor|2011-03-04|httpd does not start properly when built from sour|
|50878|New|Nor|2011-03-05|redundant operation when calling apr_stat         |
|50891|New|Nor|2011-03-08|Apache rewrites WWW-Authenticate headers from CGI |
|50902|Inf|Maj|2011-03-09|on major load on the server, poll() hangs         |
|50915|New|Cri|2011-03-11|Program terminated with signal 4, Illegal instruct|
|50916|New|Nor|2011-03-11|RewriteMap program: mod_rewrite sends request but |
|50919|New|Enh|2011-03-12|potential performance waste caused by sprintf     |
|50926|New|Nor|2011-03-14|unexpected <Directory> file-matching behavior     |
|50942|New|Maj|2011-03-17|Apache 2.2.16 forward proxy is 5x times slower tha|
|50946|New|Nor|2011-03-18|mod_example using 100% cpu under load             |
|50954|New|Nor|2011-03-21|ProxyRemote doesnt use CONNECT method with https s|
|50959|New|Enh|2011-03-23|Add cache-manifest to the mime type list          |
|50976|New|Nor|2011-03-26|Apache losts client's ip (%a or %h) sometimes.    |
|50990|New|Enh|2011-03-29|Headless installation                             |
|50996|New|Maj|2011-03-30|SERVERADMIN parameter not working                 |
|50998|New|Nor|2011-03-30|Docs for SSLCipherSuite incorrect                 |
|51001|New|Nor|2011-03-31|patch for hook ap_lua_run_lua_open                |
|51005|New|Enh|2011-04-01|Allow to use username in LDAP filter              |
|51006|New|Blk|2011-04-01|Apache consume all memory and swap when setup as r|
|51019|New|Enh|2011-04-04|[PATCH] Implementation of Asynchronous processing |
|51020|New|Nor|2011-04-04|[PATCH] Apache/mod_fcgid.so does not start in comp|
|51022|New|Nor|2011-04-05|Segmentation fault on PUT request                 |
|51030|New|Enh|2011-04-06|Way to terminate CGI immediatly after closing conn|
|51075|New|Enh|2011-04-17|Add support for TLS-SRP (RFC 5054)                |
|51077|New|Nor|2011-04-18|mod_rewrite does not pass query string to mod_prox|
|51078|New|Nor|2011-04-18|[PATCH] mod_fcgid spawned CGI Processes gets orpha|
|51079|New|Nor|2011-04-18|[PATCH] mod_fcgid spawned CGI Process cannot imper|
|51080|New|Nor|2011-04-18|[PATCH] mod_isapi does not support Except:100-Cont|
|51103|Opn|Nor|2011-04-21|mod_reqtimeout does not drop connection and return|
|51107|New|Min|2011-04-22|SetOutputFilter and SetInputFilter should allow "n|
|51118|New|Nor|2011-04-26|LDAP cache is cleared after graceful/restart and o|
|51125|New|Trv|2011-04-27|Please add interpolate hint to ProxyPassInterpolat|
|51126|New|Nor|2011-04-27|Clarify ProxyPassReverseCookiePath description    |
|51127|New|Nor|2011-04-27|Make ProxyPassReverseCookiePath work as expected  |
|51131|New|Nor|2011-04-27|Improve mod_proxy_ajp docs with usage section.    |
|51168|New|Nor|2011-05-08|mod_status Total Traffic won't take account of int|
|51170|New|Nor|2011-05-09|I/O errors when using keep-alive + mod_ssl        |
|51174|New|Min|2011-05-09|SSLRequire predicates using OIDs unknown to openss|
|51186|New|Blk|2011-05-11|NEw Openssl 1.0.1 with new FIPS                   |
|51190|New|Min|2011-05-12|::/0 does not work with allow from and deny from  |
|51194|New|Nor|2011-05-13|FcgidWrapper does not support paths containing a s|
|51201|Inf|Nor|2011-05-15|Strange behavior REQUEST_METHOD & GET in mod_rewri|
|51204|Inf|Cri|2011-05-16|Memory leak                                       |
|51223|New|Nor|2011-05-18|304 HTTP Not Modified strips out CORS headers     |
|51224|New|Nor|2011-05-18|mod_dav_fs should respect FileETag                |
|51239|New|Nor|2011-05-21|ap_get_client_block may block continuously sometim|
|51257|New|Nor|2011-05-24|Apache 2.2.19 cross-compile: ./dftables: cannot ex|
|51258|New|Enh|2011-05-24|new features for mod_substitute                   |
|51296|New|Enh|2011-05-31|Dynamic engine support using SSLCryptoDevice suppo|
|51297|New|Nor|2011-05-31|Improve error handling during "UNLOCK"            |
|51303|New|Nor|2011-05-31|TraceEnable 500 error                             |
|51312|New|Nor|2011-06-01|mod_filter should support adding to the Vary heade|
|51322|New|Enh|2011-06-04|Prepend and append string to LDAP search parameter|
|51336|New|Enh|2011-06-07|need a topic for serving pre-compressed content   |
|51350|New|Nor|2011-06-09|mod_deflate compresses zero length content into an|
|51355|New|Nor|2011-06-10|MaxProcesses doesn't work for the second  FcgidCmd|
|51359|New|Enh|2011-06-11|Added shebang check for //! so that .js scripts wo|
|51363|New|Nor|2011-06-13|Disable Anonymous ECDH ciphersuites by default    |
|51365|New|Nor|2011-06-13|Mod_proxy mangles query string with mod_security  |
|51370|Opn|Enh|2011-06-13|htdigest should accept password as a command-line |
|51371|New|Nor|2011-06-14|wrong guards around 'apr_procattr_limit_set' in mo|
|51372|New|Nor|2011-06-14|httxt2dbm does not remove map entries             |
|51383|Inf|Nor|2011-06-16|cgi hung by ErrorLog syslog                       |
|51402|New|Nor|2011-06-21|"ForceLanguagePriority Fallback" not working as im|
|51406|New|Maj|2011-06-21|When listing files in subdirectories, the path is |
|51409|New|Nor|2011-06-21|Sorting options accepted by ls, but ignored       |
|51412|New|Nor|2011-06-21|Nasty warning in ftp_cmd_pbsz() -- dangerous, wher|
|51434|New|Maj|2011-06-25|Unable to use (forward) slashes in a FilterProvide|
|51471|New|Nor|2011-07-04|<DirectoryMatch>ed IndexIgnore doesn't            |
|51479|New|Enh|2011-07-05|[PATCH] AB feature to optionally read in a reusabl|
|51491|New|Nor|2011-07-08|mod_dir breaks POSTs to URLs not ending in /      |
|51495|New|Nor|2011-07-11|mod_substitute cpu and memory limit               |
|51499|New|Enh|2011-07-11|Suexec missing useful redirect environmental varia|
|51517|New|Maj|2011-07-16|mod_proxy_fcgi is not RFC 3875 compliant          |
|51542|New|Nor|2011-07-22|Apache HTTP Server vs PVS-Studio                  |
|51543|New|Nor|2011-07-22|Space in username not properly escaped in log file|
|51552|Inf|Cri|2011-07-25|Apache is not starting (2.2.15)                   |
|51573|New|Enh|2011-07-28|Easy way to erase log files                       |
|51576|Inf|Nor|2011-07-28|mod_rewrite rule stopped working                  |
|51590|New|Nor|2011-07-30|The DEFLATE output filter loops infinitely if the |
|51600|New|Enh|2011-08-02|Loading the same certificate in multiple virtual h|
|51603|Inf|Maj|2011-08-02|Apache accepts completely bogus HTTP requests (pos|
|51607|New|Nor|2011-08-03|DBDPrepareSQL ( ap_dbd_prepare ) does not work cor|
|51618|New|Enh|2011-08-05|[PATCH] Use SSL_MODE_RELEASE_BUFFERS to reduce mem|
|51627|New|Enh|2011-08-05|can't specify hook orders for lua scripts         |
|51629|New|Nor|2011-08-05|DocumentRoot check incorrect when running under ch|
|51648|New|Nor|2011-08-11|[PATCH] Remove redundant Apache2::Cookie::httpcook|
|51657|New|Nor|2011-08-12|FcgidCmdOptions InitialEnv does not support values|
|51665|New|Min|2011-08-16|Inconsistent documentation of LimitRequestLine and|
|51674|New|Blk|2011-08-18|AJP Module Bad Request                            |
|51679|New|Min|2011-08-18|Code signature key expired                        |
|51680|New|Enh|2011-08-18|Include ServerAliases when showing parsed config  |
|51689|New|Cri|2011-08-19|Cross compiling causes multiple Listen directives |
|51695|New|Trv|2011-08-20|Code clean up (ap_rputs merge)                    |
|51696|New|Enh|2011-08-20|Code clean up (remove a 1024 heap allocated buffer|
|51707|New|Nor|2011-08-22|ProxyPassReverse issues within <Location> (differe|
|51709|New|Nor|2011-08-23|ServerName/ServerAlias don't work if Host: header |
|51711|New|Nor|2011-08-23|mod_auth_digest have broken shared mem (nonce) cod|
|51714|New|Cri|2011-08-24|Byte Range Filter might consume huge amounts of me|
|51718|New|Enh|2011-08-24|Feature Request: Add shorthand to redirect any Ser|
|51725|New|Nor|2011-08-26|Multiple Range: request accepted as "Range: n-m"  |
|51732|New|Nor|2011-08-29|Inconsistencies in log messages' verbosity levels?|
|51734|Inf|Nor|2011-08-29|Proxy error with Oracle AS                        |
|51746|New|Min|2011-08-31|FAQ denies possibility of using namebased vhosts w|
|51747|New|Nor|2011-08-31|mod_fcgid loads entire request into memory while p|
|51749|New|Nor|2011-09-01|mod_fcgid uses memory proportional to request size|
|51757|Inf|Enh|2011-09-02|Add support for SASL auth in LDAP                 |
|51778|New|Cri|2011-09-07|while buliding(make) a unix source "httpd-2.2.20.t|
|51797|Inf|Maj|2011-09-10|Crash HTTPD(Windows)                              |
|51814|New|Nor|2011-09-14|mod_proxy in Apache HTTP 2.2 FIN_WAIT2 in server s|
|51842|New|Enh|2011-09-18|Suggesting a new action for the Header directive: |
|51858|New|Nor|2011-09-21|weird error for mod_rewrite with more then 3 param|
|51864|New|Nor|2011-09-22|mod_cache returns entire entity from origin server|
|51904|New|Nor|2011-09-28|output to stderr from cgi script causes script to |
|51933|New|Enh|2011-09-30|Apply RewriteCond to RewriteBase, allow multiple R|
+-----+---+---+----------+--------------------------------------------------+
| Total 1088 bugs                                                           |
+---------------------------------------------------------------------------+

Kaspar Brand | 2 Oct 09:20 2011
Picon

Re: [PATCH] Support for TLS Session Tickets

On 30.09.2011 08:08, Paul Querna wrote:
> Attached is a patch
> <http://people.apache.org/~pquerna/tls_session_ticket_support.patch>
>  to add support for setting SSL_CTX_set_tlsext_ticket_keys.
> 
> I have two questions:
> 
> 1) What is the right ifdef to look for support of this feature?  I was
> just using ifdef SSL_CTX_set_tlsext_ticket_keys and it seemed to work
> for me......

SSL_CTRL_SET_TLSEXT_TICKET_KEYS and #ifndef OPENSSL_NO_TLSEXT,
respectively - I would suggest wrapping it in the same way as
SSL_CTX_set_tlsext_servername_callback/SSL_CTX_set_tlsext_servername_arg.

Generally speaking, I agree with Stefan that such keys shouldn't be
stored in config files as (static) plain-text strings. RFC 5077 section
5.5 lists some recommendations for the management of ticket protection
keys, although it hastens to add that "A full description [...] is
beyond the scope of this document".

Kaspar

Daniel Ruggeri | 2 Oct 21:07 2011
Picon

Re: svn commit: r1176749 - /httpd/httpd/branches/2.2.x/STATUS

On 9/28/2011 1:34 AM, kbrand <at> apache.org wrote:
> Author: kbrand
> Date: Wed Sep 28 06:34:33 2011
> New Revision: 1176749
>
> URL: http://svn.apache.org/viewvc?rev=1176749&view=rev
> Log:
> vote/comment
>
> Modified:
>     httpd/httpd/branches/2.2.x/STATUS
>
> Modified: httpd/httpd/branches/2.2.x/STATUS
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1176749&r1=1176748&r2=1176749&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.2.x/STATUS (original)
> +++ httpd/httpd/branches/2.2.x/STATUS Wed Sep 28 06:34:33 2011
>  <at>  <at>  -132,6 +132,10  <at>  <at>  PATCHES PROPOSED TO BACKPORT FROM TRUNK:
>      2.2.x patch: http://people.apache.org/~druggeri/patches/httpd-2.2-SSLProxyMachineCertificateChainFile.patch
>      +0 covener: needs r1162103 && needs druggeri's vote?
>      +1: druggeri
> +    kbrand: +1 (non-binding) with the following fixes applied: indentation of
> +            the "if (ca_cert_chains)" line, ca_certs assignment (5 lines below)
> +            changed as in r1162103, and in ssl_toolkit_compat.h, omit
> +            sk_X509_new_null and remove "(st)" from the sk_X509_shift define
>  
>    * mod_cache: * Do not cache 206 responses in any case since we currently do not provide any
>      backends that are capable to cache partial responses. PR 49113.
>
>

Sorry for not getting to this sooner. You will find the patch at
http://people.apache.org/~druggeri/patches/httpd-2.2-SSLProxyMachineCertificateChainFile.patch
has been updated today to reflect this. Please have a look when you can.

--

-- 
Daniel Ruggeri

Eric Covener | 3 Oct 16:42 2011
Picon

"request failed" messages that only long culprit to error-notes

Is there a reason why we don't fire off at least a debug (or now
traceN?) level message when we shove a
LimitRequestFields/LimitRequestFieldsSize error into error-notes?

This is in server/protocol.c#ap_get_mime_headers_core.

These 400's can be painful to debug.

--

-- 
Eric Covener
covener <at> gmail.com

Stefan Fritsch | 3 Oct 21:08 2011
Picon

Re: "request failed" messages that only long culprit to error-notes

On Mon, 3 Oct 2011, Eric Covener wrote:

> Is there a reason why we don't fire off at least a debug (or now
> traceN?) level message when we shove a
> LimitRequestFields/LimitRequestFieldsSize error into error-notes?
>
> This is in server/protocol.c#ap_get_mime_headers_core.
>
> These 400's can be painful to debug.

+1 to adding some logging. Level debug seems fine even for trunk, IMHO.


Gmane