Doug MacEachern [Thu, 28 Feb 2002 05:28:43 +0000 (05:28 +0000)]
remove #ifdef SHARED_MODULE around ssl library cleanup calls.
SHARED_MODULE is no longer defined, so we were leaking.
plus we always do a full startup/teardown regardless of being a dso or
static.
Doug MacEachern [Thu, 28 Feb 2002 05:17:03 +0000 (05:17 +0000)]
various SSLCACertificatePath fixes:
- return value from apr_dir_read() was checking != APR_SUCCESS rather
than == APR_SUCCESS, so no certs were ever loaded.
- wasn't checking return value of apr_dir_open(), now log an error and
ssl_die() on failure.
Doug MacEachern [Thu, 28 Feb 2002 04:59:07 +0000 (04:59 +0000)]
plug leak in ssl_init_FindCAList() where return value of
X509_NAME_oneline() used for trace logging was not freed.
now passes in a static buffer so no buffer is malloced.
Doug MacEachern [Thu, 28 Feb 2002 03:48:26 +0000 (03:48 +0000)]
need to free the stacks returned by calls to SSL_load_client_CA_file()
in ssl_init_FindCAList(). values are pushed into another stack which
gets freed when SSL context is destroyed.
Aaron Bannert [Thu, 28 Feb 2002 02:56:15 +0000 (02:56 +0000)]
No longer assume SERVER_CONFIG_FILE is in the "conf" directory. Instead
look for it in the $sysconfdir.
This required the use of a new m4 function from APR that retrieves
the fully "expanded", or recursively interpolated, value of the
$sysconfdir variable.
Doug MacEachern [Thu, 28 Feb 2002 01:47:26 +0000 (01:47 +0000)]
always reusing existing private key for given vhost on restarts if key
is encrypted and mtime stamp has not changed. this prevents getting
prompted twice for passphrase on windows and elsewhere when server is
started with -DNO_DETACH.
Doug MacEachern [Thu, 28 Feb 2002 00:01:57 +0000 (00:01 +0000)]
mod_ssl was "leaking" on restart since mc->tTmpKeys table entries
were allocated using apr_palloc out of s->process->pool and pushed
into an apr_array_header_t.
solve the problem by moving from apr_array_header_t's to an apr_hash_t.
also add ssl_asn1_table_{set,unset} wrappers to use malloc/free so we
do not "leak" from s->process->pool.
Allan K. Edwards [Wed, 27 Feb 2002 21:16:19 +0000 (21:16 +0000)]
ownership of the brigade is passed in the ap_pass_brigade call
so make sure that it doesn't get left lying around. This tickled
a bug with mod_deflate and resulted in a bucket being compressed
more than once.
Introduce PassPhraseDialog 'pipe' mechanism. This builds on DougM's
apr-ization of the 'tty', and changes his naming a bit so we clearly
identify the pipe-to and pipe-from the user.
This patch invokes a bidirectional piped dialog to the user.
This is the directive handling commit only, the mechanics patch will
follow. PassPhraseDialog "|/path/to/pipe" will use the bidirectional
pipe to have a 'conversation', along the lines of the tty dialog with
PassPhraseDialog 'builtin'. This is entirely different than the 'exec'
method, which simply runs once for each passphrase, and doesn't allow
for failure/retries, and certainly doesn't offer any sensible 'dialog'.
Aaron Bannert [Wed, 27 Feb 2002 19:40:27 +0000 (19:40 +0000)]
Set defaults for non-autoconf path variables. Also export a couple
variables that for whatever reason weren't being placed into
config_vars.mk.
Warning: This commit alters the "default" layout (ie. when no --enable-layout
is specified). The most notable change will be htdocs in $prefix/share/htdocs,
which works with the autoconf defaults, but may not be what we want. This
will require more work.
This baffled .mak exported build targets for mod_ssl/abs. They will
recognize their output only as .\Release|Debug\mod_ssl.so, etc. Without
the leading .\ kept getting 'dunno how to make ... target'
Must admit, my use case was focused on services. It seems that if we
had a console, we weren't reassigning stdhandles with AllocConsole().
Open the conin/conout very explicitly, and clean up some other cruft.
Aaron Bannert [Wed, 27 Feb 2002 17:16:29 +0000 (17:16 +0000)]
Fix --sysconfdir and --localstatedir, which were being ignored.
Fix --enable-layout to work.
showstoppers--
Note: As far as we can tell, autoconf will not let us override our layout
settings from paramers like --prefix, etc. This is unfortunate, but
we will not let this get in the way of --enable-layout working. This
will be made clear in the docs.
Aaron Bannert [Wed, 27 Feb 2002 17:06:33 +0000 (17:06 +0000)]
Fix --enable-layout to work again.
Fix bug where --sysconfdir and --localstatedir were being ignored by APR.
Caution: When specifying --enable-layout, common arguments like --prefix,
--exec-prefix, etc. will be ignored and the settings from the layout
will be used instead.
I just tried to do a graceful restart while pounding my box with worker
MPM and no segfaults. Am I missing something or were these fixed with
Jeff's latest fixes?
Don't set bytes_sent to be 0 when r->assbackwards since this screws up
logging.
The content length filter seems to track bytes_sent properly regardless
of HTTP version. The HTTP header filter knows not to send C-L (or any
headers) to this client.
Doug MacEachern [Wed, 27 Feb 2002 03:33:38 +0000 (03:33 +0000)]
change builtin passphrase prompt to use stdout rather than stderr.
and switch to using apr_file api for portability.
stderr has already been redirected to the error_log.
rather than attempting to temporarily rehook it to the terminal,
we print the prompt to stdout before EVP_read_pw_string turns
off tty echo. which is also more portable.
Doug MacEachern [Wed, 27 Feb 2002 03:21:09 +0000 (03:21 +0000)]
changing mod_ssl to do a full startup/teardown on each restart rather
than hack to only read passphrase on 1st round startup. this change:
- fixes current segv on restarts (SHARED_MODULE is not defined)
- allows LoadModule ssl_module to be added to httpd.conf on restart
(was core dumping previously)
- allows certs/keys to be changed on restart provided key is not
encrypted or SSLPassPhraseDialog is exec. if key is encrypted and
SSLPassPhraseDialog is builtin, existing private keys will be reused
on restart (which happens currently for any type of key/dialog).
note: mod_ssl currently leaks on restart; leaks more with this change.
fixes to come.
Aaron Bannert [Tue, 26 Feb 2002 18:41:58 +0000 (18:41 +0000)]
These variables need to be delimited with {} or they will conflict with
other variables in the same namespace with a shorter prefix substring.
How did this ever work before? I ran into this while testing some of
the recent layout-fixing patches.
Ryan Bloom [Mon, 25 Feb 2002 06:54:40 +0000 (06:54 +0000)]
I learned about AP_MODE_EXHAUSTIVE while reading some of the new filter
code earlier today. With this mode, the Perchild MPM can finally be
fixed to work with filters. I have changed a comment in the core to make
it clear that this mode is required, but I have mentioned how dangerous
this mode is. Also add a comment to STATUS about my plans.
Hopefully I'll have some time this week to hack through the MPM.
Jeff Trawick [Sun, 24 Feb 2002 20:53:26 +0000 (20:53 +0000)]
restart fixes for worker:
fix a segfault and a window in which we could miss joining
newly-created threads
we can't try to signal workers if the worker queue hasn't
been initialized (or we segfault)
make sure the start thread is done creating threads before
we try to join; otherwise we can just miss some of them and
not be able to clean them up properly
Brian Pane [Sun, 24 Feb 2002 08:33:56 +0000 (08:33 +0000)]
Removed unixd_set_lock_perms(apr_lock_t *), which is no longer
used by any of the MPMs. (This is another step toward eliminating
the httpd's dependencies on the old lock API.)
Brian Pane [Sun, 24 Feb 2002 07:40:05 +0000 (07:40 +0000)]
Fix for the code that handles SSI tokens that span multiple
buckets: if a brigade containing an incomplete "<!--#" token
has been set aside in ctx->ssi_tag_brigade, we need to retrieve
and output the contents of that brigade if the next bucket (in
the next brigade) doesn't actually complete the "<!--#".
As part of this commit, I've commented out the recent changes
to detect flush buckets in the brigade, due to segfaults. (I
think the fix may be to add some checks for sentinels and EOS
when advancing to the next bucket after the flush bucket.)
Brian Havard [Sat, 23 Feb 2002 11:52:14 +0000 (11:52 +0000)]
When firing up a new child process, wipe clean the set of worker_score records
we're going to use as they could contain leftovers from a previous child.
This solves a problem where a non-graceful restart followed by a graceful
restart would leave previous generation children stuck waiting for non-existant
worker threads to terminate.
Aaron Bannert [Thu, 21 Feb 2002 18:52:28 +0000 (18:52 +0000)]
Implement apr_proc_detach changes and allow -DNO_DETACH in the multi-process
mode to not "daemonize" while detaching from the controlling terminal.
This is necessary for Apache to work with process-management tools like
AIX's "System Resource Controller" as well as Dan Bernstein's "daemontools".
What this means is apache must _NOT_ be a process group leader if called
with the -DNO_DETACH flag.
Submitted from: Jos Backus <josb@cncdsl.com>
Edited/Reviewed by: Aaron Bannert
This code should be a noop today. But I did not feel comfortable about
reusing/recopying each bucket -after- inserting it into the brigade.
Also, copying bucket c from b from a seemed obtuse.
This patch creates the single bucket, makes a copy of it for each
sendfile chunk we are about to add to the brigade, and finally consumes
that initial bucket as the final file bucket of the brigade.
Aaron Bannert [Thu, 21 Feb 2002 17:00:50 +0000 (17:00 +0000)]
Convert mod_auth_digest to use the new apr_global_mutex_t type.
Added some comments that will help us make this more portable.
tmpnam() is not portable to platforms that will not inhereit
the process, so we need to pull the lock filename from somewhere
shared, like a configuration directive.
Graham Leggett [Thu, 21 Feb 2002 06:06:31 +0000 (06:06 +0000)]
Some browsers ignore cookies that have been merged into a
single Set-Cookie header. Set-Cookie and Set-Cookie2 headers
are now unmerged in the http proxy before being sent to the
client.
Fix a problem with proxy where each entry of a duplicated
header such as Set-Cookie would overwrite and obliterate the
previous value of the header, resulting in multiple header
values (like cookies) going missing.
PR:
Obtained from:
Submitted by:
Reviewed by:
Ian Holsman [Thu, 21 Feb 2002 04:05:21 +0000 (04:05 +0000)]
bump bumpty bump
Placing the thread-limit and server-limit values, those which define the
size of internal structures in the scoreboard, actually into the
scoreboard allow third-party applications to access those structures.
Aaron Bannert [Thu, 21 Feb 2002 01:30:06 +0000 (01:30 +0000)]
Placing the thread-limit and server-limit values, those which define the
size of internal structures in the scoreboard, actually into the
scoreboard allow third-party applications to access those structures.
Submitted by: Adam Sussman <myddryn@vishnu.vidya.com>
Reviewed by: Aaron Bannert