Fix a denial of service attack against mod_reqtimeout.
[Stefan Fritsch]
+ *) core: Log a warning if <Limit> or <LimitExcept> are used. They are
+ deprecated and may go away in 2.4. [Stefan Fritsch]
+
*) mod_ssl: Log certificate information if client cert verification
fails. PR 50094. [Lassi Tuura <lat cern ch>, Stefan Fritsch]
*) core/mod_unique_id: Add generate_log_id hook to allow to use
the ID generated by mod_unique_id as error log ID for requests.
+ [Stefan Fritsch]
*) mod_cache: Make sure that we never allow a 304 Not Modified response
that we asked for to leak to the client should the 304 response be
return unclosed_directive(cmd);
}
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL,
+ "%s:%d: <Limit> and <LimitExcept> are deprecated and "
+ "will likely be removed in 2.4. Use 'Require method', "
+ "mod_allow_method, or <If> instead.",
+ cmd->directive->filename, cmd->directive->line_num);
+
limited_methods = apr_pstrndup(cmd->pool, arg, endp - arg);
if (!limited_methods[0]) {
"Container for directives affecting files matching specified patterns"),
AP_INIT_RAW_ARGS("<Limit", ap_limit_section, NULL, OR_LIMIT | OR_AUTHCFG,
"Container for authentication directives when accessed using specified HTTP "
- "methods"),
+ "methods (DEPRECATED)"),
AP_INIT_RAW_ARGS("<LimitExcept", ap_limit_section, (void*)1,
OR_LIMIT | OR_AUTHCFG,
"Container for authentication directives to be applied when any HTTP "
- "method other than those specified is used to access the resource"),
+ "method other than those specified is used to access the resource (DEPRECATED)"),
AP_INIT_TAKE1("<IfModule", start_ifmod, NULL, EXEC_ON_READ | OR_ALL,
"Container for directives based on existence of specified modules"),
AP_INIT_TAKE1("<IfDefine", start_ifdefine, NULL, EXEC_ON_READ | OR_ALL,
projects / apache / commitdiff