]> granicus.if.org Git - apache/log
apache
6 years ago* Pickup the proxy related configuration for verify mode and verify depth and
Ruediger Pluem [Mon, 1 Oct 2018 18:21:18 +0000 (18:21 +0000)]
* Pickup the proxy related configuration for verify mode and verify depth and
  not the configuration settings for frontend connections in case of
  connections by the proxy to the backend.

PR: 62769

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842540 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRebuild after XML typo correction.
Lucien Gentis [Sun, 30 Sep 2018 15:25:51 +0000 (15:25 +0000)]
Rebuild after XML typo correction.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842394 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML typo.
Lucien Gentis [Sun, 30 Sep 2018 15:24:38 +0000 (15:24 +0000)]
XML typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842389 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRebuild after fr doc update.
Lucien Gentis [Sun, 30 Sep 2018 15:20:59 +0000 (15:20 +0000)]
Rebuild after fr doc update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842388 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML update.
Lucien Gentis [Sun, 30 Sep 2018 15:19:33 +0000 (15:19 +0000)]
XML update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842387 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFrench html doc files : UTF-8 encoding in order to get rid of HTML entities.
Lucien Gentis [Sun, 30 Sep 2018 15:02:28 +0000 (15:02 +0000)]
French html doc files : UTF-8 encoding in order to get rid of HTML entities.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842386 13f79535-47bb-0310-9956-ffa450edef68

6 years agoThe XSLT Saxon engine warns about some "Ambiguous rule matches".
Christophe Jaillet [Thu, 27 Sep 2018 20:44:08 +0000 (20:44 +0000)]
The XSLT Saxon engine warns about some "Ambiguous rule matches".
Use priority to remove the ambiguity.

The only rational for choosing "3" and "4" for these priorities, is that "4" is related to <h4> tags, and 3=4-1 for the previous level.

Tested with the actual Xalan XSL engine:
   ./build.sh all
with and without the change.
Outputs are exactly the same.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842165 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRevert r1842160
Christophe Jaillet [Thu, 27 Sep 2018 20:42:24 +0000 (20:42 +0000)]
Revert r1842160

Some rules to help me detect un-needed links to directives, or missing ones were sent by error

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842164 13f79535-47bb-0310-9956-ffa450edef68

6 years agoThe XSLT Saxon engine warns about some "Ambiguous rule matches".
Christophe Jaillet [Thu, 27 Sep 2018 20:26:59 +0000 (20:26 +0000)]
The XSLT Saxon engine warns about some "Ambiguous rule matches".
Use priority to remove the ambiguity.

The only rational for choosing "3" and "4" for these priorities, is that "4" is related to <h4> tags, and 3=4-1 for the previous level.

Tested with the actual Xalan XSL engine:
   ./build.sh all
with and without the change.
Outputs are exactly the same.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842160 13f79535-47bb-0310-9956-ffa450edef68

6 years agoThe XSLT Saxon engine warns that match="@*" will return only attribute nodes, which...
Christophe Jaillet [Thu, 27 Sep 2018 19:18:51 +0000 (19:18 +0000)]
The XSLT Saxon engine warns that  match="@*" will return only attribute nodes, which can't have any attributes or child.

So simplify the xsl rules accordingly.

Tested with the actual Xalan XSL engine:
   ./build.sh all
with and without the change.
Outputs are exactly the same.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842146 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRevert borked transforms.
Joe Orton [Thu, 27 Sep 2018 15:35:44 +0000 (15:35 +0000)]
Revert borked transforms.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842104 13f79535-47bb-0310-9956-ffa450edef68

6 years agoupdated bind.xml.es and uploading meta file for build
Luis Gil [Wed, 26 Sep 2018 22:28:40 +0000 (22:28 +0000)]
updated bind.xml.es and uploading meta file for build

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842058 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* dav_stream_response processes data that has been allocated from the propdb
Ruediger Pluem [Wed, 26 Sep 2018 09:46:42 +0000 (09:46 +0000)]
* dav_stream_response processes data that has been allocated from the propdb
  pool. Hence close the propdb *after* dav_stream_response which clears thei
  probdb pool.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842010 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* include/httpd.h: Define HTTP_TOO_EARLY (425) per RFC 8470.
Joe Orton [Wed, 26 Sep 2018 09:01:19 +0000 (09:01 +0000)]
* include/httpd.h: Define HTTP_TOO_EARLY (425) per RFC 8470.

* modules/http/http_protocol.c (status_lines,
  get_canned_error_string): Add 425 response.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1842007 13f79535-47bb-0310-9956-ffa450edef68

6 years agoApply transformations.
Graham Leggett [Sun, 23 Sep 2018 21:48:32 +0000 (21:48 +0000)]
Apply transformations.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841786 13f79535-47bb-0310-9956-ffa450edef68

6 years agoab: Add client certificate support.
Graham Leggett [Sun, 23 Sep 2018 21:39:15 +0000 (21:39 +0000)]
ab: Add client certificate support.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841784 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML file update.
Lucien Gentis [Sat, 22 Sep 2018 13:34:41 +0000 (13:34 +0000)]
XML file update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841680 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_ssl doc rebuild
Luca Toscano [Fri, 21 Sep 2018 23:36:06 +0000 (23:36 +0000)]
mod_ssl doc rebuild

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841640 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_ssl.xml: fix TLS 1.3 RFC link
Luca Toscano [Fri, 21 Sep 2018 23:35:45 +0000 (23:35 +0000)]
mod_ssl.xml: fix TLS 1.3 RFC link

Suggested by the IRC Freenode user 'a-ja' on #httpd-dev

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841639 13f79535-47bb-0310-9956-ffa450edef68

6 years agoOn the trunk:
Stefan Eissing [Thu, 20 Sep 2018 09:56:01 +0000 (09:56 +0000)]
On the trunk:

mod_ssl: changing from APLOG_WARN to DEBUG to INFO after review.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841455 13f79535-47bb-0310-9956-ffa450edef68

6 years agoOn the trunk:
Stefan Eissing [Thu, 20 Sep 2018 09:04:14 +0000 (09:04 +0000)]
On the trunk:

downgrade mod_ssl log level for requests not carrying SNI when SSLStrictSNIVHostCheck is on.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841446 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* Doing a PROPFIND on a large collection e.g. 50.000 elements can easily
Ruediger Pluem [Tue, 18 Sep 2018 12:58:57 +0000 (12:58 +0000)]
* Doing a PROPFIND on a large collection e.g. 50.000 elements can easily
  consume 1 GB of memory as the subrequests and propdb pools are not
  destroyed and cleared after each element was handled.
  Do this now. There is one case in dav_get_props where elem->priv
  lives longer then the propdb pool. In this case allocate from r->pool.
  Furthermore also recycle propdb's which allows to clear the propdb's
  pools instead of destroying them and creating them again.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841225 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* modules/ssl/ssl_engine_kernel.c (ssl_check_post_client_verify):
Joe Orton [Tue, 18 Sep 2018 11:05:43 +0000 (11:05 +0000)]
* modules/ssl/ssl_engine_kernel.c (ssl_check_post_client_verify):
  Retrieve and set sslconn->client_cert here for both "modern" and
  classic access control.
  (ssl_hook_Access_classic, ssl_hook_Access_modern, ssl_hook_Access):
  Restore SSLRequire and FakeBasicAuth checks to ssl_hook_Access so tests
  are still applied for TLSv1.3.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841218 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix properties, add missing html file
André Malo [Tue, 18 Sep 2018 09:15:19 +0000 (09:15 +0000)]
Fix properties, add missing html file

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841203 13f79535-47bb-0310-9956-ffa450edef68

6 years agoupdate transformation
André Malo [Tue, 18 Sep 2018 09:03:58 +0000 (09:03 +0000)]
update transformation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1841200 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRebuild fr doc.
Lucien Gentis [Sat, 15 Sep 2018 14:06:34 +0000 (14:06 +0000)]
Rebuild fr doc.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840972 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML update.
Lucien Gentis [Sat, 15 Sep 2018 14:05:21 +0000 (14:05 +0000)]
XML update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840971 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAdd some compatibility information
Christophe Jaillet [Sat, 15 Sep 2018 05:09:49 +0000 (05:09 +0000)]
Add some compatibility information

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840964 13f79535-47bb-0310-9956-ffa450edef68

6 years agofollow-up to r1656549.
Christophe Jaillet [Thu, 13 Sep 2018 04:19:27 +0000 (04:19 +0000)]
follow-up to r1656549.

Instead of logging a password (which is not a good practice), clarify the associated message

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840776 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol):
Joe Orton [Wed, 12 Sep 2018 15:54:24 +0000 (15:54 +0000)]
* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol):
  Disable AUTO_RETRY mode for OpenSSL 1.1.1, which fixes
  post-handshake authentication.
  (ssl_init_proxy_certs): Fix proxy client cert support with
  TLSv1.3, which is now crippled by default.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840710 13f79535-47bb-0310-9956-ffa450edef68

6 years agomove the assignment to the end of the loop.
Eric Covener [Wed, 12 Sep 2018 13:06:00 +0000 (13:06 +0000)]
move the assignment to the end of the loop.

This is more readable and isn't miscompiled w/ -O3 on a certain
unnamed EBCDIC platforms compiler.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840678 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1840265: really privatize ap_filter_{recycle,adopt_brigade}().
Yann Ylavic [Tue, 11 Sep 2018 21:21:40 +0000 (21:21 +0000)]
Follow up to r1840265: really privatize ap_filter_{recycle,adopt_brigade}().

Move ap_filter_adopt_brigade()'s declaration to "server/core.h" (private).

For ap_filter_recycle(), make it static/internal to util_filter (renamed to
recycle_dead_filters() which better fits what it does). It's now also called
unconditionally from ap_filter_input_pending() which itself is always called
after the request processing and from MPM event (as input_pending hook).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840611 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Fail with
Joe Orton [Tue, 11 Sep 2018 16:01:47 +0000 (16:01 +0000)]
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Fail with
  403 if SSL_verify_client_post_handshake() fails, e.g. when the
  TLS/1.3 client didn't send the Post-Handshake Authentication
  extension.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840585 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_proxy_hcheck: Fix issues with TCP health checks. PR 61499
Jim Jagielski [Tue, 11 Sep 2018 15:06:50 +0000 (15:06 +0000)]
mod_proxy_hcheck: Fix issues with TCP health checks. PR 61499

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840582 13f79535-47bb-0310-9956-ffa450edef68

6 years agocleanup after backport
Stefan Eissing [Tue, 11 Sep 2018 14:06:15 +0000 (14:06 +0000)]
cleanup after backport

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840575 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* modules/arch/unix/mod_systemd.c (systemd_pre_mpm, systemd_monitor):
Joe Orton [Tue, 11 Sep 2018 12:57:36 +0000 (12:57 +0000)]
* modules/arch/unix/mod_systemd.c (systemd_pre_mpm, systemd_monitor):
  Ignore sd_notify{,f} failure cases as currently recommended by the
  systemd API docs.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840555 13f79535-47bb-0310-9956-ffa450edef68

6 years ago* modules/arch/unix/mod_systemd.c (systemd_post_config): Fix systemd
Joe Orton [Tue, 11 Sep 2018 12:53:30 +0000 (12:53 +0000)]
* modules/arch/unix/mod_systemd.c (systemd_post_config): Fix systemd
  service getting stuck reloading if "ExtendedStatus off" is
  configured; regression in r1802251.

PR: 62697

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840554 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1840149: core input filter pending data.
Yann Ylavic [Thu, 6 Sep 2018 22:48:28 +0000 (22:48 +0000)]
Follow up to r1840149: core input filter pending data.

Since r1840149 ap_core_input_filter() can't use use f->[priv->]bb directly, so
ap_filter_input_pending() stopped accounting for its pending data.

But ap_core_input_filter() can't (and doesn't need to) setaside its socket
bucket, so ap_filter_setaside_brigade() is not an option. This commit adds
ap_filter_adopt_brigade() which simply moves the given buckets (brigade) into
f->priv->bb, and since this is not something to be done blindly (the buckets
need to have c->pool/bucket_alloc lifetime, which is the case in the core
filter) the function is not AP_DECLAREd/exported thus can be used in core only.

With ap_filter_adopt_brigade() and ap_filter_reinstate_brigade(), the core
input is now ap_filter_input_pending() friendly.

Also, ap_filter_recycle() is no more part of the API (AP_DECLARE removed too),
there really is no point to call it outside core code. MAJOR bumped once again
because of this.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840265 13f79535-47bb-0310-9956-ffa450edef68

6 years agofix StrictHostCheck in single/non-NVH vhosts
Eric Covener [Thu, 6 Sep 2018 15:24:29 +0000 (15:24 +0000)]
fix StrictHostCheck in single/non-NVH vhosts

While all VH'es are NVH'es in 2.4 and later, something special happens
once a second NVH in a set is added.  This case covers the
global server config scenario as well.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840229 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1840149: MMN text rephrased.
Yann Ylavic [Wed, 5 Sep 2018 17:39:24 +0000 (17:39 +0000)]
Follow up to r1840149: MMN text rephrased.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840150 13f79535-47bb-0310-9956-ffa450edef68

6 years agoutil_filter: protect ap_filter_t private fields from external (ab)use.
Yann Ylavic [Wed, 5 Sep 2018 17:27:43 +0000 (17:27 +0000)]
util_filter: protect ap_filter_t private fields from external (ab)use.

Introduce opaque struct ap_filter_private to move ap_filter_t "pending", "bb"
and "deferred_pool" fields to the "priv" side of things.

This allows to trust values set internally (only!) in util_filter code, and
make useful assertions between the different functions calls, along with the
usual nice extensibility property.

Likewise, the private struct ap_filter_conn_ctx in conn_rec (from r1839997)
allows now to implement the new ap_acquire_brigade() and ap_release_brigade()
functions useful to get a brigade with c->pool's lifetime. They obsolete
ap_reuse_brigade_from_pool() which is replaced where previously used.

Some comments added in ap_request_core_filter() regarding the lifetime of the
data it plays with, up to EOR...

MAJOR bumped (once again).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840149 13f79535-47bb-0310-9956-ffa450edef68

6 years agocore: follow up to r1839997: some runtime optimizations.
Yann Ylavic [Tue, 4 Sep 2018 10:32:10 +0000 (10:32 +0000)]
core: follow up to r1839997: some runtime optimizations.

We don't mind about cleaning up a connection filter when its pool is being
cleaned up already. For request filters, let pending_filter_cleanup() do
nothing if the given filter is not pending (anymore), which allows to save a
cleanup kill when the filter is removed.

Clear (zero) the reused filters (ap_filter_t) on reuse rather than cleanup,
then a single APR_RING_CONCAT() can be used to recycle dead_filters in a one
go.

Always call ap_filter_recycle() in ap_filter_output_pending(), even if no
filter is pending, and while at it fix s/ap_filter_recyle/ap_filter_recycle/
silly typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840028 13f79535-47bb-0310-9956-ffa450edef68

6 years agoOn the trunk:
Stefan Eissing [Tue, 4 Sep 2018 08:29:11 +0000 (08:29 +0000)]
On the trunk:

mod_http2: connection IO event handling reworked. Instead of reacting on
     incoming bytes, the state machine now acts on incoming frames that are
     affecting it. This reduces state transitions.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840010 13f79535-47bb-0310-9956-ffa450edef68

6 years agocore: follow up to r1839997: recycle request filters to a delayed ring first.
Yann Ylavic [Tue, 4 Sep 2018 02:40:49 +0000 (02:40 +0000)]
core: follow up to r1839997: recycle request filters to a delayed ring first.

We want not only ap_filter_output_pending() to be able to access each pending
filter's *f after the EOR is destroyed, but also each request filter to do
the same until it returns.

So request filters are now always cleaned up into a dead_filters ring which is
merged into spare_filters only when ap_filter_recycle() is called explicitely,
that is in ap_process_request_after_handler() and ap_filter_output_pending().

The former takes care of recycling at the end of the request, with any MPM,
while the latter keeps recycling during MPM event's write completion.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840002 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAxe spurious comment (added and addressed in r1839997).
Yann Ylavic [Tue, 4 Sep 2018 00:04:05 +0000 (00:04 +0000)]
Axe spurious comment (added and addressed in r1839997).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839998 13f79535-47bb-0310-9956-ffa450edef68

6 years agocore: always allocate filters (ap_filter_t) on f->c->pool.
Yann Ylavic [Mon, 3 Sep 2018 23:49:46 +0000 (23:49 +0000)]
core: always allocate filters (ap_filter_t) on f->c->pool.

When filters are allocated on f->r->pool, they may be destroyed any time
underneath themselves which makes it hard for them to be passed the EOR and
forward it (*f can't be dereferenced anymore when the EOR is destroyed, thus
before request filters return).

On the util_filter side, it also makes it impossible to flush pending request
filters when they have set aside the EOR, since f->bb can't be accessed after
it's passed to the f->next.

So we always use f->c->pool to allocate filters and pending brigades, and to
avoid leaks with keepalive requests (long living connections handling multiple
requests), filters and brigades are recycled with a cleanup on f->r->pool.

Recycling is done (generically) with a spare data ring (void pointers), and a
filter(s) context struct is associated with the conn_rec to maintain the rings
by connection, that is:

    struct ap_filter_conn_ctx {
        struct ap_filter_ring *pending_input_filters;
        struct ap_filter_ring *pending_output_filters;

        struct ap_filter_spare_ring *spare_containers,
                                    *spare_brigades,
                                    *spare_filters,
                                    *spare_flushes;
        int flushing;
    };

MMN major bumped (again).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839997 13f79535-47bb-0310-9956-ffa450edef68

6 years agoOn the trunk:
Stefan Eissing [Mon, 3 Sep 2018 12:09:45 +0000 (12:09 +0000)]
On the trunk:

Reverting change 1839920, making TLSv1.3 part of "all" again, if supported by the SSL library.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839946 13f79535-47bb-0310-9956-ffa450edef68

6 years agoutil_filter: split pending filters ring in two: input and output ones.
Yann Ylavic [Mon, 3 Sep 2018 10:27:40 +0000 (10:27 +0000)]
util_filter: split pending filters ring in two: input and output ones.

Pending input and output are now maintained separately in respectively
c->pending_input_filters and c->pending_output_filters, which improves
both performances and debug-ability.

Also, struct ap_filter_ring is made opaque, it's only used by util_filter
and this will allow us to later change it e.g. to a dual ring+apr_hash to
avoid quadratic search in ap_filter_prepare_brigade().

MMN major bumped due to the change in conn_rec (this is trunk only code
anyway for now).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839933 13f79535-47bb-0310-9956-ffa450edef68

6 years agoOn the trunk:
Stefan Eissing [Mon, 3 Sep 2018 09:06:35 +0000 (09:06 +0000)]
On the trunk:

SSL protocl TLSv1.3 no longer part of 'all' when configured. Needs to be added explicitly.
When using 'modern' as SSL policy, TLSv1.3 is enabled.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839920 13f79535-47bb-0310-9956-ffa450edef68

6 years agoUse APR apr_time_as_msec() macro for conversion
Rainer Jung [Fri, 31 Aug 2018 18:11:11 +0000 (18:11 +0000)]
Use APR apr_time_as_msec() macro for conversion
from apr_time_t to milliseconds instead of
hard-coded division by 1000.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839780 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1835845 and r1839571: CHANGES entry.
Yann Ylavic [Wed, 29 Aug 2018 14:00:10 +0000 (14:00 +0000)]
Follow up to r1835845 and r1839571: CHANGES entry.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839583 13f79535-47bb-0310-9956-ffa450edef68

6 years agoMPMs: early initialize scoreboard's child generation number.
Yann Ylavic [Wed, 29 Aug 2018 12:27:31 +0000 (12:27 +0000)]
MPMs: early initialize scoreboard's child generation number.

Since [mpm]_note_child_killed uses the scoreboard's generation number for
child_status hook (MPM_CHILD_EXITED), we must initialize it early (i.e. in
[mpm]_note_child_started where MPM_CHILD_STARTED is set) to avoid race
conditions on restart (e.g. storm/loop of restarts) leading to AH00546.

PR 62658.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839571 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_proxy: follow up to r1645529: 502 in case of SSL handshake failure.
Yann Ylavic [Tue, 28 Aug 2018 12:42:21 +0000 (12:42 +0000)]
mod_proxy: follow up to r1645529: 502 in case of SSL handshake failure.

Make the SSL filters chain return an error when the handshake fails with an
origin server. It can then be caught by mod_proxy to fail with 502.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839442 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRebuild fr doc.
Lucien Gentis [Tue, 28 Aug 2018 12:24:36 +0000 (12:24 +0000)]
Rebuild fr doc.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839436 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML updates.
Lucien Gentis [Tue, 28 Aug 2018 12:22:23 +0000 (12:22 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839435 13f79535-47bb-0310-9956-ffa450edef68

6 years agoThese need to be signed longs... cast as needed.
Jim Jagielski [Mon, 27 Aug 2018 12:17:46 +0000 (12:17 +0000)]
These need to be signed longs... cast as needed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839303 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAdd some more modules that use mod_watchdog
Christophe Jaillet [Sun, 26 Aug 2018 21:10:33 +0000 (21:10 +0000)]
Add some more modules that use mod_watchdog

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839250 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAxe an old and apparently out-dated comment.
Christophe Jaillet [Sun, 26 Aug 2018 20:50:46 +0000 (20:50 +0000)]
Axe an old and apparently out-dated comment.

There is a typo in the comment.
HN_UPDATE_SEC has been renamed HM_UPDATE_SEC.
The TODO seems to have been taken into account in r759862.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839249 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRevert r1839247
Christophe Jaillet [Sun, 26 Aug 2018 20:48:39 +0000 (20:48 +0000)]
Revert r1839247

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839248 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAxe an old and apparently out-dated comment.
Christophe Jaillet [Sun, 26 Aug 2018 20:41:13 +0000 (20:41 +0000)]
Axe an old and apparently out-dated comment.

There is a typo in the comment.
HN_UPDATE_SEC has been renamed HM_UPDATE_SEC.
The TODO seems to have been taken into account in r759862.

Reverted in r1839248 and re-committed without un-expexted content in r1839249

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839247 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAdd missing space
Christophe Jaillet [Sun, 26 Aug 2018 20:26:53 +0000 (20:26 +0000)]
Add missing space

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839245 13f79535-47bb-0310-9956-ffa450edef68

6 years agoMMN bump
Jim Jagielski [Sun, 26 Aug 2018 14:03:52 +0000 (14:03 +0000)]
MMN bump

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839218 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAdd a note in ThreadsPerChild about the relationship with ThreadsLimit.
Christophe Jaillet [Fri, 24 Aug 2018 20:49:43 +0000 (20:49 +0000)]
Add a note in ThreadsPerChild about the relationship with ThreadsLimit.

+ add a missing link

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838958 13f79535-47bb-0310-9956-ffa450edef68

6 years agoUse the default location to display a default value
Christophe Jaillet [Fri, 24 Aug 2018 20:20:02 +0000 (20:20 +0000)]
Use the default location to display a default value
(+ some minor style issues)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838951 13f79535-47bb-0310-9956-ffa450edef68

6 years agobetter struct layout ...
Jim Jagielski [Fri, 24 Aug 2018 19:46:57 +0000 (19:46 +0000)]
better struct layout ...

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838941 13f79535-47bb-0310-9956-ffa450edef68

6 years agooptimize struct layout
Jim Jagielski [Fri, 24 Aug 2018 19:45:04 +0000 (19:45 +0000)]
optimize struct layout

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838940 13f79535-47bb-0310-9956-ffa450edef68

6 years agoupdate field comment
Jim Jagielski [Fri, 24 Aug 2018 19:45:01 +0000 (19:45 +0000)]
update field comment

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838939 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix an example (/foo vs /foo/bar)
Christophe Jaillet [Fri, 24 Aug 2018 19:43:27 +0000 (19:43 +0000)]
Fix an example (/foo vs /foo/bar)

Synch with 2.4.x and imporve syntax highlight

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838938 13f79535-47bb-0310-9956-ffa450edef68

6 years agoUpdate updated field at the start of the check rather than at the end.
Jim Jagielski [Fri, 24 Aug 2018 19:29:44 +0000 (19:29 +0000)]
Update updated field at the start of the check rather than at the end.
Re: [Bug 62318] healthcheck

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838937 13f79535-47bb-0310-9956-ffa450edef68

6 years agoWhen a rewrite to proxy is configured in the server config, a check is made to make...
Christophe Jaillet [Wed, 22 Aug 2018 21:57:37 +0000 (21:57 +0000)]
When a rewrite to proxy is configured in the server config, a check is made to make sure mod_proxy is active.  But the same is not done if a rewrite to proxy is configured in an .htaccess file.

Basically this patch is the block of code from hook_uri2file that does the proxy check, copied to hook_fixup.

Patch provided by Michael Streeter [mstreeter1 gmail.com], slightly modified to use a new APLOGNO
PR 56264

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838684 13f79535-47bb-0310-9956-ffa450edef68

6 years agos/require/Require/ to help another syntax color highlight work correctly.
Christophe Jaillet [Mon, 20 Aug 2018 19:41:05 +0000 (19:41 +0000)]
s/require/Require/ to help another syntax color highlight work correctly.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838459 13f79535-47bb-0310-9956-ffa450edef68

6 years agos/require/Require/ to help syntax color highlight work correctly.
Christophe Jaillet [Mon, 20 Aug 2018 19:37:38 +0000 (19:37 +0000)]
s/require/Require/ to help syntax color highlight work correctly.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838458 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRebuild.
Lucien Gentis [Sat, 18 Aug 2018 15:49:16 +0000 (15:49 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838340 13f79535-47bb-0310-9956-ffa450edef68

6 years agoXML update.
Lucien Gentis [Sat, 18 Aug 2018 15:47:45 +0000 (15:47 +0000)]
XML update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838338 13f79535-47bb-0310-9956-ffa450edef68

6 years agoSave some cycle.
Christophe Jaillet [Sat, 18 Aug 2018 08:32:15 +0000 (08:32 +0000)]
Save some cycle.

There is no need to copy, strchr, strcmp and modify a string which is only used for TRACE2 logging.

Note that the code that looks similar a few lines below can not be optimized the same way because it is also returned in 'pmessage'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838318 13f79535-47bb-0310-9956-ffa450edef68

6 years ago- Add some links.
Christophe Jaillet [Sat, 18 Aug 2018 07:44:17 +0000 (07:44 +0000)]
- Add some links.
- Remove the space in "character set" in the syntax of ProxyFtpDirCharset to avoid confusion (it is 1 parameter only)
- Use the correct syntax for the "default" values, so that they are parsed and correctly displayed in 'quickreference'
- Remove extra [] when directive's parameter are required

- correct the default password: apache-proxy@ instead of apache_proxy@.
This was silently changed in r88745, 17 years ago!

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838313 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix a cppcheck warning.
Christophe Jaillet [Fri, 17 Aug 2018 20:36:31 +0000 (20:36 +0000)]
Fix a cppcheck warning.

Remove some dead code. '!r->content_languages' is known to be true at this point.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838285 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix a cppcheck warning.
Christophe Jaillet [Fri, 17 Aug 2018 16:51:25 +0000 (16:51 +0000)]
Fix a cppcheck warning.

Remove some dead code. Updating 'last' is pointless here.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838271 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix a cppcheck warning.
Christophe Jaillet [Fri, 17 Aug 2018 16:39:04 +0000 (16:39 +0000)]
Fix a cppcheck warning.

'ap_unescape_urlencoded()' suggests that NULL can be passed to 'unescape_url()'.
So avoid a potential 'strchr(NULL, ...)' which is an undefined behavior.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838270 13f79535-47bb-0310-9956-ffa450edef68

6 years agouploading file to keep the ongoing changes
Luis Gil [Fri, 17 Aug 2018 12:37:00 +0000 (12:37 +0000)]
uploading file to keep the ongoing changes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838255 13f79535-47bb-0310-9956-ffa450edef68

6 years agoadd ids
Eric Covener [Wed, 15 Aug 2018 11:40:11 +0000 (11:40 +0000)]
add ids

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838079 13f79535-47bb-0310-9956-ffa450edef68

6 years agominor bump from r1838055
Eric Covener [Tue, 14 Aug 2018 21:52:13 +0000 (21:52 +0000)]
minor bump from r1838055

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838057 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAdd StrictHostCheck
Eric Covener [Tue, 14 Aug 2018 21:47:22 +0000 (21:47 +0000)]
Add StrictHostCheck

.. to allow ucnonfigured hostnames to be rejected.

The checks happen during NVH mapping and checks that the
mapped VH itself has the host as a name or alias.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838055 13f79535-47bb-0310-9956-ffa450edef68

6 years agodon't use workaround on trunk
Eric Covener [Tue, 14 Aug 2018 21:25:54 +0000 (21:25 +0000)]
don't use workaround on trunk

it breaks the build w/ maintainer mode.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1838054 13f79535-47bb-0310-9956-ffa450edef68

6 years agoAxe some redundant conditions. PR 62549.
Yann Ylavic [Mon, 13 Aug 2018 12:54:30 +0000 (12:54 +0000)]
Axe some redundant conditions. PR 62549.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837941 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1837822: typo.
Yann Ylavic [Fri, 10 Aug 2018 16:32:40 +0000 (16:32 +0000)]
Follow up to r1837822: typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837824 13f79535-47bb-0310-9956-ffa450edef68

6 years agoap_request_core_filter() can check whether the next filter should yield.
Yann Ylavic [Fri, 10 Aug 2018 16:24:15 +0000 (16:24 +0000)]
ap_request_core_filter() can check whether the next filter should yield.

Itself won't yield at this point (its f->bb is empty).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837823 13f79535-47bb-0310-9956-ffa450edef68

6 years agocore: ap_filter_output_pending() to flush outer most filters first.
Yann Ylavic [Fri, 10 Aug 2018 16:15:50 +0000 (16:15 +0000)]
core: ap_filter_output_pending() to flush outer most filters first.

Since previous output filters may use ap_filter_should_yield() to determine
whether they should send more data (e.g. ap_request_core_filter), we need
to flush pending data from the core output filter first, and so on up the
chain.

Otherwise we may enter an infinite loop where ap_request_core_filter() does
nothing on ap_filter_output_pending() called from MPM event.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837822 13f79535-47bb-0310-9956-ffa450edef68

6 years agoRemove backported items from trunk/CHANGES
Christophe Jaillet [Fri, 10 Aug 2018 13:44:53 +0000 (13:44 +0000)]
Remove backported items from trunk/CHANGES

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837804 13f79535-47bb-0310-9956-ffa450edef68

6 years agoPatch PR 62567. Fix by Michal Karm Babacek <michal.babacek gmail.com>
Jim Jagielski [Thu, 9 Aug 2018 11:30:10 +0000 (11:30 +0000)]
Patch PR 62567. Fix by Michal Karm Babacek <michal.babacek gmail.com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837717 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_status: Cumulate CPU time of exited child
Rainer Jung [Tue, 7 Aug 2018 13:04:05 +0000 (13:04 +0000)]
mod_status: Cumulate CPU time of exited child
processes in the "cu" and "cs" values.
Add CPU time of the parent process to the
"c" and "s" values.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837595 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_status: Add cumulated response duration time
Rainer Jung [Tue, 7 Aug 2018 10:48:05 +0000 (10:48 +0000)]
mod_status: Add cumulated response duration time
in milliseconds.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837590 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_status: Complete the data shown for async
Rainer Jung [Tue, 7 Aug 2018 10:25:31 +0000 (10:25 +0000)]
mod_status: Complete the data shown for async
MPMs in "auto" mode.  Added number of processes,
number of stopping processes and number
of busy and idle workers.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837589 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_proxy: Improve the balancer member data shown
Rainer Jung [Tue, 7 Aug 2018 10:17:33 +0000 (10:17 +0000)]
mod_proxy: Improve the balancer member data shown
in mod_status when "ProxyStatus" is "On":
add "busy" count and show byte counts in auto
mode always in units of kilobytes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837588 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFollow up to r1833368 and r1837435: update APLOGNO.
Yann Ylavic [Sat, 4 Aug 2018 17:21:22 +0000 (17:21 +0000)]
Follow up to r1833368 and r1837435: update APLOGNO.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837437 13f79535-47bb-0310-9956-ffa450edef68

6 years agomod_ssl: OpenSSL now initializes fully through APR, use that.
Yann Ylavic [Sat, 4 Aug 2018 17:17:03 +0000 (17:17 +0000)]
mod_ssl: OpenSSL now initializes fully through APR, use that.

Follow up to r1833368 and r1833452.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837435 13f79535-47bb-0310-9956-ffa450edef68

6 years agoFix comment in mod_lua and docs.
Christophe Jaillet [Sat, 4 Aug 2018 07:47:47 +0000 (07:47 +0000)]
Fix comment in mod_lua and docs.

s/addoutputfilter/add_output_filter/
See PR 62359

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837404 13f79535-47bb-0310-9956-ffa450edef68

6 years agoSave a few cycles.
Christophe Jaillet [Fri, 3 Aug 2018 17:22:57 +0000 (17:22 +0000)]
Save a few cycles.
There is no need to check the first bytes, they are known to be "bytes ".

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837388 13f79535-47bb-0310-9956-ffa450edef68

6 years agoBump mmn for worker_share struct update
Jim Jagielski [Fri, 3 Aug 2018 13:11:04 +0000 (13:11 +0000)]
Bump mmn for worker_share struct update

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837366 13f79535-47bb-0310-9956-ffa450edef68

6 years agoupdate after backport
Stefan Eissing [Fri, 3 Aug 2018 10:55:13 +0000 (10:55 +0000)]
update after backport

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1837359 13f79535-47bb-0310-9956-ffa450edef68