possible XSS for a site where untrusted users can upload files to
a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
+ *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
+ - mod_auth_digest: shared memory file
+ [Jeff Trawick]
+
*) htpasswd: Use correct file mode for checking if file is writable.
PR 45923. [Stefan Fritsch]
*) Add "strict" and "warnings" pragmas to Perl scripts. [Rich Bowen]
- *) Honor DefaultRuntimeDir for mutexes, socache and CGID socket.
+ *) The following now respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR:
+ - core: the scoreboard (ScoreBoardFile), pid file (PidFile), and
+ mutexes (Mutex)
[Jim Jagielski]
*) ab: Fix bind() errors. [Joe Orton]
2.4.x patch: trunk patch works
+1: rjung, humbedooh, trawick (needs CHANGES entry)
- * mod_auth_digest: respect DefaultRuntimeDir for its
- unconfigurable shared memory file
- trunk patch: http://svn.apache.org/viewvc?rev=1371387&view=rev
- 2.4.x patch: trunk patch works
- +1: trawick, rjung, jim
-
* ab fixes:
o When -B is specified, search for a host address in the same
family as the specified outbound interface.
{
unsigned long idx;
apr_status_t sts;
- const char *tempdir;
/* set up client list */
- sts = apr_temp_dir_get(&tempdir, ctx);
- if (APR_SUCCESS != sts) {
- ap_log_error(APLOG_MARK, APLOG_ERR, sts, s, APLOGNO(01761)
- "Failed to find temporary directory");
- log_error_and_cleanup("failed to find temp dir", sts, s);
- return HTTP_INTERNAL_SERVER_ERROR;
- }
-
/* Create the shared memory segment */
/*
* Create a unique filename using our pid. This information is
* stashed in the global variable so the children inherit it.
*/
- client_shm_filename = apr_psprintf(ctx, "%s/authdigest_shm.%"APR_PID_T_FMT, tempdir,
- getpid());
+ client_shm_filename = ap_runtime_dir_relative(ctx, "authdigest_shm");
+ client_shm_filename = ap_append_pid(ctx, client_shm_filename, ".");
/* Now create that segment */
sts = apr_shm_create(&client_shm, shmem_size,
projects / apache / commitdiff