Create a helper function "get_canned_error_string" for use by
ap_send_error_response. The new function simply returns the error response
string corresponding to given HTTP error core. This makes it easier to
change the mechanism for sending these strings, because we no longer have
r[v]puts calls spread throughout the error string generation code.
Jeff Trawick [Tue, 26 Sep 2000 19:38:41 +0000 (19:38 +0000)]
Debug messages in mod_charset_lite are now controlled by
CharsetOptions DebugLevel=n instead of CharsetDebug on/off. Use the debug
level to decide which debug messages to issue (if any). Use ap_log_rerror()
instead of ap_log_error() when appropriate.
Describe CharsetOptions in the doc.
Jeff Trawick [Tue, 26 Sep 2000 15:08:26 +0000 (15:08 +0000)]
Sanity-check the use of multiple instances of XLATEOUT in a
filter chain. If the translation performed by an instance
being run for the first time clashes with an instance already
in place, disable the new instance.
Set BSD_MAKEFILE in configure.in. The macro APACHE_GEN_MAKEFILES is
executed in the context of config.status with variable substitution
already performed, so the check in the macro itself did not work.
Cleaner feature tests and new -d -m -s -p options for crypt, MD5, SHA1
and plaintext password cyphers. Not certain what the $^O tag for
NETWARE really is, so this may need to be fixed.
David Reid [Sun, 24 Sep 2000 12:40:05 +0000 (12:40 +0000)]
We don't have config.guess until later in the build cycle, so change the
test to use uname. with this change a clean CVS copy will build using
./buildconf;./configure;make exactly like it should.
Jeff Trawick [Sat, 23 Sep 2000 22:09:30 +0000 (22:09 +0000)]
The new core post_read_request hook needs to return something
(DECLINED). This allows Apache to serve pages again (other than
the 500 Internal Server Error page, that is).
Ryan Bloom [Sat, 23 Sep 2000 18:39:30 +0000 (18:39 +0000)]
Combine the calls to add the core_filter to one place. Basically, it is
safe to add the core_filter during the post_read_request, and it means
that we only have to add the filter once in the code. This should make
it easier to add an SSL module in the future.
Tony Finch [Sat, 23 Sep 2000 00:05:45 +0000 (00:05 +0000)]
Fix a security problem that affects certain configurations of mod_rewrite.
If the result of a RewriteRule is a filename that contains expansion
specifiers, especially regexp backreferences $0..$9 and %0..%9, then it
may be possible for an attacker to access any file on the web server.
The fix replaces a multi-pass string expander with a one-pass expander,
and includes the code quality improvements that were committed separately
to 1.3.
Bill Stoddard [Fri, 22 Sep 2000 20:36:20 +0000 (20:36 +0000)]
Make the core_filter use apr_sendv and apr_sendfile as appropriate. This is still a bit crufty
but it is an improvement over the previous implementation.
Note 1: Only needed for BSD/OS.
Note 2: Invent better heuristic (timestamp checks for build/*.mk).
Note 3: Conversion is currently one-way
Note 4: Don't package on BSD/OS.
Jeff Trawick [Fri, 22 Sep 2000 14:57:08 +0000 (14:57 +0000)]
mod_include now tweaks the subrequest output filter chain so that
only *subsequent* filters from the original request are inherited.
Previously, *all* filters from the original request were inherited.
Currently, any filter which runs a subrequest should do the same
thing (though a cleaner interface may be appropriate.)
With this change, subrequests are properly filtered much more often.
Jeff Trawick [Fri, 22 Sep 2000 11:37:05 +0000 (11:37 +0000)]
Provide a socklen_t to the user of APR as a portability aid. Some
systems have unsigned sockaddr len parameters; others have signed.
When passing the length by address (as to accept()) a warning is
generated if the sign is not correct.
This patch assumes that, if no native socklen_t is provided,
apr_socklen_t is always signed; that can be easily tweaked for
certain platforms later.
Inside APR, apr_socklen_t is only used currently in the Unix
implementation.
Submitted by: Victor J. Orlikowski <v.j.orlikowski@gte.net>
Reviewed by: Jeff Trawick
Jeff Trawick [Thu, 21 Sep 2000 16:32:48 +0000 (16:32 +0000)]
Get the call to find_string() out of a loop. find_string() loops
across the buckets internally. This gets rid of a compile warning
but doesn't change the behavior.
Inspired by: "Victor J. Orlikowski" <v.j.orlikowski@gte.net>
Jeff Trawick [Wed, 20 Sep 2000 21:50:50 +0000 (21:50 +0000)]
Fix the prior fix to the usage of ap_brigade_split()... The caller of
send_parsed_content() needs to see the new brigade representing the
rest of the content.
Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2)
as well as a comment arg to the add, adduser and update cmds.
update allows the user to clear or preserve pw/groups/comment.
Fixed a bug in dbmmanage that prevented the check option from
parsing a password followed by :group... text. Corrected the
seed calcualation for Win32 systems, and added -lsdbm support.
PR: 3810, 5527
Jeff Trawick [Tue, 19 Sep 2000 23:50:36 +0000 (23:50 +0000)]
Get internal redirects working by initializing the output_filters
list. We start over with only core_filter just like a fresh request.
Processing of the new URI will determine what filters (if any) are
appropriate.
Jeff Trawick [Tue, 19 Sep 2000 23:28:55 +0000 (23:28 +0000)]
Fix filter registration so that the appropriate list of
registrations is actually modified. This allows Apache to server
pages again. (Before this, every ap_add_filter() silently failed
and so output content went to the bit bucket.)
Also, repair some comments and un-namespace-protect a now-static
function.
Fix a bug where errors that happen during early request parsing (like 400
HTTP_BAD_REQUEST) don't send any error message content to the browser.
The core_filter wasn't present this early in request parsing, so the output
went into the bit bucket via r[v]puts->ap_pass_brigade.
The chunking filter takes care of itself nicely, because it is added in
ap_send_http_header if it's needed.
Jeff Trawick [Tue, 19 Sep 2000 17:46:28 +0000 (17:46 +0000)]
Change the registered filter name to XLATEOUT (from XLATE).
Set up the context in the filter in case the filter was inserted via
AddOutputFilter.
Provide a temporary hack to avoid having the module and core both
insert the output translation filter. For now, code
"CharsetOptions NoImplicitAdd" in a container with "AddOutputFilter."
Make a few cosmetic changes (e.g., rename the mis-named
xlate_register_filter routine).
Ryan Bloom [Sun, 17 Sep 2000 18:52:48 +0000 (18:52 +0000)]
If a bucket is split at the first or last character, then we should get
a zero length bucket and a bucket containing the original text. Later
filters will either throw away the zero length bucket, or they will just
ignore it. The problem is that if we return an error in those conditions,
then all filters need special logic whenever they are going to split a
bucket. By always splitting, only a few selected buckets need the special
logic to deal with zero-length buckets. This also fixes mod_include to not
have the special logic around it's split call.
Jeff Trawick [Fri, 15 Sep 2000 16:50:39 +0000 (16:50 +0000)]
Fix a bug parsing configuration file containers. With a sequence
like this in the config file
<IfModule mod_kilroy.c>
any stuff
</IfModule>
<IfModule mod_lovejoy.c>
(blank line)
any stuff
</IfModule>
the second container would be terminated at the blank line due to
sediment in the buffer from reading the prior </IfModule> and an
error message would be generated for the real </IfModule> for the
second container. Also due to this problem, any two characters
could be used for "</" in the close of a container.
Jeff Trawick [Thu, 14 Sep 2000 18:42:58 +0000 (18:42 +0000)]
Fix the types of the variables passed as the len parm to bucket->read()
(in various places).
In ab, change the declaration of argv so that it can be passed into
apr_initopt() without warning.
Submitted by: Victor J. Orlikowski <v.j.orlikowski@gte.net>
Reviewed and modified slightly by: Jeff Trawick
Tony Finch [Thu, 14 Sep 2000 02:16:07 +0000 (02:16 +0000)]
Improve the way the chunking filter handles zero-length buckets,
and fix the comment explaining how to reduce the incidence of tiny chunks.
Submitted by: Jeff Trawick
Reviewed by: Tony Finch
Ryan Bloom [Thu, 14 Sep 2000 00:34:15 +0000 (00:34 +0000)]
Add a pointer to the filter_rec_t from the filter_t. This allows modules
to get to the filter name from the filter itself. This is useful for
modules like mod_perl, which have one filter function that does different
things based on the name used when the filter was inserted.
Ryan Bloom [Wed, 13 Sep 2000 23:13:20 +0000 (23:13 +0000)]
Add the AddFilter directive. This directive takes a list of filter names
that have been previously registered with the server. Currently the
directive is only valid inside the config file, but once the Options
directive is tweaked a bit, I would feel more comfortable exposing this
directive to htaccess files.
As a part of making adding this filter, I removed the ctx pointer from the
ap_add_filter prototype. The problem is that the core is the thing that
is actually inserting the filter into the filter stack, but the core doesn't
know how to allocate memory for each filter. The solution is to have the
filters themselves be responsible for allocating the ctx memory whenever
it is required.
Ryan Bloom [Wed, 13 Sep 2000 02:07:40 +0000 (02:07 +0000)]
First pass at mod_include as a filter. This is at an incredibly alpha
stage, but it should compile for everybody now. I have experienced a few
seg faults that I haven't been able to track down yet, but it should
compile on all platforms, which is better than before this patch.
Ken Coar [Wed, 13 Sep 2000 01:58:15 +0000 (01:58 +0000)]
Start introducing the extension-method elements so we're not
bound to hard-coded names and a bitmask. We still use the
bitmask for known methods, but we also have an array for
extension method named. Wherever we used the M_* constants
we need to use a routine that knows about the new structure instead.
This is far from complete, but AFAIK this interim work doesn't
break anything -- especially the compile. The rest of the
work will be added in segments; this is just a checkpoint.
Tony Finch [Tue, 12 Sep 2000 17:46:40 +0000 (17:46 +0000)]
This commit adds support for purely name-based virtual hosting that
does not require any IP addresses in httpd.conf and which disregards
the local IP address of any connections. This will be particularly
appreciated by people running little servers on machines with
dynamically configured IP addresses, and by people wishing to use
identical httpd.conf files on all the machines in a load-balanced
cluster.
The syntax is:
NameVirtualHost *
<VirtualHost *>
ServerName my.friend.has.a.silly.vanitydomain.org
DocumentRoot /usr/local/apache/docs1
</VirtualHost>
<VirtualHost *>
ServerName but.easier.to.spell.than.my.vanitydomain.org
DocumentRoot /usr/local/apache/docs2
</VirtualHost>
The implementation is a straightforward extension of what is there
already although the patch is made somewhat larger by the need to
avoid duplicate code for normal and wildcarded NameVirtualHosts.
Jeff Trawick [Tue, 12 Sep 2000 14:48:49 +0000 (14:48 +0000)]
Explictly close the AF_UNIX socket to the cgid child after nph cgis too.
(Yeah, it got closed during pool cleanup, but it is more understandable if
it is closed the same way for nph and !nph cgis.)
Ryan Bloom [Tue, 12 Sep 2000 03:40:15 +0000 (03:40 +0000)]
Ensure that only one EOS bucket is sent down the filter stack. This is
done by adding a flag to the request_rec. When ap_pass_bucket sees an
EOS bucket, the flag is set. If the flag is still unset when
ap_finalize_request is called, then ap_finalize_request sends an EOS. This
fixes the problem with chunking and CGI.
Jeff Trawick [Mon, 11 Sep 2000 21:37:27 +0000 (21:37 +0000)]
The apr_file_t representation of the Unix socket from which we read
the CGI output should live in the request pool, not in pcgi. pcgi (in
the httpd processes, at least) isn't cleaned up until we restart httpd.
Ryan Bloom [Mon, 11 Sep 2000 00:30:02 +0000 (00:30 +0000)]
Modify mod_cgid to use bucket brigades. This means that mod_cgid behaves
like mod_cgi, creating a single element bucket brigade that is passed to
the next filter. This is instead of making mod_cgid read from the socket,
and call ap_r* repeatedly.
The "get resource" functionality is no longer a hook. Instead, providers
register themselves by name with mod_dav. The user configures a particular
provider for a location/directory. mod_dav looks up that provider and uses
it explicitly. (the prior behavior simply asked "anybody" to satisfy the
get_resource, but it did not mesh well with user-specified providers)
*) add providers.c to deal with provider registration
*) rejigger mod_dav.c to toss the hook and use the provider
*) clean out dav/fs/ of the old scheme and have it register itself
pass_chunk() was tossing a brigade composed of just the EOS bucket. on
entry, it saw there were zero bytes and simply returned. the client
would never receive "end of response" and timeout (or the server would
timeout the client).
*) added comments about what is going on
*) place chunk start/end markers around just the content, if that content
is non-zero in length
*) insert all the right "end of response" stuff before the EOS bucket
projects / apache / log