Fix a case where on restart, an admin started logging, and the logging
code waited to start until the second pass (assuming we were just starting
up) to open the log file. Also fix a typo.
Jeff Trawick [Mon, 27 Aug 2001 20:48:00 +0000 (20:48 +0000)]
Fix a growing connection pool in core_output_filter() for
keepalive requests. We were allocating a brigade out of the
connection pool; the number of these brigades allocated
per connection was theoretically unlimited.
Paul J. Reder [Mon, 27 Aug 2001 20:25:42 +0000 (20:25 +0000)]
Moved split_and_pass_pretag_buckets back to being a
macro at Ryans's request. Removed the return from it
by setting and returning a return code instead. Updated
the code to check the return code from teh macro and
do the right thing.
Ryan Bloom [Mon, 27 Aug 2001 17:21:29 +0000 (17:21 +0000)]
- allows empty $val from httpd-2.0/build/config_vars.mk
- make code more perlish.
- read and parse the config file only once
- use a hash instead of array for the list of internal config vars to
test against
- added -h option (just print usage)
- wrapped numerous print STDERR calls into a simpler error() and
notice() subs
- simplified some of the logic in if's using perl constructs.
Cliff Woolley [Mon, 27 Aug 2001 14:43:19 +0000 (14:43 +0000)]
The consensus now is that mod_include should just butt out of any decisions
about what to do with different request methods. It's true that mod_include
in 1.3.x did not allow POST, but back then it was a handler. Now it's a
filter and can be used to filter the output of dynamically generated responses,
even ones resulting from a POST request. So if mod_include is in the filter
stack, it should just blindly parse the brigade regardless of request method.
This still fixes the security problem, it just fixes it by being more flexible
rather than less so.
Ryan Bloom [Mon, 27 Aug 2001 06:00:51 +0000 (06:00 +0000)]
Allow mod_ssl to send back an error message if an HTTP request is sent
over an HTTPS connection. This also adds an ap_remove_input_filter
function, which should be used to remove the SSL input filter in this
case, as soon as this code is stressed a bit more.
For right now, we are sending the same message that we used to send in
mod_ssl for Apache 1.3.
Clean up location_walk, so that this step performs a minimum
amount of redundant effort (it must be run twice, but it will no
longer reparse all <Location > blocks when the request uri
hadn't changed.)
The location walk block is refactored, with some significant changes
in variable names for legibility. Cooler still, it uses pool data
instead of 'notes' for the important cache info :)
Note the patch builds the <Location > per dir config from _nothing_,
and then merges it into the per_dir_config. When the underlying
per_dir_config changes between passes, the location_walk can simply
tack back on this preconstruct onto the new per_dir_config.
Doug MacEachern [Sun, 26 Aug 2001 18:57:16 +0000 (18:57 +0000)]
ap_content_length_filter has already set Content-Length
before ap_set_keepalive is called. need to remove this check
in order for keepalives to work.
PR:
Obtained from:
Submitted by:
Reviewed by:
Ryan Bloom [Sun, 26 Aug 2001 06:25:00 +0000 (06:25 +0000)]
Improvements to APXS. It now uses the config_vars.mk variables to
figure out how to build stuff. It uses the Apache build system for
the generated module, but not for command line builds. Maybe I'll fix
that one day. If somebody wants to beat me to it, that would be cool.
Doug MacEachern [Sun, 26 Aug 2001 06:01:59 +0000 (06:01 +0000)]
these modules were never built and had not been ported to 2.0
they have been ported and moved to httpd-test
PR:
Obtained from:
Submitted by:
Reviewed by:
Eliminate proxy: (and all other 'special') processing from the
ap_directory_walk() phase. Modules that want to use special
walk logic should refer to the mod_proxy map_to_location example,
with it's proxy_walk and proxysection implementation. This makes
either directory_walk flavor much more legible, since that phase
only runs against real <Directory > blocks.
On a technical note, this patch also forces the Directory to be
canonical (unless it is "/" or a regex.) It also allows us to
be more explicit when declaring <Directory > block errors.
Readded "downgrade-1.0" which I (inadvertantly) pulled with the
map_to_storage patch. I knew it had to have a better home, and
it sure looks like this is it.
Split proxy: space using <Proxy[Match] > directive blocks from
the <Directory[Match] > and <Files[Match] > blocks. Mod_proxy
now bypasses the directory and files testing phase (and skips
the http TRACE default handler on it's own, as well). Note that
<Location > blocks continue to be processed for proxy: requests.
Remaining questions include canonicalization and case folding
of proxied uri space, prior to the proxy_walk testing and the
second <Location > walk.
Doug MacEachern [Sun, 26 Aug 2001 01:17:32 +0000 (01:17 +0000)]
i think the answer to aaron's question is "a typo". otherwise there is
actually 1 less thread available to serve requests than configured.
PR:
Obtained from:
Submitted by:
Reviewed by:
Introduce the map_to_storage hook, which allows modules to bypass
the directory_walk and file_walk for non-file requests. TRACE
shortcut moved to http_protocol.c as APR_HOOK_MIDDLE, and the
directory_walk/file_walk happen as APR_HOOK_VERY_LAST in core.c.
A seperate patch to mod_proxy is required to short circuit both the
TRACE and directory_walk/file_walk stuff. That patch is next.
Ryan Bloom [Sat, 25 Aug 2001 05:26:05 +0000 (05:26 +0000)]
Add the ability for mod_include to add the INCLUDES filter
if the file is configured for the server-parsed handler.
This makes the configuration for .shtml files much easier
to understand, and allows mod_include to honor Apache 1.3
config files. Based on Doug MacEachern's patch to PHP
to do the same thing.
Doug MacEachern [Fri, 24 Aug 2001 23:25:14 +0000 (23:25 +0000)]
force OpenSSL to ignore process local-caching and to always
get/set/delete sessions using mod_ssl's callbacks
PR:
Obtained from:
Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>
Reviewed by: dougm
Cliff Woolley [Fri, 24 Aug 2001 20:27:40 +0000 (20:27 +0000)]
Fix a double-free condition when byterange requests are made on brigades
containing any bucket that cannot be copied natively (ie, pipe or socket
buckets).
Before, we were reading that bucket to morph it to a heap bucket and then
taking the str that heap bucket points to and placing it in a second,
completely separate heap bucket. That means we'd have two apr_bucket/
apr_bucket_heap pairs each with a refcount of 1 (rather than two apr_buckets
and a single apr_bucket_heap with a refcount of 2). str would then be
doubly-freed when the second of those two buckets was destroyed.
Commit this code before another patch becomes to difficult to follow.
This patch does one thing, it changes the root path "/" to reflect an
element count of Zero (0). directory_walk will always accept the zero
element (which sorts first, thankfully) on it's first go around.
So, Unix will accept "/" when it's parsing it's first element "/".
Dos/Win32 will accept "/" and "C:/" when they parse their first element,
"C:/". The root sorted first, so it behaves as users expect.
The syntax "//" or "//machine" will be depreciated for now, the user
needs to set up the extact "//machine/share/" that they want served
on Win32.
Doug MacEachern [Fri, 24 Aug 2001 04:16:57 +0000 (04:16 +0000)]
only set the crypto locking callback if mpm is threaded
get rid of some warnings introduced by the original patch
PR:
Obtained from:
Submitted by:
Reviewed by:
Add the config of the ForceLanguagePriority directive, since we seem
to agree on what it does. My last question is where do I force this
behavior without tons of extra filesystem/cpu consumption?
Jeff Trawick [Fri, 24 Aug 2001 03:04:44 +0000 (03:04 +0000)]
buffer .var maps to avoid asking the kernel for one byte at a
time
note that a system trace of .var map processing still shows an
extra read() after we hit EOF the first time; we could make
use of the EOF flag in APR to avoid the read() or play with
mod_negotiation
Revert this patch. It indicates some fundamental brokenness with the
apr_filepath_root() fn, which should simply return '/' for an absolute
path on (most) unix, and advance the path pointer to the first non-'/'
character [if only Win32 and others were so simple ;-]
Cliff Woolley [Fri, 24 Aug 2001 01:26:31 +0000 (01:26 +0000)]
I don't know if this is the Right Way, but it certainly does make things
work better right now. httpd-test is much much happier with this patch
(ie, we can serve pages again :) I'm still seeing issues with mod_include,
but that's probably a different problem... will investigate.
Increase security in core.c by testing (as we merge the path) that the
URI does not go above the DocumentRoot (as defined by the OS, not by
the URI specification), and give us the true name.
When we are done, note the name is canonical for directory_walk.
Whoops. To explain, we won't dup filename unless it really didn't match
in the first place. We are about to abuse test_filename, so don't try
using that copy.
Add a canonical_filename value (should remain the r->filename identity)
so we can tell if a 3rd party module broke the canonical form of the
filename by not calling apr_filepath_merge().