Doug MacEachern [Thu, 16 Aug 2001 03:58:16 +0000 (03:58 +0000)]
enable ssl Translate, UserCheck, Access and Auth hooks
add support for renegotiation during the Access hook
this requires hooking into the read and write SSL BIOs in order to
flush data to the client and read from the filter chain
this also requires that the ssl filters become "aware" that
renegotitation is in progress so that the BIOs are left alone for
SSL_renegotiate/SSL_do_handshake in ssl_hook_Access to deal with
Ken Coar [Thu, 16 Aug 2001 01:46:50 +0000 (01:46 +0000)]
Add CookieDomain directive to allow setting of the Domain=
cookie attribute; add CookieStyle to allow specification of
cookie syntax: Netscape (default), Cookie or RFC2109, or
Cookie2 or RFC2965. We have historically supported only the
obsolete Netscape syntax.
PR: several against 1.3
Obtained from: brought forward from 1.3
Jeff Trawick [Wed, 15 Aug 2001 14:06:27 +0000 (14:06 +0000)]
Tweak server/Makefile so that the rules for generating exports.c
are compatible with make utilities which don't expand wildcards
in a dependency list (e.g., OS/390 make, certain levels of GNU
make).
> 1. Cleaned the ApacheMonitor code a little bit.
> 2. Removed two icons apmall.ico and apsrvmon.ico
> 3. Added option to recognize the Apache*.exe (e.g. Apache-1.3.20.exe)
> 4. Removed AboutBox
> 5. Changed refresh time to 2/20 sec.
Submitted by: Mladen Turk <mladen.turk@mail.inet.hr>
Doug MacEachern [Tue, 14 Aug 2001 17:03:03 +0000 (17:03 +0000)]
need to check return value of ssl_hook_process_connection
if != APR_SUCCESS the ssl connection has been shutdown
(for example client cert was revoked)
PR:
Obtained from:
Submitted by:
Reviewed by:
Joshua Slive [Mon, 13 Aug 2001 20:23:21 +0000 (20:23 +0000)]
Lots of small config file changes including:
- Beat everything down to less than 80 character lines.
- Revise the comments for the DSO section to eliminate mention
of ordering problems.
- Add LoadModule lines for all extension modules, commented out.
Note that it is very difficult in the current ./configure
system to make the base modules DSOs, so I didn't include those.
- Remove ServerType comments.
- Add "deny from all" to the root directory container. The comments
indicate that it should be there.
- Delete a little (in my opinion) excess verbosity in the
description of the .htacess download blocker.
- Remove the CacheNegotiatedDocs directive. It was wrong,
and is obscure enough that people should probably just look
it up in the docs.
- Make the example for Redirect a little more explicit
- Change the examples and descriptions for READMENAME/HEADERNAME
since, if multiviews are off, they haven't worked as described
since 1.3.something.
- Remove the phf trap example. This is very old and probably
worthless.
Jeff Trawick [Mon, 13 Aug 2001 18:24:53 +0000 (18:24 +0000)]
change the name of AP_MPM_NEEDS_RECLAIM_CHILD_PROCESSES to
be more consistent with similar names added recently; this
also cleans up an #if/#ifdef discrepency
Jeff Trawick [Mon, 13 Aug 2001 16:42:13 +0000 (16:42 +0000)]
(hopefully) get WinNT MPM to build using mpm_common.c code; a few notes:
. the selection of ap_sock_disable() is certainly ugly, but that may
need to be cleaned up in a different manner...
. the directive functions couldn't be AP_DECLARE() if they are to be
compatible with AP_INIT_TAKExxx(); this is an old restriction
Ryan Bloom [Mon, 13 Aug 2001 04:57:35 +0000 (04:57 +0000)]
Begin to sanitize the MPM configuration directives. Now, all
MPMs use the same functions for all common MPM directives. This
should make it easier to catch all bugs in these directives once.
Everybody should check their favorite MPM to ensure that it still
compiles, and that these directives work. This is a big patch, and
although it looks good, and things compiled for me, that is no
garauntee that it will work on all platforms. :-)
Ryan Bloom [Mon, 13 Aug 2001 04:25:43 +0000 (04:25 +0000)]
Close a major resource leak. Everytime we had issued a
graceful restart, we leaked a socket descriptor.
The listening sockets should not be set inheritable, at least
not at this point. We only want some of the httpd children to
inherit the socket. Namely, those that will be actually serving
requests. Any other child process (piped logs), should not be
inheriting the sockets.
Chuck Murcko [Sun, 12 Aug 2001 21:24:35 +0000 (21:24 +0000)]
Make the body read in proxy http handler nonblocking. There's no sense
in serializing 4-8 client connections into a single origin server
connection, as is the blocking behavior.
Added instrumentation that we don't want compiled in normally to assist in
debugging chunking problems. apr_get_brigade is apparently blocking during
chunked body fetch, or proxy_http_handler is getting deadlocked with
the dechunk filter. Show PID for prefork debugging. We'll figure out
getting TIDs later.
Change the MaxSpareThreads to 150 for threaded MPM. This mirrors the new
prefork setting and removes the default case where we would spawn three
children, but kill two of them immediately because MaxSpareThreads was
set to 10 (only one children can be supported with the old value).
Please note that I don't have email access as eBuilt's servers are AWOL
this weekend (none of us have the desire to go in a fix the servers for
semi-obvious reasons). I'm trying to keep up on posts via apachelabs.org.
So, if you want to change this, just go ahead and commit the changes...
Ryan Bloom [Sat, 11 Aug 2001 04:04:13 +0000 (04:04 +0000)]
Fix the new method code. We need to cast 1 to an apr_int64_t or it will
be treated as a 32-bit integer, and it will wrap after being shifted
32 times.
Submitted by: Cody Sherr <csherr@covalent.net> and
Ryan Morgan <rmorgan@covalent.net>
Greg Ames [Fri, 10 Aug 2001 20:16:54 +0000 (20:16 +0000)]
hot and muggy in Raleigh (i.e., it's August)
De-emphasize some daedalus problems that don't seem so important any more.
I haven't tried the mod_cgid/suexec thing in ages.
<knocks on wood> We haven't seen a core dump on daedalus since the 2.0.22
tarball went live over a week ago. It's got an APR circumvention for
an apparent FreeBSD sendfile bug. Once I'm 100% confident we've nailed
the problem, I'll post this patch to the APR list.
The 0x30303030 seg fault after restart problem is just gone. OtherBill may
have fixed this one with the inherit stuff...dunno.
Ryan Bloom [Fri, 10 Aug 2001 18:35:08 +0000 (18:35 +0000)]
This should fix the remaining problems with POST. Basically, we
add a new macro, called APR_BRIGADE_NORMALIZE. This macro searches
all the buckets, and removes any zero length bucket. They we can
just use APR_BRIGADE_EMPTY to determine if our brigade has any data,
and we can quickly call ap_get_brigade if it doesn't.
Doug, please throw your battery of tests at this to make sure it works.
Ryan Bloom [Fri, 10 Aug 2001 05:29:09 +0000 (05:29 +0000)]
Fix a bug in mod_expires. Previous to this patch, if you
told mod_expires to add 604800 seconds to the last-modified
time, it actually added 604800 usec's to the last-modified time,
so that when looking at the response it looked like nothing
had been done. The root of the problem was that we always compute
time in usec's, but we ask users to input sec's. This means we
need to convert to usec's before using those values.
CS: Obtained from:
Ryan Bloom [Fri, 10 Aug 2001 05:00:27 +0000 (05:00 +0000)]
The worker MPM now handles shutdown and restart requests. It
definately isn't perfect, but we do stop the servers correctly.
The biggest problem right now is that SIGHUP causes the server to
just die.
Ryan Bloom [Thu, 9 Aug 2001 04:56:23 +0000 (04:56 +0000)]
If we are going to get the length of a brigade, it helps if that
brigade has data. To that end, if we have just expanded ctx->b, we need
to concat ctx->b to the end of b, so that b has something to pass
back to the previous filter.
This fixes the problem with the proxy not proxying non-keepalive
connections.
Ryan Bloom [Thu, 9 Aug 2001 04:21:26 +0000 (04:21 +0000)]
Handle the -1 case in ap_http_filter. -1 means that we have to read
all data from the socket until the socket is closed. This has been
used to proxy www.google.com successfully, but it doesn't return anything
when used with www.yahoo.com. Still debugging that problem.
Ryan Bloom [Wed, 8 Aug 2001 15:42:08 +0000 (15:42 +0000)]
Re-apply the patch from yesterday that makes ap_http_filter use
apr_brigade_partition. In order to do this cleanly, I had to make
some changes to the apr_brigade_partition API, so this also adds fixes
all of the calls to that function throughout the server.
Roy T. Fielding [Wed, 8 Aug 2001 02:26:05 +0000 (02:26 +0000)]
Apache Monitor's tray code does not notify Windows to remove it from the
tray when the process is destroyed. Just needed to add a call to remove
the tray icon before PostQuitMessage(0).
Also show "MS Windows XP" instead of "Whistler".
Submitted by: Jerry Baker <jerrybaker@weirdness.com>
Greg Ames [Tue, 7 Aug 2001 22:28:51 +0000 (22:28 +0000)]
clean up the scoreboard properly after threaded processes die gracefully.
find_child_by_pid() failed to do its job, because ap_max_daemons_used was
too low. There was some recent breakage in threaded that contributes to
the problem.
However, find_child_by_pid() should not be using the current number of
daemons. It could have been recently reduced, which makes it fail to
find the exiting process.
Ian Holsman [Tue, 7 Aug 2001 21:46:47 +0000 (21:46 +0000)]
change readbytes from a apr_size_t to a apr_off_t to match the parameter
required in ap_get_brigade
Submitted by: barbee@veribox.net
Reviewed by: ianh@apache.org
Ian Holsman [Tue, 7 Aug 2001 21:18:03 +0000 (21:18 +0000)]
change the parameter to ap_get_brigade from apr_site_t to apr_off_t, due to
a parameter change in the original filter.
PR:
Submitted by: barbee@veribox.net
Reviewed by: ianh@apache.org
Ryan Bloom [Tue, 7 Aug 2001 17:57:44 +0000 (17:57 +0000)]
Greatly simplify the ap_http_filter logic, by using the
apr_brigade_partition function. This should also remove a warning from
the Windows build, because apr_off_t and apr_size_t aren't the same
size.
Ryan Bloom [Tue, 7 Aug 2001 16:56:32 +0000 (16:56 +0000)]
Update the README so that it reflects just what Apache is today, and so
that it is correct about where things reside.
Submitted by: Joshua Slive <joshua@slive.ca>
All mod_autoindex query parsing is now quietly quashed with the
IndexOption IgnoreClient. The IndexOption SuppressColumnSorting
still drops the column sort <a href>'s for the column headers, but
IgnoreClient is required to ignore these Query options entirely.
Introduced new mod_autoindex query argument parsing for F=[0|1|2]
to allow the client to select plain, FancyIndexing or HTMLTable
formatting, V=[0|1] to inhibit or enable version sorting, and
P=pattern to return only specific files. The old Query Arguments
were reorganized as C=f for sorting column 'f' (same N, D, S, or M
as before), and O=A|D for ordering ascending or descending.
Docs and an Example are provided in mod_autoindex.html
Cliff Woolley [Tue, 7 Aug 2001 08:02:42 +0000 (08:02 +0000)]
Fixed an error in ap_ssi_get_tag_and_value(). It was not placing the
null terminator in the right spot for the tag_val if the value contained
backslashes. This caused #if, #elif, and #else expressions with backslashes
to be incorrectly evaluated.
Introduced new mod_autoindex IndexOptions flags; SuppressIcon to
drop the icon column and SuppressRules to drop the <hr> elements.
These are necessary for HTML 3.2 final formatting rules.
Introduced HTMLTable to create rudimentary HTML table listings
(implies FancyIndexing). Necessary for alternate charsets, since
the columns are borked by multibyte characters.
Re-Introduced the mod_autoindex IndexOptions flag TrackModified
from Apache 1.3.15. This is needed for two reasons, first, given
multiple machines within a server farm, ETags and Last-Modified
stamps won't correspond from machine to machine, and second, many
Unixes don't capture changes to the date or time stamp of existing
files, since these don't modify the dirent itself.
[Originally for 1.3 by me]
Re-Introduced the mod_autoindex InextOptions flag FoldersFirst
and DirectoryWidth options from Apache 1.3.10.
[Originally for 1.3 by Ken Coar]
A debatable change, to return (an absolute) 404 if some of the extentions
of every matching file isn't decodable by mod_mime, instead of 500.
Adopted 404 as the result, per Roy Fielding.
Thanks goes to Manoj, while commenting on another issue, for triggering
this idea. If we find files matching (e.g. index.html.bak matches
index.html) but they are rejected because we don't understand them
(e.g. they are a directory, or .bak isn't a mod_mime recognized extension)
then Error 500 out of here, with a note for the system administrator
explaining that index.html matches some files, but their extensions
cannot be grokked. No more (unintentional, or situational) autoindex :)
projects / apache / log