Apache HTTP Server Version 1.3

Upgrading to 1.3 from 1.2

In order to assist folks upgrading we are now going to maintain a document describing information critical to existing Apache users. Note that it only lists differences between recent major releases, so for example, folks using Apache 1.1 or earlier will have to figure out what changed up to Apache 1.2 before this document can be considered relevant. Old users could look at the src/CHANGES file which tracks code changes.

These are intended to be brief notes, and you should be able to find more information in either the New Features document, or in the src/CHANGES file.

Compile-Time Configuration Changes

• The source code has been reorganized, which affects anyone with custom modules or modifications. But also, the Module directive has been changed to the AddModule directive.
• The Configuration variable EXTRA_LFLAGS has been renamed EXTRA_LDFLAGS.
• The -DMAXIMUM_DNS definition has been obsoleted by changes to mod_access enforcing double-reverse DNS lookups when necessary.
• The -DSERVER_SUBVERSION=\"string\" compile-time option has been replaced with the run-time API call ap_add_version_component(). Compile-time modification of the server identity by the configuration scripts is no longer supported.
• mod_dir has been split into two pieces mod_autoindex, and mod_dir.
• mod_browser has been replaced by mod_setenvif.
• IRIX systems with untrusted users who can write CGIs which execute as the same uid as httpd should consider using suexec, or adding -DUSE_FCNTL_SERIALIZED_ACCEPT to EXTRA_CFLAGS. This is slower, more information is available on the performance tuning page. There is a mild denial of service attack possible with the default config, but the default config is an order of magnitude faster.
• mod_auth_msql has been removed from the distribution.
• The new Apache Autoconf-style Interface (APACI) was added to the top-level to provide a real out-of-the-box build and installation procedure for the complete Apache package.

Run-Time Configuration Changes

• AuthName strings may need to be quoted in .htaccess or server configuration files. If you use an AuthName directive like this:

   AuthName This and That
  

  you will need to change it to

   AuthName "This and That"
  

  This change was made for consistency in the config language.
• The default Apache ServerRoot directory changed from the NCSA-compatible /usr/local/etc/httpd/ to /usr/local/apache/. This change covers only the default setting (and the documentation); it is of course possible to override it using the -d ServerRoot and -f httpd.conf switches when starting apache.
• Folks using HTTP/1.1-style virtual hosting will need to list the ip:port pairs that are supposed to have HTTP/1.1-style virtual hosting via the NameVirtualHost directive (one directive per pair). Previously this support was given implicitly on the "main server address". Now it has to be explicitly listed so as to avoid many problems that users had. Please see the Apache Virtual Host documentation for further details on configuration.
• The precedence of virtual hosts has been reversed (applies mainly to vhosts using HTTP/1.1 Host: headers, and the ServerPath directive). Now the earlier vhosts in the file have precedence over the later vhosts.
• HostnameLookups defaults to Off.
• The undocumented mod_access syntax "allow user-agents" was removed. The replacement is the more general "allow from env".
• When using wildcards in pathnames (such as * and ?) they no longer match / (slash). That is, they more closely behave how a UNIX shell behaves. This affects <Directory> directives, for example.
• If no TransferLog directive is given then nothing will be logged. (Previously it would default to logs/access_log.)
• Apache now has configurable error logging levels, and the default eliminates some messages that earlier versions always generated.
• When booting, Apache will now detach itself from stdin, stdout, and stderr. stderr will not be detached until after the config files have been read so you will be able to see initial error messages. After that all errors are logged in the error_log. This makes it more convenient to start Apache via rsh, ssh, or crontabs.
• <Files> sections previously could take a full pathname, and were matched against the full pathnames. This had some inconsistancies, and was removed. To emulate this older behaviour use a <Files> section nested inside a <Directory> section.
• <Location> matching behaviour with respect to slashes has changed. See the <Location> documentation for more info.

Misc Changes

• ServerType inetd has been deprecated. It still exists, but bugs are unlikely to be fixed.
• httpd_monitor has been deprecated. The replacement is to use mod_status and make a request to a URL such as http://myhost/server-status?refresh=10.
• Apache now provides an effectively unbuffered connection for CGI scripts. This means that data will be sent to the client as soon as the CGI pauses or stops output; previously, Apache would buffer the output up to a fixed buffer size before sending, which could result in the user viewing an empty page until the CGI finished or output a complete buffer. It is no longer necessary to use an "nph-" CGI to get unbuffered output. Given that most CGIs are written in a language that by default does buffering (e.g. perl) this shouldn't have a detrimental effect on performance.

  "nph-" CGIs, which formerly provided a direct socket to the client without any server post-processing, were not fully compatible with HTTP/1.1 or SSL support. As such they would have had to implement the transport details, such as encryption or chunking, in order to work properly in certain situations. Now, the only difference between nph and non-nph scripts is "non-parsed headers".

• dbmmanage has been overhauled.

Third Party Modules

The following changes between the 1.2 and 1.3 API may require slight changes in third party modules not maintained by Apache.

• To avoid symbol clashes with third-party code compiled into the server, the general prefix `ap_' was globally applied to the following classes of symbols: Apache provided general functions (e.g., ap_cpystrn), public API functions (e.g., palloc, bgets) and private functions which can't be made static (because of cross-object usage) but should be (e.g., new_connection). For backward source compatibility with Apache 1.2 a new header file named compat.h was created which provides defines for the old symbol names. You'll either have to #include compat.h or update the API symbols you use.
• Be sure and examine the source code reorganization page to see whether any item there affects you.
• Use of SERVER_VERSION definition. If third-party modules reference the server version string using this symbol, they should be corrected to obtain it by calling the new API routine const char *ap_get_server_version().
• ap_construct_url prototype change. The second parameter was previously a server_rec, it has been changed to a request_rec.
• The table datatype has been made an opaque type. Code which assumes a table is the same as an array_header will not compile. This is actually a change to enforce the API the way it was intended, all versions of Apache have had a table_elts() function which is intended for code which needs to access the elements of a table. The changes required for this are pretty easy, and work with all versions of Apache.

  Suppose t is a table. Whenever code refers to t->elts, replace it with something like this:

  array_header *arr = table_elts(t);
  table_entry *elts = (table_entry *)arr->elts;
  

  Whenever code refers to t->nelts use arr->nelts. Many examples can be found in the standard modules, search for table_elts.

Apache HTTP Server Version 1.3

Index