In this issue

Apache Site: www.apache.org
Release: 1.3.4 (Released 11^th January 1999) (local download sites)
Beta: None

Apache 1.3.4 is the current stable release. Users of Apache 1.3.3 and earlier should look at upgrading to this version. Read Guide to 1.3.4 for information about changes between 1.3.3 and 1.3.4 and between 1.2 and 1.3.4.

These bugs have been found in 1.3.4 and will be fixed in the next release.

• The macro escape_uri was renamed to ap_escape_uri but no backward compatibility was provided from the old name. PR#3725.
• Using the mod_speling module where there were lots of possible matching files caused Apache to use more memory than a linear relationship to the amount of data being handled.

Patches for bugs in Apache 1.3.4 will be made available in the apply_to_1.3.4 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

Currently under development is a way of allowing processes to share memory. At present, the "parent" process can allocate memory and when the children are created they have access to a copy of that memory. However changes that the children make cannot be seen by other children or the parent, or vice-versa. (Note that if the children do not make changes then this memory is not actually copied, on most operating systems).

Some modules would like to be able to shared memory between child processes (and between the child processes and the parent) where any child or the parent could update the memory. The code currently under development would let modules create an area of shared memory and allocate memory from it. This would typically be done by the parent process. The child processes would then inherit the pointers to the allocated memory. Now if the parent changes the contents of the memory, the children can see the changes, and vice-versa.

There are lots of potential uses of shared memory between processes. For example, various sorts of caches to avoid repeating information in multiple processes, access counts and statistics, serialisation of access to external resources, global limitations based on things like number of accesses for particular IP addresses, and so on.

It has not yet been decided if this code will be incorporated into the next version of Apache.

In all current releases of Apache for Windows, passwords in .htpasswd files are stored unencrypted. This is because Windows does not contain a standard function for encrypting strings (on Unix, the crypt() function does this). Now string encryption has been added to Apache using the MD5 algorithm. This means that encrypted passwords can now be used with Apache. The Apache server and the htpasswd program have both been updated to work with MD5 encrypted passwords. On Windows, all passwords will now be encrypted with MD5. Unix will default to using crypt() for encrypting passwords, although it is possible to use MD5 instead (using the new -m option to htpasswd).