This file contains an overview of version differences. The list
is not complete. Refer to cvs comments for more information.

Changes since 3.7 beta 34
- Add SCTP support via ListenProtocol option (only TCP compat mode)
- Add X-Sendfile CGI header parsing: send the file specified instead
  of the output of the CGI script. Allows e.g. authorisation by CGI
- Add AccessControlAllowOrigin option for (limited) CORS support

Changes since 3.7 beta 33
- Undo TLS reconnect change in 3.7b32 due to errors
- Better URL encoding in redirects

Changes since 3.7 beta 32
- Drop privileges earlier; initialisation is still done as root
- Open new logfiles before closing old
- Add HTTP Public Key Pinning
- Disable client initiated TLS reconnects

Changes since 3.7 beta 31
- Rename ServerInfo to ServerIdent
- Rename ProxyInfo to ProxyIdent
- Add SSLNoCert for TLS without certificate (aNULL, ADH)
- Add UseTimeStamp to disable Date, Last-Modified headers
- Allow multiple certs and keys in SSLCertificate, SSLPrivateKey

Changes since 3.7 beta 30
- Use system crypt(3) to allow stronger passwords than just DES
- Add SSLOCSPfile to support OCSP Stapling;
  External process (crontab with openssl ocsp) must keep content fresh
- Add SSLinfofile to support server certificate extension data;
  such as Signed Certificate Timestamps for Certificate Transparency
  Only works on systems with SSL_CTX_use_serverinfo_file() function

Changes since 3.7 beta 29
- Support HTTP redirection via 307 and 308 status codes
- Use 2048 bit keys size for temporary Diffie-Hellman keys
- Improve session db recovery

Changes since 3.7 beta 28
- Always generate DH and ECDH parameters: enables DH, ECDH key exchange
- Rename directories for database files -
  Counter data is no longer kept in the logs directory

Changes since 3.7 beta 27
- Add configure option --with-userid=user:group to set effective ID
- Add UseSSLSessionStore to allow SSL session resumption
- Add shared master key for session tickets, making tickets useful
  with different child processes and even load-balanced servers
- Add UseSSLSessionTickets to optionally disable session tickets

Changes since 3.7 beta 26
- Fix SSLCipherList option
- Add wildcard matching for SSL vhost names
- Add proxy directive for xsredir; like forward with a Via-header
- Add ProxyIdent option, similar to ServerIdent

Changes since 3.7 beta 25
- Add ContentSecurityPolicy option for .xsconf files
- ServerIdent option takes a new value "none"
- Remove SSLVhosts option: use SNI by default for all virtual hosts
  that have an SSLCertificate listed

Changes since 3.7 beta 24
- Add UseSTS option for HTTP Strict Transport Security support
  To use this, STSMaxAge must be set as well

Changes since 3.7 beta 23
- Add UseTrace option to disable HTTP TRACE
- Fix error handling in HTTP calls other than GET/POST
- Load full X.509 certificate chain from SSLCertificate file
- Disable TLS compression (mitigates against CRIME attack)
- Set a sensible default set of TLS ciphers

Changes since 3.7 beta 22
- Fix character set check
- Add ./ as .xsconf file prefix to only match files in the current directory
- Add ScriptUmask configuration option
- Fix variable initialisation and cleanup

Changes since 3.7 beta 21
- Fix potential crash in mod_ldap, by dean
- Fix non-critical HTTP headers with 30x redirects
- Add Date and Server headers in HTTP error messages
- Don't pass CGI command line arguments, unless UseScriptArgs is set
- Allow fnmatch-style wildcards in HostAlias configuration

Changes since 3.7 beta 20
- HtmlDir may again be relative to a user's home directory
- Set DOCUMENT_ROOT environment variable for CGIs

Changes since 3.7 beta 19
- Accept Range requests that exceed content size

Changes since 3.7 beta 18
- Fix POST handling when input is delayed
- Fix POST handling when script ignores the input
- Fix spurious SSL errors
- Users' dirs no longer allowed in vhosts unless UseUsers is set
- Honour Range headers for static content and auto-inflated data
  Currently only single-part range requests are executed
- Auto-inflated gzip data is no longer sent out in chunks

Changes since 3.7 beta 17
- Minor autoconf cleanups and better quoting
- Only log remote hostname if forward DNS IP matches connecting address
- Add LdapFilter for more flexible LDAP authentication lookups

Changes since 3.7 beta 16
- Fix compilation error in mod_perl
- HtmlDir and PhExecDir may again be relative to WWW_DIR (as before b15)

Changes since 3.7 beta 15
- Fix library linking order
- Write pidfile before daemonise (avoids race condition)
- Fix protocol module handler
- Add mod_htcpcp HTCPCP handling module
- Internal config directories/filenames are now always absolute pathnames;
  Config parser will reject filenames if the absolute path cannot be determined
- Default installation directories changed: no dashes, absolute pathnames
- Removed SystemRoot config directive and --rootdir compile option
- Quote ETag header as appropriate
- New 'error' directive in .redir files
- VHost block may contain both the RedirFile and HtmlDir directive

Changes since 3.7 beta 14
- Use REMOTE_ADDR from mod_rpaf for internal references as well
- Set QUERY_STRING even if it is empty
- Add DnsTimeout and DnsAttempts configuration options
- Modules can now read global configuration options as well

Changes since 3.7 beta 13
- Add mod_rpaf to enable reverse proxy address forwarding
- Add SSLCRLfile, SSLCRLpath, SSLCAlist options

Changes since 3.7 beta 12
- Include alternative for strndup() function

Changes since 3.7 beta 11
- Completely rewrite HTTP response header generation and handling
- Fix charset header suffix: only use with text/* documents
- Fix SCRIPT_FILENAME variable and #last-mod SSI for directory index files
- Fix SIGCHLD handling for CGI processes (ignore)
- HTCPCP/1.0 handling has been removed (due to return as module later)

Changes since 3.7 beta 10
- Modules can now modify HTTP response headers before sending
- Add mod_magic and MimeMagicFilename for extra mime-type detection

Changes since 3.7 beta 9
- Add SSLCipherList option - see ciphers(1)
- Missing User-Agent or Referer will be logged as "-" rather than ""
- Authenticated usernames will be recorded in access_log

Changes since 3.7 beta 8
- New ServerInfo option to set version string (full, branch, name)
- Pass along all HTTP headers when a forwarding proxy request

Changes since 3.7 beta 7
- Rename hier.layout to dirs.conf and shuffle configurable dirs

Changes since 3.7 beta 6
- Fix IconDir/ExecDir usage for vhosts
- Fix handling of unprivileged uid
- Fix mod_python for versions other than 2.5
- Fix mod_gzip dependency
- Fix mod_ruby initialization (enable component loading)
- Easier install directory configuration via hier.layout
- Abort configure when a selected package cannot be used

Changes since 3.7 beta 5
- Execute in .xsconf now works if script.methods is emtpy
- UseLocalScript now defaults to on (and is checked properly)
- Fix on-the-fly (de)compression: now works with large files

Changes since 3.7 beta 4
- Add UseGzipCompression to mod_gzip for on-the-fly compression
- Build mod_bzip2 by default

Changes since 3.7 beta 3
- Fix bug that caused internal: commands in .xsscripts to be ignored
- Add mod_gzip, mod_compress, mod_bzip to replace external binaries
- Add Content-MD5 trailers for CGI scripts

Changes since 3.7 beta 2
- Fix authentication module logic: all modules need to grant access

Changes since 3.7 beta 1
- Modules are now implemented as shared libraries
- Add Modules option to set which modules get loaded

Changes since 3.6 beta 24
- Fix LDAP authentication
- Introduce seperated modules (mod_ldap, perl, python, ruby)
- Make OpenSSL mandatory (removes 40 #ifdefs, 2 libcompat files)

Changes since 3.6 beta 23
- Clean up 'forward' syntax in .redir to match 'redir' command
- Include a replacement crypt() if libc, libcrypt and libssl fail
- Add NoPrivs option to .xsconf (and deprecate .xsuid)
- Enable Smashing Stack Protector (SSP) by default
- Fix parsing of empty lines in mime.types

Changes since 3.6 beta 22
- Fix possible build conflict caused by libmd and openssl
- Fix parsing of mime.types files

Changes since 3.6 beta 21
- Fix memory mismanagement in digest authentication verification
- Replace fgets(), fgetln() by friendlier fparseln() routine
  Include replacement functions for fgetln() and fparseln()
- Fix crash in https timeout handler
- Portability fixes (b20 doesn't work on many platforms)
- Tweak TCP options (especially for Linux systems)
- Add xspasswd -r option to remove accounts from password file

Changes since 3.6 beta 20
- Remove arbitrary string length limits for many configuration files,
  HTTP header messages and SSL certificate fields
- Add support for SSLVhosts (using TLS extension: Server Name Indication)
- Fix NULL-pointer dereference and string termination in HTML encoding
- Add UseSendfile option in httpd.conf to disable sendfile(2)

Changes since 3.6 beta 19
- Fix memory mismanagement in digest authentication verification

Changes since 3.6 beta 18
- Enable experimental ruby interpreter (internal:ruby)

Changes since 3.6 beta 17
- Fix parsing problem in run-cgi SSI (and maybe other places)

Changes since 3.6 beta 16
- Add index.xhtml and index.xml to default IndexFiles
- Improve url-encoding routine

Changes since 3.6 beta 15
- Fix escaping of user input used in HTML error messages;
  possible XSS abuse reported by Serge van den Boom
- Fix checks for pcre used by libxs

Changes since 3.6 beta 14
- Fix potential crash in server-side include parsing

Changes since 3.6 beta 13
- Always terminate SSL connection when reading from socket fails
- Add conditional ifenv option to .redir files

Changes since 3.6 beta 12
- Don't install empty docdir
- Shuffle internal structures (reduce global vars, getenv calls)
- Reject non-HTTP protocol specifiers

Changes since 3.6 beta 11
- Drop persistent connections after client read/write errors

Changes since 3.6 beta 10
- Add RedirFile configuration option for light-weight vhosts
- Sort qvalues in accept-* arrays
- Fake qvalues for */* and type/* when qvalues are not used

Changes since 3.6 beta 9
- Use original URL in rewriting rules before trying index.html
- Add PhIconDir option, analogous to PhExecDir

Changes since 3.6 beta 8
- Close unused CGI pipes (could block execution), by jilles

Changes since 3.6 beta 7
- Extend characters available for alternative setproctitle()
- Lock pidfile and don't start if somebody holds a lock
- Allow multiple arguments to Restrict and AuthFile
- Allow method selector in .xsconf blocks (e.g. only match POST)

Changes since 3.6 beta 6
- Improve configuration checks
- Fix include order and typechecks

Changes since 3.6 beta 5
- Enable FastCGI support again (experimental)
- Clean Perl and Python detection and initialisation (experimental)

Changes since 3.6 beta 4
- Shuffle configuration files
- Fix build outside source directory (wrt config.h)
- Fix sendfile on Linux
- Fix infinate read when content-length exceeds post data
- Portability fixes in function/library checking

Changes since 3.6 beta 3
- Remove outputbuffer and set TCP_NOPUSH (where available)
- Add 'passexist' redirection command

Changes since 3.6 beta 2
- Fix server-side include variable cleanup
- Use sendfile (where appropriate)

Changes since 3.6 beta 1
- Add http status code back to $ERROR_READABLE

Changes since 3.5 beta 31
- No functional changes

Changes since 3.5 beta 30
- Fix read errors with long POST content

Changes since 3.5 beta 29
- Make CGI header size dynamic (unlimited)
- Add default PathInfoScripts (imagemap, xschpass)
- Update manpages

Changes since 3.5 beta 28
- Fix basic authentication check
- Fix ldap authentication check

Changes since 3.5 beta 27
- Fix reading of stderr data from CGI scripts (could block CGI)
- Minor code cleanups

Changes since 3.5 beta 26
- Add -f filename option to xspasswd
- Change default of UsePut to true; document default settings
- Minor portability improvements
- Minor changes in server error messages (standard format)
- Add LogScript to log CGI script error messages

Changes since 3.5 beta 25
- Implement chunked requests (post and put) - also persistent
- Prompt for a passphrase when reading protected SSL key
- Honour Accept and Accept-Charset request headers

Changes since 3.5 beta 24
- Start webserver with httpdc start/restart even when not running yet,
  based on a patch by Ariane
- Fix list parsing and allocation
- #include virtual SSI can now run CGIs as well
- #include binary SSI to include unparsed content
- Implement HTTP PUT and DELETE support (experimental)

Changes since 3.5 beta 23
- Fix bug in HTTP/0.9 redirection
- Don't send headers with HTTP/0.9 error messages
- Rewrite list parsing routines (now filters q-values)
- Implement support for HTTP trailers with chunked transfers
- Implement Content-MD5 support (using libmd)

Changes since 3.5 beta 22
- Flush POST data buffer when CGI did not read it
- Move configuration file handling functions to separated files
- Don't send (zero length) body when CGI produces 304 status
- Fix timeout handling during blocking SSL_read
- Fix error handling on HEAD requests

Changes since 3.5 beta 21
- Fix library linking order for strict linkers
- Remove misplaced CGI error message
- Log CGI errors to the vhost specific error_log
- Fix redirect check with /~username (use /~username/ instead)
- Disable internal:fcgi for now (wasn't useful yet anyway)

Changes since 3.5 beta 20
- Fix If-(Un)modified-Since header parsing
- Add UseCoreDump and UseETag configuration options
- Implement ETag header and If-Match, If-None-Match handling
- Log 304 (not modified) status code

Changes since 3.5 beta 19
- Change to BSD style license (2 clause version)

Changes since 3.5 beta 18
- Fix time format in If-Modified-Since handling (caused 2hr offset)
- Add REQUEST_URI environment variable
- Avoid duplicated Pragma headers
- Don't fold Set-Cookie headers
- Include vhost name in error logging, by Ed Schouten

Changes since 3.5 beta 17
- Increase chunk size for files >12Mb
- Use srandomdev() where available
- Make sure redirects use absolute URLs
- Fix reverse DNS lookups

Changes since 3.5 beta 16
- Fix CGI Status header parsing

Changes since 3.5 beta 15
- Deal nicely with blocking write interrupts (don't abort write)
- Fix POST data handling broken by recent readlinemode changes
- Handle HTTP/1.1 TRACE requests
- New header parsing routines (understands multi-line headers)

Changes since 3.5 beta 14
- Fix config file parsing bug
- Removing lingering sockets using sendfrom
- Cleanup xschpass and enable digest password updates

Changes since 3.5 beta 13
- Fix read/write (error) handling; deprecate readlinemode
- Fix connection timeout when no data is exchanged yet
- Fix authentication header parsing

Changes since 3.5 beta 12
- Allow shell redirect or command line options in Execute argument
- Fix segfault in error message for non-existent user pages
- Discard the body from a CGI on HEAD requests
- Implement RFC 2617 digest auth with qop=auth, algorithm=md5
- Don't terminate child upon alarm when no data has been exchanged

Changes since 3.5 beta 11
- Fix $SCRIPT_NAME for secondary index files
- Add PathInfoScripts option to use $PATH_INFO uid for system CGIs
- Fix absolute pathnames in #include SSI
- Clean up xschpass and xscrypt
- Install xschpass by default again (not suid; with manpage)

Changes since 3.5 beta 10
- Fix convertpath() which was broken for long filenames
- Fix SSL environment vars (now available again to CGI)
- Fix $SCRIPT_NAME when PATH_INFO is supplied

Changes since 3.5 beta 9
- LDAP authentication directives moved to .xsconf
- SSL authentication directives added to .xsconf
- Use OpenLDAP 2.3+ function names
- Move all global configuration files to Rootdir/conf subdir
- Move icons back to Rootdir/icons and add IconDir config option
- Add option UseStrictHostname to check Host: headers

Changes since 3.5 beta 8
- Allow DSA keyfiles to specify DSA parameters instead of DH parameters
- Fix setting of PWD, SCRIPT_{,FILE}NAME for index file
- Add -x option to 'xsindex' to exclude certain files or file patterns
- Allow CGI output to start directly with content
- Include httpd_ssi and httpd_cgi manuals by Janjaap van Velthooven
- Enable PCRE support by default (where available)

Changes since 3.5 beta 7
- Simplify directory and file settings in configure and confuser.h
- Improve internal crypt() functionality and usage
- Fix file descriptor leak
- CGI changes
  - Fix PATH_TRANSLATED once again;
    support scripts gfxcount, imagemap, xschpass may now actually work
  - Pass all (unknown) headers as HTTP_* environment variables
  - Add QUERY_STRING_UNESCAPED environment variable (NCSA-compatible)
- Server-side include changes
  - Add optional 'format' and 'zone' arguments to 'date', 'date-format'
  - Implement 'encoding=url' argument to 'echo'
  - No longer accept arguments to 'printenv'

Changes since 3.5 beta 6
- Remove obsoleted command line arguments
- Remove SSI compile time option (now runtime configuration option)
- Remove IPv6 compile time option
- Add local IndexFile option to .xsconf
- Don't install xschpass by default; Install suid root if requested
- Remove broken user-name guessing from 404 error page

Changes since 3.5 beta 5
- Show 403 when .noxs/.xsauth/.xsconf exists, but is not readable
- First go at linking with a Python interpreter (--with-python)
- Change process naming: master will be MAIN-A
- Add support for UseAcceptFilter (using accf_http(9) on FreeBSD)

Changes since 3.5 beta 4
- Remember that icons should go into htdocs/icons
- Fix MD5 selection on systems with libmd
- Fix perl interpreter (compilation)
- Fix header corruption triggered by IndexFile selection for rootdir

Changes since 3.5 beta 3
- Resolve possible md.5 conflict between libmd and libssl (35b02)
- Fix library linking order for old systems (35b02)
- Rename --enable-perl to --with-perl
- Change default (unknown) mime type to application/octet-stream
- Fix authentication handling (first entry was ignored; 35b01)
- Add large file support (>2Gb)

Changes since 3.5 beta 2
- Fix a bug in chunked transfer encoding (35b01)
- Fix a bug in ./configure (35b01)

Changes since 3.5 beta 1
- Use MD5() from OpenSSL when MD5Data() is not available (Linux)
- Add p3pReference and p3pCompactPolicy options to set P3P header
- Add ContentLanguage option
- Move standard library replacement functions to libcompat
- Various portability fixes

Changes since 3.4 beta 26
- Include xsconf.1
- Change xspasswd: it now defaults to unlocked passwords
- Add xspasswd -d option to store password digests (default)
- Update agentstats (Ed)
- Add ScriptTimeout option to .xsconf
- Fix script error logging in system error log
- Implement RFC2069 Digest Authentication (with fresh nonces)

Changes since 3.4 beta 25
- Fix #if argument check when argument does not exist
- Rename .xsmatch to .xsconf
- Implement Restrict, MimeType, Execute, Charset in .xsconf

Changes since 3.4 beta 24
- Allow quoted whitespace in #if argument list
- Check for #set variables in #if var=...
- Allow preprocessor to handle global configuration file

Changes since 3.4 beta 23
- Delay setting PATH_TRANSLATED, making it work for index pages as well
- Add #set SSI option (set variables are available accross #include's)
- Make a distinction between  #echo var  and  #echo envvar
- Completely rewrite internal SSI argument parsing

Changes since 3.4 beta 22
- Force HTTP/1.0 on forwarded requests (avoid chunked data issues)
- Enable forwarded POST requests
- Enable forwarded HTTPS requests

Changes since 3.4 beta 21
- Fix compilation with LDAP support
- Support default .xsscripts interpreter program (using * as extension)
- Improve building on systems lacking some libc functionality
- Fix path used in redir (again)
- Document redirection support in xsredir(5)

Changes since 3.4 beta 20
- Workaround for file descriptor leak
- Fix ssl post writing error
- Fix path considered by redir and xsmatch
- Check for environment variables in SSI, with #if var="VAR" pattern(s)
- Fix 100 Continue response

Changes since 3.4 beta 19
- Fix another error in handling of writes
- Fix error handling for reading as well

Changes since 3.4 beta 18
- Fix write counter to avoid problems with HTTP/1.1 and non-blocking sockets
- Fix error handling for large writes

Changes since 3.4 beta 17
- Fix bug with default indexfiles on 64-bits arch
- Handle query_string in redirect parsing
- Gracefully handle missing compress.methods
- Allow multiple vhost entries for one SocketName

Changes since 3.4 beta 16
- SSL certificate files must be listed in the Socket section (not global)
- SocketName can now link with multiple Virtual entries (using SocketName)
- Virtual entries linked with SocketName won't be available on other sockets
- Wait for CGI binaries to terminate properly

Changes since 3.4 beta 15
- Increase (header) line buffer size
- Fix query string arguments with redirects
- Rename httpdc kill to stop - kill now forces quick termination
- Re-read entire configuration file upon httpdc reload
- Remove READBLOCK mode due to problems with requests streaming
- Remove superfluous warnings related to closing (HTTP/1.1) sockets

Changes since 3.4 beta 14
- Don't send error messages to closed sockets
- Remove the following global configuration options:
  UseCharset, UseRestrictAddr, UseVirtualHost, UsePcreRedir, UseLdapAuth
- Use fnmatch() rather than PCRE for .xsmatch rules
- Show a proper error message (403) for non-executable CGIs

Changes since 3.4 beta 13
- Remove Connection: close for CGI execution
- Fix uid handling for non-homedirs

Changes since 3.4 beta 12
- Fix Content-Length headers with error messages
- Default to persistent connections on HTTP/1.1
- Add 'forward' option to .redir to offload request to remote server

Changes since 3.4 beta 11
- Fix lockfile names in clearxs
- Fix error message on missing/bad hostname
- Fix HTTP/1.1 header compliance on CGI execution
- Send HTTP/1.1 chunked CGI/SSI output
- Increment several in/output buffers to speed up transactions

Changes since 3.4 beta 10
- Implement .xsmatch checking, based on a patch by Rink Springer
  It currently knows AuthFilename and AccessFilename directives
- Reshuffle functions that do .noxs .redir .xsauth (no functional changes)
- Remove mygetopt, mystring, procname
- Do litteral string matching rather than nothing when PCRE not available
- Fix PATH_TRANSLATED (again)
- Remove RLIMIT_MEMLOCK for CGI's: mlock() is now allowed

Changes since 3.4 beta 9
- Fix in xscounter updating, add xscat, add cleanup routines to reformatxs
- Fix stupid bug in SocketName handling which broke <Virtual> sections
- Add basis for FastCGI support (unfinished), by Remko van der Vossen
- Clean up SSL initialisation and termination

Changes since 3.4 beta 8
- Fix operation with OpenSSL 0.9.8
- Implement the <!--#echo variable--> server-side include
  This obsoletes #agent-short, #agent-long, #argument and #referer
- Document the <!--#printenv--> server-side include
- Add SocketName option to link a <Socket> to a specific <Virtual> entry
- Fix $ERROR_URL_ESCAPED environment variable

Changes since 3.4 beta 7
- Fix overwriting of counter lockfile
- Improved readline() boundary checking, by Dennis Payne
- Improved error handling in case SSL handshake fails
- Support reading of SSL DH parameters from cert (required for DSA certs)

Changes since 3.4 beta 6
- Fix file descriptor leak (upon https call of CGI outside cgi-bin dir)

Changes since 3.4 beta 5
- SSI counter format changed: run src/reformatxs before starting!
  It now stores timestamp of last view, so clearxs can remove old records
- Fix a bug in handling of script.methods in combination with .xsscripts

Changes since 3.4 beta 4
- Remove the less useful -D, -r command line options
- Clean up httpd, httpd.conf manual layout

Changes since 3.4 beta 3
- Fix SERVER_PORT variable
- Fix child SEGV on illegal request and other small bugs
- Browser definition updates from Ed

Changes since 3.4 beta 2
- Add SSLMatch[SI]DN config option to match client certs (PCRE req'd)
- Add $SSL_CLIENT_VERIFY information for SSLAuthenticate = optional
- Rename SSLAuthentication to SSLAuthenticate
- Add ScriptEnvPath configuration option to set $PATH for CGIs

Changes since 3.4 beta 1
- Support SSL client certificates (see SSLAuthentication)

Changes since 3.3 beta 35
- Reorder C replacement functions
- Allow reusable SSL sessions (untested)
- Fix late uid check that might cause confusing error message
- Remove $LOCALMODE environment variable; clean up others

Changes since 3.3 beta 34
- Once again fix handling of virtual uids

Changes since 3.3 beta 33
- Remove duplicated authorization checks for CGI
- Remove SSLv2 compatibility: keep SSLv3 and TLSv1
- Improve error handling, limit $ERROR_CODE cases

Changes since 3.3 beta 32
- Directory redirects are backwards compatible again (i.e. add filename)

Changes since 3.3 beta 31
- Fix compilation on NetBSD, by Ed Schouten

Changes since 3.3 beta 30
- Allow SSL certs per socket config. '-s' is now deprecated.

Changes since 3.3 beta 29
- Error messages are now valid xhtml, by Ed Schouten
- Fix domain detection and S_IFDIR on Linux, by Peter Koeleman
- Fix perl interpreter usage, by Peter Koeleman

Changes since 3.3 beta 28
- Allow comments in .redir and .noxs files, fix parsing

Changes since 3.3 beta 27
- Previous uid fix was broken, this one's better

Changes since 3.3 beta 26
- Use configured virtual host uid for non-user CGI binaries

Changes since 3.3 beta 25
- Added contrib/agentstats.pl for user agent statistics, by Ed Schouten
- PCRE and LDAP support are now *disabled* by default
- httpd -v option displays compiled in options (better than ldd guessing)
- Include PATH_INFO and QUERY_STRING info in access logging of CGI's
- Fix race condition in posting via https

Changes since 3.3 beta 24
- Fix handling of 'pass' in .redir files

Changes since 3.3 beta 23
- wwwstats.pl changed to show per domain averages
- Change how .redir with PCREs work (not backwards compatible)
- Allow server-side URL rewrites using .redir files and PCREs

Changes since 3.3 beta 22
- Allow multiple extensions in mime.types lines and ignore empty definitions
- Move supplied tools to contrib directory

Changes since 3.3 beta 21
- Fix handling of local .mimetypes files
- Include example vhost statistics script by Ed Schouten
- Log configured main vhost name, rather than client's Host: header

Changes since 3.3 beta 20
- Set $USER, $HOME and $PWD as users might expect

Changes since 3.3 beta 19
- Introduce strlcat, strlcpy (with replacement functions)
- Allow port indication in <Virtual> Hostname field:
  one can now use different configs (dirs) depending on the port number

Changes since 3.3 beta 18
- Fix session termination when entire POST has been read

Changes since 3.3 beta 17
- Fix missing SSL_CIPHER environment variable

Changes since 3.3 beta 16
- Workaround for possible race condition

Changes since 3.3 beta 15
- Include LDAP authentication patch by Rink Springer, see xsauth(5)

Changes since 3.3 beta 14
- Clean up temp files used during extracting of compressed data
- Add UsePcreRedir to interpret PCREs in *.redir files

Changes since 3.3 beta 13
- Add HostAlias option to define multiple hostnames with the same settings
- Add ScriptCpuLimit option to limit CPU abuse of CGI scripts (in mins)

Changes since 3.3 beta 12
- Pathnames containing // or /./ will now generate a redirect
- DNS lookups for logging can be disabled with UseDnsLookup

Changes since 3.3 beta 11
- Cleaned up SSL and moved to libxs.a as well (to do: cgi-ssl)

Changes since 3.3 beta 10
- Include local strsep and fix other replacement functions
- Revamped build system by using a libxs.a for general functions

Changes since 3.3 beta 9
- Added LogStyle 'virtual': combined log with http_host prefix

Changes since 3.3 beta 8
- Added IndexFiles configuration directive

Changes since 3.3 beta 7
- Style cleanup and minor bug fixes (thanks Janjaap)
- Document recently introduced features
- Fixed bug in https directory redirects

Changes since 3.3 beta 6
- Finally got rid of all the DECL* macros (thanks Janjaap)
- Also removed VOID, PROTO, NOFORWARDS, NONEWSTYLE
- Some compile warnings fixed

Changes since 3.3 beta 5
- Recursive .mimetypes
- Recursive .xsscripts

Changes since 3.3 beta 4
- Allow per directory .mimetypes

Changes since 3.3 beta 3
- Several patches to compile on other machines
- Added VirtualHostDir configuration directive. Please set this.

Changes since 3.3 beta 2
- Make default charset configurable
- Recursive check for .noxs and .charset files as well
- Parse IP or IPv6 prefix (CIDR-notation) in .noxs

Changes since 3.3 beta 1
- Recursive check for .xsauth files (probably not air-tight)
- SSL certificate files are a global setting
- Add charset=US-ASCII for text documents if unspecified

Changes since 3.2 gamma 1
- Remove superfluous double quotes from logs (rewrite as single quote)
- Allow configurable priority - and a separate prio for user CGI's
- Deprecate LocalMode option - use %u with full path in Users/HtmlDir

Changes since 3.2 beta 36
- Accomodate new autoconf (259) and automake (1.8) versions

Changes since 3.2 beta 35
- SERVER_NAME uses the requested HTTP_HOST instead of default hostname

Changes since 3.2 beta 34
- A 404 NOT FOUND error was returned when not appropriate
- Tested (and working) with PHP 5.0.0

Changes since 3.2 beta 33
- Last socket instance might have wrong settings
- HANDLE_SCRIPT and HANDLE_COMPRESSED can no longer be disabled at compile;
  set UseLocalScript or UseCompressed to false if you don't want it

Changes since 3.2 beta 32
- Fix a bug in naming logfiles (this broke httpdc reload)
- Prepare for DIGEST-MD5 support (not implemented yet)
- Make ScriptTimeout configurable

Changes since 3.2 beta 31
- The multiple sockets implementation did not work. Redone.

Changes since 3.2 beta 30
- Fix -p (port) command line option
- New option -N disables configuration file, logging and pidfile

Changes since 3.2 beta 29
- Enable logging through an external program, such as cronolog
- Support binding on multiple sockets simultaneously

Changes since 3.2 beta 28
- Deal with standard HTTP server headers supplied by CGI scripts
- Set SCRIPT_FILENAME to accomodate new PHP versions
- Don't serve *.[Rr]edir files
- Don't log errors to access_log, even when using an error CGI
- Use setproctitle() when available instead of setprocname() hacks

Changes since 3.2 beta 27
- Document the use of SSL in 'man httpd' and include SSL-Makefile

Changes since 3.2 beta 26
- Undo change in beta 25 which would lead to different counters being
  used for 'path/' and 'path/index.html'
- Don't set PATH_INFO for files w/o additional info

Changes since 3.2 beta 25
- <!--#last-modified--> now looks at the original URL
- Original URL is kept in $ORIG_PATH_INFO and $ORIG_PATH_TRANSLATED
  and restored to $PATH_INFO and $PATH_TRANSLATED when appropriate,
  instead of overwriting with <!--#include--> or <!--#run-cgi--> filenames
- New SSI <!--#printenv--> which takes an optional argument (for debugging)
- SCRIPT_NAME would be wrong for a directory index with arguments

Changes since 3.2 beta 24
- Fix typo that caused PATH_TRANSLATED and friends to be unset

Changes since 3.2 beta 23
- Fix small portability issues: now runs again on IRIX, Solaris, etc.
- httpdc uses PidFile setting from httpd.conf

Changes since 3.2 beta 22
- Fixed error handling for root and non-existant users
- Start up with an empty environment
- OpenSSL support is now compiled in by default if it is available
  use './configure --without-ssl' if this this is not desired
- Use new style autoconf scripts

[oops, missed a lot of changes here]

Patch peters@stack.nl
- When nesting <virtual>, complain about nesting <virtual> instead of <users>
- Added support for Username and Groupname directives inside <virtual>

Changes since 3.1 beta 4
- Pragma: no-cache would be omitted when required and vice versa
- Use Extended CLF logging format by default

Changes since 3.1 beta 3
- Use SO_REUSEPORT instead of SO_REUSEADDR
- Be RFC2324 compatible... well, sortof...

Changes since 3.1 beta 2
- Hook up with a perl library (experimental)

Changes since 3.1 beta 1
- Add internal:404 for file types that should never be shown (includes)
- Compile cleanly under Darwin

Changes since 3.0 beta 13
- Add a third directory index fallback: index.php
- Allow multiple password retries
- Use general /cgi-bin/error when virtual host doesn't have it
- Don't allow virtual host "."
- Change to current directory before running CGI or PHP
- Allow setting character set (using .charset files)

Changes since 3.0 beta 12
- Fix a uid check

Changes since 3.0 beta 11
- Preserve QUERY_STRING in directory redirects
- Optionally switch to user id for virtual hosts
- Fix nph-scripts
- Fix nph-scripts in combination with SSL
- Append port number in HTTP_HOST even when MSIE is used
- Don't show files in group/world writable homedirs
- Don't expect the user to always give -s as first argument
- A good rewrite for SSL handling routines (credits to Marc Olzheim)
- Minor cleanups

Changes since 3.0 beta 10
- Optionally display virtual hosts with euid of dir owner
- Fix bug which might allow source access to global /cgi-bin files
- Started work on a decent configuration file
- Fix possible abort when EWOULDBLOCK occurs during CGI write
- Work around broken Linux libs when IPv6 is not available
- Never show contents of .noxs files
- Send compressed data only when the browser expects it
- Several minor fixes/cleanups

Changes since 3.0 beta 9
- Critical: check for valid Host: header before using $HTTP_HOST
  pointed out by Mark Huizer and Martijn van Buul
- Remove the obsolete '#include virtual' server-side include
- Allow relative paths in '#include-file' SSI
- Only use tolower(c) iff isupper(c): critical on 2.11BSD
- Collapse // and /./ in requested path, but not in $QUERY_STRING
- Several small bug-fixes

Changes since 3.0 beta 8
- Several portability patches (compiles even on Cygwin/MS Windows)
- Detect more "features" (now including the domainname ;)
- Include strptime() library when required
- Send compressed files with the proper Content-Encoding headers
- Re-introduce header parsing (using a static buffer)
- Several small bug-fixes (thanks to Rob Essink)

Changes since 3.0 beta 7
- Fix default port selection on systems without getaddrinfo()
- Added optional define BROKEN_GETNAMEINFO (no offline check yet)
- Replaced old MAXHOSTNAMELEN by NI_MAXHOST (self-defined if needed)
- Removed/rewritten all functions that require libnsl
- Include files named mystring.h and mygetopt.h to prevent recursion
- Several small bug-fixes (now compiles clean on Solaris and IRIX)

Changes since 3.0 beta 6
- Easy to configure and install (using ./configure)
- Support for server-side includes in CGI binaries
- Allowing arbitrary CGI headers
- Rewrite and improvement of IPv6 support
- Added command line -f option for binding to a single iface
- Many small bug- and security-fixes

