]> granicus.if.org Git - apache/log
apache
22 years agoDestroy the connection pool (and therefore run the cleanups) before destroying
Brian Havard [Mon, 1 Apr 2002 16:42:02 +0000 (16:42 +0000)]
Destroy the connection pool (and therefore run the cleanups) before destroying
the bucket_alloc as the cleanups refer to buckets allocated by the
bucket_alloc.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94360 13f79535-47bb-0310-9956-ffa450edef68

22 years agoIf this is a subrequest, register the cleanup against
Bill Stoddard [Mon, 1 Apr 2002 16:09:46 +0000 (16:09 +0000)]
If this is a subrequest, register the cleanup against
the main request. This will prevent the cache object
from being cleaned up from under the request after the
subrequest is destroyed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94359 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDon't allow initialization to succeed if we can't get a socket
Jeff Trawick [Mon, 1 Apr 2002 12:53:09 +0000 (12:53 +0000)]
Don't allow initialization to succeed if we can't get a socket
corresponding to one of the Listen statements.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94358 13f79535-47bb-0310-9956-ffa450edef68

22 years agoMigrate perchild to the new lock API, and clean up some of the logic
Ryan Bloom [Mon, 1 Apr 2002 08:27:42 +0000 (08:27 +0000)]
Migrate perchild to the new lock API, and clean up some of the logic
surrounding the FD passing.  This doesn't work yet, but it is getting
closer.  Currently, the problem is that we don't correctly read the data
from the socket so that it can be passed to the correct child.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94357 13f79535-47bb-0310-9956-ffa450edef68

22 years agoMatch the new APR_BUCKET_BUFF_SIZE. We want this to be slightly less than
Cliff Woolley [Mon, 1 Apr 2002 05:43:47 +0000 (05:43 +0000)]
Match the new APR_BUCKET_BUFF_SIZE.  We want this to be slightly less than
8KB to leave room for the various allocators' internal structures while
still fitting into a total of 8KB.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94356 13f79535-47bb-0310-9956-ffa450edef68

22 years agoMade AB's use of the Host: header rfc2616 compliant as
Dirk-Willem van Gulik [Mon, 1 Apr 2002 04:32:40 +0000 (04:32 +0000)]
Made AB's use of the Host: header rfc2616 compliant as
reported by Taisuke Yamada <tai@iij.ad.jp>

PR:
Obtained from: Mailing list
Submitted by: Taisuke Yamada <tai@iij.ad.jp>
Reviewed by: Dirk-Willem van Gulik

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94355 13f79535-47bb-0310-9956-ffa450edef68

22 years agoA bunch of Perchild changes.
Ryan Bloom [Mon, 1 Apr 2002 03:41:31 +0000 (03:41 +0000)]
A bunch of Perchild changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94353 13f79535-47bb-0310-9956-ffa450edef68

22 years agoMake perchild work with the new bucket_allocation API. Also, allow
Ryan Bloom [Mon, 1 Apr 2002 03:37:21 +0000 (03:37 +0000)]
Make perchild work with the new bucket_allocation API.  Also, allow
the Perchild directives to take both numerical UID/GID and the
logical user name/group name.
PR: 9784
Submitted by: named UID/GID logic: Scott Lamb <slamb@slamb.org>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94352 13f79535-47bb-0310-9956-ffa450edef68

22 years ago pointer subtraction yeilds a ssize_t, fix emit by notating the
William A. Rowe Jr [Mon, 1 Apr 2002 02:41:08 +0000 (02:41 +0000)]
  pointer subtraction yeilds a ssize_t, fix emit by notating the
  expression in terms of addition

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94351 13f79535-47bb-0310-9956-ffa450edef68

22 years ago Fix another linkage error for 2.0.34 and cvs head
William A. Rowe Jr [Mon, 1 Apr 2002 02:39:31 +0000 (02:39 +0000)]
  Fix another linkage error for 2.0.34 and cvs head

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94350 13f79535-47bb-0310-9956-ffa450edef68

22 years agoGet the Perchild MPM to compile and serve pages again. There are a lot
Ryan Bloom [Mon, 1 Apr 2002 00:32:39 +0000 (00:32 +0000)]
Get the Perchild MPM to compile and serve pages again.  There are a lot
of bugs left in this, but I am taking things one step at a time.  This
will work again.  This also gets perchild using the correct variable for
MaxRequestsPerChild

PR:     9856, 9855, 9052

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94349 13f79535-47bb-0310-9956-ffa450edef68

22 years agoit is sunny and warm in tahoe, still plenty of snow on the mountains
Doug MacEachern [Sun, 31 Mar 2002 17:32:23 +0000 (17:32 +0000)]
it is sunny and warm in tahoe, still plenty of snow on the mountains

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94348 13f79535-47bb-0310-9956-ffa450edef68

22 years ago Roll these changes into 2.0.34
William A. Rowe Jr [Sun, 31 Mar 2002 12:42:51 +0000 (12:42 +0000)]
  Roll these changes into 2.0.34

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94347 13f79535-47bb-0310-9956-ffa450edef68

22 years agoHandle CR/LF terminated lines from CGI scripts.
Brian Havard [Sun, 31 Mar 2002 07:48:56 +0000 (07:48 +0000)]
Handle CR/LF terminated lines from CGI scripts.

Reviewed by: Brian Pane

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94346 13f79535-47bb-0310-9956-ffa450edef68

22 years agoRemoved the single-byte header reads from mod_cgid
Brian Pane [Sat, 30 Mar 2002 23:55:16 +0000 (23:55 +0000)]
Removed the single-byte header reads from mod_cgid

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94344 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFixed script error logging, which I'd left commented out after making
Brian Pane [Sat, 30 Mar 2002 23:11:55 +0000 (23:11 +0000)]
Fixed script error logging, which I'd left commented out after making
the changes to use a brigade to read the script headers
Obtained from:
Submitted by:
Reviewed by:

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94343 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFix for a bug that I introduced when eliminating the single-byte
Brian Pane [Sat, 30 Mar 2002 22:48:39 +0000 (22:48 +0000)]
Fix for a bug that I introduced when eliminating the single-byte
reads in mod_cgi: eof wasn't treated as an error condition when
reading the script headers, so we were delivering a 200 when a
CGI script produced no output.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94342 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd/use EVP_PKEY_reference_inc and X509_reference_inc compat macros
Doug MacEachern [Sat, 30 Mar 2002 08:11:44 +0000 (08:11 +0000)]
add/use EVP_PKEY_reference_inc and X509_reference_inc compat macros
to get these changes working with sslc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94341 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd sslc compat for sk_X509_INFO_free
Doug MacEachern [Sat, 30 Mar 2002 07:42:30 +0000 (07:42 +0000)]
add sslc compat for sk_X509_INFO_free

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94340 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd SSLProxyCARevocation{File,Path} directives to support CRLs in the proxy
Doug MacEachern [Sat, 30 Mar 2002 06:46:24 +0000 (06:46 +0000)]
add SSLProxyCARevocation{File,Path} directives to support CRLs in the proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94338 13f79535-47bb-0310-9956-ffa450edef68

22 years agopass sc to myCtxConfig macro
Doug MacEachern [Sat, 30 Mar 2002 06:38:10 +0000 (06:38 +0000)]
pass sc to myCtxConfig macro

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94337 13f79535-47bb-0310-9956-ffa450edef68

22 years agomake it possible for proxy to use CRL callback
Doug MacEachern [Sat, 30 Mar 2002 06:36:56 +0000 (06:36 +0000)]
make it possible for proxy to use CRL callback

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94336 13f79535-47bb-0310-9956-ffa450edef68

22 years agoenable the verify callback for proxy
Doug MacEachern [Sat, 30 Mar 2002 06:20:16 +0000 (06:20 +0000)]
enable the verify callback for proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94334 13f79535-47bb-0310-9956-ffa450edef68

22 years agoap_proxy_http_request needs to check the return status of ap_pass_brigade
Doug MacEachern [Sat, 30 Mar 2002 06:19:14 +0000 (06:19 +0000)]
ap_proxy_http_request needs to check the return status of ap_pass_brigade

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94333 13f79535-47bb-0310-9956-ffa450edef68

22 years agochange sc->server references to myCtxConfig, so proxy can use the
Doug MacEachern [Sat, 30 Mar 2002 06:03:08 +0000 (06:03 +0000)]
change sc->server references to myCtxConfig, so proxy can use the
verify callback.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94332 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd myCtxConfig macro
Doug MacEachern [Sat, 30 Mar 2002 05:57:59 +0000 (05:57 +0000)]
add myCtxConfig macro

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94331 13f79535-47bb-0310-9956-ffa450edef68

22 years agoimplement proxy client certificate callback
Doug MacEachern [Sat, 30 Mar 2002 05:40:02 +0000 (05:40 +0000)]
implement proxy client certificate callback
(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94329 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinput filter should not return failure when ssl runtime wants to read more
Doug MacEachern [Sat, 30 Mar 2002 05:16:55 +0000 (05:16 +0000)]
input filter should not return failure when ssl runtime wants to read more

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94328 13f79535-47bb-0310-9956-ffa450edef68

22 years agossl_io_input_read needs to return something other than APR_SUCCESS
Doug MacEachern [Sat, 30 Mar 2002 04:52:48 +0000 (04:52 +0000)]
ssl_io_input_read needs to return something other than APR_SUCCESS
when bucket read from socket was successful,
but there was an error within the ssl runtime.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94327 13f79535-47bb-0310-9956-ffa450edef68

22 years agoload SSLProxyMachineCertificate{File,Path}
Doug MacEachern [Sat, 30 Mar 2002 01:50:10 +0000 (01:50 +0000)]
load SSLProxyMachineCertificate{File,Path}

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94324 13f79535-47bb-0310-9956-ffa450edef68

22 years agoenable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
Doug MacEachern [Sat, 30 Mar 2002 01:41:35 +0000 (01:41 +0000)]
enable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94323 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFix the version string. We want to end up with "mod_ssl/2.0.xx", not
Cliff Woolley [Sat, 30 Mar 2002 00:00:21 +0000 (00:00 +0000)]
Fix the version string.  We want to end up with "mod_ssl/2.0.xx", not
"mod_ssl/Apache/2.0.xx".

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94320 13f79535-47bb-0310-9956-ffa450edef68

22 years agoCloudy today.
Joshua Slive [Fri, 29 Mar 2002 19:22:47 +0000 (19:22 +0000)]
Cloudy today.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94317 13f79535-47bb-0310-9956-ffa450edef68

22 years agoRemoved email address on request - as obviscation was slammed down on the list -...
Dirk-Willem van Gulik [Fri, 29 Mar 2002 19:20:40 +0000 (19:20 +0000)]
Removed email address on request - as obviscation was slammed down on the list - and Google is your friend in any case

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94315 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd SSLProxyEngine directive. this was not required in the 1.x based
Doug MacEachern [Fri, 29 Mar 2002 17:56:33 +0000 (17:56 +0000)]
add SSLProxyEngine directive.  this was not required in the 1.x based
mod_ssl because the SSL_CTX was created and configured for *every*
request.  unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance.  but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94314 13f79535-47bb-0310-9956-ffa450edef68

22 years agocheck the return value of ap_proxy_ssl_enable
Doug MacEachern [Fri, 29 Mar 2002 17:48:28 +0000 (17:48 +0000)]
check the return value of ap_proxy_ssl_enable

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94313 13f79535-47bb-0310-9956-ffa450edef68

22 years agoSyncing makes no sense now
Jim Jagielski [Fri, 29 Mar 2002 16:21:48 +0000 (16:21 +0000)]
Syncing makes no sense now

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94309 13f79535-47bb-0310-9956-ffa450edef68

22 years agoPR:
Paul J. Reder [Fri, 29 Mar 2002 16:15:33 +0000 (16:15 +0000)]
PR:
Obtained from:
Submitted by: Paul J. Reder
Reviewed by:

Remove the MPM_SYNC_CHILD_TABLE macro since there is no longer a scoreboard
file that needs to be synched.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94308 13f79535-47bb-0310-9956-ffa450edef68

22 years agoThe old, legacy (and unused) code in which the scoreboard was totally
Jim Jagielski [Fri, 29 Mar 2002 14:33:50 +0000 (14:33 +0000)]
The old, legacy (and unused) code in which the scoreboard was totally
and completely contained in a file (SCOREBOARD_FILE) has been
removed. This does not affect scoreboards which are *mapped* to
files using named-shared-memory at all. This implies that scoreboards
must be based, at some level, on native shared memory (mmap, shm_open,
shmget, whatever), but the code has assumed that for quite awhile
now. Having the scoreboard be *based* on a file makes no sense today.

PR:
Obtained from:
Submitted by:
Reviewed by:

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94306 13f79535-47bb-0310-9956-ffa450edef68

22 years agoBUCKET FREELISTS
Cliff Woolley [Fri, 29 Mar 2002 08:17:26 +0000 (08:17 +0000)]
BUCKET FREELISTS

Add an allocator-passing mechanism throughout the bucket brigades API.

From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook.  That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94304 13f79535-47bb-0310-9956-ffa450edef68

22 years agoimport ssl_proxy_enable in the post config phase, otherwise LoadModule
Doug MacEachern [Fri, 29 Mar 2002 08:04:04 +0000 (08:04 +0000)]
import ssl_proxy_enable in the post config phase, otherwise LoadModule
order may leave us without the function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94303 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove ssl_engine_ext.c
Doug MacEachern [Fri, 29 Mar 2002 07:37:28 +0000 (07:37 +0000)]
remove ssl_engine_ext.c

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94302 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremoving old proxy extension code
Doug MacEachern [Fri, 29 Mar 2002 07:36:01 +0000 (07:36 +0000)]
removing old proxy extension code

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94301 13f79535-47bb-0310-9956-ffa450edef68

22 years agohook into mod_ssl for https support
Doug MacEachern [Fri, 29 Mar 2002 07:29:11 +0000 (07:29 +0000)]
hook into mod_ssl for https support

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94300 13f79535-47bb-0310-9956-ffa450edef68

22 years agoneed to flush output buffer before reading in proxy mode
Doug MacEachern [Fri, 29 Mar 2002 07:23:09 +0000 (07:23 +0000)]
need to flush output buffer before reading in proxy mode

need to call ssl_hook_process_connection in the output filter in proxy
mode, since proxy hits the output filter before the input filter

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94299 13f79535-47bb-0310-9956-ffa450edef68

22 years agoin proxy mode we need to SSL_connect rather than SSL_accept in
Doug MacEachern [Fri, 29 Mar 2002 07:22:43 +0000 (07:22 +0000)]
in proxy mode we need to SSL_connect rather than SSL_accept in
ssl_hook_process_connection.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94298 13f79535-47bb-0310-9956-ffa450edef68

22 years agoThese two variables were left uninitialized accidentally.
Cliff Woolley [Fri, 29 Mar 2002 07:12:01 +0000 (07:12 +0000)]
These two variables were left uninitialized accidentally.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94297 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDocument the variable expansion enhancements for mod_include
Brian Pane [Fri, 29 Mar 2002 06:26:03 +0000 (06:26 +0000)]
Document the variable expansion enhancements for mod_include

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94295 13f79535-47bb-0310-9956-ffa450edef68

22 years agoAllow variable expansion within in the "var" arg to <!--#echo
Brian Pane [Fri, 29 Mar 2002 05:58:39 +0000 (05:58 +0000)]
Allow variable expansion within in the "var" arg to <!--#echo
and <!--#set, so that people can do things like this:
  <!--#echo var="${foo}_${bar}" -->

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94294 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd optional function (ssl_proxy_enable) to turn on ssl proxy
Doug MacEachern [Fri, 29 Mar 2002 04:50:37 +0000 (04:50 +0000)]
add optional function (ssl_proxy_enable) to turn on ssl proxy

choose SSL_CTX based on SSLConnRec.is_proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94293 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinit proxy context
Doug MacEachern [Fri, 29 Mar 2002 04:48:01 +0000 (04:48 +0000)]
init proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94292 13f79535-47bb-0310-9956-ffa450edef68

22 years agoReplaced my fix for the is_only_below() bug with Cliff's faster
Brian Pane [Fri, 29 Mar 2002 04:47:10 +0000 (04:47 +0000)]
Replaced my fix for the is_only_below() bug with Cliff's faster
and simpler version.
Submitted by: Cliff Woolley

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94291 13f79535-47bb-0310-9956-ffa450edef68

22 years agos/id/mode/ in ssl_cmd_SSLProxyVerify
Doug MacEachern [Fri, 29 Mar 2002 03:19:12 +0000 (03:19 +0000)]
s/id/mode/ in ssl_cmd_SSLProxyVerify

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94290 13f79535-47bb-0310-9956-ffa450edef68

22 years agouse ssl_cmd_verify_parse for SSLProxyVerify directive handler
Doug MacEachern [Fri, 29 Mar 2002 03:05:49 +0000 (03:05 +0000)]
use ssl_cmd_verify_parse for SSLProxyVerify directive handler

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94289 13f79535-47bb-0310-9956-ffa450edef68

22 years agocleanup the proxy context
Doug MacEachern [Fri, 29 Mar 2002 02:59:27 +0000 (02:59 +0000)]
cleanup the proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94288 13f79535-47bb-0310-9956-ffa450edef68

22 years agos/ctx/dcfg/g in ssl directive handlers
Doug MacEachern [Fri, 29 Mar 2002 02:48:20 +0000 (02:48 +0000)]
s/ctx/dcfg/g in ssl directive handlers

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94287 13f79535-47bb-0310-9956-ffa450edef68

22 years agoenable proxy directives
Doug MacEachern [Fri, 29 Mar 2002 02:43:33 +0000 (02:43 +0000)]
enable proxy directives

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94286 13f79535-47bb-0310-9956-ffa450edef68

22 years agochange existing ssl_init_ctx() to ssl_init_ctx_protocol()
Doug MacEachern [Fri, 29 Mar 2002 02:20:58 +0000 (02:20 +0000)]
change existing ssl_init_ctx() to ssl_init_ctx_protocol()

new ssl_init_ctx() inits the lot: protocol, session_cache, callbacks,
verify, cipher suite, crl, cert_chain

new ssl_init_server_ctx function inits everything for sc->server

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94285 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFixes for three problems in mod_include:
Brian Pane [Fri, 29 Mar 2002 02:14:45 +0000 (02:14 +0000)]
Fixes for three problems in mod_include:
  * The ctx->tag_length computation in find_end_sequence() was a bit
    broken in cases where there was a "false alarm" match on a partial
    "-->"
  * The ap_ssi_get_tag_and_value() function needs to avoid walking off
    the end of the string.  After debugging this some more, I ended up
    using Cliff's original patch.
  * Infinite loop in is_only_below()

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94284 13f79535-47bb-0310-9956-ffa450edef68

22 years agoproxy will have a different verify callback
Doug MacEachern [Fri, 29 Mar 2002 02:09:59 +0000 (02:09 +0000)]
proxy will have a different verify callback

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94283 13f79535-47bb-0310-9956-ffa450edef68

22 years agoproxy needs to use client ssl method
Doug MacEachern [Fri, 29 Mar 2002 02:06:57 +0000 (02:06 +0000)]
proxy needs to use client ssl method

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94282 13f79535-47bb-0310-9956-ffa450edef68

22 years agosetup sc->proxy->sc
Doug MacEachern [Fri, 29 Mar 2002 02:01:49 +0000 (02:01 +0000)]
setup sc->proxy->sc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94281 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd ssl_config_server_new function to fold some duplication in server
Doug MacEachern [Fri, 29 Mar 2002 02:00:20 +0000 (02:00 +0000)]
add ssl_config_server_new function to fold some duplication in server
create/merge and to make sure merge config is fully inititialized

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94280 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinititialize and merge proxy config
Doug MacEachern [Fri, 29 Mar 2002 01:56:40 +0000 (01:56 +0000)]
inititialize and merge proxy config

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94279 13f79535-47bb-0310-9956-ffa450edef68

22 years agono point in merging things which are not set until after merge happens.
Doug MacEachern [Fri, 29 Mar 2002 01:42:04 +0000 (01:42 +0000)]
no point in merging things which are not set until after merge happens.
make a note of those which are set during module init.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94278 13f79535-47bb-0310-9956-ffa450edef68

22 years ago'ctx' traditionally refers to an SSL_CTX. change modssl_ctx_t
Doug MacEachern [Fri, 29 Mar 2002 01:24:10 +0000 (01:24 +0000)]
'ctx' traditionally refers to an SSL_CTX.  change modssl_ctx_t
instances to 'mctx'

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94277 13f79535-47bb-0310-9956-ffa450edef68

22 years agoStop the while loop from incrementing twice per iteration before checking for
Bradley Nicholes [Fri, 29 Mar 2002 00:39:56 +0000 (00:39 +0000)]
Stop the while loop from incrementing twice per iteration before checking for
the NULL terminator.  This was causing the while loop to walk off the end of any
string with an odd number of characters.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94276 13f79535-47bb-0310-9956-ffa450edef68

22 years agoctx->sc is set during init
Doug MacEachern [Thu, 28 Mar 2002 19:50:48 +0000 (19:50 +0000)]
ctx->sc is set during init

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94275 13f79535-47bb-0310-9956-ffa450edef68

22 years agoswitch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
Doug MacEachern [Thu, 28 Mar 2002 19:48:31 +0000 (19:48 +0000)]
switch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
functions

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94274 13f79535-47bb-0310-9956-ffa450edef68

22 years agomake merging of modssl_ctx_t's generic
Doug MacEachern [Thu, 28 Mar 2002 19:15:03 +0000 (19:15 +0000)]
make merging of modssl_ctx_t's generic

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94273 13f79535-47bb-0310-9956-ffa450edef68

22 years agoUpdate Redhat layout to v7.
Joshua Slive [Thu, 28 Mar 2002 19:04:48 +0000 (19:04 +0000)]
Update Redhat layout to v7.

PR: BZ-7422
Submitted by: Joe Orton

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94272 13f79535-47bb-0310-9956-ffa450edef68

22 years agomoving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else
Doug MacEachern [Thu, 28 Mar 2002 18:58:06 +0000 (18:58 +0000)]
moving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94271 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove unused cfgMerge{Table,Ctx} macros
Doug MacEachern [Thu, 28 Mar 2002 18:54:52 +0000 (18:54 +0000)]
remove unused cfgMerge{Table,Ctx} macros

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94269 13f79535-47bb-0310-9956-ffa450edef68

22 years agomoving protocol location
Doug MacEachern [Thu, 28 Mar 2002 18:53:54 +0000 (18:53 +0000)]
moving protocol location

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94268 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreakup SSLSrvConfigRec in preparation for proxy support:
Doug MacEachern [Thu, 28 Mar 2002 18:50:07 +0000 (18:50 +0000)]
breakup SSLSrvConfigRec in preparation for proxy support:
+ modssl_pk_server_t - certs/keys for the server
+ modssl_pk_proxy_t  - certs/keys for the proxy
+ modssl_auth_ctx_t  - stuff related to authentication that can also
                       be per-dir, used by both server and proxy
+ modssl_ctx_t       - context that can be used by both server and proxy
+ SSLSrvConfigRec    - now contains original stuff specific to the
                       server config and modssl_ctx_t *server, *proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94267 13f79535-47bb-0310-9956-ffa450edef68

22 years agoripping out some proxy stuff that isn't currently in use and is going
Doug MacEachern [Thu, 28 Mar 2002 17:23:50 +0000 (17:23 +0000)]
ripping out some proxy stuff that isn't currently in use and is going
to change anyhow.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94266 13f79535-47bb-0310-9956-ffa450edef68

22 years agoalready added configure check for SSL_set_cert_store
Doug MacEachern [Thu, 28 Mar 2002 17:16:41 +0000 (17:16 +0000)]
already added configure check for SSL_set_cert_store

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94265 13f79535-47bb-0310-9956-ffa450edef68

22 years agode-hungarian-ize server config member names which are going to stay
Doug MacEachern [Thu, 28 Mar 2002 17:11:12 +0000 (17:11 +0000)]
de-hungarian-ize server config member names which are going to stay

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94264 13f79535-47bb-0310-9956-ffa450edef68

22 years agoreorder a bit of the server config structure, moving items that are
Doug MacEachern [Thu, 28 Mar 2002 16:47:36 +0000 (16:47 +0000)]
reorder a bit of the server config structure, moving items that are
going to stay there to the top.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94263 13f79535-47bb-0310-9956-ffa450edef68

22 years agosignature of quick_handler hook changed
Jeff Trawick [Thu, 28 Mar 2002 11:17:59 +0000 (11:17 +0000)]
signature of quick_handler hook changed

(mod_example's quick_handler hook doesn't have to do anything
with the new parameter)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94262 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove error msg hint that is no longer true
Doug MacEachern [Thu, 28 Mar 2002 02:51:52 +0000 (02:51 +0000)]
remove error msg hint that is no longer true

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94261 13f79535-47bb-0310-9956-ffa450edef68

22 years agofixup naming:
Doug MacEachern [Thu, 28 Mar 2002 02:46:28 +0000 (02:46 +0000)]
fixup naming:
 ssl_init_ctx_* will be used for both proxy and server
 ssl_init_server_* is specific to the server

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94260 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove context callback setting to ssl_init_ctx_callbacks function
Doug MacEachern [Thu, 28 Mar 2002 02:40:01 +0000 (02:40 +0000)]
move context callback setting to ssl_init_ctx_callbacks function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94259 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server cert/key initialization to ssl_init_server_certs function
Doug MacEachern [Thu, 28 Mar 2002 02:36:05 +0000 (02:36 +0000)]
move server cert/key initialization to ssl_init_server_certs function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94258 13f79535-47bb-0310-9956-ffa450edef68

22 years agocopy DSA params to server server during key import
Doug MacEachern [Thu, 28 Mar 2002 02:28:06 +0000 (02:28 +0000)]
copy DSA params to server server during key import

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94257 13f79535-47bb-0310-9956-ffa450edef68

22 years agofix logic from last commit, need to always try importing _both_ rsa
Doug MacEachern [Thu, 28 Mar 2002 02:09:58 +0000 (02:09 +0000)]
fix logic from last commit, need to always try importing _both_ rsa
and dsa

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94256 13f79535-47bb-0310-9956-ffa450edef68

22 years agofold some duplication into generic ssl_server_import_key function
Doug MacEachern [Thu, 28 Mar 2002 02:01:03 +0000 (02:01 +0000)]
fold some duplication into generic ssl_server_import_key function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94255 13f79535-47bb-0310-9956-ffa450edef68

22 years agoRevert my last fix, which broke more things than it fixed
Brian Pane [Thu, 28 Mar 2002 01:57:03 +0000 (01:57 +0000)]
Revert my last fix, which broke more things than it fixed

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94254 13f79535-47bb-0310-9956-ffa450edef68

22 years agofold some duplication into generic ssl_server_import_cert function
Doug MacEachern [Thu, 28 Mar 2002 01:47:50 +0000 (01:47 +0000)]
fold some duplication into generic ssl_server_import_cert function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94253 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server cert checking into generic ssl_check_public_cert function.
Doug MacEachern [Thu, 28 Mar 2002 01:32:41 +0000 (01:32 +0000)]
move server cert checking into generic ssl_check_public_cert function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94252 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDon't walk past the end of the tag in ap_ssi_get_tag_and_value()
Brian Pane [Thu, 28 Mar 2002 01:19:58 +0000 (01:19 +0000)]
Don't walk past the end of the tag in ap_ssi_get_tag_and_value()
Discovered by: Cliff Woolley

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94251 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server specific init config checks into ssl_init_check_server
Doug MacEachern [Thu, 28 Mar 2002 01:14:53 +0000 (01:14 +0000)]
move server specific init config checks into ssl_init_check_server
function (ssl_init_check_proxy will be different)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94250 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out certificate chain initialization into
Doug MacEachern [Thu, 28 Mar 2002 01:07:20 +0000 (01:07 +0000)]
break out certificate chain initialization into
ssl_init_cert_chain function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94249 13f79535-47bb-0310-9956-ffa450edef68

22 years agoap_run_sub_req does not return apr_status, so we shouldn't be checking
Bill Stoddard [Thu, 28 Mar 2002 01:05:24 +0000 (01:05 +0000)]
ap_run_sub_req does not return apr_status, so we shouldn't be checking
APR_STATUS_IS_EPIPE(). Also, remove the code that assumed the sub_req_lookup_uri
actually served up the content in the quick handler. We now call the quick_handler
in ap_run_sub_req()

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94248 13f79535-47bb-0310-9956-ffa450edef68

22 years agothere is a heaping pile of:
Doug MacEachern [Thu, 28 Mar 2002 00:34:13 +0000 (00:34 +0000)]
there is a heaping pile of:
 ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID)
add SSL_INIT flag to cut down some noise and end up with:
 ssl_log(s, flags, "...")

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94247 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out certificate revocation list initialization into
Doug MacEachern [Wed, 27 Mar 2002 23:53:27 +0000 (23:53 +0000)]
break out certificate revocation list initialization into
ssl_init_crl function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out cipher suite initialization into ssl_init_cipher_suite function
Doug MacEachern [Wed, 27 Mar 2002 23:49:09 +0000 (23:49 +0000)]
break out cipher suite initialization into ssl_init_cipher_suite function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94245 13f79535-47bb-0310-9956-ffa450edef68

22 years ago"new" is a c++ keyword; s/new/mrg/g in config merge functions
Doug MacEachern [Wed, 27 Mar 2002 23:35:31 +0000 (23:35 +0000)]
"new" is a c++ keyword; s/new/mrg/g in config merge functions

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94244 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove warning about session cache not being configured to ssl_scache_init
Doug MacEachern [Wed, 27 Mar 2002 23:25:58 +0000 (23:25 +0000)]
move warning about session cache not being configured to ssl_scache_init

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94243 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out SSL_CTX session initialization into
Doug MacEachern [Wed, 27 Mar 2002 23:19:08 +0000 (23:19 +0000)]
break out SSL_CTX session initialization into
ssl_init_session_cache_ctx function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94242 13f79535-47bb-0310-9956-ffa450edef68