In this issue

A second beta release of Apache 1.2 is now available. The version, called Apache 1.2b2, fixes some problems with auto-detecting operating systems, and adds support for some extra systems. There are also some minor bug fixes implemented.

The December Netcraft Server Survey shows that Apache is used on over 247,000 public web servers, over three times as many as the next most commonly used server, NCSA, with 76,210. The trend of recent months continues, with Apache and Microsoft IIS increasing survey share, and NCSA, Netscape and CERN decreasing.

Release: 1.1.1
Beta: 1.2b2 (Released 9th December)

• Some error conditions can cause processes to loop. When a segmentation violation or bus fault errors are sent to an Apache process, it tries to log the error with log_error(). However this function makes calls into the operating system, which can cause an infinite loop if the original error occurred in the same function. Signal setting code has been updated to avoid this.
• SSI variables (new in 1.2) are not parsed in directives.
• If the contents of an SSI directive includes shell variables (e.g. $1 inside an awk script) they are treated a SSI variables. Also double quotes cannot be included in the quoted string.
• The sample cgi script, test-cgi, contains a potential security flaw. This script is not installed by default, but if it is used it should be replaced by the fixed one from the 1.2b2 release.
• The response Content-Language header was misspelt.
• Problem executing CGI programs if suEXEC was being used and the request was for the main server (not a virtual host).
• Did not compile if "Rule STATUS=no" was set in the Configuration file.
• Using a semi-colon on the Content-Language line of a type-map file caused an infinite loop.
• Various proxy module fixes

• Occasional core dumps in includes module.
• Server sometimes loops on NeXT
• Old SVR4 systems can fail to send last part of response data

Apache 1.2 beta 1 was release on December 1st. Like previous releases, it has proved popular, even though it is a beta release. Many people have been waiting for this release for the new features and bug fixes. Given the large number of people who have tried it out, a considerable number of bugs have been reported. Most are minor, or related to OS specific issues.

By far the most reports come in about configuring Apache for various operating systems. Previously, Apache was configured manually by setting lines in the Configuration. Now a (mostly) automatic system detects the operating system being used, and configures things correctly. Although Apache comes with configurations for over 20 different systems, there are lots of varieties of Unix available, and many reports gave the information required to auto-configure for additional systems.

The systems which have updated configurations include: SunOS4, DG/UX, 64 bit Irix 6.2 (now compiles in 32 bit mode), Ultrix, UnixWare, SINUX, SCO5, NCR, QNX, NeXT, Solaris, ConvexOS, HPUX, OS/2, OSF/1. The next beta will include some more OS configuration changes.

The new 1.2b2 release has a new file in the Apache src directory, PORTING, which includes information about how to port Apache to new platforms. In most cases this is just a case of picking the correct set of OS-specific definitions.

Apache 1.2 supports HTTP/1.1, so it marks all its responses as being 'HTTP/1.1'. This was reported as a bug because it responds with HTTP/1.1 even if the request was from a HTTP/1.0 client. However this is the correct and desired behaviour, not a bug. It allows browsers which implement some features of HTTP/1.1, but not all, to know that the server they are talking to can use those features. This browser could not send HTTP/1.1 requests since it is not fully compliant.

Apache is currently in a 'beta release' cycle. This is where it is made available prior to full release for testing by anyone interested. Normally during the beta cycle no new major features will be added. The full release of Apache 1.2 is expected at the end of December or early in January.

A couple of contributed changes to Apache did not make it in before the start of the beta cycle. These are now available as 'patches' from the Apache site. There are two patches in this directory: the first adds an IndexOptions option to prevent Apache automatically providing a <HEAD>...</HEAD> section on indexes it creates. This let you place your own HEAD information into the HEADER.html file, which could include (for example) meta information for robots.

The second patch makes it slightly easier to change the number of characters displayed for each filename in a directory listing. In Apache, this is fixed at 23. This patch makes this into a #define, which can be changed and then Apache re-compiled.