Skip to content

Commit 830e6f5

Browse files
Merge branch 'release/4.4.10'
2 parents 61572d5 + da70d4c commit 830e6f5

14 files changed

Lines changed: 1092 additions & 195 deletions

CREDITS.rst

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
=======
2+
CREDITS
3+
=======
4+
5+
The mod_wsgi source code incorporates C functions for calculating memory
6+
usage from:
7+
8+
:Author: David Robert Nadeau
9+
:Site: http://NadeauSoftware.com/
10+
:License: Creative Commons Attribution 3.0 Unported License
11+
http://creativecommons.org/licenses/by/3.0/deed.en_US

MANIFEST.in

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ include configure
33
include LICENSE
44
include Makefile.in
55
include README.rst
6+
include CREDITS.rst
67
include src/server/*.h
78
include src/server/*.c
89
exclude src/server/apxs_config.py

docs/release-notes/index.rst

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ Release Notes
55
.. toctree::
66
:maxdepth: 2
77

8+
version-4.4.10.rst
89
version-4.4.9.rst
910
version-4.4.8.rst
1011
version-4.4.7.rst
Lines changed: 88 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,88 @@
1+
==============
2+
Version 4.4.10
3+
==============
4+
5+
Version 4.4.10 of mod_wsgi can be obtained from:
6+
7+
https://codeload.github.com/GrahamDumpleton/mod_wsgi/tar.gz/4.4.10
8+
9+
For details on the availability of Windows binaries see:
10+
11+
https://github.com/GrahamDumpleton/mod_wsgi/tree/master/win32
12+
13+
Bugs Fixed
14+
----------
15+
16+
1. Fixed a reference counting bug which would cause a daemon process to
17+
crash if both ``home`` and ``python-path`` options were specified at the
18+
same time with the ``WSGIDaemonProcess`` directive.
19+
20+
2. When using ``--https-only`` option with ``mod_wsgi-express``, the
21+
redirection from the ``http`` address to the ``https`` address was not
22+
setting the correct port for ``https``.
23+
24+
Features Changed
25+
----------------
26+
27+
1. Changed the default Apache log level for ``mod_wsgi-express`` to
28+
``warn`` instead of ``info``. This has been done avoid very noisy logs
29+
when enabling secure HTTP connections. To set back to ``info`` level use
30+
the ``--log-level`` option.
31+
32+
2. When specifying a service script with the ``--service-script`` option of
33+
``mod_wsgi-express``, the home directory for the process will now be set to
34+
the same home directory as used for the hosted WGSI application. Python
35+
modules from the WSGI application will therefore be automatically found
36+
when imported. Any directory paths added using ``--python-path`` option
37+
will also be added as search directories for Python module imports, with
38+
any ``.pth`` files in those directories also being handled. In addition,
39+
the language locale and Python eggs directory used by the hosted WSGI
40+
application will also be used for the service script.
41+
42+
3. When specifying ``--python-path`` option, when paths are now setup for
43+
the WSGI application, they will be added in such a way that they appear at
44+
the head of ``sys.path`` and any ``.pth`` files in those directories are
45+
also handled.
46+
47+
New Features
48+
------------
49+
50+
1. Added the ``--directory-listing`` option to ``mod_wsgi-express`` to
51+
allow automatic directory listings to be enabled when using the static file
52+
application type and no explicit directory index file has been specified.
53+
54+
2. In addition to the convenience function of ``--ssl-certificate`` for
55+
``mod_wsgi-express``, which allowed the SSL certificate and private key
56+
file to be specified using one option by specifying the command file
57+
name up to the extension, separate ``--ssl-certificate-file`` and
58+
``--ssl-certificate-key-file`` options are now also provided. These
59+
would either both need to be specified, or the existing
60+
``--ssl-certificate`` option used, when specifying that secure HTTPS
61+
connections should be used through having specified ``--https-port``.
62+
63+
3. Added the ``--ssl-ca-certificate-file`` option to ``mod_wsgi-express``.
64+
If specified this should give the location of the file with any CA
65+
certificates to be used for client authentication. As soon as this option
66+
is provided, the client authentication will be required for the whole site.
67+
This would generally be used in conjunction with the ``--https-only``
68+
option so that only a secure communication channel is being used.
69+
70+
If you do not wish for the whole site to required client authentication,
71+
you can use the ``--ssl-verify-client`` option to specify sub URLs for
72+
which client authentication should be performed.
73+
74+
4. Added the ``--ssl-environment`` option to ``mod_wsgi-express`` to enable
75+
the passing of standard SSL variables in the WSGI environ dictionary passed
76+
to the WSGI application.
77+
78+
5. Added the ``WSGITrustedProxies`` directive and corresponding option of
79+
``--trust-proxy`` to ``mod_wsgi-express``. This works in conjunction with
80+
the ``WSGITrustedProxyHeaders`` directive and ``--trust-proxy-header``
81+
option of ``mod_wsgi-express``. When trusted proxies are specified, then
82+
proxy headers will only be trusted if the request originated with a trusted
83+
proxy. Further, any IP addresses corresponding to a proxy listed in the
84+
``X-Forwarded-For`` header will only be trusted if specified. When
85+
determining the value for ``REMOTE_ADDR`` the IP preceding the last
86+
recognised proxy the request passed through will be used and not simply the
87+
first IP listed in the header. The header will be rewritten to reflect what
88+
was honoured with client IPs of dubious origin discarded.

0 commit comments

Comments
 (0)