Changelog

&project; Mladen Turk Rainer Jung Henri Gomez Tim Whittington Changelog

This is the Changelog for Tomcat Connectors. This changelog does not contain all updates and fixes to the Tomcat connectors (yet). It should contain fixes made only after November 10th 2004, when the new documentation project for JK was started.

51417: Fix worker busy detection by querying the worker endpoint. Abandoned connections can leave a worker in busy state without decrementing busy counter. (mturk) 50339: Fix whitespace trimming when parsing attribute lists. (rjung) 41263: Support Servlet API getRemotePort(). Works for Tomcat 5.5.28, 6.0.20 and 7.0.0 and Apache and ISAPI plugins. (rjung) 41923: AJP: Close AJP connection to Tomcat on client write error when recovery_options 4 is specified, aborting the response write on the Tomcat side. (timw) AJP: Cap the lingering bytes that will be read when shutting down an AJP socket at 32k to prevent CPU spikes in the web server when a client aborts on a large response body. Also reduce total linger time to 2s. (timw) 50839: AJP: Fix 30sec CPU spike due to incorrect counting of lingering bytes causing a busy loop when a client aborts connection during a response write. Fixes regression in 1.2.31. (timw) LB: Forward worker activation state as request attribute "JK_LB_ACTIVATION". Possible values are "ACT" (active), "DIS" (disabled) and "STP" (stopped). (rjung) HTTPD: Forward WWW-Authenticate from backend when status is 401 and server generated error pages are used. (rjung) 50363: IIS: Prevent chunk encoding of empty message bodies for 204, 205 and 304 responses. (timw) 50975: IIS: Fix hanging of Transfer-Encoding: chunked requests when Content-Length header is present in request as well. Also addresses situation where IIS appears to create a Content-Length header for a small chunk encoded request when none was present in the original request. (timw) 47679: IIS: stop truncation of request headers when ISAPI redirector used as an extension without the corresponding filter installed. (timw) NSAPI: Use lower case header names for responses. Otherwise the web server might add chunked transfer encoding header in addition to our content length header. Docs: Improve load balancer documentation. (rjung)

49413: AJP13: Drop flush packets send by the backend after the response has been finished. (rjung) AJP: Log the local and remote socket address. (mturk) Watchdog: Move the maintain workers outside the critical section allowing other threads to use the connection pool during maintenance. (mturk) Common: Add svn revision to init log message. (rjung) Common: Don't destroy errno during trace logging. (rjung) Apache: Add support for Apache 2.3/2.4. (rjung) Apache: Added version number resource for mod_jk.so on Windows. (timw) 48501: IIS: Added rotatelogs style log rotation to ISAPI Redirector. (timw) 38895: IIS: Use RAW headers instead of CGI headers by default to prevent conversion of underscores '_' to hyphens '-' in header names. Old behaviour can be enabled by defining USE_CGI_HEADERS. (timw) 49511: IIS: Do not override IIS log information when subsequent requests on a keep-alive connection are not mapped into the ISAPI Redirector. (timw) Docs: Document SSLOptions needed for SSL information forwarding. (rjung) Docs: Grammar and style improvements and clarification about serving static content by IIS. Patch provided by André Warnier. (rjung) Docs: Update subversion paths used in docs. (rjung)

Apache: Improve compatibility with Apache 2.3. (rjung) 46632: Apache: Do not register child cleanup for our pools. (mturk) 46893: Apache: Log warning only if JkShmSize was actually set in the configuration. (mturk) IIS: Include optional chunking support. Off by default. (mturk) 48763: IIS: Do not send Content-Length when using chunked encoding or length larger 4GB. (mturk) 48223: IIS: Propagate correct backend error code to IIS. (rjung) 47867: IIS: crash during startup, when compiled with VS2008 and workers.properties contains unsupported properties. Patch provided by Indrek Juhani (rjung) 47628: IIS: Fix deadlock when restarting the Application Pool caused by not releasing the critical section lock. Patch provided by Bret Prucha. (mturk) IIS/NSAPI: Correct log file flushing after each line. (mturk) NSAPI: Add Microsoft Visual C++ Makefile. (mturk) AJP: Improve socket shutdown handling. (mturk) AJP: Ensure we never reuse a non reusable socket. (mturk) AJP: Tolerate a single excess packet when waiting for cpong. (mturk) AJP: Check protocol correctness more strictly. (mturk) 48410: AJP: Use poll instead select so we can work with more then 1024 sockets. (mturk) 46503: AJP/Status: Garbage data in worker domain and route. (mturk) 48276: AJP: When worker contact cannot be resolved mark the worker as disabled instead failing to start the server. (mturk) 48169: AJP: Improve CGI interoperability by closing all sockets during EXEC. (mturk) Status: Add number of open backend connections to status worker. This feature is experimental, the displayed value might not be accurate. (mturk) 47224: Status: When address gets changed invalidate all opened sockets in the endpoint cache. This will cause new backend connections to get opened using new address. (mturk) 48305: Status: Do not show "secret" property when doing dump. (mturk) 45610: Status: Don't accept requests with empty value for sub worker parameter. (rjung) 45610: Status: Fix erroneous unsetting of sticky_session and sticky_session_force when updating other load balancer attributes via the status worker. (rjung) 47222: Status: Add ping_timeout to the shared memory and allow dynamic configuration. (mturk) Status: Remove duplicate "errors" line in property view of AJP13 workers that are part of a load balancer. (rjung) LB: Fix route logging. (rjung) Logging: Automatically detect size of thread id for logging. (rjung) Logging: Add optional log file locking for Windows when defining JK_LOG_LOCKING. (mturk) Configuration: Update example configuration. (rjung) Docs: Update information about tools needed to create a release. (rjung) 47983: Docs: Fix typo in example config which breaks startup. (rjung) Build: Force copy of automake files. (rjung) Build: Tomcat code repository structure cleanup reflected in documentation and build script. (rjung, mturk)

Apache: Add more environment variables to overwrite request information. Useful in case a proxy is in front of Apache and sends us original request information e.g. via custom headers. (rjung) Apache: No longer preallocate entries for JK request log. (rjung) 46352: Apache: Fix crash when using SetHandler jakarta-servlet in VHost without any JkMount. Crash due to incorrect initialization of mount extensions. (rjung) Apache: JkWatchdogInterval had wrong interval calculation causing a 10 times higher watchdog interval then configured. (mturk) Apache: Activate forwarding of SSL key size by default. (rjung) 46169: Apache 1.3: Backport use_server_errors mount extension. (rjung) 46763: Apache 2.0: Survive the log mutex during graceful restart. Patch provided by Eiji Takahashi. (mturk) 46416: Apache 2.0 on Windows: Include mstcipip.h even if the apr doesn't include it. (mturk) IIS: Update uriworkermap.properties file on a regular interval. This requires both worker_mount_reload and watchdog_interval to be defined. (mturk) IIS: Remove obsolete entries from registry file. (mturk) 46579: IIS: Use local environment table instead environment variables for setting the JKISAPI_PATH and JKISAPI_NAME. (mturk) LB: Add new property error_escalation_time to fine tune escalation of local errors to global errors. (rjung) LB: If the sticky session affinity mark contains a dot, treat the part before the dot as the domain name. This allows to have full node session affinity with domain failover. (mturk) LB: make forced recovery work with local error states. (rjung) LB: Only update error state and error time, if we actually have a new state. (rjung) LB: Set global worker state to error when we reach max_reply_timeouts, or fail_on_status triggered hard error. (rjung) AJP: Add a new error type JK_AJP_PROTOCOL_ERROR. (mturk) AJP: Allow worker ports lower or equal to 1024. (rjung) AJP: Improve some AJP error log messages. (mturk) Status: Allow changing worker address and port of AJP workers. The address is resolved on next request for that worker. (mturk) Status: Allow update actions to show error messages in the result page. (rjung) Status: Refactor update actions. (rjung) Status: Do not redirect to the show or list page, if an error occured during an action. (rjung) Status: Include error time in display. (rjung) Status: Remove redundant port information from worker display. Rename address column and remove its explanation from the legend. (rjung) Status: Optimize forced uriworkermap.properties reload. (mturk) Status: Fix crash in text display. (rjung) Status: Show - Edit - Show always ends in single lb member show, even when started from all members lb show. (rjung) Status: Wildcards in sub worker names were broken for update actions. (rjung) Status: Add use_server_errors to map display. (rjung) SHM: Move locking into the data pull and push methods. (rjung) JNI: Deprecate JNI workers. (rjung) Netware: Missing define for MAX_PATH. Patch by Guenter Knauf. (rjung) Docs: Add a new HowTo page about reverse proxies. (rjung) Docs: Add an explanation of local error states to the timeouts documentation. (rjung) Docs: Clarify relation between socket_timeout and socket_connect_timeout. (rjung) Docs: Clarify IIS URL rewrite feature. (rjung) 46834,46734: Docs: Fix a couple of missing or broken links. (markt,rjung) Docs: Add 2008 news to main page and menues. (mturk, rjung)

46109: Decay reply_timeouts even when lb method is busyness. Also reset reply_timeouts during forced recovery. (rjung) AJP13: Recycle connection if previous request didn't complete. (mturk) Maintain should not run multiple times in parallel. (mturk) Apache: Fix small memory leak during restart. (mturk) Improve signal handling during socket shutdown. (mturk) URI Map: Add debug dump function for uri worker map. (rjung) Add revision number to version info for non-release builds. (rjung) IIS: Optionally allow chunked encoding for responses. At the moment only usable, if build with ISAPI_ALLOW_CHUNKING defined. Based on patch by Tim Whittington. (rjung) IIS: Optionally use raw headers instead of CGI headers. Fixes problem "underscore=dash" problem in header names. At the moment only available, if build with USE_RAW_HEADERS defined. (rjung) IIS: Optionally improve IIS 5.1 compatibility. At the moment only available, if build with AUTOMATIC_AUTH_NOTIFICATION defined. Based on patch by Tim Whittington. (rjung) IIS: Fix memory corruption due to parallel initialization by multiple threads. (rjung) Windows: Use non-default socket keepalive interval. (mturk) IIS: Add environment variables JKISAPI_PATH and JKISAPI_NAME. (mturk) Added socket_connect_timeout directive for setting the connect timeout for the socket. This enables to have low connection timeout but higher operational timeouts. (mturk) AJP13: [CVE-2008-5519] Always send initial POST packet even if the client disconnected after sending request but before providing POST data. In that case or in case the client broke the connection in a middle of read send an zero size packet informing container about broken client connection. (mturk) AJP13: Added connection_acquire_timeout directive for setting the absolute timeout the worker will wait for a free endpoint. (mturk) Apache: Allow to set path parameter used when doing JkStripSession. (mturk) Refactor retries implementation and change semantics of retries attributes. (mturk) Status: Allow showing only a single member for a load balancer. (rjung) Status: Add display of seconds since last statistics reset and access and transfer rates. (rjung) AJP13: Add a configurable retry_interval time. (rjung) Documentation: Enhance description of connection_pool_size. (rjung) IIS: Refactor error page generation. (mturk) IIS: SERVER_NAME variable can be the same for multiple different server instances if requests are handled according to the ip:port combination. Use INSTANCE_ID variable to which the request belongs instead. (mturk) Allow forwarding server error pages. This can be done on per-uri basis using new use_server_errors extension. (mturk) Added session_cookie and session_path for configuring default session identifiers. (mturk) Use max_packet_size also as TCP send and receive buffer size. (mturk) Apache: Do not allow Apache to start in multi-threaded mode if mod_jk was only build for single threaded server (prefork). (mturk) 45812: Add done() service method that causes sending EOS bucket for Apache httpd 2.x. This allows filter chain to work properly. (mturk) Added connection_ping_interval, ping_timeout and ping_mode directives. (mturk) Apache: Use correct ld flags provided by apxs when building module. Prevents some crashes on AIX for httpd 1.3 module. (rjung) Documentation: "val" attribute numbering in status worker needs to start with 0 instead of 1. (rjung) Documentation: Remove JNI parameters from sample configuration in the workers generic howto. (rjung) 45026: For Apache httpd 2.x add "Unknown Reason" as the reason phrase, if we get an empty one from the backend. Otherwise httpd 2.x returns status 500. (rjung) Build: Fix Cygwin build. (rjung) Documentation: Add info to docs, that variables sent via JkEnvVar are not listed in request.getAttributeNames(). (rjung) Add watchdog background thread for Apache 2.x and IIS doing internal maintenance (idle connection checks, backend probing). See JkWatchdogInternal (Apache) and watchdog_interval (IIS). (mturk) Change log level of some messages from error to info. (mturk) Documentation: Fix docs for worker attribute "secret". (rjung) Detect correct plugin name for various web servers via additional preprocessor defines. (rjung) LB: Do not put loadbalancer node in error state if there is opened channel. This fixes the bug when new connection fails due to busyness, causing opened connections fail stickyness. This brings back per-node busy counter and private state array for each request. We can mark the state as error for failover to work while still operating and reporting node as OK if there are opened working connections. (mturk) 44738: Fix merging of JkOption ForwardURI* between virtual hosts. Patch contributed by Toshihiro Sasajima. (rjung) URI Map: Add extension attributes to uri worker map. Allowed are reply_timeout, active/disabled/stopped and fail_on_status. Usage currently only implemented for httpd and IIS. (rjung+mturk) URI Map: Make dynamic reloading atomic and free memory not needed any longer. (rjung) Configure: Don't use post httpd 2.2.0 API functions when building with new --enable-api-compatibility configure switch. (rjung) Apache: JkAutoAlias does not work in combination with JkMountCopy if there are no JkMount in virtual host. (rjung) LB: Optimize state macros to improve performance. (rjung) Apache: Allow dynamic setting of reply timeout using the environment variable JK_REPLY_TIMEOUT. (rjung) Status: Add manageability for ajp parameters of ajp workers and ajp lb members. (rjung) Status: Change parameter names of update action to make them more easily distinguishable from other parameters. (rjung) Status: Add ajp worker statistics also for workers, that are not lb members. (rjung) AJP: Refactor factories, move ajp13/ajp14 common parts into ajp_factory. (rjung) Status: Only sync shm worker config values of the workers for which we changed values. (rjung) Status: Set lb_factor instead of distance. (rjung) Status: Minor layout changes, use drop down instead of multiple text links. (rjung) SHM: Use local copies of read mostly attributes of lb sub workers in lb and status worker. (rjung) Status: Add "dump" action to dump our initial configuration. (rjung) Status: Use property table to decide which cmd action uses which output elements. (rjung) Common: Include original configuration map in worker_env to make it available for workers, e.g. the status worker. (rjung) LB: Refactor "route" return for httpd note. Don't use a member of the worker_record, because that's not thread safe. (rjung) Common: Refactor "retries", remove from service and jk_worker, move into ajp worker instead. (rjung) SHM: Use distinct structs for lb and ajp13 in shm. Improves type safety and saves a few bytes. (rjung) SHM: Remove unused attributes. (rjung) SHM: Automatically determine shm size for all web servers. (rjung) SHM: Make open/attach logging consistent for all web servers. (rjung) Status: Include server local time in output. (rjung) 44116: Fix handling of multiple JSESSIONID cookies. (rjung) 37850: Use thread safe localtime_r where appropriate. (rjung) Use thread safe strtok_r on more platforms, especially AIX. (rjung) Status: Improve XSS hardening. (rjung) 35303: Move initialization of service members with defaults from web server specific code to our generic jk_init_ws_service() function. (rjung) 36385: Add missing prepost CPing/CPong directly after connect in case prepost CPing is used, but no connect CPing. (rjung) 37322: Apache: Enhance robustness of message formating in jk_error_exit(). (rjung) 44147: Multiple load balancing workers problem. (rjung)

42003: Allocate memory instead using fixed size from the stack. (mturk) 43229: Load balancer does not do fail over after reply timeouts. (rjung) JKStatus: Repair detailed Apache httpd version display. This was broken for httpd version 2.2.4+. (rjung) LB/AJP: Refactoring of jk_connect.c, jk_ajp_common.c, jk_lb_worker.c (rjung) Configure: Repair broken apxs auto-detection. (rjung) Configure: Remove trace logging from compiled code via new --disable-trace configure switch. (rjung) Common: Maintain idle connections in decreasing (LRU) slot order. (rjung) Apache: Create JK_WORKER_ROUTE and JK_REQUEST_DURATION notes for access log even if no JkRequestLogFormat is set. (rjung) JKStatus: Enhance URI to worker map listing for Apache httpd. We now list maps for all virtual servers and not only the one, in which JKStatus itself was called. (rjung) JKStatus: Enhance URI to worker map listing. Update stale uriworkermap.properties immediately. (rjung) 43873: Fix small memory leak occuring during httpd restart. (rjung) Common: Allow '*' for the worker name in exclusion rules (resp. JkUnMount) which will override all workers. (rjung) 42038: Correct overlay of mounts and unmounts for IIS. (rjung) 43684: Replace JkMountFile by JkMountFileReload in uriworkermap.properties docs. (rjung) Apache: Add new value "All" for JkMountCopy. (rjung) 43516: Memory leak for Apache httpd module of size 8KB for every virtual host without JK directive after each restart. (rjung) Apache: Cleanup init and destroy of server configuration. (rjung) Apache: Remove global configuration items from per server configuration. (rjung) Apache: Remove unused attributes secret_key and automount/JkAutoMount. (rjung) Cleanup of jk_uri_worker_map. (rjung) Documentation: Small additions to JkShmFile documentation. Contributed by Gerhardus Geldenhuis. (rjung) AJP13: Ignore flush packets before we received the response headers. (rjung) Fix crash during startup when using worker configuration inheritance (attribute "reference") and log level debug. (rjung) AJP13: Match header names exactly against pre defined constants. Avoid possible confusion with custom header names using a standard header name as a prefix. (rjung) jkstatus: Fix correct parameter validation at JkStatusUpdateTask and JkStatusUpdateLoadbalancerTask ant tasks. Reported by Christian Mittendorf. (pero)

IIS: Fix shm shutdown behaviour. (rjung) General: fail_on_status used in a load balancer can optionally do fail over without putting the failed worker in error state. (rjung) NSAPI: Improve build description for Unix. (rjung) NSAPI: Add initialization startup message containing JK version. (rjung) General: Declare static functions as static. (jim) Documentation: Clarify fail_on_status behaviour. (rjung) General: Do fail_on_status before returning the response headers. (rjung) NSAPI: Fix shm shutdown behaviour. (rjung) NSAPI: Set return status even if request ended with an error. (rjung) NSAPI: Allow using without shm_file on WIN32 and Netware. (rjung) NSAPI: Fix Crash of nsapi for log level debug and unset refect_unsafe. (rjung) NSAPI: Improve Solaris and Linux Makefiles for nsapi build. (rjung) Build: Improve pid_t type detection during configure on Solaris. (rjung) Build: Experimental build support for gcc on WIN32 and Netware. (fuankg) Build: Makefile optimizations for Apache httpd 1.3/Netware . (fuankg) General: Fix missing flush bug introduced in 1.2.24. (rjung)

Documentation: Improved workers.properties description in the reference guide. (rjung) Documentation: Add a HowTo about the various timeouts. rjung) Logging: add milliseconds to the default timestamp format, if we have gettimeofday(). (rjung) Apache: add milliseconds (%Q) and microseconds (%q) as possible JkLogStampFormat conversion specifiers. This does not use strftime(), but needs gettimeofday(). (rjung) IIS & Sun: Log service failures also, if return code is negative. (rjung) 42849: Abort startup of Apache httpd 1.3 in case mod_jk initialization failed. We already do the same for Apache httpd 2.x. (rjung) 42849: Refuse to operate with IIS in case the initialization failed. Instead requesting isapi_redirect.dll 500 will be returned to the user. This is as closest as it can get to Apache Httpd where we refuse to start the server in case of fatal initialization errors. (mturk) Load Balancer: Fix a deadlock in lb worker, which was exposed on Solaris for threaded Apache MPMs. (rjung) Logging: handle LWP IDs as 32 Bit unsigned. Try to make it work, although pthread IDs are opaque. (rjung) JkStatus: Added manipulation of max_reply_timeouts. (rjung) LB, Status: Add feature max_reply_timeouts, to make lb tolerant against occasional long running requests. (rjung) JkStatus: Added OK/IDLE as the successor of N/A. (rjung) Status worker: Renamed runtime states. All states have a major state (OK or ERR) and a substate. Changed the name N/A to OK/IDLE. Added docs about the meaning of the states to the status worker page in the reference guide. No new states have been added to code. (rjung) Common: Add recovery options for recovering idempotent http methods HEAD and GET. (rjung) Correct documentation for worker attributes retries and recovery_options. (rjung) Make writing log lines and line endings more atomic. (rjung) Common: Refactored and unified jk_map_read_prop* and jk_map_load_prop* for all use cases. (rjung) Common/Apache/IIS/Netscape: Add an option to check decoded URLs for potentially malicious constructions. (rjung) IIS: Document auth_complete and uri_select. (rjung) Apache/IIS/Netscape: Change the default forwarding encoding to the new proxy method. (jfclere, rjung) Common: Optionally reencode URIs before forwarding to the backend. Based on the URI reencoding done bei httpd mod_proxy. (jfclere, rjung) Common: auto-detect correct print format for pid_t. This fixes at least compiler warnings on Solaris. (rjung) 42608: Handle Content-length as unsigned 64Bit to allow for huge up- and downloads. (rjung) Apache: Add forwarding uri to debug log. (rjung) Docs: Clarify relation between worker names and jvmRoute for load balancing. (rjung) Use initial zero timeout for jk_is_socket_connected. The resulting detection is the same but offers a huge performance increase with mod_jk. In most cases the Operating System does not favor the 1 microsecond timeout, but it rather rounds that up to much higher value (frequency of interrupt timer which on most systems defaults to 100Hz). Patch provided by David McLaughlin. (mturk) NSAPI: Check correct log file and shm file configuration during startup. (rjung) NSAPI: Add support for the general options concerning retries, flushing and connection persistance. (rjung) NSAPI: fix crashes due to use of mount attribute in workers.properties. Changed initialization order. (rjung) Improved handling of libtool and discrepancies between CC env variable and CC used during apache build by configure script. (rjung) Always build with thread support, unless flag --enable-prefork is set during for configure. (rjung) Use snprintf/vsnprintf from ap_snprintf.c for platforms other than Windows, which might lack snprintf/vsnprintf implementations when NOT build for Apache httpd 2.x/APR (e.g. Sub Web Server) or without using configure. (fuankg) Imported ap_snprintf() from Apache 1.3. (fuankg) Fix incorrect log object cleanup during statup, leading to crashes at least on iSeries. (rjung) Add jk_stat() and jk_file_exists() as wrapper functions. i5/OS V5R4 expects filename in ASCII for fopen but requires them in EBCDIC for stat(). (hgomez) i5/OS (AS/400) V5R4 port where Apache 2.0 modules should now use UTF8. (hgomez) Docs: Add comments on i5/OS build for V5R4 and previous releases. (hgomez)

[CVE-2007-0450] and [CVE-2007-1860]: Change the default value of JkOptions to ForwardURICompatUnparsed. The old default value was ForwardURICompat. This should make URL interpretation between Apache httpd and Tomcat consistent (prevent double decoding problems). (rjung)

Refactor line endings logging to make it correct for all platforms and webservers. (mturk) Added command line windows make files. (mturk) Allow fail_on_status directive to be multi line. (mturk) 42076: Fix name of new option from ForwardCertChain to ForwardSSLCertChain as documented. (rjung) Docs: Fix a couple of typos, change format of a few tables, fix links to news pages. (rjung) Fix correct URL for TC 6 examples in new IIS rewrite.properties configuration example file. (rjung) Add svn properties to several files. (rjung) Add TC 6 examples to uriworkermap.properties in config examples. (rjung) Allow multiple status codes for fail_on_status directive. The status codes can be delimited by space or comma characters. (mturk) IIS. Added pcre like regular expressions for url rewrite rules. (mturk) 41922: Apache 1.3. Enable JkEnvVar. (mturk) Apache. Add --enable-flock configure parameter for explicit compilation of faster flock() system calls for OS supporting those calls. By default the fcntl system call for locking will be used that is a little bit slower but it can work on NFS mounted volumes as well. (mturk) 41562: Add Debug logging for read from client in ISAPI Redirector. Contributed by Tim Whittington. (mturk) Apache. Add ForwardSSLCertChain JkOption. Contributed by Patrik Schnellmann. (mturk) IIS. Do not forbid access to web-inf or meta-inf if there is no mapped worker. This allows to have resource with those names that are outside mapped contexts. (mturk) Apache. Use process id for creating shared memory name and delete shared memory and shared memory lock files on exit. (mturk) IIS. Fix Keep-Alive regression introduced in 1.2.21. (mturk) Delete unused check for empty init_map during startup. (rjung) 41770: Fix startup error if no JkWorkersFile is used. (rjung) Use JK_TRUE/JK_FALSE instead of OK/!OK as return values in init_jk(). (rjung) Minor adjustments to apache startup log messages (when to use STDERR, remove deprecated NOERRNO flag, shm warning and warnings for usage of default files). (rjung) Replace APR precompiler directive by httpd mpm_query to detect MPM threading. Add a debug log message about auto-detected pool size. (rjung) Make MMN check easier to understand and a little more precise (for new ap_get_server_banner()/ap_get_server_description()). We use the new API only for Apache httpd 2.3. This way our binaries are not tightly coupled to a minor 2.0 version, and we don't use ap_get_server_banner() any way. (rjung) Use the full description string ap_get_server_description() instead of the truncated info from ap_get_server_banner(), because this info gets used internally (status worker display and ajp14 backend communication) and is not send back to the normal user. (rjung) 41757: Document the "--enable-prefork" flag of configure. (rjung) Enhance log messages for failures when parsing attribute maps. (rjung) Correct log message during worker initialization, in case remote host could not be resolved. We logged the default host name "localhost" instead of the configured one. (rjung) 41770: Fix the second part of the bug: local_worker and local_worker_only is missing from the list of deprecated attributes (and not supported either), so prevents the web server from startup. (rjung)

[CVE-2007-0774]: A denial of service and critical remote code execution vulnerability. Caused by buffer overflow in map_uri_to_worker() when URL were longer that 4095 bytes. Reported by ZDI (www.zerodayintiative.com). Please note this issue only affected versions 1.2.19 and 1.2.20 of the Apache Tomcat JK Web Server Connector and not previous versions. Tomcat 5.5.20 and Tomcat 4.1.34 included a vulnerable version in their source packages. Other versions of Tomcat were not affected. Check the worker. parameters and don't start if the parameter is not a valid one. (jfclere) 41439: Allow session IDs to get stripped off URLs of static content in Apache by adding JkStripSession directive (configurable per vhost). (mturk) Change semantics of empty defaults for JkEnvVar variables. Until 1.2.19: not allowed. In 1.2.20: send variables as empty strings, if neither set to non empty in config, nor during runtime. Starting with 1.2.21: If config has no second argument only send variable if set (even when set to empty string) during runtime. Allows good combination with condition attribute in tomcat access log. (rjung) 41610: Fix incorrect detection of missing Content-Length header leading to duplicate headers. Contributed by Boris Maras. (rjung) Better build support for SunONE (Netscape/iPlanet) webservers. (jim) Add warning if duplicate map keys are read and are not allowed, e.g. when parsing uriworkermap.properties. (rjung) Don't concat worker names, if uriworkermap.properties has a duplicate pattern, instead overwrite the worker. (rjung) Log deprecation message even in duplication case. (rjung) uriworkermap.properties: Fix off-by-one problem when deleting URL mapping during reloading of uriworkermap.properties. (rjung) 41439: Allow session IDs to get stripped off URLs of static content in IIS (configurable). (rjung) 41333: Refactoring isapi_plugin configuration reading. (rjung) 41332: Add some more errno logging and unify the format. (rjung) JkStatus: Improved logging by adding status worker name to messages. Added messages to the recover worker action. (rjung) JkStatus: Refactoring searching for workers and sub workers. (rjung) 41318: Add configuration to make status worker user name checks case insensitive. (rjung) JkStatus: Add estimated time until next global maintenance to other mime types and adopt jkstatus ant task. (rjung) JkStatus: Show estimated time until next global maintenance. Change displayed time until next recovery to a min/max pair. (rjung) JkStatus: Allow a user of a read/write status worker to switch it to and from read_only mode temporarily. (rjung) JkStatus: Do not show read/write commands in a read_only status worker. (rjung) JkStatus: Allow lb sub workers in error state to be marked for recovery administratively from the status worker. (rjung) Load Balancer: Do not try to recover multiple times in parallel. Use additional runtime states "PROBE" and "FORCED". (rjung) JkStatus: Improve data synchronization between different processes. (rjung) 41381: Fix segfault in feature fail_on_status (wrong order of log arguments). Patch by Juri Haberland. (rjung) Use correct windows line endings for log file on WIN32 platform. (rjung)

JkStatus Ant Task documentation page. (pero/rjung) JkStatus Ant Tasks: Add new tasks for update and reset. (pero) JkStatus Ant Tasks: Update for new xml status format. (pero) Allow integer and string values when setting enumeration/boolean attributes via status worker update action. (rjung) Docs: New reference guide page for status worker. (rjung) Docs: Renaming the config dir to reference and using the title Reference Guide in the docs. (rjung) Added retry_on_status for workers directive. (mturk) Status Worker: Add directive to make property prefix and good/bad rule configurable. (rjung) Status Worker: Omit lb members when att=nosw. (rjung) Status Worker: New command cmd=version for a short version output. (rjung) Status Worker: New output stype mime=prop produces property lists. (rjung) Apache: Fix incorrect handling of JkEnvVar when Vars are set multiple times. (rjung) Renamed jvm_route to route. Deprecated jvm_route, but still use it as fallback when parsing the worker configuration. (rjung) IIS: Make uriworkermap file reload check interval configurable. (mturk) Apache: Make uriworkermap file reload check interval configurable. (rjung) Status Worker: Add directives for customizing the XML output (ns, xmlns, doctype). (mturk) Docs: New page with description of uriworkermap. (rjung) Docs: Added short description of max_packet_size to worker reference. (rjung) Status Worker: All functions accessible also for xml and txt mime types (list, show, update, reset). (rjung) Status Worker: New global health indicators for load balancers named bad (error, recovering or stopped), degraded (busy or disabled) and good (the rest, active and OK or N/A). (rjung) Status Worker: New edit page, to change one attribute for all members of a load balancer. (rjung) Status Worker: Standard logging for status worker. (rjung) Status Worker: code refactoring. (rjung) Status Worker: New attribute user (list) denies access, if the request user in the sense of remote_user is not in this list. Empty list = no deny (rjung) Status Worker: New attribute read_only disables the parts of the status worker, that change states and configurations. (rjung) 36121: Don't change main uri when mod_jk serves included uri. (markt) Apache VHosts: Merge JkOptions +base - -base + +vhost - -vhost. (rjung) Apache Docs: Adding requirements, context information, default values and inheritance rules to the Apache config documentation. (rjung) Status Worker: Add source type to status worker, remove the redundant "context" column in the map listing (context=uri). (rjung) uriworkermap: On reload of the file, all old entries from the previous file version get deleted, before the new ones are being read. (rjung) Keep normal maps and exclusion maps internally separate. Don't treat them as the same when adding a rule. (rjung) Status Worker: Display mapping rules also for non-lb workers and in global view. (rjung) Apache VHosts: Use the vhost log files instead of the main log. (rjung) Apache VHosts: Allow individual timestamp formats by refactoring the formatting method. (rjung) Apache VHosts: Adding all missing config items to the virtual host level. Don't overwrite the settings from the global server, but inherit them in case they are not set in the virtual host. (rjung) Apache: remove unnecessary function names from log messages. (rjung) Apache: add a default log file location and a message, if the default gets used. (rjung) Apache: add missing JK_IS_DEBUG_LEVEL() (rjung) Apache VHosts: Allow JkWorkersFile, JKWorkerProperty, JkShmFile and JkShmFileSize only in global virtual server. (rjung) Add some more jk_close_socket() and reduce log level for some info messages. (rjung) Load Balancer: Added the Sessions strategy. Contributed by Takayuki Kaneko. (rjung) Docs: Minor enhancements and syncing with more recent versions. (rjung) 40997: Separate uri mappings from their '!' counterpart when checking for duplicates in uriworkermap reloading. (rjung) 40877: Make sure the shared memory is reset on attach for multiple web server child processes. (mturk) IIS: Added shm_size property to be able to deal with over 64 workers configurations. (mturk) IIS: Increase default thread count to 250, so its the same as Apache Httpd default configuration. (mturk) 40966: Fix socket descriptor checks on windows. (mturk) 40965: Initialize missing service parameters. (mturk) 40938: Fix releasing of rewrite map. Thanks to Chris Adams for spotting that. (mturk) Apache: Added +FlushHeader JkOptions. (mturk) Added explicit flush when AJP body packet size is zero. (mturk) 40856: Fixing case sensitivity bug in URL mapping. (rjung) 40793: Documentation: Improvements to Apache HowTo provided by Paul Charles Leddy. (markt) 40774: Fixing wrong recursion termination. This one restricted the "reference" feature unintentionally to 20 workers. (rjung) 40716: Adding "reference" feature to IIS and Netscape. (rjung) Documentation: Corrected SetEnvIf syntax in JK_WORKER_NAME example. (rjung) Documentation: Added forgotten STATE and ACTIVATION notes for load balancer logging in Apache. (rjung) Apache: Use instdso.sh instead libtool: libtool does not work on HP-UX for example. (jfclere)

Docs: Add SetHandler and new env var to Apache config docs. (rjung) Apache 1.3: Backport "no-jk" feature. (rjung) Apache: Add an environment variable to make SetHandler "jakarta-servlet" more useful. The variable is JK_WORKER_NAME, but can be changed by the new directive JkWorkerIndicator. (rjung) LB: Don't use single worker shortcut, if the single worker is being diabled. (rjung) Status worker: Add short explanation of activation and error states to legend. (rjung) Docs: Add meaning of zero timeout values for various timeouts in workers.properties. (rjung) LB: Cleanup of Mladens forced recovery. (rjung) LB: Do not change lb_value for recovering workers to max, if we are using BUSYNESS method. (rjung) Apache: Since 1.2.14 mod_jk failed to detect client abort. (rjung) Docs: Corrected description of JkEnvVar. (rjung) Solaris: Detect filio.h in configure to make the new connection detection build on solaris (r432825). (rjung) Add feature to force the recovery of workers that are member of loadbalancer if all the members are in error state. This fixes the time gap where 503 was returned caused by recovery_timeout although the backend was ready to handle the requests. (mturk) Docs: Seperate deprecated directives in their own table. (rjung) Docs: Allow "-" and "_" in worker names. (rjung) Allow multiple lines with attributes "balance_workers" and "mount". (rjung) Make jk_is_some_property match more precisely. (rjung) JkStatus: Make refresh interval changeable. (rjung) JkStatus: Adjust display of recover time wrt. global maintenance. (rjung) LB: Resetting worker state from OK to NA, if worker has been idle too long. (rjung) Avoid compiler warnings concerning the use of lb_*_type arrays. Use functions instead. (rjung) Added %R JkRequestLogFormat option for Apache 1 and Apache 2. (mturk) Allow changing jvm Route from status manager. (mturk) Do not retun 400 if Tomcat fails in the midle of the post request. Return 500 insted. (mturk) LB: Combine ok/error/recovering/busy runtime states into a single scalar. (rjung) LB: Combine active/disabled/stopped configuration states into a single scalar. (rjung) LB: Add several Apache notes to enable standard logging for load balancer results. (rjung) LB: Reorganisation of the main load balancer service loop. (rjung) Implement hierarchical worker configuration via attribute "reference". (rjung) Log deprecated properties. (rjung) IIS: Fix simple_rewrite for the cases where the rewritten url is larger then the original one. (mturk) New JkOption "DisableReuse" to disable connection persistence. (jim) LB: Move sessionid retrieval out of get_most_suitable_worker into service. (rjung) Code cleanup for all service methods (use TRACE, JK_LOG_NULL_PARAMS, null pointer checks). (rjung) JKSTATUS: add refresh link. No refresh for updates. Redirect to list view after update. (rjung) Add new hook add_log_items into servers. (rjung) APACHE httpd: Rename apache logging notes. (rjung) LB: Rename lock and method constants. Add constants for defaults. (rjung) Default log level should be INFO and not DEBUG. Default log level should be the same for all server types. (rjung) Make rewrite_rule_map and log_level as non mandatory directives for isapi_redirect. (mturk) 40107: Rewrite is_socket_connected function. Non blocking socket is not used any more. (mturk) Allow building with VS2005 without too many warnings. (mturk) Decide by MMN, which piped log API we should use. mod_jk 1.2.18 broke compilation with Apache 1.3 pre 1.3.28. (rjung)

Using socklen_t in getsockopt. Also introducing jk_sock_t. (mturk) Allow recovery wait time below 60 seconds (new minimum is 1 second). (mturk)

Fix hanging jk status worker when certain attributes are being updated due to double locking. (rjung) Allow JkMount to behave like uriworkermap.properties by parsing pipe symbol as two directive marker. (mturk)

Added simple rewrite capability for IIS. Although simple it will fulfill most needs. (mturk) Added RECOVER_ABORT_IF_CLIENTERROR recovery_option that closes the connection if client connection is broken during the request. (mturk) Renamed cache_timeout directive to connection_pool_timeout. (mturk) Added connection_pool_minsize directive. (mturk) Deprecate recycle_timeout directive. (mturk) Corrected some HTML syntax bugs in output of status worker. (rjung) Added the refresh=n parameter to the status worker. It will update the display every n seconds. (rjung) Balancer: Add attribute distance to balanced workers to express preferences between workers. (rjung) Balancer: Add attribute jvm_route to balanced workers to be able to use the same target in different balancers. (rjung) Status: Add lb_mult to status. (rjung) Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors for weights. (rjung) Balancer: Improve locking. (rjung) Balancer: Workers start slower after recovering. (rjung) Balancer: Make different balancing strategies work in a similar way (use lb_value, use decay during global maintenance, use integer factors lb_mult for weights). (rjung) Balancer: Move recovery check to global maintenance. (rjung) Balancer: Add global maintenance method, that is called in only one process. (rjung) Extend our use of autoconf to find a 32Bit and a 64Bit unsigned type and their printf formats. (rjung) Logging: piped loggers for JkLogFile and Apache 1.3. (rjung) Logging: Add PID to log lines for each log level apart from REQUEST. (rjung) Logging: flush buffered logs to keep lines in correct order. Output final newline together with log message. (rjung) Reducing shm size. (rjung) Only log removing of old worker, when we actually do it. (rjung) 37469: Fix shared memory close for forked childs. The shared memory will be closed by the parent process. (mturk) 37332: Fix potential misuse of buffer length with snprintf functions. (mturk) 38859: [CVE-2006-7197] Protect mod_jk against buggy or malicious AJP servers in the backend. Patch provided by Ruediger Pluem. (mturk) 38889: Use worker map sorting depending on the path elements, to comply with Servlet spec. Patch provided by Steve Revilak. (mturk) 36138: Added Busyness lb method. Patch provided by Chris Lamprecht. (mturk) Fix pessimistic locking mode. The patch correctly handles the burst load, by syncing the access to the shared memory data. (mturk) 38806: Reclycle worker even if it is disabled. This fixes hot-standby workers in error state. (mturk) 37167: Allow building with BSD-ish like make. (mturk) ISAPI plugin (isapi_redirect.dll) did not provide correct request data for IIS to include in the IIS log. (markt)

Fix AJP13 Cookie2 parsing. Cookie2 was always send as Cookie. Patch provided by Andre Gebers. (mturk) 35862: NSAPI plugin attempts to read freed memory and attempts to dereference a null pointer. Patch provided by Brian Kavanagh. (markt)

Fix lb for worker mpm's with cachesize set to lower number then ThreadsPerChild is. If retries is set to value larger then 3 sleep for 100 ms on each attempt. This enables to tune the connection cache, and serialize incoming connections instead returning busy if connection count is larger then cachesize. (mturk) 36525: Solaris core dump. (mturk) 36102: Worker actions do not persist. (mturk) 35864: Status worker doesn't list workers. Patch provided by Martin Goldhahn. (mturk) 35809: JkMountCopy don't work for Apache 2.0 Patch provided by Christophe Dubach. (mturk) 35298: Multiple JK/ISAPI redirectors on a single IIS site are not supported Patch provided by Tim Whittington. (mturk)

34397: Emergency was handled as Error. (jfclere) 34474: // in URL were not handled correctly with Apache-1.3. (jfclere) Use 64 bits int for transferred/read bytes. Added JkOptions +FlushPackets used to optimize memory usage when sending large data. (mturk) Added lock directive for load balancer that allows more acurate load balancing in case of burst load. (mturk) Added worker.maintain directive to allow customizing default 10 second timeout. On busy servers this value needs to be set on higher value. (mturk) Fix for NetWare compiler to deal with different types between AP13 and AP2 SDKs. (fuankg) Emit much more legible user.dmp crash analysis output for WIN32. (wrowe) 34558: Fix first failover request. (mturk)

Added ForwardLocallAddres JkOptions flag for passing local instead remote address. Useful for remote addr valve. (mturk) Fix that worker not used, when stopped flag is true. (pero) Add loadbalance default worker secret attribute to the documentation (pero)

Backport SC_M_JK_STORED from JK2 for passing arbitrary methods instead failing the request. (mturk) Added missing SEARCH and ACL http methods. (mturk) Add worker secret attribute to the documentation (pero) Add a stopped flag to worker configuration. Set flag True and complete traffic to worker is stopped. Also update the Ant JkStatusUpdateTask at Tomcat 5.5.10 release. Only usefull in a replicated session cluster.(pero) Added worker maintain function that will maintain all the workers instead just the current one. This enables to recycle the connections on all workers. (mturk) Use shutdown when recycling connections instead hard breaking the socket. (mturk) Add unique directives checking. The directives if unique are now overwritten instead concatenated. (mturk) Allow multiple worker.list directives. (mturk) 34577: For IIS log original request instead loging the request for ISAPI extension. (mturk) 34558: Make sure the returned status codes are the same for ajp and lb workers. (mturk) 34423: Use APR_USE_FLOCK_SERIALIZE for setting log lock on platforms like FreeBSD. Patch provided by Allan Saddi. (mturk) 33843: Fix obtaining LDFLAGS that were used for building Apache HTTPD. Patch provided by Beat Kneubuehl. (mturk) 34358: Enable load balancer method configuration. (glenn) 34357: In some situations Apache 2 mod_jk could segfault when the JkAutoAlias directive is used. (glenn) Add --enable-prefork to the documentation (pero)

Set default shared memory to 64K instead 1M. (mturk) Do not mark the worker in error state if headers are larger then AJP13 limit. (mturk) On Series you should use the latest PTF for Apache 2.0 (which is now 2.0.52) and ad minima SI17402/SI17061 or cumulative including them. (hgomez) Change the xml status format to xml attribute syntax (pero) 33248: Fix builds where apxs defines multiple directories for APR includes. (mturk) 32696: Return 404 instead 403 when WEB-INF is requested to comply with Servlet spec. (mturk) Added ANT task for managing jkstatus. (pero) If socket_timeout is set, check if socket is alive before sending any request to Tomcat. (mturk) Added JkMountFile for Apache web servers. This file can contain uri mappings in the form (/url=worker), and is checked for updates at regular 60 second interval. (mturk) Added status worker for managing worker runtime data using web page. (mturk) Added load balancer method directive that is used for setting the algorithm used for balancing workers. Method can be either Request (default) or Traffic. (mturk) Added shared memory to allow dynamic configuration. Shared memory is needed only for unix platform and web servers having multiple child processes. For Apache web server two new directives has been added (JkShmFile and JkShmSize). (mturk) Added textupdate mode to status worker to handle remote updates from ant tasks.(pero) 33562: Fix Reply_timeout when recovery_options is larger than 1. Patch provided by Takashi Satou. (mturk) 33308: Fix segfaults when ForwardDirectories is enabled with Apache 1.3

Allow anyone to debug and diagnose stack dumps using windbg or any other debugging tool, and (if they add the .pdb files to their installation) to make sense of dr watson logs. Patch provided by William A. Rowe (wrowe) Fix in_addr_t usage by using the real struct ignoring typedef. Patch provided by William A. Rowe (wrowe) Fix url rewriting by restoring the in place uri from which the jsessionid was removed. (mturk) Make load balancer algorithm thread safe by introducing mutex to the load balancer worker. (mturk) Fix sending error pages for IIS to client by adding Content-Type header using correct api function call. (mturk) 32696: Prevent IIS from crushing when web-inf url was requested. (mturk) Use default cachesize for servers that support discovering the number of threads per child process. (mturk). Fix Apache content-length header parsing using case insensitive compare. (billbarker) Fix parsing AJP headers using case insensitive compare. (mturk) Use infinite socket timeout if socket_timeout is set to zero or less then zero. (mturk) Change balanced_workers to balance_workers but keep backward compatibility preserving the old directive. (mturk). Fix ajp initialization for workers with cache_size set to zero. (mturk) 32317: Making mod_jk replication aware (Clustering Support). Patch provided by Rainer Jung. (mturk). 31132: Core dump when JkLogFile is missing from conf. (mturk)

Added new property named recover_time that can be used to change the default 60 second recover time. (mturk) Added custom retries for worker, so we don't depend on default setting. If set to a number grater then 3, it will sleep for 100ms on retry greater then 3 and then try again. (mturk) Added JkWorkerProperty directive that enables omiting workers.properties file. For example: JkWorkerProperty worker.ajp13a.port=8009. (mturk) Check all JSESSIONID cookies for a valid jvmRoute. If you have multiple Tomcats with overlapping domains, then you can get multiple cookies without a defined order. This will route correctly as long as the different domains don't have any Tomcats in common. (billbarker) Added JkUnMount directive for negative mappings that works as opposite to JkMount directives. It is used for blocking of particular URL or content type. (mturk) Added wildchar match uri mappings. One can now use JkMount to map /app/*/servlet/* or /app?/*/*.jsp. (mturk) Rewrite the logging by adding Trace options. (mturk) Added socket_timeout property that sets the timeout for the socket itself. (mturk) Changed socket_timeout property to recycle_timeout. This better explains what the directive actually does. (mturk) Changed the load balancer algorithm. The idea behind this new scheduler is the following: lbfactor is how much we expect this worker to work, or the worker's work quota. lbstatus is how urgent this worker has to work to fulfill its quota of work. We distribute each worker's work quota to the worker, and then look which of them needs to work most urgently (biggest lbstatus). This worker is then selected for work, and its lbstatus reduced by the total work quota we distributed to all workers. Thus the sum of all lbstatus does not change.(*) If some workers are disabled, the others will still be scheduled correctly. (mturk)

JK2 has been put in maintainer mode and no further development will take place. The reason for shutting down JK2 development was the lack of developers interest. Other reason was lack of users interest in adopting JK2, caused by configuration complexity when compared to JK.