Release Notes - Axis2/C Version 2.0.0¶
Version 2.0.0 is a major release that includes 17 years of accumulated fixes and improvements since version 1.6.0 (2009). This release resolves over 115 issues from the Apache Jira issue tracker.
Bug Fixes¶
| Issue | Summary |
|---|---|
| AXIS2C-787 | axutil_qname_to_string serialize with the prefix |
| AXIS2C-936 | On incomplete response message, the client receives response data for the elements up to the error, but no indication of the error |
| AXIS2C-1001 | Axis2/C Stress tests fail |
| AXIS2C-1005 | dual clients report an error in log |
| AXIS2C-1153 | memory leak in code generated by WSDL2C, op not freed in axis2_stub_populate_services_for_myService |
| AXIS2C-1182 | adb_XXXX_add_nodes(_XXXX, env, _Y) FAILURES |
| AXIS2C-1192 | axis2c dual sample clients give a memory corruption in consecutive execution |
| AXIS2C-1197 | CodeGenerationException thrown without info about input files problem |
| AXIS2C-1204 | memory leak for In-Only message with no parameter |
| AXIS2C-1214 | memory leak when server returns an error |
| AXIS2C-1217 | multiple memory leaks on the client side |
| AXIS2C-1222 | Axis2/C AXIOM libxml2 parser frees the IO context before calling the AXIS2_CLOSE_INPUT_CALLBACK |
| AXIS2C-1224 | Error in WSDL2C while generating stubs in C |
| AXIS2C-1227 | engine not freed when server return an error |
| AXIS2C-1236 | Memory issues in Axis2/C service client |
| AXIS2C-1239 | Build failure in freebsd |
| AXIS2C-1258 | memory leaks in when using tls |
| AXIS2C-1261 | When several fire and forget sends are done using svc client it segfaults |
| AXIS2C-1262 | Leaking a axiom_soap_envelope_t in axiom_soap_builder_create error path |
| AXIS2C-1275 | Axiom default namespace serialization and deserialization are not compatible |
| AXIS2C-1289 | Incorrect deserialization when the first child is an empty element |
| AXIS2C-1294 | Same handler inserted in two places |
| AXIS2C-1312 | axis2_http_client_connect_ssl_host() cannot make an https connection through http proxy when the proxy requires authentication |
| AXIS2C-1338 | "make install" overly eager |
| AXIS2C-1339 | Wrong unique class names generation |
| AXIS2C-1342 | When enable "persistOperationContext" parameter in axis2.xml, server crashes |
| AXIS2C-1353 | Externally passed configuration context and service should not be freed within service client |
| AXIS2C-1355 | Changing service client options between messages |
| AXIS2C-1367 | sprintf format I32d not supported by Visual C++ 6.0 |
| AXIS2C-1373 | Name matching fails with choice element |
| AXIS2C-1374 | adb generated code has warnings |
| AXIS2C-1376 | Lots of memory leak in axis2/c library |
| AXIS2C-1378 | operation name is corrupted by the time it reaches dispatcher |
| AXIS2C-1379 | typedef done too late in special cases - CADBBeanTemplateHeader.xsl |
| AXIS2C-1388 | Memory leak AXIS2C |
| AXIS2C-1390 | When creating the build.sh script for C-language the flatten-file option is not properly used |
| AXIS2C-1401 | WSDL2C produces to WSDL2JAVA incompatible ADB-Binding for WSDL file |
| AXIS2C-1403 | Code generation having problem in Windows |
| AXIS2C-1404 | MTOM does not work with CGI installation of Axis |
| AXIS2C-1408 | axis2_dep_engine_load_client exits with the env status to AXIS2FAILURE |
| AXIS2C-1411 | thread_unix and thread_windows inconsistency as for axutil_thread_exit |
| AXIS2C-1421 | adb-bindings for typeless parameter only gives access to the first element if passed an array |
| AXIS2C-1447 | axutil_hash_free() should free using ht->env |
| AXIS2C-1465 | crash in axis2_http_sender_configure_proxy_auth |
| AXIS2C-1475 | Bad interaction between AXIS2_XML_PARSER_TYPE_BUFFER, axiom_soap_body_has_fault and XML escape sequence |
| AXIS2C-1482 | excessive retrying by client if server busy |
| AXIS2C-1486 | ADB generated code generates memory leak |
| AXIS2C-1490 | axiom_soap_builder_construct_node should check that the Header element is in a Soap namespace |
| AXIS2C-1491 | memory leak at axis2_dep_engine_get_svc_dir |
| AXIS2C-1492 | maximum value of xsd:unsignedInt cannot exceed maximum value of signed integer (2147483647) |
| AXIS2C-1495 | An error found while receiving www-form-urlencoded parameter values sent by POST method in REST style |
| AXIS2C-1499 | double-freeing in axis2_http_worker_process_request() |
| AXIS2C-1506 | 3 bugs in C code generation (invalid characters in c tokens, cyclic inclusion and uppercase-lowercase mismatch) |
| AXIS2C-1507 | SOAP Exception fields not available |
| AXIS2C-1508 | function axutil_strtol in util/src/types.c can't convert negative number from string |
| AXIS2C-1509 | The response message from axis2/c has not charSet in the ContentType |
| AXIS2C-1513 | C-language using unwrapped code does not compile |
| AXIS2C-1515 | WSDL2C: generated code in axis2_svc_skel_invoke() should not set error on NULL return value |
| AXIS2C-1516 | code generated from WSDL2C is not compiling |
| AXIS2C-1519 | WSDL2C with xml mapping generates client code with memory leak |
| AXIS2C-1520 | Unknown Error when using diacritic marks in XML request element value |
| AXIS2C-1527 | Local to UTC time calculation wrong |
| AXIS2C-1529 | wsdl2c generates skeleton code with memoryleak inside |
| AXIS2C-1531 | Last POST char truncated |
| AXIS2C-1532 | Last POST parameter is skipped when it has no value |
| AXIS2C-1533 | Redundant redeclarations and undefined macros |
| AXIS2C-1534 | XML writers handle errors differently, add char offset in case of errors |
| AXIS2C-1535 | Getting HTTP Status Code as 0 instead of 408 |
| AXIS2C-1536 | guththila stucked with empty XML comments |
| AXIS2C-1537 | HTTP server crashes during shutdown |
| AXIS2C-1539 | Initialization/finalization of libxml2 in wrong place |
| AXIS2C-1540 | axis2/c does not build on Mac OS X |
| AXIS2C-1542 | Memory leak in axis2c generated code |
| AXIS2C-1546 | Logging of long input/output messages contains garbage data on Windows |
| AXIS2C-1548 | WSDL2C generates improper code |
| AXIS2C-1550 | HTTPS using axis2c.xml or embedded axis2 lib does not work with SSL authentication |
| AXIS2C-1551 | Crash when reusing svc_client with non-blocking call |
| AXIS2C-1555 | Proxy authentication not working when using HTTPS |
| AXIS2C-1559 | axiom_node_to_string() doesn't return elements containing special latin characters |
| AXIS2C-1564 | axutil_uri_parse_string() only parses URLs, not URIs |
| AXIS2C-1566 | Client sends cookie only just after server sends Set-Cookie header |
| AXIS2C-1567 | F_OK not defined with MacOSX builds |
| AXIS2C-1568 | In keep alive mode, client reuses a connection even if the connection has already closed |
| AXIS2C-1573 | Generated code failed to compile when the type names in WSDL has '.' |
| AXIS2C-1574 | Generated code has duplicate property_Type definitions |
| AXIS2C-1575 | Generated code has undefined variables qname_uri and qname_prefix |
| AXIS2C-1579 | Wrong xsi:type in the response |
| AXIS2C-1580 | Generated code crashed when it deserializes 'any' type |
| AXIS2C-1581 | Generated code creates bad action in multi-parts request |
| AXIS2C-1584 | Asynchronous call crashes and memory leaks |
| AXIS2C-1586 | Memory leak in axis2_http_worker_process_request (http_worker.c) |
| AXIS2C-1590 | axiom_attribute reference counting broken |
| AXIS2C-1591 | axiom_element_add_attribute and duplicate names |
| AXIS2C-1593 | Strange handling of xsi:type in requests |
| AXIS2C-1595 | Memory leak in http_worker.c: array_list allocated by axutil_tokenize() |
| AXIS2C-1596 | Memory leaks in http_transport_utils.c |
| AXIS2C-1605 | sockets are being left in CLOSE_WAIT state by client when using SSL |
| AXIS2C-1608 | Segmentation fault when HTTP request includes multiple cookies in a cookie HTTP-header |
| AXIS2C-1609 | memory leak in axutil_hash_first() / axutil_hash_next() in generated xml deserializer code |
| AXIS2C-1613 | No error is set during deserialization when an unexpected NULL value is return |
| AXIS2C-1614 | Stop deserialization process when a required attribute is missing |
| AXIS2C-1616 | Conflict with data type names |
| AXIS2C-1617 | Fixes for memory leaks in generated code |
| AXIS2C-1618 | Error by reading SSL-stream |
| AXIS2C-1622 | echo_rest sample seg fault with libcurl |
| AXIS2C-1626 | query string not passed when http get rest without soap |
| AXIS2C-1632 | Patch to fix Stability issues and memory leaks on hash keys |
| AXIS2C-1635 | Fix for various memleaks & corruptions |
| AXIS2C-1651 | Static-WSDL retrieval does strange string operation |
| AXIS2C-1659 | Segmentation fault in axutil_hash_find_entry |
| AXIS2C-1662 | mod_log may corrupt the node list (on a chunked fault) |
| AXIS2C-1664 | Memory leak when replacing value of item in hash table |
| AXIS2C-1669 | Misc patches for mem leak, REST Call, SSL, XPATH |
| AXIS2C-1670 | Contents of every file in current directory read during axis2_stub_create_with_endpoint_ref_and_client_home() |
| AXIS2C-1672 | Build error on MacOSX |
| AXIS2C-1685 | Unable to serialize/deserialize object, wrong element type or null node |
| AXIS2C-1696 | Document GTest-related build requirements |
| AXIS2C-1699 | Wrong C code generation for sequence types |
| AXIS2C-1700 | Enable SSL/TLS peer name validation by default |
| AXIS2C-1701 | Memory leak on duplicate XML namespace declaration |
| AXIS2C-1702 | Memory leak in http transport |
New Features¶
| Issue | Summary |
|---|---|
| AXIS2C-677 | Clone method required for axiom_node |
| AXIS2C-1181 | Unable to support MTOM for code generation with adb |
| AXIS2C-1383 | Ability to select the interface(s) that the axis2_http_server listens at for http requests |
| AXIS2C-1484 | Allow servers to bind to custom address only instead of INADDR_ANY |
Improvements¶
| Issue | Summary |
|---|---|
| AXIS2C-1187 | HTTP Authentication related code should be moved to a separate method |
| AXIS2C-1328 | Implementing new transport to optimize Axis2/C when used in a multi-threading client environment |
| AXIS2C-1330 | Prevent name clashes when using multiple services that happen to have identical named items |
| AXIS2C-1371 | Axis should log libcurl debug information |
| AXIS2C-1480 | Improve performance of reading HTTP headers |
| AXIS2C-1494 | Response received from the server is partially erased when non-ascii characters present in xml tags |
| AXIS2C-1565 | CPU utilization is 100% for SOAP queries for synchronous calls |
| AXIS2C-1612 | Custom HTTP HEADER USER AGENT |
| AXIS2C-1636 | Enhanced REST support for Axis2/C |
| AXIS2C-1645 | JSON support for Axis2/C |
| AXIS2C-1666 | base64 ignore some whitespaces |
| AXIS2C-1706 | SNI support |
Tasks¶
| Issue | Summary |
|---|---|
| AXIS2C-934 | Organize Test Cases |
| AXIS2C-1419 | Fixing memory leak |
| AXIS2C-1679 | Support Multipart soap in code generation tool |
| AXIS2C-1707 | Add HTTP/2 transport support for JSON requests |
| AXIS2C-1708 | Modern security hardening |
Removed Features¶
The following features have been removed in version 2.0.0 as part of security hardening (AXIS2C-1708) and deprecation cleanup:
-
NTLM Authentication (
--enable-heimdal,--enable-libntlm): Removed due to critical security vulnerabilities including pass-the-hash attacks, NTLM relay attacks, and weak cryptography. Microsoft is deprecating NTLM in Windows systems. Use Kerberos, OAuth 2.0, or mutual TLS instead. -
TCP Transport (
--enable-tcp): Obsolete transport that lacks HTTP semantics (no Content-Length, chunked encoding, headers, status codes). Incompatible with TLS (requires HTTP for ALPN negotiation) and web infrastructure (proxies, load balancers, firewalls expect HTTP). Use HTTP/2 instead, which provides multiplexing benefits with full HTTP semantics. -
CGI Transport (
--enable-cgi): Obsolete deployment model with security concerns and performance overhead of process-per-request. Use mod_axis2 with Apache httpd instead. -
libcurl HTTP Backend (
--enable-libcurl): Redundant with native HTTP client implementation. MTOM was broken with libcurl (AXIS2C-1270). HTTP/2 support uses nghttp2 instead. -
AMQP Transport (
--with-qpid): Unmaintained since 2010. Apache Qpid C++ is in maintenance mode. Modern messaging systems use REST APIs, gRPC, or native AMQP 1.0 clients. (AXIS2C-1641) -
IIS/ISAPI Integration: Unmaintained since 2009. Windows users should use WSL2 with Apache httpd instead.
Upgrade Notes¶
Breaking Changes¶
-
SSL/TLS Peer Validation: SSL/TLS peer name validation is now enabled by default (AXIS2C-1700). Applications that previously connected to servers with invalid certificates will now fail. To restore the old behavior (not recommended), disable peer verification in your SSL configuration.
-
NTLM Authentication Removed: Applications using NTLM authentication must migrate to Kerberos (for Windows/AD environments), OAuth 2.0/OpenID Connect (for modern applications), or mutual TLS (for service-to-service communication).
-
TCP Transport Removed: Applications using raw TCP transport (
AXIS2_TRANSPORT_TCP) must migrate to HTTP/1.1 or HTTP/2 transport. HTTP/2 provides similar multiplexing benefits with full HTTP semantics and TLS support. -
CGI Deployment Removed: Applications deployed via CGI must migrate to mod_axis2 with Apache httpd or the standalone axis2_http_server.
-
libcurl Backend Removed: Applications that explicitly enabled libcurl (
--enable-libcurl) will now use the native HTTP client. This should be transparent for most use cases. -
AMQP Transport Removed: Applications using AMQP transport must migrate to alternative messaging solutions or REST-based APIs.
-
IIS Support Removed: Applications using IIS integration must migrate to Apache httpd (running natively or via WSL2 on Windows).
New Dependencies¶
- json-c (optional): Required for JSON support. Install via
apt install libjson-c-devon Debian/Ubuntu. - nghttp2 (optional): Required for HTTP/2 support. Install via
apt install libnghttp2-devon Debian/Ubuntu.
