request_rec's, main request, sub request, and internal redirect. When this hook is called, the the r->main, r->prev, r->next pointers have been set, so modules can determine what kind of request this is. [Ryan Bloom] *) Cleanup the build process a bit more. The Apache configure script no longer creates its own helper scripts, it just uses APR's. [jean-frederic clere ] *) Stop the forced downgrade of the connection to HTTP/1.0 for proxy requests. [Graham Leggett] *) Avoid using sscanf to determine the HTTP protocol number in the common case because sscanf is a performance hog. From Mike Abbot's Accelerating Apache patch number 6. [Mike Abbot , Bill Stoddard] *) Fix a security exposure in mod_access. Previously when IPv6 listening sockets were used, allow/deny-from-IPv4-address rules were not evaluated properly (PR #7407). Also, add the ability to specify IPv6 address strings with optional prefix length on Allow and Deny. [Jeff Trawick] *) Enhance rotatelogs so that a UTC offset can be specified, and the logfile name can be formatted using strftime(3). (Brought forward from 1.3.) [Ken Coar] *) Reimplement the Windows MPM (mpm_winnt.c) to eliminate calling DuplicateHandle on an IOCompletionPort (a practice which MS "discourages"). The new model does not rely on associating the completion port with the listening sockets, thus the completion port can be completely managed within the child process. A dedicated thread accepts connections off the network, then calls PostQueuedCompletionStatus() to wake up worker threads blocked on the completion port. [Bill Stoddard] *) Bring forward the --suexec-umask option which allows the builder to preset the umask for suexec processes. [Ken Coar] *) Add a -V flag to suexec, which causes it to display the
compile-time settings with which it was built. (Only usable by root or the AP_HTTPD_USER username.) [Ken Coar] *) Mod_include should always unset the content-length if the file is going to be passed through send_parsed_content. There is no to determine if the content will change before actually scanning the entire content. It is far safer to just remove the C-L as long as we are scanning it. [Ryan Bloom] *) Make sure Apache sends WWW-Authenticate during a reverse proxy request and not Proxy-Authenticate. [Graham Leggett ]