]>
granicus.if.org Git - apache/log
Eric Covener [Mon, 14 Jul 2014 20:23:27 +0000 (20:23 +0000)]
add CGIDRequestTimeout to CHANGES
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610514 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 14 Jul 2014 20:18:26 +0000 (20:18 +0000)]
merge r1535125 and r1610509 from trunk:
*) SECURITY: CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server.
[Rainer Jung, Eric Covener, Yann Ylavic]
Submitted By: rjung, covener, ylavic
Reviewed By: trawick, jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610512 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 14 Jul 2014 20:01:30 +0000 (20:01 +0000)]
backport r1610501 from trunk:
*) SECURITY: CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avoid
denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.
Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue.
Submitted By: ylavic, covener
Reviewed By: jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610503 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 19:55:04 +0000 (19:55 +0000)]
Merge
1610491 from trunk:
SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,
which could lead to a heap buffer overflow. Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.
* include/scoreboard.h: Add ap_copy_scoreboard_worker.
* server/scoreboard.c (ap_copy_scoreboard_worker): New function.
* modules/generators/mod_status.c (status_handler): Use it.
* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.
Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610499 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 19:36:38 +0000 (19:36 +0000)]
Note CVE name for mod_cache crasher fixed in 2.4.7.
This issue affected httpd versions 2.4.5 and 2.4.6 only.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610495 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:29:51 +0000 (12:29 +0000)]
Done.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610400 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:29:22 +0000 (12:29 +0000)]
Merge
1610311 from trunk:
Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077).
Submitted by: rjung
Reviewed by: rjung, ylavic, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610399 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:27:53 +0000 (12:27 +0000)]
Vote, promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610398 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Mon, 14 Jul 2014 12:09:21 +0000 (12:09 +0000)]
Merge r1572896, r1572911 from trunk:
mod_deflate:
Don't fail when asked to flush inflated data to the user-agent and that
coincides with the end of stream ("Zlib error flushing inflate buffer").
PR 56196.
Submitted By: [Christoph Fausak <christoph.fausak glueckkanja com>]
Committed By: ylavic
mod_deflate: follows up r1572896.
Be safe from successive or post end-of-stream flush buckets.
Submitted by: ylavic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610397 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Mon, 14 Jul 2014 12:07:55 +0000 (12:07 +0000)]
Merge r1452551, r1607960 from trunk:
PR54587: LDAP connections used for authn were not respecting
LDAPConnectionPoolTimeout due to confusion over what "bound" means.
Added some LDAP trace at TRACE5 to track how LDAP connections are
reused and rebound.
make LDAPConnectionPoolTTL more conservative, use r->request_time rather than
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.
Submitted by: covener
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610396 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Mon, 14 Jul 2014 06:05:22 +0000 (06:05 +0000)]
Merge r1610207 from trunk:
Forward local IP address as a custom request attribute
like we already do for the remote port.
Both were forgotten in the original AJP 13 spec
but are needed by the Servlet spec. Until now,
Tomcat simply returns for getLocalAddr() the same as
for getLocalName().
The next round of Tomcat releases will look for the
optional new request attribute.
See also Tomcat BZ 56661.
Submitted by: rjung
Reviewed by: trawick, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610340 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Mon, 14 Jul 2014 00:40:54 +0000 (00:40 +0000)]
Vote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610331 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Mon, 14 Jul 2014 00:37:35 +0000 (00:37 +0000)]
Vote and promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610330 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:29:06 +0000 (00:29 +0000)]
Merge r1609938 from trunk:
core: Include any error notes set by modules in the canned error
response for 403 errors.
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610328 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:24:33 +0000 (00:24 +0000)]
Merge r1609936 from trunk:
mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610327 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:22:15 +0000 (00:22 +0000)]
Merge r1609914 from trunk:
mod_ssl: Fix issue with redirects to error documents when handling
SNI errors.
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610326 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 23:21:33 +0000 (23:21 +0000)]
Promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610321 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 23:20:48 +0000 (23:20 +0000)]
Some easy votes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610319 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 22:36:32 +0000 (22:36 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610312 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sun, 13 Jul 2014 18:15:35 +0000 (18:15 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610263 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 14:57:25 +0000 (14:57 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610221 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 13 Jul 2014 12:23:34 +0000 (12:23 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610179 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 13 Jul 2014 12:22:14 +0000 (12:22 +0000)]
XML Update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610178 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 20:43:36 +0000 (20:43 +0000)]
promote LDAP proposal
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610046 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:25:35 +0000 (18:25 +0000)]
the dishes are done
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610018 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:19:16 +0000 (18:19 +0000)]
Merge r1496709,r1601995 from trunk:
core: factor out DEFAULT_HANDLER_NAME
Submitted by: jailletc36
Reviewed by: ylavic, trawick
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610017 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:13:08 +0000 (18:13 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610016 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:08:09 +0000 (18:08 +0000)]
Merge r1597349,
1598107 ,
1603915 ,
1605827 ,
1605829 from trunk:
mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys.
Submitted by: rpluem, jorton
Reviewed by: ylavic, kbrand
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610014 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 17:53:03 +0000 (17:53 +0000)]
Merge r1602338 from trunk:
Fix PR 56480: PROPFIND walker doesn't encode hrefs properly
Reverts r1529559 partially (specifically the dav_xml_escape_uri) bit.
Reverts r1531505 entirely.
* modules/dav/main/mod_dav.c
(dav_xml_escape_uri): Revert the piece of r1529559 that removes the URI
escaping from this function.
* modules/dav/main/props.c
(dav_do_prop_subreq): Escape the URI before doing a sub request with it.
This resolves some properties like getcontenttype from failing to be
returned for files that contain characters that require encoding in their
path.
* modules/dav/main/mod_dav.h
(dav_resource): Note the inconsistency in the documentation.
* modules/dav/fs/repos.c
(dav_fs_get_resource): Don't use the unparsed_uri to set the uri field of
the resource. This is the correct fix for the double encoding in mod_dav_fs
that led to the dav_xml_escape_uri() change and r1531505.
(dav_fs_walker, dav_fs_append_uri): Revert r1531505 changes.
Submitted by: breser
Reviewed by: ylavic, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610013 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 17:49:50 +0000 (17:49 +0000)]
merge r1608284 from trunk:
The SNI callback already logs a debug message when the vhost
is found or no vhost matches. Log one when no name is provided
by the client.
Submitted by: trawick
Reviewed by: covener, minfrin
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610010 13f79535 -47bb-0310-9956-
ffa450edef68
Graham Leggett [Sat, 12 Jul 2014 16:59:31 +0000 (16:59 +0000)]
Vote for SNI goodness, promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609994 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 15:08:45 +0000 (15:08 +0000)]
various improvements to error handling
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609941 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 12 Jul 2014 12:20:44 +0000 (12:20 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609907 13f79535 -47bb-0310-9956-
ffa450edef68
Kaspar Brand [Sat, 12 Jul 2014 06:04:17 +0000 (06:04 +0000)]
vote for mod_ssl DH params leak fix, comment
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609883 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Fri, 11 Jul 2014 20:47:34 +0000 (20:47 +0000)]
It has been the week of SNI for me believe it or not...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609831 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Wed, 9 Jul 2014 14:33:57 +0000 (14:33 +0000)]
Votes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609177 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Wed, 9 Jul 2014 11:44:35 +0000 (11:44 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609111 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Wed, 9 Jul 2014 11:42:54 +0000 (11:42 +0000)]
XML Update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609110 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Wed, 9 Jul 2014 11:07:21 +0000 (11:07 +0000)]
Fix C99 (or later only) comment.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1609100 13f79535 -47bb-0310-9956-
ffa450edef68
Ben Reser [Wed, 9 Jul 2014 01:43:14 +0000 (01:43 +0000)]
Nominate the PR 56480 fix for 2.4.x backport.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608980 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 8 Jul 2014 19:21:31 +0000 (19:21 +0000)]
merge comment clarification from trunk r1608785
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608909 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 8 Jul 2014 19:19:22 +0000 (19:19 +0000)]
Merge r1606368 and r1607352 from trunk:
Follow up to r1527220/r1588852:
Implement better error checking/reporting around notification of abrupt parent
process termination.
It is likely that something bad is happening here based on these
user reports:
https://www.apachelounge.com/viewtopic.php?p=27848
http://mail-archives.apache.org/mod_mbox/httpd-users/201406.mbox/%3CCAC%2BRZnuwLD%2BJnoy2TYO8oeAWt6bFLMa%3DEhfDf9hS3cuuGUHXAw%40mail.gmail.com%3E
w-up to r1606368: HANDLE is PVOID which is void * (fix format string)
Submitted by: trawick
Reviewed by: covener, gsmith
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608907 13f79535 -47bb-0310-9956-
ffa450edef68
Gregg Lewis Smith [Tue, 8 Jul 2014 18:48:43 +0000 (18:48 +0000)]
I heart Windows!
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608893 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Tue, 8 Jul 2014 16:00:45 +0000 (16:00 +0000)]
vote for debug win32 stuff
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608836 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 8 Jul 2014 13:48:56 +0000 (13:48 +0000)]
Ch-ch-changes for r1608759.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608780 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 8 Jul 2014 13:42:22 +0000 (13:42 +0000)]
I heart Windows?
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608779 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:16:44 +0000 (13:16 +0000)]
bacported
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608763 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:16:27 +0000 (13:16 +0000)]
Merge r1588519 from trunk:
mod_proxy: When ping/pong is configured for a worker, don't send or forward
"100 Continue" (interim) response to the client if it does not
expect one.
Submitted by: ylavic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608762 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:14:34 +0000 (13:14 +0000)]
Merge r1572561 from trunk:
Avoid useless functions calls.
Submitted by: ylavic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608760 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:14:08 +0000 (13:14 +0000)]
Merge r1537535 from trunk:
For better compatibility with mod_nss:
* modules/ssl/ssl_engine_config.c (ssl_config_server_new): Default
sc->enabled to UNSET.
* modules/ssl/ssl_engine_init.c (ssl_init_Module): Only override
sc->enabled based on the protocol iff sc->enabled is UNSET; allows
"SSLEngine off" to override the Listen-based default.
Submitted by: jorton
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608759 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:13:49 +0000 (13:13 +0000)]
Merge r1583191, r1584098, r1584665, r1591401 from trunk:
mod_ssl: send OCSP request's nonce according to SSLOCSPUseRequestNonce on/off. PR 56233.
mod_ssl: follow up to r1583191.
New SSLOCSPUseRequestNonce directive's manual and CHANGES.
Non functional code changes (modssl_ctx_t's field ocsp_use_request_nonce
grouped with other OCSP ones, nested if turned to a single AND condition).
Remove SSLOCSPUseRequestNonce OpenSSL-0.9.7 requirement (0.9.8 already required by httpd-2.4) and set availability to 2.5-dev until further notice.
mod_ssl: follow up to r1583191.
Use type BOOL for modssl_ctx_t's field ocsp_use_request_nonce.
Suggested by: kbrand.
Submitted by: ylavic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608758 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:12:40 +0000 (13:12 +0000)]
Merge r1561385 from trunk:
Remove wonky and unneeded code. We have access
cross forks, so child processes have access.
When we need true external access, this is something
that APR shm must provide. We should have no
knowledge of APR internals.
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608757 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:11:54 +0000 (13:11 +0000)]
promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608756 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 8 Jul 2014 13:11:15 +0000 (13:11 +0000)]
votes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608754 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 8 Jul 2014 12:25:00 +0000 (12:25 +0000)]
some aspects of mod_ssl are trivial
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608747 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 8 Jul 2014 12:14:22 +0000 (12:14 +0000)]
Propose another.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608741 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 8 Jul 2014 12:04:06 +0000 (12:04 +0000)]
Vote, promote, propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1608739 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 5 Jul 2014 00:25:10 +0000 (00:25 +0000)]
propose a pair of fixes to make LDAPConnectionPoolTTL more
conservative.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1607962 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 28 Jun 2014 12:45:23 +0000 (12:45 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1606336 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 28 Jun 2014 12:43:22 +0000 (12:43 +0000)]
XML Updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1606333 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 28 Jun 2014 05:39:34 +0000 (05:39 +0000)]
fix c++/c99 comment
r1604353 in trunk
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1606297 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Thu, 26 Jun 2014 00:28:48 +0000 (00:28 +0000)]
add PR to entry for event MPM fix
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605642 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Thu, 26 Jun 2014 00:24:44 +0000 (00:24 +0000)]
Merge r1592037 from trunk:
mod_proxy_fcgi: Fix occasional high CPU when handling request bodies.
Submitted by: trawick
Reviewed by: covener, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605639 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Thu, 26 Jun 2014 00:07:56 +0000 (00:07 +0000)]
Promote r1592037.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605638 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 25 Jun 2014 22:01:31 +0000 (22:01 +0000)]
Backport r1604350 and r1605067 from trunk:
* event MPM: fix a race where a worker looks at a conn_rec after it might be
in use by another thread or may have been freed and
re-allocated.
Submitted By: Edward Lu
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605619 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 25 Jun 2014 21:58:31 +0000 (21:58 +0000)]
Merge r1497371 from trunk:
authnzldap: support "none" as a filter to suppress using a search filter,
which is required by some mainframe security products serving native
registry over LDAP.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605618 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Wed, 25 Jun 2014 21:19:43 +0000 (21:19 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605606 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Wed, 25 Jun 2014 06:41:09 +0000 (06:41 +0000)]
mod_lua backport: Make httpd find lua 5.2 headers/lib during configure if present on the system (mod_lua is fully compatible with 5.2).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605276 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 25 Jun 2014 00:46:48 +0000 (00:46 +0000)]
votes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605232 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 24 Jun 2014 22:59:52 +0000 (22:59 +0000)]
200-700% CPU during post-body-across-LAN testcase without
the busy-loop patch, 3.6-4.7% CPU with the busy-loop patch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605214 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Tue, 24 Jun 2014 22:02:10 +0000 (22:02 +0000)]
Comments.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605210 13f79535 -47bb-0310-9956-
ffa450edef68
Nilgun Belma Buguner [Tue, 24 Jun 2014 05:53:21 +0000 (05:53 +0000)]
update transformations.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605010 13f79535 -47bb-0310-9956-
ffa450edef68
Nilgun Belma Buguner [Tue, 24 Jun 2014 05:51:46 +0000 (05:51 +0000)]
update for sync with English docs.
Translated by: Nilgün Belma Bugüner <nilgun belgeler.gen.tr>
Reviewed by: Orhan Berent <berent belgeler.gen.tr>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605009 13f79535 -47bb-0310-9956-
ffa450edef68
Nilgun Belma Buguner [Tue, 24 Jun 2014 05:35:47 +0000 (05:35 +0000)]
fixed build
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1605004 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 23 Jun 2014 13:07:22 +0000 (13:07 +0000)]
a few more votes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604789 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 23 Jun 2014 12:53:45 +0000 (12:53 +0000)]
remove proposal, this block of code is removed in 2.4 now and Rainer
agreed in the thread following r1583175
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604787 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sun, 22 Jun 2014 18:16:21 +0000 (18:16 +0000)]
Merge r1604631 from trunk:
Follow up to r1604336: Comment out hooks whose only references are
now commented out, fixing a "-Wunused-function" warning
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604633 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 22 Jun 2014 14:16:43 +0000 (14:16 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604588 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 22 Jun 2014 14:13:54 +0000 (14:13 +0000)]
XML update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604587 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 22 Jun 2014 14:07:28 +0000 (14:07 +0000)]
XML Update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604583 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 22 Jun 2014 14:03:36 +0000 (14:03 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604582 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 22 Jun 2014 13:59:49 +0000 (13:59 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604581 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sun, 22 Jun 2014 05:34:36 +0000 (05:34 +0000)]
Add some compatibilty notes for some options of "support" applications
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604534 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Sat, 21 Jun 2014 21:56:34 +0000 (21:56 +0000)]
Vote for r1604350.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604469 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 21:24:32 +0000 (21:24 +0000)]
Merge r1604461 from trunk:
Follow-up to r1601076: Provide documentation for -m option.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604463 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 21:22:35 +0000 (21:22 +0000)]
silly typo
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604462 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Sat, 21 Jun 2014 21:13:45 +0000 (21:13 +0000)]
Merge r1572092 from trunk:
mod_deflate: fix decompression of files larger than 4GB. According to RFC1952,
Input SIZE (compLen) contains the size of the original input data modulo 2^32.
PR: 56062
Submitted by: Lukas Bezdicka
Reviewed by: jkaluza, ylavic, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604460 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Sat, 21 Jun 2014 21:07:36 +0000 (21:07 +0000)]
Merge r1572655, r1572663, r1572668, r1572669, r1572670, r1572671, r1573224, r1586745, r1587594, r1587639, r1590509 from trunk.
Commit 1 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Handle Zlib header buffering in the inflate output filter :
- add the new deflate_ctx_t fields needed to re-enter the Zlib header parsing,
- introduce the new consume_zlib_flags() function to parse/consume the ZLib flags (will be used by the other filters too),
- use it to handle incomplete header in the output filter (deflate).
This alone fixes PR 55666, but the issue remains for PR 46146 (inflate/deflate input filters), hence the following patches.
Commit 2 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Handle Zlib header buffering in the inflate input filter :
- loop until all the header is received,
- handle non blocking reads returning empty brigade,
- fix a double ap_get_brigade() when an EOS brigade is encountered while reading the header,
- in that case and no data was received so far, don't return an error but SUCCESS with the EOS, otherwise fail,
- don't remove the Content-Length and Content-MD5 headers until some data is read.
Still does not handle Zlib flags for now, next commits.
Commit 3 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Handle Zlib validation bytes buffering (CRC + length) in the inflate input filter :
- use validation_buffer and validation_length as state,
- loop until all the bytes are received.
Commit 4 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Handle non blocking reads which would block in the inflate input filter (not an error).
Commit 5 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Handle Zlib flags in the inflate input filter as in the output filter, using consume_zlib_flags().
Commit 6 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_deflate's output and input filters.
PR 46146 (patches from duplicated PR 55666)
Ignore empty buckets and split buckets longer than INT_MAX (since zlib uses 32-bit ints only) in all filters.
mod_deflate: when consuming zlibs flags, APR_INCOMPLETE implies no more bytes available.
mod_deflate: update empty log tags.
mod_deflate: Delay INFLATE input filter's self removal until all the buffered
buckets are out (including EOS). PR 46146.
mod_deflate: Don't return gzip-ed data when reading FLUSH bucket in INFLATE
input filter, forward the FLUSH but keep reading should EOS/more
follow (should not happen, but mod_deflate won't fix it).
mod_deflate: follow up to r1587639.
Don't break the looped brigade when moving the FLUSH bucket to the returned bb
and continue reading.
Reviewed by: ylavic, jim, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604458 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 13:57:13 +0000 (13:57 +0000)]
doc xforms
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604385 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 13:55:10 +0000 (13:55 +0000)]
Merge r1604382 from trunk:
Follow up r1573626 with some wordsmithing, a compatibility note,
and indentation.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604383 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 13:47:30 +0000 (13:47 +0000)]
Merge r1573626 from trunk:
mod_proxy: Allow reverse-proxy to be set via explicit handler.
Submitted by: ryo takatsuki <ryotakatsuki gmail com>
Reviewed by: ylavic, jim, mrumph
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604378 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 13:41:28 +0000 (13:41 +0000)]
Merge r1601076 from trunk:
ab: support custom HTTP method with -m argument.
PR: 56604
Submitted by: Roman Jurkov <winfinit gmail.com>
Reviewed by: ylavic, trawick, covener
(r1601680 and r1601700 not reflected in mergeinfo due to
a collision with an unrelated trunk change)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604373 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 21 Jun 2014 13:36:49 +0000 (13:36 +0000)]
merge
1592032 from trunk:
mod_proxy_fcgi: better error messages, and fix an old bug where the error
condition was forgotten
Submitted by: trawick
Reviewed by: ylavic, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604369 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 21 Jun 2014 13:25:10 +0000 (13:25 +0000)]
promotions
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604362 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 21 Jun 2014 13:21:56 +0000 (13:21 +0000)]
votes and more votes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604358 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 21 Jun 2014 13:13:10 +0000 (13:13 +0000)]
propose another fix unsafe c->sbh = NULL
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604352 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 21 Jun 2014 11:21:04 +0000 (11:21 +0000)]
mod_lua: Backport disabling of early/late in LuaHookCheckUserID
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604340 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Sat, 21 Jun 2014 11:19:40 +0000 (11:19 +0000)]
mod_lua: Sync 2.4.x with trunk (more or less); Backport a fix and some code harmonization:
- IVM changed to use shm
- More verbose error logging (no functional change)
- Miscellaneous refactoring that was in trunk but not in 2.4.x (no functional change as such)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604339 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Fri, 20 Jun 2014 05:45:58 +0000 (05:45 +0000)]
Trivial 2.4.x vs trunk synch.
Stray whitespace (r1602730 in trunk)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1604089 13f79535 -47bb-0310-9956-
ffa450edef68
Mike Rumph [Thu, 19 Jun 2014 17:27:19 +0000 (17:27 +0000)]
Vote on mod_proxy proposal.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1603966 13f79535 -47bb-0310-9956-
ffa450edef68