IBM Support

IBM HTTP Server for i upgrading to Apache 2.4.53 (IBM i 7.5 and IBM i 7.4)

News


Abstract

IBM HTTP Server for i upgrading to Apache 2.4.53 (IBM i 7.5 and IBM i 7.4)

Content

You are in: IBM i Technology Updates  > Web Integration on i News of Web Integration on IBM i > IBM HTTP Server for i upgrading to Apache 2.4.53 (IBM i 7.5 and IBM I 7.4)

The IBM HTTP Server on IBM i 7.5 and IBM i 7.4 are upgraded from Apache 2.4.34 to Apache 2.4.53. This update includes new enhancements and features for Apache 2.4. This upgrade is not a major version change for HTTP Server on IBM i 7.5 and IBM i 7.4 , which means:

1) No configuration-related changes that require the user to modify existing httpd.conf files after this move to Apache 2.4.53.

2) HTTP Server module APIs are updated in Apache 2.4.53 but that does not affect user plug-in modules (IBM and 3rd party) which means existing plug-in modules do not require recompiling for this move to Apache 2.4.53.

3) No updates to IBM i provided HTTP Server APIs

    Configuration APIs - QHTTPSVR/H (QZHBCONF)

    CGI APIs - QSYSINC/H (QZHBCGI)

Module Enhancements

Apache 2.4.53 has some updates and enhancements to existing Apache 2.4 modules. Following are some major enhancements in our HTTP server for IBM i 7.5 and IBM i 7.4.  

Core module
(1) Enforce consistently no response body with both 204 and 304 statuses
(2) New configuration option 'MergeSlashes on|off' that controls handling of multiple, consecutive slash ('/') characters in the path component of the request URL
(3) Set PCRE_DOTALL by default. Revert via RegexDefaultOptions -DOTALL.
(4) Add support for strict content-length parsing through addition of ap_parse_strict_length()
(5) Remove headers on 304 Not Modified as specified by RFC7234, as opposed to passing an explicit subset of headers
(6) Add ReadBufferSize, FlushMaxThreshold, and FlushMaxPipelined directives
(7) Add StrictHostCheck to allow unconfigured hostnames to be rejected
mod_brotli
Honor "Accept-Encoding: foo;q=0" as per RFC 7231; which means 'foo' is "not acceptable"

mod_dav_fs
Add "Digest" to FileETag directive, allowing a strong ETag to be generated that uses a file digest

mod_http2
(1) Configuration directives H2Push and H2Upgrade can now be specified per Location and Directory
(2) When SSL renegotiation is inhibited and a 403 ErrorDocument is in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED
(3) New configuration directive: 'H2Padding numbits' to control padding of HTTP/2 payload frames
(4) New option 'H2OutputBuffering on/off' which controls the buffering of stream output

mod_log_config
Support %{c}h for conn-hostname, %h for useragent_host

mod_proxy
Allow ProxyErrorOverride to be restricted to specific status codes
mod_proxy_connect
Honor the smallest of the backend or client timeout while tunneling
mod_proxy_hcheck
Allow healthcheck expressions to use %{Content-Type}
    
mod_reqtimeout
Allow to configure (TLS-) handshake timeouts

PTF support for Apache 2.4.53

IBM i 7.5: IBM HTTP Server for i Group SF99952 - level 2 

IBM i 7.4: IBM HTTP Server for i Group SF99662 - level 24

References

http://httpd.apache.org/docs/2.4/new_features_2_4.html

http://httpd.apache.org/security/vulnerabilities_24.html

https://tools.ietf.org/html/rfc7507

https://tools.ietf.org/html/rfc7540

[{"Type":"MASTER","Line of Business":{"code":"","label":""},"Business Unit":{"code":"","label":""},"Product":{"code":"SSB2FF","label":"HTTP Server for i"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
14 November 2022

UID

ibm16591121

Page Feedback