Slashdot Mirror
Apache 1.3.32 Released
chipster writes "Apache 1.3.32 has been released. This version of Apache is principally a security and bug fix release. You can read about the new features here, and get Apache 1.3.32 here. Also available is the 1.3 ChangeLog. Additionally, to compliment this release of Apache, mod_ssl- 2.8.21-1.3.32 has also been released."
Good question. 1.3.32 is licenced under the 2.0 license: http://www.apache.org/licenses/LICENSE-2.0.txt
Thx ;-)
RedHat i386 RPMs are already available.
http://norlug.org/~chipster/rpm_index/cat1
Not very long until 1.3.37!
everyday is another shooter.
1.3 ships with OS X (yes, I am one of those) and has always performed great. Plus, it is integrated in the operating system. I have always been curious about what advantages 2.0 might have and whether I should upgrade. I have installed it a couple of times, both from source and from binary but found it had to be executed from the shell. No big deal but the fact that I have not seen where anyone has integrated 2.0 into OS X's GUI web server makes me wonder why. I also do not want to ignorantly hand my bandwidth and personal files to everyone on the internet so I have been hesitant to simply jump in and begin serving with 2.0 without fully understanding what I am doing. (I am shell comfortable but not savvy.)
I appreciate anyone who is willing to share their experience or knowledge or has a good link.
Thanks.
Even though the 1.3.32 tarballs are available, it wasn't really officially released. The tarballs are placed there "early" so the mirrors can grab them and have them available before we release...
Shall I go on? The proxy and cache improvements alone were worth the upgrade to me. As far as problems with PHP, the pre-fork processing module retains the advantages of 2.0.x while retaining the robustness of PHP on 1.3.x.
There is absolutely no reason for a sane webmaster to use Apache 1.3.x on new installations unless they have an absolute showstopper incompatibility.
That said, 1.3.32 has the newer Apache 2.0 license, not the old one. So here you have the choice of the new license or older versions with bugs and security flaws.
Theo and his OpenBSD team have dropped support, it's true. Can you find the reason why? Is it because the FSF states that it isn't GPL compatible? No, that can't be it because the older license wasn't either. Could it be because of the patent termination clause -- if you put a patented algorithm in the code and sue someone over patent violation, you can no longer use Apache software? I never knew Theo and Co. to be in favor of protecting software patents in open source software. So why?
I was able to find this comment from Theo: "We've been clear: Their new license contains more stuff, and we do not accept MORE STUFF in licenses."
I'm sorry, that's a bullshit argument. Imagine if a group of lawmakers were writing code on the side to make their jobs easier, a group of professional programmers found a problem with the small program, submitted a patch, and the lawyers proclaimed, "We will not accept this new code patch because we lawyers can't understand it at first glance." It's the same thing here folks. If you want no legalese at all, you submit your code to the public domain and be done with it. Why do we have these licenses with legalese? Because the public domain isn't good enough in many regards. That's why the various open source and free software licenses exist. They are not present so that coders can sit back with a cup of tea by the fire reading them with enjoyment. They are formulated by a group of people working in the problem area in which they have specialized so that you and I don't have to reinvent the wheel badly. THIS IS THE SOLE REASON THE APACHE SOFTWARE FOUNDATION EXISTS!
The day I want Theo acting as my legal advisor is the day that I want OJ's lawyers hacking my production kernel. That said, the Apache 2.0 license is NOT that hard to understand. As for Theo's charge of containing "more stuff", that's like saying v1.0 of the Linux kernel is automatically better than v2.6.9 because they've added "more stuff" to the newer version.
As for the modular vs. monolithic tripe, what pray tell do you think 1.3.x is? See all those LoadModule directives in your httpd.conf file? Take away modules and Apache 1.3.x does NOTHING. What's that? You can compile modules in statically with 1.3.x? Guess what Einstein? You can also do it with 2.0.x. Apache 2.0.x is simply slightly more fine-grained modularity.
Regarding the speed and stablility argument, I call bullshit. 2.0.x is faster than 1.3.x under every metric I have seen used from dynamic content generation to flat file serving. Hell! Even server-side include processing is faster in 2.0.x. As far as stability, where is your data? Neither goes down for me. Then again, when running PHP apps, I use the pre-fork module because so
- I don't need to go outside, my CRT tan'll do me just fine.
Some differences:
/opt directory). It doesn't have a GUI interface though. I don't know why. Since the GUI only edits the 1.3.x config files and starts/stops the service, there is no technical reason why it couldn't be supported by the GUI. My guess is that Apple, just like any other company, has to pick and choose what it spends effort on. Opportunity costs and all that. They probably started development on the Admin GUI while 2.0.x was still relatively new and untested. At the time, supporting 1.3.x was a no-brainer.
1. mod_proxy has been completely rewritten so as to be fully compatible with HTTP/1.1
2. caching has been removed from mod_proxy and made into its own module, mod_cache, with a couple of implementations available
3. your choice of pre-fork (1.3.x model), single process/multiple threads, and various hybrids
As a point of fact, OS X Server comes with Apache2 as well (check your
The web accelerator's tendency to redirect clients to port 16080 in some configurations is annoying though. It makes me wonder if Apache2 configured as a reverse proxy and using mod_cache would work just as well.
As for your security concerns, switching to 2.0.x will not arbitrarily hand your bandwidth and personal files to everyone on the internet. File and Directory directives still apply.
- I don't need to go outside, my CRT tan'll do me just fine.
I'm sorry, that's a bullshit argument
it contains more unfree stuff in the license. that is the 'MORE STUFF' they will not accept into the tree
vodka, straight up, thank you!
It seems like most people are sticking with Apache 1.3.x instead of migrating to Apache 2.x.
I was wondering why this is. Is there something bad about the 2.x release, or are people simply sticking with what they know?
The old license (and the BSD license) only dealt with copyright, not patents. The Apache 2.0 license adds a patent clause.
If you get into a patent war with the ASF, you can't use ASF code anymore. This is terribly unfree? Apparently we have differing views on what "free" is. Since a software developer needs a cadre of patent lawyers on their side with the way things are going on the software patent arena, I for one welcome the clause. It allows me the freedom to compete and participate in a field that is steadily becoming more and more hostile to independent developers thanks to the USPTO and WIPO.
If he (Theo) has an argument with parts of the new license, then he should critique those parts of the new license. "More stuff" does not make an effective or lucid critique in my opinion nor does your assertion of "unfree stuff."
Unfree stuff like what? Be more specific. Convince me. Unfree stuff like what? Like the fact that the license is legalese? C'mon. That's laziness. It's what? 200 lines long? Spend an hour or two some evening going over it and be done with it. If there's something there that truly concerns you, let me know. I would like to know what you see as a problem.
- I don't need to go outside, my CRT tan'll do me just fine.