Slashdot Mirror
Apache 1.3.32 Released
chipster writes "Apache 1.3.32 has been released. This version of Apache is principally a security and bug fix release. You can read about the new features here, and get Apache 1.3.32 here. Also available is the 1.3 ChangeLog. Additionally, to compliment this release of Apache, mod_ssl- 2.8.21-1.3.32 has also been released."
Good question. 1.3.32 is licenced under the 2.0 license: http://www.apache.org/licenses/LICENSE-2.0.txt
Thx ;-)
RedHat i386 RPMs are already available.
http://norlug.org/~chipster/rpm_index/cat1
Even though the 1.3.32 tarballs are available, it wasn't really officially released. The tarballs are placed there "early" so the mirrors can grab them and have them available before we release...
Shall I go on? The proxy and cache improvements alone were worth the upgrade to me. As far as problems with PHP, the pre-fork processing module retains the advantages of 2.0.x while retaining the robustness of PHP on 1.3.x.
There is absolutely no reason for a sane webmaster to use Apache 1.3.x on new installations unless they have an absolute showstopper incompatibility.
That said, 1.3.32 has the newer Apache 2.0 license, not the old one. So here you have the choice of the new license or older versions with bugs and security flaws.
Theo and his OpenBSD team have dropped support, it's true. Can you find the reason why? Is it because the FSF states that it isn't GPL compatible? No, that can't be it because the older license wasn't either. Could it be because of the patent termination clause -- if you put a patented algorithm in the code and sue someone over patent violation, you can no longer use Apache software? I never knew Theo and Co. to be in favor of protecting software patents in open source software. So why?
I was able to find this comment from Theo: "We've been clear: Their new license contains more stuff, and we do not accept MORE STUFF in licenses."
I'm sorry, that's a bullshit argument. Imagine if a group of lawmakers were writing code on the side to make their jobs easier, a group of professional programmers found a problem with the small program, submitted a patch, and the lawyers proclaimed, "We will not accept this new code patch because we lawyers can't understand it at first glance." It's the same thing here folks. If you want no legalese at all, you submit your code to the public domain and be done with it. Why do we have these licenses with legalese? Because the public domain isn't good enough in many regards. That's why the various open source and free software licenses exist. They are not present so that coders can sit back with a cup of tea by the fire reading them with enjoyment. They are formulated by a group of people working in the problem area in which they have specialized so that you and I don't have to reinvent the wheel badly. THIS IS THE SOLE REASON THE APACHE SOFTWARE FOUNDATION EXISTS!
The day I want Theo acting as my legal advisor is the day that I want OJ's lawyers hacking my production kernel. That said, the Apache 2.0 license is NOT that hard to understand. As for Theo's charge of containing "more stuff", that's like saying v1.0 of the Linux kernel is automatically better than v2.6.9 because they've added "more stuff" to the newer version.
As for the modular vs. monolithic tripe, what pray tell do you think 1.3.x is? See all those LoadModule directives in your httpd.conf file? Take away modules and Apache 1.3.x does NOTHING. What's that? You can compile modules in statically with 1.3.x? Guess what Einstein? You can also do it with 2.0.x. Apache 2.0.x is simply slightly more fine-grained modularity.
Regarding the speed and stablility argument, I call bullshit. 2.0.x is faster than 1.3.x under every metric I have seen used from dynamic content generation to flat file serving. Hell! Even server-side include processing is faster in 2.0.x. As far as stability, where is your data? Neither goes down for me. Then again, when running PHP apps, I use the pre-fork module because so
- I don't need to go outside, my CRT tan'll do me just fine.
Some differences:
/opt directory). It doesn't have a GUI interface though. I don't know why. Since the GUI only edits the 1.3.x config files and starts/stops the service, there is no technical reason why it couldn't be supported by the GUI. My guess is that Apple, just like any other company, has to pick and choose what it spends effort on. Opportunity costs and all that. They probably started development on the Admin GUI while 2.0.x was still relatively new and untested. At the time, supporting 1.3.x was a no-brainer.
1. mod_proxy has been completely rewritten so as to be fully compatible with HTTP/1.1
2. caching has been removed from mod_proxy and made into its own module, mod_cache, with a couple of implementations available
3. your choice of pre-fork (1.3.x model), single process/multiple threads, and various hybrids
As a point of fact, OS X Server comes with Apache2 as well (check your
The web accelerator's tendency to redirect clients to port 16080 in some configurations is annoying though. It makes me wonder if Apache2 configured as a reverse proxy and using mod_cache would work just as well.
As for your security concerns, switching to 2.0.x will not arbitrarily hand your bandwidth and personal files to everyone on the internet. File and Directory directives still apply.
- I don't need to go outside, my CRT tan'll do me just fine.
I'm sorry, that's a bullshit argument
it contains more unfree stuff in the license. that is the 'MORE STUFF' they will not accept into the tree
vodka, straight up, thank you!
Its the important modules: mod_ssl, mod_php, mod_perl, and various others are not all thread safe.